Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- abstract class nucleo
- {
- public static function obtenerParametro(&$arr, $nombre, $defecto = NULL)
- {
- if( isset($arr[$nombre]) )
- {
- return $arr[$nombre];
- }
- return $defecto;
- }
- public static function modSecStatus()
- {
- $file = "/usr/share/ilabs_antimalware/logs/ok.txt";
- file_put_contents($file, "");
- $cmd = "wget local.pyxsoft.com?PYX_getStatus -O /dev/null -q";
- shell_exec($cmd);
- $res = file_get_contents($file);
- return $res == "OK" ? true : false;
- }
- public static function guardarEnArchivo($datos, $file, $encoded = false)
- {
- $datos = serialize($datos);
- if( $encoded )
- {
- $datos = self::encodeString(base64_encode($datos));
- }
- if( !file_put_contents($file, $datos) )
- {
- error_log("No se pudo escribir el archivo cache/datos/" . $file . " (nucleo::guardarEnArchivo)");
- }
- }
- public static function obtenerDeArchivo($file, $defecto = NULL)
- {
- $datos = $defecto;
- if( file_exists($file) )
- {
- $datos = file_get_contents($file);
- if( strpos($datos, "**!ENC!**") !== false )
- {
- $datos = base64_decode(self::decodeString($datos));
- }
- $datos = unserialize($datos);
- }
- return $datos;
- }
- public static function base64UrlEncode($data)
- {
- return strtr(rtrim(base64_encode($data), "="), "+/", "-_");
- }
- public static function base64UrlDecode($base64)
- {
- return base64_decode(strtr($base64, "-_", "+/"));
- }
- public static function getExt($filename)
- {
- $e = preg_match("/\\.([^\\.]+)\$/", $filename, $res);
- if( isset($res[1]) )
- {
- return strtolower("." . $res[1]);
- }
- return "";
- }
- public static function obtenerConfiguracion()
- {
- $dir = "/usr/share/ilabs_antimalware";
- require($dir . "/default_conf.php");
- foreach( $dcf as $key => $value )
- {
- $v[$key] = $value["default"];
- }
- if( file_exists($dir . "/conf.dat") )
- {
- $datos = file_get_contents($dir . "/conf.dat");
- $datos = unserialize($datos);
- $v = array_merge($v, $datos);
- }
- return $v;
- }
- public static function mySQL_obtenerCredenciales()
- {
- $file = "/root/.my.cnf";
- $res = array( "user" => "", "pass" => "" );
- if( file_exists($file) )
- {
- $data = file_get_contents($file);
- if( preg_match("/^pass=(.+)/im", $data, $matches) )
- {
- $res["pass"] = trim($matches[1], " \"\n\r");
- }
- if( preg_match("/^user=(.+)/im", $data, $matches) )
- {
- $res["user"] = trim($matches[1], " \n\r");
- }
- }
- return $res;
- }
- public static function obtenerIdiomaUsuario($username)
- {
- $res = "en";
- if( file_exists("/var/cpanel/users/" . $username) )
- {
- $res = shell_exec("grep 'LOCALE' /var/cpanel/users/" . $username . " | cut -d '=' -f 2");
- if( $res == "" )
- {
- $res = "en";
- }
- }
- return $res;
- }
- private static function clamav_getPath()
- {
- $res = "/usr/bin";
- if( file_exists("/usr/local/cpanel/3rdparty/bin/clamscan") )
- {
- $res = "/usr/local/cpanel/3rdparty/bin";
- }
- return $res;
- }
- public static function clamav_getClamscan()
- {
- return self::clamav_getPath() . "/clamscan";
- }
- public static function clamav_getClamdscan()
- {
- return self::clamav_getPath() . "/clamdscan";
- }
- public static function clamav_getDBPath()
- {
- $res = "";
- if( file_exists("/var/lib/clamav") )
- {
- $res = "/var/lib/clamav";
- }
- if( file_exists("/var/clamav") )
- {
- $res = "/var/clamav";
- }
- if( file_exists("/usr/share/clamav") )
- {
- $res = "/usr/share/clamav";
- }
- if( file_exists("/usr/local/cpanel/3rdparty/share/clamav") )
- {
- $res = "/usr/local/cpanel/3rdparty/share/clamav";
- }
- return $res;
- }
- public static function age()
- {
- if( !file_exists("/usr/local/cpanel/whostmgr/docroot/cgi/addon_antimalware.php") )
- {
- return 1000;
- }
- $r = filemtime("/usr/local/cpanel/whostmgr/docroot/cgi/addon_antimalware.php");
- $d = time() - $r;
- return floor($d / (3600 * 24));
- }
- public static function licencia_valida($cached = true)
- {
- static $conf;
- if( !isset($conf) )
- {
- $conf = self::obtenerConfiguracion();
- }
- $valor = nucleo::obtenerParametro($conf, "al", NULL);
- if( $cached && !is_null($valor) )
- {
- return $valor;
- }
- $status = nucleo::validar_licencia();
- if( $status == "TRIAL" || $status == "" )
- {
- $valor = 0;
- }
- else
- {
- $valor = 0;
- }
- $conf["al"] = $valor;
- file_put_contents("/usr/share/ilabs_antimalware/conf.dat", serialize($conf));
- return $valor;
- }
- public static function validar_licencia(&$key_data = array( ))
- {
- static $conf;
- if( is_null($conf) )
- {
- $conf = self::obtenerConfiguracion();
- }
- $license_key = nucleo::obtenerParametro($conf, "license_key", "");
- if( $license_key == "" )
- {
