firesunCN/BlueLotus_XSSReceiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
03a2e79acfa5cb552a4c8d00e84e3a7876e91b2e
BlueLotus_XSSReceiver/dio.php
firesun 03a2e79acf Version 3.3.0 
添加安装脚本install.php
2016-01-28 02:19:09 +08:00

149 lines
4.1 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
if (!defined('IN_XSS_PLATFORM')) {
exit('Access Denied');
}
require_once("load.php");
require_once("functions.php");
//对记录的读写操作无数据库采用读写文件的方式文件名即请求时的时间戳同时也是记录的id
function save_xss_record($info, $filename)
{
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
!file_exists($logFile) && @touch($logFile);
$info = encrypt($info);
if (file_put_contents($logFile, '<?php exit();?>' . $info) === false)
return false;
else
return true;
}
function load_xss_record($filename)
{
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
if (!file_exists($logFile))
return false;
$info = @file_get_contents($logFile);
if ($info === false)
return false;
if (strncmp($info, '<?php exit();?>', 15) != 0)
return false;
$info = substr($info, 15);
$info = decrypt($info);
//只会出现在加密密码错误的时候
if (!preg_match('/^[A-Za-z0-9\x00-\x80~!@#$%&_+-=:";\'<>,\/"\[\]\\\^\.\|\?\*\+\(\)\{\}\s]+$/', $info))
return false;
$info = json_decode($info, true);
//只会出现在加密密码错误的时候
if ($info === false)
return false;
$isChange = false;
if (!isset($info['location'])) {
$info['location'] = stripStr(convertip($info['user_IP'], IPDATA_PATH));
$isChange = true;
}
//只会出现在加密密码错误的时候
if (!isset($info['request_time'])) {
return false;
}
if ($isChange)
save_xss_record(json_encode($info), $filename);
return $info;
} else
return false;
}
function delete_xss_record($filename)
{
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
return unlink($logFile);
} else
return false;
}
function clear_xss_record()
{
$files = glob(DATA_PATH . '/*.php');
foreach ($files as $file) {
unlink($file);
}
return true;
}
function load_js_content($path, $filename)
{
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
if (!file_exists($file))
return false;
$info = @file_get_contents($file);
if ($info === false)
$info = "";
return $info;
} else
return false;
}
function delete_js($path, $filename)
{
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc';
unlink($file);
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
return unlink($file);
} else
return false;
}
function clear_js($path)
{
$files = glob($path . '/*.desc');
foreach ($files as $file) {
unlink($file);
}
$files = glob($path . '/*.js');
foreach ($files as $file) {
unlink($file);
}
return true;
}
function save_js_content($path, $content, $filename)
{
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.js';
!file_exists($file) && @touch($file);
if (file_put_contents($file, $content) === false)
return false;
else
return true;
}
function save_js_desc($path, $desc, $filename)
{
$file = dirname(__FILE__) . '/' . $path . '/' . $filename . '.desc';
!file_exists($file) && @touch($file);
$desc = encrypt($desc);
if (file_put_contents($file, $desc) === false)
return false;
else
return true;
}
Reference in New Issue View Git Blame Copy Permalink