[ Avaa Bypassed ]

Upload:

Command:

www-data@3.144.134.101: ~ $ 
#!/usr/bin/perl

require './filemin-lib.pl';
&ReadParse();
get_paths();

# Files to work on (arr)
my @files = split(/\0/, $in{'name'});
# Action
my $action = $in{'action'};
# Permission
my $perms = $in{'perms'};
# User
my $user = $in{'user'};
# Group
my $group = $in{'group'};
# Recursive
my $recursive = $in{'recursive'} ? " -R" : "";
# Manual
my $extra = $in{'manual'};
# Apply to (arr)
my @apply_to = split(/\0/, $in{'apply_to'});

# Delete doesn't allow perms
$perms = "" if ($action eq '-x');

# Build params
my @types;
foreach my $type (@apply_to) {
    if ($user && $type eq 'u') {
        push(@types, "u:${user}:${perms}");
        }
    if ($group && $type eq 'g') {
        push(@types, "g:${group}:${perms}");
        }
    if ($type =~ /^m|o$/) {
        push(@types, "${type}::${perms}");
        }
    }
my $cmd = &has_command('setfacl');
error($text{'acls_error'}) if (!$cmd);

# Params are not accepted in clear mode
my $types;
if ($action ne '-b' && $action ne '-k') {
    $types = quotemeta(join(',',@types)) if (@types);
    if ($extra) {
        my @extra = split(/\s/, $extra);
        @extra = map { quotemeta($_) } @extra;
        $types .= " ".join(' ', @extra) ;
        }
    }
my $args = quotemeta($action)." ".$types." ".quotemeta($recursive);
$args =~ s/\s+/ /g;
$args = &trim($args);
foreach my $file (@files) {
    my $qfile = quotemeta("$cwd/$file");
    next if (!-r "$cwd/$file");
    my $fullcmd = "$cmd $args $qfile";
    my $out = &backquote_logged("$fullcmd 2>&1 >/dev/null </dev/null");
    if ($?) {
        $out =~ s/^setfacl: //;
        &error(&html_escape("$cmd $args $cwd/$file : $out"));
        }    
    }

&redirect("index.cgi?path=".&urlize($path));

Filemanager

DIR : / usr/ share/ webmin/ filemin/
Name Type Size Permission Actions
images Folder 0755
lang Folder 0755
unauthenticated Folder 0755
CHANGELOG File 9.22 KB 0644
acl_security.pl File 2.26 KB 0644
bookmark.cgi File 326 B 0755
chattr.cgi File 1007 B 0755
chcon.cgi File 979 B 0755
chmod.cgi File 2.42 KB 0755
chown.cgi File 983 B 0755
compress.cgi File 750 B 0755
config File 20 B 0644
config.cgi File 2.27 KB 0755
config.info File 172 B 0644
config.info.ar File 97 B 0644
config.info.ca File 52 B 0644
config.info.de File 61 B 0644
config.info.fr File 60 B 0644
config.info.it File 199 B 0644
copy.cgi File 362 B 0755
create_file.cgi File 559 B 0755
create_folder.cgi File 550 B 0755
cut.cgi File 361 B 0755
defaultacl File 373 B 0644
defaultuconf File 124 B 0644
delete.cgi File 352 B 0755
download.cgi File 799 B 0755
edit_file.cgi File 1.77 KB 0755
extract.cgi File 1.49 KB 0755
filemin-lib.pl File 23.78 KB 0644
http_download.cgi File 1.34 KB 0755
index.cgi File 3.29 KB 0755
module.info File 137 B 0644
module.info.af File 0 B 0644
module.info.af.auto File 112 B 0644
module.info.ar File 116 B 0644
module.info.ar.auto File 32 B 0644
module.info.be File 0 B 0644
module.info.be.auto File 137 B 0644
module.info.bg File 0 B 0644
module.info.bg.auto File 164 B 0644
module.info.ca File 89 B 0644
module.info.ca.auto File 24 B 0644
module.info.cs File 0 B 0644
module.info.cs.auto File 115 B 0644
module.info.da File 0 B 0644
module.info.da.auto File 101 B 0644
module.info.de File 88 B 0644
module.info.de.auto File 21 B 0644
module.info.el File 0 B 0644
module.info.el.auto File 209 B 0644
module.info.es File 0 B 0644
module.info.es.auto File 140 B 0644
module.info.eu File 0 B 0644
module.info.eu.auto File 131 B 0644
module.info.fa File 0 B 0644
module.info.fa.auto File 137 B 0644
module.info.fi File 0 B 0644
module.info.fi.auto File 110 B 0644
module.info.fr File 0 B 0644
module.info.fr.auto File 136 B 0644
module.info.he File 0 B 0644
module.info.he.auto File 125 B 0644
module.info.hr File 0 B 0644
module.info.hr.auto File 118 B 0644
module.info.hu File 0 B 0644
module.info.hu.auto File 109 B 0644
module.info.it File 104 B 0644
module.info.ja File 0 B 0644
module.info.ja.auto File 137 B 0644
module.info.ko File 0 B 0644
module.info.ko.auto File 118 B 0644
module.info.lt File 0 B 0644
module.info.lt.auto File 122 B 0644
module.info.lv File 0 B 0644
module.info.lv.auto File 125 B 0644
module.info.ms File 0 B 0644
module.info.ms.auto File 113 B 0644
module.info.mt File 0 B 0644
module.info.mt.auto File 120 B 0644
module.info.nl File 0 B 0644
module.info.nl.auto File 108 B 0644
module.info.no File 22 B 0644
module.info.no.auto File 75 B 0644
module.info.pl File 0 B 0644
module.info.pl.auto File 115 B 0644
module.info.pt File 0 B 0644
module.info.pt.auto File 133 B 0644
module.info.pt_BR File 0 B 0644
module.info.pt_BR.auto File 142 B 0644
module.info.ro File 0 B 0644
module.info.ro.auto File 120 B 0644
module.info.ru File 0 B 0644
module.info.ru.auto File 194 B 0644
module.info.sk File 0 B 0644
module.info.sk.auto File 126 B 0644
module.info.sl File 0 B 0644
module.info.sl.auto File 118 B 0644
module.info.sv File 0 B 0644
module.info.sv.auto File 99 B 0644
module.info.th File 0 B 0644
module.info.th.auto File 228 B 0644
module.info.tr File 0 B 0644
module.info.tr.auto File 121 B 0644
module.info.uk File 0 B 0644
module.info.uk.auto File 188 B 0644
module.info.ur File 0 B 0644
module.info.ur.auto File 145 B 0644
module.info.vi File 0 B 0644
module.info.vi.auto File 139 B 0644
module.info.zh File 0 B 0644
module.info.zh.auto File 101 B 0644
module.info.zh_TW File 0 B 0644
module.info.zh_TW.auto File 110 B 0644
paste.cgi File 1.23 KB 0755
prefs.info File 10 B 0644
rename.cgi File 431 B 0755
safeacl File 50 B 0644
save_config.cgi File 858 B 0755
save_file.cgi File 705 B 0755
search.cgi File 572 B 0755
setfacl.cgi File 1.66 KB 0755
upload.cgi File 5.23 KB 0755

© 2025 Coded By Avaa Code.