403Webshell
Server IP : 104.21.13.219  /  Your IP : 162.159.115.9
Web Server : nginx/1.26.1
System : Linux HE9229 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64
User : www ( 1000)
PHP Version : 8.0.26
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /www/wwwroot/jl3_ph_com/wp-content/plugins/cloudflare/src/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/jl3_ph_com/wp-content/plugins/cloudflare/src/SecurityUtil.php
<?php

namespace Cloudflare\APO;

class SecurityUtil
{
    /**
     * @return bool|string
     */
    public static function generate16bytesOfSecureRandomData()
    {
        if (function_exists('random_bytes')) {
            $randBytes = random_bytes(16);
        } elseif (function_exists('openssl_random_pseudo_bytes')) {
            $wasItSecure = false;
            $randBytes = openssl_random_pseudo_bytes(16, $wasItSecure);
            if ($wasItSecure === false) {
                return false;
            }
        } else {
            return false;
        }

        return bin2hex($randBytes);
    }

    /**
     * @param $secret - string a cryptographically strong secret
     * @param $user - string a piece of unique user data
     * @param $timeValidUntil - int of time the token will be valid for in seconds
     *
     * @return string
     */
    public static function csrfTokenGenerate($secret, $user, $timeValidUntil = null)
    {
        if ($timeValidUntil === null) {
            $timeValidUntil = time() + 86400;
        }
        $hashedSecret = hash('sha512', $secret);
        $dataToHash = sprintf('%s-%s-%s', $hashedSecret, $user, $timeValidUntil);
        $hashedData = static::hashFunction($dataToHash);

        return sprintf('%s-%s', $timeValidUntil, $hashedData);
    }

    /**
     * @param $secret - string a cryptographically strong secret
     * @param $user - string a piece of unique user data
     * @param $token- string the token that needs to be validated.
     *
     * @return bool
     */
    public static function csrfTokenValidate($secret, $user, $token)
    {
        $tokenParts = explode('-', $token);
        if (count($tokenParts) !== 2) {
            return false;
        }

        list($timeValidFor, $hash) = $tokenParts;

        $hashedSecret = hash('sha512', $secret);
        $dataToHash = sprintf('%s-%s-%s', $hashedSecret, $user, $timeValidFor);
        $newHash = static::hashFunction($dataToHash);
        if ($newHash !== $hash) {
            return false;
        }
        if (time() > $timeValidFor) {
            return false;
        }

        return true;
    }

    /**
     * @param $data - string the data that will be hashed.
     *
     * @return string
     */
    private static function hashFunction($data)
    {
        $hash = hash('sha512', $data);

        return substr($hash, 64);
    }
}

Youez - 2016 - github.com/yon3zu
LinuXploit