ÿØÿàJFIFÿÛ„ ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /var/www/html/vidoe.top/proxy/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/vidoe.top/proxy/embed_zing.php
<?php
if (substr_count($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')){
    ob_start('ob_gzhandler');
}else{
    ob_start();
}

function str_encode($data,$pwd)
{
    $x = 0;
    $a = 0;
    $j = 0;
    $Zcrypt = '';
    $pwd_length = strlen($pwd);
    for ($i = 0; $i < 255; $i++) {
        $key[$i] = ord(substr($pwd, ($i % $pwd_length)+1, 1));
        $counter[$i] = $i;
    }
    for ($i = 0; $i < 255; $i++) {
        $x = ($x + $counter[$i] + $key[$i]) % 256;
        $temp_swap = $counter[$i];
        $counter[$i] = $counter[$x];
        $counter[$x] = $temp_swap;
    }
    for ($i = 0; $i < strlen($data); $i++) {
        $a = ($a + 1) % 256;
        $j = ($j + $counter[$a]) % 256;
        $temp = $counter[$a];
        $counter[$a] = $counter[$j];
        $counter[$j] = $temp;
        $k = $counter[(($counter[$a] + $counter[$j]) % 256)];
        $Zcipher = ord(substr($data, $i, 1)) ^ $k;
        $Zcrypt .= chr($Zcipher);
    }
    return $Zcrypt;
}
if(!function_exists (hex2bin)){
    function hex2bin($hexdata) {
        $bindata = '';
        for ($i=0;$i<strlen($hexdata);$i+=2) {
            $bindata .= chr(hexdec(substr($hexdata,$i,2)));
        }
        return $bindata;
    }
}
function get_content_phim47($url) {

    $header[0] = "Accept: text/xml,application/xml,application/xhtml+xml,";
    $header[0] .= "text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5";
    $header[] = "Cache-Control: max-age=0";
    $header[] = "Connection: keep-alive";
    $header[] = "Keep-Alive: 300";
    $header[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7";
    $header[] = "Accept-Language: en-us,en;q=0.5";
    $header[] = "Pragma: "; // browsers keep this blank.
    $process = curl_init($url);
    curl_setopt($process, CURLOPT_HTTPHEADER, $header);
    curl_setopt($process, CURLOPT_HEADER, 0);
    curl_setopt($process, CURLOPT_USERAGENT, 'Googlebot/2.1 (+http://www.google.com/bot.html)');
    //curl_setopt($process, CURLOPT_COOKIEFILE, dirname(__FILE__).'/'.'cookies_anhtrang2.txt');
    //curl_setopt($process, CURLOPT_COOKIEJAR,  dirname(__FILE__).'/'.'cookies_anhtrang2.txt');
    curl_setopt($process, CURLOPT_REFERER, 'http://v1vn.com');
    curl_setopt($process, CURLOPT_ENCODING, 'gzip,deflate');
    //curl_setopt($process,CURLOPT_ENCODING , compression);
    curl_setopt($process, CURLOPT_TIMEOUT, 5);
    //if (proxy) curl_setopt($cUrl, CURLOPT_PROXY, 'proxy_ip:proxy_port');
    curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
    //curl_setopt($process, CURLOPT_FOLLOWLOCATION, 1);
    $return = curl_exec($process);
    curl_close($process);
    //$content = strip_tags($return,'<div><a><p><span><li><ul><object><embed><b><font>');
    return $return;
}
/*$url_encode = $_GET['url'];
$url_decode =  str_encode(hex2bin($url_encode),'ngocgiac');

$content = get_content_phim47($url_decode);
preg_match_all ('#<source src="(.+?)" type="video/mp4" />#',$content,$zingvn);
foreach ($zingvn[1] as $vpt_zing){
    $play_mp4 = $vpt_zing;
    //$vpt_zing_encode = bin2hex(str_encode(trim($vpt_zing),'ngocgiac'));
    //echo $vpt_zing_encode;
}*/

