#!/usr/bin/php
/**
* @author Ardhana <ardzz@indoxploit.or.id>
*
* SSH SSL Launcher
* 
* Requirements :
*  - PHP 7.* or above
*  - stunnel
*
* Arch family : 
    use pacman :
        sudo pacman -S stunnel
    download package from archlinux.org :
        https://www.archlinux.org/packages/community/x86_64/stunnel/
* Debian family :
    use apt :
        sudo apt install stunnel
    download package from debian.org : 
        https://packages.debian.org/search?keywords=stunnel
*/
<?php
$config = [
    "ssh" => [
        [
            "host" => "ssl-sg-6.serverip.co",
            "port" => 443,
            "username" => "fastssh.com-ambiyah.zip",
            "password" => "nnn"
        ],
        /// ... another SSH
    ],
    "payload" => [
        "listen_port" => 1080,
        "sni" => "v.whatsapp.net"
    ]
];

class SSH_SSL{

    function __construct(){
        global $config;
        if (!file_exists("stunnel.sh")) {
            file_put_contents("stunnel.sh", base64_decode("IyEvYmluL2Jhc2gKc3VkbyBraWxsYWxsIHN0dW5uZWwKc3VkbyBzdHVubmVsCg=="));
        }
        $this->prefix  = "SSH_SSL";
        $this->config  = json_decode(json_encode($config));
        $this->mainSSH = "Host {$this->prefix}* \n  PermitLocalCommand yes\n    DynamicForward {$config["payload"]["listen_port"]}\n    StrictHostKeyChecking no\n  ServerAliveInterval 10\n    TCPKeepAlive yes";
        $this->subSSH  = "Host {profile}\n  HostName 127.0.0.1\n    Port 60\n   User {user}"; 
        $this->stunnel = "[SSH]\nclient = yes\naccept = localhost:60\nconnect = {host}:{port}\nsni = {sni}";
    }
    
    private function generateStunnelConfig($data){
        $this->stunnel_config = str_replace(
            [
                "{host}",
                "{port}",
                "{sni}"
            ],
            [
                $data->host,
                $data->port,
                $this->config->payload->sni
            ],
            $this->stunnel
        );
        return $this;
    }

    function getStunnelConfig(){
        return $this->stunnel_config;
    }

    private function generateSSHConfig($data){
        $this->profile_ssh = uniqid("{$this->prefix}_");
        $this->SSH_config  = str_replace(
            [
                "{profile}",
                "{user}"
            ],
            [
                $this->profile_ssh,
                $data->username
            ],
            $this->subSSH
        );
        $this->SSH_config = "{$this->mainSSH}\n{$this->SSH_config}";
        return $this;
    }

    function getSSHConfig(){
        return $this->SSH_config;
    }

    function connect(){
        foreach ($this->config->ssh as $key => $value) {
            
            $this->generateStunnelConfig($value)->generateSSHConfig($value);
            $stunnel_config = $this->getStunnelConfig();
            $SSH_config     = $this->getSSHConfig();

            echo "SSH Server : {$value->host}\n";
            echo "Proxy      : socks5://127.0.0.1:{$this->config->payload->listen_port}\n";

            // overwrite config
            
            echo ((bool) file_put_contents("/etc/stunnel/stunnel.conf", $stunnel_config) ? "Set stunell config : OK" : exit("Set stunnel config : BAD") ) . PHP_EOL;
            echo ((bool) file_put_contents($_SERVER["HOME"] . "/.ssh/config", $SSH_config) ? "Set SSH config : OK" : exit("Set SSH config : BAD") ) . PHP_EOL . PHP_EOL;

            // connect to SSH

            system("bash stunnel.sh");
            system("sshpass -p {$value->password} ssh -N {$this->profile_ssh}");
        }
    }


}

(new SSH_SSL)->connect();