One Hat Cyber Team
Your IP :
18.224.153.49
Server IP :
104.21.48.1
Server :
Linux agrigation-prod 5.15.0-67-generic #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023 x86_64
Server Software :
nginx/1.24.0
PHP Version :
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
forge
/
db.gftag.com
/
libraries
/
classes
/
Edit File:
UrlRedirector.php
<?php declare(strict_types=1); namespace PhpMyAdmin; use function __; use function is_scalar; use function preg_match; use function strlen; /** * URL redirector to avoid leaking Referer with some sensitive information. */ final class UrlRedirector { /** * @psalm-return never */ public static function redirect(): void { global $containerBuilder, $dbi; // Load database service because services.php is not available here $dbi = DatabaseInterface::load(); $containerBuilder->set(DatabaseInterface::class, $dbi); // Only output the http headers $response = ResponseRenderer::getInstance(); $response->getHeader()->sendHttpHeaders(); $response->disable(); if ( ! isset($_GET['url']) || ! is_scalar($_GET['url']) || strlen((string) $_GET['url']) === 0 || ! preg_match('/^https:\/\/[^\n\r]*$/', (string) $_GET['url']) || ! Core::isAllowedDomain((string) $_GET['url']) ) { Core::sendHeaderLocation('./'); exit; } /** * JavaScript redirection is necessary. Because if header() is used then web browser sometimes does not change * the HTTP_REFERER field and so with old URL as Referer, token also goes to external site. * * @var Template $template */ $template = $containerBuilder->get('template'); echo $template->render('javascript/redirect', [ 'url' => Sanitize::escapeJsString((string) $_GET['url']), ]); // Display redirecting msg on screen. // Do not display the value of $_GET['url'] to avoid showing injected content echo __('Taking you to the target site.'); exit; } }
Simpan