Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 3.15.12.133
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
student /
vskub /
[ HOME SHELL ]
Name
Size
Permission
Action
Paytm
[ DIR ]
drwxrwxr-x
css
[ DIR ]
drwxr-xr-x
easy_zip
[ DIR ]
drwxr-xr-x
img
[ DIR ]
drwxr-xr-x
jquery-ui-1.9
[ DIR ]
drwxr-xr-x
js
[ DIR ]
drwxr-xr-x
libs
[ DIR ]
drwxr-xr-x
links
[ DIR ]
drwxr-xr-x
razorpay
[ DIR ]
drwxrwxr-x
src
[ DIR ]
drwxr-xr-x
tarka_pdf
[ DIR ]
drwxr-xr-x
adds.jpg
39.03
KB
-rwxr-xr-x
adds1.jpg
293.14
KB
-rwxr-xr-x
app.php
416
B
-rwxr-xr-x
candidate_list.html
5.41
KB
-rwxr-xr-x
cconfig.php
1.16
KB
-rwxr-xr-x
cconfig_old.php
1.12
KB
-rwxr-xr-x
consts.php
227
B
-rwxr-xr-x
database.php
232
B
-rwxr-xr-x
index.php
4.44
KB
-rwxr-xr-x
index_11112017.php
3.96
KB
-rwxr-xr-x
pgResponse.php
13.89
KB
-rwxr-xr-x
student.php
6.43
KB
-rwxr-xr-x
verify.php
13.47
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : pgResponse.php
<link href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous"> <?php header("Pragma: no-cache"); header("Cache-Control: no-cache"); header("Expires: 0"); ini_set('display_errors', 'On'); error_reporting(E_ALL); // following files need to be included //require_once("./pgRedirect.php"); require_once("./Paytm/lib/config_paytm.php"); require_once("./Paytm/lib/encdec_paytm.php"); include("/var/www/config.php"); $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $databse = 'logisys3_comexam'; $conn = new mysqli($servername,$username,$password,$databse); if(!$conn) { die("Connection failed: " . mysqli_connect_error()); } $paytmChecksum = ""; $paramList = array(); $isValidChecksum = "FALSE"; $paramList = $_POST; $univcode = str_pad(substr($paramList['MERC_UNQ_REF'],1,2),3,"0",STR_PAD_LEFT); if($univcode == '003') { $univcode_tmp = str_pad(substr($paramList['MERC_UNQ_REF'],1,3),4,"0",STR_PAD_LEFT); if($univcode_tmp == '003D') { $univcode = $univcode_tmp; } } $typeno = substr($paramList['MERC_UNQ_REF'],0,1); if($typeno == '1') $type = 'EXAM'; if($typeno == '2') $type = 'RVRT'; if($typeno == '4') $type = 'OSER'; $get_data = "select * from maspg where fbank = 'Paytm' and FENTTYPE = '{$type}' and funivcode = '{$univcode}'"; //var_dump($get_data); $result=$conn->query($get_data); if (mysqli_num_rows($result) > 0) { while($row = mysqli_fetch_assoc($result)) { $key = $row['fkey']; $mid = $row['fmid']; $fworkingid = $row['fworkingid']; $fmode = $row['fmode']; $freturnurl = $row['freturnurl']; } } $paytmChecksum = isset($_POST["CHECKSUMHASH"]) ? $_POST["CHECKSUMHASH"] : ""; //Sent by Paytm pg //Verify all parameters received from Paytm pg to your application. Like MID received from paytm pg is same as your application�s MID, TXN_AMOUNT and ORDER_ID are same as what was sent by you to Paytm PG for initiating transaction etc. $isValidChecksum = verifychecksum_e($paramList, $key, $paytmChecksum); //will return TRUE or FALSE string. if($isValidChecksum == "TRUE") { $status = $_POST["STATUS"]; //echo $status; //print_r($_POST); $orderid = $_POST["ORDERID"]; $productinfo = $_POST["MERC_UNQ_REF"]; $txnid = $_POST["TXNID"]; $MID = $_POST["MID"]; $CHECKSUMHASH = $_POST["CHECKSUMHASH"]; //echo $productinfo; //$productinfo = '103E3050155'; $MID = $mid; $requestParamList = array(); $responseParamList = array(); $requestParamList = array("MID" => "{$MID}" , "ORDERID" => "{$orderid}", "MERC_UNQ_REF" => "{$productinfo}"); $checkSum = getChecksumFromArray($requestParamList,$key); $requestParamList['CHECKSUMHASH'] = urlencode($checkSum); $data_string = "JsonData=".json_encode($requestParamList); $ch = curl_init(); // initiate curl //$url = "https://securegw-stage.paytm.in/merchant-status/getTxnStatus"; // where you want to post data //$url = "https://securegw.paytm.in/merchant-status/getTxnStatus"; $url = "https://securegw.paytm.in/merchant-status/getTxnStatus"; curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_URL,$url); curl_setopt($ch, CURLOPT_POST, true); // tell curl you want to post something curl_setopt($ch, CURLOPT_POSTFIELDS,$data_string); // define what you want to post curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // return the output in string format $headers = array(); $headers[] = 'Content-Type: application/json'; curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); $output = curl_exec($ch); // execute $info = curl_getinfo($ch); $data = json_decode($output, true); //echo $data; if ($data["STATUS"] == "TXN_SUCCESS") { $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $dbname = "logisys3_comexam"; $conn = new mysqli($servername, $username, $password, $dbname); $get_data = "select * from dbname where funivcode ='{$univcode}'"; //var_dump($get_data); $result1=$conn->query($get_data); if (mysqli_num_rows($result1) > 0) { $dbnames = array(); $uniname = ""; $ffolder = ""; while($row = mysqli_fetch_assoc($result1)) { $dbnames[$row['FUNIVCODE']] = $row['FDBNAME']; $uniname = $row['FUNIVNAME']; $FUNIVCODE = $row['FUNIVCODE']; $ffolder = $row['FFOLDER']; } } $servername = SERVERNAME; $username = USERNAME; $password = PASSWORD; $dbname = $dbnames[$univcode]; //$dbname = "logisys3_bcu"; /*$servername = "localhost"; $username = "root"; $password = ""; $dbname = "logisys3_dud";*/ $conn = new mysqli($servername, $username, $password, $dbname); $status = $data["STATUS"]; $ORDERID = $data["ORDERID"]; $productinfo = $data["MERC_UNQ_REF"]; $txnid = $data["TXNID"]; $MID = $data["MID"]; //$CHECKSUMHASH = $data["CHECKSUMHASH"]; $txnid = $data['TXNID']; $firstname = 'Paytm'; echo "<center><h1 >".$uniname."</h1></center>"; echo "<div style = 'width:50%; margin:10% auto'> <h4 style='color:green;'>Thank You. Your Payment is success</h4>"; echo "<h4>Your Transaction ID for this transaction is : ".$data['TXNID'].".</h4>"; echo "<h4>We have received a payment of Rs. : " . $data['TXNAMOUNT'] ."</h4>"; $html="<button type='button' class='btn btn-primary w-10' onclick=\"PrintApplicationFormNETBANKING('{$productinfo}','{$ffolder}','{$type}','{$FUNIVCODE}');\" >Click here to take a PrintOut</button></div>"; echo $html; $update_pg="update pgdet set ftxnid = '{$txnid}', fstatus = '{$status}', fupddate = now() where appno = '{$productinfo}' and forderid = '{$ORDERID}'"; // $result_pg=$conn->query($update_pg); if(strtoupper($type) == 'EXAM') { $update="update appcandsum set FPAYMENTREMARKS='{$data['TXNID']}',FPAYMENTSTATUS='success', FPAYMENTCONFIRM='success',FACKDATE=now(),FACKUSER='{$firstname}', FPAYGATEWAY = '{$firstname}', frecptdate = now() where APPNO='{$productinfo}'"; $result=$conn->query($update); /*$get_app_cand_det="SELECT FDEGREE,FEXAMNO,FCOLLCODE,FREGNO,FSUBCODE,FINSERTED,FPRESENT,FYEAR,FEXAMTYPE FROM appcanddet WHERE APPNO='{$productinfo}'"; $result = $conn->query($get_app_cand_det);*/ $get_app_cand_det="SELECT a.FDEGREE,a.FEXAMNO,a.FCOLLCODE,c.FFRESHEXAM, a.FREGNO,a.FSUBCODE,a.FINSERTED,a.FPRESENT,a.FYEAR,a.FEXAMTYPE,concat('Message