#native_company# #native_desc#

Proxy bypass

By Nick Horvath
on March 4, 2003

Version: 2.0 mySQL

Type: Full Script

Category: HTTP

License: GNU General Public License

Description: For all you students out there with over-restrictive internet access this will get around it! Just open this page from school and enter the desired url. The internet blocking software thinks its viewning a harmless page and not the blocked one! There is a MySQL based login built in that can be uncommented and used if you have access to a MySQL database as well.

*   Get around your proxy with this redirect!     *
*                                                 *
*  Author: Nick Horvath                           *
*  Filename: redirect.php                         *
*  Created: June, 2002                            *
*  Last Edited: March 2, 2003                     *
*  Website: http://mooserve.myftp.org:89/         *
*  PHP Vers Used: 4.31 (but should work with 4.x) *
*                                                 *
*          MySQL-Based authentication             *
*            Just follow directions               *
*                                                 *
*    Consider the image access as beta only       *
*                                                 *
*   Version 2.0 has vast improvements over 1.0    *
*         (it was a complete rewrite)             *
*                                                 *
$extlist = "/.html?|.htmlZ|.php?|.phpZ|.py?|.pyZ|.htm?|.htmZ|.phps?|.phpsZ|.asp?|.aspZ|.cgi?|.cgiZ|.pl?|.plZ|.xml?|.xmlZ|.jsp?|.jspZ|.php3?|.php3Z|.cfg?|.cfgZ|"Z/";

if(isset($PHP_AUTH_USER) && (!isset($_COOKIE['redirect'])))
    //MySQL variables
    $database_name = "";
    $mysql_user = "";
    $mysql_pass = "";
    $table = "";

    //Create a mySQL table with the fields 'user', 'pass' and 'priv_lvl'
    //User and pass are self explanitory (use the password() function when entering passwords)
    //priv_lvl is of type varchar and has any/all of the following strings for different access levels:
    //Redir = just redirect, Pic = picture redirect access, PAP = process all picture access (doesnt work yet)

    [email protected]_connect("localhost", "$mysql_user", "$mysql_pass") or die("Couldn't connect to MySQL.");
    [email protected]_select_db("$database_name", $connection) or die("Couldn't select database");
    $sql="select * from $table where user='$PHP_AUTH_USER' and pass=password('$PHP_AUTH_PW')";
    $result=mysql_query($sql, $connection) or die("Couldn't execute query.");

    if($numrows>=1 && preg_match("/Redir/", $row['priv_lvl']))
        setcookie("redirect", "ok", 0, "/", "mooserve.myftp.org", 0);
        if (preg_match("/Pic/", $row['priv_lvl']))
            setcookie("pics", "ok", 0, "/", "mooserve.myftp.org", 0);
            if (preg_match("/PAP/", $row['priv_lvl']))
                setcookie("pap", "ok", 0, "/", "mooserve.myftp.org", 0);

if($_COOKIE['redirect'] == "ok" || preg_match("/Redir/", $row['priv_lvl']))
    //url input box
    echo "<table bgcolor=#ffffff width=100% cellpadding=0 cellspacing=0 border=0><tr>
     <td align=left width=40%><form method=post action="$PHP_SELF"><b>URL: </b><input type=text name=url value=$url> ";
    if ($_COOKIE['pap'] == "ok")
        echo "PAP:<input type=checkbox name=do_pics value=1> ";
    echo "<input type=submit value=Go!></form></td><td align=center width=20%><b>Redirect Script</b> by Nick Horvath</td>
     <td align=right width=40%><form method=post action="$PHP_SELF"><b>eBay Search: </b><input type=text name=url> T&D:<input type=checkbox name=td value=1> <input type=submit value=Go!><INPUT type=hidden name=ebay value=1></form></td></tr>";
    if ($_COOKIE['pics'] == "ok")
        echo "<tr><td align=left width=40%><form method=post action="getimage.php"><b>Image URL: </b><input type=text name=pic> <input type=submit value=Go!>";

        if ($_COOKIE['pap'] == "ok")
            echo "</td><td width=60% colspan=2>PAP = <b>P</b>rocess <b>A</b>ll <b>P</b>ics, Do <b><i>NOT</i></b> overuse it (especially on pages with many pics), if you do it will be revoked</form></td></tr></table><br>";
            echo "</form></td><td width=60% colspan=2> </td></tr></table><br>";
        echo "</table><br>";

    //eBay Search thingy
        $url = str_replace(' ', '+', $url);
        if($td == 1)
            $url= "http://search-desc.ebay.com/search/search.dll?MfcISAPICommand=GetResult&query=$url&cgiurl=http%3A%2F%2Fcgi.ebay.com%2Fws%2F&ht=1&from=R10&currdisp=2&itemtimedisp=1&st=2&SortProperty=MetaEndSort&srchdesc=y&BasicSearch=";
            $url = 'http://search.ebay.com/search/search.dll?cgiurl=http%3A%2F%2Fcgi.ebay.com%2Fws%2F&krd=1&from=R8&MfcISAPICommand=GetResult&ht=1&SortProperty=MetaEndSort&query='.$url;

        $page = @implode("", (@file($url))) or die("Broken");
        //fix url so file() doesn't puke
        if (!preg_match("/http:///", $url))
            $url = 'http://'.$url;

        //add trailing slash if it should be there
        if(!preg_match($extlist, $url))
            $url .= '/';
        $url = preg_replace("/([^:])///", "$1/", $url);
        //$url = preg_replace("/(.w*)//", "$1", $url);
        //$url = preg_replace("/(.comZ|.orgZ|.eduZ)/", "$1/", $url);

        preg_match("/^(.*://)?([^:/]+):?([0-9]+)?(.*)?[/]/", $url, $match);
        list(,$proto,$host,$port,$dir) = $match;

        //Strip trailing "/" that we added
        if(!preg_match($extlist, $url))
            $url = substr($url, 0, -1);

        $errormsg = "It broke!<br>Any/all of these may have occurered:<ul><li>You didn't enter a url<li>The page does not exist<li>I fucked up the code (highly unlikely :p)</ul>If you think it really was my fault <a href=mailto:[email protected]>email me</a>.<br>The url you entered was: $url";

        //read page into an array for editing
        $page = @implode("", (@file($url))) or die($errormsg);

        //fix images
        if($do_pics == 1)
            $page = preg_replace("/src([40]?)=([40,",']*)/i", "src$1=$2http://$HTTP_HOST/redirect/getimage.php?pic=$base/", $page);
            $page = preg_replace("/src([40]?)=([40,",']*)/i", "src$1=$2$base/", $page);

        //fix links
        $page = preg_replace("/href([40]?)=([40,",']*)/i", "href$1=$2http://$HTTP_HOST$PHP_SELF?url=$base/", $page);

        //fix stuff
        $page = str_replace("$base/http", "http", $page);
        $page = str_replace("$base///", "http://", $page);

        //fix double slash problems
        $page = str_replace('//', '/', $page);
        $page = preg_replace("/http(s?)://", "http$1://", $page);

    echo $page;
    Header("WWW-Authenticate: Basic realm="Redirect Script"");
    Header("HTTP/1.0 401 Unauthorized");
    echo "Please enter a valid username and password!<br>Reload the page to try again.";