I am a hacker in the dark of a very cold night

path :/var/www/html/vorne.webheaydemo.com

upload file:

List of files:

name file	size	edit	permission
.editorconfig	276 KB	March 05 2024 07:12:34	0666
.env	1385 KB	May 24 2024 16:43:55	0666
.env.example	1088 KB	March 05 2024 07:12:34	0666
.gitattributes	190 KB	March 05 2024 07:12:34	0666
.gitignore	245 KB	March 05 2024 07:12:34	0666
.htaccess	947 KB	July 04 2023 21:25:08	0664
.rnd	1024 KB	March 13 2024 04:51:14	0666
README.md	472 KB	March 22 2024 10:35:00	0666
app	-	March 05 2024 07:12:34	0777
artisan	1739 KB	March 05 2024 07:12:34	0666
bootstrap	-	March 05 2024 07:12:34	0777
composer.json	2829 KB	May 13 2024 12:10:04	0666
composer.lock	417205 KB	March 19 2024 12:13:14	0666
config	-	July 03 2025 02:53:36	0777
database	-	March 05 2024 07:12:34	0777
index.php	1816 KB	May 13 2024 10:32:36	0666
lang	-	May 13 2024 14:53:26	0777
manifest.json	913 KB	May 14 2024 03:57:26	0664
package.json	398 KB	March 05 2024 07:12:34	0666
phpunit.xml	1206 KB	March 05 2024 07:12:34	0666
public	-	July 03 2025 02:37:20	0777
resources	-	May 13 2024 12:09:36	0777
routes	-	March 05 2024 07:12:34	0777
service-worker.js	924 KB	March 05 2024 07:12:34	0666
storage	-	March 05 2024 10:03:52	0777
symlink.php	218 KB	March 05 2024 07:12:34	0666
tests	-	March 05 2024 07:12:34	0777
vendor	-	March 19 2024 12:13:14	0777
vite.config.js	326 KB	March 05 2024 07:12:34	0666

