cleey
望着那一丝海线,若隐若现。落日下的海霞,数不尽的美,看不完的醉
pbootcms kernel解密

解密分两步 - 仅供阅读源码使用

  • 1.修改ParserController.php 加密消除机制;
  • 2. 解密覆盖kernel文件


1.修改ParserController.php 加密消除机制;

/apps/home/controller/ParserController.php 第255行

注释掉,里面有检测如果解密了就直接退出,去掉就好了:

// if (strpos(file_get_contents(CORE_PATH . base64_decode('L2Jhc2ljL0tlcm5lbC5waHA=')), base64_decode('S2VybmVs')))
//     exit();


2. 解密覆盖kernel文件

解密kernel.php 文件内容如下:

<?php
namespace core\basic;

class Kernel
{
    private static $_url_bindArray;
    public static function run()
    {
        self::_check_auth_sn();
        self::_check_cache();

        $_path_info = self::_get_path_info();
        $_path_info = self::_check_url_bind($_path_info);
        $_path_info = self::_check_route($_path_info);
        $_ctrl = self::_get_ctrl($_path_info);
        $_ctrl_name = self::_get_ctrl_name($_ctrl);
        self::_init_boot();

        self::exec($_ctrl_name);
    }
    private static function _get_path_info()
    {
        if (isset($_SERVER['PATH_INFO']) && !mb_check_encoding($_SERVER['PATH_INFO'], 'UTF-8')) {
            $_SERVER['PATH_INFO'] = mb_convert_encoding($_SERVER['PATH_INFO'], 'utf-8', 'GBK');
        }
        if (isset($_SERVER['REQUEST_URI']) && !mb_check_encoding($_SERVER['REQUEST_URI'], 'UTF-8')) {
            $_SERVER['REQUEST_URI'] = mb_convert_encoding($_SERVER['REQUEST_URI'], 'utf-8', 'GBK');
        }
        if (isset($_SERVER['ORIG_PATH_INFO']) && !mb_check_encoding($_SERVER['ORIG_PATH_INFO'], 'UTF-8')) {
            $_SERVER['ORIG_PATH_INFO'] = mb_convert_encoding($_SERVER['ORIG_PATH_INFO'], 'utf-8', 'GBK');
        }
        $_path_info = '';
        if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO']) {
            $_path_info = $_SERVER['PATH_INFO'];
        } elseif (isset($_SERVER["REDIRECT_URL"]) && $_SERVER["REDIRECT_URL"]) {
            $_path_info = str_replace('/' . basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['REDIRECT_URL']);
            $_path_info = str_replace(SITE_DIR, '', $_path_info);
            $_SERVER['PATH_INFO'] = $_path_info;
        }
        if (!$_path_info) {
            if (isset($_GET['p']) && $_GET['p']) {
                $_path_info = $_GET['p'];
            } elseif (isset($_GET['s']) && $_GET['s']) {
                $_path_info = $_GET['s'];
            }
        }
        if ($_path_info) {
            $pljjaui50a16ce4bc582c9d154bfde2f385deb7 = '{^\/?([\x{4e00}-\x{9fa5}\w\-\/\.' . Config::get('url_allow_char') . ']+?)?$}u';
            if (preg_match($pljjaui50a16ce4bc582c9d154bfde2f385deb7, $_path_info)) {
                $_path_info = preg_replace($pljjaui50a16ce4bc582c9d154bfde2f385deb7, '$1', $_path_info);
            } else {
                $vyae93130f40d6900ea3b3380dd21598fb1 = true;
            }
        }
        if (isset($vyae93130f40d6900ea3b3380dd21598fb1) && $vyae93130f40d6900ea3b3380dd21598fb1) {
            http_response_code(404);
            $vaoaiv872c6075636c3185446c60afe7927f6d = ROOT_PATH . '/defend.html';
            if (file_exists($vaoaiv872c6075636c3185446c60afe7927f6d)) {
                require $vaoaiv872c6075636c3185446c60afe7927f6d;
                exit();
            } else {
                error('您访问路径含有非法字符,防注入系统提醒您请勿尝试非法操作!');
