Instantly share code, notes, and snippets.
Forked from peterjaap/navicat_tunnel.php
Created
September 6, 2016 11:24
-
Star
(0)
0
You must be signed in to star a gist -
Fork
(0)
0
You must be signed in to fork a gist
-
Save Epenance/d9cceaff891fcf6e1109371e71f13d67 to your computer and use it in GitHub Desktop.
Navicat tunnel file (the nearly unfindable ntunnel_mysql.php)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php //version my104 | |
header("Content-Type: application/octet-stream"); | |
error_reporting(0); | |
set_time_limit(0); | |
set_magic_quotes_runtime(0); | |
function phpversion_int() | |
{ | |
list($maVer, $miVer, $edVer) = split("[/.-]", phpversion()); | |
return $maVer*10000 + $miVer*100 + $edVer; | |
} | |
function CheckFunctions() | |
{ | |
if (!function_exists("mysql_connect")) | |
return "mysql_connect"; | |
return ""; | |
} | |
function GetLongBinary($num) | |
{ | |
return pack("N",$num); | |
} | |
function GetShortBinary($num) | |
{ | |
return pack("n",$num); | |
} | |
function GetDummy($count) | |
{ | |
$str = ""; | |
for($i=0;$i<$count;$i++) | |
$str .= "\x00"; | |
return $str; | |
} | |
function GetBlock($val) | |
{ | |
$len = strlen($val); | |
if( $len < 254 ) | |
return chr($len).$val; | |
else | |
return "\xFE".GetLongBinary($len).$val; | |
} | |
function EchoHeader($errno) | |
{ | |
$str = GetLongBinary(1111); | |
$str .= GetShortBinary(104); | |
$str .= GetLongBinary($errno); | |
$str .= GetDummy(6); | |
echo $str; | |
} | |
function EchoConnInfo($conn) | |
{ | |
$str = GetBlock(mysql_get_host_info($conn)); | |
$str .= GetBlock(mysql_get_proto_info($conn)); | |
$str .= GetBlock(mysql_get_server_info($conn)); | |
echo $str; | |
} | |
function EchoResultSetHeader($errno, $affectrows, $insertid, $numfields, $numrows) | |
{ | |
$str = GetLongBinary($errno); | |
$str .= GetLongBinary($affectrows); | |
$str .= GetLongBinary($insertid); | |
$str .= GetLongBinary($numfields); | |
$str .= GetLongBinary($numrows); | |
$str .= GetDummy(12); | |
echo $str; | |
} | |
function EchoFieldsHeader($res, $numfields) | |
{ | |
$str = ""; | |
for( $i = 0; $i < $numfields; $i++ ) { | |
$str .= GetBlock(mysql_field_name($res, $i)); | |
$str .= GetBlock(mysql_field_table($res, $i)); | |
$type = mysql_field_type($res, $i); | |
$length = mysql_field_len($res, $i); | |
switch ($type) { | |
case "int": | |
if( $length > 11 ) $type = 8; | |
elseif( $length > 9 ) $type = 3; | |
elseif( $length > 6 ) $type = 9; | |
elseif( $length > 4 ) $type = 2; | |
else $type = 1; | |
break; | |
case "real": | |
if( $length == 12 ) $type = 4; | |
elseif( $length == 22 ) $type = 5; | |
else $type = 0; | |
break; | |
case "null": | |
$type = 6; | |
break; | |
case "timestamp": | |
$type = 7; | |
break; | |
case "date": | |
$type = 10; | |
break; | |
case "time": | |
$type = 11; | |
break; | |
case "datetime": | |
$type = 12; | |
break; | |
case "year": | |
$type = 13; | |
break; | |
case "blob": | |
if( $length > 16777215 ) $type = 251; | |
elseif( $length > 65535 ) $type = 250; | |
elseif( $length > 255 ) $type = 252; | |
else $type = 249; | |
break; | |
default: | |
$type = 253; | |
} | |
$str .= GetLongBinary($type); | |
