Created
June 2, 2019 19:04
-
-
Save divinity76/4475503ab798dc21794f03a146d08d8c to your computer and use it in GitHub Desktop.
bulk hotmail validator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
declare (strict_types = 1); | |
require_once('hhb_.inc.php'); | |
require_once('service_json.php'); // https://pear.php.net/package/Services_JSON | |
function is_hotmail_valid(string $hotmail) | |
{ | |
$hc = new hhb_curl('', true); | |
$hc->setopt_array(array(CURLOPT_CONNECTTIMEOUT => 9, CURLOPT_TIMEOUT => 10)); // got a shitty internet connection :( | |
$hc->exec('https://login.live.com/login.srf'); | |
$cookies = $hc->getResponseCookies(); | |
$uaid = $cookies['uaid']; | |
$html = $hc->getStdOut(); | |
$domd = @DOMDocument::loadHTML($html); | |
$xp = new DOMXPath($domd); | |
$captured = preg_match('/ServerData\s*\=\s*(?<json>\{[\s\S]*?\})\;/um', $html, $matches); | |
if (!$captured) { | |
throw new \LogicException("failed to extract ServerData json!"); | |
} | |
$serverData = $matches['json']; | |
//hhb_var_dump($serverData) & die(); | |
$serverData = hacky_json_decode($serverData); | |
//hhb_var_dump($serverData) & die(); | |
$hpgid = $serverData['hpgid']; | |
$bo_url = $serverData['Bo']; // Bo? idk, it's what microsoft calls it, idk what it means. | |
$flowToken = $serverData['sFTTag']; | |
$flowToken = @DOMDocument::loadHTML($flowToken); | |
$flowToken = $flowToken->getElementsByTagName("input")->item(0)->getAttribute("value"); | |
//hhb_var_dump($flowToken) & die(); | |
$hc->setopt_array(array( | |
CURLOPT_URL => $bo_url, | |
CURLOPT_HTTPHEADER => array( | |
'Accept: application/json', | |
//'Referer: https://login.live.com/login.srf', | |
'hpgid: ' . $hpgid, | |
'hpgact: 0', // ??? hpgact:l.hpgact||0 | |
'client-request-id: ' . $uaid, | |
'Content-type: application/json; charset=utf-8', | |
), | |
CURLOPT_POST => 1, | |
CURLOPT_POSTFIELDS => json_encode(array( | |
'username' => $hotmail, | |
'uaid' => $uaid, | |
'isOtherIdpSupported' => false, | |
'checkPhones' => false, | |
'isRemoteNGCSupported' => true, | |
'isCookieBannerShown' => true, | |
'isFidoSupported' => false, | |
'forceotclogin' => false, | |
'otclogindisallowed' => true, | |
'isExternalFederationDisallowed' => false, | |
'flowToken' => $flowToken, | |
)) | |
))->exec(); | |
$json = $hc->getStdOut(); | |
$parsed = json_decode($json, true); | |
if ($parsed['IfExistsResult'] === 1) { | |
return false; | |
} elseif ($parsed['IfExistsResult'] === 0) { | |
return true; | |
} else { | |
// should be unreachable. | |
hhb_var_dump($parsed, $hc->getStdErr(), $hc->getStdOut()); | |
throw new \LogicException("ifExistResult was neither 0 nor 1, don't know the result meaning!"); | |
} | |
} | |
function hacky_json_decode(string $hacky_json): array | |
{ | |
$decoder = new Services_JSON(SERVICES_JSON_IN_ARR | SERVICES_JSON_LOOSE_TYPE); | |
return $decoder->decode($hacky_json); | |
$hacky_json = strtr($hacky_json, array( | |
'\\\'' => '\'', | |
"'" => '"', | |
'http://' => '', | |
'https://' => '', | |
)); | |
$hacky_json = preg_replace('/("(.*?)"|(\w+))(\s*:\s*)\+?(0+(?=\d))?(".*?"|.)/s', '"$2$3"$4$6', $hacky_json); | |
hhb_var_dump($hacky_json) & die(); | |
return json_decode($hacky_json, true); | |
} |
@elsourcex yeah seems they changed the url name from 'Bo' to 'urlLogin' , finally some sanity!
in any case, seems microsoft changed more than just the name of the url,
since i don't need this myself now, i can't be arsed to update it for free, but if you're interested, i can probably update it for $50 USD~ contact details here: https://stackoverflow.com/users/1067003/hanshenrik?tab=profile
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
please can u help me with this error
Notice: Undefined index: Bo in /home/admin/web/public_html/hotmail/index.php on line 25
Fatal error: Uncaught RuntimeException: curl_exec failed. errno: 3 error: ' malformed' in /home/admin/web/public_html/hotmail/hhb_.inc.php:595 Stack trace: #0
/home/admin/web/public_html/hotmail/index.php(54): hhb_curl->exec() #1
/home/admin/web/public_html/hotmail/index.php(85): is_hotmail_valid() #2 {main} thrown in /home/admin/web/public_html/hotmail/hhb_.inc.php on line 595