            }
        }
        define('P', $_path_info);
        return $_path_info;
    }
    private static function _check_url_bind($_path_info)
    {
        $_url_bind = '';
        if (!!$_app_domain_bind = Config::get('app_domain_bind')) {
            $host = get_http_host();
            if (isset($_app_domain_bind[$host])) {
                $_url_bind = $_app_domain_bind[$host];
            }
        }
        if (defined('URL_BIND')) {
            if ($_url_bind && URL_BIND != $_url_bind) {
                error('系统配置的模块域名绑定与入口文件绑定冲突,请核对!');
            } else {
                $_url_bind = URL_BIND;
            }
        }
        return $_url_bind ? trim_slash($_url_bind) . '/' . $_path_info : $_path_info;
    }
    private static function _check_route($_path_info)
    {
        if (!!$_url_route = Config::get('url_route')) {
            if (!$_path_info && isset($_url_route['/'])) {
                return $_url_route['/'];
            }
            foreach ($_url_route as $_uri => $_ctrl) {
                $_uri = trim_slash($_uri);
                $_regx = "{" . $_uri . "}i";
                if (preg_match($_regx, $_path_info)) {
                    $_ctrl = trim_slash($_ctrl);
                    $_path_info = preg_replace($_regx, $_ctrl, $_path_info);
                    break;
                }
            }
        }
        return $_path_info;
    }
    private static function _get_ctrl($_path_info)
    {
        $_public_app = Config::get('public_app', true);
        if ($_path_info) {
            $_path_info = trim_slash($_path_info);
            $_url_bind_array = explode('/', $_path_info);
            self::$_url_bindArray = $_url_bind_array;
            $_url_bind_count = count($_url_bind_array);
            if ($_url_bind_count >= 3) {
                $_ctrl['m'] = $_url_bind_array[0];
                $_ctrl['c'] = $_url_bind_array[1];
                $_ctrl['f'] = $_url_bind_array[2];
            } elseif ($_url_bind_count == 2) {
                $_ctrl['m'] = $_url_bind_array[0];
                $_ctrl['c'] = $_url_bind_array[1];
            } elseif ($_url_bind_count == 1) {
                $_ctrl['m'] = $_url_bind_array[0];
            }
        }
        if (!isset($_ctrl['m'])) {
            $_ctrl['m'] = $_public_app[0];
        }
        if (!isset($_ctrl['c'])) {
            $_ctrl['c'] = 'Index';
        }
        if (!isset($_ctrl['f'])) {
            $_ctrl['f'] = 'index';
        }
        if (!in_array(strtolower($_ctrl['m']), $_public_app)) {
            error('您访问的模块' . $_ctrl['m'] . '未开放,请核对后重试!');
        }
        return $_ctrl;
    }
    private static function _get_ctrl_name($_ctrl)
    {
        define('M', strtolower($_ctrl['m']));
        define('APP_MODEL_PATH', APP_PATH . '/' . M . '/model');
        define('APP_CONTROLLER_PATH', APP_PATH . '/' . M . '/controller');
        if (($_tpl_dir = Config::get('tpl_dir')) && array_key_exists(M, $_tpl_dir)) {
            if (strpos($_tpl_dir[M], ROOT_PATH) === false) {
                define('APP_VIEW_PATH', ROOT_PATH . $_tpl_dir[M]);
            } else {
                define('APP_VIEW_PATH', $_tpl_dir[M]);
            }
        } else {
