[ Avaa Bypassed ]




Upload:

Command:

hmhc3928@3.144.104.118: ~ $
<?php

//////////////////////////////////////////////////////////////
//===========================================================
// clone.php
//===========================================================
// SOFTACULOUS 
// Version : 4.2.8
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date:       10th Jan 2009
// Time:       21:00 hrs
// Site:       http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////

if(!defined('SOFTACULOUS')){

	die('Hacking Attempt');

}

//The Install process
function __clone(){

global $__settings, $error, $software, $globals, $replace_data, $source_data;
	
	//Do we meet the Minimum software requirements
	__requirements();
	
	if(!empty($error)){
		return false;
	}
	
	$temp = parse_url($__settings['softurl']);
	$__settings['relativeurl'] = $temp['path'];
	
	$temp = parse_url($source_data['softurl']);
	$source_data['relativeurl'] = $temp['path'];
	
	//To handle configuration files for different versions
	if(sfile_exists($__settings['softpath'].'/app/settings.php') && $__settings['ver'] <= '4.0.5'){
		sclone_replace($replace_data, $__settings['softpath'].'/app/settings.php', true);
	}else{
		$file = sfile($__settings['softpath'].'/app/env.php');
	
		if(empty($file)){
			$error[] = 'Could not read the config file to get the encryption_key.';
			return false;
		}
		
		soft_preg_replace('/("|\')CHEVERETO_ENCRYPTION_KEY("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $encryption_key, 6);
		$__settings['encryption_key'] = base64_encode(__generate(32));
		$replace_data[$encryption_key] = $__settings['encryption_key'];
			
		sclone_replace($replace_data, $__settings['softpath'].'/app/env.php', true);
	}
	
	//This is to pass value of id_padding and crypt_salt into __cheveretoID function to get the $avtar_old
	$query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'id_padding';";
	$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	$__settings['id_padding'] = $result[0]['setting_value'];
	
	$query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'crypt_salt';";
	$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	$__settings['crypt_salt'] = $result[0]['setting_value'];
	////////////////////
	
	$avtar_old = __cheveretoID(1);
	
	$__settings['crypt_salt'] = __random_string(8);
	$__settings['api_v1_key'] = __random_string(32);
	
	$avtar_new = __cheveretoID(1);
	
	@srename($__settings['softpath'].'/content/images/users/'.$avtar_old.'/', $__settings['softpath'].'/content/images/users/'.$avtar_new.'/');
	
	$query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['crypt_salt']."',`setting_default`='".$__settings['crypt_salt']."' WHERE `setting_name` = 'crypt_salt';";
	sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	
	$query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['api_v1_key']."',`setting_default`='".$__settings['api_v1_key']."' WHERE `setting_name` = 'api_v1_key';";
	sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	
	if(sfile_exists($__settings['softpath'].'/.htaccess')){
	
		// If the installation is on root domain we need to change the below relative URL
		if(is_dom_root($source_data['softpath'])){
			$replace_data['RewriteBase \'/\''] = 'RewriteBase \''.$__settings['relativeurl'].'\'';
			$replace_data['RewriteBase /'] = 'RewriteBase '.$__settings['relativeurl'];
		}elseif(is_dom_root($__settings['softpath'])){
			$replace_data['RewriteBase \''.$source_data['relativeurl'].'\''] = 'RewriteBase \'/\'';
			$replace_data['RewriteBase '.$source_data['relativeurl']] = 'RewriteBase /';
		}
		
		sclone_replace($replace_data, $__settings['softpath'].'/.htaccess', true);		
	}
	
	//CHMOD some files
	@schmod($__settings['softpath'].'/images/', $globals['odc'], 1);
	@schmod($__settings['softpath'].'/content/', $globals['odc']);
	@schmod($__settings['softpath'].'/content/images/', $globals['odc'], 1);
	@schmod($__settings['softpath'].'/app/content/', $globals['odc'], 1);
}

//Check whether the Minimum Software configuration matches
function __requirements(){

global $__settings, $error, $software, $user, $insid;

	// Chevereto can be cloned in root directory only	
	if(sversion_compare($user['ins'][$insid]['ver'], '4.0.5', '>=') && !empty($__settings['softdirectory'])){
		$error[] = 'Chevereto Free ' .$__settings['ver']. ' can not be cloned/staged in sub-directory.';
	}
	
	return true;

}

function __pre_unzip(){
	
	global $error, $__settings, $replace_data, $source_data;
	
