mirror of
https://github.com/flucont/btcloud.git
synced 2025-10-15 15:20:24 +00:00
Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
79fddbb943 | ||
|
|
f81cd68e80 | ||
|
|
4c76ec2056 | ||
|
|
ef99d79f1a |
@@ -185,3 +185,43 @@ function errorlog($msg){
|
||||
fwrite($handle, date('Y-m-d H:i:s')."\t".$msg."\r\n");
|
||||
fclose($handle);
|
||||
}
|
||||
|
||||
function licenseEncrypt($data, $key){
|
||||
$iv = substr($key, 0, 16);
|
||||
return openssl_encrypt($data, 'AES-256-CBC', $key, 0, $iv);
|
||||
}
|
||||
|
||||
function licenseDecrypt($data, $key){
|
||||
$iv = substr($key, 0, 16);
|
||||
return openssl_decrypt($data, 'AES-256-CBC', $key, 0, $iv);
|
||||
}
|
||||
|
||||
function generateKeyPairs(){
|
||||
$pkey_dir = app()->getRootPath().'data/config/';
|
||||
$public_key_path = $pkey_dir.'public_key.pem';
|
||||
$private_key_path = $pkey_dir.'private_key.pem';
|
||||
if(file_exists($public_key_path) && file_exists($private_key_path)){
|
||||
return [file_get_contents($public_key_path), file_get_contents($private_key_path)];
|
||||
}
|
||||
$pkey_config = ['private_key_bits'=>4096];
|
||||
$pkey_res = openssl_pkey_new($pkey_config);
|
||||
$private_key = '';
|
||||
openssl_pkey_export($pkey_res, $private_key, null, $pkey_config);
|
||||
$pkey_details = openssl_pkey_get_details($pkey_res);
|
||||
if(!$pkey_details) return false;
|
||||
$public_key = $pkey_details['key'];
|
||||
file_put_contents($public_key_path, $public_key);
|
||||
file_put_contents($private_key_path, $private_key);
|
||||
return [$public_key, $private_key];
|
||||
}
|
||||
|
||||
function pemToBase64($pem){
|
||||
$lines = explode("\n", $pem);
|
||||
$encoded = '';
|
||||
foreach ($lines as $line) {
|
||||
if (trim($line) != '' && strpos($line, '-----BEGIN') === false && strpos($line, '-----END') === false) {
|
||||
$encoded .= trim($line);
|
||||
}
|
||||
}
|
||||
return $encoded;
|
||||
}
|
||||
@@ -213,6 +213,17 @@ class Api extends BaseController
|
||||
return json($data);
|
||||
}
|
||||
|
||||
//宝塔云WAF最新版本
|
||||
public function btwaf_latest_version(){
|
||||
$data = [
|
||||
'version' => '2.5',
|
||||
'description' => '暂无更新日志',
|
||||
'create_time' => 1701252997,
|
||||
];
|
||||
$data = bin2hex(json_encode($data));
|
||||
return json(['status'=>true,'err_no'=>0,'msg'=>'获取成功','data'=>$data]);
|
||||
}
|
||||
|
||||
//获取内测版更新日志
|
||||
public function get_beta_logs(){
|
||||
return json(['beta_ps'=>'当前暂无内测版', 'list'=>[]]);
|
||||
@@ -275,35 +286,67 @@ class Api extends BaseController
|
||||
|
||||
//绑定账号
|
||||
public function get_auth_token(){
|
||||
if(!$_POST['data']) return json(['status'=>false, 'msg'=>'参数不能为空']);
|
||||
$reqData = hex2bin($_POST['data']);
|
||||
if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
|
||||
$reqData = hex2bin(input('post.data'));
|
||||
parse_str($reqData, $arr);
|
||||
$serverid = $arr['serverid'];
|
||||
$userinfo = ['uid'=>1, 'username'=>'Administrator', 'address'=>'127.0.0.1', 'serverid'=>$serverid, 'access_key'=>random(32), 'secret_key'=>random(48), 'ukey'=>md5(time()), 'state'=>1];
