Free script resoure online - WP theme - Joomla theme - VBB theme - Graphic theme

FileChucker is an AJAX-based web application that lets you accept file uploads on your own website. It’s simple to install (just one file), packed with features, fully configurable, nice looking, and very handy for when you want to share files with anyone. And during uploads FileChucker shows a progress bar & table, so the user knows how much time is left before the upload is complete.

FileChucker can also function as a full-fledged online file manager for your server: it can allow moving/renaming/deleting of uploaded files & folders right in the browser. Of course these features are configurable and password-protectable so you can customize FileChucker however you’d like.

To top it all off, FileChucker works in all major browsers (Moz/FF, IE, Opera, Safari), and runs on virtually any server, with no programming required! It’s a single Perl script, and most servers support Perl CGI scripts automatically; for the rare server that doesn’t, Perl can usually be easily added. If your site is more of a PHP site, don’t worry: FileChucker will run just fine alongside your PHP scripts, and you can even integrate it into your existing framework with a PHP virtual() call, if you want to!

Download now

Do you worry about your site’s security? Has your site ever been hacked? Worry no more! FireWall Script is a PHP-based configurable firewall. Once installed, you can configure what mischievous things you want to be on the lookout for and let FireWall Script do the rest. With the logging functionality included, you can also go back and see if anyone is attempting to sidestep your rules and stay ahead of the game. Install FireWall Script, stop worrying about your site’s security, and start worrying about your site. Our software now has premade rule packs for most popular pieces of software available.

1. It supports every PHP/MySQL script in existence
   That means all forums, Blogs, Custom Scripts or anything else you can think of is covered.
2. Only one edit required to install.
   You can install by performing just one file edit. Or if you prefer, use a .htaccess file to automatically load FWS on every page and forget file edits altogether!
3. 100% protection guaranteed
   When properly configured, FWS can block any attacks on your site, guaranteed.

Download now

Create a file index.php and upload it on your server. Run it for testing :)).

<html>
<head>
<title>YouTube Ripper</title>
<style>
body, a, a:link, a:visited, a:hover, td {
font-family: verdana, sans-serif;
font-size: 8pt;
color: black;
}
a { font-weight: bold; }
input {
font-family: verdana, sans-serif;
font-size: 8pt;
border: black 2px solid;
padding: 2px;
}
#vid {
width: 500px;
}
</style>
</head>
<body>
<center>
<h1>Youtube ripper</h1>
<a href=’index.php’>Home</a>
<form action=”get.php” method=”get” target=”ifr”>
Video URL : <input id=”vid” type=”text” name=”vid” />
<select name=”mode”>
<option value=”1″>Just Give link</option>
<option value=”2″>Mirror and give link</option>
</select>
<input type=”submit” value=”Go!” />
</form>
<table width=”500″><tr><td>TOS: <br />Please do not use this to obtain illegal files hosted on youtube. <br />Mirrors are automatically cleared by the webmaster
frequently, so be sure to download before this happens. <br />The webmaster has the right to ban you from this server via I.P. address,
ISP, or anything else. <br />This is provided As-is, so if there are any bugs, or it doesn’t work for you, live with it, we will
try to fix any bugs so email us. <br />We are in no way affiliated with YouTube or any of their affiliates.<br />By using our
service you must agree to these terms.</td></tr></table>
<iframe width=”500″ frameborder=0 name=”ifr” id=”ifr”></iframe>
</center>
</body>
</html>

create a file get.php

<html>
<head>
<title>YouTube Ripper</title>
<style>
body, a, a:link, a:visited, a:hover {
font-family: verdana, sans-serif;
font-size: 8pt;
}
input {
font-family: verdana, sans-serif;
font-size: 8pt;
border: black 2px solid;
padding: 2px;
}
#vid {
width: 500px;
}
</style>
</head>
<body>
<?php

set_time_limit(’31337′);

// gettube youtube leecher

$regExpPattern = ‘/\”t\”\: \”([^\"\s]+)\”/i’;

$fData = file_get_contents($_GET['vid']);

preg_match($regExpPattern, $fData, $Params);

//print_r($Params);

$tID = $Params[1];

$vIDS = explode(’?v=’,$_GET['vid']);

$vID = $vIDS[1];

echo “<a href=’http://www.youtube.com/get_video?video_id=$vID&t=$tID’>Download Video</a> <br />This is a FLV file, so rename it to whatever.flv, and open with an FLV player.”;

if($_GET['mode']==2) {

$regExpPattern = ‘/content\=\”([^\"\']+)\”/i’;

preg_match($regExpPattern, $fData, $Params);

$flName = $Params[1];

$flName = preg_replace(”/[^a-zA-Z0-9s]/”, “_”, $flName);

srand((double)microtime()*1000000);
$flName = rand(0,100).$flName;

//die($flName);

$flData = file_get_contents(”http://www.youtube.com/get_video?video_id=$vID&t=$tID”);

$fp = fopen(”$flName.flv”,”w”);
fwrite($fp,$flData);
fclose($fp);

echo “<br /><a href=’$flName.flv’>Download (mirror)</a>”;

}

?>
</body>
</html>

Scraping websites with PHP cURL is damn easy. Just do it the right way – use a proxy. Here is a simple function that does the job.

