Mini Shell
#!/usr/bin/bash
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2019 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT
eval 'if [ -x /usr/local/cpanel/3rdparty/bin/perl ]; then exec /usr/local/cpanel/3rdparty/bin/perl -x -- $0 ${1+"$@"}; else exec /usr/bin/perl -x -- $0 ${1+"$@"};fi'
if 0;
#!/usr/bin/perl
# Plugin: LVE Manager VERSION:2.0
#
# Location: whostmgr/docroot/cgi
# Copyright(c) 2017 CloudLinux, Inc.
# All rights Reserved.
# http://www.cloudlinux.com
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
#Title: cPanel LVE Manager plugin.
#Version: 2.0
#Site: http://cloudLinux.com
BEGIN {
unshift @INC, '/usr/local/cpanel', '/usr/local/cpanel/whostmgr/docroot/3rdparty/cloudlinux',
'/usr/share/l.v.e-manager/cpanel/cgi';
#use CGI::Carp qw(fatalsToBrowser); # for detail comments
}
use strict;
use warnings;
use Whostmgr::ACLS ();
use Whostmgr::HTMLInterface ();
use Cpanel::Template;
use Cpanel::SafeRun::Errors;
use Cpanel::Encoder::Tiny ();
use Cpanel::Form ();
use Cpanel::AcctUtils::Domain ();
use JSON;
use Data::Dumper qw(Dumper);
use CGI;
use Digest::MD5 qw(md5_hex);
use Crypt::Random qw( makerandom );
use Text::Trim qw(trim);
use CloudLinux;
use constant DOC_ROOT => "/usr/local/cpanel/whostmgr/docroot";
use constant ASSETS_PATH => "/cgi/cloudlinux/assets";
use constant APP_MODE => 'PRODUCTION_MODE';
Whostmgr::ACLS::init_acls();
my ($cpanelRequest, $requestBody) = Cpanel::Form::parseform(undef, undef, undef, 1);
my %REQUEST = CloudLinux::parseForm(%$cpanelRequest);
my $cgiaction = $REQUEST{'cgiaction'} || 'default';
my $handler = $REQUEST{'handler'} || 'lvemanager';
my $cgi = new CGI;
if (($cgiaction eq 'jsonhandler') and (length $requestBody > 0)) {
# Reinitialize formdata without STDIN information
%REQUEST = CloudLinux::parseForm(Cpanel::Form::parseform());
}
CloudLinux::detectOwner();
CloudLinux::detectLocale($cgi);
my %dispatchTable = (
default => \&main,
sendRequest => \&sendRequest,
jsonhandler => \&jsonhandler,
knockKnock => \&CloudLinux::knockKnock,
);
my %handlers = (
lvemanager => \&CloudLinux::lvemanagerHandler,
);
processRequest($cgiaction);
sub processRequest {
my ($action) = @_;
$action = 'default' unless exists $dispatchTable{$action};
$dispatchTable{$action}->();
}
# ==============================================================================
# Rendering of index page for plugin
# ==============================================================================
sub main {
CloudLinux::checkMethod('GET', 'POST');
sendWHMHeader();
CloudLinux::getDataContent('templates', 'index.html', 1);
if (getCpanelVersion() <= 56.0) {
CloudLinux::loadAssets(ASSETS_PATH, 'main', 'config', './'.ASSETS_PATH);
} else {
CloudLinux::loadAssets(ASSETS_PATH, 'main', 'config', '../'.ASSETS_PATH);
}
sendWHMFooter();
}
sub defMainHeader {
Whostmgr::HTMLInterface::defheader(
'CloudLinux Manager', '/images/CloudLinux_logo.png', '/cgi/CloudLinux.cgi'
);
}
sub defCustomHeader {
Cpanel::Template::process_template(
'whostmgr',
{
'print' => 1,
'template_file' => '_defheader.tmpl',
'header' => $_[0] || undef,
'icon' => $_[1] || undef,
'theme' => "yui",
'breadcrumbdata' => {
'name' => $_[0],
'url' => $_[2],
'previous' => [{
'name' => 'Home',
}]
}
},
);
return;
}
sub sendWHMHeader {
# Check privileges
if (!_checkPermission()) {
print "Content-type: text/html\n\n";
defMainHeader();
print qq{<div align="center">
<h1>Permission denied</h1>
</div>};
sendWHMFooter();
exit 0;
}
unless (defined $cgi->cookie('csrftoken'))
{
my $csrf_token = md5_hex(makerandom ( Size => 128, Strength => 0 ));
print "Set-Cookie: csrftoken=$csrf_token\n";
}
print "Content-type: text/html\n\n";
if(CloudLinux::_isAdmin()) {
defMainHeader();
} else {
defCustomHeader(
'CloudLinux Manager', '/images/CloudLinux_logo.png', '/cgi/addon_lvemanager.cgi'
);
}
Whostmgr::HTMLInterface::load_css(ASSETS_PATH.'/css/bootstrap.min.css');
}
sub _getRandomString
{
return join("", map { sprintf q|%X|, rand(16) } 1 .. 10);
}
sub getCpanelVersion
{
my $version = CloudLinux::safeRun('/usr/local/cpanel/cpanel -V');
(my $numOfVersion) = $version =~ /^(\d[\d\.]*)\s/;
return $numOfVersion;
}
sub sendWHMFooter {
if (getCpanelVersion() >= 64.0) {
Whostmgr::HTMLInterface::deffooter();
} else {
print '</body></html>';
}
}
# ==============================================================================
# Processes of incoming post request and prepare command for cloudlinux-cli
# ==============================================================================
sub sendRequest
{
_checkVulnerabilities();
# Check privileges
if (!_checkPermission()) {
CloudLinux::sendError('Permission denied');
}
if (exists $REQUEST{'cgiaction'}) {
delete $REQUEST{'cgiaction'};
}
if (exists $REQUEST{'handler'}) {
delete $REQUEST{'handler'};
}
if (!%REQUEST) {
CloudLinux::sendError('Empty dataset');
}
$ENV{'LC_ALL'} = 'en_US.UTF-8';
$handler = 'lvemanager' unless exists $handlers{$handler};
$handlers{$handler}->(\%REQUEST, 'lvemanager');
}
sub _checkVulnerabilities
{
CloudLinux::checkMethod('POST');
_checkCSRFToken();
_checkReferer();
}
sub _checkCSRFToken
{
if (!defined $cgi->cookie('csrftoken')
|| $cgi->cookie('csrftoken') ne $ENV{ HTTP_X_CSRFTOKEN }
) {
CloudLinux::sendError('BAD FORGERY PROTECTION TOKEN', 0, 1);
}
}
sub _checkReferer
{
my $protocol = (exists $ENV{ HTTPS } && $ENV { HTTPS } eq 'on')
? 'https' : 'http';
my $ip = $ENV { HTTP_HOST };
unless ($ENV{ HTTP_REFERER } =~ qr/^$protocol:\/\/$ip/) {
CloudLinux::sendError('BAD REFERER', 0, 1);
}
}
sub _checkPermission
{
if (CloudLinux::_isAdmin()
|| (CloudLinux::_isReseller() && _isAvailablePluginForReseller())
) {
return 1;
}
return 0;
}
sub _isAvailablePluginForReseller
{
if (Whostmgr::ACLS::checkacl('software-lvemanager') ) {
return 1;
}
return 0;
}
sub jsonhandler
{
\&CloudLinux::jsonHandler(\%REQUEST, $requestBody);
}
Zerion Mini Shell 1.0