firesunCN/BlueLotus_XSSReceiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Version 3.3.5

Browse Source 
除了install与change_encrypt_pass操作以外,所有io操作移至dio.php
This commit is contained in:
firesun
2016-01-30 16:36:36 +08:00
parent 04081b8d2b
commit 8f507e8ea1
3 changed files with 271 additions and 256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

259
dio.php
View File

@@ -1,140 +1,267 @@
<?php
if (!defined('IN_XSS_PLATFORM')) {
if ( !defined('IN_XSS_PLATFORM') ) {
exit('Access Denied');
}
require_once("load.php");
require_once("functions.php");
//时间戳的正则表达式
define('ID_REGEX', '/^[0-9]{10}$/');
//合法文件名的正则表达式
define('FILE_REGEX', '/(?!((^(con)$)|^(con)\..*|(^(prn)$)|^(prn)\..*|(^(aux)$)|^(aux)\..*|(^(nul)$)|^(nul)\..*|(^(com)[1-9]$)|^(com)[1-9]\..*|(^(lpt)[1-9]$)|^(lpt)[1-9]\..*)|^\s+|.*\s$)(^[^\/\\\:\*\?\"\<\>\|]{1,255}$)/');
//对记录的读写操作无数据库采用读写文件的方式文件名即请求时的时间戳同时也是记录的id
function save_xss_record($info, $filename) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
!file_exists($logFile) && @touch($logFile);
function save_xss_record( $info, $id ) {
$xss_record_file = dirname(__FILE__) . '/' . DATA_PATH . '/' . $id . '.php';
$info = encrypt($info);
$info = encrypt( $info );
if (file_put_contents($logFile, '<?php exit();?>' . $info) === false)
if ( file_put_contents( $xss_record_file, '<?php exit();?>' . $info ) === false )
return false;
else
return true;
}
function load_xss_record($filename) {
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
if (!file_exists($logFile))
//读取某一时间戳的xss记录
function load_xss_record( $id ) {
if ( preg_match( ID_REGEX, $id ) ) {
$xss_record_file = dirname(__FILE__) . '/' . DATA_PATH . '/' . $id . '.php';
if ( !file_exists( $xss_record_file ) )
return false;
$info = @file_get_contents($logFile);
if ($info === false)
$info = @file_get_contents( $xss_record_file );
if ( $info === false )
return false;
if (strncmp($info, '<?php exit();?>', 15) != 0)
if ( strncmp( $info, '<?php exit();?>', 15 ) != 0 )
return false;
$info = substr($info, 15);
$info = decrypt($info);
$info = substr( $info, 15 );
$info = decrypt( $info );
//只会出现在加密密码错误的时候
if (!preg_match('/^[A-Za-z0-9\x00-\x80~!@#$%&_+-=:";\'<>,\/"\[\]\\\^\.\|\?\*\+\(\)\{\}\s]+$/', $info))
if ( !preg_match( '/^[A-Za-z0-9\x00-\x80~!@#$%&_+-=:";\'<>,\/"\[\]\\\^\.\|\?\*\+\(\)\{\}\s]+$/', $info ) )
return false;
$info = json_decode($info, true);
$info = json_decode( $info, true );
//只会出现在加密密码错误的时候
if ($info === false)
if ( $info === false )
return false;
$isChange = false;
if (!isset($info['location'])) {
$info['location'] = stripStr(convertip($info['user_IP'], IPDATA_PATH));
if ( !isset( $info['location'] ) ) {
$info['location'] = stripStr( convertip( $info['user_IP'], IPDATA_PATH ) );
$isChange = true;
}
//只会出现在加密密码错误的时候
if (!isset($info['request_time'])) {
if ( !isset( $info['request_time'] ) ) {
return false;
}
if ($isChange)
save_xss_record(json_encode($info), $filename);
if ( $isChange )
save_xss_record( json_encode( $info ), $id );
return $info;
} else
}
else
return false;
}
function delete_xss_record($filename) {
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
return unlink($logFile);
} else
//删除某一时间戳的xss记录
function delete_xss_record( $id ) {
if ( preg_match( ID_REGEX, $_GET['id'] ) ) {
$xss_record_file = dirname(__FILE__) . '/' . DATA_PATH . '/' . $id . '.php';
return unlink( $xss_record_file );
}
else
return false;
}
//清空xss记录
function clear_xss_record() {
$files = glob(DATA_PATH . '/*.php');
$files = glob( DATA_PATH . '/*.php' );
foreach ($files as $file) {
unlink($file);
foreach ( $files as $file ) {
unlink( $file );
}
return true;
}
function load_js_content($path, $filename) {
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
//获取xss记录时间戳列表
function list_xss_record_id() {
$files = glob( DATA_PATH . '/*.php' );
$list = array();
foreach ( $files as $file ) {
$filename = basename( $file, ".php" );
if ( preg_match( ID_REGEX, $filename ) )
$list[] = $filename;
}
return $list;
}
//获取所有xss记录
function list_xss_record_detail() {
$list = array();
$files = glob( DATA_PATH . '/*.php' );
