HEX
Server: LiteSpeed
System: Linux atali.colombiahosting.com.co 5.14.0-570.12.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Tue May 13 06:11:55 EDT 2025 x86_64
User: coopserp (1713)
PHP: 8.2.29
Disabled: dl,exec,passthru,proc_open,proc_close,shell_exec,memory_limit,system,popen,curl_multi_exec,show_source,symlink,link,leak,listen,diskfreespace,tmpfile,ignore_user_abord,highlight_file,source,show_source,fpaththru,virtual,posix_ctermid,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setid,posix_times,posix_ttyname,posix_uname,proc_get_status,proc_nice,proc_terminate
$ pwd: /proc/thread-self/root/opt/sp_scripts/
Upload Files
File: //proc/thread-self/root/opt/sp_scripts/sp_remote_sql.php
<?php
$cnf = file_get_contents("/root/.my.cnf");
preg_match("/password=\"?(.*)\"?/", $cnf, $matches);

$pass = str_replace('"', "", $matches[1]);

$x = new mysqli('localhost', 'root', $pass, 'mysql');

if (!$x) {
    die("MySQL error");
}

$hostname = gethostname();
$hostname = $x->real_escape_string($hostname);

$sql = "SELECT DISTINCT host from user where host != '127.0.0.1' and host != 'localhost' and host != '$hostname'";

$r = $x->query($sql);
if (!$r) {
    die("MySQL error");
}

$csfallowPath = "/etc/csf/remote_mysql.allow";
$csfallow = file_exists($csfallowPath) ? file_get_contents($csfallowPath) : '';
$allows = explode("\n", $csfallow);

$addition = '';
$currentRules = [];
$removedSomething = false;

echo "Start...\n";
while ($row = $r->fetch_assoc()) {
    $host = $row['host'] ?? ($row['Host'] ?? '');

    if (empty($host) || strpos($host, '*') !== false) {
        continue;
    }

    echo "Check $host - ";

    if (preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.%$/", $host)) {
        $ip = str_replace(".%", ".0/24", $host);
        echo "Found a /24...$ip ";
    } elseif (preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $host)) {
        $ip = $host;
    } else {
        if (!preg_match("/([a-zA-Z0-9_-]){5,60}/", $host)) {
            echo "Invalid host $host, skip\r\n";
            continue;
        }

        $ip = gethostbyname($host);
        if (empty($ip) || $ip === $host || !preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $ip)) {
            echo "Does not resolve, skip\r\n";
            continue;
        }

        echo "Resolves to $ip. ";
    }

    $rule = "tcp:in:d=3306:s=$ip";
    $currentRules[] = $rule;

    if (array_search($rule, $allows) !== FALSE) {
        echo "Already added\n";
    } else {
        echo "Adding $rule\n";
        $addition .= $rule . "\n";
    }
}

// Cleanup: remove obsolete entries
$updatedRules = [];
foreach ($allows as $line) {
    $trimmed = trim($line);
    if ($trimmed === '') continue;

    if (!in_array($trimmed, $currentRules)) {
        echo "Removed rule $trimmed - no longer exists in MySQL\n";
        $removedSomething = true;
    } else {
        $updatedRules[] = $trimmed;
    }
}

// Append new entries if needed
if (!empty(trim($addition))) {
    $updatedRules = array_merge($updatedRules, explode("\n", trim($addition)));
    $updatedRules = array_unique(array_filter(array_map('trim', $updatedRules)));
}

// Save final file
file_put_contents($csfallowPath, implode("\n", $updatedRules) . "\n");

// Restart CSF if needed
if (!empty($addition) || $removedSomething) {
    echo "\n-> Changes applied, restarting CSF...\n";
    shell_exec("/usr/sbin/csf -r");
    echo "-> CSF restarted.\n";
} else {
    echo "\n-> No changes. CSF remains untouched.\n";
}
@ Telegram