banji240776
New Member
- Messages
- 1
- Reaction score
- 0
- Points
- 0
<?php
$yf_server = 'ems03.your-freedom.de';
$yf_port = 80;
$connect_timeout = 10;
$sep="--SEP";
set_magic_quotes_runtime(0);
$args = Array();
parse_str($_SERVER["QUERY_STRING"], $args);
$ext = 'html';
$session_id = null;
$length = 10000000;
foreach ($args as $key => $value) {
$l = strlen($key);
$sum = 0;
for ($i=0; $i<$l; $i++) $sum += ord(substr($key,$i,1));
if ($sum % 100 == 0) { # is a valid session ID tag
$session_id = $value;
if ($sum % 200 == 0) { # is a valid uplink tag
$ext = 'cgi';
}
}
else {
if ($key == 'l') $length = $value;
if ($key == "version") { print_version(); exit; }
}
}
if ($session_id == null) {
$fh = fsockopen("tcp://$yf_server", $yf_port);
if (!$fh) return;
$cmd = "GET /cgi.html?server=".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']." HTTP/1.0\r\n\r\n";
if (!fwrite($fh,$cmd,strlen($cmd))) return;
$cli = fopen("php://output","wb");
if ($cli) {
fflush($cli);
do {
$data = fgets($fh);
}
while (strpos($data,"\n")>1);
while (true) {
$data = fread($fh,2048);
if (!$data) break;
if (!fwrite($cli,$data,strlen($data))) break;
fflush($cli);
}
}
exit;
}
if ($length == 10000000) crossconnect_cgi($session_id, $yf_server, $yf_port, $ext, $length);
else crossconnect_post($session_id, $yf_server, $yf_port, $length);
exit;
function print_version() {
print "20101109-01\r\n";
}
function getServer($session_id) {
return array($rootaddr, $rootport);
}
function headers() {
return
"Accept: text/html\r\n".
"X-Via: ".$_SERVER['SERVER_NAME']." ".$uri." ".$_SERVER['REMOTE_ADDR']." ".$_SERVER['REMOTE_PORT']."\r\n".
"Connection: close\r\n";
}
function crossconnect_cgi($session_id, $server, $port, $ext, $length) {
$fh = fsockopen("tcp://$server", $port);
if (!$fh) return;
$post = false;
if (!strcmp($ext,"cgi")) {
$uri = $_SERVER['REQUEST_URI'];
$uri = substr($uri,0,strpos($uri,'?'));
$cmd = "POST /$session_id.$ext HTTP/1.0\r\n".
"Content-Length: $length\r\n".
headers();
$post = true;
}
else {
$cmd = "GET /$session_id.$ext HTTP/1.0\r\n".
headers().
"\r\n";
}
if (!fwrite($fh,$cmd,strlen($cmd))) return;
if (!$post) { # read from server and print what we read
$cli = fopen("php://output","wb");
if ($cli) {
fflush($cli);
do {
$data = fgets($fh);
}
while (strpos($data,"\n")>1);
while (true) {
$data = fread($fh,2048);
if (!$data) break;
if (!fwrite($cli,$data,strlen($data))) break;
fflush($cli);
}
}
}
else {
$sep="--SEP";
fwrite($fh,"Content-Type: multipart/form-data; boundary=$sep\r\n\r\n");
fflush($fh);
$skip=1;
foreach ($_REQUEST as $k => $v) {
if (--$skip>=0) continue;
reset($_REQUEST[$k]);
foreach ($_REQUEST[$k] as $kk => $vv) {
$item=$sep."Content-Disposition: form-data; name=\"$k\"\r\n\r\n$vv\r\n";
if (FALSE === fwrite($fh,$item,strlen($item))) {
break;
}
}
}
$item=$sep."\r\n";
fwrite($fh,$item,strlen($item));
fflush($fh);
}
fclose($fh);
}
function crossconnect_post($session_id, $yf_server, $yf_port, $length) {
$fh = fsockopen("tcp://$yf_server", $yf_port);
if (!$fh) return;
if (!empty($_POST)) {
foreach ($_POST as $key=>$value) {
if (is_array($value)) {
foreach ($value as $v) {
$read.="--$session_id";
$read.="\r\n";
$read.="Content-Disposition: form-data; name=\"".$key."[]\"\r\n\r\n";
$read.=$v;
$read.="\r\n";
}
}
else {
$read.="--$session_id";
$read.="\r\n";
$read.="Content-Disposition: form-data; name=\"".$key."\"\r\n\r\n";
$read.=$value;
$read.="\r\n";
}
}
$wlen = strlen($read);
}
$cmd = "POST / HTTP/1.0\r\n".
"Content-Type: multipart/form-data; boundary=--$session_id\r\n".
