firesunCN/BlueLotus_XSSReceiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Version 3.3.5

Browse Source 
除了install与change_encrypt_pass操作以外,所有io操作移至dio.php
This commit is contained in:
firesun
2016-01-30 16:36:36 +08:00
parent 04081b8d2b
commit 8f507e8ea1
3 changed files with 271 additions and 256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

227
api.php
View File

@@ -6,254 +6,169 @@ require_once("functions.php");
require_once("dio.php"); require_once("dio.php");
header('Content-Type: application/json'); header('Content-Type: application/json');
//时间戳的正则表达式
define('ID_REGEX', '/^[0-9]{10}$/');
//合法文件名的正则表达式
define('FILE_REGEX', '/(?!((^(con)$)|^(con)\..*|(^(prn)$)|^(prn)\..*|(^(aux)$)|^(aux)\..*|(^(nul)$)|^(nul)\..*|(^(com)[1-9]$)|^(com)[1-9]\..*|(^(lpt)[1-9]$)|^(lpt)[1-9]\..*)|^\s+|.*\s$)(^[^\/\\\:\*\?\"\<\>\|]{1,255}$)/');
//与xss记录相关api //与xss记录相关api
if (isset($_GET['cmd'])) { if ( isset( $_GET['cmd'] ) ) {
switch ($_GET['cmd']) { switch ( $_GET['cmd'] ) {
//获取所有记录包括详细信息 //获取所有记录包括详细信息
case 'list': case 'list':
echo json_encode(xss_record_detail_list()); echo json_encode( list_xss_record_detail() );
break; break;
//只获取时间戳索引id //只获取时间戳索引id
case 'id_list': case 'id_list':
echo json_encode(xss_record_id_list()); echo json_encode( list_xss_record_id() );
break; break;
//根据时间戳索引id获得单条信息 //根据时间戳索引id获得单条信息
case 'get': case 'get':
if (isset($_GET['id']) && preg_match(ID_REGEX, $_GET['id'])) if ( isset( $_GET['id'] ) )
echo json_encode(load_xss_record($_GET['id'])); echo json_encode( load_xss_record( $_GET['id'] ) );
else else
echo json_encode(false); echo json_encode( false );
break; break;
//根据时间戳索引id删除单条信息 //根据时间戳索引id删除单条信息
case 'del': case 'del':
if (isset($_GET['id']) && preg_match(ID_REGEX, $_GET['id'])) if ( isset( $_GET['id'] ) )
echo json_encode(delete_xss_record($_GET['id'])); echo json_encode( delete_xss_record( $_GET['id'] ) );
else else
echo json_encode(false); echo json_encode( false );
break; break;
//清空记录 //清空记录
case 'clear': case 'clear':
echo json_encode(clear_xss_record()); echo json_encode( clear_xss_record() );
break; break;
default: default:
echo json_encode(false); echo json_encode( false );
} }
} }
//与js模板相关api //与js模板相关api
else if (isset($_GET['js_template_cmd'])) { else if ( isset( $_GET['js_template_cmd'] ) ) {
switch ($_GET['js_template_cmd']) { switch ( $_GET['js_template_cmd'] ) {
//获取所有js模板的名字与描述 //获取所有js模板的名字与描述
case 'list': case 'list':
echo json_encode(js_name_and_desc_list(JS_TEMPLATE_PATH)); echo json_encode( list_js_name_and_desc( JS_TEMPLATE_PATH ) );
break; break;
//添加js模板 //添加js模板
case 'add': case 'add':
if (isset($_POST['name']) && isset($_POST['desc']) && isset($_POST['content']) && preg_match(FILE_REGEX, $_POST['name'])) { if ( isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (!is_writable(JS_TEMPLATE_PATH)) $result = save_js_desc( JS_TEMPLATE_PATH, $_POST['desc'], $_POST['name'] )
echo json_encode(false); && save_js_content( JS_TEMPLATE_PATH, $_POST['content'], $_POST['name'] );
else { echo json_encode( $result );
save_js_desc(JS_TEMPLATE_PATH, $_POST['desc'], $_POST['name']);
save_js_content(JS_TEMPLATE_PATH, $_POST['content'], $_POST['name']);
echo json_encode(true);
} }
} else else
echo json_encode(false); echo json_encode( false );
break; break;
//修改js模板 //修改js模板
case 'modify': case 'modify':
