flashwave/_utils.php

## _utils.php
<?php
function WriteLine($txt = "")
{
    echo "{$txt}\n";
}

function WriteParam($name, $value)
{
    WriteLine("{$name}:\t{$value}");
}

function DNVtoTime($dnv)
{
    $time = 946684800;
    $time += $dnv[3] * 60 * 60 * 24;
    $time += $dnv[4] * 2;
    return $time;
}

function CreateZip($file)
{
    $arc = new ZipArchive();
    $arc->open($file . '.zip', ZipArchive::CREATE | ZipArchive::OVERWRITE);
    $arc->addFile($file);
    $arc->close();
}

function CreateGZ($file, $level = 9)
{
    $dest = $file . '.gz';
    $mode = 'wb' . $level;

    touch($dest);

    $gz = gzopen($dest, $mode);

    if ($gz === false) {
        return;
    }

    $data = fopen($file, 'rb');

    if ($data !== false) {
        while (!feof($data)) {
            gzwrite($gz, fread($data, 1024 * 512));
        }

        fclose($data);
    }

    gzclose($gz);
}

function GetDotNetVersion($FileName)
{
    $handle = fopen($FileName, 'rb');
    if (!$handle) {
        return false;
    }

    $Header = fread($handle, 64);
    if (substr($Header, 0, 2) != 'MZ') {
        return false;
    }

    $PEOffset = unpack("V", substr($Header, 60, 4));
    if ($PEOffset[1] < 64) {
        return false;
    }

    fseek($handle, $PEOffset[1], SEEK_SET);
    $Header = fread($handle, 24);
    if (substr($Header, 0, 2) != 'PE') {
        return false;
    }

    $Machine = unpack("v", substr($Header, 4, 2));
    if ($Machine[1] != 332) {
        return false;
    }

    $NoSections = unpack("v", substr($Header, 6, 2));
    $OptHdrSize = unpack("v", substr($Header, 20, 2));
    fseek($handle, $OptHdrSize[1], SEEK_CUR);
    $ResFound = false;
    for ($x = 0; $x < $NoSections[1]; $x++) {
        //$x fixed here
        $SecHdr = fread($handle, 40);
        if (substr($SecHdr, 0, 5) == '.rsrc') {
            //resource section
            $ResFound = true;
            break;
        }
    }
    if (!$ResFound) {
        return false;
    }

    $InfoVirt = unpack("V", substr($SecHdr, 12, 4));
    $InfoSize = unpack("V", substr($SecHdr, 16, 4));
    $InfoOff = unpack("V", substr($SecHdr, 20, 4));
    fseek($handle, $InfoOff[1], SEEK_SET);
    $Info = fread($handle, $InfoSize[1]);
    $NumDirs = unpack("v", substr($Info, 14, 2));
    $InfoFound = false;
    for ($x = 0; $x < $NumDirs[1]; $x++) {
        $Type = unpack("V", substr($Info, ($x * 8) + 16, 4));
        if ($Type[1] == 16) {
            //FILEINFO resource
            $InfoFound = true;
            $SubOff = unpack("V", substr($Info, ($x * 8) + 20, 4));
            break;
        }
    }
    if (!$InfoFound) {
        return false;
    }

    $SubOff[1] &= 0x7fffffff;
    $InfoOff = unpack("V", substr($Info, $SubOff[1] + 20, 4)); //offset of first FILEINFO
    $InfoOff[1] &= 0x7fffffff;
    $InfoOff = unpack("V", substr($Info, $InfoOff[1] + 20, 4)); //offset to data
    $DataOff = unpack("V", substr($Info, $InfoOff[1], 4));
    $DataSize = unpack("V", substr($Info, $InfoOff[1] + 4, 4));
    $CodePage = unpack("V", substr($Info, $InfoOff[1] + 8, 4));
    $DataOff[1] -= $InfoVirt[1];
    $Version = unpack("v4", substr($Info, $DataOff[1] + 48, 8));
    $x = $Version[2];
    $Version[2] = $Version[1];
    $Version[1] = $x;
    $x = $Version[4];
    $Version[4] = $Version[3];
    $Version[3] = $x;
    return $Version;
}

