fas-aes-https.php Verbose Info

# fas-aes-https.php Verbose Info ### Initial auth request Request URL: https://maxfangx.loophole.site/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ==&iv=a17c6e899518c77a Query parameters - fas: elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ== - iv: a17c6e899518c77a cURL ```bash curl 'https://maxfangx.loophole.site/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ==&iv=a17c6e899518c77a' \ -H 'Upgrade-Insecure-Requests: 1' \ -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36' \ --compressed ``` ### Accept Terms of Service Request one cURL ```bash curl 'https://maxfangx.loophole.site/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ%3D%3D&iv=a17c6e899518c77a&fullname=Max+Fang&email=maxfangx%40gmail.com' \ -H 'authority: maxfangx.loophole.site' \ -H 'upgrade-insecure-requests: 1' \ -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36' \ -H 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \ -H 'sec-gpc: 1' \ -H 'sec-fetch-site: same-origin' \ -H 'sec-fetch-mode: navigate' \ -H 'sec-fetch-user: ?1' \ -H 'sec-fetch-dest: document' \ -H 'referer: https://maxfangx.loophole.site/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ%3D%3D&iv=a17c6e899518c77a&fullname=&email=' \ -H 'accept-language: en-US,en;q=0.9' \ --compressed ``` Request two cURL ```bash curl 'https://maxfangx.loophole.site/nds/fas-aes-https.php?get_image=https://avatars1.githubusercontent.com/u/62547912&imagetype=png' \ -H 'authority: maxfangx.loophole.site' \ -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36' \ -H 'accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8' \ -H 'sec-gpc: 1' \ -H 'sec-fetch-site: same-origin' \ -H 'sec-fetch-mode: no-cors' \ -H 'sec-fetch-dest: image' \ -H 'referer: https://maxfangx.loophole.site/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ%3D%3D&iv=a17c6e899518c77a&fullname=Max+Fang&email=maxfangx%40gmail.com' \ -H 'accept-language: en-US,en;q=0.9' \ --compressed ``` ### ThankYou > continue cURL (Timed out) ```bash curl 'https://maxfangx.loophole.site/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ%3D%3D&iv=a17c6e899518c77a&auth=yes&fullname=Max%2520Fang&email=maxfangx%40gmail.com' \ -H 'authority: maxfangx.loophole.site' \ -H 'upgrade-insecure-requests: 1' \ -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36' \ -H 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \ -H 'sec-gpc: 1' \ -H 'sec-fetch-site: same-origin' \ -H 'sec-fetch-mode: navigate' \ -H 'sec-fetch-user: ?1' \ -H 'sec-fetch-dest: document' \ -H 'referer: https://maxfangx.loophole.site/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ%3D%3D&iv=a17c6e899518c77a&fullname=Max+Fang&email=maxfangx%40gmail.com' \ -H 'accept-language: en-US,en;q=0.9' \ --compressed ``` ### Logging variables to console In line 548, `login_page()`: ```php // Can't include this one for some reason // console.log('client if: $clientif'); echo " <script> console.log('clientip: $clientip'); console.log('fullname: $fullname'); console.log('email: $email'); console.log('me: $me'); console.log('fas: $fas'); console.log('iv: $iv'); console.log('clientmac: $clientmac'); console.log('gatewayname: $gatewayname'); console.log('gatewayaddress: $gatewayaddress'); console.log('gatewaymac: $gatewaymac'); console.log('client_zone: $client_zone'); console.log('originurl: $originurl'); </script> "; ``` Console output: ```text 110 clientip: 192.168.2.150 111 fullname: 112 email: 113 me: /nds/fas-aes-https.php 114 fas: elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ== 115 iv: a17c6e899518c77a 116 clientmac: 38:f9:d3:84:f7:a5 117 gatewayname: OpenWrt openNDS 118 gatewayaddress: 192.168.2.1:2050 119 gatewaymac: 120 client_zone: LocalZone:wlan0 121 originurl: http%3a%2f%2f192.168.2.1%2f ``` ### Logging \_GET and \_SERVER to console Couldn't get `$GLOBALS` to work but that's okay; it's just the variables defined in the global scope In line 548, `login_page()`: ```php $get_json = json_encode($_GET); $server_json = json_encode($_SERVER); echo " <script> console.log('_GET: $get_json'); console.log('_SERVER: $server_json'); </script> "; ``` \_GET: ```json { "fas": "elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ==", "iv": "a17c6e899518c77a" } ``` \_SERVER: ```json { "DOCUMENT_ROOT": "/Users/fang/projects/Lightning-Router/aes-https", "REMOTE_ADDR": "127.0.0.1", "REMOTE_PORT": "57634", "SERVER_SOFTWARE": "PHP 7.3.11 Development Server", "SERVER_PROTOCOL": "HTTP/1.1", "SERVER_NAME": "127.0.0.1", "SERVER_PORT": "8000", "REQUEST_URI": "/nds/fas-aes-https.php?fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ==&iv=a17c6e899518c77a", "REQUEST_METHOD": "GET", "SCRIPT_NAME": "/nds/fas-aes-https.php", "SCRIPT_FILENAME": "/Users/fang/projects/Lightning-Router/aes-https/nds/fas-aes-https.php", "PHP_SELF": "/nds/fas-aes-https.php", "QUERY_STRING": "fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ==&iv=a17c6e899518c77a", "HTTP_HOST": "maxfangx.loophole.site", "HTTP_USER_AGENT": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36", "HTTP_ACCEPT": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", "HTTP_ACCEPT_ENCODING": "gzip, deflate, br", "HTTP_ACCEPT_LANGUAGE": "en-US,en;q=0.9", "HTTP_CACHE_CONTROL": "max-age=0", "HTTP_SEC_FETCH_DEST": "document", "HTTP_SEC_FETCH_MODE": "navigate", "HTTP_SEC_FETCH_SITE": "none", "HTTP_SEC_FETCH_USER": "?1", "HTTP_SEC_GPC": "1", "HTTP_UPGRADE_INSECURE_REQUESTS": "1", "HTTP_X_FORWARDED_FOR": "127.0.0.1", "HTTP_X_FORWARDED_HOST": "maxfangx.loophole.site", "HTTP_X_FORWARDED_PROTO": "https", "REQUEST_TIME_FLOAT": 1630310923.55719, "REQUEST_TIME": 1630310923, "argv": [ "fas=elVNRFhSMmMrWnZidGoyTDJTTlZNQ0gwM01mNWRiRDBRZjI1dzM2alAxM3c2RFdSRHNzZk9oMDNVSXRHK0tDcldEdGRxNzZwcE0yTDlhQWNKSlV3YmZTRDBGM1N6Yy9kdzZpcjlwTUt1Z1I3Wm1KanE0MStTTzlITFJYc1BjZHVqWkVjYXlkV0NhcmhJNDI1cHlGV2daVXEvUFJ4Ly9HY0ZOSlQ1SXM0Y0hlMEwyeXBrekJxWGJDS2Q3OG5mWHRueDJHNkdzZUFmWTNqR1JJd1IxcDFrSjM0eUxXeDFpVG8yY09rSWxXME8rMmJNOSsyM2xNS0pmazFhUWhVYTJiUzVTcjZieGtiQWFMOEd1U2ZmdlpCMVE9PQ==&iv=a17c6e899518c77a" ], "argc": 1 } ```