Skip to content

Commit 084e1da

Browse files
Merge pull request #145 from helmo/malware-uploadform
New malware form file upload example
2 parents cd70b7a + e39ef01 commit 084e1da

2 files changed

Lines changed: 23 additions & 0 deletions

File tree

src/Signatures.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3510,6 +3510,7 @@ class Signatures
35103510
'preg_match\\("/\\$engines/"\\s*,\\s*\\$_SERVER',
35113511
'preg_match\\("/\\$spider/"\\s*,\\s*\\$uagent',
35123512
'echo\\s*eval\\s*/\\*\\*/\\s*\\(\'\\?>\'\\s*\\.\\s*join\\(""\\s*,\\s*file',
3513+
'move_uploaded_file.*\\$_FILES\\["filename"\\]\\["tmp_name"\\].*\\$_FILES\\["filename"\\]\\["name"\\]',
35133514
];
35143515

35153516
/**
Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
<html>
2+
<head>
3+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
4+
<title><?php echo $_SERVER['HTTP_HOST']; ?></title>
5+
</head>
6+
<body>
7+
8+
9+
<form method="post" enctype="multipart/form-data">
10+
<input type="file" name="filename">
11+
<input type="submit" value="submit">
12+
</form>
13+
14+
<?php
15+
if (is_uploaded_file($_FILES['filename']['tmp_name'])) {
16+
move_uploaded_file($_FILES['filename']['tmp_name'], $_FILES['filename']['name']);
17+
$file = $_FILES['filename']['name'];
18+
echo "<a href=\"$file\">$file</a>";
19+
}
20+
?>
21+
</body>
22+
</html>

0 commit comments

Comments
 (0)