## check.php
<?php
if (isset($_GET['f']) && $_GET['f'] === 'TestClient.exe') {
    die('3');
}

die('2');

## check2.php
<?php
$package = $_GET['p'] ?? null;

if ($package == null
    || !ctype_alnum($package)
    || !file_exists($package)
    || !is_dir($package)) {
    die('1');
}

chdir($package);

if (!isset($_GET['f']) || !in_array($_GET['f'], glob('*'))) {
    die('1');
}

if (isset($_GET['h']) && strtolower(sha1_file($_GET['f'])) === $_GET['h']) {
    die('2');
}

die('3');

## check3.php
<?php
//ini_set('display_errors', 'On');
//error_reporting(-1);

define('AUTO_GEN_ARCH', true);
define('ENABLE_ZIP', false);
define('ENABLE_GZ', true);
define('RETURN_VERSION', false);

require_once '_utils.php';

header('Content-Type: text/plain; charset=utf-8');

define('NO_ERR', 0);
define('ERR_NO_PACKAGE', 1);
define('ERR_INVALID_PACKAGE', 2);

$path_info = explode('/', trim($_SERVER['PATH_INFO'], '/'));
$package = $path_info[0] ?? "";
$stream = $path_info[1] ?? "Default";

if (strlen($package) < 1) {
    WriteLine(ERR_NO_PACKAGE);
    return;
}

if (!ctype_alnum($package) || !file_exists($package) || !is_dir($package)) {
    WriteLine(ERR_INVALID_PACKAGE);
    return;
}

chdir($package);

WriteLine(NO_ERR);
WriteParam("Package", $package);
WriteParam("Release Stream", $stream);
WriteParam("Download", 'http' . (empty($_SERVER['HTTPS']) ? '' : 's') . "://home.flash.moe/upd/{$package}/");
WriteParam("Requested", date("r"));

$files = glob('*', GLOB_BRACE);

foreach ($files as $file) {
    $zip_file = "$file.zip";
    $gzip_file = "$file.gz";
    $pathinfo = pathinfo($file);

    if (file_exists($pathinfo['filename']))
        continue;

    if (AUTO_GEN_ARCH) {
        if (ENABLE_ZIP && !file_exists($zip_file))
            CreateZip($file);

        if (ENABLE_GZ && !file_exists($gzip_file))
            CreateGZ($file);
    }

    if (RETURN_VERSION) {
        $dnv = GetDotNetVersion($file);
        $version = implode('.', $dnv);
        $buildDate = RETURN_VERSION ? DNVtoTime($dnv) : 0;
    }

    $sha = hash('sha256', file_get_contents($file));
    $file_size = filesize($file);
    $zip_size = file_exists($zip_file) ? filesize($zip_file) : 0;
    $gz_size = file_exists($gzip_file) ? filesize($gzip_file) : 0;

    WriteLine();
    WriteParam("Filename", $file);
    WriteParam("File Size", $file_size);
    WriteParam("File SHA256", $sha);

    if (RETURN_VERSION && $version)
        WriteParam("Version", $version);

    if ($zip_size > 0) {
        $zip_hash = hash('sha256', file_get_contents($zip_file));
        WriteParam("Zip Size", $zip_size);
        WriteParam("Zip SHA256", $zip_hash);
    }

    if ($gz_size > 0) {
        $gz_hash = hash('sha256', file_get_contents($gzip_file));
        WriteParam("GZip Size", $gz_size);
        WriteParam("GZip SHA256", $gz_hash);
    }

    if (RETURN_VERSION && $buildDate > 1417305600)
        WriteParam("Build Date", date("r", $buildDate));
}

## updater.php
<?php
$path_info = explode('/', trim($_SERVER['PATH_INFO'], '/'));
$package = $path_info[0] ?? "";
$stream = $path_info[1] ?? "";

if (strlen($package) < 1 || !ctype_alnum($package) || !file_exists($package) || !is_dir($package)) {
    return;
}