- return "EMPTY";
- }
- if( stripos($license_key, "VPS") !== false )
- {
- $plat = nucleo::get_platform();
- if( $plat == "Dedicated Server" )
- {
- return "VPS licenses are not intended to be used in dedicated servers.";
- }
- }
- // $spbas = new spbas();
- // $spbas->license_key = $license_key;
- // $spbas->api_server = "http://www.pyxsoft.com/store/api/index.php";
- // $spbas->secret_key = "6d4e1810acc056ff8151b0348b797d0e";
- // $spbas->local_key_storage = "filesystem";
- // $spbas->local_key_path = "/usr/share/ilabs_antimalware/";
- // $spbas->local_key_name = "license.txt";
- // $spbas->local_key_grace_period = "1,2,3,4,5";
- // $spbas->remote_timeout = 20;
- // $spbas->validate();
- // $key_data = $spbas->key_data;
- // if( $spbas->errors == "Error: The local license key is invalid for this location." )
- // {
- // return "";
- // }
- // return $spbas->errors;
- return "";
- }
- public static function hexToStr($hex)
- {
- $string = "";
- $i = 0;
- while( $i < strlen($hex) - 1 )
- {
- $string .= chr(hexdec($hex[$i] . $hex[$i + 1]));
- $i += 2;
- }
- return $string;
- }
- public static function encodeString($string, $password = "")
- {
- mb_internal_encoding("UTF-8");
- if( $password == "" )
- {
- $password = self::get_encoderPassword();
- }
- $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789:{}()[]+-,.= ";
- $largo = mb_strlen($chars);
- $largoString = mb_strlen($string);
- $res = "**!ENC!**";
- $idx_pas = 0;
- for( $i = 0; $i < $largoString; $i++ )
- {
- $c = mb_substr($string, $i, 1);
- $idx_c = mb_strpos($chars, $c);
- if( $idx_c === false )
- {
- $res .= $c;
- }
- else
- {
- $offset = $i + ord($password[$idx_pas]) + $largoString;
- $num = $idx_c + $offset;
- $idx_pas++;
- $idx_pas = $idx_pas % mb_strlen($password);
- $num = $num % $largo;
- $res .= $chars[$num];
- }
- }
- return $res;
- }
- public static function decodeString($string, $password = "")
- {
- mb_internal_encoding("UTF-8");
- if( $password == "" )
- {
- $password = self::get_encoderPassword();
- }
- $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789:{}()[]+-,.= ";
- $largo = mb_strlen($chars);
- $sig = "**!ENC!**";
- if( strpos($string, $sig) !== 0 )
- {
- return $string;
- }
- $res = "";
- $string = mb_substr($string, strlen($sig));
- $largoString = mb_strlen($string);
- $idx_pas = 0;
- for( $i = 0; $i < $largoString; $i++ )
- {
- $c = mb_substr($string, $i, 1);
- $idx_c = mb_strpos($chars, $c);
- if( $idx_c === false )
- {
- $res .= $c;
- }
- else
- {
- $offset = $i + ord($password[$idx_pas]) + $largoString;
- $num = $idx_c - $offset;
- $num = ($largo + $num % $largo) % $largo;
- if( $num < 0 )
- {
- $num = $num + $largo;
- }
- $res .= $chars[$num];
- $idx_pas++;
- $idx_pas = $idx_pas % mb_strlen($password);
- }
- }
- return $res;
- }
- public static function autoquarantine_class($name)
- {
- static $exclude;
- if( is_null($exclude) )
- {
- $conf = self::obtenerConfiguracion();
- $exclude = self::obtenerParametro($conf, "aq_exclude", "");
- $exclude .= "|txt.pyxsoft-text-file|inject.unclassed|injected: unknown|.susp";
- $exclude = strtolower($exclude);
- $exclude = explode("|", $exclude);
- }
- if( !$conf["aq_enabled"] )
- {
- return false;
- }
- $name = strtolower($name);
- foreach( $exclude as $e )
- {
- if( $e == "" )
- {
- continue;
- }
- if( !strstr($name, $e) === false )
- {
- return false;
- }
- }
- return true;
- }
- public static function isTrial()
- {
- static $conf;
- if( is_null($conf) )
- {
- $conf = self::obtenerConfiguracion();
- }
- $license_key = nucleo::obtenerParametro($conf, "license_key", "");
- if( $license_key == "" )
- {
- return false;
- }
- if( strstr($license_key, "TRIAL") !== false )
- {
- return false;
- }
- return false;
- }
- public static function isLicenseValid(&$status)
- {
- $status = self::validar_licencia();
- if( $status == "" )
- {
- if( !self::isTrial() )
- {
- $ahora = floor(time() / 86400);
- if( is_writable("/usr/share/ilabs_antimalware/data/gd.dat") )
- {
- self::guardarEnArchivo($ahora, "/usr/share/ilabs_antimalware/data/gd.dat", true);
- }
- }
- return true;
- }
- $age = self::age();
- if( $status == "EMPTY" && self::isTrial() && $age <= 7000 )
- {
- return true;
- }
- if( self::graceDay() < 2000 )
- {
- return true;
- }
- return true;
- }
- public static function graceDay()
- {
- $file = "/usr/share/ilabs_antimalware/data/gd.dat";
- $last = nucleo::obtenerDeArchivo($file, NULL);
- if( is_null($last) )
- {
- return 5000;
- }
- $ahora = floor(time() / 86400);
- return $ahora - $last;
- }
- public static function _obfuscated_6372656172436F6E7472617365C3B161_($maxlen = 5)
- {
- $cadena = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890";
