Kernel : Linux vmw02p.internet-indee.net 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Tue Nov 16 14:42:35 UTC 2021 x86_64
Disable function : NONE
Safe mode : OFF
Host : firofichi.it | Server ip : 5.196.164.15 | Your ip : 3.142.200.28 | Time @ Server : 19 Oct 2024 02:40:32
MySQL : OFF | MSSQL : OFF | cURL : ON | Oracle : OFF | wget : ON | Perl : ON

/home/webmaster/script/

HOME about upload exec mass file domain root vuln newfile newfolder kill me

File Path : /home/webmaster/script/dumpdb.sh

#!/bin/bash
#v1.0

# colors definitions
RESTORE=$(echo -en '\001\033[0m\002')
RED=$(echo -en '\001\033[00;31m\002')
GREEN=$(echo -en '\001\033[00;32m\002')
YELLOW=$(echo -en '\001\033[00;33m\002')
BLUE=$(echo -en '\001\033[00;34m\002')
MAGENTA=$(echo -en '\001\033[00;35m\002')
PURPLE=$(echo -en '\001\033[00;35m\002')
CYAN=$(echo -en '\001\033[00;36m\002')
LIGHTGRAY=$(echo -en '\001\033[00;37m\002')
LRED=$(echo -en '\001\033[01;31m\002')
LGREEN=$(echo -en '\001\033[01;32m\002')
LYELLOW=$(echo -en '\001\033[01;33m\002')
LBLUE=$(echo -en '\001\033[01;34m\002')
LMAGENTA=$(echo -en '\001\033[01;35m\002')
LPURPLE=$(echo -en '\001\033[01;35m\002')
LCYAN=$(echo -en '\001\033[01;36m\002')
WHITE=$(echo -en '\001\033[01;37m\002')

# genera un dump del db chiedendo le credenziali

db_host=127.0.0.1
dblocalport=3306

echo ${WHITE}
read -p "Nome DB : " db_name
read -p "Nome utente : " db_user
read -p "Password db : " db_pass
echo ${RESTORE}
echo ""


while true; do
  read -n 1 -p ${YELLOW}"Sei sicuro di voler effettuare un dump di $db_name dall'host $db_host (s/n)?"${RESTORE} yn
    case $yn in
    [Ss] )
         ok=1
         break
         ;;
    [Nn] )
         ok=0
         break
         ;;
       * ) echo ""; echo $(PURPLE)"Per favore rispondi (s)i o (n)o."${RESTORE};;
    esac
done
echo ""
if [[ ok -eq 0 ]]; then exit 1; fi


# gestisce i caratteri speciali nella password
# verifica la presenza di slash nella password nuova
slashpos=$(printf "$db_pass" | awk '{for(i=1;i<=length($0);i++) {if (substr($0,i,1)=="/") {print i}}}')
if [ ! -z "$slashpos" ]; then
  # usiamo sed -dollaro- con un carattere escapabile per ridurre al minimo le collisioni con caratteri nella password
  temppass=$(printf '"$db_pass"' | sed -e $'s\x01/\x01\\\\/\x01g')
  db_pass='"$temppass"'
else
  temppass="$db_pass"
fi
#sostituisce gli apici
db_pass=$(echo "$temppass" | sed "s/\"/'/g")
#la password per mysqldump DEVE essere chiusa tra singoli apici, al contrario di mysql
db_pass_dump="'"$db_pass"'"

connectStr="mysql --host=$db_host --port=$dblocalport --protocol=TCP -u $db_user --password=$db_pass $db_name"
db_bkp_name="$db_name"_$(date '+%Y-%m-%d_%H.%M.%S').sql

# calcola la dimensione del db attuale (e la passa in megabytes a pv)
db_size=$($connectStr --silent --skip-column-names -e "SELECT IFNULL(ROUND(SUM(data_length) / 1.65), 0) AS \"size_bytes\" FROM information_schema.TABLES WHERE table_schema='$db_name';")
size=$(numfmt --to=iec-i --suffix=B "$db_size")

dumpStr="mysqldump --host=$db_host --port=$dblocalport --protocol=TCP -u $db_user --password=$db_pass_dump $db_name | pv --size $db_size > ./$db_bkp_name.sql"

# effettua un dump del db attuale
echo ${LBLUE}"----..----------..----"
echo "Dumping del db attuale per un backup di sicurezza..."
eval "$dumpStr";
echo ${LBLUE}"----..----------..----"${RESTORE}

echo "Dump del db terminato"