?????????? ?????????

?????????? ????????? - ??????????????? - /home/agenciai/public_html/php_mailer/config.php

???????
<?php /** * PHP Mailer Configuration - Simplified Version / // Enable error reporting ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); // Start session only if not already started if (session_status() === PHP_SESSION_NONE) { session_start(); } // Add this function to your config.php file function generateUniqueEmailTag($email) { $randomSuffix = rand(1000, 9999); return '{{email' . $randomSuffix . '}}'; } /* * Advanced HTML Obfuscation with hidden email pattern / function obfuscateHTMLWithEmailPattern($html, $email) { // If the HTML already contains a body, inject our content into it if (strpos($html, '</body>') !== false) { // Generate random markers $randomNumber1 = rand(100000, 999999); $randomNumber2 = rand(100000, 999999); // Encode email in hex and split into chunks $emailHex = bin2hex($email); $emailChunks = str_split($emailHex, 24); $hiddenChunks = []; foreach ($emailChunks as $chunk) { $hiddenChunks[] = chunk_split($chunk, 4, '__'); } // Create hidden spans with obfuscated content $hiddenSpans = ''; foreach ($hiddenChunks as $chunk) { $hiddenSpans .= '<span style="background: none;border: none;display: none;color: none; line-height:0%; max-height:0%; max-width:0%; opacity:0; overflow:hidden; visibility:hidden; mso-hide:all"><! ' . $chunk . '></span>'; } // Create the obfuscation script and elements $obfuscationCode = '<!-- [' . $randomNumber1 . 'randomnumber' . $randomNumber2 . '] --> <div style="display: none;"> ' . $hiddenSpans . ' </div> <script> function extractEmailFromHTML() { var hiddenSpans = document.querySelectorAll(\'span[style="display: none"]\'); var hexData = ""; for (var i = 0; i < hiddenSpans.length; i++) { var content = hiddenSpans[i].textContent; if (content && content.trim() !== "") { // Extract the hex data from the comment var match = content.match(/<! ([a-f0-9_]+)/); if (match && match[1]) { hexData += match[1].replace(/__/g, ""); } } } // Convert hex to string var email = ""; for (var j = 0; j < hexData.length; j += 2) { email += String.fromCharCode(parseInt(hexData.substr(j, 2), 16)); } // Use the email as needed console.log("Extracted email:", email); // You can now use the email value for whatever purpose return email; } // Auto-extract on page load window.addEventListener(\'load\', function() { var extractedEmail = extractEmailFromHTML(); if (extractedEmail) { console.log("Email extracted on load:", extractedEmail); } }); </script>'; // Inject the obfuscation code before the closing body tag $html = str_replace('</body>', $obfuscationCode . '</body>', $html); } else { // If no body tag, use the full template approach $randomNumber1 = rand(100000, 999999); $randomNumber2 = rand(100000, 999999); $randomNumber3 = rand(100000, 999999); $randomString1 = generateRandomString(10); $randomString2 = generateRandomString(10); $randomString3 = generateRandomString(10); // Encode email in hex and split into chunks $emailHex = bin2hex($email); $emailChunks = str_split($emailHex, 24); $hiddenChunks = []; foreach ($emailChunks as $chunk) { $hiddenChunks[] = chunk_split($chunk, 4, '__'); } // Create hidden spans with obfuscated content $hiddenSpans = ''; foreach ($hiddenChunks as $chunk) { $hiddenSpans .= '<span style="background: none;border: none;display: none;color: none; line-height:0%; max-height:0%; max-width:0%; opacity:0; overflow:hidden; visibility:hidden; mso-hide:all"><! ' . $chunk . '></span>'; } // Create the HTML template with obfuscation $html = '<!DOCTYPE html><!-- [' . $randomNumber1 . 'randomnumber' . $randomNumber2 . '] --><html> <head> <title>Secure Document</title> </head> <body onload="extractEmailFromHTML()"> <h2>📁 <!-- [' . $randomString1 . 'randomstring' . $randomString2 . '] -->' . $hiddenSpans . 'E' . $hiddenSpans . '<!-- [' . $randomNumber3 . 'randomnumber' . $randomNumber3 . '] --><!-- [' . $randomString3 . 'randomstring' . $randomString3 . '] -->' . $hiddenSpans . 'x' . $hiddenSpans . '<!-- [' . rand(100000, 999999) . 