403Webshell
Server IP : 103.119.228.120  /  Your IP : 18.119.133.138
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /var/softaculous/lychee/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /var/softaculous/lychee/_edit.php
<?php

//////////////////////////////////////////////////////////////
//===========================================================
// edit.php(For individual softwares)
//===========================================================
// SOFTACULOUS 
// Version : 1.0
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date:       10th Jan 2009
// Time:       21:00 hrs
// Site:       http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////

if(!defined('SOFTACULOUS')){

    die('Hacking Attempt');

}

/////////////////////////////////////////
// All functions in this PAGE must begin
// with TWO UNDERSCORE '__' to avoid 
// clashes with SOFTACULOUS Functions
// e.g. __funcname()
/////////////////////////////////////////

//////////////////////////////////////////
// Note : The path of the upgrade package 
//        is $software['path'].'/' . So to
//        access other files use 
//        $software['path'].'/other_file.ext'
//////////////////////////////////////////

//The Edit process
function __edit($installation){

global $__settings, $globals, $setupcontinue, $software, $error;
    
    $__settings = $installation;
    
    $__settings['admin_username'] = optPOST('admin_username');
    $__settings['admin_pass'] = optPOST('admin_pass');

    // Do we need to reset the password ?
    if(!empty($__settings['admin_pass'])){
    
        // We need the username
        if(empty($__settings['admin_username'])){
         $error[] = '{{err_no_username}}';
		return false;
        }
        
        // This is to get dbprefix from import.php
        sp_include_once($software['path'].'/import.php');
        
        $r = call_user_func('__import_'.$software['softname'], $__settings['softpath']);
        
        $__settings['dbprefix'] = $r['dbprefix'];
        $__settings['softdbhost'] = $r['softdbhost'];
        $__settings['softdbuser'] = $r['softdbuser'];
        $__settings['softdbpass'] = $r['softdbpass'];
        $__settings['softdb'] = $r['softdb'];
        
        if(!empty($error)){
		return false;
        }
        
        //This is to retrieve hashed value of admin username from the database 
        $query = "SELECT `value` FROM `".$__settings['dbprefix']."_lychee_settings` WHERE `key` = 'username';";
        
        $result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
        
        $__settings['admin_username_db'] = $result[0]['value'];
        
        //Creating crypted admin username hash
        $__settings['admin_username_crypt'] = crypt($__settings['admin_username'], $__settings['admin_username_db']);
		
        //Verifying admin username db hash with the crypted hash 
        if(!($__settings['admin_username_db'] === $__settings['admin_username_crypt'])){
		$error[] = '{{err_no_such_user}}';
		return false;           
        }else{          
		
		// This is to obtain password method from install.php
         sp_include_once($software['path'].'/install.php');      
		
		//We have commented the $user variable as it reassigns hash value for $__settings['admin_username']
         if(sversion_compare(phpversion(), '5.3', '<')){
			sconfigure('update_pass.php');  
			$data = swget($__settings['softurl'].'/update_pass.php');
			$data = explode('__softaculous__', $data);
			//$user = $data['0'];
			$pass = $data['1'];
			sunlink($__settings['softpath'].'/update_pass.php');
            }else{
			//$user = __getHashedString($__settings['admin_username']);                
			$pass = __getHashedString($__settings['admin_pass']);
            }
            
            $__settings['admin_pass'] = $pass;
            //$__settings['admin_username'] = $user;

            if(!empty($error)){
			return false;
            }
            
            // Update the password now
            $update_query = "UPDATE `".$__settings['dbprefix']."_lychee_settings` SET `value` = '".$__settings['admin_pass']."' WHERE `key` = 'password';";
            
            $result = sdb_query($update_query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);			
        }
    
    }

}

?>

Youez - 2016 - github.com/yon3zu
LinuXploit