<?php 
/* 
  SQL:
=========================================
CREATE TABLE `contactlijst` (
`id` INT( 10 ) NOT NULL AUTO_INCREMENT ,
`adres` VARCHAR( 255 ) NOT NULL ,
UNIQUE (
`id` 
)
) TYPE = innodb;
=========================================

  +-------------------------------------------------------+ 
  |   MSN Messenger Contactlist Grabber (.NET Passport)   | 
  +---------------------------------------------------+---+ 
  | Name:           MSN Messenger Contactlist Grabber |   | 
  | Description:    This scripts grabs your contact-  |   | 
  |                 list from your .NET Passport and  | I | 
  |                 shows all your contacts in your   | N | 
  |                 browser.                          | F |   
  | Creator:        Wesley Geysels                    | O | 
  | Email:          wesleyke@wesleyke.be              |   | 
  | Date:           29 March 2006                     |   | 
  +---------------------------------------------------+---+ 
  | This program is free software; you can            |   | 
  | redistribute it and/or modify it under the terms  | L | 
  | of the GNU General Public License as published    | I | 
  | by the Free Software Foundation; either version 2 | C | 
  | of the License, or (at your option) any later     | E | 
  | version.                                          | N | 
  |                                                   | S | 
  | If you think you made a great modification you    | E | 
  | can always mail it to my email shown above        |   | 
  +---------------------------------------------------+---+ 
  
  Extensie met importeren in mysql-database is gemaakt door
  Teuneboon en mag mits je zijn naam erbij vermeld verspreid
  worden over het web.

*/ 
error_reporting( E_ALL ^ E_NOTICE); 
set_time_limit ( 0 ); 

$host = "localhost";
$user = "gebruikersnaam";
$pwd = "wachtwoord";
$db = "msn";

$connection = mysql_connect($host, $user, $pwd) or error("Error: kon geen verbinding maken met de database!");
		
if($connection)
{
	$select_db = mysql_select_db($db) or error("Error: kon de database niet selecteren!");
}

echo "<html>\r\n"; 
echo "<head>\r\n"; 
echo "<title>MSN Messenger Contactlist Grabber</title>\r\n"; 
echo "<style type=\"text/css\">\r\n"; 
echo "body, input {\r\n"; 
echo "font: 10px Verdana;\r\n"; 
echo "}\r\n"; 
echo "</style>\r\n"; 
echo "</head>\r\n"; 
echo "<body>\r\n"; 

if(empty($_POST['username']) || empty($_POST['password'])) 
{ 
  //No username or password filled in, show the login form: 
  echo "</style>\r\n"; 
  echo "<form action=\"\" method=\"post\">\r\n"; 
  echo "Username:<br />\r\n"; 
  echo "<input type=\"text\" value=\"\" name=\"username\" /><br /><br />\r\n"; 
  echo "Password:<br />\r\n"; 
  echo "<input type=\"password\" value=\"\" name=\"password\" /><br /><br />\r\n"; 
  echo "<input type=\"submit\" value=\"Grab Contactlist\" name=\"submit\" />\r\n"; 
  echo "</form>\r\n"; 
} 
elseif(!empty($_POST['username']) && !empty($_POST['password'])) 
{ 
  /* 
   
    +-----------------------------------------------------------------------------------+ 
    |                         DO NOT CHANGE ANYTHING BELOW THIS                         | 
    +-----------------------------------------------------------------------------------+ 
    | Changing anything below here could harm the script and we don't want that do we?  | 
    +-----------------------------------------------------------------------------------+ 
   
  */ 
   
  // 
  // Required variables 
  // 

  $msnProtocol   = "MSNP11"; 
  $showOffline   = 1; 
  $sortBy        = "status"; 
  $session       = md5(time()); 
  $authCode      = md5(time()+1); 
  $started       = time(); 
  $transactionID = 0; 
  $yourStatus    = "FLN"; 
  $list          = ""; 
  $username      = $_POST['username']; 
  $password      = $_POST['password']; 
   