|
||||
$data = bin2hex(urlencode(json_encode($userinfo)));
|
||||
$userinfo = ['uid'=>1, 'username'=>'Administrator', 'address'=>'127.0.0.1', 'serverid'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48), 'ukey'=>md5(time()), 'state'=>1];
|
||||
$data = bin2hex(json_encode($userinfo));
|
||||
return json(['status'=>true, 'msg'=>'登录成功!', 'data'=>$data]);
|
||||
}
|
||||
|
||||
//绑定账号新
|
||||
public function authorization_login(){
|
||||
if(!$_POST['data']) return json(['status'=>false, 'msg'=>'参数不能为空']);
|
||||
$reqData = hex2bin($_POST['data']);
|
||||
if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
|
||||
$reqData = hex2bin(input('post.data'));
|
||||
parse_str($reqData, $arr);
|
||||
$serverid = $arr['serverid'];
|
||||
$userinfo = ['uid'=>1, 'username'=>'Administrator', 'ip'=>'127.0.0.1', 'server_id'=>$serverid, 'access_key'=>random(32), 'secret_key'=>random(48)];
|
||||
$data = bin2hex(urlencode(json_encode($userinfo)));
|
||||
return json(['status'=>true, 'msg'=>'登录成功!', 'data'=>$data]);
|
||||
$userinfo = ['uid'=>1, 'username'=>'Administrator', 'ip'=>'127.0.0.1', 'server_id'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48)];
|
||||
$data = bin2hex(json_encode($userinfo));
|
||||
return json(['status'=>true, 'err_no'=>0, 'msg'=>'账号绑定成功', 'data'=>$data]);
|
||||
}
|
||||
|
||||
//刷新授权信息
|
||||
public function authorization_info(){
|
||||
if(!$_POST['data']) return json(['status'=>false, 'msg'=>'参数不能为空']);
|
||||
$reqData = hex2bin($_POST['data']);
|
||||
if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
|
||||
$reqData = hex2bin(input('post.data'));
|
||||
parse_str($reqData, $arr);
|
||||
$id = isset($arr['id'])&&$arr['id']>0?$arr['id']:1;
|
||||
$userinfo = ['id'=>$id, 'product'=>$arr['product'], 'status'=>2, 'clients'=>9999, 'durations'=>0, 'end_time'=>strtotime('+10 year')];
|
||||
$data = bin2hex(urlencode(json_encode($userinfo)));
|
||||
return json(['status'=>true, 'data'=>$data]);
|
||||
$data = bin2hex(json_encode($userinfo));
|
||||
return json(['status'=>true, 'err_no'=>0, 'data'=>$data]);
|
||||
}
|
||||
|
||||
//刷新授权信息
|
||||
public function update_license(){
|
||||
if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
|
||||
$reqData = hex2bin(input('post.data'));
|
||||
parse_str($reqData, $arr);
|
||||
if(!isset($arr['product']) || !isset($arr['serverid'])) return json(['status'=>false, 'msg'=>'缺少参数']);
|
||||
|
||||
$license_data = ['product'=>$arr['product'], 'uid'=>random(32), 'phone'=>'138****8888', 'auth_id'=>random(32), 'server_id'=>substr($arr['serverid'], 0, 32), 'auth'=>['apis'=>[], 'menu'=>[], 'extra'=>['type'=>3,'location'=>-1,'smart_cc'=>-1,'site'=>0]], 'pages'=>[], 'end_time'=>strtotime('+10 year')];
|
||||
$json = json_encode($license_data);
|
||||
|
||||
[$public_key, $private_key] = generateKeyPairs();
|
||||
$public_key = pemToBase64($public_key);
|
||||
|
||||
$key1 = random(32);
|
||||
$key2 = substr($public_key, 0, 32);
|
||||
$encrypted1 = licenseEncrypt($json, $key1);
|
||||
