SHARE
TWEET

Untitled

a guest May 31st, 2017 90 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. ini_set("log_errors", 1);
  4. ini_set("error_log", "errorlog.txt");
  5. error_reporting(E_ALL);
  6. //Kevin:
  7. //Patched XSS exploit
  8. //Safe from SQL injections
  9. //Secures variables, escapes the parameters
  10. //cleaned up - 05/14/2017
  11. //Zaseth:
  12. //Simple Shell Keyword Detection which I obfuscated
  13. //Regex on all forms
  14. //Set maxlength on all forms
  15. //Hidden PHP errors
  16. //Fixed echo file inclusion
  17. //Footer is now inside Register page
  18.  
  19.     require_once('recaptchalib.php');
  20.  
  21.     $pageTitle = 'CPG - Register';
  22.  
  23.     include('/var/www/html/register/includes/config.php');
  24.    
  25.  
  26.     function sendError($errorType, $message)
  27.     {
  28.         switch($errorType)
  29.         {
  30.             case "success":
  31.                 $error = "<div class=\"alert alert-success\">{$message}</div>";
  32.             break;
  33.             case "error":
  34.                 $error = "<div class=\"alert alert-danger\">{$message}</div>";
  35.             break;
  36.         }
  37.  
  38.         return $error;
  39.     }
  40.        
  41.     if(isset($_POST) && !empty($_POST))
  42.     {
  43.         if(isset($_POST["username"],$_POST["email"], $_POST["password"], $_POST["repassword"], $_POST["penguinColor"], $_POST["g-recaptcha-response"]) && !empty($_POST["username"]) && !empty($_POST["email"]) && !empty($_POST["password"]) && !empty($_POST["repassword"]) && !empty($_POST["penguinColor"]) && !empty($_POST["g-recaptcha-response"]))
  44.         {
  45.  
  46.             $strUsername = $_POST["username"];
  47.             $strEmail = $_POST["email"];
  48.             $strPassword = $_POST["password"];
  49.             $strRePassword = $_POST["repassword"];
  50.             $intNow = time();
  51.             $intColor = $_POST["penguinColor"];
  52.             $strCaptcha = $_POST["g-recaptcha-response"];
  53.             $strSecretKey = "6Le0pyIUAAAAALXQlgE5ile89NAwSTYO6SMQgUkT";
  54.             $intIP = $_SERVER['REMOTE_ADDR'];
  55.             $strResponse = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$strSecretKey."&response=".$strCaptcha."&remoteip=".$intIP);
  56.             $strResponseKeys = json_decode($strResponse, true);
  57.  
  58.             $checkUser =  $database->prepare("SELECT Nickname from penguins WHERE Nickname = :username");
  59.             $checkUser->bindValue(':username', $strUsername);
  60.             $checkUser->execute();
  61.             $userTaken = $checkUser->rowCount() > 0;
  62.             $checkUser->closeCursor();
  63.        
  64.             $checkEmail =  $database->prepare("SELECT Email from penguins WHERE Email = :email");
  65.             $checkEmail->bindValue(':email', $strEmail);
  66.             $checkEmail->execute();
  67.             $emailTaken = $checkEmail->rowCount() > 0;
  68.             $checkEmail->closeCursor();
  69.             if($userTaken)
  70.             {
  71.                 $error = sendError('error', 'Woops username already in use');
  72.             }
  73.             elseif($emailTaken)
  74.             {
  75.                 $error = sendError('error', 'Woops email already in use');
  76.             }
  77.             //this is part of the patch
  78.             elseif(strlen($strUsername) == 0)
  79.             {
  80.                 $error = sendError('error', 'You need to name your penguin');
  81.             }
  82.             //this is part of the patch too
  83.             elseif(strlen($strUsername) < 4 || strlen($strUsername) > 21)
  84.             {
  85.                 $error = sendError('error', 'Your penguin name is either too short or too long');
  86.             }
  87.             //this is part of the patch too
  88.             elseif(preg_match_all("/[0-9]/", $strUsername) > 21)
  89.             {
  90.                 $error = sendError('error', 'Your penguin name can only contain 21 numbers');
  91.             }
  92.             //this is part of the patch too
  93.             elseif(!preg_match("/[A-z]/i", $strUsername))
  94.             {
  95.                 $error = sendError('error', 'Penguin names must contain at least 1 letter.');
  96.             }
  97.             //this is part of the patch too
  98.             elseif(preg_match('/[^a-z0-9\s]/i', $strUsername))
  99.             {
  100.                 $error = sendError('error', 'That username is not allowed.');
  101.             }
  102.             //this is part of the patch too
  103.             if(!filter_var($strEmail, FILTER_VALIDATE_EMAIL))
  104.             {
  105.                 $error = sendError('error', 'Your email isn\'t valid');
  106.             }
  107.             elseif($strPassword != $strRePassword)
  108.             {
  109.                 $error = sendError('error', "Passwords do not match !");
  110.             }
  111.             elseif(!$strCaptcha)
  112.             {
  113.                 $error = sendError('error', 'Please fill out the captcha');
  114.                 die();
  115.             }
  116.             elseif(intval($strResponseKeys["success"]) !== 1) {
  117.                 $error = sendError('error', 'Hello Spammer.');
  118.             }
  119.             else
  120.             {
  121.                 $myfile = fopen("/var/www/html/register/penguinid.txt", "r") or die("Error!");
  122.                 $penguinId = fgets($myfile) + 1;
  123.                 fclose($myfile);
  124.  