if (isset($_POST['old_name']) && isset($_POST['name']) && isset($_POST['desc']) && isset($_POST['content']) && preg_match(FILE_REGEX, $_POST['old_name']) && preg_match(FILE_REGEX, $_POST['name'])) { if ( isset( $_POST['old_name'] ) && isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (!is_writable(JS_TEMPLATE_PATH)) $result = true;
echo json_encode(false); if ( $_POST['old_name'] != $_POST['name'] )
else { $result = delete_js( JS_TEMPLATE_PATH, $_POST['old_name'] );
if ($_POST['old_name'] != $_POST['name'])
delete_js(JS_TEMPLATE_PATH, $_POST['old_name']);
save_js_desc(JS_TEMPLATE_PATH, $_POST['desc'], $_POST['name']); if( $result ) {
save_js_content(JS_TEMPLATE_PATH, $_POST['content'], $_POST['name']); $result = save_js_desc( JS_TEMPLATE_PATH, $_POST['desc'], $_POST['name'] )
echo json_encode(true); && save_js_content( JS_TEMPLATE_PATH, $_POST['content'], $_POST['name'] );
} }
} else echo json_encode( $result );
echo json_encode(false);
}
else
echo json_encode( false );
break; break;
//获取某一js模板的内容 //获取某一js模板的内容
case 'get': case 'get':
if (isset($_GET['name']) && preg_match(FILE_REGEX, $_GET['name'])) if ( isset( $_GET['name'] ) )
echo json_encode(load_js_content(JS_TEMPLATE_PATH, $_GET['name'])); echo json_encode( load_js_content( JS_TEMPLATE_PATH, $_GET['name'] ) );
else else
echo json_encode(false); echo json_encode( false );
break; break;
//删除js模板 //删除js模板
case 'del': case 'del':
if (isset($_GET['name']) && preg_match(FILE_REGEX, $_GET['name'])) if ( isset( $_GET['name'] ) )
echo json_encode(delete_js(JS_TEMPLATE_PATH, $_GET['name'])); echo json_encode( delete_js( JS_TEMPLATE_PATH, $_GET['name'] ) );
else else
echo json_encode(false); echo json_encode( false );
break; break;
//清空js模板 //清空js模板
case 'clear': case 'clear':
echo json_encode(clear_js(JS_TEMPLATE_PATH)); echo json_encode( clear_js( JS_TEMPLATE_PATH ) );
break; break;
default: default:
echo json_encode(false); echo json_encode( false );
} }
} }
//与我的js相关api //与我的js相关api
else if (isset($_GET['my_js_cmd'])) { else if ( isset( $_GET['my_js_cmd'] ) ) {
switch ($_GET['my_js_cmd']) { switch ( $_GET['my_js_cmd'] ) {
//获取所有我的js的名字与描述 //获取所有我的js的名字与描述
case 'list': case 'list':
echo json_encode(js_name_and_desc_list(MY_JS_PATH)); echo json_encode( list_js_name_and_desc( MY_JS_PATH ) );
break; break;
//添加js模板 //添加js模板
case 'add': case 'add':
if (isset($_POST['name']) && isset($_POST['desc']) && isset($_POST['content']) && preg_match(FILE_REGEX, $_POST['name'])) { if ( isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (!is_writable(MY_JS_PATH)) $result = save_js_desc( MY_JS_PATH, $_POST['desc'], $_POST['name'] )
echo json_encode(false); && save_js_content( MY_JS_PATH, $_POST['content'], $_POST['name'] );
else { echo json_encode( $result );
save_js_desc(MY_JS_PATH, $_POST['desc'], $_POST['name']);
save_js_content(MY_JS_PATH, $_POST['content'], $_POST['name']);
echo json_encode(true);
} }
else
} else echo json_encode( false );
echo json_encode(false);
break; break;
//修改js模板 //修改js模板
case 'modify': case 'modify':
if (isset($_POST['old_name']) && isset($_POST['name']) && isset($_POST['desc']) && isset($_POST['content']) && preg_match(FILE_REGEX, $_POST['old_name']) && preg_match(FILE_REGEX, $_POST['name'])) { if ( isset( $_POST['old_name'] ) && isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (!is_writable(MY_JS_PATH)) $result = true;
