-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathfetcher.php
executable file
·120 lines (86 loc) · 2.69 KB
/
fetcher.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
## Set up proxy to listen on 9050, in this case, TOR is easiest most obvious
## This is a great way to bypass proxy restrictions, or anonymously snag files.
## Check out grifsec.com/fetcher.php for a demo
if(isset($_GET['url'])) {
$maxsize = 104857600; #100megs
$passwd = "";
parse_str($_SERVER['QUERY_STRING']);
$ch = curl_init();
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:9050'); # over tor
curl_setopt($ch, CURLOPT_NOBODY, TRUE); #headers only
curl_exec($ch);
$filesize = curl_getinfo($ch, CURLINFO_CONTENT_LENGTH_DOWNLOAD); #check filesize to compare to $maxsize
$content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
if ($filesize < $maxsize || $passwd == "SETPASSWORD") { ## Check password compare to passwd querystring
header('Content-Type: ' . $content_type);
curl_setopt($ch, CURLOPT_NOBODY, FALSE);
$curled = curl_exec($ch);
#$curled = gzcompress($curled); ## todo, fix this
$curled;
} else {
echo "File too large";
}
curl_close($ch);
exit;
}
?>
<style type="text/css">
blink {
color: inherit;
animation: blink 1s steps(1) infinite;
-webkit-animation: blink 1s steps(1) infinite;
}
@keyframes blink { 50% { color: transparent; } }
@-webkit-keyframes blink { 50% { color: transparent; } }
#leetassgriffin {
color: red;
float: left;
left: 1em;
font-size:.55vw;
}
leet {
display: inline-block;
font-family: monospace;
text-shadow: 0 0 20px, 0 0 80px, 0 0 100px;
font-size:1.2vw;
}
body {
background-color: black;
}
#cashmoney {
float: center;
color: goldenrod;
}
</style>
<title>Griffin's Talon file Snatching utility!</title>
<html>
<body>
<center>
<div id="cashmoney">
<leet>
<h1>THE GRIFFIN'S TALON!</h1>
<marquee direction="right">
<pre>
'\
_\______
/ GRIFSEC\======== apt
____|__________\_____ \ ()
/ ___________________ \ -|--
\/ _===============_ \/ /\
"-===============-" / /
</pre>
</marquee>
<form action="fetcher.php" method="get">
Url: <input type="text" name="url"><br>
<input type="submit" value="Snag it!">
</form>
<div style="font-size:.8vw;">( *response is returned with same mime-type, so browser will try to handle<br> use with curl, query param=url, for easy file download )</div>
</center>
</leet>
</div>
<div style="position: absolute; bottom: 0;"><a href="https://github.com/forwardprefekt/code/blob/master/fetcher.php">Code on github</a></div>
</body>
</html>