Subversion Repositories vnag

Rev

Rev 88 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
80 daniel-mar 1 
#!/usr/bin/env php
83 daniel-mar 2 
<?php @ob_end_clean(); ?><?php
80 daniel-mar 3 
 
4 
$web = 'index.php';
5 
 
6 
if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) {
7 
Phar::interceptFileFuncs();
8 
set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path());
9 
Phar::webPhar(null, $web);
10 
include 'phar://' . __FILE__ . '/' . Extract_Phar::START;
11 
return;
12 
}
13 
 
14 
if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) {
15 
Extract_Phar::go(true);
16 
$mimes = array(
17 
'phps' => 2,
18 
'c' => 'text/plain',
19 
'cc' => 'text/plain',
20 
'cpp' => 'text/plain',
21 
'c++' => 'text/plain',
22 
'dtd' => 'text/plain',
23 
'h' => 'text/plain',
24 
'log' => 'text/plain',
25 
'rng' => 'text/plain',
26 
'txt' => 'text/plain',
27 
'xsd' => 'text/plain',
28 
'php' => 1,
29 
'inc' => 1,
30 
'avi' => 'video/avi',
31 
'bmp' => 'image/bmp',
32 
'css' => 'text/css',
33 
'gif' => 'image/gif',
34 
'htm' => 'text/html',
35 
'html' => 'text/html',
36 
'htmls' => 'text/html',
37 
'ico' => 'image/x-ico',
38 
'jpe' => 'image/jpeg',
39 
'jpg' => 'image/jpeg',
40 
'jpeg' => 'image/jpeg',
41 
'js' => 'application/x-javascript',
42 
'midi' => 'audio/midi',
43 
'mid' => 'audio/midi',
44 
'mod' => 'audio/mod',
45 
'mov' => 'movie/quicktime',
46 
'mp3' => 'audio/mp3',
47 
'mpg' => 'video/mpeg',
48 
'mpeg' => 'video/mpeg',
49 
'pdf' => 'application/pdf',
50 
'png' => 'image/png',
51 
'swf' => 'application/shockwave-flash',
52 
'tif' => 'image/tiff',
53 
'tiff' => 'image/tiff',
54 
'wav' => 'audio/wav',
55 
'xbm' => 'image/xbm',
56 
'xml' => 'text/xml',
57 
);
58 
 
59 
header("Cache-Control: no-cache, must-revalidate");
60 
header("Pragma: no-cache");
61 
 
62 
$basename = basename(__FILE__);
63 
if (!strpos($_SERVER['REQUEST_URI'], $basename)) {
64 
chdir(Extract_Phar::$temp);
65 
include $web;
66 
return;
67 
}
68 
$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename));
69 
if (!$pt || $pt == '/') {
70 
$pt = $web;
71 
header('HTTP/1.1 301 Moved Permanently');
72 
header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt);
73 
exit;
74 
}
75 
$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt);
76 
if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) {
77 
header('HTTP/1.0 404 Not Found');
78 
echo "<html>\n <head>\n  <title>File Not Found<title>\n </head>\n <body>\n  <h1>404 - File Not Found</h1>\n </body>\n</html>";
79 
exit;
80 
}
81 
$b = pathinfo($a);
82 
if (!isset($b['extension'])) {
83 
header('Content-Type: text/plain');
84 
header('Content-Length: ' . filesize($a));
85 
readfile($a);
86 
exit;
87 
}
88 
if (isset($mimes[$b['extension']])) {
89 
if ($mimes[$b['extension']] === 1) {
90 
include $a;
91 
exit;
92 
}
93 
if ($mimes[$b['extension']] === 2) {
94 
highlight_file($a);
95 
exit;
96 
}
97 
header('Content-Type: ' .$mimes[$b['extension']]);
98 
header('Content-Length: ' . filesize($a));
99 
readfile($a);
100 
exit;
101 
}
102 
}
103 
 