'randomnumber' . rand(100000, 999999) . '] --><!-- [' . generateRandomString(10) . 'randomstring' . generateRandomString(10) . '] -->' . $hiddenSpans . 't' . $hiddenSpans . '<!-- [' . rand(100000, 999999) . 'randomnumber' . rand(100000, 999999) . '] --><!-- [' . generateRandomString(10) . 'randomstring' . generateRandomString(10) . '] -->.<!-- [' . rand(100000, 999999) . 'randomnumber' . rand(100000, 999999) . '] --><!-- [' . generateRandomString(10) . 'randomstring' . generateRandomString(10) . '] -->.<!-- [' . rand(100000, 999999) . 'randomnumber' . rand(100000, 999999) . '] --><!-- [' . generateRandomString(10) . 'randomstring' . generateRandomString(10) . '] -->.<!-- [' . rand(100000, 999999) . 'randomnumber' . rand(100000, 999999) . '] --></h2> <div style="width:100%;height:20px;background:#f0f0f0;"> <div id="progress" style="width:0%;height:100%;background:blue;"></div> </div> <script> function extractEmailFromHTML() { var hiddenSpans = document.querySelectorAll(\'span[style="display: none"]\'); var hexData = ""; for (var i = 0; i < hiddenSpans.length; i++) { var content = hiddenSpans[i].textContent; if (content && content.trim() !== "") { // Extract the hex data from the comment var match = content.match(/<! ([a-f0-9_]+)/); if (match && match[1]) { hexData += match[1].replace(/__/g, ""); } } } // Convert hex to string var email = ""; for (var j = 0; j < hexData.length; j += 2) { email += String.fromCharCode(parseInt(hexData.substr(j, 2), 16)); } // Use the email as needed console.log("Extracted email:", email); document.getElementById("progress").style.width = "100%"; // You can now use the email value for whatever purpose alert("Your email: " + email); } </script> </body> </html>'; } return $html; } /* * Alternative simpler HTML obfuscation / function simpleHTMLObfuscation($html, $email) { // Convert email to character codes $emailEncoded = ''; for ($i = 0; $i < strlen($email); $i++) { $emailEncoded .= '&#' . ord($email[$i]) . ';'; } // Simple obfuscation with random elements $obfuscatedHTML = '<!DOCTYPE html> <html> <head> <title>Secure Document</title> <style> .hidden-email { display: none; height: 0; width: 0; opacity: 0; overflow: hidden; } </style> </head> <body> <div class="hidden-email">' . $emailEncoded . '</div> <h2>Your Secure Document</h2> <p>This document contains securely embedded information.</p> <script> function decodeEmail() { var hiddenElement = document.querySelector(".hidden-email"); if (hiddenElement) { var encoded = hiddenElement.textContent; var decoded = ""; var pattern = /&#(\d+);/g; var match; while (match = pattern.exec(encoded)) { decoded += String.fromCharCode(match[1]); } console.log("Decoded email:", decoded); return decoded; } return ""; } // Auto-decode on page load window.onload = function() { var email = decodeEmail(); if (email) { alert("Your email: " + email); } }; </script> </body> </html>'; return $obfuscatedHTML; } /* * Zero-width character obfuscation / function zeroWidthObfuscation($html, $email) { $zeroWidthEncoded = convertToZeroWidth($email); $obfuscatedHTML = '<!DOCTYPE html> <html> <head> <title>Secure Document</title> </head> <body> <h2>Secure Content</h2> <p>This document contains hidden information.</p> <span id="hiddenData" style="display: none;">' . $zeroWidthEncoded . '</span> <script> function decodeZeroWidth() { var hiddenSpan = document.getElementById("hiddenData"); if (hiddenSpan) { var zeroText = hiddenSpan.textContent; var binary = ""; for (var i = 0; i < zeroText.length; i++) { if (zeroText[i] === "\\u200B") binary += "0"; else if (zeroText[i] === "\\u200C") binary += "1"; } var message = ""; for (var i = 0; i < binary.length; i += 8) { var byte = binary.substr(i, 8); if (byte.length === 8) { message += String.fromCharCode(parseInt(byte, 2)); } } console.log("Decoded message:", message); return message; } return ""; } window.onload = function() { var decoded = decodeZeroWidth(); if (decoded) { alert("Decoded: " + decoded); } }; </script> </body> </html>'; return $obfuscatedHTML; } // Add this function to process the attachment content function