echo json_encode(false); if ( $_POST['old_name'] != $_POST['name'] )
else { $result = delete_js( MY_JS_PATH, $_POST['old_name'] );
if ($_POST['old_name'] != $_POST['name']) if( $result ) {
delete_js(MY_JS_PATH, $_POST['old_name']); $result = save_js_desc( MY_JS_PATH, $_POST['desc'], $_POST['name'] )
&& save_js_content( MY_JS_PATH, $_POST['content'], $_POST['name'] );
save_js_desc(MY_JS_PATH, $_POST['desc'], $_POST['name']);
save_js_content(MY_JS_PATH, $_POST['content'], $_POST['name']);
echo json_encode(true);
} }
} else echo json_encode( $result );
echo json_encode(false); }
else
echo json_encode( false );
break; break;
//获取某一js模板的内容 //获取某一js模板的内容
case 'get': case 'get':
if (isset($_GET['name']) && preg_match(FILE_REGEX, $_GET['name'])) if ( isset( $_GET['name'] ) )
echo json_encode(load_js_content(MY_JS_PATH, $_GET['name'])); echo json_encode( load_js_content( MY_JS_PATH, $_GET['name'] ) );
else else
echo json_encode(false); echo json_encode( false );
break; break;
//删除js模板 //删除js模板
case 'del': case 'del':
if (isset($_GET['name']) && preg_match(FILE_REGEX, $_GET['name'])) if ( isset( $_GET['name'] ) )
echo json_encode(delete_js(MY_JS_PATH, $_GET['name'])); echo json_encode( delete_js( MY_JS_PATH, $_GET['name'] ) );
else else
echo json_encode(false); echo json_encode( false );
break; break;
//清空js模板 //清空js模板
case 'clear': case 'clear':
echo json_encode(clear_js(MY_JS_PATH)); echo json_encode( clear_js( MY_JS_PATH ) );
break; break;
default: default:
echo json_encode(false); echo json_encode( false );
} }
} else
echo json_encode(false);
function xss_record_id_list() {
$files = glob(DATA_PATH . '/*.php');
$list = array();
foreach ($files as $file) {
$filename = basename($file, ".php");
if (preg_match(ID_REGEX, $filename))
$list[] = $filename;
}
return $list;
}
function xss_record_detail_list() {
$list = array();
$files = glob(DATA_PATH . '/*.php');
arsort($files);
foreach ($files as $file) {
$filename = basename($file, ".php");
if (preg_match(ID_REGEX, $filename)) {
$info = load_xss_record($filename);
if ($info === false)
continue;
$isChange = false;
//如果没有设置location就查询qqwry.dat判断location
if (!isset($info['location'])) {
$info['location'] = stripStr(convertip($info['user_IP'], IPDATA_PATH));
$isChange = true;
}
if ($isChange)
save_xss_record(json_encode($info), $filename);
$list[] = $info;
}
}
return $list;
}
//获取js的名字与描述列表
function js_name_and_desc_list($path) {
$list = array();
$files = glob($path . '/*.js');
arsort($files);
foreach ($files as $file) {
//由于可能有中文名,故使用正则来提取文件名
$item = array();
$item['js_uri'] = $file;
$filename = preg_replace('/^.+[\\\\\\/]/', '', $file);
$filename = substr($filename, 0, strlen($filename) - 3);
$item['js_name'] = $filename;
$item['js_name_abbr'] = stripStr($filename);
$result = @file_get_contents(dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc');
$result = $result ? $result : "";
$result = decrypt($result);
if (json_encode($result) === false)
$result = "加密密码不符,无法获得描述";
$item['js_description'] = $result;
$item['js_description_abbr'] = stripStr($result);
//特别注意只有js_name_abbrjs_description_abbr经过stripStr处理
$list[] = $item;
}
return $list;
} }
else
echo json_encode( false );

241
dio.php
View File

@@ -1,140 +1,267 @@
<?php <?php
if (!defined('IN_XSS_PLATFORM')) { if ( !defined('IN_XSS_PLATFORM') ) {
