File "gp.php"

Full path: /home/fsibplc/public_html/section/gp.php
File size: 2.45 B (2.45 KB bytes)
MIME-type: text/x-php
Charset: utf-8

Download   Open   Edit   Advanced Editor   Back

<?php
ob_start();

header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: 0");
//https://testgpin.qcashbd.com:18286

$date = time();
$ext = "FSIB".$date;
$fsib = base64_encode($ext);

// Store the URL to be redirected after the alert
$redirect_url = '';

// Function to display the alert and redirect using JavaScript
function alert_and_redirect($ext, $url) {
    echo "<script>alert('$ext'); window.location.href = '$url';</script>";
    exit();
}

$curl = curl_init();
curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://103.210.61.6:18286/api/request/v1/gettoken',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
  CURLOPT_POSTFIELDS =>json_encode(array(
    "operation" => "GetTokenInfo",
    "bank_id" =>"Mzk=",
    "user_name" =>"RlNJQg==",
    "password" =>"SVRDIzIwMjUjQCE=",
    "external_id" => $fsib
  )),
  CURLOPT_HTTPHEADER => array(
    'Accept: application/json',
    'Content-Type: application/json',
    'Authorization: Basic '. base64_encode('FSIB:ITC#2025#@!')
  ),
  CURLOPT_SSL_VERIFYPEER => false,
  CURLOPT_SSL_VERIFYHOST => false,
  CURLOPT_FRESH_CONNECT => true,
  CURLOPT_FORBID_REUSE => true   
));

$response = curl_exec($curl);

if ($response === false) {
    echo 'Curl error: ' . curl_error($curl);
    exit();
}

curl_close($curl);

$response1 = json_decode($response, true);

if (json_last_error() !== JSON_ERROR_NONE) {
    echo 'JSON decode error: ' . json_last_error_msg();
    exit();
}

$encoded_url = $response1['redirecturl'];

$encrypted_data = base64_decode($encoded_url);

// Step 2: Load the RSA private key (assuming the private key is in a .pem file)
$private_key = file_get_contents('key.pem'); // Update with your private key path

if ($private_key === false) {
    echo "Failed to load private key.";
    exit();
}

// Step 3: Decrypt the data using the RSA private key
if (!openssl_private_decrypt($encrypted_data, $decrypted_data, $private_key)) {
    echo "Decryption failed.";
    exit();
}

// If decryption is successful, set the redirect URL
$redirect_url = base64_decode($decrypted_data);


// Call the function to display the alert and redirect
alert_and_redirect($ext, $redirect_url);

ob_end_flush();
?>