HEX
Server: nginx/1.24.0
System: Linux prod-btpayments-io 6.14.0-1018-aws #18~24.04.1-Ubuntu SMP Mon Nov 24 19:46:27 UTC 2025 x86_64
User: ubuntu (1000)
PHP: 8.3.19
Disabled: NONE
$ pwd: /var/www/BtMiners/BtMiners-store/
Upload Files
File: /var/www/BtMiners/BtMiners-store/plaid_creditcard.php
<?php 
	// ini_set('display_errors',1);
	require_once __DIR__ . '/wp-content/plugins/ilab-media-tools/lib/mcloud-firebase/php-jwt/src/JWT.php';
	if(session_status() !== PHP_SESSION_ACTIVE){
		session_start();
  	}
  	
  	$threeDSChallengeDetails = !empty($_SESSION["threeDSChallengeDetails"])?$_SESSION["threeDSChallengeDetails"]:[];
  	$ddc_session_id_cookie='';
	if (!empty($threeDSChallengeDetails['ddc_session_id'])&&!empty($threeDSChallengeDetails['cookie'])&&!empty($threeDSChallengeDetails['order_id'])) {
		$ddc_session_id_cookie=['ddc_session_id'=>$threeDSChallengeDetails['ddc_session_id'],'cookie'=>$threeDSChallengeDetails['cookie'],'order_id'=>$threeDSChallengeDetails['order_id'],'session_id'=>$threeDSChallengeDetails['session_id']];
		$ddc_session_id_cookie=json_encode($ddc_session_id_cookie);
		$ddc_session_id_cookie=base64_encode($ddc_session_id_cookie);
	}else{
		$error_backurl=!empty($_SESSION["error_backurl"])?$_SESSION["error_backurl"]:'/';
		header("Location: ".$error_backurl);  
		exit;
	}
	function wp_generate_uuid4() {
		return sprintf(
			'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
			mt_rand( 0, 0xffff ),
			mt_rand( 0, 0xffff ),
			mt_rand( 0, 0xffff ),
			mt_rand( 0, 0x0fff ) | 0x4000,
			mt_rand( 0, 0x3fff ) | 0x8000,
			mt_rand( 0, 0xffff ),
			mt_rand( 0, 0xffff ),
			mt_rand( 0, 0xffff )
		);
	}

	if (class_exists('MediaCloud\Vendor\Firebase\JWT\JWT')) {
        $secret_key = 'ff84cef9-505b-4344-a42c-7ae3306c47fb';
        $issued_at  = time();
        $expire     = $issued_at +  7200 ;

        $payload = array(
            'jti'  => wp_generate_uuid4(),
            'iat'  => $issued_at,
            'iss'  => '641c2fb3095dc2660ad8afba',
            'OrgUnitId' => '641c2fb30132f01276909f2a',
		    'ReturnUrl' => $threeDSChallengeDetails['returnUrl'],
		    "Payload"=> [
		        "ACSUrl"=> $threeDSChallengeDetails['acsURL'],
		        "Payload"=> $threeDSChallengeDetails['payload'],
		        "TransactionId"=> $threeDSChallengeDetails['transactionId3DS']
		    ],
		    "ObjectifyPayload"=> true
        );

        $alg = 'HS256';
        $token = \MediaCloud\Vendor\Firebase\JWT\JWT::encode( $payload, $secret_key, $alg );
    }
?>
<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<title>Plaid</title>
	<style>
		html {
			box-sizing: border-box;
			-webkit-font-smoothing: antialiased;
		}

		* {
			box-sizing: inherit;
		}

		body {
			min-height: 100vh;
			display: flex;
			justify-content: center;
			align-items: center;
			/*background: #151924;*/
			background-color: white;
			padding:0;
			margin:0;
		}

		.loading {
			/*--color: #F5F9FF;*/
			--color: #151924;
			--duration: 2000ms;
			font-family: Roboto, Arial;
			font-size: 24px;
			position: relative;
			white-space: nowrap;
			user-select: none;
			color: var(--color);
		}
		.loading span {
			--x: 0;
			--y: 0;
			--move-y: 0;
			--move-y-s: 0;
			--delay: 0ms;
			display: block;
			position: absolute;
			top: 0;
			left: 0;
			width: 1px;
			text-indent: calc(var(--x) * -1);
			overflow: hidden;
			transform: translate(var(--x), var(--y));
		}
		.loading.start div {
			opacity: 0;
		}
		.loading.start span {
			animation: move var(--duration) ease-in-out var(--delay);
		}

		@keyframes move {
			30% {
				transform: translate(var(--x), var(--move-y));
			}
			82% {
				transform: translate(var(--x), var(--move-y-s));
			}
		}
	</style>
</head>
<body>
	<!-- This is a Cardinal Commerce URL in live -->
	   <form id= "challengeForm" method= "POST" action="https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp">
	      <input type="hidden" name="JWT" value= "<?php echo $token;?>" />
	      <input type="hidden" name="MD" value="<?php echo $ddc_session_id_cookie?>" />
	   </form>
	   <script>
	      window.onload = function() {
	         document.getElementById("loading_div").style.display="none";
	         // Auto submit form on page load
	         document.getElementById("challengeForm").submit();
	      }
	   </script>
<div class="loading" id="loading_div">Loading</div>
<script src="/wp-content/uploads/jquery/3.5.1/jquery.min.js"></script>
<script type="text/javascript">
	$(document).ready(function() {
		let loading = $('.loading').wrapInner('<div></div>'),
				min = 20,
				max = 70,
				minMove = 10,
				maxMove = 20;

		startAnimation(loading);

		loading.on('animationend webkitAnimationEnd oAnimationEnd', 'span:last-child', e => {
			startAnimation(loading);
		});

		//设置CSS变量并根据需要生成跨距
		function setCSSVars(elem, min, max, minMove, maxMove) {
			let width = Math.ceil(elem.width()),
				text = elem.text();
			for(let i = 1; i < width; i++) {
				let num = Math.floor(Math.random() * (max - min + 1)) + min,
						numMove = Math.floor(Math.random() * (maxMove - minMove + 1)) + minMove,
						dir = (i % 2 == 0) ? 1 : -1,
						spanCurrent = elem.find('span:eq(' + i + ')'),
						span = spanCurrent.length ? spanCurrent : $('<span />');
				span.css({
					'--x': i - 1 + 'px',
					'--move-y': num * dir + 'px',
					'--move-y-s': ((i % 2 == 0) ? num * dir - numMove : num * dir + numMove) + 'px',
					'--delay': i * 10 + 'ms'
				});
				if(!spanCurrent.length) {
					elem.append(span.text(text));
				}
			}
		}

		//开始动画
		function startAnimation(elem) {
			elem.removeClass('start');
			setCSSVars(elem, min, max, minMove, maxMove);
			void elem[0].offsetWidth;
			elem.addClass('start');
		}

	});
</script>
</body>
</html>
@ Telegram