Kodewerx

Our culture has advanced beyond all that you could possibly comprehend with one hundred percent of your brain.
It is currently Mon Dec 09, 2024 12:52 am

All times are UTC - 8 hours [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: PHP Script Help
PostPosted: Wed Jun 23, 2010 1:55 pm 
Offline
Kommunist
Kommunist

Joined: Fri Feb 27, 2009 2:37 am
Posts: 9
Title: Agent 7444668993387224532
Hello, I am in need of some help with a script I'm developing, I made a php proxy script, but it only displays htm, not php or asp and no pictures work... :(

I need someone to write a VERY simple php script with only a form box and submit button, which will display the url entered into the box properly...
Really, I need it to be as simple as
Code:
http://www.mysite.com/index.php?page=http://www.google.com/
.

As long as it works and fully displays any webpage it is fine... NOTHING SPECIAL!!!!

I can repay whoever does this for me, with PS3 MW2 Prestige Hacks... (or u may not want it, lol :D )


Top
 Profile  
Reply with quote  
 Post subject: Re: PHP Script Help
PostPosted: Wed Jun 23, 2010 4:35 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
viewtopic.php?p=77156#p77156

It's fairly trivial to modify the script to proxy images and other content.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject: Re: PHP Script Help
PostPosted: Thu Jun 24, 2010 12:58 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Mon Jun 09, 2008 12:25 pm
Posts: 217
Location: Earth, I think
You didn't make it, you had the same one Parasyte just posted.

_________________
DO NOT CLICK HERE. YOU HAVE BEEN WARNED
Got a PS3? PM me your PSN.


Top
 Profile  
Reply with quote  
 Post subject: Re: PHP Script Help
PostPosted: Tue Jun 29, 2010 8:50 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
Here's an update which adds some basic support for proxying images, downloadable files, and CSS. Note that it does *NOT* filter all possible remote file accesses. A few examples I can think of off the top of my head...

No filtering supported in:
  • Any JavaScript.
  • Any inline CSS.
  • Weird CSS stuff like -moz-binding.
  • HTML5 video/audio elements.
  • Archaic embed objects. Yes, that means Flash garbage like fucking Farmville and fucking Youtube.

This *will* lead to privacy leaks, so don't expect this script to keep you anonymous on the internets.

Other missing features include:
  • All form interaction is unsupported.
  • Cookies are totally unsupported.
  • Lots of HTTP header features (including the previously-mentioned cookies). Things like Accept-*, cache stuff, and probably a lot of other headers which should be proxied.

Additionally, two requests are made to the server for each file proxied. This is slightly inefficient, to say the least. But it's not *too* bad, since the first request is an HTTP HEAD request, which only fetches the HTTP headers for the file in question, and none of the actual file data.

For sanity reasons, the script is broken into three different files.


include.php:
Code:
<?php

function get_var_GET
($varname) {
    if (!isset($_GET[$varname])) return null;
    $varname = $_GET[$varname];
    if (!get_magic_quotes_gpc()) $varname = addslashes($varname);

    return $varname;
}

?>


proxy.php:
Code:
<?php

function proxy_file
($url, $recurse = 0) {
    // We hate infinite loops!
    if (++$recurse > 5) return FALSE;

    $uri = parse_url($url);
    $uri['proto'] = (
        (isset($uri['proto']) && ($uri['proto'] == 'https')) ?
        'ssl://' :
        ''
    );
    $uri['port'] = isset($uri['port']) ? $uri['port'] : 80;
    $uri['path'] = isset($uri['path']) ? $uri['path'] : '/';
    $uri['query'] = isset($uri['query']) ? ('?' . $uri['query']) : '';
    $path = $uri['path'] . $uri['query'];
    $auth = (
        (isset($uri['user']) || isset($uri['pass'])) ?
        ('Authentication: Basic ' . base64_encode(@$uri['user'] . ':' . @$uri['pass']) . "\r\n") :
        ''
    );

    $handle = @fsockopen($uri['proto'] . $uri['host'], $uri['port']);
    if (!$handle) return FALSE;

    fputs($handle, "HEAD {$path} HTTP/1.1\r\nHost: {$uri['host']}\r\n{$auth}Connection: close\r\n\r\n");
    $headers = array();
    while (!feof($handle)) {
        $line = trim(fgets($handle, 1024));
        if (empty($line)) break;
        $headers[] = $line;
    }
    fclose($handle);

    $result = null;
    array_shift($headers);
    foreach ($headers as $header) {
        list($key, $value) = explode(':', $header, 2);
        $value = trim($value);

        switch (strtolower(trim($key))) {
            case 'location': // Redirect
                $result = proxy_read(resolve_path($url, $value), $recurse);
                break;

            case 'content-type': // Got it!
                $result = $value;
                break;
        }
        if (!empty($result)) break;
    }
    if (empty($result)) $result = 'text/plain; charset=UTF-8';

