⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.19
Server IP:
178.33.27.10
Server:
Linux cpanel.dev-unit.com 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
Server Software:
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
PHP Version:
8.2.11
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
local
/
sitepad
/
lib
/
panels
/
isp
/
View File Name :
index.php
<?php header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Content-Type: text/html; charset=UTF-8"); if((@$_GET['act'] == 'backups' || @$_GET['act'] == 'import_export') && !empty($_GET['download']) && substr_count($_GET['download'], './') == 0){ header('Content-Disposition: attachment; filename="'.$_GET['download'].'"'); } if(!function_exists('shell_exec')){ die('shell_exec function is required for SitePad to work.'); } if(is_dir('/usr/local/mgr5')){ if(empty($_COOKIE['ispmgrses5']) && empty($_COOKIE['ispmgrnodeses5'])){ die('You are not logged into ISPmanager'); } }else{ if(empty($_COOKIE['ispmgr4'])){ die('You are not logged into ISP'); } } // Load the Panel $sess = md5(uniqid(microtime())); $file = "/var/sitetmp/".$sess; $fp = fopen($file, "a"); if(empty($fp)){ die('Could not write SESSION DATA.'); } $array = array(); $array['SERVER'] = $_SERVER; $array['POST'] = $_POST; $array['GET'] = $_GET; $array['REQUEST'] = $_REQUEST; $array['COOKIE'] = $_COOKIE; fwrite($fp,serialize($array)); fclose($fp); //echo '/usr/local/sitepad/bin/soft '.$sess;die(); echo shell_exec('/usr/local/sitepad/bin/soft '.$sess); @unlink($file); // load.php will also try to delete it! // Just to ensure that there should not be any files as a security measures. $d = date('i'); if($d % 2 == 0){ if ($dh = opendir('/var/sitetmp/')) { while (($dfile = readdir($dh)) !== false) { if($dfile == '.' || $dfile == '..') continue; clearstatcache(); $stime = filemtime('/var/sitetmp/'.$dfile); // Delete the file if its there for more than 10 seconds if($stime < (time() - 10)){ @unlink('/var/sitetmp/'.$dfile); } } closedir($dh); } } ?>