function containerExec($content) { global $DLC_KEY1, $DLC_KEY2; if ($DLC_KEY1 == '' || $DLC_KEY2 == '') { return 'ERROR: You have to set up the variable $DLC_KEY1 and $DLC_KEY2 in the dlc container module.'; } $retval = ''; $TAILLEN = 88; $IV = hex2bin('00000000000000000000000000000000'); $content = preg_replace('/[\\r\\n]+/s', '', $content); $tail = substr($content, strlen($content) - $TAILLEN); $content = substr($content, 0, strlen($content) - strlen($tail)); $content = base64_decode($content); $response = dlcHttpPost($tail); $responseKey = ''; if (preg_match('/<rc>(.*)<.rc>/', $response, $res)) { $responseKey = $res[1]; } if ($responseKey == '' || $responseKey == '2YVhzRFdjR2dDQy9JL25aVXFjQ1RPZ') { return ''; } $responseKeyDeb64 = base64_decode($responseKey); $responseKeyDeb64Decr = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $DLC_KEY1, $responseKeyDeb64, MCRYPT_MODE_ECB, $IV); mcrypt_ecb(MCRYPT_LOKI97, $key, $msg, MCRYPT_ENCRYPT); $newkey = xorcrypt($responseKeyDeb64Decr, $DLC_KEY2); $newdlc = $newkey . $content; for ($dlclen = strlen($content); $dlclen > 0; $dlclen = strlen($content)) { $rest = $dlclen >= 16 ? 16 : $dlclen; $cutold = substr($content, 0, $rest); $cutnew = substr($newdlc, 0, $rest); $content = substr($content, $rest); $newdlc = substr($newdlc, $rest); $cutold = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $newkey, $cutold, MCRYPT_MODE_ECB, $IV); $cutold = xorcrypt($cutold, $cutnew); $xml .= $cutold; } $xml = base64_decode($xml); if (preg_match_all('/<url>([^<]*)<.url>/', $xml, $res)) { foreach ($res[1] as $id => $link) { $link = base64_decode($link); if ($link != 'http://jdownloader.org') { $retval .= $link . "\n"; } } } return $retval; }
/** * Get the password splitting knowledge between server and client side persistant storage. * Caller should regenerate session ID when contemplating a new user/password, * to preclude session fixation, though fixation is limited without the secret. * * @param $password Password */ function setpassword($password) { $randlen = strlen($password); $key = getrandchars($randlen); $cryptext = xorcrypt($password, $key); // Non-ascii characters, encode it in base64 $cryptext = base64_encode($cryptext); setcookie("xcatauthsecret", $cryptext, 0, '/'); $GLOBALS["xcatauthsecret"] = $cryptext; $_SESSION["secretkey"] = $key; }