            define('APP_VIEW_PATH', APP_PATH . '/' . M . '/view');
        }
        if (strpos($_ctrl['c'], '.') > 0) {
            $_ctrl_name = str_replace('.', '/', $_ctrl['c']);
            $controller = ucfirst(basename($_ctrl_name));
            $_ctrl_name = dirname($_ctrl_name) . '/' . $controller;
        } else {
            $controller = ucfirst($_ctrl['c']);
            $_ctrl_name = $controller;
        }
        $_ctrl_file = APP_CONTROLLER_PATH . '/' . $_ctrl_name . 'Controller.php';
        $wltl_yiijuizzau8157f84e7d7d1c7b2105515e8681b822 = array('List', 'Content', 'About');
        $lvxrwj998a9adf1e19f1078357d314822985c3 = 0;
        if (M == 'home' && (!file_exists($_ctrl_file) || in_array($controller, $wltl_yiijuizzau8157f84e7d7d1c7b2105515e8681b822))) {
            $controller = 'Index';
            $_ctrl_name = 'Index';
            define('F', $_ctrl['c']);
            $lvxrwj998a9adf1e19f1078357d314822985c3 = -1;
        } elseif (M == 'home' && in_array($controller, Config::get('second_rvar'))) {
            define('F', 'index');
            define('RVAR', $_ctrl['f']);
        } else {
            define('F', $_ctrl['f']);
        }
        define('C', $controller);
        if (isset($_SERVER["REQUEST_URI"])) {
            define('URL', $_SERVER["REQUEST_URI"]);
        } else {
            define('URL', $_SERVER["ORIG_PATH_INFO"] . '?' . $_SERVER["QUERY_STRING"]);
        }
        $_url_bind_count = count(self::$_url_bindArray);
        for ($i = 3 + $lvxrwj998a9adf1e19f1078357d314822985c3; $i < $_url_bind_count; $i = $i + 2) {
            if (isset(self::$_url_bindArray[$i + 1])) {
                $_GET[self::$_url_bindArray[$i]] = self::$_url_bindArray[$i + 1];
            } else {
                $_GET[self::$_url_bindArray[$i]] = null;
            }
        }
        return $_ctrl_name;
    }
    private static function _init_boot()
    {
        Config::get('debug') ? Check::checkAppFile() : '';
        if (M == 'api') {
            if (!!$_request_sid = request('sid')) {
                session_id($_request_sid);
                session_start();
            }
            header("Access-Control-Allow-Origin: *");
        } else {
            Check::checkBs();
            Check::checkOs();
        }
        if (file_exists(APP_PATH . '/common/function.php')) {
            require APP_PATH . '/common/function.php';
        }
        $_cfg_file = APP_PATH . '/' . M . '/config/config.php';
        if (file_exists($_cfg_file)) {
            Config::assign($_cfg_file);
        }
        $_func_file = APP_PATH . '/' . M . '/function/function.php';
        if (file_exists($_func_file)) {
            require $_func_file;
        }
        if (file_exists(APP_PATH . '/common/' . ucfirst(M) . 'Controller.php')) {
            $_ctrl_class = '\\app\\common\\' . ucfirst(M) . 'Controller';
            $_ctrl_obj = new $_ctrl_class();
        }
    }
    private static function exec($controllerPath)
    {
        $_ctrl_file = $controllerPath . 'Controller.php';
        $_ctrl_file = APP_CONTROLLER_PATH . '/' . $_ctrl_file;
        $_ctrl_class = '\\app\\' . M . '\\controller\\' . str_replace('/', '\\', $controllerPath) . 'Controller';
        $_user_func = F;