exit('Access Denied'); exit('Access Denied');
} }
require_once("load.php"); require_once("load.php");
require_once("functions.php"); require_once("functions.php");
//时间戳的正则表达式
define('ID_REGEX', '/^[0-9]{10}$/');
//合法文件名的正则表达式
define('FILE_REGEX', '/(?!((^(con)$)|^(con)\..*|(^(prn)$)|^(prn)\..*|(^(aux)$)|^(aux)\..*|(^(nul)$)|^(nul)\..*|(^(com)[1-9]$)|^(com)[1-9]\..*|(^(lpt)[1-9]$)|^(lpt)[1-9]\..*)|^\s+|.*\s$)(^[^\/\\\:\*\?\"\<\>\|]{1,255}$)/');
//对记录的读写操作无数据库采用读写文件的方式文件名即请求时的时间戳同时也是记录的id //对记录的读写操作无数据库采用读写文件的方式文件名即请求时的时间戳同时也是记录的id
function save_xss_record($info, $filename) { function save_xss_record( $info, $id ) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php'; $xss_record_file = dirname(__FILE__) . '/' . DATA_PATH . '/' . $id . '.php';
!file_exists($logFile) && @touch($logFile);
$info = encrypt($info); $info = encrypt( $info );
if (file_put_contents($logFile, '<?php exit();?>' . $info) === false) if ( file_put_contents( $xss_record_file, '<?php exit();?>' . $info ) === false )
return false; return false;
else else
return true; return true;
} }
function load_xss_record($filename) { //读取某一时间戳的xss记录
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) { function load_xss_record( $id ) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php'; if ( preg_match( ID_REGEX, $id ) ) {
if (!file_exists($logFile)) $xss_record_file = dirname(__FILE__) . '/' . DATA_PATH . '/' . $id . '.php';
if ( !file_exists( $xss_record_file ) )
return false; return false;
$info = @file_get_contents($logFile); $info = @file_get_contents( $xss_record_file );
if ($info === false) if ( $info === false )
return false; return false;
if (strncmp($info, '<?php exit();?>', 15) != 0) if ( strncmp( $info, '<?php exit();?>', 15 ) != 0 )
return false; return false;
$info = substr($info, 15); $info = substr( $info, 15 );
$info = decrypt($info); $info = decrypt( $info );
//只会出现在加密密码错误的时候 //只会出现在加密密码错误的时候
if (!preg_match('/^[A-Za-z0-9\x00-\x80~!@#$%&_+-=:";\'<>,\/"\[\]\\\^\.\|\?\*\+\(\)\{\}\s]+$/', $info)) if ( !preg_match( '/^[A-Za-z0-9\x00-\x80~!@#$%&_+-=:";\'<>,\/"\[\]\\\^\.\|\?\*\+\(\)\{\}\s]+$/', $info ) )
return false; return false;
$info = json_decode($info, true); $info = json_decode( $info, true );
//只会出现在加密密码错误的时候 //只会出现在加密密码错误的时候
if ($info === false) if ( $info === false )
return false; return false;
$isChange = false; $isChange = false;
if (!isset($info['location'])) { if ( !isset( $info['location'] ) ) {
$info['location'] = stripStr(convertip($info['user_IP'], IPDATA_PATH)); $info['location'] = stripStr( convertip( $info['user_IP'], IPDATA_PATH ) );
$isChange = true; $isChange = true;
} }
//只会出现在加密密码错误的时候 //只会出现在加密密码错误的时候
if (!isset($info['request_time'])) { if ( !isset( $info['request_time'] ) ) {
return false; return false;
} }
if ($isChange) if ( $isChange )
save_xss_record(json_encode($info), $filename); save_xss_record( json_encode( $info ), $id );
return $info; return $info;
} else }
else
return false; return false;
} }
function delete_xss_record($filename) { //删除某一时间戳的xss记录
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) { function delete_xss_record( $id ) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php'; if ( preg_match( ID_REGEX, $_GET['id'] ) ) {
return unlink($logFile); $xss_record_file = dirname(__FILE__) . '/' . DATA_PATH . '/' . $id . '.php';
} else return unlink( $xss_record_file );