$encrypted2 = licenseEncrypt($key1, $key2);
|
||||
$sign_data = $encrypted1.'.'.$encrypted2;
|
||||
openssl_sign($sign_data, $signature, $private_key, OPENSSL_ALGO_SHA256);
|
||||
$signature = base64_encode($signature);
|
||||
|
||||
$license = base64_encode($sign_data.'.'.$signature);
|
||||
$data = bin2hex(json_encode(['public_key'=>$public_key, 'license'=>$license]));
|
||||
return json(['status'=>true, 'err_no'=>0, 'msg'=>'授权获取成功', 'data'=>$data]);
|
||||
}
|
||||
|
||||
public function is_obtained_btw_trial(){
|
||||
$data = ['is_obtained'=>0];
|
||||
$data = bin2hex(json_encode($data));
|
||||
return json(['status'=>true, 'err_no'=>0, 'data'=>$data, 'msg'=>'检测成功']);
|
||||
}
|
||||
|
||||
//一键部署列表
|
||||
@@ -344,6 +387,7 @@ class Api extends BaseController
|
||||
return json(['page'=>"<div><span class='Pcurrent'>1</span><span class='Pnumber'>1/0</span><span class='Pline'>从1-1000条</span><span class='Pcount'>共计0条数据</span></div>", 'data'=>[]]);
|
||||
}
|
||||
|
||||
//获取所有蜘蛛IP列表
|
||||
public function btwaf_getspiders(){
|
||||
try{
|
||||
$result = Plugins::btwaf_getspiders();
|
||||
@@ -353,6 +397,14 @@ class Api extends BaseController
|
||||
}
|
||||
}
|
||||
|
||||
//分类获取蜘蛛IP列表
|
||||
public function get_spider(){
|
||||
$type = input('get.spider/d');
|
||||
if(!$type) return json([]);
|
||||
$result = Plugins::get_spider($type);
|
||||
return json($result);
|
||||
}
|
||||
|
||||
//检查黑白名单
|
||||
private function checklist(){
|
||||
if(config_get('whitelist') == 1){
|
||||
@@ -391,4 +443,16 @@ class Api extends BaseController
|
||||
fclose($handle);
|
||||
exit;
|
||||
}
|
||||
|
||||
public function logerror(){
|
||||
$content = date('Y-m-d H:i:s')."\r\n";
|
||||
$content.=$_SERVER['REQUEST_METHOD'].' '.$_SERVER['REQUEST_URI']."\r\n";
|
||||
if($_SERVER['REQUEST_METHOD'] == 'POST'){
|
||||
$content.=file_get_contents('php://input')."\r\n";
|
||||
}
|
||||
$handle = fopen(app()->getRootPath()."record.txt", 'a');
|
||||
fwrite($handle, $content."\r\n");
|
||||
fclose($handle);
|
||||
return json(['status'=>false, 'msg'=>'不支持当前操作']);
|
||||
}
|
||||
}
|
||||
@@ -151,4 +151,18 @@ class Plugins
|
||||
return $result;
|
||||
}
|
||||
|
||||
//分类获取蜘蛛IP列表
|
||||
public static function get_spider($type){
|
||||
$result = cache('get_spider_'.$type);
|
||||
if($result){
|
||||
return $result;
|
||||
}
|
||||
$url = 'https://www.bt.cn/api/panel/get_spider?spider='.$type;
|
||||
$data = get_curl($url);
|
||||
$result = json_decode($data, true);
|
||||
if(!$result) return [];
|
||||
cache('get_spider_'.$type, $result, 3600 * 24);
|
||||
return $result;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -806,6 +806,7 @@ Set_Bt_Panel(){
|
||||
/www/server/panel/pyenv/bin/pip3 install flask -U
|
||||
/www/server/panel/pyenv/bin/pip3 install flask-sock
|
||||
btpip install simple-websocket==0.10.0
|
||||
btpip install natsort
|
||||
auth_path=$(cat ${admin_auth})
|
||||
cd ${setup_path}/server/panel/
|
||||
if [ "$SET_SSL" == true ]; then
|
||||
|
||||
Binary file not shown.
Binary file not shown.
