Inspired from Kaspersky
So... I'll just leave this here.
config.php:
<?php
// Xyl2k! :þ
// Admin ids
$LOGIN = "root"; //login
$PASSWD = "toor"; //password
// MySQL ids
$MySQL['HOST'] = 'localhost';
$MySQL['USER'] = 'root';
$MySQL['PASS'] = '';
$MySQL['DB'] = 'ransom';
$db_connection = mysql_connect($MySQL['HOST'], $MySQL['USER'], $MySQL['PASS']);
if (!$db_connection)
die('Error - Could Not Connect to the Server.');
$db_selected = mysql_select_db($MySQL['DB'], $db_connection);
if (!$db_selected)
die('Error - Could Not Connect to the Database.');
// Xyl2k! :þ
// Admin ids
$LOGIN = "root"; //login
$PASSWD = "toor"; //password
// MySQL ids
$MySQL['HOST'] = 'localhost';
$MySQL['USER'] = 'root';
$MySQL['PASS'] = '';
$MySQL['DB'] = 'ransom';
$db_connection = mysql_connect($MySQL['HOST'], $MySQL['USER'], $MySQL['PASS']);
if (!$db_connection)
die('Error - Could Not Connect to the Server.');
$db_selected = mysql_select_db($MySQL['DB'], $db_connection);
if (!$db_selected)
die('Error - Could Not Connect to the Database.');
ransom.php:
<?php
require('config.php');
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Ransom Unlocker</title>
<link rel="stylesheet" media="screen" type="text/css" title="Design" href="style.css" />
</head>
<body>
<center>
<font size="6"><b>☣ Unlocker ☣</b></font>
</center>
<form id="form1" name="form1" method="GET" action="<?php echo basename($_SERVER['PHP_SELF']);?>">
<label for="call">Code to call: </label>
<input type="text" name="call" id="call" />
<input style="text-shadow: none;" value="Search" type="submit" />
<?php
if (isset($_GET['call'])) // TRUE
{
$call = mysql_real_escape_string($_GET['call']);
$req = mysql_query('SELECT serial FROM winlock WHERE codetocall=\''.$call.'\'');
if (!mysql_num_rows($req))
echo '<p> Unlock code not found</p>';
else
while ($datas = mysql_fetch_array($req))
echo '<p> Unlock code: <b>'.htmlspecialchars($datas['serial']).'</b></p>';
}
?>
</form>
</body>
</html>
require('config.php');
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Ransom Unlocker</title>
<link rel="stylesheet" media="screen" type="text/css" title="Design" href="style.css" />
</head>
<body>
<center>
<font size="6"><b>☣ Unlocker ☣</b></font>
</center>
<form id="form1" name="form1" method="GET" action="<?php echo basename($_SERVER['PHP_SELF']);?>">
<label for="call">Code to call: </label>
<input type="text" name="call" id="call" />
<input style="text-shadow: none;" value="Search" type="submit" />
<?php
if (isset($_GET['call'])) // TRUE
{
$call = mysql_real_escape_string($_GET['call']);
$req = mysql_query('SELECT serial FROM winlock WHERE codetocall=\''.$call.'\'');
if (!mysql_num_rows($req))
echo '<p> Unlock code not found</p>';
else
while ($datas = mysql_fetch_array($req))
echo '<p> Unlock code: <b>'.htmlspecialchars($datas['serial']).'</b></p>';
}
?>
</form>
</body>
</html>
ransomadmin.php:
<?php
session_start();
require('config.php');
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Admin - Ransom Unlocker</title>
<link rel="stylesheet" media="screen" type="text/css" title="Design" href="style.css" />
</head>
<body>
<center>
<font size="6"><b>☣ Unlocker Admin ☣</b></font>
</center>
<?php
if (isset($_POST['login']) && isset($_POST['password']))
if ($_POST['login'] == $LOGIN && $_POST['password'] == $PASSWD)
$_SESSION['access'] = true;
if (isset($_SESSION['access']) && $_SESSION['access'] == true)
{
?>
<form id="form1" name="form1" method="POST" action="ransomadmin.php">
<table border="0">
<tr>
<td align="right"><label for="call">Code to call:</label></td>
<td><input name="call" type="text" id="call" size="48" maxlength="255" /></td>
</tr>
<tr>
<td align="right"><label for="serial">Unlock code:</label></td>
<td><textarea name="serial" id="serial" cols="45" rows="5"></textarea></td>
</tr>
<tr>
<td> </td>
<td><input style="text-shadow: none;" value="Add" type="submit" /></td>
</tr>
</table>
</form>
<?php
