ubuntu curl upload file to apache2 server

ubuntu curl upload file to apache2 server

Table of Contents

1. install

2. get web info

3. set php upload conditions

3.1. ref

3.2. upload_max_fileszie

3.3. post_max_size

3.4. max_execution_time cfg

3.5. restart after cfg

4. config upload directory

5. write sup.php (store in /var/www/html)

6. upload by using curl in shell

1 install

$ sudo apt-get install apache2
$ sudo apt-get install php5
$ sudo apt-get install libapache2-mod-php5
$ sudo apt-get install php5-gd

2 get web info

$ cat /etc/apache2/sites-enabled/000-default.conf

3 set php upload conditions

3.1 ref

http://php.net/manual/zh/features.file-upload.common-pitfalls.php

3.2 upload_max_fileszie

$ sudo nano /etc/php5/apache2/php.ini

change `upload_max_fileszie = 2M' as upload_max_fileszie = 30M

3.3 post_max_size

$ sudo nano /etc/php5/apache2/php.ini

change `post_max_size = 8M' as post_max_size = 30M

3.4 max_execution_time cfg

$ sudo nano /etc/php5/apache2/php.ini

change `max_execution_time = 30' as max_execution_time = 300

3.5 restart after cfg

$ sudo /etc/init.d/apache2 restart

4 config upload directory

$ cd /var/www
$ sudo mkdir uploads
$ sudo chmod -R a+w uploads

5 write sup.php (store in /var/www/html)

contents as below:

<?php
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . basename($_FILES['xx_upload']['name']);

if (is_uploaded_file($_FILES['xx_upload']['tmp_name'])) {
echo "File " . $_FILES['xx_upload']['name'] . " uploaed ok.\n";

if (file_exists($uploadfile)) {
echo "file exist.\n";
}
else {
if (move_uploaded_file($_FILES['xx_upload']['tmp_name'], $uploadfile)) {
echo "File process ok.\n";
}
}
}
else {
echo "Possible file upload attack!\n";
print_r($_FILES);
}

?>

6 upload by using curl in shell

curl -F xx_upload=@/home/user_name/a.mp4 http://server_ip/sup.php

Attention: `xx_upload' is used in `sup.php', as the first index of `_FILES'