| Server IP : 103.119.228.120 / Your IP : 3.128.198.90 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/softaculous/myt/ |
Upload File : |
<?php
$resp = __hashPassword('[[admin_pass]]');
echo '<update_pass>'.$resp.'</update_pass>';
function __hashPassword($password,$cost=13){
global $error;
__checkBlowfish();
$salt=__generateSalt($cost);
$hash=crypt($password,$salt);
if(!is_string($hash) || (function_exists('mb_strlen') ? mb_strlen($hash, '8bit') : strlen($hash))<32)
$error[] = 'Internal error while generating hash.';
return $hash;
}
function __checkBlowfish(){
global $error;
if(!function_exists('crypt')){
$error[] = 'requires the PHP crypt() function. This system does not have it.';
}
if(!defined('CRYPT_BLOWFISH') || !CRYPT_BLOWFISH){
$error[] = 'requires the Blowfish option of the PHP crypt() function. This system does not have it.';
}
}
function __generateSalt($cost=13){
global $error;
if(($random=__generateRandomString(22,true))===false)
if(($random=__generateRandomString(22,false))===false)
$error[] = 'Unable to generate random string.';
return sprintf('$2y$%02d$',$cost).strtr($random,array('_'=>'.','~'=>'/'));
}
function __generateRandomString($length,$cryptographicallyStrong=true){
if(($randomBytes=__generateRandomBytes($length+2,$cryptographicallyStrong))!==false)
return strtr(substr(base64_encode($randomBytes),0,$length),array('+'=>'_','/'=>'~'));
return false;
}
function __generateRandomBytes($length,$cryptographicallyStrong=true){
$bytes='';
if(function_exists('openssl_random_pseudo_bytes'))
{
$bytes=openssl_random_pseudo_bytes($length,$strong);
if(strlen($bytes)>=$length && ($strong || !$cryptographicallyStrong))
return substr($bytes,0,$length);
}
if(function_exists('mcrypt_create_iv') &&
($bytes=mcrypt_create_iv($length, MCRYPT_DEV_URANDOM))!==false &&
strlen($bytes)>=$length)
{
return substr($bytes,0,$length);
}
if(($file=@fopen('/dev/urandom','rb'))!==false &&
($bytes=@fread($file,$length))!==false &&
(fclose($file) || true) &&
strlen($bytes)>=$length)
{
return substr($bytes,0,$length);
}
$i=0;
while(strlen($bytes)<$length &&
($byte=__generateSessionRandomBlock())!==false &&
++$i<3)
{
$bytes.=$byte;
}
if(strlen($bytes)>=$length)
return substr($bytes,0,$length);
if ($cryptographicallyStrong)
return false;
while(strlen($bytes)<$length)
$bytes.=__generatePseudoRandomBlock();
return substr($bytes,0,$length);
}
function __generateSessionRandomBlock(){
ini_set('session.entropy_length',20);
if(ini_get('session.entropy_length')!=20)
return false;
// These calls are (supposed to be, according to PHP manual) safe even if
// there is already an active session for the calling script.
@session_start();
@session_regenerate_id();
$bytes=session_id();
if(!$bytes)
return false;
// $bytes has 20 bytes of entropy but the session manager converts the binary
// random bytes into something readable. We have to convert that back.
// SHA-1 should do it without losing entropy.
return sha1($bytes,true);
}
function __generatePseudoRandomBlock(){
$bytes='';
if (function_exists('openssl_random_pseudo_bytes')
&& ($bytes=openssl_random_pseudo_bytes(512))!==false
&& strlen($bytes)>=512)
{
return substr($bytes,0,512);
}
for($i=0;$i<32;++$i)
$bytes.=pack('S',mt_rand(0,0xffff));
// On UNIX and UNIX-like operating systems the numerical values in `ps`, `uptime` and `iostat`
// ought to be fairly unpredictable. Gather the non-zero digits from those.
foreach(array('ps','uptime','iostat') as $command) {
@exec($command,$commandResult,$retVal);
if(is_array($commandResult) && !empty($commandResult) && $retVal==0)
$bytes.=preg_replace('/[^1-9]/','',implode('',$commandResult));
}
// Gather the current time's microsecond part. Note: this is only a source of entropy on
// the first call! If multiple calls are made, the entropy is only as much as the
// randomness in the time between calls.
$bytes.=substr(microtime(),2,6);
// Concatenate everything gathered, mix it with sha512. hash() is part of PHP core and
// enabled by default but it can be disabled at compile time but we ignore that possibility here.
return hash('sha512',$bytes,true);
}
@unlink('update_pass.php');
?>