- $largo = strlen($cadena);
- $password = "";
- for( $i = 1; $i <= $maxlen; $i++ )
- {
- $num = rand(1, $largo) - 1;
- $password .= substr($cadena, $num, 1);
- }
- return $password;
- }
- private static function get_encoderPassword()
- {
- $file = "/usr/share/ilabs_antimalware/data/enc_pas.dat";
- $pas = nucleo::obtenerDeArchivo($file, "");
- if( $pas == "" )
- {
- $pas = self::_obfuscated_6372656172436F6E7472617365C3B161_(10);
- $pas = self::encodeString($pas, "ESP209L");
- $pas = base64_encode($pas);
- if( is_writable($file) )
- {
- self::guardarEnArchivo($pas, $file);
- chmod($file, 420);
- }
- }
- $pas = self::decodeString(base64_decode($pas), "ESP209L");
- return $pas;
- }
- public static function get_platform()
- {
- if( file_exists("/usr/bin/lscpu") )
- {
- $res = shell_exec("lscpu");
- if( preg_match("#Hypervisor vendor:[\\s\\t]*(.+)#", $res, $matches) )
- {
- $res = trim(strtoupper($matches[1]));
- if( $res == "KVM" )
- {
- return "KVM";
- }
- if( $res == "XEN" )
- {
- return "XEN";
- }
- if( $res == "MICROSOFT" )
- {
- return "Microsoft Hyper-V";
- }
- }
- }
- if( file_exists("/proc/vz") && file_exists("/proc/vz/veinfo") )
- {
- return "OpenVZ/Virtuozzo VPS";
- }
- if( shell_exec("grep 'QEMU' /proc/cpuinfo") != "" )
- {
- return "KVM VPS";
- }
- if( file_exists("/proc/xen") )
- {
- return "XEN VPS";
- }
- if( shell_exec("grep 'vps' /var/cpanel/flagscache") != "" )
- {
- return "cPanel VPS Optimized";
- }
- return "Dedicated Server";
- }
- }
- class spbas
- {
- public $errors = NULL;
- public $license_key = NULL;
- public $api_server = NULL;
- public $remote_port = NULL;
- public $remote_timeout = NULL;
- public $local_key_storage = NULL;
- public $read_query = NULL;
- public $update_query = NULL;
- public $local_key_path = NULL;
- public $local_key_name = NULL;
- public $local_key_transport_order = NULL;
- public $local_key_grace_period = NULL;
- public $local_key_last = NULL;
- public $validate_download_access = NULL;
- public $release_date = NULL;
- public $key_data = NULL;
- public $status_messages = NULL;
- public $valid_for_product_tiers = NULL;
- public $enable_offline = NULL;
- public $offline_token = NULL;
- public $offline_token_url = NULL;
- public function spbas()
- {
- $this->errors = false;
- $this->remote_port = 80;
- $this->remote_timeout = 10;
- $this->valid_local_key_types = array( "spbas" );
- $this->local_key_type = "spbas";
- $this->local_key_storage = "filesystem";
- $this->local_key_grace_period = 0;
- $this->local_key_last = 0;
- $this->read_query = false;
- $this->update_query = false;
- $this->local_key_path = "./";
- $this->local_key_name = "license.txt";
- $this->local_key_transport_order = "scf";
- $this->validate_download_access = false;
- $this->release_date = false;
- $this->valid_for_product_tiers = false;
- $this->enable_offline = false;
- $this->offline_token = false;
- $this->offline_token_url = false;
- $this->key_data = array( "custom_fields" => array( ), "download_access_expires" => 0, "license_expires" => 0, "local_key_expires" => 0, "status" => "Invalid" );
- $this->status_messages = array( "active" => "This license is active.", "suspended" => "Error: This license has been suspended.", "expired" => "Error: This license has expired.", "pending" => "Error: This license is pending review.", "download_access_expired" => "Error: This version of the software was released " . "after your download access expired. Please " . "downgrade or contact support for more information.", "missing_license_key" => "Error: The license key variable is empty.", "unknown_local_key_type" => "Error: An unknown type of local key validation was requested.", "could_not_obtain_local_key" => "Error: I could not obtain a new local license key.", "maximum_grace_period_expired" => "Error: The maximum local license key grace period has expired.", "local_key_tampering" => "Error: The local license key has been tampered with or is invalid.", "local_key_invalid_for_location" => "Error: The local license key is invalid for this location.", "missing_license_file" => "Error: Please create the following file (and directories if they don't exist already):<br />\r\n<br />\r\n", "license_file_not_writable" => "Error: Please make the following path writable:<br />", "invalid_local_key_storage" => "Error: I could not determine the local key storage on clear.", "could_not_save_local_key" => "Error: I could not save the local license key.", "license_key_string_mismatch" => "Error: The local key is invalid for this license.", "offline_license_key" => "Error: Manual license activation will be required." );
