Versions Compared

Old Version 4

changes.mady.by.user John

Saved on

compared with

New Version 5

changes.mady.by.user John

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

showrss.php

Code Block
<?php

$SHOWRSS_FEED="http://showrss.info/user/4480.rss?magnets=true&namespaces=true&name=clean&quality=hd&re=null";
$EMAIL_TO="jmehan@yahoo.com";
$EMAIL_FROM="jmehan@yahoo.com";
$EMAIL_SUBJECT="DOWNLOAD STARTED [NAS0] - ";
$EMAIL_SUBJECT_FAILED="FAILED TO DOWNLOAD [NAS0] - ";
$DB_FILE_NAME="db_showrss.json";
$TEMP_FOLDER="tv/tmp";
$DEST_FOLDER="tv/incoming";

$pass="bGlmZWlzV0Mx";
$baseURL="http://192.168.1.60:8080";


//login to NAS0
$sid = loginToQnap();

//get showRSS Feed
$xml = file_get_contents($SHOWRSS_FEED);
//echo $xml;

//process xml
$xml = simplexml_load_file($SHOWRSS_FEED);

$showArray = array();

$showdb = json_decode(file_get_contents($DB_FILE_NAME), true);
if($showdb==null){
  $showdb = array();
}


// loop through 
foreach ($xml->channel->item as $item) {
        $title =  $item->title;
	$link = $item->link;

        //echo "title=" . $title ."\n";

	//$pattern = "/S(\d{1,2})E(\d{1,2})/";
	$pattern = "/(\d{1,2})x(\d{1,2})/";
	preg_match($pattern, $title, $matches);
        if(sizeof($matches)>=3){
	  $season=intval($matches[1]);
          $episode=intval($matches[2]);	
 	  $show = trim(substr($title,0,strrpos($title,$matches[0])));	
 	  $showAndEpisode=sprintf("%s %02dx%02d", $show,$season,$episode);
	}else{
	  $show=(string)$title;
	  $showAndEpisode=(string)$title;
	  $season=0;
	  $episode=0;
        }

	//echo "SHOW: " . $show . "\n";
	//echo "SEASON: " . $season . "\n";
	//echo "EPISODE: " . $episode . "\n";
        
        $showInfo=array($showAndEpisode, $show, $season, $episode, $link);
	array_push($showArray, $showInfo);	

}

//echo "\n\n";

sort($showArray);
//print_r($showArray);




foreach ($showArray as $show) {



  //echo "show: " .  $show[0] . "\n";
  //add torrent

  $found =false;
  foreach($showdb as &$showEntry){
    $showName = $showEntry[0];

    if($showName==$show[1]){
      $found=true;
      //echo "Found " . $show[1] . " in showdb \n";
      $newSeason=$show[2];
      $newEpisode=$show[3];
      $lastSeason=$showEntry[1];   
      $lastEpisode=$showEntry[2]; 
      //echo "--- " . $lastSeason . "x" . $lastEpisode . " -> " .  $newSeason . "x" . $newEpisode ."\n";

      if($lastSeason == $newSeason && $newEpisode > $lastEpisode){
        if(downloadShow($show)){
  	  $showEntry[2]= $newEpisode;
          echo "U " . $showEntry[0] . " " . $showEntry[1] . "x" . $showEntry[2] . "\n";
        }else{
          echo "F " . $showEntry[0] . " " . $showEntry[1] . "x" . $showEntry[2] . "\n";
        }
      }elseif ($newSeason > $lastSeason ){
        if(downloadShow($show)){
	  $showEntry[1]= $newSeason;
	  $showEntry[2]= $newEpisode;
          echo "U+ " . $showEntry[0] . " " . $showEntry[1] . "x" . $showEntry[2] . "\n";
	}else{
	  echo "F+ " . $showEntry[0] . " " . $showEntry[1] . "x" . $showEntry[2] . "\n";
	}
      }else{
        // echo "WTF " . $lastSeason . "x" . $lastEpisode . " -> " .  $newSeason . "x" . $newEpisode ."\n";
      }
      break; 
    }
  }