$filename = $package;

if (strlen($stream) > 1) {
    $filename .= ".{$stream}";
}

$filename .= ".exe";

header('Content-Type: application/octet-stream');
header("Content-Disposition: attachment; filename={$filename}");

echo file_get_contents('StandaloneUpdater.exe');
	<?php
	function WriteLine($txt = "")
	{
	echo "{$txt}\n";
	}

	function WriteParam($name, $value)
	{
	WriteLine("{$name}:\t{$value}");
	}

	function DNVtoTime($dnv)
	{
	$time = 946684800;
	$time += $dnv[3] * 60 * 60 * 24;
	$time += $dnv[4] * 2;
	return $time;
	}

	function CreateZip($file)
	{
	$arc = new ZipArchive();
	$arc->open($file . '.zip', ZipArchive::CREATE \| ZipArchive::OVERWRITE);
	$arc->addFile($file);
	$arc->close();
	}

	function CreateGZ($file, $level = 9)
	{
	$dest = $file . '.gz';
	$mode = 'wb' . $level;

	touch($dest);

	$gz = gzopen($dest, $mode);

	if ($gz === false) {
	return;
	}

	$data = fopen($file, 'rb');

	if ($data !== false) {
	while (!feof($data)) {
	gzwrite($gz, fread($data, 1024 * 512));
	}

	fclose($data);
	}

	gzclose($gz);
	}

	function GetDotNetVersion($FileName)
	{
	$handle = fopen($FileName, 'rb');
	if (!$handle) {
	return false;
	}

	$Header = fread($handle, 64);
	if (substr($Header, 0, 2) != 'MZ') {
	return false;
	}

	$PEOffset = unpack("V", substr($Header, 60, 4));
	if ($PEOffset[1] < 64) {
	return false;
	}

	fseek($handle, $PEOffset[1], SEEK_SET);
	$Header = fread($handle, 24);
	if (substr($Header, 0, 2) != 'PE') {
	return false;
	}

	$Machine = unpack("v", substr($Header, 4, 2));
	if ($Machine[1] != 332) {
	return false;
	}

	$NoSections = unpack("v", substr($Header, 6, 2));
	$OptHdrSize = unpack("v", substr($Header, 20, 2));
	fseek($handle, $OptHdrSize[1], SEEK_CUR);
	$ResFound = false;
	for ($x = 0; $x < $NoSections[1]; $x++) {
	//$x fixed here
	$SecHdr = fread($handle, 40);
	if (substr($SecHdr, 0, 5) == '.rsrc') {
	//resource section
	$ResFound = true;
	break;
	}
	}
	if (!$ResFound) {
	return false;
	}

	$InfoVirt = unpack("V", substr($SecHdr, 12, 4));
	$InfoSize = unpack("V", substr($SecHdr, 16, 4));
	$InfoOff = unpack("V", substr($SecHdr, 20, 4));
	fseek($handle, $InfoOff[1], SEEK_SET);
	$Info = fread($handle, $InfoSize[1]);
	$NumDirs = unpack("v", substr($Info, 14, 2));
	$InfoFound = false;
	for ($x = 0; $x < $NumDirs[1]; $x++) {
	$Type = unpack("V", substr($Info, ($x * 8) + 16, 4));
	if ($Type[1] == 16) {
	//FILEINFO resource
	$InfoFound = true;
	$SubOff = unpack("V", substr($Info, ($x * 8) + 20, 4));
	break;
	}
	}
	if (!$InfoFound) {
	return false;
	}

	$SubOff[1] &= 0x7fffffff;
	$InfoOff = unpack("V", substr($Info, $SubOff[1] + 20, 4)); //offset of first FILEINFO
	$InfoOff[1] &= 0x7fffffff;
	$InfoOff = unpack("V", substr($Info, $InfoOff[1] + 20, 4)); //offset to data
	$DataOff = unpack("V", substr($Info, $InfoOff[1], 4));
	$DataSize = unpack("V", substr($Info, $InfoOff[1] + 4, 4));
	$CodePage = unpack("V", substr($Info, $InfoOff[1] + 8, 4));
	$DataOff[1] -= $InfoVirt[1];
	$Version = unpack("v4", substr($Info, $DataOff[1] + 48, 8));
	$x = $Version[2];
	$Version[2] = $Version[1];
	$Version[1] = $x;
	$x = $Version[4];
	$Version[4] = $Version[3];
	$Version[3] = $x;
	return $Version;
	}
	<?php
	if (isset($_GET['f']) && $_GET['f'] === 'TestClient.exe') {
	die('3');
	}