- $this->localization = array( "active" => "This license is active.", "suspended" => "Error: This license has been suspended.", "expired" => "Error: This license has expired.", "pending" => "Error: This license is pending review.", "download_access_expired" => "Error: This version of the software was released " . "after your download access expired. Please " . "downgrade or contact support for more information." );
- }
- public function validate()
- {
- if( !$this->license_key )
- {
- return $this->errors = $this->status_messages["missing_license_key"];
- }
- if( !in_array(strtolower($this->local_key_type), $this->valid_local_key_types) )
- {
- return $this->errors = $this->status_messages["unknown_local_key_type"];
- }
- $this->trigger_grace_period = $this->status_messages["could_not_obtain_local_key"];
- switch( $this->local_key_storage )
- {
- case "database":
- $local_key = $this->db_read_local_key();
- break;
- case "filesystem":
- $local_key = $this->read_local_key();
- break;
- default:
- return $this->errors = $this->status_messages["missing_license_key"];
- }
- if( $this->errors == $this->trigger_grace_period && $this->local_key_grace_period )
- {
- $grace = $this->process_grace_period($this->local_key_last);
- if( $grace["write"] )
- {
- if( $this->local_key_storage == "database" )
- {
- $this->db_write_local_key($grace["local_key"]);
- }
- else
- {
- if( $this->local_key_storage == "filesystem" )
- {
- $this->write_local_key($grace["local_key"], $this->local_key_path . $this->local_key_name);
- }
- }
- }
- if( $grace["errors"] )
- {
- if( isset($this->enable_offline) && $this->enable_offline && $spbas->local_key_storage == "filesystem" )
- {
- return $this->go_offline();
- }
- return $this->errors = $grace["errors"];
- }
- $this->errors = false;
- return $this;
- }
- if( $this->errors )
- {
- return $this->errors;
- }
- return $this->validate_local_key($local_key);
- }
- public function go_offline()
- {
- if( isset($this->enable_offline) && $this->enable_offline )
- {
- return $this->generate_token();
- }
- }
- public function generate_token()
- {
- $signature = $this->build_querystring($this->access_details());
- $signature .= "&license_key=" . $this->license_key;
- $lkp = $this->local_key_path == "./" ? getcwd() . "/" : $this->local_key_path;
- $signature .= "&local_key_path=" . $lkp;
- $signature .= "&local_key_name=" . $this->local_key_name;
- $validator = md5($this->secret_key . $signature);
- $token = base64_encode($signature) . $validator;
- $this->offline_token = wordwrap($token, 42, "\n", 1);
- return $this->errors = $this->status_messages["offline_license_key"];
- }
- public function calc_max_grace($local_key_expires, $grace)
- {
- return (int) $local_key_expires + (int) $grace * 86400;
- }
- public function process_grace_period($local_key)
- {
- $local_key_src = $this->decode_key($local_key);
- $parts = $this->split_key($local_key_src);
- $key_data = unserialize($parts[0]);
- $local_key_expires = (int) $key_data["local_key_expires"];
- unset($parts);
- unset($key_data);
- $write_new_key = false;
- $parts = explode("\n\n", $local_key);
- $local_key = $parts[0];
- foreach( $local_key_grace_period = explode(",", $this->local_key_grace_period) as $key => $grace )
- {
- if( !$key )
- {
- $local_key .= "\n";
- }
- if( time() < $this->calc_max_grace($local_key_expires, $grace) )
- {
- continue;
- }
- $local_key .= "\n" . $grace;
- $write_new_key = true;
- }
- if( $this->calc_max_grace($local_key_expires, array_pop($local_key_grace_period)) < time() )
- {
- return array( "write" => false, "local_key" => "", "errors" => $this->status_messages["maximum_grace_period_expired"] );
- }
- return array( "write" => $write_new_key, "local_key" => $local_key, "errors" => false );
- }
- public function in_grace_period($local_key, $local_key_expires)
- {
- $grace = $this->split_key($local_key, "\n\n");
- if( !isset($grace[1]) )
- {
- return -1;
- }
- return (int) ($this->calc_max_grace($local_key_expires, array_pop(explode("\n", $grace[1]))) - time());
- }
- public function decode_key($local_key)
- {
- return base64_decode(str_replace("\n", "", urldecode($local_key)));
- }
- public function split_key($local_key, $token = "{spbas}")
- {
- return explode($token, $local_key);
- }
- public function validate_access($key, $valid_accesses)
- {
- return in_array($key, (array) $valid_accesses);
- }
- public function wildcard_ip($key)
- {
- $octets = explode(".", $key);
- array_pop($octets);
- $ip_range[] = implode(".", $octets) . ".*";
- array_pop($octets);
- $ip_range[] = implode(".", $octets) . ".*";
- array_pop($octets);
- $ip_range[] = implode(".", $octets) . ".*";