Simple PHP cURL scraper:

PHP cURL functions used:

• curl_init – initializes a cURL session.
• curl_setopt – sets and option for a cURL transfer.
• curl_exec – performs a cURL session.
• curl_getinfo – gets information about the last transfer.
• curl_error – returns a string containing the last error for the current session.
• curl_close – close a cURL session.

curl_setopt options used:

• CURLOPT_URL – the URL to scrap.
• CURLOPT_HEADER – inlude/exclude the header?
• CURLOPT_RETURNTRANSFER – return the transfer as a string or output it out directly? Use 1, i.e. return.
• CURLOPT_PROXY – the HTTP proxy to tunnel request through.
• CURLOPT_HTTPPROXYTUNNEL – tunnel through a given HTTP proxy? Use 1, i.e. tunnel.
• CURLOPT_CONNECTTIMEOUT – it’s obvious.
• CURLOPT_REFERER – header to be used in a HTTP request.
• CURLOPT_USERAGENT – “User Agent:” to be used in a HTTP request.

Scraper usage:

Note: Activate cURL in php.ini if required.

Finally, the last part of the post. Get ready for some “serious” programming.

1. Include whatismyip.php. Don’t forget to specify URL.
2. Copy getPage function to proxychecker.php or include it as a file.
3. Specify a time limit.
4. Write getProxies() function.
5. Write deleteProxy($proxy) function.
6. Specify badvars.php URL.
7. Specify sleep intervals.
8. Test and fix proxychecker.php. You don’t need to upload the script to a server. You can use your PC for testing.
9. Deploy the script. Don’t use the same host for badvars.php and proxychecker.php.

You need to know your IP address before checking anonymity. If you have only one server it’s not a problem. Hardcode and forget. But what if you have several servers? As I said before, automation is the king.

Say thank you to people who cares about us. Grab URL(s) you like, extract IP and be happy. The WhatIsMyIp class (whatismyip.php) will help you in the beginning.

Most of the time I use server-side PHP scripts, because desktop proxy checkers don’t provide much flexibility. You don’t want to check, export and upload a list of proxies every time you need them, do you? That’s why PHP cURL is the best choice for me. Automation is the king!

So, how to check proxies with PHP? Let’s start with the proxy basics. What is an anonymous proxy? An anonymous proxy hides your IP address. Sometimes it informs a client that a proxy is being used. Sometimes it looks like a real host/user.

What should I look for when checking proxy anonymity? Make sure the real IP address is hidden. Check all variables that can expose your identity.

Warning! I’m not a security expert. Please let me know if any variable is missing from the list.

REMOTE_ADDR

REMOTE_HOST

HTTP_X_FORWARDED_FOR

HTTP_VIA

HTTP_CLIENT_IP

HTTP_PROXY_CONNECTION

FORWARDED_FOR

X_FORWARDED_FOR

X_HTTP_FORWARDED_FOR

HTTP_FORWARDED

HTTP_REFERER

Printing “bad” variables

Here is the first script (badvars.php) you need. It prints out required variables. Upload the file to a server and check if it’s working.

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=UTF-8″>
<title>I know you</title>
</head>
<body>
<p><?php echo(”REMOTE_ADDR ” . $_SERVER['REMOTE_ADDR'] . “\n”); ?></p>
<p><?php echo(”REMOTE_HOST ” . $_SERVER['REMOTE_HOST'] . “\n”); ?></p>
<p><?php echo(”HTTP_X_FORWARDED_FOR ” . $_SERVER['HTTP_X_FORWARDED_FOR'] . “\n”); ?></p>
<p><?php echo(”HTTP_VIA ” . $_SERVER['HTTP_VIA'] . “\n”); ?></p>
<p><?php echo(”HTTP_CLIENT_IP ” . $_SERVER['HTTP_CLIENT_IP'] . “\n”); ?></p>
<p><?php echo(”HTTP_PROXY_CONNECTION ” . $_SERVER['HTTP_PROXY_CONNECTION'] . “\n”); ?></p>
<p><?php echo(”FORWARDED_FOR ” . $_SERVER['FORWARDED_FOR'] . “\n”); ?></p>
<p><?php echo(”X_FORWARDED_FOR ” . $_SERVER['X_FORWARDED_FOR'] . “\n”); ?></p>
<p><?php echo(”X_HTTP_FORWARDED_FOR ” . $_SERVER['X_HTTP_FORWARDED_FOR'] . “\n”); ?></p>
<p><?php echo(”HTTP_FORWARDED ” . $_SERVER['HTTP_FORWARDED'] . “\n”); ?></p>
<br>
<p><?php echo(”HTTP_REFERER ” . $_SERVER['HTTP_REFERER'] . “\n”); ?></p>
<p><?php echo(”HTTP_USER_AGENT ” . $_SERVER['HTTP_USER_AGENT'] . “\n”); ?></p>
</body>
</html>

PHP class : socks 4, socks 5 and proxy lists validation (based on curl lib).

