Shell Founder.php

1. <?php
2.  
3. echo '<head>
4. <p align="center">
5. <img border="0" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/370365_100003795511051_561161049_n.jpg"</p>
6. <link href="http://dz48-coders.org/indexi/pic/favicon.ico" type="image/x-icon" rel="shortcut icon" />
7. <title>ShELL FoUnDeR By @-cat,@k398rm</title>
8. <style>
9. body{background-color:#111;color:#00ff00;}
10. body,td,th{ font: 8pt Lucida,Tahoma;margin:0;vertical-align:top;color:#00ff00; }
11. table.info{ color:#000;background-color:#222; }
12. span,h1,a{ color: $color !important; }
13. span{ font-weight: bolder; }
14. h1{ border-left:7px solid $color;padding: 3px 5px;font: 14pt Verdana;background-color:#333;margin:0px; }
15. div.content{ padding: 5px;margin-left:5px;background-color:#222; }
16. a{ text-decoration:none; }
17. a:hover{ text-decoration:underline; }
18. .ml1{ border:1px solid #555;padding:5px;margin:0;overflow: auto; }
19. .bigarea{ width:100%;height:300px; }
20. input,textarea,select{ margin:0;color:#999;background-color:#222;border:1px solid $color; font: 8pt Tahoma,\'Tahoma\'; }
21. form{ margin:0px; }
22. #toolsTbl{ text-align:center; }
23. .toolsInp{ width: 300px }
24. .main th{text-align:left;background-color:#5e5e5e;}
25. .main tr:hover{background-color:#5e5e5e}
26. .l1{background-color:#444}
27. .l2{background-color:#333}
28. pre{font-family:Courier,Monospace;}
29. .found {
30. color: #008000;
31. font-weight: bold;
32. }
33. .damane {
34. color: #FFFF00;
35. font-weight: bold;
36. }
37. .scan {
38. color: #A52A2A;
39. font-weight: bold;
40. }
41. .start {
42. color: #0000FF;
43. font-weight: bold;
44. }
45. // -->
46. </style>
47. </head>
48.  
49. <body>
50.  
51. <p align="center">&nbsp;</p>
52. <p align="center">&nbsp;</p>
53. <p align="center">&nbsp;</p>
54. <p align="center"><font color="#8D38C9" size="5">ShELL FoUnDeR</font></p><br>
55. <form method="POST">
56. </form><center>
57. <form action="" method="post">
58. <input name="traget" type="text" size="30" value="http://www.domain.tld/"/><br>
59. <br><br>
60. <input name="scan" size="80" value="ScAn ThIs" type="submit">
61. </form>
62.  
63. ';
64. set_time_limit(0);
65. if (isset($_POST['scan'])) { //By @-cat,@k398rm
66. $url = $_POST['traget'];
67. echo "<br /><span class='start'>Scanning ".$url.'<br /><br /></span>';
68. echo 'ReSulT:<br /><br />';
69. //Shell List You Can Add What U Want :P
70. $shells = array('WSO.php','dz.php','cpanel.php','cpn.php','sql.php','mysql.php','madspot.php',
71. 'Cgishell.pl','killer.php','changeall.php','2.php','Sh3ll.php','dz0.php','dam.php','user.php','dom.php','whmcs.php',
72. 'vb.zip','r00t.php','c99.php','gaza.php','1.php','wp.zip'.'wp-content/plugins/disqus-comment-system/disqus.php',
73. 'd0mains.php','wp-content/plugins/akismet/akismet.php','madspotshell.php','Sym.php','c22.php','c100.php',
74. 'wp-content/plugins/akismet/admin.php#','wp-content/plugins/google-sitemap-generator/sitemap-core.php#',
75. 'wp-content/plugins/akismet/widget.php#','Cpanel.php','zone-h.php','tmp/user.php','tmp/Sym.php','cp.php',
76. 'tmp/madspotshell.php','tmp/root.php','tmp/whmcs.php','tmp/index.php','tmp/2.php','tmp/dz.php','tmp/cpn.php',
77. 'tmp/changeall.php','tmp/Cgishell.pl','tmp/sql.php','tmp/admin.php','cliente/downloads/h4xor.php',
78. 'whmcs/downloads/dz.php','L3b.php','d.php','tmp/d.php','tmp/L3b.php','wp-content/plugins/akismet/admin.php',
79. 'templates/rhuk_milkyway/index.php','templates/beez/index.php','admin1.php','upload.php','up.php','vb.zip','vb.rar',
80. 'admin2.asp','uploads.php','sa.php','sysadmins/','admin1/','administration/Sym.php','images/Sym.php',
81. '/r57.php','/wp-content/plugins/disqus-comment-system/disqus.php','/shell.php','/sa.php','/admin.php',
82. '/sa2.php','/2.php','/gaza.php','/up.php','/upload.php','/uploads.php','/templates/beez/index.php','shell.php','/amad.php',
83. '/t00.php','/dz.php','/site.rar','/Black.php','/site.tar.gz','/home.zip','/home.rar','/home.tar','/home.tar.gz',
84. '/forum.zip','/forum.rar','/forum.tar','/forum.tar.gz','/test.txt','/ftp.txt','/user.txt','/site.txt','/error_log','/error',
85. '/cpanel','/awstats','/site.sql','/vb.sql','/forum.sql','/backup.sql','/back.sql','/data.sql','wp.rar/',
86. 'wp-content/plugins/disqus-comment-system/disqus.php','asp.aspx','/templates/beez/index.php','tmp/vaga.php',
87. 'tmp/killer.php','whmcs.php','tmp/killer.php','tmp/domaine.pl','tmp/domaine.php','useradmin/',
88. 'tmp/d0maine.php','d0maine.php','tmp/sql.php','tmp/dz1.php','dz1.php','forum.zip','Symlink.php','Symlink.pl',
89. 'forum.rar','joomla.zip','joomla.rar','wp.php','buck.sql','sysadmin.php','images/c99.php', 'xd.php', 'c100.php',
90. 'spy.aspx','xd.php','tmp/xd.php','sym/root/home/','billing/killer.php','tmp/upload.php','tmp/admin.php',
91. 'Server.php','tmp/uploads.php','tmp/up.php','Server/','wp-admin/c99.php','tmp/priv8.php','priv8.php','cgi.pl/',
92. 'tmp/cgi.pl','downloads/dom.php','templates/ja-helio-farsi/index.php','webadmin.html','admins.php',
93. '/wp-content/plugins/count-per-day/js/yc/d00.php', 'admins/','admins.asp','admins.php','wp.zip');
94. //Start Scan
95. foreach ($shells as $shell){
96. $headers = get_headers("$url$shell");//By @-cat,@k398rm
97. if (eregi('200', $headers[0])) {
98. //Result
99. echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Founded!</span><br /><br/><br/>";//By @-cat,@k398rm
100. $dz = fopen('shells.txt', 'a+');
101. $suck = "$url$shell";
102. fwrite($dz, $suck."\n");
103. }
104. }
105. //Result In Text File (shells.txt)
106. echo "<span class='damane'>Click Here to See Shells Founded On a txt File [ <a href='./shells.txt' target='_blank'>shells.txt</a> ]</span>";
107. }
108. ;echo '</center>
109. <br><p align="center">
110. <p align="center"><font color="#FF0000" face="Cooper Black" size="3">@-cat,@k398rm</font></p>
111. <p align="center">
112. <p><center>
113. <font color="#F6358A" face="Britannic Bold" size="2">R3 Cyber Army</font>
114. </p>
115. </body>
116.  
117. </html>';
118. ?>