}
else
return false; return false;
} }
//清空xss记录
function clear_xss_record() { function clear_xss_record() {
$files = glob(DATA_PATH . '/*.php'); $files = glob( DATA_PATH . '/*.php' );
foreach ($files as $file) { foreach ( $files as $file ) {
unlink($file); unlink( $file );
} }
return true; return true;
} }
function load_js_content($path, $filename) { //获取xss记录时间戳列表
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) { function list_xss_record_id() {
$files = glob( DATA_PATH . '/*.php' );
$list = array();
foreach ( $files as $file ) {
$filename = basename( $file, ".php" );
if ( preg_match( ID_REGEX, $filename ) )
$list[] = $filename;
}
return $list;
}
//获取所有xss记录
function list_xss_record_detail() {
$list = array();
$files = glob( DATA_PATH . '/*.php' );
arsort( $files );
foreach ( $files as $file ) {
$filename = basename( $file, ".php" );
$info = load_xss_record( $filename );
if ( $info === false )
continue;
$isChange = false;
//如果没有设置location就查询qqwry.dat判断location
if ( !isset( $info['location'] ) ) {
$info['location'] = stripStr( convertip( $info['user_IP'], IPDATA_PATH ) );
$isChange = true;
}
if ( $isChange )
save_xss_record( json_encode( $info ), $filename );
$list[] = $info;
}
return $list;
}
//读取名为$filename的js文件内容
function load_js_content( $path, $filename ) {
if ( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js'; $file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
if (!file_exists($file)) if ( !file_exists( $file ) )
return false; return false;
$info = @file_get_contents($file); $info = @file_get_contents( $file );
if ($info === false) if ( $info === false )
$info = ""; $info = "";
return $info; return $info;
} else }
else
return false; return false;
} }
function delete_js($path, $filename) { //删除名为$filename的js
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) { function delete_js( $path, $filename ) {
if ( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc'; $file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc';
unlink($file); unlink( $file );
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js'; $file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
return unlink($file); return unlink( $file );
} else }
else
return false; return false;
} }
function clear_js($path) { //清空js
$files = glob($path . '/*.desc'); function clear_js( $path ) {
foreach ($files as $file) { $files = glob( $path . '/*.desc' );
unlink($file); foreach ( $files as $file ) {
unlink( $file );
} }
$files = glob($path . '/*.js'); $files = glob( $path . '/*.js' );
foreach ($files as $file) { foreach ( $files as $file ) {
unlink($file); unlink( $file );
} }
return true; return true;
} }
function save_js_content($path, $content, $filename) { //保存名为$filename的js文件内容
function save_js_content( $path, $content, $filename ) {
if( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js'; $file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
!file_exists($file) && @touch($file);
if (file_put_contents($file, $content) === false) if ( file_put_contents( $file, $content ) === false )
return false; return false;
else else
return true; return true;
}
else
return false;
} }
function save_js_desc($path, $desc, $filename) { //保存名为$filename的js文件描述
function save_js_desc( $path, $desc, $filename ) {