- return $ip_range;
- }
- public function wildcard_domain($key)
- {
- return "*." . str_replace("www.", "", $key);
- }
- public function wildcard_server_hostname($key)
- {
- $hostname = explode(".", $key);
- unset($hostname[0]);
- $hostname = !isset($hostname[1]) ? array( $key ) : $hostname;
- return "*." . implode(".", $hostname);
- }
- public function extract_access_set($instances, $enforce)
- {
- foreach( $instances as $key => $instance )
- {
- if( $key != $enforce )
- {
- continue;
- }
- return $instance;
- }
- return array( );
- }
- public function validate_local_key($local_key)
- {
- $local_key_src = $this->decode_key($local_key);
- $parts = $this->split_key($local_key_src);
- if( !isset($parts[1]) )
- {
- return $this->errors = $this->status_messages["local_key_tampering"];
- }
- if( md5($this->secret_key . $parts[0]) != $parts[1] )
- {
- return $this->errors = $this->status_messages["local_key_tampering"];
- }
- $key_data = unserialize($parts[0]);
- $instance = $key_data["instance"];
- unset($key_data["instance"]);
- $enforce = $key_data["enforce"];
- unset($key_data["enforce"]);
- $this->key_data = $key_data;
- if( (string) $key_data["license_key_string"] != (string) $this->license_key )
- {
- return $this->errors = $this->status_messages["license_key_string_mismatch"];
- }
- if( (string) $key_data["status"] != "active" )
- {
- return $this->errors = $this->status_messages[$key_data["status"]];
- }
- if( (string) $key_data["license_expires"] != "never" && (int) $key_data["license_expires"] < time() )
- {
- return $this->errors = $this->status_messages["expired"];
- }
- if( (string) $key_data["local_key_expires"] != "never" && (int) $key_data["local_key_expires"] < time() && $this->in_grace_period($local_key, $key_data["local_key_expires"]) < 0 )
- {
- $this->clear_cache_local_key();
- return $this->validate();
- }
- if( $this->validate_download_access && strtolower($key_data["download_access_expires"]) != "never" && (int) $key_data["download_access_expires"] < strtotime($this->release_date) )
- {
- return $this->errors = $this->status_messages["download_access_expired"];
- }
- $conflicts = array( );
- $access_details = $this->access_details();
- foreach( (array) $enforce as $key )
- {
- $valid_accesses = $this->extract_access_set($instance, $key);
- if( !$this->validate_access($access_details[$key], $valid_accesses) )
- {
- $conflicts[$key] = true;
- if( in_array($key, array( "ip", "server_ip" )) )
- {
- foreach( $this->wildcard_ip($access_details[$key]) as $ip )
- {
- if( $this->validate_access($ip, $valid_accesses) )
- {
- unset($conflicts[$key]);
- break;
- }
- }
- }
- else
- {
- if( in_array($key, array( "domain" )) )
- {
- if( $this->validate_access($this->wildcard_domain($access_details[$key]), $valid_accesses) )
- {
- unset($conflicts[$key]);
- }
- }
- else
- {
- if( in_array($key, array( "server_hostname" )) && $this->validate_access($this->wildcard_server_hostname($access_details[$key]), $valid_accesses) )
- {
- unset($conflicts[$key]);
- }
- }
- }
- }
- }
- if( !empty($conflicts) )
- {
- return $this->errors = $this->status_messages["local_key_invalid_for_location"];
- }
- }
- public function db_read_local_key()
- {
- $result = array( );
- if( is_array($this->read_query) )
- {
- $result = $this->read_query;
- }
- else
- {
- $query = @mysql_query($this->read_query);
- if( $mysql_error = mysql_error() )
- {
- return $this->errors = "Error: " . $mysql_error;
- }
- $result = @mysql_fetch_assoc($query);
- if( $mysql_error = mysql_error() )
- {
- return $this->errors = "Error: " . $mysql_error;
- }
- }
- if( !$result["local_key"] )
- {
- $result["local_key"] = $this->fetch_new_local_key();
- if( $this->errors )
- {
- return $this->errors;
- }
- $this->db_write_local_key($result["local_key"]);
- }
- return $this->local_key_last = $result["local_key"];
- }
- public function db_write_local_key($local_key)
- {
- if( is_array($this->update_query) )
- {
- $run = $this->update_query["function"];
- return $run($this->update_query["key"], $local_key);
- }
- @mysql_query(@str_replace("{local_key}", $local_key, $this->update_query));
- if( $mysql_error = mysql_error() )
- {
- return $this->errors = "Error: " . $mysql_error;
- }
- return true;
- }
- public function read_local_key()
- {
- if( !file_exists($path = $this->local_key_path . $this->local_key_name) )
- {
- return $this->errors = $this->status_messages["missing_license_file"] . $path;
- }
- if( !is_writable($path) )
- {
- return $this->errors = $this->status_messages["license_file_not_writable"] . $path;
- }
- if( !($local_key = @file_get_contents($path)) )
- {