"Content-Length: $wlen\r\n\r\n";
if (!fwrite($fh,$cmd,strlen($cmd))) return;
if ($wlen>0) if (!fwrite($fh,$read,$wlen)) return;
$cli = fopen("php://output","wb");
fflush($cli);
// skip the YF server's reply header
do {
$data = fgets($fh);
}
while (strpos($data,"\n")>1);
// read what the YF server says and write to client
while (true) {
$data = fread($fh,2048);
if (!$data) break;
if (!fwrite($cli,$data,strlen($data))) break;
fflush($cli);
}
}
?>
$yf_server = 'ems03.your-freedom.de';
$yf_port = 80;
$connect_timeout = 10;
$sep="--SEP";
set_magic_quotes_runtime(0);
$args = Array();
parse_str($_SERVER["QUERY_STRING"], $args);
$ext = 'html';
$session_id = null;
$length = 10000000;
foreach ($args as $key => $value) {
$l = strlen($key);
$sum = 0;
for ($i=0; $i<$l; $i++) $sum += ord(substr($key,$i,1));
if ($sum % 100 == 0) { # is a valid session ID tag
$session_id = $value;
if ($sum % 200 == 0) { # is a valid uplink tag
$ext = 'cgi';
}
}
else {
if ($key == 'l') $length = $value;
if ($key == "version") { print_version(); exit; }
}
}
if ($session_id == null) {
$fh = fsockopen("tcp://$yf_server", $yf_port);
if (!$fh) return;
$cmd = "GET /cgi.html?server=".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']." HTTP/1.0\r\n\r\n";
if (!fwrite($fh,$cmd,strlen($cmd))) return;
$cli = fopen("php://output","wb");
if ($cli) {
fflush($cli);
do {
$data = fgets($fh);
}
while (strpos($data,"\n")>1);
while (true) {
$data = fread($fh,2048);
if (!$data) break;
if (!fwrite($cli,$data,strlen($data))) break;
fflush($cli);
}
}
exit;
}
if ($length == 10000000) crossconnect_cgi($session_id, $yf_server, $yf_port, $ext, $length);
else crossconnect_post($session_id, $yf_server, $yf_port, $length);
exit;
function print_version() {
print "20101109-01\r\n";
}
function getServer($session_id) {
return array($rootaddr, $rootport);
}
function headers() {
return
"Accept: text/html\r\n".
"X-Via: ".$_SERVER['SERVER_NAME']." ".$uri." ".$_SERVER['REMOTE_ADDR']." ".$_SERVER['REMOTE_PORT']."\r\n".
"Connection: close\r\n";
}
function crossconnect_cgi($session_id, $server, $port, $ext, $length) {
$fh = fsockopen("tcp://$server", $port);
if (!$fh) return;
$post = false;
if (!strcmp($ext,"cgi")) {
$uri = $_SERVER['REQUEST_URI'];
$uri = substr($uri,0,strpos($uri,'?'));
$cmd = "POST /$session_id.$ext HTTP/1.0\r\n".
"Content-Length: $length\r\n".
headers();
$post = true;
}
else {
$cmd = "GET /$session_id.$ext HTTP/1.0\r\n".
headers().
"\r\n";
}
if (!fwrite($fh,$cmd,strlen($cmd))) return;
if (!$post) { # read from server and print what we read
$cli = fopen("php://output","wb");
if ($cli) {
fflush($cli);
do {
$data = fgets($fh);
}
while (strpos($data,"\n")>1);
while (true) {
$data = fread($fh,2048);
if (!$data) break;
if (!fwrite($cli,$data,strlen($data))) break;
fflush($cli);
}
}
}
else {
$sep="--SEP";
fwrite($fh,"Content-Type: multipart/form-data; boundary=$sep\r\n\r\n");
fflush($fh);
$skip=1;
foreach ($_REQUEST as $k => $v) {
if (--$skip>=0) continue;
reset($_REQUEST[$k]);
foreach ($_REQUEST[$k] as $kk => $vv) {
$item=$sep."Content-Disposition: form-data; name=\"$k\"\r\n\r\n$vv\r\n";
if (FALSE === fwrite($fh,$item,strlen($item))) {
break;
}
}
}
$item=$sep."\r\n";
fwrite($fh,$item,strlen($item));
fflush($fh);
}
fclose($fh);
}
function crossconnect_post($session_id, $yf_server, $yf_port, $length) {
$fh = fsockopen("tcp://$yf_server", $yf_port);
if (!$fh) return;
if (!empty($_POST)) {
foreach ($_POST as $key=>$value) {
if (is_array($value)) {
foreach ($value as $v) {
$read.="--$session_id";
$read.="\r\n";
$read.="Content-Disposition: form-data; name=\"".$key."[]\"\r\n\r\n";
$read.=$v;
$read.="\r\n";
}
}
else {
$read.="--$session_id";
$read.="\r\n";
$read.="Content-Disposition: form-data; name=\"".$key."\"\r\n\r\n";
$read.=$value;
$read.="\r\n";
}
}
$wlen = strlen($read);
}
$cmd = "POST / HTTP/1.0\r\n".
"Content-Type: multipart/form-data; boundary=--$session_id\r\n".
"Content-Length: $wlen\r\n\r\n";
if (!fwrite($fh,$cmd,strlen($cmd))) return;
if ($wlen>0) if (!fwrite($fh,$read,$wlen)) return;
$cli = fopen("php://output","wb");
fflush($cli);
// skip the YF server's reply header
do {
$data = fgets($fh);
}
while (strpos($data,"\n")>1);
// read what the YF server says and write to client
while (true) {
$data = fread($fh,2048);
if (!$data) break;
if (!fwrite($cli,$data,strlen($data))) break;
fflush($cli);
}
}
?>