if( preg_match( FILE_REGEX, $filename ) ) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc'; $file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc';
!file_exists($file) && @touch($file);
$desc = encrypt($desc); $desc = encrypt( $desc );
if (file_put_contents($file, $desc) === false) if ( file_put_contents($file, $desc) === false )
return false; return false;
else else
return true; return true;
}
else
return false;
}
//获取js的名字与描述列表
function list_js_name_and_desc( $path ) {
$list = array();
$files = glob( $path . '/*.js' );
arsort( $files );
foreach ( $files as $file ) {
//由于可能有中文名,故使用正则来提取文件名
$item = array();
$item['js_uri'] = $file;
$filename = preg_replace( '/^.+[\\\\\\/]/', '', $file );
$filename = substr( $filename, 0, strlen( $filename ) - 3 );
$item['js_name'] = $filename;
$item['js_name_abbr'] = stripStr( $filename );
$result = @file_get_contents( dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc' );
$result = $result ? $result : "";
$result = decrypt( $result );
if ( json_encode( $result ) === false )
$result = "加密密码不符,无法获得描述";
$item['js_description'] = $result;
$item['js_description_abbr'] = stripStr( $result );
//特别注意只有js_name_abbrjs_description_abbr经过stripStr处理
$list[] = $item;
}
return $list;
}
//载入封禁的ip
function loadForbiddenIPList() {
$forbidden_IP_list_file = DATA_PATH . '/forbiddenIPList.dat';
!file_exists( $forbidden_IP_list_file ) && @touch( $forbidden_IP_list_file );
$str = @file_get_contents( $forbidden_IP_list_file );
if ( $str === false )
return array();
$str = decrypt($str);
if ( $str != '' ) {
$result = json_decode( $str, true );
if ( $result != null )
return $result;
else
return array();
}
else
return array();
}
//保存封禁ip
function saveForbiddenIPList( $forbiddenIPList ) {
$forbidden_IP_list_file = DATA_PATH . '/forbiddenIPList.dat';
$str = json_encode( $forbiddenIPList );
$str = encrypt( $str );
@file_put_contents( $forbidden_IP_list_file, $str );
} }

29
login.php
View File

@@ -3,6 +3,7 @@ define("IN_XSS_PLATFORM", true);
require_once("load.php"); require_once("load.php");
require_once("functions.php"); require_once("functions.php");
require_once("dio.php");
//CSP开启 //CSP开启
header("Content-Security-Policy: default-src 'self'; object-src 'none'; frame-src 'none'"); header("Content-Security-Policy: default-src 'self'; object-src 'none'; frame-src 'none'");
@@ -48,34 +49,6 @@ if (!isset($forbiddenIPList[$ip]) || $forbiddenIPList[$ip] <= 5) {
} else } else
$is_pass_wrong = true; $is_pass_wrong = true;
function loadForbiddenIPList() {
$logfile = DATA_PATH . '/forbiddenIPList.dat';
!file_exists($logfile) && @touch($logfile);
$str = @file_get_contents($logfile);
if ($str === false)
return array();
$str = decrypt($str);
if ($str != '') {
$result = json_decode($str, true);
if ($result != null)
return $result;
else
return array();
} else
return array();
}
function saveForbiddenIPList($forbiddenIPList) {
$logfile = DATA_PATH . '/forbiddenIPList.dat';
!file_exists($logfile) && @touch($logfile);
$str = json_encode($forbiddenIPList);
$str = encrypt($str);
@file_put_contents($logfile, $str);
}
/* /*
生成密码 生成密码
php -r "$salt='!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl';$key='bluelotus';$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);echo $key;" php -r "$salt='!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl';$key='bluelotus';$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);echo $key;"