    $ret = file($url);
    array_unshift($ret, $result);
    return $ret;
}

/*
 * Resolve relative paths
 * Utility function for proxy_file()
 */
function resolve_path($url, $rel_path) {
    if (parse_url($rel_path) !== FALSE) {
        // Path is a URL
        return $rel_path;
    }

    // Path is relative to this domain
    $uri = parse_url($url);
    $uri['proto']    = (isset($uri['proto'])    ? $uri['proto']            : 'http://');
    $uri['port']    = (isset($uri['port'])    ? (':' . $uri['port'])    : '');
    $auth = (
        (isset($uri['user']) || isset($uri['pass'])) ?
        (urlencode(@$uri['user']) . ':' . urlencode(@$uri['pass']) . '@') :
        ''
    );

    $rel_path = str_replace('\\', '/', $rel_path);
    if ($rel_path{0} == '/') {
        // Absolute path
        return $uri['proto'] . '://' . $auth . $uri['host'] . $uri['port'] . $rel_path;
    }

    // Relative path
    return $uri['proto'] . '://' . $auth . $uri['host'] . $uri['port'] . @$uri['path'] . '/' . $rel_path;
}

?>


index.php:
Code:
<?php

// ENABLE FOR DEBUGGING ONLY
ini_set("display_errors", '1');

require_once(
'include.php');
require_once(
'proxy.php');

$url = get_var_GET('url');

if ((substr($url, 0, 7) == 'http://') ||
    (substr($url, 0, 8) == 'https://')) {
    $uri = parse_url($url);
    $path = $uri['path'];
    $host = (isset($uri['proto']) ? $uri['proto'] : 'http') . '://' .
        $uri['host'] .
        (isset($uri['port']) ? (':' . $uri['port']) : '');
    $base = substr($url, 0, strrpos($url, '/'));

    // Read file contents
    $lines = proxy_file($url);

    // FIXME: This only gets the Content-Type header. Include all headers?
    $ctype = array_shift($lines);
    header('Content-Type: ' . $ctype);
    list($type) = explode(';', $ctype);
    $type = strtolower(trim($type));

    // Dump file contents
    foreach ($lines as $line) {
        // For CSS, JavaScript, and HTML Content-Types, we need to modify all URLs to flow through the proxy
        switch ($type) {
            case 'text/css':
                $rep = 'stripslashes("$1index.php?url=" . urlencode((substr("$2", 0, 1) == \'/\') ? "$host$2" : ((strstr("$2", ":") !== FALSE) ? "$2" : "$base/$2")) . "$3")';
                $line = preg_replace('/(\s*url\s*\(\s*["\'])([^"\']*)(["\'\s]*\))/ie', $rep, $line);
                break;
/*
            case 'text/javascript':
                break;
*/
            case 'application/xml':
            case 'application/xhtml+xml':
            case 'text/html':
            //case 'text/plain':
            case 'text/xml':
                $rep = 'stripslashes("$1index.php?url=" . urlencode((substr("$2", 0, 1) == \'/\') ? "$host$2" : ((strstr("$2", ":") !== FALSE) ? "$2" : "$base/$2")) . "$3")';
                $line = preg_replace('/(<a\s[^<>]*href\s*=\s*["\']?)([\w:\/.\?&;=%#+\-]+)(["\'\s>])/ie', $rep, $line);
                $line = preg_replace('/(<form\s[^<>]*action\s*=\s*["\']?)([\w:\/.\?&;=%#+\-]+)(["\'\s>])/ie', $rep, $line);
                $line = preg_replace('/(<img\s[^<>]*src\s*=\s*["\']?)([\w:\/.\?&;=%#+\-]+)(["\'\s>])/ie', $rep, $line);
                $line = preg_replace('/(<link\s[^<>]*href\s*=\s*["\']?)([\w:\/.\?&;=%#+\-]+)(["\'\s>])/ie', $rep, $line);
                $line = preg_replace('/(<script\s[^<>]*src\s*=\s*["\']?)([\w:\/.\?&;=%#+\-]+)(["\'\s>])/ie', $rep, $line);
                break;
        }
        echo $line;
    }
}
else {
    header('Content-Type: text/html; charset=UTF-8');
    echo <<<HEREDOC
<!DOCTYPE html>
<html>
    <head>
        <title>The überproxy</title>
    </head>
    <body>
        <form method="get" action="index.php">
            <input name="url" type="text" value="http://">
            <input type="submit" value="Go">
        </form>
    </body>
</html>

HEREDOC;
}

?>

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 8 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group