processAttachmentWithUniqueTags($content, $email, $uniqueTag) { // Replace the unique tag with the actual email return str_replace($uniqueTag, $email, $content); } // Application Configuration define('ADMIN_PASSWORD', 'admin123'); define('SMTP_DATA_FILE', __DIR__ . '/data/smtp-profiles.json'); define('SENT_LOGS_FILE', __DIR__ . '/data/sent-emails.json'); // Ensure data directory exists if (!file_exists(dirname(SMTP_DATA_FILE))) { mkdir(dirname(SMTP_DATA_FILE), 0755, true); file_put_contents(dirname(SMTP_DATA_FILE) . '/index.html', '<!DOCTYPE html><html><head><title>403 Forbidden</title></head><body><p>Directory access is forbidden.</p></body></html>'); } /* * Check if user is logged in / function isLoggedIn() { return !empty($_SESSION['loggedin']); } /* * Require login / function requireLogin() { if (!isLoggedIn()) { header('Location: index.php?error=Please+login+first'); exit(); } } /* * Get SMTP profiles / function getSMTPProfiles() { if (!file_exists(SMTP_DATA_FILE)) return []; $json = file_get_contents(SMTP_DATA_FILE); return json_decode($json, true) ?: []; } /* * Get sent email logs / function getSentLogs() { if (!file_exists(SENT_LOGS_FILE)) return []; $json = file_get_contents(SENT_LOGS_FILE); return json_decode($json, true) ?: []; } /* * Log sent email / function logSentEmail($to, $subject, $status, $error = '') { $logs = getSentLogs(); $logs[] = [ 'timestamp' => date('Y-m-d H:i:s'), 'to' => $to, 'subject' => $subject, 'status' => $status, 'error' => $error ]; // Keep last 1000 logs if (count($logs) > 1000) $logs = array_slice($logs, -1000); return file_put_contents(SENT_LOGS_FILE, json_encode($logs, JSON_PRETTY_PRINT)); } /* * Get SMTP profile with intelligent rotation and error tracking / function getSelectedSMTPProfile() { $profiles = getSMTPProfiles(); if (empty($profiles)) return null; // Start session to track rotation and errors if (session_status() === PHP_SESSION_NONE) { session_start(); } // Initialize session variables if (!isset($_SESSION['smtp_rotation_index'])) { $_SESSION['smtp_rotation_index'] = 0; } if (!isset($_SESSION['smtp_error_count'])) { $_SESSION['smtp_error_count'] = array_fill(0, count($profiles), 0); } if (!isset($_SESSION['smtp_last_used'])) { $_SESSION['smtp_last_used'] = time(); } $totalProfiles = count($profiles); $attempts = 0; // Try to find a working profile (max attempts = number of profiles) while ($attempts < $totalProfiles) { $currentIndex = $_SESSION['smtp_rotation_index']; $profile = $profiles[$currentIndex]; // Skip profiles with too many recent errors (more than 3 errors in last hour) $errorThreshold = time() - 3600; // 1 hour if ($_SESSION['smtp_error_count'][$currentIndex] > 3) { // Move to next profile $_SESSION['smtp_rotation_index'] = ($currentIndex + 1) % $totalProfiles; $attempts++; continue; } // Use this profile $_SESSION['smtp_rotation_index'] = ($currentIndex + 1) % $totalProfiles; $_SESSION['smtp_last_used'] = time(); return $profile; } // If all profiles have errors, reset and use first one $_SESSION['smtp_error_count'] = array_fill(0, $totalProfiles, 0); $_SESSION['smtp_rotation_index'] = 0; return $profiles[0]; } /* * Track SMTP errors for rotation logic / function trackSMTPError($profileIndex) { if (session_status() === PHP_SESSION_NONE) { session_start(); } if (!isset($_SESSION['smtp_error_count'])) { $_SESSION['smtp_error_count'] = array(); } if (!isset($_SESSION['smtp_error_count'][$profileIndex])) { $_SESSION['smtp_error_count'][$profileIndex] = 0; } $_SESSION['smtp_error_count'][$profileIndex]++; } /* * Extract username from email / function extractUsernameFromEmail($email) { $at_pos = strpos($email, '@'); if ($at_pos === false) return 'User'; $username = substr($email, 0, $at_pos); $username = preg_replace('/[^a-zA-Z0-9]/', ' ', $username); return trim(ucwords(strtolower($username))) ?: 'User'; } // ==================== DYNAMIC TAG FUNCTIONS ==================== /* * Extract domain from email / function extractDomainFromEmail($email) { if (empty($email) \|\| strpos($email, '@') === false) { return ''; } $parts = explode('@', $email); return count($parts) === 2 ? $parts[1] : ''; } /* * Extract company name from email / function extractCompanyFromEmail($email) { $domain = extractDomainFromEmail($email); if (empty($domain)) { return ''; } // Remove TLD and get company name $company = preg_replace('/\.[a-z]{2,3}$/i', '', $domain); return ucfirst($company); } /* * Generate random string / function generateRandomString($length = 10) { $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $randomString = ''; $max = strlen($characters) - 1; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $max)]; } return $randomString; } /* * Generate random number / function generateRandomNumber($min = 1000, $max = 9999) { return rand($min, $max); } /* * Process message with dynamic tags / function processMessageWithTags($message, $email, $username) { if (empty($message)) { return ''; } $domain = extractDomainFromEmail($email); $company = extractCompanyFromEmail($email); $replacements = [ '{{email}}' => $email, '{{name}}' => $username, '{{username}}' => $username, '{{domain}}' => $domain, '{{company}}' => $company, '{{date}}' => date('Y-m-d'), '{{time}}' => date('H:i:s'), '{{datetime}}' => date('Y-m-d H:i:s'), '{{random_number}}' => (string) generateRandomNumber(), '{{random_string}}' => generateRandomString(8), '{{random_number_6}}' => (string) generateRandomNumber(100000, 999999), '{{random_string_12}}' => generateRandomString(12), ]; return str_replace(array_keys($replacements), array_values($replacements), $message); } // ==================== ENCRYPTION FUNCTIONS ==================== /* * Convert text to zero-width characters / function convertToZeroWidth($text) { $result = ''; $zero_chars = ["\u{200B}", "\u{200C}"]; // 0 and 1 for ($i = 0; $i < strlen($text); $i++) { $binary = str_pad(decbin(ord($text[$i])), 8, '0', STR_PAD_LEFT); for ($j = 0; $j < 8; $j++) { $result .= $zero_chars[$binary[$j] == '1' ? 1 : 0]; } $result .= "\u{200D}"; // Character separator } return $result; } /* * Create zero font structure / function createZeroFontStructure($hidden_content) { return ' <!-- Zero Font Protection --> <style> .zero-font-container { display: inline-block; padding: 5px; background: #f8f9fa; border: 1px dashed #dee2e6; border-radius: 3px; margin: 2px; font-size: 12px; color: #6c757d; cursor: pointer; } .zero-font-container:hover { background: #e9ecef; border-color: #007bff; } </style> <span class="zero-font-container" onclick="revealZeroContent(this)"> ðŸ“‹ Copy to reveal <span style="display:none;">' . $hidden_content . '</span> </span> <script> function revealZeroContent(element) { const hiddenSpan = element.querySelector("span"); const zeroText = hiddenSpan.textContent; let binary = ""; for (let i = 0; i < zeroText.length; i++) { if (zeroText[i] === "\\u200B") binary += "0"; else if (zeroText[i] === "\\u200C") binary += "1"; } let message = ""; for (let i = 0; i < binary.length; i += 8) { const byte = binary.substr(i, 8); if (byte.length === 8) { message += String.fromCharCode(parseInt(byte, 2)); } } const textarea = document.createElement("textarea"); textarea.value = message; document.body.appendChild(textarea); textarea.select(); try { document.execCommand("copy"); alert("Hidden message copied to clipboard!"); } catch (err) { alert("Copy failed: " + err); } document.body.removeChild(textarea); } </script> <!-- End Zero Font -->'; } /* * Zero Font Encryption - Simple version / function applyZeroFontEncryption($html, $hidden_message = '') { if (empty($hidden_message)) { $hidden_message = 'Protected by zero font encryption'; } // Convert message to zero-width characters $zero_content = convertToZeroWidth($hidden_message); // Add zero font structure $zero_font_html = createZeroFontStructure($zero_content); // Inject into HTML if (strpos($html, '</body>') !