@@ -71,7 +71,7 @@ rm -f /www/server/panel/*.pyc
|
||||
rm -f /www/server/panel/class/*.pyc
|
||||
#pip install flask_sqlalchemy
|
||||
#pip install itsdangerous==0.24
|
||||
|
||||
btpip install natsort
|
||||
pip_list=$($mypip list)
|
||||
request_v=$(btpip list 2>/dev/null|grep "requests "|awk '{print $2}'|cut -d '.' -f 2)
|
||||
if [ "$request_v" = "" ] || [ "${request_v}" -gt "28" ];then
|
||||
|
||||
@@ -17,11 +17,17 @@ Route::post('/Auth/GetAuthToken', 'api/get_auth_token');
|
||||
Route::post('/Auth/GetBindCode', 'api/return_error');
|
||||
Route::any('/bt_monitor/update_history', 'api/btm_update_history');
|
||||
Route::any('/bt_monitor/latest_version', 'api/btm_latest_version');
|
||||
Route::any('/bt_waf/get_malicious_ip', 'api/get_ssl_list');
|
||||
Route::any('/bt_waf/daily_count_v2', 'api/get_ssl_list');
|
||||
Route::any('/bt_waf/latest_version', 'api/btwaf_latest_version');
|
||||
|
||||
Route::group('authorization', function () {
|
||||
Route::post('/login', 'api/authorization_login');
|
||||
Route::post('/info', 'api/authorization_info');
|
||||
Route::post('/info_v2', 'api/authorization_info');
|
||||
Route::post('/update_license', 'api/update_license');
|
||||
Route::post('/get_unactivated_licenses', 'api/get_ssl_list');
|
||||
Route::post('/is_obtained_btw_trial', 'api/is_obtained_btw_trial');
|
||||
Route::miss('api/return_error');
|
||||
});
|
||||
|
||||
@@ -43,6 +49,7 @@ Route::group('api', function () {
|
||||
Route::get('/index/get_win_date', 'api/get_win_date');
|
||||
Route::get('/panel/is_pro', 'api/is_pro');
|
||||
Route::get('/getIpAddress', 'api/get_ip_address');
|
||||
Route::get('/GetAD', 'api/return_empty');
|
||||
Route::post('/Auth/GetAuthToken', 'api/get_auth_token');
|
||||
Route::post('/Auth/GetBindCode', 'api/return_error');
|
||||
Route::post('/Auth/GetSSLList', 'api/get_ssl_list');
|
||||
@@ -104,11 +111,13 @@ Route::group('api', function () {
|
||||
Route::get('/wpanel/get_beta_logs', 'api/get_beta_logs');
|
||||
|
||||
Route::post('/v2/common_v1_authorization/get_pricing', 'api/return_error2');
|
||||
Route::post('/v2/common_v2_authorization/get_pricing', 'api/return_error2');
|
||||
|
||||
Route::any('/bt_waf/getSpiders', 'api/btwaf_getspiders');
|
||||
Route::post('/bt_waf/addSpider', 'api/return_empty');
|
||||
Route::post('/bt_waf/getVulScanInfoList', 'api/return_empty');
|
||||
Route::post('/bt_waf/reportInterceptFail', 'api/return_empty');
|
||||
Route::any('/panel/get_spider', 'api/get_spider');
|
||||
|
||||
Route::miss('api/return_error');
|
||||
});
|
||||
|
||||
@@ -63,6 +63,31 @@ if("undefined" != typeof bt && bt.hasOwnProperty("compute_confirm")){
|
||||
});
|
||||
}
|
||||
}
|
||||
if("undefined" != typeof bt && bt.hasOwnProperty("input_confirm")){
|
||||
bt.input_confirm = function (config, callback) {
|
||||
layer.open({
|
||||
type: 1,
|
||||
title: config.title,
|
||||
area: '430px',
|
||||
closeBtn: 2,
|
||||
shadeClose: true,
|
||||
btn: [lan['public'].ok, lan['public'].cancel],
|
||||
content:
|
||||
'<div class="bt-form hint_confirm pd30">\
|
||||
<div class="hint_title">\
|
||||
<i class="hint-confirm-icon"></i>\
|
||||
<div class="hint_con">' +
|
||||
config.msg +
|
||||
'</div>\
|
||||
</div>\
|
||||
</div>',
|
||||
yes: function (layers, index) {
|
||||
layer.close(layers);
|
||||
if (callback) callback();
|
||||
},
|
||||
});
|
||||
}
|
||||
}
|
||||
if("undefined" != typeof database && database.hasOwnProperty("del_database")){
|
||||
database.del_database = function (wid, dbname, obj, callback) {
|
||||
var is_db_type = false, del_data = []
|
||||
|
||||
@@ -57,8 +57,6 @@
|
||||
__set_pyenv方法内,temp_file = public.readFile(filename)这行代码下面加上
|
||||
|
||||
```python
|
||||
temp_file = temp_file.replace('wget -O Tpublic.sh', '#wget -O Tpublic.sh')
|
||||
temp_file = temp_file.replace('\cp -rpa Tpublic.sh', '#\cp -rpa Tpublic.sh')
|
||||
temp_file = temp_file.replace('http://download.bt.cn/install/public.sh', 'http://www.example.com/install/public.sh')
|
||||
temp_file = temp_file.replace('https://download.bt.cn/install/public.sh', 'http://www.example.com/install/public.sh')
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user