from Bengaluru Central University : ', ' Dear ',s.fname,' (Reg. no. : ',s.fregno,' , Stud. id. : ',s.fstudid,'),', ' Rs.',FLOOR(c.FTOTALFEE),'/- is received at university. Your application no. is ',c.appno, '. keep this information for future reference.',' Sent Time: ',time(now())) as message FROM appcanddet a inner join student s on a.fdegree = s.fdegree and s.fcollcode = a.fcollcode and a.fregno = s.fregno inner join appcandsum c on a.fdegree = c.fdegree and a.fcollcode = c.fcollcode and a.fregno = c.fregno and a.appno = c.appno WHERE c.APPNO='{$productinfo}'"; $result = $conn->query($get_app_cand_det); if (mysqli_num_rows($result) > 0) { while($row = mysqli_fetch_assoc($result)) { $collcode = $row['FCOLLCODE']; $degree = $row['FDEGREE']; $regno = $row['FREGNO']; $text = $row['message']; $FFRESHEXAM = $row['FFRESHEXAM']; } } // $update_cand_sum = "UPDATE appcandsum a,candsum c // SET // c.FEXAMFEEA=if(ifnull(c.FEXAMFEEA,0) <=0,ifnull(a.FEXAMFEEA,0),ifnull(c.FEXAMFEEA,0)), // c.FEXAMFEEB=if(ifnull(c.FEXAMFEEB,0) <=0,ifnull(a.FEXAMFEEB,0),ifnull(c.FEXAMFEEB,0)), // c.FEXAMFEEC=if(ifnull(c.FEXAMFEEC,0) <=0,ifnull(a.FEXAMFEEC,0),ifnull(c.FEXAMFEEC,0)), // c.FEXAMFEED=if(ifnull(c.FEXAMFEED,0) <=0,ifnull(a.FEXAMFEED,0),ifnull(c.FEXAMFEED,0)), // c.FEXAMFEEE=if(ifnull(c.FEXAMFEEE,0) <=0,ifnull(a.FEXAMFEEE,0),ifnull(c.FEXAMFEEE,0)), // c.FEXAMFEEF=if(ifnull(c.FEXAMFEEF,0) <=0,ifnull(a.FEXAMFEEF,0),ifnull(c.FEXAMFEEF,0)), // c.FEXAMFEEG=if(ifnull(c.FEXAMFEEG,0) <=0,ifnull(a.FEXAMFEEG,0),ifnull(c.FEXAMFEEG,0)), // c.FEXAMFEEH=if(ifnull(c.FEXAMFEEH,0) <=0,ifnull(a.FEXAMFEEH,0),ifnull(c.FEXAMFEEH,0)), // c.FEXAMFEEI=if(ifnull(c.FEXAMFEEI,0) <=0,ifnull(a.FEXAMFEEI,0),ifnull(c.FEXAMFEEI,0)), // c.FEXAMFEEJ=if(ifnull(c.FEXAMFEEJ,0) <=0,ifnull(a.FEXAMFEEJ,0),ifnull(c.FEXAMFEEJ,0)), // c.FTOTALFEE=a.FTOTALFEE, // c.frecptdate = date(now()) // WHERE a.fregno=c.FREGNO // AND a.APPNO='{$productinfo}' and a.FCOLLCODE='{$collcode}'"; $update_cand_sum = "UPDATE appcandsumview a,candsum c SET c.FEXAMFEEA = a.FEXAMFEEA, c.FEXAMFEEB = a.FEXAMFEEB, c.FEXAMFEEC = a.FEXAMFEEC, c.FEXAMFEED = a.FEXAMFEED, c.FEXAMFEEE = a.FEXAMFEEE, c.FEXAMFEEF = a.FEXAMFEEF, c.FEXAMFEEG = a.FEXAMFEEG, c.FEXAMFEEH = a.FEXAMFEEH, c.FEXAMFEEI = a.FEXAMFEEI, c.FEXAMFEEJ = a.FEXAMFEEJ, c.FTOTALFEE = a.FTOTALFEE, c.frecptdate = now() WHERE a.fregno=c.FREGNO AND c.fregno = '{$regno}'"; $result = $conn->query($update_cand_sum); $update_caste = "update candsum c, student s set c.fcategory = s.fcaste, c.ffeetype = if(ifnull(c.fconstype,'0123456789') <> '0123456789', 'Low Income', 'Normal Fee') where s.fregno = c.fregno and s.fregno = '{$regno}'"; $result = $conn->query($update_caste); $update_cand_appCand = "update canddet c, appcanddet t set c.finserted = t.finserted, c.fpresent = t.fpresent where c.fdegree = t.fdegree and c.fexamno = t.fexamno and c.fregno = t.fregno and c.fsubcode = t.fsubcode and c.fdegree = '{$degree}' and c.fregno = '{$regno}' and t.APPNO='{$productinfo}' and ifnull(c.fpresent,'') <> 'P'"; $result = $conn->query($update_cand_appCand); $insert_canddet ="insert into canddet(fdegree,FEXAMNO, FCOLLCODE, FREGNO, FSUBCODE, FINSERTED, FPRESENT, FYEAR, FEXAMTYPE) select fdegree, FEXAMNO, FCOLLCODE,FREGNO, FSUBCODE,FINSERTED, FPRESENT, FYEAR,FEXAMTYPE from appcanddet where fregno = '{$regno}' and appno ='{$productinfo}' and CONCAT(fdegree,fexamno,fregno,fsubcode) not in(select CONCAT(fdegree,fexamno,fregno,fsubcode) from