ok
Direktori : /proc/self/root/usr/local/sitepad/lib/panels/cwp/ |
Current File : //proc/self/root/usr/local/sitepad/lib/panels/cwp/index.php |
<?php header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Content-Type: text/html; charset=UTF-8"); if((@$_GET['act'] == 'backups' || @$_GET['act'] == 'import_export') && !empty($_GET['download']) && substr_count($_GET['download'], './') == 0){ header('Content-Disposition: attachment; filename="'.$_GET['download'].'"'); } if(is_dir('/usr/local/cwpsrv/var/services/users')){ $admin_port = array('2030','2031','2086','2087'); if(!array_key_exists('module', $_GET) && !in_array($_SERVER['SERVER_PORT'], $admin_port)){ header('Location:../?module=sitepad'); die(); } } if(!function_exists('shell_exec')){ die('shell_exec function is required for SitePad to work.'); } $session_number = md5($_SERVER['REMOTE_ADDR']); session_name("cwpsrv-".$session_number); //Session path has been changed in v1 if(posix_getuid() == 0 && is_dir('/usr/local/cwpsrv/var/services/users') && is_dir('/root/.cwp_sessions')){ $cwp_session_save_path = "/root/.cwp_sessions"; session_save_path($cwp_session_save_path); } session_start(); // cwp v0 and v1 has different structure and cookie variables if(is_dir('/usr/local/cwpsrv/var/services/users')){ if(empty($_SESSION['username'])){ header('Location:/login/?acc=logon'); die(); } }elseif(!$_SESSION['logged']){ header("Location: ../login.php"); die(); } function soft_unlink_user_file($file){ // Is the file safe to delete ? if(!soft_is_safe_file($file)) return false; // Security Fix @unlink($file); } function soft_is_safe_file($path){ // Is it a symlink ? if(is_link($path)) return false; // Is it a file and is a link ? $stat = @stat($path); if(!is_dir($path) && $stat['nlink'] > 1) return false; return true; } // Is the effective and real userID the same ? if(posix_getuid() != posix_geteuid()){ echo "EUID differs from UID. Hacking Attempt !"; exit; } //For enduser if(posix_getuid() != 0){ $TMP_USER = posix_getpwuid(posix_geteuid()); $TMP_HOME = $TMP_USER['dir']; // Create the directory if it does not exist if(!is_dir($TMP_HOME.'/.sitepad/sess/')){ @mkdir($TMP_HOME.'/.sitepad/sess/', 0711, true); } // Load the Panel $sess = md5(uniqid(microtime())); $file = $TMP_HOME.'/.sitepad/sess/'.$sess; // Touch the file touch($file); chmod($file, 0600); $fp = fopen($file, "a"); if(empty($fp)){ die('Could not write SESSION DATA.'); } $array = array(); $array['SERVER'] = $_SERVER; $array['POST'] = $_POST; $array['GET'] = $_GET; $array['REQUEST'] = $_REQUEST; $array['COOKIE'] = $_COOKIE; $array['SESSION'] = $_SESSION; fwrite($fp, json_encode($array)); fclose($fp); chmod($file, 0600); session_write_close(); if(file_exists('/usr/local/cwpsrv/var/services/users')){ // echo '/usr/local/sitepad/bin/soft '.$sess; die(); echo shell_exec('/usr/local/sitepad/bin/soft '.$sess); }else{ die('Not supported'); //echo '/usr/local/cwp/php/bin/php /usr/local/cwp/sitepad/load.php '.$sess; //echo shell_exec('/usr/local/cwp/php/bin/php /usr/local/cwp/sitepad/load.php '.$sess); } @unlink($file); // load.php will also try to delete it! // Just to ensure that there should not be any files as a security measures. $d = date('i'); if($d % 2 == 0){ if ($dh = opendir($TMP_HOME.'/.sitepad/sess/')) { while (($dfile = readdir($dh)) !== false) { if($dfile == '.' || $dfile == '..') continue; clearstatcache(); $stime = filemtime($TMP_HOME.'/.sitepad/sess/'.$dfile); // Delete the file if its there for more than 10 seconds if($stime < (time() - 10)){ @soft_unlink_user_file($TMP_HOME.'/.sitepad/sess/'.$dfile); } } closedir($dh); } } }else{ @define('SITEPAD', 1); //Set error reporting error_reporting(E_PARSE); #~~~~~~~~~~~~~~~~~~~~~~~~ # SOFTACULOUS VARIABLES #~~~~~~~~~~~~~~~~~~~~~~~~ if(empty($globals)){ include_once('/usr/local/sitepad/universal.php'); } include_once($globals['path'].'/globals.php'); include_once($globals['mainfiles'].'/functions.php'); // Load the nupanel Class if(!class_exists('nupanel')){ include_once($globals['includes_path'].'/nupanel.php'); } include_once($globals['includes_path'].'/admin.php'); }