104 
class Extract_Phar
105 
{
106 
static $temp;
107 
static $origdir;
108 
const GZ = 0x1000;
109 
const BZ2 = 0x2000;
110 
const MASK = 0x3000;
111 
const START = 'plugins/net2ftp_version/check_net2ftp_version.phps';
112 
const LEN = 6684;
113 
 
114 
static function go($return = false)
115 
{
116 
$fp = fopen(__FILE__, 'rb');
117 
fseek($fp, self::LEN);
118 
$L = unpack('V', $a = fread($fp, 4));
119 
$m = '';
120 
 
121 
do {
122 
$read = 8192;
123 
if ($L[1] - strlen($m) < 8192) {
124 
$read = $L[1] - strlen($m);
125 
}
126 
$last = fread($fp, $read);
127 
$m .= $last;
128 
} while (strlen($last) && strlen($m) < $L[1]);
129 
 
130 
if (strlen($m) < $L[1]) {
131 
die('ERROR: manifest length read was "' .
132 
strlen($m) .'" should be "' .
133 
$L[1] . '"');
134 
}
135 
 
136 
$info = self::_unpack($m);
137 
$f = $info['c'];
138 
 
139 
if ($f & self::GZ) {
140 
if (!function_exists('gzinflate')) {
141 
die('Error: zlib extension is not enabled -' .
142 
' gzinflate() function needed for zlib-compressed .phars');
143 
}
144 
}
145 
 
146 
if ($f & self::BZ2) {
147 
if (!function_exists('bzdecompress')) {
148 
die('Error: bzip2 extension is not enabled -' .
149 
' bzdecompress() function needed for bz2-compressed .phars');
150 
}
151 
}
152 
 
153 
$temp = self::tmpdir();
154 
 
155 
if (!$temp || !is_writable($temp)) {
156 
$sessionpath = session_save_path();
157 
if (strpos ($sessionpath, ";") !== false)
158 
$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1);
159 
if (!file_exists($sessionpath) || !is_dir($sessionpath)) {
160 
die('Could not locate temporary directory to extract phar');
161 
}
162 
$temp = $sessionpath;
163 
}
164 
 
165 
$temp .= '/pharextract/'.basename(__FILE__, '.phar');
166 
self::$temp = $temp;
167 
self::$origdir = getcwd();
168 
@mkdir($temp, 0777, true);
169 
$temp = realpath($temp);
170 
 
171 
if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) {
172 
self::_removeTmpFiles($temp, getcwd());
173 
@mkdir($temp, 0777, true);
174 
@file_put_contents($temp . '/' . md5_file(__FILE__), '');
175 
 
176 
foreach ($info['m'] as $path => $file) {
177 
$a = !file_exists(dirname($temp . '/' . $path));
178 
@mkdir(dirname($temp . '/' . $path), 0777, true);
179 
clearstatcache();
180 
 
181 
if ($path[strlen($path) - 1] == '/') {
182 
@mkdir($temp . '/' . $path, 0777);
183 
} else {
184 
file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp));
185 
@chmod($temp . '/' . $path, 0666);
186 
}
187 
}
188 
}
189 
 
190 
chdir($temp);
191 
 
192 
if (!$return) {
193 
include self::START;
194 
}
195 
}
196 
 
197 
static function tmpdir()
198 
{
199 
if (strpos(PHP_OS, 'WIN') !== false) {
200 
if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) {
201 
return $var;
202 
}
203 
if (is_dir('/temp') || mkdir('/temp')) {
204 
return realpath('/temp');
205 
}
206 
return false;
207 
}
208 
if ($var = getenv('TMPDIR')) {
209 
return $var;
210 
}
211 
return realpath('/tmp');
212 
}
213 
 
214 
static function _unpack($m)
215 
{
216 
$info = unpack('V', substr($m, 0, 4));
217 
 $l = unpack('V', substr($m, 10, 4));
218 
$m = substr($m, 14 + $l[1]);
219 
$s = unpack('V', substr($m, 0, 4));
220 
$o = 0;
221 
$start = 4 + $s[1];
222 
$ret['c'] = 0;
223 
 