	die('2');
	<?php
	$package = $_GET['p'] ?? null;

	if ($package == null
	\|\| !ctype_alnum($package)
	\|\| !file_exists($package)
	\|\| !is_dir($package)) {
	die('1');
	}

	chdir($package);

	if (!isset($_GET['f']) \|\| !in_array($_GET['f'], glob('*'))) {
	die('1');
	}

	if (isset($_GET['h']) && strtolower(sha1_file($_GET['f'])) === $_GET['h']) {
	die('2');
	}

	die('3');
	<?php
	//ini_set('display_errors', 'On');
	//error_reporting(-1);

	define('AUTO_GEN_ARCH', true);
	define('ENABLE_ZIP', false);
	define('ENABLE_GZ', true);
	define('RETURN_VERSION', false);

	require_once '_utils.php';

	header('Content-Type: text/plain; charset=utf-8');

	define('NO_ERR', 0);
	define('ERR_NO_PACKAGE', 1);
	define('ERR_INVALID_PACKAGE', 2);

	$path_info = explode('/', trim($_SERVER['PATH_INFO'], '/'));
	$package = $path_info[0] ?? "";
	$stream = $path_info[1] ?? "Default";

	if (strlen($package) < 1) {
	WriteLine(ERR_NO_PACKAGE);
	return;
	}

	if (!ctype_alnum($package) \|\| !file_exists($package) \|\| !is_dir($package)) {
	WriteLine(ERR_INVALID_PACKAGE);
	return;
	}

	chdir($package);

	WriteLine(NO_ERR);
	WriteParam("Package", $package);
	WriteParam("Release Stream", $stream);
	WriteParam("Download", 'http' . (empty($_SERVER['HTTPS']) ? '' : 's') . "://home.flash.moe/upd/{$package}/");
	WriteParam("Requested", date("r"));

	$files = glob('*', GLOB_BRACE);

	foreach ($files as $file) {
	$zip_file = "$file.zip";
	$gzip_file = "$file.gz";
	$pathinfo = pathinfo($file);

	if (file_exists($pathinfo['filename']))
	continue;

	if (AUTO_GEN_ARCH) {
	if (ENABLE_ZIP && !file_exists($zip_file))
	CreateZip($file);

	if (ENABLE_GZ && !file_exists($gzip_file))
	CreateGZ($file);
	}

	if (RETURN_VERSION) {
	$dnv = GetDotNetVersion($file);
	$version = implode('.', $dnv);
	$buildDate = RETURN_VERSION ? DNVtoTime($dnv) : 0;
	}

	$sha = hash('sha256', file_get_contents($file));
	$file_size = filesize($file);
	$zip_size = file_exists($zip_file) ? filesize($zip_file) : 0;
	$gz_size = file_exists($gzip_file) ? filesize($gzip_file) : 0;

	WriteLine();
	WriteParam("Filename", $file);
	WriteParam("File Size", $file_size);
	WriteParam("File SHA256", $sha);

	if (RETURN_VERSION && $version)
	WriteParam("Version", $version);

	if ($zip_size > 0) {
	$zip_hash = hash('sha256', file_get_contents($zip_file));
	WriteParam("Zip Size", $zip_size);
	WriteParam("Zip SHA256", $zip_hash);
	}

	if ($gz_size > 0) {
	$gz_hash = hash('sha256', file_get_contents($gzip_file));
	WriteParam("GZip Size", $gz_size);
	WriteParam("GZip SHA256", $gz_hash);
	}

	if (RETURN_VERSION && $buildDate > 1417305600)
	WriteParam("Build Date", date("r", $buildDate));
	}