Spamworldpro Mini Shell
Spamworldpro


Server : Apache
System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64
User : corals ( 1002)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
Directory :  /scripts/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //scripts/realchpass
#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/realchpass                      Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# [email protected]                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

#----------------------------------------------------------------------
# TODO: Make this script print errors to STDERR rather than STDOUT.
#----------------------------------------------------------------------
use strict;
use warnings;

BEGIN {
    $ENV{'LANG'} = 'C';
}

use Crypt::Passwd::XS            ();
use Cpanel::AcctUtils::Suspended ();
use Cpanel::Auth::Generate       ();
use Cpanel::Auth::Shadow         ();
use Cpanel::AcctUtils::Account   ();
use Cpanel::Locale               ();
use Cpanel::Logger               ();

# Prevent html from leaking out when called from wwwacct binary
eval {
    no warnings 'once';
    local $SIG{'__DIE__'};
    require Whostmgr::UI;
    $Whostmgr::UI::nohtml = 1;
};

my $logger = Cpanel::Logger->new();

my @DASH_ARGV = grep( m/^-/, @ARGV );
@ARGV = grep( !m/^-/, @ARGV );

my $opt_raw    = grep( m/raw/, @DASH_ARGV ) ? 1 : 0;
my $opt_locale = ( grep( m/locale=([A-Za-z0-9-_]+)/, @DASH_ARGV ) )[0];
my $locale_key = ( $opt_locale && $opt_locale =~ m/=([A-Za-z0-9-_]+)/ ) ? $1 : 'en';
my $locale     = Cpanel::Locale->get_handle($locale_key);

my $user = shift @ARGV;
my $pass = shift @ARGV;

if ($pass) {
    $logger->warn( $locale->maketext("Insecure passing of password on ARGV.") );
}

unless ( exists $ENV{'ALLOW_PASSWORD_CHANGE'} && $ENV{'ALLOW_PASSWORD_CHANGE'} ) {
    my $str = <<EOM;
ERROR: $0
Invocation changes only the system
password and does not have any effect
on other services associated with your
cPanel account, including FTP, SSH,
and WebDAV.  It is strongly
encouraged for you to change the
password via the WHM & cPanel
interface. You can force a password
change through this script by setting
the environment variable
'ALLOW_PASSWORD_CHANGE=1'.
EOM
    print $str;

    #XXX: Should this be an error status??
    exit;
}

if ( !$user ) {
    ( $user, $pass ) = split( m/ /, <STDIN>, 2 );
    chomp($pass);
}

$user =~ s/\///g;

if ( !length $user ) {
    exception( $locale->maketext("No user specified.") );
}

if ( !Cpanel::AcctUtils::Account::accountexists($user) ) {
    exception( $locale->maketext( "“[_1]” does not exist, so the password cannot be changed!", $user ) );
}
elsif ( Cpanel::AcctUtils::Suspended::is_suspended($user) ) {
    exception( $locale->maketext( "“[_1]” is suspended. Changing the password would unsuspend the account!", $user ) );
}
elsif ( !$pass ) {
    exception( $locale->maketext("You cannot set a blank password!") );
}

my $crypted_password = ( $opt_raw ? $pass : Cpanel::Auth::Generate::generate_password_hash($pass) );

my ( $status, $statusmsg ) = Cpanel::Auth::Shadow::update_shadow( $user, $crypted_password );

if ($status) {
    print $locale->maketext( "Password for “[_1]” has been changed.", $user ) . "\n";
    exit 0;
}
else {
    exception( $locale->maketext( "Failed to change password for “[_1]”: [_2]", $user, $statusmsg ) );
}

sub exception {
    my ($msg) = @_;

    $logger->warn($msg);

    print $msg . "\n";

    exit 1;
}

Spamworldpro Mini