hpr_hub/hub/ccdn.php

<?php
# request.php > request_confirm.php > upload.php > upload_confirm.php
require "/home/hpr/php/include.php";

$ip = $_SERVER["REMOTE_ADDR"];

if ( $_SERVER['REQUEST_METHOD'] !== 'GET' ) {
  naughty("34522f7b9ba88b319afa9f063b98905c");
}

if ( empty($_SERVER["REMOTE_ADDR"]) ) {
  naughty("021dbd5f91f40918ea68fd0ca1a2e381");
}

if ( count($_GET) !== 1 ) {
  naughty("f5df1c0d9accb7868e601b60cf2f5c06");
}

if ( isset($_GET["filename"]) ) {

  $filename = $_GET["filename"];
  if ( empty($filename) ) {
    naughty("ef50f1353583f371903daba3abc9b3a4");
  }

  $filename = filter_var($filename, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW|FILTER_FLAG_STRIP_HIGH);

  $dirname = dirname("$filename", 2);
  if ( empty($dirname) ) {
    naughty("71b6b14eef459e0404311257dad8ffe4");
  }
 
  if ( $dirname === "/" ) {
    naughty("9e342e30b911e1ac3c5e831a6da6116b");
  }

  if ( !(
    strcmp($dirname, "/correspondents") === 0 or
    strcmp($dirname, "/eps") === 0 or
    strcmp($dirname, "/series") === 0 )
    ) {
    naughty("f157a8f5fedc7282c7a6469931223dbf");
  }

  $name = basename($filename); // To get file name
  if ( empty($name) ) {
    naughty("27ece7c2dba5caa5885ef40737270fd3");
  }

  $ext = pathinfo($filename, PATHINFO_EXTENSION); // To get extension
  if ( empty($ext) ) {
    naughty("c6a4329fe2f3c2c739ec666e956c2c5f");
  }

  $prefix =pathinfo($filename, PATHINFO_FILENAME); // File name without extension
  if ( empty($prefix) ) {
    naughty("f398399ec10ec9ab4b5b23ae43f21b01");
  }


  if ( strlen($filename) < 5 ) {
    naughty("f78bf180af9239fc7fcf5fbc2b13b59b");
  }

  if ( strlen($filename) > 60 ) {
    naughty("38e9a0cf7f650ac62e75c08269c9d913");
  }

  if ( !(
    strcmp($ext, "flac") === 0 or
    strcmp($ext, "jpg") === 0 or
    strcmp($ext, "json") === 0 or
    strcmp($ext, "mp3") === 0 or
    strcmp($ext, "ogg") === 0 or
    strcmp($ext, "opus") === 0 or
    strcmp($ext, "png") === 0 or
    strcmp($ext, "spx") === 0 or
    strcmp($ext, "srt") === 0 or
    strcmp($ext, "tsv") === 0 or
    strcmp($ext, "txt") === 0 or
    strcmp($ext, "vtt") === 0 )
    ) {
    naughty("545e49f7ac913863c6c3db40670ebb9d");
  }
}
else {
  naughty("0b78322e1c5010ba289c20250ca1fb1f");
}

header("location:https://alpha.nl.eu.mirror.hackerpublicradio.org${filename}");

?>
The addition of a ccdn redirector and updating the link to media to point to it 2024-10-21 15:35:20 +00:00			`<?php`
			`# request.php > request_confirm.php > upload.php > upload_confirm.php`
			`require "/home/hpr/php/include.php";`

			`$ip = $_SERVER["REMOTE_ADDR"];`

			`if ( $_SERVER['REQUEST_METHOD'] !== 'GET' ) {`
			`naughty("34522f7b9ba88b319afa9f063b98905c");`
			`}`

			`if ( empty($_SERVER["REMOTE_ADDR"]) ) {`
			`naughty("021dbd5f91f40918ea68fd0ca1a2e381");`
			`}`

			`if ( count($_GET) !== 1 ) {`
			`naughty("f5df1c0d9accb7868e601b60cf2f5c06");`
			`}`

			`if ( isset($_GET["filename"]) ) {`

			`$filename = $_GET["filename"];`
			`if ( empty($filename) ) {`
			`naughty("ef50f1353583f371903daba3abc9b3a4");`
			`}`

			`$filename = filter_var($filename, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW\|FILTER_FLAG_STRIP_HIGH);`

			`$dirname = dirname("$filename", 2);`
			`if ( empty($dirname) ) {`
			`naughty("71b6b14eef459e0404311257dad8ffe4");`
			`}`

			`if ( $dirname === "/" ) {`
			`naughty("9e342e30b911e1ac3c5e831a6da6116b");`
			`}`

			`if ( !(`
			`strcmp($dirname, "/correspondents") === 0 or`
			`strcmp($dirname, "/eps") === 0 or`
			`strcmp($dirname, "/series") === 0 )`
			`) {`
			`naughty("f157a8f5fedc7282c7a6469931223dbf");`
			`}`

			`$name = basename($filename); // To get file name`
			`if ( empty($name) ) {`
			`naughty("27ece7c2dba5caa5885ef40737270fd3");`
			`}`

			`$ext = pathinfo($filename, PATHINFO_EXTENSION); // To get extension`
			`if ( empty($ext) ) {`
			`naughty("c6a4329fe2f3c2c739ec666e956c2c5f");`
			`}`

			`$prefix =pathinfo($filename, PATHINFO_FILENAME); // File name without extension`
			`if ( empty($prefix) ) {`
			`naughty("f398399ec10ec9ab4b5b23ae43f21b01");`
			`}`


			`if ( strlen($filename) < 5 ) {`
			`naughty("f78bf180af9239fc7fcf5fbc2b13b59b");`
			`}`

			`if ( strlen($filename) > 60 ) {`
			`naughty("38e9a0cf7f650ac62e75c08269c9d913");`
			`}`

			`if ( !(`
			`strcmp($ext, "flac") === 0 or`
			`strcmp($ext, "jpg") === 0 or`
			`strcmp($ext, "json") === 0 or`
			`strcmp($ext, "mp3") === 0 or`
			`strcmp($ext, "ogg") === 0 or`
			`strcmp($ext, "opus") === 0 or`
			`strcmp($ext, "png") === 0 or`
			`strcmp($ext, "spx") === 0 or`
			`strcmp($ext, "srt") === 0 or`
			`strcmp($ext, "tsv") === 0 or`
			`strcmp($ext, "txt") === 0 or`
			`strcmp($ext, "vtt") === 0 )`
			`) {`
			`naughty("545e49f7ac913863c6c3db40670ebb9d");`
			`}`
			`}`
			`else {`
			`naughty("0b78322e1c5010ba289c20250ca1fb1f");`
			`}`

			`header("location:https://alpha.nl.eu.mirror.hackerpublicradio.org${filename}");`

			`?>`