const express = require('express'); const app = express(); const bodyParser = require('body-parser'); // const config = require('./config'); const log4js = require('log4js'); const logger = log4js.getLogger(); const URL = require('url'); const http = require('http'); const https = require('https'); const apicache = require('apicache'); const ipfilter = require('express-ipfilter').IpFilter; const IpDeniedError = require('express-ipfilter').IpDeniedError; const port = process.env.PORT || 8080; logger.level = 'debug'; // app.use(compression()); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ 'extended': true })); apicache.options({ 'debug': true }); const cache = apicache.middleware; // app.use(cache('15 minutes')); const ips = ['212.71.255.44', '82.35.75.161']; app.use(ipfilter(ips, { 'mode': 'allow' })); app.use((err, req, res, _next) => { console.log('Error handler', err); if(err instanceof IpDeniedError) res.status(401); else res.status(err.status || 500); /* res.render('error', { 'message': 'You shall not pass', 'error': err });*/ res.status(403).end(); }); const bouncer = ['phpmyadmin', 'phpMyadmin', 'phpMyAdmin', 'phpmyAdmin', 'phpmyadmin2', 'phpmyadmin3', 'phpmyadmin4', '2phpmyadmin', 'phpmy', 'phppma', 'myadmin', 'shopdb', 'MyAdmin', 'program', 'PMA', 'dbadmin', 'pma', 'db', 'admin', 'mysql', 'database', 'sqlmanager', 'mysqlmanager', 'php-myadmin', 'phpmy-admin', 'mysqladmin', 'mysql-admin', 'phpMyAdmin2', 'phpMyAdmin3', 'phpMyAdmin4', 'phpMyAdmin-3', 'php-my-admin', 'PMA2011', 'PMA2012', 'PMA2013', 'PMA2014', 'PMA2015', 'PMA2016', 'PMA2017', 'PMA2018', 'pma2011', 'pma2012', 'pma2013', 'pma2014', 'pma2015', 'pma2016', 'pma2017', 'pma2018', 'phpmyadmin2011', 'phpmyadmin2012', 'phpmyadmin2013', 'phpmyadmin2014', 'phpmyadmin2015', 'phpmyadmin2016', 'phpmyadmin2017', 'phpmyadmin2018', 'phpmanager']; function getUrl (req, res) { const theUrl = req.params.encoded_id; logger.info(`IP:${req.ip}`); logger.debug('Want', theUrl); if (theUrl === undefined || bouncer.indexOf(theUrl) !== -1 || theUrl === '') { logger.warn(`You're not getting in ${theUrl}`); res.status(400).send(''); return; } const options = URL.parse(theUrl); options.followAllRedirects = true; options.headers = { 'User-Agent' : 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36' }; // console.log('Options', options); logger.info(`>> getting ${theUrl}`); function urlQuery (callback) { try { let count = 0; http.request(options, responseHandler).end(); function responseHandler(response) { response.setEncoding('utf8'); if (response.statusCode === 302 || response.statusCode === 301) { body = []; const rUrl = URL.parse(response.headers.location); rUrl.followAllRedirects = true; rUrl.headers = { 'User-Agent' : 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36' }; logger.debug('>> follow', response.headers.location, count); count++; if (rUrl.protocol === 'https:') https.request(rUrl, responseHandler).end(); else http.request(rUrl, responseHandler).end(); } let data = ''; response.on('data', chunk => { data += chunk; }); response.on('end', () => { if (response.statusCode !== 302 && response.statusCode !== 301) callback(data); }); response.on('error', e => { logger.error(e); }); } } catch (e) { logger.error(e); } } urlQuery(a => { // logger.info(a); logger.info('Got result'); // res.setHeader('Content-Type', 'application/json'); res.send(a); }); } app.get('/:encoded_id', cache('15 minutes'), getUrl); const server = app.listen(port, () => { logger.info(`Server listening on port ${port}`); });