| Current File : /home/inlingua/public_html/decay_sym/root/var/softaculous/apps/cxs/index.cgi |
#!/usr/bin/perl
###############################################################################
# Copyright 2009-2020, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# start main
use strict;
use File::Find;
use Fcntl qw(:DEFAULT :flock);
use IPC::Open3;
use lib '/etc/cxs';
use ConfigServer::cxsUI;
our ($script, $script_da, $images, %FORM, $myv, %in, %ajaxsubs, %fullsubs);
my ($childin, $childout, $in, @in);
my $pid = open3($childin, $childout, $childout, "/usr/sbin/cxs --version");
my @data = <$childout>;
waitpid ($pid, 0);
chomp @data;
if ($data[0] =~ /v(.*)$/) {$myv = $1}
$script = $ENV{'webuzo_panel_url'}."cxs/index.php";
$images = "/cxs/images";
%ajaxsubs = (
"cc_body" => 1,
"cc_dbody" => 1,
"cc_restore" => 1,
"cc_report" => 1,
"cc_showreports" => 1,
"cc_ignore" => 1,
"cc_blockip" => 1,
"cc_delete" => 1,
"cc_edelete" => 1,
"tailcmd" => 1,
"tailscancmd" => 1,
);
%fullsubs = (
"cc_setup" => 1,
"cc_setup1" => 1,
"cc_setup2" => 1,
"cc_setup3" => 1,
"cc_setup4" => 1,
"cc_setup5" => 1,
"cc_setup6" => 1,
"cc_delreport" => 1,
"cc_reports" => 1,
"cc_stats" => 1,
"cc_file" => 1,
);
sub ReadParse
{
my $a = $_[0] || \%in;
%$a = ( );
my $meth = $_[1] ? $_[1] : $ENV{'REQUEST_METHOD'};
undef($in);
if ($meth eq 'POST') {
my $clen = $ENV{'CONTENT_LENGTH'};
my $got = 0;
while($got < $clen) {
my $r = read(STDIN, $in, $clen-$got, $got);
last if ($r <= 0);
$got += $r;
}
}
if ($ENV{'QUERY_STRING'}) {
if ($in) { $in .= "&".$ENV{'QUERY_STRING'}; }
else { $in = $ENV{'QUERY_STRING'}; }
}
@in = split(/\&/, $in);
foreach my $i (@in) {
$i =~ /\0/ && &error("Null byte in query string");
my ($k, $v) = split(/=/, $i, 2);
if (!$_[2]) {
$k =~ tr/\+/ /;
$v =~ tr/\+/ /;
}
$k =~ s/%(..)/pack("c",hex($1))/ge;
$v =~ s/%(..)/pack("c",hex($1))/ge;
if ($_[3] == 1) {
$a->{$k} ||= [];
push(@{$a->{$k}}, $v);
}
elsif ($_[3] == 2) {
$a->{$k} ||= $v;
}
else {
$a->{$k} = defined($a->{$k}) ? $a->{$k}."\0".$v : $v;
}
}
}
&ReadParse();
%FORM = %in;
my $bootstrapcss = "<link rel='stylesheet' href='$images/bootstrap/css/bootstrap.min.css'>";
my $jqueryjs = "<script src='$images/jquery.min.js'></script>";
my $bootstrapjs = "<script src='$images/bootstrap/js/bootstrap.min.js'></script>";
my $fontawesome = "<link rel='stylesheet' href='https://use.fontawesome.com/releases/v5.0.10/css/all.css'>";
if ($FORM{action} eq "cc_body" or $FORM{action} eq "cc_dbody" or $FORM{action} eq "cc_showreports") {
} elsif ($ajaxsubs{$FORM{action}}) {
print "content-type: text/plain\n\n";
} else {
print "Content-type: text/html\r\n\r\n";
print <<EOF;
<!doctype html>
<html lang='en'>
<head>
<title>ConfigServer eXploit Scanner</title>
<meta charset='utf-8'>
<meta name='viewport' content='width=device-width, initial-scale=1'>
EOF
unless ($FORM{action} eq "RunScan" or ($FORM{action} =~ /^cc_/ and !$fullsubs{$FORM{action}} and $FORM{action} !~ /^cc_\w+bulk$/) or $FORM{action} eq "Run Scan" or $FORM{action} eq "viewq" or $FORM{action} eq "tailcmd" or $FORM{action} eq "tailscancmd") {
print <<EOF;
$bootstrapcss
$fontawesome
<link href='$images/configserver.css' rel='stylesheet' type='text/css'>
$jqueryjs
$bootstrapjs
</head>
<body>
<div id="loader"></div>
<a id='toplink' class='toplink' title='Go to bottom'><span class='glyphicon glyphicon-hand-down'></span></a>
<div class='container-fluid'>
<div class='panel panel-default'>
<h4><img src='$images/cxs_small.png' style='padding-left: 10px'>ConfigServer eXploit Scanner - cxs v$myv</h4>
</div>
EOF
} else {
print <<EOF;
<!doctype html>
<html lang='en'>
<head>
$bootstrapcss
<link href='$images/configserver.css' rel='stylesheet' type='text/css'>
$jqueryjs
$bootstrapjs
</head>
<body>
<div class='container-fluid'>
<style>
pre {
overflow: initial;
}
</style>
EOF
}
}
ConfigServer::cxsUI::displayUI(\%FORM,\%ajaxsubs,$script,$script_da,$images,$myv);
unless ($ajaxsubs{$FORM{action}}) {
print <<EOF;
<script>
\$("#loader").hide();
</script>
</body>
</html>
EOF
}
1;