$flags = explode( " ", mysql_field_flags ( $res, $i ) ); | |
$intflag = 0; | |
if(in_array( "not_null", $flags )) $intflag += 1; | |
if(in_array( "primary_key", $flags )) $intflag += 2; | |
if(in_array( "unique_key", $flags )) $intflag += 4; | |
if(in_array( "multiple_key", $flags )) $intflag += 8; | |
if(in_array( "blob", $flags )) $intflag += 16; | |
if(in_array( "unsigned", $flags )) $intflag += 32; | |
if(in_array( "zerofill", $flags )) $intflag += 64; | |
if(in_array( "binary", $flags)) $intflag += 128; | |
if(in_array( "enum", $flags )) $intflag += 256; | |
if(in_array( "auto_increment", $flags )) $intflag += 512; | |
if(in_array( "timestamp", $flags )) $intflag += 1024; | |
if(in_array( "set", $flags )) $intflag += 2048; | |
$str .= GetLongBinary($intflag); | |
$str .= GetLongBinary($length); | |
} | |
echo $str; | |
} | |
function EchoData($res, $numfields, $numrows) | |
{ | |
for( $i = 0; $i < $numrows; $i++ ) { | |
$str = ""; | |
$row = mysql_fetch_row( $res ); | |
for( $j = 0; $j < $numfields; $j++ ){ | |
if( is_null($row[$j]) ) | |
$str .= "\xFF"; | |
else | |
$str .= GetBlock($row[$j]); | |
} | |
echo $str; | |
} | |
} | |
if (phpversion_int() < 40005) { | |
EchoHeader(201); | |
echo GetBlock("unsupported php version"); | |
exit(); | |
} | |
if (phpversion_int() < 40010) { | |
global $HTTP_POST_VARS; | |
$_POST = &$HTTP_POST_VARS; | |
} | |
if (!isset($_POST["actn"]) || !isset($_POST["host"]) || !isset($_POST["port"]) || !isset($_POST["login"])) { | |
EchoHeader(202); | |
echo GetBlock("invalid parameters"); | |
exit(); | |
} | |
$strCheckFunctions = CheckFunctions(); | |
if (strlen($strCheckFunctions) > 0) { | |
EchoHeader(203); | |
echo GetBlock("function not exist: ".$strCheckFunctions); | |
exit(); | |
} | |
$errno_c = 0; | |
$hs = $_POST["host"]; | |
if( $_POST["port"] ) $hs .= ":".$_POST["port"]; | |
$conn = mysql_connect($hs, $_POST["login"], $_POST["password"]); | |
$errno_c = mysql_errno(); | |
if(($errno_c <= 0) && ( $_POST["db"] != "" )) { | |
$res = mysql_select_db( $_POST["db"], $conn); | |
$errno_c = mysql_errno(); | |
} | |
EchoHeader($errno_c); | |
if($errno_c > 0) { | |
echo GetBlock(mysql_error()); | |
} elseif($_POST["actn"] == "C") { | |
EchoConnInfo($conn); | |
} elseif($_POST["actn"] == "Q") { | |
for($i=0;$i<count($_POST["q"]);$i++) { | |
$query = $_POST["q"][$i]; | |
if($query == "") continue; | |
if(get_magic_quotes_gpc()) | |
$query = stripslashes($query); | |
$res = mysql_query($query, $conn); | |
$errno = mysql_errno(); | |
$affectedrows = mysql_affected_rows($conn); | |
$insertid = mysql_insert_id($conn); | |
$numfields = mysql_num_fields($res); | |
$numrows = mysql_num_rows($res); | |
EchoResultSetHeader($errno, $affectedrows, $insertid, $numfields, $numrows); | |
if($errno > 0) | |
echo GetBlock(mysql_error()); | |
else { | |
if($numfields > 0) { | |
EchoFieldsHeader($res, $numfields); | |
EchoData($res, $numfields, $numrows); | |
} else { | |
if(phpversion_int() >= 40300) | |
echo GetBlock(mysql_info($conn)); | |
else | |
echo GetBlock(""); | |
} | |
} | |
if($i<(count($_POST["q"])-1)) | |
echo "\x01"; | |
else | |
echo "\x00"; | |
mysql_free_result($res); | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment