6jKN09BU

· 6 years ago · Oct 23, 2019, 05:12 AM
1<?php
2$pin="151298";
3error_reporting(E_ERROR | E_PARSE);
4echo "[+] Input Proxy (IP:Port) = ";
5$proxy=trim(fgets(STDIN));
6error_reporting(E_ERROR | E_PARSE);
7$header = array();
8$header[] = "X-Platform:Android";
9$header[] = 'X-UniqueId:c'.mt_rand(0,9).'ff'.mt_rand(100,999).'d'.mt_rand(10,99).'ad'.mt_rand(1000,9999);
10$header[] = 'D'.mt_rand(0,9).':E'.mt_rand(0,9).':'.mt_rand(10,99).':'.mt_rand(10,99).':'.mt_rand(10,99).':'.mt_rand(0,9).'F:F'.mt_rand(0,9).':'.mt_rand(10,99).':'.mt_rand(10,99).':FB:CD:'.mt_rand(10,99).':'.mt_rand(10,99).':'.mt_rand(0,9).'E:FF:'.mt_rand(0,9).'F:'.mt_rand(10,99).':'.mt_rand(0,9).'A:'.mt_rand(10,99).':D'.mt_rand(0,9).':'.mt_rand(10,99).':'.mt_rand(0,9).'E:'.mt_rand(10,99).':'.mt_rand(0,9).'C:'.mt_rand(0,9).'E:'.mt_rand(10,99).':B'.mt_rand(0,9).':'.mt_rand(10,99).':'.mt_rand(10,99).':'.mt_rand(10,99).':'.mt_rand(0,9).'D:'.mt_rand(0,9).'A:BD';
11$header[] = "X-AppVersion:3.39.1";
12$header[] = "X-AppId:com.gojek.app";
13$header[] = "Accept:application/json";
14$header[] = 'X-Session-ID:'.mt_rand(0,9).'c'.mt_rand(100,999).'ba'.mt_rand(0,9).'-'.mt_rand(10,99).'c'.mt_rand(0,9).'-'.mt_rand(0,9).'a'.mt_rand(10,99).'-'.mt_rand(1000,9999).'-'.mt_rand(10,99).'e'.mt_rand(0,9).'bc'.mt_rand(10000,99999).'b'; 
15$PhoneModel=array("G960F","G892A","G930VC","G935S","G920V","G928X");
16$header[] = "X-PhoneModel:samsung,SM-".$PhoneModel[mt_rand(0,5)]; 
17$header[] = "X-PushTokenType:FCM";    
18$header[] = 'X-DeviceOS:Android,'.mt_rand(7,9).'.0';
19$header[] = 'X-DeviceToken:e'.mt_rand(0,9).'_'.generateRandomString(90).'-KIL'.generateRandomString(40).'--'.generateRandomString(13);
20$header[] = 'Accept-Language:en-ID'; 
21$header[] = 'X-User-Locale:en_ID'; 
22$header[] = 'X-Location:'.mt_rand(10,99).'.9858'.mt_rand(10,99).',-'.mt_rand(100,999).'.25411'.mt_rand(10,99).''; 
23$header[] = 'X-Location-Accuracy:3.9'; 
24$header[] = 'X-M1:1:__'.generateRandomString(32).','.mt_rand(0,9).':'.generateRandomString(16).','.mt_rand(0,9).':'.mt_rand(1000000000000,9999999999999).'-'.mt_rand(100000000000000000,999999999999999999).','.mt_rand(0,9).':'.mt_rand(10000,99999).','.mt_rand(0,9).':msm'.mt_rand(1000,9999).'|'.mt_rand(1000,9999).'|'.mt_rand(0,9).','.mt_rand(0,9).':'.mt_rand(01,24).':'.mt_rand(00,60).':'.mt_rand(00,60).':'.mt_rand(0,9).'E:'.mt_rand(10,99).':F'.mt_rand(0,9).','.mt_rand(0,9).':dream2lteks'.generateRandomString(16).',8:720x1280,9:passive\,gps,10:1,11:UNKNOWN'; 
25$header[] = 'Content-Type:application/json; charset=UTF-8'; 
26$header[] = 'Host:api.gojekapi.com'; 
27$header[] = 'Connection:Keep-Alive';
28$header[] = 'User-Agent:okhttp/3.12.1';
29echo "REGISTER & SET-PIN & CLAIM VOUCHER \n";
30############# REGISTER #############
31echo "[+] Input Nomer = ";
32$nomer=trim(fgets(STDIN));
33$gennama=curl('https://randomuser.me/api/?inc=name&nat=us');
34$nama=get_between($gennama, '"first":"', '"').' '.get_between($gennama, '"last":"', '"');
35$email = strtolower(str_replace(" ", "", $nama) . mt_rand(100,999) . "@gmail.com");
36$register=curl('https://api.gojekapi.com/v5/customers','{"email":"'.$email.'","name":"'.$nama.'","phone":"+1'.$nomer.'","signed_up_country":"US"}',$header,$proxy);
37if (get_between($register,'"otp_token":"','"'!==null)){
38$otptoken=get_between($register,'"otp_token":"','","');
39while(true){
40echo "[+] Input OTP = ";
41$otp=trim(fgets(STDIN));
42$verif=curl('https://api.gojekapi.com/v5/customers/phone/verify','{"client_name":"gojek:cons:android","client_secret":"83415d06-ec4e-11e6-a41b-6c40088ab51e","data":{"otp":"'.$otp.'","otp_token":"'.$otptoken.'"}}',$header,$proxy);
43if(get_between($verif,'"access_token":"','"'!==null)){
44$token=get_between($verif,'"access_token":"','"');
45$r_token=get_between($verif,'"refresh_token":"','"');
46$uuid=get_between($verif,'"resource_owner_id":',',');
47############# SET PIN #############
48$header[] = "User-uuid: $uuid";
49$header[] = "Authorization: Bearer $token";
50$setpin=curl('https://api.gojekapi.com/wallet/pin','{"pin":"'.$pin.'"}',$header,$proxy);
51echo "[+] Input OTP Set-Pin = ";
52$otp_pin=trim(fgets(STDIN));
53$header[] = "otp: $otp_pin"; 
54$verif_setpin=curl('https://api.gojekapi.com/wallet/pin','{"pin":"'.$pin.'"}',$header,$proxy);
55echo "[+] Process Redeem GOFOODBOBA07 = ";
56$GOFOODBOBA07=curl('https://api.gojekapi.com/go-promotions/v1/promotions/enrollments','{"promo_code":"GOFOODBOBA07"}',$header,$proxy);
57if (get_between($GOFOODBOBA07,'"success":',',')=="true"){
58	echo "Sukses \n";
59}
60else{
61	echo "Gagal \n";
62}
63sleep(3);
64echo "[+] Process Redeem COBAINGOJEK = ";
65$COBAINGOJEK=curl('https://api.gojekapi.com/go-promotions/v1/promotions/enrollments','{"promo_code":"COBAINGOJEK"}',$header,$proxy);
66if (get_between($COBAINGOJEK,'"success":',',')=="true"){
67	echo "Sukses \n";
68}
69else{
70	echo "Gagal \n";
71}
72sleep(3);
73echo "[+] Process Redeem JAJANPAKAIGOPAY = ";
74$JAJANPAKAIGOPAY=curl('https://api.gojekapi.com/go-promotions/v1/promotions/enrollments','{"promo_code":"JAJANPAKAIGOPAY"}',$header,$proxy);
75if (get_between($JAJANPAKAIGOPAY,'"success":',',')=="true"){
76	echo "Sukses \n";
77}
78else{
79	echo "Gagal \n";
80}
81	break;
82}
83else{
84	echo get_between($verif,'"message":"','"')."\n";
85}}}
86else{
87	die(get_between($register,'"message":"','"')."\n");
88}
89function curl($url, $fields = null, $header = null,$proxy=null)
90    {
91        $c = curl_init();
92        curl_setopt($c, CURLOPT_URL, $url);
93        curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
94        curl_setopt($c, CURLOPT_FOLLOWLOCATION, true);
95		if ($proxy !== null) {
96		curl_setopt($c, CURLOPT_HTTPPROXYTUNNEL, 0);
97		curl_setopt($c, CURLOPT_PROXY, $proxy);
98		}
99        curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
100        if ($fields !== null) {
101            curl_setopt($c, CURLOPT_POST, 1);
102            curl_setopt($c, CURLOPT_POSTFIELDS, $fields);
103			//array_push($header,'Content-Length:'.filesize($fields)); 
104        }
105		else if ($fields == null) {
106		curl_setopt($c, CURLOPT_CUSTOMREQUEST, "GET");
107		}			
108        if ($header !== null) {
109            curl_setopt($c, CURLOPT_HTTPHEADER, $header);
110        }
111        $response   = curl_exec($c);
112        $httpcode = curl_getinfo($c, CURLINFO_HTTP_CODE);
113		curl_close($c);
114		return $response;
115        
116	}
117function get_between($string, $start, $end) 
118	{
119	    $string = " ".$string;
120	    $ini = strpos($string,$start);
121	    if ($ini == 0) return "";
122	    $ini += strlen($start);
123	    $len = strpos($string,$end,$ini) - $ini;
124	    return substr($string,$ini,$len);
125	}
126function generateRandomString($length) {
127    $caracters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
128    $caractersLength = strlen($caracters);
129    $randomString = '';
130    for ($i = 0; $i < $length; $i++) {
131        $randomString .= $caracters[rand(0, $caractersLength - 1)];
132    }
133    return $randomString;
134	}