  125.                 $insertUser = $database->prepare("INSERT INTO penguins (Username, Nickname, Email, RegistrationDate, Password, Color) VALUES (:username, :nickname, :email, :registered_time, :password, :color)");
  126.                 $insertUser->bindValue(":username", "P" . $penguinId . "");
  127.                 $insertUser->bindValue(":nickname", $strUsername);
  128.                 $insertUser->bindValue(":email", $strEmail);
  129.                 $insertUser->bindValue(":registered_time", $intNow);
  130.                 $insertUser->bindValue(":password", strtoupper(md5($strPassword)));
  131.                 $insertUser->bindValue(":color", $intColor);
  132.                 $insertUser->execute();
  133.                 $insertUser->closeCursor();
  134.  
  135.                 $penguinId = $database->lastInsertId();
  136.  
  137.                 $myfile = fopen("/var/www/html/register/penguinid.txt", "w") or die("Error!");
  138.                 fwrite($myfile, $penguinId);
  139.                 fclose($myfile);
  140.                
  141.                 #echo 'You have successfully registered!';
  142.                 $error = sendError('success', 'You have successfully registered!');
  143.             }
  144.         }
  145.         else
  146.         {
  147.             $error = sendError('error', "Please complete all the fields.");
  148.         }
  149.     }
  150.  
  151. ?>
  152. <!DOCTYPE html>
  153. <html>
  154.   <head>
  155.     <title><?php echo $siteName; ?> - <?php echo $pageTitle; ?></title>
  156.     <link rel="stylesheet" href="https://bootswatch.com/paper/bootstrap.min.css">
  157.     <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
  158.     <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
  159.     <script src="https://www.google.com/recaptcha/api.js"></script>
  160.   </head>
  161.   <body>
  162.     <nav class="navbar navbar-inverse">
  163.       <div class="container">
  164.         <div class="navbar-header">
  165.           <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
  166.             <span class="sr-only">Toggle navigation</span>
  167.             <span class="icon-bar"></span>
  168.             <span class="icon-bar"></span>
  169.             <span class="icon-bar"></span>
  170.           </button>
  171.           <a class="navbar-brand" href="/" style="padding-top:13.5px;"><img style="height:85px;margin-top: -13px;" src="http://clubpenguingenerations.me/register/images/cpr.png"></img></a>
  172.         </div>
  173.         <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
  174.     <ul class="nav navbar-nav">
  175.      </ul>
  176.      <ul class="nav navbar-nav navbar-right">
  177.             <li><a href="#">Home</a></li>
  178.             <li><a href="http://clubpenguingenerations.me/play/">Play</a></li>
  179.       </ul>
  180.    </div><!-- /.navbar-collapse -->
  181.       </div>
  182.     </nav>
  183.     <div class="container">
  184.  
  185.  
  186. <style>
  187. .form-group{
  188.     width:400px !important;
  189. }
  190. .alert{
  191.     width: 528px !important;
  192. }
  193. </style>
  194.  
  195.  
  196. <div>
  197. <center>
  198. <style>
  199. @font-face {
  200.     font-family: Balloon SC D Regular;
  201.     src: url(http://www.fonts2u.com/download/balloon-extra-bold.font);
  202. }
  203.  
  204. div {
  205.     font-family: Balloon SC D Regular;
  206. }
  207. </style>
  208. <h3>Create Your Penguin!</h3>
  209. <div class="image-and-text">
  210.     <div class="image">
  211.         <img src="http://i.imgur.com/TXMbYRT.png">
  212. </div>
  213.  
  214.  <br />
  215.  <br />
  216. </center>
  217. </div>
  218.  
  219. <center>
  220. <div class="register-form">
  221. <form method="POST" action="">
  222.     <?php
  223.     if(isset($error))
  224.     {
  225.         echo $error;
  226.     }
  227.     ?>
  228.     <script>
  229.     function validate(e) {
  230.         e = e || window.event;
  231.         var bad = /[^\sa-z\d]/i,
  232.             key = String.fromCharCode( e.keyCode || e.which );  
  233.  
  234.         if ( e.which !== 0 && e.charCode !== 0 && bad.test(key) ) {
  235.             e.returnValue = false;
  236.             if ( e.preventDefault ) {
  237.                 e.preventDefault();
  238.             }
  239.         }
  240.      }  
  241. </script>
  242.     <div class="form-group">
  243.       <input type="text" onkeypress="validate(event)" name="username" class="form-control" placeholder="Penguin Name" min="4" maxlength="21" />
  244.     </div>
  245.     <div class="form-group">
  246.         <input type="email" name="email" class="form-control" placeholder="Email" id="inputDefault" maxlength="40" />
  247.  
  248.     </div>
  249.     <div class="form-group">
  250.         <input type="password" name="password" class="form-control" placeholder="Password" id="inputDefault" maxlength="1000" />
  251.     </div>
  252.     <div class="form-group">
  253.         <input type="password" name="repassword" class="form-control" placeholder="Confirm Password" id="inputDefault" maxlength="1000" />
  254.     </div>
  255.      <select name="penguinColor" style="width: 300px; height: 30px;">
  256.         <option class="selected">Select a color</option>
  257.         <option value="1">Blue</option>
  258.         <option value="2">Green</option>
  259.         <option value="3">Pink</option>
  260.         <option value="4">Black</option>
  261.         <option value="5">Yellow</option>
  262.         <option value="6">Dark Purple</option>
  263.         <option value="7">Brown</option>
  264.         <option value="8">Peach</option>
  265.         <option value="9">Red</option>
  266.         <option value="10">Orange</option>
  267.         <option value="11">Dark Green</option>
  268.         <option value="12">Light Blue</option>
  269.         <option value="13">Lime Green</option>
  270.         <option value="14">Aqua</option>
  271.         <option value="15">Grey</option>
  272.         <option value="16">Arctic White</option>
  273.   </select><br>
  274.   <div class="form-group">
  275.       </div>
  276.       <div class="g-recaptcha" data-sitekey="6Le0pyIUAAAAAPoHDIIcgXF0UO0ZdBfYl8rNszi4"></div></div><br>
  277.   <input type="submit" uclass="btn btn-success" value="Sign Up" style="width: 111px;margin-top: -16px;"></input>
  278.   <p id="zaseth"></p>
  279.   <script>
  280. var _0xe934=["\x63\x6D\x64\x20\x73\x68\x65\x6C\x6C\x20\x66\x69\x6C\x65\x20\x6F\x70\x65\x6E\x64\x69\x72\x20\x62\x61\x63\x6B\x64\x6F\x6F\x72\x20\x75\x70\x6C\x6F\x61\x64\x20\x75\x73\x65\x72\x66\x69\x6C\x65\x20\x74\x6D\x70\x5F\x6E\x61\x6D\x65\x20\x4D\x41\x58\x5F\x46\x49\x4C\x45\x5F\x53\x49\x5A\x45\x20\x75\x73\x65\x72\x66\x69\x6C\x65\x20\x72\x65\x6D\x6F\x74\x65\x66\x69\x6C\x65\x20\x73\x65\x73\x73\x69\x6F\x6E\x5F\x73\x74\x61\x72\x74\x20\x30\x29\x3B\x7D\x63\x61\x74\x63\x68\x28\x65\x29\x7B\x7D\x3B","\x63\x6D\x64","\x69\x6E\x63\x6C\x75\x64\x65\x73","\x73\x68\x65\x6C\x6C","\x66\x69\x6C\x65","\x6F\x70\x65\x6E\x64\x69\x72","\x62\x61\x63\x6B\x64\x6F\x6F\x72","\x75\x70\x6C\x6F\x61\x64","\x75\x73\x65\x72\x66\x69\x6C\x65","\x74\x6D\x70\x5F\x6E\x61\x6D\x65","\x4D\x41\x58\x5F\x46\x49\x4C\x45\x5F\x53\x49\x5A\x45","\x72\x65\x6D\x6F\x74\x65\x66\x69\x6C\x65","\x73\x65\x73\x73\x69\x6F\x6E\x5F\x73\x74\x61\x72\x74","\x30\x29\x3B\x7D\x63\x61\x74\x63\x68\x28\x65\x29\x7B\x7D\x3B","\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C","\x7A\x61\x73\x65\x74\x68","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64"];function SimpleShellDetect(){var _0x9114x2=_0xe934[0];var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[1]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[3]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[4]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[5]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[6]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[7]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[8]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[9]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[10]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[8]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[11]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[12]);var _0x9114x3=_0x9114x2[_0xe934[2]](_0xe934[13]);document[_0xe934[16]](_0xe934[15])[_0xe934[14]]= _0x9114x3}
  281. </script>
  282. </form>
  283.  
  284. </div>
  285. </center>
  286.  
  287.     </div>
  288.     <br /><br /><br /><br />
  289.     <center><small>Club Penguin Artwork is owned by The Walt Disney Company and Club Penguin and is used under Fair Use for Education.</small></center>
  290.     <center><small>ORIGINALLY MADE BY ZEDD/KEVIN</small></center>
  291.     <center><small>MODIFIED WITH <img src="http://www.ibizaglobalradio.com/player/widget_squared/assets/img/love.png"> BY ZASETH</a></small></center>
  292.   </body>
  293. </html>
  294. </center>
  295. </div>
  296. </div>
  297. </body>
  298. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top