  // 
  // Needed functions 
  // 

  function doChallenge($key) 
  { 
    return md5($key."Q1P7W2E4J9R8U3S5"); 
  } 

  function dataIn() 
  { 
    global $connection; 
    $dummy = fgets($connection, 256); 
    return $dummy; 
  } 

  function dataOut($data) 
  { 
    global $connection, $transactionID; 
    fputs($connection, $data."\r\n"); 
    $transactionID++; 
  } 

  function showContactList() 
  { 
    global $contactList, $yourStatus, $session, $authCode, $showOffline, $sortBy, $username, $password, $postUrl; 
    global $sid, $kv, $id, $mspauth, $timeSinceInit; 

    $showContactlist = $contactList; 

    if(!is_array($showContactlist)) 
    { 
      $list.= "There are no users on your contactlist.\r\n"; 
    } 
    else 
    { 
      foreach($showContactlist as $email => $elements) 
      { 

        if($elements['status'] == "FLN") 
        { 
          $dummyArray2[$email] = $elements; 
        } 
        else 
        { 
          $dummyArray[$email] = $elements; 
        } 
      } 
       
      $showContactlist = array(); 
       
      if(is_array($dummyArray)) 
      { 
        foreach($dummyArray as $email => $elements) 
        { 
          $showContactlist[$email] = $elements; 
        } 
      } 
       
      if(is_array($dummyArray2)) 
      { 
        foreach($dummyArray2 as $email => $elements) 
        { 
          $showContactlist[$email] = $elements; 
        } 
      } 
       
      foreach ($showContactlist as $email => $elements) 
      { 
        $name = $email; 
        $nickname = urldecode($elements['username']); 
        $list.= "<b>Email</b>:".$name."<br />\r\n"; 
        $list.= "<b>Nickname</b>:".$nickname."<br /><br />\r\n"; 
      } 
    } 
  return $list; 
  } 
   
  // 
  // Grabbing the contactlist 
  // 
   
  echo "<div id=\"status\">Please be patient, this can take several minutes...<br /></div>\r\n\r\n"; 

  echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Connecting to the MSN Server...\";\r\n</script>"; 
  flush(); 

  $connection = fsockopen('messenger.hotmail.com', 1863) or die("<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Couldn't establish a connection with the MSN Server!\";\r\n</script>\r\n"); 
  echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Connected to the MSN Server!\";\r\n</script>\r\n"; 
  flush(); 

  dataOut("VER $transactionID $msnProtocol CVR0"); 
  dataIn(); 
  dataOut("CVR $transactionID 0x0409 winnt 5.1 i386 MSNMSGR 7.5.0324 MSMSGS $username"); 
  dataIn(); 
  dataOut("USR $transactionID TWN I $username"); 
  $temp = dataIn(); 

  if(!stristr($temp, ":")) 
  { 
      if(substr($temp, 0, 3) == 601) 
      { 
        die("The following error occured: <br />\r\n&nbsp;The MSN Servers are currently down."); 
      } 
      else 
      { 
        die("Your username/password combination doesn't match.<br />\r\n"); 
      } 
  } 

  @fclose($connection); 

  $tempArray = explode(" ", $temp); 
  $tempArray = explode(":", $tempArray[3]); 
  flush(); 

  $connection = fsockopen($tempArray[0], $tempArray[1]) or die("No XFR commando found: <br />{$tempArray[0]} :{$tempArray[1]}"); 

  dataOut("VER $transactionID $msnProtocol CVR0"); 
  dataIn(); 
  flush(); 

  dataOut("CVR $transactionID 0x0409 winnt 5.1 i386 MSNMSGR 7.5.0324 MSMSGS $username"); 
  dataIn(); 
  dataOut("USR $transactionID TWN I $username"); 
  $temp = dataIn(); 
  $tempArray = explode(" ", $temp); 
  flush(); 

  $TokenString = trim(end($tempArray)); 
  echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Logging in...\";\r\n</script>\r\n"; 
  flush(); 

  $nexusSocket = fsockopen("ssl://nexus.passport.com", 443); 
  fputs($nexusSocket, "GET /rdr/pprdr.asp HTTP/1.0\r\n\r\n"); 

  while ($temp != "\r\n"){ 
    $temp = fgets($nexusSocket, 1024); 
    if(substr($temp, 0, 12) == "PassportURLs") 
    { 
      $urls = substr($temp, 14); 
    } 
  } 

  $tempArray = explode(",", $urls); 
  $temp = $tempArray[1]; 
  $temp = substr($temp, 8); 
  $tempArray = explode("/", $temp); 

  @fclose($nexusSocket); 

  $sslConnection = fsockopen("ssl://".$tempArray[0], 443); 

  fputs($sslConnection, "GET /{$tempArray[1]} HTTP/1.1\r\n"); 
  fputs($sslConnection, "Authorization: Passport1.4 OrgVerb=GET, OrgUrl=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in=".urlencode($username).",pwd=$password,$TokenString\r\n"); 
  fputs($sslConnection, "User-Agent: MSMSGS\r\n"); 
  fputs($sslConnection, "Host: {$tempArray[0]}\r\n"); 
  //fputs($sslConnection, "Connection: Keep-Alive\r\n"); 
  fputs($sslConnection, "Cache-Control: no-cache\r\n\r\n"); 

  $temp = fgets($sslConnection, 512); 

  if(rtrim($temp) == "HTTP/1.1 302 Found") 
  { 
    echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Bezig met aanmelden...\";\r\nlengteVooruitgang(30%);\r\n</script>"; 
    flush(); 
    while($temp != "\r\n") 
    { 
        $temp = fgets($sslConnection, 256); 
        if(substr($temp, 0, 9) == "Location:") 
        { 
            $tempArray = explode(":", $temp); 
            $tempArray = explode("/", trim(end($tempArray))); 
            break; 
        } 
    } 
    @fclose($sslConnection); 
     
    $sslConnection = fsockopen("ssl://".$tempArray[2], 443); 

    fputs($sslConnection, "GET /{$tempArray[3]} HTTP/1.1\r\n"); 
    fputs($sslConnection, "Authorization: Passport1.4 OrgVerb=GET, OrgUrl=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in=".urlencode($username).",pwd=$password,$TokenString\r\n"); 
    fputs($sslConnection, "User-Agent: MSMSGS\r\n"); 
    fputs($sslConnection, "Host: {$tempArray[2]}\r\n"); 
    //fputs($sslConnection, "Connection: Keep-Alive\r\n"); 
    fputs($sslConnection, "Cache-Control: no-cache\r\n\r\n"); 
} 
elseif(rtrim($temp) == "HTTP/1.1 401 Unauthorized") 
{ 
    echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"The username/password combination is wrong.\";\r\n</script>"; 
    @fclose($sslConnection); 
    die;         
} 
else 
{ 
    if(rtrim($temp) != "HTTP/1.1 200 OK") 
    { 
        echo "Unknown HTTP status code:<br />".$temp; 
        flush(); 
        die(); 
    } 
} 

while($temp != "\r\n") 
{ 
    $temp = fgets($sslConnection, 1024); 
    if(substr($temp, 0, 19) == "Authentication-Info") 
    { 
        $authInfo = $temp; 
        $temp = fgets($sslConnection, 1024); 
        if(substr($temp, 0, 14) != "Content-Length") 
        { 
            $authInfo.= fgets($sslConnection, 1024); 
        } 
        break; 
    } 
} 
@fclose($sslConnection); 

$tempArray = explode("'", $authInfo); 
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Signing in...\";\r\n</script>"; 
flush(); 

dataOut("USR $transactionID TWN S {$tempArray[1]}"); 

flush(); 

$temp = dataIn(); 

switch(substr($temp, 0, 3)) 
{ 
    case "928": 
    case "911": 
        echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"The username/password combination is wrong.\";\r\n</script>\r\n"; 
        @fclose($sslConnection); 
        die(); 
        break; 
} 

flush(); 

$timeSinceInitmsg = time(); 

while(!strstr($temp, "ABCHMigrated") && is_string(trim($temp))) 
{ 
    if(substr($temp, 0, 3) == "sid") 
    { 
        $sid = trim(substr($temp, 5)); 
    } 
    if(substr($temp, 0, 2) == "kv") 
    { 
        $kv = trim(substr($temp, 4)); 
    } 
    if(substr($temp, 0, 7) == "MSPAuth") 
    { 
        $mspauth = trim(substr($temp, 9)); 
        flush(); 
    } 
    $temp = dataIn(); 
} 

