Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- define('OAUTH2_CLIENT_ID', '');
- define('OAUTH2_CLIENT_SECRET', '');
- define('GUILD_ID', '');
- define('BOT_TOKEN', '');
- // Minimalized code
- ini_set('display_errors', 1);
- ini_set('display_startup_errors', 1);
- ini_set('max_execution_time', 300);
- error_reporting(E_ALL);
- function apiRequest($url, $post=FALSE, $headers=array()) {
- $ch = curl_init();
- curl_setopt_array($ch, [
- CURLOPT_URL => $url,
- CURLOPT_IPRESOLVE => CURL_IPRESOLVE_V4,
- CURLOPT_RETURNTRANSFER => TRUE,
- CURLOPT_HTTPHEADER => $headers,
- ]);
- if($post) {
- curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
- }
- if(session('access_token')) {
- $headers[] = 'Authorization: Bearer ' . session('access_token');
- }
- curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
- $response = curl_exec($ch);
- return json_decode($response, true);
- }
- function logout($url, $data=array()) {
- $ch = curl_init();
- curl_setopt_array($ch, [
- CURLOPT_URL => $url,
- CURLOPT_POST => TRUE,
- CURLOPT_RETURNTRANSFER => TRUE,
- CURLOPT_IPRESOLVE => CURL_IPRESOLVE_V4,
- CURLOPT_POSTFIELDS => http_build_query($data),
- CURLOPT_HTTPHEADER => ['Content-Type: application/x-www-form-urlencoded'],
- ]);
- $response = curl_exec($ch);
- return json_decode($response);
- }
- function addGuildMember($userId, $accessToken) {
- $headers = [
- "Authorization: Bot ".BOT_TOKEN,
- "Content-Type: application/json"
- ];
- $data = [
- "access_token" => $accessToken
- ];
- $dataString = json_encode($data);
- $ch = curl_init();
- curl_setopt_array($ch, [
- CURLOPT_URL => "https://discord.com/api/v9/guilds/".GUILD_ID."/members/{$userId}",
- CURLOPT_CUSTOMREQUEST => "PUT",
- CURLOPT_POSTFIELDS => $dataString,
- CURLOPT_RETURNTRANSFER => true,
- CURLOPT_HTTPHEADER => $headers,
- ]);
- $result = curl_exec($ch);
- $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
- curl_close($ch);
- return $statusCode;
- }
- function get($key, $default=NULL) {
- return array_key_exists($key, $_GET) ? $_GET[$key] : $default;
- }
- function session($key, $default=NULL) {
- return array_key_exists($key, $_SESSION) ? $_SESSION[$key] : $default;
- }
- function getSessionCookies() {
- $url = 'https:///auth/session';
- $data = array(
- 'username' => '',
- 'password' => ''
- );
- $ch = curl_init();
- curl_setopt_array($ch, array(
- CURLOPT_URL => $url,
- CURLOPT_POST => 1,
- CURLOPT_POSTFIELDS => json_encode($data),
- CURLOPT_RETURNTRANSFER => true,
- CURLOPT_HEADER => true,
- CURLOPT_SSL_VERIFYHOST => 0,
- CURLOPT_SSL_VERIFYPEER => 0,
- CURLOPT_HTTPHEADER => array(
- 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0',
- 'Accept: */*',
- 'Accept-Language: en-GB,en;q=0.5',
- 'Accept-Encoding: gzip, deflate, br',
- 'Content-Type: application/json',
- 'Origin: https://',
- 'Connection: keep-alive',
- 'Referer: https:///login',
- 'Sec-Fetch-Dest: empty',
- 'Sec-Fetch-Mode: cors',
- 'Sec-Fetch-Site: same-origin',
- 'Pragma: no-cache',
- 'Cache-Control: no-cache',
- 'TE: trailers'
- )
- ));
- $response = curl_exec($ch);
- curl_close($ch);
- preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $response, $matches);
- $cookies = implode('; ', $matches[1]);
- return rtrim($cookies, '; ');
- }
- function getState($cookieString) {
- $ch = curl_init();
- curl_setopt_array($ch, array(
- CURLOPT_URL => 'https:///state',
- CURLOPT_HTTPHEADER => array(
- 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0',
- 'Accept: application/json, text/javascript, */*; q=0.01',
- 'Accept-Language: en-GB,en;q=0.5',
- 'Accept-Encoding: gzip, deflate, br',
- 'X-Requested-With: XMLHttpRequest',
- 'Connection: keep-alive',
- 'Referer: https:///',
- 'Cookie: '.$cookieString,
- 'Sec-Fetch-Dest: empty',
- 'Sec-Fetch-Mode: cors',
- 'Sec-Fetch-Site: same-origin',
- 'Pragma: no-cache',
- 'Cache-Control: no-cache',
- 'TE: trailers'
- ),
- CURLOPT_SSL_VERIFYHOST => 0,
- CURLOPT_SSL_VERIFYPEER => 0,
- CURLOPT_RETURNTRANSFER => true
- ));
- $state = json_decode(curl_exec($ch), true);
- curl_close($ch);
- return $state;
- }
- function updateUser($cookieString, $state, $username, $email) {
- $ch = curl_init();
- curl_setopt_array($ch, array(
- CURLOPT_URL => 'https:///user/66350424beba60ae95d50f1a',
- CURLOPT_CUSTOMREQUEST => 'POST',
- CURLOPT_HTTPHEADER => array(
- 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0',
- 'Accept: application/json, text/javascript, */*; q=0.01',
- 'Accept-Language: en-GB,en;q=0.5',
- 'Accept-Encoding: gzip, deflate, br',
- 'Content-Type: application/json',
- 'Csrf-Token: ' . $state['csrf_token'],
- 'X-Requested-With: XMLHttpRequest',
- 'Origin: https://',
- 'Connection: keep-alive',
- 'Referer: https:///',
- 'Cookie: ' . $cookieString,
- 'Sec-Fetch-Dest: empty',
- 'Sec-Fetch-Mode: cors',
- 'Sec-Fetch-Site: same-origin',
- 'Pragma: no-cache',
- 'Cache-Control: no-cache',
- 'TE: trailers'
- ),
- CURLOPT_SSL_VERIFYHOST => 0,
- CURLOPT_SSL_VERIFYPEER => 0,
- CURLOPT_POSTFIELDS => '{"id":null,"organization":"66350424beba60ae95d50f1a","organization_name":null,"name":"'.$username.'","email":"'.$email.'","groups":[],"last_active":null,"gravatar":null,"audit":null,"type":null,"auth_type":"local","yubico_id":"","status":null,"sso":null,"otp_auth":null,"otp_secret":null,"servers":null,"disabled":null,"network_links":[],"dns_mapping":null,"bypass_secondary":false,"client_to_client":false,"dns_servers":[],"dns_suffix":"","port_forwarding":[],"pin":null,"devices":null,"mac_addresses":[]}',
- CURLOPT_RETURNTRANSFER => true
- ));
- $pritunluser = json_decode(curl_exec($ch), true);
- curl_close($ch);
- return $pritunluser;
- }
- function downloadFile($cookieString) {
- $ch = curl_init();
- curl_setopt_array($ch, array(
- CURLOPT_URL => 'https:///key/66350424beba60ae95d50f1a/66375890e424adfeeb116be2.zip', // Changed URL to .zip
- CURLOPT_HTTPHEADER => array(
- 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0',
- 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',
- 'Accept-Language: en-GB,en;q=0.5',
- 'Accept-Encoding: gzip, deflate, br',
- 'Connection: keep-alive',
- 'Referer: https:///',
- 'Cookie: '.$cookieString,
- 'Upgrade-Insecure-Requests: 1',
- 'Sec-Fetch-Dest: document',
- 'Sec-Fetch-Mode: navigate',
- 'Sec-Fetch-Site: same-origin',
- 'Sec-Fetch-User: ?1',
- 'Pragma: no-cache',
- 'Cache-Control: no-cache',
- 'TE: trailers'
- ),
- CURLOPT_SSL_VERIFYHOST => 0,
- CURLOPT_SSL_VERIFYPEER => 0,
- CURLOPT_RETURNTRANSFER => false, // Directly output to browser
- ));
- curl_exec($ch);
- if(curl_errno($ch)){
- echo 'Curl error: ' . curl_error($ch);
- }
- curl_close($ch);
- }
- session_start();
- if(get('action') == 'login') {
- $params = [
- 'client_id' => OAUTH2_CLIENT_ID,
- 'redirect_uri' => 'https://anti-ddos.online/',
- 'response_type' => 'code',
- 'scope' => 'identify email guilds.join'
- ];
- $_SESSION['PortFowarding'] = get('PortFowarding');
- header('Location: https://discord.com/api/oauth2/authorize' . '?' . http_build_query($params));
- die();
- }
- if(get('code')) {
- $token = apiRequest('https://discord.com/api/oauth2/token', [
- 'grant_type' => 'authorization_code',
- 'client_id' => OAUTH2_CLIENT_ID,
- 'client_secret' => OAUTH2_CLIENT_SECRET,
- 'redirect_uri' => 'https://anti-ddos.online/',
- 'code' => get('code')
- ]);
- $logout_token = $token['access_token'];
- $_SESSION['access_token'] = $token['access_token'];
- header('Location: ' . $_SERVER['PHP_SELF']);
- }
- if(get('action') == 'download') {
- $cookieString = getSessionCookies();
- header('Content-Type: application/zip');
- header('Content-Disposition: attachment; filename="vpn.zip"');
- downloadFile($cookieString);
- }
- if(session('access_token')) {
- $user = apiRequest('https://discord.com/api/users/@me');
- $guild_status = addGuildMember($user['id'], $_SESSION['access_token']);
- if(isset($user['id'], $user['username'], $user['email']) && !empty($user['id']) && !empty($user['username']) && !empty($user['email']) && ($guild_status == 201 || $guild_status == 204)) {
- $conn = new mysqli("localhost", "antiddos_JBpTRkDZPFqH", "tHlN7=T&;31b", "antiddos_users");
- if ($conn->connect_error) {
- die("Connection failed!");
- }
- $sql = "SELECT * FROM `users` WHERE `discord_id` LIKE '".$user['id']."'";
- $result = $conn->query($sql);
- if ($result->num_rows > 0) {
- while($row = $result->fetch_assoc()) {
- $pritunl_id = $row["pritunl_id"];
- }
- } else {
- $cookieString = getSessionCookies();
- $state = getState($cookieString);
- $pritunluser = updateUser($cookieString, $state, $user['username'], $user['email']);
- $sql = "INSERT INTO `users` (`discord_id`, `username`, `email`, `pritunl_id`) VALUES ('".$user['id']."', '".$user['username']."', '".$user['email']."', '".$pritunluser[0]['id']."')";
- if ($conn->query($sql) === TRUE) {
- $pritunl_id = $pritunluser[0]['id'];
- }
- }
- $conn->close();
- echo '
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta property="og:title" content="Free Anti-DDoS VPN" />
- <meta property="og:type" content="website" />
- <meta property="og:url" content="https://anti-ddos.online/" />
- <meta property="og:image" content="https://anti-ddos.online/icon.png" />
- <meta property="og:description" content="Free DDoS protected VPN in USA, Canada, United Kingdom, Germany, Netherlands, France, Poland and Singapore" />
- <meta name="theme-color" content="#FF0000">
- <meta charset="UTF-8">
- <link rel="apple-touch-icon" type="image/png" href="icon.png" />
- <meta name="apple-mobile-web-app-title" content="Anti-DDoS Online">
- <link rel="shortcut icon" type="image/x-icon" href="icon.ico" />
- <link rel="mask-icon" type="image/x-icon" href="icon.svg" color="#111" />
- <title>Anti-DDos Online</title>
- <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.7.2/css/all.min.css">
- <link rel="stylesheet" type="text/css" href="style.css">
- </head>
- <body translate="no">
- <div class="container" id="container">
- <div class="form-container sign-up-container">
- <form action="#">
- <h1>Additional Features</h1>
- <p>Optional UDP port fowarding<br>
- (Only available in US, UK, CA, DE1)</p>
- <button id="login">100% FREE</button>
- </form>
- </div>
- <div class="form-container login-container">
- <form action="#">
- <h1>Welcome '.$user['username'].'</h1>
- <h3>'.$pritunl_id.'</h3>
- <input type="hidden" name="action" value="download">
- <button>Download your config</button>
- </form>
- </div>
- <div class="overlay-container">
- <div class="overlay">
- <div class="overlay-panel overlay-left">
- <h1>OVH Locations</h1>
- <p>London, UK<br>
- Beauharnois, Canada<br>
