firesunCN/BlueLotus_XSSReceiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Version 3.5.3

Browse Source 
1. 增加referer校验防御CSRF
2. 修复若干小bug
3. 更新IP库
This commit is contained in:
firesun
2022-05-24 00:13:20 +08:00
parent ead56abef5
commit 82227be6bd
17 changed files with 124 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
README.md
View File

@@ -1,5 +1,5 @@
# XSS数据接收平台无SQL版
如从旧版本升级请务必先阅读Readme
如从旧版本升级请务必先阅读Readme。同时只是一个很久以前打CTF比赛练手的项目现在回看起来很多地方写的都不优雅不过难得的发现过了这么多年还能使用。本项目仅供学习交流使用不得用于任何非法用途。
## 平台说明
* 本平台设计理念: 简单配置即可使用无需数据库无需其他组件支持可直接在php虚拟空间使用
@@ -9,7 +9,7 @@
##安装说明
###自动安装
* 安装http server与php环境ubuntu: sudo apt-get install apache2 php5 或 sudo apt-get install apache2 php7.0 libapache2-mod-php7.0
* 安装http server与php环境ubuntu: sudo apt-get install apache2 php5 或 sudo apt-get install apache2 php7.4 libapache2-mod-php7.4
* 上传所有文件至空间根目录
* 访问http://网站地址/
@@ -34,8 +34,8 @@ define('DATA_PATH', 'data');
define('JS_TEMPLATE_PATH', 'template');
define('MY_JS_PATH', 'myjs');
define('ENABLE_ENCRYPT', true);
define('ENCRYPT_PASS', "bluelotus");
define('ENCRYPT_TYPE', "RC4");
define('ENCRYPT_PASS', 'bluelotus');
define('ENCRYPT_TYPE', 'RC4');
```
* PASS为登录密码可用`php -r '$salt="!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl";$key="你的密码";$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);echo $key;'`生成密码hash
* 赋予`DATA_PATH``MY_JS_PATH``JS_TEMPLATE_PATH`对应的目录写权限
@@ -101,19 +101,20 @@ define('ENCRYPT_TYPE', "RC4");
* cookie和location参数支持base64编码keepsession.php会自动判断自动解码
* 如果不设置location将会使用HTTP Referer作为url
* keepsession.php使用`flock($pid, LOCK_EX|LOCK_NB)`实现单例运行由于windows下不支持无阻塞锁定所以最好删除keepsession.php里的`set_time_limit(0)`可自行加上sleep防止keepsession.php被恶意频繁访问
* 请自己做好SSRF防护
## 邮件提醒
修改config.php相关配置即可默认关闭开启后每次接收到xss都会发邮件通知需要短信提醒的直接把接收邮箱设置为手机邮箱即可
```
define('MAIL_ENABLE', false);//开启邮件通知
define('SMTP_SERVER', "smtp.xxx.com");//smtp服务器
define('SMTP_SERVER', 'smtp.xxx.com');//smtp服务器
define('SMTP_PORT', 465);//端口
define('SMTP_SECURE', "ssl");
define('MAIL_USER', "xxx@xxx.com");//发件人用户名
define('MAIL_PASS', "xxxxxx");//发件人密码
define('MAIL_FROM', "xxx@xxx.com");//发件人地址(需真实,不可伪造)
define('MAIL_RECV', "xxxx@xxxx.com");//接收通知的邮件地址
define('SMTP_SECURE', 'ssl');
define('MAIL_USER', 'xxx@xxx.com');//发件人用户名
define('MAIL_PASS', 'xxxxxx');//发件人密码
define('MAIL_FROM', 'xxx@xxx.com');//发件人地址(需真实,不可伪造)
define('MAIL_RECV', 'xxxx@xxxx.com');//接收通知的邮件地址
```
## 修改数据加密密码,加密方式

4
admin.php
View File

@@ -1,6 +1,6 @@
<?php
define("IN_XSS_PLATFORM", true);
require_once("auth.php");
define('IN_XSS_PLATFORM', true);
require_once('auth.php');
?>
<!DOCTYPE html>
<html>

11
api.php
View File

@@ -1,10 +1,17 @@
<?php
error_reporting(0);
define("IN_XSS_PLATFORM", true);
define('IN_XSS_PLATFORM', true);
require_once('auth.php');
require_once("dio.php");
require_once('dio.php');
header('Content-Type: application/json');
$referer_array = parse_url($_SERVER['HTTP_REFERER']);
//CSRF防御
if($referer_array['host'] != $_SERVER['HTTP_HOST']) {
exit('Access Denied');
}
//与xss记录相关api
if ( isset( $_GET['cmd'] ) ) {
switch ( $_GET['cmd'] ) {

16
auth.php
View File

@@ -3,10 +3,10 @@ if (!defined('IN_XSS_PLATFORM')) {
exit('Access Denied');
}
require_once("functions.php");
require_once('functions.php');
//设置httponly
ini_set("session.cookie_httponly", 1);
ini_set('session.cookie_httponly', 1);
session_start();
//判断登陆情况ip和useragent是否改变改变则强制退出
@@ -16,19 +16,19 @@ if ( !(isset($_SESSION['isLogin']) && $_SESSION['isLogin'] === true && isset($_S
$_SESSION['user_agent'] = "";
session_unset();
session_destroy();
header("Location: login.php");
header('Location: login.php');
exit();
}
if ( ADMIN_IP_CHECK_ENABLE && !(isset($_SESSION['user_IP']) && $_SESSION['user_IP'] != "" && $_SESSION['user_IP'] === getRealIP()) ) {
if ( ADMIN_IP_CHECK_ENABLE && !(isset($_SESSION['user_IP']) && $_SESSION['user_IP'] != '' && $_SESSION['user_IP'] === getRealIP()) ) {
$_SESSION['isLogin'] = false;
$_SESSION['user_IP'] = "";
$_SESSION['user_agent'] = "";
$_SESSION['user_IP'] = '';
$_SESSION['user_agent'] = '';
session_unset();
session_destroy();
header("Location: login.php");
header('Location: login.php');
exit();
}
//开启CSP
require_once("waf.php");
require_once('waf.php');

24
change_encrypt_pass.php
View File

@@ -21,11 +21,11 @@ exit();
* 3. php change_encrypt_pass.php true bluelotus rc4 (现在是否加密) (新加密密码) (新加密方法)
* 4. 升级完成
*/
define("IN_XSS_PLATFORM", true);
require_once("config.php");
define('IN_XSS_PLATFORM', true);
require_once('config.php');
if( isset( $argv[1] ) ) {
if ($argv[1] === "update")
if ($argv[1] === 'update')
update_from_old_version($argv[2], $argv[3]);
else
change_pass($argv[1], $argv[2], $argv[3], $argv[4], $argv[5], $argv[6]);
@@ -33,8 +33,8 @@ if( isset( $argv[1] ) ) {
function update_from_old_version($old_encrypt_enable, $old_encrypt_pass) {
//如果从旧版本升级就统一先切换为RC4密码bluelotus
modify_ForbiddenIPList($old_encrypt_enable, $old_encrypt_pass, "AES", "true", "bluelotus", "RC4");
modify_xss_record($old_encrypt_enable, $old_encrypt_pass, "AES", "true", "bluelotus", "RC4");
modify_ForbiddenIPList($old_encrypt_enable, $old_encrypt_pass, 'AES', 'true', 'bluelotus', 'RC4');
modify_xss_record($old_encrypt_enable, $old_encrypt_pass, 'AES', 'true', 'bluelotus', 'RC4');
}
function change_pass($old_encrypt_enable, $old_encrypt_pass, $old_encrypt_type, $new_encrypt_enable, $new_encrypt_pass, $new_encrypt_type) {
@@ -65,7 +65,7 @@ function modify_xss_record($old_encrypt_enable, $old_encrypt_pass, $old_encrypt_
foreach ($files as $file) {
$filename = basename($file, ".php");
if (preg_match("/^[0-9]{10}$/", $filename)) {
if (preg_match('/^[0-9]{10}$/', $filename)) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
$info = @file_get_contents($logFile);
@@ -110,11 +110,11 @@ function modify_js_desc($path, $old_encrypt_enable, $old_encrypt_pass, $old_encr
function encrypt($info, $encrypt_enable, $encrypt_pass, $encrypt_type) {
if ($encrypt_enable) {
if ($encrypt_type === "AES") {
require_once("aes.php");
if ($encrypt_type === 'AES') {
require_once('aes.php');
$info = AESEncryptCtr($info, $encrypt_pass);
} else {
require_once("rc4.php");
require_once('rc4.php');
$info = base64_encode(rc4($info, $encrypt_pass));
}
} else
@@ -125,12 +125,12 @@ function encrypt($info, $encrypt_enable, $encrypt_pass, $encrypt_type) {
function decrypt($info, $encrypt_enable, $encrypt_pass, $encrypt_type) {
if ($encrypt_enable) {
if ($encrypt_type === "AES") {
require_once("aes.php");
if ($encrypt_type === 'AES') {
require_once('aes.php');
$info = AESDecryptCtr($info, $encrypt_pass);
} else {
require_once("rc4.php");
require_once('rc4.php');
$info = rc4(base64_decode($info), $encrypt_pass);
}
} else

38
config-sample.php
View File

@@ -3,25 +3,25 @@ if (!defined('IN_XSS_PLATFORM')) {
exit('Access Denied');
}
define("PASS", "2a05218c7aa0a6dbd370985d984627b8"); //后台登录密码默认密码bluelotus
define("DATA_PATH", "data"); //xss记录、封禁ip列表存放目录
define("JS_TEMPLATE_PATH", "template"); //js模板存放目录
define("MY_JS_PATH", "myjs"); //我的js存放目录
define("ENCRYPT_ENABLE", true); //是否加密“xss记录封禁ip列表js描述”
define("ENCRYPT_PASS", "bluelotus"); //加密密码
define("ENCRYPT_TYPE", "RC4"); //加密方法AES或RC4
define("KEEP_SESSION", true); //是否启用KEEP_SESSION功能需要外部定时访问keepsession.php
define("ADMIN_IP_CHECK_ENABLE", true);//是否启用管理员ip认证启用后当xss平台发现ip变化将会踢出管理员要求重新登录如果发现经常异常退出控制面板请关闭此项认证
define("XFF_ENABLE", false);//是否使用HTTP_X_FORWARDED_FOR的地址来代替REMOTE_ADDR当且仅当存在反代的情况下才须开启开启须谨慎
define("IPDATA_PATH", "qqwry.dat"); //ip归属地数据库地址
define('PASS', '2a05218c7aa0a6dbd370985d984627b8'); //后台登录密码默认密码bluelotus
define('DATA_PATH', 'data'); //xss记录、封禁ip列表存放目录
define('JS_TEMPLATE_PATH', 'template'); //js模板存放目录
define('MY_JS_PATH', 'myjs'); //我的js存放目录
define('ENCRYPT_ENABLE', true); //是否加密“xss记录封禁ip列表js描述”
define('ENCRYPT_PASS', 'bluelotus'); //加密密码
define('ENCRYPT_TYPE', 'RC4'); //加密方法AES或RC4
define('KEEP_SESSION', true); //是否启用KEEP_SESSION功能需要外部定时访问keepsession.php
define('ADMIN_IP_CHECK_ENABLE', true);//是否启用管理员ip认证启用后当xss平台发现ip变化将会踢出管理员要求重新登录如果发现经常异常退出控制面板请关闭此项认证
define('XFF_ENABLE', false);//是否使用HTTP_X_FORWARDED_FOR的地址来代替REMOTE_ADDR当且仅当存在反代的情况下才须开启开启须谨慎
define('IPDATA_PATH', 'qqwry.dat'); //ip归属地数据库地址
/*邮件通知相关配置*/
define("MAIL_ENABLE", false); //开启邮件通知
define("SMTP_SERVER", "smtp.xxx.com"); //smtp服务器
define("SMTP_PORT", 465); //端口
define("SMTP_SECURE", "ssl");
define("MAIL_USER", "xxx@xxx.com"); //发件人用户名
define("MAIL_PASS", "xxxxxx"); //发件人密码
define("MAIL_FROM", "xxx@xxx.com"); //发件人地址(需真实,不可伪造)
define("MAIL_RECV", "xxxx@xxxx.com"); //接收通知的邮件地址
define('MAIL_ENABLE', false); //开启邮件通知
define('SMTP_SERVER', 'smtp.xxx.com'); //smtp服务器
define('SMTP_PORT', 465); //端口
define('SMTP_SECURE', 'ssl');
define('MAIL_USER', 'xxx@xxx.com'); //发件人用户名
define('MAIL_PASS', 'xxxxxx'); //发件人密码
define('MAIL_FROM', 'xxx@xxx.com'); //发件人地址(需真实,不可伪造)
define('MAIL_RECV', 'xxxx@xxxx.com'); //接收通知的邮件地址

2
dio.php
View File

@@ -2,7 +2,7 @@
if ( !defined('IN_XSS_PLATFORM') ) {
exit('Access Denied');
}
require_once("functions.php");
require_once('functions.php');
//时间戳的正则表达式
define('ID_REGEX', '/^[0-9]{10}$/');

26
functions.php
View File

@@ -3,7 +3,7 @@ if (!defined('IN_XSS_PLATFORM')) {
exit('Access Denied');
}
require_once("load.php");
require_once('load.php');
//nginx无getallheaders函数
if (!function_exists('getallheaders')) {
@@ -22,21 +22,21 @@ function isKeepSession($info) {
$keepsession = false;
foreach ($info['get_data'] as $k => $v) {
if ($k === "keepsession") {
if ($k === 'keepsession') {
$keepsession = ($v === "1" ? true : false);
return $keepsession;
}
}
foreach ($info['post_data'] as $k => $v) {
if ($k === "keepsession") {
if ($k === 'keepsession') {
$keepsession = ($v === "1" ? true : false);
return $keepsession;
}
}
foreach ($info['cookie_data'] as $k => $v) {
if ($k === "keepsession") {
if ($k === 'keepsession') {
$keepsession = ($v === "1" ? true : false);
return $keepsession;
}
@@ -66,7 +66,7 @@ function tryBase64Decode($arr) {
$new_arr = array();
foreach ($arr as $k => $v) {
$decoded_v = "";
$decoded_v = '';
if (isBase64Formatted($v)) {
$decoded_v = base64_decode($v);
$isChanged = 1;
@@ -93,11 +93,11 @@ function isBase64Formatted($str) {
function encrypt($info) {
if (ENCRYPT_ENABLE) {
if (ENCRYPT_TYPE === "AES") {
require_once("aes.php");
if (ENCRYPT_TYPE === 'AES') {
require_once('aes.php');
$info = AESEncryptCtr($info, ENCRYPT_PASS);
} else {
require_once("rc4.php");
require_once('rc4.php');
$info = base64_encode(rc4($info, ENCRYPT_PASS));
}
} else
@@ -108,12 +108,12 @@ function encrypt($info) {
function decrypt($info) {
if (ENCRYPT_ENABLE) {
if (ENCRYPT_TYPE === "AES") {
if (ENCRYPT_TYPE === 'AES') {
require_once("aes.php");
$info = AESDecryptCtr($info, ENCRYPT_PASS);
} else {
require_once("rc4.php");
require_once('rc4.php');
$info = rc4(base64_decode($info), ENCRYPT_PASS);
}
} else
@@ -145,7 +145,7 @@ function getRealIP(){
//基于Discuz X3.1 function_misc.php 函数已过滤,可直接输出
function convertIP($ip, $ipdatafile) {
$ipaddr = '未知';
if (preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $ip)) {
if (preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $ip)) {
$iparray = explode('.', $ip);
if ($iparray[0] == 10 || $iparray[0] == 127 || ($iparray[0] == 192 && $iparray[1] == 168) || ($iparray[0] == 172 && ($iparray[1] >= 16 && $iparray[1] <= 31))) {
$ipaddr = '局域网';
@@ -278,12 +278,12 @@ function convertIP($ip, $ipdatafile) {
}
fclose($fd);
$ipAddr1 = iconv("gb18030", "utf-8//IGNORE", $ipAddr1);
$ipAddr1 = iconv('gb18030', "utf-8//IGNORE", $ipAddr1);
if ($ipAddr2) {
if (ord($ipAddr2{0}) == 2)
$ipAddr2 = "";
else
$ipAddr2 = iconv("gb18030", "utf-8//IGNORE", $ipAddr2);
$ipAddr2 = iconv('gb18030', "utf-8//IGNORE", $ipAddr2);
}
if (preg_match('/http/i', $ipAddr2)) {

16
index.php
View File

@@ -1,5 +1,5 @@
<?php
define("IN_XSS_PLATFORM", true);
define('IN_XSS_PLATFORM', true);
ignore_user_abort(true);
error_reporting(0);
@@ -9,17 +9,17 @@ error_reporting(0);
if(count($_GET)==0&&count($_POST)==0&&count($_COOKIE)==0)
exit();
*/
header("Access-Control-Allow-Origin:*");
require_once("functions.php");
require_once("dio.php");
header('Access-Control-Allow-Origin: *');
require_once('functions.php');
require_once('dio.php');
$info = array();
$user_IP = getRealIP();
$user_port = isset($_SERVER['REMOTE_PORT']) ? $_SERVER['REMOTE_PORT'] : "unknown";
$protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : "unknown";
$request_method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : "unknown";
$request_URI = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : "unknown";
$user_port = isset($_SERVER['REMOTE_PORT']) ? $_SERVER['REMOTE_PORT'] : 'unknown';
$protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'unknown';
$request_method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : 'unknown';
$request_URI = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : 'unknown';
$request_time = isset($_SERVER['REQUEST_TIME']) ? $_SERVER['REQUEST_TIME'] : time();
$headers_data = getallheaders();

18
install.php
View File

@@ -1,5 +1,5 @@
<?php
define("IN_XSS_PLATFORM",true);
define('IN_XSS_PLATFORM',true);
ignore_user_abort(true);
//检测是否已经安装
@@ -304,8 +304,8 @@ function display_setup_form( $error = null ) {
<select name="encrypt_type" type="text" id="encrypt_type" size="1">
<option value ="RC4" <?php if($encrypt_type==="RC4") echo 'selected="selected"';?> >RC4</option>
<option value ="AES" <?php if($encrypt_type!=="RC4") echo 'selected="selected"';?> >AES</option>
<option value ="RC4" <?php if($encrypt_type==='RC4') echo 'selected="selected"';?> >RC4</option>
<option value ="AES" <?php if($encrypt_type!=='RC4') echo 'selected="selected"';?> >AES</option>
</select>
</td>
@@ -447,12 +447,12 @@ function modifyJsDesc($path,$old_encrypt_enable,$old_encrypt_pass,$old_encrypt_t
//加密
function encrypt($info,$encrypt_enable,$encrypt_pass,$encrypt_type) {
if($encrypt_enable) {
if($encrypt_type==="AES") {
require_once("aes.php");
if($encrypt_type==='AES') {
require_once('aes.php');
$info=AESEncryptCtr($info,$encrypt_pass);
}
else {
require_once("rc4.php");
require_once('rc4.php');
$info=base64_encode( rc4($info,$encrypt_pass) );
}
}
@@ -465,13 +465,13 @@ function encrypt($info,$encrypt_enable,$encrypt_pass,$encrypt_type) {
//解密
function decrypt($info,$encrypt_enable,$encrypt_pass,$encrypt_type) {
if($encrypt_enable) {
if($encrypt_type==="AES") {
require_once("aes.php");
if($encrypt_type==='AES') {
require_once('aes.php');
$info=AESDecryptCtr($info,$encrypt_pass);
}
else {
require_once("rc4.php");
require_once('rc4.php');
$info=rc4(base64_decode($info),$encrypt_pass);
}
}

15
keepsession.php
View File

@@ -1,13 +1,14 @@
<?php
define("IN_XSS_PLATFORM", true);
define('IN_XSS_PLATFORM', true);
//很明显keepsession有SSRF问题一定要做好网络隔离或者自己加固一下代码
ignore_user_abort();
//Windows平台最好别设成0因为windows上lock没法实现非阻塞
set_time_limit(0);
require_once("load.php");
require_once("functions.php");
require_once("dio.php");
require_once('load.php');
require_once('functions.php');
require_once('dio.php');
if (KEEP_SESSION) {
//利用非阻塞的flock实现单例运行
@@ -24,7 +25,7 @@ if (KEEP_SESSION) {
$url = getLocation($info);
$cookie = getCookie($info);
$useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2535.0 Safari/537.36";
$useragent = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2535.0 Safari/537.36';
if (isset($info['headers_data']['User-Agent']))
$useragent = $info['headers_data']['User-Agent'];
@@ -60,7 +61,7 @@ if (KEEP_SESSION) {
function getCookie($info)
{
$cookie = "";
$cookie = '';
if (isset($info['decoded_get_data']['cookie']) && $info['decoded_get_data']['cookie'] != "")
$cookie = $info['decoded_get_data']['cookie'];
@@ -81,7 +82,7 @@ function getCookie($info)
function getLocation($info)
{
$location = "";
$location = '';
if (isset($info['decoded_get_data']['location']) && $info['decoded_get_data']['location'] != "")
$location = $info['decoded_get_data']['location'];

2
load.php
View File

@@ -3,6 +3,6 @@ if (file_exists('config.php')) {
require_once('config.php');
} else {
//缺少config文件转至install.php
header("Location: install.php");
header('Location: install.php');
exit();
}

22
login.php
View File

@@ -1,20 +1,20 @@
<?php
define("IN_XSS_PLATFORM", true);
define('IN_XSS_PLATFORM', true);
require_once("functions.php");
require_once("dio.php");
require_once('functions.php');
require_once('dio.php');
//CSP开启
require_once("waf.php");
require_once('waf.php');
//设置httponly
ini_set("session.cookie_httponly", 1);
ini_set('session.cookie_httponly', 1);
session_start();
//判断是否登陆
if (isset($_SESSION['isLogin']) && $_SESSION['isLogin'] === true) {
header("Location: admin.php");
header('Location: admin.php');
exit();
}
@@ -32,7 +32,7 @@ if (!isset($forbiddenIPList[$ip]) || $forbiddenIPList[$ip] <= 5) {
unset($forbiddenIPList[$ip]);
saveForbiddenIPList($forbiddenIPList);
}
header("Location: admin.php");
header('Location: admin.php');
exit();
} else {
if (isset($forbiddenIPList[$ip]))
@@ -53,9 +53,9 @@ php -r '$salt="!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl";$key="你的密码";$key=md5($s
*/
function checkPassword($p) {
if (isset($_POST['firesunCheck']) && isset($_SESSION['firesunCheck']) && $_SESSION['firesunCheck'] != "" && $_POST['firesunCheck'] === $_SESSION['firesunCheck']) {
if (isset($_POST['firesunCheck']) && isset($_SESSION['firesunCheck']) && $_SESSION['firesunCheck'] != '' && $_POST['firesunCheck'] === $_SESSION['firesunCheck']) {
//改了这个盐记得改login.js里的两个要一致
$salt = "!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl";
$salt = '!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl';
$key = PASS;
$key = md5($salt . $key . $_SESSION['firesunCheck'] . $salt);
$key = md5($salt . $key . $_SESSION['firesunCheck'] . $salt);
@@ -67,8 +67,8 @@ function checkPassword($p) {
//生成挑战应答的随机值
function generate_password($length = 32) {
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$password = "";
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$password = '';
for ($i = 0; $i < $length; $i++)
$password .= $chars[mt_rand(0, strlen($chars) - 1)];
return $password;

6
logout.php
View File

@@ -1,9 +1,9 @@
<?php
session_start();
$_SESSION['isLogin'] = false;
$_SESSION['user_IP'] = "";
$_SESSION['user_agent'] = "";
$_SESSION['user_IP'] = '';
$_SESSION['user_agent'] = '';
session_unset();
session_destroy();
header("Location: login.php");
header('Location: login.php');
exit();

16
mail.php
View File

@@ -3,15 +3,15 @@ if (!defined('IN_XSS_PLATFORM')) {
exit('Access Denied');
}
require_once("PHPMailer/PHPMailerAutoload.php");
require_once("load.php");
require_once('PHPMailer/PHPMailerAutoload.php');
require_once('load.php');
function send_mail($xss_record_json) {
$subject = "GET:" . count($xss_record_json['get_data']) . "个 POST:" . count($xss_record_json['post_data']) . "个 Cookie:" . count($xss_record_json['cookie_data']) . "";
$subject = 'GET:' . count($xss_record_json['get_data']) . '个 POST:' . count($xss_record_json['post_data']) . '个 Cookie:' . count($xss_record_json['cookie_data']) . '个';
$body = json_encode($xss_record_json, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
$body = str_replace("\n", "<br/>", $body);
$body = str_replace(" ", "&nbsp;", $body);
$body = str_replace('\n', '<br/>', $body);
$body = str_replace(' ', '&nbsp;', $body);
$mail = new PHPMailer(); //实例化
$mail->isSendmail();
@@ -21,15 +21,15 @@ function send_mail($xss_record_json) {
$mail->Port = SMTP_PORT; //邮件发送端口
$mail->SMTPAuth = true; //启用SMTP认证
$mail->SMTPSecure = SMTP_SECURE;
$mail->CharSet = "UTF-8"; //字符集
$mail->Encoding = "base64"; //编码方式
$mail->CharSet = 'UTF-8'; //字符集
$mail->Encoding = 'base64'; //编码方式
$mail->Username = MAIL_USER; //你的邮箱
$mail->Password = MAIL_PASS; //你的密码
$mail->Subject = $subject; //邮件标题
$mail->From = MAIL_FROM; //发件人地址(也就是你的邮箱)
$mail->FromName = "通知"; //发件人姓名
$mail->FromName = '通知'; //发件人姓名
$mail->AddAddress(MAIL_RECV); //添加收件人(地址,昵称)

BIN
qqwry.dat
View File

Binary file not shown.

4
waf.php
View File

@@ -1,7 +1,5 @@
<?php
header("Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-src 'none'");
header("X-Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-src 'none'");
header("X-WebKit-CSP: default-src 'self'; style-src 'self' 'unsafe-inline';img-src 'self' data:; frame-src 'none'");
header("Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-src 'none'");
header("X-XSS-Protection: 1; mode=block");
header("X-Content-Type-Options: nosniff");
header("X-Frame-Options: DENY");