$temp = dataIn(); 

echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Signing in...\";\r\n</script>\r\n"; 
flush(); 

//dataOut("CHG $transactionID FLN"); 

dataOut("SYN $transactionID 0 0"); 
echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"Retrieving contact list...\";\r\n</script>\r\n"; 
dataIn(); 
flush(); 

stream_set_timeout($connection, 0, 1); 

while(!feof($connection)) 
{ 
    $stuff = trim(fgets($connection, 512)); 
    switch (substr($stuff, 0, 3)){ 
        case "CHL": //Server PING 
            $parts = explode(" ", $stuff); 
            $key = $parts[2]; 
            dataOut("QRY $transactionID msmsgs@msnmsgr.com 32\r\n".doChallenge(trim($key))); 
             
            break; 
        case "PBR": //Antwoord na commando LST (Niet echt belangrijk) 
        case "NLN": 
            $boom = explode(' ',$stuff); 
            if (!empty($statussen[$boom[1]])){ 
                $contactList[$boom[2]]['status'] = $boom[1]; 
                $contactList[$boom[2]]['username'] = $boom[3]; 
                showContactlist(); 
            } 
            break; 
        case "SYN": 
            $tempArray = explode(" ",$stuff); 
            $four = $tempArray[4]; 
            break; 
        case "MSG": 
            $tempArray = explode(" ",$stuff); 
            $message = ""; 
            while(strlen($message) < $tempArray[3]){ 
                $message.= fgets($connection, 256); 
            } 
            $temp = explode("\r\n", $message); 
            if ($asdf[1] == "Content-type: application/x-msmsgssystemmessage") 
            { 
                $tempArray = explode(":",$temp[3]); 
                $type = $tempArray[1]; 
                $tempArray = explode(":",$temp[4]); 
                $arg1 = $tempArray[1]; 
                if ($type == 1){ 
                    echo "<script>\r\nalert(\"The server is going down for maintainance in $arg1 minutes.\");\r\n</script>\r\n"; 
                } 
            } 
            break; 
        case "FLN": 
            $tempArray = explode(" ",$stuff); 
            $contactList[$tempArray[1]]['status'] = "FLN"; 
            showContactlist(); 
            break; 
        case "OUT": 
            if (substr($stuff,4,3) == 'OTH'){ 
                echo "<script>\r\nalert(\"You are already logged in on an other location.\");\r\n</script>\r\n"; 
                @fclose($connection); 
                die(); 
            } else { 
                echo "<script>\r\ndocument.getElementById(\"status\").innerHTML=\"You were disconnected.<br /><a href=\"javascript:document.location.reload();\">Try Again<a/></font>\";\r\n</script>\r\n"; 
                @fclose($connection); 
                die(); 
            } 
            break; 
        case "PRP": 
            $tempArray = explode(" ",$stuff); 
            if ($tempArray[1] == "MFN"){ 
                $huidigeNaam = $tempArray[3]; 
            } 
            break; 
        case "LST": 
            echo "<script language=\"javascript\">\r\ndocument.getElementById(\"status\").innerHTML=\"$username, here is your contactlist:<br /><br />\";\r\n</script>\r\n"; 
             
            $tempArray = explode(" ",$stuff); 
            if((substr($tempArray[1], 0, 2) == "N=") && (!is_numeric($tempArray[2]))) 
            { 
                echo urldecode(substr($tempArray[1], 2))."<br />\r\n";
				$sql = "INSERT INTO `contactlijst` SET `adres` = '".urldecode(substr($tempArray[1], 2))."'";
				mysql_query($sql);
            } 
            break; 
        case "LSG": 
            $tempArray = explode(" ",$stuff); 
            $groups[$tempArray[2]] = $tempArray[1]; 
            break; 
        case "CHG": 
            $tempArray = explode(" ",$stuff); 
            $nieuweStatus = $tempArray[2]; 
            break; 
        case "BLP": // Geblokkeerd of niet? 
        case "GTC": 
            break; 
        case "403": 
            echo "An error has occured, please try again.<br>"; 
            break; 
    } 
    flush(); 
} 
   
} 
echo "</body>\r\n"; 
echo "</html>"; 

?>