224 
for ($i = 0; $i < $info[1]; $i++) {
225 
 $len = unpack('V', substr($m, $start, 4));
226 
$start += 4;
227 
 $savepath = substr($m, $start, $len[1]);
228 
$start += $len[1];
229 
   $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24)));
230 
$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3]
231 
& 0xffffffff);
232 
$ret['m'][$savepath][7] = $o;
233 
$o += $ret['m'][$savepath][2];
234 
$start += 24 + $ret['m'][$savepath][5];
235 
$ret['c'] |= $ret['m'][$savepath][4] & self::MASK;
236 
}
237 
return $ret;
238 
}
239 
 
240 
static function extractFile($path, $entry, $fp)
241 
{
242 
$data = '';
243 
$c = $entry[2];
244 
 
245 
while ($c) {
246 
if ($c < 8192) {
247 
$data .= @fread($fp, $c);
248 
$c = 0;
249 
} else {
250 
$c -= 8192;
251 
$data .= @fread($fp, 8192);
252 
}
253 
}
254 
 
255 
if ($entry[4] & self::GZ) {
256 
$data = gzinflate($data);
257 
} elseif ($entry[4] & self::BZ2) {
258 
$data = bzdecompress($data);
259 
}
260 
 
261 
if (strlen($data) != $entry[0]) {
262 
die("Invalid internal .phar file (size error " . strlen($data) . " != " .
263 
$stat[7] . ")");
264 
}
265 
 
266 
if ($entry[3] != sprintf("%u", crc32($data) & 0xffffffff)) {
267 
die("Invalid internal .phar file (checksum error)");
268 
}
269 
 
270 
return $data;
271 
}
272 
 
273 
static function _removeTmpFiles($temp, $origdir)
274 
{
275 
chdir($temp);
276 
 
277 
foreach (glob('*') as $f) {
278 
if (file_exists($f)) {
279 
is_dir($f) ? @rmdir($f) : @unlink($f);
280 
if (file_exists($f) && is_dir($f)) {
281 
self::_removeTmpFiles($f, getcwd());
282 
}
283 
}
284 
}
285 
 
286 
@rmdir($temp);
287 
clearstatcache();
288 
chdir($origdir);
289 
}
290 
}
291 
 
292 
Extract_Phar::go();
293 
__HALT_COMPILER(); ?>
89 daniel-mar 294 
¿Òa:1:{s:23:"1.3.6.1.4.1.37476.3.0.2";s:420:"sha256||<builder>|481cf75d675006b504520fd2acb3b29c89aea03aab64754e0adfb364de4914b2||framework/vnag_framework.inc.php|1e5dca12497a73f4ef6b189216961e478472c1da399bb31ea97398a0d421ddd6||plugins/net2ftp_version/Net2FtpVersionCheck.class.php|ddeb635d7d199d4f3866aad5a7e50f5e23e41c93d72f6a0aa9935e56c46ce5db||plugins/net2ftp_version/check_net2ftp_version.phps|22f9d5094319cf7d0f9e460584ec3f914befd75d487502dc6fca8e07ff35f90a||";} framework/vnag_framework.inc.phpßßW]X·¤5plugins/net2ftp_version/Net2FtpVersionCheck.class.php 
 
ߌ¯¤2plugins/net2ftp_version/check_net2ftp_version.phpsÐÐfÞ¤<?php
87 daniel-mar 295 
 
296 
 
89 daniel-mar 297 
 declare(ticks=1); require_once __DIR__ . '/../../framework/vnag_framework.inc.php'; require_once __DIR__ . '/Net2FtpVersionCheck.class.php'; $job = new Net2FtpVersionCheck(); $job->run(); unset($job); TO«
80 daniel-mar 298 
ªBǃrâße~©Âi´6—l•aè9[ñ¦å_‡Ï`5°’ûÑ&¡uæ;¼C¡9Š,þ’GBMB