canddet where fregno = '{$regno}') "; $result = $conn->query($insert_canddet); $query = "insert into marks (FDEGREE, FEXAMNO, FCOLLCODE, FREGNO, FSUBCODE, fmarks, fyear, fexamtype) select c.fdegree,c.fexamno,c.fcollcode,c.fregno, s.fcsubcode,'-1', c.fyear,c.fexamtype from canddet c inner join subject s on c.fdegree = s.fdegree and c.fexamno = s.fexamno and c.fsubcode = s.FSUBCODE where c.fregno = '{$regno}' and c.fexamno = '{$FFRESHEXAM}' and c.fcollcode = '{$collcode}' and c.fdegree = '{$degree}' and s.fintass = 'T' and s.fretain = 'T'"; $res = $conn->query($query); $query = "insert into marks_pr (FDEGREE, FEXAMNO, FCOLLCODE,FOCOLLCODE, FREGNO, FSUBCODE, fmarks11, fyear, fexamtype) select cd.fdegree,cd.fexamno,cd.fcollcode,cd.fcollcode,cd.FREGNO,s.fcsubcode,'-1', cd.fyear,cd.fexamtype from subject s inner join canddet cd on s.fdegree = cd.fdegree and s.fsubcode = cd.FSUBCODE and cd.fregno = '{$regno}' and ifnull(cd.fpassmth,'') = '' and ifnull(cd.fthpr,'') <> 'F' where s.fdegree = '{$degree}' and cd.fcollcode = '{$collcode}' and s.ftheory = 'F' and ifnull(s.fintass,'F') <> 'T'"; $res = $conn->query($query); $update_studfee = "update studfee s, appstudfee a set s.famount = a.famount, s.flogdate = a.flogdate, s.fyear = a.fyear, s.fexamtype = a.fexamtype where s.fdegree = a.fdegree and s.fexamno = a.fexamno and s.fregno = a.fregno and s.ffeecode = a.ffeecode and s.fregno = '{$regno}' and s.famount <= 0 and a.appno ='{$productinfo}'"; $result = $conn->query($update_studfee); $insert_studfee = "insert into studfee(fdegree,fexamno,fcollcode,fregno,ffeecode,famount,flogdate,fyear,fexamtype) select fdegree,fexamno,fcollcode,fregno,ffeecode,famount,flogdate,fyear,fexamtype from appstudfee where fregno = '{$regno}' and appno ='{$productinfo}' and CONCAT(fdegree,fexamno,fregno,ffeecode) not in(select CONCAT(fdegree,fexamno,fregno,ffeecode) from studfee where fdegree = '{$degree}' and fregno = '{$regno}')"; $result = $conn->query($insert_studfee); }else if(strtoupper($type) == 'RVRT') { $update = "update res_stud set FPAYMENTREMARKS='{$txnid}',FPAYMENTSTATUS='success', FPAYMENTCONFIRM='success', fackdate = current_date(), funivrecdate = current_date(), fackuser = '{$firstname}', FCHALLANNO = '{$ORDERID}' where APPNO='{$productinfo}'"; //var_dump($update); $result = $conn->query($update); //var_dump($result); }else if($type == 'OSER') { $update = "update servtran set FPAYREMARKS='{$txnid}', FPAYSTATUS = 'success', FPAYDATE = now(), FTRANID = '{$txnid}', FPAYMENTTYPE = 'Paytm' where FAPPNO = '{$productinfo}'"; $result = $conn->query($update); } } else { echo "<b>Transaction status is failure</b>" . "<br/>"; } // if (isset($_POST) && count($_POST)>0 ) // { // foreach($_POST as $paramName => $paramValue) { // echo "<br/>" . $paramName . " = " . $paramValue; // } // } } else { echo "<b>Checksum mismatched.</b>"; //Process transaction as suspicious. } ?> <script> function PrintApplicationFormNETBANKING(appno,folder,type,univcode) { var $host_url = `http://${window.location.host}/vskub/app.php?a=`; switch(type) { case 'EXAM': window.location.href=$host_url+"PrintApplicationFormNETBANKING&app_no="+appno+"&univcode="+univcode; break; case 'RVRT': window.location.href=$host_url+"PrintRevaluationApplicationForm&app_no="+appno+"&univcode="+univcode; break; case 'OSER': window.location.href=$host_url+"printapplicationfrom&app_no="+appno+"&univcode="+univcode; break; } } </script>
Close