# Sodium Compat [![Build Status](https://github.com/paragonie/sodium_compat/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions) [![Psalm Status](https://github.com/paragonie/sodium_compat/actions/workflows/psalm.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions) [![Windows Build Status](https://ci.appveyor.com/api/projects/status/itcx1vgmfqiawgbe?svg=true)](https://ci.appveyor.com/project/paragonie-scott/sodium-compat) [![Latest Stable Version](https://poser.pugx.org/paragonie/sodium_compat/v/stable)](https://packagist.org/packages/paragonie/sodium_compat) [![Latest Unstable Version](https://poser.pugx.org/paragonie/sodium_compat/v/unstable)](https://packagist.org/packages/paragonie/sodium_compat) [![License](https://poser.pugx.org/paragonie/sodium_compat/license)](https://packagist.org/packages/paragonie/sodium_compat) [![Downloads](https://img.shields.io/packagist/dt/paragonie/sodium_compat.svg)](https://packagist.org/packages/paragonie/sodium_compat) Sodium Compat is a pure PHP polyfill for the Sodium cryptography library (libsodium), a core extension in PHP 7.2.0+ and otherwise [available in PECL](https://pecl.php.net/package/libsodium). This library tentatively supports PHP 5.2.4 - 8.x (latest), but officially only supports [non-EOL'd versions of PHP](https://secure.php.net/supported-versions.php). If you have the PHP extension installed, Sodium Compat will opportunistically and transparently use the PHP extension instead of our implementation. ## IMPORTANT! This cryptography library has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. If you require such an audit before you can use sodium_compat in your projects and have the funds for such an audit, please open an issue or contact `security at paragonie dot com` so we can help get the ball rolling. However, sodium_compat has been adopted by high profile open source projects, such as [Joomla!](https://github.com/joomla/joomla-cms/blob/459d74686d2a638ec51149d7c44ddab8075852be/composer.json#L40) and [Magento](https://github.com/magento/magento2/blob/8fd89cfdf52c561ac0ca7bc20fd38ef688e201b0/composer.json#L44). Furthermore, sodium_compat was developed by Paragon Initiative Enterprises, a company that *specializes* in secure PHP development and PHP cryptography, and has been informally reviewed by many other security experts who also specialize in PHP. If you'd like to learn more about the defensive security measures we've taken to prevent sodium_compat from being a source of vulnerability in your systems, please read [*Cryptographically Secure PHP Development*](https://paragonie.com/blog/2017/02/cryptographically-secure-php-development). # Installing Sodium Compat If you're using Composer: ```bash composer require paragonie/sodium_compat ``` ### Install From Source If you're not using Composer, download a [release tarball](https://github.com/paragonie/sodium_compat/releases) (which should be signed with [our GnuPG public key](https://paragonie.com/static/gpg-public-key.txt)), extract its contents, then include our `autoload.php` script in your project. ```php gpg --fingerprint 7F52D5C61D1255C731362E826B97A1C2826404DA if [ $? -ne 0 ]; then echo -e "\033[31mCould not download PGP public key for verification\033[0m" exit 1 fi fi # Verifying the PHP Archive gpg --verify sodium-compat.phar.sig sodium-compat.phar ``` Now, simply include this .phar file in your application. ```php execute(); } else { // Defer to a cron job or other sort of asynchronous process $process->enqueue(); } ``` ### Help, my PHP only has 32-Bit Integers! It's super slow! If the `PHP_INT_SIZE` constant equals `4` instead of `8` (PHP 5 on Windows, Linux on i386, etc.), you will run into **significant performance issues**. In particular: public-key cryptography (encryption and signatures) is affected. There is nothing we can do about that. The root cause of these performance issues has to do with implementing cryptography algorithms in constant-time using 16-bit limbs (to avoid overflow) in pure PHP. To mitigate these performance issues, simply install PHP 7.2 or newer and enable the `sodium` extension. Affected users are encouraged to install the sodium extension (or libsodium from older version of PHP). Windows users on PHP 5 may be able to simply upgrade to PHP 7 and the slowdown will be greatly reduced. ## Documentation First, you'll want to read the [Libsodium Quick Reference](https://paragonie.com/blog/2017/06/libsodium-quick-reference-quick-comparison-similar-functions-and-which-one-use). It aims to answer, "Which function should I use for [common problem]?". If you don't find the answers in the Quick Reference page, check out [*Using Libsodium in PHP Projects*](https://paragonie.com/book/pecl-libsodium). Finally, the [official libsodium documentation](https://download.libsodium.org/doc/) (which was written for the C library, not the PHP library) also contains a lot of insightful technical information you may find helpful. ## API Coverage **Recommended reading:** [Libsodium Quick Reference](https://paragonie.com/blog/2017/06/libsodium-quick-reference-quick-comparison-similar-functions-and-which-one-use) * Mainline NaCl Features * `crypto_auth()` * `crypto_auth_verify()` * `crypto_box()` * `crypto_box_open()` * `crypto_scalarmult()` * `crypto_secretbox()` * `crypto_secretbox_open()` * `crypto_sign()` * `crypto_sign_open()` * PECL Libsodium Features * `crypto_aead_aes256gcm_encrypt()` * `crypto_aead_aes256gcm_decrypt()` * `crypto_aead_chacha20poly1305_encrypt()` * `crypto_aead_chacha20poly1305_decrypt()` * `crypto_aead_chacha20poly1305_ietf_encrypt()` * `crypto_aead_chacha20poly1305_ietf_decrypt()` * `crypto_aead_xchacha20poly1305_ietf_encrypt()` * `crypto_aead_xchacha20poly1305_ietf_decrypt()` * `crypto_box_xchacha20poly1305()` * `crypto_box_xchacha20poly1305_open()` * `crypto_box_seal()` * `crypto_box_seal_open()` * `crypto_generichash()` * `crypto_generichash_init()` * `crypto_generichash_update()` * `crypto_generichash_final()` * `crypto_kx()` * `crypto_secretbox_xchacha20poly1305()` * `crypto_secretbox_xchacha20poly1305_open()` * `crypto_shorthash()` * `crypto_sign_detached()` * `crypto_sign_ed25519_pk_to_curve25519()` * `crypto_sign_ed25519_sk_to_curve25519()` * `crypto_sign_verify_detached()` * For advanced users only: * `crypto_core_ristretto255_add()` * `crypto_core_ristretto255_from_hash()` * `crypto_core_ristretto255_is_valid_point()` * `crypto_core_ristretto255_random()` * `crypto_core_ristretto255_scalar_add()` * `crypto_core_ristretto255_scalar_complement()` * `crypto_core_ristretto255_scalar_invert()` * `crypto_core_ristretto255_scalar_mul()` * `crypto_core_ristretto255_scalar_negate()` * `crypto_core_ristretto255_scalar_random()` * `crypto_core_ristretto255_scalar_reduce()` * `crypto_core_ristretto255_scalar_sub()` * `crypto_core_ristretto255_sub()` * `crypto_scalarmult_ristretto255_base()` * `crypto_scalarmult_ristretto255()` * `crypto_stream()` * `crypto_stream_keygen()` * `crypto_stream_xor()` * `crypto_stream_xchacha20()` * `crypto_stream_xchacha20_keygen()` * `crypto_stream_xchacha20_xor()` * `crypto_stream_xchacha20_xor_ic()` * Other utilities (e.g. `crypto_*_keypair()`) * `add()` * `base642bin()` * `bin2base64()` * `bin2hex()` * `hex2bin()` * `crypto_kdf_derive_from_key()` * `crypto_kx_client_session_keys()` * `crypto_kx_server_session_keys()` * `crypto_secretstream_xchacha20poly1305_init_push()` * `crypto_secretstream_xchacha20poly1305_push()` * `crypto_secretstream_xchacha20poly1305_init_pull()` * `crypto_secretstream_xchacha20poly1305_pull()` * `crypto_secretstream_xchacha20poly1305_rekey()` * `pad()` * `unpad()` ### Cryptography Primitives Provided * **X25519** - Elliptic Curve Diffie Hellman over Curve25519 * **Ed25519** - Edwards curve Digital Signature Algorithm over Curve25519 * **Xsalsa20** - Extended-nonce Salsa20 stream cipher * **ChaCha20** - Stream cipher * **Xchacha20** - Extended-nonce ChaCha20 stream cipher * **Poly1305** - Polynomial Evaluation Message Authentication Code modulo 2^130 - 5 * **BLAKE2b** - Cryptographic Hash Function * **SipHash-2-4** - Fast hash, but not collision-resistant; ideal for hash tables. ### Features Excluded from this Polyfill * `\Sodium\memzero()` - Although we expose this API endpoint, we can't reliably zero buffers from PHP. If you have the PHP extension installed, sodium_compat will use the native implementation to zero out the string provided. Otherwise it will throw a `SodiumException`. * `\Sodium\crypto_pwhash()` - It's not feasible to polyfill scrypt or Argon2 into PHP and get reasonable performance. Users would feel motivated to select parameters that downgrade security to avoid denial of service (DoS) attacks. The only winning move is not to play. If ext/sodium or ext/libsodium is installed, these API methods will fallthrough to the extension. Otherwise, our polyfill library will throw a `SodiumException`. To detect support for Argon2i at runtime, use `ParagonIE_Sodium_Compat::crypto_pwhash_is_available()`, which returns a boolean value (`TRUE` or `FALSE`). ### PHPCompatibility Ruleset For sodium_compat users and that utilize [`PHPCompatibility`](https://github.com/PHPCompatibility/PHPCompatibility) in their CI process, there is now a custom ruleset available which can be used to prevent false positives being thrown by `PHPCompatibility` for the native PHP functionality being polyfilled by this repo. You can find the repo for the `PHPCompatibilityParagonieSodiumCompat` ruleset here [on Github](https://github.com/PHPCompatibility/PHPCompatibilityParagonie) and [on Packagist](https://packagist.org/packages/phpcompatibility/phpcompatibility-paragonie).