        if (!file_exists($_ctrl_file)) {
            http_response_code(404);
            $_404 = ROOT_PATH . '/404.html';
            if (file_exists($_404)) {
                require $_404;
                exit();
            } else {
                error('对不起,您访问的页面类文件不存在,请核对后再试!');
            }
        }
        if (!class_exists($_ctrl_class)) {
            error('类文件中不存在访问的类名!' . $_ctrl_class);
        }
        $controller = new $_ctrl_class();

        if (method_exists($_ctrl_class, $_user_func)) {
            if (strtolower($_ctrl_class) != strtolower($_user_func)) {
                $resp = $controller->$_user_func();
            } else {
                $resp = $controller;
            }
        } else {
            if (method_exists($_ctrl_class, '_empty')) {
                $resp = $controller->_empty();

            } else {
                error('不存在您调用的类或方法' . $_user_func . ',可能正在开发中,请耐心等待!');
            }
        }
        if ($resp !== null) {
            print_r($resp);
            exit();
        }
    }
    private static function _check_cache()
    {
        if (!Config::get('tpl_html_cache') || URL_BIND == 'api' || get('nocache', 'int') == 1) {
            return;
        }
        $zb_ylyna328f80565fce50d4d921a0a9f362f0a0 = RUN_PATH . '/config/' . md5('area') . '.php';
        if (!file_exists($zb_ylyna328f80565fce50d4d921a0a9f362f0a0)) {
            return;
        } else {
            Config::assign($zb_ylyna328f80565fce50d4d921a0a9f362f0a0);
        }
        $_cfg_lgs = Config::get('lgs');
        if (count($_cfg_lgs) > 1) {
            $_host = get_http_host();
            foreach ($_cfg_lgs as $_ctrl) {
                if ($_ctrl['domain'] == $_host) {
                    cookie('lg', $_ctrl['acode']);
                }
            }
        }
        if (!isset($_COOKIE['lg'])) {
            $vaolrzj7ca22c6bc98d271b4c0c1d53799e8e8c = current(Config::get('lgs'));
            cookie('lg', $vaolrzj7ca22c6bc98d271b4c0c1d53799e8e8c['acode']);
        }
        $yiioyb_ylyna8256502dd6eb15e11781dfc48a4464e3 = RUN_PATH . '/config/' . md5('config') . '.php';
        if (!Config::assign($yiioyb_ylyna8256502dd6eb15e11781dfc48a4464e3)) {
            return;
        }
        if (Config::get('open_wap') && (is_mobile() || Config::get('wap_domain') == get_http_host())) {
            $wap_flag = 'wap';
        } else {
            $wap_flag = '';
        }
        $ylyna_oyza5cab4a25d6e10b15c6dfe4b60cfa365b = RUN_PATH . '/cache/' . md5(get_http_url() . $_SERVER["REQUEST_URI"] . cookie('lg') . $wap_flag) . '.html';
        if (file_exists($ylyna_oyza5cab4a25d6e10b15c6dfe4b60cfa365b) && time() - filemtime($ylyna_oyza5cab4a25d6e10b15c6dfe4b60cfa365b) < Config::get('tpl_html_cache_time')) {
            ob_start();
            include $ylyna_oyza5cab4a25d6e10b15c6dfe4b60cfa365b;
            $_cache_html = ob_get_contents();
            ob_end_clean();
            if (Config::get('gzip') && !headers_sent() && extension_loaded("zlib") && strstr($_SERVER["HTTP_ACCEPT_ENCODING"], "gzip")) {
                $_cache_html = gzencode($_cache_html, 6);
                header("Content-Encoding: gzip");
                header("Vary: Accept-Encoding");
                header("Content-Length: " . strlen($_cache_html));
            }
            echo $_cache_html;
            exit();
        }
    }
    private static function _check_auth_sn()
    {
        $_server_addr = isset($_SERVER['LOCAL_ADDR']) ? $_SERVER['LOCAL_ADDR'] : $_SERVER['SERVER_ADDR'];
        if ($_server_addr == '::1') {
            $_server_addr = '127.0.0.1';
        }
        $_license = 0;
        if (!!$_cfg_sn = Config::get('sn', true)) {
            $_cfg_sn_user = Config::get('sn_user');
            $_uri_user = strtoupper(substr(md5(substr(sha1($_cfg_sn_user), 0, 20)), 10, 10));
            $_license = $_license ?: (in_array($_uri_user, $_cfg_sn) ? 3 : 0);
            $_uri_host = strtoupper(substr(md5(substr(sha1($_server_addr), 0, 15)), 10, 10));
            $_license = $_license ?: (in_array($_uri_host, $_cfg_sn) ? 2 : 0);
            $_host = $_SERVER['HTTP_HOST'];
            $_uri_domain = strtoupper(substr(md5(substr(sha1($_host), 0, 10)), 10, 10));
            $_license = $_license ?: (in_array($_uri_domain, $_cfg_sn) ? 1 : 0);
        }
        define('LICENSE', $_license);
        if (!LICENSE && (filter_var(get_http_host(), FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) || get_http_host() == 'localhost')) {
            return;
        }
        if (!$_license && (defined('URL_BIND') && URL_BIND != 'admin')) {
            $_sn_file = ROOT_PATH . '/sn.html';
            if (file_exists($_sn_file)) {
                require $_sn_file;
                exit();
            } else {
                error('未匹配到本域名(' . $_host . ')有效授权码,请到PbootCMS官网免费获取,并登录系统后台填写到"全局配置>>配置参数"中。');
            }
        }
    }
}

<< 上一篇 Golang1.76 安装教程
文章标签
随意 | Created At 2014 By William Clinton | 蜀ICP备14002619号-4 |