	$file = sfile($source_data['softpath'].'/app/env.php');
	
	if(empty($file)){
		$file = sfile($source_data['softpath'].'/app/settings.php');
	}
	
	if(empty($file)){
		$error[] = 'Could not read the config file to get the dbprefix.';
		return false;
	}
	
	soft_preg_replace('/("|\')db_table_prefix("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6);
	
	if(empty($__settings['dbprefix'])){
		soft_preg_replace('/\$settings\[("|\')db_table_prefix("|\')\](\s*?)=(\s*?)("|\')(.*?)("|\');/is', $file, $__settings['dbprefix'], 6);
	}
	
	if(empty($__settings['dbprefix'])){
		soft_preg_replace('/("|\')CHEVERETO_DB_TABLE_PREFIX("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6);
	}
	
	if(sversion_compare($__settings['ver'], '4.0.5', '<')){
		$query = "SELECT `login_ip` FROM `".$__settings['dbprefix']."logins` WHERE `login_id` = 1;";
		
		$result = sdb_query($query, $source_data['softdbhost'], $source_data['softdbuser'], $source_data['softdbpass'], $source_data['softdb']);
		
		$replace_data[$result[0]['login_ip']] = $_SERVER['REMOTE_ADDR'];
	}
	
}

function __random_string($length) {
	switch(true) {
		case function_exists('mcrypt_create_iv') :
			$r = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
		break;
		case function_exists('openssl_random_pseudo_bytes') :
			$r = openssl_random_pseudo_bytes($length);
		break;
		case is_readable('/dev/urandom') : // deceze
			$r = file_get_contents('/dev/urandom', false, null, 0, $length);
		break;
		default :
			$i = 0;
			$r = '';
			while($i ++ < $length) {
				$r .= chr(mt_rand(0, 255));
			}
		break;
	}
	return substr(bin2hex($r), 0, $length);
}

function __cheveretoID($in, $action="encode"){
	global $__settings;
	$index = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
	$salt = $__settings['crypt_salt'];
	$id_padding = $__settings['id_padding'];

	// Use a stock version of the hashed values (faster execution)

	for($n = 0; $n<strlen($index); $n++) {
		$i[] = substr($index,$n ,1);
	}

	$passhash = hash('sha256',$salt);
	$passhash = (strlen($passhash) < strlen($index)) ? hash('sha512',$salt) : $passhash;

	for($n=0; $n < strlen($index); $n++) {
		$p[] =  substr($passhash, $n ,1);
	}

	// Stock the crypting thing to don't do it every time
	$cheveretoID = array(
		'passhash'	=> $passhash,
		'p'			=> $p,
		'i'			=> $i
	);
	
	array_multisort($p, SORT_DESC, $i);
	$index = implode($i);

	$base  = strlen($index);

	if($id_padding > 0) {
		$in = $in * $id_padding;
	}
	$out = '';
	for ($t = floor(log((float)$in, $base)); $t >= 0; $t--) {
		$bcp = pow($base, $t);
		$a   = floor($in / $bcp) % $base;
		$out = $out . substr($index, $a, 1);
		$in  = $in - ($a * $bcp);
	}
	return $out;
}

function __generate($length = 10, $charlist = '0-9a-z'){
	global $error;
	
        $charlist = count_chars(preg_replace_callback('#.-.#', function($m) {
            return implode('', range($m[0][0], $m[0][2]));
        }, $charlist), 3);
        $chLen = strlen($charlist);
        if ($length < 1) {
            $error[] = 'Length must be greater than zero.';
        } elseif ($chLen < 2) {
            $error[] = 'Character list must contain at least two chars.';
        }
        $res = '';
        for ($i = 0; $i < $length; $i++) {
            $res .= $charlist[random_int(0, $chLen - 1)];
        }
        return $res;
}

?>

Filemanager

Name Type Size Permission Actions
images Folder 0755
php53 Folder 0755
php56 Folder 0755
php71 Folder 0755
php81 Folder 0755
php82 Folder 0755
_clone.php File 8.46 KB 0644
_edit.php File 4.18 KB 0644
_edit.xml File 433 B 0644
_upgrade.php File 3.05 KB 0644
_upgrade.xml File 295 B 0644
env.php File 337 B 0644
extend.php File 8.78 KB 0644
fileindex.php File 73 B 0644
import.php File 5.14 KB 0644
info.xml File 3.96 KB 0644
install.js File 925 B 0644
install.php File 8.56 KB 0644
install.xml File 724 B 0644
md5 File 3.15 KB 0644
notes.txt File 822 B 0644
update_pass.php File 533 B 0644