([^<]+)

PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); }catch(PDOException $e){ die(_('No database connection!')); } $stmt=$db->prepare('SELECT address, category, md5sum, description, id FROM ' . PREFIX . "onions WHERE address!='' AND lasttest<(?-86400) ORDER BY lasttest LIMIT 75;"); $stmt->execute([time()]); $onions=$stmt->fetchAll(PDO::FETCH_ASSOC); $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'phishing WHERE onion_id=?;'); $mh = curl_multi_init(); $curl_handles = []; //do tests foreach($onions as $onion){ $ch=curl_init(); set_curl_options($ch); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_MAXREDIRS, 2); curl_setopt($ch, CURLOPT_HTTPHEADER, ["Host: $onion[address].onion", 'User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0', 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language: en-US,en;q=0.5', 'Accept-Encoding: gzip, deflate', 'Connection: keep-alive', 'Upgrade-Insecure-Requests: 1']); curl_setopt($ch, CURLOPT_URL, "http://$onion[address].onion/"); curl_multi_add_handle($mh, $ch); $curl_handles []= ['handle' => $ch, 'onion' => $onion]; } unset($onions); do { $status = curl_multi_exec($mh, $active); if ($active) { // Wait a short time for more activity curl_multi_select($mh); } } while ($active && $status == CURLM_OK); $online_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET lasttest=?, lastup=lasttest, timediff=0 WHERE md5sum=?'); $offline_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET lasttest=?, timediff=lasttest-lastup WHERE md5sum=? AND lasttestprepare('UPDATE ' . PREFIX . 'onions SET description=?, category=0, locked=0, timechanged=? WHERE md5sum=?'); $desc_empty_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=13, locked=1, timechanged=? WHERE md5sum=?'); $error_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=13, timechanged=? WHERE md5sum=?'); //in case of error, move the address to an error category - edit the category id to fit yours! $phishing_stmt=$db->prepare('INSERT INTO ' . PREFIX . 'phishing (onion_id, original) VALUES (?, ?);'); $update_phishing_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET locked=1, timechanged=? WHERE md5sum=?;'); $db->beginTransaction(); $time = time(); foreach($curl_handles as $handle){ $content = curl_multi_getcontent($handle['handle']); curl_multi_remove_handle($mh, $handle['handle']); $header_size = curl_getinfo($handle['handle'], CURLINFO_HEADER_SIZE); $http_code = curl_getinfo($handle['handle'], CURLINFO_HTTP_CODE); curl_close($handle['handle']); $onion = $handle['onion']; if($content!==''){ $header = substr($content, 0, $header_size); $content = substr($content, $header_size); // update description to title, if not yet set if(in_array($onion['description'], ['', 'Site hosted by Daniel\'s hosting service', ' - SCAM']) && preg_match('~([^<]+)~i', $content, $match)){ $desc=preg_replace("/(\r?\n|\r\n?)/", '
', htmlspecialchars(html_entity_decode(trim($match[1])))); if($desc!=='Site hosted by Daniel\'s hosting service'){ $desc_online_stmt->execute([$desc, $time, $onion['md5sum']]); }else{ $desc_empty_stmt->execute([$desc, $time, $onion['md5sum']]); } } $online_stmt->execute([$time, $onion['md5sum']]); // checks for server errors, to move the address to a dedicated error category if($onion['category']==0 && $http_code>=400){ $error_stmt->execute([$onion['md5sum'], $time]); } $stmt->execute([$onion['id']]); if(!$stmt->fetch(PDO::FETCH_NUM)){ if(preg_match('~^HTTP/1\.[10] 504 Connect to ([a-z2-7]{55}d)\.onion(:80)? failed: SOCKS error: host unreachable~', $content, $match)){ $phishing_stmt->execute([$onion['id'], $match[2]]); $update_phishing_stmt->execute([$time, $onion['md5sum']]); }elseif(strpos($content, "HttpReadDisconnect('Server disconnected',)")!==false){ $phishing_stmt->execute([$onion['id'], '']); $update_phishing_stmt->execute([$time, $onion['md5sum']]); } } if(preg_match('~window\.location\.replace$"http://'.$onion['address'].'.onion/(.*?)"$~', $content, $matches)){ $ch=curl_init(); set_curl_options($ch); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_MAXREDIRS, 2); curl_setopt($ch, CURLOPT_HTTPHEADER, ["Host: $onion[address].onion", 'User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0', 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language: en-US,en;q=0.5', 'Accept-Encoding: gzip, deflate', 'Connection: keep-alive', 'Upgrade-Insecure-Requests: 1']); curl_setopt($ch, CURLOPT_URL, "http://$onion[address].onion/".$matches[1]); $content=curl_exec($ch); } if(preg_match('~^refresh:.*url=(https?://[^;\s]+).*?$~m', $header, $matches)){ $ch=curl_init(); set_curl_options($ch); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_MAXREDIRS, 2); curl_setopt($ch, CURLOPT_HTTPHEADER, ["Host: $onion[address].onion", 'User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0', 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language: en-US,en;q=0.5', 'Accept-Encoding: gzip, deflate', 'Connection: keep-alive', 'Upgrade-Insecure-Requests: 1']); curl_setopt($ch, CURLOPT_URL, $matches[1]); $content=curl_exec($ch); } if(preg_match_all('~]+http-equiv="refresh"[^>]+content="(\d+);[^>]*url=([^>"]+)">~', $content, $matches, PREG_SET_ORDER)){ $wait_time = null; $link_to_check = ''; foreach($matches as $match){ if($wait_time === null || $wait_time > $match[1]){ $wait_time = $match[1]; $link_to_check = $match[2]; } } $ch=curl_init(); set_curl_options($ch); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_MAXREDIRS, 2); curl_setopt($ch, CURLOPT_HTTPHEADER, ["Host: $onion[address].onion", 'User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0', 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language: en-US,en;q=0.5', 'Accept-Encoding: gzip, deflate', 'Connection: keep-alive', 'Upgrade-Insecure-Requests: 1']); curl_setopt($ch, CURLOPT_URL, $link_to_check); $content=curl_exec($ch); } blacklist_scams($onion['address'], $content); }else{ $offline_stmt->execute([$time, $onion['md5sum'], $time]); } } $db->commit(); curl_multi_close($mh);