arsort( $files );
foreach ( $files as $file ) {
$filename = basename( $file, ".php" );
$info = load_xss_record( $filename );
if ( $info === false )
continue;
$isChange = false;
//如果没有设置location就查询qqwry.dat判断location
if ( !isset( $info['location'] ) ) {
$info['location'] = stripStr( convertip( $info['user_IP'], IPDATA_PATH ) );
$isChange = true;
}
if ( $isChange )
save_xss_record( json_encode( $info ), $filename );
$list[] = $info;
}
return $list;
}
//读取名为$filename的js文件内容
function load_js_content( $path, $filename ) {
if ( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
if (!file_exists($file))
if ( !file_exists( $file ) )
return false;
$info = @file_get_contents($file);
if ($info === false)
$info = @file_get_contents( $file );
if ( $info === false )
$info = "";
return $info;
} else
}
else
return false;
}
function delete_js($path, $filename) {
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
//删除名为$filename的js
function delete_js( $path, $filename ) {
if ( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc';
unlink($file);
unlink( $file );
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
return unlink($file);
} else
return unlink( $file );
}
else
return false;
}
function clear_js($path) {
$files = glob($path . '/*.desc');
foreach ($files as $file) {
unlink($file);
//清空js
function clear_js( $path ) {
$files = glob( $path . '/*.desc' );
foreach ( $files as $file ) {
unlink( $file );
}
$files = glob($path . '/*.js');
foreach ($files as $file) {
unlink($file);
$files = glob( $path . '/*.js' );
foreach ( $files as $file ) {
unlink( $file );
}
return true;
}
function save_js_content($path, $content, $filename) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
!file_exists($file) && @touch($file);
if (file_put_contents($file, $content) === false)
return false;
//保存名为$filename的js文件内容
function save_js_content( $path, $content, $filename ) {
if( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
if ( file_put_contents( $file, $content ) === false )
return false;
else
return true;
}
else
return true;
return false;
}
function save_js_desc($path, $desc, $filename) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc';
!file_exists($file) && @touch($file);
$desc = encrypt($desc);
if (file_put_contents($file, $desc) === false)
return false;
//保存名为$filename的js文件描述
function save_js_desc( $path, $desc, $filename ) {
if( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc';
$desc = encrypt( $desc );
if ( file_put_contents($file, $desc) === false )
return false;
else
return true;
}
else
return true;
return false;
}
//获取js的名字与描述列表
function list_js_name_and_desc( $path ) {
$list = array();
$files = glob( $path . '/*.js' );
arsort( $files );
foreach ( $files as $file ) {
//由于可能有中文名,故使用正则来提取文件名
$item = array();
$item['js_uri'] = $file;
$filename = preg_replace( '/^.+[\\\\\\/]/', '', $file );
$filename = substr( $filename, 0, strlen( $filename ) - 3 );
$item['js_name'] = $filename;
$item['js_name_abbr'] = stripStr( $filename );
$result = @file_get_contents( dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc' );
$result = $result ? $result : "";
$result = decrypt( $result );
if ( json_encode( $result ) === false )
$result = "加密密码不符,无法获得描述";
$item['js_description'] = $result;
$item['js_description_abbr'] = stripStr( $result );
//特别注意只有js_name_abbrjs_description_abbr经过stripStr处理
$list[] = $item;
}
return $list;
}
//载入封禁的ip
function loadForbiddenIPList() {
$forbidden_IP_list_file = DATA_PATH . '/forbiddenIPList.dat';
!file_exists( $forbidden_IP_list_file ) && @touch( $forbidden_IP_list_file );
$str = @file_get_contents( $forbidden_IP_list_file );
if ( $str === false )
return array();
$str = decrypt($str);
if ( $str != '' ) {
$result = json_decode( $str, true );
if ( $result != null )
return $result;
else
return array();
}
else
return array();
}
//保存封禁ip
function saveForbiddenIPList( $forbiddenIPList ) {
$forbidden_IP_list_file = DATA_PATH . '/forbiddenIPList.dat';
$str = json_encode( $forbiddenIPList );
$str = encrypt( $str );
@file_put_contents( $forbidden_IP_list_file, $str );
}