PHP WebShell

• .. (вверх)
• [DIR] ..
• [FILE] coin_price_debug.log
• [FILE] create_address_helper.php
• [FILE] create_btc_user_address.php
• [FILE] create_eth_user_address.php
• [FILE] create_sol_user_address.php
• [FILE] create_tron_wallet.php
• [FILE] create_user_btc.php
• [FILE] create_wallet.php
• [FILE] send_crypto_failed.php
• [FILE] send_crypto_processor.php
• [FILE] send_crypto_processor_old.php
• [FILE] send_crypto_success.php
• [FILE] swap.php
• [FILE] tron_balance.php
• [FILE] tron_deposit_scanner.php
• [FILE] tron_send_trx.php
• [FILE] tron_send_usdt.php
• [FILE] tron_sweeper.php
• [FILE] tron_utils.php
• [FILE] withdraw_quote.php

Просмотр файла: send_crypto_processor_old.php

<?php
require_once "db_config.php";
require_once "bitgo_config.php";

// Load encryption key
$key_base64 = getenv("CENTRAL_WALLET_KEY");
$key = base64_decode($key_base64, true);

if (!$key || strlen($key) !== 32) {
    die("❌ Missing or invalid encryption key.");
}

// Input data
$coin = $_POST['coin'];
$amount = $_POST['amount']; // in base units (e.g., satoshis)
$recipient = $_POST['recipient'];

// Fetch central wallet from DB
$stmt = $conn->prepare("SELECT * FROM cwallet WHERE coin = ? LIMIT 1");
$stmt->bind_param("s", $coin);
$stmt->execute();
$result = $stmt->get_result();

if ($row = $result->fetch_assoc()) {
    $encrypted_phrase = base64_decode($row['encrypted_phrase']);
    $iv = base64_decode($row['dynamic_iv']);

    if (strlen($iv) !== 16) {
        die("❌ Invalid IV length.");
    }

    $passphrase = openssl_decrypt(
        $encrypted_phrase,
        'AES-256-CBC',
        $key,
        OPENSSL_RAW_DATA,
        $iv
    );

    if (!$passphrase) {
        die("❌ Failed to decrypt passphrase.");
    }

    $wallet_id = $row['wallet_add_id'];

    // Prepare BitGo /sendcoins payload
    $payload = [
        'address' => $recipient,
        'amount' => (int)$amount, // Ensure this is in satoshis or smallest unit
        'walletPassphrase' => $passphrase
    ];

    $url = BITGO_API_BASE_URL . "/$coin/wallet/$wallet_id/sendcoins";

    $ch = curl_init($url);
    curl_setopt_array($ch, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POST => true,
        CURLOPT_HTTPHEADER => [
            "Content-Type: application/json",
            "Authorization: Bearer " . BITGO_ACCESS_TOKEN
        ],
        CURLOPT_POSTFIELDS => json_encode($payload)
    ]);

    $response = curl_exec($ch);
    $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

    if (curl_errno($ch)) {
        echo "❌ cURL error: " . curl_error($ch);
    } elseif ($httpCode !== 200) {
        echo "❌ BitGo error ($httpCode):<br>";
        echo "<pre>$response</pre>";
    } else {
        echo "✅ Transaction sent successfully!<br>";
        echo "<pre>$response</pre>";
    }

    curl_close($ch);

} else {
    echo "❌ No central wallet found for coin: $coin";
}
?>

Выполнить команду