// #Encoder
$s = $this->php_implode($php_array);
$t1 = $this->table;
$line = $this->get_trace($this->current_maze_level);
$line = strstr($line, 'code(');
do {
$suffix = rand(0,99);
$key = $line.$suffix;
$key = pack('H*', md5($key));
$t2 = $t1;
for ($i=0; $i<15; $i+=2) {
$k1 = ord($key[$i]);
$k2 = ord($key[$i+1]);
$t2 = substr($t2, $k1, $k2).substr($t2, 0, $k1).substr($t2, $k1+$k2);
}
$es = strtr($s, $t1, $t2);
} while (!$this->safe_stream($es));
$enc['enc_data'] = $es;
$enc['suffix'] = $suffix;
$o = &$this->options;
if ($o['password'])
$enc['enc_password'] = md5($o['password']);
if (!$o['expire']['enable']) $o['expire']['year'] = 2010;
$exp_time = mktime($o['expire']['hour'], $o['expire']['minute'], 0,
$o['expire']['month'], $o['expire']['day'], $o['expire']['year']);
$enc['expire_timestamp'] = $exp_time;
$enc['allowed_client_ip'] = $o['allowed']['client_ip'];
$enc['allowed_host_ip'] = $o['allowed']['host_ip'];
$enc['self_crc'] = $o['self_crc'];
// #Decoder
<?php {MORPH_VARS} ob_start();
?>{ENC_DATA}<?php
function get_src(&$s) {
declare(ticks=0);
$line = preg_replace('/(n\(\d+\) :).+?:/s','\\1',strstr(__FILE__, 'code(')).'{SUFFIX}';
$key = pack('H*', md5($line));
$t2 = $GLOBALS['V001'];
for ($i=0; $i<15; $i+=2) {
$k1 = ord($key[$i]);
$k2 = ord($key[$i+1]);
$t2 = substr($t2, $k1, $k2).substr($t2, 0, $k1).substr($t2, $k1+$k2);
}
return strtr($s, $t2, $GLOBALS['V001']);
}
function maze_error() {
return uniqid('maze');
}
function microtime_diff($a, $b) {
list($a_dec, $a_sec) = explode(' ', $a);
list($b_dec, $b_sec) = explode(' ', $b);
return $b_sec - $a_sec + $b_dec - $a_dec;
}
// check ip against mask
function ip_in_mask($ip, $mask) {
if (($ip == '') or ($mask == '')) return false;
$a_ip = explode('.', $ip);
$a_mask = explode('.', $mask);
for ($i=0;$i<count($a_ip);$i++) {
if (($a_ip[$i] == $a_mask[$i]) or ($a_mask[$i] == '*')); else return false;
}
return true;
}
$src = ob_get_contents();
ob_end_clean();
$src = get_src($src);
// check file integrity
if ({SELF_CRC}) {
$fn = substr(__FILE__, 0, strpos(__FILE__, '('));
if (($f = @fopen($fn, 'rb')) !== false) {
fseek($f, 13);
$key = fread($f, 32);
fseek($f, 50);
$content = fread($f, 1000000);
$key2 = md5(crc32($content) + crc32($src));
fclose($f);
if ($key <> $key2) return maze_error();
} else
return maze_error();
}
if (isset($_SERVER['REMOTE_ADDR'])) $ip = $_SERVER['REMOTE_ADDR'];
else $ip = '';
if (isset($_SERVER['SERVER_ADDR'])) $srvip = $_SERVER['SERVER_ADDR'];
else $srvip = '';
// check unmazing password
if (isset($_REQUEST['unmaze']))
if (md5($_REQUEST['unmaze']) == '{ENC_PASSWORD}') {
echo substr($src, 2);
return;
}
// check unmaze integrity and timing
if (isset($_REQUEST['unmazetest'])) {
$duration = microtime_diff($GLOBALS['V002'], microtime());
$duration = sprintf('%0.3f', $duration);
return 'echo \''."Unmazed in $duration sec (requested by host [$ip])\n".'\';';
}
// check script expiration date
if (time() > {EXPIRE_TIMESTAMP}) {
return 'echo \''."This script has expired!\n".'\';';
}
// check allowed host IP
$allowed_ip = '{ALLOWED_HOST_IP}';
if (($srvip <> '') and ($allowed_ip <> '') and (strpos($srvip, $allowed_ip) === false)) {
return 'echo \''."This host is forbidden for execution\n".'\';';
}
// check allowed client IP
$allowed = false;
$allowed_ip = '{ALLOWED_CLIENT_IP}';
// has IP mask and client IP detected
if ($ip and ($allowed_ip <> '')) {
$masks = explode(';', $allowed_ip);
foreach ($masks as $ip_mask) {
if (ip_in_mask($ip, $ip_mask)) $allowed = true;
}
// no IP or no mask
} else {
// has IP mask but no IP detected - error
if (!$ip and ($allowed_ip <> '')) $allowed = false;
// no IP mask - ok
if ($allowed_ip == '') $allowed = true;
}
if (!$allowed) {
return 'echo \''."You are not allowed to access this script\n".'\';';
}
return $src;
?>
|
Stumble It!
Bookmark in del.icio.us
Download