Anonymity is one of my favourites’ interests. This simple PHP 5 class validates Socks4 , Socks5 and Proxy lists.

Version: 0.2

I found this class looking for something else actually but I remembered I needed some while ago something similar and I never found one. I’m sure it will help a lot of developers who try to detect click frauds or something else. The class will scan the headers of the visitor which (in most cases when using proxies) is altered by the server. I will keep the code intact so visitors can give credits to the author We will have to create 4 files. Let’s start with the first one called “proxy_detector.class.php” which is our little core with the class in clause. Copy paste this code and save it:

I adore Wordpress themes! And I like to download and test the themes (free ones) frequently. Few days back I bumped across a plugin - TAC (Theme Authenticity Checker) which checks for any malicious code in the Wordpress themes present in /wp-content/themes folder.

When I ran TAC today, I found that couple of the themes I downloaded yesterday (name withheld) were having some encoded string in the Footer section. TAC projected them as potential threats since some malicious code could have been injected and encoded. The code looked something like this.

echo(base64_decode(”PGRpdiBjbGFzcz0iZm9vdGVy
Ij4NCiAgPGRpdiBjbGFzcz0iZm9vdGVyX3R4dCI+IA0KICAgIDxw
PiBEZXNpZ25lZCBieTogPGEgaHJlZj0iaHR0cDovL3d3dy
50YWxrcmV2aWV3cy5jb20vdG9wLXNp
dGVzIj5Ub3AgV2Vic2l0ZSBSZXZpZXdzPC9hPiA8L3A+
DQoNCiAgICA8cD4NCiAgICAgIDxhIGhy
g0KDQo=”))

I started looking out for a tool which can decode this encoded string for me. And I found out this page which can encode as well decode! There is a radio button at the bottom where you need to select the decode option. The output decoded data will be displayed in the same screen within few seconds!

<html>
<head>
<title>base64 Encoding/Decoding</title>
</head>

<script type=”text/javascript”>
<!–

var keyStr = “ABCDEFGHIJKLMNOP” +
“QRSTUVWXYZabcdef” +
“ghijklmnopqrstuv” +
“wxyz0123456789+/” +
“=”;

function encode64(input) {
input = escape(input);
var output = “”;
var chr1, chr2, chr3 = “”;
var enc1, enc2, enc3, enc4 = “”;
var i = 0;

do {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);

enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;

if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}

output = output +
keyStr.charAt(enc1) +
keyStr.charAt(enc2) +
keyStr.charAt(enc3) +
keyStr.charAt(enc4);
chr1 = chr2 = chr3 = “”;
enc1 = enc2 = enc3 = enc4 = “”;
} while (i < input.length);

return output;
}

function decode64(input) {
var output = “”;
var chr1, chr2, chr3 = “”;
var enc1, enc2, enc3, enc4 = “”;
var i = 0;

// remove all characters that are not A-Z, a-z, 0-9, +, /, or =
var base64test = /[^A-Za-z0-9\+\/\=]/g;
if (base64test.exec(input)) {
alert(”There were invalid base64 characters in the input text.\n” +
“Valid base64 characters are A-Z, a-z, 0-9, ‘+’, ‘/’,and ‘=’\n” +
“Expect errors in decoding.”);
}
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, “”);

do {
enc1 = keyStr.indexOf(input.charAt(i++));
enc2 = keyStr.indexOf(input.charAt(i++));
enc3 = keyStr.indexOf(input.charAt(i++));
enc4 = keyStr.indexOf(input.charAt(i++));

chr1 = (enc1 << 2) | (enc2 >> 4);
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
chr3 = ((enc3 & 3) << 6) | enc4;

output = output + String.fromCharCode(chr1);

if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}

chr1 = chr2 = chr3 = “”;
enc1 = enc2 = enc3 = enc4 = “”;

} while (i < input.length);

return unescape(output);
}

//–></script>

<body>

<form name=”base64Form”>

<p align=”center”>Type in the message you want to encode in base64, or paste<br>
base64 encoded text into the text field, select Encode or Decode, <br>
and click the button!</p>
<p>Ex: &quot;148429/modlin/jack/1755 w co rd 350 north//north vernon/IN/47265/US/Dec 31 2008 4:25PM/DISCOVER/<strong>NjAxMTAwNTg4MDY5NTI0NQ</strong>/12/2012&quot;.</p>
<p>1. cc-number: <strong>NjAxMTAwNTg4MDY5NTI0NQ</strong></p>
<p>2. add more ==: <strong>NjAxMTAwNTg4MDY5NTI0NQ==</strong></p>
<p>3. Decode this: <strong>6011005880695245</strong> (Discover card) <br>

<textarea name=”theText” cols=”100″ rows=”15″ wrap=”VIRTUAL”></textarea>
<br>

<input type=”button” name=”encode” value=”Encode to base64″
onClick=”document.base64Form.theText.value=encode64(document.base64Form.theText.value);”>

<input type=”button” name=”decode” value=”Decode from base64″
onClick=”document.base64Form.theText.value=decode64(document.base64Form.theText.value);”>

</p>
</form>

</body>
</html>