#!/usr/bin/ruby begin $: << File.expand_path('../../html/softs/libhttp', __FILE__) require 'libhttp' class String def hide if $r13 p1, p2 = split('?', 2) p1 = p1.to_s.tr('a-z', 'n-za-m').tr('A-Z', 'N-ZA-M') p1 << '?' << p2 if p2 p1 else self end end end #puts "Content-type: text/plain", '', ENV.map { |k, v| "#{k} = #{v.inspect}" } Me_s = ENV['HTTP_HOST'] Me_p = (ENV['SCRIPT_NAME'] || '') + '/' use_ssl = true if ENV['SERVER_PORT'] == 443 path = (ENV['REQUEST_URI'] || '')[Me_p.length..-1].to_s $r13 = nil if path[0, 4] == 'r13/' $r13 = 'r13/' path = path[4..-1].hide end sv, path = path.split('/', 2) path = "/#{path}" if path.to_s[0] != '/' path.sub!(/^\/+/, '/') postdata = $stdin.read if ENV['REQUEST_METHOD'] == 'POST' if not sv or sv.empty? puts 'Content-type: text/html', '', <
EOH $stdout.flush exit! end $DEBUG = true if path.sub!('?jjproxydebug', '') norewrite = true if path.sub!('?jjnorewrite', '') noreferer = true if path.sub!('?jjdelreferer', '') rdg = '?jjproxydebug' if path.sub!('?jjrewritedebug', '') transform = proc { |str| str.gsub(%r{(action=.?|href=.?)?(https?://)([^ '">]*)}i) { $1.to_s + $2 + Me_s + Me_p + $r13.to_s + $3.hide + (rdg if $1).to_s.hide }.\ gsub(/((?:href=|action=|src=|background=|replace\()['"]?\/)([^ '">]*)/i) { $1 + Me_p[1..-1] + $r13.to_s + sv.to_s.hide + '/' + $2.to_s.hide + (rdg.to_s.hide if $1 =~ /href|action/i).to_s }.\ gsub(%r{((?>href=|action=|src=|background=|replace\()['"]?)((?!/|https?://)[^ '">]*)}i) { $1 + $2.to_s.hide + (rdg.to_s.hide if $1 =~ /href|action/i).to_s } } untransform = proc { |str| str.sub(Me_s, '').sub(Me_p, '').sub($r13.to_s, '').gsub(/\?jj(proxydebug|norewrite|delreferer|rewritedebug)/, '').hide } begin s = HttpServer.new("http#{'s' if use_ssl}://"+sv+"/") # allow log:pass@sv:port h = {} if ref = ENV['HTTP_REFERER'] and not noreferer realref = h['Referer'] = untransform[ref] end if c = ENV['HTTP_COOKIE'] h['Cookie'] = c end if postdata p = s.post_raw path, postdata, h else p = s.get path, h end rescue puts 'Content-type: text/plain', '', "cgi-proxy error with #{sv.inspect} #{path.inspect}", $!.class, $!.message, $!.backtrace $stdout.flush exit! end puts "Content-type: text/plain", '', ' [+] response:', p, '', ' [+] cgi env:', ENV.map { |k, v| "#{k} = #{v.inspect}" }, '', ' [+] sent postdata:', postdata.inspect, '', ' [+] referer sent:', realref.inspect, '', ' [+] normal cgi output:' if $DEBUG if c = p.headers['set-cookie'] c.split(/\s*;\s*/).map { |cc| name, value = cc.split('=', 2) next if %w[domain path expires].include? name # path = "#{Me_p}#{sv}" path = "#{Me_p.chop}" # cross-site cookies puts "Set-cookie: #{cc}; domain=#{Me_s}; path=#{Me_p}#{sv};" } end case p.status when 200, 404 puts "Content-type: #{ct = p.headers['content-type']}", '' data = p.content data = transform[data] if ct.include? 'text/html' and not norewrite $stdout.write data when 301, 302 puts "Location: #{transform[p.headers['location']]}", '' else puts "Content-type: text/plain", '' puts "proxy error: got #{p.status}", p end rescue Exception puts 'content-type: text/plain', '', $!, $!.backtrace end