- $local_key = $this->fetch_new_local_key();
- if( $this->errors )
- {
- if( isset($this->enable_offline) && $this->enable_offline )
- {
- return $this->go_offline();
- }
- return $this->errors;
- }
- $this->write_local_key(urldecode($local_key), $path);
- }
- return $this->local_key_last = $local_key;
- }
- public function clear_cache_local_key()
- {
- switch( strtolower($this->local_key_storage) )
- {
- case "database":
- $this->db_write_local_key("");
- break;
- case "filesystem":
- $this->write_local_key("", $this->local_key_path . $this->local_key_name);
- break;
- default:
- return $this->errors = $this->status_messages["invalid_local_key_storage"];
- }
- }
- public function write_local_key($local_key, $path)
- {
- $fp = @fopen($path, "w");
- if( !$fp )
- {
- return $this->errors = $this->status_messages["could_not_save_local_key"];
- }
- @fwrite($fp, $local_key);
- @fclose($fp);
- return true;
- }
- public function fetch_new_local_key()
- {
- $querystring = "mod=license&task=SPBAS_validate_license&license_key=" . $this->license_key . "&";
- $querystring .= $this->build_querystring($this->access_details());
- if( $this->errors )
- {
- return false;
- }
- $priority = $this->local_key_transport_order;
- while( strlen($priority) )
- {
- $use = substr($priority, 0, 1);
- if( $use == "s" && ($result = $this->use_fsockopen($this->api_server, $querystring)) )
- {
- break;
- }
- if( $use == "c" && ($result = $this->use_curl($this->api_server, $querystring)) )
- {
- break;
- }
- if( $use == "f" && ($result = $this->use_fopen($this->api_server, $querystring)) )
- {
- break;
- }
- $priority = substr($priority, 1);
- }
- if( !$result )
- {
- $this->errors = $this->status_messages["could_not_obtain_local_key"];
- return false;
- }
- if( substr($result, 0, 7) == "Invalid" )
- {
- $this->errors = str_replace("Invalid", "Error", $result);
- return false;
- }
- if( substr($result, 0, 5) == "Error" )
- {
- $this->errors = $result;
- return false;
- }
- return $result;
- }
- public function build_querystring($array)
- {
- $buffer = "";
- foreach( (array) $array as $key => $value )
- {
- if( $buffer )
- {
- $buffer .= "&";
- }
- $buffer .= $key . "=" . $value;
- }
- return $buffer;
- }
- public function access_details()
- {
- $access_details = array( );
- $access_details["domain"] = "";
- $access_details["ip"] = "";
- $access_details["directory"] = "";
- $access_details["server_hostname"] = "";
- $access_details["server_ip"] = "";
- $access_details["valid_for_product_tiers"] = "";
- if( function_exists("phpinfo") )
- {
- ob_start();
- phpinfo(INFO_GENERAL);
- phpinfo(INFO_ENVIRONMENT);
- $phpinfo = ob_get_contents();
- ob_end_clean();
- $list = strip_tags($phpinfo);
- $access_details["domain"] = $this->scrape_phpinfo($list, "HTTP_HOST");
- $access_details["ip"] = $this->scrape_phpinfo($list, "SERVER_ADDR");
- $access_details["directory"] = $this->scrape_phpinfo($list, "SCRIPT_FILENAME");
- $access_details["server_hostname"] = $this->scrape_phpinfo($list, "System");
- $access_details["server_ip"] = @gethostbyname($access_details["server_hostname"]);
- }
- $access_details["domain"] = $access_details["domain"] ? $access_details["domain"] : $_SERVER["HTTP_HOST"];
- $access_details["ip"] = $access_details["ip"] ? $access_details["ip"] : $this->server_addr();
- $access_details["directory"] = $access_details["directory"] ? $access_details["directory"] : $this->path_translated();
- $access_details["server_hostname"] = $access_details["server_hostname"] ? $access_details["server_hostname"] : @gethostbyaddr($access_details["ip"]);
- $access_details["server_hostname"] = $access_details["server_hostname"] ? $access_details["server_hostname"] : "Unknown";
- $access_details["server_ip"] = $access_details["server_ip"] ? $access_details["server_ip"] : @gethostbyaddr($access_details["ip"]);
- $access_details["server_ip"] = $access_details["server_ip"] ? $access_details["server_ip"] : "Unknown";
- foreach( $access_details as $key => $value )
- {
- if( $key == "valid_for_product_tiers" )
- {
- continue;
- }
- $access_details[$key] = $access_details[$key] ? $access_details[$key] : "Unknown";
- }
- if( $this->valid_for_product_tiers )
- {
- $access_details["valid_for_product_tiers"] = $this->valid_for_product_tiers;
- }
- return $access_details;
- }
- public function path_translated()
- {
- $option = array( "PATH_TRANSLATED", "ORIG_PATH_TRANSLATED", "SCRIPT_FILENAME", "DOCUMENT_ROOT", "APPL_PHYSICAL_PATH" );
- foreach( $option as $key )
- {
- if( !isset($_SERVER[$key]) || strlen(trim($_SERVER[$key])) <= 0 )
- {
- continue;
- }
- if( $this->is_windows() && strpos($_SERVER[$key], "\\") )
