Failed to save the file to the "xx" directory.

Failed to save the file to the "ll" directory.

Failed to save the file to the "mm" directory.

Failed to save the file to the "wp" directory.

403WebShell
403Webshell
Server IP : 66.29.132.124  /  Your IP : 3.143.24.110
Web Server : LiteSpeed
System : Linux business141.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : wavevlvu ( 1524)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/softaculous/chevereto/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/softaculous/chevereto/_clone.php
<?php

//////////////////////////////////////////////////////////////
//===========================================================
// clone.php
//===========================================================
// SOFTACULOUS 
// Version : 4.2.8
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date:       10th Jan 2009
// Time:       21:00 hrs
// Site:       http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////

if(!defined('SOFTACULOUS')){

	die('Hacking Attempt');

}

//The Install process
function __clone(){

global $__settings, $error, $software, $globals, $replace_data, $source_data;
	
	//Do we meet the Minimum software requirements
	__requirements();
	
	if(!empty($error)){
		return false;
	}
	
	$temp = parse_url($__settings['softurl']);
	$__settings['relativeurl'] = $temp['path'];
	
	$temp = parse_url($source_data['softurl']);
	$source_data['relativeurl'] = $temp['path'];
	
	//To handle configuration files for different versions
	if(sfile_exists($__settings['softpath'].'/app/settings.php') && $__settings['ver'] <= '4.0.5'){
		sclone_replace($replace_data, $__settings['softpath'].'/app/settings.php', true);
	}else{
		$file = sfile($__settings['softpath'].'/app/env.php');
	
		if(empty($file)){
			$error[] = 'Could not read the config file to get the encryption_key.';
			return false;
		}
		
		soft_preg_replace('/("|\')CHEVERETO_ENCRYPTION_KEY("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $encryption_key, 6);
		$__settings['encryption_key'] = base64_encode(__generate(32));
		$replace_data[$encryption_key] = $__settings['encryption_key'];
			
		sclone_replace($replace_data, $__settings['softpath'].'/app/env.php', true);
	}
	
	//This is to pass value of id_padding and crypt_salt into __cheveretoID function to get the $avtar_old
	$query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'id_padding';";
	$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	$__settings['id_padding'] = $result[0]['setting_value'];
	
	$query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'crypt_salt';";
	$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	$__settings['crypt_salt'] = $result[0]['setting_value'];
	////////////////////
	
	$avtar_old = __cheveretoID(1);
	
	$__settings['crypt_salt'] = __random_string(8);
	$__settings['api_v1_key'] = __random_string(32);
	
	$avtar_new = __cheveretoID(1);
	
	@srename($__settings['softpath'].'/content/images/users/'.$avtar_old.'/', $__settings['softpath'].'/content/images/users/'.$avtar_new.'/');
	
	$query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['crypt_salt']."',`setting_default`='".$__settings['crypt_salt']."' WHERE `setting_name` = 'crypt_salt';";
	sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	
	$query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['api_v1_key']."',`setting_default`='".$__settings['api_v1_key']."' WHERE `setting_name` = 'api_v1_key';";
	sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
	
	if(sfile_exists($__settings['softpath'].'/.htaccess')){
	
		// If the installation is on root domain we need to change the below relative URL
		if(is_dom_root($source_data['softpath'])){
			$replace_data['RewriteBase \'/\''] = 'RewriteBase \''.$__settings['relativeurl'].'\'';
			$replace_data['RewriteBase /'] = 'RewriteBase '.$__settings['relativeurl'];
		}elseif(is_dom_root($__settings['softpath'])){
			$replace_data['RewriteBase \''.$source_data['relativeurl'].'\''] = 'RewriteBase \'/\'';
			$replace_data['RewriteBase '.$source_data['relativeurl']] = 'RewriteBase /';
		}
		
		sclone_replace($replace_data, $__settings['softpath'].'/.htaccess', true);		
	}
	
	//CHMOD some files
	@schmod($__settings['softpath'].'/images/', $globals['odc'], 1);
	@schmod($__settings['softpath'].'/content/', $globals['odc']);
	@schmod($__settings['softpath'].'/content/images/', $globals['odc'], 1);
	@schmod($__settings['softpath'].'/app/content/', $globals['odc'], 1);
}

//Check whether the Minimum Software configuration matches
function __requirements(){

global $__settings, $error, $software, $user, $insid;