?>

<?php
class zing {
    public $_text = '';
    public $_key = 'f_pk_ZingTV_1_@z';
    public $_iv = 'f_iv_ZingTV_1_@z';
    public $_result = '';
    public function _decrypt(){
        if($this->_text != ''){
            $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
            $iv_size = mcrypt_enc_get_iv_size($cipher);
            if(mcrypt_generic_init($cipher, $this->_key, $this->_iv) != -1){
                $cipherText = mdecrypt_generic($cipher,$this->_hexToString($this->_text));
                mcrypt_generic_deinit($cipher);
                $this->_result = $cipherText;
                return true;
            }else{
                return false;
            }
        }
    }
    protected function _hexToString($hex){
        if(!is_string($hex)){
            return null;
        }
        $char = '';
        for($i=0; $i<strlen($hex);$i+=2){
            $char .= chr(hexdec($hex{$i}.$hex{($i+1)}));
        }
        return $char;
    }
}
$url_encode = $_GET['url'];
$url_decode =  str_encode(hex2bin($url_encode),'ngocgiac');
$id_zing = basename($url_decode);
$url_decode = 'http://tv.zing.vn/video/Life-Story-2014-Tap-5/'.$id_zing.'.html';

$zing = get_content_phim47($url_decode);

preg_match_all('/xmlURL: "([^>]*)",/U', $zing, $link_zing);
$xml = str_replace( 'media', 'media-embed', $link_zing[1][0]);

$sourceXML = file_get_contents('compress.zlib://'.$xml);

preg_match_all('#\<\!\[CDATA\[(.*?)\]\]\>#is',$sourceXML,$match);

$code_360 = $match[1][2];
$code_720 = $match[1][3];
$code_480 = $match[1][4];


$getf360 = new zing;
$getf360->_text = $code_360;
$getf720 = new zing;
$getf720->_text = $code_720;
$getf480 = new zing;
$getf480->_text = $code_480;

if($getf360->_decrypt()!=false){
    $show_360 = $getf360->_result;
}
if($getf720->_decrypt()!=false){
    $show_720 = $get720->_result;
}
if($getf480->_decrypt()!=false){
    $show_480 = $getf480->_result;
}



?>


<html style="width: 100%; height: 100%"><head>
    <title>-Server 1 embed-</title>
    <style type="text/css">
        body {
            background: #000000;
            margin: 0px;
            padding: 0px;
        }
    </style>
    <link href="http://www.clbbeiq.com/proxy/jscript/video_js/video-js.css" rel="stylesheet" type="text/css" />
    <script src="http://www.clbbeiq.com/proxy/jscript/video_js/video.js"></script>
    <link href="http://www.clbbeiq.com/proxy/jscript/video_js/button-styles.css" rel="stylesheet" type="text/css" />
    <script src="http://www.clbbeiq.com/proxy/jscript/video_js/video-quality-selector.js"></script>
    <script>
        videojs.options.flash.swf = "http://www.clbbeiq.com/proxy/jscript/video_js/video-js.swf";
    </script>

</head>

<body style="width: 100%; height: 100%">

<video id="ht_player" width="100%" height="100%" class="video-js vjs-default-skin" preload="none" poster="http://www.clbbeiq.com/loading.gif" data-setup="{ }" autoplay controls>
    <source src="<?php echo $show_360;?>" type='video/mp4' data-res="360p" data-default="true" />
    <?php
    if(!empty($show_480)){
    ?>
    <source src="<?php echo $show_480;?>" type='video/mp4' data-res="480p" />
        <?php } ?>
<?php
if(!empty($show_720)){
    ?>
    <source src="<?php echo $show_720;?>" type='video/mp4' data-res="720p"/>
<?php } ?>
    <p>Video Playback Not Supported</p>
</video>
<script type="text/javascript">
    videojs( '#ht_player', { plugins : { resolutionSelector : {
        default_res : '360p'
    } } }, function() {
        var player = this;
        player.on( 'changeRes', function() {
            console.log( 'Current Res is: ' + player.getCurrentRes() );
        });
    });
</script>

</body></html>
<?php
ob_end_flush();
exit();
?>

ZeroDay Forums Mini