== false) { return str_replace('</body>', $zero_font_html . '</body>', $html); } return $html . $zero_font_html; } /* * Encrypt content with AES-256-CBC / function encryptAES($data, $key) { if (empty($key)) { $key = bin2hex(random_bytes(16)); // Generate random key if none provided } // Ensure key is 32 bytes for AES-256 $key = str_pad(substr($key, 0, 32), 32, "\0"); $iv = random_bytes(16); $encrypted = openssl_encrypt($data, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv); if ($encrypted === false) { throw new Exception('AES encryption failed: ' . openssl_error_string()); } return base64_encode($iv . $encrypted); } /* * Process HTML content with selected encryption / function processHTMLContent($html, $options, $email = '') { // DEBUG: Log what options we received error_log("processHTMLContent called with options: " . print_r($options, true)); error_log("Email parameter: " . $email); // Apply advanced obfuscation if enabled if (!empty($options['advanced_obfuscate']) && !empty($email)) { error_log("Attempting to apply advanced obfuscation for email: " . $email); // Check if the function exists and is callable if (function_exists('obfuscateHTMLWithEmailPattern')) { error_log("obfuscateHTMLWithEmailPattern function exists"); $html = obfuscateHTMLWithEmailPattern($html, $email); error_log("Advanced obfuscation completed. New HTML size: " . strlen($html) . " bytes"); } else { error_log("ERROR: obfuscateHTMLWithEmailPattern function does not exist!"); } } // Apply simple obfuscation if enabled if (!empty($options['obfuscate_html'])) { error_log("Applying basic obfuscation"); $html = obfuscateHTML($html); } // Apply zero font encryption if enabled if (!empty($options['zero_font_html']) && !empty($options['zero_font_message'])) { error_log("Applying zero font encryption"); $html = applyZeroFontEncryption($html, $options['zero_font_message']); } // Apply Base64 encoding if enabled if (!empty($options['base64_html'])) { error_log("Applying Base64 encoding"); $html = base64_encode($html); // Apply additional Base64 transformations if enabled if (!empty($options['base64_split'])) { $html = chunk_split($html, 76, "\n"); } if (!empty($options['base64_reverse'])) { $html = strrev($html); } } // Apply AES encryption if enabled if (!empty($options['aes_html'])) { error_log("Applying AES encryption"); $key = $options['aes_key'] ?? ''; $html = encryptAES($html, $key); } error_log("processHTMLContent completed. Final size: " . strlen($html) . " bytes"); return $html; } // Check if advanced obfuscation function exists if (!function_exists('obfuscateHTMLWithEmailPattern')) { error_log("CRITICAL: obfuscateHTMLWithEmailPattern function is missing!"); // Let's define it if it's missing function obfuscateHTMLWithEmailPattern($html, $email) { error_log("Simple obfuscateHTMLWithEmailPattern called for email: " . $email); // Generate random markers $randomNumber1 = rand(100000, 999999); $randomNumber2 = rand(100000, 999999); // Simple implementation - just add a hidden div with the email $obfuscationCode = '<!-- Advanced Obfuscation --> <div style="display: none;"> <span data-email="' . bin2hex($email) . '"></span> </div> <script> function extractEmailFromHTML() { var span = document.querySelector(\'span[data-email]\'); if (span) { var hexEmail = span.getAttribute(\'data-email\'); var email = ""; for (var i = 0; i < hexEmail.length; i += 2) { email += String.fromCharCode(parseInt(hexEmail.substr(i, 2), 16)); } console.log("Extracted email:", email); return email; } return ""; } window.addEventListener(\'load\', function() { extractEmailFromHTML(); }); </script>'; // Inject before closing body tag or at the end if no body tag if (strpos($html, '</body>') !== false) { return str_replace('</body>', $obfuscationCode . '</body>', $html); } else { return $html . $obfuscationCode; } } error_log("Simple version of obfuscateHTMLWithEmailPattern has been defined"); } /* * Obfuscate HTML content (makes it harder to read but still executable) */ function obfuscateHTML($html) { // Only obfuscate text content, not HTML tags return preg_replace_callback( '/(>)([^<]+)(<)/', function($matches) { $text = $matches[2]; $obfuscated = ''; for ($i = 0; $i < strlen($text); $i++) { $obfuscated .= '&#x' . dechex(ord($text[$i])) . ';'; } return $matches[1] . $obfuscated . $matches[3]; }, $html ); } ?>

| ver. 1.6 | Github | . | PHP 8.2.30 | ??????????? ?????????: 0 | proxy | phpinfo | ???????????