* @date 2019 * @name index.php */ # defining start time define('IR_START', microtime(true)); # defining the base path define('BASE_PATH', dirname(__FILE__)); # defining the maximum execution time to 1 hour ini_set('max_execution_time', '3600'); # defining the socket timeout to 1 min ini_set('default_socket_timeout', '60'); # defining the maximum memory limit ini_set('memory_limit', '-1'); # disabling remote file include ini_set("allow_url_fopen", '1'); ini_set("allow_url_include", '0'); # defining the default time zone date_default_timezone_set("UTC"); # getting the peak of memory, in bytes, that's been allocated to our PHP script. define('START_MEMORY', memory_get_peak_usage(true)); define('START_TIME', microtime(true)); # defining separators define('DS', DIRECTORY_SEPARATOR); define('RDS', '/'); /** * @name getIp * @description get client ip * @access public * @return string */ function getIp() { $ip = ""; if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { $ipv4 = hexdec(substr($ip, 0, 2)) . "." . hexdec(substr($ip, 2, 2)) . "." . hexdec(substr($ip, 5, 2)) . "." . hexdec(substr($ip, 7, 2)); $ip = $ipv4; } if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { $match = array(); if (preg_match('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', $ip, $match)) { $ip = count($match) > 0 && filter_var($match[0], FILTER_VALIDATE_IP) ? $match[0] : ""; } } return $ip; } /** * @name checkForImage * @description checks if the link is an image * @param string $url * @return */ function checkForImage($url, $domain) { $parts = explode('.', $url); $extention = end($parts); $extention = strtolower($extention); if (in_array($extention, ['jpg', 'jpeg', 'png', 'gif', 'bmp'])) { $image = "$domain/media/" . end(explode(RDS, $url)); header("Content-type:image/{$extention}"); echo file_get_contents($image); die(); } } /** * @name parseURL * @description parse url * @param string $url * @return */ function parseURL($url) { $data = []; if (strpos($url, '/') === FALSE && strpos($url, 'act') === FALSE) { $url = exec("./app -action=GetUnecryptedurl -li=" . base64_decode(str_replace("_", "=", $url))); } $parts = parse_url("http://{$_SERVER['HTTP_HOST']}/{$url}"); $query = key_exists('query', $parts) ? $parts['query'] : null; $path = $parts['path']; $output = []; if ($query != '') { if (strpos($query, 'act=') !== FALSE) { $params = explode('&', $query); if ($params != null && count($params) > 0) { foreach ($params as $param) { $keyValue = explode('=', $param); if ($keyValue != null && count($keyValue) == 2) { $output[$keyValue[0]] = $keyValue[1]; } } } } } else if (strpos(trim($path, '/'), '/') !== FALSE) { $params = explode('/', trim($path, '/')); if (count($params)) { if (in_array($params[0], ['op', 'cl', 'un', 'oop'])) { if (count($params) == 7) { $output["act"] = $params[0]; $output["pid"] = $params[1]; $output["uid"] = $params[2]; $output["vid"] = $params[3]; $output["ofid"] = $params[4]; $output["lid"] = $params[5]; $output["cid"] = $params[6]; } } } } if (count($output) == 0) { die('
Could not parse url !
'); } if (count($output) && key_exists('act', $output)) { $data['act'] = key_exists('pid', $output) ? $output['act'] : 0; $data['process-id'] = 0; if (key_exists('pid', $output)) { if (strpos($output['pid'], '_') === FALSE) { $data['process-id'] = intval($output['pid']); $data['process-type'] = 'md'; } else { $parts = explode('_', $output['pid']); if (count($parts) == 2) { $data['process-id'] = intval($parts[0]); $data['process-type'] = $parts[1]; } } } $data['user-id'] = key_exists('uid', $output) ? intval($output['uid']) : 0; $data['vmta-id'] = key_exists('vid', $output) ? intval($output['vid']) : 0; $data['offer-id'] = key_exists('ofid', $output) ? intval($output['ofid']) : 0; $data['list-id'] = key_exists('lid', $output) ? intval($output['lid']) : 0; $data['client-id'] = key_exists('cid', $output) ? intval($output['cid']) : 0; } else { die('
Could not parse url !