 
  //set latest season/episode
  if ($found==false) {

    if(downloadShow($show)){
      echo "A " . $show[1] .  " " . $show[2] . "x" . $show[3] . "\n" ;
      $showDetails=array($show[1], $show[2], $show[3]);
      array_push($showdb, $showDetails);
    }else{
      echo "F " . $show[1] .  " " . $show[2] . "x" . $show[3] . "\n" ;

    }
  }
  


}

//save showdb to file

//print_r($showdb);

file_put_contents($DB_FILE_NAME,json_encode($showdb));

exit;

//***************************************
// downloadShow
//***************************************
function downloadShow($show){
    global $baseURL;

    $showAndEpisode =  $show[1] .  " " . $show[2] . "x" . $show[3];
    //echo "D: " . $showAndEpisode . "\n";
    //echo "L: " . $show[4] . "\n\n";

    $temp=$GLOBALS['TEMP_FOLDER'];
    $dest=$GLOBALS['DEST_FOLDER'] . "/" . $show[1]; 
    
    $realDest = "/share/" . $dest;
    if (!file_exists($realDest)) {
      mkdir($realDest, 0777, true);
    }

    if($show[2]>0){ 
      $dest=$dest . "/Season " . $show[2]; 
    }
    //echo "Dest: " . $dest . "\n";

    $realDest = "/share/" . $dest;
    if (!file_exists($realDest)) {
      mkdir($realDest, 0777, true);
    }


    $url = $baseURL . '/downloadstation/V4/Task/AddUrl?sid=' . $GLOBALS['sid']  . '&temp=' . urlencode($temp) . '&move=' . urlencode($dest) . '&url=' . urlencode($show[4]); 
    //echo "URL: " . $url . "\n";
    $resp=file_get_contents($url);
    //echo $resp;
    if($resp=='{"error":0}'){
      //sendNotification($showAndEpisode,true);
      return true;
    }else{
      sendNotification($showAndEpisode,fail);
      return false;
    }


}

//***************************************
// sendNotification
//***************************************
function sendNotification($showAndEpisode,$success){
    if(success == true){
      $subject= "\"" . $GLOBALS['EMAIL_SUBJECT'] . $showAndEpisode . "\"";
    }else{
      $subject= "\"" . $GLOBALS['EMAIL_SUBJECT_FAILED'] . $showAndEpisode . "\"";
    }
    $cmd= getCwd() . "/sendEmail.sh " . $subject  . " " . $GLOBALS['EMAIL_FROM'] . " " . $GLOBALS['EMAIL_TO'] . " " . $subject;
    //echo "cmd=" . $cmd . "\n";
    shell_exec($cmd);

}

//***************************************
// endsWith
//***************************************
function endsWith($haystack, $needle)
{
    $length = strlen($needle);
    if ($length == 0) {
        return true;
    }

    return (substr($haystack, -$length) === $needle);
}

//***************************************
// getSid
//***************************************
function getSid($xml){

    $parser = xml_parser_create();
    xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
    xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
    xml_parse_into_struct($parser, $xml, $values, $tags);
    xml_parser_free($parser);
    //print_r($values);
 
    // loop through the structures
    foreach ($values as $val) {
      $tag=$val['tag'];
      $value=$val['value'];
      if($tag=="authSid"){
        return $value;
      } 
      //echo "tag=" . $tag . ", value=" . $value . "\n";
    }

}

//***************************************
// loginToQnap
//***************************************
function loginToQnap(){
  global $baseURL;

  $resp = file_get_contents($baseURL . '/cgi-bin/authLogin.cgi?user=admin&pwd=bGlmZWlzV0Mx');
  //echo $resp;

  $sid=getSid($resp);
  //echo "sid='" . $sid . "'\n";

  $resp=file_get_contents($baseURL . '/downloadstation/V4/Misc/Login?sid=' . $sid);

  return $sid;
}

?>


removeTorrents.php

Code Block
<?php

//$EMAIL_TO="jmehan@yahoo.com";
$EMAIL_TO="jennymehan@yahoo.com,jmehan@yahoo.com";
$EMAIL_FROM="jmehan@yahoo.com";
$EMAIL_SUBJECT="TORRENT DOWNLOADED - ";

$pass="bGlmZWlzV0Mx";
$baseURL="http://192.168.1.60:8080";

//login
$resp=file_get_contents($baseURL . '/cgi-bin/authLogin.cgi?user=admin&pwd=' . $pass);
//echo $resp;

$sid=getSid($resp);
//echo "sid='" . $sid . "'\n";

$resp=file_get_contents($baseURL . '/downloadstation/V4/Misc/Login?sid=' . $sid);
//echo $resp . "\n";


$resp=file_get_contents($baseURL . '/downloadstation/V4/Task/Query?start=0&limit=25&status=completed&from=0&to=25&sid=' . $sid);
//echo $resp . "\n";


$json = json_decode($resp);
$data = $json->{'data'};
//var_dump($data);
file_put_contents("/var/log/download.log",$json,FILE_APPEND | LOCK_EX);
//echo "CWD: " . getCwd() . "\n";

foreach($data as $torrent){
  $name= $torrent->{'source_name'};
  $hash=$torrent->{'hash'};
  //echo "torrent: " . $name . "\n";
  //echo "hash: " . $hash . "\n";

  if(endsWith($name,".torrent")){
  //  echo "torrent file - just delete\n";
  }else{
    //echo "file - notify completion\n";
    $subject= "\"" . $EMAIL_SUBJECT . $name . "\""; 
    $cmd= getCwd() . "/sendEmail.sh " . $subject  . " " . $EMAIL_TO . " " . $EMAIL_FROM . " " . $subject;
    //echo "cmd=" . $cmd . "\n";

    shell_exec($cmd); 
  }

  //remove torrent 
  $resp=file_get_contents($baseURL . '/downloadstation/V4/Task/Remove?clean=0&hash=' . $hash . '&sid=' . $sid);

  //echo $resp ."\n";
  //break;

}

//***************************************
// endsWith
//***************************************
function endsWith($haystack, $needle)
{
    $length = strlen($needle);
    if ($length == 0) {
        return true;
    }

    return (substr($haystack, -$length) === $needle);
}

//***************************************
// getSid
//***************************************
function getSid($xml){

    $parser = xml_parser_create();
    xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
    xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
    xml_parse_into_struct($parser, $xml, $values, $tags);
    xml_parser_free($parser);
    //print_r($values);
 
    // loop through the structures
    foreach ($values as $val) {
      $tag=$val['tag'];
      $value=$val['value'];
      if($tag=="authSid"){
        return $value;
      } 
      //echo "tag=" . $tag . ", value=" . $value . "\n";
    }
}
?>


showTorrents.php

Code Block
<?php

$EMAIL_TO="jmehan@yahoo.com";
$EMAIL_FROM="jmehan@yahoo.com";
$EMAIL_SUBJECT="TORRENT DOWNLOADED [NAS0] - ";

$pass="bGlmZWlzV0Mx";
$baseURL="http://192.168.1.60:8080";

//login
$resp = file_get_contents($baseURL . '/cgi-bin/authLogin.cgi?user=admin&pwd=' . $pass);
//echo $resp;

$sid=getSid($resp);
//echo "sid='" . $sid . "'\n";
 
$resp=file_get_contents($baseURL . '/downloadstation/V4/Misc/Login?sid=' . $sid);
//echo $resp . "\n";


$resp=file_get_contents($baseURL . '/downloadstation/V4/Task/Query?start=0&limit=100&status=all&from=0&to=100&sid=' . $sid);
echo $resp . "\n";


$json = json_decode($resp);
$data = $json->{'data'};
//var_dump($data);

//echo "CWD: " . getCwd() . "\n";

foreach($data as $torrent){
  $name= $torrent->{'source_name'};
  echo "torrent: " . $name . "\n";

}

//***************************************
// endsWith
//***************************************
function endsWith($haystack, $needle)
{
    $length = strlen($needle);
    if ($length == 0) {
        return true;
    }

    return (substr($haystack, -$length) === $needle);
}

//***************************************
// getSid
//***************************************
function getSid($xml){

    $parser = xml_parser_create();
    xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
    xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
    xml_parse_into_struct($parser, $xml, $values, $tags);
    xml_parser_free($parser);
    //print_r($values);
 
    // loop through the structures
    foreach ($values as $val) {
      $tag=$val['tag'];
      $value=$val['value'];
      if($tag=="authSid"){
        return $value;
      } 
      //echo "tag=" . $tag . ", value=" . $value . "\n";
    }

}


?>


removeAllTorrents.php

Code Block
<?php

$EMAIL_TO="j****@yahoo.com";
$EMAIL_FROM="j****@yahoo.com";
$EMAIL_SUBJECT="TORRENT DOWNLOADED [NAS] - ";

$pass="xxx";
$baseURL="http://xxx.xxx.xxx.xxx:8080";

//login
$resp = file_get_contents($baseURL . "/cgi-bin/authLogin.cgi?user=admin&pwd=" . $pass );
$sid=getSid($resp);
 
$resp=file_get_contents($baseURL . '/downloadstation/V4/Misc/Login?sid=' . $sid);

$resp=file_get_contents($baseURL . '/downloadstation/V4/Task/Query?start=0&limit=100&status=all&from=0&to=100&sid=' . $sid);


$json = json_decode($resp);
$data = $json->{'data'};

foreach($data as $torrent){
  $name= $torrent->{'source_name'};
  $hash=$torrent->{'hash'};

  if(endsWith($name,".torrent")){
  //  echo "torrent file - just delete\n";
  }else{
    //echo "file - notify completion\n";
    $subject= "\"" . $EMAIL_SUBJECT . $name . "\""; 
    $cmd= getCwd() . "/sendEmail.sh " . $subject  . " " . $EMAIL_FROM . " " . $EMAIL_TO . " " . $subject;
    //echo "cmd=" . $cmd . "\n";

    //shell_exec($cmd); 
  }

  //remove torrent 
  $resp=file_get_contents($baseURL . '/downloadstation/V4/Task/Remove?clean=0&hash=' . $hash . '&sid=' . $sid);

  //echo $resp ."\n";
  //break;

}

//***************************************
// endsWith
//***************************************
function endsWith($haystack, $needle)
{
    $length = strlen($needle);
    if ($length == 0) {
        return true;
    }

    return (substr($haystack, -$length) === $needle);
}

//***************************************
// getSid
//***************************************
function getSid($xml){

    $parser = xml_parser_create();
    xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
    xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
    xml_parse_into_struct($parser, $xml, $values, $tags);
    xml_parser_free($parser);
    //print_r($values);
 
    // loop through the structures
    foreach ($values as $val) {
      $tag=$val['tag'];
      $value=$val['value'];
      if($tag=="authSid"){
        return $value;
      } 
      //echo "tag=" . $tag . ", value=" . $value . "\n";
    }

}


?>

To get your QNAP credentials

 

Download OWASP ZAP

 

https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

 

Startup OWASP zap

 

Set Proxy in OWASP Zap by selecting Tools, Options, Local Proxy.

 

Set local proxy to localhost and a port, say 8090

Image Removed

 

Now, change the proxy settings on your browser to proxy through the proxy you defined above.

 

Now open up the URL to your QNAP and login.

 

Check through the

 Image Removed

Look through the list of URLs until you find a call to authLogin.cgi. Click on it and note the request parameters.

 

In the above case you will need the user=admin and pwd=….

 

Update the your showRss.php file with the proper path:

 

 Image Removed

                           

 

Also, look for this path in the other php files.

 

That’s it. Try running the .sh files manually and see if they work.

Maybe start with the showTorrents.sh script first since it will show you what you are currently downloading.

 

...