- {
- return @substr($_SERVER[$key], 0, @strrpos($_SERVER[$key], "\\"));
- }
- return @substr($_SERVER[$key], 0, @strrpos($_SERVER[$key], "/"));
- }
- return false;
- }
- public function server_addr()
- {
- $options = array( "SERVER_ADDR", "LOCAL_ADDR" );
- foreach( $options as $key )
- {
- if( isset($_SERVER[$key]) )
- {
- return $_SERVER[$key];
- }
- }
- return false;
- }
- public function scrape_phpinfo($all, $target)
- {
- $all = explode($target, $all);
- if( count($all) < 2 )
- {
- return false;
- }
- $all = explode("\n", $all[1]);
- $all = trim($all[0]);
- if( $target == "System" )
- {
- $all = explode(" ", $all);
- $all = trim($all[strtolower($all[0]) == "windows" && strtolower($all[1]) == "nt" ? 2 : 1]);
- }
- if( $target == "SCRIPT_FILENAME" )
- {
- $slash = $this->is_windows() ? "\\" : "/";
- $all = explode($slash, $all);
- array_pop($all);
- $all = implode($slash, $all);
- }
- if( substr($all, 1, 1) == "]" )
- {
- return false;
- }
- return $all;
- }
- public function use_fsockopen($url, $querystring)
- {
- if( !function_exists("fsockopen") )
- {
- return false;
- }
- $url = parse_url($url);
- $fp = @fsockopen($url["host"], $this->remote_port, $errno, $errstr, $this->remote_timeout);
- if( !$fp )
- {
- return false;
- }
- $header = "POST " . $url["path"] . " HTTP/1.0\r\n";
- $header .= "Host: " . $url["host"] . "\r\n";
- $header .= "Content-type: application/x-www-form-urlencoded\r\n";
- $header .= "User-Agent: SPBAS (http://www.spbas.com)\r\n";
- $header .= "Content-length: " . @strlen($querystring) . "\r\n";
- $header .= "Connection: close\r\n\r\n";
- $header .= $querystring;
- $result = false;
- fputs($fp, $header);
- while( !feof($fp) )
- {
- $result .= fgets($fp, 1024);
- }
- fclose($fp);
- if( strpos($result, "200") === false )
- {
- return false;
- }
- $result = explode("\r\n\r\n", $result, 2);
- if( !$result[1] )
- {
- return false;
- }
- return $result[1];
- }
- public function use_curl($url, $querystring)
- {
- if( !function_exists("curl_init") )
- {
- return false;
- }
- $curl = curl_init();
- $header[0] = "Accept: text/xml,application/xml,application/xhtml+xml,";
- $header[0] .= "text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5";
- $header[] = "Cache-Control: max-age=0";
- $header[] = "Connection: keep-alive";
- $header[] = "Keep-Alive: 300";
- $header[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7";
- $header[] = "Accept-Language: en-us,en;q=0.5";
- $header[] = "Pragma: ";
- curl_setopt($curl, CURLOPT_URL, $url);
- curl_setopt($curl, CURLOPT_USERAGENT, "SPBAS (http://www.spbas.com)");
- curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
- curl_setopt($curl, CURLOPT_ENCODING, "gzip,deflate");
- curl_setopt($curl, CURLOPT_AUTOREFERER, true);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($curl, CURLOPT_POSTFIELDS, $querystring);
- curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $this->remote_timeout);
- curl_setopt($curl, CURLOPT_TIMEOUT, $this->remote_timeout);
- $result = curl_exec($curl);
- $info = curl_getinfo($curl);
- curl_close($curl);
- if( (int) $info["http_code"] != 200 )
- {
- return false;
- }
- return $result;
- }
- public function use_fopen($url, $querystring)
- {
- if( !function_exists("file_get_contents") )
- {
- return false;
- }
- return @file_get_contents($url . "?" . $querystring);
- }
- public function is_windows()
- {
- return strtoupper(substr(PHP_OS, 0, 3)) === "WIN";
- }
- public function pr($stack, $stop_execution = true)
- {
- $formatted = "<pre>" . var_export((array) $stack, 1) . "</pre>";
- if( $stop_execution )
- {
- exit( $formatted );
- }
- return $formatted;
- }
- }
- abstract class whmcs
- {
- private static function internal_check_license($licensekey, $localkey = "")
- {
- $whmcsurl = "http://www.pyxsoft.com/billing/";
- $licensing_secret_key = "6d4e1810acc056ff8151b0348b797d0e";
- $localkeydays = 15;
- $allowcheckfaildays = 5;
- $check_token = time() . md5(mt_rand(1000000000, 9999999999) . $licensekey);
- $checkdate = date("Ymd");
- $domain = $_SERVER["SERVER_NAME"];
- $usersip = isset($_SERVER["SERVER_ADDR"]) ? $_SERVER["SERVER_ADDR"] : $_SERVER["LOCAL_ADDR"];
- $dirpath = dirname(__FILE__);
- $verifyfilepath = "modules/servers/licensing/verify.php";
- $localkeyvalid = false;
- if( $localkey )
- {
- $localkey = str_replace("\n", "", $localkey);
- $localdata = substr($localkey, 0, strlen($localkey) - 32);
- $md5hash = substr($localkey, strlen($localkey) - 32);
- if( $md5hash == md5($localdata . $licensing_secret_key) )
- {
- $localdata = strrev($localdata);
- $md5hash = substr($localdata, 0, 32);
- $localdata = substr($localdata, 32);
