Newer
Older
DrawOnHisBadge / index.php
  1. #!/usr/bin/php
  2. <?php
  3.  
  4. $host = '52.43.252.153'; // websocket server
  5. $port = 9001;
  6. $local = "http://localhost"; // origin header
  7. $data = '{"CMD":"CLEAR"}'; // not actaully sent
  8.  
  9. echo ".-,--. ,---. ,-_/,. ,-,---. .
  10. ' | \ ,-. ,-. . , , | | ,-. ' |_|/ . ,-. '|___/ ,-. ,-| ,-. ,-.
  11. , | / | ,-| |/|/ | | | | /| | | `-. ,| \ ,-| | | | | |-'
  12. `-^--' ' `-^ ' ' `---' ' ' `' `' ' `-' `-^---' `-^ `-' `-| `-'
  13. ,|
  14. `'\n";
  15. $head = "GET / HTTP/1.1"."\r\n".
  16. "Upgrade: WebSocket"."\r\n".
  17. "Connection: Upgrade"."\r\n".
  18. "Origin: $local"."\r\n".
  19. "Host: $host"."\r\n".
  20. "Sec-WebSocket-Version: 13"."\r\n".
  21. "Sec-WebSocket-Key: asdasdaas76da7sd6asd6as7d"."\r\n".
  22. "Content-Length: ".strlen($data)."\r\n"."\r\n";
  23.  
  24. if ($argc < 2 ){
  25. exit("Usage: php index.php <image>\n");
  26. }else{
  27. $filename = $argv[1];
  28. echo "[+] Img: $filename\n";
  29. if ($filename == null || !isset($filename)) {
  30. echo "[!] Please choose an image\n";
  31. exit(0);
  32. }else{
  33. $imgStats = list($width, $height, $type, $attr) = getimagesize($filename);
  34. echo "[?] checking dimensions\n";
  35. if($imgStats[0] <> 64 || $imgStats[1] <> 32)
  36. die("[-] Image must be 64px Wide and 32px high");
  37.  
  38. $im = imagecreatefrompng($filename);
  39. //connect
  40. $sock = fsockopen($host, $port, $errno, $errstr, 2);
  41. fwrite($sock, $head ) or die('error:'.$errno.':'.$errstr);
  42. $headers = fread($sock, 2000);
  43.  
  44. echo "[!] sending...\n";
  45. $count = 0; // 2048 pixels total
  46. //time to get the colors
  47. for($x = 0; $x <= $imgStats[0]-1; $x++){
  48. $arrX = array();
  49. $arrY = array();
  50. $arrC = array();
  51. //calculate percentage
  52. $count++;
  53. $percent = round(($count / 64) * 100, 2);
  54. echo "[+] complete: $percent% \r"; // extra spaces are important sytalisticly
  55.  
  56. for($y = 0; $y <= $imgStats[1]-1; $y++){
  57. $rgb = imagecolorat($im, $x, $y);
  58. $newcol = color565($im, $rgb);
  59. array_push($arrX, $x);
  60. array_push($arrY, $y);
  61. array_push($arrC, $newcol);
  62. }
  63.  
  64. //create data then send
  65. $data = '{"CMD":"DRAW","DATA":[';
  66. for($i = 0; $i <= 32-1; $i++){
  67. $data .= '['.$arrX[$i].','.$arrY[$i].',"'.$arrC[$i].'"],'; // data to be sent
  68. }
  69. $data = rtrim($data,',');
  70. $data .= ']}';
  71. //echo $data."\n"; // DEBUG
  72. fwrite($sock, hybi10Encode($data)) or die('error:'.$errno.':'.$errstr);
  73. $wsdata = fread($sock, 2000);
  74. }
  75.  
  76. //close connection
  77. fclose($sock);
  78. echo "\n[+] done\n";
  79. }
  80. }
  81.  
  82. function color565($im, $color){
  83. $color_tran = imagecolorsforindex($im, $color);
  84. $red = $color_tran['red'];
  85. $green = $color_tran['green'];
  86. $blue = $color_tran['blue'];
  87. /*bit Shifting*/
  88. $b = ($blue >> 3) & 0x1f;
  89. $g = (($green >> 2) & 0x3f) << 5;
  90. $r = (($red >> 3) & 0x1f) << 11;
  91. return "0x". strtoupper(dechex($r | $g | $b));
  92. }
  93.  
  94. /***
  95. * functions below are for websocket interaction
  96. */
  97.  
  98. // hibi10 decoding of data
  99. function hybi10Decode($data)
  100. {
  101. $bytes = $data;
  102. $dataLength = '';
  103. $mask = '';
  104. $coded_data = '';
  105. $decodedData = '';
  106. $secondByte = sprintf('%08b', ord($bytes[1]));
  107. $masked = ($secondByte[0] == '1') ? true : false;
  108. $dataLength = ($masked === true) ? ord($bytes[1]) & 127 : ord($bytes[1]);
  109. if($masked === true)
  110. {
  111. if ($dataLength === 126) {
  112. $mask = substr($bytes, 4, 4);
  113. $coded_data = substr($bytes, 8);
  114. }
  115. elseif ($dataLength === 127) {
  116. $mask = substr($bytes, 10, 4);
  117. $coded_data = substr($bytes, 14);
  118. }
  119. else {
  120. $mask = substr($bytes, 2, 4);
  121. $coded_data = substr($bytes, 6);
  122. }
  123. for ($i = 0; $i < strlen($coded_data); $i++) {
  124. $decodedData .= $coded_data[$i] ^ $mask[$i % 4];
  125. }
  126. }
  127. else {
  128. if ($dataLength === 126) {
  129. $decodedData = substr($bytes, 4);
  130. }
  131. elseif ($dataLength === 127) {
  132. $decodedData = substr($bytes, 10);
  133. }
  134. else {
  135. $decodedData = substr($bytes, 2);
  136. }
  137. }
  138.  
  139. return $decodedData;
  140. }
  141. // hibi10 encoding of data
  142. function hybi10Encode($payload, $type = 'text', $masked = true) {
  143. $frameHead = array();
  144. $frame = '';
  145. $payloadLength = strlen($payload);
  146.  
  147. switch ($type) {
  148. case 'text':
  149. // first byte indicates FIN, Text-Frame (10000001):
  150. $frameHead[0] = 129;
  151. break;
  152. case 'close':
  153. // first byte indicates FIN, Close Frame(10001000):
  154. $frameHead[0] = 136;
  155. break;
  156. case 'ping':
  157. // first byte indicates FIN, Ping frame (10001001):
  158. $frameHead[0] = 137;
  159. break;
  160. case 'pong':
  161. // first byte indicates FIN, Pong frame (10001010):
  162. $frameHead[0] = 138;
  163. break;
  164. }
  165.  
  166. // set mask and payload length (using 1, 3 or 9 bytes)
  167. if ($payloadLength > 65535) {
  168. $payloadLengthBin = str_split(sprintf('%064b', $payloadLength), 8);
  169. $frameHead[1] = ($masked === true) ? 255 : 127;
  170. for ($i = 0; $i < 8; $i++) {
  171. $frameHead[$i + 2] = bindec($payloadLengthBin[$i]);
  172. }
  173.  
  174. // most significant bit MUST be 0 (close connection if frame too big)
  175. if ($frameHead[2] > 127) {
  176. $this->close(1004);
  177. return false;
  178. }
  179. } elseif ($payloadLength > 125) {
  180. $payloadLengthBin = str_split(sprintf('%016b', $payloadLength), 8);
  181. $frameHead[1] = ($masked === true) ? 254 : 126;
  182. $frameHead[2] = bindec($payloadLengthBin[0]);
  183. $frameHead[3] = bindec($payloadLengthBin[1]);
  184. } else {
  185. $frameHead[1] = ($masked === true) ? $payloadLength + 128 : $payloadLength;
  186. }
  187.  
  188. // convert frame-head to string:
  189. foreach (array_keys($frameHead) as $i) {
  190. $frameHead[$i] = chr($frameHead[$i]);
  191. }
  192. if ($masked === true) {
  193. // generate a random mask:
  194. $mask = array();
  195. for ($i = 0; $i < 4; $i++) {
  196. $mask[$i] = chr(rand(0, 255));
  197. }
  198. $frameHead = array_merge($frameHead, $mask);
  199. }
  200. $frame = implode('', $frameHead);
  201. // append payload to frame:
  202. for ($i = 0; $i < $payloadLength; $i++) {
  203. $frame .= ($masked === true) ? $payload[$i] ^ $mask[$i % 4] : $payload[$i];
  204. }
  205.  
  206. return $frame;
  207. }
  208. ?>
Buy Me A Coffee