HEX
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 mod_fcgid/2.3.9 PHP/5.4.16
System: Linux dvm.vladweb.ru 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: region-gk.ru (1016)
PHP: 7.3.33
Disabled: NONE
$ pwd: /home/temp/yarusvl.ru/adminx/files/
Upload Files
File: /home/temp/yarusvl.ru/adminx/files/index.php
<?php
    if(!empty($_SERVER['HTTP_USER_AGENT'])){
        session_name(md5($_SERVER['HTTP_USER_AGENT']));
    }
	session_start();
	require_once('../../api/Mgc.php');
	$mgc = new Mgc();
	$manager = $mgc->managers->get_manager();
	if ($manager) {
		$file = $mgc->request->get('file', 'string');
		$file = preg_replace("/[^A-Za-z0-9_]+/", "", $file);
		$folder = $mgc->request->get('folder', 'string');
		$ext = $mgc->request->get('ext', 'string');
		if ($file && $folder && $ext) {
			$file = $folder.'/'.$file.'.'.$ext;
			if (file_exists($file)) {
				if ($ext == 'csv') {
					header('Content-Description: File Transfer');
					header('Content-Type: application/octet-stream');
					header('Content-Disposition: attachment; filename='.basename($file));
					header('Expires: 0');
					header('Cache-Control: must-revalidate');
					header('Pragma: public');
					header('Content-Length: ' . filesize($file));
					readfile($file);
				} elseif ($ext == 'png' || $ext == 'jpg' || $ext == 'jpeg' || $ext == 'gif' || $ext == 'tif' || $ext == 'bmp' || $ext == 'bmp') {
					header('Content-type: image');
					print file_get_contents($file);
				}
				exit();
			}
		}
	}
	exit();
@ Telegram