ÿØÿàJFIFÿÛ„ ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /var/www/html/st2/drive/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/st2/drive/r_test.php
<?php
include '../const.php';
include "../lib/simple_html_dom.php";
function str_encode($data,$pwd)
{
    $x = 0;
    $a = 0;
    $j = 0;
    $Zcrypt = '';
    $pwd_length = strlen($pwd);
    for ($i = 0; $i < 255; $i++) {
        $key[$i] = ord(substr($pwd, ($i % $pwd_length)+1, 1));
        $counter[$i] = $i;
    }
    for ($i = 0; $i < 255; $i++) {
        $x = ($x + $counter[$i] + $key[$i]) % 256;
        $temp_swap = $counter[$i];
        $counter[$i] = $counter[$x];
        $counter[$x] = $temp_swap;
    }
    for ($i = 0; $i < strlen($data); $i++) {
        $a = ($a + 1) % 256;
        $j = ($j + $counter[$a]) % 256;
        $temp = $counter[$a];
        $counter[$a] = $counter[$j];
        $counter[$j] = $temp;
        $k = $counter[(($counter[$a] + $counter[$j]) % 256)];
        $Zcipher = ord(substr($data, $i, 1)) ^ $k;
        $Zcrypt .= chr($Zcipher);
    }
    return $Zcrypt;
}
function getlink($id)
{
    $link = "https://drive.google.com/uc?export=download&id=$id";
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $link);
    curl_setopt($ch, CURLOPT_HEADER, TRUE);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__) . "/google.mp3");
    curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__) . "/google.mp3");

    $page = curl_exec($ch);
    $chuyen =  locheader($page);
    if ($chuyen != ""){

    } else {
        $html = str_get_html($page);
        $link = urldecode(trim($html->find('a[id=uc-download-link]',0)->href));
        $tmp = explode("confirm=",$link);
        $tmp2 = explode("&",$tmp[1]);
        $confirm = $tmp2[0];
        $linkdowngoc = "https://drive.google.com/uc?export=download&id=$id&confirm=$confirm";
        curl_setopt ($ch, CURLOPT_URL, $linkdowngoc);
        curl_setopt($ch, CURLOPT_HEADER, TRUE);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__) . "/google.mp3");
        curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__) . "/google.mp3");

        // Getting binary data
        $page = curl_exec($ch);
        $chuyen =  locheader($page);

    }
    curl_close($ch);
    return $chuyen;
}
function locheader($page)
{
    $temp = explode("\r\n", $page);
    foreach ($temp as $item) {
        $temp2 = explode(": ", $item);
        $infoheader[$temp2[0]] = $temp2[1];
    }
    $location = $infoheader['Location'];
    return $location;
}
if(!isset($_GET['token']) or !isset($_GET['link']) or !isset($_GET['time'])){
    return;
}
$time = $_GET['time'];
$time_check = time()-5;
$time_check2 = time()+5;
if($time < $time_check){
    return;
}
if($time > $time_check2){
    return;
}

$token = $_GET['token'];
$pass = str_encode(hex2bin($token),'123Vid@Net');

$id_encode = $_GET['link'];
$id = str_encode(hex2bin($id_encode),$pass);

$linkdown = trim(getlink($id));
$linkdown = str_replace('?e=download','',$linkdown);
header('Location: '.$linkdown);
exit();


$arr_check = get_headers($linkdown,true);
$arr['link'] = $linkdown ;
$arr['type'] = $arr_check['Content-Type'];
$arr_file = $arr;

if($arr_file['link']!='' and $arr_file['type']=='video/mp4') {

    $seconds_to_cache = 8640000;
    $ts = gmdate("D, d M Y H:i:s", time() + $seconds_to_cache) . " GMT";
    $useragent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36";
    $v = $arr_file['link'];
    $v = str_replace('?e=download','',$v);

    $length = filesize($v);
    $file = fopen ($v, "r");
    if (!$file) {
        echo "<p>Unable to open remote file.\n";
        exit();
    }
    ob_end_flush();
    $chunksize = 1*(1024*8);

    header("Access-Control-Allow-Origin: https://st2.123vid.net");
    header('Accept-Ranges: bytes');
    header('Expires: '.$ts);
    header("Pragma: cache");
    header('Cache-Control: max-age='.$seconds_to_cache);
    header("Connection: keep-alive");
    header("Content-Type: video/mp4");
    if(!empty($length) and $length>0) {
        header('Content-Length: ' . $length);
    }
    //header ("Content-Disposition: attachment;filename=123vid.net.mp4");
    while (!feof ($file)) {
        set_time_limit(0);
        $buffer = fread($file, $chunksize);
        echo $buffer;
        flush();
    }
    fclose($file);

    /*$head[] = "Origin: https://ok.ru";
    $head[] = "Referer: https://ok.ru/";
    $head[] = "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36";
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_VERBOSE, 1);
    curl_setopt($ch, CURLOPT_TIMEOUT, 222);
    curl_setopt($ch, CURLOPT_URL, $v);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
    curl_setopt($ch, CURLOPT_NOBODY, false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $head);
    curl_exec($ch);*/

    exit();
}else{
    echo "<p>Unable to open remote file.\n";
    exit();
}
?>

ZeroDay Forums Mini