@@ -7,43 +7,43 @@ |
||
7 | 7 | ******************************************************************************/ |
8 | 8 | |
9 | 9 | $toolList = array( |
10 | - 'tparis-pcount' => '//tools.wmflabs.org/supercount/index.php?user=%DATA%&project=en.wikipedia', |
|
11 | - 'luxo-contributions' => '//tools.wmflabs.org/quentinv57-tools/tools/globalcontribs.php?username=%DATA%', |
|
12 | - 'guc' => '//tools.wmflabs.org/guc/?user=%DATA%', |
|
13 | - 'oq-whois' => 'https://whois.domaintools.com/%DATA%', |
|
10 | + 'tparis-pcount' => '//tools.wmflabs.org/supercount/index.php?user=%DATA%&project=en.wikipedia', |
|
11 | + 'luxo-contributions' => '//tools.wmflabs.org/quentinv57-tools/tools/globalcontribs.php?username=%DATA%', |
|
12 | + 'guc' => '//tools.wmflabs.org/guc/?user=%DATA%', |
|
13 | + 'oq-whois' => 'https://whois.domaintools.com/%DATA%', |
|
14 | 14 | 'tl-whois' => 'https://tools.wmflabs.org/whois/gateway.py?lookup=true&ip=%DATA%', |
15 | - 'sulutil' => '//tools.wmflabs.org/quentinv57-tools/tools/sulinfo.php?showinactivity=1&showblocks=1&username=%DATA%', |
|
16 | - 'google' => 'https://www.google.com/search?q=%DATA%', |
|
17 | - 'domain' => 'http://%DATA%/', |
|
15 | + 'sulutil' => '//tools.wmflabs.org/quentinv57-tools/tools/sulinfo.php?showinactivity=1&showblocks=1&username=%DATA%', |
|
16 | + 'google' => 'https://www.google.com/search?q=%DATA%', |
|
17 | + 'domain' => 'http://%DATA%/', |
|
18 | 18 | ); |
19 | 19 | |
20 | 20 | if (!isset($_GET['tool']) |
21 | - || !isset($toolList[$_GET['tool']]) |
|
22 | - || !isset($_GET['data']) |
|
21 | + || !isset($toolList[$_GET['tool']]) |
|
22 | + || !isset($_GET['data']) |
|
23 | 23 | ) { |
24 | - header("HTTP/1.1 403 Forbidden"); |
|
24 | + header("HTTP/1.1 403 Forbidden"); |
|
25 | 25 | |
26 | - return; |
|
26 | + return; |
|
27 | 27 | } |
28 | 28 | |
29 | 29 | if (isset($_GET['round2'])) { |
30 | - $data = $_GET['data']; |
|
31 | - $tool = $_GET['tool']; |
|
30 | + $data = $_GET['data']; |
|
31 | + $tool = $_GET['tool']; |
|
32 | 32 | |
33 | - if ($tool === 'domain') { |
|
34 | - // quick security check - if you want to exploit something, you better be sure your exploit resolves via dns. |
|
35 | - // this is not intended to catch everything, just as a quick sanity check. |
|
36 | - if (gethostbyname($data) == $data) { |
|
37 | - echo 'Error resolving hostname, it doesn\'t look like this domain exists.'; |
|
38 | - die(); |
|
39 | - } |
|
40 | - } |
|
41 | - else { |
|
42 | - $data = htmlentities($data, ENT_COMPAT, 'UTF-8'); |
|
43 | - } |
|
33 | + if ($tool === 'domain') { |
|
34 | + // quick security check - if you want to exploit something, you better be sure your exploit resolves via dns. |
|
35 | + // this is not intended to catch everything, just as a quick sanity check. |
|
36 | + if (gethostbyname($data) == $data) { |
|
37 | + echo 'Error resolving hostname, it doesn\'t look like this domain exists.'; |
|
38 | + die(); |
|
39 | + } |
|
40 | + } |
|
41 | + else { |
|
42 | + $data = htmlentities($data, ENT_COMPAT, 'UTF-8'); |
|
43 | + } |
|
44 | 44 | |
45 | - echo '<script>window.location.href="' . str_replace("%DATA%", $data, $toolList[$tool]) . '"</script>'; |
|
45 | + echo '<script>window.location.href="' . str_replace("%DATA%", $data, $toolList[$tool]) . '"</script>'; |
|
46 | 46 | } |
47 | 47 | else { |
48 | - header("Location: " . $_SERVER["REQUEST_URI"] . "&round2=true"); |
|
48 | + header("Location: " . $_SERVER["REQUEST_URI"] . "&round2=true"); |
|
49 | 49 | } |