Mass Deface
Email Grabber
RandomSalt();
$securityfile = " config\n" .
"* @author Bobby Allen (ballen@bobbyallen.me)\n" .
"* @copyright ZPanel Project (http://www.zpanelcp.com/)\n" .
"* @link http://www.zpanelcp.com/\n" .
"* @license GPL (http://www.gnu.org/licenses/gpl.html)\n" .
"*/\n" .
"global \$security;\n" .
"\n" .
"\$security['server_crypto_key'] = \"" . $new_hash . "\";" .
"\n";
fs_filehandler::UpdateFile('cnf/security.php', 0755, $securityfile);
print "> New server crypto key written to cnf/security.php\n";
}
if ($generate == true) {
$chars = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$randomkey = (string) null;
for ($i = 0; $i < 32; $i++)
$randomkey.=$chars[rand(0, 63)];
ctrl_options::SetSystemOption('apikey', md5($randomkey));
print "> New API key has been generated!\n";
}
$crypto = new runtime_hash;
$crypto->SetPassword($password);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$new_secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_pass_vc = '" . $new_secure_password . "', ac_passsalt_vc = '" . $randomsalt . "' WHERE ac_id_pk = '1'");
$sql->execute();
print "> Account password for 'zadmin' has been updated!\n";
} else {
print "Error: No password was specified, no actions have been carried out!\n";
}
print "\n";
}
if ((!isset($argv[1])) || ($argv[1] == 'help') || ($argv[1] == '-h') || ($argv[1] == '--help')) {
fwrite(STDOUT, "\nSentora 'zadmin' account tool\n");
fwrite(STDOUT, "Copyright (c) 2014 Sentora Project\n");
fwrite(STDOUT, "http://sentora.org/\n");
fwrite(STDOUT, "Copyright (c) 2008 - 2014 ZPanel Project\n");
fwrite(STDOUT, "http://www.zpanelcp.com/\n");
fwrite(STDOUT, "Usage: setzadmin [options]\n");
fwrite(STDOUT, "Options:\n");
fwrite(STDOUT, " --regen - generation of a new API key and system hash.\n");
fwrite(STDOUT, " --noregen - Suppresses generation of a new API key and system hash.\n");
fwrite(STDOUT, " --set [password] - Sets the new password for the 'zadmin' account.\n");
fwrite(STDOUT, " --help - Displays this text.\n\n");
exit(0);
}
SetPassword($password, $generate);
?>