	// Chevereto can be cloned in root directory only	
	if(sversion_compare($user['ins'][$insid]['ver'], '4.0.5', '>=') && !empty($__settings['softdirectory'])){
		$error[] = 'Chevereto Free ' .$__settings['ver']. ' can not be cloned/staged in sub-directory.';
	}
	
	return true;

}

function __pre_unzip(){
	
	global $error, $__settings, $replace_data, $source_data;
	
	$file = sfile($source_data['softpath'].'/app/env.php');
	
	if(empty($file)){
		$file = sfile($source_data['softpath'].'/app/settings.php');
	}
	
	if(empty($file)){
		$error[] = 'Could not read the config file to get the dbprefix.';
		return false;
	}
	
	soft_preg_replace('/("|\')db_table_prefix("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6);
	
	if(empty($__settings['dbprefix'])){
		soft_preg_replace('/\$settings\[("|\')db_table_prefix("|\')\](\s*?)=(\s*?)("|\')(.*?)("|\');/is', $file, $__settings['dbprefix'], 6);
	}
	
	if(empty($__settings['dbprefix'])){
		soft_preg_replace('/("|\')CHEVERETO_DB_TABLE_PREFIX("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6);
	}
	
	if(sversion_compare($__settings['ver'], '4.0.5', '<')){
		$query = "SELECT `login_ip` FROM `".$__settings['dbprefix']."logins` WHERE `login_id` = 1;";
		
		$result = sdb_query($query, $source_data['softdbhost'], $source_data['softdbuser'], $source_data['softdbpass'], $source_data['softdb']);
		
		$replace_data[$result[0]['login_ip']] = $_SERVER['REMOTE_ADDR'];
	}
	
}

function __random_string($length) {
	switch(true) {
		case function_exists('mcrypt_create_iv') :
			$r = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
		break;
		case function_exists('openssl_random_pseudo_bytes') :
			$r = openssl_random_pseudo_bytes($length);
		break;
		case is_readable('/dev/urandom') : // deceze
			$r = file_get_contents('/dev/urandom', false, null, 0, $length);
		break;
		default :
			$i = 0;
			$r = '';
			while($i ++ < $length) {
				$r .= chr(mt_rand(0, 255));
			}
		break;
	}
	return substr(bin2hex($r), 0, $length);
}

function __cheveretoID($in, $action="encode"){
	global $__settings;
	$index = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
	$salt = $__settings['crypt_salt'];
	$id_padding = $__settings['id_padding'];

	// Use a stock version of the hashed values (faster execution)

	for($n = 0; $n<strlen($index); $n++) {
		$i[] = substr($index,$n ,1);
	}

	$passhash = hash('sha256',$salt);
	$passhash = (strlen($passhash) < strlen($index)) ? hash('sha512',$salt) : $passhash;

	for($n=0; $n < strlen($index); $n++) {
		$p[] =  substr($passhash, $n ,1);
	}

	// Stock the crypting thing to don't do it every time
	$cheveretoID = array(
		'passhash'	=> $passhash,
		'p'			=> $p,
		'i'			=> $i
	);
	
	array_multisort($p, SORT_DESC, $i);
	$index = implode($i);

	$base  = strlen($index);

	if($id_padding > 0) {
		$in = $in * $id_padding;
	}
	$out = '';
	for ($t = floor(log((float)$in, $base)); $t >= 0; $t--) {
		$bcp = pow($base, $t);
		$a   = floor($in / $bcp) % $base;
		$out = $out . substr($index, $a, 1);
		$in  = $in - ($a * $bcp);
	}
	return $out;
}

function __generate($length = 10, $charlist = '0-9a-z'){
	global $error;
	
        $charlist = count_chars(preg_replace_callback('#.-.#', function($m) {
            return implode('', range($m[0][0], $m[0][2]));
        }, $charlist), 3);
        $chLen = strlen($charlist);
        if ($length < 1) {
            $error[] = 'Length must be greater than zero.';
        } elseif ($chLen < 2) {
            $error[] = 'Character list must contain at least two chars.';
        }
        $res = '';
        for ($i = 0; $i < $length; $i++) {
            $res .= $charlist[random_int(0, $chLen - 1)];
        }
        return $res;
}

?>

Youez - 2016 - github.com/yon3zu
LinuXploit