#include <StringConstants.au3> ; to declare the Constants of StringRegExp
#include <Array.au3> ; UDF needed for _ArrayDisplay and _ArrayConcatenate
Local $sRegex = "(?is)^(?:[[:^print:][:cntrl:]\s]|GIF89.{0,20})*<\?(?:php)?\s*\/\/open\s*templates\/yours\.php.{0,180}?yourlinkscam.{0,100}?rand\(\d+,.{0,2500}?your\s*account\s*will\s*be\s*limited\s*over\s*24\s*h.{0,200}?unauthorised\s*account\s*access.{0,220}?Click\s*the\s*link\s*Below.{0,80}Confirm\s*Your\s*Account.{0,450}?paypal\s*inc\..{0,300}?paypal\s*corporation(?:[^;]+;\s*)?\s*if\(\!empty\(\$_GET\[["']view['"]\]\)\)\{echo\s*\$html(?:[^>]+>\s*)?$"
Local $sString = "<?php" & @CRLF & _
"//open templates/Yours.php with a text editor copy paste your html code in $html between the 2 ' and change all ' in your html to \' and href="http://yourlinkscam" to href="'.$var.'" " & @CRLF & _
"" & @CRLF & _
"ini_set("output_buffering",4096);" & @CRLF & _
"$IDK = rand(00000000000, 99999999999).time();" & @CRLF & _
"error_reporting(0);" & @CRLF & _
"$html='" & @CRLF & _
"<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;">" & @CRLF & _
"<style type="text/css">body { width: 100% !important;}</style>" & @CRLF & _
" </head>" & @CRLF & _
"" & @CRLF & _
"" & @CRLF & _
" " & @CRLF & _
" <table width="0" border="0">" & @CRLF & _
" <tbody><tr>" & @CRLF & _
" <td> <div>" & @CRLF & _
" <table cellspacing="0" cellpadding="0" width="550" border="0">" & @CRLF & _
" <tbody>" & @CRLF & _
" <tr>" & @CRLF & _
" <td style=" BACKGROUND: #ffffff; LINE-HEIGHT: 22px;border-radius: 10px 10px 10px 10px">" & @CRLF & _
"" & @CRLF & _
" " & @CRLF & _
" " & @CRLF & _
" " & @CRLF & _
"" & @CRLF & _
" <center><td>" & @CRLF & _
"<div style="FONT-SIZE:14px;FONT-FAMILY:Arial;COLOR:#747474">" & @CRLF & _
"<p align="left">" & @CRLF & _
"</p><div style="FONT-SIZE:10px;FONT-FAMILY:Arial black;COLOR:#828282;padding-left:30px">" & @CRLF & _
"<center><p style="FONT-SIZE:28px"><strong><em><font color="#003084">P<span><font>a</font></span>y</font><font color="#0098db">Pal</font></em></strong></center>" & @CRLF & _
"</p>" & @CRLF & _
"" & @CRLF & _
"</div>" & @CRLF & _
"<p></p>" & @CRLF & _
"</div>" & @CRLF & _
"</td></center>" & @CRLF & _
" " & @CRLF & _
" " & @CRLF & _
" " & @CRLF & _
" </sub></font></p></div></p>" & @CRLF & _
" " & @CRLF & _
" </div>" & @CRLF & _
" </td>" & @CRLF & _
" </tr>" & @CRLF & _
" </tbody>" & @CRLF & _
" </table>" & @CRLF & _
"" & @CRLF & _
" </td>" & @CRLF & _
" </tr>" & @CRLF & _
" </tbody>" & @CRLF & _
" </table>" & @CRLF & _
" </div>" & @CRLF & _
"<div><table cellspacing="0" cellpadding="0" width="0" border="0">" & @CRLF & _
" <tbody>" & @CRLF & _
" <tr>" & @CRLF & _
" <td style=" BACKGROUND: #F3F3FF; ; LINE-HEIGHT: 22px">" & @CRLF & _
" <table cellspacing="0" cellpadding="0" width="600" align="left" border="0">" & @CRLF & _
" <tbody>" & @CRLF & _
" <tr>" & @CRLF & _
" <td>" & @CRLF & _
" <div>" & @CRLF & _
"" & @CRLF & _
"<br />" & @CRLF & _
"<br />" & @CRLF & _
"<br />" & @CRLF & _
"<td style="PADDING-TOP:15px">" & @CRLF & _
"<div style="FONT-SIZE:15px;FONT-FAMILY:Arial;COLOR:#585858;margin-left:10px;margin-right:30px">" & @CRLF & _
"<center><p style="font-family:Helvetica Neue Light,Helvetica,Arial,sans-serif;font-size:20px;color:#009cde">Your Account will be limited over 24 h if you dont" & @CRLF & _
"confirm it .</p></center>" & @CRLF & _
"<br>" & @CRLF & _
"<p>" & @CRLF & _
"<strong>why my Account will Be limited ?</p></strong>" & @CRLF & _
"<center><em><li><ins>unauthorised account access From 59.56.111.253 . China-CN</ins></em></p></li>" & @CRLF & _
"<br>" & @CRLF & _
"Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20100101 Firefox/10.0" & @CRLF & _
"<br>" & @CRLF & _
"<br> " & @CRLF & _
"<span style="color: #808080;"><strong>Click the link Below and login then follow steps to Confirm Your Account :</strong></span><br /><br /><br><a onclick="return true" href="'.$var.'" style="FONT-SIZE:14px;FONT-FAMILY:Arial;WIDTH:250px;COLOR:#fff;TEXT-ALIGN:center;DISPLAY:inline-block;BACKGROUND-COLOR:#16aeff;border-radius:7px;line-height:28px"><strong>Confirm My Account" & @CRLF & _
"</strong> </a><br /> <br /> <br /> <br /> <span style="font-size: 10px; font-family: Arial, Verdena;"> <em>PayPal Inc. : PayPal Corporate Center, 100 North Tryon Street, Charlotte, NC 28255. " & @CRLF & _
"<br/>" & @CRLF & _
"<br/>" & @CRLF & _
"You can un-subscribe to security alerts by configuring your online account. " & @CRLF & _
"We are sending this email to provide support for your personal account. <br /> <br />© 2017 PayPal Corporation. All rights reserved</em> </span> </li>';" & @CRLF & _
"if(!empty($_GET["view"])){echo $html;}" & @CRLF & _
"?>"
Local $aArray = StringRegExp($sString, $sRegex, $STR_REGEXPARRAYGLOBALFULLMATCH)
Local $aFullArray[0]
For $i = 0 To UBound($aArray) -1
_ArrayConcatenate($aFullArray, $aArray[$i])
Next
$aArray = $aFullArray
; Present the entire match result
_ArrayDisplay($aArray, "Result")
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for AutoIt, please visit: https://www.autoitscript.com/autoit3/docs/functions/StringRegExp.htm