Monday 22 August 2011

Another cc-grabbers web based

Found on the same server of 'bender edition'
It's another cc-grabbers but you can call this one 'crappy edition'

The php code of the main page was obfuscated

Replace eval($ev); by echo($ev); and you get the clean version.
thanks tishrom :)

There is only this page:

index.php who is the update page, after looking at the source code, you must call it like this:

It will insert datas into a html file at "data/log.html"
and will use jabber/icq for notify.
(jabber by calling lib/class.jabber.php)

screenshot of the 'log.html' found on the server:

There is no options for manage credit cards and stuff.
And like the previous panel, this coder has never heard of XSS attacks.
All variables are vulnerable except 'action' & 'pkey'


  1. Nice post man, you are doing a good job, thus I didn't understand this line:

    Replace eval($ev); by echo($ev); and you get the clean version.

  2. @profnetwork i mean the code is obfuscated (see the first picture)
    for get a version you can understand you should remove eval($ev); and write echo($ev);
    That will display the deobfuscated code.

  3. Oh I got it. For-loop section! I'm pretty low at PHP, and I was uncareful. Well done tho'

  4. can you share this code? link?