if (isset($_POST['call']) && isset($_POST['serial']))
{
$call = mysql_real_escape_string($_POST['call']);
$serial = mysql_real_escape_string($_POST['serial']);
$req = mysql_query("INSERT INTO winlock VALUES('".$call."','".$serial."')") or die(mysql_error());
echo "<p>Le code ".htmlspecialchars($_POST['call'])." à été inséré !</p>";
}
}
else
{
?>
<form name="tapz" action="<?php echo basename($_SERVER['PHP_SELF']);?>" method="POST">
<table border="0">
<tr>
<td align="right">Login :</td>
<td><input name="login" type="text" size="30" maxlength="30" /></td>
</tr>
<tr>
<td align="right">Password :</td>
<td><input name="password" type="password" size="30" maxlength="30" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" value="-= Connect =-" /></td>
</tr>
</table>
</form>
</body>
</html>
<?php
} ?>
session_start();
require('config.php');
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Admin - Ransom Unlocker</title>
<link rel="stylesheet" media="screen" type="text/css" title="Design" href="style.css" />
</head>
<body>
<center>
<font size="6"><b>☣ Unlocker Admin ☣</b></font>
</center>
<?php
if (isset($_POST['login']) && isset($_POST['password']))
if ($_POST['login'] == $LOGIN && $_POST['password'] == $PASSWD)
$_SESSION['access'] = true;
if (isset($_SESSION['access']) && $_SESSION['access'] == true)
{
?>
<form id="form1" name="form1" method="POST" action="ransomadmin.php">
<table border="0">
<tr>
<td align="right"><label for="call">Code to call:</label></td>
<td><input name="call" type="text" id="call" size="48" maxlength="255" /></td>
</tr>
<tr>
<td align="right"><label for="serial">Unlock code:</label></td>
<td><textarea name="serial" id="serial" cols="45" rows="5"></textarea></td>
</tr>
<tr>
<td> </td>
<td><input style="text-shadow: none;" value="Add" type="submit" /></td>
</tr>
</table>
</form>
<?php
if (isset($_POST['call']) && isset($_POST['serial']))
{
$call = mysql_real_escape_string($_POST['call']);
$serial = mysql_real_escape_string($_POST['serial']);
$req = mysql_query("INSERT INTO winlock VALUES('".$call."','".$serial."')") or die(mysql_error());
echo "<p>Le code ".htmlspecialchars($_POST['call'])." à été inséré !</p>";
}
}
else
{
?>
<form name="tapz" action="<?php echo basename($_SERVER['PHP_SELF']);?>" method="POST">
<table border="0">
<tr>
<td align="right">Login :</td>
<td><input name="login" type="text" size="30" maxlength="30" /></td>
</tr>
<tr>
<td align="right">Password :</td>
<td><input name="password" type="password" size="30" maxlength="30" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" value="-= Connect =-" /></td>
</tr>
</table>
</form>
</body>
</html>
<?php
} ?>
sql database:
-- phpMyAdmin SQL Dump
-- version 3.3.9
-- http://www.phpmyadmin.net
--
-- Serveur: localhost
-- Généré le : Dim 10 Avril 2011 à 19:00
-- Version du serveur: 5.1.36
-- Version de PHP: 5.3.0
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
--
-- Base de données: `ransom`
--
-- --------------------------------------------------------
--
-- Structure de la table `winlock`
--
CREATE TABLE IF NOT EXISTS `winlock` (
`codetocall` varchar(255) NOT NULL,
`serial` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
--
-- Contenu de la table `winlock`
--
INSERT INTO `winlock` (`codetocall`, `serial`) VALUES
('123456', 'XXX-XXX-XXX-XXX');
-- version 3.3.9
-- http://www.phpmyadmin.net
--
-- Serveur: localhost
-- Généré le : Dim 10 Avril 2011 à 19:00
-- Version du serveur: 5.1.36
-- Version de PHP: 5.3.0
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
--
-- Base de données: `ransom`
--
-- --------------------------------------------------------
--
-- Structure de la table `winlock`
--
CREATE TABLE IF NOT EXISTS `winlock` (
`codetocall` varchar(255) NOT NULL,
`serial` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
--
-- Contenu de la table `winlock`
--
INSERT INTO `winlock` (`codetocall`, `serial`) VALUES
('123456', 'XXX-XXX-XXX-XXX');
No comments:
Post a Comment