- Frankfurt, Germany<br>
- Hillsboro, USA<br>
- Vint Hill, USA<br>
- Warszawa, Poland<br>
- Amsterdam, Netherlands<br>
- Singapore</p>
- <h1>Path Locations</h1>
- <p>Frankfurt, Germany
- </p>
- </div>
- <div class="overlay-panel overlay-right">
- <h1>9 Locations!</h1>
- <p>We offer free VPN access at the following locations UK, USA, Canada, Germany, Netherlands, Poland and Singapore DDoS Protected by OVH and Path Network</p>
- <button class="ghost" id="moreinfo">More Info</button>
- </div>
- </div>
- </div>
- </div>
- <script src="script.js"></script>
- </body>
- </html>
- ';
- echo '<p><a href="?action=logout">Log out</a></p>';
- } else {
- header('Location: ' . $_SERVER['PHP_SELF'] . '?action=login');
- }
- } else {
- echo '
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta property="og:title" content="Free Anti-DDoS VPN" />
- <meta property="og:type" content="website" />
- <meta property="og:url" content="https://anti-ddos.online/" />
- <meta property="og:image" content="https://anti-ddos.online/icon.png" />
- <meta property="og:description" content="Free DDoS protected VPN in USA, Canada, United Kingdom, Germany, Netherlands, France, Poland and Singapore" />
- <meta name="theme-color" content="#FF0000">
- <meta charset="UTF-8">
- <link rel="apple-touch-icon" type="image/png" href="icon.png" />
- <meta name="apple-mobile-web-app-title" content="Anti-DDoS Online">
- <link rel="shortcut icon" type="image/x-icon" href="icon.ico" />
- <link rel="mask-icon" type="image/x-icon" href="icon.svg" color="#111" />
- <title>Anti-DDos Online</title>
- <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.7.2/css/all.min.css">
- <link rel="stylesheet" type="text/css" href="style.css">
- </head>
- <body translate="no">
- <div class="container" id="container">
- <div class="form-container sign-up-container">
- <form action="#">
- <h1>Additional Features</h1>
- <p>Optional UDP port fowarding<br>
- (Only available in US, UK, CA, DE1)</p>
- <button id="login">100% FREE</button>
- </form>
- </div>
- <div class="form-container login-container">
- <form action="#">
- <h1>Use our free VPN</h1>
- <p>We believe you shouldn\'t have to pay to not be DDoSed online.</p>
- <h3>To get protected simply</h3>
- <input type="hidden" name="action" value="login">
- <button>Login With Discord</button>
- </form>
- </div>
- <div class="overlay-container">
- <div class="overlay">
- <div class="overlay-panel overlay-left">
- <h1>OVH Locations</h1>
- <p>London, UK<br>
- Beauharnois, Canada<br>
- Frankfurt, Germany<br>
- Hillsboro, USA<br>
- Vint Hill, USA<br>
- Warszawa, Poland<br>
- Amsterdam, Netherlands<br>
- Singapore</p>
- <h1>Path Locations</h1>
- <p>Frankfurt, Germany
- </p>
- </div>
- <div class="overlay-panel overlay-right">
- <h1>9 Locations!</h1>
- <p>We offer free VPN access at the following locations UK, USA, Canada, Germany, Netherlands, Poland and Singapore DDoS Protected by OVH and Path Network</p>
- <button class="ghost" id="moreinfo">More Info</button>
- </div>
- </div>
- </div>
- </div>
- <script src="script.js"></script>
- </body>
- </html>
- ';
- }
- if(get('action') == 'logout') {
- logout('https://discord.com/api/oauth2/token/revoke', [
- 'token' => session('access_token'),
- 'token_type_hint' => 'access_token',
- 'client_id' => OAUTH2_CLIENT_ID,
- 'client_secret' => OAUTH2_CLIENT_SECRET,
- ]);
- unset($_SESSION['access_token']);
- header('Location: ' . $_SERVER['PHP_SELF']);
- die();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement