1. Halo Guest, pastikan Anda selalu menaati peraturan forum sebelum mengirimkan post atau thread baru.

[SHARE] script anti hotlink protection

Discussion in 'Pemrograman Web' started by mp3online, Dec 3, 2011.

  1. mp3online

    mp3online Super Hero

    Joined:
    Jul 19, 2011
    Messages:
    2,228
    Likes Received:
    294
    Location:
    jakarta
    hotlink protection biasanya cuma cek validasi referer, kalau host referer gak cocok ama host server maka gambar tidak akan mau nungul.
    ini script untuk memanipulasi http header referernya tersebut
    Code:
    <?php
error_reporting(0);
/*
anti hotlink protection by ogah
http://ogah.gw.lt
*/
$agen = urldecode($_SERVER['HTTP_USER_AGENT']);
$headernya = array ('Accept-Language: en-us,en;q=0.7', 'Accept: text/xml,text/javascript,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5');

if(isset($_GET['u'])) {
$url = 'http://';
$url .= $_GET['u'];

$file = explode('/', $url);
$tipe = end($file);
$tipe = explode('.', $tipe);
$ext = end($tipe);

$refer = 'Referer: '.$url;
array_push($headernya, $refer);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $agen);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headernya);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$salin = curl_exec($ch);
curl_close($ch);

if($ext == 'png') {
    header("Content-Type: image/png");
}
elseif($ext == 'jpg') {
    header("Content-Type: image/jpg");
}
else {
    header("Content-Type: image/gif");
}
echo $salin; exit;
}
?>
    simpan sebagai file img.php

    cara penggunaan:
    misal scriptnya kamu simpan sebagai hxxp://domainmu.com/img.php dan gambar yang diproteksi hotlink adalah hxxp://anu.com/images/gambarku.gif
    untuk mengelabuhi proteksinya gunakan hxxp://domainmu.com/img.php?u=anu.com/images/gambarku.gif
    atau dalam tag htmlnya
    Code:
    <img src="hxxp://domainmu.com/img.php?u=anu.com/images/gambarku.gif" alt="anu"/>
     
    mp3online, Dec 3, 2011
    #1
    imingfuntwo, jonnycible, PenjualBayaran and 3 others like this.
  2. deden

    deden Super Hero

    Joined:
    Mar 10, 2011
    Messages:
    1,282
    Likes Received:
    158
    Location:
    Bogor
    thanks mastah.... ane dah ubek ubek nih forum...ehhhh... baru nongol yang kaya ginian...
     
    deden, Dec 3, 2011
    #2
  3. assyams

    assyams Pengangguran

    Joined:
    Oct 21, 2010
    Messages:
    2,281
    Likes Received:
    112
    Location:
    Pulau Giligenting
    boleh nih keknya digabungin ma AGCnya mastah maxall keknya, soalnya gambar dari imageshack gak bisa nongol :D
     
    assyams, Dec 5, 2011
    #3
  4. agungakbar

    agungakbar Ads.id Starter

    Joined:
    Apr 12, 2011
    Messages:
    95
    Likes Received:
    2
    Aman nggak bro ?? Ntar nggak bisa dipasagin shell kan ?? hxxp://domain.com/img.php?u=domainhacker.com/shell.txt?Atauhxxp://domain.com/img.php?u=domainhacker.com/shell.php? Nggak bisa digituin kan ??
     
    agungakbar, Dec 5, 2011
    #4
  5. mawarkuning

    mawarkuning Super Hero

    Joined:
    Aug 29, 2007
    Messages:
    1,503
    Likes Received:
    110
    mantep dah, ada anti hotlink protection. asal jangan ada anti anti hotlink protection :D

    like it.
     
    mawarkuning, Dec 5, 2011
    #5
  6. nababan

    nababan Ads.id Fan

    Joined:
    Mar 8, 2011
    Messages:
    136
    Likes Received:
    57
    Location:
    Flashdisk
    yang saya lihat sih di header udah dicoba kasih header image
    PHP:
    if($ext == 'png') {     header("Content-Type: image/png"); } elseif($ext == 'jpg') {     header("Content-Type: image/jpg"); } else {     header("Content-Type: image/gif"); } echo $salin; exit; }
    Tapi yg namanya shell aja bisa jalan dalam mode gambar?
     
    nababan, Dec 5, 2011
    #6
  7. mp3online

    mp3online Super Hero

    Joined:
    Jul 19, 2011
    Messages:
    2,228
    Likes Received:
    294
    Location:
    jakarta
    kalau takut dipasangi shell atau gambar yang mengandung malicious code, bagian if sampai echo $salin ganti pakai ini, kayaknya lebih aman
    Code:
    if($ext == 'png') {
    header("Content-Type: image/png");
    $im = imagecreatefromstring($salin);
    imagepng($im);
    imagedestroy($im);
}
elseif($ext == 'jpg') {
    header("Content-Type: image/jpg");
    $im = imagecreatefromstring($salin);
    imagejpeg($im);
    imagedestroy($im);
}
else {
    header("Content-Type: image/gif");
    $im = imagecreatefromstring($salin);
    imagegif($im);
    imagedestroy($im);
}
    cuma kalu pakai metode yang ini gambar background transparan mungkin akan berubah jadi background hitam dan gif animasi akan jadi gambar diam

    atau tambahin lagi fungsi if di bagian sebelum curl
    jika ext tidak sama dengan jpg atau gif atau png yang nungul gambar dengan tulisan "iki gambar opo?"
    Code:
    if($ext != 'png' || $ext != 'gif' || $ext != 'jpg') {
$im = imagecreate(100, 30);
$bg = imagecolorallocate($im, 255, 255, 255);
$textcolor = imagecolorallocate($im, 0, 0, 255);
imagestring($im, 5, 0, 0, 'iki gambar opo?', $textcolor);
header('Content-type: image/png');
imagepng($im);
imagedestroy($im);
exit;
}
     
    mp3online, Dec 6, 2011
    #7
  8. bimahong

    bimahong Super Hero

    Joined:
    Nov 24, 2009
    Messages:
    963
    Likes Received:
    51
    Location:
    surabaya
    nice share gan ...
    mau mau nyoba implementasi :)
     
    bimahong, Dec 7, 2011
    #8
  9. nicefirework

    nicefirework Super Hero

    Joined:
    Aug 21, 2010
    Messages:
    1,304
    Likes Received:
    251
    Mantep bro.. dicoba dulu gimana supaya bisa disimpan di hosting sendiri.
     
    nicefirework, Jul 22, 2012
    #9
  10. taskuda

    taskuda Newbie

    Joined:
    May 21, 2013
    Messages:
    26
    Likes Received:
    0
    permisi aye boleh tau shel itu seperti apa n contohnya gmn klo dlm gamabr..?
     
    taskuda, Jun 20, 2013
    #10
  11. taskuda

    taskuda Newbie

    Joined:
    May 21, 2013
    Messages:
    26
    Likes Received:
    0
    permisi kang, kok ente ngerti bginian sih?
    blajarnya dmn n gmn biar cepet nangkep script php?
     
    taskuda, Jun 20, 2013
    #11
  12. mp3online

    mp3online Super Hero

    Joined:
    Jul 19, 2011
    Messages:
    2,228
    Likes Received:
    294
    Location:
    jakarta
    aku blajar di php(dot)net :)

    aku pernah baca artikel, katanya gambar bisa disisipin kode2 yg akan berjalan kalau dieksekusi oleh php get image size.
    tapi mungkin bisa juga skrip php shell dikasih nama pake ext bukan php tp jpg, gif atau png
     
    mp3online, Jun 20, 2013
    #12
  13. taskuda

    taskuda Newbie

    Joined:
    May 21, 2013
    Messages:
    26
    Likes Received:
    0
    klo utk file exe , zip, rar , dll gmn scriptnya?
     
    taskuda, Sep 6, 2013
    #13
  14. maulida

    maulida Ads.id Fan

    Joined:
    Aug 10, 2013
    Messages:
    122
    Likes Received:
    1
    hmmmmmmmm nyimak aja dulu
     
    maulida, Sep 7, 2013
    #14
  15. jawak

    jawak Hero

    Joined:
    Oct 26, 2011
    Messages:
    574
    Likes Received:
    20
    Location:
    Jakarta
    wah mantap ini kayaknya scriptnya gan
    tes dulu gan
     
    jawak, Sep 9, 2013
    #15
  16. mp3online

    mp3online Super Hero

    Joined:
    Jul 19, 2011
    Messages:
    2,228
    Likes Received:
    294
    Location:
    jakarta
    threadku ini kok aneh ya, aku gak bisa masuk page 2. kalau aku klik hlm 2 yg kluar tulisan "file not found!"
    tapi kok ada posting baru ya?

    sorry om momod, test ngepost di thread ini siapa tau jadi bisa masuk page 2.
     
    mp3online, Sep 9, 2013
    #16
  17. mp3online

    mp3online Super Hero

    Joined:
    Jul 19, 2011
    Messages:
    2,228
    Likes Received:
    294
    Location:
    jakarta
    tetep gak bs masuk page 2.
    tolong diclose aja deh mod
     
    mp3online, Sep 9, 2013
    #17
  18. Punjabi

    Punjabi Super Hero

    Joined:
    Oct 7, 2007
    Messages:
    1,048
    Likes Received:
    80
    Location:
    Jln Marabahan GKB Gresik
    Punjabi, Apr 4, 2014
    #18
  19. kurangasem

    kurangasem Newbie

    Joined:
    Feb 12, 2013
    Messages:
    31
    Likes Received:
    0
    makasih mastah
     
    kurangasem, Apr 7, 2014
    #19
  20. jonnycible

    jonnycible Ads.id Fan

    Joined:
    Oct 8, 2014
    Messages:
    172
    Likes Received:
    0
    jonnycible, Jun 21, 2015
    #20

Share This Page