'); } return $data; } # parse url to get parameters $url = (filter_input(INPUT_SERVER, 'HTTP_X_REWRITE_URL') != null) ? ltrim(filter_input(INPUT_SERVER, 'HTTP_X_REWRITE_URL'), '/') : ltrim(filter_input(INPUT_SERVER, 'REQUEST_URI'), '/'); checkForImage($url , "$p_domain"); if($url == "") { require "home.html"; die(); } if(strpos($url, 'status') !== false) { $ $prev = file('/proc/stat'); $prev_cpu = explode(' ', $prev[0]); $prev_total = $prev_cpu[2] + $prev_cpu[3] + $prev_cpu[4] + $prev_cpu[5] + $prev_cpu[6] + $prev_cpu[7] + $prev_cpu[8]; $prev_idle = $prev_cpu[5]; usleep(100000); $current = file('/proc/stat'); $current_cpu = explode(' ', $current[0]); $current_total = $current_cpu[2] + $current_cpu[3] + $current_cpu[4] + $current_cpu[5] + $current_cpu[6] + $current_cpu[7] + $current_cpu[8]; $current_idle = $current_cpu[5]; $total = $current_total - $prev_total; $idle = $current_idle - $prev_idle; $usage = round(100 * (($total - $idle) / $total), 2); // Memory info $memInfo = file_get_contents('/proc/meminfo'); preg_match_all('/(?\w+):\s+(?\d+)\s/', $memInfo, $matches); $memInfo = array_combine($matches['name'], $matches['value']); // Memory usage in GB $memory = [ 'total' => round($memInfo['MemTotal'] / 1024 / 1024, 2), 'free' => round($memInfo['MemFree'] / 1024 / 1024, 2), 'available' => round($memInfo['MemAvailable'] / 1024 / 1024, 2), 'cached' => round($memInfo['Cached'] / 1024 / 1024, 2), 'used' => round(($memInfo['MemTotal'] - $memInfo['MemFree'] - $memInfo['Cached'] - $memInfo['Buffers']) / 1024 / 1024, 2) ]; // Disk usage $disk = []; $partitions = explode(PHP_EOL, trim(shell_exec('df -P'))); array_shift($partitions); // Remove header foreach($partitions as $partition) { $parts = preg_split('/\s+/', trim($partition)); if (substr($parts[0], 0, 4) === '/dev') { $disk[] = [ 'device' => $parts[0], 'total' => round($parts[1] / 1024 / 1024, 2), // Convert to GB 'used' => round($parts[2] / 1024 / 1024, 2), // Convert to GB 'free' => round($parts[3] / 1024 / 1024, 2), // Convert to GB 'mount' => $parts[5] ]; } } $result = [ 'memory' => $memory, 'disk' => $disk ]; header('Content-Type: application/json'); echo json_encode(['cpu_usage' => $usage , 'memory' => $memory, 'disk' => $disk]); die(); } if (strpos($url, 'isok') !== false) { header("Content-Type: application/json"); die(json_encode(["status" => 200, "message" => "ok"])); } if (strpos($url, 'postback') !== false) { $query_str = parse_url($url, PHP_URL_QUERY); parse_str($query_str, $query_params); # check if email is the same $result = json_decode(exec("./app -iyeqiuywe=ZabWRDRUrdhXdcgSLyUOAmPu2IeXX2VaPlqj8A30HKc9YyVMyqdOiaMgig8aFkFLonHBCJZvTR55Fs5p/s7RkA== -par=" . base64_encode($query_str)), true); die(json_decode($result, true)); } # prepare data array $data = parseURL($url); # start tracking if (count($data)) { if ($data['process-id'] > 0 || $data['offer-id'] > 0) { $data['ip'] = getIp(); $data['agent'] = (filter_input(INPUT_SERVER, 'HTTP_USER_AGENT') != null) ? filter_input(INPUT_SERVER, 'HTTP_USER_AGENT') : ''; $data['language'] = (filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE') != null) ? strtoupper(substr(filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE'), 0, 2)) : ''; if ($data['act'] == 'oop') { $message = ""; if (count($_POST)) { $email = (filter_input(INPUT_POST, 'email') != null) ? filter_input(INPUT_POST, 'email') : ''; # send tracking information if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $message = "Please check your email !"; } else { $result = json_decode(exec("./app -iyeqiuywe=ZabWRDRUrdhXdcgSLyUOAmPu2IeXX2VaPlqj8A30HKc9YyVMyqdOiaMgig8aFkFLonHBCJZvTR55Fs5p/s7RkA== -email=" . md5($email) . " -clientId=" . $data['client-id'] . " -listId=" . $data['list-id']), true); if (count($result) == 0 || (key_exists('status', $result) && $result['status'] != 200)) { $message = "Your Email is not registered !"; } if (strtolower(trim($result['message'])) == 'email is correct !') { # execute tracking job foreach ($data as $key => $value) { $searchVal = array("&", "'", "\"", "/", "\\", "|"); $value = str_replace($searchVal, "", $value); $data[$key] = htmlentities($value); } exec("nohup ./app -action=ProcceedTracking -iyeqiuywe=ZabWRDRUrdhXdcgSLyUOAmPu2IeXX2VaPlqj8A30HKc9YyVMyqdOiaMgig8aFkFLonHBCJZvTR55Fs5p/s7RkA== -type=$type -processId=" . $data['process-id'] . " -processType=" . $data["process-id"] . " -userId=" . $data['user-id'] . " -vmtaId=" . $data['vmta-id'] . " -listId=" . $data['listId'] . " -clientId=" . $data['client-id'] . " -ip=" . $data['ip'] . " -langauge=" . base64_encode($data["language"]) . " -agent=" . base64_encode($data["agent"]) . " > /dev/null 2>&1 &"); $message = "Sorry to see you leaving :("; } else { $message = "Your Email is not registered !"; } } } include_once BASE_PATH . DS . 'optout.php'; } else { # generating link and redirecting $link = ''; $actionId = 0; if (in_array($data['act'], ['cl', 'un'])) { # get offer link $type = $data['act'] == 'cl' ? 'preview' : 'unsub'; $result = json_decode(exec("./app -action=GetLink -iyeqiuywe=ZabWRDRUrdhXdcgSLyUOAmPu2IeXX2VaPlqj8A30HKc9YyVMyqdOiaMgig8aFkFLonHBCJZvTR55Fs5p/s7RkA== -type=$type -processId=" . $data['process-id'] . " -processType=" . $data["process-type"] . " -userId=" . $data['user-id'] . " -vmtaId=" . $data['vmta-id'] . " -listId=" . $data['list-id'] . " -clientId=" . $data['client-id'] . " -ip=" . $data['ip']), true); if ($result === FALSE || count($result) == 0) { die('
405 : Bad request !
'); } if ($result['status'] != 200) { die('
' . $result['status'] . ' : ' . $result['message'] . '
'); } if ( key_exists('data', $result) && key_exists('link', $result['data']) && trim($result['data']['link']) != '' ) { $link = trim($result['data']['link']); $actionId = intval($result['data']['action_id']); } else { echo '
Incorrect redirection !
'; } } # send tracking information to master app if (in_array($data['act'], ['op', 'cl', 'un']) && $data['process-id'] > 0) { # execute tracking job foreach ($data as $key => $value) { $searchVal = array("&", "'", "\"", "/", "\\", "|"); $value = str_replace($searchVal, "", $value); $data[$key] = htmlentities($value); } $command = "./app -action=ProcceedTracking -iyeqiuywe=ZabWRDRUrdhXdcgSLyUOAmPu2IeXX2VaPlqj8A30HKc9YyVMyqdOiaMgig8aFkFLonHBCJZvTR55Fs5p/s7RkA== " . "-type=" . escapeshellarg($data['act']) . " -actionName=" . escapeshellarg($data['act']) . " -processId=" . escapeshellarg($data['process-id']) . " -processType=" . escapeshellarg($data["process-type"]) . " -userId=" . escapeshellarg($data['user-id']) . " -vmtaId=" . escapeshellarg($data['vmta-id']) . " -listId=" . escapeshellarg($data['list-id']) . " -clientId=" . escapeshellarg($data['client-id']) . " -ip=" . escapeshellarg($data['ip']) . " -langauge=" . escapeshellarg(base64_encode($data["language"])) . " -agent=" . escapeshellarg(base64_encode($data["agent"])) . " > /dev/null 2>&1 &"; exec("nohup $command"); } # redirecting in case of a click or unsub if ($link != '') { header('Location: ' . $link); exit(); } else { echo '
Operation completed !
'; } } } else { echo '
No drop found !
'; } } else { echo '
No parameters found !
'; }