- $localdata = base64_decode($localdata);
- $localkeyresults = unserialize($localdata);
- $originalcheckdate = $localkeyresults["checkdate"];
- if( $md5hash == md5($originalcheckdate . $licensing_secret_key) )
- {
- $localexpiry = date("Ymd", mktime(0, 0, 0, date("m"), date("d") - $localkeydays, date("Y")));
- if( $localexpiry < $originalcheckdate )
- {
- $localkeyvalid = true;
- $results = $localkeyresults;
- $validdomains = explode(",", $results["validdomain"]);
- if( !in_array($_SERVER["SERVER_NAME"], $validdomains) )
- {
- $localkeyvalid = false;
- $localkeyresults["status"] = "Invalid";
- $results = array( );
- }
- $validips = explode(",", $results["validip"]);
- if( !in_array($usersip, $validips) )
- {
- $localkeyvalid = false;
- $localkeyresults["status"] = "Invalid";
- $results = array( );
- }
- $validdirs = explode(",", $results["validdirectory"]);
- if( !in_array($dirpath, $validdirs) )
- {
- $localkeyvalid = false;
- $localkeyresults["status"] = "Invalid";
- $results = array( );
- }
- }
- }
- }
- }
- if( !$localkeyvalid )
- {
- $postfields = array( "licensekey" => $licensekey, "domain" => $domain, "ip" => $usersip, "dir" => $dirpath );
- if( $check_token )
- {
- $postfields["check_token"] = $check_token;
- }
- $query_string = "";
- foreach( $postfields as $k => $v )
- {
- $query_string .= $k . "=" . urlencode($v) . "&";
- }
- if( function_exists("curl_exec") )
- {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $whmcsurl . $verifyfilepath);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
- curl_setopt($ch, CURLOPT_TIMEOUT, 30);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $data = curl_exec($ch);
- curl_close($ch);
- }
- else
- {
- $fp = fsockopen($whmcsurl, 80, $errno, $errstr, 5);
- if( $fp )
- {
- $newlinefeed = "\r\n";
- $header = "POST " . $whmcsurl . $verifyfilepath . " HTTP/1.0" . $newlinefeed;
- $header .= "Host: " . $whmcsurl . $newlinefeed;
- $header .= "Content-type: application/x-www-form-urlencoded" . $newlinefeed;
- $header .= "Content-length: " . @strlen($query_string) . $newlinefeed;
- $header .= "Connection: close" . $newlinefeed . $newlinefeed;
- $header .= $query_string;
- $data = "";
- @stream_set_timeout($fp, 20);
- @fputs($fp, $header);
- $status = @socket_get_status($fp);
- while( !@feof($fp) && $status )
- {
- $data .= @fgets($fp, 1024);
- $status = @socket_get_status($fp);
- }
- @fclose($fp);
- }
- }
- if( !$data )
- {
- $localexpiry = date("Ymd", mktime(0, 0, 0, date("m"), date("d") - ($localkeydays + $allowcheckfaildays), date("Y")));
- if( $localexpiry < $originalcheckdate )
- {
- $results = $localkeyresults;
- }
- else
- {
- $results = array( );
- $results["status"] = "Invalid";
- $results["description"] = "Remote Check Failed";
- return $results;
- }
- }
- else
- {
- preg_match_all("/<(.*?)>([^<]+)<\\/\\1>/i", $data, $matches);
- $results = array( );
- foreach( $matches[1] as $k => $v )
- {
- $results[$v] = $matches[2][$k];
- }
- }
- if( !is_array($results) )
- {
- exit( "Invalid License Server Response" );
- }
- if( $results["md5hash"] && $results["md5hash"] != md5($licensing_secret_key . $check_token) )
- {
- $results["status"] = "Invalid";
- $results["description"] = "MD5 Checksum Verification Failed";
- return $results;
- }
- if( $results["status"] == "Active" )
- {
- $results["checkdate"] = $checkdate;
- $data_encoded = serialize($results);
- $data_encoded = base64_encode($data_encoded);
- $data_encoded = md5($checkdate . $licensing_secret_key) . $data_encoded;
- $data_encoded = strrev($data_encoded);
- $data_encoded = $data_encoded . md5($data_encoded . $licensing_secret_key);
- $data_encoded = wordwrap($data_encoded, 80, "\n", true);
- $results["localkey"] = $data_encoded;
- }
- $results["remotecheck"] = true;
- }
- unset($postfields);
- unset($data);
- unset($matches);
- unset($whmcsurl);
- unset($licensing_secret_key);
- unset($checkdate);
- unset($usersip);
- unset($localkeydays);
- unset($allowcheckfaildays);
- unset($md5hash);
- return $results;
- }
- public static function check_license($licensekey)
- {
- $archivolocal = "/usr/share/ilabs_antimalware/license.txt";
- $localkey = file_get_contents($archivolocal);
- $results = self::internal_check_license($licensekey, $localkey);
- switch( $results["status"] )
- {
- case "Active":
- $localkeydata = $results["localkey"];
- file_put_contents($archivolocal, $localkeydata);
- return "";
- case "Invalid":
- return "License invalid";
- case "Expired":
- return "License expired";
- case "Suspended":
- return "License suspended";
- }
- return "Unknown status: " . $results["status"];
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement