<?
$defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff");
function xor_encrypt($in) {
//$key = '<censored>';
$key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK';
$text = $in;
$outText = '';
// Iterate through each character
for($i=0;$i<strlen($text);$i++) {
$outText .= $text[$i] ^ $key[$i % strlen($key)];
}
return $outText;
}
function xor_with_key($in, $key) {
//$key = '<censored>';
//$key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK';
$text = $in;
$outText = '';
// Iterate through each character
for($i=0;$i<strlen($text);$i++) {
$outText .= $text[$i] ^ $key[$i % strlen($key)];
}
return $outText;
}
function loadData($def) {
global $_COOKIE;
$mydata = $def;
if(array_key_exists("data", $_COOKIE)) {
$tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true);
if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) {
if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) {
$mydata['showpassword'] = $tempdata['showpassword'];
$mydata['bgcolor'] = $tempdata['bgcolor'];
}
}
}
return $mydata;
}
function saveData($d) {
setcookie("data", base64_encode(xor_encrypt(json_encode($d))));
}
// Taken from saveData()
function encrypt($d){
return base64_encode(xor_encrypt(json_encode($d)));
}
function encrypt_step1($d){
return json_encode($d);
}
function encrypt_step2($d){
return xor_encrypt(json_encode($d));
}
//Taken from loadData()
function decrypt($d){
return json_decode(xor_encrypt(base64_decode($d)), true);
}
function decrypt_step1($d){
return base64_decode($d);
}
function decrypt_step2($d){
return xor_encrypt(base64_decode($d));
}
/*
$data = loadData($defaultdata);
if(array_key_exists("bgcolor",$_REQUEST)) {
if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) {
$data['bgcolor'] = $_REQUEST['bgcolor'];
}
}
saveData($data);
*/
/*
*/
// Show password = NO
// bgcolor = #ffffff
// XORED with some key
$data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D";
$data = urldecode($data);
echo "\n ENCRYPTED ASS COOKIE: \n";
var_dump($data);
$xor_encrypted_json_orig = decrypt_step1($data);
$json_orig = encrypt_step1(array( "showpassword"=>"no", "bgcolor"=>"#ffffff"));
//$xored_to_get_the_key = xor_with_key($json_orig, $xor_encrypted_json_orig );
echo "\n";
echo "\n";
// echo "\nDecrypt Step 1 -> base64_decode(): \n";
// echo decrypt_step1($data);
// echo "\nDecrypt Step 2 -> xor(): \n";
// echo decrypt_step2($data);
// echo "\nDecrypt Step FINAL -> json_decode() \n";
// var_dump(decrypt($data));
// echo "\nJust creating the cookie from scratch:\n";
// $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff");
// var_dump($injected_cookie);
// echo "\nIn encyrpted form!\n";
// $encrypted_good = encrypt($injected_cookie);
// var_dump($encrypted_good);
?>
<?
// THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES
//if($data["showpassword"] == "yes") {
// print "The password for natas12 is <censored><br>";
//}
?>
- Output for 7.2.29 - 7.2.33, 7.3.16 - 7.3.31, 7.4.0 - 7.4.4, 7.4.6 - 7.4.32, 8.0.0 - 8.0.12, 8.0.14 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.18, 8.3.0 - 8.3.4, 8.3.6
- <?
$defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff");
function xor_encrypt($in) {
//$key = '<censored>';
$key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK';
$text = $in;
$outText = '';
// Iterate through each character
for($i=0;$i<strlen($text);$i++) {
$outText .= $text[$i] ^ $key[$i % strlen($key)];
}
return $outText;
}
function xor_with_key($in, $key) {
//$key = '<censored>';
//$key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK';
$text = $in;
$outText = '';
// Iterate through each character
for($i=0;$i<strlen($text);$i++) {
$outText .= $text[$i] ^ $key[$i % strlen($key)];
}
return $outText;
}
function loadData($def) {
global $_COOKIE;
$mydata = $def;
if(array_key_exists("data", $_COOKIE)) {
$tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true);
if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) {
if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) {
$mydata['showpassword'] = $tempdata['showpassword'];
$mydata['bgcolor'] = $tempdata['bgcolor'];
}
}
}
return $mydata;
}
function saveData($d) {
setcookie("data", base64_encode(xor_encrypt(json_encode($d))));
}
// Taken from saveData()
function encrypt($d){
return base64_encode(xor_encrypt(json_encode($d)));
}
function encrypt_step1($d){
return json_encode($d);
}
function encrypt_step2($d){
return xor_encrypt(json_encode($d));
}
//Taken from loadData()
function decrypt($d){
return json_decode(xor_encrypt(base64_decode($d)), true);
}
function decrypt_step1($d){
return base64_decode($d);
}
function decrypt_step2($d){
return xor_encrypt(base64_decode($d));
}
/*
$data = loadData($defaultdata);
if(array_key_exists("bgcolor",$_REQUEST)) {
if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) {
$data['bgcolor'] = $_REQUEST['bgcolor'];
}
}
saveData($data);
*/
/*
*/
// Show password = NO
// bgcolor = #ffffff
// XORED with some key
$data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D";
$data = urldecode($data);
echo "\n ENCRYPTED ASS COOKIE: \n";
var_dump($data);
$xor_encrypted_json_orig = decrypt_step1($data);
$json_orig = encrypt_step1(array( "showpassword"=>"no", "bgcolor"=>"#ffffff"));
//$xored_to_get_the_key = xor_with_key($json_orig, $xor_encrypted_json_orig );
echo "\n";
echo "\n";
// echo "\nDecrypt Step 1 -> base64_decode(): \n";
// echo decrypt_step1($data);
// echo "\nDecrypt Step 2 -> xor(): \n";
// echo decrypt_step2($data);
// echo "\nDecrypt Step FINAL -> json_decode() \n";
// var_dump(decrypt($data));
// echo "\nJust creating the cookie from scratch:\n";
// $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff");
// var_dump($injected_cookie);
// echo "\nIn encyrpted form!\n";
// $encrypted_good = encrypt($injected_cookie);
// var_dump($encrypted_good);
?>
<?
// THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES
//if($data["showpassword"] == "yes") {
// print "The password for natas12 is <censored><br>";
//}
?>
- Output for 8.3.5
- Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
<?
$defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff");
function xor_encrypt($in) {
//$key = '<censored>';
$key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK';
$text = $in;
$outText = '';
// Iterate through each character
for($i=0;$i<strlen($text);$i++) {
$outText .= $text[$i] ^ $key[$i % strlen($key)];
}
return $outText;
}
function xor_with_key($in, $key) {
//$key = '<censored>';
//$key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK';
$text = $in;
$outText = '';
// Iterate through each character
for($i=0;$i<strlen($text);$i++) {
$outText .= $text[$i] ^ $key[$i % strlen($key)];
}
return $outText;
}
function loadData($def) {
global $_COOKIE;
$mydata = $def;
if(array_key_exists("data", $_COOKIE)) {
$tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true);
if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) {
if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) {
$mydata['showpassword'] = $tempdata['showpassword'];
$mydata['bgcolor'] = $tempdata['bgcolor'];
}
}
}
return $mydata;
}
function saveData($d) {
setcookie("data", base64_encode(xor_encrypt(json_encode($d))));
}
// Taken from saveData()
function encrypt($d){
return base64_encode(xor_encrypt(json_encode($d)));
}
function encrypt_step1($d){
return json_encode($d);
}
function encrypt_step2($d){
return xor_encrypt(json_encode($d));
}
//Taken from loadData()
function decrypt($d){
return json_decode(xor_encrypt(base64_decode($d)), true);
}
function decrypt_step1($d){
return base64_decode($d);
}
function decrypt_step2($d){
return xor_encrypt(base64_decode($d));
}
/*
$data = loadData($defaultdata);
if(array_key_exists("bgcolor",$_REQUEST)) {
if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) {
$data['bgcolor'] = $_REQUEST['bgcolor'];
}
}
saveData($data);
*/
/*
*/
// Show password = NO
// bgcolor = #ffffff
// XORED with some key
$data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D";
$data = urldecode($data);
echo "\n ENCRYPTED ASS COOKIE: \n";
var_dump($data);
$xor_encrypted_json_orig = decrypt_step1($data);
$json_orig = encrypt_step1(array( "showpassword"=>"no", "bgcolor"=>"#ffffff"));
//$xored_to_get_the_key = xor_with_key($json_orig, $xor_encrypted_json_orig );
echo "\n";
echo "\n";
// echo "\nDecrypt Step 1 -> base64_decode(): \n";
// echo decrypt_step1($data);
// echo "\nDecrypt Step 2 -> xor(): \n";
// echo decrypt_step2($data);
// echo "\nDecrypt Step FINAL -> json_decode() \n";
// var_dump(decrypt($data));
// echo "\nJust creating the cookie from scratch:\n";
// $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff");
// var_dump($injected_cookie);
// echo "\nIn encyrpted form!\n";
// $encrypted_good = encrypt($injected_cookie);
// var_dump($encrypted_good);
?>
<?
// THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES
//if($data["showpassword"] == "yes") {
// print "The password for natas12 is <censored><br>";
//}
?>
- Output for 7.0.0 - 7.0.20, 7.1.0 - 7.1.20, 7.2.6 - 7.2.8, 7.3.32 - 7.3.33, 7.4.33, 8.0.13
- ENCRYPTED ASS COOKIE:
string(56) "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw="
- Output for 7.4.5
Process exited with code 137.
preferences:
176.3 ms | 401 KiB | 172 Q